Trove fuel plugin changes for implementing new fuel Trove role.

Implements: blueprint fuel-plugin-dbaas-trove

Change-Id: I56719a1e1327c47c7725ba88fea7b7ddf2a56c03
This commit is contained in:
Apsar, Shaik (sa709c) 2015-12-31 21:59:31 +05:30
parent 5144e1aad0
commit 219f2ff75d
77 changed files with 5899 additions and 56 deletions

View File

@ -0,0 +1,50 @@
notice('MODULAR: trove/cluster.pp')
if !(hiera('role') in ['trove']) {
fail('The node role is not in trove roles')
}
$network_scheme = hiera_hash('network_scheme', {})
$network_metadata = hiera_hash('network_metadata', {})
prepare_network_config($network_scheme)
$trove_node = get_nodes_hash_by_roles($network_metadata, ['trove'])
$corosync_nodes = corosync_nodes($trove_node, 'trove/api')
$network_ip = get_network_role_property('trove/api', 'ipaddr')
class { 'cluster':
internal_address => $network_ip,
corosync_nodes => $corosync_nodes,
}
pcmk_nodes { 'pacemaker' :
nodes => $corosync_nodes,
add_pacemaker_nodes => false,
}
Service <| title == 'corosync' |> {
subscribe => File['/etc/corosync/service.d'],
require => File['/etc/corosync/corosync.conf'],
}
Service['corosync'] -> Pcmk_nodes<||>
Pcmk_nodes<||> -> Service<| provider == 'pacemaker' |>
# Sometimes during first start pacemaker can not connect to corosync
# via IPC due to pacemaker and corosync processes are run under different users
if($::operatingsystem == 'Ubuntu') {
$pacemaker_run_uid = 'hacluster'
$pacemaker_run_gid = 'haclient'
file {'/etc/corosync/uidgid.d/pacemaker':
content =>"uidgid {
uid: ${pacemaker_run_uid}
gid: ${pacemaker_run_gid}
}"
}
File['/etc/corosync/corosync.conf'] -> File['/etc/corosync/uidgid.d/pacemaker'] -> Service <| title == 'corosync' |>
}

View File

@ -0,0 +1,53 @@
notice('MODULAR: trove/db.pp')
$node_name = hiera('node_name')
$trove_hash = hiera_hash('fuel-plugin-dbaas-trove', {})
$trove_enabled = pick($trove_hash['metadata']['enabled'], false)
$mysql_hash = hiera_hash('mysql_hash', {})
$management_vip = hiera('management_vip', undef)
$database_vip = hiera('database_vip')
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
$mysql_db_create = pick($mysql_hash['db_create'], true)
$mysql_root_password = $mysql_hash['root_password']
$db_user = pick($trove_hash['metadata']['db_user'], 'trove')
$db_name = pick($trove_hash['metadata']['db_name'], 'trove')
$db_password = pick($trove_hash['metadata']['db_password'], $mysql_root_password)
$db_host = pick($trove_hash['metadata']['db_host'], $database_vip, 'localhost')
$db_create = pick($trove_hash['metadata']['db_create'], $mysql_db_create)
$db_root_user = pick($trove_hash['metadata']['root_user'], $mysql_root_user)
$db_root_password = pick($trove_hash['metadata']['root_password'], $mysql_root_password)
$allowed_hosts = [ $node_name, 'localhost', '127.0.0.1', '%' ]
if $trove_enabled and $db_create {
class { 'galera::client':
custom_setup_class => hiera('mysql_custom_setup_class', 'galera'),
}
class { 'trove::db::mysql':
user => $db_user,
password => $db_password,
dbname => $db_name,
allowed_hosts => $allowed_hosts,
}
class { 'osnailyfacter::mysql_access':
db_host => $db_host,
db_user => $db_root_user,
db_password => $db_root_password,
}
Class['galera::client'] ->
Class['osnailyfacter::mysql_access'] ->
Class['trove::db::mysql']
}
class mysql::config {}
include mysql::config
class mysql::server {}
include mysql::server

View File

@ -0,0 +1,48 @@
notice('MODULAR: trove/haproxy.pp')
$network_metadata = hiera_hash('network_metadata')
$trove_hash = hiera_hash('fuel-plugin-dbaas-trove', {})
# enabled by default
$use_trove = pick($trove_hash['metadata']['enabled'], true)
$public_ssl_hash = hiera('public_ssl')
$troves_address_map = get_node_to_ipaddr_map_by_network_role(get_nodes_hash_by_roles($network_metadata, ['trove']), 'trove/api')
if ($use_trove) {
$server_names = hiera_array('trove_names', keys($troves_address_map))
$ipaddresses = hiera_array('trove_ipaddresses', values($troves_address_map))
$public_virtual_ip = hiera('public_vip')
$internal_virtual_ip = hiera('management_vip')
# configure trove ha proxy
Openstack::Ha::Haproxy_service {
internal_virtual_ip => $internal_virtual_ip,
ipaddresses => $ipaddresses,
public_virtual_ip => $public_virtual_ip,
server_names => $server_names,
public_ssl => $public_ssl_hash['services'],
}
openstack::ha::haproxy_service { 'trove-api':
order => '210',
listen_port => 8779,
internal => true,
public => true,
}
openstack::ha::haproxy_service { 'trove-rabbitmq':
order => '211',
listen_port => 55671,
define_backups => true,
internal => true,
public => true,
haproxy_config_options => {
'option' => ['tcpka'],
'timeout client' => '48h',
'timeout server' => '48h',
'balance' => 'roundrobin',
'mode' => 'tcp'
},
balancermember_options => 'check inter 5000 rise 2 fall 3',
}
}

View File

@ -0,0 +1,44 @@
notice('MODULAR: trove/keystone.pp')
$trove_hash = hiera_hash('fuel-plugin-dbaas-trove', {})
$public_ssl_hash = hiera('public_ssl')
$public_vip = hiera('public_vip')
$public_address = $public_ssl_hash['services'] ? {
true => $public_ssl_hash['hostname'],
default => $public_vip,
}
$public_protocol = $public_ssl_hash['services'] ? {
true => 'https',
default => 'http',
}
$admin_protocol = 'http'
$admin_address = hiera('management_vip')
$region = pick($trove_hash['metadata']['region'], hiera('region', 'RegionOne'))
$password = pick($trove_hash['metadata']['user_password'], 'password')
$auth_name = pick($trove_hash['metadata']['auth_name'], 'trove')
$configure_endpoint = pick($trove_hash['metadata']['configure_endpoint'], true)
$configure_user = pick($trove_hash['metadata']['configure_user'], true)
$configure_user_role = pick($trove_hash['metadata']['configure_user_role'], true)
$service_name = pick($trove_hash['metadata']['service_name'], 'trove')
$tenant = pick($trove_hash['metadata']['tenant'], 'services')
$port = '8779'
$public_url = "${public_protocol}://${public_address}:${port}/v1.0/%(tenant_id)s"
$admin_url = "${admin_protocol}://${admin_address}:${port}/v1.0/%(tenant_id)s"
validate_string($public_address)
validate_string($password)
class { 'trove::keystone::auth':
password => $password,
auth_name => $auth_name,
configure_endpoint => $configure_endpoint,
service_name => $service_name,
public_url => $public_url,
internal_url => $admin_url,
admin_url => $admin_url,
region => $region,
tenant => $tenant,
}

View File

@ -0,0 +1,147 @@
notice('MODULAR: trove/rabbitmq.pp')
$network_scheme = hiera_hash('network_scheme', {})
prepare_network_config($network_scheme)
$queue_provider = hiera('queue_provider', 'rabbitmq')
if $queue_provider == 'rabbitmq' {
$trove_hash = hiera_hash('fuel-plugin-dbaas-trove', {})
$erlang_cookie = hiera('erlang_cookie', 'EOKOWXQREETZSHFNTPEY')
$version = hiera('rabbit_version', '3.3.5')
$debug = hiera('debug', false)
$deployment_mode = hiera('deployment_mode', 'ha_compact')
$amqp_port = pick($trove_hash['rabbit_port'], '55671')
$rabbit_hash = hiera_hash('rabbit_hash', {})
$enabled = pick($rabbit_hash['enabled'], true)
$use_pacemaker = pick($rabbit_hash['pacemaker'], true)
case $::osfamily {
'RedHat': {
$command_timeout = "'-s KILL'"
$package_provider = 'yum'
}
'Debian': {
$command_timeout = "'--signal=KILL'"
$package_provider = 'apt'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem},\
module ${module_name} only support osfamily RedHat and Debian")
}
}
if ($debug) {
# FIXME(aschultz): debug wasn't introduced until v3.5.0, when we upgrade
# we should change info to debug. Also don't forget to fix tests!
$rabbit_levels = '[{connection,info}]'
} else {
$rabbit_levels = '[{connection,info}]'
}
$cluster_partition_handling = hiera('rabbit_cluster_partition_handling', 'autoheal')
$mnesia_table_loading_timeout = hiera('mnesia_table_loading_timeout', '10000')
$rabbitmq_bind_ip_address = pick(get_network_role_property('trove/api', 'ipaddr'), 'UNSET')
# NOTE(bogdando) not a hash. Keep an indentation as is
$rabbit_tcp_listen_options = hiera('rabbit_tcp_listen_options',
'[
binary,
{packet, raw},
{reuseaddr, true},
{backlog, 128},
{nodelay, true},
{exit_on_close, false},
{keepalive, true}
]'
)
$config_kernel_variables = hiera('rabbit_config_kernel_variables',
{
'inet_dist_listen_min' => '41055',
'inet_dist_listen_max' => '41055',
'inet_default_connect_options' => '[{nodelay,true}]',
'net_ticktime' => '10',
}
)
$config_variables = hiera('rabbit_config_variables',
{
'log_levels' => $rabbit_levels,
'default_vhost' => "<<\"/\">>",
'default_permissions' => '[<<".*">>, <<".*">>, <<".*">>]',
'tcp_listen_options' => $rabbit_tcp_listen_options,
'cluster_partition_handling' => $cluster_partition_handling,
'mnesia_table_loading_timeout' => $mnesia_table_loading_timeout,
}
)
$thread_pool_calc = min(100,max(12*$physicalprocessorcount,30))
if $deployment_mode == 'ha_compact' {
$rabbit_pid_file = '/var/run/rabbitmq/p_pid'
} else {
$rabbit_pid_file = '/var/run/rabbitmq/pid'
}
$environment_variables = hiera('rabbit_environment_variables',
{
'SERVER_ERL_ARGS' => "\"+K true +A${thread_pool_calc} +P 1048576\"",
'PID_FILE' => $rabbit_pid_file,
}
)
if ($enabled) {
class { '::rabbitmq':
admin_enable => true,
repos_ensure => false,
package_provider => $package_provider,
package_source => undef,
service_ensure => 'running',
service_manage => true,
port => $amqp_port,
delete_guest_user => true,
default_user => 'trove',
default_pass => $trove_hash['metadata']['rabbit_password'],
# NOTE(bogdando) set to true and uncomment the lines below, if puppet should create a cluster
# We don't want it as far as OCF script creates the cluster
config_cluster => false,
#erlang_cookie => $erlang_cookie,
#wipe_db_on_cookie_change => true,
#cluster_nodes => $rabbitmq_cluster_nodes,
#cluster_node_type => 'disc',
#cluster_partition_handling => $cluster_partition_handling,
version => $version,
node_ip_address => $rabbitmq_bind_ip_address,
config_kernel_variables => $config_kernel_variables,
config_variables => $config_variables,
environment_variables => $environment_variables,
}
if ($use_pacemaker) {
# Install rabbit-fence daemon
class { 'cluster::rabbitmq_fence':
enabled => $enabled,
require => Class['::rabbitmq']
}
}
class { 'trove::rabbitmq':
enabled => $enabled,
# Do not install rabbitmq from trove classes
rabbitmq_class => false,
userid => $trove_hash['metadata']['rabbit_user'],
password => $trove_hash['metadata']['rabbit_password'],
require => Class['::rabbitmq'],
}
if ($use_pacemaker) {
class { 'pacemaker_wrappers::rabbitmq':
command_timeout => $command_timeout,
debug => $debug,
erlang_cookie => $erlang_cookie,
admin_user => $trove_hash['metadata']['rabbit_user'],
admin_pass => $trove_hash['metadata']['rabbit_password'],
before => Class['trove::rabbitmq'],
}
}
}
}

View File

@ -0,0 +1,92 @@
notice('MODULAR: trove/trove.pp')
prepare_network_config(hiera('network_scheme', {}))
$trove_hash = hiera_hash('fuel-plugin-dbaas-trove', {})
$nova_hash = hiera_hash('nova_hash', {})
$neutron_config = hiera_hash('neutron_config', {})
$node_role = hiera('node_role')
$public_ip = hiera('public_vip')
$database_ip = hiera('database_vip')
$management_ip = hiera('management_vip')
$region = hiera('region', 'RegionOne')
$service_endpoint = hiera('service_endpoint')
$debug = hiera('debug', false)
$verbose = hiera('verbose', true)
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
$rabbit_ha_queues = hiera('rabbit_ha_queues')
$amqp_port = hiera('amqp_port')
$amqp_hosts = hiera('amqp_hosts')
$public_ssl = hiera_hash('public_ssl', {})
#################################################################
if $trove_hash['metadata']['enabled'] {
$public_protocol = pick($public_ssl['services'], false) ? {
true => 'https',
default => 'http',
}
$public_address = pick($public_ssl['services'], false) ? {
true => pick($public_ssl['hostname']),
default => $public_ip,
}
$firewall_rule = '210 trove-api'
$api_bind_port = '8779'
$api_bind_host = get_network_role_property('trove/api', 'ipaddr')
$trove_user = pick($trove_hash['metadata']['user'], 'trove')
$tenant = pick($trove_hash['metadata']['tenant'], 'services')
$internal_url = "http://${api_bind_host}:${api_bind_port}"
$db_user = pick($trove_hash['metadata']['db_user'], 'trove')
$db_name = pick($trove_hash['metadata']['db_name'], 'trove')
$db_password = pick($trove_hash['metadata']['db_password'], 's3cr3t')
$db_host = pick($trove_hash['metadata']['db_host'], $database_ip)
$read_timeout = '60'
$sql_connection = "mysql://${db_user}:${db_password}@${db_host}/${db_name}?read_timeout=${read_timeout}"
class { '::trove::client': }
class { '::trove':
database_connection => $sql_connection,
rabbit_host => $management_ip,
rabbit_password => $trove_hash['metadata']['rabbit_password'],
rabbit_port => '55671',
rabbit_userid => $trove_hash['metadata']['rabbit_user'],
rabbit_use_ssl => false,
nova_proxy_admin_pass => $nova_hash['user_password'],
nova_proxy_admin_user => 'nova',
nova_proxy_admin_tenant_name => pick($nova_hash['tenant_name'], 'services'),
}
class { '::trove::api':
debug => true,
verbose => true,
bind_host => $api_bind_host,
auth_url => "http://${service_endpoint}:5000/v2.0/",
keystone_password => $trove_hash['metadata']['user_password'],
}
class { '::trove::conductor':
debug => true,
verbose => true,
auth_url => "http://${service_endpoint}:5000/v2.0/",
}
class { '::trove::taskmanager':
debug => true,
verbose => true,
auth_url => "http://${service_endpoint}:5000/v2.0/",
}
firewall { $firewall_rule :
dport => $api_bind_port,
proto => 'tcp',
action => 'accept',
}
}

View File

@ -0,0 +1,8 @@
*.swp
spec/fixtures/modules/*
spec/fixtures/manifests/site.pp
Gemfile.lock
.vendor
.bundle/
vendor/
openstack/

View File

@ -0,0 +1,4 @@
[gerrit]
host=review.openstack.org
port=29418
project=openstack/puppet-trove.git

View File

@ -0,0 +1,18 @@
##2015-10-10 - 6.1.0
###Summary
This is a feature and bugfix release in the Kilo series.
####Features
- Introduce trove:config to manage custom options
####Maintenance
- acceptance: checkout stable/kilo puppet modules
####Bugfixes
- Fix catalog compilation when not configuring endpoint
##2015-07-08 - 6.0.0
###Summary
- Initial release of the puppet-trove module

View File

@ -0,0 +1,35 @@
source 'https://rubygems.org'
group :development, :test do
gem 'puppetlabs_spec_helper', :require => false
gem 'rspec-puppet', '~> 2.1.0', :require => false
gem 'metadata-json-lint'
gem 'puppet-lint-param-docs'
gem 'puppet-lint-absolute_classname-check'
gem 'puppet-lint-absolute_template_path'
gem 'puppet-lint-trailing_newline-check'
# Puppet 4.x related lint checks
gem 'puppet-lint-unquoted_string-check'
gem 'puppet-lint-leading_zero-check'
gem 'puppet-lint-variable_contains_upcase'
gem 'puppet-lint-numericvariable'
gem 'beaker-rspec', :require => false
gem 'beaker-puppet_install_helper', :require => false
gem 'json'
gem 'webmock'
end
group :system_tests do
gem 'r10k', :require => 'false'
end
if puppetversion = ENV['PUPPET_GEM_VERSION']
gem 'puppet', puppetversion, :require => false
else
gem 'puppet', :require => false
end
# vim:ft=ruby

View File

@ -0,0 +1,176 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.

View File

@ -0,0 +1,70 @@
puppet-trove
=============
6.1.0 - 2015.1 - Kilo
#### Table of Contents
1. [Overview - What is the trove module?](#overview)
2. [Module Description - What does the module do?](#module-description)
3. [Setup - The basics of getting started with trove](#setup)
4. [Implementation - An under-the-hood peek at what the module is doing](#implementation)
5. [Limitations - OS compatibility, etc.](#limitations)
6. [Development - Guide for contributing to the module](#development)
7. [Contributors - Those with commits](#contributors)
Overview
--------
The trove module is a part of [OpenStack](https://github.com/openstack), an effort by the Openstack infrastructure team to provide continuous integration testing and code review for Openstack and Openstack community projects as part of the core software. The module itself is used to flexibly configure and manage the database service for Openstack.
Module Description
------------------
Setup
-----
**What the trove module affects:**
* trove, the database service for Openstack.
Implementation
--------------
### trove
trove is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers.
Limitations
-----------
Security
--------
For security reasons, a separate in-cloud RabbitMQ cluster should be set up for Trove to use. The reason for this is that the guest agent needs to communicate with RabbitMQ, so it is not advisable to give instances access to the same RabbitMQ server that the core OpenStack services are using for communication.
Please note that puppet-trove cannot check if this rule is being followed, so it is the deployer's responsibility to do it.
Beaker-Rspec
------------
This module has beaker-rspec tests
To run:
``shell
bundle install
bundle exec rspec spec/acceptance
``
Development
-----------
Developer documentation for the entire puppet-openstack project.
* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation
Contributors
------------
* https://github.com/enovance/puppet-trove/graphs/contributors

View File

@ -0,0 +1,73 @@
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint/tasks/puppet-lint'
require 'json'
modname = JSON.parse(open('metadata.json').read)['name'].split('-')[1]
PuppetLint.configuration.fail_on_warnings = true
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.send('disable_class_parameter_defaults')
task(:default).clear
task :default => [:spec, :lint]
Rake::Task[:spec_prep].clear
desc 'Create the fixtures directory'
task :spec_prep do
# Allow to test the module with custom dependencies
# like you could do with .fixtures file
if ENV['PUPPETFILE']
puppetfile = ENV['PUPPETFILE']
if ENV['GEM_HOME']
gem_home = ENV['GEM_HOME']
gem_bin_dir = "#{gem_home}" + '/bin/'
else
gem_bin_dir = ''
end
r10k = ['env']
r10k += ["PUPPETFILE=#{puppetfile}"]
r10k += ["PUPPETFILE_DIR=#{Dir.pwd}/spec/fixtures/modules"]
r10k += ["#{gem_bin_dir}r10k"]
r10k += ['puppetfile', 'install', '-v']
sh(*r10k)
else
# otherwise, use official OpenStack Puppetfile
zuul_ref = ENV['ZUUL_REF']
zuul_branch = ENV['ZUUL_BRANCH']
zuul_url = ENV['ZUUL_URL']
repo = 'openstack/puppet-openstack-integration'
rm_rf(repo)
if File.exists?('/usr/zuul-env/bin/zuul-cloner')
zuul_clone_cmd = ['/usr/zuul-env/bin/zuul-cloner']
zuul_clone_cmd += ['--cache-dir', '/opt/git']
zuul_clone_cmd += ['--zuul-ref', "#{zuul_ref}"]
zuul_clone_cmd += ['--zuul-branch', "#{zuul_branch}"]
zuul_clone_cmd += ['--zuul-url', "#{zuul_url}"]
zuul_clone_cmd += ['git://git.openstack.org', "#{repo}"]
sh(*zuul_clone_cmd)
else
sh("git clone https://git.openstack.org/#{repo} -b stable/kilo #{repo}")
end
script = ['env']
script += ["PUPPETFILE_DIR=#{Dir.pwd}/spec/fixtures/modules"]
script += ["ZUUL_REF=#{zuul_ref}"]
script += ["ZUUL_BRANCH=#{zuul_branch}"]
script += ["ZUUL_URL=#{zuul_url}"]
script += ['bash', "#{repo}/install_modules_unit.sh"]
sh(*script)
end
rm_rf("spec/fixtures/modules/#{modname}")
ln_s(Dir.pwd, "spec/fixtures/modules/#{modname}")
mkdir_p('spec/fixtures/manifests')
touch('spec/fixtures/manifests/site.pp')
end
Rake::Task[:spec_clean].clear
desc 'Clean up the fixtures directory'
task :spec_clean do
rm_rf('spec/fixtures/modules')
rm_rf('openstack')
if File.zero?('spec/fixtures/manifests/site.pp')
rm_f('spec/fixtures/manifests/site.pp')
end
end

View File

@ -0,0 +1,38 @@
# This is an example of site.pp to deploy Trove
class { '::trove::client': }
class { '::trove::keystone::auth':
admin_address => '10.0.0.1',
internal_address => '10.0.0.1',
public_address => '10.0.0.1',
password => 'verysecrete',
region => 'OpenStack'
}
class { '::trove::db::mysql':
password => 'dbpass',
host => '10.0.0.1',
allowed_hosts => '10.0.0.1'
}
class { '::trove':
database_connection => 'mysql://trove:secrete@10.0.0.1/trove?charset=utf8',
rabbit_hosts => '10.0.0.1',
rabbit_password => 'secrete',
nova_proxy_admin_pass => 'novapass',
}
class { '::trove::api':
bind_host => '10.0.0.1',
auth_url => 'https://identity.openstack.org:5000/v2.0',
keystone_password => 'verysecrete'
}
class { '::trove::conductor':
auth_url => 'https://identity.openstack.org:5000/v2.0'
}
class { '::trove::taskmanager':
auth_url => 'https://identity.openstack.org:5000/v2.0'
}

View File

@ -0,0 +1,113 @@
require 'json'
require 'puppet/util/inifile'
class Puppet::Provider::Trove < Puppet::Provider
def self.conf_filename
'/etc/trove/trove.conf'
end
def self.withenv(hash, &block)
saved = ENV.to_hash
hash.each do |name, val|
ENV[name.to_s] = val
end
yield
ensure
ENV.clear
saved.each do |name, val|
ENV[name] = val
end
end
def self.trove_credentials
@trove_credentials ||= get_trove_credentials
end
def self.get_trove_credentials
auth_keys = ['auth_host', 'auth_port', 'auth_protocol',
'admin_tenant_name', 'admin_user', 'admin_password']
conf = trove_conf
if conf and conf['keystone_authtoken'] and
auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?}
return Hash[ auth_keys.map \
{ |k| [k, conf['keystone_authtoken'][k].strip] } ]
else
raise(Puppet::Error, "File: #{conf_filename} does not contain all \
required sections. Trove types will not work if trove is not \
correctly configured.")
end
end
def trove_credentials
self.class.trove_credentials
end
def self.auth_endpoint
@auth_endpoint ||= get_auth_endpoint
end
def self.get_auth_endpoint
q = trove_credentials
"#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/"
end
def self.trove_conf
return @trove_conf if @trove_conf
@trove_conf = Puppet::Util::IniConfig::File.new
@trove_conf.read(conf_filename)
@trove_conf
end
def self.auth_trove(*args)
q = trove_credentials
authenv = {
:OS_AUTH_URL => self.auth_endpoint,
:OS_USERNAME => q['admin_user'],
:OS_TENANT_NAME => q['admin_tenant_name'],
:OS_PASSWORD => q['admin_password']
}
begin
withenv authenv do
trove(args)
end
rescue Exception => e
if (e.message =~ /\[Errno 111\] Connection refused/) or
(e.message =~ /\(HTTP 400\)/)
sleep 10
withenv authenv do
trove(args)
end
else
raise(e)
end
end
end
def auth_trove(*args)
self.class.auth_trove(args)
end
def trove_manage(*args)
cmd = args.join(" ")
output = `#{cmd}`
$?.exitstatus
end
def self.reset
@trove_conf = nil
@trove_credentials = nil
end
def self.list_trove_resources(type, *args)
json = auth_trove("--json", "#{type}-list", *args)
return JSON.parse(json)
end
def self.get_trove_resource_attrs(type, id)
json = auth_trove("--json", "#{type}-show", id)
return JSON.parse(json)
end
end

View File

@ -0,0 +1,27 @@
Puppet::Type.type(:trove_api_paste_ini).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def self.file_path
'/etc/trove/api-paste.ini'
end
# added for backwards compatibility with older versions of inifile
def file_path
self.class.file_path
end
end

View File

@ -0,0 +1,27 @@
Puppet::Type.type(:trove_conductor_config).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def self.file_path
'/etc/trove/trove-conductor.conf'
end
# added for backwards compatibility with older versions of inifile
def file_path
self.class.file_path
end
end

View File

@ -0,0 +1,27 @@
Puppet::Type.type(:trove_config).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def self.file_path
'/etc/trove/trove.conf'
end
# added for backwards compatibility with older versions of inifile
def file_path
self.class.file_path
end
end

View File

@ -0,0 +1,52 @@
require File.join(File.dirname(__FILE__), "..","..","..",
"puppet/provider/trove")
Puppet::Type.type(:trove_datastore).provide(
:trove,
:parent => Puppet::Provider::Trove
) do
desc <<-EOT
Trove provider to manage datastore type.
EOT
commands :trove => "trove"
mk_resource_methods
def self.instances
list_trove_resources("datastore").collect do |attrs|
new(
:ensure => :present,
:name => attrs["name"],
:id => attrs["id"]
)
end
end
def self.prefetch(resources)
instances_ = instances
resources.keys.each do |name|
if provider = instances_.find{ |instance| instance.name == name }
resources[name].provider = provider
end
end
end
def exists?
@property_hash[:ensure] == :present
end
def create
if trove_manage(['trove-manage', 'datastore_update',
"#{@resource[:name]}", "''"]) != 0
fail("Failed to create datastore #{@resource[:name]}")
end
if trove_manage(['trove-manage', 'datastore_update',
"#{@resource[:name]}", "#{@resource[:version]}"]) != 0
fail("Failed to set version for datastore #{@resource[:name]}")
end
end
end

View File

@ -0,0 +1,60 @@
require File.join(File.dirname(__FILE__), "..","..","..",
"puppet/provider/trove")
Puppet::Type.type(:trove_datastore_version).provide(
:trove,
:parent => Puppet::Provider::Trove
) do
desc <<-EOT
Trove provider to manage datastore version type.
EOT
commands :trove => "trove"
mk_resource_methods
def self.prefetch(resource)
@datastore_version_hash = nil
end
def self.datastore_version_hash(datastore)
@datastore_version_hash ||= build_datastore_version_hash(datastore)
end
def datastore_version_hash(datastore)
self.class.datastore_version_hash(datastore)
end
def self.instances
[]
end
def exists?
datastore_version_hash(resource[:datastore])[resource[:name]]
end
def create
cmd = ['trove-manage', 'datastore_version_update',
"#{@resource[:datastore]}", "#{@resource[:name]}",
"#{@resource[:manager]}", "#{@resource[:image_id]}",
"#{@resource[:packages]}", "#{@resource[:active]}"]
if trove_manage(cmd) != 0
fail("Failed to create datastore version #{@resource[:name]}")
end
end
def destroy
fail("Datastore version cannot be removed")
end
private
def self.build_datastore_version_hash(datastore)
dvs = {}
list_trove_resources("datastore-version", datastore).collect do |attrs|
dvs[attrs["name"]] = attrs
end
dvs
end
end

View File

@ -0,0 +1,27 @@
Puppet::Type.type(:trove_guestagent_config).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def self.file_path
'/etc/trove/trove-guestagent.conf'
end
# added for backwards compatibility with older versions of inifile
def file_path
self.class.file_path
end
end

View File

@ -0,0 +1,27 @@
Puppet::Type.type(:trove_taskmanager_config).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def self.file_path
'/etc/trove/trove-taskmanager.conf'
end
# added for backwards compatibility with older versions of inifile
def file_path
self.class.file_path
end
end

View File

@ -0,0 +1,42 @@
Puppet::Type.newtype(:trove_api_paste_ini) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from /etc/trove/api-paste.ini'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

View File

@ -0,0 +1,42 @@
Puppet::Type.newtype(:trove_conductor_config) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from /etc/trove/trove-conductor.conf'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

View File

@ -0,0 +1,42 @@
Puppet::Type.newtype(:trove_config) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from /etc/trove/trove.conf'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

View File

@ -0,0 +1,26 @@
Puppet::Type.newtype(:trove_datastore) do
@doc = "Manage creation of Trove datastores"
ensurable
newparam(:name, :namevar => true) do
desc "Datastore version name)"
newvalues(/^.*$/)
end
newparam(:version) do
desc "Datastore version name"
end
newproperty(:id) do
validate do |v|
raise(Puppet::Error, 'This is a read only property')
end
end
validate do
raise(Puppet::Error, 'Version must be set') unless self[:version]
end
end

View File

@ -0,0 +1,38 @@
Puppet::Type.newtype(:trove_datastore_version) do
@doc = "Manage creation of Trove datastore versions"
ensurable
newparam(:name, :namevar => true) do
desc "Datastore version"
end
newparam(:datastore) do
desc "Datastore name)"
end
newparam(:manager) do
desc "Manager name"
end
newparam(:image_id) do
desc "Glance image id"
end
newparam(:packages) do
desc "Packages to install"
end
newparam(:active) do
desc "State"
end
validate do
raise(Puppet::Error, 'Datastore must be set') unless self[:datastore]
raise(Puppet::Error, 'Manager must be set') unless self[:manager]
raise(Puppet::Error, 'Image must be set') unless self[:image_id]
raise(Puppet::Error, 'Packages must be set') unless self[:packages]
raise(Puppet::Error, 'State must be set') unless self[:active]
end
end

View File

@ -0,0 +1,42 @@
Puppet::Type.newtype(:trove_guestagent_config) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from /etc/trove/trove-guestagent.conf'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

View File

@ -0,0 +1,42 @@
Puppet::Type.newtype(:trove_taskmanager_config) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from /etc/trove/trove-taskmanager.conf'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

View File

@ -0,0 +1,370 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class trove::api
#
# Configure API service in trove
#
# == Parameters
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*ensure_package*]
# (optional) Whether the trove api package will be installed
# Defaults to 'present'
#
# [*keystone_password*]
# (required) Password used to authentication.
#
# [*verbose*]
# (optional) Rather to log the trove api service at verbose level.
# Default: false
#
# [*debug*]
# (optional) Rather to log the trove api service at debug level.
# Default: false
#
# [*bind_host*]
# (optional) The address of the host to bind to.
# Default: 0.0.0.0
#
# [*bind_port*]
# (optional) The port the server should bind to.
# Default: 8779
#
# [*backlog*]
# (optional) Backlog requests when creating socket
# Default: 4096
#
# [*workers*]
# (optional) Number of trove API worker processes to start
# Default: $::processorcount
#
# [*log_file*]
# (optional) The path of file used for logging
# If set to boolean false, it will not log to any file.
# Default: /var/log/trove/trove-api.log
#
# [*log_dir*]
# (optional) directory to which trove logs are sent.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/trove'
#
# [*auth_host*]
# (optional) Host running auth service.
# Defaults to '127.0.0.1'.
#
# [*auth_url*]
# (optional) Authentication URL.
# Defaults to 'http://localhost:5000/v2.0'.
#
# [*auth_port*]
# (optional) Port to use for auth service on auth_host.
# Defaults to '35357'.
#
# [*auth_protocol*]
# (optional) Protocol to use for auth.
# Defaults to 'http'.
#
# [*keystone_tenant*]
# (optional) Tenant to authenticate to.
# Defaults to services.
#
# [*keystone_user*]
# (optional) User to authenticate as with keystone.
# Defaults to 'trove'.
#
# [*enabled*]
# (optional) Whether to enable services.
# Defaults to true.
#
# [*use_syslog*]
# (optional) Use syslog for logging.
# Defaults to false.
#
# [*log_facility*]
# (optional) Syslog facility to receive log lines.
# Defaults to 'LOG_USER'.
#
# [*purge_config*]
# (optional) Whether to set only the specified config options
# in the api config.
# Defaults to false.
#
# [*cert_file*]
# (optinal) Certificate file to use when starting API server securely
# Defaults to false, not set
#
# [*key_file*]
# (optional) Private key file to use when starting API server securely
# Defaults to false, not set
#
# [*ca_file*]
# (optional) CA certificate file to use to verify connecting clients
# Defaults to false, not set
#
class trove::api(
$keystone_password,
$verbose = false,
$debug = false,
$bind_host = '0.0.0.0',
$bind_port = '8779',
$backlog = '4096',
$workers = $::processorcount,
$log_file = '/var/log/trove/trove-api.log',
$log_dir = '/var/log/trove',
$auth_host = '127.0.0.1',
$auth_url = false,
$auth_port = '35357',
$auth_protocol = 'http',
$keystone_tenant = 'services',
$keystone_user = 'trove',
$enabled = true,
$use_syslog = false,
$log_facility = 'LOG_USER',
$purge_config = false,
$cert_file = false,
$key_file = false,
$ca_file = false,
$manage_service = true,
$ensure_package = 'present',
) inherits trove {
require ::keystone::python
include ::trove::params
Trove_config<||> ~> Exec['post-trove_config']
Trove_config<||> ~> Service['trove-api']
Package['trove-api'] -> Trove_api_paste_ini<||>
Trove_api_paste_ini<||> ~> Service['trove-api']
# Trove db sync is broken in Ubuntu packaging
# This is a temporary fix until it's fixed in packaging.
# https://bugs.launchpad.net/ubuntu/+source/openstack-trove/+bug/1451134
file { '/etc/trove/trove.conf':
require => File['/etc/trove'],
}
File['/etc/trove/trove.conf'] -> Trove_config<||>
Trove_config<||> -> Package[$::trove::params::api_package_name]
if $::trove::database_connection {
if($::trove::database_connection =~ /mysql:\/\/\S+:\S+@\S+\/\S+/) {
require 'mysql::bindings'
require 'mysql::bindings::python'
} elsif($::trove::database_connection =~ /postgresql:\/\/\S+:\S+@\S+\/\S+/) {
} elsif($::trove::database_connection =~ /sqlite:\/\//) {
} else {
fail("Invalid db connection ${::trove::database_connection}")
}
trove_config {
'database/connection': value => $::trove::database_connection;
'database/idle_timeout': value => $::trove::database_idle_timeoutl;
}
}
# basic service config
trove_config {
'DEFAULT/verbose': value => $verbose;
'DEFAULT/debug': value => $debug;
'DEFAULT/bind_host': value => $bind_host;
'DEFAULT/bind_port': value => $bind_port;
'DEFAULT/backlog': value => $backlog;
'DEFAULT/trove_api_workers': value => $workers;
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
'DEFAULT/control_exchange': value => $::trove::control_exchange;
}
if $auth_url {
trove_config { 'DEFAULT/trove_auth_url': value => $auth_url; }
} else {
trove_config { 'DEFAULT/trove_auth_url': value => "${auth_protocol}://${auth_host}:5000/v2.0"; }
}
# auth config
trove_config {
'keystone_authtoken/auth_host': value => $auth_host;
'keystone_authtoken/auth_port': value => $auth_port;
'keystone_authtoken/auth_protocol': value => $auth_protocol;
'keystone_authtoken/admin_tenant_name': value => $keystone_tenant;
'keystone_authtoken/admin_user': value => $keystone_user;
'keystone_authtoken/admin_password': value => $keystone_password, secret => true;
}
# SSL Options
if $cert_file {
trove_config {
'DEFAULT/cert_file' : value => $cert_file;
}
} else {
trove_config {
'DEFAULT/cert_file': ensure => absent;
}
}
if $key_file {
trove_config {
'DEFAULT/key_file' : value => $key_file;
}
} else {
trove_config {
'DEFAULT/key_file': ensure => absent;
}
}
if $ca_file {
trove_config {
'DEFAULT/ca_file' : value => $ca_file;
}
} else {
trove_config {
'DEFAULT/ca_file': ensure => absent;
}
}
# Logging
if $log_file {
trove_config {
'DEFAULT/log_file': value => $log_file;
}
} else {
trove_config {
'DEFAULT/log_file': ensure => absent;
}
}
if $log_dir {
trove_config {
'DEFAULT/log_dir': value => $log_dir;
}
} else {
trove_config {
'DEFAULT/log_dir': ensure => absent;
}
}
# Syslog
if $use_syslog {
trove_config {
'DEFAULT/use_syslog' : value => true;
'DEFAULT/syslog_log_facility' : value => $log_facility;
}
} else {
trove_config {
'DEFAULT/use_syslog': value => false;
}
}
resources { 'trove_config':
purge => $purge_config,
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_kombu' {
if ! $::trove::rabbit_password {
fail('When rpc_backend is rabbitmq, you must set rabbit password')
}
if $::trove::rabbit_hosts {
trove_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($::trove::rabbit_hosts, ',') }
trove_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true }
} else {
trove_config { 'oslo_messaging_rabbit/rabbit_host': value => $::trove::rabbit_host }
trove_config { 'oslo_messaging_rabbit/rabbit_port': value => $::trove::rabbit_port }
trove_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${::trove::rabbit_host}:${::trove::rabbit_port}" }
trove_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
}
trove_config {
'oslo_messaging_rabbit/rabbit_userid': value => $::trove::rabbit_user;
'oslo_messaging_rabbit/rabbit_password': value => $::trove::rabbit_password, secret => true;
'oslo_messaging_rabbit/rabbit_virtual_host': value => $::trove::rabbit_virtual_host;
'oslo_messaging_rabbit/rabbit_use_ssl': value => $::trove::rabbit_use_ssl;
'oslo_messaging_rabbit/kombu_reconnect_delay': value => $::trove::kombu_reconnect_delay;
}
if $::trove::rabbit_use_ssl {
if $::trove::kombu_ssl_ca_certs {
trove_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $::trove::kombu_ssl_ca_certs; }
} else {
trove_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; }
}
if $::trove::kombu_ssl_certfile or $::trove::kombu_ssl_keyfile {
trove_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': value => $::trove::kombu_ssl_certfile;
'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $::trove::kombu_ssl_keyfile;
}
} else {
trove_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
}
}
if $::trove::kombu_ssl_version {
trove_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $::trove::kombu_ssl_version; }
} else {
trove_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; }
}
} else {
trove_config {
'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent;
}
}
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_qpid' {
trove_config {
'DEFAULT/qpid_hostname': value => $::trove::qpid_hostname;
'DEFAULT/qpid_port': value => $::trove::qpid_port;
'DEFAULT/qpid_username': value => $::trove::qpid_username;
'DEFAULT/qpid_password': value => $::trove::qpid_password, secret => true;
'DEFAULT/qpid_heartbeat': value => $::trove::qpid_heartbeat;
'DEFAULT/qpid_protocol': value => $::trove::qpid_protocol;
'DEFAULT/qpid_tcp_nodelay': value => $::trove::qpid_tcp_nodelay;
}
if is_array($::trove::qpid_sasl_mechanisms) {
trove_config {
'DEFAULT/qpid_sasl_mechanisms': value => join($::trove::qpid_sasl_mechanisms, ' ');
}
}
elsif $::trove::qpid_sasl_mechanisms {
trove_config {
'DEFAULT/qpid_sasl_mechanisms': value => $::trove::qpid_sasl_mechanisms;
}
}
else {
trove_config {
'DEFAULT/qpid_sasl_mechanisms': ensure => absent;
}
}
}
trove::generic_service { 'api':
enabled => $enabled,
manage_service => $manage_service,
ensure_package => $ensure_package,
package_name => $::trove::params::api_package_name,
service_name => $::trove::params::api_service_name,
}
}

View File

@ -0,0 +1,40 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# trove::client
#
# Manages the trove client package on systems
#
# === Parameters:
#
# [*package_ensure*]
# (optional) The state of the package
# Defaults to present
#
#
class trove::client (
$package_ensure = present
) {
include ::trove::params
package { 'python-troveclient':
ensure => $package_ensure,
name => $::trove::params::client_package_name,
}
}

View File

@ -0,0 +1,224 @@
# == Class: trove::conductor
#
# Manages trove conductor package and service
#
# === Parameters:
#
# [*enabled*]
# (optional) Whether to enable the trove-conductor service
# Defaults to true
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*ensure_package*]
# (optional) The state of the trove conductor package
# Defaults to 'present'
#
# [*verbose*]
# (optional) Rather to log the trove api service at verbose level.
# Default: false
#
# [*debug*]
# (optional) Rather to log the trove api service at debug level.
# Default: false
#
# [*log_file*]
# (optional) The path of file used for logging
# If set to boolean false, it will not log to any file.
# Default: /var/log/trove/trove-conductor.log
#
# [*log_dir*]
# (optional) directory to which trove logs are sent.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/trove'
#
# [*use_syslog*]
# (optional) Use syslog for logging.
# Defaults to false.
#
# [*log_facility*]
# (optional) Syslog facility to receive log lines.
# Defaults to 'LOG_USER'.
#
# [*auth_url*]
# (optional) Authentication URL.
# Defaults to 'http://localhost:5000/v2.0'.
#
# [*conductor_manager*]
# (optional) Trove conductor manager.
# Defaults to 'trove.conductor.manager.Manager'.
#
class trove::conductor(
$enabled = true,
$manage_service = true,
$ensure_package = 'present',
$verbose = false,
$debug = false,
$log_file = '/var/log/trove/trove-conductor.log',
$log_dir = '/var/log/trove',
$use_syslog = false,
$log_facility = 'LOG_USER',
$auth_url = 'http://localhost:5000/v2.0',
$conductor_manager = 'trove.conductor.manager.Manager',
) inherits trove {
include ::trove::params
Trove_conductor_config<||> ~> Exec['post-trove_config']
Trove_conductor_config<||> ~> Service['trove-conductor']
# Trove db sync is broken in Ubuntu packaging
# This is a temporary fix until it's fixed in packaging.
# https://bugs.launchpad.net/ubuntu/+source/openstack-trove/+bug/1451134
file { '/etc/trove/trove-conductor.conf':
require => File['/etc/trove'],
}
File['/etc/trove/trove-conductor.conf'] -> Trove_conductor_config<||>
Trove_conductor_config<||> -> Package[$::trove::params::conductor_package_name]
if $::trove::database_connection {
if($::trove::database_connection =~ /mysql:\/\/\S+:\S+@\S+\/\S+/) {
require 'mysql::bindings'
require 'mysql::bindings::python'
} elsif($::trove::database_connection =~ /postgresql:\/\/\S+:\S+@\S+\/\S+/) {
} elsif($::trove::database_connection =~ /sqlite:\/\//) {
} else {
fail("Invalid db connection ${::trove::database_connection}")
}
trove_conductor_config {
'database/connection': value => $::trove::database_connection;
'database/idle_timeout': value => $::trove::database_idle_timeoutl;
}
}
# basic service config
trove_conductor_config {
'DEFAULT/verbose': value => $verbose;
'DEFAULT/debug': value => $debug;
'DEFAULT/trove_auth_url': value => $auth_url;
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
'DEFAULT/control_exchange': value => $::trove::control_exchange;
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_kombu' {
if ! $::trove::rabbit_password {
fail('When rpc_backend is rabbitmq, you must set rabbit password')
}
if $::trove::rabbit_hosts {
trove_conductor_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($::trove::rabbit_hosts, ',') }
trove_conductor_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true }
} else {
trove_conductor_config { 'oslo_messaging_rabbit/rabbit_host': value => $::trove::rabbit_host }
trove_conductor_config { 'oslo_messaging_rabbit/rabbit_port': value => $::trove::rabbit_port }
trove_conductor_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${::trove::rabbit_host}:${::trove::rabbit_port}" }
trove_conductor_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
}
trove_conductor_config {
'oslo_messaging_rabbit/rabbit_userid': value => $::trove::rabbit_user;
'oslo_messaging_rabbit/rabbit_password': value => $::trove::rabbit_password, secret => true;
'oslo_messaging_rabbit/rabbit_virtual_host': value => $::trove::rabbit_virtual_host;
'oslo_messaging_rabbit/rabbit_use_ssl': value => $::trove::rabbit_use_ssl;
'oslo_messaging_rabbit/kombu_reconnect_delay': value => $::trove::kombu_reconnect_delay;
}
if $::trove::rabbit_use_ssl {
if $::trove::kombu_ssl_ca_certs {
trove_conductor_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $::trove::kombu_ssl_ca_certs; }
} else {
trove_conductor_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; }
}
if $::trove::kombu_ssl_certfile or $::trove::kombu_ssl_keyfile {
trove_conductor_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': value => $::trove::kombu_ssl_certfile;
'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $::trove::kombu_ssl_keyfile;
}
} else {
trove_conductor_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
}
}
if $::trove::kombu_ssl_version {
trove_conductor_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $::trove::kombu_ssl_version; }
} else {
trove_conductor_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; }
}
} else {
trove_conductor_config {
'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent;
}
}
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_qpid' {
trove_conductor_config {
'DEFAULT/qpid_hostname': value => $::trove::qpid_hostname;
'DEFAULT/qpid_port': value => $::trove::qpid_port;
'DEFAULT/qpid_username': value => $::trove::qpid_username;
'DEFAULT/qpid_password': value => $::trove::qpid_password, secret => true;
'DEFAULT/qpid_heartbeat': value => $::trove::qpid_heartbeat;
'DEFAULT/qpid_protocol': value => $::trove::qpid_protocol;
'DEFAULT/qpid_tcp_nodelay': value => $::trove::qpid_tcp_nodelay;
}
if is_array($::trove::qpid_sasl_mechanisms) {
trove_conductor_config {
'DEFAULT/qpid_sasl_mechanisms': value => join($::trove::qpid_sasl_mechanisms, ' ');
}
}
}
# Logging
if $log_file {
trove_conductor_config {
'DEFAULT/log_file': value => $log_file;
}
} else {
trove_conductor_config {
'DEFAULT/log_file': ensure => absent;
}
}
if $log_dir {
trove_conductor_config {
'DEFAULT/log_dir': value => $log_dir;
}
} else {
trove_conductor_config {
'DEFAULT/log_dir': ensure => absent;
}
}
# Syslog
if $use_syslog {
trove_conductor_config {
'DEFAULT/use_syslog' : value => true;
'DEFAULT/syslog_log_facility' : value => $log_facility;
}
} else {
trove_conductor_config {
'DEFAULT/use_syslog': value => false;
}
}
trove::generic_service { 'conductor':
enabled => $enabled,
manage_service => $manage_service,
package_name => $::trove::params::conductor_package_name,
service_name => $::trove::params::conductor_service_name,
ensure_package => $ensure_package,
}
}

View File

@ -0,0 +1,84 @@
#
# Copyright (C) 2015 UnitedStack <devops@unitedstack.com>
#
# Author: Xingchao Yu <xingchao@unitedstack.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: trove::config
#
# This class is used to manage arbitrary trove configurations.
#
# === Parameters
#
# [*trove_config*]
# (optional) Allow configuration of arbitrary trove configurations.
# The value is an hash of trove_config resources.
# Defaults to {}
#
# [*trove_taskmanager_config*]
# (optional) Allow configuration of arbitrary trove taskmanager configurations.
# The value is an hash of trove_taskmanager_config resources.
# Defaults to {}
#
# [*trove_conductor_config*]
# (optional) Allow configuration of arbitrary trove conductor configurations.
# The value is an hash of trove_conductor_config resources.
# Defaults to {}
#
# [*trove_guestagent_config*]
# (optional) Allow configuration of arbitrary trove guestagent configurations.
# The value is an hash of trove_guestagent_config resources.
# Defaults to {}
#
# [*trove_api_paste_ini*]
# (optional) Allow configuration of arbitrary trove paste api configurations.
# The value is an hash of trove_paste_api_ini resources.
# Defaults to {}
#
# Example:
# { 'DEFAULT/foo' => { value => 'fooValue'},
# 'DEFAULT/bar' => { value => 'barValue'}
# }
#
# In yaml format, Example:
# trove_config:
# DEFAULT/foo:
# value: fooValue
# DEFAULT/bar:
# value: barValue
#
# NOTE: The configuration MUST NOT be already handled by this module
# or Puppet catalog compilation will fail with duplicate resources.
#
class trove::config (
$trove_config = {},
$trove_taskmanager_config = {},
$trove_conductor_config = {},
$trove_guestagent_config = {},
$trove_api_paste_ini = {},
) {
validate_hash($trove_config)
validate_hash($trove_taskmanager_config)
validate_hash($trove_conductor_config)
validate_hash($trove_guestagent_config)
validate_hash($trove_api_paste_ini)
create_resources('trove_config', $trove_config)
create_resources('trove_taskmanager_config', $trove_taskmanager_config)
create_resources('trove_conductor_config', $trove_conductor_config)
create_resources('trove_guestagent_config', $trove_guestagent_config)
create_resources('trove_api_paste_ini', $trove_api_paste_ini)
}

View File

@ -0,0 +1,83 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: trove::db::mysql
#
# The trove::db::mysql class creates a MySQL database for trove.
# It must be used on the MySQL server
#
# === Parameters
#
# [*password*]
# (required) Password that will be used for the trove db user.
#
# [*dbname*]
# (optional) Name of trove database.
# Defaults to trove
#
# [*user*]
# (optional) Name of trove user.
# Defaults to trove
#
# [*host*]
# (optional) Host where user should be allowed all privileges for database.
# Defaults to 127.0.0.1
#
# [*allowed_hosts*]
# (optional) Hosts allowed to use the database
# Defaults to undef.
#
# [*charset*]
# (optional) Charset of trove database
# Defaults 'utf8'.
#
# [*collate*]
# (optional) Charset collate of trove database
# Defaults 'utf8_general_ci'.
#
# [*mysql_module*]
# (optional) Deprecated. Does nothing
#
class trove::db::mysql(
$password,
$dbname = 'trove',
$user = 'trove',
$host = '127.0.0.1',
$allowed_hosts = undef,
$charset = 'utf8',
$collate = 'utf8_general_ci',
$mysql_module = undef,
) {
if $mysql_module {
warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.')
}
validate_string($password)
::openstacklib::db::mysql { 'trove':
user => $user,
password_hash => mysql_password($password),
dbname => $dbname,
host => $host,
charset => $charset,
collate => $collate,
allowed_hosts => $allowed_hosts,
}
::Openstacklib::Db::Mysql['trove'] ~> Exec<| title == 'trove-db-sync' |>
}

View File

@ -0,0 +1,47 @@
# == Class: trove::db::postgresql
#
# Class that configures postgresql for trove
# Requires the Puppetlabs postgresql module.
#
# === Parameters
#
# [*password*]
# (Required) Password to connect to the database.
#
# [*dbname*]
# (Optional) Name of the database.
# Defaults to 'trove'.
#
# [*user*]
# (Optional) User to connect to the database.
# Defaults to 'trove'.
#
# [*encoding*]
# (Optional) The charset to use for the database.
# Default to undef.
#
# [*privileges*]
# (Optional) Privileges given to the database user.
# Default to 'ALL'
#
class trove::db::postgresql(
$password,
$dbname = 'trove',
$user = 'trove',
$encoding = undef,
$privileges = 'ALL',
) {
Class['trove::db::postgresql'] -> Service<| title == 'trove' |>
::openstacklib::db::postgresql { 'trove':
password_hash => postgresql_password($user, $password),
dbname => $dbname,
user => $user,
encoding => $encoding,
privileges => $privileges,
}
::Openstacklib::Db::Postgresql['trove'] ~> Exec<| title == 'trove-manage db_sync' |>
}

View File

@ -0,0 +1,28 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Class to execute "trove-manage db_sync
#
class trove::db::sync {
exec { 'trove-manage db_sync':
path => '/usr/bin',
user => 'trove',
refreshonly => true,
subscribe => Trove_config['database/connection'],
require => Package['trove-api'],
}
}

View File

@ -0,0 +1,91 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Define: trove::generic_service
#
# This defined type implements basic trove services.
# It is introduced to attempt to consolidate
# common code.
#
# It also allows users to specify ad-hoc services
# as needed
#
# This define creates a service resource with title trove-${name} and
# conditionally creates a package resource with title trove-${name}
#
# === Parameters:
#
# [*package_name*]
# (mandatory) The package name (for the generic_service)
#
# [*service_name*]
# (mandatory) The service name (for the generic_service)
#
# [*enabled*]
# (optional) Define if the service must be enabled or not
# Defaults to false.
#
# [*manage_service*]
# (optional) Manage or not the service (if a service_name is provided).
# Defaults to true.
#
# [*ensure_package*]
# (optional) Control the ensure parameter for the package ressource.
# Defaults to 'present'.
#
define trove::generic_service(
$package_name,
$service_name,
$enabled = false,
$manage_service = true,
$ensure_package = 'present'
) {
include ::trove::params
include ::trove::db::sync
$trove_title = "trove-${name}"
Exec['post-trove_config'] ~> Service<| title == $trove_title |>
Exec<| title == 'trove-db-sync' |> ~> Service<| title == $trove_title |>
if ($package_name) {
if !defined(Package[$package_name]) {
package { $trove_title:
ensure => $ensure_package,
name => $package_name,
notify => Service[$trove_title],
}
}
}
if $service_name {
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { $trove_title:
ensure => $service_ensure,
name => $service_name,
enable => $enabled,
hasstatus => true,
}
}
}

View File

@ -0,0 +1,213 @@
# == Class: trove::guestagent
#
# Manages trove guest agent package and service
#
# === Parameters:
#
# [*enabled*]
# (optional) Whether to enable the trove guest agent service
# Defaults to true
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*ensure_package*]
# (optional) The state of the trove guest agent package
# Defaults to 'present'
#
# [*verbose*]
# (optional) Rather to log the trove guest agent service at verbose level.
# Default: false
#
# [*debug*]
# (optional) Rather to log the trove guest agent service at debug level.
# Default: false
#
# [*log_file*]
# (optional) The path of file used for logging
# If set to boolean false, it will not log to any file.
# Default: /var/log/trove/guestagent.log
#
# [*log_dir*]
# (optional) directory to which trove logs are sent.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/trove'
#
# [*use_syslog*]
# (optional) Use syslog for logging.
# Defaults to false.
#
# [*log_facility*]
# (optional) Syslog facility to receive log lines.
# Defaults to 'LOG_USER'.
#
# [*auth_url*]
# (optional) Authentication URL.
# Defaults to 'http://localhost:5000/v2.0'.
#
# [*swift_url*]
# (optional) Swift URL.
# Defaults to 'http://localhost:8080/v1/AUTH_'.
#
# [*control_exchange*]
# (optional) Control exchange.
# Defaults to 'trove'.
#
class trove::guestagent(
$enabled = true,
$manage_service = true,
$ensure_package = 'present',
$verbose = false,
$debug = false,
$log_file = '/var/log/trove/guestagent.log',
$log_dir = '/var/log/trove',
$use_syslog = false,
$log_facility = 'LOG_USER',
$auth_url = 'http://localhost:5000/v2.0',
$swift_url = 'http://localhost:8080/v1/AUTH_',
$control_exchange = 'trove'
) inherits trove {
include ::trove::params
Trove_guestagent_config<||> ~> Exec['post-trove_config']
Trove_guestagent_config<||> ~> Service['trove-guestagent']
# Trove db sync is broken in Ubuntu packaging
# This is a temporary fix until it's fixed in packaging.
# https://bugs.launchpad.net/ubuntu/+source/openstack-trove/+bug/1451134
file { '/etc/trove/trove-guestagent.conf':
require => File['/etc/trove'],
}
File['/etc/trove/trove-guestagent.conf'] -> Trove_guestagent_config<||>
Trove_guestagent_config<||> -> Package[$::trove::params::guestagent_package_name]
# basic service config
trove_guestagent_config {
'DEFAULT/verbose': value => $verbose;
'DEFAULT/debug': value => $debug;
'DEFAULT/trove_auth_url': value => $auth_url;
'DEFAULT/swift_url': value => $swift_url;
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
'DEFAULT/control_exchange': value => $control_exchange;
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_kombu' {
if ! $::trove::rabbit_password {
fail('When rpc_backend is rabbitmq, you must set rabbit password')
}
if $::trove::rabbit_hosts {
trove_guestagent_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($::trove::rabbit_hosts, ',') }
trove_guestagent_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true }
} else {
trove_guestagent_config { 'oslo_messaging_rabbit/rabbit_host': value => $::trove::rabbit_host }
trove_guestagent_config { 'oslo_messaging_rabbit/rabbit_port': value => $::trove::rabbit_port }
trove_guestagent_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${::trove::rabbit_host}:${::trove::rabbit_port}" }
trove_guestagent_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
}
trove_guestagent_config {
'oslo_messaging_rabbit/rabbit_userid': value => $::trove::rabbit_user;
'oslo_messaging_rabbit/rabbit_password': value => $::trove::rabbit_password, secret => true;
'oslo_messaging_rabbit/rabbit_virtual_host': value => $::trove::rabbit_virtual_host;
'oslo_messaging_rabbit/rabbit_use_ssl': value => $::trove::rabbit_use_ssl;
'oslo_messaging_rabbit/kombu_reconnect_delay': value => $::trove::kombu_reconnect_delay;
}
if $::trove::rabbit_use_ssl {
if $::trove::kombu_ssl_ca_certs {
trove_guestagent_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $::trove::kombu_ssl_ca_certs; }
} else {
trove_guestagent_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; }
}
if $::trove::kombu_ssl_certfile or $::trove::kombu_ssl_keyfile {
trove_guestagent_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': value => $::trove::kombu_ssl_certfile;
'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $::trove::kombu_ssl_keyfile;
}
} else {
trove_guestagent_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
}
}
if $::trove::kombu_ssl_version {
trove_guestagent_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $::trove::kombu_ssl_version; }
} else {
trove_guestagent_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; }
}
} else {
trove_guestagent_config {
'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent;
}
}
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_qpid' {
trove_guestagent_config {
'DEFAULT/qpid_hostname': value => $::trove::qpid_hostname;
'DEFAULT/qpid_port': value => $::trove::qpid_port;
'DEFAULT/qpid_username': value => $::trove::qpid_username;
'DEFAULT/qpid_password': value => $::trove::qpid_password, secret => true;
'DEFAULT/qpid_heartbeat': value => $::trove::qpid_heartbeat;
'DEFAULT/qpid_protocol': value => $::trove::qpid_protocol;
'DEFAULT/qpid_tcp_nodelay': value => $::trove::qpid_tcp_nodelay;
}
if is_array($::trove::qpid_sasl_mechanisms) {
trove_guestagent_config {
'DEFAULT/qpid_sasl_mechanisms': value => join($::trove::qpid_sasl_mechanisms, ' ');
}
}
}
# Logging
if $log_file {
trove_guestagent_config {
'DEFAULT/log_file': value => $log_file;
}
} else {
trove_guestagent_config {
'DEFAULT/log_file': ensure => absent;
}
}
if $log_dir {
trove_guestagent_config {
'DEFAULT/log_dir': value => $log_dir;
}
} else {
trove_guestagent_config {
'DEFAULT/log_dir': ensure => absent;
}
}
# Syslog
if $use_syslog {
trove_guestagent_config {
'DEFAULT/use_syslog' : value => true;
'DEFAULT/syslog_log_facility' : value => $log_facility;
}
} else {
trove_guestagent_config {
'DEFAULT/use_syslog': value => false;
}
}
trove::generic_service { 'guestagent':
enabled => $enabled,
manage_service => $manage_service,
package_name => $::trove::params::guestagent_package_name,
service_name => $::trove::params::guestagent_service_name,
ensure_package => $ensure_package,
}
}

View File

@ -0,0 +1,259 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# trove::init
#
# Trove base config
#
# == Parameters
#
# [*rabbit_host*]
# (optional) Location of rabbitmq installation.
# Note that, for security reasons, this rabbitmq host should not be the
# same that the core openstack services are using for communication. See
# http://lists.openstack.org/pipermail/openstack-dev/2015-April/061759.html
# Defaults to 'localhost'
#
# [*rabbit_hosts*]
# (optional) List of clustered rabbit servers.
# Note that, for security reasons, these rabbitmq hosts should not be the
# same that the core openstack services are using for communication. See
# http://lists.openstack.org/pipermail/openstack-dev/2015-April/061759.html
# Defaults to false
#
# [*rabbit_port*]
# (optional) Port for rabbitmq instance.
# Defaults to '5672'
#
# [*rabbit_password*]
# (optional) Password used to connect to rabbitmq.
# Defaults to 'guest'
#
# [*rabbit_userid*]
# (optional) User used to connect to rabbitmq.
# Defaults to 'guest'
#
# [*rabbit_virtual_host*]
# (optional) The RabbitMQ virtual host.
# Defaults to '/'
#
# [*rabbit_use_ssl*]
# (optional) Connect over SSL for RabbitMQ
# Defaults to false
#
# [*rabbit_notification_topic*]
# (optional) Notification topic.
# Defaults to false.
#
# [*kombu_ssl_ca_certs*]
# (optional) SSL certification authority file (valid only if SSL enabled).
# Defaults to undef
#
# [*kombu_ssl_certfile*]
# (optional) SSL cert file (valid only if SSL enabled).
# Defaults to undef
#
# [*kombu_ssl_keyfile*]
# (optional) SSL key file (valid only if SSL enabled).
# Defaults to undef
#
# [*kombu_ssl_version*]
# (optional) SSL version to use (valid only if SSL enabled).
# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
# available on some distributions.
# Defaults to 'TLSv1'
#
# [*amqp_durable_queues*]
# (optional) Define queues as "durable" to rabbitmq.
# Defaults to false
#
# [*qpid_hostname*]
# (optional) Location of qpid server
# Defaults to 'localhost'
#
# [*qpid_port*]
# (optional) Port for qpid server
# Defaults to '5672'
#
# [*qpid_username*]
# (optional) Username to use when connecting to qpid
# Defaults to 'guest'
#
# [*qpid_password*]
# (optional) Password to use when connecting to qpid
# Defaults to 'guest'
#
# [*qpid_heartbeat*]
# (optional) Seconds between connection keepalive heartbeats
# Defaults to 60
#
# [*qpid_protocol*]
# (optional) Transport to use, either 'tcp' or 'ssl''
# Defaults to 'tcp'
#
# [*qpid_sasl_mechanisms*]
# (optional) Enable one or more SASL mechanisms
# Defaults to false
#
# [*qpid_tcp_nodelay*]
# (optional) Disable Nagle algorithm
# Defaults to true
#
# [*rpc_backend*]
# (optional) The rpc backend implementation to use, can be:
# trove.openstack.common.rpc.impl_kombu (for rabbitmq)
# trove.openstack.common.rpc.impl_qpid (for qpid)
# Defaults to 'trove.openstack.common.rpc.impl_kombu'
#
# [*mysql_module*]
# (optional) Deprecated. Does nothing.
# Defaults to undef.
#
# [*database_connection*]
# (optional) Connection url to connect to trove database.
# Defaults to 'sqlite:////var/lib/trove/trove.sqlite'
#
# [*database_idle_timeout*]
# (optional) Timeout before idle db connections are reaped.
# Defaults to 3600
#
# [*nova_compute_url*]
# (optional) URL without the tenant segment.
# Defaults to false.
#
# [*nova_proxy_admin_user*]
# (optional) Admin username used to connect to nova.
# Defaults to 'admin'
#
# [*nova_proxy_admin_pass*]
# (required) Admin password used to connect to nova.
#
# [*nova_proxy_admin_tenant_name*]
# (optional) Admin tenant name used to connect to nova.
# Defaults to 'admin'
#
# [*control_exchange*]
# (optional) Control exchange.
# Defaults to 'trove'.
#
# [*cinder_url*]
# (optional) URL without the tenant segment.
# Defaults to false.
#
# [*swift_url*]
# (optional) Swift URL ending in AUTH_.
# Defaults to false.
#
# [*use_neutron*]
# (optional) Use Neutron
# Defaults to true
#
# [*package_ensure*]
# (optional) The state of the package.
# Defaults to 'present'
#
class trove(
$nova_proxy_admin_pass,
$rabbit_host = 'localhost',
$rabbit_hosts = false,
$rabbit_password = 'guest',
$rabbit_port = '5672',
$rabbit_userid = 'guest',
$rabbit_virtual_host = '/',
$rabbit_use_ssl = false,
$rabbit_notification_topic = 'notifications',
$kombu_ssl_ca_certs = undef,
$kombu_ssl_certfile = undef,
$kombu_ssl_keyfile = undef,
$kombu_ssl_version = 'TLSv1',
$amqp_durable_queues = false,
$database_connection = 'sqlite:////var/lib/trove/trove.sqlite',
$database_idle_timeout = 3600,
$rpc_backend = 'trove.openstack.common.rpc.impl_kombu',
$nova_compute_url = false,
$nova_proxy_admin_user = 'admin',
$nova_proxy_admin_tenant_name = 'admin',
$control_exchange = 'trove',
$cinder_url = false,
$swift_url = false,
$use_neutron = true,
$package_ensure = 'present',
# DEPRECATED PARAMETERS
$mysql_module = undef,
) {
include ::trove::params
if $mysql_module {
warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.')
}
exec { 'post-trove_config':
command => '/bin/echo "Trove config has changed"',
refreshonly => true,
}
Trove_datastore<||> -> Trove_datastore_version<||>
if $nova_compute_url {
trove_config { 'DEFAULT/nova_compute_url': value => $nova_compute_url }
}
else {
trove_config { 'DEFAULT/nova_compute_url': ensure => absent }
}
if $cinder_url {
trove_config { 'DEFAULT/cinder_url': value => $cinder_url }
}
else {
trove_config { 'DEFAULT/cinder_url': ensure => absent }
}
if $swift_url {
trove_config { 'DEFAULT/swift_url': value => $swift_url }
}
else {
trove_config { 'DEFAULT/swift_url': ensure => absent }
}
if $::osfamily == 'RedHat' {
# TO-DO(mmagr): Conditional should be removed as soon as following bug
# is really fixed. On Ubuntu trove-common is not installable without already
# running database and correctly filled trove.conf:
# https://bugs.launchpad.net/ubuntu/+source/openstack-trove/+bug/1365561
package { 'trove':
ensure => $package_ensure,
name => $::trove::params::common_package_name
}
$group_require = Package['trove']
} else {
$group_require = undef
}
group { 'trove':
ensure => 'present',
name => 'trove',
system => true,
require => $group_require
}
file { '/etc/trove/':
ensure => directory,
group => 'trove',
require => Group['trove']
}
}

View File

@ -0,0 +1,220 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# trove::keystone::auth
#
# Configures Trove user, service and endpoint in Keystone.
#
# === Parameters
#
# [*password*]
# (required) Password for Trove user.
#
# [*auth_name*]
# Username for Trove service. Defaults to 'trove'.
#
# [*email*]
# Email for Trove user. Defaults to 'trove@localhost'.
#
# [*tenant*]
# Tenant for Trove user. Defaults to 'services'.
#
# [*configure_endpoint*]
# Should Trove endpoint be configured? Defaults to 'true'.
#
# [*service_type*]
# Type of service. Defaults to 'database'.
#
# [*service_name*]
# (optional) Name of the service.
# Defaults to the value of auth_name.
#
# [*region*]
# Region for endpoint. Defaults to 'RegionOne'.
#
# [*public_url*]
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8779/v1.0/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*admin_url*]
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8779/v1.0/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*internal_url*]
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8779/v1.0/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*port*]
# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead.
# Default port for endpoints. (Defaults to 9001)
# Setting this parameter overrides public_url, internal_url and admin_url parameters.
#
# [*public_port*]
# (optional) DEPRECATED: Use public_url instead.
# Default port for endpoints. (Defaults to $port)
# Setting this parameter overrides public_url parameter.
#
# [*public_protocol*]
# (optional) DEPRECATED: Use public_url instead.
# Protocol for public endpoint. (Defaults to 'http')
# Setting this parameter overrides public_url parameter.
#
# [*public_address*]
# (optional) DEPRECATED: Use public_url instead.
# Public address for endpoint. (Defaults to '127.0.0.1')
# Setting this parameter overrides public_url parameter.
#
# [*internal_protocol*]
# (optional) DEPRECATED: Use internal_url instead.
# Protocol for internal endpoint. (Defaults to 'http')
# Setting this parameter overrides internal_url parameter.
#
# [*internal_address*]
# (optional) DEPRECATED: Use internal_url instead.
# Internal address for endpoint. (Defaults to '127.0.0.1')
# Setting this parameter overrides internal_url parameter.
#
# [*admin_protocol*]
# (optional) DEPRECATED: Use admin_url instead.
# Protocol for admin endpoint. (Defaults to 'http')
# Setting this parameter overrides admin_url parameter.
#
# [*admin_address*]
# (optional) DEPRECATED: Use admin_url instead.
# Admin address for endpoint. (Defaults to '127.0.0.1')
# Setting this parameter overrides admin_url parameter.
#
# === Deprecation notes
#
# If any value is provided for public_protocol, public_address or port parameters,
# public_url will be completely ignored. The same applies for internal and admin parameters.
#
# === Examples
#
# class { 'trove::keystone::auth':
# public_url => 'https://10.0.0.10:8779/v1.0/%(tenant_id)s',
# internal_url => 'https://10.0.0.11:8779/v1.0/%(tenant_id)s',
# admin_url => 'https://10.0.0.11:8779/v1.0/%(tenant_id)s',
# }
#
class trove::keystone::auth (
$password,
$auth_name = 'trove',
$email = 'trove@localhost',
$tenant = 'services',
$configure_endpoint = true,
$service_name = undef,
$service_type = 'database',
$region = 'RegionOne',
$public_url = 'http://127.0.0.1:8779/v1.0/%(tenant_id)s',
$admin_url = 'http://127.0.0.1:8779/v1.0/%(tenant_id)s',
$internal_url = 'http://127.0.0.1:8779/v1.0/%(tenant_id)s',
# DEPRECATED PARAMETERS
$port = undef,
$public_port = undef,
$public_protocol = undef,
$public_address = undef,
$internal_protocol = undef,
$internal_address = undef,
$admin_protocol = undef,
$admin_address = undef,
) {
if $port {
warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.')
}
if $public_port {
warning('The public_port parameter is deprecated, use public_url instead.')
}
if $public_protocol {
warning('The public_protocol parameter is deprecated, use public_url instead.')
}
if $internal_protocol {
warning('The internal_protocol parameter is deprecated, use internal_url instead.')
}
if $admin_protocol {
warning('The admin_protocol parameter is deprecated, use admin_url instead.')
}
if $public_address {
warning('The public_address parameter is deprecated, use public_url instead.')
}
if $internal_address {
warning('The internal_address parameter is deprecated, use internal_url instead.')
}
if $admin_address {
warning('The admin_address parameter is deprecated, use admin_url instead.')
}
if ($public_protocol or $public_address or $port or $public_port) {
$public_url_real = sprintf('%s://%s:%s/v1.0/%%(tenant_id)s',
pick($public_protocol, 'http'),
pick($public_address, '127.0.0.1'),
pick($public_port, $port, '8779'))
} else {
$public_url_real = $public_url
}
if ($admin_protocol or $admin_address or $port) {
$admin_url_real = sprintf('%s://%s:%s/v1.0/%%(tenant_id)s',
pick($admin_protocol, 'http'),
pick($admin_address, '127.0.0.1'),
pick($port, '8779'))
} else {
$admin_url_real = $admin_url
}
if ($internal_protocol or $internal_address or $port) {
$internal_url_real = sprintf('%s://%s:%s/v1.0/%%(tenant_id)s',
pick($internal_protocol, 'http'),
pick($internal_address, '127.0.0.1'),
pick($port, '8779'))
} else {
$internal_url_real = $internal_url
}
$real_service_name = pick($service_name, $auth_name)
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'trove-server' |>
Keystone_endpoint<| title == "${region}/${real_service_name}" |>
~> Service <| name == 'trove-server' |>
keystone::resource::service_identity { 'trove':
configure_user => true,
configure_user_role => true,
configure_endpoint => $configure_endpoint,
service_name => $real_service_name,
service_type => $service_type,
service_description => 'Trove Database Service',
region => $region,
auth_name => $auth_name,
password => $password,
email => $email,
tenant => $tenant,
public_url => $public_url_real,
internal_url => $internal_url_real,
admin_url => $admin_url_real,
}
}

View File

@ -0,0 +1,35 @@
# Parameters for puppet-trove
#
class trove::params {
case $::osfamily {
'RedHat': {
$client_package_name = 'python-troveclient'
$common_package_name = 'openstack-trove'
$conductor_package_name = 'openstack-trove-conductor'
$conductor_service_name = 'openstack-trove-conductor'
$api_package_name = 'openstack-trove-api'
$api_service_name = 'openstack-trove-api'
$guestagent_package_name = 'openstack-trove-guestagent'
$guestagent_service_name = 'openstack-trove-guestagent'
$taskmanager_package_name = 'openstack-trove-taskmanager'
$taskmanager_service_name = 'openstack-trove-taskmanager'
}
'Debian': {
$client_package_name = 'python-troveclient'
$common_package_name = 'trove-common'
$conductor_package_name = 'trove-conductor'
$conductor_service_name = 'trove-conductor'
$api_package_name = 'trove-api'
$api_service_name = 'trove-api'
$guestagent_package_name = 'trove-guestagent'
$guestagent_service_name = 'trove-guestagent'
$taskmanager_package_name = 'trove-taskmanager'
$taskmanager_service_name = 'trove-taskmanager'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem")
}
} # Case $::osfamily
}

View File

@ -0,0 +1,106 @@
# == Class: trove::rabbitmq
#
# Installs and manages rabbitmq server for trove
#
# == Parameters:
#
# [*userid*]
# (optional) The username to use when connecting to Rabbit
# Defaults to 'guest'
#
# [*password*]
# (optional) The password to use when connecting to Rabbit
# Defaults to 'guest'
#
# [*port*]
# (optional) The port to use when connecting to Rabbit
# Defaults to '5672'
#
# [*virtual_host*]
# (optional) The virtual host to use when connecting to Rabbit
# Defaults to '/'
#
# [*cluster_disk_nodes*]
# (optional) Enables/disables RabbitMQ clustering. Specify an array of Rabbit Broker
# IP addresses to configure clustering.
# Defaults to false
#
# [*enabled*]
# (optional) Whether to enable the Rabbit service
# Defaults to false
#
# [*rabbitmq_class*]
# (optional) Deprecated. The rabbitmq puppet class to depend on,
# which is dependent on the puppet-rabbitmq version.
# Use the default for 1.x, use 'rabbitmq' for 3.x.
# Use false if rabbitmq class should not be configured
# here
# Defaults to 'rabbitmq::server'
#
class trove::rabbitmq(
$userid ='guest',
$password ='guest',
$port ='55671',
$virtual_host ='/',
$cluster_disk_nodes = false,
$enabled = true,
# DEPRECATED PARAMETER
$rabbitmq_class = 'rabbitmq::server'
) {
if ($enabled) {
if $userid == 'guest' {
$delete_guest_user = false
} else {
$delete_guest_user = true
rabbitmq_user { $userid:
admin => true,
password => $password,
provider => 'rabbitmqctl',
}
# I need to figure out the appropriate permissions
rabbitmq_user_permissions { "${userid}@${virtual_host}":
configure_permission => '.*',
write_permission => '.*',
read_permission => '.*',
provider => 'rabbitmqctl',
}->Anchor<| title == 'trove-start' |>
}
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
# NOTE(bogdando) do not trove manage rabbitmq service
# if rabbitmq_class is set to False
if $rabbitmq_class {
warning('The rabbitmq_class parameter is deprecated.')
if $cluster_disk_nodes {
class { $rabbitmq_class:
service_ensure => $service_ensure,
port => $port,
delete_guest_user => $delete_guest_user,
config_cluster => true,
cluster_disk_nodes => $cluster_disk_nodes,
wipe_db_on_cookie_change => true,
}
} else {
class { $rabbitmq_class:
service_ensure => $service_ensure,
port => $port,
delete_guest_user => $delete_guest_user,
}
}
Class[$rabbitmq_class] -> Rabbitmq_user<| title == $userid |>
Class[$rabbitmq_class] -> Rabbitmq_vhost<| title == $virtual_host |>
# only configure trove after the queue is up
Class[$rabbitmq_class] -> Anchor<| title == 'trove-start' |>
}
if ($enabled) {
rabbitmq_vhost { $virtual_host:
provider => 'rabbitmqctl',
}
}
}

View File

@ -0,0 +1,281 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: trove::taskmanager
#
# Manages trove taskmanager package and service
#
# === Parameters:
#
# [*enabled*]
# (optional) Whether to enable the trove-taskmanager service
# Defaults to true
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*ensure_package*]
# (optional) The state of the trove taskmanager package
# Defaults to 'present'
#
# [*verbose*]
# (optional) Rather to log the trove api service at verbose level.
# Default: false
#
# [*debug*]
# (optional) Rather to log the trove api service at debug level.
# Default: false
#
# [*log_file*]
# (optional) The path of file used for logging
# If set to boolean false, it will not log to any file.
# Default: /var/log/trove/trove-taskmanager.log
#
# [*log_dir*]
# (optional) directory to which trove logs are sent.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/trove'
#
# [*use_syslog*]
# (optional) Use syslog for logging.
# Defaults to false.
#
# [*log_facility*]
# (optional) Syslog facility to receive log lines.
# Defaults to 'LOG_USER'.
#
# [*auth_url*]
# (optional) Authentication URL.
# Defaults to 'http://localhost:5000/v2.0'.
#
# [*heat_url*]
# (optional) URL without the tenant segment.
# Defaults to false
#
# [*guestagent_config_file*]
# (optional) Trove guest agent configuration file.
# Defaults to '/etc/trove/trove-guestmanager.conf'.
#
class trove::taskmanager(
$enabled = true,
$manage_service = true,
$debug = false,
$verbose = false,
$log_file = '/var/log/trove/trove-taskmanager.log',
$log_dir = '/var/log/trove',
$use_syslog = false,
$log_facility = 'LOG_USER',
$auth_url = 'http://localhost:5000/v2.0',
$heat_url = false,
$ensure_package = 'present',
$guestagent_config_file = '/etc/trove/trove-guestmanager.conf'
) inherits trove {
include ::trove::params
Package[$::trove::params::taskmanager_package_name] -> Trove_taskmanager_config<||>
Trove_taskmanager_config<||> ~> Exec['post-trove_config']
Trove_taskmanager_config<||> ~> Service['trove-taskmanager']
if $::trove::database_connection {
if($::trove::database_connection =~ /mysql:\/\/\S+:\S+@\S+\/\S+/) {
require 'mysql::bindings'
require 'mysql::bindings::python'
} elsif($::trove::database_connection =~ /postgresql:\/\/\S+:\S+@\S+\/\S+/) {
} elsif($::trove::database_connection =~ /sqlite:\/\//) {
} else {
fail("Invalid db connection ${::trove::database_connection}")
}
trove_taskmanager_config {
'database/connection': value => $::trove::database_connection;
'database/idle_timeout': value => $::trove::database_idle_timeoutl;
}
}
# basic service config
trove_taskmanager_config {
'DEFAULT/verbose': value => $verbose;
'DEFAULT/debug': value => $debug;
'DEFAULT/trove_auth_url': value => $auth_url;
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_kombu' {
if ! $::trove::rabbit_password {
fail('When rpc_backend is rabbitmq, you must set rabbit password')
}
if $::trove::rabbit_hosts {
trove_taskmanager_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($::trove::rabbit_hosts, ',') }
trove_taskmanager_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true }
} else {
trove_taskmanager_config { 'oslo_messaging_rabbit/rabbit_host': value => $::trove::rabbit_host }
trove_taskmanager_config { 'oslo_messaging_rabbit/rabbit_port': value => $::trove::rabbit_port }
trove_taskmanager_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${::trove::rabbit_host}:${::trove::rabbit_port}" }
trove_taskmanager_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
}
trove_taskmanager_config {
'oslo_messaging_rabbit/rabbit_userid': value => $::trove::rabbit_user;
'oslo_messaging_rabbit/rabbit_password': value => $::trove::rabbit_password, secret => true;
'oslo_messaging_rabbit/rabbit_virtual_host': value => $::trove::rabbit_virtual_host;
'oslo_messaging_rabbit/rabbit_use_ssl': value => $::trove::rabbit_use_ssl;
'oslo_messaging_rabbit/kombu_reconnect_delay': value => $::trove::kombu_reconnect_delay;
}
if $::trove::rabbit_use_ssl {
if $::trove::kombu_ssl_ca_certs {
trove_taskmanager_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $::trove::kombu_ssl_ca_certs; }
} else {
trove_taskmanager_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; }
}
if $::trove::kombu_ssl_certfile or $::trove::kombu_ssl_keyfile {
trove_taskmanager_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': value => $::trove::kombu_ssl_certfile;
'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $::trove::kombu_ssl_keyfile;
}
} else {
trove_taskmanager_config {
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
}
}
if $::trove::kombu_ssl_version {
trove_taskmanager_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $::trove::kombu_ssl_version; }
} else {
trove_taskmanager_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; }
}
} else {
trove_taskmanager_config {
'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent;
}
}
}
if $::trove::rpc_backend == 'trove.openstack.common.rpc.impl_qpid' {
trove_taskmanager_config {
'DEFAULT/qpid_hostname': value => $::trove::qpid_hostname;
'DEFAULT/qpid_port': value => $::trove::qpid_port;
'DEFAULT/qpid_username': value => $::trove::qpid_username;
'DEFAULT/qpid_password': value => $::trove::qpid_password, secret => true;
'DEFAULT/qpid_heartbeat': value => $::trove::qpid_heartbeat;
'DEFAULT/qpid_protocol': value => $::trove::qpid_protocol;
'DEFAULT/qpid_tcp_nodelay': value => $::trove::qpid_tcp_nodelay;
}
if is_array($::trove::qpid_sasl_mechanisms) {
trove_taskmanager_config {
'DEFAULT/qpid_sasl_mechanisms': value => join($::trove::qpid_sasl_mechanisms, ' ');
}
}
}
if $::trove::use_neutron {
trove_config {
'DEFAULT/network_label_regex': value => '.*';
'DEFAULT/network_driver': value => 'trove.network.neutron.NeutronDriver';
}
trove_taskmanager_config {
'DEFAULT/network_label_regex': value => '.*';
'DEFAULT/network_driver': value => 'trove.network.neutron.NeutronDriver';
}
} else {
trove_config {
'DEFAULT/network_label_regex': value => '^private$';
'DEFAULT/network_driver': value => 'trove.network.nova.NovaNetwork';
}
trove_taskmanager_config {
'DEFAULT/network_label_regex': value => '^private$';
'DEFAULT/network_driver': value => 'trove.network.nova.NovaNetwork';
}
}
trove_config {
'DEFAULT/taskmanager_queue': value => 'taskmanager';
}
# Logging
if $log_file {
trove_taskmanager_config {
'DEFAULT/log_file': value => $log_file;
}
} else {
trove_taskmanager_config {
'DEFAULT/log_file': ensure => absent;
}
}
if $log_dir {
trove_taskmanager_config {
'DEFAULT/log_dir': value => $log_dir;
}
} else {
trove_taskmanager_config {
'DEFAULT/log_dir': ensure => absent;
}
}
# Syslog
if $use_syslog {
trove_taskmanager_config {
'DEFAULT/use_syslog' : value => true;
'DEFAULT/syslog_log_facility' : value => $log_facility;
}
} else {
trove_taskmanager_config {
'DEFAULT/use_syslog': value => false;
}
}
trove::generic_service { 'taskmanager':
enabled => $enabled,
manage_service => $manage_service,
package_name => $::trove::params::taskmanager_package_name,
service_name => $::trove::params::taskmanager_service_name,
ensure_package => $ensure_package,
}
if $guestagent_config_file {
file { $guestagent_config_file:
content => template('trove/trove-guestagent.conf.erb')
}
trove_taskmanager_config {
'DEFAULT/guest_config': value => $guestagent_config_file
}
}
# TO-DO(mmagr): Disabling transformer workarounds bug #1402055.
# Remove this hack as soon as bug is fixed.
if $::osfamily == 'RedHat' {
trove_taskmanager_config {
'DEFAULT/exists_notification_transformer': ensure => absent,
}
}
}

View File

@ -0,0 +1,39 @@
{
"name": "openstack-trove",
"version": "6.1.0",
"author": "eNovance and OpenStack Contributors",
"summary": "Puppet module for OpenStack Trove",
"license": "Apache-2.0",
"source": "git://github.com/openstack/puppet-trove.git",
"project_page": "https://launchpad.net/puppet-trove",
"issues_url": "https://bugs.launchpad.net/puppet-trove",
"requirements": [
{ "name": "pe","version_requirement": "3.x" },
{ "name": "puppet","version_requirement": "3.x" }
],
"operatingsystem_support": [
{
"operatingsystem": "Debian",
"operatingsystemrelease": ["7"]
},
{
"operatingsystem": "Fedora",
"operatingsystemrelease": ["20"]
},
{
"operatingsystem": "RedHat",
"operatingsystemrelease": ["6.5","7"]
},
{
"operatingsystem": "Ubuntu",
"operatingsystemrelease": ["12.04","14.04"]
}
],
"description": "Installs and configures OpenStack Trove (Database service).",
"dependencies": [
{ "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" },
{ "name": "openstack/keystone", "version_requirement": ">=6.0.0 <7.0.0" },
{ "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" },
{ "name": "openstack/openstacklib", "version_requirement": ">=6.0.0 <7.0.0" }
]
}

View File

@ -0,0 +1,114 @@
require 'spec_helper_acceptance'
describe 'basic trove' do
context 'default parameters' do
it 'should work with no errors' do
pp= <<-EOS
Exec { logoutput => 'on_failure' }
# Common resources
case $::osfamily {
'Debian': {
include ::apt
class { '::openstack_extras::repo::debian::ubuntu':
release => 'kilo',
package_require => true,
}
$package_provider = 'apt'
}
'RedHat': {
class { '::openstack_extras::repo::redhat::redhat':
release => 'kilo',
}
package { 'openstack-selinux': ensure => 'latest' }
$package_provider = 'yum'
}
default: {
fail("Unsupported osfamily (${::osfamily})")
}
}
class { '::mysql::server': }
class { '::rabbitmq':
delete_guest_user => true,
package_provider => $package_provider,
}
rabbitmq_vhost { '/':
provider => 'rabbitmqctl',
require => Class['rabbitmq'],
}
rabbitmq_user { 'trove':
admin => true,
password => 'an_even_bigger_secret',
provider => 'rabbitmqctl',
require => Class['rabbitmq'],
}
rabbitmq_user_permissions { 'trove@/':
configure_permission => '.*',
write_permission => '.*',
read_permission => '.*',
provider => 'rabbitmqctl',
require => Class['rabbitmq'],
}
# Keystone resources, needed by Trove to run
class { '::keystone::db::mysql':
password => 'keystone',
}
class { '::keystone':
verbose => true,
debug => true,
database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone',
admin_token => 'admin_token',
enabled => true,
}
class { '::keystone::roles::admin':
email => 'test@example.tld',
password => 'a_big_secret',
}
class { '::keystone::endpoint':
public_url => "https://${::fqdn}:5000/",
admin_url => "https://${::fqdn}:35357/",
}
# Trove resources
class { '::trove':
database_connection => 'mysql://trove:a_big_secret@127.0.0.1/trove?charset=utf8',
rabbit_userid => 'trove',
rabbit_password => 'an_even_bigger_secret',
rabbit_host => '127.0.0.1',
nova_proxy_admin_pass => 'a_big_secret',
}
class { '::trove::db::mysql':
password => 'a_big_secret',
}
class { '::trove::keystone::auth':
password => 'a_big_secret',
}
class { '::trove::api':
keystone_password => 'a_big_secret',
auth_url => 'http://127.0.0.1:35357/',
}
class { '::trove::client': }
class { '::trove::conductor': }
class { '::trove::taskmanager': }
EOS
# Run it twice and test for idempotency
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
end
describe port(8779) do
it { is_expected.to be_listening.with('tcp') }
end
end
end

View File

@ -0,0 +1,9 @@
HOSTS:
ubuntu-14.04-amd64:
roles:
- master
platform: ubuntu-14.04-amd64
hypervisor : none
ip: 127.0.0.1
CONFIG:
type: foss

View File

@ -0,0 +1,10 @@
HOSTS:
centos-70-x64:
roles:
- master
platform: el-7-x86_64
hypervisor : none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

View File

@ -0,0 +1,10 @@
HOSTS:
ubuntu-14.04-amd64:
roles:
- master
platform: ubuntu-14.04-amd64
hypervisor : none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

View File

@ -0,0 +1,194 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Unit tests for trove::api
#
require 'spec_helper'
describe 'trove::api' do
let :params do
{ :keystone_password => 'passw0rd',
:auth_host => '10.0.0.10',
:auth_url => 'http://10.0.0.10:5000/v2.0',
:auth_port => '35357',
:auth_protocol => 'https',
:keystone_tenant => '_services_',
:keystone_user => 'trove',
}
end
shared_examples 'trove-api' do
context 'with default parameters' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete'}"
end
it 'installs trove-api package and service' do
is_expected.to contain_service('trove-api').with(
:name => platform_params[:api_service_name],
:ensure => 'running',
:hasstatus => true,
:enable => true
)
is_expected.to contain_package('trove-api').with(
:name => platform_params[:api_package_name],
:ensure => 'present',
:notify => 'Service[trove-api]'
)
end
it 'configures trove-api with default parameters' do
is_expected.to contain_trove_config('DEFAULT/verbose').with_value(false)
is_expected.to contain_trove_config('DEFAULT/debug').with_value(false)
is_expected.to contain_trove_config('DEFAULT/bind_host').with_value('0.0.0.0')
is_expected.to contain_trove_config('DEFAULT/bind_port').with_value('8779')
is_expected.to contain_trove_config('DEFAULT/backlog').with_value('4096')
is_expected.to contain_trove_config('DEFAULT/trove_api_workers').with_value('8')
is_expected.to contain_trove_config('DEFAULT/trove_auth_url').with_value('http://10.0.0.10:5000/v2.0')
is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
is_expected.to contain_trove_config('keystone_authtoken/auth_host').with_value('10.0.0.10')
is_expected.to contain_trove_config('keystone_authtoken/auth_port').with_value('35357')
is_expected.to contain_trove_config('keystone_authtoken/auth_protocol').with_value('https')
is_expected.to contain_trove_config('keystone_authtoken/admin_tenant_name').with_value('_services_')
is_expected.to contain_trove_config('keystone_authtoken/admin_user').with_value('trove')
is_expected.to contain_trove_config('keystone_authtoken/admin_password').with_value('passw0rd')
end
context 'when using a single RabbitMQ server' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_host => '10.0.0.1'}"
end
it 'configures trove-api with RabbitMQ' do
is_expected.to contain_trove_config('oslo_messaging_rabbit/rabbit_host').with_value('10.0.0.1')
end
end
context 'when using multiple RabbitMQ servers' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_hosts => ['10.0.0.1','10.0.0.2']}"
end
it 'configures trove-api with RabbitMQ' do
is_expected.to contain_trove_config('oslo_messaging_rabbit/rabbit_hosts').with_value(['10.0.0.1,10.0.0.2'])
end
end
context 'when using MySQL' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
database_connection => 'mysql://trove:pass@10.0.0.1/trove'}"
end
it 'configures trove-api with RabbitMQ' do
is_expected.to contain_trove_config('database/connection').with_value('mysql://trove:pass@10.0.0.1/trove')
end
end
end
context 'with SSL enabled with kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true,
kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
kombu_ssl_certfile => '/path/to/ssl/cert/file',
kombu_ssl_keyfile => '/path/to/ssl/keyfile',
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL enabled without kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true}"
end
it do
is_expected.to contain_trove_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL disabled' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => false,
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent')
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:processorcount => 8 }
end
let :platform_params do
{ :api_package_name => 'trove-api',
:api_service_name => 'trove-api' }
end
it_configures 'trove-api'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:processorcount => 8 }
end
let :platform_params do
{ :api_package_name => 'openstack-trove-api',
:api_service_name => 'openstack-trove-api' }
end
it_configures 'trove-api'
end
end

View File

@ -0,0 +1,55 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Unit tests for trove::client
#
require 'spec_helper'
describe 'trove::client' do
shared_examples_for 'trove client' do
context 'with default parameters' do
it { is_expected.to contain_package('python-troveclient').with_ensure('present') }
end
context 'with package_ensure parameter provided' do
let :params do
{ :package_ensure => false }
end
it { is_expected.to contain_package('python-troveclient').with_ensure('false') }
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
it_configures 'trove client'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
it_configures 'trove client'
end
end

View File

@ -0,0 +1,153 @@
require 'spec_helper'
describe 'trove::conductor' do
shared_examples 'trove-conductor' do
context 'with default parameters' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete'}"
end
it 'installs trove-conductor package and service' do
is_expected.to contain_service('trove-conductor').with(
:name => platform_params[:conductor_service_name],
:ensure => 'running',
:hasstatus => true,
:enable => true
)
is_expected.to contain_package('trove-conductor').with(
:name => platform_params[:conductor_package_name],
:ensure => 'present',
:notify => 'Service[trove-conductor]'
)
end
it 'configures trove-conductor with default parameters' do
is_expected.to contain_trove_conductor_config('DEFAULT/verbose').with_value(false)
is_expected.to contain_trove_conductor_config('DEFAULT/debug').with_value(false)
is_expected.to contain_trove_conductor_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
is_expected.to contain_trove_conductor_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
is_expected.to contain_trove_conductor_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
end
context 'when using a single RabbitMQ server' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_host => '10.0.0.1'}"
end
it 'configures trove-conductor with RabbitMQ' do
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/rabbit_host').with_value('10.0.0.1')
end
end
context 'when using multiple RabbitMQ servers' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_hosts => ['10.0.0.1','10.0.0.2']}"
end
it 'configures trove-conductor with RabbitMQ' do
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/rabbit_hosts').with_value(['10.0.0.1,10.0.0.2'])
end
end
context 'when using MySQL' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
database_connection => 'mysql://trove:pass@10.0.0.1/trove'}"
end
it 'configures trove-conductor with RabbitMQ' do
is_expected.to contain_trove_conductor_config('database/connection').with_value('mysql://trove:pass@10.0.0.1/trove')
end
end
end
context 'with SSL enabled with kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true,
kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
kombu_ssl_certfile => '/path/to/ssl/cert/file',
kombu_ssl_keyfile => '/path/to/ssl/keyfile',
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL enabled without kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true}"
end
it do
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL disabled' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => false,
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_conductor_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent')
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:processorcount => 8 }
end
let :platform_params do
{ :conductor_package_name => 'trove-conductor',
:conductor_service_name => 'trove-conductor' }
end
it_configures 'trove-conductor'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:processorcount => 8 }
end
let :platform_params do
{ :conductor_package_name => 'openstack-trove-conductor',
:conductor_service_name => 'openstack-trove-conductor' }
end
it_configures 'trove-conductor'
end
end

View File

@ -0,0 +1,63 @@
require 'spec_helper'
describe 'trove::config' do
let :params do
{ :trove_config => {
'DEFAULT/foo' => { 'value' => 'fooValue' },
'DEFAULT/bar' => { 'value' => 'barValue' },
'DEFAULT/baz' => { 'ensure' => 'absent' }
},
:trove_taskmanager_config => {
'DEFAULT/foo2' => { 'value' => 'fooValue' },
'DEFAULT/bar2' => { 'value' => 'barValue' },
'DEFAULT/baz2' => { 'ensure' => 'absent' }
},
:trove_conductor_config => {
'DEFAULT/foo2' => { 'value' => 'fooValue' },
'DEFAULT/bar2' => { 'value' => 'barValue' },
'DEFAULT/baz2' => { 'ensure' => 'absent' }
},
:trove_guestagent_config => {
'DEFAULT/foo2' => { 'value' => 'fooValue' },
'DEFAULT/bar2' => { 'value' => 'barValue' },
'DEFAULT/baz2' => { 'ensure' => 'absent' }
},
:trove_api_paste_ini => {
'DEFAULT/foo2' => { 'value' => 'fooValue' },
'DEFAULT/bar2' => { 'value' => 'barValue' },
'DEFAULT/baz2' => { 'ensure' => 'absent' }
}
}
end
it 'configures arbitrary trove configurations' do
is_expected.to contain_trove_config('DEFAULT/foo').with_value('fooValue')
is_expected.to contain_trove_config('DEFAULT/bar').with_value('barValue')
is_expected.to contain_trove_config('DEFAULT/baz').with_ensure('absent')
end
it 'configures arbitrary trove taskmanager configurations' do
is_expected.to contain_trove_taskmanager_config('DEFAULT/foo2').with_value('fooValue')
is_expected.to contain_trove_taskmanager_config('DEFAULT/bar2').with_value('barValue')
is_expected.to contain_trove_taskmanager_config('DEFAULT/baz2').with_ensure('absent')
end
it 'configures arbitrary trove conductor configurations' do
is_expected.to contain_trove_conductor_config('DEFAULT/foo2').with_value('fooValue')
is_expected.to contain_trove_conductor_config('DEFAULT/bar2').with_value('barValue')
is_expected.to contain_trove_conductor_config('DEFAULT/baz2').with_ensure('absent')
end
it 'configures arbitrary trove guestagent configurations' do
is_expected.to contain_trove_guestagent_config('DEFAULT/foo2').with_value('fooValue')
is_expected.to contain_trove_guestagent_config('DEFAULT/bar2').with_value('barValue')
is_expected.to contain_trove_guestagent_config('DEFAULT/baz2').with_ensure('absent')
end
it 'configures arbitrary trove api-paste configurations' do
is_expected.to contain_trove_api_paste_ini('DEFAULT/foo2').with_value('fooValue')
is_expected.to contain_trove_api_paste_ini('DEFAULT/bar2').with_value('barValue')
is_expected.to contain_trove_api_paste_ini('DEFAULT/baz2').with_ensure('absent')
end
end

View File

@ -0,0 +1,109 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'trove::db::mysql' do
let :pre_condition do
[
'include mysql::server',
'include trove::db::sync'
]
end
let :params do
{ :dbname => 'trove',
:password => 's3cr3t',
:user => 'trove',
:charset => 'utf8',
:collate => 'utf8_general_ci',
:host => '127.0.0.1',
}
end
shared_examples_for 'trove mysql database' do
context 'when omiting the required parameter password' do
before { params.delete(:password) }
it { expect { is_expected.to raise_error(Puppet::Error) } }
end
it 'creates a mysql database' do
is_expected.to contain_openstacklib__db__mysql('trove').with(
:user => params[:user],
:dbname => params[:dbname],
:password_hash => '*58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0',
:host => params[:host],
:charset => params[:charset]
)
end
context 'overriding allowed_hosts param to array' do
before :each do
params.merge!(
:allowed_hosts => ['127.0.0.1','%']
)
end
it {
is_expected.to contain_openstacklib__db__mysql('trove').with(
:user => params[:user],
:dbname => params[:dbname],
:password_hash => '*58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0',
:host => params[:host],
:charset => params[:charset],
:allowed_hosts => ['127.0.0.1','%']
)}
end
context 'overriding allowed_hosts param to string' do
before :each do
params.merge!(
:allowed_hosts => '192.168.1.1'
)
end
it {
is_expected.to contain_openstacklib__db__mysql('trove').with(
:user => params[:user],
:dbname => params[:dbname],
:password_hash => '*58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0',
:host => params[:host],
:charset => params[:charset],
:allowed_hosts => '192.168.1.1'
)}
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
it_configures 'trove mysql database'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
it_configures 'trove mysql database'
end
end

View File

@ -0,0 +1,58 @@
require 'spec_helper'
describe 'trove::db::postgresql' do
let :req_params do
{ :password => 'pw' }
end
let :pre_condition do
'include postgresql::server'
end
context 'on a RedHat osfamily' do
let :facts do
{
:osfamily => 'RedHat',
:operatingsystemrelease => '7.0',
:concat_basedir => '/var/lib/puppet/concat'
}
end
context 'with only required parameters' do
let :params do
req_params
end
it { is_expected.to contain_postgresql__server__db('trove').with(
:user => 'trove',
:password => 'md5e12ef276d200761a0808f17a5b076451'
)}
end
end
context 'on a Debian osfamily' do
let :facts do
{
:operatingsystemrelease => '7.8',
:operatingsystem => 'Debian',
:osfamily => 'Debian',
:concat_basedir => '/var/lib/puppet/concat'
}
end
context 'with only required parameters' do
let :params do
req_params
end
it { is_expected.to contain_postgresql__server__db('trove').with(
:user => 'trove',
:password => 'md5e12ef276d200761a0808f17a5b076451'
)}
end
end
end

View File

@ -0,0 +1,158 @@
require 'spec_helper'
describe 'trove::guestagent' do
shared_examples 'trove-guestagent' do
context 'with default parameters' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete'}"
end
it 'installs trove-guestagent package and service' do
is_expected.to contain_service('trove-guestagent').with(
:name => platform_params[:guestagent_service_name],
:ensure => 'running',
:hasstatus => true,
:enable => true
)
is_expected.to contain_package('trove-guestagent').with(
:name => platform_params[:guestagent_package_name],
:ensure => 'present',
:notify => 'Service[trove-guestagent]'
)
end
it 'configures trove-guestagent with default parameters' do
is_expected.to contain_trove_guestagent_config('DEFAULT/verbose').with_value(false)
is_expected.to contain_trove_guestagent_config('DEFAULT/debug').with_value(false)
is_expected.to contain_trove_guestagent_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
is_expected.to contain_trove_guestagent_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
is_expected.to contain_trove_guestagent_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
end
context 'when using a single RabbitMQ server' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_host => '10.0.0.1'}"
end
it 'configures trove-guestagent with RabbitMQ' do
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/rabbit_host').with_value('10.0.0.1')
end
end
context 'when using multiple RabbitMQ servers' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_hosts => ['10.0.0.1','10.0.0.2']}"
end
it 'configures trove-guestagent with RabbitMQ' do
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/rabbit_hosts').with_value(['10.0.0.1,10.0.0.2'])
end
end
end
context 'with custom parameters' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete'}"
end
let :params do
{ :auth_url => "http://10.0.0.1:5000/v2.0",
:swift_url => "http://10.0.0.1:8080/v1/AUTH_" }
end
it 'configures trove-guestagent with custom parameters' do
is_expected.to contain_trove_guestagent_config('DEFAULT/trove_auth_url').with_value('http://10.0.0.1:5000/v2.0')
is_expected.to contain_trove_guestagent_config('DEFAULT/swift_url').with_value('http://10.0.0.1:8080/v1/AUTH_')
end
end
context 'with SSL enabled with kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true,
kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
kombu_ssl_certfile => '/path/to/ssl/cert/file',
kombu_ssl_keyfile => '/path/to/ssl/keyfile',
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL enabled without kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true}"
end
it do
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL disabled' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => false,
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent')
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:processorcount => 8 }
end
let :platform_params do
{ :guestagent_package_name => 'trove-guestagent',
:guestagent_service_name => 'trove-guestagent' }
end
it_configures 'trove-guestagent'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:processorcount => 8 }
end
let :platform_params do
{ :guestagent_package_name => 'openstack-trove-guestagent',
:guestagent_service_name => 'openstack-trove-guestagent' }
end
it_configures 'trove-guestagent'
end
end

View File

@ -0,0 +1,66 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Unit tests for trove::init
#
require 'spec_helper'
describe 'trove' do
let :params do
{ :nova_proxy_admin_pass => 'passw0rd',
:nova_compute_url => 'http://localhost:8774/v2',
:cinder_url => 'http://localhost:8776/v1',
:swift_url => 'http://localhost:8080/v1/AUTH_' }
end
shared_examples_for 'trove' do
context 'with default parameters' do
it {
is_expected.to contain_class('trove::params')
is_expected.to contain_trove_config('DEFAULT/nova_compute_url').with_value('http://localhost:8774/v2')
is_expected.to contain_trove_config('DEFAULT/cinder_url').with_value('http://localhost:8776/v1')
is_expected.to contain_trove_config('DEFAULT/swift_url').with_value('http://localhost:8080/v1/AUTH_')
}
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
it_configures 'trove'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
it 'installs common package' do
should contain_package('trove').with(
:name => 'openstack-trove',
:ensure => 'present',
)
end
it_configures 'trove'
end
end

View File

@ -0,0 +1,141 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Unit tests for trove::keystone::auth
#
require 'spec_helper'
describe 'trove::keystone::auth' do
let :facts do
{ :osfamily => 'Debian' }
end
describe 'with default class parameters' do
let :params do
{ :password => 'trove_password',
:tenant => 'foobar' }
end
it { is_expected.to contain_keystone_user('trove').with(
:ensure => 'present',
:password => 'trove_password',
:tenant => 'foobar'
) }
it { is_expected.to contain_keystone_user_role('trove@foobar').with(
:ensure => 'present',
:roles => ['admin']
)}
it { is_expected.to contain_keystone_service('trove').with(
:ensure => 'present',
:type => 'database',
:description => 'Trove Database Service'
) }
it { is_expected.to contain_keystone_endpoint('RegionOne/trove').with(
:ensure => 'present',
:public_url => "http://127.0.0.1:8779/v1.0/%(tenant_id)s",
:admin_url => "http://127.0.0.1:8779/v1.0/%(tenant_id)s",
:internal_url => "http://127.0.0.1:8779/v1.0/%(tenant_id)s"
) }
end
describe 'when configuring trove-server' do
let :pre_condition do
"class { 'trove::server': auth_password => 'test' }"
end
let :params do
{ :password => 'trove_password',
:tenant => 'foobar' }
end
end
describe 'when overriding endpoint URLs' do
let :params do
{ :password => 'passw0rd',
:public_url => 'https://10.10.10.10:80/v1.0/%(tenant_id)s',
:internal_url => 'http://10.10.10.11:81/v1.0/%(tenant_id)s',
:admin_url => 'http://10.10.10.12:81/v1.0/%(tenant_id)s' }
end
it { is_expected.to contain_keystone_endpoint('RegionOne/trove').with(
:ensure => 'present',
:public_url => 'https://10.10.10.10:80/v1.0/%(tenant_id)s',
:internal_url => 'http://10.10.10.11:81/v1.0/%(tenant_id)s',
:admin_url => 'http://10.10.10.12:81/v1.0/%(tenant_id)s'
) }
end
describe 'with deprecated endpoint parameters' do
let :params do
{ :password => 'trove_password',
:public_protocol => 'https',
:public_port => '80',
:public_address => '10.10.10.10',
:port => '81',
:internal_protocol => 'https',
:internal_address => '10.10.10.11',
:admin_protocol => 'https',
:admin_address => '10.10.10.12' }
end
it { is_expected.to contain_keystone_endpoint('RegionOne/trove').with(
:ensure => 'present',
:public_url => 'https://10.10.10.10:80/v1.0/%(tenant_id)s',
:internal_url => 'https://10.10.10.11:81/v1.0/%(tenant_id)s',
:admin_url => 'https://10.10.10.12:81/v1.0/%(tenant_id)s'
) }
end
describe 'when overriding auth name' do
let :params do
{ :password => 'foo',
:auth_name => 'trovey' }
end
it { is_expected.to contain_keystone_user('trovey') }
it { is_expected.to contain_keystone_user_role('trovey@services') }
it { is_expected.to contain_keystone_service('trovey') }
it { is_expected.to contain_keystone_endpoint('RegionOne/trovey') }
end
describe 'when overriding service name' do
let :params do
{ :service_name => 'trove_service',
:auth_name => 'trove',
:password => 'trove_password' }
end
it { is_expected.to contain_keystone_user('trove') }
it { is_expected.to contain_keystone_user_role('trove@services') }
it { is_expected.to contain_keystone_service('trove_service') }
it { is_expected.to contain_keystone_endpoint('RegionOne/trove_service') }
end
describe 'when disabling endpoint configuration' do
let :params do
{ :configure_endpoint => false,
:password => 'trove_password' }
end
it { is_expected.to_not contain_keystone_endpoint('RegionOne/neutron') }
end
end

View File

@ -0,0 +1,211 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Unit tests for trove::taskmanager
#
require 'spec_helper'
describe 'trove::taskmanager' do
shared_examples 'trove-taskmanager' do
context 'with default parameters' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete'}"
end
it 'installs trove-taskmanager package and service' do
is_expected.to contain_service('trove-taskmanager').with(
:name => platform_params[:taskmanager_service_name],
:ensure => 'running',
:hasstatus => true,
:enable => true
)
is_expected.to contain_package('trove-taskmanager').with(
:name => platform_params[:taskmanager_package_name],
:ensure => 'present',
:notify => 'Service[trove-taskmanager]'
)
end
it 'configures trove-taskmanager with default parameters' do
is_expected.to contain_trove_taskmanager_config('DEFAULT/verbose').with_value(false)
is_expected.to contain_trove_taskmanager_config('DEFAULT/debug').with_value(false)
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
end
context 'when using a single RabbitMQ server' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_host => '10.0.0.1'}"
end
it 'configures trove-taskmanager with RabbitMQ' do
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/rabbit_host').with_value('10.0.0.1')
end
end
context 'when using multiple RabbitMQ servers' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_hosts => ['10.0.0.1','10.0.0.2']}"
end
it 'configures trove-taskmanager with RabbitMQ' do
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/rabbit_hosts').with_value(['10.0.0.1,10.0.0.2'])
end
end
context 'when using MySQL' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
database_connection => 'mysql://trove:pass@10.0.0.1/trove'}"
end
it 'configures trove-taskmanager with RabbitMQ' do
is_expected.to contain_trove_taskmanager_config('database/connection').with_value('mysql://trove:pass@10.0.0.1/trove')
end
end
context 'when using Neutron' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
use_neutron => true}"
end
it 'configures trove to use the Neutron network driver' do
is_expected.to contain_trove_config('DEFAULT/network_driver').with_value('trove.network.neutron.NeutronDriver')
is_expected.to contain_trove_taskmanager_config('DEFAULT/network_driver').with_value('trove.network.neutron.NeutronDriver')
end
it 'configures trove to use any network label' do
is_expected.to contain_trove_config('DEFAULT/network_label_regex').with_value('.*')
is_expected.to contain_trove_taskmanager_config('DEFAULT/network_label_regex').with_value('.*')
end
end
context 'when using Nova Network' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
use_neutron => false}"
end
it 'configures trove to use the Nova Network network driver' do
is_expected.to contain_trove_config('DEFAULT/network_driver').with_value('trove.network.nova.NovaNetwork')
is_expected.to contain_trove_taskmanager_config('DEFAULT/network_driver').with_value('trove.network.nova.NovaNetwork')
end
it 'configures trove to use the "private" network label' do
is_expected.to contain_trove_config('DEFAULT/network_label_regex').with_value('^private$')
is_expected.to contain_trove_taskmanager_config('DEFAULT/network_label_regex').with_value('^private$')
end
end
end
context 'with SSL enabled with kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true,
kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
kombu_ssl_certfile => '/path/to/ssl/cert/file',
kombu_ssl_keyfile => '/path/to/ssl/keyfile',
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL enabled without kombu' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => true}"
end
it do
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
context 'with SSL disabled' do
let :pre_condition do
"class { 'trove':
nova_proxy_admin_pass => 'verysecrete',
rabbit_use_ssl => false,
kombu_ssl_version => 'TLSv1'}"
end
it do
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_trove_taskmanager_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent')
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:processorcount => 8 }
end
let :platform_params do
{ :taskmanager_package_name => 'trove-taskmanager',
:taskmanager_service_name => 'trove-taskmanager' }
end
it_configures 'trove-taskmanager'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:processorcount => 8 }
end
let :platform_params do
{ :taskmanager_package_name => 'openstack-trove-taskmanager',
:taskmanager_service_name => 'openstack-trove-taskmanager' }
end
it_configures 'trove-taskmanager'
end
end

View File

@ -0,0 +1,56 @@
shared_examples_for "a Puppet::Error" do |description|
it "with message matching #{description.inspect}" do
expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description)
end
end
shared_examples 'generic trove service' do |service|
context 'with default parameters' do
it 'installs package and service' do
is_expected.to contain_package(service[:name]).with({
:name => service[:package_name],
:ensure => 'present',
:notify => "Service[#{service[:name]}]"
})
is_expected.to contain_service(service[:name]).with({
:name => service[:service_name],
:ensure => 'stopped',
:hasstatus => true,
:enable => false
})
end
end
context 'with overridden parameters' do
let :params do
{ :enabled => true,
:ensure_package => '2014.1-1' }
end
it 'installs package and service' do
is_expected.to contain_package(service[:name]).with({
:name => service[:package_name],
:ensure => '2014.1-1',
:notify => "Service[#{service[:name]}]"
})
is_expected.to contain_service(service[:name]).with({
:name => service[:service_name],
:ensure => 'running',
:hasstatus => true,
:enable => true
})
end
end
context 'while not managing service state' do
let :params do
{ :enabled => false,
:manage_service => false }
end
it 'does not control service state' do
is_expected.to contain_service(service[:name]).without_ensure
end
end
end

View File

@ -0,0 +1,7 @@
require 'puppetlabs_spec_helper/module_spec_helper'
require 'shared_examples'
RSpec.configure do |c|
c.alias_it_should_behave_like_to :it_configures, 'configures'
c.alias_it_should_behave_like_to :it_raises, 'raises'
end

View File

@ -0,0 +1,56 @@
require 'beaker-rspec'
require 'beaker/puppet_install_helper'
run_puppet_install_helper
RSpec.configure do |c|
# Project root
proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
modname = JSON.parse(open('metadata.json').read)['name'].split('-')[1]
# Readable test descriptions
c.formatter = :documentation
# Configure all nodes in nodeset
c.before :suite do
# Install module and dependencies
hosts.each do |host|
# install git
install_package host, 'git'
zuul_ref = ENV['ZUUL_REF']
zuul_branch = ENV['ZUUL_BRANCH']
zuul_url = ENV['ZUUL_URL']
repo = 'openstack/puppet-openstack-integration'
# Start out with clean moduledir, don't trust r10k to purge it
on host, "rm -rf /etc/puppet/modules/*"
# Install dependent modules via git or zuul
r = on host, "test -e /usr/zuul-env/bin/zuul-cloner", { :acceptable_exit_codes => [0,1] }
if r.exit_code == 0
zuul_clone_cmd = '/usr/zuul-env/bin/zuul-cloner '
zuul_clone_cmd += '--cache-dir /opt/git '
zuul_clone_cmd += "--zuul-ref #{zuul_ref} "
zuul_clone_cmd += "--zuul-branch #{zuul_branch} "
zuul_clone_cmd += "--zuul-url #{zuul_url} "
zuul_clone_cmd += "git://git.openstack.org #{repo}"
on host, zuul_clone_cmd
else
on host, "git clone -b stable/kilo https://git.openstack.org/#{repo} #{repo}"
end
on host, "ZUUL_REF=#{zuul_ref} ZUUL_BRANCH=#{zuul_branch} ZUUL_URL=#{zuul_url} bash #{repo}/install_modules.sh"
# Install the module being tested
on host, "rm -fr /etc/puppet/modules/#{modname}"
puppet_module_install(:source => proj_root, :module_name => modname)
on host, "rm -fr #{repo}"
# List modules installed to help with debugging
on host, puppet('module','list'), { :acceptable_exit_codes => 0 }
end
end
end

View File

@ -0,0 +1,37 @@
# these tests are a little concerning b/c they are hacking around the
# modulepath, so these tests will not catch issues that may eventually arise
# related to loading these plugins.
# I could not, for the life of me, figure out how to programatcally set the modulepath
$LOAD_PATH.push(
File.join(
File.dirname(__FILE__),
'..',
'..',
'..',
'fixtures',
'modules',
'inifile',
'lib')
)
require 'spec_helper'
provider_class = Puppet::Type.type(:trove_config).provider(:ini_setting)
describe provider_class do
it 'should default to the default setting when no other one is specified' do
resource = Puppet::Type::Trove_config.new(
{:name => 'DEFAULT/foo', :value => 'bar'}
)
provider = provider_class.new(resource)
expect(provider.section).to eq('DEFAULT')
expect(provider.setting).to eq('foo')
end
it 'should allow setting to be set explicitly' do
resource = Puppet::Type::Trove_config.new(
{:name => 'dude/foo', :value => 'bar'}
)
provider = provider_class.new(resource)
expect(provider.section).to eq('dude')
expect(provider.setting).to eq('foo')
end
end

View File

@ -0,0 +1,57 @@
require 'puppet'
require 'spec_helper'
require 'puppet/provider/trove_datastore/trove'
provider_class = Puppet::Type.type(:trove_datastore).provider(:trove)
describe provider_class do
let :datastore_name do
'foo'
end
let :resource do
Puppet::Type::Trove_datastore.new({
:name => datastore_name,
:version => '0.1',
:ensure => 'present',
})
end
let :provider do
described_class.new(resource)
end
before :each do
described_class.stubs(:list_trove_resources).with('datastore').returns([
resource
])
end
describe "self.instances" do
it "should have an instances method" do
expect(provider.class).to respond_to(:instances)
end
it "should list instances" do
datastores = described_class.instances
expect(datastores.size).to eq(1)
datastores.map {|provider| provider.name} == datastore_name
end
end
describe '#create' do
it 'should call trove-manage' do
provider.expects(:trove_manage).with(
['trove-manage', 'datastore_update', datastore_name, "''"]
).returns(0)
provider.expects(:trove_manage).with(
['trove-manage', 'datastore_update', datastore_name, "0.1"]
).returns(0)
provider.create
end
end
end

View File

@ -0,0 +1,50 @@
require 'puppet'
require 'spec_helper'
require 'puppet/provider/trove_datastore_version/trove'
provider_class = Puppet::Type.type(:trove_datastore_version).provider(:trove)
describe provider_class do
let :datastore_name do
'foo'
end
let :datastore_version do
'1.0'
end
let :resource do
Puppet::Type::Trove_datastore_version.new({
:name => datastore_version,
:ensure => 'present',
:datastore => datastore_name,
:manager => 'mysql',
:image_id => '1234',
:packages => 'mysql',
:active => 1
})
end
let :provider do
described_class.new(resource)
end
describe "self.instances" do
it "should have an instances method" do
expect(provider.class).to respond_to(:instances)
end
end
describe '#create' do
it 'should call trove-manage' do
provider.expects(:trove_manage).with(
['trove-manage', 'datastore_version_update', datastore_name, "1.0",
'mysql', '1234', 'mysql', '1']
).returns(0)
provider.create
end
end
end

View File

@ -0,0 +1,14 @@
require 'puppet'
require 'spec_helper'
require 'puppet/provider/trove'
klass = Puppet::Provider::Trove
describe Puppet::Provider::Trove do
after :each do
klass.reset
end
end

View File

@ -0,0 +1,52 @@
require 'puppet'
require 'puppet/type/trove_config'
describe 'Puppet::Type.type(:trove_config)' do
before :each do
@trove_config = Puppet::Type.type(:trove_config).new(:name => 'DEFAULT/foo', :value => 'bar')
end
it 'should require a name' do
expect {
Puppet::Type.type(:trove_config).new({})
}.to raise_error(Puppet::Error, 'Title or name must be provided')
end
it 'should not expect a name with whitespace' do
expect {
Puppet::Type.type(:trove_config).new(:name => 'f oo')
}.to raise_error(Puppet::Error, /Parameter name failed/)
end
it 'should fail when there is no section' do
expect {
Puppet::Type.type(:trove_config).new(:name => 'foo')
}.to raise_error(Puppet::Error, /Parameter name failed/)
end
it 'should not require a value when ensure is absent' do
Puppet::Type.type(:trove_config).new(:name => 'DEFAULT/foo', :ensure => :absent)
end
it 'should accept a valid value' do
@trove_config[:value] = 'bar'
expect(@trove_config[:value]).to eq('bar')
end
it 'should not accept a value with whitespace' do
@trove_config[:value] = 'b ar'
expect(@trove_config[:value]).to eq('b ar')
end
it 'should accept valid ensure values' do
@trove_config[:ensure] = :present
expect(@trove_config[:ensure]).to eq(:present)
@trove_config[:ensure] = :absent
expect(@trove_config[:ensure]).to eq(:absent)
end
it 'should not accept invalid ensure values' do
expect {
@trove_config[:ensure] = :latest
}.to raise_error(Puppet::Error, /Invalid value/)
end
end

View File

@ -0,0 +1,182 @@
#!/bin/sh
#
# rabbitmq-server Trove RabbitMQ broker
#
# chkconfig: - 80 05
# description: Enable AMQP service provided by RabbitMQ
#
### BEGIN INIT INFO
# Provides: rabbitmq-server
# Required-Start: $remote_fs $network
# Required-Stop: $remote_fs $network
# Description: RabbitMQ broker
# Short-Description: Enable AMQP service provided by RabbitMQ broker for Trove
### END INIT INFO
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
NAME="rabbitmq-server-trove"
DAEMON="/usr/sbin/rabbitmq-server"
CONTROL="/usr/sbin/rabbitmqctl"
DESC="Trove RabbitMQ Server"
USER="rabbitmq"
ROTATE_SUFFIX=".old"
export RABBITMQ_LOG_DIR="/var/log/rabbitmq"
export RABBITMQ_PID_FILE="/var/run/rabbitmq-trove/pid"
export RABBITMQ_CONFIG_FILE="/etc/rabbitmq/rabbitmq-trove"
export RABBITMQ_MNESIA_BASE="/var/lib/rabbitmq/mnesia-trove"
export RABBITMQ_LOG_BASE="/var/log/rabbitmq-trove"
export RABBITMQ_ENABLED_PLUGINS_FILE="/etc/rabbitmq/enabled_plugins_trove"
export RABBITMQ_NODENAME="trove@localhost"
export RABBITMQ_NODE_PORT="<%= @rabbit_port %>"
export RABBITMQ_NODE_IP_ADDRESS="0.0.0.0"
START_PROG="runuser rabbitmq --session-command"
LOCK_FILE="/var/lock/subsys/${NAME}"
test -x "${DAEMON}" || exit 0
test -x "${CONTROL}" || exit 0
CONTROL="${CONTROL} -n ${RABBITMQ_NODENAME}"
RETVAL="0"
[ -f /etc/default/${NAME} ] && . /etc/default/${NAME}
check_dir () {
mkdir -p "${1}"
chown -R "${USER}:${USER}" "${1}"
chmod "755" "${1}"
}
ensure_dirs () {
PID_DIR=`dirname ${RABBITMQ_PID_FILE}`
check_dir "${PID_DIR}"
check_dir "${RABBITMQ_LOG_DIR}"
check_dir "${RABBITMQ_LOG_BASE}"
check_dir "${RABBITMQ_MNESIA_BASE}"
}
remove_pid () {
rm -f "${RABBITMQ_PID_FILE}"
}
start_rabbitmq () {
status_rabbitmq quiet
if [ "${RETVAL}" = "0" ] ; then
echo "Trove RabbitMQ is currently running!"
RETVAL="0"
return
fi
ensure_dirs
${START_PROG} "${DAEMON}" 1> "${RABBITMQ_LOG_BASE}/startup_log" 2> "${RABBITMQ_LOG_BASE}/startup_err" 0<&- &
${CONTROL} wait "${RABBITMQ_PID_FILE}" 1> "/dev/null" 2>&1
RETVAL="${?}"
if [ "${RETVAL}" -gt "0" ]; then
remove_pid
echo "Trove RabbitMQ start FAILED!"
RETVAL="1"
else
echo "Trove RabbitMQ start SUCCESS!"
if [ -n "${LOCK_FILE}" ]; then
touch "${LOCK_FILE}"
fi
RETVAL="0"
fi
}
stop_rabbitmq () {
status_rabbitmq quiet
if [ "${RETVAL}" != 0 ]; then
echo "RabbitMQ is not running!"
RETVAL="0"
return
fi
${CONTROL} stop "${RABBITMQ_PID_FILE}" > "${RABBITMQ_LOG_BASE}/shutdown_log" 2> "${RABBITMQ_LOG_BASE}/shutdown_err"
RETVAL="${?}"
if [ "${RETVAL}" = "0" ] ; then
remove_pid
echo "Trove RabbitMQ stop SUCCESS!"
if [ -n "{$LOCK_FILE}" ] ; then
rm -f "${LOCK_FILE}"
fi
RETVAL="0"
else
echo "Trove RabbitMQ stop FAILED!"
RETVAL="1"
fi
}
status_rabbitmq () {
if [ "${1}" != "quiet" ] ; then
${CONTROL} status 2>&1
else
${CONTROL} status > /dev/null 2>&1
fi
if [ "${?}" != "0" ]; then
RETVAL="3"
fi
}
rotate_logs_rabbitmq () {
${CONTROL} rotate_logs "${ROTATE_SUFFIX}"
if [ $? != 0 ]; then
RETVAL="1"
fi
}
restart_running_rabbitmq () {
status_rabbitmq quiet
if [ "${RETVAL}" != "0" ]; then
echo "RabbitMQ is not runnning!"
exit 0
fi
restart_rabbitmq
}
restart_rabbitmq () {
stop_rabbitmq
start_rabbitmq
}
case "${1}" in
start)
echo "Starting $DESC"
start_rabbitmq
;;
stop)
echo "Stopping $DESC"
stop_rabbitmq
;;
status)
status_rabbitmq
;;
rotate-logs)
echo "Rotating log files for $DESC"
rotate_logs_rabbitmq
;;
force-reload|reload|restart)
echo "Restarting $DESC"
restart_rabbitmq
;;
try-restart)
echo "Restarting $DESC"
restart_running_rabbitmq
;;
*)
echo "Usage: $0 {start|stop|status|rotate-logs|restart|condrestart|try-restart|reload|force-reload}" >&2
exit 1
;;
esac
exit "${RETVAL}"

View File

@ -0,0 +1,231 @@
#!/bin/sh
#
# rabbitmq-server Trove RabbitMQ broker
#
# chkconfig: - 80 05
# description: Enable AMQP service provided by RabbitMQ
#
### BEGIN INIT INFO
# Provides: rabbitmq-server
# Required-Start: $remote_fs $network
# Required-Stop: $remote_fs $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: RabbitMQ broker
# Short-Description: Enable AMQP service provided by RabbitMQ broker for Trove
### END INIT INFO
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
NAME="rabbitmq-server-trove"
DAEMON="/usr/sbin/rabbitmq-server"
CONTROL="/usr/sbin/rabbitmqctl"
DESC="Trove RabbitMQ Server"
USER="rabbitmq"
ROTATE_SUFFIX=".old"
export RABBITMQ_LOG_DIR="/var/log/rabbitmq"
export RABBITMQ_PID_FILE="/var/run/rabbitmq-trove/pid"
export RABBITMQ_CONFIG_FILE="/etc/rabbitmq/rabbitmq-trove"
export RABBITMQ_MNESIA_BASE="/var/lib/rabbitmq/mnesia-trove"
export RABBITMQ_LOG_BASE="/var/log/rabbitmq-trove"
export RABBITMQ_ENABLED_PLUGINS_FILE="/etc/rabbitmq/enabled_plugins_trove"
export RABBITMQ_NODENAME="trove@localhost"
export RABBITMQ_NODE_PORT="<%= @rabbit_port %>"
export RABBITMQ_NODE_IP_ADDRESS="0.0.0.0"
LOCK_DIR="/var/lock/rabbitmq"
LOCK_FILE="${LOCK_DIR}/${NAME}"
mkdir -p "${LOCK_DIR}"
chown -R "${USER}:${USER}" "${LOCK_DIR}"
test -x "${DAEMON}" || exit 0
test -x "${CONTROL}" || exit 0
CONTROL="${CONTROL} -n ${RABBITMQ_NODENAME}"
RETVAL="0"
[ -f /etc/default/${NAME} ] && . /etc/default/${NAME}
check_dir () {
mkdir -p "${1}"
chown -R "${USER}:${USER}" "${1}"
chmod "755" "${1}"
}
ensure_dirs () {
PID_DIR=`dirname ${RABBITMQ_PID_FILE}`
check_dir "${PID_DIR}"
check_dir "${RABBITMQ_LOG_DIR}"
check_dir "${RABBITMQ_LOG_BASE}"
check_dir "${RABBITMQ_MNESIA_BASE}"
}
remove_pid () {
rm -f "${RABBITMQ_PID_FILE}"
}
#####
c_start_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL != 0 ] ; then
#Slave nodes fail to start until master is not up and running
#So, give slaves several attempts to start
#Rabbit database will be moved out before last attempt.
local MAX_START_ATTEMPTS=3
printf '%s\n' "RabbitMQ is going to make ${MAX_START_ATTEMPTS} \
attempts to find master node and start."
while test $MAX_START_ATTEMPTS -ne 0
do
RETVAL=0
ensure_pid_dir
printf '%s\n' "${MAX_START_ATTEMPTS} attempts left to start \
RabbitMQ Server before consider start failed."
if [ $MAX_START_ATTEMPTS = 1 ] ; then
move_out_rabbit_database_to_backup
fi
set +e
RABBITMQ_PID_FILE=$PID_FILE start-stop-daemon --quiet \
--chuid rabbitmq --start --exec $DAEMON \
--pidfile "$RABBITMQ_PID_FILE" --background
$CONTROL wait $PID_FILE >/dev/null 2>&1
RETVAL=$?
set -e
if [ $RETVAL != 0 ] ; then
remove_pid
else
if [ $MAX_START_ATTEMPTS = 1 ] ; then
set_nova_rabbit_credentials
RETVAL=0
fi
break
fi
MAX_START_ATTEMPTS=$((MAX_START_ATTEMPTS - 1))
done
else
RETVAL=3
fi
}
#####
start_rabbitmq () {
status_rabbitmq quiet
if [ "${RETVAL}" = "0" ] ; then
echo "Trove RabbitMQ is currently running!"
RETVAL="0"
return
fi
ensure_dirs
start-stop-daemon --quiet --chuid rabbitmq \
--start --exec "${DAEMON}" \
--pidfile "${RABBITMQ_PID_FILE}" --background
${CONTROL} wait "${RABBITMQ_PID_FILE}" 1> "/dev/null" 2>&1
RETVAL="${?}"
if [ "${RETVAL}" -gt "0" ]; then
remove_pid
echo "Trove RabbitMQ start FAILED!"
RETVAL="1"
else
echo "Trove RabbitMQ start SUCCESS!"
if [ -n "${LOCK_FILE}" ]; then
touch "${LOCK_FILE}"
fi
RETVAL="0"
fi
}
stop_rabbitmq () {
status_rabbitmq quiet
if [ "${RETVAL}" != 0 ]; then
echo "RabbitMQ is not running!"
RETVAL="0"
return
fi
${CONTROL} stop "${RABBITMQ_PID_FILE}" > "${RABBITMQ_LOG_BASE}/shutdown_log" 2> "${RABBITMQ_LOG_BASE}/shutdown_err"
RETVAL="${?}"
if [ "${RETVAL}" = "0" ] ; then
remove_pid
echo "Trove RabbitMQ stop SUCCESS!"
if [ -n "{$LOCK_FILE}" ] ; then
rm -f "${LOCK_FILE}"
fi
RETVAL="0"
else
echo "Trove RabbitMQ stop FAILED!"
RETVAL="1"
fi
}
status_rabbitmq () {
if [ "${1}" != "quiet" ] ; then
${CONTROL} status 2>&1
else
${CONTROL} status > /dev/null 2>&1
fi
if [ "${?}" != "0" ]; then
RETVAL="3"
fi
}
rotate_logs_rabbitmq () {
${CONTROL} rotate_logs "${ROTATE_SUFFIX}"
if [ $? != 0 ]; then
RETVAL="1"
fi
}
restart_running_rabbitmq () {
status_rabbitmq quiet
if [ "${RETVAL}" != "0" ]; then
echo "RabbitMQ is not runnning!"
exit 0
fi
restart_rabbitmq
}
restart_rabbitmq () {
stop_rabbitmq
start_rabbitmq
}
case "${1}" in
start)
echo "Starting $DESC"
start_rabbitmq
;;
stop)
echo "Stopping $DESC"
stop_rabbitmq
;;
status)
status_rabbitmq
;;
rotate-logs)
echo "Rotating log files for $DESC"
rotate_logs_rabbitmq
;;
force-reload|reload|restart)
echo "Restarting $DESC"
restart_rabbitmq
;;
try-restart)
echo "Restarting $DESC"
restart_running_rabbitmq
;;
*)
echo "Usage: $0 {start|stop|status|rotate-logs|restart|condrestart|try-restart|reload|force-reload}" >&2
exit 1
;;
esac
exit "${RETVAL}"

View File

@ -0,0 +1,7 @@
[
{rabbit, [{tcp_listeners, [<%= @rabbit_port %>]}]},
{kernel,[
{inet_dist_listen_min, <%= @rabbit_cluster_port %>},
{inet_dist_listen_max, <%= @rabbit_cluster_port %>}
]}
].

View File

@ -0,0 +1,73 @@
[DEFAULT]
# Show more verbose log output (sets INFO log level output)
verbose = <%= @verbose %>
# Show debugging output in logs (sets DEBUG log level output)
debug = <%= @debug %>
# Address to bind the API server
bind_host = 0.0.0.0
# Port the bind the API server to
bind_port = 8778
# AMQP Connection info
rabbit_user=<%= @rabbit_userid %>
rabbit_password=<%= @rabbit_password %>
# Path to the extensions
api_extensions_path = trove/extensions/routes
# Configuration options for talking to nova via the novaclient.
# These options are for an admin user in your keystone config.
# It proxies the token received from the user to send to nova via this admin users creds,
# basically acting like the client via that proxy token.
nova_proxy_admin_user = <%= @nova_proxy_admin_user %>
nova_proxy_admin_pass = <%= @nova_proxy_admin_pass %>
nova_proxy_admin_tenant_name = <%= @nova_proxy_admin_tenant_name %>
trove_auth_url = <%= @auth_url %>
swift_url = http://localhost:8080/v1/AUTH_
# Datastore management implementations. Format datastore:manager.impl
# datastore_registry_ext = mysql:trove.guestagent.datastore.mysql.manager.Manager, percona:trove.guestagent.datastore.mysql.manager.Manager
# Root configuration
root_grant = ALL
root_grant_option = True
#root_grant = ALTER ROUTINE, CREATE, ALTER, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW, CREATE USER, DELETE, DROP, EVENT, EXECUTE, INDEX, INSERT, LOCK TABLES, PROCESS, REFERENCES, SELECT, SHOW DATABASES, SHOW VIEW, TRIGGER, UPDATE, USAGE
#root_grant_option = False
# used by passlib to generate root password
#default_password_length = 36
# For communicating with trove-conductor
control_exchange = <%= @control_exchange %>
# ============ kombu connection options ========================
rabbit_host=<%= @rabbit_host %>
# ============ Logging information =============================
log_dir = /tmp/
log_file = logfile.txt
# Users to ignore for user create/list/delete operations
ignore_users = os_admin
ignore_dbs = lost+found, mysql, information_schema
# Strategy information for backups
backup_namespace = trove.guestagent.strategies.backup.mysql_impl
# Additional commandline options to be passed to the backup runner (by strategy). For example:
# backup_runner_options = InnoBackupEx:--no-lock, MySQLDump:--events --routines --triggers
restore_namespace = trove.guestagent.strategies.restore.mysql_impl
storage_strategy = SwiftStorage
storage_namespace = trove.guestagent.strategies.storage.swift
backup_swift_container = database_backups
backup_use_gzip_compression = True
backup_use_openssl_encryption = True
backup_aes_cbc_key = "default_aes_cbc_key"
backup_use_snet = False
backup_chunk_size = 65536
backup_segment_max_size = 2147483648

View File

@ -1,38 +1,84 @@
# These tasks will be merged into deployment graph. Here you
# can specify new tasks for any roles, even built-in ones.
- id: fuel-plugin-dbaas-trove
- id: trove
type: group
role: [fuel-plugin-dbaas-trove]
- id: fuel-plugin-dbaas-trove-deployment-puppet
type: puppet
groups: [fuel-plugin-dbaas-trove]
required_for: [deploy_end]
role: [trove]
requires: [deploy_start]
required_for: [deploy_end]
tasks:
- fuel_pkgs
- hiera
- globals
- logging
- tools
- netconfig
- hosts
- firewall
parameters:
puppet_manifest: "deploy.pp"
puppet_modules: ""
timeout: 3600
strategy:
type: parallel
#- id: fuel-plugin-dbaas-trove-post-deployment-sh
# type: shell
# role: [fuel-plugin-dbaas-trove]
# required_for: [post_deployment_end]
# requires: [post_deployment_start]
# parameters:
# cmd: echo post_deployment_task_executed > /tmp/post_deployment
# retries: 3
# interval: 20
# timeout: 180
- id: trove-haproxy
type: puppet
groups: ['primary-controller', 'controller']
required_for: [task-trove, deploy_end]
requires: [deploy_start, cluster-haproxy]
parameters:
puppet_manifest: puppet/manifests/haproxy.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800
#- id: fuel-plugin-dbaas-trove-pre-deployment-sh
# type: shell
# role: [fuel-plugin-dbaas-trove]
# required_for: [pre_deployment_end]
# requires: [pre_deployment_start]
# parameters:
# cmd: echo pre_deployment_task_executed > /tmp/pre_deployment
# retries: 3
# interval: 20
# timeout: 180
- id: task-trove-db
type: puppet
groups: ['primary-controller', 'controller']
required_for: [task-trove]
requires: [database]
parameters:
puppet_manifest: puppet/manifests/db.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800
- id: trove-keystone
type: puppet
groups: ['primary-controller', 'controller']
required_for: [task-trove]
requires: [keystone]
parameters:
puppet_manifest: puppet/manifests/keystone.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800
- id: task-trove
type: puppet
groups: [trove]
required_for: [deploy_end]
requires: [rabbitmq, trove-haproxy, task-trove-db, trove-keystone, task-rabbitmq]
parameters:
puppet_manifest: puppet/manifests/trove.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800
##############################################
# RabbitMQ and Cluster
# Deployment tasks
- id: task-rabbitmq
type: puppet
groups: [trove]
requires: [task-rabbitmq-cluster]
required_for: [task-trove]
parameters:
puppet_manifest: puppet/manifests/rabbitmq.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800
- id: task-rabbitmq-cluster
type: puppet
groups: [trove]
requires: [hosts, firewall, deploy_start]
required_for: [task-rabbitmq]
parameters:
puppet_manifest: puppet/manifests/cluster.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800

View File

@ -1,7 +1,11 @@
attributes:
fuel-plugin-dbaas-trove_text:
value: 'Set default value'
label: 'Text field'
description: 'Description for text field'
weight: 25
type: "text"
attributes:
metadata:
label: "Trove Service"
weight: 90
db_password:
generator: "password"
user_password:
generator: "password"
rabbit_password:
generator: "password"
rabbit_user: "trove"

View File

@ -1,19 +1,19 @@
# Plugin name
name: fuel-plugin-dbaas-trove
# Human-readable name for your plugin
title: Title for fuel-plugin-dbaas-trove plugin
title: Trove Service
# Plugin version
version: '1.0.0'
# Description
description: Enable to use plugin X for Neutron
description: Trove plugin for Fuel provides the functionality to deploy OpenStack Trove for providing scalable and reliable Cloud Database as a Service provisioning functionality
# Required fuel version
fuel_version: ['7.0']
# Specify license of your plugin
licenses: ['Apache License Version 2.0']
# Specify author or company name
authors: ['Specify author or company name']
authors: ['Shaik Apsar']
# A link to the plugin's page
homepage: 'https://github.com/stackforge/fuel-plugins'
homepage: 'https://github.com/openstack/fuel-plugin-dbaas-trove'
# Specify a group which your plugin implements, possible options:
# network, storage, storage::cinder, storage::glance, hypervisor
groups: []
@ -22,6 +22,16 @@ groups: []
releases:
- os: ubuntu
version: 2015.1.0-7.0
mode: ['ha', 'multinode']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/ubuntu
- os: ubuntu
version: 2015.2.0-7.0
mode: ['ha', 'multinode']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/ubuntu
- os: ubuntu
version: 2015.2.0-8.0
mode: ['ha']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/ubuntu

View File

@ -1,15 +1,11 @@
# Unique network role name
- id: "example_net_role"
- id: "trove/api"
# Role mapping to network
default_mapping: "public"
default_mapping: "management"
properties:
# Should be true if network role requires subnet being set
subnet: true
# Should be true if network role requires gateway being set
gateway: false
gateway: true
# List of VIPs to be allocated
vip:
# Unique VIP name
- name: "vip_name"
# Optional linux namespace for VIP
namespace: "haproxy"
vip: []

View File

@ -1,8 +1,8 @@
fuel-plugin-dbaas-trove:
trove:
# Role name
name: "Set here the name for the role. This name will be displayed in the Fuel web UI"
name: "Trove"
# Role description
description: "Write description for your role"
description: "Trove"
# If primaty then during orchestration this role will be
# splitted into primary-role and role
has_primary: false
@ -10,4 +10,9 @@ fuel-plugin-dbaas-trove:
public_ip_required: false
# Weight that will be used to sort out the
# roles on the Fuel web UI
weight: 1000
weight: 100
update_required:
- trove
- controller
conflicts:
- controller

View File

@ -1,5 +1,3 @@
#!/bin/bash
# Add here any the actions which are required before plugin build
# like packages building, packages downloading from mirrors and so on.
# The script should return 0 if there were no errors.
# Nothing here

View File

@ -2,6 +2,7 @@ volumes_roles_mapping:
# Default role mapping
fuel-plugin-dbaas-trove:
- {allocate_size: "min", id: "os"}
- {allocate_size: "min", id: "logs"}
# Set here new volumes for your role
volumes: []