x
/
fuel-plugin-manila
Code Issues Proposed changes

add the manila puppet module

This commit is contained in:
Igor Gajsin 2016-07-04 14:00:21 +03:00
parent 9b68e28916
commit 27267f43dd
36 changed files with 2838 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
deployment_scripts/deploy.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
# It's a script which deploys your plugin
echo fuel-plugin-vmware-dvs > /tmp/fuel-plugin-vmware-dvs

196
deployment_scripts/puppet/modules/manila/api.pp Normal file
View File

@ -0,0 +1,196 @@
# == Class: manila::api
#
# Setup and configure the manila API endpoint
#
# === Parameters
#
# [*keystone_password*]
# The password to use for authentication (keystone)
#
# [*keystone_enabled*]
# (optional) Use keystone for authentification
# Defaults to true
#
# [*keystone_tenant*]
# (optional) The tenant of the auth user
# Defaults to services
#
# [*keystone_user*]
# (optional) The name of the auth user
# Defaults to manila
#
# [*keystone_auth_host*]
# (optional) The keystone host
# Defaults to localhost
#
# [*keystone_auth_port*]
# (optional) The keystone auth port
# Defaults to 35357
#
# [*keystone_auth_protocol*]
# (optional) The protocol used to access the auth host
# Defaults to http.
#
# [*os_region_name*]
# (optional) Some operations require manila to make API requests
# to Nova. This sets the keystone region to be used for these
# requests. For example, boot-from-share.
# Defaults to undef.
#
# [*keystone_auth_admin_prefix*]
# (optional) The admin_prefix used to admin endpoint of the auth host
# This allow admin auth URIs like http://auth_host:35357/keystone.
# (where '/keystone' is the admin prefix)
# Defaults to false for empty. If defined, should be a string with a
# leading '/' and no trailing '/'.
#
# [*keystone_auth_uri*]
# (Optional) Public Identity API endpoint.
# Defaults to false.
#
# [*service_port*]
# (optional) The manila api port
# Defaults to 5000
#
# [*package_ensure*]
# (optional) The state of the package
# Defaults to present
#
# [*bind_host*]
# (optional) The manila api bind address
# Defaults to 0.0.0.0
#
# [*enabled*]
# (optional) The state of the service
# Defaults to true
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*ratelimits*]
# (optional) The state of the service
# Defaults to undef. If undefined the default ratelimiting values are used.
#
# [*ratelimits_factory*]
# (optional) Factory to use for ratelimiting
# Defaults to 'manila.api.v1.limits:RateLimitingMiddleware.factory'
#
class manila::api (
$keystone_password,
$keystone_enabled = true,
$keystone_tenant = 'services',
$keystone_user = 'manila',
$keystone_auth_host = 'localhost',
$keystone_auth_port = '35357',
$keystone_auth_protocol = 'http',
$keystone_auth_admin_prefix = false,
$keystone_auth_uri = false,
$os_region_name = undef,
$service_port = '5000',
$package_ensure = 'present',
$bind_host = '0.0.0.0',
$enabled = true,
$manage_service = true,
$ratelimits = undef,
$ratelimits_factory =
'manila.api.v1.limits:RateLimitingMiddleware.factory'
) {
include ::manila::params
require ::keystone::python
Manila_config<||> ~> Service['manila-api']
Manila_api_paste_ini<||> ~> Service['manila-api']
if $::manila::params::api_package {
Package['manila-api'] -> Service['manila-api']
package { 'manila-api':
ensure => $package_ensure,
name => $::manila::params::api_package,
tag => ['openstack', 'manila-package'],
}
}
if $enabled {
Manila_config<||> ~> Exec['manila-manage db_sync']
exec { 'manila-manage db_sync':
command => $::manila::params::db_sync_command,
path => '/usr/bin',
user => 'manila',
refreshonly => true,
logoutput => 'on_failure',
require => Package['manila'],
}
if $manage_service {
$ensure = 'running'
}
} else {
if $manage_service {
$ensure = 'stopped'
}
}
service { 'manila-api':
ensure => $ensure,
name => $::manila::params::api_service,
enable => $enabled,
hasstatus => true,
require => Package['manila'],
tag => 'manila-service',
}
manila_config {
'DEFAULT/osapi_share_listen': value => $bind_host,
}
if $os_region_name {
manila_config {
'DEFAULT/os_region_name': value => $os_region_name;
}
}
if $keystone_auth_uri {
manila_api_paste_ini { 'filter:authtoken/auth_uri': value => $keystone_auth_uri; }
} else {
manila_api_paste_ini { 'filter:authtoken/auth_uri': value => "${keystone_auth_protocol}://${keystone_auth_host}:${service_port}/"; }
}
if $keystone_enabled {
manila_config {
'DEFAULT/auth_strategy': value => 'keystone' ;
}
manila_api_paste_ini {
'filter:authtoken/service_protocol': value => $keystone_auth_protocol;
'filter:authtoken/service_host': value => $keystone_auth_host;
'filter:authtoken/service_port': value => $service_port;
'filter:authtoken/auth_protocol': value => $keystone_auth_protocol;
'filter:authtoken/auth_host': value => $keystone_auth_host;
'filter:authtoken/auth_port': value => $keystone_auth_port;
'filter:authtoken/admin_tenant_name': value => $keystone_tenant;
'filter:authtoken/admin_user': value => $keystone_user;
'filter:authtoken/admin_password': value => $keystone_password, secret => true;
}
if ($ratelimits != undef) {
manila_api_paste_ini {
'filter:ratelimit/paste.filter_factory': value => $ratelimits_factory;
'filter:ratelimit/limits': value => $ratelimits;
}
}
if $keystone_auth_admin_prefix {
validate_re($keystone_auth_admin_prefix, '^(/.+[^/])?$')
manila_api_paste_ini {
'filter:authtoken/auth_admin_prefix': value => $keystone_auth_admin_prefix;
}
} else {
manila_api_paste_ini {
'filter:authtoken/auth_admin_prefix': ensure => absent;
}
}
}
}

111
deployment_scripts/puppet/modules/manila/backend/generic.pp Normal file
View File

@ -0,0 +1,111 @@
# ==define manila::backend::generic
#
# ===Parameters
#
# [*driver_handles_share_servers*]
# (required) Denotes whether the driver should handle the responsibility of
# managing share servers. This must be set to false if the driver is to
# operate without managing share servers.
#
# [*share_backend_name*]
# (optional) Name of the backend in manila.conf that
# these settings will reside in
#
# [*smb_template_config_path*]
# (optional) Path to smb config.
# Defaults to: $state_path/smb.conf
#
# [*volume_name_template*]
# (optional) Volume name template.
# Defaults to: manila-share-%s
#
# [*volume_snapshot_name_template*]
# (optional) Volume snapshot name template.
# Defaults to: manila-snapshot-%s
#
# [*share_mount_path*]
# (optional) Parent path in service instance where shares will be mounted.
# Defaults to: /shares
#
# [*max_time_to_create_volume*]
# (optional) Maximum time to wait for creating cinder volume.
# Defaults to: 180
#
# [*max_time_to_attach*]
# (optional) Maximum time to wait for attaching cinder volume.
# Defaults to: 120
#
# [*service_instance_smb_config_path*]
# (optional) Path to smb config in service instance.
# Defaults to: $share_mount_path/smb.conf
#
# [*share_volume_fstype*]
# (optional) Filesystem type of the share volume.
# Choices: 'ext4', 'ext3'
# Defaults to: ext4
#
# [*share_helpers*]
# (optional) Specify list of share export helpers.
# Defaults to: ['CIFS=manila.share.drivers.generic.CIFSHelper',
# 'NFS=manila.share.drivers.generic.NFSHelper']
#
# [*cinder_volume_type*]
# (optional) Name or id of cinder volume type which will be used for all
# volumes created by driver.
#
# [*delete_share_server_with_last_share*]
# (optional) With this option is set to True share server willbe deleted
# on deletion of last share.
# Defaults to: False
#
# [*unmanage_remove_access_rules*]
# (optional) If set to True, then manila will deny access and remove all
# access rules on share unmanage. If set to False - nothing will be changed.
# Defaults to: False
#
# [*automatic_share_server_cleanup*]
# (optional) If set to True, then Manila will delete all share servers which
# were unused more than specified time. If set to False, automatic deletion
# of share servers will be disabled.
# Defaults to: True
#
define manila::backend::generic (
$driver_handles_share_servers,
$share_backend_name = $name,
$smb_template_config_path = '$state_path/smb.conf',
$volume_name_template = 'manila-share-%s',
$volume_snapshot_name_template = 'manila-snapshot-%s',
$share_mount_path = '/shares',
$max_time_to_create_volume = 180,
$max_time_to_attach = 120,
$service_instance_smb_config_path = '$share_mount_path/smb.conf',
$share_volume_fstype = 'ext4',
$share_helpers = ['CIFS=manila.share.drivers.generic.CIFSHelper',
'NFS=manila.share.drivers.generic.NFSHelper'],
$cinder_volume_type = undef,
$delete_share_server_with_last_share = 'False',
$unmanage_remove_access_rules = 'False',
$automatic_share_server_cleanup = 'True',
) {
$share_driver = 'manila.share.drivers.generic.GenericShareDriver'
manila_config {
"${name}/driver_handles_share_servers": value => $driver_handles_share_servers;
"${name}/share_backend_name": value => $share_backend_name;
"${name}/share_driver": value => $share_driver;
"${name}/smb_template_config_path": value => $smb_template_config_path;
"${name}/volume_name_template": value => $volume_name_template;
"${name}/volume_snapshot_name_template": value => $volume_snapshot_name_template;
"${name}/share_mount_path": value => $share_mount_path;
"${name}/max_time_to_create_volume": value => $max_time_to_create_volume;
"${name}/max_time_to_attach": value => $max_time_to_attach;
"${name}/service_instance_smb_config_path": value => $service_instance_smb_config_path;
"${name}/share_volume_fstype": value => $share_volume_fstype;
"${name}/share_helpers": value => join($share_helpers, ',');
"${name}/cinder_volume_type": value => $cinder_volume_type;
"${name}/delete_share_server_with_last_share": value => $delete_share_server_with_last_share;
"${name}/unmanage_remove_access_rules": value => $unmanage_remove_access_rules;
"${name}/automatic_share_server_cleanup": value => $automatic_share_server_cleanup;
}
}

39
deployment_scripts/puppet/modules/manila/backend/glusterfs.pp Normal file
View File

@ -0,0 +1,39 @@
#
# == Class: manila::backend::glusterfs
#
# Configures Manila to use GlusterFS as a share driver
#
# === Parameters
# [*share_backend_name*]
# (optional) Name of the backend in manila.conf that
# these settings will reside in
#
# [*glusterfs_volumes_config*]
# (required) File with the list of Gluster volumes that can be used to
# create shares
# Default to: /etc/manila/glusterfs_volumes
#
# [*glusterfs_mount_point_base*]
# (optional) Base dir containing mount points for Gluster volumes.
# Defaults to: $state_path/mnt
#
# === Examples
# manila::backend::glusterfs { 'myGluster':
# glusterfs_shares = ['192.168.1.1:/shares'],
# }
#
define manila::backend::glusterfs (
$share_backend_name = $name,
$glusterfs_volumes_config = '/etc/manila/glusterfs_volumes',
$glusterfs_mount_point_base = '$state_path/mnt',
) {
$share_driver = 'manila.share.drivers.glusterfs.GlusterfsShareDriver'
manila_config {
"${name}/share_backend_name": value => $share_backend_name;
"${name}/share_driver": value => $share_driver;
"${name}/glusterfs_volumes_config": value => $glusterfs_volumes_config;
"${name}/glusterfs_mount_point_base": value => $glusterfs_mount_point_base;
}
}

52
deployment_scripts/puppet/modules/manila/backend/glusternative.pp Normal file
View File

@ -0,0 +1,52 @@
#
# == define: manila::backend::glusternative
#
# Configures Manila to use GlusterFS native as a share driver
#
# === Parameters
# [*share_backend_name*]
# (optional) Name of the backend in manila.conf that
# these settings will reside in
#
# [*glusterfs_servers*]
# (required) List of GlusterFS servers that can be used to create shares.
# Each GlusterFS server should be of the form [remoteuser@]<volserver>, and
# they are assumed to belong to distinct Gluster clusters.
#
# [*glusterfs_native_path_to_private_key*]
# (required) Path of Manila host's private SSH key file.
#
# [*glusterfs_volume_pattern*]
# (required) Regular expression template used to filter GlusterFS volumes for
# share creation.
#
# [*package_ensure*]
# (optional) Ensure state for package. Defaults to 'present'.
#
define manila::backend::glusternative (
$glusterfs_servers,
$glusterfs_native_path_to_private_key,
$glusterfs_volume_pattern,
$share_backend_name = $name,
$package_ensure = 'present',
) {
include ::manila::params
$share_driver = 'manila.share.drivers.glusterfs_native.GlusterfsNativeShareDriver'
manila_config {
"${share_backend_name}/share_backend_name": value => $share_backend_name;
"${share_backend_name}/share_driver": value => $share_driver;
"${share_backend_name}/glusterfs_servers": value => $glusterfs_servers;
"${share_backend_name}/glusterfs_native_path_to_private_key": value => $glusterfs_native_path_to_private_key;
"${share_backend_name}/glusterfs_volume_pattern": value => $glusterfs_volume_pattern;
}
package { $::manila::params::gluster_package_name:
ensure => $package_ensure,
}
package { $::manila::params::gluster_client_package_name:
ensure => $package_ensure,
}
}

65
deployment_scripts/puppet/modules/manila/backend/glusternfs.pp Normal file
View File

@ -0,0 +1,65 @@
#
# == define: manila::backend::glusternfs
#
# Configures Manila to use GlusteFS NFS (Ganesha/GlusterNFS) as a share driver
#
# Currently Red Hat is the only supported platform, due to lack of packages
# other platforms are not yet supported.
#
# === Parameters
# [*glusterfs_target*]
# (required) Specifies the GlusterFS volume to be mounted on the Manila host.
# It is of the form [remoteuser@]<volserver>:/<volid>.
#
# [*glusterfs_mount_point_base*]
# (required) Base directory containing mount points for Gluster volumes.
#
# [*glusterfs_nfs_server_type*]
# (required) Type of NFS server that mediate access to the Gluster volumes
# (Gluster or Ganesha).
# Default: Gluster
#
# [*glusterfs_path_to_private_key*]
# (required) Path of Manila host's private SSH key file.
#
# [*glusterfs_ganesha_server_ip*]
# (required) Remote Ganesha server node's IP address.
#
# [*share_backend_name*]
# (optional) Backend name in manila.conf where these settings will reside in.
#
# [*package_ensure*]
# (optional) Ensure state for package. Defaults to 'present'.
#
define manila::backend::glusternfs (
$glusterfs_target,
$glusterfs_mount_point_base,
$glusterfs_nfs_server_type,
$glusterfs_path_to_private_key,
$glusterfs_ganesha_server_ip,
$share_backend_name = $name,
$package_ensure = 'present',
) {
include ::manila::params
$share_driver = 'manila.share.drivers.glusterfs.GlusterfsShareDriver'
manila_config {
"${share_backend_name}/share_backend_name": value => $share_backend_name;
"${share_backend_name}/share_driver": value => $share_driver;
"${share_backend_name}/glusterfs_target": value => $glusterfs_target;
"${share_backend_name}/glusterfs_mount_point_base": value => $glusterfs_mount_point_base;
"${share_backend_name}/glusterfs_nfs_server_type": value => $glusterfs_nfs_server_type;
"${share_backend_name}/glusterfs_path_to_private_key": value => $glusterfs_path_to_private_key;
"${share_backend_name}/glusterfs_ganesha_server_ip": value => $glusterfs_ganesha_server_ip;
}
package { $::manila::params::gluster_package_name:
ensure => $package_ensure,
}
package { $::manila::params::gluster_client_package_name:
ensure => $package_ensure,
}
}

145
deployment_scripts/puppet/modules/manila/backend/netapp.pp Normal file
View File

@ -0,0 +1,145 @@
# == define: manila::backend::netapp
#
# Configures Manila to use the NetApp unified share driver
# Compatible for multiple backends
#
# === Parameters
#
# [*driver_handles_share_servers*]
# (required) Denotes whether the driver should handle the responsibility of
# managing share servers. This must be set to false if the driver is to
# operate without managing share servers.
#
# [*netapp_login*]
# (required) Administrative user account name used to access the storage
# system.
#
# [*netapp_password*]
# (required) Password for the administrative user account specified in the
# netapp_login parameter.
#
# [*netapp_server_hostname*]
# (required) The hostname (or IP address) for the storage system.
#
# [*share_backend_name*]
# (optional) Name of the backend in manila.conf that
# these settings will reside in
#
# [*netapp_transport_type*]
# (optional) The transport protocol used when communicating with
# the storage system or proxy server. Valid values are
# http or https.
# Defaults to http
#
# [*netapp_storage_family*]
# (optional) The storage family type used on the storage system; valid
# values are ontap_cluster for clustered Data ONTAP.
# Defaults to ontap_cluster
#
# [*netapp_server_port*]
# (optional) The TCP port to use for communication with the storage system
# or proxy server. If not specified, Data ONTAP drivers will use 80 for HTTP
# and 443 for HTTPS.
#
# [*netapp_volume_name_template*]
# (optional) NetApp volume name template.
# Defaults to share_%(share_id)s
#
# [*netapp_vserver*]
# (optional) This option specifies the storage virtual machine (previously
# called a Vserver) name on the storage cluster on which provisioning of
# shared file systems should occur. This option only applies
# when the option driver_handles_share_servers is set to False.
#
# [*netapp_vserver_name_template*]
# (optional) Name template to use for new vserver. This option only applies
# when the option driver_handles_share_servers is set to True.
# Defaults to os_%s
#
# [*netapp_lif_name_template*]
# (optional) Logical interface (LIF) name template. This option only applies
# when the option driver_handles_share_servers is set to True.
# Defaults to os_%(net_allocation_id)s
#
# [*netapp_aggregate_name_search_pattern*]
# (optional) Pattern for searching available aggregates
# for provisioning.
# Defaults to (.*)
#
# [*netapp_root_volume_aggregate*]
# (optional) Name of aggregate to create root volume on. This option only
# applies when the option driver_handles_share_servers is set to True.
#
# [*netapp_root_volume_name*]
# (optional) Root volume name. This option only applies when the option
# driver_handles_share_servers is set to True.
# Defaults to root
#
# [*netapp_port_name_search_pattern*]
# (optional) Pattern for overriding the selection of network ports on which
# to create Vserver LIFs.
# Defaults to (.*)
#
# [*netapp_trace_flags*]
# (optional) This option is a comma-separated list of options (valid values
# include method and api) that controls which trace info is written to the
# Manila logs when the debug level is set to True
#
# === Examples
#
# manila::backend::netapp { 'myBackend':
# driver_handles_share_servers => true,
# netapp_login => 'clusterAdmin',
# netapp_password => 'password',
# netapp_server_hostname => 'netapp.mycorp.com',
# netapp_storage_family => 'ontap_cluster',
# netapp_transport_type => 'https',
# }
define manila::backend::netapp (
$driver_handles_share_servers,
$netapp_login,
$netapp_password,
$netapp_server_hostname,
$share_backend_name = $name,
$netapp_transport_type = 'http',
$netapp_storage_family = 'ontap_cluster',
$netapp_server_port = undef,
$netapp_volume_name_template = 'share_%(share_id)s',
$netapp_vserver = undef,
$netapp_vserver_name_template = 'os_%s',
$netapp_lif_name_template = 'os_%(net_allocation_id)s',
$netapp_aggregate_name_search_pattern = '(.*)',
$netapp_root_volume_aggregate = undef,
$netapp_root_volume_name = 'root',
$netapp_port_name_search_pattern = '(.*)',
$netapp_trace_flags = undef,
) {
validate_string($netapp_password)
$netapp_share_driver = 'manila.share.drivers.netapp.common.NetAppDriver'
manila_config {
"${share_backend_name}/share_driver": value => $netapp_share_driver;
"${share_backend_name}/driver_handles_share_servers": value => $driver_handles_share_servers;
"${share_backend_name}/netapp_login": value => $netapp_login;
"${share_backend_name}/netapp_password": value => $netapp_password, secret => true;
"${share_backend_name}/netapp_server_hostname": value => $netapp_server_hostname;
"${share_backend_name}/share_backend_name": value => $share_backend_name;
"${share_backend_name}/netapp_transport_type": value => $netapp_transport_type;
"${share_backend_name}/netapp_storage_family": value => $netapp_storage_family;
"${share_backend_name}/netapp_server_port": value => $netapp_server_port;
"${share_backend_name}/netapp_volume_name_template": value => $netapp_volume_name_template;
"${share_backend_name}/netapp_vserver": value => $netapp_vserver;
"${share_backend_name}/netapp_vserver_name_template": value => $netapp_vserver_name_template;
"${share_backend_name}/netapp_lif_name_template": value => $netapp_lif_name_template;
"${share_backend_name}/netapp_aggregate_name_search_pattern": value => $netapp_aggregate_name_search_pattern;
"${share_backend_name}/netapp_root_volume_aggregate": value => $netapp_root_volume_aggregate;
"${share_backend_name}/netapp_root_volume_name": value => $netapp_root_volume_name;
"${share_backend_name}/netapp_port_name_search_pattern": value => $netapp_port_name_search_pattern;
"${share_backend_name}/netapp_trace_flags": value => $netapp_trace_flags;
}
package { 'nfs-utils': ensure => present }
}

22
deployment_scripts/puppet/modules/manila/backends.pp Normal file
View File

@ -0,0 +1,22 @@
# == Class: manila::backends
#
# Class to set the enabled_backends list
#
# === Parameters
#
# [*enabled_share_backends*]
# (Required) a list of ini sections to enable.
# This should contain names used in ceph::backend::* resources.
# Example: ['share1', 'share2', 'sata3']
#
# Author: Andrew Woodward <awoodward@mirantis.com>
class manila::backends (
$enabled_share_backends = undef
) {
# Maybe this could be extended to dynamically find the enabled names
manila_config {
'DEFAULT/enabled_share_backends': value => join($enabled_share_backends, ',');
}
}

20
deployment_scripts/puppet/modules/manila/client.pp Normal file
View File

@ -0,0 +1,20 @@
# == Class: manila::client
#
# Installs Manila python client.
#
# === Parameters
#
# [*package_ensure*]
# Ensure state for package. Defaults to 'present'.
#
class manila::client (
$package_ensure = 'present'
) {
include ::manila::params
package { 'python-manilaclient':
ensure => $package_ensure,
name => $::manila::params::client_package,
}
}

59
deployment_scripts/puppet/modules/manila/compute/nova.pp Normal file
View File

@ -0,0 +1,59 @@
# == Class: manila::nova
#
# Setup and configure Nova communication
#
# === Parameters
#
# [*nova_catalog_info*]
# (optional) Info to match when looking for nova in the service
# catalog. Format is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type>
#
# [*nova_catalog_admin_info*]
# (optional) Same as nova_catalog_info, but for admin endpoint.
#
# [*os_region_name*]
# (optional) region name of this node
#
# [*nova_ca_certificates_file*]
# (optional) Location of ca certificates file to use for nova client
# requests.
#
# [*nova_api_insecure*]
# (optional) Allow to perform insecure SSL requests to nova
#
# [*nova_admin_username*]
# (optional) Nova admin username
#
# [*nova_admin_password*]
# (optional) Nova admin password
#
# [*nova_admin_tenant_name*]
# (optional) Nova admin tenant name
#
# [*nova_admin_auth_url*]
# (optional) Identity service url
#
class manila::compute::nova (
$nova_catalog_info = 'compute:nova:publicURL',
$nova_catalog_admin_info = 'compute:nova:adminURL',
$nova_ca_certificates_file = undef,
$nova_api_insecure = false,
$nova_admin_username = 'nova',
$nova_admin_password = undef,
$nova_admin_tenant_name = 'service',
$nova_admin_auth_url = 'http://localhost:5000/v2.0',
) {
manila_config {
'DEFAULT/nova_catalog_info': value => $nova_catalog_info;
'DEFAULT/nova_catalog_admin_info': value => $nova_catalog_admin_info;
'DEFAULT/nova_ca_certificates_file':value => $nova_ca_certificates_file;
'DEFAULT/nova_api_insecure': value => $nova_api_insecure;
'DEFAULT/nova_admin_username': value => $nova_admin_username;
'DEFAULT/nova_admin_password': value => $nova_admin_password;
'DEFAULT/nova_admin_tenant_name': value => $nova_admin_tenant_name;
'DEFAULT/nova_admin_auth_url': value => $nova_admin_auth_url;
}
}

39
deployment_scripts/puppet/modules/manila/config.pp Normal file
View File

@ -0,0 +1,39 @@
# == Class: manila::config
#
# This class is used to manage arbitrary manila configurations.
#
# === Parameters
#
# [*xxx_config*]
# (optional) Allow configuration of arbitrary manila configurations.
# The value is an hash of xxx_config resources. Example:
# { 'DEFAULT/foo' => { value => 'fooValue'},
# 'DEFAULT/bar' => { value => 'barValue'}
# }
#
# In yaml format, Example:
# xxx_config:
# DEFAULT/foo:
# value: fooValue
# DEFAULT/bar:
# value: barValue
#
# [*manila_config*]
# (optional) Allow configuration of manila.conf configurations.
#
# [*api_paste_ini_config*]
# (optional) Allow configuration of /etc/manila/api-paste.ini configurations.
#
# NOTE: The configuration MUST NOT be already handled by this module
# or Puppet catalog compilation will fail with duplicate resources.
#
class manila::config (
$manila_config = {},
$api_paste_ini_config = {},
) {
validate_hash($manila_config)
validate_hash($api_paste_ini_config)
create_resources('manila_config', $manila_config)
create_resources('manila_api_paste_ini', $api_paste_ini_config)
}

75
deployment_scripts/puppet/modules/manila/db.pp Normal file
View File

@ -0,0 +1,75 @@
# == Class: manila::db
#
# Configure the Manila database
#
# === Parameters
#
# [*database_connection*]
# Url used to connect to database.
# (Optional) Defaults to 'sqlite:////var/lib/manila/manila.sqlite'.
#
# [*database_idle_timeout*]
# Timeout when db connections should be reaped.
# (Optional) Defaults to $::os_service_default
#
# [*database_min_pool_size*]
# Minimum number of SQL connections to keep open in a pool.
# (Optional) Defaults to $::os_service_default
#
# [*database_max_pool_size*]
# Maximum number of SQL connections to keep open in a pool.
# (Optional) Defaults to $::os_service_default
#
# [*database_max_retries*]
# Maximum db connection retries during startup.
# Setting -1 implies an infinite retry count.
# (Optional) Defaults to $::os_service_default
#
# [*database_retry_interval*]
# Interval between retries of opening a sql connection.
# (Optional) Defaults to $::os_service_default
#
# [*database_max_overflow*]
# If set, use this value for max_overflow with sqlalchemy.
# (Optional) Defaults to $::os_service_default
#
# [*database_db_max_retries*]
# (optional) Maximum retries in case of connection error or deadlock error
# before error is raised. Set to -1 to specify an infinite retry count.
# Defaults to $::os_service_default
#
class manila::db (
$database_connection = 'sqlite:////var/lib/manila/manila.sqlite',
$database_idle_timeout = $::os_service_default,
$database_min_pool_size = $::os_service_default,
$database_max_pool_size = $::os_service_default,
$database_max_retries = $::os_service_default,
$database_retry_interval = $::os_service_default,
$database_max_overflow = $::os_service_default,
$database_db_max_retries = $::os_service_default,
) {
# NOTE(spredzy): In order to keep backward compatibility we rely on the pick function
# to use manila::<myparam> if manila::db::<myparam> isn't specified.
$database_connection_real = pick($::manila::sql_connection, $database_connection)
$database_idle_timeout_real = pick($::manila::sql_idle_timeout, $database_idle_timeout)
$database_min_pool_size_real = pick($::manila::database_min_pool_size, $database_min_pool_size)
$database_max_pool_size_real = pick($::manila::database_max_pool_size, $database_max_pool_size)
$database_max_retries_real = pick($::manila::database_max_retries, $database_max_retries)
$database_retry_interval_real = pick($::manila::database_retry_interval, $database_retry_interval)
$database_max_overflow_real = pick($::manila::database_max_overflow, $database_max_overflow)
validate_re($database_connection_real,
'^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
oslo::db { 'manila_config':
connection => $database_connection_real,
idle_timeout => $database_idle_timeout_real,
min_pool_size => $database_min_pool_size_real,
max_pool_size => $database_max_pool_size_real,
max_retries => $database_max_retries_real,
retry_interval => $database_retry_interval_real,
max_overflow => $database_max_overflow_real,
db_max_retries => $database_db_max_retries,
}
}

65
deployment_scripts/puppet/modules/manila/db/mysql.pp Normal file
View File

@ -0,0 +1,65 @@
# The manila::db::mysql class creates a MySQL database for manila.
# It must be used on the MySQL server
#
# == Parameters
#
# [*password*]
# password to connect to the database. Mandatory.
#
# [*dbname*]
# name of the database. Optional. Defaults to manila.
#
# [*user*]
# user to connect to the database. Optional. Defaults to manila.
#
# [*host*]
# the default source host user is allowed to connect from.
# Optional. Defaults to 'localhost'
#
# [*allowed_hosts*]
# other hosts the user is allowd to connect from.
# Optional. Defaults to undef.
#
# [*charset*]
# the database charset. Optional. Defaults to 'utf8'
#
# [*collate*]
# the database collation. Optional. Defaults to 'utf8_general_ci'
#
# [*cluster_id*]
# (Optional) The cluster id.
# Defaults to 'localzone'.
#
# [*mysql_module*]
# (optional) Deprecated. Does nothing.
#
class manila::db::mysql (
$password,
$dbname = 'manila',
$user = 'manila',
$host = '127.0.0.1',
$allowed_hosts = undef,
$charset = 'utf8',
$collate = 'utf8_general_ci',
$cluster_id = 'localzone',
$mysql_module = undef,
) {
if $mysql_module {
warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.')
}
validate_string($password)
::openstacklib::db::mysql { 'manila':
user => $user,
password_hash => mysql_password($password),
dbname => $dbname,
host => $host,
charset => $charset,
collate => $collate,
allowed_hosts => $allowed_hosts,
}
::Openstacklib::Db::Mysql['manila'] ~> Exec<| title == 'manila-manage db_sync' |>
}

45
deployment_scripts/puppet/modules/manila/db/postgresql.pp Normal file
View File

@ -0,0 +1,45 @@
# == Class: manila::db::postgresql
#
# Class that configures postgresql for manila
# Requires the Puppetlabs postgresql module.
#
# === Parameters
#
# [*password*]
# (Required) Password to connect to the database.
#
# [*dbname*]
# (Optional) Name of the database.
# Defaults to 'manila'.
#
# [*user*]
# (Optional) User to connect to the database.
# Defaults to 'manila'.
#
# [*encoding*]
# (Optional) The charset to use for the database.
# Default to undef.
#
# [*privileges*]
# (Optional) Privileges given to the database user.
# Default to 'ALL'
#
class manila::db::postgresql(
$password,
$dbname = 'manila',
$user = 'manila',
$encoding = undef,
$privileges = 'ALL',
) {
::openstacklib::db::postgresql { 'manila':
password_hash => postgresql_password($user, $password),
dbname => $dbname,
user => $user,
encoding => $encoding,
privileges => $privileges,
}
::Openstacklib::Db::Postgresql['manila'] ~> Exec<| title == 'manila-manage db_sync' |>
}

14
deployment_scripts/puppet/modules/manila/db/sync.pp Normal file
View File

@ -0,0 +1,14 @@
#
class manila::db::sync {
include ::manila::params
exec { 'manila-manage db_sync':
command => $::manila::params::db_sync_command,
path => '/usr/bin',
user => 'manila',
refreshonly => true,
require => [File[$::manila::params::manila_conf], Class['manila']],
logoutput => 'on_failure',
}
}

58
deployment_scripts/puppet/modules/manila/ganesha.pp Normal file
View File

@ -0,0 +1,58 @@
#
# == Class: manila::ganesha
#
# Class to set NFS Ganesha options for share drivers
#
# === Parameters
# [*ganesha_config_dir*]
# (required) Directory where Ganesha config files are stored.
# Defaults to /etc/ganesha
#
# [*ganesha_config_path*]
# (required) Path to main Ganesha config file.
# Defaults to $ganesha_config_dir/ganesha.conf
#
# [*ganesha_service_name*]
# (required) Name of the ganesha nfs service.
# Defaults to ganesha.nfsd
#
# [*ganesha_db_path*]
# (required) Location of Ganesha database file (Ganesha module only).
# Defaults to $state_path/manila-ganesha.db
#
# [*ganesha_export_dir*]
# (required) Path to directory containing Ganesha export configuration.
# (Ganesha module only.)
# Defaults to $ganesha_config_dir/export.d
#
# [*ganesha_export_template_dir*]
# (required) Path to directory containing Ganesha export block templates.
# (Ganesha module only.)
# Defaults to /etc/manila/ganesha-export-templ.d
#
class manila::ganesha (
$ganesha_config_dir = '/etc/ganesha',
$ganesha_config_path = '/etc/ganesha/ganesha.conf',
$ganesha_service_name = 'ganesha.nfsd',
$ganesha_db_path = '$state_path/manila-ganesha.db',
$ganesha_export_dir = '/etc/ganesha/export.d',
$ganesha_export_template_dir = '/etc/manila/ganesha-export-templ.d',
) {
manila_config {
'DEFAULT/ganesha_config_dir': value => $ganesha_config_dir;
'DEFAULT/ganesha_config_path': value => $ganesha_config_path;
'DEFAULT/ganesha_service_name': value => $ganesha_service_name;
'DEFAULT/ganesha_db_path': value => $ganesha_db_path;
'DEFAULT/ganesha_export_dir': value => $ganesha_export_dir;
'DEFAULT/ganesha_export_template_dir': value => $ganesha_export_template_dir;
}
if ($::osfamily == 'RedHat') {
package { 'nfs-ganesha':
ensure => present
}
} else {
warning("Unsupported osfamily ${::osfamily}, Red Hat is the only supported platform.")
}
}

429
deployment_scripts/puppet/modules/manila/init.pp Normal file
View File

@ -0,0 +1,429 @@
# Class: manila
#
# == Parameters
#
# [*sql_connection*]
# Url used to connect to database.
# (Optional) Defaults to undef.
#
# [*sql_idle_timeout*]
# Timeout when db connections should be reaped.
# (Optional) Defaults to undef.
#
# [*database_retry_interval*]
# (optional) Interval between retries of opening a database connection.
# (Defaults to undef)
#
# [*database_min_pool_size*]
# (optional) Minimum number of SQL connections to keep open in a pool.
# Defaults to undef.
#
# [*database_max_pool_size*]
# (optional) Maximum number of SQL connections to keep open in a pool.
# Defaults to undef.
#
# [*database_max_retries*]
# Maximum db connection retries during startup.
# Setting -1 implies an infinite retry count.
# (Optional) Defaults to undef.
#
# [*database_max_overflow*]
# (optional) If set, use this value for max_overflow with sqlalchemy.
# Defaults to undef.
#
# [*state_path*]
# (optional) Directory for storing state.
# Defaults to '/var/lib/manila'
#
# [*default_transport_url*]
# (optional) A URL representing the messaging driver to use and its full
# configuration. Transport URLs take the form:
# transport://user:pass@host1:port[,hostN:portN]/virtual_host
# Defaults to $::os_service_default
#
# [*control_exchange*]
# (Optional) The default exchange under which topics are scope.
# Defaults to 'openstack'.
#
# [*rpc_backend*]
# (Optional) Use these options to configure the RabbitMQ message system.
# Defaults to 'rabbit'
#
# [*package_ensure*]
# (Optional) Ensure state for package.
# Defaults to 'present'
#
# [*notification_transport_url*]
# (optional) A URL representing the messaging driver to use for
# notifications and its full configuration. Transport URLs
# take the form:
# transport://user:pass@host1:port[,hostN:portN]/virtual_host
# Defaults to $::os_service_default.
#
# [*notification_driver*]
# (optional) Driver or drivers to handle sending notifications.
# Defaults to 'messaging'
#
# [*rabbit_host*]
# (Optional) IP or hostname of the rabbit server.
# Defaults to $::os_service_default.
#
# [*rabbit_port*]
# (Optional) Port of the rabbit server.
# Defaults to $::os_service_default.
#
# [*rabbit_hosts*]
# (Optional) Array of host:port (used with HA queues).
# If defined, will remove rabbit_host & rabbit_port parameters from config
# Defaults to $::os_service_default.
#
# [*rabbit_userid*]
# (Optional) User to connect to the rabbit server.
# Defaults to $::os_service_default.
#
# [*rabbit_password*]
# (Optional) Password to connect to the rabbit_server.
# Defaults to $::os_service_default.
#
# [*rabbit_virtual_host*]
# (Optional) Virtual_host to use.
# Defaults to $::os_service_default.
#
# [*rabbit_ha_queues*]
# (optional) Use HA queues in RabbitMQ (x-ha-policy: all).
# Defaults to $::os_service_default.
#
# [*rabbit_use_ssl*]
# (Optional) Connect over SSL for RabbitMQ.
# Defaults to $::os_service_default.
#
# [*kombu_ssl_ca_certs*]
# (optional) SSL certification authority file (valid only if SSL enabled).
# Defaults to $::os_service_default
#
# [*kombu_ssl_certfile*]
# (optional) SSL cert file (valid only if SSL enabled).
# Defaults to $::os_service_default
#
# [*kombu_ssl_keyfile*]
# (optional) SSL key file (valid only if SSL enabled).
# Defaults to $::os_service_default
#
# [*kombu_ssl_version*]
# (optional) SSL version to use (valid only if SSL enabled).
# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
# available on some distributions.
# Defaults to $::os_service_default
#
# [*amqp_durable_queues*]
# (optional) Use durable queues in amqp.
# Defaults to $::os_service_default.
#
# [*use_stderr*]
# (optional) Use stderr for logging
# Defaults to undef
#
# [*use_syslog*]
# Use syslog for logging.
# (Optional) Defaults to false.
#
# [*log_facility*]
# Syslog facility to receive log lines.
# (Optional) Defaults to LOG_USER.
#
# [*log_dir*]
# (optional) Directory where logs should be stored.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/manila'
#
# [*use_ssl*]
# (optional) Enable SSL on the API server
# Defaults to false, not set
#
# [*cert_file*]
# (optinal) Certificate file to use when starting API server securely
# Defaults to false, not set
#
# [*key_file*]
# (optional) Private key file to use when starting API server securely
# Defaults to false, not set
#
# [*ca_file*]
# (optional) CA certificate file to use to verify connecting clients
# Defaults to false, not set_
#
# [*debug*]
# (Optional) Should the daemons log debug messages
# Defaults to false
#
# [*api_paste_config*]
# (Optional) Allow Configuration of /etc/manila/api-paste.ini.
#
# [*storage_availability_zone*]
# (optional) Availability zone of the node.
# Defaults to 'nova'
#
# [*rootwrap_config*]
# (optional) Path to the rootwrap configuration file to use for
# running commands as root
#
# [*lock_path*]
# (optional) Location to store Manila locks
# Defaults to '/tmp/manila/manila_locks'
#
# [*amqp_server_request_prefix*]
# address prefix used when sending to a specific server
# Defaults to 'exclusive'
#
# [*amqp_broadcast_prefix*]
# address prefix used when broadcasting to all servers
# Defaults to 'broadcast'
#
# [*amqp_group_request_prefix*]
# address prefix when sending to any server in group
# Defaults to 'unicast'
#
# [*amqp_container_name*]
# Name for the AMQP container
# Defaults to guest
#
# [*amqp_idle_timeout*]
# Timeout for inactive connections (in seconds)
# Defaults to 0
#
# [*amqp_trace*]
# Debug: dump AMQP frames to stdout
# Defaults to false
#
# [*amqp_ssl_ca_file*]
# (optional) CA certificate PEM file to verify server certificate
# Defaults to $::os_service_default
#
# [*amqp_ssl_cert_file*]
# (optional) Identifying certificate PEM file to present to clients
# Defaults to $::os_service_default
#
# [*amqp_ssl_key_file*]
# (optional) Private key PEM file used to sign cert_file certificate
# Defaults to $::os_service_default
#
# [*amqp_ssl_key_password*]
# (optional) Password for decrypting ssl_key_file (if encrypted)
# Defaults to $::os_service_default
#
# [*amqp_allow_insecure_clients*]
# (optional) Accept clients using either SSL or plain TCP
# Defaults to false
#
# [*amqp_sasl_mechanisms*]
# (Optional) Space separated list of acceptable SASL mechanisms
# Defaults to $::os_service_default.
#
# [*amqp_sasl_config_dir*]
# (Optional) Path to directory that contains the SASL configuration
# Defaults to $::os_service_default.
#
# [*amqp_sasl_config_name*]
# (Optional) Name of configuration file (without .conf suffix)
# Defaults to $::os_service_default.
#
# [*amqp_username*]
# (Optional) User name for message broker authentication
# Defaults to $::os_service_default.
#
# [*amqp_password*]
# (Optional) Password for message broker authentication
# Defaults to $::os_service_default.
#
# [*purge_config*]
# (optional) Whether to set only the specified config options
# in the manila config.
# Defaults to false.
#
# DEPRECATED PARAMETERS
#
# [*verbose*]
# (Optional) Deprecated. Should the daemons log verbose messages
# Defaults to undef
#
class manila (
$sql_connection = undef,
$sql_idle_timeout = undef,
$database_max_retries = undef,
$database_retry_interval = undef,
$database_min_pool_size = undef,
$database_max_pool_size = undef,
$database_max_overflow = undef,
$rpc_backend = 'rabbit',
$default_transport_url = $::os_service_default,
$control_exchange = 'openstack',
$notification_transport_url = $::os_service_default,
$notification_driver = 'messaging',
$rabbit_host = $::os_service_default,
$rabbit_port = $::os_service_default,
$rabbit_hosts = $::os_service_default,
$rabbit_virtual_host = $::os_service_default,
$rabbit_userid = $::os_service_default,
$rabbit_password = $::os_service_default,
$rabbit_ha_queues = $::os_service_default,
$rabbit_use_ssl = $::os_service_default,
$kombu_ssl_ca_certs = $::os_service_default,
$kombu_ssl_certfile = $::os_service_default,
$kombu_ssl_keyfile = $::os_service_default,
$kombu_ssl_version = $::os_service_default,
$amqp_durable_queues = $::os_service_default,
$package_ensure = 'present',
$use_ssl = false,
$ca_file = false,
$cert_file = false,
$key_file = false,
$api_paste_config = '/etc/manila/api-paste.ini',
$use_stderr = undef,
$use_syslog = undef,
$log_facility = undef,
$log_dir = undef,
$debug = undef,
$storage_availability_zone = 'nova',
$rootwrap_config = '/etc/manila/rootwrap.conf',
$state_path = '/var/lib/manila',
$lock_path = '/tmp/manila/manila_locks',
$amqp_server_request_prefix = 'exclusive',
$amqp_broadcast_prefix = 'broadcast',
$amqp_group_request_prefix = 'unicast',
$amqp_container_name = 'guest',
$amqp_idle_timeout = '0',
$amqp_trace = false,
$amqp_allow_insecure_clients = false,
$amqp_ssl_ca_file = $::os_service_default,
$amqp_ssl_cert_file = $::os_service_default,
$amqp_ssl_key_file = $::os_service_default,
$amqp_ssl_key_password = $::os_service_default,
$amqp_sasl_mechanisms = $::os_service_default,
$amqp_sasl_config_dir = $::os_service_default,
$amqp_sasl_config_name = $::os_service_default,
$amqp_username = $::os_service_default,
$amqp_password = $::os_service_default,
$purge_config = false,
# Deprecated
$verbose = undef,
) {
include ::manila::db
include ::manila::logging
include ::manila::params
if $verbose {
warning('verbose is deprecated, has no effect and will be removed after Newton cycle.')
}
if $use_ssl {
if !$cert_file {
fail('The cert_file parameter is required when use_ssl is set to true')
}
if !$key_file {
fail('The key_file parameter is required when use_ssl is set to true')
}
}
# allowing a resource to serve as a point where the configuration of manila begins
anchor { 'manila-start': }
package { 'manila':
ensure => $package_ensure,
name => $::manila::params::package_name,
require => Anchor['manila-start'],
tag => ['openstack', 'manila-package'],
}
resources { 'manila_config':
purge => $purge_config,
}
if $rpc_backend == 'manila.openstack.common.rpc.impl_kombu' or $rpc_backend == 'rabbit' {
if ! $rabbit_password {
fail('Please specify a rabbit_password parameter.')
}
oslo::messaging::rabbit { 'manila_config':
rabbit_password => $rabbit_password,
rabbit_userid => $rabbit_userid,
rabbit_virtual_host => $rabbit_virtual_host,
rabbit_use_ssl => $rabbit_use_ssl,
amqp_durable_queues => $amqp_durable_queues,
rabbit_hosts => $rabbit_hosts,
rabbit_host => $rabbit_host,
rabbit_port => $rabbit_port,
rabbit_ha_queues => $rabbit_ha_queues,
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_certfile => $kombu_ssl_certfile,
kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_version => $kombu_ssl_version,
}
}
elsif $rpc_backend == 'amqp' {
oslo::messaging::amqp { 'manila_config':
server_request_prefix => $amqp_server_request_prefix,
broadcast_prefix => $amqp_broadcast_prefix,
group_request_prefix => $amqp_group_request_prefix,
container_name => $amqp_container_name,
idle_timeout => $amqp_idle_timeout,
trace => $amqp_trace,
allow_insecure_clients => $amqp_allow_insecure_clients,
ssl_ca_file => $amqp_ssl_ca_file,
ssl_key_password => $amqp_ssl_key_password,
ssl_cert_file => $amqp_ssl_cert_file,
ssl_key_file => $amqp_ssl_key_file,
sasl_mechanisms => $amqp_sasl_mechanisms,
sasl_config_dir => $amqp_sasl_config_dir,
sasl_config_name => $amqp_sasl_config_name,
username => $amqp_username,
password => $amqp_password,
}
}
oslo::messaging::default { 'manila_config':
transport_url => $default_transport_url,
control_exchange => $control_exchange,
}
oslo::messaging::notifications { 'manila_config':
transport_url => $notification_transport_url,
driver => $notification_driver,
}
manila_config {
'DEFAULT/api_paste_config': value => $api_paste_config;
'DEFAULT/storage_availability_zone': value => $storage_availability_zone;
'DEFAULT/rootwrap_config': value => $rootwrap_config;
'DEFAULT/state_path': value => $state_path;
}
oslo::concurrency { 'manila_config': lock_path => $lock_path }
# SSL Options
if $use_ssl {
manila_config {
'DEFAULT/ssl_cert_file' : value => $cert_file;
'DEFAULT/ssl_key_file' : value => $key_file;
}
if $ca_file {
manila_config { 'DEFAULT/ssl_ca_file' :
value => $ca_file,
}
} else {
manila_config { 'DEFAULT/ssl_ca_file' :
ensure => absent,
}
}
} else {
manila_config {
'DEFAULT/ssl_cert_file' : ensure => absent;
'DEFAULT/ssl_key_file' : ensure => absent;
'DEFAULT/ssl_ca_file' : ensure => absent;
}
}
}

160
deployment_scripts/puppet/modules/manila/keystone/auth.pp Normal file
View File

@ -0,0 +1,160 @@
# == Class: manila::keystone::auth
#
# Configures Manila user, service and endpoint in Keystone.
#
# === Parameters
#
# [*password*]
# Password for Manila user. Required.
#
# [*email*]
# Email for Manila user. Optional. Defaults to 'manila@localhost'.
#
# [*auth_name*]
# Username for Manila service. Optional. Defaults to 'manila'.
#
# [*service_name*]
# (optional) Name of the service.
# Defaults to 'manila'.
#
# [*service_name_v2*]
# (optional) Name of the service.
# Defaults to 'manilav2'.
#
# [*configure_endpoint*]
# [*configure_endpoint*]
# Should Manila endpoint be configured? Optional. Defaults to 'true'.
# API v1 endpoint should be enabled in Icehouse for compatibility with Nova.
#
# [*service_type*]
# Type of service. Optional. Defaults to 'share'.
#
# [*service_description*]
# Description for keystone service. Optional. Defaults to 'Manila Service'.
#
# [*region*]
# Region for endpoint. Optional. Defaults to 'RegionOne'.
#
# [*tenant*]
# Tenant for Manila user. Optional. Defaults to 'services'.
#
# [*public_url*]
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8786/v1/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*admin_url*]
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8786/v1/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*internal_url*]
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8786/v1/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*password_v2*]
# Password for Manila v2 user. Optional. Defaults to undef.
#
# [*email_v2*]
# Email for Manila v2 user. Optional. Defaults to 'manilav2@localhost'.
#
# [*auth_name_v2*]
# Username for Manila v2 service. Optional. Defaults to 'manilav2'.
#
# [*configure_endpoint_v2*]
# Should Manila v2 endpoint be configured? Optional. Defaults to 'true'.
#
# [*service_type_v2*]
# Type of service v2. Optional. Defaults to 'sharev2'.
#
# [*service_description_v2*]
# Description for keystone service v2. Optional. Defaults to 'Manila Service v2'.
#
# [*public_url_v2*]
# (optional) The v2 endpoint's public url. (Defaults to 'http://127.0.0.1:8786/v2/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*admin_url_v2*]
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8786/v2/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# [*internal_url_v2*]
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8786/v2/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
#
# === Examples
#
# class { 'manila::keystone::auth':
# public_url => 'https://10.0.0.10:8786/v1/%(tenant_id)s',
# internal_url => 'https://10.0.0.11:8786/v1/%(tenant_id)s',
# admin_url => 'https://10.0.0.11:8786/v1/%(tenant_id)s',
# }
#
class manila::keystone::auth (
$password,
$password_v2 = undef,
$auth_name_v2 = 'manilav2',
$auth_name = 'manila',
$service_name = 'manila',
$service_name_v2 = 'manilav2',
$email = 'manila@localhost',
$email_v2 = 'manilav2@localhost',
$tenant = 'services',
$configure_endpoint = true,
$configure_endpoint_v2 = true,
$service_type = 'share',
$service_type_v2 = 'sharev2',
$service_description = 'Manila Service',
$service_description_v2 = 'Manila Service v2',
$region = 'RegionOne',
$public_url = 'http://127.0.0.1:8786/v1/%(tenant_id)s',
$public_url_v2 = 'http://127.0.0.1:8786/v2/%(tenant_id)s',
$admin_url = 'http://127.0.0.1:8786/v1/%(tenant_id)s',
$admin_url_v2 = 'http://127.0.0.1:8786/v2/%(tenant_id)s',
$internal_url = 'http://127.0.0.1:8786/v1/%(tenant_id)s',
$internal_url_v2 = 'http://127.0.0.1:8786/v2/%(tenant_id)s',
) {
# for interface backward compatibility, we can't enforce to set a new parameter
# so we take 'password' parameter by default but allow to override it.
if ! $password_v2 {
$password_v2_real = $password
} else {
$password_v2_real = $password_v2
}
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'manila-api' |>
Keystone_user_role["${auth_name_v2}@${tenant}"] ~> Service <| name == 'manila-api' |>
keystone::resource::service_identity { 'manila':
configure_user => true,
configure_user_role => true,
configure_endpoint => $configure_endpoint,
service_type => $service_type,
service_description => $service_description,
auth_name => $auth_name,
service_name => $service_name,
region => $region,
password => $password,
email => $email,
tenant => $tenant,
public_url => $public_url,
admin_url => $admin_url,
internal_url => $internal_url,
}
keystone::resource::service_identity { 'manilav2':
configure_user => true,
configure_user_role => true,
configure_endpoint => $configure_endpoint_v2,
service_type => $service_type_v2,
service_description => $service_description_v2,
auth_name => $auth_name_v2,
service_name => $service_name_v2,
region => $region,
password => $password_v2_real,
email => $email_v2,
tenant => $tenant,
public_url => $public_url_v2,
admin_url => $admin_url_v2,
internal_url => $internal_url_v2,
}
}

147
deployment_scripts/puppet/modules/manila/logging.pp Normal file
View File

@ -0,0 +1,147 @@
# Class manila::logging
#
# manila logging configuration
#
# == parameters
#
# [*debug*]
# (Optional) Should the daemons log debug messages
# Defaults to $::os_service_default
#
# [*use_syslog*]
# (Optional) Use syslog for logging.
# Defaults to $::os_service_default
#
# [*use_stderr*]
# (optional) Use stderr for logging
# Defaults to $::os_service_default
#
# [*log_facility*]
# (Optional) Syslog facility to receive log lines.
# Defaults to $::os_service_default
#
# [*log_dir*]
# (optional) Directory where logs should be stored.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/manila'
#
# [*logging_context_format_string*]
# (optional) Format string to use for log messages with context.
# Defaults to $::os_service_default
# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
# [%(request_id)s %(user_identity)s] %(instance)s%(message)s'
#
# [*logging_default_format_string*]
# (optional) Format string to use for log messages without context.
# Defaults to $::os_service_default
# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
# [-] %(instance)s%(message)s'
#
# [*logging_debug_format_suffix*]
# (optional) Formatted data to append to log format when level is DEBUG.
# Defaults to $::os_service_default
# Example: '%(funcName)s %(pathname)s:%(lineno)d'
#
# [*logging_exception_prefix*]
# (optional) Prefix each line of exception output with this format.
# Defaults to $::os_service_default
# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
#
# [*log_config_append*]
# The name of an additional logging configuration file.
# Defaults to $::os_service_default
# See https://docs.python.org/2/howto/logging.html
#
# [*default_log_levels*]
# (optional) Hash of logger (keys) and level (values) pairs.
# Defaults to $::os_service_default
# Example:
# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
# 'sqlalchemy' => 'WARN', 'suds' => 'INFO', 'iso8601' => 'WARN',
# 'requests.packages.urllib3.connectionpool' => 'WARN' }
#
# [*publish_errors*]
# (optional) Publish error events (boolean value).
# Defaults to $::os_service_default
#
# [*fatal_deprecations*]
# (optional) Make deprecations fatal (boolean value)
# Defaults to $::os_service_default
#
# [*instance_format*]
# (optional) If an instance is passed with the log message, format it
# like this (string value).
# Defaults to $::os_service_default
# Example: '[instance: %(uuid)s] '
#
# [*instance_uuid_format*]
# (optional) If an instance UUID is passed with the log message, format
# it like this (string value).
# Defaults to $::os_service_default
# Example: instance_uuid_format='[instance: %(uuid)s] '
#
# [*log_date_format*]
# (optional) Format string for %%(asctime)s in log records.
# Defaults to $::os_service_default
# Example: 'Y-%m-%d %H:%M:%S'
#
# DEPRECATED PARAMETERS
#
# [*verbose*]
# (Optional) Deprecated. Should the daemons log verbose messages
# Defaults to undef
#
class manila::logging(
$use_syslog = $::os_service_default,
$use_stderr = $::os_service_default,
$log_facility = $::os_service_default,
$log_dir = '/var/log/manila',
$debug = $::os_service_default,
$logging_context_format_string = $::os_service_default,
$logging_default_format_string = $::os_service_default,
$logging_debug_format_suffix = $::os_service_default,
$logging_exception_prefix = $::os_service_default,
$log_config_append = $::os_service_default,
$default_log_levels = $::os_service_default,
$publish_errors = $::os_service_default,
$fatal_deprecations = $::os_service_default,
$instance_format = $::os_service_default,
$instance_uuid_format = $::os_service_default,
$log_date_format = $::os_service_default,
# Deprecated
$verbose = undef,
) {
if $verbose {
warning('verbose is deprecated, has no effect and will be removed after Newton cycle.')
}
# NOTE(spredzy): In order to keep backward compatibility we rely on the pick function
# to use manila::<myparam> first then manila::logging::<myparam>.
$use_syslog_real = pick($::manila::use_syslog,$use_syslog)
$use_stderr_real = pick($::manila::use_stderr,$use_stderr)
$log_facility_real = pick($::manila::log_facility,$log_facility)
$log_dir_real = pick($::manila::log_dir,$log_dir)
$debug_real = pick($::manila::debug,$debug)
oslo::log { 'manila_config':
debug => $debug_real,
use_syslog => $use_syslog_real,
use_stderr => $use_stderr_real,
log_dir => $log_dir_real,
syslog_log_facility => $log_facility_real,
logging_context_format_string => $logging_context_format_string,
logging_default_format_string => $logging_default_format_string,
logging_debug_format_suffix => $logging_debug_format_suffix,
logging_exception_prefix => $logging_exception_prefix,
log_config_append => $log_config_append,
default_log_levels => $default_log_levels,
publish_errors => $publish_errors,
fatal_deprecations => $fatal_deprecations,
log_date_format => $log_date_format,
instance_format => $instance_format,
instance_uuid_format => $instance_uuid_format,
}
}

68
deployment_scripts/puppet/modules/manila/network/neutron.pp Normal file
View File

@ -0,0 +1,68 @@
# == class: manila::network::neutron
#
# Setup and configure Neutron communication
#
# === Parameters
#
# [*neutron_url*]
# (optional) URL for connecting to neutron
#
# [*neutron_url_timeout*]
# (optional) timeout value for connecting to neutron in seconds
#
# [*neutron_admin_username*]
# (optional) username for connecting to neutron in admin context
#
# [*neutron_admin_password*]
# (optional) password for connecting to neutron in admin context
#
# [*neutron_admin_tenant_name*]
# (optional) Tenant name for connecting to neutron in admin context
#
# [*neutron_region_name*]
# (optional) region name for connecting to neutron in admin context
#
# [*neutron_admin_auth_url*]
# (optional) auth url for connecting to neutron in admin context
#
# [*neutron_api_insecure*]
# (optional) if set, ignore any SSL validation issues
#
# [*neutron_auth_strategy*]
# (optional) auth strategy for connecting to
# neutron in admin context
#
# [*neutron_ca_certificates_file*]
# (optional) Location of ca certificates file to use for
# neutron client requests.
#
class manila::network::neutron (
$neutron_url = 'http://127.0.0.1:9696',
$neutron_url_timeout = 30,
$neutron_admin_username = 'neutron',
$neutron_admin_password = undef,
$neutron_admin_tenant_name = 'service',
$neutron_region_name = undef,
$neutron_admin_auth_url = 'http://localhost:5000/v2.0',
$neutron_api_insecure = false,
$neutron_auth_strategy = 'keystone',
$neutron_ca_certificates_file = undef,
) {
$neutron_plugin_name = 'manila.network.neutron.neutron_network_plugin.NeutronNetworkPlugin'
manila_config {
'DEFAULT/network_api_class': value => $neutron_plugin_name;
'DEFAULT/neutron_url': value => $neutron_url;
'DEFAULT/neutron_url_timeout': value => $neutron_url_timeout;
'DEFAULT/neutron_admin_username': value => $neutron_admin_username;
'DEFAULT/neutron_admin_password': value => $neutron_admin_password;
'DEFAULT/neutron_admin_tenant_name': value => $neutron_admin_tenant_name;
'DEFAULT/neutron_region_name': value => $neutron_region_name;
'DEFAULT/neutron_admin_auth_url': value => $neutron_admin_auth_url;
'DEFAULT/neutron_api_insecure': value => $neutron_api_insecure;
'DEFAULT/neutron_auth_strategy': value => $neutron_auth_strategy;
'DEFAULT/neutron_ca_certificates_file': value => $neutron_ca_certificates_file;
}
}

31
deployment_scripts/puppet/modules/manila/network/neutron_single_network.pp Normal file
View File

@ -0,0 +1,31 @@
# == define: manila::network::neutron_single_network
#
# Setup and configure the Neutron single network plugin
#
# === Parameters
#
# [*neutron_net_id*]
# (required) Default Neutron network that will be used for share server
# creation. This opt is used only with
# class 'NeutronSingleNetworkPlugin'.
#
# [*neutron_subnet_id*]
# (required) Default Neutron subnet that will be used for share server
# creation. Should be assigned to network defined in opt
# 'neutron_net_id'. This opt is used only with
# class 'NeutronSingleNetworkPlugin'.
#
define manila::network::neutron_single_network (
$neutron_net_id,
$neutron_subnet_id,
) {
$neutron_single_plugin_name = 'manila.network.neutron.neutron_network_plugin.NeutronSingleNetworkPlugin'
manila_config {
"${name}/network_api_class": value => $neutron_single_plugin_name;
"${name}/neutron_net_id": value => $neutron_net_id;
"${name}/neutron_subnet_id": value => $neutron_subnet_id;
}
}

12
deployment_scripts/puppet/modules/manila/network/nova_network.pp Normal file
View File

@ -0,0 +1,12 @@
# == define: manila::network::nova_network
#
# Setup and configure Nova Networking communication
#
define manila::network::nova_network () {
$nova_net_plugin_name = 'manila.network.nova_network_plugin.NovaNetworkPlugin'
manila_config {
"${name}/network_api_class": value => $nova_net_plugin_name;
}
}

22
deployment_scripts/puppet/modules/manila/network/nova_single_network.pp Normal file
View File

@ -0,0 +1,22 @@
# == define: manila::network::nova_single_network
#
# Setup and configure Nova Networking communication with a single network
#
# === Parameters
#
# [*nova_single_network_plugin_net_id*]
# (required) Default Nova network that will be used for share servers.
# This opt is used only with class 'NovaSingleNetworkPlugin'.
#
define manila::network::nova_single_network (
$nova_single_network_plugin_net_id,
) {
$nova_single_net_plugin_name = 'manila.network.nova_network_plugin.NovaSingleNetworkPlugin'
manila_config {
"${name}/network_api_class": value => $nova_single_net_plugin_name;
"${name}/nova_single_network_plugin_net_id": value => $nova_single_network_plugin_net_id;
}
}

51
deployment_scripts/puppet/modules/manila/network/standalone.pp Normal file
View File

@ -0,0 +1,51 @@
# == define: manila::network::standalone
#
# Setup and configure Manila standalone network communication
#
# === Parameters
#
# [*standalone_network_plugin_gateway*]
# (required) Gateway IPv4 address that should be used. Required
#
# [*standalone_network_plugin_mask*]
# (required) Network mask that will be used. Can be either decimal
# like '24' or binary like '255.255.255.0'. Required.
#
# [*standalone_network_plugin_segmentation_id*]
# (optional) Set it if network has segmentation (VLAN, VXLAN, etc...).
# It will be assigned to share-network and share drivers will be
# able to use this for network interfaces within provisioned
# share servers. Optional. Example: 1001
#
# [*standalone_network_plugin_allowed_ip_ranges*]
# (optional) Can be IP address, range of IP addresses or list of addresses
# or ranges. Contains addresses from IP network that are allowed
# to be used. If empty, then will be assumed that all host
# addresses from network can be used. Optional.
# Examples: 10.0.0.10 or 10.0.0.10-10.0.0.20 or
# 10.0.0.10-10.0.0.20,10.0.0.30-10.0.0.40,10.0.0.50
#
# [*standalone_network_plugin_ip_version*]
# (optional) IP version of network. Optional.
# Allowed values are '4' and '6'. Default value is '4'.
#
define manila::network::standalone (
$standalone_network_plugin_gateway,
$standalone_network_plugin_mask,
$standalone_network_plugin_segmentation_id = undef,
$standalone_network_plugin_allowed_ip_ranges = undef,
$standalone_network_plugin_ip_version = '4',
) {
$standalone_plugin_name = 'manila.network.standalone_network_plugin.StandaloneNetworkPlugin'
manila_config {
"${name}/network_api_class": value => $standalone_plugin_name;
"${name}/standalone_network_plugin_gateway": value => $standalone_network_plugin_gateway;
"${name}/standalone_network_plugin_mask": value => $standalone_network_plugin_mask;
"${name}/standalone_network_plugin_segmentation_id": value => $standalone_network_plugin_segmentation_id;
"${name}/standalone_network_plugin_allowed_ip_ranges": value => $standalone_network_plugin_allowed_ip_ranges;
"${name}/standalone_network_plugin_ip_version": value => $standalone_network_plugin_ip_version;
}
}

52
deployment_scripts/puppet/modules/manila/params.pp Normal file
View File

@ -0,0 +1,52 @@
#
class manila::params {
$manila_conf = '/etc/manila/manila.conf'
$manila_paste_api_ini = '/etc/manila/api-paste.ini'
if $::osfamily == 'Debian' {
$package_name = 'manila-common'
$client_package = 'python-manilaclient'
$api_package = 'manila-api'
$api_service = 'manila-api'
$scheduler_package = 'manila-scheduler'
$scheduler_service = 'manila-scheduler'
$share_package = 'manila-share'
$share_service = 'manila-share'
$db_sync_command = 'manila-manage db sync'
$tgt_package_name = 'tgt'
$tgt_service_name = 'tgt'
$ceph_init_override = '/etc/init/manila-share.override'
$iscsi_helper = 'tgtadm'
$lio_package_name = 'targetcli'
$gluster_client_package_name = 'glusterfs-client'
$gluster_package_name = 'glusterfs-common'
} elsif($::osfamily == 'RedHat') {
$package_name = 'openstack-manila'
$client_package = 'python-manilaclient'
$api_package = false
$api_service = 'openstack-manila-api'
$scheduler_package = false
$scheduler_service = 'openstack-manila-scheduler'
$share_package = 'openstack-manila-share'
$share_service = 'openstack-manila-share'
$db_sync_command = 'manila-manage db sync'
$tgt_package_name = 'scsi-target-utils'
$tgt_service_name = 'tgtd'
$ceph_init_override = '/etc/sysconfig/openstack-manila-share'
$lio_package_name = 'targetcli'
$gluster_client_package_name = 'glusterfs-fuse'
$gluster_package_name = 'glusterfs'
if $::operatingsystem == 'RedHat' and (versioncmp($::operatingsystemmajrelease, '7') >= 0) {
$iscsi_helper = 'lioadm'
} else {
$iscsi_helper = 'tgtadm'
}
} else {
fail("unsupported osfamily ${::osfamily}, currently Debian and Redhat are the only supported platforms")
}
}

64
deployment_scripts/puppet/modules/manila/quota.pp Normal file
View File

@ -0,0 +1,64 @@
# == Class: manila::quota
#
# Setup and configure Manila quotas.
#
# === Parameters
#
# [*quota_shares*]
# (optional) Number of shares allowed per project. Defaults to 10.
#
# [*quota_snapshots*]
# (optional) Number of share snapshots allowed per project. Defaults to 10.
#
# [*quota_gigabytes*]
# (optional) Number of share gigabytes (snapshots are also included)
# allowed per project. Defaults to 1000.
#
# [*quota_driver*]
# (optional) Default driver to use for quota checks.
# Defaults to 'manila.quota.DbQuotaDriver'.
#
# [*quota_snapshot_gigabytes*]
# (optional) Number of snapshot gigabytes allowed per project.
# Defaults to 1000.
#
# [*quota_share_networks*]
# (optional) Number of share-networks allowed per project.
# Defaults to 10.
#
# [*reservation_expire*]
# (optional) Number of seconds until a reservation expires.
# Defaults to 86400.
#
# [*until_refresh*]
# (optional) Count of reservations until usage is refreshed.
# Defaults to 0.
#
# [*max_age*]
# (optional) Number of seconds between subsequent usage refreshes.
# Defaults to 0.
#
class manila::quota (
$quota_shares = 10,
$quota_snapshots = 10,
$quota_gigabytes = 1000,
$quota_driver = 'manila.quota.DbQuotaDriver',
$quota_snapshot_gigabytes = 1000,
$quota_share_networks = 10,
$reservation_expire = 86400,
$until_refresh = 0,
$max_age = 0,
) {
manila_config {
'DEFAULT/quota_shares': value => $quota_shares;
'DEFAULT/quota_snapshots': value => $quota_snapshots;
'DEFAULT/quota_gigabytes': value => $quota_gigabytes;
'DEFAULT/quota_driver': value => $quota_driver;
'DEFAULT/quota_snapshot_gigabytes': value => $quota_snapshot_gigabytes;
'DEFAULT/quota_share_networks': value => $quota_share_networks;
'DEFAULT/reservation_expire': value => $reservation_expire;
'DEFAULT/until_refresh': value => $until_refresh;
'DEFAULT/max_age': value => $max_age;
}
}

64
deployment_scripts/puppet/modules/manila/rabbitmq.pp Normal file
View File

@ -0,0 +1,64 @@
# == Class: manila::rabbitmq
#
# Installs and manages rabbitmq server for manila
#
# == Parameters:
#
# [*userid*]
# (optional) The username to use when connecting to Rabbit
# Defaults to 'guest'
#
# [*password*]
# (optional) The password to use when connecting to Rabbit
# Defaults to 'guest'
#
# [*port*]
# (optional) Deprecated. The port to use when connecting to Rabbit
# This parameter keeps backward compatibility when we used to manage
# RabbitMQ service.
# Defaults to '5672'
#
# [*virtual_host*]
# (optional) The virtual host to use when connecting to Rabbit
# Defaults to '/'
#
# [*enabled*]
# (optional) Deprecated. Whether to enable the Rabbit resources
# This parameter keeps backward compatibility when we used to manage
# RabbitMQ service.
# Defaults to true
#
class manila::rabbitmq(
$userid = 'guest',
$password = 'guest',
$virtual_host = '/',
# DEPRECATED PARAMETER
$enabled = true,
$port = '5672',
) {
warning('manila::rabbitmq class is deprecated and will be removed in next release. Make other plans to configure rabbitmq resources.')
if ($enabled) {
if $userid == 'guest' {
$delete_guest_user = false
} else {
$delete_guest_user = true
rabbitmq_user { $userid:
admin => true,
password => $password,
provider => 'rabbitmqctl',
}
# I need to figure out the appropriate permissions
rabbitmq_user_permissions { "${userid}@${virtual_host}":
configure_permission => '.*',
write_permission => '.*',
read_permission => '.*',
provider => 'rabbitmqctl',
}->Anchor<| title == 'manila-start' |>
}
rabbitmq_vhost { $virtual_host:
provider => 'rabbitmqctl',
}
}
}

67
deployment_scripts/puppet/modules/manila/scheduler.pp Normal file
View File

@ -0,0 +1,67 @@
# == Class: manila::scheduler
#
# Install and manage Manila scheduler.
#
# === Parameters
#
# [*scheduler_driver*]
# (Optional) Description
# Defaults to false.
#
# [*package_ensure*]
# (Optional) The state of the scheduler package
# Defaults to 'present'.
#
# [*enabled*]
# (Optional) Whether to run the scheduler service
# Defaults to true.
#
# [*manage_service*]
# (Optional) Whether to start/stop the service
# Defaults to true.
#
class manila::scheduler (
$scheduler_driver = false,
$package_ensure = 'present',
$enabled = true,
$manage_service = true
) {
include ::manila::params
Manila_config<||> ~> Service['manila-scheduler']
Manila_api_paste_ini<||> ~> Service['manila-scheduler']
Exec<| title == 'manila-manage db_sync' |> ~> Service['manila-scheduler']
if $scheduler_driver {
manila_config {
'DEFAULT/scheduler_driver': value => $scheduler_driver;
}
}
if $::manila::params::scheduler_package {
Package['manila-scheduler'] -> Service['manila-scheduler']
package { 'manila-scheduler':
ensure => $package_ensure,
name => $::manila::params::scheduler_package,
tag => ['openstack', 'manila-package'],
}
}
if $manage_service {
if $enabled {
$ensure = 'running'
} else {
$ensure = 'stopped'
}
}
service { 'manila-scheduler':
ensure => $ensure,
name => $::manila::params::scheduler_service,
enable => $enabled,
hasstatus => true,
require => Package['manila'],
tag => 'manila-service',
}
}

129
deployment_scripts/puppet/modules/manila/service_instance.pp Normal file
View File

@ -0,0 +1,129 @@
# ==define manila::service_instance
#
# ===Parameters
#
# [*service_image_name*]
# (optional) Name of image in glance, that will be used to create
# service instance.
# Defaults to: 'manila-service-image'
#
# [*service_image_location*]
# (required) URL or pathname to the service image. This will be
# loaded into Glance.
#
# [*service_instance_name_template*]
# (optional) Name of service instance.
# Defaults to: 'manila_service_instance_%s'
#
# [*service_instance_user*]
# (required) User in service instance.
#
# [*service_instance_password*]
# (required) Password to service instance user.
#
# [*manila_service_keypair_name*]
# (optional) Name of keypair that will be created and used
# for service instance.
# Defaults to: 'manila-service'
#
# [*path_to_public_key*]
# (optional) Path to hosts public key.
# Defaults to: '~/.ssh/id_rsa.pub'
#
# [*path_to_private_key*]
# (optional) Path to hosts private key.
# Defaults to: '~/.ssh/id_rsa'
#
# [*max_time_to_build_instance*]
# (optional) Maximum time to wait for creating service instance.
# Defaults to: 300
#
# [*service_instance_security_group*]
# (optional) Name of security group, that will be used for
# service instance creation.
# Defaults to: 'manila-service'
#
# [*service_instance_flavor_id*]
# (optional) ID of flavor, that will be used for service instance
# creation.
# Defaults to: 1
#
# [*service_network_name*]
# (optional) Name of manila service network.
# Defaults to: 'manila_service_network'
#
# [*service_network_cidr*]
# (optional) CIDR of manila service network.
# Defaults to: '10.254.0.0/16'
#
# [*service_network_division_mask*]
# (optional) This mask is used for dividing service network into
# subnets, IP capacity of subnet with this mask directly
# defines possible amount of created service VMs
# per tenant's subnet.
# Defaults to: 28
#
# [*interface_driver*]
# (optional) Vif driver.
# Defaults to: 'manila.network.linux.interface.OVSInterfaceDriver'
#
# [*connect_share_server_to_tenant_network*]
# (optional) Attach share server directly to share network.
# Defaults to: false
#
# [*service_instance_network_helper_type*]
# Allowed values are nova, neutron
# Defaults to: neutron
define manila::service_instance (
$service_image_name = 'manila-service-image',
$service_image_location = undef,
$service_instance_name_template = 'manila_service_instance_%s',
$service_instance_user = undef,
$service_instance_password = undef,
$manila_service_keypair_name = 'manila-service',
$path_to_public_key = '~/.ssh/id_rsa.pub',
$path_to_private_key = '~/.ssh/id_rsa',
$max_time_to_build_instance = 300,
$service_instance_security_group = 'manila-service',
$service_instance_flavor_id = 1,
$service_network_name = 'manila_service_network',
$service_network_cidr = '10.254.0.0/16',
$service_network_division_mask = 28,
$interface_driver = 'manila.network.linux.interface.OVSInterfaceDriver',
$connect_share_server_to_tenant_network = false,
$service_instance_network_helper_type = 'neutron',
) {
if $service_image_location {
glance_image { $service_image_name:
ensure => present,
is_public => 'yes',
container_format => 'bare',
disk_format => 'qcow2',
source => $service_image_location,
}
}
else {
fail('Missing required parameter service_image_location')
}
manila_config {
"${name}/service_image_name": value => $service_image_name;
"${name}/service_instance_name_template": value => $service_instance_name_template;
"${name}/service_instance_user": value => $service_instance_user;
"${name}/service_instance_password": value => $service_instance_password;
"${name}/manila_service_keypair_name": value => $manila_service_keypair_name;
"${name}/path_to_public_key": value => $path_to_public_key;
"${name}/path_to_private_key": value => $path_to_private_key;
"${name}/max_time_to_build_instance": value => $max_time_to_build_instance;
"${name}/service_instance_security_group": value => $service_instance_security_group;
"${name}/service_instance_flavor_id": value => $service_instance_flavor_id;
"${name}/service_network_name": value => $service_network_name;
"${name}/service_network_cidr": value => $service_network_cidr;
"${name}/service_network_division_mask": value => $service_network_division_mask;
"${name}/interface_driver": value => $interface_driver;
"${name}/connect_share_server_to_tenant_network": value => $connect_share_server_to_tenant_network;
"${name}/service_instance_network_helper_type": value => $service_instance_network_helper_type;
}
}

56
deployment_scripts/puppet/modules/manila/share.pp Normal file
View File

@ -0,0 +1,56 @@
# == Class: manila::share
#
# === Parameters
#
# [*package_ensure*]
# (Optional) Ensure State for package
# Defaults to 'present'.
#
# [*enabled*]
# (Optional) Should the service be enabled
# Defaults to true.
#
# [*manage_service*]
# (Optional) Whether the service should be managed by Puppet
# Defaults to true.
#
# $share_name_template = share-%s
class manila::share (
$package_ensure = 'present',
$enabled = true,
$manage_service = true
) {
include ::manila::params
Manila_config<||> ~> Service['manila-share']
Manila_api_paste_ini<||> ~> Service['manila-share']
Exec<| title == 'manila-manage db_sync' |> ~> Service['manila-share']
if $::manila::params::share_package {
Package['manila'] -> Package['manila-share']
Package['manila-share'] -> Service['manila-share']
package { 'manila-share':
ensure => $package_ensure,
name => $::manila::params::share_package,
tag => ['openstack', 'manila-package'],
}
}
if $manage_service {
if $enabled {
$ensure = 'running'
} else {
$ensure = 'stopped'
}
}
service { 'manila-share':
ensure => $ensure,
name => $::manila::params::share_service,
enable => $enabled,
hasstatus => true,
require => Package['manila'],
tag => 'manila-service',
}
}

103
deployment_scripts/puppet/modules/manila/share/generic.pp Normal file
View File

@ -0,0 +1,103 @@
# == Class: manila::share::generic
#
# Configures Manila to use the generic share driver
#
# ===Parameters
# [*driver_handles_share_servers*]
# (required) Denotes whether the driver should handle the responsibility of
# managing share servers. This must be set to false if the driver is to
# operate without managing share servers.
#
# [*smb_template_config_path*]
# (optional) Path to smb config.
# Defaults to: $state_path/smb.conf
#
# [*volume_name_template*]
# (optional) Volume name template.
# Defaults to: manila-share-%s
#
# [*volume_snapshot_name_template*]
# (optional) Volume snapshot name template.
# Defaults to: manila-snapshot-%s
#
# [*share_mount_path*]
# (optional) Parent path in service instance where shares will be mounted.
# Defaults to: /shares
#
# [*max_time_to_create_volume*]
# (optional) Maximum time to wait for creating cinder volume.
# Defaults to: 180
#
# [*max_time_to_attach*]
# (optional) Maximum time to wait for attaching cinder volume.
# Defaults to: 120
#
# [*service_instance_smb_config_path*]
# (optional) Path to smb config in service instance.
# Defaults to: $share_mount_path/smb.conf
#
# [*share_volume_fstype*]
# (optional) Filesystem type of the share volume.
# Choices: 'ext4', 'ext3'
# Defaults to: ext4
#
# [*share_helpers*]
# (optional) Specify list of share export helpers.
# Defaults to: ['CIFS=manila.share.drivers.generic.CIFSHelper',
# 'NFS=manila.share.drivers.generic.NFSHelper']
#
# [*cinder_volume_type*]
# (optional) Name or id of cinder volume type which will be used for all
# volumes created by driver.
#
# [*delete_share_server_with_last_share*]
# (optional) With this option is set to True share server willbe deleted
# on deletion of last share.
# Defaults to: False
#
# [*unmanage_remove_access_rules*]
# (optional) If set to True, then manila will deny access and remove all
# access rules on share unmanage. If set to False - nothing will be changed.
# Defaults to: False
#
# [*automatic_share_server_cleanup*]
# (optional) If set to True, then Manila will delete all share servers which
# were unused more than specified time. If set to False, automatic deletion
# of share servers will be disabled.
# Defaults to: True
class manila::share::generic (
$driver_handles_share_servers,
$smb_template_config_path = '$state_path/smb.conf',
$volume_name_template = 'manila-share-%s',
$volume_snapshot_name_template = 'manila-snapshot-%s',
$share_mount_path = '/shares',
$max_time_to_create_volume = 180,
$max_time_to_attach = 120,
$service_instance_smb_config_path = '$share_mount_path/smb.conf',
$share_volume_fstype = 'ext4',
$share_helpers = ['CIFS=manila.share.drivers.generic.CIFSHelper',
'NFS=manila.share.drivers.generic.NFSHelper'],
$cinder_volume_type = undef,
$delete_share_server_with_last_share = 'False',
$unmanage_remove_access_rules = 'False',
$automatic_share_server_cleanup = 'True',
) {
manila::backend::generic { 'DEFAULT':
driver_handles_share_servers => $driver_handles_share_servers,
smb_template_config_path => $smb_template_config_path,
volume_name_template => $volume_name_template,
volume_snapshot_name_template => $volume_snapshot_name_template,
share_mount_path => $share_mount_path,
max_time_to_create_volume => $max_time_to_create_volume,
max_time_to_attach => $max_time_to_attach,
service_instance_smb_config_path => $service_instance_smb_config_path,
share_helpers => $share_helpers,
share_volume_fstype => $share_volume_fstype,
cinder_volume_type => $cinder_volume_type,
delete_share_server_with_last_share => $delete_share_server_with_last_share,
unmanage_remove_access_rules => $unmanage_remove_access_rules,
automatic_share_server_cleanup => $automatic_share_server_cleanup,
}
}

30
deployment_scripts/puppet/modules/manila/share/glusterfs.pp Normal file
View File

@ -0,0 +1,30 @@
#
# == Class: manila::share::glusterfs
#
# Configures Manila to use GlusterFS as a share driver
#
# === Parameters
#
# [*glusterfs_volumes_config*]
# (required) File with the list of Gluster volumes that can
# be used to create shares
#
# [*glusterfs_mount_point_base*]
# Base dir containing mount points for Gluster volumes.
#
# === Examples
#
# class { 'manila::share::glusterfs':
# glusterfs_shares = ['192.168.1.1:/shares'],
# }
#
class manila::share::glusterfs (
$glusterfs_volumes_config = '/etc/manila/glusterfs_volumes',
$glusterfs_mount_point_base = '$state_path/mnt',
) {
manila::backend::glusterfs { 'DEFAULT':
glusterfs_volumes_config => $glusterfs_volumes_config,
glusterfs_mount_point_base => $glusterfs_mount_point_base,
}
}

130
deployment_scripts/puppet/modules/manila/share/netapp.pp Normal file
View File

@ -0,0 +1,130 @@
# == Class: manila::share::netapp
#
# Configures Manila to use the NetApp share driver
#
# === Parameters
# [*driver_handles_share_servers*]
# (required) Denotes whether the driver should handle the responsibility of
# managing share servers. This must be set to false if the driver is to
# operate without managing share servers.
#
# [*netapp_login*]
# (required) Administrative user account name used to access the storage
# system.
#
# [*netapp_password*]
# (required) Password for the administrative user account specified in the
# netapp_login parameter.
#
# [*netapp_server_hostname*]
# (required) The hostname (or IP address) for the storage system.
#
# [*netapp_transport_type*]
# (optional) The transport protocol used when communicating with
# the storage system or proxy server. Valid values are
# http or https.
# Defaults to http
#
# [*netapp_storage_family*]
# (optional) The storage family type used on the storage system; valid
# values are ontap_cluster for clustered Data ONTAP.
# Defaults to ontap_cluster
#
# [*netapp_server_port*]
# (optional) The TCP port to use for communication with the storage system
# or proxy server. If not specified, Data ONTAP drivers will use 80 for HTTP
# and 443 for HTTPS.
#
# [*netapp_volume_name_template*]
# (optional) NetApp volume name template.
# Defaults to share_%(share_id)s
#
# [*netapp_vserver*]
# (optional) This option specifies the storage virtual machine (previously
# called a Vserver) name on the storage cluster on which provisioning of
# shared file systems should occur. This option only applies
# when the option driver_handles_share_servers is set to False.
#
# [*netapp_vserver_name_template*]
# (optional) Name template to use for new vserver. This option only applies
# when the option driver_handles_share_servers is set to True.
# Defaults to os_%s
#
# [*netapp_lif_name_template*]
# (optional) Logical interface (LIF) name template. This option only applies
# when the option driver_handles_share_servers is set to True.
# Defaults to os_%(net_allocation_id)s
#
# [*netapp_aggregate_name_search_pattern*]
# (optional) Pattern for searching available aggregates
# for provisioning.
# Defaults to (.*)
#
# [*netapp_root_volume_aggregate*]
# (optional) Name of aggregate to create root volume on. This option only
# applies when the option driver_handles_share_servers is set to True.
#
# [*netapp_root_volume_name*]
# (optional) Root volume name. This option only applies when the option
# driver_handles_share_servers is set to True.
# Defaults to root
#
# [*netapp_port_name_search_pattern*]
# (optional) Pattern for overriding the selection of network ports on which
# to create Vserver LIFs.
# Defaults to (.*)
#
# [*netapp_trace_flags*]
# (optional) This option is a comma-separated list of options (valid values
# include method and api) that controls which trace info is written to the
# Manila logs when the debug level is set to True
#
# === Examples
# class { 'manila::share::netapp':
# driver_handles_share_servers => true,
# netapp_login => 'clusterAdmin',
# netapp_password => 'password',
# netapp_server_hostname => 'netapp.mycorp.com',
# netapp_storage_family => 'ontap_cluster',
# netapp_transport_type => 'https',
# }
#
class manila::share::netapp (
$driver_handles_share_servers,
$netapp_login,
$netapp_password,
$netapp_server_hostname,
$netapp_transport_type = 'http',
$netapp_storage_family = 'ontap_cluster',
$netapp_server_port = undef,
$netapp_volume_name_template = 'share_%(share_id)s',
$netapp_vserver = undef,
$netapp_vserver_name_template = 'os_%s',
$netapp_lif_name_template = 'os_%(net_allocation_id)s',
$netapp_aggregate_name_search_pattern = '(.*)',
$netapp_root_volume_aggregate = undef,
$netapp_root_volume_name = 'root',
$netapp_port_name_search_pattern = '(.*)',
$netapp_trace_flags = undef,
) {
manila::backend::netapp { 'DEFAULT':
driver_handles_share_servers => $driver_handles_share_servers,
netapp_login => $netapp_login,
netapp_password => $netapp_password,
netapp_server_hostname => $netapp_server_hostname,
netapp_transport_type => $netapp_transport_type,
netapp_storage_family => $netapp_storage_family,
netapp_server_port => $netapp_server_port,
netapp_volume_name_template => $netapp_volume_name_template,
netapp_vserver => $netapp_vserver,
netapp_vserver_name_template => $netapp_vserver_name_template,
netapp_lif_name_template => $netapp_lif_name_template,
netapp_aggregate_name_search_pattern => $netapp_aggregate_name_search_pattern,
netapp_root_volume_aggregate => $netapp_root_volume_aggregate,
netapp_root_volume_name => $netapp_root_volume_name,
netapp_port_name_search_pattern => $netapp_port_name_search_pattern,
netapp_trace_flags => $netapp_trace_flags,
}
}

87
deployment_scripts/puppet/modules/manila/type.pp Normal file
View File

@ -0,0 +1,87 @@
# ==Define: manila::type
#
# Creates manila type and assigns backends.
#
# === Parameters
#
# [*os_password*]
# (required) The keystone tenant:username password.
#
# [*driver_handles_share_servers*]
# (required) If the driver handles share servers.
#
# [*set_key*]
# (optional) Must be used with set_value. Accepts a single string be used
# as the key in type_set
#
# [*set_value*]
# (optional) Accepts list of strings or singular string. A list of values
# passed to type_set
#
# [*os_tenant_name*]
# (optional) The keystone tenant name. Defaults to 'admin'.
#
# [*os_username*]
# (optional) The keystone user name. Defaults to 'admin.
#
# [*os_auth_url*]
# (optional) The keystone auth url. Defaults to 'http://127.0.0.1:5000/v2.0/'.
#
# [*os_region_name*]
# (optional) The keystone region name. Default is unset.
#
# Author: Andrew Woodward <awoodward@mirantis.com>
define manila::type (
$os_password,
$driver_handles_share_servers,
$set_key = undef,
$set_value = undef,
$os_tenant_name = 'admin',
$os_username = 'admin',
$os_auth_url = 'http://127.0.0.1:5000/v2.0/',
$os_region_name = undef,
) {
$volume_name = $name
include ::manila::client
# TODO: (xarses) This should be moved to a ruby provider so that among other
# reasons, the credential discovery magic can occur like in neutron.
$manila_env = [
"OS_TENANT_NAME=${os_tenant_name}",
"OS_USERNAME=${os_username}",
"OS_PASSWORD=${os_password}",
"OS_AUTH_URL=${os_auth_url}",
]
if $os_region_name {
$region_env = ["OS_REGION_NAME=${os_region_name}"]
}
else {
$region_env = []
}
exec {"manila type-create ${volume_name} ${driver_handles_share_servers}":
command => "manila type-create ${volume_name} ${driver_handles_share_servers}",
unless => "manila type-list | grep ${volume_name}",
environment => concat($manila_env, $region_env),
require => Package['python-manilaclient'],
path => ['/usr/bin', '/bin'],
}
if ($set_value and $set_key) {
Exec["manila type-create ${volume_name} ${driver_handles_share_servers}"] ->
manila::type_set { $set_value:
type => $volume_name,
key => $set_key,
os_password => $os_password,
os_tenant_name => $os_tenant_name,
os_username => $os_username,
os_auth_url => $os_auth_url,
os_region_name => $os_region_name,
}
}
}

66
deployment_scripts/puppet/modules/manila/type_set.pp Normal file
View File

@ -0,0 +1,66 @@
# ==Define: manila::type_set
#
# Assigns keys after the share type is set.
#
# === Parameters
#
# [*os_password*]
# (required) The keystone tenant:username password.
#
# [*type*]
# (required) Accepts single name of type to set.
#
# [*key*]
# (required) the key name that we are setting the value for.
#
# [*os_tenant_name*]
# (optional) The keystone tenant name. Defaults to 'admin'.
#
# [*os_username*]
# (optional) The keystone user name. Defaults to 'admin.
#
# [*os_auth_url*]
# (optional) The keystone auth url. Defaults to 'http://127.0.0.1:5000/v2.0/'.
#
# [*os_region_name*]
# (optional) The keystone region name. Default is unset.
#
# Author: Andrew Woodward <awoodward@mirantis.com>
define manila::type_set (
$type,
$key,
$os_password,
$os_tenant_name = 'admin',
$os_username = 'admin',
$os_auth_url = 'http://127.0.0.1:5000/v2.0/',
$os_region_name = undef,
) {
include ::manila::client
# TODO: (xarses) This should be moved to a ruby provider so that among other
# reasons, the credential discovery magic can occur like in neutron.
$manila_env = [
"OS_TENANT_NAME=${os_tenant_name}",
"OS_USERNAME=${os_username}",
"OS_PASSWORD=${os_password}",
"OS_AUTH_URL=${os_auth_url}",
]
if $os_region_name {
$region_env = ["OS_REGION_NAME=${os_region_name}"]
}
else {
$region_env = []
}
exec {"manila type-key ${type} set ${key}=${name}":
path => ['/usr/bin', '/bin'],
command => "manila type-key ${type} set ${key}=${name}",
environment => concat($manila_env, $region_env),
require => Package['python-manilaclient'],
}
}

65
deployment_scripts/puppet/modules/manila/volume/cinder.pp Normal file
View File

@ -0,0 +1,65 @@
# == Class: manila::cinder
#
# Setup and configure Cinder communication
#
# === Parameters
#
# [*cinder_catalog_info*]
# (optional) Info to match when looking for cinder in the service
# catalog. Format is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type>
#
# [*os_region_name*]
# (optional) region name of this node
#
# [*cinder_ca_certificates_file*]
# (optional) Location of ca certificates file to use for cinder
# client requests.
#
# [*cinder_http_retries*]
# (optional) Number of cinderclient retries on failed http calls
#
# [*cinder_api_insecure*]
# (optional) Allow to perform insecure SSL requests to cinder
#
# [*cinder_cross_az_attach*]
# (optional) Allow attach between instance and volume in different
# availability zones.
#
# [*cinder_admin_username*]
# (optional) Cinder admin username
#
# [*cinder_admin_password*]
# (optional) Cinder admin password
#
# [*cinder_admin_tenant_name*]
# (optional) Cinder admin tenant name
#
# [*cinder_admin_auth_url*]
# (optional) Identity service url
#
class manila::volume::cinder (
$cinder_catalog_info = 'volume:cinder:publicURL',
$cinder_ca_certificates_file = undef,
$cinder_http_retries = 3,
$cinder_api_insecure = false,
$cinder_cross_az_attach = true,
$cinder_admin_username = 'cinder',
$cinder_admin_password = undef,
$cinder_admin_tenant_name = 'service',
$cinder_admin_auth_url = 'http://localhost:5000/v2.0',
) {
manila_config {
'DEFAULT/cinder_catalog_info': value => $cinder_catalog_info;
'DEFAULT/cinder_ca_certificates_file': value => $cinder_ca_certificates_file;
'DEFAULT/cinder_http_retries': value => $cinder_http_retries;
'DEFAULT/cinder_api_insecure': value => $cinder_api_insecure;
'DEFAULT/cinder_cross_az_attach': value => $cinder_cross_az_attach;
'DEFAULT/cinder_admin_username': value => $cinder_admin_username;
'DEFAULT/cinder_admin_password': value => $cinder_admin_password;
'DEFAULT/cinder_admin_tenant_name': value => $cinder_admin_tenant_name;
'DEFAULT/cinder_admin_auth_url': value => $cinder_admin_auth_url;
}
}