Modify VPNaaS deployment manifests

- Stop l3 agent instead of removing - Use pacemaker provider - Fixed problem with HA mode Change-Id: I9e828c077491710282c798aefd2e8bed7a5ff007
2015-02-02 13:32:33 +03:00 · 2015-02-02 13:32:33 +03:00 · 0816f05a19
parent effca5e04f
commit 0816f05a19
4 changed files with 84 additions and 126 deletions
--- a/deployment_scripts/puppet/manifests/site.pp
+++ b/deployment_scripts/puppet/manifests/site.pp
@ -1,2 +1,6 @@
-if $cluster_mode == 'ha_compact' { include vpnaas::ha }
-else { include vpnaas }
+
+if $cluster_mode == 'ha_compact' {
+  include vpnaas::ha
+} else {
+  include vpnaas
+}
--- a/deployment_scripts/puppet/modules/vpnaas/manifests/common.pp
+++ b/deployment_scripts/puppet/modules/vpnaas/manifests/common.pp
@ -10,25 +10,32 @@ class vpnaas::common {
      enable  => true,
    }

-    exec { "enable_vpnaas_dashboard":
-      command => "/bin/sed -i \"s/'enable_vpn': False/'enable_vpn': True/\" $vpnaas::params::dashboard_settings",
-      unless  => "/bin/egrep \"'enable_vpn': True\" $vpnaas::params::dashboard_settings",
-    }
-
    service { $vpnaas::params::server_service:
      ensure  => running,
      enable  => true,
    }

-    neutron_config {
-      'DEFAULT/service_plugins':  value => 'router,vpnaas,metering';
-    }
-
    service { $vpnaas::params::ipsec_service:
      ensure  => running,
      enable  => true,
    }

-    Neutron_config<||>                    ~> Service[$vpnaas::params::server_service]
-    Exec['enable_vpnaas_dashboard']       ~> Service[$vpnaas::params::dashboard_service]
+    exec { "enable_vpnaas_dashboard":
+      command => "/bin/sed -i \"s/'enable_vpn': False/'enable_vpn': True/\" $vpnaas::params::dashboard_settings",
+      unless  => "/bin/egrep \"'enable_vpn': True\" $vpnaas::params::dashboard_settings",
+    }
+
+    ini_subsetting {'add_vpnaas_service_plugin':
+      ensure               => present,
+      section              => 'DEFAULT',
+      key_val_separator    => '=',
+      path                 => '/etc/neutron/neutron.conf',
+      setting              => 'service_plugins',
+      subsetting           => 'neutron.services.vpn.',
+      subsetting_separator => ',',
+      value                => 'plugin.VPNDriverPlugin',
+    }
+
+    Exec['enable_vpnaas_dashboard'] -> Ini_subsetting['add_vpnaas_service_plugin'] ~>
+    Service[$vpnaas::params::server_service] ~> Service[$vpnaas::params::dashboard_service]
 }
--- a/deployment_scripts/puppet/modules/vpnaas/manifests/ha.pp
+++ b/deployment_scripts/puppet/modules/vpnaas/manifests/ha.pp
@ -2,67 +2,58 @@

 class vpnaas::ha {

-    include vpnaas::params
-    include neutron::params
+  include vpnaas::params
+  include neutron::params

+  $fuel_settings      = parseyaml($astute_settings_yaml)
+  $access_hash        = $fuel_settings['access']
+  $neutron_config     = $fuel_settings['quantum_settings']
+  $primary_controller = $fuel_settings['role'] ? { 'primary-controller'=>true, default=>false }

-    $fuel_settings      = parseyaml($astute_settings_yaml)
-    $access_hash        = $fuel_settings['access']
-    $neutron_config     = $fuel_settings['quantum_settings']
-    $multiple_agents    = true
-    $primary_controller = $fuel_settings['role'] ? { 'primary-controller'=>true, default=>false }
+  $debug              = true
+  $verbose            = true
+  $syslog             = $fuel_settings['use_syslog'] ? { default=>true }
+  $plugin_config      = '/etc/neutron/l3_agent.ini'

-    $debug                    = true
-    $verbose                  = true
-    $syslog                   = $::use_syslog
-    $plugin_config            = '/etc/neutron/l3_agent.ini'
-
-
-    file {'q-agent-cleanup.py':
-      path   => '/usr/bin/q-agent-cleanup.py',
-      mode   => '0755',
-      owner  => root,
-      group  => root,
-      source => "puppet:///modules/vpnaas/q-agent-cleanup.py",
-    }
-
-    class {'vpnaas::agent':
-      manage_service => true,
-      enabled        => false,
-    }
-
-    if $primary_controller {
-      exec { "remove-l3-agent":
-        path    => "/sbin:/usr/bin:/usr/sbin:/bin",
-        command => "pcs resource delete p_neutron-l3-agent --wait=120",
-        onlyif  => "pcs resource show p_neutron-l3-agent > /dev/null 2>&1",
-      }
-      Exec['remove-l3-agent'] -> Class['vpnaas::agent']
-    }
-    else {
-      exec {'waiting-for-l3-deletion':
-        tries     => 5,
-        try_sleep => 30,
-        command   => "pcs resource show p_neutron-l3-agent > /dev/null 2>&1",
-        path      => '/usr/sbin:/usr/bin:/sbin:/bin',
-        returns   => [1],
-      }
-      Exec['waiting-for-l3-deletion'] -> Class['vpnaas::agent']
-    }
-
-  if $multiple_agents {
-    $csr_metadata        = undef
-    $csr_complex_type    = 'clone'
-    $csr_ms_metadata     = { 'interleave' => 'true' }
-  } else {
-    $csr_metadata        = { 'resource-stickiness' => '1' }
-    $csr_complex_type    = undef
-    $csr_ms_metadata     = undef
+  file {'q-agent-cleanup.py':
+    path   => '/usr/bin/q-agent-cleanup.py',
+    mode   => '0755',
+    owner  => root,
+    group  => root,
+    source => "puppet:///modules/vpnaas/q-agent-cleanup.py",
  }

-  $vpnaas_agent_package = $::neutron::params::vpnaas_agent_package ? {
-    false   => $::neutron::params::package_name,
-    default => $::neutron::params::vpnaas_agent_package,
+  file { "${vpnaas::params::vpn_agent_ocf_file}":
+    mode   => 644,
+    owner  => root,
+    group  => root,
+    source => "puppet:///modules/vpnaas/ocf/neutron-agent-vpn"
+  }
+
+  class {'vpnaas::common':}
+
+  class {'vpnaas::agent':
+    manage_service => true,
+    enabled        => false,
+  }
+
+  service {'p_neutron-l3-agent':
+    enable     => true,
+    ensure     => stopped,
+    hasstatus  => true,
+    hasrestart => true,
+    provider   => 'pacemaker',
+  }
+
+  Service['p_neutron-l3-agent'] -> Class['vpnaas::agent']
+
+  $csr_metadata        = undef
+  $csr_complex_type    = 'clone'
+  $csr_ms_metadata     = { 'interleave' => 'true' }
+
+  cluster::corosync::cs_with_service {'vpn-and-ovs':
+    first   => "clone_p_${neutron::params::ovs_agent_service}",
+    second  => "clone_p_${neutron::params::vpnaas_agent_service}"
  }

  cluster::corosync::cs_service {'vpn':
@ -83,58 +74,14 @@ class vpnaas::ha {
    csr_mon_intr        => '20',
    csr_mon_timeout     => '10',
    csr_timeout         => '60',
-    service_name        => $::neutron::params::vpnaas_agent_service,
-    package_name        => $vpnaas_agent_package,
+    service_name        => $neutron::params::vpnaas_agent_service,
+    package_name        => $neutron::params::vpnaas_agent_package,
    service_title       => 'neutron-vpnaas-service',
    primary             => $primary_controller,
    hasrestart          => false,
  }

-    cluster::corosync::cs_with_service {'vpn-and-ovs':
-      first   => "clone_p_${neutron::params::ovs_agent_service}",
-      second  => $multiple_agents ? {
-                    false   => "p_${neutron::params::vpnaas_agent_service}",
-                    default => "clone_p_${neutron::params::vpnaas_agent_service}"
-                 },
-    }
-
-    if ! $multiple_agents {
-      cs_colocation { 'vpn-keepaway-dhcp':
-        ensure     => present,
-        score      => '-100',
-        primitives => [
-          "p_${neutron::params::dhcp_agent_service}",
-          "p_${neutron::params::vpnaas_agent_service}"
-        ],
-        require => Cluster::Corosync::Cs_service['vpn'],
-      }
-    }
-
-    File['q-agent-cleanup.py'] -> Cluster::Corosync::Cs_service["vpn"]
-
-    File["${vpnaas::params::vpn_agent_ocf_file}"] -> Cluster::Corosync::Cs_service["vpn"] ->
-    Cluster::Corosync::Cs_with_service['vpn-and-ovs'] -> Class['vpnaas::common']
-
-#fuel-plugins system doesn't have 'primary-controller' role so
-#we have to separate controllers' deployment here using waiting cycles.
-    if ! $primary_controller {
-      exec {'waiting-for-vpn-agent':
-        tries     => 10,
-        try_sleep => 30,
-        command   => "pcs resource show p_neutron-vpn-agent > /dev/null 2>&1",
-        path      => '/usr/sbin:/usr/bin:/sbin:/bin',
-      }
-      Exec['waiting-for-vpn-agent'] -> Cluster::Corosync::Cs_service["vpn"]
-    }
-
-    file { "${vpnaas::params::vpn_agent_ocf_file}":
-      mode   => 644,
-      owner  => root,
-      group  => root,
-      source => "puppet:///modules/vpnaas/ocf/neutron-agent-vpn"
-    }
-
-    class {'vpnaas::common':}
-
-
+  File['q-agent-cleanup.py']                        -> Cluster::Corosync::Cs_service["vpn"]
+  File["${vpnaas::params::vpn_agent_ocf_file}"]     -> Cluster::Corosync::Cs_service["vpn"] ->
+  Cluster::Corosync::Cs_with_service['vpn-and-ovs'] -> Class['vpnaas::common']
 }
--- a/deployment_scripts/puppet/modules/vpnaas/manifests/init.pp
+++ b/deployment_scripts/puppet/modules/vpnaas/manifests/init.pp
@ -2,14 +2,14 @@

 class vpnaas {

-    service { 'disable-neutron-l3-service':
-      ensure  => stopped,
-      name    => "neutron-l3-agent",
-      enable  => false,
-    }
+  class {'vpnaas::agent':}
+  class {'vpnaas::common':}

-    Service['disable-neutron-l3-service'] -> Class['vpnaas::agent']
+  service { 'disable-neutron-l3-service':
+    ensure  => stopped,
+    name    => "neutron-l3-agent",
+    enable  => false,
+  }

-    class {'vpnaas::agent':}
-    class {'vpnaas::common':}
+  Service['disable-neutron-l3-service'] -> Class['vpnaas::agent'] -> Class['vpnaas::common']
 }