openstack
/
fuel-library
Code Issues Proposed changes

Beginning cleanup/refactor of puppetlabs-openstack. 

Started to create individual manifests for core openstack components such as
Glance, keystone, nova, and horizon. Began to incorporate those
manifests into main manifests. Wrote some tests. Fixed some typos.
This commit is contained in:
Joe Topjian 2012-07-12 05:33:18 +00:00 committed by Dan Bode
parent 1ffde6c107
commit 3a1dd1ea05
15 changed files with 1339 additions and 664 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
deployment/puppet/openstack/README.md
View File

@ -50,9 +50,9 @@ These modules are based on the adminstrative guides for openstack
called br100 that bridges into the ip address specified on that NIC
All interfaces that are used to bridge traffic for the internal network
need to have permiscous mode set.
need to have promiscuous mode set.
Below is an example of setting permiscuos mode on an interface on Ubuntu.
Below is an example of setting promiscuous mode on an interface on Ubuntu.
#/etc/network/interfaces

410
deployment/puppet/openstack/manifests/all.pp
View File

@ -3,46 +3,17 @@
#
# Class that performs a basic openstack all in one installation.
#
# === Parameterrs
# === Parameters
#
# TODO public address should be optional.
# [public_address] Public address used by vnchost. Required.
# [public_interface] The interface used to route public traffic by the
# network service.
# [private_interface] The private interface used to bridge the VMs into a common network.
# [floating_range] The floating ip range to be created. If it is false, then no floating ip range is created.
# Optional. Defaults to false.
# [fixed_range] The fixed private ip range to be created for the private VM network. Optional. Defaults to '10.0.0.0/24'.
# [network_manager] The network manager to use for the nova network service.
# Optional. Defaults to 'nova.network.manager.FlatDHCPManager'.
# [auto_assign_floating_ip] Rather configured to automatically allocate and
# assign a floating IP address to virtual instances when they are launched.
# Defaults to false.
# [network_config] Used to specify network manager specific parameters .Optional. Defualts to {}.
# [mysql_root_password] The root password to set for the mysql database. Optional. Defaults to sql_pass'.
# [rabbit_password] The password to use for the rabbitmq user. Optional. Defaults to rabbit_pw'
# [rabbit_user] The rabbitmq user to use for auth. Optional. Defaults to nova'.
# [admin_email] The admin's email address. Optional. Defaults to someuser@some_fake_email_address.foo'.
# [admin_password] The default password of the keystone admin. Optional. Defaults to ChangeMe'.
# [keystone_db_password] The default password for the keystone db user. Optional. Defaults to keystone_pass'.
# [keystone_admin_token] The default auth token for keystone. Optional. Defaults to keystone_admin_token'.
# [nova_db_password] The nova db password. Optional. Defaults to nova_pass'.
# [nova_user_password] The password of the keystone user for the nova service. Optional. Defaults to nova_pass'.
# [glance_db_password] The password for the db user for glance. Optional. Defaults to 'glance_pass'.
# [glance_user_password] The password of the glance service user. Optional. Defaults to 'glance_pass'.
# [secret_key] The secret key for horizon. Optional. Defaults to 'dummy_secret_key'.
# [verbose] If the services should log verbosely. Optional. Defaults to false.
# [purge_nova_config] Whether unmanaged nova.conf entries should be purged. Optional. Defaults to true.
# [libvirt_type] The virualization type being controlled by libvirt. Optional. Defaults to 'kvm'.
# [nova_volume] The name of the volume group to use for nova volume allocation. Optional. Defaults to 'nova-volumes'.
# See params.pp
#
# === Examples
#
# class { 'openstack::all':
# public_address => '192.168.0.3',
# public_interface => eth0,
# private_interface => eth1,
# admin_email => my_email@mw.com,
# public_interface => 'eth0',
# private_interface => 'eth1',
# admin_email => 'my_email@mw.com',
# admin_password => 'my_admin_password',
# libvirt_type => 'kvm',
# }
@ -52,38 +23,111 @@
# Dan Bode <bodepd@gmail.com>
#
#
class openstack::all(
# passing in the public ipaddress is required
$public_address,
$public_interface,
$private_interface,
$floating_range = false,
$fixed_range = '10.0.0.0/24',
$network_manager = 'nova.network.manager.FlatDHCPManager',
$network_config = {},
# middleware credentials
$mysql_root_password = undef,
$rabbit_password = 'rabbit_pw',
$rabbit_user = 'nova',
# opestack credentials
$admin_email = 'someuser@some_fake_email_address.foo',
$admin_password = 'ChangeMe',
$keystone_db_password = 'keystone_pass',
$keystone_admin_token = 'keystone_admin_token',
$keystone_admin_tenant = 'openstack',
$nova_db_password = 'nova_pass',
$nova_user_password = 'nova_pass',
$glance_db_password = 'glance_pass',
$glance_user_password = 'glance_pass',
$secret_key = 'dummy_secret_key',
# config
$verbose = false,
$auto_assign_floating_ip = false,
$purge_nova_config = true,
$libvirt_type = 'kvm',
$nova_volume = 'nova-volumes'
) {
class openstack::all (
# Network
$public_address = $::openstack::params::public_address,
$public_interface = $::openstack::params::public_interface,
$private_interface = $::openstack::params::private_interface,
$fixed_range = $::openstack::params::fixed_range,
$network_manager = $::openstack::params::network_manager,
$network_config = $::openstack::params::network_config,
$auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip,
$floating_range = $::openstack::params::floating_range,
$create_networks = $::openstack::params::create_networks,
$num_networks = $::openstack::params::num_networks,
# MySQL
$db_type = $::openstack::params::db_type,
$mysql_root_password = $::openstack::params::mysql_root_password,
$mysql_account_security = $::openstack::params::mysql_account_security,
# Rabbit
$rabbit_password = $::openstack::params::rabbit_password,
$rabbit_user = $::openstack::params::rabbit_user,
# Keystone
$admin_email = $::openstack::params::admin_email,
$admin_password = $::openstack::params::admin_password,
$keystone_db_user = $::openstack::params::keystone_db_user,
$keystone_db_password = $::openstack::params::keystone_db_password,
$keystone_db_dbname = $::openstack::params::keystone_db_dbname,
$keystone_admin_token = $::openstack::params::keystone_admin_token,
# Nova
$nova_db_user = $::openstack::params::nova_db_user,
$nova_db_password = $::openstack::params::nova_db_password,
$nova_user_password = $::openstack::params::nova_user_password,
$nova_db_dbname = $::openstack::params::nova_db_dbname,
$purge_nova_config = $::openstack::params::purge_nova_config,
# Glance
$glance_db_user = $::openstack::params::glance_db_user,
$glance_db_password = $::openstack::params::glance_db_password,
$glance_db_dbname = $::openstack::params::glance_db_dbname,
$glance_user_password = $::openstack::params::glance_user_password,
# Horizon
$secret_key = $::openstack::params::secret_key,
$cache_server_ip = $::openstack::params::cache_server_ip,
$cache_server_port = $::openstack::params::cache_server_port,
$swift = $::openstack::params::swift,
$quantum = $::openstack::params::quantum,
$horizon_app_links = $::openstack::params::horizon_app_links,
# Virtaulization
$libvirt_type = $::openstack::params::libvirt_type,
# Volume
$nova_volume = $::openstack::params::nova_volume,
# VNC
$vnc_enabled = $::openstack::params::vnc_enabled,
# General
$enabled = $::openstack::params::enabled,
$verbose = $::openstack::params::verbose
) inherits openstack::params {
# set up mysql server
case $db_type {
'mysql': {
class { 'openstack::db::mysql':
mysql_root_password => $mysql_root_password,
mysql_bind_address => '127.0.0.1',
mysql_account_security => $mysql_account_security,
keystone_db_user => $keystone_db_user,
keystone_db_password => $keystone_db_password,
keystone_db_dbname => $keystone_db_dbname,
glance_db_user => $glance_db_user,
glance_db_password => $glance_db_password,
glance_db_dbname => $glance_db_dbname,
nova_db_user => $nova_db_user,
nova_db_password => $nova_db_password,
nova_db_dbname => $nova_db_dbname,
}
}
}
####### KEYSTONE ###########
class { 'openstack::keystone':
verbose => $verbose,
db_type => $db_type,
db_host => '127.0.0.1',
keystone_db_password => $keystone_db_password,
keystone_db_dbname => $keystone_db_dbname,
keystone_db_user => $keystone_db_user,
keystone_admin_token => $keystone_admin_token,
admin_email => $admin_email,
admin_password => $admin_password,
public_address => $public_address,
internal_address => '127.0.0.1',
admin_address => '127.0.0.1',
}
######## GLANCE ##########
class { 'openstack::glance':
verbose => $verbose,
db_type => $db_type,
db_host => '127.0.0.1',
glance_db_user => $glance_db_user,
glance_db_dbname => $glance_db_dbname,
glance_db_password => $glance_db_password,
glance_user_password => $glance_user_password,
public_address => $public_address,
admin_address => '127.0.0.1',
internal_address => '127.0.0.1',
}
######## NOVA ###########
#
# indicates that all nova config entries that we did
@ -95,184 +139,78 @@ class openstack::all(
}
}
# set up mysql server
class { 'mysql::server':
config_hash => {
# the priv grant fails on precise if I set a root password
'root_password' => $mysql_root_password,
'bind_address' => '127.0.0.1'
}
class { 'openstack::nova::controller':
# Network
network_manager => $network_manager,
network_config => $network_config,
private_interface => $private_interface,
public_interface => $public_interface,
floating_range => $floating_range,
fixed_range => $fixed_range,
public_address => $public_address,
admin_address => '127.0.0.1',
internal_address => '127.0.0.1',
auto_assign_floating_ip => $auto_assign_floating_ip,
create_networks => $create_networks,
num_networks => $num_networks,
multi_host => false,
# Nova
nova_user_password => $nova_user_password,
nova_db_password => $nova_db_password,
nova_db_user => $nova_db_user,
nova_db_dbname => $nova_db_dbname,
# Rabbit
rabbit_user => $rabbit_user,
rabbit_password => $rabbit_password,
# Glance
glance_api_servers => '127.0.0.1:9292',
# VNC
vnc_enabled => $vnc_enabled,
# General
verbose => $verbose,
enabled => $enabled,
exported_resources => false,
}
####### KEYSTONE ###########
# set up keystone database
class { 'keystone::db::mysql':
password => $keystone_db_password,
}
# set up the keystone config for mysql
class { 'keystone::config::mysql':
password => $keystone_db_password,
}
# set up keystone
class { 'keystone':
admin_token => $keystone_admin_token,
bind_host => '0.0.0.0',
log_verbose => $verbose,
log_debug => $verbose,
catalog_type => 'sql',
}
# set up keystone admin users
class { 'keystone::roles::admin':
email => $admin_email,
password => $admin_password,
admin_tenant => $keystone_admin_tenant,
}
# set up the keystone service and endpoint
class { 'keystone::endpoint': }
######## END KEYSTONE ##########
######## BEGIN GLANCE ##########
# set up keystone user, endpoint, service
class { 'glance::keystone::auth':
password => $glance_user_password,
public_address => $public_address,
}
# creat glance db/user/grants
class { 'glance::db::mysql':
host => '127.0.0.1',
password => $glance_db_password,
}
# configure glance api
class { 'glance::api':
log_verbose => $verbose,
log_debug => $verbose,
auth_type => 'keystone',
auth_host => '127.0.0.1',
auth_port => '35357',
keystone_tenant => 'services',
keystone_user => 'glance',
keystone_password => $glance_user_password,
}
# configure glance to store images to disk
class { 'glance::backend::file': }
class { 'glance::registry':
log_verbose => $verbose,
log_debug => $verbose,
auth_type => 'keystone',
auth_host => '127.0.0.1',
auth_port => '35357',
keystone_tenant => 'services',
keystone_user => 'glance',
keystone_password => $glance_user_password,
sql_connection => "mysql://glance:${glance_db_password}@127.0.0.1/glance",
}
######## END GLANCE ###########
######## BEGIN NOVA ###########
class { 'nova::keystone::auth':
password => $nova_user_password,
public_address => $public_address,
}
class { 'nova::rabbitmq':
userid => $rabbit_user,
password => $rabbit_password,
}
class { 'nova::db::mysql':
password => $nova_db_password,
host => 'localhost',
}
class { 'nova':
sql_connection => "mysql://nova:${nova_db_password}@localhost/nova",
rabbit_userid => $rabbit_user,
rabbit_password => $rabbit_password,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => '127.0.0.1:9292',
verbose => $verbose,
}
class { 'nova::api':
enabled => true,
admin_password => $nova_user_password,
}
# set up networking
class { 'nova::network':
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
floating_range => $floating_range,
install_service => true,
enabled => true,
network_manager => $network_manager,
config_overrides => $network_config,
create_networks => true,
}
if $auto_assign_floating_ip {
nova_config { 'auto_assign_floating_ip': value => 'True'; }
}
# a bunch of nova services that require no configuration
class { [
'nova::scheduler',
'nova::objectstore',
'nova::volume',
'nova::cert',
'nova::consoleauth'
]:
enabled => true
}
class { 'nova::vncproxy':
enabled => true,
host => $public_hostname,
}
class { 'nova::compute':
enabled => true,
vnc_enabled => true,
class { 'openstack::nova::compute':
# Network
public_address => $public_address,
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
network_manager => $network_manager,
network_config => $network_config,
multi_host => false,
# Virtualization
libvirt_type => $libvirt_type,
# Volumes
nova_volume => $nova_volume,
manage_volumes => true,
iscsi_ip_address => '127.0.0.1',
# VNC
vnc_enabled => $vnc_enabled,
vncserver_listen => $vnc_server_listen,
vncserver_proxyclient_address => '127.0.0.1',
vncproxy_host => $public_address,
vncproxy_host => '127.0.0.1',
# Nova
nova_user_password => $nova_user_password,
# General
verbose => $verbose,
exported_resources => false,
enabled => $enabled,
}
class { 'nova::compute::libvirt':
libvirt_type => $libvirt_type,
vncserver_listen => '127.0.0.1',
}
class { 'nova::volume::iscsi':
volume_group => $nova_volume,
iscsi_ip_address => '127.0.0.1',
}
# nova::network::bridge { 'br100':
# ip => '11.0.0.1',
# netmask => '255.255.255.0',
# }
######## Horizon ########
class { 'memcached':
listen_ip => '127.0.0.1',
class { 'openstack::horizon':
secret_key => $secret_key,
cache_server_ip => $cache_server_ip,
cache_server_port => $cache_server_port,
swift => $swift,
quantum => $quantum,
horizon_app_links => $horizon_app_links,
}
class { 'horizon':
secret_key => $secret_key,
}
######## End Horizon #####
######## auth file ########
class { 'openstack::auth_file': }
}

14
deployment/puppet/openstack/manifests/auth_file.pp
View File

@ -4,11 +4,11 @@
# against a keystone server.
#
class openstack::auth_file(
$admin_password,
$controller_node = '127.0.0.1',
$keystone_admin_token = 'keystone_admin_token',
$admin_user = 'admin',
$admin_tenant = 'openstack'
$admin_password = $::openstack::params::admin_password,
$public_address = $::openstack::params::public_address,
$keystone_admin_token = $::openstack::params::keystone_admin_token,
$admin_tenant = $::openstack::params::keystone_admin_tenant,
$admin_user = 'admin'
) {
file { '/root/openrc':
content =>
@ -16,10 +16,10 @@ class openstack::auth_file(
export OS_TENANT_NAME=${admin_tenant}
export OS_USERNAME=${admin_user}
export OS_PASSWORD=${admin_password}
export OS_AUTH_URL=\"http://${controller_node}:5000/v2.0/\"
export OS_AUTH_URL=\"http://${public_address}:5000/v2.0/\"
export OS_AUTH_STRATEGY=keystone
export SERVICE_TOKEN=${keystone_admin_token}
export SERVICE_ENDPOINT=http://${controller_node}:35357/v2.0/
export SERVICE_ENDPOINT=http://${public_address}:35357/v2.0/
"
}
}

223
deployment/puppet/openstack/manifests/compute.pp
View File

@ -1,4 +1,6 @@
#
# == Class: openstack::compute
#
# This class is intended to serve as
# a way of deploying compute nodes.
#
@ -7,142 +9,115 @@
# - flatdhcp networking is used
# - glance is used as the backend for the image service
#
# TODO - I need to make the choise of networking configurable
# === Parameters
#
# See params.pp
#
# [private_interface] Interface used for vm networking connectivity. Required.
# [internal_address] Internal address used for management. Required.
# [public_interface] Public interface used to route public traffic. Optional.
# Defaults to false.
# [fixed_range] Range of ipv4 network for vms.
# [network_manager] Nova network manager to use.
# [multi_host] Rather node should support multi-host networking mode for HA.
# Optional. Defaults to false.
# [network_config] Hash that can be used to pass implementation specifc
# network settings. Optioal. Defaults to {}
# [sql_connection] SQL connection information. Optional. Defaults to false
# which indicates that exported resources will be used to determine connection
# information.
# [nova_user_password] Nova service password.
# [rabbit_host] RabbitMQ host. False indicates it should be collected.
# Optional. Defaults to false,
# [rabbit_password] RabbitMQ password. Optional. Defaults to 'rabbit_pw',
# [rabbit_user] RabbitMQ user. Optional. Defaults to 'nova',
# [glance_api_servers] List of glance api servers of the form HOST:PORT
# delimited by ':'. False indicates that the resource should be collected.
# Optional. Defaults to false,
# [libvirt_type] Underlying libvirt supported hypervisor.
# Optional. Defaults to 'kvm',
# [vncproxy_host] Host that serves as vnc proxy. Optional.
# Defaults to false. False indicates that a vnc proxy should not be configured.
# [vnc_enabled] Rather vnc console should be enabled.
# Optional. Defaults to 'true',
# [verbose] Rather components should log verbosely.
# Optional. Defaults to false.
# [manage_volumes] Rather nova-volume should be enabled on this compute node.
# Optional. Defaults to false.
# [nova_volumes] Name of volume group in which nova-volume will create logical volumes.
# Optional. Defaults to nova-volumes.
# === Examples
#
class openstack::compute(
$private_interface,
$internal_address,
# networking config
$public_interface = undef,
$fixed_range = '10.0.0.0/16',
$network_manager = 'nova.network.manager.FlatDHCPManager',
$multi_host = false,
$network_config = {},
# my address
# conection information
$sql_connection = false,
$nova_user_password = 'nova_pass',
$rabbit_host = false,
$rabbit_password = 'rabbit_pw',
$rabbit_user = 'nova',
# class { 'openstack::compute':
# libvirt_type => 'kvm',
# }
#
class openstack::compute (
# Network
$public_address = $::openstack::params::public_address,
$public_interface = $::openstack::params::public_interface,
$private_interface = $::openstack::params::private_interface,
$internal_address = $::openstack::params::internal_address,
$fixed_range = $::openstack::params::fixed_range,
$network_manager = $::openstack::params::network_manager,
$multi_host = $::openstack::params::multi_host,
$network_config = $::openstack::params::network_config,
# DB
$sql_connection = $::openstack::params::sql_connection,
# Nova
$nova_user_password = $::openstack::params::nova_user_password,
$purge_nova_config = $::openstack::params::purge_nova_config,
# Rabbit
$rabbit_host = $::openstack::params::rabbit_host,
$rabbit_password = $::openstack::params::rabbit_password,
$rabbit_user = $::openstack::params::rabbit_user,
# Glance
$glance_api_servers = false,
# nova compute configuration parameters
$libvirt_type = 'kvm',
$vncproxy_host = false,
$vnc_enabled = 'true',
$verbose = false,
$manage_volumes = false,
$nova_volume = 'nova-volumes'
) {
# Virtualization
$libvirt_type = $::openstack::params::libvirt_type,
# VNC
$vncproxy_host = $::openstack::params::vncproxy_host,
$vnc_enabled = $::openstack::params::vnc_enabled,
$vncserver_proxyclient_address = $::openstack::params::vncserver_proxyclient_address,
# Volumes
$manage_volumes = $::openstack::params::manage_volumes,
$nova_volume = $::openstack::params::nova_volume,
# General
$verbose = $::openstack::params::verbose,
$exported_resources = $::openstack::params::exported_resources,
$enabled = $::openstack::params::enabled
) inherits openstack::params {
class { 'nova':
sql_connection => $sql_connection,
rabbit_host => $rabbit_host,
rabbit_userid => $rabbit_user,
rabbit_password => $rabbit_password,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => $glance_api_servers,
verbose => $verbose,
#
# indicates that all nova config entries that we did
# not specifify in Puppet should be purged from file
#
if ($purge_nova_config) {
resources { 'nova_config':
purge => true,
}
}
class { 'nova::compute':
enabled => true,
vnc_enabled => $vnc_enabled,
vncserver_proxyclient_address => $internal_address,
vncproxy_host => $vncproxy_host,
}
class { 'nova::compute::libvirt':
libvirt_type => $libvirt_type,
vncserver_listen => $internal_address,
}
# if the compute node should be configured as a multi-host
# compute installation
if $multi_host {
include keystone::python
nova_config {
'multi_host': value => 'True';
'send_arp_for_ha': value => 'True';
}
if ! $public_interface {
fail('public_interface must be defined for multi host compute nodes')
}
$enable_network_service = true
class { 'nova::api':
enabled => true,
admin_tenant_name => 'services',
admin_user => 'nova',
admin_password => $nova_user_password,
}
if $exported_resources {
Nova_config <<||>>
$final_sql_connection = false
$glance_connection = false
$rabbit_connection = false
} else {
$enable_network_service = false
nova_config {
'multi_host': value => 'False';
'send_arp_for_ha': value => 'False';
$final_sql_connection = $sql_connection
$glance_connection = $glance_api_servers
$rabbit_connection = $rabbit_host
}
# Configure Nova
if $enabled {
class { 'nova':
sql_connection => $final_sql_connection,
rabbit_userid => $rabbit_user,
rabbit_password => $rabbit_password,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => $glance_connection,
verbose => $verbose,
rabbit_host => $rabbit_connection,
}
}
# set up configuration for networking
class { 'nova::network':
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
floating_range => false,
network_manager => $network_manager,
config_overrides => $network_config,
create_networks => false,
enabled => $enable_network_service,
install_service => $enable_network_service,
}
if $manage_volumes {
class { 'nova::volume':
enabled => true,
if $enabled {
class { 'openstack::nova::compute':
# Network
public_address => $public_address,
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
network_manager => $network_manager,
network_config => $network_config,
multi_host => $multi_host,
# Virtualization
libvirt_type => $libvirt_type,
# Volumes
nova_volume => $nova_volume,
manage_volumes => $manage_volumes,
iscsi_ip_address => $iscsi_ip_address,
# VNC
vnc_enabled => $vnc_enabled,
vncserver_listen => $vnc_server_listen,
vncserver_proxyclient_address => $vncserver_proxyclient_address,
vncproxy_host => $vncproxy_host,
# Nova
nova_user_password => $nova_user_password,
# General
verbose => $verbose,
exported_resources => $exported_resources,
enabled => $enabled,
}
class { 'nova::volume::iscsi':
volume_group => $nova_volume,
iscsi_ip_address => $internal_address,
}
}
}

449
deployment/puppet/openstack/manifests/controller.pp
View File

@ -1,327 +1,186 @@
#
# This can be used to build out the simplest openstack controller
#
# === Parameters
#
# $export_resources - Whether resources should be exported
# See params.pp
#
# [public_interface] Public interface used to route public traffic. Required.
# [public_address] Public address for public endpoints. Required.
# [private_interface] Interface used for vm networking connectivity. Required.
# [internal_address] Internal address used for management. Required.
# [mysql_root_password] Root password for mysql server.
# [admin_email] Admin email.
# [admin_password] Admin password.
# [keystone_db_password] Keystone database password.
# [keystone_admin_token] Admin token for keystone.
# [glance_db_password] Glance DB password.
# [glance_user_password] Glance service user password.
# [nova_db_password] Nova DB password.
# [nova_user_password] Nova service password.
# [rabbit_password] Rabbit password.
# [rabbit_user] Rabbit User.
# [network_manager] Nova network manager to use.
# [fixed_range] Range of ipv4 network for vms.
# [floating_range] Floating ip range to create.
# [create_networks] Rather network and floating ips should be created.
# [num_networks] Number of networks that fixed range should be split into.
# [multi_host] Rather node should support multi-host networking mode for HA.
# Optional. Defaults to false.
# [auto_assign_floating_ip] Rather configured to automatically allocate and
# assign a floating IP address to virtual instances when they are launched.
# Defaults to false.
# [network_config] Hash that can be used to pass implementation specifc
# network settings. Optioal. Defaults to {}
# [verbose] Rahter to log services at verbose.
# [export_resources] Rather to export resources.
# Horizon related config - assumes puppetlabs-horizon code
# [secret_key] secret key to encode cookies,
# [cache_server_ip] local memcached instance ip
# [cache_server_port] local memcached instance port
# [swift] (bool) is swift installed
# [quantum] (bool) is quantum installed
# The next is an array of arrays, that can be used to add call-out links to the dashboard for other apps.
# There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose.
# Each app is defined in two parts, the display name, and the URI
# [horizon_app_links] array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]'
# === Examples
#
# [enabled] Whether services should be enabled. This parameter can be used to
# implement services in active-passive modes for HA. Optional. Defaults to true.
class openstack::controller(
# my address
$public_address,
$public_interface,
$private_interface,
$internal_address,
$admin_address = $internal_address,
# connection information
$mysql_root_password = undef,
$admin_email = 'some_user@some_fake_email_address.foo',
$admin_password = 'ChangeMe',
$keystone_db_password = 'keystone_pass',
$keystone_admin_token = 'keystone_admin_token',
$keystone_admin_tenant = 'openstack',
$glance_db_password = 'glance_pass',
$glance_user_password = 'glance_pass',
$nova_db_password = 'nova_pass',
$nova_user_password = 'nova_pass',
$rabbit_password = 'rabbit_pw',
$rabbit_user = 'nova',
# network configuration
# this assumes that it is a flat network manager
$network_manager = 'nova.network.manager.FlatDHCPManager',
# this number has been reduced for performance during testing
$fixed_range = '10.0.0.0/16',
$floating_range = false,
$create_networks = true,
$num_networks = 1,
$multi_host = false,
$auto_assign_floating_ip = false,
# TODO need to reconsider this design...
# this is where the config options that are specific to the network
# types go. I am not extremely happy with this....
$network_config = {},
# I do not think that this needs a bridge?
$verbose = false,
$export_resources = true,
$secret_key = 'dummy_secret_key',
$cache_server_ip = '127.0.0.1',
$cache_server_port = '11211',
$swift = false,
$quantum = false,
$horizon_app_links = false,
$enabled = true
) {
$glance_api_servers = "${internal_address}:9292"
$nova_db = "mysql://nova:${nova_db_password}@${internal_address}/nova"
if ($export_resources) {
# export all of the things that will be needed by the clients
@@nova_config { 'rabbit_host': value => $internal_address }
Nova_config <| title == 'rabbit_host' |>
@@nova_config { 'sql_connection': value => $nova_db }
Nova_config <| title == 'sql_connection' |>
@@nova_config { 'glance_api_servers': value => $glance_api_servers }
Nova_config <| title == 'glance_api_servers' |>
@@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" }
$sql_connection = false
$glance_connection = false
$rabbit_connection = false
} else {
$sql_connection = $nova_db
$glance_connection = $glance_api_servers
$rabbit_connection = $internal_address
}
# class { 'openstack::controller':
# public_address => '192.168.0.3',
# public_interface => 'eth0',
# private_interface => 'eth1',
# admin_email => 'my_email@mw.com',
# admin_password => 'my_admin_password',
# }
#
class openstack::controller (
# Network
$public_address = $::openstack::params::public_address,
$public_interface = $::openstack::params::public_interface,
$private_interface = $::openstack::params::private_interface,
$internal_address = $::openstack::params::internal_address,
$admin_address = $::openstack::params::admin_address,
$network_manager = $::openstack::params::network_manager,
$fixed_range = $::openstack::params::fixed_range,
$floating_range = $::openstack::params::floating_range,
$create_networks = $::openstack::params::create_networks,
$num_networks = $::openstack::params::num_networks,
$multi_host = $::openstack::params::multi_host,
$auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip,
$network_config = $::openstack::params::network_config,
# Database
$db_type = $::openstack::params::db_type,
$mysql_root_password = $::openstack::params::mysql_root_password,
$mysql_account_security = $::openstack::params::mysql_account_security,
$mysql_bind_address = $::openstack::params::mysql_bind_address,
# Keystone
$admin_email = $::openstack::params::admin_email,
$admin_password = $::openstack::params::admin_password,
$keystone_db_user = $::openstack::params::keystone_db_user,
$keystone_db_password = $::openstack::params::keystone_db_password,
$keystone_db_dbname = $::openstack::params::keystone_db_dbname,
$keystone_admin_token = $::openstack::params::keystone_admin_token,
# Glance
$glance_db_user = $::openstack::params::glance_db_user,
$glance_db_password = $::openstack::params::glance_db_password,
$glance_db_dbname = $::openstack::params::glance_db_dbname,
$glance_user_password = $::openstack::params::glance_user_password,
$glance_api_servers = $::openstack::params::glance_api_servers,
# Nova
$nova_db_user = $::openstack::params::nova_db_user,
$nova_db_password = $::openstack::params::nova_db_password,
$nova_user_password = $::openstack::params::nova_user_password,
$nova_db_dbname = $::openstack::params::nova_db_dbname,
$purge_nova_config = $::openstack::params::purge_nova_config,
# Rabbit
$rabbit_password = $::openstack::params::rabbit_password,
$rabbit_user = $::openstack::params::rabbit_user,
# Horizon
$secret_key = $::openstack::params::secret_key,
$cache_server_ip = $::openstack::params::cache_server_ip,
$cache_server_port = $::openstack::params::cache_server_port,
$swift = $::openstack::params::swift,
$quantum = $::openstack::params::quantum,
$horizon_app_links = $::openstack::params::horizon_app_links,
# General
$verbose = $::openstack::params::verbose,
$exported_resources = $::openstack::params::exported_resources,
$enabled = $::openstack::params::enabled
) inherits openstack::params {
####### DATABASE SETUP ######
# set up mysql server
class { 'mysql::server':
config_hash => {
# the priv grant fails on precise if I set a root password
# TODO I should make sure that this works
'root_password' => $mysql_root_password,
'bind_address' => '0.0.0.0'
},
enabled => $enabled,
}
if ($enabled) {
# set up all openstack databases, users, grants
class { 'keystone::db::mysql':
password => $keystone_db_password,
}
Class['glance::db::mysql'] -> Class['glance::registry']
class { 'glance::db::mysql':
host => '127.0.0.1',
password => $glance_db_password,
}
# TODO should I allow all hosts to connect?
class { 'nova::db::mysql':
password => $nova_db_password,
host => $internal_address,
allowed_hosts => '%',
if $enabled {
# set up mysql server
case $db_type {
'mysql': {
class { 'openstack::db::mysql':
mysql_root_password => $mysql_root_password,
mysql_bind_address => $mysql_bind_address,
mysql_account_security => $mysql_account_security,
keystone_db_user => $keystone_db_user,
keystone_db_password => $keystone_db_password,
keystone_db_dbname => $keystone_db_dbname,
glance_db_user => $glance_db_user,
glance_db_password => $glance_db_password,
glance_db_dbname => $glance_db_dbname,
nova_db_user => $nova_db_user,
nova_db_password => $nova_db_password,
nova_db_dbname => $nova_db_dbname,
}
}
}
}
####### KEYSTONE ###########
# set up keystone
class { 'keystone':
admin_token => $keystone_admin_token,
# we are binding keystone on all interfaces
# the end user may want to be more restrictive
bind_host => '0.0.0.0',
log_verbose => $verbose,
log_debug => $verbose,
catalog_type => 'sql',
enabled => $enabled,
}
# set up keystone database
# set up the keystone config for mysql
class { 'keystone::config::mysql':
password => $keystone_db_password,
}
if ($enabled) {
# set up keystone admin users
class { 'keystone::roles::admin':
email => $admin_email,
password => $admin_password,
admin_tenant => $keystone_admin_tenant,
}
# set up the keystone service and endpoint
class { 'keystone::endpoint':
public_address => $public_address,
internal_address => $internal_address,
admin_address => $admin_address,
}
# set up glance service,user,endpoint
class { 'glance::keystone::auth':
password => $glance_user_password,
public_address => $public_address,
internal_address => $internal_address,
admin_address => $admin_address,
before => [Class['glance::api'], Class['glance::registry']]
}
# set up nova serice,user,endpoint
class { 'nova::keystone::auth':
password => $nova_user_password,
public_address => $public_address,
internal_address => $internal_address,
admin_address => $admin_address,
before => Class['nova::api'],
class { 'openstack::keystone':
verbose => $verbose,
db_type => $db_type,
db_host => '127.0.0.1',
keystone_db_password => $keystone_db_password,
keystone_db_dbname => $keystone_db_dbname,
keystone_db_user => $keystone_db_user,
keystone_admin_token => $keystone_admin_token,
admin_email => $admin_email,
admin_password => $admin_password,
public_address => $public_address,
internal_address => $internal_address,
admin_address => $admin_address,
}
}
######## END KEYSTONE ##########
######## BEGIN GLANCE ##########
class { 'glance::api':
log_verbose => $verbose,
log_debug => $verbose,
auth_type => 'keystone',
auth_host => '127.0.0.1',
auth_port => '35357',
keystone_tenant => 'services',
keystone_user => 'glance',
keystone_password => $glance_user_password,
enabled => $enabled,
if ($enabled) {
class { 'openstack::glance':
verbose => $verbose,
db_type => $db_type,
db_host => '127.0.0.1',
glance_db_user => $glance_db_user,
glance_db_dbname => $glance_db_dbname,
glance_db_password => $glance_db_password,
glance_user_password => $glance_user_password,
public_address => $public_address,
admin_address => $admin_address,
internal_address => $internal_addrss,
}
}
class { 'glance::backend::file': }
class { 'glance::registry':
log_verbose => $verbose,
log_debug => $verbose,
auth_type => 'keystone',
auth_host => '127.0.0.1',
auth_port => '35357',
keystone_tenant => 'services',
keystone_user => 'glance',
keystone_password => $glance_user_password,
sql_connection => "mysql://glance:${glance_db_password}@127.0.0.1/glance",
enabled => $enabled,
}
######## END GLANCE ###########
######## BEGIN NOVA ###########
class { 'nova::rabbitmq':
userid => $rabbit_user,
password => $rabbit_password,
enabled => $enabled,
}
# TODO I may need to figure out if I need to set the connection information
# or if I should collect it
class { 'nova':
sql_connection => $sql_connection,
# this is false b/c we are exporting
rabbit_host => $rabbit_connection,
rabbit_userid => $rabbit_user,
rabbit_password => $rabbit_password,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => $glance_connection,
verbose => $verbose,
}
class { 'nova::api':
enabled => $enabled,
# TODO this should be the nova service credentials
#admin_tenant_name => 'openstack',
#admin_user => 'admin',
#admin_password => $admin_service_password,
admin_tenant_name => 'services',
admin_user => 'nova',
admin_password => $nova_user_password,
}
class { [
'nova::cert',
'nova::consoleauth',
'nova::scheduler',
'nova::objectstore',
'nova::vncproxy'
]:
enabled => $enabled,
}
if $multi_host {
nova_config { 'multi_host': value => 'True'; }
$enable_network_service = false
} else {
if $enabled == true {
$enable_network_service = true
} else {
$enable_network_service = false
#
# indicates that all nova config entries that we did
# not specifify in Puppet should be purged from file
#
if ($purge_nova_config) {
resources { 'nova_config':
purge => true,
}
}
if $enabled {
$really_create_networks = $create_networks
} else {
$really_create_networks = false
}
# set up networking
class { 'nova::network':
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
floating_range => $floating_range,
network_manager => $network_manager,
config_overrides => $network_config,
create_networks => $really_create_networks,
num_networks => $num_networks,
enabled => $enable_network_service,
install_service => $enable_network_service,
}
if $auto_assign_floating_ip {
nova_config { 'auto_assign_floating_ip': value => 'True'; }
class { 'openstack::nova::controller':
# Network
network_manager => $network_manager,
network_config => $network_config,
private_interface => $private_interface,
public_interface => $public_interface,
floating_range => $floating_range,
fixed_range => $fixed_range,
public_address => $public_address,
admin_address => $admin_address,
internal_address => $internal_address,
auto_assign_floating_ip => $auto_assign_floating_ip,
create_networks => $create_networks,
num_networks => $num_networks,
multi_host => $multi_host,
# Nova
nova_user_password => $nova_user_password,
nova_db_password => $nova_db_password,
nova_db_user => $nova_db_user,
nova_db_dbname => $nova_db_dbname,
# Rabbit
rabbit_user => $rabbit_user,
rabbit_password => $rabbit_password,
# Glance
glance_api_servers => $glance_api_servers,
# General
verbose => $verbose,
enabled => $enabled,
exported_resources => $exported_resources,
}
}
######## Horizon ########
# TOOO - what to do about HA for horizon?
class { 'memcached':
listen_ip => '127.0.0.1',
}
class { 'horizon':
secret_key => $secret_key,
cache_server_ip => $cache_server_ip,
class { 'openstack::horizon':
secret_key => $secret_key,
cache_server_ip => $cache_server_ip,
cache_server_port => $cache_server_port,
swift => $swift,
quantum => $quantum,
swift => $swift,
quantum => $quantum,
horizon_app_links => $horizon_app_links,
}
######## End Horizon #####
######## auth file ########
class { 'openstack::auth_file': }
}

79
deployment/puppet/openstack/manifests/db/mysql.pp Normal file
View File

@ -0,0 +1,79 @@
#
# === Class: openstack::db::mysql
#
# Create MySQL databases for all components of
# OpenStack that require a database
#
# === Parameters
#
# See params.pp
#
# === Example
#
# class { 'openstack::db::mysql':
# mysql_root_password => 'changeme',
# keystone_db_password => 'changeme',
# glance_db_password => 'changeme',
# nova_db_password => 'changeme',
# allowed_hosts => ['127.0.0.1', '10.0.0.%'],
# }
class openstack::db::mysql (
# MySQL
$mysql_bind_address = $::openstack::params::mysql_bind_address,
$allowed_hosts = $::openstack::params::mysql_allowed_hosts,
$mysql_root_password = $::openstack::params::mysql_root_password,
$mysql_account_security = $::openstack::params::mysql_account_security,
# Keystone
$keystone_db_user = $::openstack::params::keystone_db_user,
$keystone_db_dbname = $::openstack::params::keystone_db_dbname,
$keystone_db_password = $::openstack::params::keystone_db_password,
# Glance
$glance_db_user = $::openstack::params::glance_db_user,
$glance_db_dbname = $::openstack::params::glance_db_dbname,
$glance_db_password = $::openstack::params::glance_db_password,
# Nova
$nova_db_user = $::openstack::params::nova_db_user,
$nova_db_dbname = $::openstack::params::nova_db_dbname,
$nova_db_password = $::openstack::params::nova_db_password
) {
# Install and configure MySQL Server
class { 'mysql::server':
config_hash => {
'root_password' => $mysql_root_password,
'bind_address' => $mysql_bind_address,
}
}
# If enabled, secure the mysql installation
# This removes default users and guest access
if $mysql_account_security {
class { 'mysql::server::account_security': }
}
# Create the Keystone db
class { 'keystone::db::mysql':
user => $keystone_db_user,
password => $keystone_db_password,
dbname => $keystone_db_dbname,
allowed_hosts => $allowed_hosts,
}
# Create the Glance db
class { 'glance::db::mysql':
user => $glance_db_user,
password => $glance_db_password,
dbname => $glance_db_dbname,
allowed_hosts => $allowed_hosts,
}
# Create the Nova db
class { 'nova::db::mysql':
user => $nova_db_user,
password => $nova_db_password,
dbname => $nova_db_dbname,
allowed_hosts => $allowed_hosts,
}
}

77
deployment/puppet/openstack/manifests/glance.pp Normal file
View File

@ -0,0 +1,77 @@
#
# == Class: openstack::glance
#
# Installs and configures Glance
# Assumes the following:
# - Keystone for authentication
# - keystone tenant: services
# - keystone username: glance
# - storage backend: file
#
# === Parameters
#
# See params.pp
#
# === Example
#
# class { 'openstack::glance':
# glance_user_password => 'changeme',
# db_password => 'changeme',
# public_address => '192.168.1.1',
# admin_addresss => '192.168.1.1',
# internal_address => '192.168.1.1',
# }
class openstack::glance (
$db_type = $::openstack::params::db_type,
$db_host = $::openstack::params::db_host,
$glance_db_user = $::openstack::params::glance_db_user,
$glance_db_dbname = $::openstack::params::glance_db_dbname,
$glance_user_password = $::openstack::params::glance_user_password,
$glance_db_password = $::openstack::params::glance_db_password,
$public_address = $::openstack::params::public_address,
$admin_address = $::openstack::params::admin_address,
$internal_address = $::openstack::params::internal_address,
$verbose = $::openstack::params::verbose
) inherits openstack::params {
# Configure the db string
case $db_type {
'mysql': {
$sql_connection = "mysql://${glance_db_user}:${glance_db_password}@${db_host}/${glance_db_dbname}"
}
}
# Install and configure glance-api
class { 'glance::api':
log_verbose => $verbose,
log_debug => $verbose,
auth_type => 'keystone',
keystone_tenant => 'services',
keystone_user => 'glance',
keystone_password => $glance_user_password,
}
# Install and configure glance-registry
class { 'glance::registry':
log_verbose => $verbose,
log_debug => $verbose,
auth_type => 'keystone',
keystone_tenant => 'services',
keystone_user => 'glance',
keystone_password => $glance_user_password,
sql_connection => $sql_connection,
}
# Configure file storage backend
class { 'glance::backend::file': }
# Configure Glance to use Keystone
class { 'glance::keystone::auth':
password => $glance_user_password,
public_address => $public_address,
admin_address => $admin_address,
internal_address => $internal_address,
}
}

33
deployment/puppet/openstack/manifests/horizon.pp Normal file
View File

@ -0,0 +1,33 @@
#
# == Class: openstack::horizon
#
# Class to install / configure horizon.
# Will eventually include apache and ssl.
#
# === Parameters
#
# See params.pp
#
class openstack::horizon (
$secret_key = $::openstack::params::secret_key,
$cache_server_ip = $::openstack::params::cache_server_ip,
$cache_server_port = $::openstack::params::cache_server_port,
$swift = $::openstack::params::swift,
$quantum = $::openstack::params::quantum,
$horizon_app_links = $::openstack::params::horizon_app_links
) {
class { 'memcached':
listen_ip => $cache_server_ip,
tcp_port => $cache_server_port,
udp_port => $cache_server_port,
}
class { '::horizon':
secret_key => $secret_key,
swift => $swift,
quantum => $quantum,
horizon_app_links => $horizon_app_links,
}
}

74
deployment/puppet/openstack/manifests/keystone.pp Normal file
View File

@ -0,0 +1,74 @@
#
# == Class: openstack::keystone
#
# Installs and configures Keystone
#
# === Parameters
#
# See params.pp
#
# === Example
#
# class { 'openstack::keystone':
# db_password => 'changeme',
# admin_token => '12345',
# admin_email => 'root@localhost',
# admin_password => 'changeme',
# public_address => '192.168.1.1',
# admin_addresss => '192.168.1.1',
# internal_address => '192.168.1.1',
# }
class openstack::keystone (
$db_type = $::openstack::params::db_type,
$db_host = $::openstack::params::db_host,
$keystone_db_user = $::openstack::params::keystone_db_user,
$keystone_db_password = $::openstack::params::keystone_db_password,
$keystone_db_dbname = $::openstack::params::keystone_db_dbname,
$keystone_admin_tenant = $::openstack::params::keystone_admin_tenant,
$keystone_admin_token = $::openstack::params::keystone_admin_token,
$admin_email = $::openstack::params::admin_email,
$admin_password = $::openstack::params::admin_password,
$public_address = $::openstack::params::public_address,
$admin_address = $::openstack::params::admin_address,
$internal_address = $::openstack::params::internal_address,
$verbose = $::openstack::params::verbose
) inherits openstack::params {
# Install and configure Keystone
class { '::keystone':
log_verbose => $verbose,
log_debug => $verbose,
catalog_type => 'sql',
admin_token => $keystone_admin_token,
}
# Setup the admin user
class { 'keystone::roles::admin':
email => $admin_email,
password => $admin_password,
admin_tenant => $keystone_admin_tenant,
}
# Setup the Keystone Identity Endpoint
class { 'keystone::endpoint':
public_address => $public_address,
admin_address => $admin_address,
internal_address => $internal_address,
}
# Configure the Keystone database
case $db_type {
'mysql': {
class { 'keystone::config::mysql':
user => $keystone_db_user,
password => $keystone_db_password,
host => $db_host,
dbname => $keystone_db_dbname,
}
}
}
}

107
deployment/puppet/openstack/manifests/nova/compute.pp Normal file
View File

@ -0,0 +1,107 @@
#
# == Class: openstack::nova::compute
#
# Manifest to install/configure nova-compute and nova-volume
#
# === Parameters
#
# See params.pp
#
class openstack::nova::compute (
# Network
$public_address = $::openstack::params::public_address,
$private_interface = $::openstack::params::private_interface,
$public_interface = $::openstack::params::public_interface,
$fixed_range = $::openstack::params::fixed_range,
$network_manager = $::openstack::params::network_manager,
$network_config = $::openstack::params::network_config,
$multi_host = $::openstack::params::multi_host,
# Virtualization
$libvirt_type = $::openstack::params::libvirt_type,
# Volumes
$nova_volume = $::openstack::params::nova_volume,
$manage_volumes = $::openstack::params::manage_volume,
$iscsi_ip_address = $::openstack::params::iscsi_ip_address,
# VNC
$vnc_enabled = $::openstack::params::vnc_enabled,
$vncserver_listen = $::openstack::params::vncserver_listen,
$vncserver_proxyclient_address = $::openstack::params::vncserver_proxyclient_address,
$vncproxy_host = $::openstack::params::vncproxy_host,
# Nova
$nova_user_password = $::openstack::params::nova_user_password,
# General
$verbose = $::openstack::params::verbose,
$exported_resources = $::openstack::params::exported_resources,
$enabled = $::openstack::params::enabled
) inherits openstack::params {
# Install / configure nova-compute
class { '::nova::compute':
enabled => true,
vnc_enabled => $vnc_enabled,
vncserver_proxyclient_address => $vncserver_proxyclient_address,
vncproxy_host => $vncproxy_host,
}
# Configure libvirt for nova-compute
class { 'nova::compute::libvirt':
libvirt_type => $libvirt_type,
vncserver_listen => $vncserver_listen,
}
# if the compute node should be configured as a multi-host
# compute installation
if $multi_host {
include keystone::python
nova_config {
'multi_host': value => 'True';
'send_arp_for_ha': value => 'True';
}
if ! $public_interface {
fail('public_interface must be defined for multi host compute nodes')
}
$enable_network_service = true
class { 'nova::api':
enabled => $enabled,
admin_tenant_name => 'services',
admin_user => 'nova',
admin_password => $nova_user_password,
}
} else {
$enable_network-service = false
nova_config {
'multi_host': value => 'False';
'send_arp_for_ha': value => 'False';
}
}
# set up configuration for networking
if $enable_network_service {
class { 'nova::network':
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
floating_range => false, # double check
network_manager => $network_manager,
config_overrides => $network_config,
create_networks => false, # double check
enabled => $enable_network_service,
install_service => $enable_network_service,
}
}
if $manage_volumes {
# Install / configure nova-volume
class { 'nova::volume':
enabled => $enabled,
}
if $enabled {
class { 'nova::volume::iscsi':
volume_group => $nova_volume,
iscsi_ip_address => $internal_address,
}
}
}
}

165
deployment/puppet/openstack/manifests/nova/controller.pp Normal file
View File

@ -0,0 +1,165 @@
#
# == Class: openstack::nova::controller
#
# Class to define nova components used in a controller architecture.
# Basically everything but nova-compute and nova-volume
#
# === Parameters
#
# See params.pp
#
class openstack::nova::controller (
# Network
$network_manager = $::openstack::params::network_manager,
$network_config = $::openstack::params::network_config,
$private_interface = $::openstack::params::private_interface,
$public_interface = $::openstack::params::public_interface,
$floating_range = $::openstack::params::floating_range,
$fixed_range = $::openstack::params::fixed_range,
$public_address = $::openstack::params::public_address,
$admin_address = $::openstack::params::admin_address,
$internal_address = $::openstack::params::internal_address,
$auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip,
$create_networks = $::openstack::params::create_networks,
$num_networks = $::openstack::params::num_networks,
$multi_host = $::openstack::params::multi_host,
# Nova
$nova_user_password = $::openstack::params::nova_user_password,
$nova_db_user = $::openstack::params::nova_db_user,
$nova_db_password = $::openstack::params::nova_db_password,
$nova_db_dbname = $::openstack::params::nova_db_dbname,
# Rabbit
$rabbit_user = $::openstack::params::rabbit_user,
$rabbit_password = $::openstack::params::rabbit_password,
# Database
$db_type = $::openstack::params::db_type,
$db_host = $::openstack::params::db_host,
# Glance
$glance_api_servers = $::openstack::params::glance_api_servers,
# VNC
$vnc_enabled = $::openstack::params::vnc_enabled,
# General
$verbose = $::openstack::params::verbose,
$enabled = $::openstack::params::enabled,
$exported_resources = $::openstack::params::exported_resources
) inherits openstack::params {
# Configure the db string
case $db_type {
'mysql': {
$nova_db = "mysql://${nova_db_user}:${nova_db_password}@${db_host}/${nova_db_dbname}"
}
}
# Might need fixed
# $glance_api_servers = "${internal_address}:9292"
if ($export_resources) {
# export all of the things that will be needed by the clients
@@nova_config { 'rabbit_host': value => $internal_address }
Nova_config <| title == 'rabbit_host' |>
@@nova_config { 'sql_connection': value => $nova_db }
Nova_config <| title == 'sql_connection' |>
@@nova_config { 'glance_api_servers': value => $glance_api_servers }
Nova_config <| title == 'glance_api_servers' |>
@@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" }
$sql_connection = false
$glance_connection = false
$rabbit_connection = false
} else {
$sql_connection = $nova_db
$glance_connection = $glance_api_servers
$rabbit_connection = $internal_address
}
# Install / configure rabbitmq
class { 'nova::rabbitmq':
userid => $rabbit_user,
password => $rabbit_password,
}
# Configure Nova to use Keystone
class { 'nova::keystone::auth':
password => $nova_user_password,
public_address => $public_address,
admin_address => $admin_address,
internal_address => $internal_address,
}
# Configure Nova
class { 'nova':
sql_connection => $sql_connection,
rabbit_userid => $rabbit_user,
rabbit_password => $rabbit_password,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => $glance_connection,
verbose => $verbose,
rabbit_host => $rabbit_connection,
}
# Configure nova-api
class { 'nova::api':
enabled => $enabled,
admin_password => $nova_user_password,
}
# Configure nova-network
if $multi_host {
nova_config { 'multi_host': value => 'True' }
$enable_network_service = false
} else {
if $enabled == true {
$enable_network_service = true
} else {
$enable_network-service = false
}
}
if $enabled {
$really_create_networks = $create_networks
} else {
$really_create_networks = false
}
class { 'nova::network':
private_interface => $private_interface,
public_interface => $public_interface,
fixed_range => $fixed_range,
floating_range => $floating_range,
network_manager => $network_manager,
config_overrides => $network_config,
create_networks => $really_create_networks,
num_networks => $num_networks,
enabled => $enable_network_service,
install_service => $enable_network_service,
}
if $auto_assign_floating_ip {
nova_config { 'auto_assign_floating_ip': value => 'True' }
}
# a bunch of nova services that require no configuration
class { [
'nova::scheduler',
'nova::objectstore',
'nova::volume',
'nova::cert',
'nova::consoleauth'
]:
enabled => true
}
if $vnc_enabled {
class { 'nova::vncproxy':
enabled => true,
host => $public_address,
}
}
}

362
deployment/puppet/openstack/manifests/params.pp Normal file
View File

@ -0,0 +1,362 @@
#
# == Class: Parameters
#
# Convenient location to store default parameters.
# Able to be overridden in individual classes.
#
# === Parameters
#
# ==== General
#
# [enabled]
# - Whether services should be enabled. This parameter can be used to
# implement services in active-passive modes for HA. Optional.
# - Defaults to true.
#
# [verbose]
# - If the services should log verbosely. Optional.
# - Defaults to false.
#
# [exported_resources]
# - Whether or not to use exported resources
# - Defautlts to true
#
# ==== Network
#
# [public_address]
# - Public address used by vnchost. Optional.
# - Defaults to ipaddress_eth0
#
# [public_interface]
# - The interface used to route public traffic by the network service. Optional.
# - Defaults to eth0
#
# [private_interface]
# - The private interface used to bridge the VMs into a common network. Optional.
# - Defaults to eth1
#
# [internal_address]
# - Internal address used for management.
# - Defaults to ipaddress_eth1
#
# [public_address]
# [admin_address]
# - IP addresses for Keystone services
# - default: ipaddress_eth0
#
# [floating_range]
# - The floating ip range to be created. If it is false, then no floating ip range is created. Optional.
# - Defaults to false.
#
# [fixed_range]
# - The fixed private ip range to be created for the private VM network. Optional.
# - Defaults to '10.0.0.0/24'.
#
# [network_manager]
# - The network manager to use for the nova network service. Optional.
# - Defaults to 'nova.network.manager.FlatDHCPManager'.
#
# [iscsi_ip_address]
# - The IP address to use in the iscsi address
# - Defaults to $internal_address
#
# [auto_assign_floating_ip]
# - Rather configured to automatically allocate and assign a floating IP address to virtual instances when they are launched.
# - Defaults to false.
#
# [network_config]
# - Used to specify network manager specific parameters. Optional.
# - Defualts to {}.
#
# [create_networks]
# - Rather network and floating ips should be created.
# - Defaults to true
#
# [num_networks]
# - Number of networks that fixed range should be split into.
# - Defaults to 1
#
# [multi_host]
# - Node should support multi-host networking mode for HA.
# - Optional. Defaults to false.
#
#
# ==== Virtualization
#
# [libvirt_type]
# - The virualization type being controlled by libvirt. Optional.
# - Defaults to 'kvm'.
#
# ==== Volumes
#
# [nova_volume]
# - The name of the volume group to use for nova volume allocation. Optional.
# - Defaults to 'nova-volumes'.
#
# [manage_volumes]
# - Rather nova-volume should be enabled on this compute node.
# - Defaults to false.
#
# ==== Database
#
# [db_type]
# - which type of database to use
# - Defaults to 'mysql'
#
# [db_host]
# - where the db server is located
# - default: 127.0.0.1
#
# [sql_connection]
# - SQL connection information.
# - Defaults to false which indicates that exported resources will be used to determine connection information.
#
# ==== MySQL
#
# [mysql_root_password]
# - The root password to set for the mysql database. Optional.
# - Defaults to 'sql_pass'.
#
# [mysql_bind_address]
# - address for mysql to listen on
# - default: 0.0.0.0
#
# [mysql_account_security]
# - whether to secure the mysql installation
# - default: true
#
# [allowed_hosts]
# - array of hosts that can access the mysql server
# - default: ['127.0.0.1']
#
# ==== Rabbit
#
# [rabbit_password]
# - The password to use for the rabbitmq user. Optional.
# - Defaults to 'rabbit_pw'
#
# [rabbit_user]
# - The rabbitmq user to use for auth. Optional.
# - Defaults to 'nova'.
#
# [admin_email]
# - The admin's email address. Optional.
# - Defaults to 'root@localhost'
#
# [rabbit_host]
# - RabbitMQ host. False indicates it should be collected.
# - Defaults to false which indicates that exported resources will be used to determine connection information.
#
# ==== Keystone
#
# [keystone_db_user]
# - The name of the Keystone db user
# - Defaults to 'keystone'
#
# [keystone_db_password]
# - The default password for the keystone db user. Optional.
# - Defaults to 'keystone_pass'.
#
# [keystone_db_dbname]
# - The Keystone database name
# - Defaults to 'keystone'
#
# [keystone_admin_tenant]
# - The admin tenant name in Keystone
# - Defaults to 'admin'
#
# [keystone_admin_token]
# - The default auth token for keystone. Optional.
# - Defaults to 'keystone_admin_token'.
#
# [admin_email]
# - The email address for the Keystone admin user
# - Defaults to 'root@localhost'
#
# [admin_password]
# - The default password of the keystone admin. Optional.
# - Defaults to 'ChangeMe'.
#
# ==== Nova
#
# [nova_db_user]
# - The database user for Nova
# - Defaults to 'nova'
#
# [nova_db_password]
# - The nova db password. Optional.
# - Defaults to 'nova_pass'.
#
# [nova_user_password]
# - The password of the keystone user for the nova service. Optional.
# - Defaults to 'nova_pass'.
#
# [nova_db_dbname]
# - The database name for the Nova database
# - Defaults to 'nova'
#
# [purge_nova_config]
# - Whether unmanaged nova.conf entries should be purged. Optional.
# - Defaults to true.
#
# ==== Glance
#
# [glance_db_user]
# - The database user for Glance
# - Defaults to 'glance'
#
# [glance_db_password]
# - The password for the db user for glance. Optional.
# - Defaults to 'glance_pass'.
#
# [glance_user_password]
# - The password of the glance service user. Optional.
# - Defaults to 'glance_pass'.
#
# [glance_db_dbname]
# - The database name for the Glance database
# - Defaults to 'glance'
#
# [glance_api_servers]
# - List of glance api servers of the form HOST:PORT
# - Defaults to false which indicates that exported resources will be used to determine connection information.
#
# === Horizon related config - assumes puppetlabs-horizon code
#
# [secret_key]
# - secret key to encode cookies,
# - Defaults to 'dummy_secret_key'
#
# [cache_server_ip]
# - local memcached instance ip
# - Defaults to '127.0.0.1'
#
# [cache_server_port]
# - local memcached instance port
# - Defaults to '11211'
#
# [swift]
# - (bool) is swift installed
# - Defaults to false
#
# [quantum]
# - (bool) is quantum installed
# - Defaults to false
#
# [horizon_app_links]
# - array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]'
# - an array of arrays, that can be used to add call-out links to the dashboard for other apps.
# - There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose.
# - Each app is defined in two parts, the display name, and the URI
# - Defaults to false
#
# === VNC
#
# [vnc_enabled]
# - Rather vnc console should be enabled.
# - Defaults to 'true',
#
# [vncserver_listen]
# - The address on the compute node where VNC should listen
# - Defaults to $internal_address
#
# [vncserver_proxyclient_address]
# - The address where the controller should contact the vnc server on the compute node
# - Defaults to $internal_address
#
# [vncproxy_host]
# - Host that serves as vnc proxy. This should be the public address of your controller.
# - Defaults to $public_address
#
class openstack::params {
# Generic
$enabled = true
$verbose = false
$exported_resources = true
# Network
$public_address = $::ipaddress_eth0
$public_interface = 'eth0'
$internal_address = $::ipaddress_eth1
$admin_address = $internal_address
$private_interface = 'eth2'
$fixed_range = '192.168.30.0/24'
$floating_range = false
$network_manager = 'nova.network.manager.FlatDHCPManager'
$iscsi_ip_address = $internal_address
$auto_assign_floating_ip = false
$network_config = {}
$create_networks = true
$num_networks = 1
$multi_host = false
# Virtualization
$libvirt_type = 'qemu'
# Volumes
$nova_volume = 'nova-volumes'
$manage_volumes = false
# Database
$db_type = 'mysql'
$db_host = $internal_address
$sql_connection = false
# MySQL params
$mysql_root_password = 'sql_pass'
$mysql_bind_address = '0.0.0.0'
$mysql_allowed_hosts = ['127.0.0.%', '10.0.0.%']
$mysql_account_security = true
# Rabbit params
$rabbit_password = 'rabbit_pw'
$rabbit_user = 'nova'
$rabbit_host = false
# Keystone params
$keystone_db_user = 'keystone'
$keystone_db_password = 'keystone_pass'
$keystone_db_dbname = 'keystone'
$keystone_admin_tenant = 'admin'
$keystone_admin_token = 'keystone_admin_token'
$admin_email = 'root@localhost'
$admin_password = 'ChangeMe'
# Glance params
$glance_db_user = 'glance'
$glance_db_password = 'glance_pass'
$glance_user_password = 'glance_pass'
$glance_db_dbname = 'glance'
$glance_api_servers = "${public_address}:9292"
# Nova params
$nova_db_user = 'nova'
$nova_db_password = 'nova_pass'
$nova_user_password = 'nova_pass'
$nova_db_dbname = 'nova'
$purge_nova_config = true
# Horizon params
$secret_key = 'dummy_secret_key'
$cache_server_ip = '127.0.0.1'
$cache_server_port = '11211'
$swift = false
$quantum = false
$horizon_app_links = undef
# vnc
$vnc_enabled = true
$vncserver_listen = $internal_address
$vncserver_proxyclient_address = $internal_address
$vncproxy_host = $public_address
# OS-specific params
case $::osfamily {
'Debian': {
}
'RedHat': {
}
}
}

1
deployment/puppet/openstack/tests/all.pp Normal file
View File

@ -0,0 +1 @@
class { 'openstack::all': }

1
deployment/puppet/openstack/tests/cloudcontroller.pp Normal file
View File

@ -0,0 +1 @@
class { 'openstack::controller': }

4
deployment/puppet/openstack/tests/compute.pp Normal file
View File

@ -0,0 +1,4 @@
class { 'openstack::compute':
sql_connection => 'mysql://foo:bar@192.168.1.1/nova',
glance_api_servers => '192.168.1.1:9292',
}