Merge "Add support for the OpenStack Icehouse Release (2014.1)"
This commit is contained in:
commit
90fcd4b6f6
|
@ -9,5 +9,5 @@ project_page 'https://github.com/hastexo/kickstack'
|
|||
|
||||
dependency 'hastexo/exportfact', '>= 0.1.1'
|
||||
dependency 'puppetlabs/lvm', '>= 0.1.2'
|
||||
dependency 'puppetlabs/openstack', '>= 3.0.0'
|
||||
dependency 'puppetlabs/openstack', '>= 4.0.0'
|
||||
dependency 'rgevaert/pwgen', '>= 0.0.1'
|
||||
|
|
|
@ -11,6 +11,7 @@ class kickstack::cinder::api inherits kickstack {
|
|||
keystone_user => 'cinder',
|
||||
keystone_password => $service_password,
|
||||
keystone_auth_host => $keystone_internal_address,
|
||||
keystone_auth_uri => "http://${keystone_internal_address}:5000/v2.0",
|
||||
package_ensure => $::kickstack::package_version,
|
||||
}
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@ class kickstack::heat::config inherits kickstack {
|
|||
rpc_backend => 'heat.openstack.common.rpc.impl_kombu',
|
||||
rabbit_host => $rabbit_host,
|
||||
rabbit_password => $rabbit_password,
|
||||
rabbit_virtualhost => $::kickstack::rabbit_virtual_host,
|
||||
rabbit_virtual_host => $::kickstack::rabbit_virtual_host,
|
||||
rabbit_userid => $::kickstack::rabbit_userid,
|
||||
keystone_host => $auth_host,
|
||||
keystone_tenant => $kickstack::keystone_service_tenant,
|
||||
|
|
|
@ -1,9 +1,16 @@
|
|||
class kickstack::heat::engine inherits kickstack {
|
||||
|
||||
|
||||
include pwgen
|
||||
include ::kickstack::heat::config
|
||||
|
||||
$heat_auth_encryption_key = pick(getvar("${fact_prefix}heat_auth_encryption_key"),pwgen())
|
||||
$apis = split($::kickstack::heat_apis,',')
|
||||
|
||||
kickstack::exportfact::export { 'heat_auth_encryption_key':
|
||||
value => $heat_auth_encryption_key,
|
||||
tag => 'heat'
|
||||
}
|
||||
|
||||
if 'heat' in $apis {
|
||||
$metadata_server = getvar("${fact_prefix}heat_metadata_server")
|
||||
$metadata_server_url = "http://${metadata_server}:8000"
|
||||
|
@ -20,6 +27,7 @@ class kickstack::heat::engine inherits kickstack {
|
|||
heat_metadata_server_url => $metadata_server_url,
|
||||
heat_waitcondition_server_url => $waitcondition_server_url,
|
||||
heat_watch_server_url => $watch_server_url,
|
||||
auth_encryption_key => $heat_auth_encryption_key,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -6,6 +6,13 @@ class kickstack::neutron::agent::l2::compute inherits kickstack {
|
|||
|
||||
case "$::kickstack::neutron_plugin" {
|
||||
'ovs': {
|
||||
file { "/etc/neutron/plugins/openvswitch/":
|
||||
ensure => directory,
|
||||
}
|
||||
file { "/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini":
|
||||
content => template("kickstack/l2-agent-config.erb"),
|
||||
replace => false,
|
||||
}
|
||||
case $tenant_network_type {
|
||||
'gre': {
|
||||
$local_tunnel_ip = getvar("ipaddress_${nic_data}")
|
||||
|
@ -18,6 +25,7 @@ class kickstack::neutron::agent::l2::compute inherits kickstack {
|
|||
tunnel_bridge => $::kickstack::neutron_tunnel_bridge,
|
||||
tunnel_types => ['gre'],
|
||||
package_ensure => $::kickstack::package_version,
|
||||
require => [ File["/etc/neutron/plugins/openvswitch/"], File["/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini"] ],
|
||||
}
|
||||
}
|
||||
default: {
|
||||
|
@ -32,6 +40,13 @@ class kickstack::neutron::agent::l2::compute inherits kickstack {
|
|||
}
|
||||
}
|
||||
}
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
file { "/etc/init/neutron-plugin-openvswitch-agent.conf":
|
||||
content => template("kickstack/init.neutron-plugin-openvswitch-agent.erb"),
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
'linuxbridge': {
|
||||
class { "neutron::agents::linuxbridge":
|
||||
|
|
|
@ -7,6 +7,13 @@ class kickstack::neutron::agent::l2::network inherits kickstack {
|
|||
|
||||
case "$::kickstack::neutron_plugin" {
|
||||
'ovs': {
|
||||
file { "/etc/neutron/plugins/openvswitch/":
|
||||
ensure => directory,
|
||||
}
|
||||
file { "/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini":
|
||||
content => template("kickstack/l2-agent-config.erb"),
|
||||
replace => false,
|
||||
}
|
||||
case $tenant_network_type {
|
||||
'gre': {
|
||||
$local_tunnel_ip = getvar("ipaddress_${nic_data}")
|
||||
|
@ -20,8 +27,8 @@ class kickstack::neutron::agent::l2::network inherits kickstack {
|
|||
local_ip => $local_tunnel_ip,
|
||||
tunnel_bridge => $::kickstack::neutron_tunnel_bridge,
|
||||
tunnel_types => ['gre'],
|
||||
require => Class['::kickstack::neutron::agent::l3'],
|
||||
package_ensure => $::kickstack::package_version,
|
||||
require => [ Class['::kickstack::neutron::agent::l3'], File["/etc/neutron/plugins/openvswitch/"], File["/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini"] ],
|
||||
}
|
||||
}
|
||||
default: {
|
||||
|
@ -39,6 +46,13 @@ class kickstack::neutron::agent::l2::network inherits kickstack {
|
|||
}
|
||||
}
|
||||
}
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
file { "/etc/init/neutron-plugin-openvswitch-agent.conf":
|
||||
content => template("kickstack/init.neutron-plugin-openvswitch-agent.erb"),
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
'linuxbridge': {
|
||||
class { "neutron::agents::linuxbridge":
|
||||
|
|
|
@ -22,12 +22,6 @@ class kickstack::neutron::plugin inherits kickstack {
|
|||
tunnel_id_ranges => $tunnel_id_ranges,
|
||||
package_ensure => $::kickstack::package_version,
|
||||
}
|
||||
# This needs to be set for the plugin, not the agent
|
||||
# (the latter is what the Neutron module assumes)
|
||||
neutron_plugin_ovs { 'SECURITYGROUP/firewall_driver':
|
||||
value => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver',
|
||||
require => Class['neutron::plugins::ovs']
|
||||
}
|
||||
}
|
||||
'linuxbridge': {
|
||||
class { "neutron::plugins::linuxbridge":
|
||||
|
|
|
@ -5,12 +5,15 @@ class kickstack::neutron::server inherits kickstack {
|
|||
|
||||
$service_password = pick(getvar("${fact_prefix}neutron_keystone_password"),pwgen())
|
||||
$keystone_internal_address = getvar("${fact_prefix}keystone_internal_address")
|
||||
$database_connection = getvar("${fact_prefix}neutron_sql_connection")
|
||||
$nova_api_address = getvar("${fact_prefix}nova_api_address")
|
||||
|
||||
class { '::neutron::server':
|
||||
auth_tenant => $kickstack::keystone_service_tenant,
|
||||
auth_user => 'neutron',
|
||||
auth_password => $service_password,
|
||||
auth_host => $keystone_internal_address,
|
||||
database_connection => $database_connection,
|
||||
package_ensure => $::kickstack::package_version,
|
||||
}
|
||||
|
||||
|
@ -25,4 +28,12 @@ class kickstack::neutron::server inherits kickstack {
|
|||
require => Class['::neutron::server']
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
file { 'neutron-server-default':
|
||||
path => '/etc/default/neutron-server',
|
||||
content => template("kickstack/default.neutron-server.erb"),
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
class kickstack::neutron::server::notifications inherits kickstack {
|
||||
|
||||
include kickstack::neutron::config
|
||||
include pwgen
|
||||
|
||||
$service_password = pick(getvar("${fact_prefix}neutron_keystone_password"),pwgen())
|
||||
$keystone_internal_address = getvar("${fact_prefix}keystone_internal_address")
|
||||
$database_connection = getvar("${fact_prefix}neutron_sql_connection")
|
||||
$nova_service_password = getvar("${fact_prefix}nova_keystone_password")
|
||||
$nova_api_address = getvar("${fact_prefix}nova_api_address")
|
||||
|
||||
class { '::neutron::server::notifications':
|
||||
nova_url => "http://${nova_api_address}:8774/v2",
|
||||
nova_admin_username => 'nova',
|
||||
nova_admin_tenant_name => $kickstack::keystone_service_tenant,
|
||||
nova_admin_password => $nova_service_password,
|
||||
nova_admin_auth_url => "http://${keystone_internal_address}:35357/v2.0",
|
||||
nova_region_name => $kickstack::params::keystone_region,
|
||||
}
|
||||
}
|
|
@ -40,10 +40,17 @@ class kickstack::node::api inherits kickstack {
|
|||
# This looks a bit silly, but is currently necessary: in order to configure nova-api
|
||||
# as a Neutron client, we first need to install nova-api and neutron-server in one
|
||||
# run, and then fix up Nova with the Neutron configuration in the next run.
|
||||
#
|
||||
# The same applies to Neutron with regards to Nova notifications, but the other way
|
||||
# around.
|
||||
$neutron_keystone_password = getvar("${::kickstack::fact_prefix}neutron_keystone_password")
|
||||
$nova_keystone_password = getvar("${::kickstack::fact_prefix}nova_keystone_password")
|
||||
if $neutron_keystone_password {
|
||||
include kickstack::nova::neutronclient
|
||||
}
|
||||
if $nova_keystone_password {
|
||||
include kickstack::neutron::server::notifications
|
||||
}
|
||||
}
|
||||
|
||||
if $keystone_internal_address and $heat_sql_conn and $amqp_host and $amqp_password {
|
||||
|
|
|
@ -32,6 +32,12 @@ class kickstack::nova::api inherits kickstack {
|
|||
require => Class['::nova::api']
|
||||
}
|
||||
|
||||
kickstack::exportfact::export { "nova_api_address":
|
||||
value => "${hostname}",
|
||||
tag => "nova",
|
||||
require => Class['::nova::api']
|
||||
}
|
||||
|
||||
# Export the metadata API IP address and shared secret, to be picked up
|
||||
# by the Neutron metadata proxy agent on the network node
|
||||
kickstack::exportfact::export { "nova_metadata_ip":
|
||||
|
@ -39,6 +45,7 @@ class kickstack::nova::api inherits kickstack {
|
|||
tag => "nova",
|
||||
require => Class['::nova::api']
|
||||
}
|
||||
|
||||
kickstack::exportfact::export { "neutron_metadata_shared_secret":
|
||||
value => $neutron_secret,
|
||||
tag => 'nova',
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
class kickstack::repo inherits kickstack {
|
||||
class { '::openstack::repo':
|
||||
class { '::openstack::resources::repo':
|
||||
release => $::kickstack::release
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
# defaults for neutron-server
|
||||
|
||||
# path to config file corresponding to the core_plugin specified in
|
||||
# neutron.conf
|
||||
NEUTRON_PLUGIN_CONFIG="/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini"
|
|
@ -0,0 +1,17 @@
|
|||
# vim:set ft=upstart ts=2 et:
|
||||
description "Neutron OpenvSwitch Plugin Agent"
|
||||
author "Chuck Short <zulcss@ubuntu.com>"
|
||||
|
||||
start on runlevel [2345] and started neutron-ovs-cleanup
|
||||
stop on runlevel [!2345]
|
||||
|
||||
respawn
|
||||
|
||||
chdir /var/run
|
||||
|
||||
pre-start script
|
||||
mkdir -p /var/run/neutron
|
||||
chown neutron:root /var/run/neutron
|
||||
end script
|
||||
|
||||
exec start-stop-daemon --start --chuid neutron --exec /usr/bin/neutron-openvswitch-agent -- --config-file=/etc/neutron/neutron.conf --config-file=/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini --log-file=/var/log/neutron/openvswitch-agent.log
|
|
@ -0,0 +1,170 @@
|
|||
[ovs]
|
||||
# (StrOpt) Type of network to allocate for tenant networks. The
|
||||
# default value 'local' is useful only for single-box testing and
|
||||
# provides no connectivity between hosts. You MUST either change this
|
||||
# to 'vlan' and configure network_vlan_ranges below or change this to
|
||||
# 'gre' or 'vxlan' and configure tunnel_id_ranges below in order for
|
||||
# tenant networks to provide connectivity between hosts. Set to 'none'
|
||||
# to disable creation of tenant networks.
|
||||
#
|
||||
# tenant_network_type = local
|
||||
# Example: tenant_network_type = gre
|
||||
# Example: tenant_network_type = vxlan
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges
|
||||
# of VLAN IDs on named physical networks that are available for
|
||||
# allocation. All physical networks listed are available for flat and
|
||||
# VLAN provider network creation. Specified ranges of VLAN IDs are
|
||||
# available for tenant network allocation if tenant_network_type is
|
||||
# 'vlan'. If empty, only gre, vxlan and local networks may be created.
|
||||
#
|
||||
# network_vlan_ranges =
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
|
||||
# (BoolOpt) Set to True in the server and the agents to enable support
|
||||
# for GRE or VXLAN networks. Requires kernel support for OVS patch ports and
|
||||
# GRE or VXLAN tunneling.
|
||||
#
|
||||
# WARNING: This option will be deprecated in the Icehouse release, at which
|
||||
# point setting tunnel_type below will be required to enable
|
||||
# tunneling.
|
||||
#
|
||||
# enable_tunneling = False
|
||||
|
||||
# (StrOpt) The type of tunnel network, if any, supported by the plugin. If
|
||||
# this is set, it will cause tunneling to be enabled. If this is not set and
|
||||
# the option enable_tunneling is set, this will default to 'gre'.
|
||||
#
|
||||
# tunnel_type =
|
||||
# Example: tunnel_type = gre
|
||||
# Example: tunnel_type = vxlan
|
||||
|
||||
# (ListOpt) Comma-separated list of <tun_min>:<tun_max> tuples
|
||||
# enumerating ranges of GRE or VXLAN tunnel IDs that are available for
|
||||
# tenant network allocation if tenant_network_type is 'gre' or 'vxlan'.
|
||||
#
|
||||
# tunnel_id_ranges =
|
||||
# Example: tunnel_id_ranges = 1:1000
|
||||
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch bay". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
#
|
||||
# integration_bridge = br-int
|
||||
|
||||
# Only used for the agent if tunnel_id_ranges (above) is not empty for
|
||||
# the server. In most cases, the default value should be fine.
|
||||
#
|
||||
# tunnel_bridge = br-tun
|
||||
|
||||
# Peer patch port in integration bridge for tunnel bridge
|
||||
# int_peer_patch_port = patch-tun
|
||||
|
||||
# Peer patch port in tunnel bridge for integration bridge
|
||||
# tun_peer_patch_port = patch-int
|
||||
|
||||
# Uncomment this line for the agent if tunnel_id_ranges (above) is not
|
||||
# empty for the server. Set local-ip to be the local IP address of
|
||||
# this hypervisor.
|
||||
#
|
||||
# local_ip =
|
||||
|
||||
# (ListOpt) Comma-separated list of <physical_network>:<bridge> tuples
|
||||
# mapping physical network names to the agent's node-specific OVS
|
||||
# bridge names to be used for flat and VLAN networks. The length of
|
||||
# bridge names should be no more than 11. Each bridge must
|
||||
# exist, and should have a physical network interface configured as a
|
||||
# port. All physical networks listed in network_vlan_ranges on the
|
||||
# server should have mappings to appropriate bridges on each agent.
|
||||
#
|
||||
# bridge_mappings =
|
||||
# Example: bridge_mappings = physnet1:br-eth1
|
||||
|
||||
[agent]
|
||||
# Agent's polling interval in seconds
|
||||
# polling_interval = 2
|
||||
|
||||
# Minimize polling by monitoring ovsdb for interface changes
|
||||
# minimize_polling = True
|
||||
|
||||
# When minimize_polling = True, the number of seconds to wait before
|
||||
# respawning the ovsdb monitor after losing communication with it
|
||||
# ovsdb_monitor_respawn_interval = 30
|
||||
|
||||
# (ListOpt) The types of tenant network tunnels supported by the agent.
|
||||
# Setting this will enable tunneling support in the agent. This can be set to
|
||||
# either 'gre' or 'vxlan'. If this is unset, it will default to [] and
|
||||
# disable tunneling support in the agent. When running the agent with the OVS
|
||||
# plugin, this value must be the same as "tunnel_type" in the "[ovs]" section.
|
||||
# When running the agent with ML2, you can specify as many values here as
|
||||
# your compute hosts supports.
|
||||
#
|
||||
# tunnel_types =
|
||||
tunnel_types =gre
|
||||
# Example: tunnel_types = gre
|
||||
# Example: tunnel_types = vxlan
|
||||
# Example: tunnel_types = vxlan, gre
|
||||
|
||||
# (IntOpt) The port number to utilize if tunnel_types includes 'vxlan'. By
|
||||
# default, this will make use of the Open vSwitch default value of '4789' if
|
||||
# not specified.
|
||||
#
|
||||
# vxlan_udp_port =
|
||||
# Example: vxlan_udp_port = 8472
|
||||
|
||||
# (IntOpt) This is the MTU size of veth interfaces.
|
||||
# Do not change unless you have a good reason to.
|
||||
# The default MTU size of veth interfaces is 1500.
|
||||
# veth_mtu =
|
||||
# Example: veth_mtu = 1504
|
||||
|
||||
# (BoolOpt) Flag to enable l2-population extension. This option should only be
|
||||
# used in conjunction with ml2 plugin and l2population mechanism driver. It'll
|
||||
# enable plugin to populate remote ports macs and IPs (using fdb_add/remove
|
||||
# RPC calbbacks instead of tunnel_sync/update) on OVS agents in order to
|
||||
# optimize tunnel management.
|
||||
#
|
||||
# l2_population = False
|
||||
|
||||
[securitygroup]
|
||||
# Firewall driver for realizing neutron security group function.
|
||||
# firewall_driver = neutron.agent.firewall.NoopFirewallDriver
|
||||
# Example: firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
||||
|
||||
# Controls if neutron security group is enabled or not.
|
||||
# It should be false when you use nova security group.
|
||||
# enable_security_group = True
|
||||
|
||||
#-----------------------------------------------------------------------------
|
||||
# Sample Configurations.
|
||||
#-----------------------------------------------------------------------------
|
||||
#
|
||||
# 1. With VLANs on eth1.
|
||||
# [ovs]
|
||||
# network_vlan_ranges = default:2000:3999
|
||||
# tunnel_id_ranges =
|
||||
# integration_bridge = br-int
|
||||
# bridge_mappings = default:br-eth1
|
||||
#
|
||||
# 2. With GRE tunneling.
|
||||
# [ovs]
|
||||
# network_vlan_ranges =
|
||||
# tunnel_id_ranges = 1:1000
|
||||
# integration_bridge = br-int
|
||||
# tunnel_bridge = br-tun
|
||||
# local_ip = 10.0.0.3
|
||||
#
|
||||
# 3. With VXLAN tunneling.
|
||||
# [ovs]
|
||||
# network_vlan_ranges =
|
||||
# tenant_network_type = vxlan
|
||||
# tunnel_type = vxlan
|
||||
# tunnel_id_ranges = 1:1000
|
||||
# integration_bridge = br-int
|
||||
# tunnel_bridge = br-tun
|
||||
# local_ip = 10.0.0.3
|
||||
# [agent]
|
||||
# tunnel_types = vxlan
|
Loading…
Reference in New Issue