x
/
fuel-plugin-cisco-aci
Code Issues Proposed changes

Puppet added 

Change-Id: I8406b7daa5fc667edbe827f65de2d71aed629125
This commit is contained in:
Nikita Koshikov 2015-03-19 15:04:25 +02:00
parent 433b965085
commit 563fbd9b7c
38 changed files with 1250 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
deployment_scripts/puppet/modules/apic/manifests/api.pp Normal file
View File

@ -0,0 +1,12 @@
#Class apic::api
class apic::api (
$package_ensure = 'present',
) {
include apic::params
package { 'apic_api':
ensure => $package_ensure,
name => $::apic::params::package_apic_api,
}
}

39
deployment_scripts/puppet/modules/apic/manifests/host_agent.pp Normal file
View File

@ -0,0 +1,39 @@
#Class apic::host_agent
class apic::host_agent (
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
){
include apic::params
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
package { 'apic_host_agent':
ensure => $package_ensure,
name => $::apic::params::package_apic_agent,
}
service { 'apic-host-agent':
ensure => $service_ensure,
name => $::apic::params::service_apic_host_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
require => Package['apic_host_agent'],
}
Package['apic_host_agent'] -> Neutron_config<||>
Package['apic_host_agent'] -> Neutron_plugin_ml2<||>
Package['apic_host_agent'] -> Neutron_plugin_ml2_cisco<||>
Neutron_config<||> ~> Service['apic-host-agent']
Neutron_plugin_ml2<||> ~> Service['apic-host-agent']
Neutron_plugin_ml2_cisco<||> ~> Service['apic-host-agent']
File_line<||> ~> Service['apic-host-agent']
}

20
deployment_scripts/puppet/modules/apic/manifests/params.pp Normal file
View File

@ -0,0 +1,20 @@
#Class apic::params
class apic::params {
case $::osfamily {
'RedHat': {
}
'Debian': {
$package_apic_svc = 'neutron-driver-apic-svc'
$package_apic_agent = 'neutron-driver-apic-agent'
$package_apic_api = 'python-apicapi'
$service_apic_svc_agent = 'neutron-driver-apic-svc'
$service_apic_host_agent = 'neutron-driver-apic-agent'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian")
}
}
}

39
deployment_scripts/puppet/modules/apic/manifests/svc_agent.pp Normal file
View File

@ -0,0 +1,39 @@
#Class apic::svc_agent
class apic::svc_agent (
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
){
include apic::params
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
Package['apic_svc_agent'] -> Neutron_config<||>
Package['apic_svc_agent'] -> Neutron_plugin_ml2<||>
Package['apic_svc_agent'] -> Neutron_plugin_ml2_cisco<||>
Neutron_config<||> ~> Service['apic-svc-agent']
Neutron_plugin_ml2<||> ~> Service['apic-svc-agent']
Neutron_plugin_ml2_cisco<||> ~> Service['apic-svc-agent']
File_line<||> ~> Service['apic-svc-agent']
package { 'apic_svc_agent':
ensure => $package_ensure,
name => $::apic::params::package_apic_svc,
}
service { 'apic-svc-agent':
ensure => $service_ensure,
name => $::apic::params::service_apic_svc_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
require => Package['apic_svc_agent'],
}
}

89
deployment_scripts/puppet/modules/cisco_aci/manifests/gbp_and_apic_gbp.pp Normal file
View File

@ -0,0 +1,89 @@
#Class cisco_aci::gbp_and_apic_gbp
class cisco_aci::gbp_and_apic_gbp (
$ha_prefix = '',
$role = 'compute',
$use_lldp = true,
$apic_hosts = '10.0.0.1',
$apic_username = 'admin',
$apic_password = 'password',
$static_config = '',
$additional_config = '',
$service_plugins = 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,gbpservice.neutron.services.grouppolicy.plugin.GroupPolicyPlugin,gbpservice.neutron.services.servicechain.servicechain_plugin.ServiceChainPlugin',
$mechanism_drivers = 'openvswitch,apic_gbp',
$policy_drivers = 'implicit_policy,apic',
$admin_username = 'admin',
$admin_password = 'admin',
$admin_tenant = 'admin',
$ext_net_enable = false,
$ext_net_name = 'ext',
$ext_net_switch = '101',
$ext_net_port = '1/1',
$ext_net_subnet = '10.0.0.0/24',
$ext_net_gateway = '10.0.0.1',
){
include 'apic::params'
include 'apic::api'
case $role {
/controller/: {
if $use_lldp {
include 'apic::svc_agent'
}
include 'neutron::services::apic_server'
include "neutron::services::${ha_prefix}agents"
include 'gbp::heat'
include "heat::${ha_prefix}services"
include 'gbp::horizon'
include 'gbp::client'
include 'gbp::manage'
class {'neutron::config_auth':
admin_username => $admin_username,
admin_password => $admin_password,
admin_tenant => $admin_tenant,
}
if ($role == 'primary-controller' and $ext_net_enable == true){
class {'neutron::network':
tenant_name => $admin_tenant,
ext_net_name => $ext_net_name,
ext_net_subnet => $ext_net_subnet,
ext_net_gateway => $ext_net_gateway,
}
}
}
'compute': {
include 'neutron::services::ovs_agent'
}
default: {
}
}
if $use_lldp {
include 'lldp'
include 'apic::host_agent'
}
class {'gbp::config':
policy_drivers => $policy_drivers,
}
class {'neutron::config':
service_plugins => $service_plugins,
mechanism_drivers => $mechanism_drivers,
}
class {'neutron::config_apic':
apic_hosts => $apic_hosts,
apic_username => $apic_username,
apic_password => $apic_password,
static_config => $static_config,
additional_config => $additional_config,
ext_net_enable => $ext_net_enable,
ext_net_name => $ext_net_name,
ext_net_switch => $ext_net_switch,
ext_net_port => $ext_net_port,
ext_net_subnet => $ext_net_subnet,
ext_net_gateway => $ext_net_gateway,
}
}

89
deployment_scripts/puppet/modules/cisco_aci/manifests/gbp_and_apic_ml2.pp Normal file
View File

@ -0,0 +1,89 @@
#Class cisco_aci::gbp_and_apic_ml2
class cisco_aci::gbp_and_apic_ml2 (
$ha_prefix = '',
$role = 'compute',
$use_lldp = true,
$apic_hosts = '10.0.0.1',
$apic_username = 'admin',
$apic_password = 'password',
$static_config = '',
$additional_config = '',
$service_plugins = 'neutron.services.l3_router.l3_apic.ApicL3ServicePlugin',
$mechanism_drivers = 'openvswitch,cisco_apic',
$policy_drivers = 'implicit_policy,apic',
$admin_username = 'admin',
$admin_password = 'admin',
$admin_tenant = 'admin',
$ext_net_enable = false,
$ext_net_name = 'ext',
$ext_net_switch = '101',
$ext_net_port = '1/1',
$ext_net_subnet = '10.0.0.0/24',
$ext_net_gateway = '10.0.0.1',
){
include 'apic::params'
include 'apic::api'
case $role {
/controller/: {
if $use_lldp {
include 'apic::svc_agent'
}
include 'neutron::services::apic_server'
include "neutron::services::${ha_prefix}agents"
include 'gbp::heat'
include "heat::${ha_prefix}services"
include 'gbp::horizon'
include 'gbp::client'
include 'gbp::manage'
class {'neutron::config_auth':
admin_username => $admin_username,
admin_password => $admin_password,
admin_tenant => $admin_tenant,
}
if ($role == 'primary-controller' and $ext_net_enable == true){
class {'neutron::network':
tenant_name => $admin_tenant,
ext_net_name => $ext_net_name,
ext_net_subnet => $ext_net_subnet,
ext_net_gateway => $ext_net_gateway,
}
}
}
'compute': {
include 'neutron::services::ovs_agent'
}
default: {
}
}
if $use_lldp {
include 'lldp'
include 'apic::host_agent'
}
class {'gbp::config':
policy_drivers => $policy_drivers,
}
class {'neutron::config':
service_plugins => $service_plugins,
mechanism_drivers => $mechanism_drivers,
}
class {'neutron::config_apic':
apic_hosts => $apic_hosts,
apic_username => $apic_username,
apic_password => $apic_password,
static_config => $static_config,
additional_config => $additional_config,
ext_net_enable => $ext_net_enable,
ext_net_name => $ext_net_name,
ext_net_switch => $ext_net_switch,
ext_net_port => $ext_net_port,
ext_net_subnet => $ext_net_subnet,
ext_net_gateway => $ext_net_gateway,
}
}

37
deployment_scripts/puppet/modules/cisco_aci/manifests/gbp_and_mapping.pp Normal file
View File

@ -0,0 +1,37 @@
#Class cisco_aci::gbp_and_mapping
class cisco_aci::gbp_and_mapping (
$ha_prefix = '',
$role = 'compute',
$service_plugins = 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,gbpservice.neutron.services.grouppolicy.plugin.GroupPolicyPlugin,gbpservice.neutron.services.servicechain.servicechain_plugin.ServiceChainPlugin',
$mechanism_drivers = 'openvswitch',
$policy_drivers = 'implicit_policy,resource_mapping',
){
include 'apic::api'
case $role {
/controller/: {
include 'neutron::services::server'
include "neutron::services::${ha_prefix}agents"
include 'gbp::heat'
include "heat::${ha_prefix}services"
include 'gbp::horizon'
include 'gbp::client'
include 'gbp::manage'
}
'compute': {
include 'neutron::services::ovs_agent'
}
default: {
}
}
class {'gbp::config':
policy_drivers => $policy_drivers,
}
class {'neutron::config':
service_plugins => $service_plugins,
mechanism_drivers => $mechanism_drivers,
}
}

79
deployment_scripts/puppet/modules/cisco_aci/manifests/generic_apic_ml2.pp Normal file
View File

@ -0,0 +1,79 @@
#Class cisco_aci::generic_apic_ml2
class cisco_aci::generic_apic_ml2 (
$ha_prefix = '',
$role = 'compute',
$use_lldp = true,
$apic_hosts = '10.0.0.1',
$apic_username = 'admin',
$apic_password = 'password',
$static_config = '',
$additional_config = '',
$service_plugins = 'neutron.services.l3_router.l3_apic.ApicL3ServicePlugin',
$mechanism_drivers = 'openvswitch,cisco_apic',
$admin_username = 'admin',
$admin_password = 'admin',
$admin_tenant = 'admin',
$ext_net_enable = false,
$ext_net_name = 'ext',
$ext_net_switch = '101',
$ext_net_port = '1/1',
$ext_net_subnet = '10.0.0.0/24',
$ext_net_gateway = '10.0.0.1',
){
include 'apic::params'
include 'apic::api'
case $role {
/controller/: {
if $use_lldp {
include 'apic::svc_agent'
}
include 'neutron::services::apic_server'
include "neutron::services::${ha_prefix}agents"
class {'neutron::config_auth':
admin_username => $admin_username,
admin_password => $admin_password,
admin_tenant => $admin_tenant,
}
if ($role == 'primary-controller' and $ext_net_enable == true){
class {'neutron::network':
tenant_name => $admin_tenant,
ext_net_name => $ext_net_name,
ext_net_subnet => $ext_net_subnet,
ext_net_gateway => $ext_net_gateway,
}
}
}
'compute': {
include 'neutron::services::ovs_agent'
}
default: {
}
}
if $use_lldp {
include 'lldp'
include 'apic::host_agent'
}
class {'neutron::config':
service_plugins => $service_plugins,
mechanism_drivers => $mechanism_drivers,
}
class {'neutron::config_apic':
apic_hosts => $apic_hosts,
apic_username => $apic_username,
apic_password => $apic_password,
static_config => $static_config,
additional_config => $additional_config,
ext_net_enable => $ext_net_enable,
ext_net_name => $ext_net_name,
ext_net_switch => $ext_net_switch,
ext_net_port => $ext_net_port,
ext_net_subnet => $ext_net_subnet,
ext_net_gateway => $ext_net_gateway,
}
}

11
deployment_scripts/puppet/modules/gbp/manifests/client.pp Normal file
View File

@ -0,0 +1,11 @@
#Class gbp::client
class gbp::client (
$package_ensure = 'present',
){
include gbp::params
package { 'gbp_client':
ensure => $package_ensure,
name => $::gbp::params::package_gbp_client,
}
}

17
deployment_scripts/puppet/modules/gbp/manifests/config.pp Normal file
View File

@ -0,0 +1,17 @@
#Class gbp::config
class gbp::config (
$policy_drivers = '',
){
neutron_config {
'group_policy/policy_drivers': value => $policy_drivers;
'servicechain/servicechain_drivers': value => 'simplechain_driver';
'quotas/default_quota': value => '-1';
'quotas/quota_network': value => '-1';
'quotas/quota_subnet': value => '-1';
'quotas/quota_port': value => '-1';
'quotas/quota_security_group': value => '-1';
'quotas/quota_security_group_rule': value => '-1';
'quotas/quota_router': value => '-1';
'quotas/quota_floatingip': value => '-1';
}
}

18
deployment_scripts/puppet/modules/gbp/manifests/heat.pp Normal file
View File

@ -0,0 +1,18 @@
#Class gbp::heat
class gbp::heat (
$package_ensure = 'present',
){
include gbp::params
Package['gbp_heat'] -> Heat_config<||>
package { 'gbp_heat':
ensure => $package_ensure,
name => $::gbp::params::package_gbp_heat,
}
heat_config{
'DEFAULT/plugin_dirs' : value => '/usr/lib/python2.7/dist-packages/gbpautomation/heat';
}
}

17
deployment_scripts/puppet/modules/gbp/manifests/horizon.pp Normal file
View File

@ -0,0 +1,17 @@
#Class gbp::horizon
class gbp::horizon (
$package_ensure = 'present',
){
include gbp::params
$enable_project = ['_50_gbp_project_add_panel_group.py','_60_gbp_project_add_panel.py','_61_gbp_project_add_panel.py','_62_gbp_project_add_panel.py','_63_gbp_project_add_panel.py']
package { 'gbp_horizon':
ensure => $package_ensure,
name => $::gbp::params::package_gbp_horizon,
}
horizon::project{$enable_project:
project_dir => $::gbp::params::gbp_horizon_project,
}
}

22
deployment_scripts/puppet/modules/gbp/manifests/manage.pp Normal file
View File

@ -0,0 +1,22 @@
#Class gbp::manage
class gbp::manage (
$package_ensure = 'present',
){
include gbp::params
include neutron::services::server
Exec['gbp_dbsync'] ~> Service['neutron-server']
package { 'gbp_manage':
ensure => $package_ensure,
name => $::gbp::params::package_gbp_manage,
}
exec { 'gbp_dbsync':
command => $::gbp::params::dbsync_command,
path => '/usr/bin',
refreshonly => true,
logoutput => on_failure,
require => Package['gbp_manage'],
}
}

22
deployment_scripts/puppet/modules/gbp/manifests/params.pp Normal file
View File

@ -0,0 +1,22 @@
#Class gbp::params
class gbp::params {
$dbsync_command = 'gbp-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head'
case $::osfamily {
'RedHat': {
}
'Debian': {
$package_gbp_client = 'python-python-group-based-policy-client'
$package_gbp_manage = 'python-group-based-policy'
$package_gbp_heat = 'python-group-based-policy-automation'
$package_gbp_horizon = 'python-group-based-policy-ui'
$gbp_horizon_project = '/usr/lib/python2.7/dist-packages/gbpui'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian")
}
}
}

49
deployment_scripts/puppet/modules/heat/manifests/ha_services.pp Normal file
View File

@ -0,0 +1,49 @@
#Class heat::ha_services
class heat::ha_services (
$enabled = true,
) {
include heat::params
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
service { 'heat-api':
ensure => $service_ensure,
name => $::heat::params::api_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
service { 'heat-api-cloudwatch':
ensure => $service_ensure,
name => $::heat::params::api_cloudwatch_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
service { 'heat-api-cfn':
ensure => $service_ensure,
name => $::heat::params::api_cfn_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
service { 'heat-engine':
ensure => $service_ensure,
name => $::heat::params::engine_ha_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
provider => 'pacemaker',
tag => 'heat',
}
Heat_config<||> ~> Service<| tag == 'heat' |>
}

31
deployment_scripts/puppet/modules/heat/manifests/params.pp Normal file
View File

@ -0,0 +1,31 @@
# Parameters for puppet-heat
#
class heat::params {
$dbsync_command =
'heat-manage --config-file /etc/heat/heat.conf db_sync'
case $::osfamily {
'RedHat': {
# service names
$api_service_name = 'openstack-heat-api'
$api_cloudwatch_service_name = 'openstack-heat-api-cloudwatch'
$api_cfn_service_name = 'openstack-heat-api-cfn'
$engine_service_name = 'openstack-heat-engine'
$engine_ha_service_name = 'p_openstack-heat-engine'
}
'Debian': {
# service names
$api_service_name = 'heat-api'
$api_cloudwatch_service_name = 'heat-api-cloudwatch'
$api_cfn_service_name = 'heat-api-cfn'
$engine_service_name = 'heat-engine'
$engine_ha_service_name = 'p_heat-engine'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: \
${::operatingsystem}, module ${module_name} only support osfamily \
RedHat and Debian")
}
}
}

48
deployment_scripts/puppet/modules/heat/manifests/services.pp Normal file
View File

@ -0,0 +1,48 @@
#Class heat::services
class heat::services (
$enabled = true,
) {
include heat::params
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
service { 'heat-api':
ensure => $service_ensure,
name => $::heat::params::api_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
service { 'heat-api-cloudwatch':
ensure => $service_ensure,
name => $::heat::params::api_cloudwatch_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
service { 'heat-api-cfn':
ensure => $service_ensure,
name => $::heat::params::api_cfn_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
service { 'heat-engine_service':
ensure => $service_ensure,
name => $::heat::params::engine_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'heat',
}
Heat_config<||> ~> Service<| tag == 'heat' |>
}

19
deployment_scripts/puppet/modules/horizon/manifests/params.pp Normal file
View File

@ -0,0 +1,19 @@
# these parameters need to be accessed from several locations and
# should be considered to be constant
class horizon::params {
$dashboard_enabled = '/usr/share/openstack-dashboard/openstack_dashboard/enabled'
case $::osfamily {
'RedHat': {
$http_service = 'httpd'
}
'Debian': {
$http_service = 'apache2'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian")
}
}
}

15
deployment_scripts/puppet/modules/horizon/manifests/project.pp Normal file
View File

@ -0,0 +1,15 @@
#
define horizon::project(
$project_dir = '/tmp',
){
include horizon::params
include horizon::service
File[$name] ~> Service['httpd']
file {$name:
ensure => link,
path => "${::horizon::params::dashboard_enabled}/${name}",
target => "${project_dir}/${name}",
}
}

13
deployment_scripts/puppet/modules/horizon/manifests/service.pp Normal file
View File

@ -0,0 +1,13 @@
#
class horizon::service(
$package_ensure = present,
) {
include horizon::params
service { 'httpd':
ensure => 'running',
name => $::horizon::params::http_service,
enable => true
}
}

58
deployment_scripts/puppet/modules/lldp/manifests/init.pp Normal file
View File

@ -0,0 +1,58 @@
#Class lldp
class lldp (
$ensure = 'present',
$autoupdate = true,
$package_name = 'lldpd',
$service_name = 'lldpd',
){
include lldp::params
case $ensure {
'present': {
if $autoupdate {
$pkg_ensure = 'latest'
} else {
$pkg_ensure = 'present'
}
$svc_ensure = 'running'
$svc_enable = true
$file_ensure = 'present'
}
'absent': {
$pkg_ensure = 'absent'
$svc_ensure = 'stopped'
$svc_enable = false
$file_ensure = 'absent'
}
'purged': {
$pkg_ensure = 'purged'
$svc_ensure = 'stopped'
$svc_enable = false
$file_ensure = 'absent'
}
default: {
}
}
package {$package_name:
ensure => $pkg_ensure,
}
file {$::lldp::params::config_file_path:
ensure => $file_ensure,
content => inline_template($::lldp::params::config_file_data),
require => Package[$package_name],
notify => Service[$service_name],
}
service {$service_name:
ensure => $svc_ensure,
enable => $svc_enable,
require => File[$::lldp::params::config_file_path],
hasstatus => false,
hasrestart => true,
}
}

20
deployment_scripts/puppet/modules/lldp/manifests/params.pp Normal file
View File

@ -0,0 +1,20 @@
#Class lldp::params
class lldp::params {
$autoupdate = false
$package_name = 'lldpd'
$service_name = 'lldpd'
case $::osfamily {
'Debian': {
$config_file_path = '/etc/default/lldpd'
$config_file_data = '#Generated by puppet <%= "\n" %>DAEMON_ARGS="-c -I eth*"<%= "\n" %>'
}
'RedHat': {
$config_file_path = '/etc/sysconfig/lldpd'
$config_file_data = '#Generated by puppet <%= "\n" %>LLDPD_OPTIONS="-c -I eth*"<%= "\n" %>'
}
default: { fail("lldp: unsuported OS family ${::osfamily}") }
}
}

3
deployment_scripts/puppet/modules/neutron/files/neutron Normal file
View File

@ -0,0 +1,3 @@
configs+=(
"/etc/neutron/plugins/ml2/ml2_conf_cisco.ini" \
)

25
deployment_scripts/puppet/modules/neutron/files/neutron-server.conf Normal file
View File

@ -0,0 +1,25 @@
# vim:set ft=upstart ts=2 et:
description "Neutron API Server"
author "Chuck Short <zulcss@ubuntu.com>"
start on runlevel [2345]
stop on runlevel [!2345]
respawn
chdir /var/run
pre-start script
mkdir -p /var/run/neutron
chown neutron:root /var/run/neutron
end script
script
[ -r /etc/default/neutron-server ] && . /etc/default/neutron-server
[ -r "$NEUTRON_PLUGIN_CONFIG" ] && CONF_ARG="--config-file $NEUTRON_PLUGIN_CONFIG"
exec start-stop-daemon --start --chuid neutron --exec /usr/bin/neutron-server -- \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf_cisco.ini \
--log-file /var/log/neutron/server.log $CONF_ARG
end script

26
deployment_scripts/puppet/modules/neutron/manifests/config.pp Normal file
View File

@ -0,0 +1,26 @@
#Class neutron::config
class neutron::config (
$service_plugins = 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin',
$mechanism_drivers = 'openvswitch',
){
neutron_config {
'DEFAULT/service_plugins': value => $service_plugins;
'DEFAULT/core_plugin': value => 'neutron.plugins.ml2.plugin.Ml2Plugin';
}
neutron_plugin_ml2 {
'ml2/type_drivers': value => 'local,flat,vlan,gre,vxlan';
'ml2/tenant_network_types': value => 'vlan';
'ml2/mechanism_drivers': value => $mechanism_drivers;
#'ml2_type_vlan/network_vlan_ranges': value => "$physnets_dev:$vlan_range";
'securitygroup/enable_security_group': value => 'True';
'securitygroup/firewall_driver': value => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver';
#'ovs/integration_bridge': value => "$int_bridge";
#'ovs/bridge_mappings': value => "$physnets_dev:$int_bridge";
#'ovs/enable_tunneling': value => 'False';
'agent/polling_interval': value => '2';
'agent/l2_population': value => 'False';
'agent/arp_responder': value => 'False';
}
}

45
deployment_scripts/puppet/modules/neutron/manifests/config_apic.pp Normal file
View File

@ -0,0 +1,45 @@
#Class neutron::config_apic
class neutron::config_apic (
$apic_hosts = '10.0.0.1',
$apic_username = 'admin',
$apic_password = 'password',
$static_config = '',
$additional_config = '',
$ext_net_enable = false,
$ext_net_name = 'ext',
$ext_net_switch = '101',
$ext_net_port = '1/1',
$ext_net_subnet = '10.0.0.0/24',
$ext_net_gateway = '10.0.0.1',
){
neutron_plugin_ml2_cisco {
'DEFAULT/apic_system_id': value => 'openstack';
'ml2_cisco_apic/apic_hosts': value => $apic_hosts;
'ml2_cisco_apic/apic_username': value => $apic_username;
'ml2_cisco_apic/apic_password': value => $apic_password;
'ml2_cisco_apic/apic_name_mapping': value => 'use_name' ;
'ml2_cisco_apic/root_helper': value => 'sudo';
}
if !empty($additional_config) {
file_line{ 'additional_config':
path => '/etc/neutron/plugins/ml2/ml2_conf_cisco.ini',
line => $additional_config,
}
}
if !empty($static_config) {
file_line{ 'static_config':
path => '/etc/neutron/plugins/ml2/ml2_conf_cisco.ini',
line => $static_config,
}
}
if ($ext_net_enable == true){
neutron_plugin_ml2_cisco {
"apic_external_network:${ext_net_name}/switch": value => $ext_net_switch;
"apic_external_network:${ext_net_name}/port": value => $ext_net_port;
"apic_external_network:${ext_net_name}/cidr_exposed": value => $ext_net_subnet;
"apic_external_network:${ext_net_name}/gateway_ip": value => $ext_net_gateway;
}
}
}

13
deployment_scripts/puppet/modules/neutron/manifests/config_auth.pp Normal file
View File

@ -0,0 +1,13 @@
#Class neutron::config_auth
class neutron::config_auth (
$admin_username = 'admin',
$admin_password = 'admin',
$admin_tenant = 'admin',
){
neutron_config {
'keystone_authtoken/admin_user': value => $admin_username;
'keystone_authtoken/admin_password': value => $admin_password;
'keystone_authtoken/admin_tenant_name': value => $admin_tenant;
}
}

39
deployment_scripts/puppet/modules/neutron/manifests/network.pp Normal file
View File

@ -0,0 +1,39 @@
#Class neutron::network
class neutron::network (
$ensure = 'present',
$ext_net_name = 'extnet',
$ext_net_subnet = '10.0.0.0/24',
$ext_net_gateway = '10.0.0.1',
$shared = true,
$tenant_name = 'admin',
) {
neutron_network { $ext_net_name:
ensure => $ensure,
router_external => true,
tenant_name => $tenant_name,
shared => $shared,
}
->
neutron_subnet { "${ext_net_name}__subnet":
ensure => $ensure,
cidr => $ext_net_subnet,
network_name => $ext_net_name,
tenant_name => $tenant_name,
gateway_ip => $ext_net_gateway,
}
->
neutron_router { "${ext_net_name}__router":
ensure => $ensure,
tenant_name => $tenant_name,
}
->
neutron_router_interface { "${ext_net_name}__router:${ext_net_name}__subnet":
ensure => present,
}
Service<| title == 'neutron-server'|> -> Neutron_network<||>
Service<| title == 'neutron-server'|> -> Neutron_subnet<||>
Service<| title == 'neutron-server'|> -> Neutron_router<||>
Service<| title == 'neutron-server'|> -> Neutron_router_interface<||>
}

31
deployment_scripts/puppet/modules/neutron/manifests/params.pp Normal file
View File

@ -0,0 +1,31 @@
#Class neutron::params
class neutron::params {
$ha_metadata_agent = 'p_neutron-metadata-agent'
$ha_dhcp_agent = 'p_neutron-dhcp-agent'
$ha_l3_agent = 'p_neutron-l3-agent'
$service_metadata_agent = 'neutron-metadata-agent'
$service_dhcp_agent = 'neutron-dhcp-agent'
$service_l3_agent = 'neutron-l3-agent'
$service_neutron_server = 'neutron-server'
case $::osfamily {
'RedHat': {
$service_ovs_agent = 'neutron-openvswitch-agent'
$ha_ovs_agent = 'p_neutron-openvswitch-agent'
$initd_file_path = '/etc/sysconfig/neutron'
$initd_file_template = 'puppet:///modules/neutron/neutron'
}
'Debian': {
$service_ovs_agent = 'neutron-plugin-openvswitch-agent'
$ha_ovs_agent = 'p_neutron-plugin-openvswitch-agent'
$initd_file_path = '/etc/init/neutron-server.conf'
$initd_file_template = 'puppet:///modules/neutron/neutron-server.conf'
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian")
}
}
}

57
deployment_scripts/puppet/modules/neutron/manifests/services/agents.pp Normal file
View File

@ -0,0 +1,57 @@
#Class neutron::services::agents
class neutron::services::agents (
$enabled = true,
$manage_service = true,
){
include neutron::params
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'neutron-ovs-agent':
ensure => $service_ensure,
name => $::neutron::params::service_ovs_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'neutron_agents'
}
service { 'neutron-metadata-agent':
ensure => $service_ensure,
name => $::neutron::params::service_metadata_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'neutron_agents'
}
service { 'neutron-dhcp-agent':
ensure => $service_ensure,
name => $::neutron::params::service_dhcp_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'neutron_agents'
}
service { 'neutron-l3-agent':
ensure => $service_ensure,
name => $::neutron::params::service_l3_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'neutron_agents'
}
Neutron_config<||> ~> Service<| tag == 'neutron_agents' |>
Neutron_plugin_ml2<||> ~> Service<| tag == 'neutron_agents' |>
Neutron_plugin_ml2_cisco<||> ~> Service<| tag == 'neutron_agents' |>
File_line<||> ~> Service<| tag == 'neutron_agents' |>
}

16
deployment_scripts/puppet/modules/neutron/manifests/services/apic_server.pp Normal file
View File

@ -0,0 +1,16 @@
#Class neutron::services::apic_server
class neutron::services::apic_server (
$enabled = true,
$manage_service = true,
){
include neutron::params
include neutron::services::server
File['neutron_initd'] ~> Service['neutron-server']
file {'neutron_initd':
ensure => 'present',
path => $::neutron::params::initd_file_path,
source => $::neutron::params::initd_file_template,
}
}

62
deployment_scripts/puppet/modules/neutron/manifests/services/ha_agents.pp Normal file
View File

@ -0,0 +1,62 @@
#Class neutron::services::ha_agents
class neutron::services::ha_agents (
$enabled = true,
$manage_service = true,
){
include neutron::params
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service {'neutron-dhcp-agent':
ensure => $service_ensure,
name => $::neutron::params::ha_dhcp_agent,
enable => $enabled,
hasstatus => true,
hasrestart => false,
provider => 'pacemaker',
tag => 'ha_agents',
}
service {'neutron-metadata-agent':
ensure => $service_ensure,
name => $::neutron::params::ha_metadata_agent,
enable => $enabled,
hasstatus => true,
hasrestart => false,
provider => 'pacemaker',
tag => 'ha_agents',
}
service {'neutron-plugin-openvswitch-agent':
ensure => $service_ensure,
name => $::neutron::params::ha_ovs_agent,
enable => $enabled,
hasstatus => true,
hasrestart => false,
provider => 'pacemaker',
tag => 'ha_agents',
}
service {'neutron-l3-agent':
ensure => $service_ensure,
name => $::neutron::params::ha_l3_agent,
enable => $enabled,
hasstatus => true,
hasrestart => false,
provider => 'pacemaker',
tag => 'ha_agents',
}
Neutron_config<||> ~> Service<| tag == 'ha_agents' |>
Neutron_plugin_ml2<||> ~> Service<| tag == 'ha_agents' |>
Neutron_plugin_ml2_cisco<||> ~> Service<| tag == 'ha_agents' |>
File_line<||> ~> Service<| tag == 'ha_agents' |>
}

29
deployment_scripts/puppet/modules/neutron/manifests/services/ovs_agent.pp Normal file
View File

@ -0,0 +1,29 @@
#Class neutron::services::ovs_agent
class neutron::services::ovs_agent (
$enabled = true,
$manage_service = true,
){
include neutron::params
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'neutron-ovs-agent':
ensure => $service_ensure,
name => $::neutron::params::service_ovs_agent,
enable => $enabled,
hasstatus => true,
hasrestart => true,
}
Neutron_config<||> ~> Service['neutron-ovs-agent']
Neutron_plugin_ml2<||> ~> Service['neutron-ovs-agent']
Neutron_plugin_ml2_cisco<||> ~> Service['neutron-ovs-agent']
File_line<||> ~> Service['neutron-ovs-agent']
}

35
deployment_scripts/puppet/modules/neutron/manifests/services/server.pp Normal file
View File

@ -0,0 +1,35 @@
#Class neutron::services::server
class neutron::services::server (
$enabled = true,
$manage_service = true,
){
include neutron::params
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
File['rootwrap'] ~> Service['neutron-server']
Neutron_config<||> ~> Service['neutron-server']
Neutron_plugin_ml2<||> ~> Service['neutron-server']
Neutron_plugin_ml2_cisco<||> ~> Service['neutron-server']
File_line<||> ~> Service['neutron-server']
file {'rootwrap':
ensure => link,
path => '/usr/local/bin/neutron-rootwrap',
target => '/usr/bin/neutron-rootwrap',
}
service { 'neutron-server':
ensure => $service_ensure,
name => $::neutron::params::service_neutron_server,
enable => $enabled,
hasstatus => true,
hasrestart => true,
}
}

71
deployment_scripts/puppet/site.pp Normal file
View File

@ -0,0 +1,71 @@
$role = hiera('role')
$deployment_mode = hiera('deployment_mode')
$cisco_aci_hash = hiera('cisco_aci',{})
$access_hash = hiera('access',{})
$ha_prefix = $deployment_mode ? {
'ha_compact' => 'ha_',
default => '',
}
if ($cisco_aci_hash['use_gbp'] == false and $cisco_aci_hash['use_apic'] == false){
fail('Wrong configuration')
}
if ($cisco_aci_hash['use_gbp'] == false and $cisco_aci_hash['use_apic'] == true){
if ($cisco_aci_hash['driver_type'] == 'ML2'){
$install_type = 'US1'
$class_name = 'generic_apic_ml2'
}else{
fail('Wrong configuration')
}
}
if ($cisco_aci_hash['use_gbp'] == true and $cisco_aci_hash['use_apic'] == false){
$install_type = 'US2a'
$class_name = 'gbp_and_mapping'
}
if ($cisco_aci_hash['use_gbp'] == true and $cisco_aci_hash['use_apic'] == true){
if ($cisco_aci_hash['driver_type'] == 'ML2'){
$install_type = 'US2b'
$class_name = 'gbp_and_apic_ml2'
}elsif ($cisco_aci_hash['driver_type'] == 'GBP'){
$install_type = 'US3'
$class_name = 'gbp_and_apic_gbp'
}
}
case $install_type {
'US1','US2b','US3': {
class {"cisco_aci::${class_name}":
ha_prefix => $ha_prefix,
role => $role,
admin_username => $access_hash['user'],
admin_password => $access_hash['password'],
admin_tenant => $access_hash['tenant'],
use_lldp => $cisco_aci_hash['use_lldp'],
apic_hosts => $cisco_aci_hash['apic_hosts'],
apic_username => $cisco_aci_hash['apic_username'],
apic_password => $cisco_aci_hash['apic_password'],
static_config => $cisco_aci_hash['static_config'],
additional_config => $cisco_aci_hash['additional_config'],
ext_net_enable => $cisco_aci_hash['ext_net_enable'],
ext_net_name => $cisco_aci_hash['ext_net_name'],
ext_net_switch => $cisco_aci_hash['ext_net_switch'],
ext_net_port => $cisco_aci_hash['ext_net_port'],
ext_net_subnet => $cisco_aci_hash['ext_net_subnet'],
ext_net_gateway => $cisco_aci_hash['ext_net_gateway'],
}
}
'US2a': {
class {"cisco_aci::${class_name}":
ha_prefix => $ha_prefix,
role => $role,
}
}
default: {
fail("Wrong module ${module_name}")
}
}

24
metadata.yaml
View File

@ -1,21 +1,35 @@
# Plugin name
name: cisco_aci
# Human-readable name for your plugin
title: Cisco APIC Plugin support
title: Cisco APIC Plugin
# Plugin version
version: 1.0.0
version: 1.0.1
# Description
description: Enable to use Cisco SDN solutions for Neutron
# Required fuel version
fuel_version: ['6.0']
fuel_version: ['6.1']
# Specify license of your plugin
licenses: ['Apache License Version 2.0']
# Specify author or company name
authors: ['Mirantis']
# A link to the plugin's page
homepage: 'https://github.com/noironetworks/fuel-plugin-cisco-aci'
# Specify a group which your plugin implements, possible options:
# # network, storage, storage::cinder, storage::glance, hypervisor
groups: ['network']
# The plugin is compatible with releases in the list
releases:
- os: centos
version: 2014.2-6.1
mode: ['ha', 'multinode']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/ubuntu
- os: ubuntu
version: 2014.2-6.0
version: 2014.2-6.1
mode: ['ha', 'multinode']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/ubuntu
# Version of plugin package
package_version: '1.0.0'
package_version: '2.0.0'

13
pre_build_hook
View File

@ -0,0 +1,13 @@
#!/bin/bash
set -eux
ROOT="$(dirname `readlink -f $0`)"
MODULES="${ROOT}"/deployment_scripts/puppet/modules
mkdir -p "${MODULES}"
#REPO_PATH='https://github.com/stackforge/fuel-library/tarball/aded04f6b5d4dbc4b4e4cf904fc882879184d097'
REPO_PATH='https://api.github.com/repos/stackforge/fuel-library/tarball/a478b8c6180af33612b19d09785bd63f2b6673c6'
RPM_REPO="${ROOT}"/repositories/centos/
DEB_REPO="${ROOT}"/repositories/ubuntu/
wget -qO- "${REPO_PATH}" | \
tar -C "${MODULES}" --strip-components=3 -zxvf - \
stackforge-fuel-library-a478b8c/deployment/puppet/{inifile,stdlib,pacemaker}

4
tasks.yaml
View File

@ -2,10 +2,10 @@
# here you can also specify several roles, for example
# ['cinder', 'compute'] will be applied only on
# cinder and compute nodes
- role: ['controller','compute']
- role: ['primary-controller','controller','compute']
stage: post_deployment
type: puppet
parameters:
puppet_manifest: puppet/site.pp
puppet_modules: puppet/modules/
timeout: 42
timeout: 3600