Codestyle fixes, Ubuntu 14.04 and Contrail 2.01 adaptation,

various fixes

- Ruby functions returns string type now
- Codestyle fixes (puppet-lint)
- Fixes to work on Ubuntu 14.04
- Now plugin uses MOS controller's RabbitMQ instance
- Contrail 2.01 adaptation

Change-Id: I14005af2c4a2eca3a89b6e55d5b92c47f7b8d36c

deployment_scripts/puppet/manifests/site-compute-pre.pp

@@ -1,8 +1,8 @@
 # Remove automatically installed plugin's repo.
 # Some packages conflicts with default repo on openstack-controller nodes
-file {"remove-plugin-aptsource":
+file {'remove-plugin-aptsource':
   # TODO!
-  #path => "/etc/apt/sources.list.d/contrail-{plugin_version}.list",
-  path => "/etc/apt/sources.list.d/contrail-1.0.0.list",
+  #path => '/etc/apt/sources.list.d/contrail-{plugin_version}.list',
   ensure => absent,
+  path => '/etc/apt/sources.list.d/contrail-1.0.0.list',
 }

deployment_scripts/puppet/manifests/site-contrail-post2.pp

@@ -1,7 +1,5 @@
 include contrail
 if $contrail::node_name =~ /^contrail.\d+$/ {
-  class { 'contrail::neutron':
-  } ->
   class { 'contrail::config':
     node_role => $contrail::node_role,
   } ~>

deployment_scripts/puppet/manifests/site-contrail-post4.pp

@@ -1,6 +1,7 @@
 include contrail
 if $contrail::node_name =~ /^contrail.\d+$/ {
-  class { contrail::ssh:
+  class { 'contrail::ssh':
     password_auth => 'no',
+    root_login    => 'without-password'
   }
 }

deployment_scripts/puppet/manifests/site-contrail-pre.pp

@@ -10,17 +10,17 @@ class { 'contrail::network':
   public_if       => $contrail::public_if
 } ->
 
-class { contrail::ssh:
+class { 'contrail::ssh':
   password_auth => 'yes',
 } ->
 # Workaround for contrail shipped tzdata-java package
 package { 'tzdata':
-  ensure  => '2014e-0ubuntu0.12.04'
+  ensure  => '2014i-0ubuntu0.14.04'
 } ->
-class { contrail::package:
+class { 'contrail::package':
   install        => ['python-crypto','python-netaddr','python-paramiko',
-                    'openjdk-6-jre-headless',
+                    'ifenslave-2.6','patch','openjdk-7-jre-headless',
                     'contrail-fabric-utils','contrail-setup'],
   pip_install    => ['ecdsa-0.10','Fabric-1.7.0'],
   responsefile   => 'contrail.preseed',
-} 
+}

deployment_scripts/puppet/manifests/site-controller-pre.pp

@@ -3,6 +3,6 @@
 file {'remove-plugin-aptsource':
   # TODO!
   #path => "/etc/apt/sources.list.d/contrail-{plugin_version}.list",
-  path => '/etc/apt/sources.list.d/contrail-1.0.0.list',
   ensure => absent,
+  path => '/etc/apt/sources.list.d/contrail-1.0.0.list',
 }

deployment_scripts/puppet/modules/contrail/files/contrail-pin-100

@@ -1,3 +1,16 @@
 Package: *
 Pin: release l=Ubuntu
 Pin-Priority: 100
+
+Package: libnss3*
+Pin: version 2:3.15*
+Pin-Priority: 1006
+
+#  contrail-openstack-config requires
+Package: haproxy
+Pin: version 1.5.4-1ppa1~precise
+Pin-Priority: 1006
+
+Package: nodejs
+Pin: version 0.8.15-1contrail1
+Pin-Priority: 1006

deployment_scripts/puppet/modules/contrail/files/ha.py.patch

@@ -1,4 +1,5 @@
---- ha.py	2015-03-10 22:01:08.309814785 +0300
+diff -u /opt/contrail/utils/fabfile/tasks/ha.py /opt/contrail/utils/fabfile/tasks/ha.py
+--- /opt/contrail/utils/fabfile/tasks/ha.py
 +++ /opt/contrail/utils/fabfile/tasks/ha.py
 @@ -199,9 +199,12 @@
  

deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/get_first_ip.rb

@@ -6,7 +6,7 @@ Returns first ip in subnet. ARG1 - subnet in CIDR notation (i.e. 192.168.1.0/24)
 EOS
   ) do |args|
     cidr = IPAddr.new(args[0])
-    return cidr.succ
+    return cidr.succ.to_s
   end
 end
 

deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/get_ip_from_range.rb

@@ -38,7 +38,7 @@ EOS
       raise Puppet::ParseError, "IP " + rv.to_s + " is out of allowed ip range. " + ip_end.to_s + " is the max"
     end
 
-    return rv
+    return rv.to_s
 
   end
 end

deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/get_last_ip.rb

@@ -17,7 +17,7 @@ EOS
     prefix=args[0].split('/')[1]
     netmask=IPAddr.new('255.255.255.255').mask(prefix)
     broadcast=cidr.|(netmask.~())
-    return broadcast.prev
+    return broadcast.prev.to_s
 
   end
 end

deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/get_private_ifname.rb

@@ -14,7 +14,7 @@ newfunction(:get_private_ifname, :type => :rvalue, :doc => <<-EOS
      end
 
    end
-        return ifname
+        return ifname.to_s
     end
 end
 

deployment_scripts/puppet/modules/contrail/manifests/config.pp

@@ -29,8 +29,8 @@ class contrail::config ( $node_role ) {
       }
 
       $ipv4_file = $operatingsystem ? {
-          "Ubuntu" => '/etc/iptables/rules.v4',
-          "CentOS" => '/etc/sysconfig/iptables',
+          'Ubuntu' => '/etc/iptables/rules.v4',
+          'CentOS' => '/etc/sysconfig/iptables',
       }
 
       exec {'flush_nat':
@@ -49,8 +49,8 @@ class contrail::config ( $node_role ) {
         action => 'accept'
       } ->
 
-      exec { "persist-firewall":
-        command     => "/sbin/iptables-save >> $ipv4_file",
+      exec { 'persist-firewall':
+        command     => "/sbin/iptables-save > ${ipv4_file}",
         user        => 'root',
       }
 
@@ -64,5 +64,81 @@ class contrail::config ( $node_role ) {
       }
 
     }
+
+    'base-os': {
+
+      # Switch neutron and contrail-api to MOS controller's RabbitMQ
+
+      # Contrail-api
+      ini_setting { 'contrail_rabbit_server':
+          ensure  => present,
+          path    => '/etc/contrail/contrail-api.conf',
+          section => 'DEFAULTS',
+          setting => 'rabbit_server',
+          value   => $contrail::rabbit_hosts[0]  # Using first rabbitmq in list. TODO. Make a VIP,w/o proxying. (RMQ VIP does not exists for now). Contrail does not support a server list.
+      } ->
+      ini_setting { 'contrail_rabbit_port':
+          ensure  => present,
+          path    => '/etc/contrail/contrail-api.conf',
+          section => 'DEFAULTS',
+          setting => 'rabbit_port',
+          value   => '5673'
+      } ->
+      ini_setting { 'contrail_rabbit_user':
+          ensure  => present,
+          path    => '/etc/contrail/contrail-api.conf',
+          section => 'DEFAULTS',
+          setting => 'rabbit_user',
+          value   => 'nova'
+      } ->
+      ini_setting { 'contrail_rabbit_password':
+          ensure  => present,
+          path    => '/etc/contrail/contrail-api.conf',
+          section => 'DEFAULTS',
+          setting => 'rabbit_password',
+          value   => $contrail::rabbit_password
+      } ->
+
+      # Neutron
+      ini_setting { 'neutron_rabbit_hosts':
+          ensure  => present,
+          path    => '/etc/neutron/neutron.conf',
+          section => 'DEFAULT',
+          setting => 'rabbit_hosts',
+          value   => $contrail::rabbit_hosts_ports
+      } ->
+      ini_setting { 'neutron_rabbit_host': # Set empty
+          ensure  => present,
+          path    => '/etc/neutron/neutron.conf',
+          section => 'DEFAULT',
+          setting => 'rabbit_host',
+          value   => ''
+      } ->
+      ini_setting { 'neutron_rabbit_port':
+          ensure  => present,
+          path    => '/etc/neutron/neutron.conf',
+          section => 'DEFAULT',
+          setting => 'rabbit_port',
+          value   => '5673'
+      } ->
+      ini_setting { 'neutron_rabbit_userid':
+          ensure  => present,
+          path    => '/etc/neutron/neutron.conf',
+          section => 'DEFAULT',
+          setting => 'rabbit_userid',
+          value   => 'nova'
+      } ->
+      ini_setting { 'neutron_rabbit_password':
+          ensure  => present,
+          path    => '/etc/neutron/neutron.conf',
+          section => 'DEFAULT',
+          setting => 'rabbit_password',
+          value   => $contrail::rabbit_password
+      }
+
+    }
+
+
+
   }
 }

deployment_scripts/puppet/modules/contrail/manifests/init.pp

@@ -52,12 +52,33 @@ $deployment_node="${contrail_node_basename}-1"
 
 $contrail_node_num = inline_template("<%-
 rv=0
-@nodes.each do |node|
-if node['user_node_name'] =~ /^#{@contrail_node_basename}-.*/
-rv+=1
-end
+  @nodes.each do |node|
+    if node['user_node_name'] =~ /^#{@contrail_node_basename}-.*/
+    rv+=1
+  end
 end
 -%>
 <%= rv %>")
 
+# Settings for RabbitMQ on contrail controllers
+$rabbit=hiera('rabbit')
+$rabbit_password=$rabbit['password']
+
+# Returns array of ip addresses
+$rabbit_hosts =
+split(
+  inline_template("<%-
+    rv=Array.new
+    @nodes.each do |node|
+      if node['role'] =~ /^(primary-)?controller$/
+        rv << node['internal_address']
+      end
+    end
+  -%>
+  <%= rv.join(',') %>")
+, ',')
+$tmp_rabbit = join($rabbit_hosts,':5673,')
+$rabbit_hosts_ports = "${tmp_rabbit}:5673"
+
+
 }

deployment_scripts/puppet/modules/contrail/manifests/network.pp

@@ -36,7 +36,7 @@ class contrail::network (
       exec {"ifup-${public_if}":
         command => "/sbin/ip link set up dev ${public_if}",
       }
-     }
+    }
     'compute':{
       file {'/etc/network/interfaces.d/ifcfg-vhost0':
         ensure => present,

deployment_scripts/puppet/modules/contrail/manifests/neutron.pp

@@ -1,7 +0,0 @@
-class contrail::neutron {
-  file { '/usr/share/pyshared/neutron_plugin_contrail/plugins/opencontrail':
-    ensure  => directory,
-    source  => "puppet:///modules/contrail/opencontrail",
-    recurse => true,
-  }
-}

deployment_scripts/puppet/modules/contrail/manifests/service.pp

@@ -3,7 +3,7 @@ class contrail::service ( $node_role ) {
   case $node_role {
     'base-os': {
       $services = $operatingsystem ? {
-        'Ubuntu' => ['haproxy','keepalived','neutron-server','supervisor-support-service','redis-server'],
+        'Ubuntu' => ['haproxy','keepalived','neutron-server','supervisor-support-service','redis-server','contrail-api'],
         default  => undef,
       }
     }

deployment_scripts/puppet/modules/contrail/manifests/setup.pp

@@ -4,7 +4,7 @@ class contrail::setup (
 
   if $node_name == $contrail::deployment_node {
     file_line { 'disable_sslv3':
-      path => '/etc/java-6-openjdk/security/java.security',
+      path => '/etc/java-7-openjdk/security/java.security',
       line => 'jdk.tls.disabledAlgorithms=SSLv3',
     } ->
     file {'/tmp/ha.py.patch':
@@ -12,7 +12,8 @@ class contrail::setup (
       source => 'puppet:///modules/contrail/ha.py.patch'
     } ->
     exec {'ha.py.patch':
-    command => '/usr/bin/patch -f -p0 < /tmp/ha.py.patch'
+    command => '/usr/bin/patch /opt/contrail/utils/fabfile/tasks/ha.py /tmp/ha.py.patch',
+    returns => [0,1] # Idempotent behaviour
     } ->
 
     file {'/tmp/keepalived_conf_template.py.patch':
@@ -20,7 +21,8 @@ class contrail::setup (
       source => 'puppet:///modules/contrail/keepalived_conf_template.py.patch'
     } ->
     exec {'keepalived_conf_template.py.patch':
-    command => '/usr/bin/patch -f -p0 < /tmp/keepalived_conf_template.py.patch'
+    command => '/usr/bin/patch /usr/local/lib/python2.7/dist-packages/contrail_provisioning/common/templates/keepalived_conf_template.py /tmp/keepalived_conf_template.py.patch',
+    returns => [0,1] # Idempotent behaviour
     } ->
 
     file {'/tmp/provision.py.patch':
@@ -28,7 +30,8 @@ class contrail::setup (
       source => 'puppet:///modules/contrail/provision.py.patch'
     } ->
     exec {'provision.py.patch':
-    command => '/usr/bin/patch -f -p0 < /tmp/provision.py.patch'
+    command => '/usr/bin/patch /opt/contrail/utils/fabfile/tasks/provision.py /tmp/provision.py.patch',
+    returns => [0,1] # Idempotent behaviour
     } ->
 
     # Database installation
@@ -58,5 +61,7 @@ class contrail::setup (
     run_fabric { 'setup_control': } ->
     run_fabric { 'setup_collector': } ->
     run_fabric { 'setup_webui': }
+
   }
+
 }

deployment_scripts/puppet/modules/contrail/manifests/ssh.pp

@@ -1,10 +1,15 @@
-class contrail::ssh ( $password_auth = 'yes' ) {
-  exec { 'Update-sshd-config':
+class contrail::ssh ( $password_auth = 'yes',$root_login = 'yes' ) {
+  exec { 'Update-PasswordAuthentication':
     path    => '/bin:/usr/bin',
     command => "sed -i -e 's/^PasswordAuthentication.*/PasswordAuthentication ${password_auth}/g' /etc/ssh/sshd_config",
+    notify  => Service['ssh']
+  }
+  exec { 'Update-PermitRootLogin':
+    path    => '/bin:/usr/bin',
+    command => "sed -i -e 's/^PermitRootLogin.*/PermitRootLogin ${root_login}/g' /etc/ssh/sshd_config",
+    notify  => Service['ssh']
   }
   service { 'ssh':
     ensure    => running,
-    subscribe => Exec['Update-sshd-config'],
   }
-}
+}

pre_build_hook

@@ -21,22 +21,27 @@ wget -qO- "${NEUTRON_REPO_PATH}" | \
       tar -C "${MODULES}/contrail/files" --strip-components=3 -zxvf - \
       Juniper-contrail-neutron-plugin-3189155/neutron_plugin_contrail/plugins/opencontrail
 
-#
-# packages required for cassandra and zookeeper:
-deb_packages=('http://us.archive.ubuntu.com/ubuntu/pool/main/p/pcsc-lite/libpcsclite1_1.7.4-2ubuntu2_amd64.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/j/java-common/java-common_0.43ubuntu2_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/j/java-common/default-jre-headless_1.6-43ubuntu2_amd64.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/c/ca-certificates-java/ca-certificates-java_20110912ubuntu6_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/universe/c/commons-daemon/libcommons-daemon-java_1.0.8-1_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/universe/c/commons-daemon/jsvc_1.0.8-1_amd64.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/j/jline/libjline-java_1.0-1_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/universe/libj/libjna-java/libjna-java_3.2.7-4_amd64.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/a/apache-log4j1.2/liblog4j1.2-java_1.2.16-3ubuntu1_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/universe/n/netty/libnetty-java_3.2.6.Final-2_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/universe/libs/libslf4j-java/libslf4j-java_1.6.4-1_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/libx/libxml-commons-resolver1.1-java/libxml-commons-resolver1.1-java_1.2-7_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/x/xml-commons-external/libxml-commons-external-java_1.4.01-2_all.deb'
-'http://us.archive.ubuntu.com/ubuntu/pool/main/libx/libxerces2-java/libxerces2-java_2.11.0-4_all.deb')
+# from: deb http://en.archive.ubuntu.com/ubuntu/ trusty main universe multiverse
+deb_packages=('http://us.archive.ubuntu.com/ubuntu/pool/main/a/avahi/libavahi-common-data_0.6.31-4ubuntu1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/a/avahi/libavahi-common3_0.6.31-4ubuntu1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/a/avahi/libavahi-client3_0.6.31-4ubuntu1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.7.2-0ubuntu1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/libj/libjpeg-turbo/libjpeg-turbo8_1.3.0-0ubuntu2_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/l/lcms2/liblcms2-2_2.5-0ubuntu4_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4_4.10.2-1ubuntu1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-nssdb_3.15.4-1ubuntu7_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/n/nss/libnss3_3.15.4-1ubuntu7_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/p/pcsc-lite/libpcsclite1_1.8.10-1ubuntu1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/c/ca-certificates-java/ca-certificates-java_20130815ubuntu1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/t/tzdata/tzdata_2014b-1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/t/tzdata/tzdata-java_2014b-1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/j/java-common/java-common_0.51_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/libj/libjpeg8-empty/libjpeg8_8c-2ubuntu8_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.15.4-1ubuntu7_amd64.deb'
+'http://en.archive.ubuntu.com/ubuntu/pool/main/o/openjdk-7/openjdk-7-jre-headless_7u51-2.4.6-1ubuntu4_amd64.deb'
+'http://en.archive.ubuntu.com/ubuntu/pool/main/o/openjdk-7/openjdk-7-jre_7u51-2.4.6-1ubuntu4_amd64.deb'
+'http://en.archive.ubuntu.com/ubuntu/pool/main/o/openjdk-7/icedtea-7-jre-jamvm_7u51-2.4.6-1ubuntu4_amd64.deb')
+
 
 for i in "${deb_packages[@]}"
 do
@@ -44,3 +49,4 @@ do
 	if [ ! -f $DEB_REPO$file ];
 	then wget -q $i -O $DEB_REPO$file; fi
 done
+