From e93f028814c280db476928e2e76dff953bd1af86 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 28 Apr 2014 14:42:10 +0200 Subject: [PATCH 0001/1017] Support EPEL for RHEL-7 This patch makes EPEL repo installation work on all RHEL versions. EPEL release is not hardcoded anymore. Change-Id: Ic2a776e563e1e0538806c5d6632e6a4f946be513 --- packstack/plugins/serverprep_949.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/serverprep_949.py b/packstack/plugins/serverprep_949.py index 333470407..372a1f039 100644 --- a/packstack/plugins/serverprep_949.py +++ b/packstack/plugins/serverprep_949.py @@ -375,8 +375,10 @@ def manage_epel(host, config): if config['HOST_DETAILS'][host]['os'] in ('Fedora', 'Unknown'): return - mirrors = ('https://mirrors.fedoraproject.org/metalink?repo=epel-6&' - 'arch=$basearch') + # yum's $releasever can be non numeric on RHEL, so interpolate here + releasever = config['HOST_DETAILS'][host]['release'].split('.')[0] + mirrors = ('https://mirrors.fedoraproject.org/metalink?repo=epel-%s&' + 'arch=$basearch' % releasever) server = utils.ScriptRunner(host) if config['CONFIG_USE_EPEL'] == 'y': server.append('REPOFILE=$(mktemp)') From 52a362eb82c7499efaa5710e3a4bc6109187869d Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 7 May 2014 14:44:29 +0200 Subject: [PATCH 0002/1017] Extend default swift-proxy configuration for Tempest We are enabling swift middlewares: bulk, catch_errors, ratelimit, account_quotas, container_quotas, formpost and slo. Closes-bug: rhbz#1023221 Change-Id: I7474a703601cc06e2de13b1360d377c4b9aefc30 --- packstack/puppet/templates/swift_proxy.pp | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 2c9adbe82..44b7e4cb9 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -7,16 +7,19 @@ class { 'swift::proxy': proxy_local_net_ip => '%(CONFIG_SWIFT_PROXY)s', pipeline => [ - #'catch_errors', + 'bulk', + 'catch_errors', 'healthcheck', 'cache', - #'ratelimit', + 'ratelimit', 'authtoken', 'keystone', 'staticweb', 'tempurl', - #'account_quotas', - #'container_quotas', + 'slo', + 'formpost', + 'account-quotas', + 'container-quotas', 'proxy-server' ], account_autocreate => true, @@ -30,9 +33,18 @@ 'swift::proxy::staticweb', 'swift::proxy::tempurl', 'swift::proxy::account_quotas', + 'swift::proxy::formpost', + 'swift::proxy::slo', 'swift::proxy::container_quotas' ]: } +class { 'swift::proxy::bulk': + max_containers_per_extraction => 10000, + max_failed_extractions => 1000, + max_deletes_per_request => 10000, + yield_frequency => 60, +} + class { 'swift::proxy::ratelimit': clock_accuracy => 1000, max_sleep_time_seconds => 60, From c76b33c1e399cecbbce7a87b9dfe6bcaa8929d47 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Wed, 7 May 2014 20:43:13 -0600 Subject: [PATCH 0003/1017] Update to Move libvirt options into a group Nova has moved the the libvirt options into a group in the config file, this patch aligns packstack templates to this new configuration. This patch needs this pull request to be approved first: https://github.com/redhat-openstack/openstack-puppet-modules/pull/37 Change-Id: I14027588dd10e8e13af356ec53a9958f49039fb1 Fixes: rhbz#1093925 --- .../puppet/templates/nova_compute_libvirt.pp | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index 97ad5f591..a58c7bfd6 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -4,16 +4,14 @@ # preventing a clash with rules being set by libvirt if $::is_virtual_packstack == "true" { - $libvirt_type = "qemu" - nova_config{ - "DEFAULT/libvirt_cpu_mode": value => "none"; - } + $libvirt_virt_type = "qemu" + $libvirt_cpu_mode = "none" }else{ - $libvirt_type = "kvm" + $libvirt_virt_type = "kvm" } nova_config{ - "DEFAULT/libvirt_inject_partition": value => "-1"; + "libvirt/inject_partition": value => "-1"; } exec { 'qemu-kvm': @@ -23,8 +21,9 @@ } class { 'nova::compute::libvirt': - libvirt_type => "$libvirt_type", - vncserver_listen => "0.0.0.0", + libvirt_virt_type => "$libvirt_virt_type", + libvirt_cpu_mode => "$libvirt_cpu_mode", + vncserver_listen => "0.0.0.0", } exec {'load_kvm': From 2d57df37a316a87488a0ce6dba1cb42ddd98c286 Mon Sep 17 00:00:00 2001 From: Eoghan Glynn Date: Sun, 11 May 2014 18:35:28 +0100 Subject: [PATCH 0004/1017] Install ceilometer compute agent on nova-cpu nodes Previously, the installation of the ceilometer compute agent was mistakenly dropped on the floor as an unintended side effect of the separation of rabbitmq and qpid config. Now, this oversight is addressed, so that the compute agent is successfully installed on nova-cpu nodes. Change-Id: I163bafeda34fcccd749946bb109ea89cbf28393f Closes-bug: #1318383 --- packstack/plugins/nova_300.py | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 0587ca081..3f5f4f908 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -526,6 +526,7 @@ def createcomputemanifest(config): if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate(get_mq(config, "nova_ceilometer")) + manifestdata += getManifestTemplate("nova_ceilometer.pp") # According to the docs the only element that connects directly to nova compute # is nova scheduler From 7488f1f671deb55a010efffa73e4d92176fab9ac Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 12 May 2014 15:25:41 +0200 Subject: [PATCH 0005/1017] Ensure sshkey title is unique When there are multiple ssh-keys for one host Nova installation fails with sshkey resource duplication. This patch fixing the issue. Change-Id: Ibe587a23b5c5ff3fd7e292aaa41f804687792b27 --- packstack/puppet/templates/sshkey.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packstack/puppet/templates/sshkey.pp b/packstack/puppet/templates/sshkey.pp index f1fd66e0b..b5dca384e 100644 --- a/packstack/puppet/templates/sshkey.pp +++ b/packstack/puppet/templates/sshkey.pp @@ -1,7 +1,6 @@ -sshkey { '%(SSH_HOST_NAME)s': +sshkey { '%(SSH_HOST_KEY_TYPE)s.%(SSH_HOST_NAME)s': ensure => present, host_aliases => [%(SSH_HOST_ALIASES)s], key => '%(SSH_HOST_KEY)s', type => '%(SSH_HOST_KEY_TYPE)s', } - From cd8f90d1380502e751d0a2e1f8e4dfaa62e1872a Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 13 May 2014 16:18:56 +0200 Subject: [PATCH 0006/1017] Removed unnecessary hacks In Havana release there was necessary to install plugin specific packages for ML2 because module had not implement it. This is not true for Icehouse release so hacks have to be removed. Removed also enable_security_group hack which breaks recent version of Neutron server. Change-Id: I35896166bfe4de2c9e49ba59579063fc0b8c666d Fixes: rhbz#1096510 --- .../puppet/templates/neutron_ml2_plugin.pp | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/packstack/puppet/templates/neutron_ml2_plugin.pp b/packstack/puppet/templates/neutron_ml2_plugin.pp index 80b630bf0..6e2f97ad3 100644 --- a/packstack/puppet/templates/neutron_ml2_plugin.pp +++ b/packstack/puppet/templates/neutron_ml2_plugin.pp @@ -1,21 +1,4 @@ -# We need this before https://review.openstack.org/#/c/67004/ will be merged -if 'openvswitch' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s and !defined(Package['neutron-plugin-ovs']) { - package {'neutron-plugin-ovs': - name => 'openstack-neutron-openvswitch', - ensure => 'installed', - before => Class['neutron::plugins::ml2'] - } -} - -if 'linuxbridge' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s and !defined(Package['neutron-plugin-linuxbridge']) { - package {'neutron-plugin-linuxbridge': - name => 'openstack-neutron-linuxbridge', - ensure => 'installed', - before => Class['neutron::plugins::ml2'] - } -} - class { 'neutron::plugins::ml2': type_drivers => %(CONFIG_NEUTRON_ML2_TYPE_DRIVERS)s, tenant_network_types => %(CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES)s, @@ -25,7 +8,7 @@ tunnel_id_ranges => %(CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES)s, vxlan_group => %(CONFIG_NEUTRON_ML2_VXLAN_GROUP)s, vni_ranges => %(CONFIG_NEUTRON_ML2_VNI_RANGES)s, - enable_security_group => 'dummy', + enable_security_group => true, } # For cases where "neutron-db-manage upgrade" command is called we need to fill config file first From a7cead8e65f48fa09b0eae70c2fdbf1bad92a2d0 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Thu, 15 May 2014 14:19:30 +0200 Subject: [PATCH 0007/1017] Add infos about ML2 params in the packstack man page - CONFIG_NEUTRON_ML2_TYPE_DRIVERS - CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES - CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS - CONFIG_NEUTRON_ML2_FLAT_NETWORKS - CONFIG_NEUTRON_ML2_VLAN_RANGES - CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES - CONFIG_NEUTRON_ML2_VXLAN_GROUP - CONFIG_NEUTRON_ML2_VNI_RANGES Change-Id: I0763cf578239cc2f4ee349aad7afbb71a722396b Fixes: rhbz#1065979 --- docs/packstack.rst | 426 ++++++++++++++++++++++++++++++--------------- 1 file changed, 289 insertions(+), 137 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index a4a42f241..b7f9fe496 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -1,20 +1,22 @@ -============== +========= Packstack -============== +========= SYNOPSIS ======== - packstack [options] +packstack [options] DESCRIPTION =========== - Packstack is a utility that uses uses puppet modules to install OpenStack. It can be used to install each openstack service on separate servers, all on one server or any combination of these. There are 3 ways that Packstack can be run. + +Packstack is a utility that uses uses puppet modules to install OpenStack. It can be used to install each openstack service on separate servers, all on one server or any combination of these. There are 3 ways that Packstack can be run. + - packstack - packstack [options] - packstack --gen-answer-file= / packstack --answer-file= - The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. When is created the OPTIONS below will be contained and can be edited by the user. +The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. When is created the OPTIONS below will be contained and can be edited by the user. OPTIONS ======= @@ -22,322 +24,472 @@ OPTIONS Global Options -------------- -**CONFIG_GLANCE_INSTALL** : Set to 'y' if you would like Packstack to install Glance ['y', 'n']. +**CONFIG_GLANCE_INSTALL** + Set to 'y' if you would like Packstack to install Glance ['y', 'n']. -**CONFIG_CINDER_INSTALL** : Set to 'y' if you would like Packstack to install Cinder ['y', 'n']. +**CONFIG_CINDER_INSTALL** + Set to 'y' if you would like Packstack to install Cinder ['y', 'n']. -**CONFIG_NOVA_INSTALL** : Set to 'y' if you would like Packstack to install Nova ['y', 'n']. +**CONFIG_NOVA_INSTALL** + Set to 'y' if you would like Packstack to install Nova ['y', 'n']. -**CONFIG_HORIZON_INSTALL** : Set to 'y' if you would like Packstack to install Horizon ['y', 'n']. +**CONFIG_HORIZON_INSTALL** + Set to 'y' if you would like Packstack to install Horizon ['y', 'n']. -**CONFIG_SWIFT_INSTALL** : Set to 'y' if you would like Packstack to install Swift ['y', 'n']. +**CONFIG_SWIFT_INSTALL** + Set to 'y' if you would like Packstack to install Swift ['y', 'n']. -**CONFIG_CLIENT_INSTALL** : Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. +**CONFIG_CLIENT_INSTALL** + Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. -**CONFIG_NTP_SERVERS** : Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances.. +**CONFIG_NTP_SERVERS** + Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances.. -**CONFIG_NAGIOS_INSTALL** : Set to 'y' if you would like Packstack to install Nagios to monitor openstack hosts ['y', 'n']. +**CONFIG_NAGIOS_INSTALL** + Set to 'y' if you would like Packstack to install Nagios to monitor openstack hosts ['y', 'n']. -**CONFIG_CEILOMETER_INSTALL** : Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer). +**CONFIG_CEILOMETER_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer). -**CONFIG_HEAT_INSTALL** : Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat). +**CONFIG_HEAT_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat). -**CONFIG_NEUTRON_INSTALL** : Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). +**CONFIG_NEUTRON_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). -**CONFIG_MYSQL_INSTALL** : Set to 'y' if you would like Packstack to install MySQL. +**CONFIG_MYSQL_INSTALL** + Set to 'y' if you would like Packstack to install MySQL. SSH Configs ------------ -**CONFIG_SSH_KEY** : Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again. +**CONFIG_SSH_KEY** + Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again. MySQL Config parameters ----------------------- -**CONFIG_MYSQL_HOST** : The IP address of the server on which to install MySQL. +**CONFIG_MYSQL_HOST** + The IP address of the server on which to install MySQL. -**CONFIG_MYSQL_USER** : Username for the MySQL admin user. +**CONFIG_MYSQL_USER** + Username for the MySQL admin user. -**CONFIG_MYSQL_PW** : Password for the MySQL admin user. +**CONFIG_MYSQL_PW** + Password for the MySQL admin user. QPID Config parameters ---------------------- -**CONFIG_QPID_HOST** : The IP address of the server on which to install the QPID service. +**CONFIG_QPID_HOST** + The IP address of the server on which to install the QPID service. -**CONFIG_QPID_ENABLE_SSL** : Enable SSL for the QPID service. +**CONFIG_QPID_ENABLE_SSL** + Enable SSL for the QPID service. -**CONFIG_QPID_NSS_CERTDB_PW** : The password for the NSS certificate database of the QPID service. +**CONFIG_QPID_NSS_CERTDB_PW** + The password for the NSS certificate database of the QPID service. -**CONFIG_QPID_SSL_PORT** : The port in which the QPID service listens to SSL connections. +**CONFIG_QPID_SSL_PORT** + The port in which the QPID service listens to SSL connections. -**CONFIG_QPID_SSL_CERT_FILE** : The filename of the certificate that the QPID service is going to use. +**CONFIG_QPID_SSL_CERT_FILE** + The filename of the certificate that the QPID service is going to use. -**CONFIG_QPID_SSL_KEY_FILE** : The filename of the private key that the QPID service is going to use. +**CONFIG_QPID_SSL_KEY_FILE** + The filename of the private key that the QPID service is going to use. -**CONFIG_QPID_SSL_SELF_SIGNED** : Auto Generates self signed SSL certificate and key. +**CONFIG_QPID_SSL_SELF_SIGNED** + Auto Generates self signed SSL certificate and key. Keystone Config parameters -------------------------- -**CONFIG_KEYSTONE_HOST** : The IP address of the server on which to install Keystone. +**CONFIG_KEYSTONE_HOST** + The IP address of the server on which to install Keystone. -**CONFIG_KEYSTONE_DB_PW** : The password to use for the Keystone to access DB. +**CONFIG_KEYSTONE_DB_PW** + The password to use for the Keystone to access DB. -**CONFIG_KEYSTONE_ADMIN_TOKEN** : The token to use for the Keystone service api. +**CONFIG_KEYSTONE_ADMIN_TOKEN** + The token to use for the Keystone service api. -**CONFIG_KEYSTONE_ADMIN_PW** : The password to use for the Keystone admin user. +**CONFIG_KEYSTONE_ADMIN_PW** + The password to use for the Keystone admin user. -**CONFIG_KEYSTONE_DEMO_PW** : The password to use for the Keystone demo user +**CONFIG_KEYSTONE_DEMO_PW** + The password to use for the Keystone demo user -**CONFIG_KEYSTONE_TOKEN_FORMAT** : Kestone token format. Use either UUID or PKI +**CONFIG_KEYSTONE_TOKEN_FORMAT** + Kestone token format. Use either UUID or PKI Glance Config parameters ------------------------ -**CONFIG_GLANCE_HOST** : The IP address of the server on which to install Glance. +**CONFIG_GLANCE_HOST** + The IP address of the server on which to install Glance. -**CONFIG_GLANCE_DB_PW** : The password to use for the Glance to access DB. +**CONFIG_GLANCE_DB_PW** + The password to use for the Glance to access DB. -**CONFIG_GLANCE_KS_PW** : The password to use for the Glance to authenticate with Keystone. +**CONFIG_GLANCE_KS_PW** + The password to use for the Glance to authenticate with Keystone. Cinder Config parameters ------------------------ -**CONFIG_CINDER_HOST** : The IP address of the server on which to install Cinder. +**CONFIG_CINDER_HOST** + The IP address of the server on which to install Cinder. -**CONFIG_CINDER_DB_PW** : The password to use for the Cinder to access DB. +**CONFIG_CINDER_DB_PW** + The password to use for the Cinder to access DB. -**CONFIG_CINDER_KS_PW** : The password to use for the Cinder to authenticate with Keystone. +**CONFIG_CINDER_KS_PW** + The password to use for the Cinder to authenticate with Keystone. -**CONFIG_CINDER_BACKEND** : The Cinder backend to use ['lvm', 'gluster', 'nfs']. +**CONFIG_CINDER_BACKEND** + The Cinder backend to use ['lvm', 'gluster', 'nfs']. Cinder volume create Config parameters -------------------------------------- -**CONFIG_CINDER_VOLUMES_CREATE** : Create Cinder's volumes group ['y', 'n']. +**CONFIG_CINDER_VOLUMES_CREATE** + Create Cinder's volumes group ['y', 'n']. Cinder volume size Config parameters ------------------------------------ -**CONFIG_CINDER_VOLUMES_SIZE** : Cinder's volumes group size. +**CONFIG_CINDER_VOLUMES_SIZE** + Cinder's volumes group size. Cinder gluster Config parameters -------------------------------- -**CONFIG_CINDER_GLUSTER_MOUNTS** : A single or comma separated list of gluster volume shares. +**CONFIG_CINDER_GLUSTER_MOUNTS** + A single or comma separated list of gluster volume shares. Cinder NFS Config parameters ---------------------------- -**CONFIG_CINDER_NFS_MOUNTS** : A single or comma seprated list of NFS exports to mount. +**CONFIG_CINDER_NFS_MOUNTS** + A single or comma separated list of NFS exports to mount. Nova Options ------------ -**CONFIG_NOVA_API_HOST** : The IP address of the server on which to install the Nova API service. +**CONFIG_NOVA_API_HOST** + The IP address of the server on which to install the Nova API service. -**CONFIG_NOVA_CERT_HOST** : The IP address of the server on which to install the Nova Cert service. +**CONFIG_NOVA_CERT_HOST** + The IP address of the server on which to install the Nova Cert service. -**CONFIG_NOVA_VNCPROXY_HOST** : The IP address of the server on which to install the Nova VNC proxy. +**CONFIG_NOVA_VNCPROXY_HOST** + The IP address of the server on which to install the Nova VNC proxy. -**CONFIG_NOVA_COMPUTE_HOSTS** : A comma separated list of IP addresses on which to install the Nova Compute services. +**CONFIG_NOVA_COMPUTE_HOSTS** + A comma separated list of IP addresses on which to install the Nova Compute services. -**CONFIG_NOVA_COMPUTE_PRIVIF** : Private interface for Flat DHCP on the Nova compute servers. +**CONFIG_NOVA_COMPUTE_PRIVIF** + Private interface for Flat DHCP on the Nova compute servers. -**CONFIG_NOVA_NETWORK_HOSTS** : List of IP address of the servers on which to install the Nova Network service. +**CONFIG_NOVA_NETWORK_HOSTS** + List of IP address of the servers on which to install the Nova Network service. -**CONFIG_NOVA_DB_PW** : The password to use for the Nova to access DB. +**CONFIG_NOVA_DB_PW** + The password to use for the Nova to access DB. -**CONFIG_NOVA_KS_PW** : The password to use for the Nova to authenticate with Keystone. +**CONFIG_NOVA_KS_PW** + The password to use for the Nova to authenticate with Keystone. -**CONFIG_NOVA_NETWORK_PUBIF** : Public interface on the Nova network server. +**CONFIG_NOVA_NETWORK_PUBIF** + Public interface on the Nova network server. -**CONFIG_NOVA_NETWORK_PRIVIF** : Private interface for Flat DHCP on the Nova network server. +**CONFIG_NOVA_NETWORK_PRIVIF** + Private interface for Flat DHCP on the Nova network server. -**CONFIG_NOVA_NETWORK_FIXEDRANGE** : IP Range for Flat DHCP ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. +**CONFIG_NOVA_NETWORK_FIXEDRANGE** + IP Range for Flat DHCP ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. -**CONFIG_NOVA_NETWORK_FLOATRANGE** : IP Range for Floating IP's ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. +**CONFIG_NOVA_NETWORK_FLOATRANGE** + IP Range for Floating IP's ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. -**CONFIG_NOVA_SCHED_HOST** : The IP address of the server on which to install the Nova Scheduler service. +**CONFIG_NOVA_SCHED_HOST** + The IP address of the server on which to install the Nova Scheduler service. -**CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO** : The overcommitment ratio for virtual to physical CPUs. Set to 1.0 to disable CPU overcommitment. +**CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO** + The overcommitment ratio for virtual to physical CPUs. Set to 1.0 to disable CPU overcommitment. -**CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO** : The overcommitment ratio for virtual to physical RAM. Set to 1.0 to disable RAM overcommitment. +**CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO** + The overcommitment ratio for virtual to physical RAM. Set to 1.0 to disable RAM overcommitment. -**CONFIG_NOVA_CONDUCTOR_HOST** : The IP address of the server on which to install the Nova Conductor service. +**CONFIG_NOVA_CONDUCTOR_HOST** + The IP address of the server on which to install the Nova Conductor service. -**CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** : Automatically assign a floating IP to new instances. +**CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** + Automatically assign a floating IP to new instances. -**CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL** : Name of the default floating pool to which the specified floating ranges are added to. +**CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL** + Name of the default floating pool to which the specified floating ranges are added to. -**CONFIG_NOVA_NETWORK_MANAGER** : Nova network manager. +**CONFIG_NOVA_NETWORK_MANAGER** + Nova network manager. -**CONFIG_NOVA_NETWORK_NUMBER** : Number of networks to support. +**CONFIG_NOVA_NETWORK_NUMBER** + Number of networks to support. -**CONFIG_NOVA_NETWORK_SIZE** : Number of addresses in each private subnet. +**CONFIG_NOVA_NETWORK_SIZE** + Number of addresses in each private subnet. -**CONFIG_NOVA_NETWORK_VLAN_START** : First VLAN for private networks. +**CONFIG_NOVA_NETWORK_VLAN_START** + First VLAN for private networks. NOVACLIENT Config parameters ---------------------------- -**CONFIG_OSCLIENT_HOST** : The IP address of the server on which to install the OpenStack client packages. An admin "rc" file will also be installed. +**CONFIG_OSCLIENT_HOST** + The IP address of the server on which to install the OpenStack client packages. An admin "rc" file will also be installed. OpenStack Horizon Config parameters ----------------------------------- -**CONFIG_HORIZON_HOST** : The IP address of the server on which to install Horizon. +**CONFIG_HORIZON_HOST** + The IP address of the server on which to install Horizon. -**CONFIG_HORIZON_SSL** : To set up Horizon communication over https set this to "y" ['y', 'n']. +**CONFIG_HORIZON_SSL** + To set up Horizon communication over https set this to "y" ['y', 'n']. -**CONFIG_SSL_CERT** : PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase. +**CONFIG_SSL_CERT** + PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase. -**CONFIG_SSL_KEY** : Keyfile corresponding to the certificate if one was entered. +**CONFIG_SSL_KEY** + Keyfile corresponding to the certificate if one was entered. OpenStack Swift Config parameters --------------------------------- -**CONFIG_SWIFT_PROXY_HOSTS** : The IP address on which to install the Swift proxy service. +**CONFIG_SWIFT_PROXY_HOSTS** + The IP address on which to install the Swift proxy service. -**CONFIG_SWIFT_KS_PW** : The password to use for the Swift to authenticate with Keystone. +**CONFIG_SWIFT_KS_PW** + The password to use for the Swift to authenticate with Keystone. -**CONFIG_SWIFT_STORAGE_HOSTS** : A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format [/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device(packstack does not create the filesystem, you must do this first), if /dev is omitted Packstack will create a loopback device for a test setup. +**CONFIG_SWIFT_STORAGE_HOSTS** + A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format [/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device(packstack does not create the filesystem, you must do this first), if /dev is omitted Packstack will create a loopback device for a test setup. -**CONFIG_SWIFT_STORAGE_ZONES** : Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured. +**CONFIG_SWIFT_STORAGE_ZONES** + Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured. -**CONFIG_SWIFT_STORAGE_REPLICAS** : Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured. +**CONFIG_SWIFT_STORAGE_REPLICAS** + Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured. -**CONFIG_SWIFT_STORAGE_FSTYPE** : FileSystem type for storage nodes ['xfs', 'ext4']. +**CONFIG_SWIFT_STORAGE_FSTYPE** + FileSystem type for storage nodes ['xfs', 'ext4']. -**CONFIG_SWIFT_HASH** : Shared secret for Swift. +**CONFIG_SWIFT_HASH** + Shared secret for Swift. Server Prepare Configs ------------------------ +---------------------- -**CONFIG_USE_EPEL** : Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. +**CONFIG_USE_EPEL** + Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. -**CONFIG_REPO** : A comma separated list of URLs to any additional yum repositories to install. +**CONFIG_REPO** + A comma separated list of URLs to any additional yum repositories to install. -**CONFIG_RH_USER** : To subscribe each server with Red Hat subscription manager, include this with CONFIG_RH_PW. +**CONFIG_RH_USER** + To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_PW**. -**CONFIG_RH_PW** : To subscribe each server with Red Hat subscription manager, include this with CONFIG_RH_USER. +**CONFIG_RH_PW** + To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_USER**. -**CONFIG_RH_BETA_REPO** : To subscribe each server with Red Hat subscription manager, to Red Hat Beta RPM's ['y', 'n']. +**CONFIG_RH_BETA_REPO** + To subscribe each server with Red Hat subscription manager, to Red Hat Beta RPM's ['y', 'n']. -**CONFIG_SATELLITE_URL** : To subscribe each server with RHN Satellite,fill Satellite's URL here. Note that either satellite's username/password or activation key has to be provided. +**CONFIG_SATELLITE_URL** + To subscribe each server with RHN Satellite,fill Satellite's URL here. Note that either satellite's username/password or activation key has to be provided. RHN Satellite config -------------------- -**CONFIG_SATELLITE_USER** : Username to access RHN Satellite. +**CONFIG_SATELLITE_USER** + Username to access RHN Satellite. -**CONFIG_SATELLITE_PW** : Password to access RHN Satellite. +**CONFIG_SATELLITE_PW** + Password to access RHN Satellite. -**CONFIG_SATELLITE_AKEY** : Activation key for subscription to RHN Satellite. +**CONFIG_SATELLITE_AKEY** + Activation key for subscription to RHN Satellite. -**CONFIG_SATELLITE_CACERT** : Specify a path or URL to a SSL CA certificate to use. +**CONFIG_SATELLITE_CACERT** + Specify a path or URL to a SSL CA certificate to use. -**CONFIG_SATELLITE_PROFILE** : If required specify the profile name that should be used as an identifier for the system in RHN Satellite. +**CONFIG_SATELLITE_PROFILE** + If required specify the profile name that should be used as an identifier for the system in RHN Satellite. -**CONFIG_SATELLITE_FLAGS** : Comma separated list of flags passed to rhnreg_ks. Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', 'norhnsd', 'nopackages']. +**CONFIG_SATELLITE_FLAGS** + Comma separated list of flags passed to rhnreg_ks. Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', 'norhnsd', 'nopackages']. -**CONFIG_SATELLITE_PROXY** : Specify a HTTP proxy to use with RHN Satellite. +**CONFIG_SATELLITE_PROXY** + Specify a HTTP proxy to use with RHN Satellite. RHN Satellite proxy config -------------------------- -**CONFIG_SATELLITE_PROXY_USER** : Specify a username to use with an authenticated HTTP proxy. +**CONFIG_SATELLITE_PROXY_USER** + Specify a username to use with an authenticated HTTP proxy. -**CONFIG_SATELLITE_PROXY_PW** : Specify a password to use with an authenticated HTTP proxy. +**CONFIG_SATELLITE_PROXY_PW** + Specify a password to use with an authenticated HTTP proxy. Nagios Config parameters ------------------------ -**CONFIG_NAGIOS_HOST** : The IP address of the server on which to install the Nagios server. +**CONFIG_NAGIOS_HOST** + The IP address of the server on which to install the Nagios server. -**CONFIG_NAGIOS_PW** : The password of the nagiosadmin user on the Nagios server. +**CONFIG_NAGIOS_PW** + The password of the nagiosadmin user on the Nagios server. Ceilometer Config Parameters ------------------------- +---------------------------- -**CONFIG_CEILOMETER_HOST** : The IP address of the server on which to install Ceilometer. +**CONFIG_CEILOMETER_HOST** + The IP address of the server on which to install Ceilometer. -**CONFIG_CEILOMETER_SECRET** : Secret key for signing metering messages. +**CONFIG_CEILOMETER_SECRET** + Secret key for signing metering messages. -**CONFIG_CEILOMETER_KS_PW** : The password to use for Ceilometer to authenticate with Keystone. +**CONFIG_CEILOMETER_KS_PW** + The password to use for Ceilometer to authenticate with Keystone. Heat Config Parameters ------------------------- +---------------------- -**CONFIG_HEAT_HOST** : The IP address of the server on which to install Heat service. +**CONFIG_HEAT_HOST** + The IP address of the server on which to install Heat service. -**CONFIG_HEAT_DB_PW** : The password used by Heat user to authenticate against MySQL. +**CONFIG_HEAT_DB_PW** + The password used by Heat user to authenticate against MySQL. -**CONFIG_HEAT_KS_PW** : The password to use for the Heat to authenticate with Keystone. +**CONFIG_HEAT_KS_PW** + The password to use for the Heat to authenticate with Keystone. -**CONFIG_HEAT_CLOUDWATCH_INSTALL** : Set to 'y' if you would like Packstack to install Heat CloudWatch API. +**CONFIG_HEAT_CLOUDWATCH_INSTALL** + Set to 'y' if you would like Packstack to install Heat CloudWatch API. -**CONFIG_HEAT_CFN_INSTALL** : Set to 'y' if you would like Packstack to install Heat CloudFormation API. +**CONFIG_HEAT_CFN_INSTALL** + Set to 'y' if you would like Packstack to install Heat CloudFormation API. -**CONFIG_HEAT_CLOUDWATCH_HOST** : The IP address of the server on which to install Heat CloudWatch API service. +**CONFIG_HEAT_CLOUDWATCH_HOST** + The IP address of the server on which to install Heat CloudWatch API service. -**CONFIG_HEAT_CFN_HOST** : The IP address of the server on which to install Heat CloudFormation API. +**CONFIG_HEAT_CFN_HOST** + The IP address of the server on which to install Heat CloudFormation API. -Neutron Config Parameters. ------------------------- +Neutron Config Parameters +------------------------- -**CONFIG_NEUTRON_SERVER_HOST** : The IP addresses of the server on which to install the Neutron server. +**CONFIG_NEUTRON_SERVER_HOST** + The IP addresses of the server on which to install the Neutron server. -**CONFIG_NEUTRON_KS_PW** : The password to use for Neutron to authenticate with Keystone. +**CONFIG_NEUTRON_KS_PW** + The password to use for Neutron to authenticate with Keystone. -**CONFIG_NEUTRON_DB_PW** : The password to use for Neutron to access DB. +**CONFIG_NEUTRON_DB_PW** + The password to use for Neutron to access DB. -**CONFIG_NEUTRON_L3_HOSTS** : A comma separated list of IP addresses on which to install Neutron L3 agent. +**CONFIG_NEUTRON_L3_HOSTS** + A comma separated list of IP addresses on which to install Neutron L3 agent. -**CONFIG_NEUTRON_L3_EXT_BRIDGE** : The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. +**CONFIG_NEUTRON_L3_EXT_BRIDGE** + The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. -**CONFIG_NEUTRON_DHCP_HOSTS** : A comma separated list of IP addresses on which to install Neutron DHCP agent. +**CONFIG_NEUTRON_DHCP_HOSTS** + A comma separated list of IP addresses on which to install Neutron DHCP agent. -**CONFIG_NEUTRON_L2_PLUGIN** : The name of the L2 plugin to be used with Neutron. +**CONFIG_NEUTRON_L2_PLUGIN** + The name of the L2 plugin to be used with Neutron. -**CONFIG_NEUTRON_METADATA_HOSTS** : A comma separated list of IP addresses on which to install Neutron metadata agent. +**CONFIG_NEUTRON_METADATA_HOSTS** + A comma separated list of IP addresses on which to install Neutron metadata agent. -**CONFIG_NEUTRON_METADATA_PW** : A comma separated list of IP addresses on which to install Neutron metadata agent. +**CONFIG_NEUTRON_METADATA_PW** + A comma separated list of IP addresses on which to install Neutron metadata agent. -**CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE** : The type of network to allocate for tenant networks (eg. vlan, local, gre). +**CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE** + The type of network to allocate for tenant networks (eg. vlan, local, gre). -**CONFIG_NEUTRON_LB_VLAN_RANGES** : A comma separated list of VLAN ranges for the Neutron linuxbridge plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). +**CONFIG_NEUTRON_LB_VLAN_RANGES** + A comma separated list of VLAN ranges for the Neutron linuxbridge plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). -**CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** : A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). +**CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** + A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). -**CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE** : Type of network to allocate for tenant networks (eg. vlan, local, gre). +**CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE** + Type of network to allocate for tenant networks (eg. vlan, local, gre). -**CONFIG_NEUTRON_OVS_VLAN_RANGES** : A comma separated list of VLAN ranges for the Neutron openvswitch plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). +**CONFIG_NEUTRON_OVS_VLAN_RANGES** + A comma separated list of VLAN ranges for the Neutron openvswitch plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). -**CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** : A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). +**CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** + A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). -**CONFIG_NEUTRON_OVS_BRIDGE_IFACES** : A comma separated list of colon-separated OVS brid. +**CONFIG_NEUTRON_OVS_BRIDGE_IFACES** + A comma separated list of colon-separated OVS brid. -**CONFIG_NEUTRON_OVS_TUNNEL_RANGES** : A comma separated list of tunnel ranges for the Neutron openvswitch plugin. +**CONFIG_NEUTRON_OVS_TUNNEL_RANGES** + A comma separated list of tunnel ranges for the Neutron openvswitch plugin. -**CONFIG_NEUTRON_OVS_TUNNEL_IF** : Override the IP used for GRE tunnels on this hypervisor to the IP found on the specified interface (defaults to the HOST IP). +**CONFIG_NEUTRON_OVS_TUNNEL_IF** + Override the IP used for GRE tunnels on this hypervisor to the IP found on the specified interface (defaults to the HOST IP). +**CONFIG_NEUTRON_ML2_TYPE_DRIVERS** + A comma separated list of network type (eg: local, flat, vlan, gre, vxlan). -Provision Config Parameters. ------------------------- -**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE** : Whether to configure the ovs external bridge in an all-in-one deployment. +**CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES** + A comma separated ordered list of network_types to allocate as tenant networks (eg: local, flat, vlan, gre, vxlan). The value 'local' is only useful for single-box testing but provides no connectivity between hosts. + +**CONFIG_NEUTRON_ML2_SM_DRIVERS** + A comma separated ordered list of networking mechanism driver entrypoints to be loaded from the **neutron.ml2.mechanism_drivers** namespace (eg: logger, test, linuxbridge, openvswitch, hyperv, ncs, arista, cisco_nexus, l2population). + +**CONFIG_NEUTRON_ML2_FLAT_NETWORKS** + A comma separated list of physical_network names with which flat networks can be created. Use * to allow flat networks with arbitrary physical_network names. + +**CONFIG_NEUTRON_ML2_VLAN_RANGES** + A comma separated list of **::** or **** specifying physical_network names usable for VLAN provider and tenant networks, as well as ranges of VLAN tags on each available for allocation to tenant networks. + +**CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES** + A comma separated list of **:** tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation. Should be an array with **tun_max +1 - tun_min > 1000000**. + +**CONFIG_NEUTRON_ML2_VXLAN_GROUP** + Multicast group for VXLAN. If unset, disables VXLAN enable sending allocate broadcast traffic to this multicast group. When left unconfigured, will disable multicast VXLAN mode. Should be an **Multicast IP (v4 or v6)** address. + +**CONFIG_NEUTRON_ML2_VNI_RANGES** + A comma separated list of **:** tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. + + +Provision Config Parameters +--------------------------- + +**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE** + Whether to configure the ovs external bridge in an all-in-one deployment. -**CONFIG_PROVISION_DEMO** : Whether to provision for demo usage and testing. +**CONFIG_PROVISION_DEMO** + Whether to provision for demo usage and testing. -**CONFIG_PROVISION_DEMO_FLOATRANGE** : The CIDR network address for the floating IP subnet. +**CONFIG_PROVISION_DEMO_FLOATRANGE** + The CIDR network address for the floating IP subnet. -**CONFIG_PROVISION_TEMPEST** : Whether to configure tempest for testing. +**CONFIG_PROVISION_TEMPEST** + Whether to configure tempest for testing. -**CONFIG_PROVISION_TEMPEST_REPO_REVISION** : The revision of the tempest git repository to use. +**CONFIG_PROVISION_TEMPEST_REPO_REVISION** + The revision of the tempest git repository to use. -**CONFIG_PROVISION_TEMPEST_REPO_URI** : The uri of the tempest git repository to use. +**CONFIG_PROVISION_TEMPEST_REPO_URI** + The uri of the tempest git repository to use. Log files and Debug info From 3ac34b9449141397236d32bacf4185584be4454b Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 28 Apr 2014 15:42:26 +0200 Subject: [PATCH 0008/1017] Make prescript template RHEL-7 aware Netns checking make no sense for RHEL-7. We also don't have openstack-selinux package yet for RHEL-7. Change-Id: Ie12ca2700d1817b4c6e3425229d3259fff595810 --- packstack/puppet/templates/prescript.pp | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 8a1defa93..eecf77016 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -1,18 +1,20 @@ include firewall -if $::operatingsystem != "Fedora" { - package{ 'openstack-selinux': - ensure => present, - } -} +$el_releases = ["RedHat", "CentOS"] -$info = "The RDO kernel that includes network namespace (netns) support has been installed on host $::ipaddress." -if $::operatingsystem == 'RedHat' { - $warning = " This is a community supplied kernel and is not officially supported by Red Hat. Installing this kernel on RHEL systems may impact your ability to get support from Red Hat." -} else { - $warning = "" +# We don't have openstack-selinux package for Fedora and yet for RHEL-7 +if $::operatingsystem != "Fedora" and ($::operatingsystem in $el_releases and $::operatingsystemrelease < 7) { + package{ 'openstack-selinux': + ensure => present, + } } -class { 'packstack::netns': +# For older RHEL-6 releases kernel/iptools does not support netns +if $::operatingsystem in $el_releases and $::operatingsystemrelease < 7 { + $info = "The RDO kernel that includes network namespace (netns) support has been installed on host $::ipaddress." + $warning = " This is a community supplied kernel and is not officially supported by Red Hat. Installing this kernel on RHEL systems may impact your ability to get support from Red Hat." + + class { 'packstack::netns': warning => "${info}${warning}" + } } From fa002b8e368b9e65d1aa5d81f4779f74571f86b0 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 1 Apr 2014 14:56:13 +0200 Subject: [PATCH 0009/1017] Add performance configuration for InnoDB Added following setting to my.cnf/server.cnf innodb_buffer_pool_size = 20% of available memory innodb_flush_method = O_DIRECT innodb_file_per_table = 1 Change-Id: I392720b3dff860ec1e1416657d7517e7a7041849 Fixes: rhbz#1078999 --- .../lib/facter/innodb_bufferpoolsize.rb | 6 +++ .../lib/facter/innodb_logfilesize.rb | 6 +++ .../modules/packstack/manifests/innodb.pp | 48 +++++++++++++++++++ .../packstack/templates/innodb.cnf.erb | 5 ++ packstack/puppet/templates/mysql_install.pp | 3 +- 5 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb create mode 100644 packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb create mode 100644 packstack/puppet/modules/packstack/manifests/innodb.pp create mode 100644 packstack/puppet/modules/packstack/templates/innodb.cnf.erb diff --git a/packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb b/packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb new file mode 100644 index 000000000..9197225c2 --- /dev/null +++ b/packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb @@ -0,0 +1,6 @@ +Facter.add(:innodb_bufferpoolsize) do + setcode do + memsize = Float(Facter.value('memorysize_mb')) + Integer(memsize * 0.2) + end +end diff --git a/packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb b/packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb new file mode 100644 index 000000000..5768fc5e5 --- /dev/null +++ b/packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb @@ -0,0 +1,6 @@ +Facter.add(:innodb_logfilesize) do + setcode do + buffsize = Float(Facter.value('innodb_bufferpoolsize')) + Integer(buffsize * 0.25) + end +end diff --git a/packstack/puppet/modules/packstack/manifests/innodb.pp b/packstack/puppet/modules/packstack/manifests/innodb.pp new file mode 100644 index 000000000..1416e2299 --- /dev/null +++ b/packstack/puppet/modules/packstack/manifests/innodb.pp @@ -0,0 +1,48 @@ +# +# author: Martin Magr +# +# == Class: packstack::innodb +# +# Changes mysql/mariadb configuration for better performance +# +# === Parameters +# +# [*buffer_pool_size*] +# Value for innodb_buffer_pool_size in my.cnf config file. Defaults to 20% +# of available memory +# +# [*log_file_size*] +# Value for innodb_log_file_size in my.cnf config file. Defaults to 25% +# of buffer_pool_size +# +# [*clean*] +# Clean mysql logs before changing log configuration. +# + +class packstack::innodb ( + $buffer_pool_size = $::innodb_bufferpoolsize, + $log_file_size = $::innodb_logfilesize, + $clean = true, +) +{ + + if $clean { + exec { 'clean_innodb_logs': + path => ['/usr/bin', '/bin', '/usr/sbin'], + command => "service mysqld stop && rm -f /var/lib/mysql/ib_logfile?", + onlyif => "ls /var/lib/mysql/ib_logfile?", + notify => Service['mysqld'], + logoutput => 'on_failure', + subscribe => File['/etc/my.cnf.d/innodb.cnf'], + refreshonly => true, + } + } + + file { '/etc/my.cnf.d/innodb.cnf': + require => Package["$mysql::server::package_name"], + content => template('packstack/innodb.cnf.erb'), + mode => '0644', + notify => Service['mysqld'], + } + +} diff --git a/packstack/puppet/modules/packstack/templates/innodb.cnf.erb b/packstack/puppet/modules/packstack/templates/innodb.cnf.erb new file mode 100644 index 000000000..ef8e2d525 --- /dev/null +++ b/packstack/puppet/modules/packstack/templates/innodb.cnf.erb @@ -0,0 +1,5 @@ +[mysqld] +innodb_buffer_pool_size = <%= @buffer_pool_size %>M +innodb_log_file_size = <%= @log_file_size %>M +innodb_flush_method = O_DIRECT +innodb_file_per_table = 1 diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index fab2d93b2..533e65323 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -6,6 +6,8 @@ root_password => "%(CONFIG_MYSQL_PW)s",} } +include packstack::innodb + # deleting database users for security # this is done in mysql::server::account_security but has problems # when there is no fqdn, so we're defining a slightly different one here @@ -22,4 +24,3 @@ ensure => 'absent', require => Class['mysql::config'], } } - From d7a3d151756d660466370bf78a37cc693ffd8610 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 29 Apr 2014 17:17:56 +0200 Subject: [PATCH 0010/1017] Force qemu-kvm-rhev on RHELs Packstack should make sure that qemu-kvm-rhev (qemu-img-rhev) is installed on RHEL, because Nova fails to create snapshot using qemu-img. Change-Id: Ic3370301b5dc103758adcb15dd03cee6b5f284d7 Fixes: rhbz#1049861 --- .../puppet/templates/nova_compute_libvirt.pp | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index 96b3251e0..7a3cadef5 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -16,10 +16,21 @@ "DEFAULT/libvirt_inject_partition": value => "-1"; } -exec { 'qemu-kvm': - path => '/usr/bin', - command => 'yum install -y qemu-kvm', - before => Class['nova::compute::libvirt'] +case $::operatingsystem { + 'Fedora': { + $qemu_package = 'qemu-kvm' + } + 'RedHat', 'CentOS': { + $qemu_package = 'qemu-kvm-rhev' + } + default: { + $qemu_package = 'qemu-kvm' + } +} + +package { 'qemu-kvm': + name => $qemu_package, + ensure => installed, } class { 'nova::compute::libvirt': From 3d92f24ccc92ed6446d3175f0f4233a7eb76430a Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 6 May 2014 14:53:23 +0200 Subject: [PATCH 0011/1017] Plugins refactor - Replaced CONFIG__HOST(S) parameters for CONFIG_CONTROLLER_HOST, CONFIG_COMPUTE_HOSTS and CONFIG_NETWORK_HOSTS to minimize count of potential deployment architecture to maintainable level - Unified coding style in plugins, PEP8-tized and forced pep8 check on them Implements: blueprint simplification Change-Id: I597f209b62d8d0c3709bb446cb33c804509eef9f --- packstack/installer/core/sequences.py | 16 +- packstack/installer/run_setup.py | 5 +- packstack/installer/setup_controller.py | 18 +- packstack/modules/shortcuts.py | 2 +- packstack/plugins/amqp_002.py | 394 +++--- packstack/plugins/ceilometer_800.py | 146 +-- packstack/plugins/cinder_250.py | 404 +++--- packstack/plugins/dashboard_500.py | 197 ++- packstack/plugins/glance_200.py | 122 +- packstack/plugins/heat_750.py | 277 ++--- packstack/plugins/keystone_100.py | 186 ++- packstack/plugins/mysql_001.py | 152 +-- packstack/plugins/nagios_910.py | 218 ++-- packstack/plugins/neutron_350.py | 1088 +++++++++-------- packstack/plugins/nova_300.py | 770 ++++++------ packstack/plugins/openstack_client_400.py | 66 +- packstack/plugins/postscript_948.py | 48 +- packstack/plugins/prescript_000.py | 669 +++++----- packstack/plugins/provision_700.py | 302 ++--- packstack/plugins/puppet_950.py | 222 ++-- packstack/plugins/serverprep_949.py | 548 ++++----- packstack/plugins/swift_600.py | 437 ++++--- packstack/puppet/templates/amqp.pp | 2 +- packstack/puppet/templates/ceilometer.pp | 4 +- packstack/puppet/templates/cinder.pp | 6 +- packstack/puppet/templates/cinder_backup.pp | 2 +- packstack/puppet/templates/glance.pp | 4 +- packstack/puppet/templates/heat.pp | 7 +- packstack/puppet/templates/heat_cfn.pp | 1 + packstack/puppet/templates/heat_cloudwatch.pp | 1 + packstack/puppet/templates/heat_qpid.pp | 4 +- packstack/puppet/templates/heat_rabbitmq.pp | 4 +- packstack/puppet/templates/horizon.pp | 4 +- packstack/puppet/templates/keystone.pp | 6 +- .../puppet/templates/keystone_ceilometer.pp | 6 +- packstack/puppet/templates/keystone_cinder.pp | 6 +- packstack/puppet/templates/keystone_glance.pp | 6 +- packstack/puppet/templates/keystone_heat.pp | 12 +- .../puppet/templates/keystone_neutron.pp | 6 +- packstack/puppet/templates/keystone_nova.pp | 6 +- packstack/puppet/templates/keystone_swift.pp | 2 +- packstack/puppet/templates/nagios_nrpe.pp | 4 +- packstack/puppet/templates/nagios_server.pp | 2 +- packstack/puppet/templates/neutron_api.pp | 2 +- .../puppet/templates/neutron_metadata.pp | 4 +- .../puppet/templates/neutron_notifications.pp | 5 +- packstack/puppet/templates/nova_api.pp | 2 +- packstack/puppet/templates/nova_ceilometer.pp | 2 +- packstack/puppet/templates/nova_common.pp | 4 +- .../puppet/templates/nova_common_qpid.pp | 2 +- .../puppet/templates/nova_common_rabbitmq.pp | 2 +- packstack/puppet/templates/nova_compute.pp | 2 +- packstack/puppet/templates/nova_neutron.pp | 4 +- .../puppet/templates/openstack_client.pp | 4 +- packstack/puppet/templates/swift_builder.pp | 6 +- packstack/puppet/templates/swift_loopback.pp | 6 +- packstack/puppet/templates/swift_proxy.pp | 4 +- packstack/puppet/templates/swift_storage.pp | 8 +- tests/installer/test_sequences.py | 8 +- tox.ini | 3 +- 60 files changed, 3179 insertions(+), 3271 deletions(-) diff --git a/packstack/installer/core/sequences.py b/packstack/installer/core/sequences.py index d38a39310..fc7ef297e 100644 --- a/packstack/installer/core/sequences.py +++ b/packstack/installer/core/sequences.py @@ -26,15 +26,16 @@ def __init__(self, name, function, title=None): "Object %s is not callable." % function) self.function = function - def run(self, config=None): - config = config or {} + def run(self, config=None, messages=None): + config = config if config is not None else {} + messages = messages if messages is not None else [] # TO-DO: complete logger name when logging will be setup correctly logger = logging.getLogger() logger.debug('Running step %s.' % self.name) # execute and report state try: - self.function(config) + self.function(config, messages) except Exception, ex: logger.debug(traceback.format_exc()) state = utils.state_message(self.title, 'ERROR', 'red') @@ -75,16 +76,17 @@ def validate_condition(self, config): result = config.get(self.condition) return result == self.cond_match - def run(self, config=None, step=None): + def run(self, config=None, messages=None, step=None): """ Runs sequence of steps. Runs only specific step if step's name is given via 'step' parameter. """ - config = config or {} + config = config if config is not None else {} + messages = messages if messages is not None else [] if not self.validate_condition(config): return if step: - self.steps[step].run(config=config) + self.steps[step].run(config=config, messages=messages) return logger = logging.getLogger() @@ -93,4 +95,4 @@ def run(self, config=None, step=None): sys.stdout.write('%s\n' % self.title) sys.stdout.flush() for step in self.steps.itervalues(): - step.run(config=config) + step.run(config=config, messages=messages) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 54875251b..8dfc5ecda 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -671,15 +671,12 @@ def single_step_install(options): hosts = [host.strip() for host in hosts.split(',')] for group in controller.getAllGroups(): for param in group.parameters.itervalues(): - # we don't need magic in case CONFIG_NEUTRON_LBAAS_HOSTS - if param.CONF_NAME == 'CONFIG_NEUTRON_LBAAS_HOSTS': - continue # and directives that contain _HOST are set to the controller node if param.CONF_NAME.find("_HOST") != -1: overrides[param.CONF_NAME] = hosts[0] # If there are more than one host, all but the first are a compute nodes if len(hosts) > 1: - overrides["CONFIG_NOVA_COMPUTE_HOSTS"] = ','.join(hosts[1:]) + overrides["CONFIG_COMPUTE_HOSTS"] = ','.join(hosts[1:]) # We can also override defaults with command line options _set_command_line_values(options) diff --git a/packstack/installer/setup_controller.py b/packstack/installer/setup_controller.py index e9ffcb6c5..6bf9908e7 100644 --- a/packstack/installer/setup_controller.py +++ b/packstack/installer/setup_controller.py @@ -35,22 +35,6 @@ def __new__(self, *args, **kwargs): self.__single = object.__new__(self, *args, **kwargs) return self.__single - def __init__(self): - # Resources that should be copied to each host along with the puppet - # files, on the remote host the file will be placed in - # $PACKSTACK_VAR_DIR/resources. This controller should copy the files, - # for now the puppet plugin is doing it format - # {'host':[('/path/to/fileordirectory', 'filenameonremotehost'), ..]} - self.resources = {} - - - def addResource(self, host, localpath, remotename): - """ Populates self.resources """ - current_value_for_host = self.resources.get(host, []) - current_value_for_host.append((localpath,remotename)) - self.resources[host] = current_value_for_host - - # PLugins def addPlugin(self, plugObj): self.__PLUGINS.append(plugObj) @@ -81,7 +65,7 @@ def getAllSequences(self): def runAllSequences(self): for sequence in self.__SEQUENCES: - sequence.run(self.CONF) + sequence.run(config=self.CONF, messages=self.MESSAGES) def getSequenceByDesc(self, desc): for sequence in self.getAllSequences(): diff --git a/packstack/modules/shortcuts.py b/packstack/modules/shortcuts.py index 3d6667f6d..5a3796ef9 100644 --- a/packstack/modules/shortcuts.py +++ b/packstack/modules/shortcuts.py @@ -2,4 +2,4 @@ def get_mq(config, plugin): - return plugin + "_%s.pp" % config.get('CONFIG_AMQP_SERVER') + return plugin + "_%s.pp" % config.get('CONFIG_AMQP_BACKEND') diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index c1d2f01b8..559a92eb7 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures amqp """ @@ -11,214 +13,221 @@ from packstack.installer import utils from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import gethostlist,\ - getManifestTemplate,\ - appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name -PLUGIN_NAME = "OS-AMQP" +PLUGIN_NAME = "AMQP" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack AMQP configuration") - paramsList = [ - {"CMD_OPTION" : "amqp-server", - "USAGE" : "Set the server for the AMQP service", - "PROMPT" : "Set the server for the AMQP service (qpid, rabbitmq)? ", - "OPTION_LIST" : ["qpid", "rabbitmq"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "rabbitmq", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_AMQP_SERVER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-host", - "USAGE" : "The IP address of the server on which to install the AMQP service", - "PROMPT" : "Enter the IP address of the AMQP service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-enable-ssl", - "USAGE" : "Enable SSL for the AMQP service", - "PROMPT" : "Enable SSL for the AMQP service?", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_AMQP_ENABLE_SSL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-enable-auth", - "USAGE" : "Enable Authentication for the AMQP service", - "PROMPT" : "Enable Authentication for the AMQP service?", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_AMQP_ENABLE_AUTH", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - - groupDict = { "GROUP_NAME" : "AMQPLANCE", - "DESCRIPTION" : "AMQP Config parameters", - "PRE_CONDITION" : False, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) - - paramsList = [ - {"CMD_OPTION" : "amqp-nss-certdb-pw", - "USAGE" : "The password for the NSS certificate database of the AMQP service", - "PROMPT" : "Enter the password for NSS certificate database", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:32], - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_NSS_CERTDB_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-ssl-port", - "USAGE" : "The port in which the AMQP service listens to SSL connections", - "PROMPT" : "Enter the SSL port for the AMQP service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "5671", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_SSL_PORT", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-ssl-cert-file", - "USAGE" : "The filename of the certificate that the AMQP service is going to use", - "PROMPT" : "Enter the filename of the SSL certificate for the AMQP service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "/etc/pki/tls/certs/amqp_selfcert.pem", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_SSL_CERT_FILE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-ssl-key-file", - "USAGE" : "The filename of the private key that the AMQP service is going to use", - "PROMPT" : "Enter the private key filename", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "/etc/pki/tls/private/amqp_selfkey.pem", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_SSL_KEY_FILE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-ssl-self-signed", - "USAGE" : "Auto Generates self signed SSL certificate and key", - "PROMPT" : "Generate Self Signed SSL Certificate", - "OPTION_LIST" : ["y","n"], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_SSL_SELF_SIGNED", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "AMQPSSL", - "DESCRIPTION" : "AMQP Config SSL parameters", - "PRE_CONDITION" : "CONFIG_AMQP_ENABLE_SSL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) - - paramsList = [ - {"CMD_OPTION" : "amqp-auth-user", - "USAGE" : "User for amqp authentication", - "PROMPT" : "Enter the user for amqp authentication", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "amqp_user", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_AUTH_USER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "amqp-auth-password", - "USAGE" : "Password for user authentication", - "PROMPT" : "Enter the password for user authentication", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_AMQP_AUTH_PASSWORD", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - ] - - groupDict = { "GROUP_NAME" : "AMQPAUTH", - "DESCRIPTION" : "AMQP Config Athentication parameters", - "PRE_CONDITION" : "CONFIG_AMQP_ENABLE_AUTH", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "amqp-backend", + "USAGE": ("Set the AMQP service backend. Allowed values are: " + "qpid, rabbitmq"), + "PROMPT": "Set the AMQP service backend", + "OPTION_LIST": ["qpid", "rabbitmq"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "rabbitmq", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_AMQP_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-host", + "USAGE": ("The IP address of the server on which to install the " + "AMQP service"), + "PROMPT": "Enter the IP address of the AMQP service", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-enable-ssl", + "USAGE": "Enable SSL for the AMQP service", + "PROMPT": "Enable SSL for the AMQP service?", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_AMQP_ENABLE_SSL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-enable-auth", + "USAGE": "Enable Authentication for the AMQP service", + "PROMPT": "Enable Authentication for the AMQP service?", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_AMQP_ENABLE_AUTH", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "AMQP", + "DESCRIPTION": "AMQP Config parameters", + "PRE_CONDITION": False, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + params = [ + {"CMD_OPTION": "amqp-nss-certdb-pw", + "USAGE": ("The password for the NSS certificate database of the AMQP " + "service"), + "PROMPT": "Enter the password for NSS certificate database", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:32], + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_NSS_CERTDB_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-ssl-port", + "USAGE": ("The port in which the AMQP service listens to SSL " + "connections"), + "PROMPT": "Enter the SSL port for the AMQP service", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "5671", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_SSL_PORT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-ssl-cert-file", + "USAGE": ("The filename of the certificate that the AMQP service " + "is going to use"), + "PROMPT": ("Enter the filename of the SSL certificate for the AMQP " + "service"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "/etc/pki/tls/certs/amqp_selfcert.pem", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_SSL_CERT_FILE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-ssl-key-file", + "USAGE": ("The filename of the private key that the AMQP service " + "is going to use"), + "PROMPT": "Enter the private key filename", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "/etc/pki/tls/private/amqp_selfkey.pem", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_SSL_KEY_FILE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-ssl-self-signed", + "USAGE": "Auto Generates self signed SSL certificate and key", + "PROMPT": "Generate Self Signed SSL Certificate", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_SSL_SELF_SIGNED", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "AMQPSSL", + "DESCRIPTION": "AMQP Config SSL parameters", + "PRE_CONDITION": "CONFIG_AMQP_ENABLE_SSL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + params = [ + {"CMD_OPTION": "amqp-auth-user", + "USAGE": "User for amqp authentication", + "PROMPT": "Enter the user for amqp authentication", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "amqp_user", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_AUTH_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "amqp-auth-password", + "USAGE": "Password for user authentication", + "PROMPT": "Enter the password for user authentication", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_AUTH_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "AMQPAUTH", + "DESCRIPTION": "AMQP Config Athentication parameters", + "PRE_CONDITION": "CONFIG_AMQP_ENABLE_AUTH", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + def initSequences(controller): amqpsteps = [ - {'title': 'Adding AMQP manifest entries', 'functions':[createmanifest]} + {'title': 'Adding AMQP manifest entries', + 'functions': [create_manifest]} ] controller.addSequence("Installing AMQP", [], [], amqpsteps) -def createmanifest(config): - manifestfile = "%s_amqp.pp"%config['CONFIG_AMQP_HOST'] - manifestdata = "" + +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): server = utils.ScriptRunner(config['CONFIG_AMQP_HOST']) if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': config['CONFIG_AMQP_ENABLE_SSL'] = 'true' config['CONFIG_AMQP_PROTOCOL'] = 'ssl' config['CONFIG_AMQP_CLIENTS_PORT'] = "5671" if config['CONFIG_AMQP_SSL_SELF_SIGNED'] == 'y': - server.append( "openssl req -batch -new -x509 -nodes -keyout %s -out %s -days 1095" - % (config['CONFIG_AMQP_SSL_KEY_FILE'], config['CONFIG_AMQP_SSL_CERT_FILE']) ) + server.append( + "openssl req -batch -new -x509 -nodes -keyout %s " + "-out %s -days 1095" + % (config['CONFIG_AMQP_SSL_KEY_FILE'], + config['CONFIG_AMQP_SSL_CERT_FILE']) + ) server.execute() else: - #Set default values + # Set default values config['CONFIG_AMQP_CLIENTS_PORT'] = "5672" config['CONFIG_AMQP_SSL_PORT'] = "5671" config['CONFIG_AMQP_SSL_CERT_FILE'] = "" @@ -231,11 +240,12 @@ def createmanifest(config): config['CONFIG_AMQP_AUTH_PASSWORD'] = 'guest' config['CONFIG_AMQP_AUTH_USER'] = 'guest' + manifestfile = "%s_amqp.pp" % config['CONFIG_AMQP_HOST'] manifestdata = getManifestTemplate('amqp.pp') - #All hosts should be able to talk to amqp + # All hosts should be able to talk to amqp config['FIREWALL_SERVICE_NAME'] = "amqp" - config['FIREWALL_PORTS'] = "'5671', '5672'" + config['FIREWALL_PORTS'] = "'5671', '5672'" config['FIREWALL_CHAIN'] = "INPUT" for host in filtered_hosts(config, exclude=False): config['FIREWALL_ALLOWED'] = "'%s'" % host diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index b709d575e..20037b034 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -14,98 +14,81 @@ from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) -# Controller object will be initialized from main flow -controller = None -# Plugin name +#------------------ oVirt installer initialization ------------------ + PLUGIN_NAME = "OS-Ceilometer" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Ceilometer configuration") +def initConfig(controller): ceilometer_params = { - "CEILOMETER" : [ - {"CMD_OPTION" : "ceilometer-host", - "USAGE" : ("The IP address of the server on which " - "to install Ceilometer"), - "PROMPT" : ("Enter the IP address of the Ceilometer " - "server"), - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_CEILOMETER_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False}, - {"CMD_OPTION" : "ceilometer-secret", - "USAGE" : "Secret key for signing metering messages.", - "PROMPT" : "Enter the Ceilometer secret key", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "CEILOMETER": [ + {"CONF_NAME": "CONFIG_CEILOMETER_SECRET", + "CMD_OPTION": "ceilometer-secret", + "USAGE": "Secret key for signing metering messages", + "PROMPT": "Enter the Ceilometer secret key", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CEILOMETER_SECRET", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False}, - {"CMD_OPTION" : "ceilometer-ks-passwd", - "USAGE" : "The password to use for Ceilometer to authenticate with Keystone", - "PROMPT" : "Enter the password for the Ceilometer Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_CEILOMETER_KS_PW", + "CMD_OPTION": "ceilometer-ks-passwd", + "USAGE": ("The password to use for Ceilometer to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Ceilometer Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CEILOMETER_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False}, - ], - "MONGODB" : [ - {"CMD_OPTION" : "mongodb-host", - "USAGE" : ("The IP address of the server on which " - "to install mongodb"), - "PROMPT" : ("Enter the IP address of the mongodb server"), - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + ], + + "MONGODB": [ + {"CMD_OPTION": "mongodb-host", + "USAGE": ("The IP address of the server on which to install " + "MongoDB"), + "PROMPT": "Enter the IP address of the MongoDB server", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_MONGODB_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False}, + "CONF_NAME": "CONFIG_MONGODB_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], } ceilometer_groups = [ - {"GROUP_NAME" : "CEILOMETER", - "DESCRIPTION" : "Ceilometer Config parameters", - "PRE_CONDITION" : "CONFIG_CEILOMETER_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, + {"GROUP_NAME": "CEILOMETER", + "DESCRIPTION": "Ceilometer Config parameters", + "PRE_CONDITION": "CONFIG_CEILOMETER_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME" : "MONGODB", - "DESCRIPTION" : "MONGODB Config parameters", - "PRE_CONDITION" : "CONFIG_CEILOMETER_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, + + {"GROUP_NAME": "MONGODB", + "DESCRIPTION": "MONGODB Config parameters", + "PRE_CONDITION": "CONFIG_CEILOMETER_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, ] - for group in ceilometer_groups: paramList = ceilometer_params[group["GROUP_NAME"]] controller.addGroup(group, paramList) + def initSequences(controller): if controller.CONF['CONFIG_CEILOMETER_INSTALL'] != 'y': return @@ -116,14 +99,17 @@ def initSequences(controller): 'functions': [create_manifest]}, {'title': 'Adding Ceilometer Keystone manifest entries', 'functions': [create_keystone_manifest]}] - controller.addSequence("Installing OpenStack Ceilometer",[], [], + controller.addSequence("Installing OpenStack Ceilometer", [], [], steps) -def create_manifest(config): - manifestfile = "%s_ceilometer.pp" % config['CONFIG_CEILOMETER_HOST'] +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): + manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) manifestdata += getManifestTemplate("ceilometer.pp") + config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = 'ceilometer-api' config['FIREWALL_SERVICE_ID'] = 'ceilometer_api' @@ -136,16 +122,18 @@ def create_manifest(config): manifestdata += getManifestTemplate("ceilometer_nova_disabled.pp") appendManifestFile(manifestfile, manifestdata) -def create_mongodb_manifest(config): + +def create_mongodb_manifest(config, messages): manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST'] manifestdata = getManifestTemplate("mongodb.pp") - config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CEILOMETER_HOST'] + config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = 'mongodb-server' config['FIREWALL_PORTS'] = "'27017'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, 'pre') -def create_keystone_manifest(config): - manifestfile = "%s_keystone.pp" % config['CONFIG_KEYSTONE_HOST'] + +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_ceilometer.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 9d057b376..97e0dc689 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures Cinder """ @@ -15,211 +17,188 @@ from packstack.installer import basedefs from packstack.installer import utils + from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + from packstack.installer import exceptions from packstack.installer import output_messages -# Controller object will -# be initialized from main flow -controller = None -# Plugin name +#------------------ oVirt installer initialization ------------------ + PLUGIN_NAME = "OS-Cinder" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Cinder configuration") - paramsList = [ - {"CMD_OPTION" : "cinder-host", - "USAGE" : "The IP address of the server on which to install Cinder", - "PROMPT" : "Enter the IP address of the Cinder server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_CINDER_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "cinder-db-passwd", - "USAGE" : "The password to use for the Cinder to access DB", - "PROMPT" : "Enter the password for the Cinder DB access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CINDER_DB_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "cinder-ks-passwd", - "USAGE" : "The password to use for the Cinder to authenticate with Keystone", - "PROMPT" : "Enter the password for the Cinder Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CINDER_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "cinder-backend", - "USAGE" : ("The Cinder backend to use, valid options are: " - "lvm, gluster, nfs, vmdk"), - "PROMPT" : "Enter the Cinder backend to be configured", - "OPTION_LIST" : ["lvm", "gluster", "nfs", "vmdk"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "lvm", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CINDER_BACKEND", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "CINDER", - "DESCRIPTION" : "Cinder Config parameters", - "PRE_CONDITION" : "CONFIG_CINDER_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "cinder-db-passwd", + "USAGE": "The password to use for the Cinder to access DB", + "PROMPT": "Enter the password for the Cinder DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "cinder-ks-passwd", + "USAGE": ("The password to use for the Cinder to authenticate with " + "Keystone"), + "PROMPT": "Enter the password for the Cinder Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "cinder-backend", + "USAGE": ("The Cinder backend to use, valid options are: lvm, " + "gluster, nfs"), + "PROMPT": "Enter the Cinder backend to be configured", + "OPTION_LIST": ["lvm", "gluster", "nfs"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "lvm", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDER", + "DESCRIPTION": "Cinder Config parameters", + "PRE_CONDITION": "CONFIG_CINDER_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def check_lvm_options(config): return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'lvm') - paramsList = [ - {"CMD_OPTION" : "cinder-volumes-create", - "USAGE" : ("Create Cinder's volumes group. This should only be done for " - "testing on a proof-of-concept installation of Cinder. This " - "will create a file-backed volume group and is not suitable " - "for production usage."), - "PROMPT" : ("Should Cinder's volumes group be created (for proof-of-concept " - "installation)?"), - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CINDER_VOLUMES_CREATE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "CINDERVOLUMECREATE", - "DESCRIPTION" : "Cinder volume create Config parameters", - "PRE_CONDITION" : check_lvm_options, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + params = [ + {"CMD_OPTION": "cinder-volumes-create", + "USAGE": ("Create Cinder's volumes group. This should only be done " + "for testing on a proof-of-concept installation of Cinder. " + "This will create a file-backed volume group and is not " + "suitable for production usage."), + "PROMPT": ("Should Cinder's volumes group be created (for " + "proof-of-concept installation)?"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_VOLUMES_CREATE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERVOLUMECREATE", + "DESCRIPTION": "Cinder volume create Config parameters", + "PRE_CONDITION": check_lvm_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def check_lvm_vg_options(config): return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'lvm' and config.get('CONFIG_CINDER_VOLUMES_CREATE', 'y') == 'y') - paramsList = [ - {"CMD_OPTION" : "cinder-volumes-size", - "USAGE" : ("Cinder's volumes group size. Note that actual volume size " - "will be extended with 3% more space for VG metadata."), - "PROMPT" : "Enter Cinder's volumes group usable size", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "20G", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CINDER_VOLUMES_SIZE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "CINDERVOLUMESIZE", - "DESCRIPTION" : "Cinder volume size Config parameters", - "PRE_CONDITION" : check_lvm_vg_options, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + params = [ + {"CMD_OPTION": "cinder-volumes-size", + "USAGE": ("Cinder's volumes group size. Note that actual volume size " + "will be extended with 3% more space for VG metadata."), + "PROMPT": "Enter Cinder's volumes group usable size", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "20G", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_VOLUMES_SIZE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERVOLUMESIZE", + "DESCRIPTION": "Cinder volume size Config parameters", + "PRE_CONDITION": check_lvm_vg_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def check_gluster_options(config): return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'gluster') - paramsList = [ - {"CMD_OPTION" : "cinder-gluster-mounts", - "USAGE" : ("A single or comma separated list of gluster volume shares " - "to mount, eg: ip-address:/vol-name, domain:/vol-name "), - "PROMPT" : ("Enter a single or comma separated list of gluster volume " - "shares to use with Cinder"), - "OPTION_LIST" : ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'", \ - "^'[a-zA-Z0-9][\-\.\w]*:/.*'"], - "VALIDATORS" : [validators.validate_multi_regexp], - "PROCESSORS" : [processors.process_add_quotes_around_values], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_CINDER_GLUSTER_MOUNTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "CINDERGLUSTERMOUNTS", - "DESCRIPTION" : "Cinder gluster Config parameters", - "PRE_CONDITION" : check_gluster_options, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + params = [ + {"CMD_OPTION": "cinder-gluster-mounts", + "USAGE": ("A single or comma separated list of gluster volume shares " + "to mount, eg: ip-address:/vol-name, domain:/vol-name "), + "PROMPT": ("Enter a single or comma separated list of gluster volume " + "shares to use with Cinder"), + "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'", + "^'[a-zA-Z0-9][\-\.\w]*:/.*'"], + "VALIDATORS": [validators.validate_multi_regexp], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_GLUSTER_MOUNTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERGLUSTERMOUNTS", + "DESCRIPTION": "Cinder gluster Config parameters", + "PRE_CONDITION": check_gluster_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def check_nfs_options(config): return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'nfs') - paramsList = [ - {"CMD_OPTION" : "cinder-nfs-mounts", - "USAGE" : ("A single or comma seprated list of NFS exports to mount, " - "eg: ip-address:/export-name "), - "PROMPT" : ("Enter a single or comma seprated list of NFS exports to " - "use with Cinder"), - "OPTION_LIST" : ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'"], - "VALIDATORS" : [validators.validate_multi_regexp], - "PROCESSORS" : [processors.process_add_quotes_around_values], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_CINDER_NFS_MOUNTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "CINDERNFSMOUNTS", - "DESCRIPTION" : "Cinder NFS Config parameters", - "PRE_CONDITION" : check_nfs_options, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + params = [ + {"CMD_OPTION": "cinder-nfs-mounts", + "USAGE": ("A single or comma seprated list of NFS exports to mount, " + "eg: ip-address:/export-name "), + "PROMPT": ("Enter a single or comma seprated list of NFS exports to " + "use with Cinder"), + "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'"], + "VALIDATORS": [validators.validate_multi_regexp], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NFS_MOUNTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERNFSMOUNTS", + "DESCRIPTION": "Cinder NFS Config parameters", + "PRE_CONDITION": check_nfs_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def initSequences(controller): @@ -227,30 +206,40 @@ def initSequences(controller): return cinder_steps = [ - {'title': 'Installing dependencies for Cinder', 'functions':[install_cinder_deps]}, - {'title': 'Adding Cinder Keystone manifest entries', 'functions':[create_keystone_manifest]}, - {'title': 'Adding Cinder manifest entries', 'functions':[create_manifest]} + {'title': 'Installing dependencies for Cinder', + 'functions': [install_cinder_deps]}, + {'title': 'Adding Cinder Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Cinder manifest entries', + 'functions': [create_manifest]} ] if controller.CONF['CONFIG_CINDER_BACKEND'] == 'lvm': - cinder_steps.append({'title': 'Checking if the Cinder server has a cinder-volumes vg', 'functions':[check_cinder_vg]}) + cinder_steps.append( + {'title': 'Checking if the Cinder server has a cinder-volumes vg', + 'functions': [check_cinder_vg]}) controller.addSequence("Installing OpenStack Cinder", [], [], cinder_steps) -def install_cinder_deps(config): - server = utils.ScriptRunner(config['CONFIG_CINDER_HOST']) + +#-------------------------- step functions -------------------------- + +def install_cinder_deps(config, messages): + server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) pkgs = [] if config['CONFIG_CINDER_BACKEND'] == 'lvm': pkgs.append('lvm2') for p in pkgs: - server.append("rpm -q --whatprovides %(package)s || yum install -y %(package)s" % dict(package=p)) + server.append("rpm -q --whatprovides %(package)s || " + "yum install -y %(package)s" % dict(package=p)) server.execute() -def check_cinder_vg(config): + +def check_cinder_vg(config, messages): cinders_volume = 'cinder-volumes' # Do we have a cinder-volumes vg? have_cinders_volume = False - server = utils.ScriptRunner(config['CONFIG_CINDER_HOST']) + server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) server.append('vgdisplay %s' % cinders_volume) try: server.execute() @@ -259,7 +248,7 @@ def check_cinder_vg(config): pass # Configure system LVM settings (snapshot_autoextend) - server = utils.ScriptRunner(config['CONFIG_CINDER_HOST']) + server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) server.append('sed -i -r "s/^ *snapshot_autoextend_threshold +=.*/' ' snapshot_autoextend_threshold = 80/" ' '/etc/lvm/lvm.conf') @@ -271,18 +260,18 @@ def check_cinder_vg(config): except exceptions.ScriptRuntimeError: logging.info("Warning: Unable to set system LVM settings.") - if config["CONFIG_CINDER_VOLUMES_CREATE"] != "y": if not have_cinders_volume: - raise exceptions.MissingRequirements("The cinder server should" - " contain a cinder-volumes volume group") + raise exceptions.MissingRequirements("The cinder server should " + "contain a cinder-volumes " + "volume group") else: if have_cinders_volume: - controller.MESSAGES.append( + messages.append( output_messages.INFO_CINDER_VOLUMES_EXISTS) return - server = utils.ScriptRunner(config['CONFIG_CINDER_HOST']) + server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) server.append('systemctl') try: server.execute() @@ -292,8 +281,6 @@ def check_cinder_vg(config): server.clear() logging.info("A new cinder volumes group will be created") - err = "Cinder's volume group '%s' could not be created" % \ - cinders_volume cinders_volume_path = '/var/lib/cinder' server.append('mkdir -p %s' % cinders_volume_path) @@ -311,7 +298,7 @@ def check_cinder_vg(config): cinders_volume_size = cinders_volume_size + cinders_reserve cinders_volume_path = os.path.join(cinders_volume_path, cinders_volume) server.append('dd if=/dev/zero of=%s bs=1 count=0 seek=%sM' - % (cinders_volume_path, cinders_volume_size)) + % (cinders_volume_path, cinders_volume_size)) server.append('LOFI=$(losetup --show -f %s)' % cinders_volume_path) server.append('pvcreate $LOFI') server.append('vgcreate %s $LOFI' % cinders_volume) @@ -319,8 +306,8 @@ def check_cinder_vg(config): # Add the loop device on boot server.append('grep %(volume)s /etc/rc.d/rc.local || ' 'echo "losetup -f %(path)s && ' - 'vgchange -a y %(volume)s && ' - '%(restart_cmd)s" ' + 'vgchange -a y %(volume)s && ' + '%(restart_cmd)s" ' '>> /etc/rc.d/rc.local' % {'volume': cinders_volume, 'restart_cmd': rst_cmd, 'path': cinders_volume_path}) @@ -338,26 +325,27 @@ def check_cinder_vg(config): # fails. try: logging.debug("Release loop device, volume creation failed") - server = utils.ScriptRunner(controller.CONF['CONFIG_CINDER_HOST']) - server.append('losetup -d $(losetup -j %s | cut -d : -f 1)' % - cinders_volume_path - ) + server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) + server.append('losetup -d $(losetup -j %s | cut -d : -f 1)' + % cinders_volume_path) server.execute() except: pass - raise exceptions.MissingRequirements(err) + raise exceptions.MissingRequirements("Cinder's volume group '%s' " + "could not be created" + % cinders_volume) -def create_keystone_manifest(config): - manifestfile = "%s_keystone.pp" % controller.CONF['CONFIG_KEYSTONE_HOST'] +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_cinder.pp") appendManifestFile(manifestfile, manifestdata) -def create_manifest(config): +def create_manifest(config, messages): manifestdata = getManifestTemplate(get_mq(config, "cinder")) - manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] + manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": @@ -369,15 +357,15 @@ def create_manifest(config): if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': - config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip() manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "'3260', '8776'" config['FIREWALL_CHAIN'] = "INPUT" - if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND']=='n'): - for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']): + if (config['CONFIG_NOVA_INSTALL'] == 'y' and + config['CONFIG_VMWARE_BACKEND'] == 'n'): + for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index 30226ec40..d345e4dac 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures OpenStack Horizon """ @@ -11,92 +13,80 @@ from packstack.installer import exceptions from packstack.installer import utils -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name -PLUGIN_NAME = "OS-HORIZON" +PLUGIN_NAME = "OS-Horizon" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Horizon configuration") - paramsList = [ - {"CMD_OPTION" : "os-horizon-host", - "USAGE" : "The IP address of the server on which to install Horizon", - "PROMPT" : "Enter the IP address of the Horizon server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_HORIZON_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-horizon-ssl", - "USAGE" : "To set up Horizon communication over https set this to \"y\"", - "PROMPT" : "Would you like to set up Horizon communication over https", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_HORIZON_SSL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "OSHORIZON", - "DESCRIPTION" : "OpenStack Horizon Config parameters", - "PRE_CONDITION" : "CONFIG_HORIZON_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) - - paramsList = [ - {"CMD_OPTION" : "os-ssl-cert", - "USAGE" : "PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase", - "PROMPT" : "Enter the path to a PEM encoded certificate to be used on the https server, leave blank if one should be generated, this certificate should not require a passphrase", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : '', - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SSL_CERT", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-ssl-key", - "USAGE" : "Keyfile corresponding to the certificate if one was entered", - "PROMPT" : "Enter the keyfile corresponding to the certificate if one was entered", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SSL_KEY", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "OSSSL", - "DESCRIPTION" : "SSL Config parameters", - "PRE_CONDITION" : "CONFIG_HORIZON_SSL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "os-horizon-ssl", + "USAGE": "To set up Horizon communication over https set this to 'y'", + "PROMPT": "Would you like to set up Horizon communication over https", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_HORIZON_SSL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "OSHORIZON", + "DESCRIPTION": "OpenStack Horizon Config parameters", + "PRE_CONDITION": "CONFIG_HORIZON_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + params = [ + {"CMD_OPTION": "os-ssl-cert", + "USAGE": ("PEM encoded certificate to be used for ssl on the https " + "server, leave blank if one should be generated, this " + "certificate should not require a passphrase"), + "PROMPT": ("Enter the path to a PEM encoded certificate to be used " + "on the https server, leave blank if one should be " + "generated, this certificate should not require " + "a passphrase"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SSL_CERT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-ssl-key", + "USAGE": ("SSL keyfile corresponding to the certificate if one was " + "entered"), + "PROMPT": ("Enter the SSL keyfile corresponding to the certificate " + "if one was entered"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SSL_KEY", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "OSSSL", + "DESCRIPTION": "SSL Config parameters", + "PRE_CONDITION": "CONFIG_HORIZON_SSL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def initSequences(controller): @@ -104,28 +94,31 @@ def initSequences(controller): return steps = [ - {'title': 'Adding Horizon manifest entries', 'functions': [createmanifest]} + {'title': 'Adding Horizon manifest entries', + 'functions': [create_manifest]} ] controller.addSequence("Installing OpenStack Horizon", [], [], steps) -def createmanifest(config): - controller.CONF["CONFIG_HORIZON_SECRET_KEY"] = uuid.uuid4().hex - horizon_host = controller.CONF['CONFIG_HORIZON_HOST'] +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): + config["CONFIG_HORIZON_SECRET_KEY"] = uuid.uuid4().hex + horizon_host = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_horizon.pp" % horizon_host proto = "http" - controller.CONF["CONFIG_HORIZON_PORT"] = "'80'" + config["CONFIG_HORIZON_PORT"] = "'80'" sslmanifestdata = '' - if controller.CONF["CONFIG_HORIZON_SSL"] == 'y': - controller.CONF["CONFIG_HORIZON_PORT"] = "'443'" + if config["CONFIG_HORIZON_SSL"] == 'y': + config["CONFIG_HORIZON_PORT"] = "'443'" proto = "https" sslmanifestdata += getManifestTemplate("https.pp") # Are we using the users cert/key files - if controller.CONF["CONFIG_SSL_CERT"]: - ssl_cert = controller.CONF["CONFIG_SSL_CERT"] - ssl_key = controller.CONF["CONFIG_SSL_KEY"] + if config["CONFIG_SSL_CERT"]: + ssl_cert = config["CONFIG_SSL_CERT"] + ssl_key = config["CONFIG_SSL_KEY"] if not os.path.exists(ssl_cert): raise exceptions.ParamValidationError( @@ -135,13 +128,13 @@ def createmanifest(config): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_key) - controller.addResource(horizon_host, ssl_cert, 'ssl_ps_server.crt') + resources = config.setdefault('RESOURCES', {}) + host_resources = resources.setdefault(horizon_host, []) + host_resources.append((ssl_cert, 'ssl_ps_server.crt')) if ssl_key: - controller.addResource( - horizon_host, ssl_key, 'ssl_ps_server.key' - ) + host_resources.append(ssl_key, 'ssl_ps_server.key') else: - controller.MESSAGES.append( + messages.append( "%sNOTE%s : A certificate was generated to be used for ssl, " "You should change the ssl certificate configured in " "/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert." @@ -151,8 +144,8 @@ def createmanifest(config): manifestdata += sslmanifestdata appendManifestFile(manifestfile, manifestdata) - msg = "To access the OpenStack Dashboard browse to %s://%s/dashboard .\n" \ - "Please, find your login credentials stored in the keystonerc_admin" \ - " in your home directory." % \ - (proto, controller.CONF['CONFIG_HORIZON_HOST']) - controller.MESSAGES.append(msg) + msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n" + "Please, find your login credentials stored in the keystonerc_admin" + " in your home directory." + % (proto, config['CONFIG_CONTROLLER_HOST'])) + messages.append(msg) diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 63dab3abe..3c4daf746 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures Glance """ @@ -11,68 +13,51 @@ from packstack.installer.utils import split_hosts from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name PLUGIN_NAME = "OS-Glance" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Glance configuration") - paramsList = [ - {"CMD_OPTION" : "glance-host", - "USAGE" : "The IP address of the server on which to install Glance", - "PROMPT" : "Enter the IP address of the Glance server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_GLANCE_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "glance-db-passwd", - "USAGE" : "The password to use for the Glance to access DB", - "PROMPT" : "Enter the password for the Glance DB access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_GLANCE_DB_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "glance-ks-passwd", - "USAGE" : "The password to use for the Glance to authenticate with Keystone", - "PROMPT" : "Enter the password for the Glance Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_GLANCE_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "GLANCE", - "DESCRIPTION" : "Glance Config parameters", - "PRE_CONDITION" : "CONFIG_GLANCE_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "glance-db-passwd", + "USAGE": "The password to use for the Glance to access DB", + "PROMPT": "Enter the password for the Glance DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_GLANCE_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "glance-ks-passwd", + "USAGE": ("The password to use for the Glance to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Glance Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_GLANCE_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "GLANCE", + "DESCRIPTION": "Glance Config parameters", + "PRE_CONDITION": "CONFIG_GLANCE_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def initSequences(controller): @@ -84,27 +69,34 @@ def initSequences(controller): return glancesteps = [ - {'title': 'Adding Glance Keystone manifest entries', 'functions':[createkeystonemanifest]}, - {'title': 'Adding Glance manifest entries', 'functions':[createmanifest]} + {'title': 'Adding Glance Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Glance manifest entries', + 'functions': [create_manifest]} ] controller.addSequence("Installing OpenStack Glance", [], [], glancesteps) -def createkeystonemanifest(config): - manifestfile = "%s_keystone.pp" % controller.CONF['CONFIG_KEYSTONE_HOST'] + +#-------------------------- step functions -------------------------- + +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_glance.pp") appendManifestFile(manifestfile, manifestdata) -def createmanifest(config): - manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST'] + +def create_manifest(config, messages): + manifestfile = "%s_glance.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("glance.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': - manifestdata += getManifestTemplate(get_mq(config, "glance_ceilometer")) + mq_template = get_mq(config, "glance_ceilometer") + manifestdata += getManifestTemplate(mq_template) config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" config['FIREWALL_CHAIN'] = "INPUT" if config['CONFIG_NOVA_INSTALL'] == 'y': - for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']): + for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "glance_%s" % host manifestdata += getManifestTemplate("firewall.pp") diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index acaaf9ed8..318b462bc 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures heat """ @@ -14,216 +16,141 @@ manifestfiles, appendManifestFile) -controller = None -# Plugin name -PLUGIN_NAME = "OS-HEAT" -PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') +#------------------ oVirt installer initialization ------------------ -logging.debug("plugin %s loaded", __name__) +PLUGIN_NAME = "OS-Heat" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Heat configuration") +def initConfig(controller): parameters = [ - {"CMD_OPTION" : "heat-host", - "USAGE" : ('The IP address of the server on which ' - 'to install Heat service'), - "PROMPT" : 'Enter the IP address of the Heat service', - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_HEAT_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "heat-mysql-password", - "USAGE" : 'The password used by Heat user to authenticate against MySQL', - "PROMPT" : "Enter the password for the Heat MySQL user", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + {"CMD_OPTION": "os-heat-mysql-password", + "USAGE": ('The password used by Heat user to authenticate against ' + 'MySQL'), + "PROMPT": "Enter the password for the Heat MySQL user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HEAT_DB_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - - {"CMD_OPTION" : "heat-auth-encryption-key", - "USAGE" : "The encryption key to use for authentication info in database", - "PROMPT" : "Enter the authentication key for Heat to use for authenticate info in database", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "CONF_NAME": "CONFIG_HEAT_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "heat-auth-encryption-key", + "USAGE": ("The encryption key to use for authentication info " + "in database"), + "PROMPT": ("Enter the authentication key for Heat to use for " + "authenticate info in database"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HEAT_AUTH_ENC_KEY", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - - {"CMD_OPTION" : "heat-ks-passwd", - "USAGE" : "The password to use for the Heat to authenticate with Keystone", - "PROMPT" : "Enter the password for the Heat Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "CONF_NAME": "CONFIG_HEAT_AUTH_ENC_KEY", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-ks-passwd", + "USAGE": ("The password to use for the Heat to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Heat Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HEAT_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - - {"CMD_OPTION" : "os-heat-cloudwatch-install", - "USAGE" : ("Set to 'y' if you would like Packstack to " - "install Heat CloudWatch API"), - "PROMPT" : "Should Packstack install Heat CloudWatch API", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_HEAT_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-cloudwatch-install", + "USAGE": ("Set to 'y' if you would like Packstack to install Heat " + "CloudWatch API"), + "PROMPT": "Should Packstack install Heat CloudWatch API", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HEAT_CLOUDWATCH_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "os-heat-cfn-install", - "USAGE" : ("Set to 'y' if you would like Packstack to " - "install Heat CloudFormation API"), - "PROMPT" : "Should Packstack install Heat CloudFormation API", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_HEAT_CLOUDWATCH_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-cfn-install", + "USAGE": ("Set to 'y' if you would like Packstack to install Heat " + "CloudFormation API"), + "PROMPT": "Should Packstack install Heat CloudFormation API", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HEAT_CFN_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - group = {"GROUP_NAME" : "Heat", - "DESCRIPTION" : "Heat Config parameters", - "PRE_CONDITION" : "CONFIG_HEAT_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, parameters) - - parameters = [ - {"CMD_OPTION" : "heat-api-cloudwatch-host", - "USAGE" : ('The IP address of the server on which ' - 'to install Heat CloudWatch API service'), - "PROMPT" : ('Enter the IP address of the Heat CloudWatch API ' - 'server'), - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_HEAT_CLOUDWATCH_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - def check_cloudwatch(config): - return config["CONFIG_HEAT_INSTALL"] == 'y' and \ - config["CONFIG_HEAT_CLOUDWATCH_INSTALL"] == 'y' - - group = {"GROUP_NAME" : "Heat CloudWatch API", - "DESCRIPTION" : "Heat CloudWatch API config parameters", - "PRE_CONDITION" : check_cloudwatch, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, parameters) - - parameters = [ - {"CMD_OPTION" : "heat-api-cfn-host", - "USAGE" : ('The IP address of the server on which ' - 'to install Heat CloudFormation API service'), - "PROMPT" : ('Enter the IP address of the Heat CloudFormation ' - 'API server'), - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_HEAT_CFN_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, + "CONF_NAME": "CONFIG_HEAT_CFN_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ] - - def check_cloudformation(config): - return config["CONFIG_HEAT_INSTALL"] == 'y' and \ - config["CONFIG_HEAT_CFN_INSTALL"] == 'y' - - group = {"GROUP_NAME" : "Heat CloudFormation API", - "DESCRIPTION" : "Heat CloudFormation API config parameters", - "PRE_CONDITION" : check_cloudformation, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, + group = {"GROUP_NAME": "Heat", + "DESCRIPTION": "Heat Config parameters", + "PRE_CONDITION": "CONFIG_HEAT_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, "POST_CONDITION_MATCH": True} controller.addGroup(group, parameters) def initSequences(controller): - if controller.CONF['CONFIG_HEAT_INSTALL'] != 'y': + config = controller.CONF + if config['CONFIG_HEAT_INSTALL'] != 'y': return - steps = [{'title': 'Adding Heat manifest entries', - 'functions': [create_manifest]}, - {'title': 'Adding Heat Keystone manifest entries', - 'functions':[create_keystone_manifest]}] - - if controller.CONF.get('CONFIG_HEAT_CLOUDWATCH_INSTALL', 'n') == 'y': - steps.append({'title': 'Adding Heat CloudWatch API manifest entries', - 'functions': [create_cloudwatch_manifest]}) - if controller.CONF.get('CONFIG_HEAT_CFN_INSTALL', 'n') == 'y': - steps.append({'title': 'Adding Heat CloudFormation API manifest entries', - 'functions': [create_cfn_manifest]}) + steps = [ + {'title': 'Adding Heat manifest entries', + 'functions': [create_manifest]}, + {'title': 'Adding Heat Keystone manifest entries', + 'functions': [create_keystone_manifest]} + ] + + if config.get('CONFIG_HEAT_CLOUDWATCH_INSTALL', 'n') == 'y': + steps.append( + {'title': 'Adding Heat CloudWatch API manifest entries', + 'functions': [create_cloudwatch_manifest]}) + if config.get('CONFIG_HEAT_CFN_INSTALL', 'n') == 'y': + steps.append( + {'title': 'Adding Heat CloudFormation API manifest entries', + 'functions': [create_cfn_manifest]}) controller.addSequence("Installing Heat", [], [], steps) -def create_manifest(config): - if config['CONFIG_HEAT_CLOUDWATCH_INSTALL'] == 'y': - config['CONFIG_HEAT_WATCH_HOST'] = config['CONFIG_HEAT_CLOUDWATCH_HOST'] - else: - config['CONFIG_HEAT_WATCH_HOST'] = config['CONFIG_HEAT_HOST'] - if config['CONFIG_HEAT_CFN_INSTALL'] == 'y': - config['CONFIG_HEAT_METADATA_HOST'] = config['CONFIG_HEAT_CFN_HOST'] - else: - config['CONFIG_HEAT_METADATA_HOST'] = config['CONFIG_HEAT_HOST'] +#-------------------------- step functions -------------------------- - manifestfile = "%s_heat.pp" % controller.CONF['CONFIG_HEAT_HOST'] +def create_manifest(config, messages): + manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat.pp") appendManifestFile(manifestfile, manifestdata) -def create_keystone_manifest(config): - manifestfile = "%s_keystone.pp" % controller.CONF['CONFIG_KEYSTONE_HOST'] +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_heat.pp") appendManifestFile(manifestfile, manifestdata) -def create_cloudwatch_manifest(config): - manifestfile = "%s_heatcw.pp" % controller.CONF['CONFIG_HEAT_CLOUDWATCH_HOST'] +def create_cloudwatch_manifest(config, messages): + manifestfile = "%s_heatcw.pp" % controller.CONF['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cloudwatch.pp") appendManifestFile(manifestfile, manifestdata, marker='heat') -def create_cfn_manifest(config): - manifestfile = "%s_heatcnf.pp" % controller.CONF['CONFIG_HEAT_CFN_HOST'] +def create_cfn_manifest(config, messages): + manifestfile = "%s_heatcnf.pp" % controller.CONF['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cfn.pp") appendManifestFile(manifestfile, manifestdata, marker='heat') diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index a13d09d63..726d1b6ed 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures Keystone """ @@ -9,122 +11,112 @@ from packstack.installer import basedefs from packstack.installer import utils -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile -from packstack.installer.utils import host_iter +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name PLUGIN_NAME = "OS-Keystone" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Keystone configuration") - paramsList = [ - {"CMD_OPTION" : "keystone-host", - "USAGE" : "The IP address of the server on which to install Keystone", - "PROMPT" : "Enter the IP address of the Keystone server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_KEYSTONE_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "keystone-db-passwd", - "USAGE" : "The password to use for the Keystone to access DB", - "PROMPT" : "Enter the password for the Keystone DB access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_KEYSTONE_DB_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "keystone-admin-token", - "USAGE" : "The token to use for the Keystone service api", - "PROMPT" : "The token to use for the Keystone service api", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex, - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_KEYSTONE_ADMIN_TOKEN", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "keystone-admin-passwd", - "USAGE" : "The password to use for the Keystone admin user", - "PROMPT" : "Enter the password for the Keystone admin user", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_KEYSTONE_ADMIN_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "keystone-demo-passwd", - "USAGE" : "The password to use for the Keystone demo user", - "PROMPT" : "Enter the password for the Keystone demo user", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_KEYSTONE_DEMO_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "keystone-token-format", - "USAGE" : "Kestone token format. Use either UUID or PKI", - "PROMPT" : "Enter the Keystone token format.", - "OPTION_LIST" : ['UUID', 'PKI'], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : 'PKI', - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : 'CONFIG_KEYSTONE_TOKEN_FORMAT', - "USE_DEFAULT" : True, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "KEYSTONE", - "DESCRIPTION" : "Keystone Config parameters", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "keystone-db-passwd", + "USAGE": "The password to use for the Keystone to access DB", + "PROMPT": "Enter the password for the Keystone DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-admin-token", + "USAGE": "The token to use for the Keystone service api", + "PROMPT": "The token to use for the Keystone service api", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex, + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_TOKEN", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-admin-passwd", + "USAGE": "The password to use for the Keystone admin user", + "PROMPT": "Enter the password for the Keystone admin user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-demo-passwd", + "USAGE": "The password to use for the Keystone demo user", + "PROMPT": "Enter the password for the Keystone demo user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_DEMO_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-token-format", + "USAGE": "Kestone token format. Use either UUID or PKI", + "PROMPT": "Enter the Keystone token format.", + "OPTION_LIST": ['UUID', 'PKI'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'PKI', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_TOKEN_FORMAT', + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "KEYSTONE", + "DESCRIPTION": "Keystone Config parameters", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def initSequences(controller): keystonesteps = [ {'title': 'Adding Keystone manifest entries', - 'functions': [create_manifest]}, + 'functions': [create_manifest]}, ] controller.addSequence("Installing OpenStack Keystone", [], [], keystonesteps) -def create_manifest(config): - manifestfile = "%s_keystone.pp" % config['CONFIG_KEYSTONE_HOST'] + +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone.pp") + config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "keystone" config['FIREWALL_SERVICE_ID'] = "keystone" config['FIREWALL_PORTS'] = "'5000', '35357'" config['FIREWALL_CHAIN'] = "INPUT" manifestdata += getManifestTemplate("firewall.pp") + appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/mysql_001.py b/packstack/plugins/mysql_001.py index 4c4ec0a10..c90a38359 100644 --- a/packstack/plugins/mysql_001.py +++ b/packstack/plugins/mysql_001.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures MySQL """ @@ -9,79 +11,79 @@ from packstack.installer import utils from packstack.installer.utils import split_hosts -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name -PLUGIN_NAME = "OS-MySQL" +PLUGIN_NAME = "MySQL" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding MySQL OpenStack configuration") - paramsList = [ - {"CMD_OPTION" : "mysql-host", - "USAGE" : "The IP address of the server on which to install MySQL", - "PROMPT" : "Enter the IP address of the MySQL server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_MYSQL_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "mysql-user", - "USAGE" : "Username for the MySQL admin user", - "PROMPT" : "Enter the username for the MySQL admin user", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "root", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_MYSQL_USER", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "mysql-pw", - "USAGE" : "Password for the MySQL admin user", - "PROMPT" : "Enter the password for the MySQL admin user", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_MYSQL_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "MYSQL", - "DESCRIPTION" : "MySQL Config parameters", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "mysql-host", + "USAGE": ("The IP address of the server on which to install MySQL or " + "IP address of DB server to use if MySQL installation was " + "not selected"), + "PROMPT": "Enter the IP address of the MySQL server", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_MYSQL_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "mysql-user", + "USAGE": "Username for the MySQL admin user", + "PROMPT": "Enter the username for the MySQL admin user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "root", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MYSQL_USER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "mysql-pw", + "USAGE": "Password for the MySQL admin user", + "PROMPT": "Enter the password for the MySQL admin user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_MYSQL_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "MYSQL", + "DESCRIPTION": "MySQL Config parameters", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def initSequences(controller): mysqlsteps = [ - {'title': 'Adding MySQL manifest entries', - 'functions':[createmanifest]} + {'title': 'Adding MySQL manifest entries', + 'functions': [create_manifest]} ] controller.addSequence("Installing MySQL", [], [], mysqlsteps) -def createmanifest(config): +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' @@ -89,11 +91,7 @@ def createmanifest(config): install = False suffix = 'noinstall' - # In case we are not installing MySQL server, mysql* manifests have - # to be run from Keystone host - host = install and config['CONFIG_MYSQL_HOST'] \ - or config['CONFIG_KEYSTONE_HOST'] - manifestfile = "%s_mysql.pp" % host + manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST'] manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): @@ -104,28 +102,12 @@ def append_for(module, suffix): manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) - hosts = set() for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) - # Check wich modules are enabled so we can allow their - # hosts on the firewall - if mod != 'nova' and mod != 'neutron': - hosts.add(config.get('CONFIG_%s_HOST' % mod.upper()).strip()) - elif mod == 'neutron': - hosts.add(config.get('CONFIG_NEUTRON_SERVER_HOST').strip()) - elif config['CONFIG_NOVA_INSTALL'] != 'n': - #In that remote case that we have lot's of nova hosts - hosts.add(config.get('CONFIG_NOVA_API_HOST').strip()) - hosts.add(config.get('CONFIG_NOVA_CERT_HOST').strip()) - hosts.add(config.get('CONFIG_NOVA_VNCPROXY_HOST').strip()) - hosts.add(config.get('CONFIG_NOVA_CONDUCTOR_HOST').strip()) - hosts.add(config.get('CONFIG_NOVA_SCHED_HOST').strip()) - if config['CONFIG_NEUTRON_INSTALL'] != 'y': - dbhosts = split_hosts(config['CONFIG_NOVA_NETWORK_HOSTS']) - hosts |= dbhosts - for host in config.get('CONFIG_NOVA_COMPUTE_HOSTS').split(','): - hosts.add(host.strip()) + + hosts = set([config['CONFIG_CONTROLLER_HOST']]) + hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index aba02feba..41ff0b4d8 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures Nagios """ @@ -10,72 +12,55 @@ from packstack.installer import utils from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import gethostlist,\ - getManifestTemplate,\ - appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name PLUGIN_NAME = "OS-Nagios" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Nagios configuration") - paramsList = [ - {"CMD_OPTION" : "nagios-host", - "USAGE" : "The IP address of the server on which to install the Nagios server", - "PROMPT" : "Enter the IP address of the Nagios server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NAGIOS_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "nagios-passwd", - "USAGE" : "The password of the nagiosadmin user on the Nagios server", - "PROMPT" : "Enter the password for the nagiosadmin user", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NAGIOS_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "NAGIOS", - "DESCRIPTION" : "Nagios Config parameters", - "PRE_CONDITION" : "CONFIG_NAGIOS_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + params = [ + {"CMD_OPTION": "nagios-passwd", + "USAGE": "The password of the nagiosadmin user on the Nagios server", + "PROMPT": "Enter the password for the nagiosadmin user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NAGIOS_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "NAGIOS", + "DESCRIPTION": "Nagios Config parameters", + "PRE_CONDITION": "CONFIG_NAGIOS_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def initSequences(controller): - conf = controller.CONF - if conf['CONFIG_NAGIOS_INSTALL'] != 'y': + if controller.CONF['CONFIG_NAGIOS_INSTALL'] != 'y': return nagiossteps = [ - {'title': 'Adding Nagios server manifest entries', 'functions':[createmanifest]}, - {'title': 'Adding Nagios host manifest entries', 'functions':[createnrpemanifests]} + {'title': 'Adding Nagios server manifest entries', + 'functions': [create_manifest]}, + {'title': 'Adding Nagios host manifest entries', + 'functions': [create_nrpe_manifests]} ] controller.addSequence("Installing Nagios", [], [], nagiossteps) +#------------------------- helper functions ------------------------- + def _serviceentry(**kwargs): s = 'define service {\n' for key in sorted(kwargs.keys()): @@ -83,16 +68,18 @@ def _serviceentry(**kwargs): s += "\t}\n" return s + def _copy_script(**kwargs): # TODO : Replace all these shell templates with with python return ('file{"/usr/lib64/nagios/plugins/%(name)s":' - 'mode => 755, owner => "nagios", ' - 'seltype => "nagios_unconfined_plugin_exec_t", ' - 'content => template("packstack/%(name)s.erb"),}\n' + 'mode => 755, owner => "nagios", ' + 'seltype => "nagios_unconfined_plugin_exec_t", ' + 'content => template("packstack/%(name)s.erb"),}\n' 'nagios_command {"%(name)s": ' - 'command_line => "/usr/lib64/nagios/plugins/%(name)s",}\n' + 'command_line => "/usr/lib64/nagios/plugins/%(name)s",}\n' % kwargs) + def nagios_host(hostname, **kwargs): out = ("nagios_host { '%s': " % hostname) for key, value in kwargs.items(): @@ -100,81 +87,104 @@ def nagios_host(hostname, **kwargs): return "%s}\n" % out -def createmanifest(config): +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): manifest_entries = '' - # I should be adding service entries with nagios_service but it appears to be broken - # http://projects.puppetlabs.com/issues/3420 + # I should be adding service entries with nagios_service + # but it appears to be broken http://projects.puppetlabs.com/issues/3420 service_entries = '' - for hostname in gethostlist(config): - manifest_entries += nagios_host(hostname, address=hostname, use='linux-server') - - service_entries += _serviceentry(name='load5-%s'%hostname, service_description='5 minute load average', - host_name=hostname, check_command="check_nrpe!load5", use="generic-service", - normal_check_interval='5') - - service_entries += _serviceentry(name='df_var-%s'%hostname, - service_description='Percent disk space used on /var', - host_name=hostname, - check_command="check_nrpe!df_var", use="generic-service") + for hostname in filtered_hosts(config): + manifest_entries += nagios_host(hostname, address=hostname, + use='linux-server') + + service_entries += _serviceentry( + name='load5-%s' % hostname, + service_description='5 minute load average', + host_name=hostname, + check_command="check_nrpe!load5", + use="generic-service", + normal_check_interval='5' + ) + + service_entries += _serviceentry( + name='df_var-%s' % hostname, + service_description='Percent disk space used on /var', + host_name=hostname, + check_command="check_nrpe!df_var", + use="generic-service" + ) manifest_entries += _copy_script(name="keystone-user-list") - service_entries += _serviceentry(name='keystone-user-list', + service_entries += _serviceentry( + name='keystone-user-list', service_description='number of keystone users', - host_name=controller.CONF['CONFIG_NAGIOS_HOST'], - check_command="keystone-user-list", use="generic-service", - normal_check_interval='5') + host_name=config['CONFIG_CONTROLLER_HOST'], + check_command="keystone-user-list", + use="generic-service", + normal_check_interval='5' + ) - if controller.CONF['CONFIG_GLANCE_INSTALL'] == 'y': + if config['CONFIG_GLANCE_INSTALL'] == 'y': manifest_entries += _copy_script(name="glance-index") - service_entries += _serviceentry(name='glance-index', + service_entries += _serviceentry( + name='glance-index', service_description='number of glance images', - host_name=controller.CONF['CONFIG_NAGIOS_HOST'], + host_name=config['CONFIG_CONTROLLER_HOST'], check_command="glance-index", use="generic-service", - normal_check_interval='5') + normal_check_interval='5' + ) - if controller.CONF['CONFIG_NOVA_INSTALL'] == 'y': + if config['CONFIG_NOVA_INSTALL'] == 'y': manifest_entries += _copy_script(name="nova-list") - service_entries += _serviceentry(name='nova-list', + service_entries += _serviceentry( + name='nova-list', service_description='number of nova vm instances', - host_name=controller.CONF['CONFIG_NAGIOS_HOST'], + host_name=config['CONFIG_CONTROLLER_HOST'], check_command="nova-list", use="generic-service", - normal_check_interval='5') + normal_check_interval='5' + ) - if controller.CONF['CONFIG_CINDER_INSTALL'] == 'y': + if config['CONFIG_CINDER_INSTALL'] == 'y': manifest_entries += _copy_script(name="cinder-list") - service_entries += _serviceentry(name='cinder-list', + service_entries += _serviceentry( + name='cinder-list', service_description='number of cinder volumes', - host_name=controller.CONF['CONFIG_NAGIOS_HOST'], + host_name=config['CONFIG_CONTROLLER_HOST'], check_command="cinder-list", use="generic-service", - normal_check_interval='5') + normal_check_interval='5' + ) - if controller.CONF['CONFIG_SWIFT_INSTALL'] == 'y': + if config['CONFIG_SWIFT_INSTALL'] == 'y': manifest_entries += _copy_script(name="swift-list") - service_entries += _serviceentry(name='swift-list', + service_entries += _serviceentry( + name='swift-list', service_description='number of swift containers', - host_name=controller.CONF['CONFIG_NAGIOS_HOST'], + host_name=config['CONFIG_CONTROLLER_HOST'], check_command="swift-list", use="generic-service", - normal_check_interval='5') + normal_check_interval='5' + ) manifest_entries += ("file { '/etc/nagios/nagios_service.cfg': \n" - "ensure => present, mode => 644,\n" - "owner => 'nagios', group => 'nagios',\n" - "before => Service['nagios'],\n" - "content => '%s'}" % service_entries) + "ensure => present, mode => 644,\n" + "owner => 'nagios', group => 'nagios',\n" + "before => Service['nagios'],\n" + "content => '%s'}" % service_entries) - controller.CONF['CONFIG_NAGIOS_MANIFEST_CONFIG'] = manifest_entries + config['CONFIG_NAGIOS_MANIFEST_CONFIG'] = manifest_entries - manifestfile = "%s_nagios.pp" % controller.CONF['CONFIG_NAGIOS_HOST'] + manifestfile = "%s_nagios.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nagios_server.pp") appendManifestFile(manifestfile, manifestdata) -def createnrpemanifests(config): - for hostname in filtered_hosts(controller.CONF): - controller.CONF['CONFIG_NRPE_HOST'] = hostname + +def create_nrpe_manifests(config, messages): + for hostname in filtered_hosts(config): + config['CONFIG_NRPE_HOST'] = hostname manifestfile = "%s_nagios_nrpe.pp" % hostname manifestdata = getManifestTemplate("nagios_nrpe.pp") - #Only the Nagios host is allowed to talk to nrpe - config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_NAGIOS_HOST'] + # Only the Nagios host is allowed to talk to nrpe + config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = "nagios-nrpe" config['FIREWALL_SERVICE_ID'] = "nagios_nrpe" config['FIREWALL_PORTS'] = '5666' @@ -182,7 +192,7 @@ def createnrpemanifests(config): manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) - controller.MESSAGES.append("To use Nagios, browse to http://%s/nagios " - "username : nagiosadmin, password : %s" % - (controller.CONF['CONFIG_NAGIOS_HOST'], - controller.CONF['CONFIG_NAGIOS_PW'])) + messages.append("To use Nagios, browse to " + "http://%(CONFIG_CONTROLLER_HOST)s/nagios " + "username: nagiosadmin, password: %(CONFIG_NAGIOS_PW)s" + % config) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 76c1d7a5f..3eddfe39d 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures neutron """ @@ -12,437 +14,432 @@ from packstack.installer.utils import split_hosts from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile - -# Controller object will be initialized from main flow -controller = None +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) -# Plugin name -PLUGIN_NAME = "OS-NEUTRON" -logging.debug("plugin %s loaded", __name__) +#------------------ oVirt installer initialization ------------------ -def initConfig(controllerObject): - global controller - controller = controllerObject +PLUGIN_NAME = "OS-Neutron" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') - logging.debug("Adding OpenStack Neutron configuration") +def initConfig(controller): conf_params = { - "NEUTRON" : [ - {"CMD_OPTION" : "neutron-server-host", - "USAGE" : "The IP addresses of the server on which to install the Neutron server", - "PROMPT" : "Enter the IP address of the Neutron server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ip, validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_SERVER_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ks-password", - "USAGE" : "The password to use for Neutron to authenticate with Keystone", - "PROMPT" : "Enter the password for Neutron Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "NEUTRON": [ + {"CMD_OPTION": "os-neutron-ks-password", + "USAGE": ("The password to use for Neutron to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for Neutron Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-db-password", - "USAGE" : "The password to use for Neutron to access DB", - "PROMPT" : "Enter the password for Neutron DB access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "CONF_NAME": "CONFIG_NEUTRON_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-db-password", + "USAGE": "The password to use for Neutron to access DB", + "PROMPT": "Enter the password for Neutron DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_DB_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-l3-hosts", - "USAGE" : "A comma separated list of IP addresses on which to install Neutron L3 agent", - "PROMPT" : "Enter a comma separated list of IP addresses on which to install the Neutron L3 agent", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_multi_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_L3_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-l3-ext-bridge", - "USAGE" : "The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks", - "PROMPT" : "Enter the bridge the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "br-ex", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_L3_EXT_BRIDGE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-dhcp-hosts", - "USAGE" : "A comma separated list of IP addresses on which to install Neutron DHCP agent", - "PROMPT" : "Enter a comma separated list of IP addresses on which to install Neutron DHCP agent", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_multi_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-l3-ext-bridge", + "USAGE": ("The name of the bridge that the Neutron L3 agent will " + "use for external traffic, or 'provider' if using " + "provider networks"), + "PROMPT": ("Enter the bridge the Neutron L3 agent will use for " + "external traffic, or 'provider' if using provider " + "networks"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "br-ex", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_DHCP_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-lbaas-hosts", - "USAGE" : "A comma separated list of IP addresses on which to install Neutron LBaaS agent", - "PROMPT" : "Enter a comma separated list of IP addresses on which to install Neutron LBaaS agent", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_multi_ssh], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_LBAAS_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-l2-plugin", - "USAGE" : "The name of the L2 plugin to be used with Neutron", - "PROMPT" : "Enter the name of the L2 plugin to be used with Neutron", - "OPTION_LIST" : ["linuxbridge", "openvswitch", "ml2"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "openvswitch", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_L3_EXT_BRIDGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-l2-plugin", + "USAGE": "The name of the L2 plugin to be used with Neutron", + "PROMPT": ("Enter the name of the L2 plugin to be used " + "with Neutron"), + "OPTION_LIST": ["linuxbridge", "openvswitch", "ml2"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "openvswitch", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_L2_PLUGIN", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-metadata-hosts", - "USAGE" : "A comma separated list of IP addresses on which to install Neutron metadata agent", - "PROMPT" : "Enter a comma separated list of IP addresses on which to install the Neutron metadata agent", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_multi_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_METADATA_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-metadata-pw", - "USAGE" : "A comma separated list of IP addresses on which to install Neutron metadata agent", - "PROMPT" : "Enter a comma separated list of IP addresses on which to install the Neutron metadata agent", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, + "CONF_NAME": "CONFIG_NEUTRON_L2_PLUGIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-metadata-pw", + "USAGE": "Neutron metadata agent password", + "PROMPT": "Enter Neutron metadata agent password", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NEUTRON_METADATA_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-lbaas-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "Neutron LBaaS"), + "PROMPT": "Should Packstack install Neutron LBaaS", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_METADATA_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - ], - "NEUTRON_LB_PLUGIN" : [ - {"CMD_OPTION" : "neutron-lb-tenant-network-type", - "USAGE" : "The type of network to allocate for tenant networks (eg. vlan, local)", - "PROMPT" : "Enter the type of network to allocate for tenant networks", - "OPTION_LIST" : ["local", "vlan"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "local", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_LBAAS_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_LB_PLUGIN": [ + {"CMD_OPTION": "os-neutron-lb-tenant-network-type", + "USAGE": ("The type of network to allocate for tenant networks " + "(eg. vlan, local)"), + "PROMPT": ("Enter the type of network to allocate for tenant " + "networks"), + "OPTION_LIST": ["local", "vlan"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "local", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-lb-vlan-ranges", - "USAGE" : "A comma separated list of VLAN ranges for the Neutron linuxbridge plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999)", - "PROMPT" : "Enter a comma separated list of VLAN ranges for the Neutron linuxbridge plugin", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-lb-vlan-ranges", + "USAGE": ("A comma separated list of VLAN ranges for the Neutron " + "linuxbridge plugin (eg. physnet1:1:4094,physnet2," + "physnet3:3000:3999)"), + "PROMPT": ("Enter a comma separated list of VLAN ranges for " + "the Neutron linuxbridge plugin"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_LB_VLAN_RANGES", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_LB_PLUGIN_AND_AGENT" : [ - {"CMD_OPTION" : "neutron-lb-interface-mappings", - "USAGE" : "A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3)", - "PROMPT" : "Enter a comma separated list of interface mappings for the Neutron linuxbridge plugin", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_LB_VLAN_RANGES", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_LB_PLUGIN_AND_AGENT": [ + {"CMD_OPTION": "os-neutron-lb-interface-mappings", + "USAGE": ("A comma separated list of interface mappings for the " + "Neutron linuxbridge plugin (eg. physnet1:br-eth1," + "physnet2:br-eth2,physnet3:br-eth3)"), + "PROMPT": ("Enter a comma separated list of interface mappings " + "for the Neutron linuxbridge plugin"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_OVS_PLUGIN" : [ - {"CMD_OPTION" : "neutron-ovs-tenant-network-type", - "USAGE" : "Type of network to allocate for tenant networks (eg. vlan, local, gre, vxlan)", - "PROMPT" : "Enter the type of network to allocate for tenant networks", - "OPTION_LIST" : ["local", "vlan", "gre", "vxlan"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "local", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_OVS_PLUGIN": [ + {"CMD_OPTION": "os-neutron-ovs-tenant-network-type", + "USAGE": ("Type of network to allocate for tenant networks " + "(eg. vlan, local, gre, vxlan)"), + "PROMPT": ("Enter the type of network to allocate for tenant " + "networks"), + "OPTION_LIST": ["local", "vlan", "gre", "vxlan"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "local", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ovs-vlan-ranges", - "USAGE" : "A comma separated list of VLAN ranges for the Neutron openvswitch plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999)", - "PROMPT" : "Enter a comma separated list of VLAN ranges for the Neutron openvswitch plugin", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ovs-vlan-ranges", + "USAGE": ("A comma separated list of VLAN ranges for the Neutron " + "openvswitch plugin (eg. physnet1:1:4094,physnet2," + "physnet3:3000:3999)"), + "PROMPT": ("Enter a comma separated list of VLAN ranges for the " + "Neutron openvswitch plugin"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_OVS_VLAN_RANGES", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_OVS_PLUGIN_AND_AGENT" : [ - {"CMD_OPTION" : "neutron-ovs-bridge-mappings", - "USAGE" : "A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3)", - "PROMPT" : "Enter a comma separated list of bridge mappings for the Neutron openvswitch plugin", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_OVS_VLAN_RANGES", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_OVS_PLUGIN_AND_AGENT": [ + {"CMD_OPTION": "os-neutron-ovs-bridge-mappings", + "USAGE": ("A comma separated list of bridge mappings for the " + "Neutron openvswitch plugin (eg. physnet1:br-eth1," + "physnet2:br-eth2,physnet3:br-eth3)"), + "PROMPT": ("Enter a comma separated list of bridge mappings for " + "the Neutron openvswitch plugin"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ovs-bridge-interfaces", - "USAGE" : "A comma separated list of colon-separated OVS bridge:interface pairs. The interface will be added to the associated bridge.", - "PROMPT" : "Enter a comma separated list of OVS bridge:interface pairs for the Neutron openvswitch plugin", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ovs-bridge-interfaces", + "USAGE": ("A comma separated list of colon-separated OVS " + "bridge:interface pairs. The interface will be added " + "to the associated bridge."), + "PROMPT": ("Enter a comma separated list of OVS bridge:interface " + "pairs for the Neutron openvswitch plugin"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_OVS_BRIDGE_IFACES", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_OVS_PLUGIN_TUNNEL" : [ - {"CMD_OPTION" : "neutron-ovs-tunnel-ranges", - "USAGE" : "A comma separated list of tunnel ranges for the Neutron openvswitch plugin (eg. 1:1000)", - "PROMPT" : "Enter a comma separated list of tunnel ranges for the Neutron openvswitch plugin", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_OVS_BRIDGE_IFACES", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_OVS_PLUGIN_TUNNEL": [ + {"CMD_OPTION": "os-neutron-ovs-tunnel-ranges", + "USAGE": ("A comma separated list of tunnel ranges for the " + "Neutron openvswitch plugin (eg. 1:1000)"), + "PROMPT": ("Enter a comma separated list of tunnel ranges for " + "the Neutron openvswitch plugin"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_OVS_TUNNEL_RANGES", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_OVS_PLUGIN_AND_AGENT_TUNNEL" : [ - {"CMD_OPTION" : "neutron-ovs-tunnel-if", - "USAGE" : "The interface for the OVS tunnel. Packstack will override the IP address used for tunnels on this hypervisor to the IP found on the specified interface. (eg. eth1) ", - "PROMPT" : "Enter interface with IP to override the default tunnel local_ip", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_OVS_TUNNEL_RANGES", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_OVS_PLUGIN_AND_AGENT_TUNNEL": [ + {"CMD_OPTION": "os-neutron-ovs-tunnel-if", + "USAGE": ("The interface for the OVS tunnel. Packstack will " + "override the IP address used for tunnels on this " + "hypervisor to the IP found on the specified interface." + " (eg. eth1)"), + "PROMPT": ("Enter interface with IP to override the default " + "tunnel local_ip"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NEUTRON_OVS_TUNNEL_IF", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_OVS_PLUGIN_AND_AGENT_VXLAN" : [ - {"CMD_OPTION" : "neutron-ovs-vxlan-udp-port", - "CONF_NAME" : "CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT", - "USAGE" : "VXLAN UDP port", - "PROMPT" : "Enter VXLAN UDP port number", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_port], - "DEFAULT_VALUE" : 4789, - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_NEUTRON_OVS_TUNNEL_IF", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_OVS_PLUGIN_AND_AGENT_VXLAN": [ + {"CMD_OPTION": "os-neutron-ovs-vxlan-udp-port", + "CONF_NAME": "CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT", + "USAGE": "VXLAN UDP port", + "PROMPT": "Enter VXLAN UDP port number", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_port], + "DEFAULT_VALUE": 4789, + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NEUTRON_ML2_PLUGIN" : [ - {"CMD_OPTION" : "neutron-ml2-type-drivers", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_TYPE_DRIVERS", - "USAGE" : ("A comma separated list of network type " - "driver entrypoints to be loaded from the " - "neutron.ml2.type_drivers namespace."), - "PROMPT" : ("Enter a comma separated list of network " - "type driver entrypoints"), - "OPTION_LIST" : ["local", "flat", "vlan", "gre", "vxlan"], - "VALIDATORS" : [validators.validate_multi_options], - "DEFAULT_VALUE" : "local", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NEUTRON_ML2_PLUGIN": [ + {"CMD_OPTION": "os-neutron-ml2-type-drivers", + "CONF_NAME": "CONFIG_NEUTRON_ML2_TYPE_DRIVERS", + "USAGE": ("A comma separated list of network type driver " + "entrypoints to be loaded from the " + "neutron.ml2.type_drivers namespace."), + "PROMPT": ("Enter a comma separated list of network type driver " + "entrypoints"), + "OPTION_LIST": ["local", "flat", "vlan", "gre", "vxlan"], + "VALIDATORS": [validators.validate_multi_options], + "DEFAULT_VALUE": "local", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-tenant-network-types", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES", - "USAGE" : ("A comma separated ordered list of " - "network_types to allocate as tenant " - "networks. The value 'local' is only useful " - "for single-box testing but provides no " - "connectivity between hosts."), - "PROMPT" : ("Enter a comma separated ordered list of " - "network_types to allocate as tenant " - "networks"), - "OPTION_LIST" : ["local", "vlan", "gre", "vxlan"], - "VALIDATORS" : [validators.validate_multi_options], - "DEFAULT_VALUE" : "local", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-tenant-network-types", + "CONF_NAME": "CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES", + "USAGE": ("A comma separated ordered list of network_types to " + "allocate as tenant networks. The value 'local' is " + "only useful for single-box testing but provides no " + "connectivity between hosts."), + "PROMPT": ("Enter a comma separated ordered list of " + "network_types to allocate as tenant networks"), + "OPTION_LIST": ["local", "vlan", "gre", "vxlan"], + "VALIDATORS": [validators.validate_multi_options], + "DEFAULT_VALUE": "local", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-mechanism-drivers", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS", - "USAGE" : ("A comma separated ordered list of " - "networking mechanism driver entrypoints " - "to be loaded from the " - "neutron.ml2.mechanism_drivers namespace."), - "PROMPT" : ("Enter a comma separated ordered list of " - "networking mechanism driver entrypoints"), - "OPTION_LIST" : ["logger", "test", "linuxbridge", - "openvswitch", "hyperv", "ncs", "arista", - "cisco_nexus", "l2population"], - "VALIDATORS" : [validators.validate_multi_options], - "DEFAULT_VALUE" : "openvswitch", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-mechanism-drivers", + "CONF_NAME": "CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS", + "USAGE": ("A comma separated ordered list of networking " + "mechanism driver entrypoints to be loaded from the " + "neutron.ml2.mechanism_drivers namespace."), + "PROMPT": ("Enter a comma separated ordered list of networking " + "mechanism driver entrypoints"), + "OPTION_LIST": ["logger", "test", "linuxbridge", "openvswitch", + "hyperv", "ncs", "arista", "cisco_nexus", + "l2population"], + "VALIDATORS": [validators.validate_multi_options], + "DEFAULT_VALUE": "openvswitch", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-flat-networks", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_FLAT_NETWORKS", - "USAGE" : ("A comma separated list of physical_network" - " names with which flat networks can be " - "created. Use * to allow flat networks with " - "arbitrary physical_network names."), - "PROMPT" : ("Enter a comma separated list of " - "physical_network names with which flat " - "networks can be created"), - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "*", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-flat-networks", + "CONF_NAME": "CONFIG_NEUTRON_ML2_FLAT_NETWORKS", + "USAGE": ("A comma separated list of physical_network names " + "with which flat networks can be created. Use * to " + "allow flat networks with arbitrary physical_network " + "names."), + "PROMPT": ("Enter a comma separated list of physical_network " + "names with which flat networks can be created"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "*", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-vlan-ranges", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_VLAN_RANGES", - "USAGE" : ("A comma separated list of " - ":: " - "or specifying " - "physical_network names usable for VLAN " - "provider and tenant networks, as well as " - "ranges of VLAN tags on each available for " - "allocation to tenant networks."), - "PROMPT" : ("Enter a comma separated list of " - "physical_network names usable for VLAN"), - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-vlan-ranges", + "CONF_NAME": "CONFIG_NEUTRON_ML2_VLAN_RANGES", + "USAGE": ("A comma separated list of :" + ": or " + "specifying physical_network names usable for VLAN " + "provider and tenant networks, as well as ranges of " + "VLAN tags on each available for allocation to tenant " + "networks."), + "PROMPT": ("Enter a comma separated list of physical_network " + "names usable for VLAN"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-tunnel-id-ranges", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES", - "USAGE" : ("A comma separated list of :" - " tuples enumerating ranges of GRE " - "tunnel IDs that are available for tenant " - "network allocation. Should be an array with" - " tun_max +1 - tun_min > 1000000"), - "PROMPT" : ("Enter a comma separated list of :" - " tuples enumerating ranges of GRE " - "tunnel IDs that are available for tenant " - "network allocation"), - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-tunnel-id-ranges", + "CONF_NAME": "CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES", + "USAGE": ("A comma separated list of : tuples " + "enumerating ranges of GRE tunnel IDs that are " + "available for tenant network allocation. Should be " + "an array with tun_max +1 - tun_min > 1000000"), + "PROMPT": ("Enter a comma separated list of : " + "tuples enumerating ranges of GRE tunnel IDs that " + "are available for tenant network allocation"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-vxlan-group", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_VXLAN_GROUP", - "USAGE" : ("Multicast group for VXLAN. If unset, " - "disables VXLAN enable sending allocate " - "broadcast traffic to this multicast group. " - "When left unconfigured, will disable " - "multicast VXLAN mode. Should be an " - "Multicast IP (v4 or v6) address."), - "PROMPT" : "Enter a multicast group for VXLAN", - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-vxlan-group", + "CONF_NAME": "CONFIG_NEUTRON_ML2_VXLAN_GROUP", + "USAGE": ("Multicast group for VXLAN. If unset, disables VXLAN " + "enable sending allocate broadcast traffic to this " + "multicast group. When left unconfigured, will disable " + "multicast VXLAN mode. Should be an Multicast IP " + "(v4 or v6) address."), + "PROMPT": "Enter a multicast group for VXLAN", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-ml2-vni-ranges", - "CONF_NAME" : "CONFIG_NEUTRON_ML2_VNI_RANGES", - "USAGE" : ("A comma separated list of :" - " tuples enumerating ranges of " - "VXLAN VNI IDs that are available for tenant" - " network allocation. Min value is 0 and Max" - " value is 16777215."), - "PROMPT" : ("Enter a comma separated list of :" - " tuples enumerating ranges of " - "VXLAN VNI IDs that are available for tenant" - " network allocation"), - "OPTION_LIST" : [], - "VALIDATORS" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-ml2-vni-ranges", + "CONF_NAME": "CONFIG_NEUTRON_ML2_VNI_RANGES", + "USAGE": ("A comma separated list of : tuples " + "enumerating ranges of VXLAN VNI IDs that are " + "available for tenant network allocation. Min value " + "is 0 and Max value is 16777215."), + "PROMPT": ("Enter a comma separated list of : " + "tuples enumerating ranges of VXLAN VNI IDs that are " + "available for tenant network allocation"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "neutron-l2-agent", # We need to ask for this only in case of ML2 plugins - "USAGE" : "The name of the L2 agent to be used with Neutron", - "PROMPT" : "Enter the name of the L2 agent to be used with Neutron", - "OPTION_LIST" : ["linuxbridge", "openvswitch"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "openvswitch", - "MASK_INPUT" : False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + # We need to ask for this only in case of ML2 plugins + {"CMD_OPTION": "os-neutron-l2-agent", + "USAGE": "The name of the L2 agent to be used with Neutron", + "PROMPT": ("Enter the name of the L2 agent to be used " + "with Neutron"), + "OPTION_LIST": ["linuxbridge", "openvswitch"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "openvswitch", + "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_L2_AGENT", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - } + "CONF_NAME": "CONFIG_NEUTRON_L2_AGENT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + } def use_ml2_plugin(config): return (config['CONFIG_NEUTRON_INSTALL'] == 'y' and @@ -480,7 +477,8 @@ def use_openvswitch_agent(config): return use_openvswitch_plugin(config) or use_ml2_with_ovs(config) def use_openvswitch_agent_tunnel(config): - return use_openvswitch_plugin_tunnel(config) or use_ml2_with_ovs(config) + return (use_openvswitch_plugin_tunnel(config) or + use_ml2_with_ovs(config)) def use_openvswitch_vxlan(config): ovs_vxlan = ( @@ -493,75 +491,73 @@ def use_openvswitch_vxlan(config): ) return ovs_vxlan or ml2_vxlan - conf_groups = [ - { "GROUP_NAME" : "NEUTRON", - "DESCRIPTION" : "Neutron config", - "PRE_CONDITION" : "CONFIG_NEUTRON_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_ML2_PLUGIN", - "DESCRIPTION" : "Neutron ML2 plugin config", - "PRE_CONDITION" : use_ml2_plugin, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_LB_PLUGIN", - "DESCRIPTION" : "Neutron LB plugin config", - "PRE_CONDITION" : use_linuxbridge_plugin, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_LB_PLUGIN_AND_AGENT", - "DESCRIPTION" : "Neutron LB agent config", - "PRE_CONDITION" : use_linuxbridge_agent, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_OVS_PLUGIN", - "DESCRIPTION" : "Neutron OVS plugin config", - "PRE_CONDITION" : use_openvswitch_plugin, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_OVS_PLUGIN_AND_AGENT", - "DESCRIPTION" : "Neutron OVS agent config", - "PRE_CONDITION" : use_openvswitch_agent, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_OVS_PLUGIN_TUNNEL", - "DESCRIPTION" : "Neutron OVS plugin config for tunnels", - "PRE_CONDITION" : use_openvswitch_plugin_tunnel, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_OVS_PLUGIN_AND_AGENT_TUNNEL", - "DESCRIPTION" : "Neutron OVS agent config for tunnels", - "PRE_CONDITION" : use_openvswitch_agent_tunnel, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "NEUTRON_OVS_PLUGIN_AND_AGENT_VXLAN", - "DESCRIPTION" : "Neutron OVS agent config for VXLAN", - "PRE_CONDITION" : use_openvswitch_vxlan, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - ] - + {"GROUP_NAME": "NEUTRON", + "DESCRIPTION": "Neutron config", + "PRE_CONDITION": "CONFIG_NEUTRON_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_ML2_PLUGIN", + "DESCRIPTION": "Neutron ML2 plugin config", + "PRE_CONDITION": use_ml2_plugin, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_LB_PLUGIN", + "DESCRIPTION": "Neutron LB plugin config", + "PRE_CONDITION": use_linuxbridge_plugin, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_LB_PLUGIN_AND_AGENT", + "DESCRIPTION": "Neutron LB agent config", + "PRE_CONDITION": use_linuxbridge_agent, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_OVS_PLUGIN", + "DESCRIPTION": "Neutron OVS plugin config", + "PRE_CONDITION": use_openvswitch_plugin, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_AND_AGENT", + "DESCRIPTION": "Neutron OVS agent config", + "PRE_CONDITION": use_openvswitch_agent, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_TUNNEL", + "DESCRIPTION": "Neutron OVS plugin config for tunnels", + "PRE_CONDITION": use_openvswitch_plugin_tunnel, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_AND_AGENT_TUNNEL", + "DESCRIPTION": "Neutron OVS agent config for tunnels", + "PRE_CONDITION": use_openvswitch_agent_tunnel, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_AND_AGENT_VXLAN", + "DESCRIPTION": "Neutron OVS agent config for VXLAN", + "PRE_CONDITION": use_openvswitch_vxlan, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + ] for group in conf_groups: - paramList = conf_params[group["GROUP_NAME"]] - controller.addGroup(group, paramList) - - -def get_if_driver(config): - agent = config['CONFIG_NEUTRON_L2_AGENT'] - if agent == "openvswitch": - return 'neutron.agent.linux.interface.OVSInterfaceDriver' - elif agent == 'linuxbridge': - return 'neutron.agent.linux.interface.BridgeInterfaceDriver' + params = conf_params[group["GROUP_NAME"]] + controller.addGroup(group, params) def initSequences(controller): @@ -592,19 +588,16 @@ def initSequences(controller): key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "'%s'" % config[key] if config[key] else 'undef' - config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db + config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path - global api_hosts, l3_hosts, dhcp_hosts, lbaas_hosts, compute_hosts, meta_hosts, q_hosts - api_hosts = split_hosts(config['CONFIG_NEUTRON_SERVER_HOST']) - l3_hosts = split_hosts(config['CONFIG_NEUTRON_L3_HOSTS']) - dhcp_hosts = split_hosts(config['CONFIG_NEUTRON_DHCP_HOSTS']) - lbaas_hosts = split_hosts(config['CONFIG_NEUTRON_LBAAS_HOSTS']) - meta_hosts = split_hosts(config['CONFIG_NEUTRON_METADATA_HOSTS']) + global api_hosts, network_hosts, compute_hosts, q_hosts + api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) + network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': - compute_hosts = split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) - q_hosts = api_hosts | l3_hosts | dhcp_hosts | lbaas_hosts | compute_hosts | meta_hosts + compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) + q_hosts = api_hosts | network_hosts | compute_hosts neutron_steps = [ {'title': 'Adding Neutron API manifest entries', @@ -626,11 +619,45 @@ def initSequences(controller): neutron_steps) -def create_manifests(config): +#------------------------- helper functions ------------------------- + +def get_if_driver(config): + agent = config['CONFIG_NEUTRON_L2_AGENT'] + if agent == "openvswitch": + return 'neutron.agent.linux.interface.OVSInterfaceDriver' + elif agent == 'linuxbridge': + return 'neutron.agent.linux.interface.BridgeInterfaceDriver' + + +def find_mapping(haystack, needle): + return needle in [x.split(':')[1].strip() for x in get_values(haystack)] + + +def get_values(val): + return [x.strip() for x in val.split(',')] if val else [] + + +def get_agent_type(config): + # The only real use case I can think of for multiples right now is to list + # "vlan,gre" or "vlan,vxlan" so that VLANs are used if available, + # but tunnels are used if not. + tenant_types = config.get('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', + "['local']").strip('[]') + tenant_types = [i.strip('"\'') for i in tenant_types.split(',')] + + for i in ['gre', 'vxlan', 'vlan']: + if i in tenant_types: + return i + return tenant_types[0] + + +#-------------------------- step functions -------------------------- + +def create_manifests(config, messages): global q_hosts service_plugins = [] - if config['CONFIG_NEUTRON_LBAAS_HOSTS']: + if config['CONFIG_LBAAS_INSTALL'] == 'y': service_plugins.append( 'neutron.services.loadbalancer.plugin.LoadBalancerPlugin' ) @@ -639,7 +666,6 @@ def create_manifests(config): service_plugins.append( 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' ) - config['SERVICE_PLUGINS'] = (str(service_plugins) if service_plugins else 'undef') @@ -651,15 +677,6 @@ def create_manifests(config): elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2': plugin_manifest = 'neutron_ml2_plugin.pp' - # host to which allow neutron server - allowed_hosts = set(q_hosts) - if config['CONFIG_CLIENT_INSTALL'] == 'y': - allowed_hosts.add(config['CONFIG_OSCLIENT_HOST']) - if config['CONFIG_HORIZON_INSTALL'] == 'y': - allowed_hosts.add(config['CONFIG_HORIZON_HOST']) - if config['CONFIG_NOVA_INSTALL'] == 'y': - allowed_hosts.add(config['CONFIG_NOVA_API_HOST']) - config['FIREWALL_SERVICE_NAME'] = "neutron server" config['FIREWALL_PORTS'] = "'9696'" config['FIREWALL_CHAIN'] = "INPUT" @@ -676,9 +693,10 @@ def create_manifests(config): manifest_data += getManifestTemplate("neutron_notifications.pp") # Firewall Rules - for f_host in allowed_hosts: + for f_host in q_hosts: config['FIREWALL_ALLOWED'] = "'%s'" % f_host - config['FIREWALL_SERVICE_ID'] = "neutron_server_%s_%s" % (host, f_host) + config['FIREWALL_SERVICE_ID'] = ("neutron_server_%s_%s" + % (host, f_host)) manifest_data += getManifestTemplate("firewall.pp") appendManifestFile(manifest_file, manifest_data, 'neutron') @@ -689,44 +707,39 @@ def create_manifests(config): appendManifestFile(manifest_file, manifest_data, 'neutron') -def create_keystone_manifest(config): - manifestfile = "%s_keystone.pp" % config['CONFIG_KEYSTONE_HOST'] +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_neutron.pp") appendManifestFile(manifestfile, manifestdata) -def find_mapping(haystack, needle): - return needle in [x.split(':')[1].strip() for x in get_values(haystack)] - - -def create_l3_manifests(config): - global l3_hosts +def create_l3_manifests(config, messages): + global network_hosts plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] if config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] == 'provider': config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] = '' - for host in l3_hosts: + for host in network_hosts: config['CONFIG_NEUTRON_L3_HOST'] = host config['CONFIG_NEUTRON_L3_INTERFACE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_l3.pp") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + '\n') - if (config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch' and - config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] and - not find_mapping(config['CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'], - config['CONFIG_NEUTRON_L3_EXT_BRIDGE'])): - config['CONFIG_NEUTRON_OVS_BRIDGE'] = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] + ext_bridge = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] + mapping = find_mapping(config['CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'], + ext_bridge) if ext_bridge else None + if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch' and not mapping: + config['CONFIG_NEUTRON_OVS_BRIDGE'] = ext_bridge manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') appendManifestFile(manifestfile, manifestdata + '\n') -def create_dhcp_manifests(config): - global dhcp_hosts +def create_dhcp_manifests(config, messages): + global network_hosts plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] - - for host in dhcp_hosts: + for host in network_hosts: config["CONFIG_NEUTRON_DHCP_HOST"] = host config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) manifest_data = getManifestTemplate("neutron_dhcp.pp") @@ -736,12 +749,14 @@ def create_dhcp_manifests(config): for f_host in q_hosts: config['FIREWALL_ALLOWED'] = "'%s'" % f_host config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in" - config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_in_%s_%s" % (host, f_host) + config['FIREWALL_SERVICE_ID'] = ("neutron_dhcp_in_%s_%s" + % (host, f_host)) config['FIREWALL_PORTS'] = "'67'" config['FIREWALL_CHAIN'] = "INPUT" manifest_data += getManifestTemplate("firewall.pp") config['FIREWALL_SERVICE_NAME'] = "neutron dhcp out" - config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_out_%s_%s" % (host, f_host) + config['FIREWALL_SERVICE_ID'] = ("neutron_dhcp_out_%s_%s" + % (host, f_host)) config['FIREWALL_PORTS'] = "'68'" config['FIREWALL_CHAIN'] = "OUTPUT" manifest_data += getManifestTemplate("firewall.pp") @@ -749,34 +764,21 @@ def create_dhcp_manifests(config): appendManifestFile(manifest_file, manifest_data, 'neutron') +def create_lbaas_manifests(config, messages): + global api_hosts -def create_lbaas_manifests(config): - global lbaas_hosts - for host in lbaas_hosts: - controller.CONF['CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'] = get_if_driver(config) + if not config['CONFIG_LBAAS_INSTALL'] == 'y': + return + + for host in api_hosts: + config['CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_lbaas.pp") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") -def get_values(val): - return [x.strip() for x in val.split(',')] if val else [] - -def get_agent_type(config): - # The only real use case I can think of for multiples right now is to list - # "vlan,gre" or "vlan,vxlan" so that VLANs are used if available, - # but tunnels are used if not. - tenant_types = config.get('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', - "['local']").strip('[]') - tenant_types = [i.strip('"\'') for i in tenant_types.split(',')] - - for i in ['gre', 'vxlan', 'vlan']: - if i in tenant_types: - return i - return tenant_types[0] - -def create_l2_agent_manifests(config): - global api_hosts, compute_hosts, dhcp_host, l3_hosts +def create_l2_agent_manifests(config, messages): + global q_hosts plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] agent = config["CONFIG_NEUTRON_L2_AGENT"] @@ -798,9 +800,9 @@ def create_l2_agent_manifests(config): # The CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS parameter contains a # comma-separated list of bridge mappings. Since the puppet module - # expects this parameter to be an array, this parameter must be properly - # formatted by packstack, then consumed by the puppet module. - # For example, the input string 'A, B, C' should formatted as '['A','B','C']'. + # expects this parameter to be an array, this parameter must be + # properly formatted by packstack, then consumed by the puppet module. + # For example, the input string 'A, B' should formatted as '['A','B']'. config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = str(bm_arr) elif agent == "linuxbridge": host_var = 'CONFIG_NEUTRON_LB_HOST' @@ -810,14 +812,16 @@ def create_l2_agent_manifests(config): # Install l2 agents on every compute host in addition to any hosts listed # specifically for the l2 agent - for host in api_hosts | compute_hosts | dhcp_hosts | l3_hosts: + for host in q_hosts: config[host_var] = host manifestfile = "%s_neutron.pp" % (host,) manifestdata = getManifestTemplate(template_name) appendManifestFile(manifestfile, manifestdata + "\n") if agent == "openvswitch" and ovs_type == 'vlan': for if_map in iface_arr: - config['CONFIG_NEUTRON_OVS_BRIDGE'], config['CONFIG_NEUTRON_OVS_IFACE'] = if_map.split(':') + bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' + iface_key = 'CONFIG_NEUTRON_OVS_IFACE' + config[bridge_key], config[iface_key] = if_map.split(':') manifestdata = getManifestTemplate("neutron_ovs_port.pp") appendManifestFile(manifestfile, manifestdata + "\n") # Additional configurations required for compute hosts @@ -826,12 +830,12 @@ def create_l2_agent_manifests(config): appendManifestFile(manifestfile, manifestdata + '\n') -def create_metadata_manifests(config): - global meta_hosts +def create_metadata_manifests(config, messages): + global network_hosts if config.get('CONFIG_NOVA_INSTALL') == 'n': return - for host in meta_hosts: - controller.CONF['CONFIG_NEUTRON_METADATA_HOST'] = host + for host in network_hosts: + config['CONFIG_NEUTRON_METADATA_HOST'] = host manifestdata = getManifestTemplate('neutron_metadata.pp') manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 3f5f4f908..8f2f974e5 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures nova """ @@ -12,19 +14,17 @@ from packstack.installer.exceptions import ScriptRuntimeError from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import NovaConfig, getManifestTemplate, appendManifestFile, manifestfiles +from packstack.modules.ospluginutils import (NovaConfig, getManifestTemplate, + appendManifestFile, manifestfiles) -# Controller object will be initialized from main flow -controller = None -PLUGIN_NAME = "OS-NOVA" +#------------------ oVirt installer initialization ------------------ -logging.debug("plugin %s loaded", __name__) +PLUGIN_NAME = "OS-Nova" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -def initConfig(controllerObject): - global controller - controller = controllerObject +def initConfig(controller): if platform.linux_distribution()[0] == "Fedora": primary_netif = "em1" secondary_netif = "em2" @@ -33,387 +33,300 @@ def initConfig(controllerObject): secondary_netif = "eth1" nova_params = { - "NOVA" : [ - {"CMD_OPTION" : "novaapi-host", - "USAGE" : "The IP address of the server on which to install the Nova API service", - "PROMPT" : "Enter the IP address of the Nova API service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ip, validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_API_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novacert-host", - "USAGE" : "The IP address of the server on which to install the Nova Cert service", - "PROMPT" : "Enter the IP address of the Nova Cert service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_CERT_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novavncproxy-hosts", - "USAGE" : "The IP address of the server on which to install the Nova VNC proxy", - "PROMPT" : "Enter the IP address of the Nova VNC proxy", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_VNCPROXY_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novacompute-hosts", - "USAGE" : "A comma separated list of IP addresses on which to install the Nova Compute services", - "PROMPT" : "Enter a comma separated list of IP addresses on which to install the Nova Compute services", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty, validators.validate_multi_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_COMPUTE_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novaconductor-host", - "USAGE" : "The IP address of the server on which to install the Nova Conductor service", - "PROMPT" : "Enter the IP address of the Nova Conductor service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ip, validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_CONDUCTOR_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "nova-db-passwd", - "USAGE" : "The password to use for the Nova to access DB", - "PROMPT" : "Enter the password for the Nova DB access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NOVA_DB_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "nova-ks-passwd", - "USAGE" : "The password to use for the Nova to authenticate with Keystone", - "PROMPT" : "Enter the password for the Nova Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NOVA_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "novasched-host", - "USAGE" : "The IP address of the server on which to install the Nova Scheduler service", - "PROMPT" : "Enter the IP address of the Nova Scheduler service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_SCHED_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novasched-cpu-allocation-ratio", - "USAGE" : "The overcommitment ratio for virtual to physical CPUs. " - "Set to 1.0 to disable CPU overcommitment", - "PROMPT" : "Enter the CPU overcommitment ratio. " - "Set to 1.0 to disable CPU overcommitment", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_float], - "DEFAULT_VALUE" : 16.0, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novasched-ram-allocation-ratio", - "USAGE" : "The overcommitment ratio for virtual to physical RAM. " - "Set to 1.0 to disable RAM overcommitment", - "PROMPT" : "Enter the RAM overcommitment ratio. " - "Set to 1.0 to disable RAM overcommitment", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_float], - "DEFAULT_VALUE" : 1.5, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NOVA_NETWORK" : [ - {"CMD_OPTION" : "novacompute-privif", - "USAGE" : "Private interface for Flat DHCP on the Nova compute servers", - "PROMPT" : "Enter the Private interface for Flat DHCP on the Nova compute servers", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : secondary_netif, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_COMPUTE_PRIVIF", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-hosts", - "USAGE" : "The list of IP addresses of the server on which to install the Nova Network service", - "PROMPT" : "Enter list of IP addresses on which to install the Nova Network service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_multi_ip, validators.validate_multi_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-manager", - "USAGE" : "Nova network manager", - "PROMPT" : "Enter the Nova network manager", - "OPTION_LIST" : [r'^nova\.network\.manager\.\w+Manager$'], - "VALIDATORS" : [validators.validate_regexp], - "DEFAULT_VALUE" : "nova.network.manager.FlatDHCPManager", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_MANAGER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-pubif", - "USAGE" : "Public interface on the Nova network server", - "PROMPT" : "Enter the Public interface on the Nova network server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : primary_netif, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_PUBIF", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-privif", - "USAGE" : "Private interface for network manager on the Nova network server", - "PROMPT" : "Enter the Private interface for network manager on the Nova network server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : secondary_netif, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_PRIVIF", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-fixed-range", - "USAGE" : "IP Range for network manager", - "PROMPT" : "Enter the IP Range for network manager", - "OPTION_LIST" : ["^[\:\.\da-fA-f]+(\/\d+){0,1}$"], - "PROCESSORS" : [processors.process_cidr], - "VALIDATORS" : [validators.validate_regexp], - "DEFAULT_VALUE" : "192.168.32.0/22", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_FIXEDRANGE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-floating-range", - "USAGE" : "IP Range for Floating IP's", - "PROMPT" : "Enter the IP Range for Floating IP's", - "OPTION_LIST" : ["^[\:\.\da-fA-f]+(\/\d+){0,1}$"], - "PROCESSORS" : [processors.process_cidr], - "VALIDATORS" : [validators.validate_regexp], - "DEFAULT_VALUE" : "10.3.4.0/22", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_FLOATRANGE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-default-floating-pool", - "USAGE" : "Name of the default floating pool to which the specified floating ranges are added to", - "PROMPT" : "What should the default floating pool be called?", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "nova", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-auto-assign-floating-ip", - "USAGE" : "Automatically assign a floating IP to new instances", - "PROMPT" : "Should new instances automatically have a floating IP assigned?", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "NOVA_NETWORK_VLAN" : [ - {"CMD_OPTION" : "novanetwork-vlan-start", - "USAGE" : "First VLAN for private networks", - "PROMPT" : "Enter first VLAN for private networks", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : 100, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_VLAN_START", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-num-networks", - "USAGE" : "Number of networks to support", - "PROMPT" : "How many networks should be supported", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : 1, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_NUMBER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "novanetwork-network-size", - "USAGE" : "Number of addresses in each private subnet", - "PROMPT" : "How many addresses should be in each private subnet", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : 255, - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_NOVA_NETWORK_SIZE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - } + "NOVA": [ + {"CMD_OPTION": "nova-db-passwd", + "USAGE": "The password to use for the Nova to access DB", + "PROMPT": "Enter the password for the Nova DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "nova-ks-passwd", + "USAGE": ("The password to use for the Nova to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Nova Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "novasched-cpu-allocation-ratio", + "USAGE": ("The overcommitment ratio for virtual to physical CPUs." + " Set to 1.0 to disable CPU overcommitment"), + "PROMPT": "Enter the CPU overcommitment ratio. Set to 1.0 to " + "disable CPU overcommitment", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_float], + "DEFAULT_VALUE": 16.0, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novasched-ram-allocation-ratio", + "USAGE": ("The overcommitment ratio for virtual to physical RAM. " + "Set to 1.0 to disable RAM overcommitment"), + "PROMPT": ("Enter the RAM overcommitment ratio. Set to 1.0 to " + "disable RAM overcommitment"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_float], + "DEFAULT_VALUE": 1.5, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NOVA_NETWORK": [ + {"CMD_OPTION": "novacompute-privif", + "USAGE": ("Private interface for Flat DHCP on the Nova compute " + "servers"), + "PROMPT": ("Enter the Private interface for Flat DHCP on the Nova" + " compute servers"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": secondary_netif, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_COMPUTE_PRIVIF", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-manager", + "USAGE": "Nova network manager", + "PROMPT": "Enter the Nova network manager", + "OPTION_LIST": [r'^nova\.network\.manager\.\w+Manager$'], + "VALIDATORS": [validators.validate_regexp], + "DEFAULT_VALUE": "nova.network.manager.FlatDHCPManager", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_MANAGER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-pubif", + "USAGE": "Public interface on the Nova network server", + "PROMPT": "Enter the Public interface on the Nova network server", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": primary_netif, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_PUBIF", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-privif", + "USAGE": ("Private interface for network manager on the Nova " + "network server"), + "PROMPT": ("Enter the Private interface for network manager on " + "the Nova network server"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": secondary_netif, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_PRIVIF", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-fixed-range", + "USAGE": "IP Range for network manager", + "PROMPT": "Enter the IP Range for network manager", + "OPTION_LIST": ["^[\:\.\da-fA-f]+(\/\d+){0,1}$"], + "PROCESSORS": [processors.process_cidr], + "VALIDATORS": [validators.validate_regexp], + "DEFAULT_VALUE": "192.168.32.0/22", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_FIXEDRANGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-floating-range", + "USAGE": "IP Range for Floating IP's", + "PROMPT": "Enter the IP Range for Floating IP's", + "OPTION_LIST": ["^[\:\.\da-fA-f]+(\/\d+){0,1}$"], + "PROCESSORS": [processors.process_cidr], + "VALIDATORS": [validators.validate_regexp], + "DEFAULT_VALUE": "10.3.4.0/22", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_FLOATRANGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-default-floating-pool", + "USAGE": ("Name of the default floating pool to which the " + "specified floating ranges are added to"), + "PROMPT": "What should the default floating pool be called?", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "nova", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-auto-assign-floating-ip", + "USAGE": "Automatically assign a floating IP to new instances", + "PROMPT": ("Should new instances automatically have a floating " + "IP assigned?"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "NOVA_NETWORK_VLAN": [ + {"CMD_OPTION": "novanetwork-vlan-start", + "USAGE": "First VLAN for private networks", + "PROMPT": "Enter first VLAN for private networks", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": 100, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_VLAN_START", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-num-networks", + "USAGE": "Number of networks to support", + "PROMPT": "How many networks should be supported", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": 1, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_NUMBER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-network-size", + "USAGE": "Number of addresses in each private subnet", + "PROMPT": "How many addresses should be in each private subnet", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": 255, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_SIZE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + } def use_nova_network(config): - return config['CONFIG_NOVA_INSTALL'] == 'y' and \ - config['CONFIG_NEUTRON_INSTALL'] != 'y' + return (config['CONFIG_NOVA_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_INSTALL'] != 'y') def use_nova_network_vlan(config): manager = 'nova.network.manager.VlanManager' - return config['CONFIG_NOVA_INSTALL'] == 'y' and \ - config['CONFIG_NEUTRON_INSTALL'] != 'y' and \ - config['CONFIG_NOVA_NETWORK_MANAGER'] == manager + return (config['CONFIG_NOVA_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_INSTALL'] != 'y' and + config['CONFIG_NOVA_NETWORK_MANAGER'] == manager) nova_groups = [ - {"GROUP_NAME" : "NOVA", - "DESCRIPTION" : "Nova Options", - "PRE_CONDITION" : "CONFIG_NOVA_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}, - {"GROUP_NAME" : "NOVA_NETWORK", - "DESCRIPTION" : "Nova Network Options", - "PRE_CONDITION" : use_nova_network, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}, - {"GROUP_NAME" : "NOVA_NETWORK_VLAN", - "DESCRIPTION" : "Nova Network VLAN Options", - "PRE_CONDITION" : use_nova_network_vlan, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}, - ] - + {"GROUP_NAME": "NOVA", + "DESCRIPTION": "Nova Options", + "PRE_CONDITION": "CONFIG_NOVA_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NOVA_NETWORK", + "DESCRIPTION": "Nova Network Options", + "PRE_CONDITION": use_nova_network, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NOVA_NETWORK_VLAN", + "DESCRIPTION": "Nova Network VLAN Options", + "PRE_CONDITION": use_nova_network_vlan, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + ] for group in nova_groups: - paramList = nova_params[group["GROUP_NAME"]] - controller.addGroup(group, paramList) + params = nova_params[group["GROUP_NAME"]] + controller.addGroup(group, params) + def initSequences(controller): if controller.CONF['CONFIG_NOVA_INSTALL'] != 'y': return novaapisteps = [ - {'title': 'Adding Nova API manifest entries', 'functions':[createapimanifest]}, - {'title': 'Adding Nova Keystone manifest entries', 'functions':[createkeystonemanifest]}, - {'title': 'Adding Nova Cert manifest entries', 'functions':[createcertmanifest]}, - {'title': 'Adding Nova Conductor manifest entries', 'functions':[createconductormanifest]}, - {'title': 'Creating ssh keys for Nova migration', - 'functions':[create_ssh_keys]}, - {'title': 'Gathering ssh host keys for Nova migration', - 'functions':[gather_host_keys]}, - {'title': 'Adding Nova Compute manifest entries', 'functions':[createcomputemanifest]}, - {'title': 'Adding Nova Scheduler manifest entries', 'functions':[createschedmanifest]}, - {'title': 'Adding Nova VNC Proxy manifest entries', 'functions':[createvncproxymanifest]}, - {'title': 'Adding Nova Common manifest entries', 'functions':[createcommonmanifest]}, + {'title': 'Adding Nova API manifest entries', + 'functions': [create_api_manifest]}, + {'title': 'Adding Nova Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Nova Cert manifest entries', + 'functions': [create_cert_manifest]}, + {'title': 'Adding Nova Conductor manifest entries', + 'functions': [create_conductor_manifest]}, + {'title': 'Creating ssh keys for Nova migration', + 'functions': [create_ssh_keys]}, + {'title': 'Gathering ssh host keys for Nova migration', + 'functions': [gather_host_keys]}, + {'title': 'Adding Nova Compute manifest entries', + 'functions': [create_compute_manifest]}, + {'title': 'Adding Nova Scheduler manifest entries', + 'functions': [create_sched_manifest]}, + {'title': 'Adding Nova VNC Proxy manifest entries', + 'functions': [create_vncproxy_manifest]}, + {'title': 'Adding Nova Common manifest entries', + 'functions': [create_common_manifest]}, ] if controller.CONF['CONFIG_NEUTRON_INSTALL'] == 'y': - novaapisteps.append({'title': 'Adding Openstack Network-related Nova manifest entries', 'functions':[createneutronmanifest]}) - else: - novaapisteps.append({'title': 'Adding Nova Network manifest entries', 'functions':[createnetworkmanifest]}) - - controller.addSequence("Installing OpenStack Nova API", [], [], novaapisteps) - - -def createapimanifest(config): - # Since this step is running first, let's create necesary variables here - # and make them global - global compute_hosts, network_hosts - com_var = config.get("CONFIG_NOVA_COMPUTE_HOSTS", "") - compute_hosts = set([i.strip() for i in com_var.split(",") if i.strip()]) - net_var = config.get("CONFIG_NOVA_NETWORK_HOSTS", "") - network_hosts = set([i.strip() for i in net_var.split(",") if i.strip()]) - - # This is a hack around us needing to generate the neutron metadata - # password, but the nova puppet plugin uses the existence of that - # password to determine whether or not to configure neutron metadata - # proxy support. So the nova_api.pp template needs unquoted 'undef' - # to disable metadata support if neutron is not being installed. - if controller.CONF['CONFIG_NEUTRON_INSTALL'] != 'y': - controller.CONF['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = 'undef' + novaapisteps.append( + {'title': 'Adding Openstack Network-related Nova manifest entries', + 'functions': [create_neutron_manifest]} + ) else: - controller.CONF['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = \ - "'%s'" % controller.CONF['CONFIG_NEUTRON_METADATA_PW'] - manifestfile = "%s_api_nova.pp"%controller.CONF['CONFIG_NOVA_API_HOST'] - manifestdata = getManifestTemplate("nova_api.pp") - appendManifestFile(manifestfile, manifestdata, 'novaapi') - - -def createkeystonemanifest(config): - manifestfile = "%s_keystone.pp"%controller.CONF['CONFIG_KEYSTONE_HOST'] - manifestdata = getManifestTemplate("keystone_nova.pp") - appendManifestFile(manifestfile, manifestdata) - - -def createcertmanifest(config): - manifestfile = "%s_nova.pp"%controller.CONF['CONFIG_NOVA_CERT_HOST'] - manifestdata = getManifestTemplate("nova_cert.pp") - appendManifestFile(manifestfile, manifestdata) - + novaapisteps.append( + {'title': 'Adding Nova Network manifest entries', + 'functions': [create_network_manifest]} + ) + controller.addSequence("Installing OpenStack Nova API", [], [], + novaapisteps) -def createconductormanifest(config): - manifestfile = "%s_nova.pp"%controller.CONF['CONFIG_NOVA_CONDUCTOR_HOST'] - manifestdata = getManifestTemplate("nova_conductor.pp") - appendManifestFile(manifestfile, manifestdata) +#------------------------- helper functions ------------------------- def check_ifcfg(host, device): """ @@ -447,7 +360,9 @@ def bring_up_ifcfg(host, device): raise ScriptRuntimeError(msg) -def create_ssh_keys(config): +#-------------------------- step functions -------------------------- + +def create_ssh_keys(config, messages): migration_key = os.path.join(basedefs.VAR_DIR, 'nova_migration_key') # Generate key local = utils.ScriptRunner() @@ -463,7 +378,8 @@ def create_ssh_keys(config): config['NOVA_MIGRATION_KEY_PUBLIC'] = public.split()[1] config['NOVA_MIGRATION_KEY_SECRET'] = secret -def gather_host_keys(config): + +def gather_host_keys(config, messages): global compute_hosts for host in compute_hosts: @@ -472,7 +388,50 @@ def gather_host_keys(config): retcode, hostkey = local.execute() config['HOST_KEYS_%s' % host] = hostkey -def createcomputemanifest(config): + +def create_api_manifest(config, messages): + # Since this step is running first, let's create necesary variables here + # and make them global + global compute_hosts, network_hosts + com_var = config.get("CONFIG_COMPUTE_HOSTS", "") + compute_hosts = set([i.strip() for i in com_var.split(",") if i.strip()]) + net_var = config.get("CONFIG_NETWORK_HOSTS", "") + network_hosts = set([i.strip() for i in net_var.split(",") if i.strip()]) + + # This is a hack around us needing to generate the neutron metadata + # password, but the nova puppet plugin uses the existence of that + # password to determine whether or not to configure neutron metadata + # proxy support. So the nova_api.pp template needs unquoted 'undef' + # to disable metadata support if neutron is not being installed. + if config['CONFIG_NEUTRON_INSTALL'] != 'y': + config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = 'undef' + else: + config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = \ + "'%s'" % config['CONFIG_NEUTRON_METADATA_PW'] + manifestfile = "%s_api_nova.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("nova_api.pp") + appendManifestFile(manifestfile, manifestdata, 'novaapi') + + +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("keystone_nova.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_cert_manifest(config, messages): + manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("nova_cert.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_conductor_manifest(config, messages): + manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("nova_conductor.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_compute_manifest(config, messages): global compute_hosts, network_hosts ssh_hostkeys = '' @@ -482,15 +441,16 @@ def createcomputemanifest(config): except socket.herror: host_name, host_aliases, host_addrs = (host, [], []) - for hostkey in config['HOST_KEYS_%s' %host].split('\n'): + for hostkey in config['HOST_KEYS_%s' % host].split('\n'): hostkey = hostkey.strip() if not hostkey: continue _, host_key_type, host_key_data = hostkey.split() config['SSH_HOST_NAME'] = host_name - config['SSH_HOST_ALIASES'] = ','.join('"%s"' % addr - for addr in host_aliases + host_addrs) + config['SSH_HOST_ALIASES'] = ','.join( + '"%s"' % addr for addr in host_aliases + host_addrs + ) config['SSH_HOST_KEY'] = host_key_data config['SSH_HOST_KEY_TYPE'] = host_key_type ssh_hostkeys += getManifestTemplate("sshkey.pp") @@ -503,35 +463,35 @@ def createcomputemanifest(config): else: manifestdata += getManifestTemplate("nova_compute_libvirt.pp") if (config['CONFIG_VMWARE_BACKEND'] != 'y' and - config['CONFIG_CINDER_INSTALL'] == 'y' and - config['CONFIG_CINDER_BACKEND'] == 'gluster'): + config['CONFIG_CINDER_INSTALL'] == 'y' and + config['CONFIG_CINDER_BACKEND'] == 'gluster'): manifestdata += getManifestTemplate("nova_gluster.pp") if (config['CONFIG_VMWARE_BACKEND'] != 'y' and - config['CONFIG_CINDER_INSTALL'] == 'y' and - config['CONFIG_CINDER_BACKEND'] == 'nfs'): + config['CONFIG_CINDER_INSTALL'] == 'y' and + config['CONFIG_CINDER_BACKEND'] == 'nfs'): manifestdata += getManifestTemplate("nova_nfs.pp") manifestfile = "%s_nova.pp" % host nova_config_options = NovaConfig() if config['CONFIG_NEUTRON_INSTALL'] != 'y': if host not in network_hosts: - nova_config_options.addOption("DEFAULT/flat_interface", - config['CONFIG_NOVA_COMPUTE_PRIVIF']) + nova_config_options.addOption( + "DEFAULT/flat_interface", + config['CONFIG_NOVA_COMPUTE_PRIVIF'] + ) check_ifcfg(host, config['CONFIG_NOVA_COMPUTE_PRIVIF']) try: bring_up_ifcfg(host, config['CONFIG_NOVA_COMPUTE_PRIVIF']) except ScriptRuntimeError as ex: # just warn user to do it by himself - controller.MESSAGES.append(str(ex)) + messages.append(str(ex)) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': - manifestdata += getManifestTemplate(get_mq(config, "nova_ceilometer")) + mq_template = get_mq(config, "nova_ceilometer") + manifestdata += getManifestTemplate(mq_template) manifestdata += getManifestTemplate("nova_ceilometer.pp") - # According to the docs the only element that connects directly to nova compute - # is nova scheduler - # http://docs.openstack.org/developer/nova/nova.concepts.html#concept-system-architecture - config['FIREWALL_ALLOWED'] = "'%s'" % (config['CONFIG_NOVA_SCHED_HOST'].strip()) + config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = "nova compute" config['FIREWALL_SERVICE_ID'] = "nova_compute" config['FIREWALL_PORTS'] = "'5900-5999'" @@ -543,7 +503,7 @@ def createcomputemanifest(config): appendManifestFile(manifestfile, manifestdata) -def createnetworkmanifest(config): +def create_network_manifest(config, messages): global compute_hosts, network_hosts if config['CONFIG_NEUTRON_INSTALL'] == "y": return @@ -554,7 +514,7 @@ def createnetworkmanifest(config): ('CONFIG_NOVA_NETWORK_NUMBER', 1)]: config[key] = config.get(key, value) - api_host = config['CONFIG_NOVA_API_HOST'] + api_host = config['CONFIG_CONTROLLER_HOST'] multihost = len(network_hosts) > 1 config['CONFIG_NOVA_NETWORK_MULTIHOST'] = multihost and 'true' or 'false' for host in network_hosts: @@ -564,14 +524,14 @@ def createnetworkmanifest(config): bring_up_ifcfg(host, config[i]) except ScriptRuntimeError as ex: # just warn user to do it by himself - controller.MESSAGES.append(str(ex)) + messages.append(str(ex)) key = 'CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP' config[key] = config[key] == "y" # We need to explicitly set the network size routing_prefix = config['CONFIG_NOVA_NETWORK_FIXEDRANGE'].split('/')[1] - net_size = 2**(32 - int(routing_prefix)) + net_size = 2 ** (32 - int(routing_prefix)) config['CONFIG_NOVA_NETWORK_FIXEDSIZE'] = str(net_size) manifestfile = "%s_nova.pp" % host @@ -583,29 +543,24 @@ def createnetworkmanifest(config): appendManifestFile(manifestfile, manifestdata) -def createschedmanifest(config): - manifestfile = "%s_nova.pp"%controller.CONF['CONFIG_NOVA_SCHED_HOST'] +def create_sched_manifest(config, messages): + manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_sched.pp") appendManifestFile(manifestfile, manifestdata) -def createvncproxymanifest(config): - manifestfile = "%s_nova.pp"%controller.CONF['CONFIG_NOVA_VNCPROXY_HOST'] +def create_vncproxy_manifest(config, messages): + manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_vncproxy.pp") appendManifestFile(manifestfile, manifestdata) -def createcommonmanifest(config): +def create_common_manifest(config, messages): global compute_hosts, network_hosts network_type = (config['CONFIG_NEUTRON_INSTALL'] == "y" and 'neutron' or 'nova') network_multi = len(network_hosts) > 1 - dirty = [config.get('CONFIG_NOVA_CONDUCTOR_HOST'), - config.get('CONFIG_NOVA_API_HOST'), - config.get('CONFIG_NOVA_CERT_HOST'), - config.get('CONFIG_NOVA_VNCPROXY_HOST'), - config.get('CONFIG_NOVA_SCHED_HOST')] - dbacces_hosts = set([i.strip() for i in dirty if i and i.strip()]) + dbacces_hosts = set([config.get('CONFIG_CONTROLLER_HOST')]) dbacces_hosts |= network_hosts for manifestfile, marker in manifestfiles.getFiles(): @@ -625,10 +580,10 @@ def createcommonmanifest(config): # for nova-network in multihost mode each compute host is metadata # host otherwise we use api host if (network_type == 'nova' and network_multi and - host in compute_hosts): + host in compute_hosts): metadata = host else: - metadata = config['CONFIG_NOVA_API_HOST'] + metadata = config['CONFIG_CONTROLLER_HOST'] config['CONFIG_NOVA_METADATA_HOST'] = metadata data = getManifestTemplate(get_mq(config, "nova_common")) @@ -636,11 +591,12 @@ def createcommonmanifest(config): appendManifestFile(os.path.split(manifestfile)[1], data) -def createneutronmanifest(config): - if controller.CONF['CONFIG_NEUTRON_INSTALL'] != "y": +def create_neutron_manifest(config, messages): + if config['CONFIG_NEUTRON_INSTALL'] != "y": return - controller.CONF['CONFIG_NOVA_LIBVIRT_VIF_DRIVER'] = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + virt_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + config['CONFIG_NOVA_LIBVIRT_VIF_DRIVER'] = virt_driver for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): diff --git a/packstack/plugins/openstack_client_400.py b/packstack/plugins/openstack_client_400.py index d11597c08..5c3562171 100644 --- a/packstack/plugins/openstack_client_400.py +++ b/packstack/plugins/openstack_client_400.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures an OpenStack Client """ @@ -9,44 +11,24 @@ from packstack.installer import basedefs, output_messages from packstack.installer import utils -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name -PLUGIN_NAME = "OS-CLIENT" +PLUGIN_NAME = "OS-Client" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Client configuration") - paramsList = [ - {"CMD_OPTION" : "osclient-host", - "USAGE" : "The IP address of the server on which to install the OpenStack client packages. An admin \"rc\" file will also be installed", - "PROMPT" : "Enter the IP address of the client server", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_OSCLIENT_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - - groupDict = { "GROUP_NAME" : "NOVACLIENT", - "DESCRIPTION" : "NOVACLIENT Config parameters", - "PRE_CONDITION" : "CONFIG_CLIENT_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + +def initConfig(controller): + group = {"GROUP_NAME": "NOVACLIENT", + "DESCRIPTION": "NOVACLIENT Config parameters", + "PRE_CONDITION": "CONFIG_CLIENT_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, []) def initSequences(controller): @@ -54,13 +36,17 @@ def initSequences(controller): return osclientsteps = [ - {'title': 'Adding OpenStack Client manifest entries', 'functions':[createmanifest]} + {'title': 'Adding OpenStack Client manifest entries', + 'functions': [create_manifest]} ] - controller.addSequence("Installing OpenStack Client", [], [], osclientsteps) + controller.addSequence("Installing OpenStack Client", [], [], + osclientsteps) + +#-------------------------- step functions -------------------------- -def createmanifest(config): - client_host = config['CONFIG_OSCLIENT_HOST'].strip() +def create_manifest(config, messages): + client_host = config['CONFIG_CONTROLLER_HOST'].strip() manifestfile = "%s_osclient.pp" % client_host server = utils.ScriptRunner(client_host) @@ -83,9 +69,9 @@ def createmanifest(config): msg = ("File %s/keystonerc_admin has been created on OpenStack client host" " %s. To use the command line tools you need to source the file.") - controller.MESSAGES.append(msg % (root_home, client_host)) + messages.append(msg % (root_home, client_host)) if no_root_allinone: msg = ("Copy of keystonerc_admin file has been created for non-root " "user in %s.") - controller.MESSAGES.append(msg % homedir) + messages.append(msg % homedir) diff --git a/packstack/plugins/postscript_948.py b/packstack/plugins/postscript_948.py index 498ce23aa..9f90f7279 100644 --- a/packstack/plugins/postscript_948.py +++ b/packstack/plugins/postscript_948.py @@ -1,50 +1,52 @@ +# -*- coding: utf-8 -*- + """ Installs and configures an OpenStack Client """ import logging +from packstack.installer import utils + from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) -# Controller object will be initialized from main flow -controller = None - -# Plugin name -PLUGIN_NAME = "OS-POSTSCRIPT" -logging.debug("plugin %s loaded", __name__) +#------------------ oVirt installer initialization ------------------ -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Executing post run scripts") +PLUGIN_NAME = "Postscript" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') - groupDict = {"GROUP_NAME" : "POSTSCRIPT", - "DESCRIPTION" : "POSTSCRIPT Config parameters", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, []) +def initConfig(controller): + group = {"GROUP_NAME": "POSTSCRIPT", + "DESCRIPTION": "POSTSCRIPT Config parameters", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, []) def initSequences(controller): - osclientsteps = [ - {'title': 'Adding post install manifest entries', 'functions':[createmanifest]} + postscript_steps = [ + {'title': 'Adding post install manifest entries', + 'functions': [create_manifest]} ] - controller.addSequence("Running post install scripts", [], [], osclientsteps) + controller.addSequence("Running post install scripts", [], [], + postscript_steps) + +#-------------------------- step functions -------------------------- -def createmanifest(config): +def create_manifest(config, messages): for hostname in filtered_hosts(config): manifestfile = "%s_postscript.pp" % hostname manifestdata = getManifestTemplate("postscript.pp") appendManifestFile(manifestfile, manifestdata, 'postscript') if config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") != 'n': - config['EXT_BRIDGE_VAR'] = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-','_') + fmted = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-', '_') + config['EXT_BRIDGE_VAR'] = fmted manifestdata = getManifestTemplate("persist_ovs_bridge.pp") appendManifestFile(manifestfile, manifestdata, 'postscript') diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index fb4ec5131..089235a80 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Plugin responsible for setting OpenStack global options """ @@ -16,310 +18,399 @@ appendManifestFile) -# Controller object will be initialized from main flow -controller = None - -# Plugin name -PLUGIN_NAME = "OS-PRESCRIPT" - -logging.debug("plugin %s loaded", __name__) - - -def initConfig(controllerObject): - global controller - controller = controllerObject - - paramsList = [{"CMD_OPTION" : "ssh-public-key", - "USAGE" : "Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again", - "PROMPT" : "Enter the path to your ssh Public key to install on servers", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_file, - validators.validate_sshkey], - "PROCESSORS" : [processors.process_ssh_key], - "DEFAULT_VALUE" : (glob.glob(os.path.join(os.environ["HOME"], ".ssh/*.pub"))+[""])[0], - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SSH_KEY", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-mysql-install", - "USAGE" : "Set to 'y' if you would like Packstack to install MySQL", - "PROMPT" : "Should Packstack install MySQL DB", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_MYSQL_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-glance-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Image Service (Glance)", - "PROMPT" : "Should Packstack install OpenStack Image Service (Glance)", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_GLANCE_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-cinder-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Block Storage (Cinder)", - "PROMPT" : "Should Packstack install OpenStack Block Storage (Cinder) service", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CINDER_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-nova-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Compute (Nova)", - "PROMPT" : "Should Packstack install OpenStack Compute (Nova) service", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NOVA_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-neutron-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron)", - "PROMPT" : "Should Packstack install OpenStack Networking (Neutron) service", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NEUTRON_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-horizon-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Dashboard (Horizon)", - "PROMPT" : "Should Packstack install OpenStack Dashboard (Horizon)", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HORIZON_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Object Storage (Swift)", - "PROMPT" : "Should Packstack install OpenStack Object Storage (Swift)", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SWIFT_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-ceilometer-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer)", - "PROMPT" : "Should Packstack install OpenStack Metering (Ceilometer)", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CEILOMETER_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-heat-install", - "USAGE" : "Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat)", - "PROMPT" : "Should Packstack install OpenStack Orchestration (Heat)", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_HEAT_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-client-install", - "USAGE" : "Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin \"rc\" file will also be installed", - "PROMPT" : "Should Packstack install OpenStack client tools", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_CLIENT_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "ntp-servers", - "USAGE" : "Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances.", - "PROMPT" : "Enter a comma separated list of NTP server(s). Leave plain if Packstack should not install ntpd on instances.", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : '', - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NTP_SERVERS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "nagios-install", - "USAGE" : "Set to 'y' if you would like Packstack to install Nagios to monitor OpenStack hosts", - "PROMPT" : "Should Packstack install Nagios to monitor OpenStack hosts", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : 'y', - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_NAGIOS_INSTALL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "exclude-servers", - "USAGE" : "Comma separated list of servers to be excluded from installation in case you are running Packstack the second time with the same answer file and don't want Packstack to touch these servers. Leave plain if you don't need to exclude any server.", - "PROMPT" : "Enter a comma separated list of server(s) to be excluded. Leave plain if you don't need to exclude any server.", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : '', - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "EXCLUDE_SERVERS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-debug-mode", - "USAGE" : ("Set to 'y' if you want to run " - "OpenStack services in debug mode. " - "Otherwise set to 'n'."), - "PROMPT" : ("Do you want to run OpenStack services" - " in debug mode"), - "OPTION_LIST" : ["y", "n"], - "DEFAULT_VALUE" : "n", - "VALIDATORS" : [validators.validate_options], - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_DEBUG_MODE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-vmware", - "USAGE" : ("Set to 'y' if you want to use " - "VMware vCenter as hypervisor and storage" - "Otherwise set to 'n'."), - "PROMPT" : ("Do you want to use VMware vCenter as" - " hypervisor and datastore"), - "OPTION_LIST" : ["y","n"], - "DEFAULT_VALUE" : "n", - "VALIDATORS" : [validators.validate_options], - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_VMWARE_BACKEND", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ] - groupDict = { "GROUP_NAME" : "GLOBAL", - "DESCRIPTION" : "Global Options", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - controller.addGroup(groupDict, paramsList) +#------------------ oVirt installer initialization ------------------ + +PLUGIN_NAME = "Prescript" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') + + +def initConfig(controller): + default_ssh_key = os.path.join(os.environ["HOME"], ".ssh/*.pub") + default_ssh_key = (glob.glob(default_ssh_key) + [""])[0] + params = [ + {"CMD_OPTION": "ssh-public-key", + "USAGE": ("Path to a Public key to install on servers. If a usable " + "key has not been installed on the remote servers the user " + "will be prompted for a password and this key will be " + "installed so the password will not be required again"), + "PROMPT": ("Enter the path to your ssh Public key to install " + "on servers"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_file, validators.validate_sshkey], + "PROCESSORS": [processors.process_ssh_key], + "DEFAULT_VALUE": default_ssh_key, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SSH_KEY", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "mysql-install", + "USAGE": "Set to 'y' if you would like Packstack to install MySQL", + "PROMPT": "Should Packstack install MySQL DB", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MYSQL_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-glance-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Image Service (Glance)"), + "PROMPT": "Should Packstack install OpenStack Image Service (Glance)", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_GLANCE_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-cinder-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Block Storage (Cinder)"), + "PROMPT": ("Should Packstack install OpenStack Block Storage " + "(Cinder) service"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-nova-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Compute (Nova)"), + "PROMPT": "Should Packstack install OpenStack Compute (Nova) service", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Networking (Neutron). Otherwise Nova Network " + "will be used."), + "PROMPT": ("Should Packstack install OpenStack Networking (Neutron) " + "service"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NEUTRON_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-horizon-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Dashboard (Horizon)"), + "PROMPT": "Should Packstack install OpenStack Dashboard (Horizon)", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HORIZON_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Object Storage (Swift)"), + "PROMPT": "Should Packstack install OpenStack Object Storage (Swift)", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SWIFT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-ceilometer-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Metering (Ceilometer)"), + "PROMPT": "Should Packstack install OpenStack Metering (Ceilometer)", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CEILOMETER_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "OpenStack Orchestration (Heat)"), + "PROMPT": "Should Packstack install OpenStack Orchestration (Heat)", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HEAT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-client-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "the OpenStack Client packages. An admin \"rc\" file will " + "also be installed"), + "PROMPT": "Should Packstack install OpenStack client tools", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CLIENT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "ntp-servers", + "USAGE": ("Comma separated list of NTP servers. Leave plain if " + "Packstack should not install ntpd on instances."), + "PROMPT": ("Enter a comma separated list of NTP server(s). Leave " + "plain if Packstack should not install ntpd " + "on instances."), + "OPTION_LIST": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NTP_SERVERS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "nagios-install", + "USAGE": ("Set to 'y' if you would like Packstack to install Nagios " + "to monitor OpenStack hosts"), + "PROMPT": ("Should Packstack install Nagios to monitor OpenStack " + "hosts"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'y', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NAGIOS_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "exclude-servers", + "USAGE": ("Comma separated list of servers to be excluded from " + "installation in case you are running Packstack the second " + "time with the same answer file and don't want Packstack " + "to touch these servers. Leave plain if you don't need to " + "exclude any server."), + "PROMPT": ("Enter a comma separated list of server(s) to be excluded." + " Leave plain if you don't need to exclude any server."), + "OPTION_LIST": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "EXCLUDE_SERVERS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-debug-mode", + "USAGE": ("Set to 'y' if you want to run OpenStack services in debug " + "mode. Otherwise set to 'n'."), + "PROMPT": "Do you want to run OpenStack services in debug mode", + "OPTION_LIST": ["y", "n"], + "DEFAULT_VALUE": "n", + "VALIDATORS": [validators.validate_options], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_DEBUG_MODE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_CONTROLLER_HOST", + "CMD_OPTION": "os-controller-host", + "USAGE": ("The IP address of the server on which to install OpenStack" + " services specific to controller role such as API servers," + " Horizon, etc."), + "PROMPT": "Enter the IP address of the controller host", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip, + validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_COMPUTE_HOSTS", + "CMD_OPTION": "os-compute-hosts", + "USAGE": ("The list of IP addresses of the server on which to install" + " the Nova compute service"), + "PROMPT": ("Enter list of IP addresses on which to install compute " + "service"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_multi_ip, + validators.validate_multi_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_NETWORK_HOSTS", + "CMD_OPTION": "os-network-hosts", + "USAGE": ("The list of IP addresses of the server on which " + "to install the network service such as Nova " + "network or Neutron"), + "PROMPT": ("Enter list of IP addresses on which to install " + "network service"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_multi_ip, + validators.validate_multi_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-vmware", + "USAGE": ("Set to 'y' if you want to use VMware vCenter as hypervisor" + " and storage. Otherwise set to 'n'."), + "PROMPT": ("Do you want to use VMware vCenter as hypervisor and " + "datastore"), + "OPTION_LIST": ["y", "n"], + "DEFAULT_VALUE": "n", + "VALIDATORS": [validators.validate_options], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_VMWARE_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "GLOBAL", + "DESCRIPTION": "Global Options", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) def use_vcenter(config): - return (config['CONFIG_NOVA_INSTALL'] == 'y' and + return (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'y') - paramsList = [ - {"CMD_OPTION" : "vcenter-host", - "USAGE" : ("The IP address of the VMware vCenter server"), - "PROMPT" : ("Enter the IP address of the VMware vCenter server to use with Nova"), - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_ip], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_VCENTER_HOST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "vcenter-username", - "USAGE" : ("The username to authenticate to VMware vCenter server"), - "PROMPT" : ("Enter the username to authenticate on VMware vCenter server"), - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_VCENTER_USER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False,}, - {"CMD_OPTION" : "vcenter-password", - "USAGE" : ("The password to authenticate to VMware vCenter server"), - "PROMPT" : ("Enter the password to authenticate on VMware vCenter server"), - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_VCENTER_PASSWORD", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False,}, - {"CMD_OPTION" : "vcenter-cluster", - "USAGE" : ("The name of the vCenter cluster"), - "PROMPT" : ("Enter the name of the vCenter datastore"), - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_VCENTER_CLUSTER_NAME", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False,}, - ] - - groupDict = {"GROUP_NAME" : "VMWARE", - "DESCRIPTION" : "vCenter Config Parameters", - "PRE_CONDITION" : use_vcenter, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) + params = [ + {"CMD_OPTION": "vcenter-host", + "USAGE": "The IP address of the VMware vCenter server", + "PROMPT": ("Enter the IP address of the VMware vCenter server to use " + "with Nova"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "vcenter-username", + "USAGE": "The username to authenticate to VMware vCenter server", + "PROMPT": ("Enter the username to authenticate on VMware " + "vCenter server"), + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "vcenter-password", + "USAGE": "The password to authenticate to VMware vCenter server", + "PROMPT": ("Enter the password to authenticate on VMware " + "vCenter server"), + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "vcenter-cluster", + "USAGE": "The name of the vCenter cluster", + "PROMPT": "Enter the name of the vCenter datastore", + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_CLUSTER_NAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "VMWARE", + "DESCRIPTION": "vCenter Config Parameters", + "PRE_CONDITION": use_vcenter, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + def initSequences(controller): prescript_steps = [ {'title': 'Setting up ssh keys', - 'functions':[install_keys]}, + 'functions': [install_keys]}, {'title': 'Discovering hosts\' details', - 'functions': [discover]}, + 'functions': [discover]}, {'title': 'Adding pre install manifest entries', - 'functions':[create_manifest]}, + 'functions': [create_manifest]}, ] if controller.CONF['CONFIG_NTP_SERVERS']: - prescript_steps.append({ - 'title': 'Installing time synchronization via NTP', - 'functions': [create_ntp_manifest], - }) + prescript_steps.append( + {'title': 'Installing time synchronization via NTP', + 'functions': [create_ntp_manifest]}) else: - controller.MESSAGES.append('Time synchronization installation ' - 'was skipped. Please note that ' - 'unsynchronized time on server ' - 'instances might be problem for ' - 'some OpenStack components.') + controller.MESSAGES.append('Time synchronization installation was ' + 'skipped. Please note that unsynchronized ' + 'time on server instances might be problem ' + 'for some OpenStack components.') controller.addSequence("Running pre install scripts", [], [], prescript_steps) -def install_keys(config): +#-------------------------- step functions -------------------------- + +def install_keys(config, messages): with open(config["CONFIG_SSH_KEY"]) as fp: sshkeydata = fp.read().strip() for hostname in filtered_hosts(config): @@ -337,7 +428,7 @@ def install_keys(config): server.execute() -def discover(config): +def discover(config, messages): """ Discovers details about hosts. """ @@ -382,7 +473,7 @@ def discover(config): config['HOST_DETAILS'] = details -def create_manifest(config): +def create_manifest(config, messages): key = 'CONFIG_DEBUG_MODE' config[key] = config[key] == 'y' and 'true' or 'false' @@ -392,7 +483,7 @@ def create_manifest(config): appendManifestFile(manifestfile, manifestdata) -def create_ntp_manifest(config): +def create_ntp_manifest(config, messages): srvlist = [i.strip() for i in config['CONFIG_NTP_SERVERS'].split(',') if i.strip()] diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 1e3dc023a..8c7d809d8 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -1,9 +1,12 @@ +# -*- coding: utf-8 -*- + """ Installs and configures neutron """ import logging +from packstack.installer import utils from packstack.installer import validators from packstack.modules.common import is_all_in_one @@ -11,118 +14,111 @@ getManifestTemplate) -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name PLUGIN_NAME = "OS-Provision" - -logging.debug("plugin %s loaded", __name__) +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -def initConfig(controllerObject): - global controller - controller = controllerObject - - logging.debug("Provisioning OpenStack resources for demo usage and testing") +def initConfig(controller): def process_provision(param, process_args=None): return param if is_all_in_one(controller.CONF) else 'n' conf_params = { - "PROVISION_INIT" : [ - {"CMD_OPTION" : "provision-demo", - "USAGE" : ("Whether to provision for demo usage and testing. Note " - "that provisioning is only supported for all-in-one " - "installations."), - "PROMPT" : "Would you like to provision for demo usage and testing?", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "PROCESSORS" : [process_provision], - "DEFAULT_VALUE" : "y", - "MASK_INPUT" : False, + "PROVISION_INIT": [ + {"CMD_OPTION": "provision-demo", + "USAGE": ("Whether to provision for demo usage and testing. Note " + "that provisioning is only supported for all-in-one " + "installations."), + "PROMPT": ("Would you like to provision for demo usage " + "and testing"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_PROVISION_DEMO", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "provision-tempest", - "USAGE" : ("Whether to configure tempest for testing. Note " - "that provisioning is only supported for all-in-one " - "installations."), - "PROMPT" : "Would you like to configure Tempest (OpenStack test suite)?", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "PROCESSORS" : [process_provision], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_PROVISION_DEMO", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "provision-tempest", + "USAGE": "Whether to configure tempest for testing", + "PROMPT": ("Would you like to configure Tempest (OpenStack test " + "suite). Note that provisioning is only supported for " + "all-in-one installations."), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_PROVISION_TEMPEST", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, + "CONF_NAME": "CONFIG_PROVISION_TEMPEST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], - "PROVISION_DEMO" : [ - {"CMD_OPTION" : "provision-demo-floatrange", - "USAGE" : "The CIDR network address for the floating IP subnet", - "PROMPT" : "Enter the network address for the floating IP subnet:", - "OPTION_LIST" : False, - "VALIDATORS" : False, - "DEFAULT_VALUE" : "172.24.4.224/28", - "MASK_INPUT" : False, + + "PROVISION_DEMO": [ + {"CMD_OPTION": "provision-demo-floatrange", + "USAGE": "The CIDR network address for the floating IP subnet", + "PROMPT": "Enter the network address for the floating IP subnet", + "OPTION_LIST": False, + "VALIDATORS": False, + "DEFAULT_VALUE": "172.24.4.224/28", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_PROVISION_DEMO_FLOATRANGE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, + "CONF_NAME": "CONFIG_PROVISION_DEMO_FLOATRANGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], - "TEMPEST_GIT_REFS" : [ - {"CMD_OPTION" : "provision-tempest-repo-uri", - "USAGE" : "The uri of the tempest git repository to use", - "PROMPT" : "What is the uri of the Tempest git repository?", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "https://github.com/openstack/tempest.git", - "MASK_INPUT" : False, + + "TEMPEST_GIT_REFS": [ + {"CMD_OPTION": "provision-tempest-repo-uri", + "USAGE": "The uri of the tempest git repository to use", + "PROMPT": "What is the uri of the Tempest git repository?", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "https://github.com/openstack/tempest.git", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_PROVISION_TEMPEST_REPO_URI", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "provision-tempest-repo-revision", - "USAGE" : "The revision of the tempest git repository to use", - "PROMPT" : "What revision, branch, or tag of the Tempest git repository should be used?", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : "master", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_PROVISION_TEMPEST_REPO_URI", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "provision-tempest-repo-revision", + "USAGE": "The revision of the tempest git repository to use", + "PROMPT": ("What revision, branch, or tag of the Tempest git " + "repository should be used"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "master", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_PROVISION_TEMPEST_REPO_REVISION", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - "PROVISION_ALL_IN_ONE_OVS_BRIDGE" : [ - {"CMD_OPTION" : "provision-all-in-one-ovs-bridge", - "USAGE" : "Whether to configure the ovs external bridge in an all-in-one deployment", - "PROMPT" : "Would you like to configure the external ovs bridge?", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, + "CONF_NAME": "CONFIG_PROVISION_TEMPEST_REPO_REVISION", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "PROVISION_ALL_IN_ONE_OVS_BRIDGE": [ + {"CMD_OPTION": "provision-all-in-one-ovs-bridge", + "USAGE": ("Whether to configure the ovs external bridge in an " + "all-in-one deployment"), + "PROMPT": "Would you like to configure the external ovs bridge", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - ], - } - - def allow_provisioning(config): - # Provisioning is currently supported only for all-in-one (due - # to a limitation with how the custom types for OpenStack - # resources are implemented). - return is_all_in_one(config) + "CONF_NAME": "CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + } def check_provisioning_demo(config): return (allow_provisioning(config) and @@ -130,39 +126,42 @@ def check_provisioning_demo(config): config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y')) def check_provisioning_tempest(config): - return allow_provisioning(config) and \ - config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y' + return (allow_provisioning(config) and + config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') def allow_all_in_one_ovs_bridge(config): - return allow_provisioning(config) and \ - config['CONFIG_NEUTRON_INSTALL'] == 'y' and \ - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch' + return (allow_provisioning(config) and + config['CONFIG_NEUTRON_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch') conf_groups = [ - { "GROUP_NAME" : "PROVISION_INIT", - "DESCRIPTION" : "Provisioning demo config", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "PROVISION_DEMO", - "DESCRIPTION" : "Provisioning demo config", - "PRE_CONDITION" : check_provisioning_demo, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "TEMPEST_GIT_REFS", - "DESCRIPTION" : "Optional tempest git uri and branch", - "PRE_CONDITION" : check_provisioning_tempest, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, - { "GROUP_NAME" : "PROVISION_ALL_IN_ONE_OVS_BRIDGE", - "DESCRIPTION" : "Provisioning all-in-one ovs bridge config", - "PRE_CONDITION" : allow_all_in_one_ovs_bridge, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True }, + {"GROUP_NAME": "PROVISION_INIT", + "DESCRIPTION": "Provisioning demo config", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "PROVISION_DEMO", + "DESCRIPTION": "Provisioning demo config", + "PRE_CONDITION": allow_provisioning, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "TEMPEST_GIT_REFS", + "DESCRIPTION": "Optional tempest git uri and branch", + "PRE_CONDITION": check_provisioning_tempest, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "PROVISION_ALL_IN_ONE_OVS_BRIDGE", + "DESCRIPTION": "Provisioning all-in-one ovs bridge config", + "PRE_CONDITION": allow_all_in_one_ovs_bridge, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, ] for group in conf_groups: paramList = conf_params[group["GROUP_NAME"]] @@ -182,41 +181,50 @@ def allow_all_in_one_ovs_bridge(config): controller.CONF[param.CONF_NAME] = value -def marshall_conf_bool(conf, key): - if conf[key] == 'y': - conf[key] = 'true' - else: - conf[key] = 'false' - - def initSequences(controller): + config = controller.CONF provisioning_required = ( - controller.CONF['CONFIG_PROVISION_DEMO'] == 'y' + config['CONFIG_PROVISION_DEMO'] == 'y' or - controller.CONF['CONFIG_PROVISION_TEMPEST'] == 'y' + config['CONFIG_PROVISION_TEMPEST'] == 'y' ) - if not provisioning_required: + + if not provisioning_required or not allow_provisioning(config): return - marshall_conf_bool(controller.CONF, 'CONFIG_PROVISION_TEMPEST') - marshall_conf_bool(controller.CONF, - 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') + + marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') + marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') + provision_steps = [ - { - 'title': 'Adding Provisioning manifest entries', - 'functions': [create_manifest], - } + {'title': 'Adding Provisioning manifest entries', + 'functions': [create_manifest]} ] controller.addSequence("Provisioning for Demo and Testing Usage", [], [], provision_steps) -def create_manifest(config): +#------------------------- helper functions ------------------------- + +def marshall_conf_bool(conf, key): + if conf[key] == 'y': + conf[key] = 'true' + else: + conf[key] = 'false' + + +def allow_provisioning(config): + # Provisioning is currently supported only for all-in-one (due + # to a limitation with how the custom types for OpenStack + # resources are implemented). + return is_all_in_one(config) + + +#-------------------------- step functions -------------------------- + +def create_manifest(config, messages): # Using the neutron or nova api servers as the provisioning target # will suffice for the all-in-one case. - if config['CONFIG_NEUTRON_INSTALL'] == "y": - host = config['CONFIG_NEUTRON_SERVER_HOST'] - else: - host = config['CONFIG_NOVA_API_HOST'] + if config['CONFIG_NEUTRON_INSTALL'] != "y": # The provisioning template requires the name of the external # bridge but the value will be missing if neutron isn't # configured to be installed. @@ -228,6 +236,6 @@ def create_manifest(config): config['PROVISION_NEUTRON_AVAILABLE'] = config['CONFIG_NEUTRON_INSTALL'] marshall_conf_bool(config, 'PROVISION_NEUTRON_AVAILABLE') - manifest_file = '%s_provision.pp' % host + manifest_file = '%s_provision.pp' % config['CONFIG_CONTROLLER_HOST'] manifest_data = getManifestTemplate("provision.pp") appendManifestFile(manifest_file, manifest_data) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 114a4883f..def85bc65 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -3,6 +3,7 @@ """ Installs and configures puppet """ + import sys import logging import os @@ -17,62 +18,117 @@ from packstack.modules.ospluginutils import manifestfiles from packstack.modules.puppet import scan_logfile, validate_logfile -# Controller object will be initialized from main flow -controller = None -# Plugin name -PLUGIN_NAME = "OSPUPPET" +#------------------ oVirt installer initialization ------------------ + +PLUGIN_NAME = "Puppet" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) -PUPPET_DIR = os.environ.get('PACKSTACK_PUPPETDIR', '/usr/share/openstack-puppet/') +PUPPET_DIR = os.environ.get('PACKSTACK_PUPPETDIR', + '/usr/share/openstack-puppet/') MODULE_DIR = os.path.join(PUPPET_DIR, 'modules') -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Puppet configuration") - paramsList = [ - ] - - groupDict = {"GROUP_NAME" : "PUPPET", - "DESCRIPTION" : "Puppet Config parameters", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - controller.addGroup(groupDict, paramsList) +def initConfig(controller): + group = {"GROUP_NAME": "PUPPET", + "DESCRIPTION": "Puppet Config parameters", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, []) def initSequences(controller): puppetpresteps = [ - {'title': 'Clean Up', 'functions':[runCleanup]}, + {'title': 'Clean Up', 'functions': [run_cleanup]}, ] controller.insertSequence("Clean Up", [], [], puppetpresteps, index=0) puppetsteps = [ {'title': 'Installing Dependencies', - 'functions': [installdeps]}, + 'functions': [install_deps]}, {'title': 'Copying Puppet modules and manifests', - 'functions': [copyPuppetModules]}, + 'functions': [copy_puppet_modules]}, {'title': 'Applying Puppet manifests', - 'functions': [applyPuppetManifest]}, + 'functions': [apply_puppet_manifest]}, {'title': 'Finalizing', 'functions': [finalize]} ] controller.addSequence("Puppet", [], [], puppetsteps) -def runCleanup(config): +#------------------------- helper functions ------------------------- + +def wait_for_puppet(currently_running, messages): + log_len = 0 + twirl = ["-", "\\", "|", "/"] + while currently_running: + for hostname, finished_logfile in currently_running: + log_file = os.path.splitext(os.path.basename(finished_logfile))[0] + space_len = basedefs.SPACE_LEN - len(log_file) + if len(log_file) > log_len: + log_len = len(log_file) + if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): + twirl = twirl[-1:] + twirl[:-1] + sys.stdout.write(("\rTesting if puppet apply is finished: %s" + % log_file).ljust(40 + log_len)) + sys.stdout.write("[ %s ]" % twirl[0]) + sys.stdout.flush() + try: + # Once a remote puppet run has finished, we retrieve the log + # file and check it for errors + local_server = utils.ScriptRunner() + log = os.path.join(basedefs.PUPPET_MANIFEST_DIR, + os.path.basename(finished_logfile)) + log = log.replace(".finished", ".log") + local_server.append('scp -o StrictHostKeyChecking=no ' + '-o UserKnownHostsFile=/dev/null ' + 'root@%s:%s %s' + % (hostname, finished_logfile, log)) + # To not pollute logs we turn of logging of command execution + local_server.execute(log=False) + + # If we got to this point the puppet apply has finished + currently_running.remove((hostname, finished_logfile)) + + # clean off the last "testing apply" msg + if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): + sys.stdout.write(("\r").ljust(45 + log_len)) + + except ScriptRuntimeError: + # the test raises an exception if the file doesn't exist yet + # TO-DO: We need to start testing 'e' for unexpected exceptions + time.sleep(3) + continue + + # check log file for relevant notices + messages.extend(scan_logfile(log)) + + # check the log file for errors + sys.stdout.write('\r') + try: + validate_logfile(log) + state = utils.state_message('%s:' % log_file, 'DONE', 'green') + sys.stdout.write('%s\n' % state) + sys.stdout.flush() + except PuppetError: + state = utils.state_message('%s:' % log_file, 'ERROR', 'red') + sys.stdout.write('%s\n' % state) + sys.stdout.flush() + raise + + +#-------------------------- step functions -------------------------- + +def run_cleanup(config, messages): localserver = utils.ScriptRunner() localserver.append("rm -rf %s/*pp" % basedefs.PUPPET_MANIFEST_DIR) localserver.execute() -def installdeps(config): +def install_deps(config, messages): deps = ["puppet", "openssh-clients", "tar", "nc"] modules_pkg = 'openstack-puppet-modules' @@ -91,18 +147,19 @@ def installdeps(config): for hostname in filtered_hosts(config): server = utils.ScriptRunner(hostname) for package in deps: - server.append("rpm -q --whatprovides %s || yum install -y %s" % (package, package)) + server.append("rpm -q --whatprovides %s || yum install -y %s" + % (package, package)) server.execute() -def copyPuppetModules(config): +def copy_puppet_modules(config, messages): os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder', 'concat', 'firewall', 'glance', 'heat', 'horizon', 'inifile', 'keystone', 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', - 'packstack', 'qpid', 'rabbitmq', 'rsync', 'ssh', 'stdlib', - 'swift', 'sysctl', 'tempest', 'vcsrepo', 'vlan', - 'vswitch', 'xinetd')) + 'packstack', 'qpid', 'rabbitmq', 'rsync', 'ssh', + 'stdlib', 'swift', 'sysctl', 'tempest', 'vcsrepo', + 'vlan', 'vswitch', 'xinetd')) # write puppet manifest to disk manifestfiles.writeManifests() @@ -115,80 +172,29 @@ def copyPuppetModules(config): server.append("cd %s" % basedefs.PUPPET_MANIFEST_DIR) server.append("tar --dereference -cpzf - ../manifests | " "ssh -o StrictHostKeyChecking=no " - "-o UserKnownHostsFile=/dev/null " - "root@%s tar -C %s -xpzf -" % (hostname, host_dir)) + "-o UserKnownHostsFile=/dev/null " + "root@%s tar -C %s -xpzf -" % (hostname, host_dir)) # copy resources - for path, localname in controller.resources.get(hostname, []): + resources = config.get('RESOURCES', {}) + for path, localname in resources.get(hostname, []): server.append("scp -o StrictHostKeyChecking=no " - "-o UserKnownHostsFile=/dev/null %s root@%s:%s/resources/%s" % - (path, hostname, host_dir, localname)) + "-o UserKnownHostsFile=/dev/null " + "%s root@%s:%s/resources/%s" % + (path, hostname, host_dir, localname)) # copy Puppet modules required by Packstack server.append("cd %s" % MODULE_DIR) server.append("tar --dereference -cpzf - %s | " "ssh -o StrictHostKeyChecking=no " - "-o UserKnownHostsFile=/dev/null " - "root@%s tar -C %s -xpzf -" % - (os_modules, hostname, os.path.join(host_dir, 'modules'))) + "-o UserKnownHostsFile=/dev/null " + "root@%s tar -C %s -xpzf -" % + (os_modules, hostname, + os.path.join(host_dir, 'modules'))) server.execute() -def waitforpuppet(currently_running): - global controller - log_len = 0 - twirl = ["-","\\","|","/"] - while currently_running: - for hostname, finished_logfile in currently_running: - log_file = os.path.splitext(os.path.basename(finished_logfile))[0] - if len(log_file) > log_len: - log_len = len(log_file) - if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): - twirl = twirl[-1:] + twirl[:-1] - sys.stdout.write(("\rTesting if puppet apply is finished: %s" % log_file).ljust(40 + log_len)) - sys.stdout.write("[ %s ]" % twirl[0]) - sys.stdout.flush() - try: - # Once a remote puppet run has finished, we retrieve the log - # file and check it for errors - local_server = utils.ScriptRunner() - log = os.path.join(basedefs.PUPPET_MANIFEST_DIR, - os.path.basename(finished_logfile).replace(".finished", ".log")) - local_server.append('scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@%s:%s %s' % (hostname, finished_logfile, log)) - # To not pollute logs we turn of logging of command execution - local_server.execute(log=False) - - # If we got to this point the puppet apply has finished - currently_running.remove((hostname, finished_logfile)) - - # clean off the last "testing apply" msg - if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): - sys.stdout.write(('\r').ljust(45 + log_len)) - - except ScriptRuntimeError: - # the test raises an exception if the file doesn't exist yet - # TO-DO: We need to start testing 'e' for unexpected exceptions - time.sleep(3) - continue - - # check log file for relevant notices - controller.MESSAGES.extend(scan_logfile(log)) - - # check the log file for errors - sys.stdout.write('\r') - try: - validate_logfile(log) - state = utils.state_message('%s:' % log_file, 'DONE', 'green') - sys.stdout.write('%s\n' % state) - sys.stdout.flush() - except PuppetError: - state = utils.state_message('%s:' % log_file, 'ERROR', 'red') - sys.stdout.write('%s\n' % state) - sys.stdout.flush() - raise - - -def applyPuppetManifest(config): +def apply_puppet_manifest(config, messages): if config.get("DRY_RUN"): return currently_running = [] @@ -201,8 +207,8 @@ def applyPuppetManifest(config): for manifest, marker in manifestfiles.getFiles(): # if the marker has changed then we don't want to proceed until # all of the previous puppet runs have finished - if lastmarker != None and lastmarker != marker: - waitforpuppet(currently_running) + if lastmarker is not None and lastmarker != marker: + wait_for_puppet(currently_running, messages) lastmarker = marker for hostname in filtered_hosts(config): @@ -220,22 +226,24 @@ def applyPuppetManifest(config): running_logfile = "%s.running" % man_path finished_logfile = "%s.finished" % man_path currently_running.append((hostname, finished_logfile)) - # The apache puppet module doesn't work if we set FACTERLIB - # https://github.com/puppetlabs/puppetlabs-apache/pull/138 - if not (manifest.endswith('_horizon.pp') or manifest.endswith('_nagios.pp')): - server.append("export FACTERLIB=$FACTERLIB:%s/facts" % host_dir) + server.append("touch %s" % running_logfile) server.append("chmod 600 %s" % running_logfile) server.append("export PACKSTACK_VAR_DIR=%s" % host_dir) - command = "( flock %s/ps.lock puppet apply %s --modulepath %s/modules %s > %s 2>&1 < /dev/null ; mv %s %s ) > /dev/null 2>&1 < /dev/null &" % (host_dir, loglevel, host_dir, man_path, running_logfile, running_logfile, finished_logfile) - server.append(command) + cmd = ("( flock %s/ps.lock " + "puppet apply %s --modulepath %s/modules %s > %s " + "2>&1 < /dev/null ; " + "mv %s %s ) > /dev/null 2>&1 < /dev/null &" + % (host_dir, loglevel, host_dir, man_path, running_logfile, + running_logfile, finished_logfile)) + server.append(cmd) server.execute(log=logcmd) # wait for outstanding puppet runs befor exiting - waitforpuppet(currently_running) + wait_for_puppet(currently_running, messages) -def finalize(config): +def finalize(config, messages): for hostname in filtered_hosts(config): server = utils.ScriptRunner(hostname) server.append("installed=$(rpm -q kernel --last | head -n1 | " @@ -245,5 +253,5 @@ def finalize(config): try: rc, out = server.execute() except ScriptRuntimeError: - controller.MESSAGES.append('Because of the kernel update the host ' - '%s requires reboot.' % hostname) + messages.append('Because of the kernel update the host %s ' + 'requires reboot.' % hostname) diff --git a/packstack/plugins/serverprep_949.py b/packstack/plugins/serverprep_949.py index 372a1f039..f4018a7d0 100644 --- a/packstack/plugins/serverprep_949.py +++ b/packstack/plugins/serverprep_949.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ prepare server """ @@ -15,218 +17,215 @@ from packstack.modules.common import filtered_hosts, is_all_in_one -# Controller object will be initialized from main flow -controller = None -# Plugin name +#------------------ oVirt installer initialization ------------------ + PLUGIN_NAME = "OS-SERVERPREPARE" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding SERVERPREPARE KEY configuration") +def initConfig(controller): conf_params = { - "SERVERPREPARE": [ - {"CMD_OPTION" : "use-epel", - "USAGE" : "To subscribe each server to EPEL enter \"y\"", - "PROMPT" : "To subscribe each server to EPEL enter \"y\"", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_USE_EPEL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "additional-repo", - "USAGE" : "A comma separated list of URLs to any additional yum repositories to install", - "PROMPT" : "Enter a comma separated list of URLs to any additional yum repositories to install", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_REPO", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }], - - "RHEL": [ - {"CMD_OPTION" : "rh-username", - "USAGE" : "To subscribe each server with Red Hat subscription manager, include this with CONFIG_RH_PW", - "PROMPT" : "To subscribe each server to Red Hat enter a username here", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_RH_USER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rh-password", - "USAGE" : "To subscribe each server with Red Hat subscription manager, include this with CONFIG_RH_USER", - "PROMPT" : "To subscribe each server to Red Hat enter your password here", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_RH_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rh-beta-repo", - "USAGE" : "To subscribe each server to Red Hat Enterprise Linux 6 Server Beta channel (only needed for Preview versions of RHOS) enter \"y\"", - "PROMPT" : "To subscribe each server to Red Hat Enterprise Linux 6 Server Beta channel (only needed for Preview versions of RHOS) enter \"y\"", - "OPTION_LIST" : ["y", "n"], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "n", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_RH_BETA_REPO", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-server", - "USAGE" : ("To subscribe each server with RHN Satellite," - "fill Satellite's URL here. Note that either " - "satellite's username/password or activation " - "key has to be provided"), - "PROMPT" : ("To subscribe each server with RHN Satellite " - "enter RHN Satellite server URL"), - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_URL", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }], - - "SATELLITE": [ - {"CMD_OPTION" : "rhn-satellite-username", - "USAGE" : "Username to access RHN Satellite", - "PROMPT" : ("Enter RHN Satellite username or leave plain " - "if you will use activation key instead"), - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SATELLITE_USER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-password", - "USAGE" : "Password to access RHN Satellite", - "PROMPT" : ("Enter RHN Satellite password or leave plain " - "if you will use activation key instead"), - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-activation-key", - "USAGE" : "Activation key for subscription to RHN Satellite", - "PROMPT" : ("Enter RHN Satellite activation key or leave plain " - "if you used username/password instead"), - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_AKEY", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-cacert", - "USAGE" : "Specify a path or URL to a SSL CA certificate to use", - "PROMPT" : "Specify a path or URL to a SSL CA certificate to use", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_CACERT", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-profile", - "USAGE" : ("If required specify the profile name that should " - "be used as an identifier for the system in RHN " - "Satellite"), - "PROMPT" : ("If required specify the profile name that should " - "be used as an identifier for the system in RHN " - "Satellite"), - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_PROFILE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-flags", - "USAGE" : ("Comma separated list of flags passed to rhnreg_ks. Valid " - "flags are: novirtinfo, norhnsd, nopackages"), - "PROMPT" : "Enter comma separated list of flags passed to rhnreg_ks", - "OPTION_LIST" : ['novirtinfo', 'norhnsd', 'nopackages'], - "VALIDATORS" : [validators.validate_multi_options], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_FLAGS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-proxy-host", - "USAGE" : "Specify a HTTP proxy to use with RHN Satellite", - "PROMPT" : "Specify a HTTP proxy to use with RHN Satellite", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_PROXY", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }], - - "SATELLITE_PROXY": [ - {"CMD_OPTION" : "rhn-satellite-proxy-username", - "USAGE" : "Specify a username to use with an authenticated HTTP proxy", - "PROMPT" : "Specify a username to use with an authenticated HTTP proxy", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_PROXY_USER", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - {"CMD_OPTION" : "rhn-satellite-proxy-password", - "USAGE" : "Specify a password to use with an authenticated HTTP proxy.", - "PROMPT" : "Specify a password to use with an authenticated HTTP proxy.", - "OPTION_LIST" : [], - "DEFAULT_VALUE" : "", - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SATELLITE_PROXY_PW", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }]} + "SERVERPREPARE": [ + {"CMD_OPTION": "use-epel", + "USAGE": "To subscribe each server to EPEL enter \"y\"", + "PROMPT": "To subscribe each server to EPEL enter \"y\"", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_USE_EPEL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "additional-repo", + "USAGE": ("A comma separated list of URLs to any additional yum " + "repositories to install"), + "PROMPT": ("Enter a comma separated list of URLs to any " + "additional yum repositories to install"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_REPO", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ], + + "RHEL": [ + {"CMD_OPTION": "rh-username", + "USAGE": ("To subscribe each server with Red Hat subscription " + "manager, include this with CONFIG_RH_PW"), + "PROMPT": "To subscribe each server to Red Hat enter a username ", + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_RH_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rh-password", + "USAGE": ("To subscribe each server with Red Hat subscription " + "manager, include this with CONFIG_RH_USER"), + "PROMPT": ("To subscribe each server to Red Hat enter your " + "password"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_RH_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-server", + "USAGE": ("To subscribe each server with RHN Satellite,fill " + "Satellite's URL here. Note that either satellite's " + "username/password or activation key has " + "to be provided"), + "PROMPT": ("To subscribe each server with RHN Satellite enter " + "RHN Satellite server URL"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_URL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ], + + "SATELLITE": [ + {"CMD_OPTION": "rhn-satellite-username", + "USAGE": "Username to access RHN Satellite", + "PROMPT": ("Enter RHN Satellite username or leave plain if you " + "will use activation key instead"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SATELLITE_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-password", + "USAGE": "Password to access RHN Satellite", + "PROMPT": ("Enter RHN Satellite password or leave plain if you " + "will use activation key instead"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-activation-key", + "USAGE": "Activation key for subscription to RHN Satellite", + "PROMPT": ("Enter RHN Satellite activation key or leave plain if " + "you used username/password instead"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_AKEY", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-cacert", + "USAGE": "Specify a path or URL to a SSL CA certificate to use", + "PROMPT": "Specify a path or URL to a SSL CA certificate to use", + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_CACERT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-profile", + "USAGE": ("If required specify the profile name that should be " + "used as an identifier for the system " + "in RHN Satellite"), + "PROMPT": ("If required specify the profile name that should be " + "used as an identifier for the system " + "in RHN Satellite"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_PROFILE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-flags", + "USAGE": ("Comma separated list of flags passed to rhnreg_ks. " + "Valid flags are: novirtinfo, norhnsd, nopackages"), + "PROMPT": ("Enter comma separated list of flags passed " + "to rhnreg_ks"), + "OPTION_LIST": ['novirtinfo', 'norhnsd', 'nopackages'], + "VALIDATORS": [validators.validate_multi_options], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_FLAGS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-proxy-host", + "USAGE": "Specify a HTTP proxy to use with RHN Satellite", + "PROMPT": "Specify a HTTP proxy to use with RHN Satellite", + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_PROXY", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ], + + "SATELLITE_PROXY": [ + {"CMD_OPTION": "rhn-satellite-proxy-username", + "USAGE": ("Specify a username to use with an authenticated " + "HTTP proxy"), + "PROMPT": ("Specify a username to use with an authenticated " + "HTTP proxy"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_PROXY_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rhn-satellite-proxy-password", + "USAGE": ("Specify a password to use with an authenticated " + "HTTP proxy."), + "PROMPT": ("Specify a password to use with an authenticated " + "HTTP proxy."), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_PROXY_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ] + } def filled_satellite(config): return bool(config.get('CONFIG_SATELLITE_URL')) @@ -235,41 +234,50 @@ def filled_satellite_proxy(config): return bool(config.get('CONFIG_SATELLITE_PROXY')) conf_groups = [ - {"GROUP_NAME" : "SERVERPREPARE", - "DESCRIPTION" : "Server Prepare Configs ", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}, - ] + {"GROUP_NAME": "SERVERPREPARE", + "DESCRIPTION": "Server Prepare Configs ", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + ] - if ((is_all_in_one(controller.CONF) and is_rhel()) or - not is_all_in_one(controller.CONF)): - conf_groups.append({"GROUP_NAME" : "RHEL", - "DESCRIPTION" : "RHEL config", - "PRE_CONDITION" : lambda x: 'yes', - "PRE_CONDITION_MATCH" : "yes", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}) - - conf_groups.append({"GROUP_NAME" : "SATELLITE", - "DESCRIPTION" : "RHN Satellite config", - "PRE_CONDITION" : filled_satellite, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}) - - conf_groups.append({"GROUP_NAME" : "SATELLITE_PROXY", - "DESCRIPTION" : "RHN Satellite proxy config", - "PRE_CONDITION" : filled_satellite_proxy, - "PRE_CONDITION_MATCH" : True, - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True}) + config = controller.CONF + if (is_all_in_one(config) and is_rhel()) or not is_all_in_one(config): + conf_groups.append({"GROUP_NAME": "RHEL", + "DESCRIPTION": "RHEL config", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}) + + conf_groups.append({"GROUP_NAME": "SATELLITE", + "DESCRIPTION": "RHN Satellite config", + "PRE_CONDITION": filled_satellite, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}) + + conf_groups.append({"GROUP_NAME": "SATELLITE_PROXY", + "DESCRIPTION": "RHN Satellite proxy config", + "PRE_CONDITION": filled_satellite_proxy, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}) for group in conf_groups: - paramList = conf_params[group["GROUP_NAME"]] - controller.addGroup(group, paramList) + params = conf_params[group["GROUP_NAME"]] + controller.addGroup(group, params) + + +def initSequences(controller): + preparesteps = [ + {'title': 'Preparing servers', 'functions': [server_prep]} + ] + controller.addSequence("Preparing servers", [], [], preparesteps) + +#------------------------- helper functions ------------------------- def is_rhel(): return 'Red Hat Enterprise Linux' in platform.linux_distribution()[0] @@ -290,9 +298,8 @@ def run_rhn_reg(host, server_url, username=None, password=None, server = utils.ScriptRunner(host) # check satellite server url - server_url = server_url.rstrip('/').endswith('/XMLRPC') \ - and server_url \ - or '%s/XMLRPC' % server_url + server_url = (server_url.rstrip('/').endswith('/XMLRPC') + and server_url or '%s/XMLRPC' % server_url) cmd.extend(['--serverUrl', server_url]) if activation_key: @@ -339,7 +346,7 @@ def run_rhn_reg(host, server_url, username=None, password=None, server.execute(mask_list=mask) -def run_rhsm_reg(host, username, password, beta): +def run_rhsm_reg(host, username, password): """ Registers given host to Red Hat Repositories via subscription manager. """ @@ -347,8 +354,8 @@ def run_rhsm_reg(host, username, password, beta): # register host cmd = ('subscription-manager register --username=\"%s\" ' - '--password=\"%s\" --autosubscribe || true') - server.append(cmd % (username, password.replace('"','\\"'))) + '--password=\"%s\" --autosubscribe || true') + server.append(cmd % (username, password.replace('"', '\\"'))) # subscribe to required channel cmd = ('subscription-manager list --consumed | grep -i openstack || ' @@ -357,12 +364,12 @@ def run_rhsm_reg(host, username, password, beta): "grep -e 'Red Hat OpenStack' -m 1 -A 2 | grep 'Pool Id' | " "awk '{print $3}')") server.append(cmd % pool) - server.append("subscription-manager repos --enable rhel-6-server-optional-rpms") + server.append("subscription-manager repos " + "--enable rhel-6-server-optional-rpms") server.append("yum clean all") - server.append("rpm -q --whatprovides yum-utils || yum install -y yum-utils") - if beta: - server.append("yum-config-manager --enable rhel-6-server-beta-rpms") + server.append("rpm -q --whatprovides yum-utils || " + "yum install -y yum-utils") server.append("yum clean metadata") server.execute(mask_list=[password]) @@ -409,7 +416,8 @@ def manage_epel(host, config): server.append('yum-config-manager --%(cmd)s epel' % locals()) rc, out = server.execute() - # yum-config-manager returns 0 always, but returns current setup if succeeds + # yum-config-manager returns 0 always, but returns current setup + # if succeeds match = re.search('enabled\s*\=\s*%(enabled)s' % locals(), out) if match: return @@ -428,7 +436,6 @@ def manage_epel(host, config): logger.warn(msg % host) - def manage_rdo(host, config): """ Installs and enables RDO repo on host in case it is installed locally. @@ -457,7 +464,8 @@ def manage_rdo(host, config): reponame = 'openstack-%s' % version server.clear() server.append('yum-config-manager --enable %(reponame)s' % locals()) - # yum-config-manager returns 0 always, but returns current setup if succeeds + # yum-config-manager returns 0 always, but returns current setup + # if succeeds rc, out = server.execute() match = re.search('enabled\s*=\s*(1|True)', out) if not match: @@ -467,14 +475,9 @@ def manage_rdo(host, config): raise exceptions.ScriptRuntimeError(msg) -def initSequences(controller): - preparesteps = [ - {'title': 'Preparing servers', 'functions':[serverprep]} - ] - controller.addSequence("Preparing servers", [], [], preparesteps) - +#-------------------------- step functions -------------------------- -def serverprep(config): +def server_prep(config, messages): rh_username = None sat_url = None if is_rhel(): @@ -489,21 +492,22 @@ def serverprep(config): sat_flags = [i.strip() for i in flag_list if i.strip()] sat_proxy_user = config.get("CONFIG_SATELLITE_PROXY_USER", '') sat_proxy_pass = config.get("CONFIG_SATELLITE_PROXY_PW", '') - sat_args = {'username': config["CONFIG_SATELLITE_USER"].strip(), - 'password': config["CONFIG_SATELLITE_PW"].strip(), - 'cacert': config["CONFIG_SATELLITE_CACERT"].strip(), - 'activation_key': config["CONFIG_SATELLITE_AKEY"].strip(), - 'profile_name': config["CONFIG_SATELLITE_PROFILE"].strip(), - 'proxy_host': config["CONFIG_SATELLITE_PROXY"].strip(), - 'proxy_user': sat_proxy_user.strip(), - 'proxy_pass': sat_proxy_pass.strip(), - 'flags': sat_flags} + sat_args = { + 'username': config["CONFIG_SATELLITE_USER"].strip(), + 'password': config["CONFIG_SATELLITE_PW"].strip(), + 'cacert': config["CONFIG_SATELLITE_CACERT"].strip(), + 'activation_key': config["CONFIG_SATELLITE_AKEY"].strip(), + 'profile_name': config["CONFIG_SATELLITE_PROFILE"].strip(), + 'proxy_host': config["CONFIG_SATELLITE_PROXY"].strip(), + 'proxy_user': sat_proxy_user.strip(), + 'proxy_pass': sat_proxy_pass.strip(), + 'flags': sat_flags + } for hostname in filtered_hosts(config): # Subscribe to Red Hat Repositories if configured if rh_username: - run_rhsm_reg(hostname, rh_username, rh_password, - config["CONFIG_RH_BETA_REPO"] == 'y') + run_rhsm_reg(hostname, rh_username, rh_password) # Subscribe to RHN Satellite if configured if sat_url and hostname not in sat_registered: @@ -524,8 +528,8 @@ def serverprep(config): server.clear() server.append('yum install -y yum-plugin-priorities || true') server.append('rpm -q epel-release && yum-config-manager ' - '--setopt="%(reponame)s.priority=1" ' - '--save %(reponame)s' % locals()) + '--setopt="%(reponame)s.priority=1" ' + '--save %(reponame)s' % locals()) # Add yum repositories if configured CONFIG_REPO = config["CONFIG_REPO"].strip() @@ -533,8 +537,8 @@ def serverprep(config): for i, repourl in enumerate(CONFIG_REPO.split(',')): reponame = 'packstack_%d' % i server.append('echo "[%(reponame)s]\nname=%(reponame)s\n' - 'baseurl=%(repourl)s\nenabled=1\n' - 'priority=1\ngpgcheck=0"' + 'baseurl=%(repourl)s\nenabled=1\n' + 'priority=1\ngpgcheck=0"' ' > /etc/yum.repos.d/%(reponame)s.repo' % locals()) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 24629d897..8ffd3f668 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + """ Installs and configures an OpenStack Swift """ @@ -13,215 +15,179 @@ from packstack.installer import utils from packstack.installer.utils import split_hosts -from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile, manifestfiles +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile, manifestfiles) + -# Controller object will be initialized from main flow -controller = None +#------------------ oVirt installer initialization ------------------ -# Plugin name -PLUGIN_NAME = "OS-SWIFT" +PLUGIN_NAME = "OS-Swift" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -logging.debug("plugin %s loaded", __name__) - -def initConfig(controllerObject): - global controller - controller = controllerObject - logging.debug("Adding OpenStack Swift configuration") - paramsList = [ - {"CMD_OPTION" : "os-swift-proxy", - "USAGE" : "The IP address on which to install the Swift proxy service (currently only single proxy is supported)", - "PROMPT" : "Enter the IP address of the Swift proxy service", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_multi_ip, validators.validate_multi_ssh], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SWIFT_PROXY_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-ks-passwd", - "USAGE" : "The password to use for the Swift to authenticate with Keystone", - "PROMPT" : "Enter the password for the Swift Keystone access", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SWIFT_KS_PW", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-storage", - "USAGE" : "A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format [/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device(packstack does not create the filesystem, you must do this first), if /dev is omitted Packstack will create a loopback device for a test setup", - "PROMPT" : "Enter the Swift Storage servers e.g. host/dev,host/dev", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty, validate_storage], - "DEFAULT_VALUE" : utils.get_localhost_ip(), - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SWIFT_STORAGE_HOSTS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-storage-zones", - "USAGE" : "Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured", - "PROMPT" : "Enter the number of swift storage zones, MUST be no bigger than the number of storage devices configured", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_integer], - "DEFAULT_VALUE" : "1", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SWIFT_STORAGE_ZONES", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-storage-replicas", - "USAGE" : "Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured", - "PROMPT" : "Enter the number of swift storage replicas, MUST be no bigger than the number of storage zones configured", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_integer], - "DEFAULT_VALUE" : "1", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SWIFT_STORAGE_REPLICAS", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-storage-fstype", - "USAGE" : "FileSystem type for storage nodes", - "PROMPT" : "Enter FileSystem type for storage nodes", - "OPTION_LIST" : ['xfs','ext4'], - "VALIDATORS" : [validators.validate_options], - "DEFAULT_VALUE" : "ext4", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SWIFT_STORAGE_FSTYPE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-hash", - "USAGE" : "Shared secret for Swift", - "PROMPT" : "Enter hash for Swift shared secret", - "OPTION_LIST" : [], - "VALIDATORS" : [validators.validate_not_empty], - "DEFAULT_VALUE" : uuid.uuid4().hex[:16], - "MASK_INPUT" : True, - "LOOSE_VALIDATION": False, - "CONF_NAME" : "CONFIG_SWIFT_HASH", - "USE_DEFAULT" : True, - "NEED_CONFIRM" : True, - "CONDITION" : False }, - {"CMD_OPTION" : "os-swift-storage-size", - "USAGE" : "Size of the swift loopback file storage device", - "PROMPT" : "Enter the size of the storage device (eg. 2G, 2000M, 2000000K)", - "OPTION_LIST" : [], - "VALIDATORS" : [validate_storage_size], - "DEFAULT_VALUE" : "2G", - "MASK_INPUT" : False, - "LOOSE_VALIDATION": True, - "CONF_NAME" : "CONFIG_SWIFT_STORAGE_SIZE", - "USE_DEFAULT" : False, - "NEED_CONFIRM" : False, - "CONDITION" : False }, - - ] - - groupDict = { "GROUP_NAME" : "OSSWIFT", - "DESCRIPTION" : "OpenStack Swift Config parameters", - "PRE_CONDITION" : "CONFIG_SWIFT_INSTALL", - "PRE_CONDITION_MATCH" : "y", - "POST_CONDITION" : False, - "POST_CONDITION_MATCH" : True} - - - controller.addGroup(groupDict, paramsList) - - -def validate_storage(param, options=None): - for host in param.split(','): - host = host.split('/', 1)[0] - validators.validate_ip(host.strip(), options) -def validate_storage_size(param, options=None): - match = re.match(r'\d+G|\d+M|\d+K', param, re.IGNORECASE) - if not match: - msg = 'Storage size not have a valid value (eg. 1G, 1000M, 1000000K)' - raise ParamValidationError(msg) +def initConfig(controller): + params = [ + {"CMD_OPTION": "os-swift-ks-passwd", + "USAGE": ("The password to use for the Swift to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Swift Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SWIFT_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-storages", + "USAGE": ("A comma separated list of devices which to use as Swift " + "Storage device. Each entry should take the format " + "/path/to/dev, for example /dev/vdb will install /dev/vdb " + "as Swift storage device (packstack does not create " + "the filesystem, you must do this first). If value is " + "omitted Packstack will create a loopback device for test " + "setup"), + "PROMPT": "Enter the Swift Storage devices e.g. /path/to/dev", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SWIFT_STORAGES", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-storage-zones", + "USAGE": ("Number of swift storage zones, this number MUST be " + "no bigger than the number of storage devices configured"), + "PROMPT": ("Enter the number of swift storage zones, MUST be no " + "bigger than the number of storage devices configured"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_integer], + "DEFAULT_VALUE": "1", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SWIFT_STORAGE_ZONES", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-storage-replicas", + "USAGE": ("Number of swift storage replicas, this number MUST be " + "no bigger than the number of storage zones configured"), + "PROMPT": ("Enter the number of swift storage replicas, MUST be no " + "bigger than the number of storage zones configured"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_integer], + "DEFAULT_VALUE": "1", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SWIFT_STORAGE_REPLICAS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-storage-fstype", + "USAGE": "FileSystem type for storage nodes", + "PROMPT": "Enter FileSystem type for storage nodes", + "OPTION_LIST": ['xfs', 'ext4'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "ext4", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SWIFT_STORAGE_FSTYPE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-hash", + "USAGE": "Shared secret for Swift", + "PROMPT": "Enter hash for Swift shared secret", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SWIFT_HASH", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-storage-size", + "USAGE": "Size of the swift loopback file storage device", + "PROMPT": ("Enter the size of the storage device (eg. 2G, 2000M, " + "2000000K)"), + "OPTION_LIST": [], + "VALIDATORS": [validate_storage_size], + "DEFAULT_VALUE": "2G", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SWIFT_STORAGE_SIZE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "OSSWIFT", + "DESCRIPTION": "OpenStack Swift Config parameters", + "PRE_CONDITION": "CONFIG_SWIFT_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + def initSequences(controller): if controller.CONF['CONFIG_SWIFT_INSTALL'] != 'y': return steps = [ - {'title': 'Adding Swift Keystone manifest entries', 'functions':[createkeystonemanifest]}, - {'title': 'Adding Swift builder manifest entries', 'functions':[createbuildermanifest]}, - {'title': 'Adding Swift proxy manifest entries', 'functions':[createproxymanifest]}, - {'title': 'Adding Swift storage manifest entries', 'functions':[createstoragemanifest]}, - {'title': 'Adding Swift common manifest entries', 'functions':[createcommonmanifest]}, + {'title': 'Adding Swift Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Swift builder manifest entries', + 'functions': [create_builder_manifest]}, + {'title': 'Adding Swift proxy manifest entries', + 'functions': [create_proxy_manifest]}, + {'title': 'Adding Swift storage manifest entries', + 'functions': [create_storage_manifest]}, + {'title': 'Adding Swift common manifest entries', + 'functions': [create_common_manifest]}, ] - controller.addSequence("Installing OpenStack Swift", [], [], steps) -def createkeystonemanifest(config): - manifestfile = "%s_keystone.pp"%controller.CONF['CONFIG_KEYSTONE_HOST'] - controller.CONF['CONFIG_SWIFT_PROXY'] = controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0] - manifestdata = getManifestTemplate("keystone_swift.pp") - appendManifestFile(manifestfile, manifestdata) +#------------------------- helper functions ------------------------- + +def validate_storage_size(param, options=None): + match = re.match(r'\d+G|\d+M|\d+K', param, re.IGNORECASE) + if not match: + msg = 'Storage size not have a valid value (eg. 1G, 1000M, 1000000K)' + raise ParamValidationError(msg) -devices = [] -def parse_devices(config_swift_storage_hosts): +def parse_devices(config): """ Returns dict containing information about Swift storage devices. """ + devices = [] device_number = 0 - num_zones = int(controller.CONF["CONFIG_SWIFT_STORAGE_ZONES"]) - for host in config_swift_storage_hosts.split(","): - host = host.strip() + num_zones = int(config["CONFIG_SWIFT_STORAGE_ZONES"]) + for device in config["CONFIG_SWIFT_STORAGES"].split(","): + device = device.strip() + if not device: + continue device_number += 1 - device = None - if '/' in host: - host, device = map(lambda x: x.strip(), host.split('/', 1)) zone = str((device_number % num_zones) + 1) - devices.append({'host': host, 'device': device, 'zone': zone, + devices.append({'device': device, 'zone': zone, 'device_name': 'device%s' % device_number}) + if not devices: + devices.append({'device': None, 'zone': 1, + 'device_name': 'swiftloopback'}) return devices -# The ring file should be built and distributed befor the storage services -# come up. Specifically the replicator crashes if the ring isn't present -def createbuildermanifest(config): - # TODO : put this on the proxy server, will need to change this later - controller.CONF['CONFIG_SWIFT_BUILDER_HOST'] = controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0] - manifestfile = "%s_ring_swift.pp"%controller.CONF['CONFIG_SWIFT_BUILDER_HOST'] - manifestdata = getManifestTemplate("swift_builder.pp") - - # Add each device to the ring - devicename = 0 - for device in parse_devices(controller.CONF["CONFIG_SWIFT_STORAGE_HOSTS"]): - host = device['host'] - devicename = device['device_name'] - zone = device['zone'] - - manifestdata = manifestdata + '\n@@ring_object_device { "%s:6000/%s":\n zone => %s,\n weight => 10, }'%(host, devicename, zone) - manifestdata = manifestdata + '\n@@ring_container_device { "%s:6001/%s":\n zone => %s,\n weight => 10, }'%(host, devicename, zone) - manifestdata = manifestdata + '\n@@ring_account_device { "%s:6002/%s":\n zone => %s,\n weight => 10, }'%(host, devicename, zone) - - appendManifestFile(manifestfile, manifestdata, 'swiftbuilder') - - -def createproxymanifest(config): - manifestfile = "%s_swift.pp"%controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'] - manifestdata = getManifestTemplate("swift_proxy.pp") - # If the proxy server is also a storage server then swift::ringsync will be included for the storage server - if controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'] not in [h['host'] for h in devices]: - manifestdata += 'swift::ringsync{["account","container","object"]:\n ring_server => "%s"\n}'%controller.CONF['CONFIG_SWIFT_BUILDER_HOST'] - appendManifestFile(manifestfile, manifestdata) - - def check_device(host, device): """ Raises ScriptRuntimeError if given device is not mounted on given @@ -230,62 +196,102 @@ def check_device(host, device): server = utils.ScriptRunner(host) # the device MUST exist - cmd = 'ls -l /dev/%s' + cmd = 'ls -l %s' server.append(cmd % device) # if it is not mounted then we can use it - cmd = 'grep "/dev/%s " /proc/self/mounts || exit 0' + cmd = 'grep "%s " /proc/self/mounts || exit 0' server.append(cmd % device) # if it is mounted then the mount point has to be in /srv/node - cmd = 'grep "/dev/%s /srv/node" /proc/self/mounts && exit 0' + cmd = 'grep "%s /srv/node" /proc/self/mounts && exit 0' server.append(cmd % device) # if we got here without exiting then we can't use this device server.append('exit 1') server.execute() - return False -def get_storage_size(size): + +def get_storage_size(config): ranges = {'G': 1048576, 'M': 1024, 'K': 1} - size.strip() + size = config['CONFIG_SWIFT_STORAGE_SIZE'].strip() for measure in ['G', 'M', 'K']: if re.match('\d+' + measure, size, re.IGNORECASE): intsize = int(size.rstrip(measure)) * ranges[measure] return intsize -def createstoragemanifest(config): - # this need to happen once per storage host - for host in set([device['host'] for device in devices]): - controller.CONF["CONFIG_SWIFT_STORAGE_CURRENT"] = host - manifestfile = "%s_swift.pp"%host - manifestdata = getManifestTemplate("swift_storage.pp") - appendManifestFile(manifestfile, manifestdata) +#-------------------------- step functions -------------------------- + +def create_keystone_manifest(config, messages): + # parse devices in first step + global devices + devices = parse_devices(config) + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("keystone_swift.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_builder_manifest(config, messages): + global devices + # The ring file should be built and distributed before the storage services + # come up. Specifically the replicator crashes if the ring isn't present + + def device_def(dev_type, host, dev_port, devicename, zone): + fmt = ('\n@@%s { "%s:%s/%s":\n' + ' zone => %s,\n' + ' weight => 10, }\n') + return fmt % (dev_type, host, dev_port, devicename, zone) + + manifestfile = "%s_ring_swift.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("swift_builder.pp") + + # Add each device to the ring + devicename = 0 + for device in devices: + host = config['CONFIG_CONTROLLER_HOST'] + devicename = device['device_name'] + zone = device['zone'] + for dev_type, dev_port in [('ring_object_device', 6000), + ('ring_container_device', 6001), + ('ring_account_device', 6002)]: + manifestdata += device_def(dev_type, host, dev_port, devicename, + zone) + appendManifestFile(manifestfile, manifestdata, 'swiftbuilder') + + +def create_proxy_manifest(config, messages): + manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("swift_proxy.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_storage_manifest(config, messages): + global devices + + manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("swift_storage.pp") # this need to happen once per storage device for device in devices: - host = device['host'] + host = config['CONFIG_CONTROLLER_HOST'] devicename = device['device_name'] device = device['device'] + fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"] if device: check_device(host, device) - - manifestfile = "%s_swift.pp"%host - if device: - manifestdata = "\n" + 'swift::storage::%s{"%s":\n device => "/dev/%s",\n}'% (controller.CONF["CONFIG_SWIFT_STORAGE_FSTYPE"], devicename, device) + manifestdata += ('\nswift::storage::%s { "%s":\n' + ' device => "%s",\n}\n' + % (fstype, devicename, device)) else: - config['SWIFT_STORAGE_SEEK'] = get_storage_size(config['CONFIG_SWIFT_STORAGE_SIZE']) - controller.CONF["SWIFT_STORAGE_DEVICES"] = "'%s'"%devicename - manifestdata = "\n" + getManifestTemplate("swift_loopback.pp") - appendManifestFile(manifestfile, manifestdata) + # create loopback device if none was specified + config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config) + manifestdata += "\n" + getManifestTemplate("swift_loopback.pp") # set allowed hosts for firewall - swift_hosts = get_swift_hosts(config) - hosts = swift_hosts.copy() - manifestdata = "" + hosts = set([config['CONFIG_CONTROLLER_HOST']]) if config['CONFIG_NOVA_INSTALL'] == 'y': - hosts |= split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) + hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync" config['FIREWALL_PORTS'] = "'6000', '6001', '6002', '873'" @@ -296,22 +302,11 @@ def createstoragemanifest(config): config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host manifestdata += getManifestTemplate("firewall.pp") - for host in swift_hosts: - manifestfile = "%s_swift.pp" % host - appendManifestFile(manifestfile, manifestdata) + appendManifestFile(manifestfile, manifestdata) -def createcommonmanifest(config): +def create_common_manifest(config, messages): for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_swift.pp"): data = getManifestTemplate("swift_common.pp") appendManifestFile(os.path.split(manifestfile)[1], data) - - -def get_swift_hosts(config): - """Get a set of all the Swift hosts""" - hosts = split_hosts(config['CONFIG_SWIFT_STORAGE_HOSTS']) - # remove "/device" from the storage host names - hosts = set(host.split('/', 1)[0] for host in hosts) - hosts |= split_hosts(config['CONFIG_SWIFT_PROXY_HOSTS']) - return hosts diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 080d2ae75..76af9ce58 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -1,4 +1,4 @@ -$amqp = '%(CONFIG_AMQP_SERVER)s' +$amqp = '%(CONFIG_AMQP_BACKEND)s' case $amqp { 'qpid': { enable_qpid {"qpid": diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index 7bf6766c3..966b19283 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -6,7 +6,7 @@ } class { 'ceilometer::agent::auth': - auth_url => 'http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0', + auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', auth_password => '%(CONFIG_CEILOMETER_KS_PW)s', } @@ -20,6 +20,6 @@ } class { 'ceilometer::api': - keystone_host => '%(CONFIG_KEYSTONE_HOST)s', + keystone_host => '%(CONFIG_CONTROLLER_HOST)s', keystone_password => '%(CONFIG_CEILOMETER_KS_PW)s', } diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index d5b9920c6..b7c01d018 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -1,5 +1,5 @@ cinder_config { - "DEFAULT/glance_host": value => "%(CONFIG_GLANCE_HOST)s"; + "DEFAULT/glance_host": value => "%(CONFIG_CONTROLLER_HOST)s"; } package {'python-keystone': @@ -10,7 +10,7 @@ keystone_password => '%(CONFIG_CINDER_KS_PW)s', keystone_tenant => "services", keystone_user => "cinder", - keystone_auth_host => "%(CONFIG_KEYSTONE_HOST)s", + keystone_auth_host => "%(CONFIG_CONTROLLER_HOST)s", } class {'cinder::scheduler': @@ -20,5 +20,5 @@ } class {'cinder::volume::iscsi': - iscsi_ip_address => '%(CONFIG_CINDER_HOST)s' + iscsi_ip_address => '%(CONFIG_CONTROLLER_HOST)s' } diff --git a/packstack/puppet/templates/cinder_backup.pp b/packstack/puppet/templates/cinder_backup.pp index 74fb5191c..b6e93088f 100644 --- a/packstack/puppet/templates/cinder_backup.pp +++ b/packstack/puppet/templates/cinder_backup.pp @@ -2,7 +2,7 @@ } class {'cinder::backup::swift': - backup_swift_url => 'http://%(CONFIG_SWIFT_PROXY)s:8080/v1/AUTH_' + backup_swift_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8080/v1/AUTH_' } Class['cinder::api'] ~> Service['cinder-backup'] diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 220409e5c..c38b94bb0 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -1,6 +1,6 @@ class {"glance::api": - auth_host => "%(CONFIG_KEYSTONE_HOST)s", + auth_host => "%(CONFIG_CONTROLLER_HOST)s", keystone_tenant => "services", keystone_user => "glance", keystone_password => "%(CONFIG_GLANCE_KS_PW)s", @@ -13,7 +13,7 @@ class { 'glance::backend::file': } class {"glance::registry": - auth_host => "%(CONFIG_KEYSTONE_HOST)s", + auth_host => "%(CONFIG_CONTROLLER_HOST)s", keystone_tenant => "services", keystone_user => "glance", keystone_password => "%(CONFIG_GLANCE_KS_PW)s", diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index fa85871aa..71a1d7645 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -1,9 +1,10 @@ + class { 'heat::api': } class { 'heat::engine': - heat_metadata_server_url => 'http://%(CONFIG_HEAT_METADATA_HOST)s:8000', - heat_waitcondition_server_url => 'http://%(CONFIG_HEAT_METADATA_HOST)s:8000/v1/waitcondition', - heat_watch_server_url => 'http://%(CONFIG_HEAT_WATCH_HOST)s:8003', + heat_metadata_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000', + heat_waitcondition_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000/v1/waitcondition', + heat_watch_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8003', auth_encryption_key => '%(CONFIG_HEAT_AUTH_ENC_KEY)s', } diff --git a/packstack/puppet/templates/heat_cfn.pp b/packstack/puppet/templates/heat_cfn.pp index e82640271..18100fa31 100644 --- a/packstack/puppet/templates/heat_cfn.pp +++ b/packstack/puppet/templates/heat_cfn.pp @@ -1,2 +1,3 @@ + class { 'heat::api_cfn': } diff --git a/packstack/puppet/templates/heat_cloudwatch.pp b/packstack/puppet/templates/heat_cloudwatch.pp index 00ddcdffe..5ca0300ad 100644 --- a/packstack/puppet/templates/heat_cloudwatch.pp +++ b/packstack/puppet/templates/heat_cloudwatch.pp @@ -1,2 +1,3 @@ + class { 'heat::api_cloudwatch': } diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index c1161184b..8c685b6d8 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -1,7 +1,7 @@ class { 'heat': - keystone_host => '%(CONFIG_KEYSTONE_HOST)s', + keystone_host => '%(CONFIG_CONTROLLER_HOST)s', keystone_password => '%(CONFIG_HEAT_KS_PW)s', - auth_uri => 'http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0', + auth_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', rpc_backend => 'heat.openstack.common.rpc.impl_qpid', qpid_hostname => '%(CONFIG_AMQP_HOST)s', qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index 20290e66b..11b1977dc 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -1,7 +1,7 @@ class { 'heat': - keystone_host => '%(CONFIG_KEYSTONE_HOST)s', + keystone_host => '%(CONFIG_CONTROLLER_HOST)s', keystone_password => '%(CONFIG_HEAT_KS_PW)s', - auth_uri => 'http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0', + auth_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', rpc_backend => 'heat.openstack.common.rpc.impl_kombu', rabbit_host => '%(CONFIG_AMQP_HOST)s', rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index da9d8b415..dd5a86f8e 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -9,9 +9,9 @@ class {'horizon': secret_key => '%(CONFIG_HORIZON_SECRET_KEY)s', - keystone_host => '%(CONFIG_KEYSTONE_HOST)s', + keystone_host => '%(CONFIG_CONTROLLER_HOST)s', keystone_default_role => '_member_', - fqdn => ['%(CONFIG_HORIZON_HOST)s', "$::fqdn", 'localhost'], + fqdn => ['%(CONFIG_CONTROLLER_HOST)s', "$::fqdn", 'localhost'], can_set_mount_point => 'False', help_url =>'http://docs.openstack.org', django_debug => %(CONFIG_DEBUG_MODE)s ? {true => 'True', false => 'False'}, diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index 946e9a24a..111ac2885 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -14,9 +14,9 @@ } class {"keystone::endpoint": - public_address => "%(CONFIG_KEYSTONE_HOST)s", - admin_address => "%(CONFIG_KEYSTONE_HOST)s", - internal_address => "%(CONFIG_KEYSTONE_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } # Run token flush every minute (without output so we won't spam admins) diff --git a/packstack/puppet/templates/keystone_ceilometer.pp b/packstack/puppet/templates/keystone_ceilometer.pp index 87baa828e..fc3ce356e 100644 --- a/packstack/puppet/templates/keystone_ceilometer.pp +++ b/packstack/puppet/templates/keystone_ceilometer.pp @@ -1,7 +1,7 @@ class { 'ceilometer::keystone::auth': password => '%(CONFIG_CEILOMETER_KS_PW)s', - public_address => "%(CONFIG_CEILOMETER_HOST)s", - admin_address => "%(CONFIG_CEILOMETER_HOST)s", - internal_address => "%(CONFIG_CEILOMETER_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } diff --git a/packstack/puppet/templates/keystone_cinder.pp b/packstack/puppet/templates/keystone_cinder.pp index 63439e9a2..0655da753 100644 --- a/packstack/puppet/templates/keystone_cinder.pp +++ b/packstack/puppet/templates/keystone_cinder.pp @@ -1,9 +1,9 @@ class {"cinder::keystone::auth": password => "%(CONFIG_CINDER_KS_PW)s", - public_address => "%(CONFIG_CINDER_HOST)s", - admin_address => "%(CONFIG_CINDER_HOST)s", - internal_address => "%(CONFIG_CINDER_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } keystone_service { "${cinder::keystone::auth::auth_name}_v2": diff --git a/packstack/puppet/templates/keystone_glance.pp b/packstack/puppet/templates/keystone_glance.pp index 4823cd60e..51827253e 100644 --- a/packstack/puppet/templates/keystone_glance.pp +++ b/packstack/puppet/templates/keystone_glance.pp @@ -1,7 +1,7 @@ class {"glance::keystone::auth": password => "%(CONFIG_GLANCE_KS_PW)s", - public_address => "%(CONFIG_GLANCE_HOST)s", - admin_address => "%(CONFIG_GLANCE_HOST)s", - internal_address => "%(CONFIG_GLANCE_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } diff --git a/packstack/puppet/templates/keystone_heat.pp b/packstack/puppet/templates/keystone_heat.pp index 4860bda7c..9b86f905f 100644 --- a/packstack/puppet/templates/keystone_heat.pp +++ b/packstack/puppet/templates/keystone_heat.pp @@ -1,17 +1,17 @@ # heat::keystone::auth class {"heat::keystone::auth": password => "%(CONFIG_HEAT_KS_PW)s", - public_address => "%(CONFIG_HEAT_HOST)s", - admin_address => "%(CONFIG_HEAT_HOST)s", - internal_address => "%(CONFIG_HEAT_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } if '%(CONFIG_HEAT_CFN_INSTALL)s' == 'y' { # heat::keystone::cfn class {"heat::keystone::auth_cfn": password => "%(CONFIG_HEAT_KS_PW)s", - public_address => "%(CONFIG_HEAT_HOST)s", - admin_address => "%(CONFIG_HEAT_HOST)s", - internal_address => "%(CONFIG_HEAT_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } } diff --git a/packstack/puppet/templates/keystone_neutron.pp b/packstack/puppet/templates/keystone_neutron.pp index 062514e0c..4699a9150 100644 --- a/packstack/puppet/templates/keystone_neutron.pp +++ b/packstack/puppet/templates/keystone_neutron.pp @@ -1,7 +1,7 @@ class {"neutron::keystone::auth": password => "%(CONFIG_NEUTRON_KS_PW)s", - public_address => "%(CONFIG_NEUTRON_SERVER_HOST)s", - admin_address => "%(CONFIG_NEUTRON_SERVER_HOST)s", - internal_address => "%(CONFIG_NEUTRON_SERVER_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", } diff --git a/packstack/puppet/templates/keystone_nova.pp b/packstack/puppet/templates/keystone_nova.pp index f336fa5c7..ccca515d4 100644 --- a/packstack/puppet/templates/keystone_nova.pp +++ b/packstack/puppet/templates/keystone_nova.pp @@ -1,8 +1,8 @@ class {"nova::keystone::auth": password => "%(CONFIG_NOVA_KS_PW)s", - public_address => "%(CONFIG_NOVA_API_HOST)s", - admin_address => "%(CONFIG_NOVA_API_HOST)s", - internal_address => "%(CONFIG_NOVA_API_HOST)s", + public_address => "%(CONFIG_CONTROLLER_HOST)s", + admin_address => "%(CONFIG_CONTROLLER_HOST)s", + internal_address => "%(CONFIG_CONTROLLER_HOST)s", cinder => true, } diff --git a/packstack/puppet/templates/keystone_swift.pp b/packstack/puppet/templates/keystone_swift.pp index 8ba3c7c0c..a5de90d3d 100644 --- a/packstack/puppet/templates/keystone_swift.pp +++ b/packstack/puppet/templates/keystone_swift.pp @@ -1,4 +1,4 @@ class { 'swift::keystone::auth': - public_address => '%(CONFIG_SWIFT_PROXY)s', + public_address => '%(CONFIG_CONTROLLER_HOST)s', password => '%(CONFIG_SWIFT_KS_PW)s', } diff --git a/packstack/puppet/templates/nagios_nrpe.pp b/packstack/puppet/templates/nagios_nrpe.pp index e4b6ddac5..1aeaada65 100644 --- a/packstack/puppet/templates/nagios_nrpe.pp +++ b/packstack/puppet/templates/nagios_nrpe.pp @@ -15,7 +15,7 @@ file_line{'allowed_hosts': path => '/etc/nagios/nrpe.cfg', match => 'allowed_hosts=', - line => 'allowed_hosts=%(CONFIG_NAGIOS_HOST)s', + line => 'allowed_hosts=%(CONFIG_CONTROLLER_HOST)s', } # 5 minute load average @@ -41,5 +41,3 @@ enable => true, hasstatus => true, } - - diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index 24c7376db..6ac6bb018 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -46,7 +46,7 @@ content => "export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_PASSWORD=%(CONFIG_KEYSTONE_ADMIN_PW)s -export OS_AUTH_URL=http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0/ ",} +export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0/ ",} %(CONFIG_NAGIOS_MANIFEST_CONFIG)s } diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index aa0140a32..e2f198550 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -2,7 +2,7 @@ sql_connection => $neutron_sql_connection, connection => $neutron_sql_connection, auth_password => $neutron_user_password, - auth_host => '%(CONFIG_KEYSTONE_HOST)s', + auth_host => '%(CONFIG_CONTROLLER_HOST)s', enabled => true, } diff --git a/packstack/puppet/templates/neutron_metadata.pp b/packstack/puppet/templates/neutron_metadata.pp index cb628b4b8..4331350bc 100644 --- a/packstack/puppet/templates/neutron_metadata.pp +++ b/packstack/puppet/templates/neutron_metadata.pp @@ -1,6 +1,6 @@ class {'neutron::agents::metadata': auth_password => '%(CONFIG_NEUTRON_KS_PW)s', - auth_url => 'http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0', + auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', shared_secret => '%(CONFIG_NEUTRON_METADATA_PW)s', - metadata_ip => '%(CONFIG_NOVA_API_HOST)s', + metadata_ip => '%(CONFIG_CONTROLLER_HOST)s', } diff --git a/packstack/puppet/templates/neutron_notifications.pp b/packstack/puppet/templates/neutron_notifications.pp index ebca9b432..d8d13a1b0 100644 --- a/packstack/puppet/templates/neutron_notifications.pp +++ b/packstack/puppet/templates/neutron_notifications.pp @@ -3,7 +3,6 @@ nova_admin_username => 'nova', nova_admin_password => '%(CONFIG_NOVA_KS_PW)s', nova_admin_tenant_name => 'services', - nova_url => 'http://%(CONFIG_NOVA_API_HOST)s:8774/v2', - nova_admin_auth_url => 'http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0', + nova_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8774/v2', + nova_admin_auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', } - diff --git a/packstack/puppet/templates/nova_api.pp b/packstack/puppet/templates/nova_api.pp index 8540dee9f..7d5bc5718 100644 --- a/packstack/puppet/templates/nova_api.pp +++ b/packstack/puppet/templates/nova_api.pp @@ -2,7 +2,7 @@ require 'keystone::python' class {"nova::api": enabled => true, - auth_host => "%(CONFIG_KEYSTONE_HOST)s", + auth_host => "%(CONFIG_CONTROLLER_HOST)s", admin_password => "%(CONFIG_NOVA_KS_PW)s", neutron_metadata_proxy_shared_secret => %(CONFIG_NEUTRON_METADATA_PW_UNQUOTED)s } diff --git a/packstack/puppet/templates/nova_ceilometer.pp b/packstack/puppet/templates/nova_ceilometer.pp index c3676bcdc..ec22d67a2 100644 --- a/packstack/puppet/templates/nova_ceilometer.pp +++ b/packstack/puppet/templates/nova_ceilometer.pp @@ -1,6 +1,6 @@ class { 'ceilometer::agent::auth': - auth_url => 'http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0', + auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', auth_password => '%(CONFIG_CEILOMETER_KS_PW)s', } diff --git a/packstack/puppet/templates/nova_common.pp b/packstack/puppet/templates/nova_common.pp index 16b6a537a..a417be52b 100644 --- a/packstack/puppet/templates/nova_common.pp +++ b/packstack/puppet/templates/nova_common.pp @@ -5,7 +5,5 @@ nova_config{ "DEFAULT/sql_connection": value => "%(CONFIG_NOVA_SQL_CONN)s"; - "DEFAULT/metadata_host": value => "%(CONFIG_NOVA_METADATA_HOST)s"; + "DEFAULT/metadata_host": value => "%(CONFIG_CONTROLLER_HOST)s"; } - - diff --git a/packstack/puppet/templates/nova_common_qpid.pp b/packstack/puppet/templates/nova_common_qpid.pp index 148ab04f3..ede404b56 100644 --- a/packstack/puppet/templates/nova_common_qpid.pp +++ b/packstack/puppet/templates/nova_common_qpid.pp @@ -1,6 +1,6 @@ class { "nova": - glance_api_servers => "%(CONFIG_GLANCE_HOST)s:9292", + glance_api_servers => "%(CONFIG_CONTROLLER_HOST)s:9292", qpid_hostname => "%(CONFIG_AMQP_HOST)s", qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index a3511a273..1cb5ef961 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -1,6 +1,6 @@ class { "nova": - glance_api_servers => "%(CONFIG_GLANCE_HOST)s:9292", + glance_api_servers => "%(CONFIG_CONTROLLER_HOST)s:9292", rabbit_host => "%(CONFIG_AMQP_HOST)s", rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index f36cfcd15..b8b9798e0 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -26,7 +26,7 @@ class {"nova::compute": enabled => true, - vncproxy_host => "%(CONFIG_NOVA_VNCPROXY_HOST)s", + vncproxy_host => "%(CONFIG_CONTROLLER_HOST)s", vncserver_proxyclient_address => "%(CONFIG_NOVA_COMPUTE_HOST)s", } diff --git a/packstack/puppet/templates/nova_neutron.pp b/packstack/puppet/templates/nova_neutron.pp index 03a576dcb..e2b3babd3 100644 --- a/packstack/puppet/templates/nova_neutron.pp +++ b/packstack/puppet/templates/nova_neutron.pp @@ -2,9 +2,9 @@ class {"nova::network::neutron": neutron_admin_password => "%(CONFIG_NEUTRON_KS_PW)s", neutron_auth_strategy => "keystone", - neutron_url => "http://%(CONFIG_NEUTRON_SERVER_HOST)s:9696", + neutron_url => "http://%(CONFIG_CONTROLLER_HOST)s:9696", neutron_admin_tenant_name => "services", - neutron_admin_auth_url => "http://%(CONFIG_KEYSTONE_HOST)s:35357/v2.0", + neutron_admin_auth_url => "http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0", } class {"nova::compute::neutron": diff --git a/packstack/puppet/templates/openstack_client.pp b/packstack/puppet/templates/openstack_client.pp index 4c84ca3e7..86b8333af 100644 --- a/packstack/puppet/templates/openstack_client.pp +++ b/packstack/puppet/templates/openstack_client.pp @@ -8,7 +8,7 @@ $rcadmin_content = "export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_PASSWORD=%(CONFIG_KEYSTONE_ADMIN_PW)s -export OS_AUTH_URL=http://%(CONFIG_KEYSTONE_HOST)s:5000/v2.0/ +export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/ export PS1='[\\u@\\h \\W(keystone_admin)]\\$ ' " @@ -25,7 +25,7 @@ content => "export OS_USERNAME=demo export OS_TENANT_NAME=demo export OS_PASSWORD=%(CONFIG_KEYSTONE_DEMO_PW)s -export OS_AUTH_URL=http://%(CONFIG_KEYSTONE_HOST)s:5000/v2.0/ +export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/ export PS1='[\\u@\\h \\W(keystone_demo)]\\$ ' ", } diff --git a/packstack/puppet/templates/swift_builder.pp b/packstack/puppet/templates/swift_builder.pp index 32387b293..385ea8ebe 100644 --- a/packstack/puppet/templates/swift_builder.pp +++ b/packstack/puppet/templates/swift_builder.pp @@ -8,11 +8,7 @@ # sets up an rsync db that can be used to sync the ring DB class { 'swift::ringserver': - local_net_ip => "%(CONFIG_SWIFT_BUILDER_HOST)s", -} - -@@swift::ringsync { ['account', 'object', 'container']: - ring_server => $swift_local_net_ip + local_net_ip => "%(CONFIG_CONTROLLER_HOST)s", } if ($::selinux != "false"){ diff --git a/packstack/puppet/templates/swift_loopback.pp b/packstack/puppet/templates/swift_loopback.pp index e0dd899ce..52eee4f12 100644 --- a/packstack/puppet/templates/swift_loopback.pp +++ b/packstack/puppet/templates/swift_loopback.pp @@ -1,10 +1,8 @@ -swift::storage::loopback { [%(SWIFT_STORAGE_DEVICES)s]: +swift::storage::loopback { 'swift_loopback': base_dir => '/srv/loopback-device', mnt_base_dir => '/srv/node', require => Class['swift'], fstype => '%(CONFIG_SWIFT_STORAGE_FSTYPE)s', - seek => '%(SWIFT_STORAGE_SEEK)s', + seek => '%(CONFIG_SWIFT_STORAGE_SEEK)s', } - - diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 44b7e4cb9..960ccccd7 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -5,7 +5,7 @@ } class { 'swift::proxy': - proxy_local_net_ip => '%(CONFIG_SWIFT_PROXY)s', + proxy_local_net_ip => '%(CONFIG_CONTROLLER_HOST)s', pipeline => [ 'bulk', 'catch_errors', @@ -62,7 +62,7 @@ admin_tenant_name => 'services', admin_password => '%(CONFIG_SWIFT_KS_PW)s', # assume that the controller host is the swift api server - auth_host => '%(CONFIG_KEYSTONE_HOST)s', + auth_host => '%(CONFIG_CONTROLLER_HOST)s', } firewall { '001 swift proxy incoming': diff --git a/packstack/puppet/templates/swift_storage.pp b/packstack/puppet/templates/swift_storage.pp index 8a4955759..b819c2d3f 100644 --- a/packstack/puppet/templates/swift_storage.pp +++ b/packstack/puppet/templates/swift_storage.pp @@ -1,7 +1,7 @@ # install all swift storage servers together class { 'swift::storage::all': - storage_local_net_ip => '%(CONFIG_SWIFT_STORAGE_CURRENT)s', + storage_local_net_ip => '%(CONFIG_CONTROLLER_HOST)s', allow_versions => true, require => Class['swift'], } @@ -15,10 +15,8 @@ } } -swift::ringsync{["account","container","object"]: - ring_server => '%(CONFIG_SWIFT_BUILDER_HOST)s', +swift::ringsync{ ["account", "container", "object"]: + ring_server => '%(CONFIG_CONTROLLER_HOST)s', before => Class['swift::storage::all'], require => Class['swift'], } - - diff --git a/tests/installer/test_sequences.py b/tests/installer/test_sequences.py index 55c8b126c..a7bcf5c35 100644 --- a/tests/installer/test_sequences.py +++ b/tests/installer/test_sequences.py @@ -39,7 +39,7 @@ def test_run(self): """ Test packstack.instaler.core.sequences.Step run. """ - def func(config): + def func(config, messages): if 'test' not in config: raise AssertionError('Missing config value.') @@ -59,11 +59,11 @@ def setUp(self): self._stdout = sys.stdout sys.stdout = StringIO.StringIO() - self.steps = [{'name': '1', 'function': lambda x: True, + self.steps = [{'name': '1', 'function': lambda x, y: True, 'title': 'Step 1'}, - {'name': '2', 'function': lambda x: True, + {'name': '2', 'function': lambda x, y: True, 'title': 'Step 2'}, - {'name': '3', 'function': lambda x: True, + {'name': '3', 'function': lambda x, y: True, 'title': 'Step 3'}] self.seq = Sequence('test', self.steps, condition='test', diff --git a/tox.ini b/tox.ini index 2b2916823..6c5454605 100644 --- a/tox.ini +++ b/tox.ini @@ -18,8 +18,7 @@ downloadcache = ~/cache/pip [testenv:pep8] deps=pep8==1.2 commands = pep8 --exclude=*.pyc --repeat --show-source \ - packstack/modules tests setup.py packstack/installer/utils \ - packstack/installer/processors.py + packstack/modules packstack/plugins tests setup.py [testenv:cover] From 8d1b31ee2d2bb47b70d5118eb8458585032b5698 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Thu, 22 May 2014 11:22:34 +0200 Subject: [PATCH 0012/1017] Add Automation for generating the packstack man page - packstack/installer/run_setup.py: Modified a little bit the printOptions() function to get a better rendering (more rst file friendly). - docs/conf.py: The code added is largely inspired by the printOptions() function. - This should definitely keep the man page synchronized with code ! Change-Id: I4b899d6b78be860da1ec05341e2f7a36a4c4f71c --- .gitignore | 2 + docs/Makefile | 1 + docs/conf.py | 27 +- docs/packstack.rst | 469 +------------------------------ packstack/installer/run_setup.py | 3 +- 5 files changed, 31 insertions(+), 471 deletions(-) diff --git a/.gitignore b/.gitignore index 726885683..188c866ae 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ *.log .tox packstack.egg-info +docs/_build/* +docs/general_options.rst diff --git a/docs/Makefile b/docs/Makefile index b91aa0b97..f42ca16e9 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -40,6 +40,7 @@ help: clean: -rm -rf $(BUILDDIR)/* + -rm -rf general_options.rst html: $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html diff --git a/docs/conf.py b/docs/conf.py index 938dcdad2..b21c9a2b8 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -11,10 +11,33 @@ # All configuration values have a default; values that are commented out # serve to show the default. -import sys, os +import sys +import os + +sys.path.append("..") +sys.path.insert(0, os.path.join(os.path.split(sys.argv[0])[0], "..")) +import packstack + +os.environ["INSTALLER_PROJECT_DIR"] = os.path.abspath(os.path.split(packstack.__file__)[0]) -sys.path.append('..') from packstack import version as packstackversion +from packstack.installer import run_setup +run_setup.loadPlugins() +run_setup.initPluginsConfig() + +with open("general_options.rst", 'w') as f: + for group in run_setup.controller.getAllGroups(): + f.write("%s\n" % group.DESCRIPTION) + f.write("-" * len(group.DESCRIPTION)) + f.write("\n\n") + + for param in group.parameters.itervalues(): + cmdOption = param.CONF_NAME + paramUsage = param.USAGE + optionsList = param.OPTION_LIST or "" + f.write("%s\n" % (("**%s**"%str(cmdOption)).ljust(30))) + f.write(" %s %s" % (paramUsage, optionsList)) + f.write("\n\n") # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the diff --git a/docs/packstack.rst b/docs/packstack.rst index b7f9fe496..ca15e4aa0 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -21,475 +21,8 @@ The third option allows the user to generate a default answer file, edit the def OPTIONS ======= -Global Options --------------- +.. include:: general_options.rst -**CONFIG_GLANCE_INSTALL** - Set to 'y' if you would like Packstack to install Glance ['y', 'n']. - -**CONFIG_CINDER_INSTALL** - Set to 'y' if you would like Packstack to install Cinder ['y', 'n']. - -**CONFIG_NOVA_INSTALL** - Set to 'y' if you would like Packstack to install Nova ['y', 'n']. - -**CONFIG_HORIZON_INSTALL** - Set to 'y' if you would like Packstack to install Horizon ['y', 'n']. - -**CONFIG_SWIFT_INSTALL** - Set to 'y' if you would like Packstack to install Swift ['y', 'n']. - -**CONFIG_CLIENT_INSTALL** - Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. - -**CONFIG_NTP_SERVERS** - Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances.. - -**CONFIG_NAGIOS_INSTALL** - Set to 'y' if you would like Packstack to install Nagios to monitor openstack hosts ['y', 'n']. - -**CONFIG_CEILOMETER_INSTALL** - Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer). - -**CONFIG_HEAT_INSTALL** - Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat). - -**CONFIG_NEUTRON_INSTALL** - Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). - -**CONFIG_MYSQL_INSTALL** - Set to 'y' if you would like Packstack to install MySQL. - - -SSH Configs ------------- - -**CONFIG_SSH_KEY** - Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again. - -MySQL Config parameters ------------------------ - -**CONFIG_MYSQL_HOST** - The IP address of the server on which to install MySQL. - -**CONFIG_MYSQL_USER** - Username for the MySQL admin user. - -**CONFIG_MYSQL_PW** - Password for the MySQL admin user. - -QPID Config parameters ----------------------- - -**CONFIG_QPID_HOST** - The IP address of the server on which to install the QPID service. - -**CONFIG_QPID_ENABLE_SSL** - Enable SSL for the QPID service. - -**CONFIG_QPID_NSS_CERTDB_PW** - The password for the NSS certificate database of the QPID service. - -**CONFIG_QPID_SSL_PORT** - The port in which the QPID service listens to SSL connections. - -**CONFIG_QPID_SSL_CERT_FILE** - The filename of the certificate that the QPID service is going to use. - -**CONFIG_QPID_SSL_KEY_FILE** - The filename of the private key that the QPID service is going to use. - -**CONFIG_QPID_SSL_SELF_SIGNED** - Auto Generates self signed SSL certificate and key. - -Keystone Config parameters --------------------------- - -**CONFIG_KEYSTONE_HOST** - The IP address of the server on which to install Keystone. - -**CONFIG_KEYSTONE_DB_PW** - The password to use for the Keystone to access DB. - -**CONFIG_KEYSTONE_ADMIN_TOKEN** - The token to use for the Keystone service api. - -**CONFIG_KEYSTONE_ADMIN_PW** - The password to use for the Keystone admin user. - -**CONFIG_KEYSTONE_DEMO_PW** - The password to use for the Keystone demo user - -**CONFIG_KEYSTONE_TOKEN_FORMAT** - Kestone token format. Use either UUID or PKI - -Glance Config parameters ------------------------- - -**CONFIG_GLANCE_HOST** - The IP address of the server on which to install Glance. - -**CONFIG_GLANCE_DB_PW** - The password to use for the Glance to access DB. - -**CONFIG_GLANCE_KS_PW** - The password to use for the Glance to authenticate with Keystone. - -Cinder Config parameters ------------------------- - -**CONFIG_CINDER_HOST** - The IP address of the server on which to install Cinder. - -**CONFIG_CINDER_DB_PW** - The password to use for the Cinder to access DB. - -**CONFIG_CINDER_KS_PW** - The password to use for the Cinder to authenticate with Keystone. - -**CONFIG_CINDER_BACKEND** - The Cinder backend to use ['lvm', 'gluster', 'nfs']. - -Cinder volume create Config parameters --------------------------------------- - -**CONFIG_CINDER_VOLUMES_CREATE** - Create Cinder's volumes group ['y', 'n']. - -Cinder volume size Config parameters ------------------------------------- - -**CONFIG_CINDER_VOLUMES_SIZE** - Cinder's volumes group size. - -Cinder gluster Config parameters --------------------------------- - -**CONFIG_CINDER_GLUSTER_MOUNTS** - A single or comma separated list of gluster volume shares. - -Cinder NFS Config parameters ----------------------------- - -**CONFIG_CINDER_NFS_MOUNTS** - A single or comma separated list of NFS exports to mount. - -Nova Options ------------- - -**CONFIG_NOVA_API_HOST** - The IP address of the server on which to install the Nova API service. - -**CONFIG_NOVA_CERT_HOST** - The IP address of the server on which to install the Nova Cert service. - -**CONFIG_NOVA_VNCPROXY_HOST** - The IP address of the server on which to install the Nova VNC proxy. - -**CONFIG_NOVA_COMPUTE_HOSTS** - A comma separated list of IP addresses on which to install the Nova Compute services. - -**CONFIG_NOVA_COMPUTE_PRIVIF** - Private interface for Flat DHCP on the Nova compute servers. - -**CONFIG_NOVA_NETWORK_HOSTS** - List of IP address of the servers on which to install the Nova Network service. - -**CONFIG_NOVA_DB_PW** - The password to use for the Nova to access DB. - -**CONFIG_NOVA_KS_PW** - The password to use for the Nova to authenticate with Keystone. - -**CONFIG_NOVA_NETWORK_PUBIF** - Public interface on the Nova network server. - -**CONFIG_NOVA_NETWORK_PRIVIF** - Private interface for Flat DHCP on the Nova network server. - -**CONFIG_NOVA_NETWORK_FIXEDRANGE** - IP Range for Flat DHCP ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. - -**CONFIG_NOVA_NETWORK_FLOATRANGE** - IP Range for Floating IP's ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. - -**CONFIG_NOVA_SCHED_HOST** - The IP address of the server on which to install the Nova Scheduler service. - -**CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO** - The overcommitment ratio for virtual to physical CPUs. Set to 1.0 to disable CPU overcommitment. - -**CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO** - The overcommitment ratio for virtual to physical RAM. Set to 1.0 to disable RAM overcommitment. - -**CONFIG_NOVA_CONDUCTOR_HOST** - The IP address of the server on which to install the Nova Conductor service. - -**CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** - Automatically assign a floating IP to new instances. - -**CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL** - Name of the default floating pool to which the specified floating ranges are added to. - -**CONFIG_NOVA_NETWORK_MANAGER** - Nova network manager. - -**CONFIG_NOVA_NETWORK_NUMBER** - Number of networks to support. - -**CONFIG_NOVA_NETWORK_SIZE** - Number of addresses in each private subnet. - -**CONFIG_NOVA_NETWORK_VLAN_START** - First VLAN for private networks. - -NOVACLIENT Config parameters ----------------------------- - -**CONFIG_OSCLIENT_HOST** - The IP address of the server on which to install the OpenStack client packages. An admin "rc" file will also be installed. - -OpenStack Horizon Config parameters ------------------------------------ - -**CONFIG_HORIZON_HOST** - The IP address of the server on which to install Horizon. - -**CONFIG_HORIZON_SSL** - To set up Horizon communication over https set this to "y" ['y', 'n']. - -**CONFIG_SSL_CERT** - PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase. - -**CONFIG_SSL_KEY** - Keyfile corresponding to the certificate if one was entered. - -OpenStack Swift Config parameters ---------------------------------- - -**CONFIG_SWIFT_PROXY_HOSTS** - The IP address on which to install the Swift proxy service. - -**CONFIG_SWIFT_KS_PW** - The password to use for the Swift to authenticate with Keystone. - -**CONFIG_SWIFT_STORAGE_HOSTS** - A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format [/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device(packstack does not create the filesystem, you must do this first), if /dev is omitted Packstack will create a loopback device for a test setup. - -**CONFIG_SWIFT_STORAGE_ZONES** - Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured. - -**CONFIG_SWIFT_STORAGE_REPLICAS** - Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured. - -**CONFIG_SWIFT_STORAGE_FSTYPE** - FileSystem type for storage nodes ['xfs', 'ext4']. - -**CONFIG_SWIFT_HASH** - Shared secret for Swift. - -Server Prepare Configs ----------------------- - -**CONFIG_USE_EPEL** - Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. - -**CONFIG_REPO** - A comma separated list of URLs to any additional yum repositories to install. - -**CONFIG_RH_USER** - To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_PW**. - -**CONFIG_RH_PW** - To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_USER**. - -**CONFIG_RH_BETA_REPO** - To subscribe each server with Red Hat subscription manager, to Red Hat Beta RPM's ['y', 'n']. - -**CONFIG_SATELLITE_URL** - To subscribe each server with RHN Satellite,fill Satellite's URL here. Note that either satellite's username/password or activation key has to be provided. - -RHN Satellite config --------------------- - -**CONFIG_SATELLITE_USER** - Username to access RHN Satellite. - -**CONFIG_SATELLITE_PW** - Password to access RHN Satellite. - -**CONFIG_SATELLITE_AKEY** - Activation key for subscription to RHN Satellite. - -**CONFIG_SATELLITE_CACERT** - Specify a path or URL to a SSL CA certificate to use. - -**CONFIG_SATELLITE_PROFILE** - If required specify the profile name that should be used as an identifier for the system in RHN Satellite. - -**CONFIG_SATELLITE_FLAGS** - Comma separated list of flags passed to rhnreg_ks. Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', 'norhnsd', 'nopackages']. - -**CONFIG_SATELLITE_PROXY** - Specify a HTTP proxy to use with RHN Satellite. - -RHN Satellite proxy config --------------------------- - -**CONFIG_SATELLITE_PROXY_USER** - Specify a username to use with an authenticated HTTP proxy. - -**CONFIG_SATELLITE_PROXY_PW** - Specify a password to use with an authenticated HTTP proxy. - -Nagios Config parameters ------------------------- - -**CONFIG_NAGIOS_HOST** - The IP address of the server on which to install the Nagios server. - -**CONFIG_NAGIOS_PW** - The password of the nagiosadmin user on the Nagios server. - -Ceilometer Config Parameters ----------------------------- - -**CONFIG_CEILOMETER_HOST** - The IP address of the server on which to install Ceilometer. - -**CONFIG_CEILOMETER_SECRET** - Secret key for signing metering messages. - -**CONFIG_CEILOMETER_KS_PW** - The password to use for Ceilometer to authenticate with Keystone. - -Heat Config Parameters ----------------------- - -**CONFIG_HEAT_HOST** - The IP address of the server on which to install Heat service. - -**CONFIG_HEAT_DB_PW** - The password used by Heat user to authenticate against MySQL. - -**CONFIG_HEAT_KS_PW** - The password to use for the Heat to authenticate with Keystone. - -**CONFIG_HEAT_CLOUDWATCH_INSTALL** - Set to 'y' if you would like Packstack to install Heat CloudWatch API. - -**CONFIG_HEAT_CFN_INSTALL** - Set to 'y' if you would like Packstack to install Heat CloudFormation API. - -**CONFIG_HEAT_CLOUDWATCH_HOST** - The IP address of the server on which to install Heat CloudWatch API service. - -**CONFIG_HEAT_CFN_HOST** - The IP address of the server on which to install Heat CloudFormation API. - -Neutron Config Parameters -------------------------- - -**CONFIG_NEUTRON_SERVER_HOST** - The IP addresses of the server on which to install the Neutron server. - -**CONFIG_NEUTRON_KS_PW** - The password to use for Neutron to authenticate with Keystone. - -**CONFIG_NEUTRON_DB_PW** - The password to use for Neutron to access DB. - -**CONFIG_NEUTRON_L3_HOSTS** - A comma separated list of IP addresses on which to install Neutron L3 agent. - -**CONFIG_NEUTRON_L3_EXT_BRIDGE** - The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. - -**CONFIG_NEUTRON_DHCP_HOSTS** - A comma separated list of IP addresses on which to install Neutron DHCP agent. - -**CONFIG_NEUTRON_L2_PLUGIN** - The name of the L2 plugin to be used with Neutron. - -**CONFIG_NEUTRON_METADATA_HOSTS** - A comma separated list of IP addresses on which to install Neutron metadata agent. - -**CONFIG_NEUTRON_METADATA_PW** - A comma separated list of IP addresses on which to install Neutron metadata agent. - -**CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE** - The type of network to allocate for tenant networks (eg. vlan, local, gre). - -**CONFIG_NEUTRON_LB_VLAN_RANGES** - A comma separated list of VLAN ranges for the Neutron linuxbridge plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). - -**CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** - A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). - -**CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE** - Type of network to allocate for tenant networks (eg. vlan, local, gre). - -**CONFIG_NEUTRON_OVS_VLAN_RANGES** - A comma separated list of VLAN ranges for the Neutron openvswitch plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). - -**CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** - A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). - -**CONFIG_NEUTRON_OVS_BRIDGE_IFACES** - A comma separated list of colon-separated OVS brid. - -**CONFIG_NEUTRON_OVS_TUNNEL_RANGES** - A comma separated list of tunnel ranges for the Neutron openvswitch plugin. - -**CONFIG_NEUTRON_OVS_TUNNEL_IF** - Override the IP used for GRE tunnels on this hypervisor to the IP found on the specified interface (defaults to the HOST IP). - -**CONFIG_NEUTRON_ML2_TYPE_DRIVERS** - A comma separated list of network type (eg: local, flat, vlan, gre, vxlan). - -**CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES** - A comma separated ordered list of network_types to allocate as tenant networks (eg: local, flat, vlan, gre, vxlan). The value 'local' is only useful for single-box testing but provides no connectivity between hosts. - -**CONFIG_NEUTRON_ML2_SM_DRIVERS** - A comma separated ordered list of networking mechanism driver entrypoints to be loaded from the **neutron.ml2.mechanism_drivers** namespace (eg: logger, test, linuxbridge, openvswitch, hyperv, ncs, arista, cisco_nexus, l2population). - -**CONFIG_NEUTRON_ML2_FLAT_NETWORKS** - A comma separated list of physical_network names with which flat networks can be created. Use * to allow flat networks with arbitrary physical_network names. - -**CONFIG_NEUTRON_ML2_VLAN_RANGES** - A comma separated list of **::** or **** specifying physical_network names usable for VLAN provider and tenant networks, as well as ranges of VLAN tags on each available for allocation to tenant networks. - -**CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES** - A comma separated list of **:** tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation. Should be an array with **tun_max +1 - tun_min > 1000000**. - -**CONFIG_NEUTRON_ML2_VXLAN_GROUP** - Multicast group for VXLAN. If unset, disables VXLAN enable sending allocate broadcast traffic to this multicast group. When left unconfigured, will disable multicast VXLAN mode. Should be an **Multicast IP (v4 or v6)** address. - -**CONFIG_NEUTRON_ML2_VNI_RANGES** - A comma separated list of **:** tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. - - -Provision Config Parameters ---------------------------- - -**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE** - Whether to configure the ovs external bridge in an all-in-one deployment. - -**CONFIG_PROVISION_DEMO** - Whether to provision for demo usage and testing. - -**CONFIG_PROVISION_DEMO_FLOATRANGE** - The CIDR network address for the floating IP subnet. - -**CONFIG_PROVISION_TEMPEST** - Whether to configure tempest for testing. - -**CONFIG_PROVISION_TEMPEST_REPO_REVISION** - The revision of the tempest git repository to use. - -**CONFIG_PROVISION_TEMPEST_REPO_URI** - The uri of the tempest git repository to use. Log files and Debug info diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 54875251b..624343a96 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -747,7 +747,8 @@ def printOptions(): cmdOption = param.CONF_NAME paramUsage = param.USAGE optionsList = param.OPTION_LIST or "" - print "%s : %s %s"%(("**%s**"%str(cmdOption)).ljust(30), paramUsage, optionsList) + print "%s" % (("**%s**"%str(cmdOption)).ljust(30)) + print " %s %s" % (paramUsage, optionsList) print def plugin_compare(x, y): From 5bf447ad3cb360a5e6fdedbda31078f04531dc47 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 22 May 2014 16:08:26 +0200 Subject: [PATCH 0013/1017] Install Ceilometer notification agent This agent is not currently being installed, but it is required to have Ceilometer functional. Change-Id: I30e5c51fec0b8afed46949a80c8240961eaf690a Fixes: rhbz#1096268 --- packstack/puppet/templates/ceilometer.pp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index 966b19283..d7d3c43a2 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -5,6 +5,9 @@ class { 'ceilometer::collector': } +class { 'ceilometer::agent::notification': +} + class { 'ceilometer::agent::auth': auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', auth_password => '%(CONFIG_CEILOMETER_KS_PW)s', From 4680bc9351042dde8af2dd66ca5b7cf363fd033b Mon Sep 17 00:00:00 2001 From: David Xie Date: Fri, 23 May 2014 16:28:41 +0800 Subject: [PATCH 0014/1017] README file needs to be updated Should add a step to install puppet modules before running packstack Change-Id: I5abd66a77cf438f6aae2f2dbc4e68dbc09e3782c Fixes: launchpad#1322430 --- README | 1 + 1 file changed, 1 insertion(+) diff --git a/README b/README index a571c1d2e..51a76182a 100644 --- a/README +++ b/README @@ -11,6 +11,7 @@ Installation $ yum install -y git $ git clone --recursive git://github.com/stackforge/packstack.git $ cd packstack +$ python setup.py install_puppet_modules Option 1 (using answer file) $ ./bin/packstack --gen-answer-file=ans.txt From 02d628f24ebe4f4d44c50183057e2038707e8726 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 23 May 2014 12:41:41 +0200 Subject: [PATCH 0015/1017] Update README - Reformatted paragraph about required steps before running Packstack from source. - Removed .gitmodules file as we don't need anymore. Change-Id: I270c245a2ea3b9bd964e4a638df5e83b6d946e1c --- .gitmodules | 96 ----------------------------------------------------- README | 16 +++++---- 2 files changed, 9 insertions(+), 103 deletions(-) delete mode 100644 .gitmodules diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index 3b435ee38..000000000 --- a/.gitmodules +++ /dev/null @@ -1,96 +0,0 @@ -[submodule "packstack/puppet/modules/glance"] - path = packstack/puppet/modules/glance - url = https://github.com/stackforge/puppet-glance.git -[submodule "packstack/puppet/modules/horizon"] - path = packstack/puppet/modules/horizon - url = https://github.com/stackforge/puppet-horizon.git -[submodule "packstack/puppet/modules/keystone"] - path = packstack/puppet/modules/keystone - url = https://github.com/packstack/puppet-keystone.git -[submodule "packstack/puppet/modules/nova"] - path = packstack/puppet/modules/nova - url = https://github.com/stackforge/puppet-nova.git -[submodule "packstack/puppet/modules/openstack"] - path = packstack/puppet/modules/openstack - url = https://github.com/stackforge/puppet-openstack.git -[submodule "packstack/puppet/modules/swift"] - path = packstack/puppet/modules/swift - url = https://github.com/stackforge/puppet-swift.git -[submodule "packstack/puppet/modules/cinder"] - path = packstack/puppet/modules/cinder - url = https://github.com/stackforge/puppet-cinder.git -[submodule "packstack/puppet/modules/stdlib"] - path = packstack/puppet/modules/stdlib - url = https://github.com/puppetlabs/puppetlabs-stdlib.git -[submodule "packstack/puppet/modules/sysctl"] - path = packstack/puppet/modules/sysctl - url = https://github.com/puppetlabs/puppetlabs-sysctl.git -[submodule "packstack/puppet/modules/mysql"] - path = packstack/puppet/modules/mysql - url = https://github.com/packstack/puppetlabs-mysql.git -[submodule "packstack/puppet/modules/concat"] - path = packstack/puppet/modules/concat - url = https://github.com/ripienaar/puppet-concat.git -[submodule "packstack/puppet/modules/rsync"] - path = packstack/puppet/modules/rsync - url = https://github.com/puppetlabs/puppetlabs-rsync.git -[submodule "packstack/puppet/modules/xinetd"] - path = packstack/puppet/modules/xinetd - url = https://github.com/packstack/puppetlabs-xinetd.git -[submodule "packstack/puppet/modules/apache"] - path = packstack/puppet/modules/apache - url = https://github.com/puppetlabs/puppetlabs-apache.git -[submodule "packstack/puppet/modules/firewall"] - path = packstack/puppet/modules/firewall - url = https://github.com/puppetlabs/puppetlabs-firewall.git -[submodule "packstack/puppet/modules/memcached"] - path = packstack/puppet/modules/memcached - url = https://github.com/saz/puppet-memcached.git -[submodule "packstack/puppet/modules/ssh"] - path = packstack/puppet/modules/ssh - url = https://github.com/saz/puppet-ssh.git -[submodule "packstack/puppet/modules/inifile"] - path = packstack/puppet/modules/inifile - url = https://github.com/puppetlabs/puppetlabs-inifile.git -[submodule "packstack/puppet/modules/qpid"] - path = packstack/puppet/modules/qpid - url = https://github.com/dprince/puppet-qpid -[submodule "packstack/puppet/modules/vlan"] - path = packstack/puppet/modules/vlan - url = https://github.com/derekhiggins/puppet-vlan.git -[submodule "packstack/puppet/modules/vswitch"] - path = packstack/puppet/modules/vswitch - url = https://github.com/stackforge/puppet-vswitch.git -[submodule "packstack/puppet/modules/tempest"] - path = packstack/puppet/modules/tempest - url = git://github.com/stackforge/puppet-tempest.git -[submodule "packstack/puppet/modules/vcsrepo"] - path = packstack/puppet/modules/vcsrepo - url = https://github.com/puppetlabs/puppetlabs-vcsrepo.git -[submodule "packstack/puppet/modules/neutron"] - path = packstack/puppet/modules/neutron - url = https://github.com/stackforge/puppet-neutron.git -[submodule "packstack/puppet/modules/haproxy"] - path = packstack/puppet/modules/haproxy - url = https://github.com/puppetlabs/puppetlabs-haproxy.git -[submodule "packstack/puppet/modules/ceilometer"] - path = packstack/puppet/modules/ceilometer - url = https://github.com/stackforge/puppet-ceilometer.git -[submodule "packstack/puppet/modules/mongodb"] - path = packstack/puppet/modules/mongodb - url = https://github.com/puppetlabs/puppetlabs-mongodb.git -[submodule "packstack/puppet/modules/heat"] - path = packstack/puppet/modules/heat - url = https://github.com/packstack/puppet-heat.git -[submodule "packstack/puppet/modules/pacemaker"] - path = packstack/puppet/modules/pacemaker - url = https://github.com/radez/puppet-pacemaker.git -[submodule "packstack/puppet/modules/certmonger"] - path = packstack/puppet/modules/certmonger - url = git://github.com/rcritten/puppet-certmonger.git -[submodule "packstack/puppet/modules/nssdb"] - path = packstack/puppet/modules/nssdb - url = https://github.com/rcritten/puppet-nssdb.git -[submodule "packstack/puppet/modules/gluster"] - path = packstack/puppet/modules/gluster - url = https://github.com/redhat-openstack/puppet-openstack-storage.git diff --git a/README b/README index 51a76182a..5b6731ebe 100644 --- a/README +++ b/README @@ -7,14 +7,16 @@ group of hosts (over ssh) This utility is still in the early stages, a lot of the configuration options have yet to be added -Installation +Installation of packstack: $ yum install -y git -$ git clone --recursive git://github.com/stackforge/packstack.git -$ cd packstack -$ python setup.py install_puppet_modules +$ git clone git://github.com/stackforge/packstack.git +$ cd packstack && sudo python setup.py install + +Installation of openstack-puppet-modules (REQUIRED if running packstack from source): +$ sudo python setup.py install_puppet_modules Option 1 (using answer file) -$ ./bin/packstack --gen-answer-file=ans.txt +$ packstack --gen-answer-file=ans.txt # then edit ans.txt as appropriate e.g. o set CONFIG_SSH_KEY to a public ssh key to be installed to remote machines @@ -25,10 +27,10 @@ you'll need to use a icehouse repository for example for RHEL CONFIG_REPO=http://repos.fedorapeople.org/repos/openstack/openstack-icehouse/epel-6/ -$ ./bin/packstack --answer-file=ans.txt +$ packstack --answer-file=ans.txt Option 2 (prompts for configuration options) -$ ./bin/packstack +$ packstack that's it, if everything went well you can now start using openstack $ cd From 8b250d28faaf18195f1d0f54962f970d6f61ead0 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 27 May 2014 15:13:20 +0200 Subject: [PATCH 0016/1017] Removed show-breaking hack This patch removes hack for Listen directive. It should not be needed for newer puppet-horizon module and the hack breaks installation with puppet-horizon module in stable/icehouse. OPM PR: https://github.com/redhat-openstack/openstack-puppet-modules/pull/51 Fixes: rhbz#1093949 Change-Id: I18039d5e85f4e2cd5ba2ea01433d3d22cd4293bc --- packstack/puppet/templates/horizon.pp | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index dd5a86f8e..a39fa1bd1 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -33,16 +33,3 @@ persistent => true, } } - -#FIXME -# Ugly hack to avoid duplicate Listen directives on -# port 80 -file_line { 'undo_httpd_listen_on_bind_address_80': - path => $::horizon::params::httpd_listen_config_file, - match => '^.*Listen 0.0.0.0:?80$', - line => "#Listen 0.0.0.0:80", - require => Package['horizon'], - notify => Service[$::horizon::params::http_service], -} - -File_line['httpd_listen_on_bind_address_80'] -> File_line['undo_httpd_listen_on_bind_address_80'] From b78a942b905eadb7c4c14e4163663b82d18d98b6 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 26 May 2014 16:01:57 +0200 Subject: [PATCH 0017/1017] Parameter deprecation support This patch adds implementation of parameter deprecation system. Packstack will now check for deprecated parameters in answer file if current parameter is not found in answer file. Also support for default values have been added. Eg. when parameter is not found in answer file, Packstack tries to use default value instead of throwing exceptions. This will allow smaller answer files where only few parameters have to differ from default values. Change-Id: Id646a442e789221e5c31c9c151bcdfd118652e8f --- packstack/installer/core/parameters.py | 2 +- packstack/installer/run_setup.py | 43 ++++++++++++++++++++++---- packstack/plugins/amqp_002.py | 3 +- packstack/plugins/prescript_000.py | 26 ++++++++++++++-- packstack/plugins/swift_600.py | 3 +- 5 files changed, 65 insertions(+), 12 deletions(-) diff --git a/packstack/installer/core/parameters.py b/packstack/installer/core/parameters.py index 5636c1690..e27c5e0c1 100644 --- a/packstack/installer/core/parameters.py +++ b/packstack/installer/core/parameters.py @@ -11,7 +11,7 @@ class Parameter(object): allowed_keys = ('CONF_NAME', 'CMD_OPTION', 'USAGE', 'PROMPT', 'PROCESSORS', 'VALIDATORS', 'LOOSE_VALIDATION', 'DEFAULT_VALUE', 'USE_DEFAULT', 'OPTION_LIST', - 'MASK_INPUT', 'NEED_CONFIRM','CONDITION') + 'MASK_INPUT', 'NEED_CONFIRM', 'CONDITION', 'DEPRECATES') def __init__(self, attributes=None): attributes = attributes or {} diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 8dfc5ecda..605c58a1e 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -310,22 +310,53 @@ def _handleGroupCondition(config, conditionName, conditionValue): return conditionValue -def _loadParamFromFile(config, section, paramName): +def _loadParamFromFile(config, section, param_name): """ read param from file validate it and load to to global conf dict """ - # Get paramName from answer file + param = controller.getParamByName(param_name) + + # Get value from answer file try: - value = config.get(section, paramName) + value = config.get(section, param_name) except ConfigParser.NoOptionError: - raise KeyError('Parser cannot find option %s in ' - 'answer file.' % paramName) + value = None + # Check for deprecated parameters + deprecated = param.DEPRECATES if param.DEPRECATES is not None else [] + for old_name in deprecated: + try: + val = config.get(section, old_name) + except ConfigParser.NoOptionError: + continue + if not val: + # value is empty string + continue + if value is None: + value = val + if value != val: + raise ValueError('Parameter %(param_name)s deprecates ' + 'following parameters:\n%(deprecated)s.\n' + 'Please either use parameter %(param_name)s ' + 'or use same value for all deprecated ' + 'parameters.' % locals()) + if deprecated and value is not None: + controller.MESSAGES.append('Deprecated parameter has been used ' + 'in answer file. Please use parameter ' + '%(param_name)s next time. This ' + 'parameter deprecates following ' + 'parameters: %(deprecated)s.' + % locals()) + if value is None: + # Let's use default value if we have one + value = getattr(param, 'DEFAULT_VALUE', None) + if value is None: + raise KeyError('Parser cannot find option %s in answer file.' + % param_name) # Validate param value using its validation func - param = controller.getParamByName(paramName) value = process_param_value(param, value) validate_param_value(param, value) diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index 559a92eb7..a8e597fb5 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -37,7 +37,8 @@ def initConfig(controller): "CONF_NAME": "CONFIG_AMQP_BACKEND", "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_AMQP_SERVER']}, {"CMD_OPTION": "amqp-host", "USAGE": ("The IP address of the server on which to install the " diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 089235a80..02d6c33a3 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -264,7 +264,22 @@ def initConfig(controller): "LOOSE_VALIDATION": False, "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_CEILOMETER_HOST', + 'CONFIG_CINDER_HOST', + 'CONFIG_GLANCE_HOST', + 'CONFIG_HORIZON_HOST', + 'CONFIG_HEAT_HOST', + 'CONFIG_KEYSTONE_HOST', + 'CONFIG_NAGIOS_HOST', + 'CONFIG_NEUTRON_SERVER_HOST', + 'CONFIG_NEUTRON_LBAAS_HOSTS', + 'CONFIG_NOVA_API_HOST', + 'CONFIG_NOVA_CERT_HOST', + 'CONFIG_NOVA_VNCPROXY_HOST', + 'CONFIG_NOVA_SCHED_HOST', + 'CONFIG_OSCLIENT_HOST', + 'CONFIG_SWIFT_PROXY_HOSTS']}, {"CONF_NAME": "CONFIG_COMPUTE_HOSTS", "CMD_OPTION": "os-compute-hosts", @@ -280,7 +295,8 @@ def initConfig(controller): "LOOSE_VALIDATION": False, "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_NOVA_COMPUTE_HOSTS']}, {"CONF_NAME": "CONFIG_NETWORK_HOSTS", "CMD_OPTION": "os-network-hosts", @@ -297,7 +313,11 @@ def initConfig(controller): "LOOSE_VALIDATION": False, "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_NEUTRON_L3_HOSTS', + 'CONFIG_NEUTRON_DHCP_HOSTS', + 'CONFIG_NEUTRON_METADATA_HOSTS', + 'CONFIG_NOVA_NETWORK_HOSTS']}, {"CMD_OPTION": "os-vmware", "USAGE": ("Set to 'y' if you want to use VMware vCenter as hypervisor" diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 8ffd3f668..0ba6b7298 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -58,7 +58,8 @@ def initConfig(controller): "CONF_NAME": "CONFIG_SWIFT_STORAGES", "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_SWIFT_STORAGE_HOSTS']}, {"CMD_OPTION": "os-swift-storage-zones", "USAGE": ("Number of swift storage zones, this number MUST be " From d31fdb1f591cb365ba7f6f6518c62e6521b3200e Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 28 May 2014 18:16:08 +0200 Subject: [PATCH 0018/1017] Switch default packstack neutron l2 plugin to ml2 and switch segregation type to vxlan. Change-Id: I2ffb7f1905fb89e7f1bc502b6c4b7409702ec253 Closes-Bug: rhbz#1101134 --- packstack/plugins/neutron_350.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 3eddfe39d..99d7252e0 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -77,7 +77,7 @@ def initConfig(controller): "with Neutron"), "OPTION_LIST": ["linuxbridge", "openvswitch", "ml2"], "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "openvswitch", + "DEFAULT_VALUE": "ml2", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NEUTRON_L2_PLUGIN", @@ -172,7 +172,7 @@ def initConfig(controller): "networks"), "OPTION_LIST": ["local", "vlan", "gre", "vxlan"], "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "local", + "DEFAULT_VALUE": "vxlan", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE", @@ -293,7 +293,7 @@ def initConfig(controller): "entrypoints"), "OPTION_LIST": ["local", "flat", "vlan", "gre", "vxlan"], "VALIDATORS": [validators.validate_multi_options], - "DEFAULT_VALUE": "local", + "DEFAULT_VALUE": "vxlan", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "USE_DEFAULT": False, @@ -310,7 +310,7 @@ def initConfig(controller): "network_types to allocate as tenant networks"), "OPTION_LIST": ["local", "vlan", "gre", "vxlan"], "VALIDATORS": [validators.validate_multi_options], - "DEFAULT_VALUE": "local", + "DEFAULT_VALUE": "vxlan", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "USE_DEFAULT": False, @@ -417,7 +417,7 @@ def initConfig(controller): "available for tenant network allocation"), "OPTION_LIST": [], "VALIDATORS": [], - "DEFAULT_VALUE": "", + "DEFAULT_VALUE": "10:100", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "USE_DEFAULT": False, @@ -729,7 +729,7 @@ def create_l3_manifests(config, messages): ext_bridge = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] mapping = find_mapping(config['CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'], ext_bridge) if ext_bridge else None - if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch' and not mapping: + if config['CONFIG_NEUTRON_L2_AGENT'] == 'openvswitch' and not mapping: config['CONFIG_NEUTRON_OVS_BRIDGE'] = ext_bridge manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') appendManifestFile(manifestfile, manifestdata + '\n') From 2877033d2155b58fac9bc2e3c2e566bc092a2584 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 29 May 2014 13:59:51 +0200 Subject: [PATCH 0019/1017] Add compatibility fixes for innodb optimalisations on EL6 Change-Id: I17c4e2f6e05f00afcc8fbd67cb094576aec1f904 Closes-Bug: rhbz#1078999 --- .../puppet/modules/packstack/manifests/innodb.pp | 2 +- packstack/puppet/templates/mysql_install.pp | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/packstack/puppet/modules/packstack/manifests/innodb.pp b/packstack/puppet/modules/packstack/manifests/innodb.pp index 1416e2299..89342f5e2 100644 --- a/packstack/puppet/modules/packstack/manifests/innodb.pp +++ b/packstack/puppet/modules/packstack/manifests/innodb.pp @@ -28,7 +28,7 @@ if $clean { exec { 'clean_innodb_logs': - path => ['/usr/bin', '/bin', '/usr/sbin'], + path => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'], command => "service mysqld stop && rm -f /var/lib/mysql/ib_logfile?", onlyif => "ls /var/lib/mysql/ib_logfile?", notify => Service['mysqld'], diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index 533e65323..f65d53a35 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -1,6 +1,20 @@ +# on EL6 we need to wait for innodb changes before starting mysqld +if $::operatingsystem in ['RedHat','Centos','Scientific'] and $::operatingsystemrelease < 7 { + $manage_service = false + service { 'mysqld': + enable => true, + ensure => 'running', + require => [ Package["mariadb-galera-server"], File['/etc/my.cnf'] ], + before => Exec['set_mysql_rootpw'], + } +} else { + $manage_service = true +} + class {"mysql::server": package_name => "mariadb-galera-server", + manage_service => $manage_service, config_hash => {bind_address => "0.0.0.0", default_engine => "InnoDB", root_password => "%(CONFIG_MYSQL_PW)s",} From d9f3929dd7a4761282edcd6342518d5ec32dbcb3 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 29 May 2014 14:13:37 +0200 Subject: [PATCH 0020/1017] Fallback for qemu-kvm In case when qemu-kvm-rhev is not available (RDO), packstack should fallback to qemu-kvm package. Change-Id: I5d41a1db1f613e6c153ff02eaf13f1b6c4f0f48a --- .../puppet/templates/nova_compute_libvirt.pp | 21 ++++++------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index 7742220cd..b93f6ae33 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -14,21 +14,12 @@ "libvirt/inject_partition": value => "-1"; } -case $::operatingsystem { - 'Fedora': { - $qemu_package = 'qemu-kvm' - } - 'RedHat', 'CentOS': { - $qemu_package = 'qemu-kvm-rhev' - } - default: { - $qemu_package = 'qemu-kvm' - } -} - -package { 'qemu-kvm': - name => $qemu_package, - ensure => installed, +# We need to preferably install qemu-kvm-rhev +exec { 'qemu-kvm': + path => '/usr/bin', + command => 'yum install -y qemu-kvm', + onlyif => 'yum install -y qemu-kvm-rhev && exit 1 || exit 0', + before => Class['nova::compute::libvirt'] } class { 'nova::compute::libvirt': From bcfcdb281a946913a40afcfc4062d809772bd51e Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 30 May 2014 14:23:11 +0200 Subject: [PATCH 0021/1017] Fixup fallback for qemu-kvm by silencing yum When running packstack with --debug it mistakes error from yum as an error from puppet and fails. We just make sure yum keep quiet. Change-Id: I43b78965f51ca38dc35616ee05b460bcd5efa71e --- packstack/puppet/templates/nova_compute_libvirt.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index b93f6ae33..c94835053 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -17,8 +17,8 @@ # We need to preferably install qemu-kvm-rhev exec { 'qemu-kvm': path => '/usr/bin', - command => 'yum install -y qemu-kvm', - onlyif => 'yum install -y qemu-kvm-rhev && exit 1 || exit 0', + command => 'yum install -y -d 0 -e 0 qemu-kvm', + onlyif => 'yum install -y -d 0 -e 0 qemu-kvm-rhev &> /dev/null && exit 1 || exit 0', before => Class['nova::compute::libvirt'] } From 78553bd957604e3579967497c299e1235bc79618 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Thu, 29 May 2014 10:10:22 -0600 Subject: [PATCH 0022/1017] firewalld workaround RHEL 7 and Fedora 20 uses firewalld by default so iptables rules were not being persistent through reboots. This patch disables firewalld so we can continue using the iptables rules while we come up with an integral workaround. Fixes: rhbz#1099840 Conflicts: packstack/puppet/templates/horizon.pp Change-Id: I123e546721632f52430288352c87c4b33d6328ec --- packstack/puppet/templates/prescript.pp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index eecf77016..179a33719 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -18,3 +18,11 @@ warning => "${info}${warning}" } } + +# Stop firewalld since everything uses iptables +# for now + +service { "firewalld": + ensure => "stopped", + enable => false, +} From c293bf8f4b65f9b9f737ef547513f8e0c2c77621 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Fri, 30 May 2014 20:58:39 +0200 Subject: [PATCH 0023/1017] Revert "Add Automation for generating the packstack man page" This breaks koji build process, needs to be reverted for now This reverts commit 8d1b31ee2d2bb47b70d5118eb8458585032b5698. Change-Id: Ieb9152206bb2b3c3b7da5bfbe60bf379de30f20e --- .gitignore | 2 - docs/Makefile | 1 - docs/conf.py | 27 +- docs/packstack.rst | 469 ++++++++++++++++++++++++++++++- packstack/installer/run_setup.py | 3 +- 5 files changed, 471 insertions(+), 31 deletions(-) diff --git a/.gitignore b/.gitignore index 188c866ae..726885683 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,3 @@ *.log .tox packstack.egg-info -docs/_build/* -docs/general_options.rst diff --git a/docs/Makefile b/docs/Makefile index f42ca16e9..b91aa0b97 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -40,7 +40,6 @@ help: clean: -rm -rf $(BUILDDIR)/* - -rm -rf general_options.rst html: $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html diff --git a/docs/conf.py b/docs/conf.py index b21c9a2b8..938dcdad2 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -11,33 +11,10 @@ # All configuration values have a default; values that are commented out # serve to show the default. -import sys -import os - -sys.path.append("..") -sys.path.insert(0, os.path.join(os.path.split(sys.argv[0])[0], "..")) -import packstack - -os.environ["INSTALLER_PROJECT_DIR"] = os.path.abspath(os.path.split(packstack.__file__)[0]) +import sys, os +sys.path.append('..') from packstack import version as packstackversion -from packstack.installer import run_setup -run_setup.loadPlugins() -run_setup.initPluginsConfig() - -with open("general_options.rst", 'w') as f: - for group in run_setup.controller.getAllGroups(): - f.write("%s\n" % group.DESCRIPTION) - f.write("-" * len(group.DESCRIPTION)) - f.write("\n\n") - - for param in group.parameters.itervalues(): - cmdOption = param.CONF_NAME - paramUsage = param.USAGE - optionsList = param.OPTION_LIST or "" - f.write("%s\n" % (("**%s**"%str(cmdOption)).ljust(30))) - f.write(" %s %s" % (paramUsage, optionsList)) - f.write("\n\n") # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the diff --git a/docs/packstack.rst b/docs/packstack.rst index ca15e4aa0..b7f9fe496 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -21,8 +21,475 @@ The third option allows the user to generate a default answer file, edit the def OPTIONS ======= -.. include:: general_options.rst +Global Options +-------------- +**CONFIG_GLANCE_INSTALL** + Set to 'y' if you would like Packstack to install Glance ['y', 'n']. + +**CONFIG_CINDER_INSTALL** + Set to 'y' if you would like Packstack to install Cinder ['y', 'n']. + +**CONFIG_NOVA_INSTALL** + Set to 'y' if you would like Packstack to install Nova ['y', 'n']. + +**CONFIG_HORIZON_INSTALL** + Set to 'y' if you would like Packstack to install Horizon ['y', 'n']. + +**CONFIG_SWIFT_INSTALL** + Set to 'y' if you would like Packstack to install Swift ['y', 'n']. + +**CONFIG_CLIENT_INSTALL** + Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. + +**CONFIG_NTP_SERVERS** + Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances.. + +**CONFIG_NAGIOS_INSTALL** + Set to 'y' if you would like Packstack to install Nagios to monitor openstack hosts ['y', 'n']. + +**CONFIG_CEILOMETER_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer). + +**CONFIG_HEAT_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat). + +**CONFIG_NEUTRON_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). + +**CONFIG_MYSQL_INSTALL** + Set to 'y' if you would like Packstack to install MySQL. + + +SSH Configs +------------ + +**CONFIG_SSH_KEY** + Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again. + +MySQL Config parameters +----------------------- + +**CONFIG_MYSQL_HOST** + The IP address of the server on which to install MySQL. + +**CONFIG_MYSQL_USER** + Username for the MySQL admin user. + +**CONFIG_MYSQL_PW** + Password for the MySQL admin user. + +QPID Config parameters +---------------------- + +**CONFIG_QPID_HOST** + The IP address of the server on which to install the QPID service. + +**CONFIG_QPID_ENABLE_SSL** + Enable SSL for the QPID service. + +**CONFIG_QPID_NSS_CERTDB_PW** + The password for the NSS certificate database of the QPID service. + +**CONFIG_QPID_SSL_PORT** + The port in which the QPID service listens to SSL connections. + +**CONFIG_QPID_SSL_CERT_FILE** + The filename of the certificate that the QPID service is going to use. + +**CONFIG_QPID_SSL_KEY_FILE** + The filename of the private key that the QPID service is going to use. + +**CONFIG_QPID_SSL_SELF_SIGNED** + Auto Generates self signed SSL certificate and key. + +Keystone Config parameters +-------------------------- + +**CONFIG_KEYSTONE_HOST** + The IP address of the server on which to install Keystone. + +**CONFIG_KEYSTONE_DB_PW** + The password to use for the Keystone to access DB. + +**CONFIG_KEYSTONE_ADMIN_TOKEN** + The token to use for the Keystone service api. + +**CONFIG_KEYSTONE_ADMIN_PW** + The password to use for the Keystone admin user. + +**CONFIG_KEYSTONE_DEMO_PW** + The password to use for the Keystone demo user + +**CONFIG_KEYSTONE_TOKEN_FORMAT** + Kestone token format. Use either UUID or PKI + +Glance Config parameters +------------------------ + +**CONFIG_GLANCE_HOST** + The IP address of the server on which to install Glance. + +**CONFIG_GLANCE_DB_PW** + The password to use for the Glance to access DB. + +**CONFIG_GLANCE_KS_PW** + The password to use for the Glance to authenticate with Keystone. + +Cinder Config parameters +------------------------ + +**CONFIG_CINDER_HOST** + The IP address of the server on which to install Cinder. + +**CONFIG_CINDER_DB_PW** + The password to use for the Cinder to access DB. + +**CONFIG_CINDER_KS_PW** + The password to use for the Cinder to authenticate with Keystone. + +**CONFIG_CINDER_BACKEND** + The Cinder backend to use ['lvm', 'gluster', 'nfs']. + +Cinder volume create Config parameters +-------------------------------------- + +**CONFIG_CINDER_VOLUMES_CREATE** + Create Cinder's volumes group ['y', 'n']. + +Cinder volume size Config parameters +------------------------------------ + +**CONFIG_CINDER_VOLUMES_SIZE** + Cinder's volumes group size. + +Cinder gluster Config parameters +-------------------------------- + +**CONFIG_CINDER_GLUSTER_MOUNTS** + A single or comma separated list of gluster volume shares. + +Cinder NFS Config parameters +---------------------------- + +**CONFIG_CINDER_NFS_MOUNTS** + A single or comma separated list of NFS exports to mount. + +Nova Options +------------ + +**CONFIG_NOVA_API_HOST** + The IP address of the server on which to install the Nova API service. + +**CONFIG_NOVA_CERT_HOST** + The IP address of the server on which to install the Nova Cert service. + +**CONFIG_NOVA_VNCPROXY_HOST** + The IP address of the server on which to install the Nova VNC proxy. + +**CONFIG_NOVA_COMPUTE_HOSTS** + A comma separated list of IP addresses on which to install the Nova Compute services. + +**CONFIG_NOVA_COMPUTE_PRIVIF** + Private interface for Flat DHCP on the Nova compute servers. + +**CONFIG_NOVA_NETWORK_HOSTS** + List of IP address of the servers on which to install the Nova Network service. + +**CONFIG_NOVA_DB_PW** + The password to use for the Nova to access DB. + +**CONFIG_NOVA_KS_PW** + The password to use for the Nova to authenticate with Keystone. + +**CONFIG_NOVA_NETWORK_PUBIF** + Public interface on the Nova network server. + +**CONFIG_NOVA_NETWORK_PRIVIF** + Private interface for Flat DHCP on the Nova network server. + +**CONFIG_NOVA_NETWORK_FIXEDRANGE** + IP Range for Flat DHCP ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. + +**CONFIG_NOVA_NETWORK_FLOATRANGE** + IP Range for Floating IP's ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. + +**CONFIG_NOVA_SCHED_HOST** + The IP address of the server on which to install the Nova Scheduler service. + +**CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO** + The overcommitment ratio for virtual to physical CPUs. Set to 1.0 to disable CPU overcommitment. + +**CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO** + The overcommitment ratio for virtual to physical RAM. Set to 1.0 to disable RAM overcommitment. + +**CONFIG_NOVA_CONDUCTOR_HOST** + The IP address of the server on which to install the Nova Conductor service. + +**CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** + Automatically assign a floating IP to new instances. + +**CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL** + Name of the default floating pool to which the specified floating ranges are added to. + +**CONFIG_NOVA_NETWORK_MANAGER** + Nova network manager. + +**CONFIG_NOVA_NETWORK_NUMBER** + Number of networks to support. + +**CONFIG_NOVA_NETWORK_SIZE** + Number of addresses in each private subnet. + +**CONFIG_NOVA_NETWORK_VLAN_START** + First VLAN for private networks. + +NOVACLIENT Config parameters +---------------------------- + +**CONFIG_OSCLIENT_HOST** + The IP address of the server on which to install the OpenStack client packages. An admin "rc" file will also be installed. + +OpenStack Horizon Config parameters +----------------------------------- + +**CONFIG_HORIZON_HOST** + The IP address of the server on which to install Horizon. + +**CONFIG_HORIZON_SSL** + To set up Horizon communication over https set this to "y" ['y', 'n']. + +**CONFIG_SSL_CERT** + PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase. + +**CONFIG_SSL_KEY** + Keyfile corresponding to the certificate if one was entered. + +OpenStack Swift Config parameters +--------------------------------- + +**CONFIG_SWIFT_PROXY_HOSTS** + The IP address on which to install the Swift proxy service. + +**CONFIG_SWIFT_KS_PW** + The password to use for the Swift to authenticate with Keystone. + +**CONFIG_SWIFT_STORAGE_HOSTS** + A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format [/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device(packstack does not create the filesystem, you must do this first), if /dev is omitted Packstack will create a loopback device for a test setup. + +**CONFIG_SWIFT_STORAGE_ZONES** + Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured. + +**CONFIG_SWIFT_STORAGE_REPLICAS** + Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured. + +**CONFIG_SWIFT_STORAGE_FSTYPE** + FileSystem type for storage nodes ['xfs', 'ext4']. + +**CONFIG_SWIFT_HASH** + Shared secret for Swift. + +Server Prepare Configs +---------------------- + +**CONFIG_USE_EPEL** + Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. + +**CONFIG_REPO** + A comma separated list of URLs to any additional yum repositories to install. + +**CONFIG_RH_USER** + To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_PW**. + +**CONFIG_RH_PW** + To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_USER**. + +**CONFIG_RH_BETA_REPO** + To subscribe each server with Red Hat subscription manager, to Red Hat Beta RPM's ['y', 'n']. + +**CONFIG_SATELLITE_URL** + To subscribe each server with RHN Satellite,fill Satellite's URL here. Note that either satellite's username/password or activation key has to be provided. + +RHN Satellite config +-------------------- + +**CONFIG_SATELLITE_USER** + Username to access RHN Satellite. + +**CONFIG_SATELLITE_PW** + Password to access RHN Satellite. + +**CONFIG_SATELLITE_AKEY** + Activation key for subscription to RHN Satellite. + +**CONFIG_SATELLITE_CACERT** + Specify a path or URL to a SSL CA certificate to use. + +**CONFIG_SATELLITE_PROFILE** + If required specify the profile name that should be used as an identifier for the system in RHN Satellite. + +**CONFIG_SATELLITE_FLAGS** + Comma separated list of flags passed to rhnreg_ks. Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', 'norhnsd', 'nopackages']. + +**CONFIG_SATELLITE_PROXY** + Specify a HTTP proxy to use with RHN Satellite. + +RHN Satellite proxy config +-------------------------- + +**CONFIG_SATELLITE_PROXY_USER** + Specify a username to use with an authenticated HTTP proxy. + +**CONFIG_SATELLITE_PROXY_PW** + Specify a password to use with an authenticated HTTP proxy. + +Nagios Config parameters +------------------------ + +**CONFIG_NAGIOS_HOST** + The IP address of the server on which to install the Nagios server. + +**CONFIG_NAGIOS_PW** + The password of the nagiosadmin user on the Nagios server. + +Ceilometer Config Parameters +---------------------------- + +**CONFIG_CEILOMETER_HOST** + The IP address of the server on which to install Ceilometer. + +**CONFIG_CEILOMETER_SECRET** + Secret key for signing metering messages. + +**CONFIG_CEILOMETER_KS_PW** + The password to use for Ceilometer to authenticate with Keystone. + +Heat Config Parameters +---------------------- + +**CONFIG_HEAT_HOST** + The IP address of the server on which to install Heat service. + +**CONFIG_HEAT_DB_PW** + The password used by Heat user to authenticate against MySQL. + +**CONFIG_HEAT_KS_PW** + The password to use for the Heat to authenticate with Keystone. + +**CONFIG_HEAT_CLOUDWATCH_INSTALL** + Set to 'y' if you would like Packstack to install Heat CloudWatch API. + +**CONFIG_HEAT_CFN_INSTALL** + Set to 'y' if you would like Packstack to install Heat CloudFormation API. + +**CONFIG_HEAT_CLOUDWATCH_HOST** + The IP address of the server on which to install Heat CloudWatch API service. + +**CONFIG_HEAT_CFN_HOST** + The IP address of the server on which to install Heat CloudFormation API. + +Neutron Config Parameters +------------------------- + +**CONFIG_NEUTRON_SERVER_HOST** + The IP addresses of the server on which to install the Neutron server. + +**CONFIG_NEUTRON_KS_PW** + The password to use for Neutron to authenticate with Keystone. + +**CONFIG_NEUTRON_DB_PW** + The password to use for Neutron to access DB. + +**CONFIG_NEUTRON_L3_HOSTS** + A comma separated list of IP addresses on which to install Neutron L3 agent. + +**CONFIG_NEUTRON_L3_EXT_BRIDGE** + The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. + +**CONFIG_NEUTRON_DHCP_HOSTS** + A comma separated list of IP addresses on which to install Neutron DHCP agent. + +**CONFIG_NEUTRON_L2_PLUGIN** + The name of the L2 plugin to be used with Neutron. + +**CONFIG_NEUTRON_METADATA_HOSTS** + A comma separated list of IP addresses on which to install Neutron metadata agent. + +**CONFIG_NEUTRON_METADATA_PW** + A comma separated list of IP addresses on which to install Neutron metadata agent. + +**CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE** + The type of network to allocate for tenant networks (eg. vlan, local, gre). + +**CONFIG_NEUTRON_LB_VLAN_RANGES** + A comma separated list of VLAN ranges for the Neutron linuxbridge plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). + +**CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** + A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). + +**CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE** + Type of network to allocate for tenant networks (eg. vlan, local, gre). + +**CONFIG_NEUTRON_OVS_VLAN_RANGES** + A comma separated list of VLAN ranges for the Neutron openvswitch plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). + +**CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** + A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). + +**CONFIG_NEUTRON_OVS_BRIDGE_IFACES** + A comma separated list of colon-separated OVS brid. + +**CONFIG_NEUTRON_OVS_TUNNEL_RANGES** + A comma separated list of tunnel ranges for the Neutron openvswitch plugin. + +**CONFIG_NEUTRON_OVS_TUNNEL_IF** + Override the IP used for GRE tunnels on this hypervisor to the IP found on the specified interface (defaults to the HOST IP). + +**CONFIG_NEUTRON_ML2_TYPE_DRIVERS** + A comma separated list of network type (eg: local, flat, vlan, gre, vxlan). + +**CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES** + A comma separated ordered list of network_types to allocate as tenant networks (eg: local, flat, vlan, gre, vxlan). The value 'local' is only useful for single-box testing but provides no connectivity between hosts. + +**CONFIG_NEUTRON_ML2_SM_DRIVERS** + A comma separated ordered list of networking mechanism driver entrypoints to be loaded from the **neutron.ml2.mechanism_drivers** namespace (eg: logger, test, linuxbridge, openvswitch, hyperv, ncs, arista, cisco_nexus, l2population). + +**CONFIG_NEUTRON_ML2_FLAT_NETWORKS** + A comma separated list of physical_network names with which flat networks can be created. Use * to allow flat networks with arbitrary physical_network names. + +**CONFIG_NEUTRON_ML2_VLAN_RANGES** + A comma separated list of **::** or **** specifying physical_network names usable for VLAN provider and tenant networks, as well as ranges of VLAN tags on each available for allocation to tenant networks. + +**CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES** + A comma separated list of **:** tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation. Should be an array with **tun_max +1 - tun_min > 1000000**. + +**CONFIG_NEUTRON_ML2_VXLAN_GROUP** + Multicast group for VXLAN. If unset, disables VXLAN enable sending allocate broadcast traffic to this multicast group. When left unconfigured, will disable multicast VXLAN mode. Should be an **Multicast IP (v4 or v6)** address. + +**CONFIG_NEUTRON_ML2_VNI_RANGES** + A comma separated list of **:** tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. + + +Provision Config Parameters +--------------------------- + +**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE** + Whether to configure the ovs external bridge in an all-in-one deployment. + +**CONFIG_PROVISION_DEMO** + Whether to provision for demo usage and testing. + +**CONFIG_PROVISION_DEMO_FLOATRANGE** + The CIDR network address for the floating IP subnet. + +**CONFIG_PROVISION_TEMPEST** + Whether to configure tempest for testing. + +**CONFIG_PROVISION_TEMPEST_REPO_REVISION** + The revision of the tempest git repository to use. + +**CONFIG_PROVISION_TEMPEST_REPO_URI** + The uri of the tempest git repository to use. Log files and Debug info diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 40692e897..605c58a1e 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -775,8 +775,7 @@ def printOptions(): cmdOption = param.CONF_NAME paramUsage = param.USAGE optionsList = param.OPTION_LIST or "" - print "%s" % (("**%s**"%str(cmdOption)).ljust(30)) - print " %s %s" % (paramUsage, optionsList) + print "%s : %s %s"%(("**%s**"%str(cmdOption)).ljust(30), paramUsage, optionsList) print def plugin_compare(x, y): From b2724805216367f599a9da1355e4c68fcb7c42c1 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Fri, 30 May 2014 20:19:58 +0200 Subject: [PATCH 0024/1017] Opens GRE and VXLAN port Change-Id: I9ddea1f9299cea42bd2f4085f994e2a3638a1835 Fixes: rhbz#1100993 --- packstack/plugins/neutron_350.py | 140 +++++++++++------- .../modules/packstack/manifests/firewall.pp | 25 +++- packstack/puppet/templates/firewall_proto.pp | 11 ++ 3 files changed, 118 insertions(+), 58 deletions(-) create mode 100644 packstack/puppet/templates/firewall_proto.pp diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 99d7252e0..ae9444ed6 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -441,56 +441,6 @@ def initConfig(controller): ], } - def use_ml2_plugin(config): - return (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2') - - def use_linuxbridge_plugin(config): - result = (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge') - if result: - config["CONFIG_NEUTRON_L2_AGENT"] = 'linuxbridge' - return result - - def use_linuxbridge_agent(config): - ml2_used = (use_ml2_plugin(config) and - config["CONFIG_NEUTRON_L2_AGENT"] == 'linuxbridge') - return use_linuxbridge_plugin(config) or ml2_used - - def use_openvswitch_plugin(config): - result = (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch') - if result: - config["CONFIG_NEUTRON_L2_AGENT"] = 'openvswitch' - return result - - def use_openvswitch_plugin_tunnel(config): - tun_types = ('gre', 'vxlan') - return (use_openvswitch_plugin(config) and - config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] in tun_types) - - def use_ml2_with_ovs(config): - return (use_ml2_plugin(config) and - config["CONFIG_NEUTRON_L2_AGENT"] == 'openvswitch') - - def use_openvswitch_agent(config): - return use_openvswitch_plugin(config) or use_ml2_with_ovs(config) - - def use_openvswitch_agent_tunnel(config): - return (use_openvswitch_plugin_tunnel(config) or - use_ml2_with_ovs(config)) - - def use_openvswitch_vxlan(config): - ovs_vxlan = ( - use_openvswitch_plugin_tunnel(config) and - config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] == 'vxlan' - ) - ml2_vxlan = ( - use_ml2_with_ovs(config) and - 'vxlan' in config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] - ) - return ovs_vxlan or ml2_vxlan - conf_groups = [ {"GROUP_NAME": "NEUTRON", "DESCRIPTION": "Neutron config", @@ -621,6 +571,77 @@ def initSequences(controller): #------------------------- helper functions ------------------------- +def use_ml2_plugin(config): + return (config['CONFIG_NEUTRON_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2') + + +def use_linuxbridge_plugin(config): + result = (config['CONFIG_NEUTRON_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge') + if result: + config["CONFIG_NEUTRON_L2_AGENT"] = 'linuxbridge' + return result + + +def use_linuxbridge_agent(config): + ml2_used = (use_ml2_plugin(config) and + config["CONFIG_NEUTRON_L2_AGENT"] == 'linuxbridge') + return use_linuxbridge_plugin(config) or ml2_used + + +def use_openvswitch_plugin(config): + result = (config['CONFIG_NEUTRON_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch') + if result: + config["CONFIG_NEUTRON_L2_AGENT"] = 'openvswitch' + return result + + +def use_openvswitch_plugin_tunnel(config): + tun_types = ('gre', 'vxlan') + return (use_openvswitch_plugin(config) and + config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] in tun_types) + + +def use_ml2_with_ovs(config): + return (use_ml2_plugin(config) and + config["CONFIG_NEUTRON_L2_AGENT"] == 'openvswitch') + + +def use_openvswitch_agent(config): + return use_openvswitch_plugin(config) or use_ml2_with_ovs(config) + + +def use_openvswitch_agent_tunnel(config): + return (use_openvswitch_plugin_tunnel(config) or + use_ml2_with_ovs(config)) + + +def use_openvswitch_vxlan(config): + ovs_vxlan = ( + use_openvswitch_plugin_tunnel(config) and + config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] == 'vxlan' + ) + ml2_vxlan = ( + use_ml2_with_ovs(config) and + 'vxlan' in config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] + ) + return ovs_vxlan or ml2_vxlan + + +def use_openvswitch_gre(config): + ovs_vxlan = ( + use_openvswitch_plugin_tunnel(config) and + config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] == 'gre' + ) + ml2_vxlan = ( + use_ml2_with_ovs(config) and + 'gre' in config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] + ) + return ovs_vxlan or ml2_vxlan + + def get_if_driver(config): agent = config['CONFIG_NEUTRON_L2_AGENT'] if agent == "openvswitch": @@ -704,6 +725,25 @@ def create_manifests(config, messages): # Set up any l2 plugin configs we need anywhere we install neutron # XXX I am not completely sure about this, but it seems necessary: manifest_data = getManifestTemplate(plugin_manifest) + + # We also need to open VXLAN/GRE port for agent + firewall_template = "firewall.pp" + if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): + if use_openvswitch_vxlan(config): + tunnel_port = "'4789'" + else: + config['FIREWALL_PROTOCOL'] = "'gre'" + firewall_template = "firewall_proto.pp" + tunnel_port = "" + for f_host in q_hosts: + config['FIREWALL_ALLOWED'] = "'%s'" % f_host + config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port" + config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel_%s_%s" + % (host, f_host)) + config['FIREWALL_PORTS'] = tunnel_port + config['FIREWALL_CHAIN'] = "INPUT" + manifest_data += getManifestTemplate(firewall_template) + appendManifestFile(manifest_file, manifest_data, 'neutron') diff --git a/packstack/puppet/modules/packstack/manifests/firewall.pp b/packstack/puppet/modules/packstack/manifests/firewall.pp index 05429888f..a05137122 100644 --- a/packstack/puppet/modules/packstack/manifests/firewall.pp +++ b/packstack/puppet/modules/packstack/manifests/firewall.pp @@ -2,7 +2,7 @@ # hosts that need to connect via FIREWALL_PORTS # using FIREWALL_CHAIN -define packstack::firewall($host, $service_name, $chain = "INPUT", $ports) { +define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = undef, $proto = ['tcp', 'udp']) { $source = $host ? { 'ALL' => '0.0.0.0/0', default => $host, @@ -12,12 +12,21 @@ default => 'incoming', } - firewall { "001 ${service_name} ${heading} ${title}": - chain => $chain, - proto => ['tcp', 'udp'], - dport => $ports, - action => 'accept', - source => $source, + if $ports == undef { + firewall { "001 ${service_name} ${heading} ${title}": + chain => $chain, + proto => $proto, + action => 'accept', + source => $source, + } + } + else { + firewall { "001 ${service_name} ${heading} ${title}": + chain => $chain, + proto => $proto, + dport => $ports, + action => 'accept', + source => $source, + } } } - diff --git a/packstack/puppet/templates/firewall_proto.pp b/packstack/puppet/templates/firewall_proto.pp new file mode 100644 index 000000000..43ef7e2df --- /dev/null +++ b/packstack/puppet/templates/firewall_proto.pp @@ -0,0 +1,11 @@ +# Create firewall rules to allow only the FIREWALL_ALLOWED +# hosts that need to connect via FIREWALL_PORTS +# using FIREWALL_CHAIN + +packstack::firewall {'%(FIREWALL_SERVICE_ID)s': + host => %(FIREWALL_ALLOWED)s, + service_name => '%(FIREWALL_SERVICE_NAME)s', + chain => '%(FIREWALL_CHAIN)s', + proto => [%(FIREWALL_PROTOCOL)s], +} + From 10d87a94dc390e5e6373170089c7c9b98ff9998d Mon Sep 17 00:00:00 2001 From: Gilles Dubreuil Date: Mon, 2 Jun 2014 13:25:23 +1000 Subject: [PATCH 0025/1017] Adds Neutron L3 Metering Agent https://bugzilla.redhat.com/show_bug.cgi?id=1098716 Change-Id: I58f471bd4103dd35091f2ecf76cbb6fbd438174f --- packstack/plugins/neutron_350.py | 33 +++++++++++++++++++ .../templates/neutron_metering_agent.pp | 3 ++ 2 files changed, 36 insertions(+) create mode 100644 packstack/puppet/templates/neutron_metering_agent.pp diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index ae9444ed6..928d49bbc 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -111,6 +111,20 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-metering-agent-install", + "USAGE": ("Set to 'y' if you would like Packstack to install " + "Neutron L3 Metering agent"), + "PROMPT": ("Should Packstack install Neutron L3 Metering agent"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NEUTRON_METERING_AGENT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], "NEUTRON_LB_PLUGIN": [ @@ -562,6 +576,8 @@ def initSequences(controller): 'functions': [create_dhcp_manifests]}, {'title': 'Adding Neutron LBaaS Agent manifest entries', 'functions': [create_lbaas_manifests]}, + {'title': 'Adding Neutron Metering Agent manifest entries', + 'functions': [create_metering_agent_manifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions': [create_metadata_manifests]}, ] @@ -687,6 +703,10 @@ def create_manifests(config, messages): service_plugins.append( 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' ) + if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': + service_plugins.append( + 'neutron.services.metering.metering_plugin.MeteringPlugin' + ) config['SERVICE_PLUGINS'] = (str(service_plugins) if service_plugins else 'undef') @@ -817,6 +837,19 @@ def create_lbaas_manifests(config, messages): appendManifestFile(manifestfile, manifestdata + "\n") +def create_metering_agent_manifests(config, messages): + global api_hosts + + if not config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': + return + + for host in api_hosts: + config['CONFIG_NEUTRON_METERING_IFCE_DRIVER'] = get_if_driver(config) + manifestdata = getManifestTemplate("neutron_metering_agent.pp") + manifestfile = "%s_neutron.pp" % (host,) + appendManifestFile(manifestfile, manifestdata + "\n") + + def create_l2_agent_manifests(config, messages): global q_hosts diff --git a/packstack/puppet/templates/neutron_metering_agent.pp b/packstack/puppet/templates/neutron_metering_agent.pp new file mode 100644 index 000000000..7ecd72c46 --- /dev/null +++ b/packstack/puppet/templates/neutron_metering_agent.pp @@ -0,0 +1,3 @@ +class { 'neutron::agents::metering': + interface_driver => '%(CONFIG_NEUTRON_METERING_IFCE_DRIVER)s', +} From cda9fcb00f6c9a63b606c50d4cf1648ec71ddfa2 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 2 Jun 2014 11:46:26 +0200 Subject: [PATCH 0026/1017] Fixed Heat plugin Global controller is not supported in refactored plugins. Those residual have been probably missed by rebasing. Change-Id: Id68119da79e648cc50d33dc9453b9e83fd80a64d Fixes: rhbz#1103382 --- packstack/plugins/heat_750.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index 318b462bc..2f02eb77d 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -143,14 +143,14 @@ def create_keystone_manifest(config, messages): def create_cloudwatch_manifest(config, messages): - manifestfile = "%s_heatcw.pp" % controller.CONF['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_heatcw.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cloudwatch.pp") appendManifestFile(manifestfile, manifestdata, marker='heat') def create_cfn_manifest(config, messages): - manifestfile = "%s_heatcnf.pp" % controller.CONF['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_heatcnf.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cfn.pp") appendManifestFile(manifestfile, manifestdata, marker='heat') From 890240516c3ad99e5142e758d79d2f6ac8959f34 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 2 Jun 2014 17:20:56 +0200 Subject: [PATCH 0027/1017] Fix {nagios,monitoring}-plugins-ping confusion We first try to install nagios-plugins-ping and if we fail we just install monitoring-plugins-ping. Change-Id: I5e97dd406dc9289fdb086722fe8c24e95baf329b Closes-Bug: rhbz#1100037 Closes-Bug: rhbz#1096154 Closes-Bug: rhbz#1101665 Closes-Bug: rhbz#1103695 --- packstack/puppet/templates/nagios_server.pp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index 6ac6bb018..8483c8bf4 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -1,8 +1,16 @@ -package{['nagios', 'nagios-plugins-nrpe', 'nagios-plugins-ping']: +package{['nagios', 'nagios-plugins-nrpe']: ensure => present, before => Class['nagios_configs'] } +# We need to preferably install nagios-plugins-ping +exec { 'nagios-plugins-ping': + path => '/usr/bin', + command => 'yum install -y -d 0 -e 0 monitoring-plugins-ping', + onlyif => 'yum install -y -d 0 -e 0 nagios-plugins-ping &> /dev/null && exit 1 || exit 0', + before => Class['nagios_configs'] +} + class nagios_configs(){ file{['/etc/nagios/nagios_command.cfg', '/etc/nagios/nagios_host.cfg']: ensure => 'present', From 8e65d181d2f8d225af9b927be8c6512f6e8e464b Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 3 Jun 2014 07:53:11 +0200 Subject: [PATCH 0028/1017] Use except x as y instead of except x, y According to https://docs.python.org/3/howto/pyporting.html the syntax changed in Python 3.x. The new syntax is usable with Python >= 2.6 and should be preferred to be compatible with Python3. Change-Id: I4a951aecc32ef9e5131da236ae4815b84897d67b --- packstack/installer/basedefs.py | 2 +- packstack/installer/core/drones.py | 2 +- packstack/installer/core/sequences.py | 2 +- packstack/installer/processors.py | 4 ++-- packstack/installer/run_setup.py | 6 +++--- packstack/installer/utils/network.py | 2 +- tests/installer/test_utils.py | 2 +- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index d4d38d89a..6ebebf05f 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -33,7 +33,7 @@ if uid != 0 and os.getuid() == 0: try: os.chown(PACKSTACK_VAR_DIR, uid, gid) - except Exception, ex: + except Exception as ex: print ('Unable to change owner of %s. Please fix ownership ' 'manually and try again.' % PACKSTACK_VAR_DIR) sys.exit(1) diff --git a/packstack/installer/core/drones.py b/packstack/installer/core/drones.py index 66e846855..fd1a6991b 100644 --- a/packstack/installer/core/drones.py +++ b/packstack/installer/core/drones.py @@ -360,7 +360,7 @@ def _finished(self, recipe): local.execute(log=False) # if we got to this point the puppet apply has finished return True - except utils.ScriptRuntimeError, e: + except utils.ScriptRuntimeError as e: # the test raises an exception if the file doesn't exist yet return False diff --git a/packstack/installer/core/sequences.py b/packstack/installer/core/sequences.py index fc7ef297e..cd82c7e94 100644 --- a/packstack/installer/core/sequences.py +++ b/packstack/installer/core/sequences.py @@ -36,7 +36,7 @@ def run(self, config=None, messages=None): # execute and report state try: self.function(config, messages) - except Exception, ex: + except Exception as ex: logger.debug(traceback.format_exc()) state = utils.state_message(self.title, 'ERROR', 'red') sys.stdout.write('%s\n' % state) diff --git a/packstack/installer/processors.py b/packstack/installer/processors.py index a8edd966b..230b03d09 100644 --- a/packstack/installer/processors.py +++ b/packstack/installer/processors.py @@ -20,7 +20,7 @@ def process_cidr(param, process_args=None): return param try: return str(netaddr.IPNetwork(param).cidr) - except Exception, ex: + except Exception as ex: raise ParamProcessingError(str(ex)) @@ -33,7 +33,7 @@ def process_host(param, process_args=None): process_args.get('allow_localhost', False) try: return force_ip(param, allow_localhost=localhost) - except NetworkError, ex: + except NetworkError as ex: raise ParamProcessingError(str(ex)) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 605c58a1e..6c7e716cd 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -282,7 +282,7 @@ def process_param_value(param, value): else: logging.debug("Processor returned the original " "value: %s" % _value) - except processors.ParamProcessingError, ex: + except processors.ParamProcessingError as ex: print ("Value processing of parameter %s " "failed.\n%s" % (param.CONF_NAME, ex)) raise @@ -628,7 +628,7 @@ def remove_remote_var_dirs(): server.append('rm -rf %s' % host_dir) try: server.execute() - except Exception, e: + except Exception as e: msg = output_messages.ERR_REMOVE_REMOTE_VAR % (host_dir, host) logging.error(msg) logging.exception(e) @@ -914,7 +914,7 @@ def main(): _set_command_line_values(options) _main(confFile) - except FlagValidationError, ex: + except FlagValidationError as ex: optParser.error(str(ex)) except Exception as e: logging.error(traceback.format_exc()) diff --git a/packstack/installer/utils/network.py b/packstack/installer/utils/network.py index 5e5aa7765..89e64ddcc 100644 --- a/packstack/installer/utils/network.py +++ b/packstack/installer/utils/network.py @@ -61,7 +61,7 @@ def host2ip(hostname, allow_localhost=False): return get_localhost_ip() except socket.error: raise NetworkError('Unknown hostname %s.' % hostname) - except Exception, ex: + except Exception as ex: raise NetworkError('Unknown error appeared: %s' % repr(ex)) diff --git a/tests/installer/test_utils.py b/tests/installer/test_utils.py index 9508018dd..c538f05ca 100644 --- a/tests/installer/test_utils.py +++ b/tests/installer/test_utils.py @@ -86,7 +86,7 @@ def test_shell(self): execute('echo "mask the password" && exit 1', use_shell=True, mask_list=['password']) raise AssertionError('Masked execution failed.') - except ExecuteRuntimeError, ex: + except ExecuteRuntimeError as ex: should_be = ('Failed to execute command, stdout: mask the %s\n\n' 'stderr: ' % STR_MASK) self.assertEqual(str(ex), should_be) From d794f98378afd9cc2231f9c75722f63c0148b8d6 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 3 Jun 2014 16:02:33 +0200 Subject: [PATCH 0029/1017] Fixed firewall protocols Resource provider for firewall does not accept array as value for parameter 'proto'. This patch is fixing it. Change-Id: Iba55657f35a5c79149b22873e8eb753b71b6ceda Fixes: rhbz#1100993 --- packstack/plugins/amqp_002.py | 3 ++- packstack/plugins/ceilometer_800.py | 2 ++ packstack/plugins/cinder_250.py | 4 ++-- packstack/plugins/glance_200.py | 1 + packstack/plugins/keystone_100.py | 3 ++- packstack/plugins/mysql_001.py | 1 + packstack/plugins/nagios_910.py | 1 + packstack/plugins/neutron_350.py | 15 ++++++++------- packstack/plugins/nova_300.py | 1 + packstack/plugins/swift_600.py | 4 ++-- .../modules/packstack/manifests/firewall.pp | 2 +- packstack/puppet/templates/firewall.pp | 4 ++-- packstack/puppet/templates/firewall_proto.pp | 11 ----------- 13 files changed, 25 insertions(+), 27 deletions(-) delete mode 100644 packstack/puppet/templates/firewall_proto.pp diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index a8e597fb5..e12cecd10 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -246,8 +246,9 @@ def create_manifest(config, messages): # All hosts should be able to talk to amqp config['FIREWALL_SERVICE_NAME'] = "amqp" - config['FIREWALL_PORTS'] = "'5671', '5672'" + config['FIREWALL_PORTS'] = "['5671', '5672']" config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' for host in filtered_hosts(config, exclude=False): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "amqp_%s" % host diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index 20037b034..d33a9509b 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -115,6 +115,7 @@ def create_manifest(config, messages): config['FIREWALL_SERVICE_ID'] = 'ceilometer_api' config['FIREWALL_PORTS'] = "'8777'" config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") # Add a template that creates a group for nova because the ceilometer # class needs it @@ -129,6 +130,7 @@ def create_mongodb_manifest(config, messages): config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = 'mongodb-server' config['FIREWALL_PORTS'] = "'27017'" + config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, 'pre') diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 97e0dc689..b171eace1 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -360,9 +360,9 @@ def create_manifest(config, messages): manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" - config['FIREWALL_PORTS'] = "'3260', '8776'" + config['FIREWALL_PORTS'] = "['3260', '8776']" config['FIREWALL_CHAIN'] = "INPUT" - + config['FIREWALL_PROTOCOL'] = 'tcp' if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 3c4daf746..e57ad8abe 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -95,6 +95,7 @@ def create_manifest(config, messages): config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' if config['CONFIG_NOVA_INSTALL'] == 'y': for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 726d1b6ed..7440ec9cc 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -115,8 +115,9 @@ def create_manifest(config, messages): config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "keystone" config['FIREWALL_SERVICE_ID'] = "keystone" - config['FIREWALL_PORTS'] = "'5000', '35357'" + config['FIREWALL_PORTS'] = "['5000', '35357']" config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/mysql_001.py b/packstack/plugins/mysql_001.py index c90a38359..d5138bbb6 100644 --- a/packstack/plugins/mysql_001.py +++ b/packstack/plugins/mysql_001.py @@ -112,6 +112,7 @@ def append_for(module, suffix): config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index 41ff0b4d8..dd48967ec 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -189,6 +189,7 @@ def create_nrpe_manifests(config, messages): config['FIREWALL_SERVICE_ID'] = "nagios_nrpe" config['FIREWALL_PORTS'] = '5666' config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index ae9444ed6..07d72dae1 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -701,7 +701,7 @@ def create_manifests(config, messages): config['FIREWALL_SERVICE_NAME'] = "neutron server" config['FIREWALL_PORTS'] = "'9696'" config['FIREWALL_CHAIN'] = "INPUT" - + config['FIREWALL_PROTOCOL'] = 'tcp' for host in q_hosts: manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron.pp") @@ -727,14 +727,14 @@ def create_manifests(config, messages): manifest_data = getManifestTemplate(plugin_manifest) # We also need to open VXLAN/GRE port for agent - firewall_template = "firewall.pp" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if use_openvswitch_vxlan(config): - tunnel_port = "'4789'" + config['FIREWALL_PROTOCOL'] = 'udp' + tunnel_port = ("'%s'" + % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT']) else: - config['FIREWALL_PROTOCOL'] = "'gre'" - firewall_template = "firewall_proto.pp" - tunnel_port = "" + config['FIREWALL_PROTOCOL'] = 'gre' + tunnel_port = 'undef' for f_host in q_hosts: config['FIREWALL_ALLOWED'] = "'%s'" % f_host config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port" @@ -742,7 +742,7 @@ def create_manifests(config, messages): % (host, f_host)) config['FIREWALL_PORTS'] = tunnel_port config['FIREWALL_CHAIN'] = "INPUT" - manifest_data += getManifestTemplate(firewall_template) + manifest_data += getManifestTemplate('firewall.pp') appendManifestFile(manifest_file, manifest_data, 'neutron') @@ -786,6 +786,7 @@ def create_dhcp_manifests(config, messages): manifest_file = "%s_neutron.pp" % (host,) # Firewall Rules + config['FIREWALL_PROTOCOL'] = 'tcp' for f_host in q_hosts: config['FIREWALL_ALLOWED'] = "'%s'" % f_host config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in" diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 8f2f974e5..dd4a569d6 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -496,6 +496,7 @@ def create_compute_manifest(config, messages): config['FIREWALL_SERVICE_ID'] = "nova_compute" config['FIREWALL_PORTS'] = "'5900-5999'" config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") manifestdata += "\n" + nova_config_options.getManifestEntry() diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 0ba6b7298..8e193ef62 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -295,9 +295,9 @@ def create_storage_manifest(config, messages): hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync" - config['FIREWALL_PORTS'] = "'6000', '6001', '6002', '873'" + config['FIREWALL_PORTS'] = "['6000', '6001', '6002', '873']" config['FIREWALL_CHAIN'] = "INPUT" - + config['FIREWALL_PROTOCOL'] = 'tcp' for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host diff --git a/packstack/puppet/modules/packstack/manifests/firewall.pp b/packstack/puppet/modules/packstack/manifests/firewall.pp index a05137122..2370070fd 100644 --- a/packstack/puppet/modules/packstack/manifests/firewall.pp +++ b/packstack/puppet/modules/packstack/manifests/firewall.pp @@ -2,7 +2,7 @@ # hosts that need to connect via FIREWALL_PORTS # using FIREWALL_CHAIN -define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = undef, $proto = ['tcp', 'udp']) { +define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = undef, $proto = 'tcp') { $source = $host ? { 'ALL' => '0.0.0.0/0', default => $host, diff --git a/packstack/puppet/templates/firewall.pp b/packstack/puppet/templates/firewall.pp index 2b2c13419..a52d793f6 100644 --- a/packstack/puppet/templates/firewall.pp +++ b/packstack/puppet/templates/firewall.pp @@ -6,6 +6,6 @@ host => %(FIREWALL_ALLOWED)s, service_name => '%(FIREWALL_SERVICE_NAME)s', chain => '%(FIREWALL_CHAIN)s', - ports => [%(FIREWALL_PORTS)s], + ports => %(FIREWALL_PORTS)s, + proto => '%(FIREWALL_PROTOCOL)s', } - diff --git a/packstack/puppet/templates/firewall_proto.pp b/packstack/puppet/templates/firewall_proto.pp deleted file mode 100644 index 43ef7e2df..000000000 --- a/packstack/puppet/templates/firewall_proto.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Create firewall rules to allow only the FIREWALL_ALLOWED -# hosts that need to connect via FIREWALL_PORTS -# using FIREWALL_CHAIN - -packstack::firewall {'%(FIREWALL_SERVICE_ID)s': - host => %(FIREWALL_ALLOWED)s, - service_name => '%(FIREWALL_SERVICE_NAME)s', - chain => '%(FIREWALL_CHAIN)s', - proto => [%(FIREWALL_PROTOCOL)s], -} - From b5a0c337c669064b529b39323338c451b6529ffe Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Fri, 16 May 2014 08:21:24 -0600 Subject: [PATCH 0030/1017] Fixes language parsing problems If the language of the shell is set to other than eglish packstack will experience problems due the fact that it assumes that the command outputs are in english. Change-Id: I66e9274849d68c22f240ff077850542571e0e51c --- packstack/installer/utils/shell.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/packstack/installer/utils/shell.py b/packstack/installer/utils/shell.py index 37a488172..c78087b98 100644 --- a/packstack/installer/utils/shell.py +++ b/packstack/installer/utils/shell.py @@ -1,6 +1,7 @@ # -*- coding: utf-8 -*- import re +import os import types import logging import subprocess @@ -32,10 +33,12 @@ def execute(cmd, workdir=None, can_fail=True, mask_list=None, masked = mask_string(masked, mask_list, repl_list) if log: logging.info("Executing command:\n%s" % masked) - + environ = os.environ + environ['LANG'] = 'en_US.UTF8' proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=workdir, - shell=use_shell, close_fds=True) + shell=use_shell, close_fds=True, + env=environ) out, err = proc.communicate() masked_out = mask_string(out, mask_list, repl_list) masked_err = mask_string(err, mask_list, repl_list) @@ -84,8 +87,11 @@ def execute(self, can_fail=True, mask_list=None, log=True): "root@%s" % self.ip, "bash -x"] else: cmd = ["bash", "-x"] + environ = os.environ + environ['LANG'] = 'en_US.UTF8' obj = subprocess.Popen(cmd, stdin=_PIPE, stdout=_PIPE, stderr=_PIPE, - close_fds=True, shell=False) + close_fds=True, shell=False, + env=environ) script = "function t(){ exit $? ; } \n trap t ERR \n" + script out, err = obj.communicate(script) From 8b09a63f0daa39605787f676face747e4aa98c8f Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 3 Jun 2014 22:45:19 +0200 Subject: [PATCH 0031/1017] Removed residual parameter CONFIG_HORIZON_HOST is deprecated parameter. Change-Id: Id259c45822944aa13d1831b1c899e00ad181c867 Fixes: rhbz#1104226 --- packstack/puppet/templates/https.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/https.pp b/packstack/puppet/templates/https.pp index 728f98eb9..d8b6706ca 100644 --- a/packstack/puppet/templates/https.pp +++ b/packstack/puppet/templates/https.pp @@ -36,7 +36,7 @@ $vhostname = $::fqdn } else { - $vhostname = '%(CONFIG_HORIZON_HOST)s' + $vhostname = '%(CONFIG_CONTROLLER_HOST)s' } @@ -48,7 +48,7 @@ file_line{'redirect': path => '/etc/httpd/conf.d/openstack-dashboard.conf', match => '^RedirectMatch .*', - line => "RedirectMatch permanent ^/$ https://%(CONFIG_HORIZON_HOST)s:${https_port}/dashboard", + line => "RedirectMatch permanent ^/$ https://%(CONFIG_CONTROLLER_HOST)s:${https_port}/dashboard", require => Class['horizon'] } From a4caf6f518ef54210f226ce78a8a4253e2bde4b8 Mon Sep 17 00:00:00 2001 From: Dan Radez Date: Wed, 4 Jun 2014 15:17:05 -0400 Subject: [PATCH 0032/1017] updating nagios checks for cinder and glance to list all items not just the admins Change-Id: If673828683f624a9fa28ff15cc2a99150dcde175 --- packstack/puppet/modules/packstack/templates/cinder-list.erb | 2 +- packstack/puppet/modules/packstack/templates/glance-index.erb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/modules/packstack/templates/cinder-list.erb b/packstack/puppet/modules/packstack/templates/cinder-list.erb index 739b9d750..08ecd3b2b 100644 --- a/packstack/puppet/modules/packstack/templates/cinder-list.erb +++ b/packstack/puppet/modules/packstack/templates/cinder-list.erb @@ -2,7 +2,7 @@ . /etc/nagios/keystonerc_admin -data=$(cinder list 2>&1) +data=$(cinder list --all-tenants 2>&1) rv=$? if [ "$rv" != "0" ] ; then diff --git a/packstack/puppet/modules/packstack/templates/glance-index.erb b/packstack/puppet/modules/packstack/templates/glance-index.erb index 5fbea5e48..2407ecebf 100644 --- a/packstack/puppet/modules/packstack/templates/glance-index.erb +++ b/packstack/puppet/modules/packstack/templates/glance-index.erb @@ -2,7 +2,7 @@ . /etc/nagios/keystonerc_admin -data=$(glance index 2>&1) +data=$(glance image-list --all-tenants 2>&1) rv=$? if [ "$rv" != "0" ] ; then From b3db196da115fa089fa59e1a3c2d6737faddc2c6 Mon Sep 17 00:00:00 2001 From: Gilles Dubreuil Date: Wed, 21 May 2014 15:00:44 +1000 Subject: [PATCH 0033/1017] Added Neutron FWaaS This provides Neutron Firewall as a Service feature on L3 agents. It's off by default, use answer file or interactive option to enable it. Note: Horizon's corresponding flag needs to be switched Separately [RFE] - https://bugzilla.redhat.com/show_bug.cgi?id=1098765 Change-Id: I054b020424808d98718c2f8a16078d2a357a6f32 --- docs/packstack.rst | 3 +++ packstack/plugins/neutron_350.py | 25 +++++++++++++++++++++ packstack/puppet/templates/neutron_fwaas.pp | 3 +++ 3 files changed, 31 insertions(+) create mode 100644 packstack/puppet/templates/neutron_fwaas.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index b7f9fe496..358b41e17 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -418,6 +418,9 @@ Neutron Config Parameters **CONFIG_NEUTRON_METADATA_PW** A comma separated list of IP addresses on which to install Neutron metadata agent. +**CONFIG_NEUTRON_FWAAS** + Whether to configure neutron Firewall as a Service. + **CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE** The type of network to allocate for tenant networks (eg. vlan, local, gre). diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 747cb5bc8..c11f5892e 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -125,6 +125,19 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "neutron-fwaas", + "USAGE": ("Whether to configure neutron Firewall as a Service"), + "PROMPT": "Would you like to configure neutron FWaaS?", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NEUTRON_FWAAS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], "NEUTRON_LB_PLUGIN": [ @@ -703,10 +716,17 @@ def create_manifests(config, messages): service_plugins.append( 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' ) + if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append( 'neutron.services.metering.metering_plugin.MeteringPlugin' ) + + if config['CONFIG_NEUTRON_FWAAS']: + service_plugins.append( + 'neutron.services.firewall.fwaas_plugin.FirewallPlugin' + ) + config['SERVICE_PLUGINS'] = (str(service_plugins) if service_plugins else 'undef') @@ -794,6 +814,11 @@ def create_l3_manifests(config, messages): manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') appendManifestFile(manifestfile, manifestdata + '\n') + if config['CONFIG_NEUTRON_FWAAS']: + manifestfile = "%s_neutron_fwaas.pp" % (host,) + manifestdata = getManifestTemplate("neutron_fwaas.pp") + appendManifestFile(manifestfile, manifestdata + '\n') + def create_dhcp_manifests(config, messages): global network_hosts diff --git a/packstack/puppet/templates/neutron_fwaas.pp b/packstack/puppet/templates/neutron_fwaas.pp new file mode 100644 index 000000000..fcdc71c88 --- /dev/null +++ b/packstack/puppet/templates/neutron_fwaas.pp @@ -0,0 +1,3 @@ +class { 'neutron::services::fwaas': + enabled => true, +} From d666b3b7fcff9478541b8c5885981c8d49b5336e Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 5 Jun 2014 17:23:49 +0200 Subject: [PATCH 0034/1017] Add Keystone domain for Heat support This patch adds support for creation of Keystone domain for Heat and for proper configuration of Heat. For this patch to work [1] is required. This patch is not currently in upstream module yet, but it will be part of next o-p-m build. [1] https://github.com/paramite/puppet-heat/commit/3a38aa6eda5a57299f20bf0cabb10442e1a2cc89 Change-Id: I6b9c0f112d2e85131d880f308b9f391b47891cd7 Fixes: rhbz#1076172 --- packstack/plugins/heat_750.py | 39 ++++++++++++++++++++++++++++++ packstack/puppet/templates/heat.pp | 18 +++++++++++--- 2 files changed, 53 insertions(+), 4 deletions(-) diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index 2f02eb77d..646310000 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -95,6 +95,45 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "os-heat-domain", + "USAGE": "Name of Keystone domain for Heat", + "PROMPT": "Enter name of Keystone domain for Heat", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "heat", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HEAT_DOMAIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-domain-admin", + "USAGE": "Name of Keystone domain admin user for Heat", + "PROMPT": "Enter name of Keystone domain admin user for Heat", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "heat_admin", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HEAT_DOMAIN_ADMIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-domain-password", + "USAGE": "Password for Keystone domain admin user for Heat", + "PROMPT": "Enter password for Keystone domain admin user for Heat", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HEAT_DOMAIN_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ] group = {"GROUP_NAME": "Heat", "DESCRIPTION": "Heat Config parameters", diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index 71a1d7645..34a867d12 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -3,8 +3,18 @@ } class { 'heat::engine': - heat_metadata_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000', - heat_waitcondition_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000/v1/waitcondition', - heat_watch_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8003', - auth_encryption_key => '%(CONFIG_HEAT_AUTH_ENC_KEY)s', + heat_metadata_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000', + heat_waitcondition_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000/v1/waitcondition', + heat_watch_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8003', + auth_encryption_key => '%(CONFIG_HEAT_AUTH_ENC_KEY)s', +} + +class { 'heat::keystone::domain': + auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', + keystone_admin => 'admin', + keystone_password => '%(CONFIG_KEYSTONE_ADMIN_PW)s', + keystone_tenant => 'admin', + domain_name => '%(CONFIG_HEAT_DOMAIN)s', + domain_admin => '%(CONFIG_HEAT_DOMAIN_ADMIN)s', + domain_password => '%(CONFIG_HEAT_DOMAIN_PASSWORD)s', } From 2fcc880bda4aed22faf975d4382347297d0bbbcd Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 5 Jun 2014 20:13:58 +0200 Subject: [PATCH 0035/1017] Open VXLAN udp port As we have no way knowing what ips the tunnel interfaces have we just open the VXLAN udp port for all. Closes-Bug: rhbz#1100993 Change-Id: Ide1b69c89dedcae2a054772a69009603cf3003cd --- packstack/plugins/neutron_350.py | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 747cb5bc8..941fa9f30 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -755,14 +755,12 @@ def create_manifests(config, messages): else: config['FIREWALL_PROTOCOL'] = 'gre' tunnel_port = 'undef' - for f_host in q_hosts: - config['FIREWALL_ALLOWED'] = "'%s'" % f_host - config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port" - config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel_%s_%s" - % (host, f_host)) - config['FIREWALL_PORTS'] = tunnel_port - config['FIREWALL_CHAIN'] = "INPUT" - manifest_data += getManifestTemplate('firewall.pp') + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port" + config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel") + config['FIREWALL_PORTS'] = tunnel_port + config['FIREWALL_CHAIN'] = "INPUT" + manifest_data += getManifestTemplate('firewall.pp') appendManifestFile(manifest_file, manifest_data, 'neutron') From 13a9424b240ce2b0307fb285c3fe507d0c02d943 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 5 Jun 2014 10:51:26 +0200 Subject: [PATCH 0036/1017] Refactor horizon ssl setup to use puppet-horizon We still need to refactor whole ssl handling but we are definetly better off with using puppet-horizon to setup ssl for horizon. Conflicts: packstack/puppet/templates/https.pp Change-Id: I266b4fc4e7c1c366f814ddb0a5622b8b4e1236bc Closes-Bug: rhbz#1104226 --- docs/packstack.rst | 3 + packstack/plugins/dashboard_500.py | 31 +++++- .../templates/ssl/generate_ssl_certs.sh.erb | 20 +++- packstack/puppet/templates/horizon.pp | 29 ++++++ packstack/puppet/templates/https.pp | 97 ------------------- packstack/puppet/templates/nagios_server.pp | 5 + 6 files changed, 81 insertions(+), 104 deletions(-) delete mode 100644 packstack/puppet/templates/https.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index b7f9fe496..20e4d2788 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -265,6 +265,9 @@ OpenStack Horizon Config parameters **CONFIG_SSL_KEY** Keyfile corresponding to the certificate if one was entered. +**CONFIG_SSL_CACHAIN** + PEM encoded CA certificates from which the certificate chain of the server certificate can be assembled. + OpenStack Swift Config parameters --------------------------------- diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index d345e4dac..bfe58fb74 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -79,6 +79,21 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "os-ssl-cachain", + "USAGE": ("PEM encoded CA certificates from which the certificate " + "chain of the server certificate can be assembled."), + "PROMPT": ("Enter the CA cahin file corresponding to the certificate " + "if one was entered"), + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_SSL_CACHAIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ] group = {"GROUP_NAME": "OSSSL", "DESCRIPTION": "SSL Config parameters", @@ -111,37 +126,43 @@ def create_manifest(config, messages): config["CONFIG_HORIZON_PORT"] = "'80'" sslmanifestdata = '' if config["CONFIG_HORIZON_SSL"] == 'y': + config["CONFIG_HORIZON_SSL"] = 'true' config["CONFIG_HORIZON_PORT"] = "'443'" proto = "https" - sslmanifestdata += getManifestTemplate("https.pp") # Are we using the users cert/key files if config["CONFIG_SSL_CERT"]: ssl_cert = config["CONFIG_SSL_CERT"] ssl_key = config["CONFIG_SSL_KEY"] + ssl_chain = config["CONFIG_SSL_CACHAIN"] if not os.path.exists(ssl_cert): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_cert) - if ssl_key and not os.path.exists(ssl_key): + if not os.path.exists(ssl_key): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_key) + if not os.path.exists(ssl_chain): + raise exceptions.ParamValidationError( + "The file %s doesn't exist" % ssl_chain) + resources = config.setdefault('RESOURCES', {}) host_resources = resources.setdefault(horizon_host, []) host_resources.append((ssl_cert, 'ssl_ps_server.crt')) - if ssl_key: - host_resources.append(ssl_key, 'ssl_ps_server.key') + host_resources.append(ssl_key, 'ssl_ps_server.key') + host_resources.append((ssl_chain, 'ssl_ps_chain.crt')) else: messages.append( "%sNOTE%s : A certificate was generated to be used for ssl, " "You should change the ssl certificate configured in " "/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert." % (utils.COLORS['red'], utils.COLORS['nocolor'], horizon_host)) + else: + config["CONFIG_HORIZON_SSL"] = 'false' manifestdata = getManifestTemplate("horizon.pp") - manifestdata += sslmanifestdata appendManifestFile(manifestfile, manifestdata) msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n" diff --git a/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb b/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb index a39a127bb..c4d4ca0a8 100755 --- a/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb +++ b/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb @@ -7,15 +7,23 @@ fi SSLKEY=/etc/pki/tls/private/ssl_ps_server.key SSLCERT=/etc/pki/tls/certs/ssl_ps_server.crt +SSLCHAIN=/etc/pki/tls/certs/ssl_ps_chain.crt # If packstack dropped a cert in the resources directory then we # use that instead of generating one if [ -f $PACKSTACK_VAR_DIR/resources/ssl_ps_server.crt ] ; then cp $PACKSTACK_VAR_DIR/resources/ssl_ps_server.crt $SSLCERT cp $PACKSTACK_VAR_DIR/resources/ssl_ps_server.key $SSLKEY + cp $PACKSTACK_VAR_DIR/resources/ssl_ps_chain.crt $SSLCHAIN exit 0 fi +# If we already generated a cert then we +# use that instead of generating one +if [ -f $SSLCERT ] ; then + exit 0 +fi + umask 277 answers() { @@ -30,8 +38,16 @@ answers() { echo } +echo 10 > /etc/pki/CA/serial +touch /etc/pki/CA/index.txt # gen key and self signed host cert -openssl genrsa 2048 > $SSLKEY 2> /dev/null -answers $FQDN | openssl req -new -x509 -days 1096 -key $SSLKEY -text -out $SSLCERT +openssl genrsa 2048 > /etc/pki/CA/private/cakey.pem 2> /dev/null +answers $FQDN | openssl req -new -x509 -days 3650 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem + +cp /etc/pki/CA/cacert.pem $SSLCHAIN + +openssl genrsa 2048 > $SSLKEY 2> /dev/null +answers $FQDN | openssl req -new -nodes -key $SSLKEY -out ${SSLCERT}.req +yes | openssl ca -in ${SSLCERT}.req -out ${SSLCERT} diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index a39fa1bd1..66561abf6 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -15,6 +15,35 @@ can_set_mount_point => 'False', help_url =>'http://docs.openstack.org', django_debug => %(CONFIG_DEBUG_MODE)s ? {true => 'True', false => 'False'}, + listen_ssl => %(CONFIG_HORIZON_SSL)s, + horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', + horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', + horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', +} + +if %(CONFIG_HORIZON_SSL)s { + file {'/etc/pki/tls/certs/ps_generate_ssl_certs.ssh': + content => template('packstack/ssl/generate_ssl_certs.sh.erb'), + ensure => present, + mode => '755', + } + + exec {'/etc/pki/tls/certs/ps_generate_ssl_certs.ssh': + require => File['/etc/pki/tls/certs/ps_generate_ssl_certs.ssh'], + notify => Service['httpd'], + before => Class['horizon'], + } + + apache::listen { '443': } + + # little bit of hatred as we'll have to patch upstream puppet-horizon + file_line {'horizon_ssl_wsgi_fix': + path => '/etc/httpd/conf.d/15-horizon_ssl_vhost.conf', + match => 'WSGIProcessGroup.*', + line => ' WSGIProcessGroup horizon-ssl', + require => File['15-horizon_ssl_vhost.conf'], + notify => Service['httpd'], + } } class {'memcached':} diff --git a/packstack/puppet/templates/https.pp b/packstack/puppet/templates/https.pp deleted file mode 100644 index d8b6706ca..000000000 --- a/packstack/puppet/templates/https.pp +++ /dev/null @@ -1,97 +0,0 @@ - -class {'apache::mod::ssl': } - -file {'/etc/pki/tls/certs/ps_generate_ssl_certs.ssh': - content => template('packstack/ssl/generate_ssl_certs.sh.erb'), - ensure => present, - mode => '755', -} - -exec {'/etc/pki/tls/certs/ps_generate_ssl_certs.ssh': - require => File['/etc/pki/tls/certs/ps_generate_ssl_certs.ssh'], - notify => Service['httpd'], -} - -# close port 80 -file_line{'nohttp': - path => '/etc/httpd/conf/httpd.conf', - match => '^.*Listen 80', - line => '#Listen 80', - require => Class['apache::mod::ssl'] -} - -# close port 80 on 0.0.0.0 -# this line is added by the horizon class -file_line{'nohttp_ip': - path => '/etc/httpd/conf/httpd.conf', - match => '^.*Listen 0.0.0.0:80', - line => '#Listen 0.0.0.0:80', - require => Class['horizon'] -} - -$https_port = %(CONFIG_HORIZON_PORT)s - - -if ($::fqdn != "" and $::fqdn !~ /localhost/) { - $vhostname = $::fqdn -} -else { - $vhostname = '%(CONFIG_CONTROLLER_HOST)s' -} - - -file{'/etc/httpd/conf.d/openstack-dashboard-vhost-port-80.conf': - ensure => present, - content => "\n\n\tServerName ${vhostname}\n\tRewriteEngine On\n\tRewriteCond %%{HTTPS} !=on\n\tRewriteRule ^/?(.*) https://%%{SERVER_NAME}/$1 [R,L]\n\n", -} - -file_line{'redirect': - path => '/etc/httpd/conf.d/openstack-dashboard.conf', - match => '^RedirectMatch .*', - line => "RedirectMatch permanent ^/$ https://%(CONFIG_CONTROLLER_HOST)s:${https_port}/dashboard", - require => Class['horizon'] -} - - -# if the mod_ssl apache puppet module does not install -# this file, we ensure it haves the minimum -# requirements for SSL to work -$ssl_lines = { - 'ssl_port' => { - path => '/etc/httpd/conf.d/ssl.conf', - match => 'Listen .+', - line => 'Listen 443', - require => Class['apache::mod::ssl'] - }, - 'start_vhost_ssl' => { - path => '/etc/httpd/conf.d/ssl.conf', - line => '', - require => File_line['ssl_port'], - }, - 'ssl_engine' => { - path => '/etc/httpd/conf.d/ssl.conf', - match => 'SSLEngine .+', - line => 'SSLEngine on', - require => File_line['start_vhost_ssl'], - }, - # set the name of the ssl cert and key file - 'sslcert' => { - path => '/etc/httpd/conf.d/ssl.conf', - match => '^SSLCertificateFile ', - line => 'SSLCertificateFile /etc/pki/tls/certs/ssl_ps_server.crt', - require => File_line['ssl_engine'], - }, - 'sslkey' => { - path => '/etc/httpd/conf.d/ssl.conf', - match => '^SSLCertificateKeyFile ', - line => 'SSLCertificateKeyFile /etc/pki/tls/private/ssl_ps_server.key', - require => File_line['sslcert'], - }, - 'end_vhost_ssl' => { - path => '/etc/httpd/conf.d/ssl.conf', - line => '', - require => File_line['sslkey'], - }, -} - -create_resources(file_line, $ssl_lines) diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index 8483c8bf4..54f732073 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -81,3 +81,8 @@ dport => ['80'], action => 'accept', } + +# ensure that we won't stop listening on 443 if horizon has ssl enabled +if %(CONFIG_HORIZON_SSL)s { + apache::listen { '443': } +} From 1627136230f57ee5fceed10af74532b1fc8e59a5 Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Fri, 6 Jun 2014 10:51:27 -0400 Subject: [PATCH 0037/1017] fix firewall rules with multiple network hosts If CONFIG_NETWORK_HOSTS contained hosts other than CONFIG_CONTROLLER_HOST, the fact that the config keys for Neutron API access... config['FIREWALL_PORTS'] = "'9696'" ...were set outside the 'for host in q_hosts' loop meant that they could be overwritten by the tunnel-related configuration later on in the loop. This patch sets the keys immediately before reading in the firewall template. See also: https://bugzilla.redhat.com/show_bug.cgi?id=1105248 Change-Id: I71f50b9aadab6f903ee0941deae2f13ed3467104 --- packstack/plugins/neutron_350.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 941fa9f30..ef1d732c3 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -718,10 +718,6 @@ def create_manifests(config, messages): elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2': plugin_manifest = 'neutron_ml2_plugin.pp' - config['FIREWALL_SERVICE_NAME'] = "neutron server" - config['FIREWALL_PORTS'] = "'9696'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' for host in q_hosts: manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron.pp") @@ -735,6 +731,10 @@ def create_manifests(config, messages): # Firewall Rules for f_host in q_hosts: + config['FIREWALL_SERVICE_NAME'] = "neutron server" + config['FIREWALL_PORTS'] = "'9696'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' config['FIREWALL_ALLOWED'] = "'%s'" % f_host config['FIREWALL_SERVICE_ID'] = ("neutron_server_%s_%s" % (host, f_host)) From cb016095e85b5ff2b24c0205f222b62ee089ae0e Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 9 Jun 2014 11:27:51 +0200 Subject: [PATCH 0038/1017] Don't use vs_bridge with provider network This typo has been introduced with simplification patch. Change-Id: If33c0dcd609b22b935a2218691d34d574c9eff72 Fixes: rhbz#1105884 --- packstack/plugins/neutron_350.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index ba7d7a2b8..17add0987 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -807,7 +807,8 @@ def create_l3_manifests(config, messages): ext_bridge = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] mapping = find_mapping(config['CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'], ext_bridge) if ext_bridge else None - if config['CONFIG_NEUTRON_L2_AGENT'] == 'openvswitch' and not mapping: + if (config['CONFIG_NEUTRON_L2_AGENT'] == 'openvswitch' and ext_bridge + and not mapping): config['CONFIG_NEUTRON_OVS_BRIDGE'] = ext_bridge manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') appendManifestFile(manifestfile, manifestdata + '\n') From 4f7390eae1896fe67cca70747d8f9249a9dc1c1c Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 5 Jun 2014 20:24:00 +0200 Subject: [PATCH 0039/1017] Make sure swift cactch_errors middleware is first in pipeline Closes-Bug: rhbz#1023221 Change-Id: Ic8b03d9fa663caf54db805b233c669286ae4353a --- packstack/puppet/templates/swift_proxy.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 960ccccd7..49690f485 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -7,8 +7,8 @@ class { 'swift::proxy': proxy_local_net_ip => '%(CONFIG_CONTROLLER_HOST)s', pipeline => [ - 'bulk', 'catch_errors', + 'bulk', 'healthcheck', 'cache', 'ratelimit', From f94006c325091bb63d906a063356dbdb12a35dbe Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 9 Jun 2014 15:32:49 +0200 Subject: [PATCH 0040/1017] Synced packstack.rst - Corrected AMQP parameters documentation - Added three new parameters for controller host, compute hosts and network hosts - Removed deprecated parameters Change-Id: I11fa62981cae257a96ba7d0d9842509673263b1d --- docs/packstack.rst | 104 ++++++++++++++------------------------------- 1 file changed, 33 insertions(+), 71 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 8fb3ca727..96f878ceb 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -60,6 +60,15 @@ Global Options **CONFIG_MYSQL_INSTALL** Set to 'y' if you would like Packstack to install MySQL. +**CONFIG_CONTROLLER_HOST** + The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. This parameter replaced following deprecated parameters: CONFIG_CEILOMETER_HOST, CONFIG_CINDER_HOST, CONFIG_GLANCE_HOST, CONFIG_HORIZON_HOST, CONFIG_HEAT_HOST, CONFIG_KEYSTONE_HOST, CONFIG_NAGIOS_HOST, CONFIG_NEUTRON_SERVER_HOST, CONFIG_NEUTRON_LBAAS_HOSTS, CONFIG_NOVA_API_HOST, CONFIG_NOVA_CERT_HOST, CONFIG_NOVA_VNCPROXY_HOST, CONFIG_NOVA_SCHED_HOST, CONFIG_OSCLIENT_HOST, CONFIG_SWIFT_PROXY_HOSTS. + +**CONFIG_COMPUTE_HOSTS** + The list of IP addresses of the server on which to install the Nova compute service. This parameter replaced following deprecated parameters: CONFIG_NOVA_COMPUTE_HOSTS. + +**CONFIG_NETWORK_HOSTS** + The list of IP addresses of the server on which to install the network service such as Nova network or Neutron. This parameter replaced following deprecated parameters: CONFIG_NEUTRON_L3_HOSTS, CONFIG_NEUTRON_DHCP_HOSTS, CONFIG_NEUTRON_METADATA_HOSTS, CONFIG_NOVA_NETWORK_HOSTS. + SSH Configs ------------ @@ -79,36 +88,47 @@ MySQL Config parameters **CONFIG_MYSQL_PW** Password for the MySQL admin user. -QPID Config parameters +AMQP Config parameters ---------------------- -**CONFIG_QPID_HOST** + +**CONFIG_AMQP_BACKEND** + Set the AMQP service backend. Allowed values are: qpid, rabbitmq + +**CONFIG_AMQP_HOST** The IP address of the server on which to install the QPID service. -**CONFIG_QPID_ENABLE_SSL** +**CONFIG_AMQP_ENABLE_SSL** Enable SSL for the QPID service. -**CONFIG_QPID_NSS_CERTDB_PW** +**CONFIG_AMQP_NSS_CERTDB_PW** The password for the NSS certificate database of the QPID service. -**CONFIG_QPID_SSL_PORT** +**CONFIG_AMQP_SSL_PORT** The port in which the QPID service listens to SSL connections. -**CONFIG_QPID_SSL_CERT_FILE** +**CONFIG_AMQP_SSL_CERT_FILE** The filename of the certificate that the QPID service is going to use. -**CONFIG_QPID_SSL_KEY_FILE** +**CONFIG_AMQP_SSL_KEY_FILE** The filename of the private key that the QPID service is going to use. -**CONFIG_QPID_SSL_SELF_SIGNED** +**CONFIG_AMQP_SSL_SELF_SIGNED** Auto Generates self signed SSL certificate and key. +**CONFIG_AMQP_ENABLE_AUTH** + Enable Authentication for the AMQP service + +**CONFIG_AMQP_AUTH_USER** + User for amqp authentication + +**CONFIG_AMQP_AUTH_PASSWORD** + Password for user authentication + + Keystone Config parameters -------------------------- -**CONFIG_KEYSTONE_HOST** - The IP address of the server on which to install Keystone. - **CONFIG_KEYSTONE_DB_PW** The password to use for the Keystone to access DB. @@ -127,9 +147,6 @@ Keystone Config parameters Glance Config parameters ------------------------ -**CONFIG_GLANCE_HOST** - The IP address of the server on which to install Glance. - **CONFIG_GLANCE_DB_PW** The password to use for the Glance to access DB. @@ -139,9 +156,6 @@ Glance Config parameters Cinder Config parameters ------------------------ -**CONFIG_CINDER_HOST** - The IP address of the server on which to install Cinder. - **CONFIG_CINDER_DB_PW** The password to use for the Cinder to access DB. @@ -178,18 +192,6 @@ Cinder NFS Config parameters Nova Options ------------ -**CONFIG_NOVA_API_HOST** - The IP address of the server on which to install the Nova API service. - -**CONFIG_NOVA_CERT_HOST** - The IP address of the server on which to install the Nova Cert service. - -**CONFIG_NOVA_VNCPROXY_HOST** - The IP address of the server on which to install the Nova VNC proxy. - -**CONFIG_NOVA_COMPUTE_HOSTS** - A comma separated list of IP addresses on which to install the Nova Compute services. - **CONFIG_NOVA_COMPUTE_PRIVIF** Private interface for Flat DHCP on the Nova compute servers. @@ -244,18 +246,9 @@ Nova Options **CONFIG_NOVA_NETWORK_VLAN_START** First VLAN for private networks. -NOVACLIENT Config parameters ----------------------------- - -**CONFIG_OSCLIENT_HOST** - The IP address of the server on which to install the OpenStack client packages. An admin "rc" file will also be installed. - OpenStack Horizon Config parameters ----------------------------------- -**CONFIG_HORIZON_HOST** - The IP address of the server on which to install Horizon. - **CONFIG_HORIZON_SSL** To set up Horizon communication over https set this to "y" ['y', 'n']. @@ -271,14 +264,11 @@ OpenStack Horizon Config parameters OpenStack Swift Config parameters --------------------------------- -**CONFIG_SWIFT_PROXY_HOSTS** - The IP address on which to install the Swift proxy service. - **CONFIG_SWIFT_KS_PW** The password to use for the Swift to authenticate with Keystone. -**CONFIG_SWIFT_STORAGE_HOSTS** - A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format [/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device(packstack does not create the filesystem, you must do this first), if /dev is omitted Packstack will create a loopback device for a test setup. +**CONFIG_SWIFT_STORAGES** + A comma separated list of devices which to use as Swift Storage device. Each entry should take the format /path/to/dev, for example /dev/vdb will install /dev/vdb as Swift storage device (packstack does not create the filesystem, you must do this first). If value is omitted Packstack will create a loopback device for test setup **CONFIG_SWIFT_STORAGE_ZONES** Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured. @@ -349,18 +339,12 @@ RHN Satellite proxy config Nagios Config parameters ------------------------ -**CONFIG_NAGIOS_HOST** - The IP address of the server on which to install the Nagios server. - **CONFIG_NAGIOS_PW** The password of the nagiosadmin user on the Nagios server. Ceilometer Config Parameters ---------------------------- -**CONFIG_CEILOMETER_HOST** - The IP address of the server on which to install Ceilometer. - **CONFIG_CEILOMETER_SECRET** Secret key for signing metering messages. @@ -370,9 +354,6 @@ Ceilometer Config Parameters Heat Config Parameters ---------------------- -**CONFIG_HEAT_HOST** - The IP address of the server on which to install Heat service. - **CONFIG_HEAT_DB_PW** The password used by Heat user to authenticate against MySQL. @@ -385,39 +366,21 @@ Heat Config Parameters **CONFIG_HEAT_CFN_INSTALL** Set to 'y' if you would like Packstack to install Heat CloudFormation API. -**CONFIG_HEAT_CLOUDWATCH_HOST** - The IP address of the server on which to install Heat CloudWatch API service. - -**CONFIG_HEAT_CFN_HOST** - The IP address of the server on which to install Heat CloudFormation API. - Neutron Config Parameters ------------------------- -**CONFIG_NEUTRON_SERVER_HOST** - The IP addresses of the server on which to install the Neutron server. - **CONFIG_NEUTRON_KS_PW** The password to use for Neutron to authenticate with Keystone. **CONFIG_NEUTRON_DB_PW** The password to use for Neutron to access DB. -**CONFIG_NEUTRON_L3_HOSTS** - A comma separated list of IP addresses on which to install Neutron L3 agent. - **CONFIG_NEUTRON_L3_EXT_BRIDGE** The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. -**CONFIG_NEUTRON_DHCP_HOSTS** - A comma separated list of IP addresses on which to install Neutron DHCP agent. - **CONFIG_NEUTRON_L2_PLUGIN** The name of the L2 plugin to be used with Neutron. -**CONFIG_NEUTRON_METADATA_HOSTS** - A comma separated list of IP addresses on which to install Neutron metadata agent. - **CONFIG_NEUTRON_METADATA_PW** A comma separated list of IP addresses on which to install Neutron metadata agent. @@ -521,4 +484,3 @@ SOURCE ====== * `packstack https://github.com/stackforge/packstack` * `puppet modules https://github.com/puppetlabs and https://github.com/packstack` - From 7b2f1f7acb79fcdb16e0fa5e4712e53cdb2dfaec Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 9 Jun 2014 18:40:13 +0200 Subject: [PATCH 0041/1017] Make innodb tweaking compatible with mysql Change-Id: I50a6b8c2f8d6219e2bfe70fdf1dd0a2641df01c5 --- packstack/puppet/modules/packstack/manifests/innodb.pp | 10 ++++++++-- packstack/puppet/templates/mysql_install.pp | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/packstack/puppet/modules/packstack/manifests/innodb.pp b/packstack/puppet/modules/packstack/manifests/innodb.pp index 89342f5e2..13c38218c 100644 --- a/packstack/puppet/modules/packstack/manifests/innodb.pp +++ b/packstack/puppet/modules/packstack/manifests/innodb.pp @@ -26,6 +26,12 @@ ) { + if $mysql::server::package_name == 'mysql-server' { + $includedir = '/etc/mysql/conf.d' + } else { + $includedir = '/etc/my.cnf.d' + } + if $clean { exec { 'clean_innodb_logs': path => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'], @@ -33,12 +39,12 @@ onlyif => "ls /var/lib/mysql/ib_logfile?", notify => Service['mysqld'], logoutput => 'on_failure', - subscribe => File['/etc/my.cnf.d/innodb.cnf'], + subscribe => File["${includedir}/innodb.cnf"], refreshonly => true, } } - file { '/etc/my.cnf.d/innodb.cnf': + file { "${includedir}/innodb.cnf": require => Package["$mysql::server::package_name"], content => template('packstack/innodb.cnf.erb'), mode => '0644', diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index f65d53a35..644d368c4 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -5,7 +5,7 @@ service { 'mysqld': enable => true, ensure => 'running', - require => [ Package["mariadb-galera-server"], File['/etc/my.cnf'] ], + require => [ Package["$mysql::server::package_name"], File['/etc/my.cnf'] ], before => Exec['set_mysql_rootpw'], } } else { From eb23a191e50dad60c9bb143e5580903f3896017a Mon Sep 17 00:00:00 2001 From: Gilles Dubreuil Date: Tue, 10 Jun 2014 15:21:52 +1000 Subject: [PATCH 0042/1017] Added neutron options for Horizon When one of the following option is activated, the corresponding service is enabled in the dashboard: - LBaaS - FWaaS Change-Id: I5ad32f52dc35d81f7ea6f7479077964127077fd6 --- packstack/plugins/dashboard_500.py | 10 ++++++++++ packstack/puppet/templates/horizon.pp | 2 ++ 2 files changed, 12 insertions(+) diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index bfe58fb74..40862c388 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -162,6 +162,16 @@ def create_manifest(config, messages): else: config["CONFIG_HORIZON_SSL"] = 'false' + if config["CONFIG_LBAAS_INSTALL"] == 'y': + config["CONFIG_HORIZON_NEUTRON_LB"] = 'true' + else: + config["CONFIG_HORIZON_NEUTRON_LB"] = 'false' + + if config["CONFIG_NEUTRON_FWAAS"] == 'y': + config["CONFIG_HORIZON_NEUTRON_FW"] = 'true' + else: + config["CONFIG_HORIZON_NEUTRON_FW"] = 'false' + manifestdata = getManifestTemplate("horizon.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 66561abf6..eeb13e981 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -19,6 +19,8 @@ horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', + neutron_options => { 'enable_lb' => %(CONFIG_HORIZON_NEUTRON_LB)s, + 'enable_firewall' => %(CONFIG_HORIZON_NEUTRON_FW)s }, } if %(CONFIG_HORIZON_SSL)s { From e329262ad935688002b99ce2c3cc7463be39f64f Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 9 Jun 2014 17:36:52 +0200 Subject: [PATCH 0043/1017] Moved cinder::volume::iscsi out of main template In recent puppet-cinder we cannot have two volume declarations in single manifest. This patch removes iscsi declaration to separate template. Change-Id: Ie46e92ca69a674fe475d3d7303dc6ecdb8e7e1a9 Fixes: rhbz#1106512 --- packstack/plugins/cinder_250.py | 24 ++++++++---------------- packstack/puppet/templates/cinder.pp | 4 ---- packstack/puppet/templates/cinder_lvm.pp | 9 +++++++++ 3 files changed, 17 insertions(+), 20 deletions(-) create mode 100644 packstack/puppet/templates/cinder_lvm.pp diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index b171eace1..6f5532ccd 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -206,8 +206,6 @@ def initSequences(controller): return cinder_steps = [ - {'title': 'Installing dependencies for Cinder', - 'functions': [install_cinder_deps]}, {'title': 'Adding Cinder Keystone manifest entries', 'functions': [create_keystone_manifest]}, {'title': 'Adding Cinder manifest entries', @@ -223,17 +221,6 @@ def initSequences(controller): #-------------------------- step functions -------------------------- -def install_cinder_deps(config, messages): - server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) - pkgs = [] - if config['CONFIG_CINDER_BACKEND'] == 'lvm': - pkgs.append('lvm2') - for p in pkgs: - server.append("rpm -q --whatprovides %(package)s || " - "yum install -y %(package)s" % dict(package=p)) - server.execute() - - def check_cinder_vg(config, messages): cinders_volume = 'cinder-volumes' @@ -271,6 +258,8 @@ def check_cinder_vg(config, messages): output_messages.INFO_CINDER_VOLUMES_EXISTS) return + # TO-DO: This is implemented in cinder::setup_test_volume class. + # We should use it instead of this Python code server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) server.append('systemctl') try: @@ -281,6 +270,7 @@ def check_cinder_vg(config, messages): server.clear() logging.info("A new cinder volumes group will be created") + server.append('yum install -y lvm2') cinders_volume_path = '/var/lib/cinder' server.append('mkdir -p %s' % cinders_volume_path) @@ -348,11 +338,13 @@ def create_manifest(config, messages): manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata += getManifestTemplate("cinder.pp") - if config['CONFIG_CINDER_BACKEND'] == "gluster": + if config['CONFIG_CINDER_BACKEND'] == "lvm": + manifestdata += getManifestTemplate("cinder_lvm.pp") + elif config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") - if config['CONFIG_CINDER_BACKEND'] == "nfs": + elif config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") - if config['CONFIG_CINDER_BACKEND'] == "vmdk": + elif config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index b7c01d018..aa5f2f4d0 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -18,7 +18,3 @@ class {'cinder::volume': } - -class {'cinder::volume::iscsi': - iscsi_ip_address => '%(CONFIG_CONTROLLER_HOST)s' -} diff --git a/packstack/puppet/templates/cinder_lvm.pp b/packstack/puppet/templates/cinder_lvm.pp new file mode 100644 index 000000000..9d46ce8b7 --- /dev/null +++ b/packstack/puppet/templates/cinder_lvm.pp @@ -0,0 +1,9 @@ + +package { 'lvm2': + ensure => installed, +} + +class {'cinder::volume::iscsi': + iscsi_ip_address => '%(CONFIG_CONTROLLER_HOST)s', + require => Package['lvm2'], +} From 266b9b06f49ae562793c9fac1f5354a134f7b880 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 10 Jun 2014 13:10:33 +0200 Subject: [PATCH 0044/1017] Add special backward compat layer Swift parameter CONFIG_SWIFT_STORAGES requires special backward compatibility layer because valid values differs from old CONFIG_SWIFT_STORAGE_HOSTS. Change-Id: Ic8ba4cfe42edd4ce08edbbfa4618d4e88ca91d79 --- packstack/plugins/swift_600.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 8e193ef62..2df6aa674 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -8,6 +8,7 @@ import re import uuid import logging +import netaddr from packstack.installer import validators from packstack.installer.exceptions import ParamValidationError @@ -176,7 +177,18 @@ def parse_devices(config): device_number = 0 num_zones = int(config["CONFIG_SWIFT_STORAGE_ZONES"]) for device in config["CONFIG_SWIFT_STORAGES"].split(","): - device = device.strip() + # we have to get rid of host part in case deprecated parameter + # CONFIG_SWIFT_STORAGE_HOSTS has been used + if ':' in device: + device = device.split(':')[1] + # device should be empty string in case only IP address has been used + try: + netaddr.IPAddress(device) + except Exception: + device = device.strip() + else: + device = '' + if not device: continue device_number += 1 From b628613069232f873ce920fba9cd4faab7d0f84a Mon Sep 17 00:00:00 2001 From: Terry Wilson Date: Mon, 19 May 2014 11:20:48 -0500 Subject: [PATCH 0045/1017] Only setup nova notifications if nova is being installed Change-Id: Ia8e4c3410b04671c4f9796a7bb02845b081b0355 --- packstack/plugins/neutron_350.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 17add0987..9d43214b0 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -747,7 +747,9 @@ def create_manifests(config, messages): if host in api_hosts: manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron_api.pp") - manifest_data += getManifestTemplate("neutron_notifications.pp") + if config['CONFIG_NOVA_INSTALL'] == 'y': + template_name = "neutron_notifications.pp" + manifest_data += getManifestTemplate(template_name) # Firewall Rules for f_host in q_hosts: From 8150f6a0b805ac9e032a48f3e207f0644e1af8b1 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 11 Jun 2014 11:34:49 +0200 Subject: [PATCH 0046/1017] Make mysql_install innodb hacks package independent Change-Id: I9cfe761d4cdb07f4b1ac623ea9f495035e9d3e88 --- packstack/puppet/templates/mysql_install.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index 644d368c4..001cddc94 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -5,7 +5,7 @@ service { 'mysqld': enable => true, ensure => 'running', - require => [ Package["$mysql::server::package_name"], File['/etc/my.cnf'] ], + require => [ Package['mysql-server'], File['/etc/my.cnf'] ], before => Exec['set_mysql_rootpw'], } } else { From 48a0d4bcbed7d51de8b85506257783f4b49476fe Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 11 Jun 2014 11:36:27 +0200 Subject: [PATCH 0047/1017] Allow specifying includedir in packstack::innodb Change-Id: I71fb7f5db0911c668458a184130e23484c2df713 --- packstack/puppet/modules/packstack/manifests/innodb.pp | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/packstack/puppet/modules/packstack/manifests/innodb.pp b/packstack/puppet/modules/packstack/manifests/innodb.pp index 13c38218c..6e6d8b8e2 100644 --- a/packstack/puppet/modules/packstack/manifests/innodb.pp +++ b/packstack/puppet/modules/packstack/manifests/innodb.pp @@ -22,16 +22,11 @@ class packstack::innodb ( $buffer_pool_size = $::innodb_bufferpoolsize, $log_file_size = $::innodb_logfilesize, + $includedir = '/etc/my.cnf.d', $clean = true, ) { - if $mysql::server::package_name == 'mysql-server' { - $includedir = '/etc/mysql/conf.d' - } else { - $includedir = '/etc/my.cnf.d' - } - if $clean { exec { 'clean_innodb_logs': path => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'], @@ -45,7 +40,7 @@ } file { "${includedir}/innodb.cnf": - require => Package["$mysql::server::package_name"], + require => Package['mysql-server'], content => template('packstack/innodb.cnf.erb'), mode => '0644', notify => Service['mysqld'], From 352cb59055cc12fa449d08ec061ad6f114204c19 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 11 Jun 2014 11:47:51 +0200 Subject: [PATCH 0048/1017] Add crossdomain middleware into switf proxy pipeline Change-Id: I05d030428e326f829c53d7076cd15d2dda089dcd Depends-On: https://github.com/xbezdick/openstack-puppet-modules/commit/e62339152cd0253353b12a7da7f1d6dcf814bab1 --- packstack/puppet/templates/swift_proxy.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 49690f485..2cbce6115 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -11,6 +11,7 @@ 'bulk', 'healthcheck', 'cache', + 'crossdomain', 'ratelimit', 'authtoken', 'keystone', @@ -30,6 +31,7 @@ 'swift::proxy::catch_errors', 'swift::proxy::healthcheck', 'swift::proxy::cache', + 'swift::proxy::crossdomain', 'swift::proxy::staticweb', 'swift::proxy::tempurl', 'swift::proxy::account_quotas', From b854a38f384049349c08339fdac56cf0f2b3d9ad Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 12 Jun 2014 13:08:24 +0200 Subject: [PATCH 0049/1017] Set EC2 auth url for Heat Leaving keystone_ec2_uri with default value is causing Keystone authentification errors for Heat. This patch specifies correct URL. Change-Id: I9b2a786eeee8efd62944e792ed9eb428e842f24e Fixes: rhbz#1106394 --- packstack/puppet/templates/heat_qpid.pp | 1 + packstack/puppet/templates/heat_rabbitmq.pp | 1 + 2 files changed, 2 insertions(+) diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index 8c685b6d8..441ceb6c6 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -2,6 +2,7 @@ keystone_host => '%(CONFIG_CONTROLLER_HOST)s', keystone_password => '%(CONFIG_HEAT_KS_PW)s', auth_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', + keystone_ec2_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', rpc_backend => 'heat.openstack.common.rpc.impl_qpid', qpid_hostname => '%(CONFIG_AMQP_HOST)s', qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index 11b1977dc..7c8e750dd 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -2,6 +2,7 @@ keystone_host => '%(CONFIG_CONTROLLER_HOST)s', keystone_password => '%(CONFIG_HEAT_KS_PW)s', auth_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', + keystone_ec2_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', rpc_backend => 'heat.openstack.common.rpc.impl_kombu', rabbit_host => '%(CONFIG_AMQP_HOST)s', rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', From 5b20d5ed1ea249c50178758bce02a6f614a30aeb Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Thu, 12 Jun 2014 21:46:28 +0200 Subject: [PATCH 0050/1017] Handle interface names containing ".", "-" or ":" This fixes bz#1105166/bz#1057938 for packstack by calling regsubst() to replace ".", "-" or ":" with "_" in interface names when looking up ipaddress_* facts. Change-Id: I11cb747e5cdff35b69544598d6438ac35dc55ad0 Fixes: rhbz#1105166, rhbz#1057938 --- packstack/puppet/templates/neutron_ovs_agent_gre.pp | 3 ++- packstack/puppet/templates/neutron_ovs_agent_vxlan.pp | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/neutron_ovs_agent_gre.pp b/packstack/puppet/templates/neutron_ovs_agent_gre.pp index 0f635b031..40c9f0025 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_gre.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_gre.pp @@ -1,5 +1,6 @@ if "%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s" { - $localip = $ipaddress_%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s + $iface = regsubst('%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s', '[\.\-\:]', '_', 'G') + $localip = inline_template("<%%= scope.lookupvar('::ipaddress_${iface}') %%>") } else { $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' } diff --git a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp index 078a0eea8..93bca4134 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp @@ -1,6 +1,7 @@ if "%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s" { - $localip = $ipaddress_%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s + $iface = regsubst('%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s', '[\.\-\:]', '_', 'G') + $localip = inline_template("<%%= scope.lookupvar('::ipaddress_${iface}') %%>") } else { $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' } From e516c131ba046084ca674c02603a9a0a85de35cf Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Fri, 13 Jun 2014 16:08:59 +0200 Subject: [PATCH 0051/1017] Use openstack-selinux on RHEL-7 Package openstack-selinux will be used on RHEL-7, so we need to install it Change-Id: I82e233878a260eff6eec85aeed24ec986d0fda08 --- packstack/puppet/templates/prescript.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 179a33719..31c98cd3f 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -2,8 +2,8 @@ $el_releases = ["RedHat", "CentOS"] -# We don't have openstack-selinux package for Fedora and yet for RHEL-7 -if $::operatingsystem != "Fedora" and ($::operatingsystem in $el_releases and $::operatingsystemrelease < 7) { +# We don't have openstack-selinux package for Fedora +if $::operatingsystem != "Fedora" { package{ 'openstack-selinux': ensure => present, } From 9e4f7c16a536633b7bd394c857216bfb4bb9c0df Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 16 Jun 2014 14:17:18 +0200 Subject: [PATCH 0052/1017] Fix libvirt livemigration Ensure qemu migration ports are open on nova_computes and ensure that nova passes no_verify to libvirt as we don't have reasonable way to fill known_hosts file at puppet run. Change-Id: I484df7402032f71141b2dea356d841fcfe296e13 Closes-Bug: rhbz#1100356 --- packstack/plugins/nova_300.py | 11 +++++++++++ packstack/puppet/templates/nova_compute.pp | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index dd4a569d6..8f7d39974 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -458,6 +458,17 @@ def create_compute_manifest(config, messages): for host in compute_hosts: config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute.pp") + + for c_host in compute_hosts: + config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" + config['FIREWALL_PORTS'] = "'49152-49215'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'%s'" % c_host + config['FIREWALL_SERVICE_ID'] = ("nova_qemu_migration_%s_%s" + % (host, c_host)) + manifestdata += getManifestTemplate("firewall.pp") + if config['CONFIG_VMWARE_BACKEND'] == 'y': manifestdata += getManifestTemplate("nova_compute_vmware.pp") else: diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index b8b9798e0..7efe8d80b 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -21,7 +21,7 @@ nova_config{ "DEFAULT/volume_api_class": value => "nova.volume.cinder.API"; - "libvirt/live_migration_uri": value => "qemu+ssh://nova@%%s/system?keyfile=/etc/nova/ssh/nova_migration_key"; + "libvirt/live_migration_uri": value => "qemu+ssh://nova@%%s/system?no_verify=1&keyfile=/etc/nova/ssh/nova_migration_key"; } class {"nova::compute": From cbf11bf2263a09ae1c3a2fca5f6c58065b1c2b3a Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 16 Jun 2014 16:38:48 +0200 Subject: [PATCH 0053/1017] Add forgotten cinder backend vmdk During plugins refactor option to set vmdk as cinder backend was lost. Change-Id: I0ff7b98dbc8762023d771f2e94fabe973145c0a6 Closes-Bug: rhbz#1109374 --- docs/packstack.rst | 2 +- packstack/plugins/cinder_250.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 96f878ceb..8c49158f0 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -163,7 +163,7 @@ Cinder Config parameters The password to use for the Cinder to authenticate with Keystone. **CONFIG_CINDER_BACKEND** - The Cinder backend to use ['lvm', 'gluster', 'nfs']. + The Cinder backend to use ['lvm', 'gluster', 'nfs', 'vmdk']. Cinder volume create Config parameters -------------------------------------- diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 6f5532ccd..ad37ccc3b 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -65,7 +65,7 @@ def initConfig(controller): "USAGE": ("The Cinder backend to use, valid options are: lvm, " "gluster, nfs"), "PROMPT": "Enter the Cinder backend to be configured", - "OPTION_LIST": ["lvm", "gluster", "nfs"], + "OPTION_LIST": ["lvm", "gluster", "nfs", "vmdk"], "VALIDATORS": [validators.validate_options], "DEFAULT_VALUE": "lvm", "MASK_INPUT": False, From 33f30ac99ee0a3667b081535922faea89ba34bcd Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 16 Jun 2014 14:19:29 +0200 Subject: [PATCH 0054/1017] Provision also on multinode setup This patch drops dependancy on openstack::provision class by manually calling all required provisioning classes. Change-Id: I8f2c3eaf1239b4952e4817d747759af6d3a50e10 Closes-Bug: rhbz#1100356 --- packstack/plugins/provision_700.py | 21 +-- packstack/puppet/templates/provision.pp | 217 ++++++++++++++++++++++-- 2 files changed, 211 insertions(+), 27 deletions(-) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 8c7d809d8..ccccf37aa 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -121,17 +121,14 @@ def process_provision(param, process_args=None): } def check_provisioning_demo(config): - return (allow_provisioning(config) and - (config.get('CONFIG_PROVISION_DEMO', 'n') == 'y' or - config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y')) + return (config.get('CONFIG_PROVISION_DEMO', 'n') == 'y' or + config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') def check_provisioning_tempest(config): - return (allow_provisioning(config) and - config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') + return (config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') def allow_all_in_one_ovs_bridge(config): - return (allow_provisioning(config) and - config['CONFIG_NEUTRON_INSTALL'] == 'y' and + return (config['CONFIG_NEUTRON_INSTALL'] == 'y' and config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch') conf_groups = [ @@ -144,7 +141,6 @@ def allow_all_in_one_ovs_bridge(config): {"GROUP_NAME": "PROVISION_DEMO", "DESCRIPTION": "Provisioning demo config", - "PRE_CONDITION": allow_provisioning, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, @@ -189,7 +185,7 @@ def initSequences(controller): config['CONFIG_PROVISION_TEMPEST'] == 'y' ) - if not provisioning_required or not allow_provisioning(config): + if not provisioning_required: return marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') @@ -212,13 +208,6 @@ def marshall_conf_bool(conf, key): conf[key] = 'false' -def allow_provisioning(config): - # Provisioning is currently supported only for all-in-one (due - # to a limitation with how the custom types for OpenStack - # resources are implemented). - return is_all_in_one(config) - - #-------------------------- step functions -------------------------- def create_manifest(config, messages): diff --git a/packstack/puppet/templates/provision.pp b/packstack/puppet/templates/provision.pp index 3aedbef28..652f1aef7 100644 --- a/packstack/puppet/templates/provision.pp +++ b/packstack/puppet/templates/provision.pp @@ -1,14 +1,209 @@ -class { 'openstack::provision': - admin_password => '%(CONFIG_KEYSTONE_ADMIN_PW)s', - password => '%(CONFIG_KEYSTONE_DEMO_PW)s', - configure_tempest => %(CONFIG_PROVISION_TEMPEST)s, - tempest_repo_uri => '%(CONFIG_PROVISION_TEMPEST_REPO_URI)s', - tempest_repo_revision => '%(CONFIG_PROVISION_TEMPEST_REPO_REVISION)s', - neutron_available => %(PROVISION_NEUTRON_AVAILABLE)s, - setup_ovs_bridge => %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s, - public_bridge_name => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - floating_range => '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s', -} + ## Keystone + # non admin user + $username = 'demo' + $password = '%(CONFIG_KEYSTONE_DEMO_PW)s' + $tenant_name = 'demo' + # admin user + $admin_username = 'admin' + $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' + $admin_tenant_name = 'admin' + + ## Glance + $image_name = 'cirros' + $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_ssh_user = 'cirros' + + ## Neutron + $public_network_name = 'public' + $public_subnet_name = 'public_subnet' + $floating_range = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + $private_network_name = 'private' + $private_subnet_name = 'private_subnet' + $fixed_range = '10.0.0.0/24' + $router_name = 'router1' + $setup_ovs_bridge = %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s + $public_bridge_name = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + + ## Tempest + $configure_tempest = %(CONFIG_PROVISION_TEMPEST)s + + $image_name_alt = false + $image_source_alt = false + $image_ssh_user_alt = false + + $identity_uri = undef + $tempest_repo_uri = '%(CONFIG_PROVISION_TEMPEST_REPO_URI)s' + $tempest_repo_revision = '%(CONFIG_PROVISION_TEMPEST_REPO_REVISION)s' + $tempest_clone_path = '/var/lib/tempest' + $tempest_clone_owner = 'root' + $setup_venv = false + $resize_available = undef + $change_password_available = undef + $cinder_available = undef + $glance_available = true + $heat_available = undef + $horizon_available = undef + $neutron_available = %(PROVISION_NEUTRON_AVAILABLE)s + $nova_available = true + $swift_available = undef + + ## Users + + keystone_tenant { $tenant_name: + ensure => present, + enabled => true, + description => 'default tenant', + } + keystone_user { $username: + ensure => present, + enabled => true, + tenant => $tenant_name, + password => $password, + } + + keystone_tenant { $alt_tenant_name: + ensure => present, + enabled => true, + description => 'alt tenant', + } + keystone_user { $alt_username: + ensure => present, + enabled => true, + tenant => $alt_tenant_name, + password => $alt_password, + } + + ## Images + + glance_image { $image_name: + ensure => present, + is_public => 'yes', + container_format => 'bare', + disk_format => 'qcow2', + source => $image_source, + } + + # Support creation of a second glance image + # distinct from the first, for tempest. It + # doesn't need to be a different image, just + # have a different name and ref in glance. + if $image_name_alt { + $image_name_alt_real = $image_name_alt + if ! $image_source_alt { + # Use the same source by default + $image_source_alt_real = $image_source + } else { + $image_source_alt_real = $image_source_alt + } + + if ! $image_ssh_user_alt { + # Use the same user by default + $image_alt_ssh_user_real = $image_ssh_user + } else { + $image_alt_ssh_user_real = $image_ssh_user_alt + } + + glance_image { $image_name_alt: + ensure => present, + is_public => 'yes', + container_format => 'bare', + disk_format => 'qcow2', + source => $image_source_alt_real, + } + } else { + $image_name_alt_real = $image_name + } + + ## Neutron + + if $neutron_available { + $neutron_deps = [Neutron_network[$public_network_name]] + + neutron_network { $public_network_name: + ensure => present, + router_external => true, + tenant_name => $admin_tenant_name, + } + neutron_subnet { $public_subnet_name: + ensure => 'present', + cidr => $floating_range, + enable_dhcp => false, + network_name => $public_network_name, + tenant_name => $admin_tenant_name, + } + neutron_network { $private_network_name: + ensure => present, + tenant_name => $tenant_name, + } + neutron_subnet { $private_subnet_name: + ensure => present, + cidr => $fixed_range, + network_name => $private_network_name, + tenant_name => $tenant_name, + } + # Tenant-owned router - assumes network namespace isolation + neutron_router { $router_name: + ensure => present, + tenant_name => $tenant_name, + gateway_network_name => $public_network_name, + # A neutron_router resource must explicitly declare a dependency on + # the first subnet of the gateway network. + require => Neutron_subnet[$public_subnet_name], + } + neutron_router_interface { "${router_name}:${private_subnet_name}": + ensure => present, + } + + if $setup_ovs_bridge { + neutron_l3_ovs_bridge { $public_bridge_name: + ensure => present, + subnet_name => $public_subnet_name, + } + } + } + + ## Tempest + + if $configure_tempest { + $tempest_requires = concat([ + Keystone_user[$username], + Keystone_user[$alt_username], + Glance_image[$image_name], + ], $neutron_deps) + + class { 'tempest': + tempest_repo_uri => $tempest_repo_uri, + tempest_clone_path => $tempest_clone_path, + tempest_clone_owner => $tempest_clone_owner, + setup_venv => $setup_venv, + tempest_repo_revision => $tempest_repo_revision, + image_name => $image_name, + image_name_alt => $image_name_alt_real, + image_ssh_user => $image_ssh_user, + image_alt_ssh_user => $image_alt_ssh_user_real, + identity_uri => $identity_uri, + username => $username, + password => $password, + tenant_name => $tenant_name, + alt_username => $alt_username, + alt_password => $alt_password, + alt_tenant_name => $alt_tenant_name, + admin_username => $admin_username, + admin_password => $admin_password, + admin_tenant_name => $admin_tenant_name, + public_network_name => $public_network_name, + resize_available => $resize_available, + change_password_available => $change_password_available, + cinder_available => $cinder_available, + glance_available => $glance_available, + heat_available => $heat_available, + horizon_available => $horizon_available, + neutron_available => $neutron_available, + nova_available => $nova_available, + swift_available => $swift_available, + require => $tempest_requires, + } + } if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s { firewall { '000 nat': From 501c742f4416425b1793c04285d7492a3144f6df Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 16 Jun 2014 17:47:46 +0200 Subject: [PATCH 0055/1017] Auditd not enabled by default Auditd service should be on in general. Change-Id: I21116bc4ed40eb56e22014c6026e9bca8d2baadb Fixes: rhbz#1109250 --- packstack/puppet/templates/prescript.pp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 179a33719..5d7fe3ef6 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -26,3 +26,12 @@ ensure => "stopped", enable => false, } + +package { 'audit': + ensure => present, +} -> +service { 'auditd': + ensure => running, + enable => true, +} + From 9a363feb47ecd9591a647b80ff4c4825872ff352 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 17 Jun 2014 14:21:23 +0200 Subject: [PATCH 0056/1017] Restart libvirtd after Nova Network install Filters are not loaded if libvirtd is not restarted. This patch is fixing this issue. Change-Id: I3ba8e3c613b3c95c81f0b09417d952936d2e648f Closes-bug: rhbz#1109362 --- packstack/puppet/templates/nova_network.pp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/packstack/puppet/templates/nova_network.pp b/packstack/puppet/templates/nova_network.pp index b3f9eba62..64158b9f4 100644 --- a/packstack/puppet/templates/nova_network.pp +++ b/packstack/puppet/templates/nova_network.pp @@ -38,3 +38,13 @@ } package { 'dnsmasq': ensure => present } + +$vmware_backend = '%(CONFIG_VMWARE_BACKEND)s' +if $vmware_backend == 'n' { + exec { 'libvirtd_restart': + path => ['/usr/sbin/', '/sbin'], + command => 'service libvirtd restart', + logoutput => 'on_failure', + require => Class['nova::network'], + } +} From 2e4d48ba9c6aab32564cc13cfed09e3722b51797 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 17 Jun 2014 14:40:14 +0200 Subject: [PATCH 0057/1017] Make sure firewalld is down before iptables starts Starting iptables service in the middle of firewalld shutdown process might break iptables startup process. We have to synchronize shutdown/startup. Change-Id: I01a38078e319624bc93b850a19bc94c74c998986 --- packstack/puppet/templates/prescript.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 179a33719..30a5465d5 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -19,10 +19,10 @@ } } -# Stop firewalld since everything uses iptables -# for now - +# Stop firewalld since everything uses iptables. Firewalld provider will +# have to be implemented in puppetlabs-firewall in future. service { "firewalld": ensure => "stopped", enable => false, + before => Class['firewall'], } From 7ce1d3f2d4eb640f22e39557e4f0769a42249ca1 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Tue, 17 Jun 2014 14:28:16 -0600 Subject: [PATCH 0058/1017] Fixes horizon error when neutron disabled When run AIO installation with --os-neutron-install=n packstack fails because the horizon plugin does not handle this use case. Change-Id: I348dda4f887aacb959a12b6c2304775ae7342d62 Fixes: rhbz#1110492 --- packstack/plugins/dashboard_500.py | 17 ++++++++--------- packstack/puppet/templates/horizon.pp | 5 +++-- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index 40862c388..9619470fb 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -162,15 +162,14 @@ def create_manifest(config, messages): else: config["CONFIG_HORIZON_SSL"] = 'false' - if config["CONFIG_LBAAS_INSTALL"] == 'y': - config["CONFIG_HORIZON_NEUTRON_LB"] = 'true' - else: - config["CONFIG_HORIZON_NEUTRON_LB"] = 'false' - - if config["CONFIG_NEUTRON_FWAAS"] == 'y': - config["CONFIG_HORIZON_NEUTRON_FW"] = 'true' - else: - config["CONFIG_HORIZON_NEUTRON_FW"] = 'false' + config["CONFIG_HORIZON_NEUTRON_LB"] = 'false' + config["CONFIG_HORIZON_NEUTRON_FW"] = 'false' + + if config['CONFIG_NEUTRON_INSTALL'] == 'y': + if config["CONFIG_LBAAS_INSTALL"] == 'y': + config["CONFIG_HORIZON_NEUTRON_LB"] = 'true' + if config["CONFIG_NEUTRON_FWAAS"] == 'y': + config["CONFIG_HORIZON_NEUTRON_FW"] = 'true' manifestdata = getManifestTemplate("horizon.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index eeb13e981..65ee19ac7 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -1,7 +1,7 @@ -$horizon_packages = ["python-memcached", "python-netaddr"] - include concat::setup +$horizon_packages = ["python-memcached", "python-netaddr"] + package {$horizon_packages: notify => Class["horizon"], ensure => present, @@ -64,3 +64,4 @@ persistent => true, } } + From 212676a48ac6ddd4beda022e76a895c02c671352 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Fri, 13 Jun 2014 03:29:51 -0600 Subject: [PATCH 0059/1017] Add CONFIG_CONTROLLER_HOST to heat cfn config The if the bind_host value is not explicitly stated in the configurtion the default is 127.0.0.1 Change-Id: Ide3f9c8bdfbfa7f4aa40ac05a8f9138ee8e3106f Fixes: rhbz#1054353 --- packstack/puppet/templates/heat_cfn.pp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/packstack/puppet/templates/heat_cfn.pp b/packstack/puppet/templates/heat_cfn.pp index 18100fa31..eae4f7a65 100644 --- a/packstack/puppet/templates/heat_cfn.pp +++ b/packstack/puppet/templates/heat_cfn.pp @@ -1,3 +1,10 @@ class { 'heat::api_cfn': } + +class { 'heat::keystone::auth_cfn': + admin_address => '%(CONFIG_CONTROLLER_HOST)s', + public_address => '%(CONFIG_CONTROLLER_HOST)s', + internal_address => '%(CONFIG_CONTROLLER_HOST)s', + password => '%(CONFIG_HEAT_KS_PW)s' +} From 83eaa63aef2453cb8b47ef1a4c7327962d8ed2ac Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 19 Jun 2014 13:43:07 +0200 Subject: [PATCH 0060/1017] Remove documentation URL URL should be modified on module level. Change-Id: I7da90412ab5501ccba8e24a4ed1cafd03310e9b9 --- packstack/puppet/templates/horizon.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index eeb13e981..42402f90c 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -13,7 +13,6 @@ keystone_default_role => '_member_', fqdn => ['%(CONFIG_CONTROLLER_HOST)s', "$::fqdn", 'localhost'], can_set_mount_point => 'False', - help_url =>'http://docs.openstack.org', django_debug => %(CONFIG_DEBUG_MODE)s ? {true => 'True', false => 'False'}, listen_ssl => %(CONFIG_HORIZON_SSL)s, horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', From c353fda2216ee01dd2d1cd9d11356a6efe4b42a5 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 19 Jun 2014 15:15:17 +0200 Subject: [PATCH 0061/1017] Fix qpid setup With new puppet-qpid module there is no need for /var/run/qpidd but we need to install correct ssl package on some platforms. Also the realm of qpid user has to be QPID not AMQP. Change-Id: I6de4da0653b5bd763aa1f42a30cff9d75322d5b8 --- packstack/puppet/templates/amqp.pp | 52 +++++++----------------------- 1 file changed, 12 insertions(+), 40 deletions(-) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 76af9ce58..414fff1bb 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -71,56 +71,28 @@ } if $enable_ssl { - enable_qpid_ssl {"qpid":} + # If there is qpid-cpp-server-ssl install it + exec { 'install_qpid_ssl': + path => '/usr/bin', + command => 'yum install -y -d 0 -e 0 qpid-cpp-server-ssl', + onlyif => 'yum info qpid-cpp-server-ssl', + before => Service['qpidd'], + require => Package['qpid-cpp-server'], + } } + if $enable_auth == 'y' { add_qpid_user {"qpid_user":} } } -define enable_qpid_ssl { - # User and group for the nss database - group { 'qpidd': - ensure => 'present', - } - - exec { 'stop_qpid' : - command => '/sbin/service qpidd stop', - onlyif => '/sbin/service qpidd status', - } - - user { 'qpidd': - ensure => 'present', - managehome => true, - home => '/var/run/qpidd', - gid => 'qpidd', - before => Class['qpid::server'] - } - - Exec['stop_qpid']->User['qpidd'] - - file { 'pid_dir': - path => '/var/run/qpidd', - ensure => directory, - owner => 'qpidd', - group => 'qpidd', - require => User['qpidd'], - } - - file_line { 'pid_dir_conf': - path => $qpid::server::config_file, - line => 'pid-dir=/var/run/qpidd', - require => File['pid_dir'], - } -} - define add_qpid_user { qpid_user { '%(CONFIG_AMQP_AUTH_USER)s': password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - file => '/var/lib/qpidd/qpidd.sasldb', - realm => 'AMQP', - provider => 'saslpasswd2', + file => '/var/lib/qpidd/qpidd.sasldb', + realm => 'QPID', + provider => 'saslpasswd2', require => Class['qpid::server'], } From 21dd959a6822510a3436d480c19b57290f86466d Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 12 Jun 2014 17:16:50 +0200 Subject: [PATCH 0062/1017] Ensure correct order when using qpidd with ssl /var/lib/qpidd is provided by qpid server package. Change-Id: Iecdf9214b79618c8ee020e517adaea207fcb45b0 --- packstack/puppet/templates/amqp.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 414fff1bb..15d7b5d84 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -101,5 +101,6 @@ ensure => file, owner => 'qpidd', group => 'qpidd', + require => Package['qpid-cpp-server'], } } From 0a9560ccd758462fc4db8a93487d8bcb3739c12e Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 19 Jun 2014 18:54:11 +0200 Subject: [PATCH 0063/1017] Unite qpid configuration across services Change-Id: I19001d2a160d61e2633d073677a8b64090cceba6 --- packstack/puppet/templates/heat_qpid.pp | 2 ++ packstack/puppet/templates/nova_ceilometer_qpid.pp | 2 ++ 2 files changed, 4 insertions(+) diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index 441ceb6c6..ffe760aeb 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -7,6 +7,8 @@ qpid_hostname => '%(CONFIG_AMQP_HOST)s', qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', + qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', + qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', verbose => true, debug => %(CONFIG_DEBUG_MODE)s, sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MYSQL_HOST)s/heat", diff --git a/packstack/puppet/templates/nova_ceilometer_qpid.pp b/packstack/puppet/templates/nova_ceilometer_qpid.pp index 77a405dc8..ac6bc3e74 100644 --- a/packstack/puppet/templates/nova_ceilometer_qpid.pp +++ b/packstack/puppet/templates/nova_ceilometer_qpid.pp @@ -4,6 +4,8 @@ qpid_hostname => '%(CONFIG_AMQP_HOST)s', qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', + qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', + qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', verbose => true, debug => %(CONFIG_DEBUG_MODE)s From 9173b200af48ede5943fed7d611833e720f13e92 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 20 Jun 2014 11:40:49 +0200 Subject: [PATCH 0064/1017] Fix check for CentOS in mysql_install Closes-Bug: rhbz#1111318 Change-Id: I789321a65216a6ebe220895a54a3e1824e297fb8 --- packstack/puppet/templates/mysql_install.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index 001cddc94..1364f797a 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -1,6 +1,6 @@ # on EL6 we need to wait for innodb changes before starting mysqld -if $::operatingsystem in ['RedHat','Centos','Scientific'] and $::operatingsystemrelease < 7 { +if $::operatingsystem in ['RedHat','CentOS','Scientific'] and $::operatingsystemrelease < 7 { $manage_service = false service { 'mysqld': enable => true, From 5c357a8dd3c04a4eac7f9a106ae64ea5bc38eecc Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 20 Jun 2014 11:52:51 +0200 Subject: [PATCH 0065/1017] Better Hardware Virt Support checking Change-Id: I79e0f2444a56e38b913101377c833df0e4463d64 Fixes: rhbz#1111257 --- .../puppet/modules/packstack/lib/facter/is_virtual_packstack.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb b/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb index f792b3a66..60ef510ac 100644 --- a/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb +++ b/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb @@ -4,6 +4,6 @@ Facter.add("is_virtual_packstack") do setcode do - Facter::Util::Resolution.exec('grep hypervisor /proc/cpuinfo > /dev/null && echo true || echo false') + Facter::Util::Resolution.exec('grep -P \'(vmx|svm|hypervisor)\' /proc/cpuinfo > /dev/null && echo true || echo false') end end From f00ac8cab8b2dd7c4d90f30224c0e637bb43219c Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Fri, 20 Jun 2014 16:55:57 -0400 Subject: [PATCH 0066/1017] prevent packstack from aborting of o-p-m package has no deps If the openstack-puppet-modules has no dependencies (other than those explicitly filtered out), packstack will abort with an error. This patch allows the deployment to continue even if the egrep filter returns an error. Change-Id: I5642717d2dc093a18e6d1b0dc7f6f782426db843 Closes-bug: #1332705 --- packstack/plugins/puppet_950.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index def85bc65..c8c1c5640 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -135,7 +135,10 @@ def install_deps(config, messages): local = utils.ScriptRunner() local.append('rpm -q --requires %s | egrep -v "^(rpmlib|\/|perl)"' % modules_pkg) - rc, modules_deps = local.execute() + + # This can fail if there are no dependencies other than those + # filtered out by the egrep expression. + rc, modules_deps = local.execute(can_fail=False) # Modules package might not be installed if we are running from source. # In this case we assume user knows what (s)he's doing and we don't From 97d0b402bbd6336f08149a83f28bb526a756ae39 Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Fri, 20 Jun 2014 16:30:12 -0400 Subject: [PATCH 0067/1017] configure authorized_keys locally for --allinone When running in --allinone mode, this patch creates a local ScriptRunner rather than a remote ScriptRunner, which permits the authorized_keys file to be configured even if PasswordAuthentication is disabled in /etc/ssh/sshd_config. Closes: rhbz#1111705 (https://bugzilla.redhat.com/show_bug.cgi?id=1111705) Change-Id: I728f507bf0a38e75b8e981864253718afa200ca1 --- packstack/plugins/prescript_000.py | 39 +++++++++++++++++++----------- 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 02d6c33a3..eba27458b 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -13,7 +13,7 @@ from packstack.installer import (basedefs, exceptions, processors, utils, validators) -from packstack.modules.common import filtered_hosts +from packstack.modules.common import filtered_hosts, is_all_in_one from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) @@ -430,22 +430,33 @@ def initSequences(controller): #-------------------------- step functions -------------------------- +def install_keys_on_host(hostname, sshkeydata): + server = utils.ScriptRunner(hostname) + # TODO replace all that with ssh-copy-id + server.append("mkdir -p ~/.ssh") + server.append("chmod 500 ~/.ssh") + server.append("grep '%s' ~/.ssh/authorized_keys > /dev/null 2>&1 || " + "echo %s >> ~/.ssh/authorized_keys" + % (sshkeydata, sshkeydata)) + server.append("chmod 400 ~/.ssh/authorized_keys") + server.append("restorecon -r ~/.ssh") + server.execute() + + def install_keys(config, messages): with open(config["CONFIG_SSH_KEY"]) as fp: sshkeydata = fp.read().strip() - for hostname in filtered_hosts(config): - if '/' in hostname: - hostname = hostname.split('/')[0] - server = utils.ScriptRunner(hostname) - # TODO replace all that with ssh-copy-id - server.append("mkdir -p ~/.ssh") - server.append("chmod 500 ~/.ssh") - server.append("grep '%s' ~/.ssh/authorized_keys > /dev/null 2>&1 || " - "echo %s >> ~/.ssh/authorized_keys" - % (sshkeydata, sshkeydata)) - server.append("chmod 400 ~/.ssh/authorized_keys") - server.append("restorecon -r ~/.ssh") - server.execute() + + # If this is a --allinone install *and* we are running as root, + # we can configure the authorized_keys file locally, avoid problems + # if PasswordAuthentication is disabled. + if is_all_in_one(config) and os.getuid() == 0: + install_keys_on_host(None, sshkeydata) + else: + for hostname in filtered_hosts(config): + if '/' in hostname: + hostname = hostname.split('/')[0] + install_keys_on_host(hostname, sshkeydata) def discover(config, messages): From ed5928bdf5e33fe75baa75f6522f856d95d5f470 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 19 Jun 2014 15:35:22 +0200 Subject: [PATCH 0068/1017] Fixed subscription-manager registration Optional channel should not be enabled by default and relevant OS channel should be enabled by default. This patch is implementing those features. Priority of plugin serverprep has been changed since we need repositories before we touch any other packstack plugins. Change-Id: Id5a8e89c7bb817c99b398ef0053e1c35a7a21cab Fixes: rhbz#1093482 --- .../plugins/{mysql_001.py => mysql_003.py} | 0 .../{serverprep_949.py => serverprep_001.py} | 30 ++++++++++--- tests/test_plugin_serverprep.py | 44 +++++++++---------- 3 files changed, 45 insertions(+), 29 deletions(-) rename packstack/plugins/{mysql_001.py => mysql_003.py} (100%) rename packstack/plugins/{serverprep_949.py => serverprep_001.py} (94%) diff --git a/packstack/plugins/mysql_001.py b/packstack/plugins/mysql_003.py similarity index 100% rename from packstack/plugins/mysql_001.py rename to packstack/plugins/mysql_003.py diff --git a/packstack/plugins/serverprep_949.py b/packstack/plugins/serverprep_001.py similarity index 94% rename from packstack/plugins/serverprep_949.py rename to packstack/plugins/serverprep_001.py index f4018a7d0..c9cb32673 100644 --- a/packstack/plugins/serverprep_949.py +++ b/packstack/plugins/serverprep_001.py @@ -83,6 +83,19 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "rhn-enable-optional", + "USAGE": "To enable RHEL optional repos use value \"y\"", + "PROMPT": "To enable RHEL optional repos use value \"y\"", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_RH_OPTIONAL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "rhn-satellite-server", "USAGE": ("To subscribe each server with RHN Satellite,fill " "Satellite's URL here. Note that either satellite's " @@ -346,10 +359,11 @@ def run_rhn_reg(host, server_url, username=None, password=None, server.execute(mask_list=mask) -def run_rhsm_reg(host, username, password): +def run_rhsm_reg(config, host, username, password): """ Registers given host to Red Hat Repositories via subscription manager. """ + releasever = config['HOST_DETAILS'][host]['release'].split('.')[0] server = utils.ScriptRunner(host) # register host @@ -360,12 +374,16 @@ def run_rhsm_reg(host, username, password): # subscribe to required channel cmd = ('subscription-manager list --consumed | grep -i openstack || ' 'subscription-manager subscribe --pool %s') - pool = ("$(subscription-manager list --available | " - "grep -e 'Red Hat OpenStack' -m 1 -A 2 | grep 'Pool Id' | " - "awk '{print $3}')") + pool = ("$(subscription-manager list --available" + " | grep -e -m1 -A15 'Red Hat Enterprise Linux OpenStack Platform'" + " | grep -i 'Pool ID:' | awk '{print $3}')") server.append(cmd % pool) + + if config['CONFIG_RH_OPTIONAL'] == 'y': + server.append("subscription-manager repos " + "--enable rhel-%s-server-optional-rpms" % releasever) server.append("subscription-manager repos " - "--enable rhel-6-server-optional-rpms") + "--enable rhel-%s-server-openstack-5.0-rpms" % releasever) server.append("yum clean all") server.append("rpm -q --whatprovides yum-utils || " @@ -507,7 +525,7 @@ def server_prep(config, messages): for hostname in filtered_hosts(config): # Subscribe to Red Hat Repositories if configured if rh_username: - run_rhsm_reg(hostname, rh_username, rh_password) + run_rhsm_reg(config, hostname, rh_username, rh_password) # Subscribe to RHN Satellite if configured if sat_url and hostname not in sat_registered: diff --git a/tests/test_plugin_serverprep.py b/tests/test_plugin_serverprep.py index 92c93e4b6..ef775880e 100644 --- a/tests/test_plugin_serverprep.py +++ b/tests/test_plugin_serverprep.py @@ -18,11 +18,9 @@ from unittest import TestCase from test_base import PackstackTestCaseMixin -from packstack.plugins import serverprep_949 +from packstack.plugins import serverprep_001 from packstack.installer.setup_controller import Controller -serverprep_949.controller = Controller() - class OSPluginUtilsTestCase(PackstackTestCaseMixin, TestCase): def test_rhn_creds_quoted(self): @@ -30,30 +28,30 @@ def test_rhn_creds_quoted(self): # On non-RHEL, the CONFIG_{RH,SATELLITE} options are never set, # i.e. this test would always fail. Therefore, only run it on RHEL. - if not serverprep_949.is_rhel(): + if not serverprep_001.is_rhel(): return password = "dasd|'asda%> Date: Fri, 20 Jun 2014 14:49:12 +0800 Subject: [PATCH 0069/1017] don't install l2 agent on api node by default The q_host is the sum of api host, compute host, and network host. And it is not necessary to install l2 agent on api node by default, because api node is only responsible to api request routing. This patch removes the default behavior of install l2 agent on api node. Change-Id: I89c3a1be9c5f336c2eceb3773c3bcff2d9c1c61b --- packstack/plugins/neutron_350.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 9d43214b0..547d7d267 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -878,7 +878,7 @@ def create_metering_agent_manifests(config, messages): def create_l2_agent_manifests(config, messages): - global q_hosts + global network_hosts, compute_hosts plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] agent = config["CONFIG_NEUTRON_L2_AGENT"] @@ -910,9 +910,7 @@ def create_l2_agent_manifests(config, messages): else: raise KeyError("Unknown layer2 agent") - # Install l2 agents on every compute host in addition to any hosts listed - # specifically for the l2 agent - for host in q_hosts: + for host in network_hosts | compute_hosts: config[host_var] = host manifestfile = "%s_neutron.pp" % (host,) manifestdata = getManifestTemplate(template_name) From e8e54857da60f151302cb6a0f78f41495da8cc69 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 23 Jun 2014 16:56:00 +0200 Subject: [PATCH 0070/1017] Connect bridge with interface also for GRE and VXLAN Change-Id: Ie9091813ce42e8efb6697837844b4a708bb047c3 Fixes: rhbz#1072268 --- packstack/plugins/neutron_350.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 547d7d267..1a2792133 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -915,10 +915,10 @@ def create_l2_agent_manifests(config, messages): manifestfile = "%s_neutron.pp" % (host,) manifestdata = getManifestTemplate(template_name) appendManifestFile(manifestfile, manifestdata + "\n") - if agent == "openvswitch" and ovs_type == 'vlan': + if agent == "openvswitch" and ovs_type in ['vlan', 'vxlan', 'gre']: + bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' + iface_key = 'CONFIG_NEUTRON_OVS_IFACE' for if_map in iface_arr: - bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' - iface_key = 'CONFIG_NEUTRON_OVS_IFACE' config[bridge_key], config[iface_key] = if_map.split(':') manifestdata = getManifestTemplate("neutron_ovs_port.pp") appendManifestFile(manifestfile, manifestdata + "\n") From 8e65d041eeb7eb078c6a15815510622ca5ddb5c6 Mon Sep 17 00:00:00 2001 From: Gilles Dubreuil Date: Tue, 24 Jun 2014 14:00:48 +1000 Subject: [PATCH 0071/1017] Fixed metering to be installed on each L3 agent rhbz#1108499 Change-Id: Id8aacae78da9c79a930213921a6ba78041742755 --- packstack/plugins/neutron_350.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 547d7d267..241f0d3c2 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -865,12 +865,12 @@ def create_lbaas_manifests(config, messages): def create_metering_agent_manifests(config, messages): - global api_hosts + global network_hosts if not config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': return - for host in api_hosts: + for host in network_hosts: config['CONFIG_NEUTRON_METERING_IFCE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_metering_agent.pp") manifestfile = "%s_neutron.pp" % (host,) From d7a9e6db04a7343486d7654099802aea3f9a249e Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 24 Jun 2014 09:08:31 +0200 Subject: [PATCH 0072/1017] Provision Demo/Tempest Separation Packstack should be able to deploy Tempest in a standalone mode or in a full configuration (with the user demo or another one given by the user). Change-Id: I4874540edd60fa87cb853cdfdc6cc169600f5a50 Fixes: rhbz#1111969 --- docs/packstack.rst | 6 + packstack/plugins/provision_700.py | 81 ++++++++--- packstack/puppet/templates/provision_demo.pp | 134 ++++++++++++++++++ .../{provision.pp => provision_tempest.pp} | 81 ++++++++--- 4 files changed, 262 insertions(+), 40 deletions(-) create mode 100644 packstack/puppet/templates/provision_demo.pp rename packstack/puppet/templates/{provision.pp => provision_tempest.pp} (80%) diff --git a/docs/packstack.rst b/docs/packstack.rst index 8c49158f0..be453cba4 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -454,6 +454,12 @@ Provision Config Parameters **CONFIG_PROVISION_TEMPEST** Whether to configure tempest for testing. +**CONFIG_PROVISION_TEMPEST_USER** + The name of the Tempest Provisioning user. If you don't provide a user name, Tempest will be configured in a standalone mode. If you choose the **demo** user, packstack will use the password from **CONFIG_KEYSTONE_DEMO_PW** if **CONFIG_PROVISION_DEMO** is enabled. If not, the **CONFIG_PROVISION_TEMPEST_USER_PW** will be used. + +**CONFIG_PROVISION_TEMPEST_USER_PW** + The password to use for the Tempest Provisioning user. + **CONFIG_PROVISION_TEMPEST_REPO_REVISION** The revision of the tempest git repository to use. diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index ccccf37aa..cd17c9a7d 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -5,6 +5,7 @@ """ import logging +import uuid from packstack.installer import utils from packstack.installer import validators @@ -57,6 +58,36 @@ def process_provision(param, process_args=None): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "provision-tempest-user", + "USAGE": "The name of the Tempest Provisioning user. If you " + "don't provide a user name, Tempest will be configured " + "in a standalone mode", + "PROMPT": ("Enter the name of the Tempest Provisioning user " + "(if blank, "), + "OPTION_LIST": False, + "VALIDATORS": False, + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "provision-tempest-user-passwd", + "USAGE": "The password to use for the Tempest Provisioning user", + "PROMPT": "Enter the password for the Tempest Provisioning user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + ], "PROVISION_DEMO": [ @@ -121,8 +152,7 @@ def process_provision(param, process_args=None): } def check_provisioning_demo(config): - return (config.get('CONFIG_PROVISION_DEMO', 'n') == 'y' or - config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') + return (config.get('CONFIG_PROVISION_DEMO', 'n') == 'y') def check_provisioning_tempest(config): return (config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') @@ -179,22 +209,28 @@ def allow_all_in_one_ovs_bridge(config): def initSequences(controller): config = controller.CONF - provisioning_required = ( - config['CONFIG_PROVISION_DEMO'] == 'y' - or - config['CONFIG_PROVISION_TEMPEST'] == 'y' - ) - if not provisioning_required: + if (config['CONFIG_PROVISION_DEMO'] != "y" and + config['CONFIG_PROVISION_TEMPEST'] != "y"): return marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') - provision_steps = [ - {'title': 'Adding Provisioning manifest entries', - 'functions': [create_manifest]} - ] + provision_steps = [] + + if config['CONFIG_PROVISION_DEMO'] == "y": + provision_steps.append( + {'title': 'Adding Provisioning Demo manifest entries', + 'functions': [create_demo_manifest]} + ) + + if config['CONFIG_PROVISION_TEMPEST']: + provision_steps.append( + {'title': 'Adding Provisioning Tempest manifest entries', + 'functions': [create_tempest_manifest]} + ) + controller.addSequence("Provisioning for Demo and Testing Usage", [], [], provision_steps) @@ -208,9 +244,7 @@ def marshall_conf_bool(conf, key): conf[key] = 'false' -#-------------------------- step functions -------------------------- - -def create_manifest(config, messages): +def using_neutron(config): # Using the neutron or nova api servers as the provisioning target # will suffice for the all-in-one case. if config['CONFIG_NEUTRON_INSTALL'] != "y": @@ -225,6 +259,19 @@ def create_manifest(config, messages): config['PROVISION_NEUTRON_AVAILABLE'] = config['CONFIG_NEUTRON_INSTALL'] marshall_conf_bool(config, 'PROVISION_NEUTRON_AVAILABLE') - manifest_file = '%s_provision.pp' % config['CONFIG_CONTROLLER_HOST'] - manifest_data = getManifestTemplate("provision.pp") + +#-------------------------- step functions -------------------------- + +def create_demo_manifest(config, messages): + using_neutron(config) + manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST'] + manifest_data = getManifestTemplate("provision_demo.pp") + appendManifestFile(manifest_file, manifest_data) + + +def create_tempest_manifest(config, messages): + using_neutron(config) + manifest_file = '%s_provision_tempest.pp' % \ + config['CONFIG_CONTROLLER_HOST'] + manifest_data = getManifestTemplate("provision_tempest.pp") appendManifestFile(manifest_file, manifest_data) diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp new file mode 100644 index 000000000..2cd42e4cf --- /dev/null +++ b/packstack/puppet/templates/provision_demo.pp @@ -0,0 +1,134 @@ + ## Keystone + # non admin user + $username = 'demo' + $password = '%(CONFIG_KEYSTONE_DEMO_PW)s' + $tenant_name = 'demo' + # admin user + $admin_username = 'admin' + $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' + $admin_tenant_name = 'admin' + + ## Glance + $image_name = 'cirros' + $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_ssh_user = 'cirros' + + ## Neutron + $public_network_name = 'public' + $public_subnet_name = 'public_subnet' + $floating_range = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + $private_network_name = 'private' + $private_subnet_name = 'private_subnet' + $fixed_range = '10.0.0.0/24' + $router_name = 'router1' + $setup_ovs_bridge = %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s + $public_bridge_name = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + + ## Users + + keystone_tenant { $tenant_name: + ensure => present, + enabled => true, + description => 'default tenant', + } + keystone_user { $username: + ensure => present, + enabled => true, + tenant => $tenant_name, + password => $password, + } + + keystone_tenant { $alt_tenant_name: + ensure => present, + enabled => true, + description => 'alt tenant', + } + keystone_user { $alt_username: + ensure => present, + enabled => true, + tenant => $alt_tenant_name, + password => $alt_password, + } + + ## Images + + glance_image { $image_name: + ensure => present, + is_public => 'yes', + container_format => 'bare', + disk_format => 'qcow2', + source => $image_source, + } + + ## Neutron + + if %(PROVISION_NEUTRON_AVAILABLE)s { + $neutron_deps = [Neutron_network[$public_network_name]] + + neutron_network { $public_network_name: + ensure => present, + router_external => true, + tenant_name => $admin_tenant_name, + } + neutron_subnet { $public_subnet_name: + ensure => 'present', + cidr => $floating_range, + enable_dhcp => false, + network_name => $public_network_name, + tenant_name => $admin_tenant_name, + } + neutron_network { $private_network_name: + ensure => present, + tenant_name => $tenant_name, + } + neutron_subnet { $private_subnet_name: + ensure => present, + cidr => $fixed_range, + network_name => $private_network_name, + tenant_name => $tenant_name, + } + # Tenant-owned router - assumes network namespace isolation + neutron_router { $router_name: + ensure => present, + tenant_name => $tenant_name, + gateway_network_name => $public_network_name, + # A neutron_router resource must explicitly declare a dependency on + # the first subnet of the gateway network. + require => Neutron_subnet[$public_subnet_name], + } + neutron_router_interface { "${router_name}:${private_subnet_name}": + ensure => present, + } + + if $setup_ovs_bridge { + neutron_l3_ovs_bridge { $public_bridge_name: + ensure => present, + subnet_name => $public_subnet_name, + } + } + } + +if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s { + firewall { '000 nat': + chain => 'POSTROUTING', + jump => 'MASQUERADE', + source => $::openstack::provision::floating_range, + outiface => $::gateway_device, + table => 'nat', + proto => 'all', + } + + firewall { '000 forward out': + chain => 'FORWARD', + action => 'accept', + outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', + proto => 'all', + } + + firewall { '000 forward in': + chain => 'FORWARD', + action => 'accept', + iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', + proto => 'all', + } +} diff --git a/packstack/puppet/templates/provision.pp b/packstack/puppet/templates/provision_tempest.pp similarity index 80% rename from packstack/puppet/templates/provision.pp rename to packstack/puppet/templates/provision_tempest.pp index 652f1aef7..3f51156e3 100644 --- a/packstack/puppet/templates/provision.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -1,8 +1,17 @@ + +if '%(CONFIG_PROVISION_TEMPEST_USER)s' != '' { ## Keystone # non admin user - $username = 'demo' - $password = '%(CONFIG_KEYSTONE_DEMO_PW)s' - $tenant_name = 'demo' + $username = '%(CONFIG_PROVISION_TEMPEST_USER)s' + + if '%(CONFIG_PROVISION_TEMPEST_USER)s' == 'demo' and + '%(CONFIG_PROVISION_DEMO)s' == 'y' { + $password = '%(CONFIG_KEYSTONE_DEMO_PW)s' + } else { + $password = '%(CONFIG_PROVISION_TEMPEST_USER_PW)s' + } + + $tenant_name = '%(CONFIG_PROVISION_TEMPEST_USER)s' # admin user $admin_username = 'admin' $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' @@ -54,6 +63,7 @@ enabled => true, description => 'default tenant', } + keystone_user { $username: ensure => present, enabled => true, @@ -66,6 +76,7 @@ enabled => true, description => 'alt tenant', } + keystone_user { $alt_username: ensure => present, enabled => true, @@ -124,6 +135,7 @@ router_external => true, tenant_name => $admin_tenant_name, } + neutron_subnet { $public_subnet_name: ensure => 'present', cidr => $floating_range, @@ -131,16 +143,19 @@ network_name => $public_network_name, tenant_name => $admin_tenant_name, } + neutron_network { $private_network_name: ensure => present, tenant_name => $tenant_name, } + neutron_subnet { $private_subnet_name: ensure => present, cidr => $fixed_range, network_name => $private_network_name, tenant_name => $tenant_name, } + # Tenant-owned router - assumes network namespace isolation neutron_router { $router_name: ensure => present, @@ -150,6 +165,7 @@ # the first subnet of the gateway network. require => Neutron_subnet[$public_subnet_name], } + neutron_router_interface { "${router_name}:${private_subnet_name}": ensure => present, } @@ -205,27 +221,46 @@ } } -if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s { - firewall { '000 nat': - chain => 'POSTROUTING', - jump => 'MASQUERADE', - source => $::openstack::provision::floating_range, - outiface => $::gateway_device, - table => 'nat', - proto => 'all', - } + if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s { + firewall { '000 nat': + chain => 'POSTROUTING', + jump => 'MASQUERADE', + source => $::openstack::provision::floating_range, + outiface => $::gateway_device, + table => 'nat', + proto => 'all', + } - firewall { '000 forward out': - chain => 'FORWARD', - action => 'accept', - outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - proto => 'all', - } + firewall { '000 forward out': + chain => 'FORWARD', + action => 'accept', + outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', + proto => 'all', + } - firewall { '000 forward in': - chain => 'FORWARD', - action => 'accept', - iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - proto => 'all', + firewall { '000 forward in': + chain => 'FORWARD', + action => 'accept', + iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', + proto => 'all', + } + } +} else { + ## Standalone Tempest installation + class { 'tempest': + tempest_repo_uri => '%(CONFIG_PROVISION_TEMPEST_REPO_URI)s', + tempest_clone_path => '/var/lib/tempest', + tempest_clone_owner => 'root', + setup_venv => false, + tempest_repo_revision => '%(CONFIG_PROVISION_TEMPEST_REPO_REVISION)s', + configure_images => false, + configure_networks => false, + cinder_available => undef, + glance_available => true, + heat_available => undef, + horizon_available => undef, + neutron_available => false, + nova_available => true, + swift_available => undef, } } From 619fcab90f0f50beaa6fa565e57d374f9f712fc8 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 25 Jun 2014 09:26:24 +0200 Subject: [PATCH 0073/1017] Enables Debugging Mode for Neutron Agents According to CONFIG_DEBUG_MODE, this patch will enable debug mode for the Neutron Agents. Change-Id: I0c169f6b9cb28afed608b36bae47fe99a62ce903 Fixes: rhbz#1090785 --- packstack/puppet/templates/neutron_dhcp.pp | 1 + packstack/puppet/templates/neutron_l3.pp | 1 + packstack/puppet/templates/neutron_lbaas.pp | 5 +++-- packstack/puppet/templates/neutron_metadata.pp | 1 + packstack/puppet/templates/neutron_metering_agent.pp | 1 + 5 files changed, 7 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/neutron_dhcp.pp b/packstack/puppet/templates/neutron_dhcp.pp index d674c8b84..8880c8228 100644 --- a/packstack/puppet/templates/neutron_dhcp.pp +++ b/packstack/puppet/templates/neutron_dhcp.pp @@ -1,3 +1,4 @@ class { 'neutron::agents::dhcp': interface_driver => '%(CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER)s', + debug => %(CONFIG_DEBUG_MODE)s, } diff --git a/packstack/puppet/templates/neutron_l3.pp b/packstack/puppet/templates/neutron_l3.pp index e512143dd..8e91c5429 100644 --- a/packstack/puppet/templates/neutron_l3.pp +++ b/packstack/puppet/templates/neutron_l3.pp @@ -1,6 +1,7 @@ class { 'neutron::agents::l3': interface_driver => '%(CONFIG_NEUTRON_L3_INTERFACE_DRIVER)s', external_network_bridge => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', + debug => %(CONFIG_DEBUG_MODE)s, } sysctl::value { 'net.ipv4.ip_forward': diff --git a/packstack/puppet/templates/neutron_lbaas.pp b/packstack/puppet/templates/neutron_lbaas.pp index 5d06be7ae..6d27267a7 100644 --- a/packstack/puppet/templates/neutron_lbaas.pp +++ b/packstack/puppet/templates/neutron_lbaas.pp @@ -1,5 +1,6 @@ class { 'neutron::agents::lbaas': interface_driver => '%(CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER)s', - device_driver => 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver', - user_group => 'haproxy', + device_driver => 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver', + user_group => 'haproxy', + debug => %(CONFIG_DEBUG_MODE)s, } diff --git a/packstack/puppet/templates/neutron_metadata.pp b/packstack/puppet/templates/neutron_metadata.pp index 4331350bc..dc83b1e54 100644 --- a/packstack/puppet/templates/neutron_metadata.pp +++ b/packstack/puppet/templates/neutron_metadata.pp @@ -3,4 +3,5 @@ auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', shared_secret => '%(CONFIG_NEUTRON_METADATA_PW)s', metadata_ip => '%(CONFIG_CONTROLLER_HOST)s', + debug => %(CONFIG_DEBUG_MODE)s, } diff --git a/packstack/puppet/templates/neutron_metering_agent.pp b/packstack/puppet/templates/neutron_metering_agent.pp index 7ecd72c46..e2f1275c2 100644 --- a/packstack/puppet/templates/neutron_metering_agent.pp +++ b/packstack/puppet/templates/neutron_metering_agent.pp @@ -1,3 +1,4 @@ class { 'neutron::agents::metering': interface_driver => '%(CONFIG_NEUTRON_METERING_IFCE_DRIVER)s', + debug => %(CONFIG_DEBUG_MODE)s, } From 265220141307f42b7bcff49a66df47f9a71a3ad7 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 25 Jun 2014 11:06:45 +0200 Subject: [PATCH 0074/1017] Fix wrong CONFIG_PROVSION_TEMPEST test - Marshall_conf_bool() is just converting ['y'|'n'] into ['true'|'false'] which are Puppet Boolean value ! - Need to check the Python Boolean Value instead ! Change-Id: I4d9df5c7643f19aefd2fe2c6e95a2f086c756bd0 --- packstack/plugins/provision_700.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index cd17c9a7d..99eeaa25b 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -214,9 +214,6 @@ def initSequences(controller): config['CONFIG_PROVISION_TEMPEST'] != "y"): return - marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') - marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') - provision_steps = [] if config['CONFIG_PROVISION_DEMO'] == "y": @@ -225,12 +222,15 @@ def initSequences(controller): 'functions': [create_demo_manifest]} ) - if config['CONFIG_PROVISION_TEMPEST']: + if config['CONFIG_PROVISION_TEMPEST'] == "y": provision_steps.append( {'title': 'Adding Provisioning Tempest manifest entries', 'functions': [create_tempest_manifest]} ) + marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') + marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') + controller.addSequence("Provisioning for Demo and Testing Usage", [], [], provision_steps) From 6d4e5f7a82be6dbd4109d215b929a822859d7206 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 25 Jun 2014 12:33:42 +0200 Subject: [PATCH 0075/1017] Revert "Better Hardware Virt Support checking" is_virtual_packstack custom fact checks if packstack is running on a virtualized system. So checking for 'vmx' or 'svm' flags is useless ! This reverts commit 5c357a8dd3c04a4eac7f9a106ae64ea5bc38eecc. Change-Id: I81f9444a787712cb1c5e676256d6a7c6ebdf84bf --- .../puppet/modules/packstack/lib/facter/is_virtual_packstack.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb b/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb index 60ef510ac..f792b3a66 100644 --- a/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb +++ b/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb @@ -4,6 +4,6 @@ Facter.add("is_virtual_packstack") do setcode do - Facter::Util::Resolution.exec('grep -P \'(vmx|svm|hypervisor)\' /proc/cpuinfo > /dev/null && echo true || echo false') + Facter::Util::Resolution.exec('grep hypervisor /proc/cpuinfo > /dev/null && echo true || echo false') end end From 5f1d2e86ffdc666004a84e291496bf956d23ea17 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Wed, 25 Jun 2014 07:07:41 -0600 Subject: [PATCH 0076/1017] Fixes DHCP firewall protocol Sets the firewall rules for DHCP to UDP, also simplified the rules to allow requests from all hosts Change-Id: Ia848315112cd53de530f7bf7eb487fce90605e3d Fixes: rhbz#bug1112019 --- packstack/plugins/neutron_350.py | 33 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index fc80f7d10..de69af3d4 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -830,23 +830,22 @@ def create_dhcp_manifests(config, messages): config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) manifest_data = getManifestTemplate("neutron_dhcp.pp") manifest_file = "%s_neutron.pp" % (host,) - - # Firewall Rules - config['FIREWALL_PROTOCOL'] = 'tcp' - for f_host in q_hosts: - config['FIREWALL_ALLOWED'] = "'%s'" % f_host - config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in" - config['FIREWALL_SERVICE_ID'] = ("neutron_dhcp_in_%s_%s" - % (host, f_host)) - config['FIREWALL_PORTS'] = "'67'" - config['FIREWALL_CHAIN'] = "INPUT" - manifest_data += getManifestTemplate("firewall.pp") - config['FIREWALL_SERVICE_NAME'] = "neutron dhcp out" - config['FIREWALL_SERVICE_ID'] = ("neutron_dhcp_out_%s_%s" - % (host, f_host)) - config['FIREWALL_PORTS'] = "'68'" - config['FIREWALL_CHAIN'] = "OUTPUT" - manifest_data += getManifestTemplate("firewall.pp") + # Firewall Rules for dhcp in + config['FIREWALL_PROTOCOL'] = 'udp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in: " + config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_in_%s" % host + config['FIREWALL_PORTS'] = "'67'" + config['FIREWALL_CHAIN'] = "INPUT" + manifest_data += getManifestTemplate("firewall.pp") + # Firewall Rules for dhcp out + config['FIREWALL_PROTOCOL'] = 'udp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_NAME'] = "neutron dhcp out: " + config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_out_%s" % host + config['FIREWALL_PORTS'] = "'68'" + config['FIREWALL_CHAIN'] = "OUTPUT" + manifest_data += getManifestTemplate("firewall.pp") appendManifestFile(manifest_file, manifest_data, 'neutron') From be108149597b3cac893d5868a9dd989649ad2cb7 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 26 Jun 2014 11:05:19 +0200 Subject: [PATCH 0077/1017] Setup neutron l2 plugin configs only on neutron api nodes Closes-Bug: rhbz#1113472 Change-Id: I4b28162b922393ee25595188fbb6681a271fc20a --- packstack/plugins/neutron_350.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index fc80f7d10..9c1a7282f 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -751,6 +751,10 @@ def create_manifests(config, messages): template_name = "neutron_notifications.pp" manifest_data += getManifestTemplate(template_name) + # Set up any l2 plugin configs we need only on neutron api nodes + # XXX I am not completely sure about this, but it seems necessary: + manifest_data += getManifestTemplate(plugin_manifest) + # Firewall Rules for f_host in q_hosts: config['FIREWALL_SERVICE_NAME'] = "neutron server" @@ -764,10 +768,6 @@ def create_manifests(config, messages): appendManifestFile(manifest_file, manifest_data, 'neutron') - # Set up any l2 plugin configs we need anywhere we install neutron - # XXX I am not completely sure about this, but it seems necessary: - manifest_data = getManifestTemplate(plugin_manifest) - # We also need to open VXLAN/GRE port for agent if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if use_openvswitch_vxlan(config): @@ -782,9 +782,8 @@ def create_manifests(config, messages): config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel") config['FIREWALL_PORTS'] = tunnel_port config['FIREWALL_CHAIN'] = "INPUT" - manifest_data += getManifestTemplate('firewall.pp') - - appendManifestFile(manifest_file, manifest_data, 'neutron') + manifest_data = getManifestTemplate('firewall.pp') + appendManifestFile(manifest_file, manifest_data, 'neutron') def create_keystone_manifest(config, messages): From e90ad8150afa71f136cea7521512ffdff650901b Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 25 Jun 2014 17:04:06 +0200 Subject: [PATCH 0078/1017] Connect bridge with interface only on network hosts Change-Id: I4dad33a12c555bab37ae8373823eac4603a57430 --- packstack/plugins/neutron_350.py | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index fc80f7d10..f2f1b9fa5 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -915,13 +915,18 @@ def create_l2_agent_manifests(config, messages): manifestfile = "%s_neutron.pp" % (host,) manifestdata = getManifestTemplate(template_name) appendManifestFile(manifestfile, manifestdata + "\n") - if agent == "openvswitch" and ovs_type in ['vlan', 'vxlan', 'gre']: - bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' - iface_key = 'CONFIG_NEUTRON_OVS_IFACE' - for if_map in iface_arr: - config[bridge_key], config[iface_key] = if_map.split(':') - manifestdata = getManifestTemplate("neutron_ovs_port.pp") - appendManifestFile(manifestfile, manifestdata + "\n") + # neutron ovs port only on network hosts + if ( + agent == "openvswitch" and ( + (host in network_hosts and ovs_type in ['vxlan', 'gre']) + or ovs_type == 'vlan') + ): + bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' + iface_key = 'CONFIG_NEUTRON_OVS_IFACE' + for if_map in iface_arr: + config[bridge_key], config[iface_key] = if_map.split(':') + manifestdata = getManifestTemplate("neutron_ovs_port.pp") + appendManifestFile(manifestfile, manifestdata + "\n") # Additional configurations required for compute hosts if host in compute_hosts: manifestdata = getManifestTemplate('neutron_bridge_module.pp') From 17caf670585d40fd274a6d4761c11ba25a0f0106 Mon Sep 17 00:00:00 2001 From: Gilles Dubreuil Date: Mon, 30 Jun 2014 16:52:45 +1000 Subject: [PATCH 0079/1017] Fixed lbaas to be installed on network nodes rhbz#1114261 Change-Id: I23b14c15cb899881d73e7c286cd4009b27c5aa00 --- packstack/plugins/neutron_350.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 866090ba9..e9c7fceec 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -850,12 +850,12 @@ def create_dhcp_manifests(config, messages): def create_lbaas_manifests(config, messages): - global api_hosts + global network_hosts if not config['CONFIG_LBAAS_INSTALL'] == 'y': return - for host in api_hosts: + for host in network_hosts: config['CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_lbaas.pp") manifestfile = "%s_neutron.pp" % (host,) From 573a1e13ad047f4f341c4b443cb6add6edbddddc Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 30 Jun 2014 11:22:10 +0200 Subject: [PATCH 0080/1017] Change swift proxy pipeline quota entriers to use underscore instead of dash Change-Id: I1ddb1076d6eca950f14b5479755badc3b7bce217 Closes-Bug: rhbz#1114262 --- packstack/puppet/templates/swift_proxy.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 49690f485..cdde7c107 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -18,8 +18,8 @@ 'tempurl', 'slo', 'formpost', - 'account-quotas', - 'container-quotas', + 'account_quotas', + 'container_quotas', 'proxy-server' ], account_autocreate => true, From ff395cb8d0c033022317fa972860772c83f3f145 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 30 Jun 2014 15:04:25 +0200 Subject: [PATCH 0081/1017] Enable MRG channel by default QPID packages are in separate channel which needs to be enabled. Change-Id: I06f32c298b92a2c4cb4f787ffe46e6b3e8168d86 --- packstack/plugins/serverprep_001.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index c9cb32673..99c43cc8a 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -375,7 +375,7 @@ def run_rhsm_reg(config, host, username, password): cmd = ('subscription-manager list --consumed | grep -i openstack || ' 'subscription-manager subscribe --pool %s') pool = ("$(subscription-manager list --available" - " | grep -e -m1 -A15 'Red Hat Enterprise Linux OpenStack Platform'" + " | grep -m1 -A15 'Red Hat Enterprise Linux OpenStack Platform'" " | grep -i 'Pool ID:' | awk '{print $3}')") server.append(cmd % pool) @@ -385,6 +385,14 @@ def run_rhsm_reg(config, host, username, password): server.append("subscription-manager repos " "--enable rhel-%s-server-openstack-5.0-rpms" % releasever) + # mrg channel naming is a big mess + if releasever == '7': + mrg_prefix = 'rhel-x86_64-server-7' + elif releasever == '6': + mrg_prefix = 'rhel-6-server' + server.append("subscription-manager repos " + "--enable %s-mrg-messaging-2-rpms" % mrg_prefix) + server.append("yum clean all") server.append("rpm -q --whatprovides yum-utils || " "yum install -y yum-utils") From 66789aaa5f3a1efc4437297edf441eaa80f14f09 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 30 Jun 2014 12:31:33 +0200 Subject: [PATCH 0082/1017] Prevents packstack to create user/tenant called undef Change-Id: I06935da589afcd841656855d8ba6c6cb39d90fdf Fixed: rhbz#1114590 Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/provision_demo.pp | 12 ------------ packstack/puppet/templates/provision_tempest.pp | 17 ----------------- 2 files changed, 29 deletions(-) diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index 2cd42e4cf..5e7495d45 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -38,18 +38,6 @@ password => $password, } - keystone_tenant { $alt_tenant_name: - ensure => present, - enabled => true, - description => 'alt tenant', - } - keystone_user { $alt_username: - ensure => present, - enabled => true, - tenant => $alt_tenant_name, - password => $alt_password, - } - ## Images glance_image { $image_name: diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 3f51156e3..0653030d8 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -71,19 +71,6 @@ password => $password, } - keystone_tenant { $alt_tenant_name: - ensure => present, - enabled => true, - description => 'alt tenant', - } - - keystone_user { $alt_username: - ensure => present, - enabled => true, - tenant => $alt_tenant_name, - password => $alt_password, - } - ## Images glance_image { $image_name: @@ -183,7 +170,6 @@ if $configure_tempest { $tempest_requires = concat([ Keystone_user[$username], - Keystone_user[$alt_username], Glance_image[$image_name], ], $neutron_deps) @@ -201,9 +187,6 @@ username => $username, password => $password, tenant_name => $tenant_name, - alt_username => $alt_username, - alt_password => $alt_password, - alt_tenant_name => $alt_tenant_name, admin_username => $admin_username, admin_password => $admin_password, admin_tenant_name => $admin_tenant_name, From dcbff70fa436afe1f552b7a49d49cd0d66f6d71c Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 1 Jul 2014 10:14:04 +0200 Subject: [PATCH 0083/1017] Adds usage examples for CONFIG_NEUTRON_L2_PLUGIN Change-Id: I5371c0510ddb7b16e1cf1ce07998a02f531a5bef Fixes: rhbz#1066019 Signed-off-by: Gael Chamoulaud --- docs/packstack.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index be453cba4..c3e271b3b 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -379,7 +379,7 @@ Neutron Config Parameters The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. **CONFIG_NEUTRON_L2_PLUGIN** - The name of the L2 plugin to be used with Neutron. + The name of the L2 plugin to be used with Neutron. (eg. linuxbridge, openvswitch, ml2). **CONFIG_NEUTRON_METADATA_PW** A comma separated list of IP addresses on which to install Neutron metadata agent. From 26eb962148512a52706bdd2607902e831fe7d504 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 1 Jul 2014 15:38:39 +0200 Subject: [PATCH 0084/1017] Stop firewalld before service iptables and not class firewall Seems that puppet fails to comprehend that service iptables is from class firewall and stops firewalld after starting iptables. We solve this by setting before => Service['iptables'] Change-Id: I964998fe70794efb1d9c7b235a5f1f4aece24aad Closes-Bug: rhbz#1114121 --- packstack/puppet/templates/prescript.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 19f1eb279..4c9529268 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -24,7 +24,7 @@ service { "firewalld": ensure => "stopped", enable => false, - before => Class['firewall'], + before => Service['iptables'], } package { 'audit': From 1efaa4aec2ed5ebc1c73aa09479a0d81412836cb Mon Sep 17 00:00:00 2001 From: Jakub Libosvar Date: Tue, 1 Jul 2014 20:18:34 +0200 Subject: [PATCH 0085/1017] Compare CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE to 'false' CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE value is changed to 'true' if it is set o 'y' and set to 'false' when original value was 'n'. But comparision is still done according 'n'. Change-Id: I6ed0757b97c36cff380989263043757354c62ad8 --- packstack/plugins/postscript_948.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/postscript_948.py b/packstack/plugins/postscript_948.py index 9f90f7279..9850273d8 100644 --- a/packstack/plugins/postscript_948.py +++ b/packstack/plugins/postscript_948.py @@ -45,7 +45,7 @@ def create_manifest(config, messages): manifestfile = "%s_postscript.pp" % hostname manifestdata = getManifestTemplate("postscript.pp") appendManifestFile(manifestfile, manifestdata, 'postscript') - if config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") != 'n': + if config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") != 'false': fmted = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-', '_') config['EXT_BRIDGE_VAR'] = fmted manifestdata = getManifestTemplate("persist_ovs_bridge.pp") From 8a3206ac6a840ea4facf7c47283a4fd6b851fbb2 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 1 Jul 2014 16:28:28 +0200 Subject: [PATCH 0086/1017] Restart libvirt only when deploying nova network on compute Also ensure nova network does have nova_common classes and make sure all nodes can connect to mysql. Change-Id: I7adbdb08ad9c27575d8832feda8402450768ed92 Closes-Bug: rhbz#1114930 --- packstack/plugins/mysql_003.py | 4 ++-- packstack/plugins/nova_300.py | 23 +++++++++++-------- packstack/puppet/templates/nova_network.pp | 9 -------- .../puppet/templates/nova_network_libvirt.pp | 9 ++++++++ 4 files changed, 24 insertions(+), 21 deletions(-) create mode 100644 packstack/puppet/templates/nova_network_libvirt.pp diff --git a/packstack/plugins/mysql_003.py b/packstack/plugins/mysql_003.py index d5138bbb6..a0b625649 100644 --- a/packstack/plugins/mysql_003.py +++ b/packstack/plugins/mysql_003.py @@ -10,6 +10,7 @@ from packstack.installer import validators from packstack.installer import utils from packstack.installer.utils import split_hosts +from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) @@ -106,8 +107,7 @@ def append_for(module, suffix): if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) - hosts = set([config['CONFIG_CONTROLLER_HOST']]) - hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) + hosts = filtered_hosts(config, exclude=False, dbhost=True) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 8f7d39974..a729dabab 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -289,6 +289,14 @@ def initSequences(controller): if controller.CONF['CONFIG_NOVA_INSTALL'] != 'y': return + if controller.CONF['CONFIG_NEUTRON_INSTALL'] == 'y': + network_title = ('Adding Openstack Network-related ' + 'Nova manifest entries') + network_function = create_neutron_manifest + else: + network_title = 'Adding Nova Network manifest entries' + network_function = create_network_manifest + novaapisteps = [ {'title': 'Adding Nova API manifest entries', 'functions': [create_api_manifest]}, @@ -302,6 +310,8 @@ def initSequences(controller): 'functions': [create_ssh_keys]}, {'title': 'Gathering ssh host keys for Nova migration', 'functions': [gather_host_keys]}, + {'title': network_title, + 'functions': [network_function]}, {'title': 'Adding Nova Compute manifest entries', 'functions': [create_compute_manifest]}, {'title': 'Adding Nova Scheduler manifest entries', @@ -312,16 +322,6 @@ def initSequences(controller): 'functions': [create_common_manifest]}, ] - if controller.CONF['CONFIG_NEUTRON_INSTALL'] == 'y': - novaapisteps.append( - {'title': 'Adding Openstack Network-related Nova manifest entries', - 'functions': [create_neutron_manifest]} - ) - else: - novaapisteps.append( - {'title': 'Adding Nova Network manifest entries', - 'functions': [create_network_manifest]} - ) controller.addSequence("Installing OpenStack Nova API", [], [], novaapisteps) @@ -548,6 +548,9 @@ def create_network_manifest(config, messages): manifestfile = "%s_nova.pp" % host manifestdata = getManifestTemplate("nova_network.pp") + # Restart libvirt if we deploy nova network on compute + if host in compute_hosts: + manifestdata += getManifestTemplate("nova_network_libvirt.pp") # in multihost mode each compute host runs nova-api-metadata if multihost and host != api_host and host in compute_hosts: diff --git a/packstack/puppet/templates/nova_network.pp b/packstack/puppet/templates/nova_network.pp index 64158b9f4..f826cdecd 100644 --- a/packstack/puppet/templates/nova_network.pp +++ b/packstack/puppet/templates/nova_network.pp @@ -39,12 +39,3 @@ package { 'dnsmasq': ensure => present } -$vmware_backend = '%(CONFIG_VMWARE_BACKEND)s' -if $vmware_backend == 'n' { - exec { 'libvirtd_restart': - path => ['/usr/sbin/', '/sbin'], - command => 'service libvirtd restart', - logoutput => 'on_failure', - require => Class['nova::network'], - } -} diff --git a/packstack/puppet/templates/nova_network_libvirt.pp b/packstack/puppet/templates/nova_network_libvirt.pp new file mode 100644 index 000000000..957b04b67 --- /dev/null +++ b/packstack/puppet/templates/nova_network_libvirt.pp @@ -0,0 +1,9 @@ +$vmware_backend = '%(CONFIG_VMWARE_BACKEND)s' +if $vmware_backend == 'n' { + exec { 'libvirtd_restart': + path => ['/usr/sbin/', '/sbin'], + command => 'service libvirtd restart', + logoutput => 'on_failure', + require => Class['nova::network'], + } +} From a7a490ad1f96352f5f6abf917c4d45ea9289f4e3 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Wed, 2 Jul 2014 13:16:54 +0200 Subject: [PATCH 0087/1017] Make sure bridge provision is disabled for Nova network Currently CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE values are undeterministic and can have (true|y) and (false|n) values. This is temporary fix and we will need to create more robust fix for boolean parameters in the future. Change-Id: I18c37e5f277e0117c94867fe8e8ef727db73b77f Fixes: rhbz#1115444 --- packstack/plugins/postscript_948.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/postscript_948.py b/packstack/plugins/postscript_948.py index 9850273d8..d563cdbe4 100644 --- a/packstack/plugins/postscript_948.py +++ b/packstack/plugins/postscript_948.py @@ -45,7 +45,13 @@ def create_manifest(config, messages): manifestfile = "%s_postscript.pp" % hostname manifestdata = getManifestTemplate("postscript.pp") appendManifestFile(manifestfile, manifestdata, 'postscript') - if config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") != 'false': + # TO-DO: remove this temporary fix for nova-network/neutron + # undeterministic behavior + provision = ( + config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") not in + set(['false', 'n', None]) + ) + if config.get('CONFIG_NEUTRON_INSTALL', 'n') == 'y' and provision: fmted = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-', '_') config['EXT_BRIDGE_VAR'] = fmted manifestdata = getManifestTemplate("persist_ovs_bridge.pp") From ce4badc39e1acd21c6575c6aa74cd3d57a7a107f Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 2 Jul 2014 13:46:33 +0200 Subject: [PATCH 0088/1017] Change nova api steps generating puppet manifests to fix neutron Network configuration of nova has to run before common manifest and after all other manifests in order to iterate over all nodes as network_api_class has to be set to neutron on all nova nodes. Closes-Bug: rhbz#1115458 Change-Id: If6e23898f7cbaf381620312b13c72c61f7b57ed1 --- packstack/plugins/nova_300.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index a729dabab..a32cc1b58 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -310,14 +310,14 @@ def initSequences(controller): 'functions': [create_ssh_keys]}, {'title': 'Gathering ssh host keys for Nova migration', 'functions': [gather_host_keys]}, - {'title': network_title, - 'functions': [network_function]}, {'title': 'Adding Nova Compute manifest entries', 'functions': [create_compute_manifest]}, {'title': 'Adding Nova Scheduler manifest entries', 'functions': [create_sched_manifest]}, {'title': 'Adding Nova VNC Proxy manifest entries', 'functions': [create_vncproxy_manifest]}, + {'title': network_title, + 'functions': [network_function]}, {'title': 'Adding Nova Common manifest entries', 'functions': [create_common_manifest]}, ] From c0d21428086830a02a1b3847dcb208da24a898c7 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Thu, 3 Jul 2014 08:14:10 -0600 Subject: [PATCH 0089/1017] Fixes libvirtd restart When libvirtd is restarted it kills it's socket wich causes nova to fail. Change-Id: I484ef56fe0b020cd457397b00aabac7da7a317bb Fixes: rhbz#1109362 --- packstack/puppet/templates/nova_network_libvirt.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/nova_network_libvirt.pp b/packstack/puppet/templates/nova_network_libvirt.pp index 957b04b67..f145c73f3 100644 --- a/packstack/puppet/templates/nova_network_libvirt.pp +++ b/packstack/puppet/templates/nova_network_libvirt.pp @@ -1,8 +1,8 @@ $vmware_backend = '%(CONFIG_VMWARE_BACKEND)s' if $vmware_backend == 'n' { - exec { 'libvirtd_restart': + exec { 'libvirtd_reload': path => ['/usr/sbin/', '/sbin'], - command => 'service libvirtd restart', + command => 'service libvirtd reload', logoutput => 'on_failure', require => Class['nova::network'], } From bcef1c87cf6dfd60951124366d32e323934d05c2 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 3 Jul 2014 20:12:09 +0200 Subject: [PATCH 0090/1017] Ensure ceilometer depends on nova-common package Package openstack-nova-common provides user nova which ceilometer seems to need if we use openstack-ceilometer-compute. Change-Id: I49f667841e147ce553d7609227f4e9ab5d00421f Closes-Bug: rhbz#1115946 --- packstack/puppet/templates/nova_ceilometer_qpid.pp | 4 +++- packstack/puppet/templates/nova_ceilometer_rabbitmq.pp | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/nova_ceilometer_qpid.pp b/packstack/puppet/templates/nova_ceilometer_qpid.pp index ac6bc3e74..eee1b85b2 100644 --- a/packstack/puppet/templates/nova_ceilometer_qpid.pp +++ b/packstack/puppet/templates/nova_ceilometer_qpid.pp @@ -8,6 +8,8 @@ qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', verbose => true, - debug => %(CONFIG_DEBUG_MODE)s + debug => %(CONFIG_DEBUG_MODE)s, + # for some strange reason ceilometer needs to be in nova group + require => Package['nova-common'], } diff --git a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp index 2303a0136..27766e2de 100644 --- a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp @@ -5,6 +5,8 @@ rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', verbose => true, - debug => %(CONFIG_DEBUG_MODE)s + debug => %(CONFIG_DEBUG_MODE)s, + # for some strange reason ceilometer needs to be in nova group + require => Package['nova-common'], } From e2433675f403936f44bce65be8d239d5dbc579cc Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 4 Jul 2014 11:13:22 +0200 Subject: [PATCH 0091/1017] Configures NTP Servers by default - Packstack should configure NTP on each nodes - By default, it will use [0,1,2,3].fedora.pool.ntp.org Change-Id: Ie593297f036eb2994118d1dc4286d3efa7cd4716 Fixes: rhbz#1086349 Signed-off-by: Gael Chamoulaud --- packstack/plugins/prescript_000.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index eba27458b..1640a8f14 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -23,6 +23,8 @@ PLUGIN_NAME = "Prescript" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') +NTP_SERVER_LIST = ','.join("%s.fedora.pool.ntp.org" % x for x in range(0, 4)) + def initConfig(controller): default_ssh_key = os.path.join(os.environ["HOME"], ".ssh/*.pub") @@ -196,7 +198,7 @@ def initConfig(controller): "plain if Packstack should not install ntpd " "on instances."), "OPTION_LIST": [], - "DEFAULT_VALUE": '', + "DEFAULT_VALUE": NTP_SERVER_LIST, "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NTP_SERVERS", From 2402b972584cc3d2748fd6154465461791874a66 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 7 Jul 2014 11:09:11 +0200 Subject: [PATCH 0092/1017] Fixes incomplete Tempest question in interactive mode Change-Id: Ie5dc9d59d0a27d5720e5818bfffc82c7e16590d3 Fixes: rhbz#1116431 Signed-off-by: Gael Chamoulaud --- packstack/plugins/provision_700.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 99eeaa25b..f31bf2bee 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -64,7 +64,8 @@ def process_provision(param, process_args=None): "don't provide a user name, Tempest will be configured " "in a standalone mode", "PROMPT": ("Enter the name of the Tempest Provisioning user " - "(if blank, "), + "(if blank, Tempest will be configured in a " + "standalone mode) "), "OPTION_LIST": False, "VALIDATORS": False, "DEFAULT_VALUE": "", From 86f079aa8d1243daf27b3ef81e096ffc272678e6 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 7 Jul 2014 14:24:15 +0200 Subject: [PATCH 0093/1017] Revert "Configures NTP Servers by default" This reverts commit e2433675f403936f44bce65be8d239d5dbc579cc. Change-Id: I67341b6ed95acc3eb07d3afe20b8a8314c237128 Signed-off-by: Gael Chamoulaud --- packstack/plugins/prescript_000.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 1640a8f14..eba27458b 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -23,8 +23,6 @@ PLUGIN_NAME = "Prescript" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') -NTP_SERVER_LIST = ','.join("%s.fedora.pool.ntp.org" % x for x in range(0, 4)) - def initConfig(controller): default_ssh_key = os.path.join(os.environ["HOME"], ".ssh/*.pub") @@ -198,7 +196,7 @@ def initConfig(controller): "plain if Packstack should not install ntpd " "on instances."), "OPTION_LIST": [], - "DEFAULT_VALUE": NTP_SERVER_LIST, + "DEFAULT_VALUE": '', "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NTP_SERVERS", From 581a79ed8507a8ffe4388a67060e0b32899d4f86 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 30 Jun 2014 09:30:23 +0200 Subject: [PATCH 0094/1017] Configures Heat to use Trusts by default - This option has existed since Havana release and the Heat team is moving towards making this the default. - Sets deferred_auth_method=trusts and trusts_delegated_roles=heat_stack_owner in heat.conf - Creates heat_stack_owner role. - Assigns heat_stack_owner role to admin and demo users. Change-Id: I2e42d82f1bde019a3c2f0e52ab677fdf457d29a4 Fixes: rhbz#1108155 Signed-off-by: Gael Chamoulaud --- docs/packstack.rst | 3 +++ packstack/plugins/heat_750.py | 23 +++++++++++++++++++ packstack/plugins/provision_700.py | 7 ++++++ packstack/puppet/templates/heat_trusts.pp | 10 ++++++++ .../puppet/templates/keystone_heat_trusts.pp | 4 ++++ packstack/puppet/templates/provision_demo.pp | 10 ++++++++ .../puppet/templates/provision_tempest.pp | 10 ++++++++ 7 files changed, 67 insertions(+) create mode 100644 packstack/puppet/templates/heat_trusts.pp create mode 100644 packstack/puppet/templates/keystone_heat_trusts.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index c3e271b3b..281d327e2 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -360,6 +360,9 @@ Heat Config Parameters **CONFIG_HEAT_KS_PW** The password to use for the Heat to authenticate with Keystone. +**CONFIG_HEAT_USING_TRUSTS** + Set to 'y' if you would like Packstack to install heat with trusts as deferred auth method. If not, the stored password method will be used. + **CONFIG_HEAT_CLOUDWATCH_INSTALL** Set to 'y' if you would like Packstack to install Heat CloudWatch API. diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index 646310000..42faa0fdc 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -82,6 +82,21 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "os-heat-using-trusts", + "USAGE": ("Set to 'y' if you would like Packstack to install Heat " + "with trusts as deferred auth method. " + "If not, the stored password method will be used."), + "PROMPT": "Should Packstack configure Heat to use trusts", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HEAT_USING_TRUSTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "os-heat-cfn-install", "USAGE": ("Set to 'y' if you would like Packstack to install Heat " "CloudFormation API"), @@ -172,12 +187,20 @@ def create_manifest(config, messages): manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat.pp") + + if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y': + manifestdata += getManifestTemplate("heat_trusts.pp") + appendManifestFile(manifestfile, manifestdata) def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_heat.pp") + + if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y': + manifestdata += getManifestTemplate("keystone_heat_trusts.pp") + appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 99eeaa25b..3bd70adc6 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -244,6 +244,11 @@ def marshall_conf_bool(conf, key): conf[key] = 'false' +def using_heat(config): + if config['CONFIG_HEAT_INSTALL'] != "y": + config['CONFIG_HEAT_USING_TRUSTS'] = "n" + + def using_neutron(config): # Using the neutron or nova api servers as the provisioning target # will suffice for the all-in-one case. @@ -264,6 +269,7 @@ def using_neutron(config): def create_demo_manifest(config, messages): using_neutron(config) + using_heat(config) manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST'] manifest_data = getManifestTemplate("provision_demo.pp") appendManifestFile(manifest_file, manifest_data) @@ -271,6 +277,7 @@ def create_demo_manifest(config, messages): def create_tempest_manifest(config, messages): using_neutron(config) + using_heat(config) manifest_file = '%s_provision_tempest.pp' % \ config['CONFIG_CONTROLLER_HOST'] manifest_data = getManifestTemplate("provision_tempest.pp") diff --git a/packstack/puppet/templates/heat_trusts.pp b/packstack/puppet/templates/heat_trusts.pp new file mode 100644 index 000000000..87ac7aebe --- /dev/null +++ b/packstack/puppet/templates/heat_trusts.pp @@ -0,0 +1,10 @@ + +heat_config { + 'DEFAULT/deferred_auth_method' : value => 'trusts'; + 'DEFAULT/trusts_delegated_roles' : value => 'heat_stack_owner'; +} + +keystone_user_role { 'admin@admin': + ensure => present, + roles => ['admin', '_member_', 'heat_stack_owner'], +} diff --git a/packstack/puppet/templates/keystone_heat_trusts.pp b/packstack/puppet/templates/keystone_heat_trusts.pp new file mode 100644 index 000000000..495a9a4aa --- /dev/null +++ b/packstack/puppet/templates/keystone_heat_trusts.pp @@ -0,0 +1,4 @@ + +keystone_role { 'heat_stack_owner': + ensure => present, +} diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index 5e7495d45..ab782f07d 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -8,6 +8,9 @@ $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' $admin_tenant_name = 'admin' + # Heat Using Trusts + $heat_using_trusts = '%(CONFIG_HEAT_USING_TRUSTS)s' + ## Glance $image_name = 'cirros' $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' @@ -38,6 +41,13 @@ password => $password, } + if $heat_using_trusts == 'y' { + keystone_user_role { "${username}@${tenant_name}": + ensure => present, + roles => ['_member_', 'heat_stack_owner'], + } + } + ## Images glance_image { $image_name: diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 0653030d8..4b02ab7b1 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -17,6 +17,9 @@ $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' $admin_tenant_name = 'admin' + # Heat Using Trusts + $heat_using_trusts = '%(CONFIG_HEAT_USING_TRUSTS)s' + ## Glance $image_name = 'cirros' $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' @@ -71,6 +74,13 @@ password => $password, } + if $heat_using_trusts == 'y' { + keystone_user_role { "${username}@${tenant_name}": + ensure => present, + roles => ['_member_', 'heat_stack_owner'], + } + } + ## Images glance_image { $image_name: From 0040c6344790751e2d06678b1b0b4c6f5adc4d37 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 8 Jul 2014 17:21:01 +0200 Subject: [PATCH 0095/1017] Fixes Facts string comparisons in CentOS 7 CentOS Project has adopted a new rule for versioning numbers. The major number matches the RHEL major number, but the minor number is generated from the release date. For example, CentOS 7.1407. Change-Id: I16876d033bdb8ee47fa7b3c2d25c41e6f1c1c83e Fixes: rhbz#1117035 Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/amqp.pp | 2 +- packstack/puppet/templates/mysql_install.pp | 2 +- packstack/puppet/templates/prescript.pp | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 15d7b5d84..ca79707fc 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -44,7 +44,7 @@ } 'RedHat', 'CentOS': { - if $::operatingsystemrelease >= 7 { + if $::operatingsystemmajrelease >= 7 { $config = '/etc/qpid/qpidd.conf' } else { $config = '/etc/qpidd.conf' diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index 1364f797a..6a33cba5d 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -1,6 +1,6 @@ # on EL6 we need to wait for innodb changes before starting mysqld -if $::operatingsystem in ['RedHat','CentOS','Scientific'] and $::operatingsystemrelease < 7 { +if $::operatingsystem in ['RedHat','CentOS','Scientific'] and $::operatingsystemmajrelease < 7 { $manage_service = false service { 'mysqld': enable => true, diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 4c9529268..32d53e836 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -10,7 +10,7 @@ } # For older RHEL-6 releases kernel/iptools does not support netns -if $::operatingsystem in $el_releases and $::operatingsystemrelease < 7 { +if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { $info = "The RDO kernel that includes network namespace (netns) support has been installed on host $::ipaddress." $warning = " This is a community supplied kernel and is not officially supported by Red Hat. Installing this kernel on RHEL systems may impact your ability to get support from Red Hat." From 126e7a0458c9fcbc2008726d4115de45715a9114 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 9 Jul 2014 14:50:49 +0200 Subject: [PATCH 0096/1017] Adds Scientific Linux 7 Support. Change-Id: Ia3ed851e9c573ca4b9302fd7d492fe2acb23167b Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/amqp.pp | 2 +- packstack/puppet/templates/prescript.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index ca79707fc..ea253cfff 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -43,7 +43,7 @@ } } - 'RedHat', 'CentOS': { + 'RedHat', 'CentOS', 'Scientific': { if $::operatingsystemmajrelease >= 7 { $config = '/etc/qpid/qpidd.conf' } else { diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 32d53e836..b75874e50 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -1,6 +1,6 @@ include firewall -$el_releases = ["RedHat", "CentOS"] +$el_releases = ['RedHat', 'CentOS', 'Scientific'] # We don't have openstack-selinux package for Fedora if $::operatingsystem != "Fedora" { From 9027b757fc60dc1c99ee72c0206662d39c77b0f7 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Thu, 10 Jul 2014 18:06:36 +0200 Subject: [PATCH 0097/1017] Sets l2population to true on nodes that populate l2 agents Change-Id: Idcd1bd8566e78bf16ee6299906dcc1d5415efc13 Fixes: rhbz#1118010 Signed-off-by: Gael Chamoulaud Depends-on: https://github.com/redhat-openstack/openstack-puppet-modules/pull/81 --- .../puppet/templates/neutron_ovs_agent_gre.pp | 39 ++++++++++++----- .../templates/neutron_ovs_agent_local.pp | 30 +++++++++---- .../templates/neutron_ovs_agent_vlan.pp | 30 +++++++++---- .../templates/neutron_ovs_agent_vxlan.pp | 42 +++++++++++++------ .../puppet/templates/neutron_ovs_bridge.pp | 12 +++++- 5 files changed, 112 insertions(+), 41 deletions(-) diff --git a/packstack/puppet/templates/neutron_ovs_agent_gre.pp b/packstack/puppet/templates/neutron_ovs_agent_gre.pp index 40c9f0025..dc77804c9 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_gre.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_gre.pp @@ -5,17 +5,34 @@ $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' } -class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, - enable_tunneling => true, - tunnel_types => ['gre'], - local_ip => $localip, -} +$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' + +if $neutron_l2_plugin == 'ml2' { + if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { + $l2population = true + } else { + $l2population = false + } + class { 'neutron::agents::ml2::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + enable_tunneling => true, + tunnel_types => ['gre'], + local_ip => $localip, + l2_population => $l2population, + } +} else { + class { 'neutron::agents::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + enable_tunneling => true, + tunnel_types => ['gre'], + local_ip => $localip, + } -file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], + file { 'ovs_neutron_plugin.ini': + path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', + owner => 'root', + group => 'neutron', + before => Service['ovs-cleanup-service'], require => Package['neutron-plugin-ovs'], + } } diff --git a/packstack/puppet/templates/neutron_ovs_agent_local.pp b/packstack/puppet/templates/neutron_ovs_agent_local.pp index 3516b8330..48eb49626 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_local.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_local.pp @@ -1,11 +1,25 @@ -class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, -} +$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' + +if $neutron_l2_plugin == 'ml2' { + if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { + $l2population = true + } else { + $l2population = false + } + class { 'neutron::agents::ml2::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + l2_population => $l2population, + } +} else { + class { 'neutron::agents::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + } -file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], + file { 'ovs_neutron_plugin.ini': + path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', + owner => 'root', + group => 'neutron', + before => Service['ovs-cleanup-service'], require => Package['neutron-plugin-ovs'], + } } diff --git a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp index 3516b8330..48eb49626 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp @@ -1,11 +1,25 @@ -class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, -} +$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' + +if $neutron_l2_plugin == 'ml2' { + if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { + $l2population = true + } else { + $l2population = false + } + class { 'neutron::agents::ml2::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + l2_population => $l2population, + } +} else { + class { 'neutron::agents::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + } -file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], + file { 'ovs_neutron_plugin.ini': + path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', + owner => 'root', + group => 'neutron', + before => Service['ovs-cleanup-service'], require => Package['neutron-plugin-ovs'], + } } diff --git a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp index 93bca4134..1cc8a6cbf 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp @@ -6,18 +6,36 @@ $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' } -class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, - enable_tunneling => true, - tunnel_types => ['vxlan'], - local_ip => $localip, - vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, -} +$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' + +if $neutron_l2_plugin == 'ml2' { + if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { + $l2population = true + } else { + $l2population = false + } + class { 'neutron::agents::ml2::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + enable_tunneling => true, + tunnel_types => ['vxlan'], + local_ip => $localip, + vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, + l2_population => $l2population, + } +} else { + class { 'neutron::agents::ovs': + bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + enable_tunneling => true, + tunnel_types => ['vxlan'], + local_ip => $localip, + vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, + } -file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], + file { 'ovs_neutron_plugin.ini': + path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', + owner => 'root', + group => 'neutron', + before => Service['ovs-cleanup-service'], require => Package['neutron-plugin-ovs'], + } } diff --git a/packstack/puppet/templates/neutron_ovs_bridge.pp b/packstack/puppet/templates/neutron_ovs_bridge.pp index 223900e9e..dfe20e6f7 100644 --- a/packstack/puppet/templates/neutron_ovs_bridge.pp +++ b/packstack/puppet/templates/neutron_ovs_bridge.pp @@ -1,4 +1,12 @@ +$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' + +if $neutron_l2_plugin == 'ml2' { + $agent_service = 'neutron-ovs-agent-service' +} else { + $agent_service = 'neutron-plugin-ovs-service' +} + vs_bridge { '%(CONFIG_NEUTRON_OVS_BRIDGE)s': - ensure => present, - require => Service['neutron-plugin-ovs-service'] + ensure => present, + require => Service["${agent_service}"] } From 60aca0c5619396b05f98396436823901ab10ae38 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 11 Jul 2014 13:10:44 +0200 Subject: [PATCH 0098/1017] Fixes Duplicated variables in neutron manifests Change-Id: Id30691dcc3c7340773bf0a6ea67acfbe94d949aa Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/neutron_ovs_agent_gre.pp | 4 +--- packstack/puppet/templates/neutron_ovs_agent_local.pp | 3 +-- packstack/puppet/templates/neutron_ovs_agent_vlan.pp | 3 +-- packstack/puppet/templates/neutron_ovs_agent_vxlan.pp | 4 +--- packstack/puppet/templates/neutron_ovs_bridge.pp | 4 +--- 5 files changed, 5 insertions(+), 13 deletions(-) diff --git a/packstack/puppet/templates/neutron_ovs_agent_gre.pp b/packstack/puppet/templates/neutron_ovs_agent_gre.pp index dc77804c9..84aad09ea 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_gre.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_gre.pp @@ -5,9 +5,7 @@ $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' } -$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' - -if $neutron_l2_plugin == 'ml2' { +if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { $l2population = true } else { diff --git a/packstack/puppet/templates/neutron_ovs_agent_local.pp b/packstack/puppet/templates/neutron_ovs_agent_local.pp index 48eb49626..b16373f99 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_local.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_local.pp @@ -1,6 +1,5 @@ -$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' -if $neutron_l2_plugin == 'ml2' { +if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { $l2population = true } else { diff --git a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp index 48eb49626..b16373f99 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp @@ -1,6 +1,5 @@ -$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' -if $neutron_l2_plugin == 'ml2' { +if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { $l2population = true } else { diff --git a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp index 1cc8a6cbf..2e2916106 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp @@ -6,9 +6,7 @@ $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' } -$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' - -if $neutron_l2_plugin == 'ml2' { +if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { $l2population = true } else { diff --git a/packstack/puppet/templates/neutron_ovs_bridge.pp b/packstack/puppet/templates/neutron_ovs_bridge.pp index dfe20e6f7..dea5fc656 100644 --- a/packstack/puppet/templates/neutron_ovs_bridge.pp +++ b/packstack/puppet/templates/neutron_ovs_bridge.pp @@ -1,6 +1,4 @@ -$neutron_l2_plugin = '%(CONFIG_NEUTRON_L2_PLUGIN)s' - -if $neutron_l2_plugin == 'ml2' { +if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { $agent_service = 'neutron-ovs-agent-service' } else { $agent_service = 'neutron-plugin-ovs-service' From 34fe9b24d813d410ac34e021f71067190c52a1bd Mon Sep 17 00:00:00 2001 From: Vladan Popovic Date: Mon, 14 Jul 2014 12:48:17 +0200 Subject: [PATCH 0099/1017] Enable migration support in libvirt QEMU breaks on ssh connections when the nova user has no login shell. Since the bug was discovered during live migration, this log snippet gives the error retrieved from nova: 2014-07-08 16:59:23.894 28674 ERROR nova.virt.libvirt.driver [-] [instance: 61fe562c-7879-49c8-84b9-b100445414aa] Live Migration failure: operation failed: Failed to connect to remote libvirt URI qemu+ssh://nova@compute1/system?no_verify=1&keyfile=/etc/nova/ssh/nova_migration_key: packet 1416128879 bytes received from server too large, want 16777216 This patch enables live migration when the nova user is set-up with /sbin/nologin by enabling migration support in nova::compute::libvirt. The puppet module sets the listen_tcp option to 1 whe migration is enabled. Closes bug 1340833 Change-Id: Ic78e631e1099dcc0c500eef2998b8a6c4f5d5f7b --- packstack/puppet/templates/nova_compute_libvirt.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index c94835053..ece830d0c 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -26,6 +26,7 @@ libvirt_virt_type => "$libvirt_virt_type", libvirt_cpu_mode => "$libvirt_cpu_mode", vncserver_listen => "0.0.0.0", + migration_support => true, } exec {'load_kvm': From 97425251a284e8897848b2fe19f01ea0deacd00e Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 15 Jul 2014 14:02:04 +0200 Subject: [PATCH 0100/1017] Adds Undocumented HEAT Options Change-Id: I27787dcff156b8aa09daddb9fab116abb00ec61f Signed-off-by: Gael Chamoulaud --- docs/packstack.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/packstack.rst b/docs/packstack.rst index 281d327e2..5b2386f2a 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -357,6 +357,9 @@ Heat Config Parameters **CONFIG_HEAT_DB_PW** The password used by Heat user to authenticate against MySQL. +**CONFIG_HEAT_AUTH_ENC_KEY** + The encryption key to use for authentication info in database. + **CONFIG_HEAT_KS_PW** The password to use for the Heat to authenticate with Keystone. @@ -369,6 +372,15 @@ Heat Config Parameters **CONFIG_HEAT_CFN_INSTALL** Set to 'y' if you would like Packstack to install Heat CloudFormation API. +**CONFIG_HEAT_DOMAIN** + Name of Keystone domain for Heat. By default, the value is **heat**. + +**CONFIG_HEAT_DOMAIN_ADMIN** + Name of Keystone domain admin user for Heat. By default, the value is **heat_admin**. + +**CONFIG_HEAT_DOMAIN_PASSWORD** + Password for Keystone domain admin user for Heat. + Neutron Config Parameters ------------------------- From 1b2e4ba74e9a2da5d1b1f7eeeed24054413330c1 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 15 Jul 2014 16:33:48 +0200 Subject: [PATCH 0101/1017] Adds Better rst Output when using 'packstack -o' Change-Id: Iebbecf51e059d2017313e811ce7ca3b66e433e5f Signed-off-by: Gael Chamoulaud --- packstack/installer/run_setup.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 6c7e716cd..d20872916 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -775,7 +775,8 @@ def printOptions(): cmdOption = param.CONF_NAME paramUsage = param.USAGE optionsList = param.OPTION_LIST or "" - print "%s : %s %s"%(("**%s**"%str(cmdOption)).ljust(30), paramUsage, optionsList) + print "%s" % (("**%s**" % str(cmdOption)).ljust(30)) + print " %s %s" % (paramUsage, optionsList) print def plugin_compare(x, y): From ec5cf0ef5cc575b72db4477f3113957f8f6b4906 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 15 Jul 2014 17:03:58 +0200 Subject: [PATCH 0102/1017] Don't use ML2 parameters for other plugins CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS parameter must not be used when monolithic Neutron plugins are being installed. This patch is fixing installation failures for OVS and LB plugins. Change-Id: Id6e7cdf2ab46a024fb78f74c77cff8f847ada038 Fixes: rhbz#1119473 --- packstack/plugins/neutron_350.py | 9 +++++++++ packstack/puppet/templates/neutron_ovs_agent_gre.pp | 7 +------ packstack/puppet/templates/neutron_ovs_agent_local.pp | 7 +------ packstack/puppet/templates/neutron_ovs_agent_vlan.pp | 7 +------ packstack/puppet/templates/neutron_ovs_agent_vxlan.pp | 7 +------ 5 files changed, 13 insertions(+), 24 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index e9c7fceec..ea22460d8 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -881,6 +881,15 @@ def create_l2_agent_manifests(config, messages): plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] agent = config["CONFIG_NEUTRON_L2_AGENT"] + # CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS will be available only for ML2 + # plugin deployment, but we need CONFIG_NEUTRON_USE_L2POPULATION also + # for other plugin template generation + if ('l2population' in + config.get('CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', [])): + config['CONFIG_NEUTRON_USE_L2POPULATION'] = 'true' + else: + config['CONFIG_NEUTRON_USE_L2POPULATION'] = 'false' + if agent == "openvswitch": host_var = 'CONFIG_NEUTRON_OVS_HOST' if plugin == agent: diff --git a/packstack/puppet/templates/neutron_ovs_agent_gre.pp b/packstack/puppet/templates/neutron_ovs_agent_gre.pp index 84aad09ea..fd39ef742 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_gre.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_gre.pp @@ -6,17 +6,12 @@ } if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { - if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { - $l2population = true - } else { - $l2population = false - } class { 'neutron::agents::ml2::ovs': bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, enable_tunneling => true, tunnel_types => ['gre'], local_ip => $localip, - l2_population => $l2population, + l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, } } else { class { 'neutron::agents::ovs': diff --git a/packstack/puppet/templates/neutron_ovs_agent_local.pp b/packstack/puppet/templates/neutron_ovs_agent_local.pp index b16373f99..371a2c82c 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_local.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_local.pp @@ -1,13 +1,8 @@ if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { - if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { - $l2population = true - } else { - $l2population = false - } class { 'neutron::agents::ml2::ovs': bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, - l2_population => $l2population, + l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, } } else { class { 'neutron::agents::ovs': diff --git a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp index b16373f99..371a2c82c 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp @@ -1,13 +1,8 @@ if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { - if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { - $l2population = true - } else { - $l2population = false - } class { 'neutron::agents::ml2::ovs': bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, - l2_population => $l2population, + l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, } } else { class { 'neutron::agents::ovs': diff --git a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp index 2e2916106..afa38eb1a 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp @@ -7,18 +7,13 @@ } if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { - if ('l2population' in %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s) { - $l2population = true - } else { - $l2population = false - } class { 'neutron::agents::ml2::ovs': bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, enable_tunneling => true, tunnel_types => ['vxlan'], local_ip => $localip, vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, - l2_population => $l2population, + l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, } } else { class { 'neutron::agents::ovs': From 2faa9a2cb616615f189a7ed6a7eade9a9f12c0e6 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 15 Jul 2014 22:31:11 +0200 Subject: [PATCH 0103/1017] Adds Warning when NetworkManager is active on hosts Change-Id: I1e4e20ae112936fab880b50d45686c4989ae7fbd Fixes: rhbz#1117115 Signed-off-by: Gael Chamoulaud --- packstack/installer/output_messages.py | 3 ++ packstack/plugins/neutron_350.py | 41 ++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 32f948c58..4239de971 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -55,6 +55,9 @@ INFO_REMOVE_REMOTE_VAR="Removing %s on %s (if it is a remote host)" WARN_WEAK_PASS="Warning: Weak Password." +WARN_NM_ENABLED=("Warning: NetworkManager is active on %s. OpenStack " + "networking currently does not work on systems that have " + "the Network Manager service enabled.") ERR_PING = "Error: the provided hostname is unreachable" ERR_SSH = "Error: could not connect to the ssh server: %s" diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index ea22460d8..01a7a6aa5 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -10,9 +10,12 @@ import uuid from packstack.installer import utils +from packstack.installer import exceptions from packstack.installer import validators +from packstack.installer import output_messages from packstack.installer.utils import split_hosts +from packstack.modules.common import filtered_hosts from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) @@ -593,6 +596,8 @@ def initSequences(controller): 'functions': [create_metering_agent_manifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions': [create_metadata_manifests]}, + {'title': 'Checking if NetworkManager is enabled and running', + 'functions': [check_nm_status]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps) @@ -949,3 +954,39 @@ def create_metadata_manifests(config, messages): manifestdata = getManifestTemplate('neutron_metadata.pp') manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") + + +def check_nm_status(config, messages): + hosts_with_nm = [] + for host in filtered_hosts(config): + server = utils.ScriptRunner(host) + server.append("systemctl") + rc, out = server.execute(can_fail=False) + server.clear() + + if rc < 1: + server.append("systemctl is-enabled NetworkManager") + rc, is_enabled = server.execute(can_fail=False) + is_enabled = is_enabled.strip("\n ") + server.clear() + + server.append("systemctl is-active NetworkManager") + rc, is_active = server.execute(can_fail=False) + is_active = is_active.strip("\n ") + + if is_enabled == "enabled" or is_active == "active": + hosts_with_nm.append(host) + else: + server.clear() + server.append("service NetworkManager status") + rc, out = server.execute(can_fail=False) + + if rc < 1: + hosts_with_nm.append(host) + + server.clear() + + if len(hosts_with_nm) > 1: + hosts_list = ', '.join("%s" % x for x in hosts_with_nm) + msg = output_messages.WARN_NM_ENABLED + messages.append(utils.color_text(msg % hosts_list, 'yellow')) From bb39f0ce5e11e2f72954289db059be961491f253 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 24 Jul 2014 20:45:13 +0200 Subject: [PATCH 0104/1017] Reload sysctl This patch add sysctl.conf reload command so that bridge-nf-call-* settings gets loaded and security groups are functional without rebooting. Change-Id: I6ad08c682cf11f760e8fa1cd7bf4a02dbf0bf0a0 Fixes: rhbz#1104619 --- .../puppet/modules/packstack/manifests/neutron/bridge.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp index 27e803769..4b67889ec 100644 --- a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp +++ b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp @@ -21,5 +21,9 @@ path => '/etc/sysctl.conf', line => 'net.bridge.bridge-nf-call-arptables=1', match => 'net.bridge.bridge-nf-call-arptables\s*=', + } -> exec { 'sysctl_refresh': + path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], + command => 'sysctl -p /etc/sysctl.conf', + logoutput => 'on_failure', } } From 338d08bc2005ee3f53659c0f3d7c294bda85fb4a Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 23 Jul 2014 16:58:08 +0200 Subject: [PATCH 0105/1017] Sets up NOVNC with https when using SSL on HORIZON Change-Id: If56a4dd0190d32eaba319404063dd959c508c9c3 Fixes: rhbz#1115896 Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/nova_compute.pp | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 7efe8d80b..153bea4dc 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -24,10 +24,19 @@ "libvirt/live_migration_uri": value => "qemu+ssh://nova@%%s/system?no_verify=1&keyfile=/etc/nova/ssh/nova_migration_key"; } -class {"nova::compute": - enabled => true, - vncproxy_host => "%(CONFIG_CONTROLLER_HOST)s", - vncserver_proxyclient_address => "%(CONFIG_NOVA_COMPUTE_HOST)s", +$config_horizon_ssl = '%(CONFIG_HORIZON_SSL)s' + +$vncproxy_proto = $config_horizon_ssl ? { + 'y' => 'https', + 'n' => 'http', + default => 'http', +} + +class { 'nova::compute': + enabled => true, + vncproxy_host => '%(CONFIG_CONTROLLER_HOST)s', + vncproxy_protocol => $vncproxy_proto, + vncserver_proxyclient_address => '%(CONFIG_NOVA_COMPUTE_HOST)s', } From 0d5836afe088100cdeb99212d831d65c23b2fd14 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 25 Jun 2014 11:49:59 +0200 Subject: [PATCH 0106/1017] Ensures RHOS SOS Plugins is installed on all nodes Change-Id: I5133936f209ad7e759ff329f5b87139d83aaba9a Fixes: rhbz#1053734 Signed-off-by: Gael Chamoulaud --- packstack/plugins/serverprep_001.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index 99c43cc8a..f2ff3b527 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -543,6 +543,16 @@ def server_prep(config, messages): server = utils.ScriptRunner(hostname) server.append('rpm -q --whatprovides yum-utils || ' 'yum install -y yum-utils') + + # Installing rhos-log-collector and sos-plugins-openstack if + # these rpms are available from yum. + sos_rpms = ' '.join(('rhos-log-collector', + 'sos', + 'sos-plugins-openstack')) + + server.append('yum list available rhos-log-collector && ' + 'yum -y install %s || ' + 'echo "no rhos-log-collector available"' % sos_rpms) server.execute() # enable or disable EPEL according to configuration From 507be8eb1cc97c85d053afe1b6efd07cbbe06be3 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Fri, 1 Aug 2014 14:43:19 +0200 Subject: [PATCH 0107/1017] Don't create default MySQL/MariaDB users This patch removes side effect of creation of default DB users such as nova@127.0.0.1, neutron@127.0.0.1, etc. Change-Id: I90640e1b721b24823356bf43f441313611945229 --- packstack/puppet/templates/mysql_cinder_install.pp | 7 ++++--- packstack/puppet/templates/mysql_glance_install.pp | 7 ++++--- packstack/puppet/templates/mysql_heat_install.pp | 7 ++++--- packstack/puppet/templates/mysql_neutron_install.pp | 9 +++++---- packstack/puppet/templates/mysql_nova_install.pp | 7 ++++--- 5 files changed, 21 insertions(+), 16 deletions(-) diff --git a/packstack/puppet/templates/mysql_cinder_install.pp b/packstack/puppet/templates/mysql_cinder_install.pp index 699777a92..9c1b9b46f 100644 --- a/packstack/puppet/templates/mysql_cinder_install.pp +++ b/packstack/puppet/templates/mysql_cinder_install.pp @@ -1,5 +1,6 @@ class {"cinder::db::mysql": - password => "%(CONFIG_CINDER_DB_PW)s", - allowed_hosts => "%%", - charset => "utf8", + password => "%(CONFIG_CINDER_DB_PW)s", + host => "%%", + allowed_hosts => "%%", + charset => "utf8", } diff --git a/packstack/puppet/templates/mysql_glance_install.pp b/packstack/puppet/templates/mysql_glance_install.pp index 0a1159869..a6bc1dee5 100644 --- a/packstack/puppet/templates/mysql_glance_install.pp +++ b/packstack/puppet/templates/mysql_glance_install.pp @@ -1,5 +1,6 @@ class {"glance::db::mysql": - password => "%(CONFIG_GLANCE_DB_PW)s", - allowed_hosts => "%%", - charset => "utf8", + password => "%(CONFIG_GLANCE_DB_PW)s", + host => "%%", + allowed_hosts => "%%", + charset => "utf8", } diff --git a/packstack/puppet/templates/mysql_heat_install.pp b/packstack/puppet/templates/mysql_heat_install.pp index a593e97e9..98d76f7a5 100644 --- a/packstack/puppet/templates/mysql_heat_install.pp +++ b/packstack/puppet/templates/mysql_heat_install.pp @@ -1,5 +1,6 @@ class {"heat::db::mysql": - password => "%(CONFIG_HEAT_DB_PW)s", - allowed_hosts => "%%", - charset => "utf8", + password => "%(CONFIG_HEAT_DB_PW)s", + host => "%%", + allowed_hosts => "%%", + charset => "utf8", } diff --git a/packstack/puppet/templates/mysql_neutron_install.pp b/packstack/puppet/templates/mysql_neutron_install.pp index cba7eb479..c2771a177 100644 --- a/packstack/puppet/templates/mysql_neutron_install.pp +++ b/packstack/puppet/templates/mysql_neutron_install.pp @@ -1,6 +1,7 @@ class {"neutron::db::mysql": - password => "%(CONFIG_NEUTRON_DB_PW)s", - allowed_hosts => "%%", - dbname => '%(CONFIG_NEUTRON_L2_DBNAME)s', - charset => "utf8", + password => "%(CONFIG_NEUTRON_DB_PW)s", + host => "%%", + allowed_hosts => "%%", + dbname => '%(CONFIG_NEUTRON_L2_DBNAME)s', + charset => "utf8", } diff --git a/packstack/puppet/templates/mysql_nova_install.pp b/packstack/puppet/templates/mysql_nova_install.pp index cd9fa113f..80f88d34f 100644 --- a/packstack/puppet/templates/mysql_nova_install.pp +++ b/packstack/puppet/templates/mysql_nova_install.pp @@ -1,5 +1,6 @@ class {"nova::db::mysql": - password => "%(CONFIG_NOVA_DB_PW)s", - allowed_hosts => "%%", - charset => "utf8", + password => "%(CONFIG_NOVA_DB_PW)s", + host => "%%", + allowed_hosts => "%%", + charset => "utf8", } From 44346d0f1656d2a210b9882737116b54dde56d5c Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 11 Aug 2014 15:34:17 +0200 Subject: [PATCH 0108/1017] Remove ServerAlias definitions Parameter fqdn of class horizon is used both for ALLOWED_HOSTS in settings_local.py and for ServerAlias directives in vhost.conf which is breaking server accessibility. We need ALLOWED_HOSTS values, but we have to avoid ServerAlias definitions. For now we will use this wildcard hack until puppet-horizon will have separate parameter for each config. Change-Id: I77f1baa4f9c0d94b00294f17978d8383a2386d7a Fixes: rhbz#1119920 --- packstack/puppet/templates/horizon.pp | 33 ++++++++++++++++----------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 5a0069087..4998785fc 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -8,18 +8,26 @@ } class {'horizon': - secret_key => '%(CONFIG_HORIZON_SECRET_KEY)s', - keystone_host => '%(CONFIG_CONTROLLER_HOST)s', - keystone_default_role => '_member_', - fqdn => ['%(CONFIG_CONTROLLER_HOST)s', "$::fqdn", 'localhost'], - can_set_mount_point => 'False', - django_debug => %(CONFIG_DEBUG_MODE)s ? {true => 'True', false => 'False'}, - listen_ssl => %(CONFIG_HORIZON_SSL)s, - horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', - horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', - horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', - neutron_options => { 'enable_lb' => %(CONFIG_HORIZON_NEUTRON_LB)s, - 'enable_firewall' => %(CONFIG_HORIZON_NEUTRON_FW)s }, + secret_key => '%(CONFIG_HORIZON_SECRET_KEY)s', + keystone_host => '%(CONFIG_CONTROLLER_HOST)s', + keystone_default_role => '_member_', + #fqdn => ['%(CONFIG_CONTROLLER_HOST)s', "$::fqdn", 'localhost'], + # TO-DO: Parameter fqdn is used both for ALLOWED_HOSTS in settings_local.py + # and for ServerAlias directives in vhost.conf which is breaking server + # accessibility. We need ALLOWED_HOSTS values, but we have to avoid + # ServerAlias definitions. For now we will use this wildcard hack until + # puppet-horizon will have separate parameter for each config. + fqdn => '*', + can_set_mount_point => 'False', + django_debug => %(CONFIG_DEBUG_MODE)s ? {true => 'True', false => 'False'}, + listen_ssl => %(CONFIG_HORIZON_SSL)s, + horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', + horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', + horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', + neutron_options => { + 'enable_lb' => %(CONFIG_HORIZON_NEUTRON_LB)s, + 'enable_firewall' => %(CONFIG_HORIZON_NEUTRON_FW)s + }, } if %(CONFIG_HORIZON_SSL)s { @@ -63,4 +71,3 @@ persistent => true, } } - From bfdf666bec97c8aa2a9fb9082489b522e126b959 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Mon, 11 Aug 2014 13:50:44 +0200 Subject: [PATCH 0109/1017] Fixed remote DB installations This patch fixes host resolution for MySQL/MariaDB remote installation. Relevant Puppet providers have been moved to separate module because remote installation for AMQP backend will be implemented in this module. Initialization for MySQL/MariaDB client has been fixed, so it is now working also with MariaDB client (RHEL-7+, Fedora-20+). Change-Id: Ic9328562226ecceebff11f9021457d1338977e77 Fixes: rhbz#1128212 --- packstack/plugins/mysql_003.py | 6 +- packstack/plugins/puppet_950.py | 6 +- .../puppet/provider/remote_database/mysql.rb | 47 --------- .../puppet/provider/remote_database/mysql.rb | 99 +++++++++++++++++++ .../provider/remote_database_grant/mysql.rb | 0 .../provider/remote_database_user/mysql.rb | 0 .../lib/puppet/type/remote_database.rb | 6 ++ .../lib/puppet/type/remote_database_grant.rb | 0 .../lib/puppet/type/remote_database_user.rb | 0 .../puppet/modules/remote/manifests/db.pp | 15 +++ .../puppet/modules/remote/manifests/params.pp | 38 +++++++ packstack/puppet/templates/mysql_noinstall.pp | 7 +- setup.py | 19 ++-- 13 files changed, 177 insertions(+), 66 deletions(-) delete mode 100644 packstack/puppet/modules/packstack/lib/puppet/provider/remote_database/mysql.rb create mode 100644 packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb rename packstack/puppet/modules/{packstack => remote}/lib/puppet/provider/remote_database_grant/mysql.rb (100%) rename packstack/puppet/modules/{packstack => remote}/lib/puppet/provider/remote_database_user/mysql.rb (100%) rename packstack/puppet/modules/{packstack => remote}/lib/puppet/type/remote_database.rb (81%) rename packstack/puppet/modules/{packstack => remote}/lib/puppet/type/remote_database_grant.rb (100%) rename packstack/puppet/modules/{packstack => remote}/lib/puppet/type/remote_database_user.rb (100%) create mode 100644 packstack/puppet/modules/remote/manifests/db.pp create mode 100644 packstack/puppet/modules/remote/manifests/params.pp diff --git a/packstack/plugins/mysql_003.py b/packstack/plugins/mysql_003.py index a0b625649..84d7f8277 100644 --- a/packstack/plugins/mysql_003.py +++ b/packstack/plugins/mysql_003.py @@ -86,13 +86,13 @@ def initSequences(controller): def create_manifest(config, messages): if config['CONFIG_MYSQL_INSTALL'] == 'y': - install = True suffix = 'install' + host = config['CONFIG_MYSQL_HOST'] else: - install = False suffix = 'noinstall' + host = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST'] + manifestfile = "%s_mysql.pp" % host manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index c8c1c5640..9fefc6b2a 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -160,9 +160,9 @@ def copy_puppet_modules(config, messages): 'concat', 'firewall', 'glance', 'heat', 'horizon', 'inifile', 'keystone', 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', - 'packstack', 'qpid', 'rabbitmq', 'rsync', 'ssh', - 'stdlib', 'swift', 'sysctl', 'tempest', 'vcsrepo', - 'vlan', 'vswitch', 'xinetd')) + 'packstack', 'qpid', 'rabbitmq', 'remote', 'rsync', + 'ssh', 'stdlib', 'swift', 'sysctl', 'tempest', + 'vcsrepo', 'vlan', 'vswitch', 'xinetd')) # write puppet manifest to disk manifestfiles.writeManifests() diff --git a/packstack/puppet/modules/packstack/lib/puppet/provider/remote_database/mysql.rb b/packstack/puppet/modules/packstack/lib/puppet/provider/remote_database/mysql.rb deleted file mode 100644 index 08a7c9da3..000000000 --- a/packstack/puppet/modules/packstack/lib/puppet/provider/remote_database/mysql.rb +++ /dev/null @@ -1,47 +0,0 @@ -Puppet::Type.type(:remote_database).provide(:mysql) do - - desc "Manages remote MySQL database." - - defaultfor :kernel => 'Linux' - - optional_commands :mysql => 'mysql' - optional_commands :mysqladmin => 'mysqladmin' - - def self.instances - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", '-NBe', "show databases").split("\n").collect do |name| - new(:name => name) - end - end - - def create - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", '-NBe', "create database `#{@resource[:name]}` character set #{resource[:charset]}") - end - - def destroy - mysqladmin("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", '-f', 'drop', @resource[:name]) - end - - def charset - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", '-NBe', "show create database `#{resource[:name]}`").match(/.*?(\S+)\s\*\//)[1] - end - - def charset=(value) - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", '-NBe', "alter database `#{resource[:name]}` CHARACTER SET #{value}") - end - - def exists? - begin - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", '-NBe', "show databases").match(/^#{@resource[:name]}$/) - rescue => e - debug(e.message) - return nil - end - end - -end diff --git a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb new file mode 100644 index 000000000..fe14d723c --- /dev/null +++ b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb @@ -0,0 +1,99 @@ +Puppet::Type.type(:remote_database).provide(:mysql) do + + desc "Manages remote MySQL database." + + defaultfor :kernel => 'Linux' + + optional_commands :mysql => 'mysql' + optional_commands :mysqladmin => 'mysqladmin' + + def self.instances + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "show databases" + ).split("\n").collect do |name| + new(:name => name) + end + end + + def create + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "create database `#{@resource[:name]}` + character set #{@resource[:charset]} + collate #{@resource[:collate]}" + ) + end + + def destroy + mysqladmin( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + '-f', + 'drop', @resource[:name] + ) + end + + def charset + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "show create database `#{resource[:name]}`").match(/.*?(\S+)\s\*\// + )[1] + end + + def charset=(value) + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "alter database `#{resource[:name]}` character set #{value}" + ) + end + + def collate + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "use #{resource[:name]}; show variables like 'collation_database'" + ).match(/\s*collation_database\s+(\S+)/)[1] + end + + def collate=(value) + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "alter database `#{resource[:name]}` collate #{value}" + ) + end + + def exists? + begin + mysql( + "--host=#{@resource[:db_host]}", + "--user=#{@resource[:db_user]}", + "--password=#{@resource[:db_password]}", + "-NBe", + "show databases" + ).match(/^#{@resource[:name]}$/) + rescue => e + debug(e.message) + return nil + end + end + +end diff --git a/packstack/puppet/modules/packstack/lib/puppet/provider/remote_database_grant/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_grant/mysql.rb similarity index 100% rename from packstack/puppet/modules/packstack/lib/puppet/provider/remote_database_grant/mysql.rb rename to packstack/puppet/modules/remote/lib/puppet/provider/remote_database_grant/mysql.rb diff --git a/packstack/puppet/modules/packstack/lib/puppet/provider/remote_database_user/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_user/mysql.rb similarity index 100% rename from packstack/puppet/modules/packstack/lib/puppet/provider/remote_database_user/mysql.rb rename to packstack/puppet/modules/remote/lib/puppet/provider/remote_database_user/mysql.rb diff --git a/packstack/puppet/modules/packstack/lib/puppet/type/remote_database.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb similarity index 81% rename from packstack/puppet/modules/packstack/lib/puppet/type/remote_database.rb rename to packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb index ac272cd3c..ea6a0c8b9 100644 --- a/packstack/puppet/modules/packstack/lib/puppet/type/remote_database.rb +++ b/packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb @@ -26,4 +26,10 @@ newvalue(/^\S+$/) end + newproperty(:collate) do + desc 'The collate setting for the database' + defaultto :utf8_general_ci + newvalue(/^\S+$/) + end + end diff --git a/packstack/puppet/modules/packstack/lib/puppet/type/remote_database_grant.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database_grant.rb similarity index 100% rename from packstack/puppet/modules/packstack/lib/puppet/type/remote_database_grant.rb rename to packstack/puppet/modules/remote/lib/puppet/type/remote_database_grant.rb diff --git a/packstack/puppet/modules/packstack/lib/puppet/type/remote_database_user.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb similarity index 100% rename from packstack/puppet/modules/packstack/lib/puppet/type/remote_database_user.rb rename to packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb diff --git a/packstack/puppet/modules/remote/manifests/db.pp b/packstack/puppet/modules/remote/manifests/db.pp new file mode 100644 index 000000000..28eaafbfb --- /dev/null +++ b/packstack/puppet/modules/remote/manifests/db.pp @@ -0,0 +1,15 @@ + +class remote::db ( + $mysql_client_package = $remote::params::mysql_client_package, + $mysql_client_package_ensure = 'present', +) inherits remote::params { + + package { $mysql_client_package: + ensure => $mysql_client_package_ensure, + } + + Package[$mysql_client_package] -> Remote_database<||> + Package[$mysql_client_package] -> Remote_database_user<||> + Package[$mysql_client_package] -> Remote_database_grant<||> + +} diff --git a/packstack/puppet/modules/remote/manifests/params.pp b/packstack/puppet/modules/remote/manifests/params.pp new file mode 100644 index 000000000..ce1909cf9 --- /dev/null +++ b/packstack/puppet/modules/remote/manifests/params.pp @@ -0,0 +1,38 @@ + +class remote::params { + + case $::osfamily { + 'RedHat': { + case $::operatingsystem { + + 'Fedora': { + if (is_integer($::operatingsystemrelease) and $::operatingsystemrelease >= 19) or $::operatingsystemrelease == 'Rawhide' { + $mysql_client_package = 'mariadb' + } else { + $mysql_client_package = 'mysql' + } + } + + 'RedHat', 'CentOS', 'Scientific': { + if $::operatingsystemmajrelease >= 7 { + $mysql_client_package = 'mariadb' + } else { + $mysql_client_package = 'mysql' + } + } + + default: { + $mysql_client_package = 'mysql' + } + } + } + + 'Debian': { + $mysql_client_package = 'mysql' + } + + default: { + fail("Unsupported platform") + } + } +} diff --git a/packstack/puppet/templates/mysql_noinstall.pp b/packstack/puppet/templates/mysql_noinstall.pp index 69356c573..626ee88fa 100644 --- a/packstack/puppet/templates/mysql_noinstall.pp +++ b/packstack/puppet/templates/mysql_noinstall.pp @@ -1,8 +1,3 @@ -package { 'mysql': - ensure => 'present', +class { 'remote::db': } - -Package ['mysql'] -> Remote_database<||> -Package ['mysql'] -> Remote_database_user<||> -Package ['mysql'] -> Remote_database_grant<||> diff --git a/setup.py b/setup.py index af7ca3058..4d8e65b4f 100644 --- a/setup.py +++ b/setup.py @@ -56,13 +56,18 @@ def run(self): out, err = proc.communicate() if proc.returncode: raise RuntimeError('Failed:\n%s' % err) - # install Packstack module - packstack_path = os.path.join(self.destination, 'packstack') - print 'Copying Packstack module to %(packstack_path)s' % locals() - source = os.path.join(os.path.dirname(__file__), - 'packstack/puppet/modules/packstack') - shutil.rmtree(packstack_path, ignore_errors=True) - shutil.copytree(source, packstack_path) + # install Packstack modules + module_source = os.path.join(os.path.dirname(__file__), + 'packstack/puppet/modules') + for module in os.listdir(module_source): + source = os.path.join(module_source, module) + if not os.path.isdir(source): + continue + + dest = os.path.join(self.destination, module) + print 'Copying module %(module)s to %(dest)s' % locals() + shutil.rmtree(dest, ignore_errors=True) + shutil.copytree(source, dest) # Utility function to read the README file. From 0300d4b8f6fa538bfd2e8e51cbd112f141a0dd8e Mon Sep 17 00:00:00 2001 From: Vladan Popovic Date: Mon, 28 Jul 2014 12:03:10 +0200 Subject: [PATCH 0110/1017] Add live migration support and firewall rules The nova live migration url was set to qemu_ssh//... which doesn't work on Red Hat distributions as the user in the packages is set up with a nologin shell. The desired way to do live migrations is to use qemu+tcp://... The libvirt config option (listen_tcp) is already set to 1 in this patch - https://review.openstack.org/#/c/106436/ Fixes: rhbz#1122457, rhbz#1122703, rhbz#1117524 Change-Id: I36055847fa293edb63a972a0c9f597bc2e27b7ab --- docs/packstack.rst | 3 + packstack/plugins/nova_300.py | 62 ++++++++++++++----- .../puppet/templates/nova_common_qpid.pp | 19 +++--- .../puppet/templates/nova_common_rabbitmq.pp | 19 +++--- packstack/puppet/templates/nova_compute.pp | 4 +- 5 files changed, 74 insertions(+), 33 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 5b2386f2a..a36a85700 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -195,6 +195,9 @@ Nova Options **CONFIG_NOVA_COMPUTE_PRIVIF** Private interface for Flat DHCP on the Nova compute servers. +**CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL** + Protocol used for instance migration. Allowed values are tcp and ssh. Note that by defaul nova user is created with /sbin/nologin shell so that ssh protocol won't be working. To make ssh protocol work you have to fix nova user on compute hosts manually. + **CONFIG_NOVA_NETWORK_HOSTS** List of IP address of the servers on which to install the Nova Network service. diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index a32cc1b58..67f2e3de4 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -90,6 +90,24 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "novacompute-migrate-protocol", + "USAGE": ("Protocol used for instance migration. Allowed values " + "are tcp and ssh. Note that by defaul nova user is " + "created with /sbin/nologin shell so that ssh protocol " + "won't be working. To make ssh protocol work you have " + "to fix nova user on compute hosts manually."), + "PROMPT": ("Enter protocol which will be used for instance " + "migration"), + "OPTION_LIST": ['tcp', 'ssh'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'tcp', + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], "NOVA_NETWORK": [ @@ -309,7 +327,7 @@ def initSequences(controller): {'title': 'Creating ssh keys for Nova migration', 'functions': [create_ssh_keys]}, {'title': 'Gathering ssh host keys for Nova migration', - 'functions': [gather_host_keys]}, + 'functions': [gather_host_keys]}, {'title': 'Adding Nova Compute manifest entries', 'functions': [create_compute_manifest]}, {'title': 'Adding Nova Scheduler manifest entries', @@ -434,12 +452,23 @@ def create_conductor_manifest(config, messages): def create_compute_manifest(config, messages): global compute_hosts, network_hosts + migrate_protocol = config['CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL'] + if migrate_protocol == 'ssh': + config['CONFIG_NOVA_COMPUTE_MIGRATE_URL'] = ( + 'qemu+ssh://nova@%s/system?no_verify=1&' + 'keyfile=/etc/nova/ssh/nova_migration_key' + ) + else: + config['CONFIG_NOVA_COMPUTE_MIGRATE_URL'] = ( + 'qemu+tcp://nova@%s/system' + ) + ssh_hostkeys = '' for host in compute_hosts: try: - host_name, host_aliases, host_addrs = socket.gethostbyaddr(host) + hostname, aliases, addrs = socket.gethostbyaddr(host) except socket.herror: - host_name, host_aliases, host_addrs = (host, [], []) + hostname, aliases, addrs = (host, [], []) for hostkey in config['HOST_KEYS_%s' % host].split('\n'): hostkey = hostkey.strip() @@ -447,9 +476,9 @@ def create_compute_manifest(config, messages): continue _, host_key_type, host_key_data = hostkey.split() - config['SSH_HOST_NAME'] = host_name + config['SSH_HOST_NAME'] = hostname config['SSH_HOST_ALIASES'] = ','.join( - '"%s"' % addr for addr in host_aliases + host_addrs + '"%s"' % addr for addr in aliases + addrs ) config['SSH_HOST_KEY'] = host_key_data config['SSH_HOST_KEY_TYPE'] = host_key_type @@ -459,15 +488,16 @@ def create_compute_manifest(config, messages): config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute.pp") - for c_host in compute_hosts: - config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" - config['FIREWALL_PORTS'] = "'49152-49215'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'%s'" % c_host - config['FIREWALL_SERVICE_ID'] = ("nova_qemu_migration_%s_%s" - % (host, c_host)) - manifestdata += getManifestTemplate("firewall.pp") + if migrate_protocol == 'ssh': + for c_host in compute_hosts: + config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" + config['FIREWALL_PORTS'] = "'49152-49215'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'%s'" % c_host + config['FIREWALL_SERVICE_ID'] = ("nova_qemu_migration_%s_%s" + % (host, c_host)) + manifestdata += getManifestTemplate("firewall.pp") if config['CONFIG_VMWARE_BACKEND'] == 'y': manifestdata += getManifestTemplate("nova_compute_vmware.pp") @@ -502,10 +532,12 @@ def create_compute_manifest(config, messages): manifestdata += getManifestTemplate(mq_template) manifestdata += getManifestTemplate("nova_ceilometer.pp") + config['FIREWALL_PORTS'] = ['5900-5999'] + if migrate_protocol == 'tcp': + config['FIREWALL_PORTS'].append('16509') config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = "nova compute" config['FIREWALL_SERVICE_ID'] = "nova_compute" - config['FIREWALL_PORTS'] = "'5900-5999'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") diff --git a/packstack/puppet/templates/nova_common_qpid.pp b/packstack/puppet/templates/nova_common_qpid.pp index ede404b56..81570a2b4 100644 --- a/packstack/puppet/templates/nova_common_qpid.pp +++ b/packstack/puppet/templates/nova_common_qpid.pp @@ -1,4 +1,13 @@ +$private_key = { + type => '%(NOVA_MIGRATION_KEY_TYPE)s', + key => '%(NOVA_MIGRATION_KEY_SECRET)s', +} +$public_key = { + type => '%(NOVA_MIGRATION_KEY_TYPE)s', + key => '%(NOVA_MIGRATION_KEY_PUBLIC)s', +} + class { "nova": glance_api_servers => "%(CONFIG_CONTROLLER_HOST)s:9292", qpid_hostname => "%(CONFIG_AMQP_HOST)s", @@ -9,13 +18,7 @@ qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', verbose => true, debug => %(CONFIG_DEBUG_MODE)s, - nova_public_key => { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_PUBLIC)s', - }, - nova_private_key => { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_SECRET)s', - }, + nova_public_key => $public_key, + nova_private_key => $private_key, nova_shell => '/bin/bash', } diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index 1cb5ef961..243611b11 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -1,4 +1,13 @@ +$private_key = { + type => '%(NOVA_MIGRATION_KEY_TYPE)s', + key => '%(NOVA_MIGRATION_KEY_SECRET)s', +} +$public_key = { + type => '%(NOVA_MIGRATION_KEY_TYPE)s', + key => '%(NOVA_MIGRATION_KEY_PUBLIC)s', +} + class { "nova": glance_api_servers => "%(CONFIG_CONTROLLER_HOST)s:9292", rabbit_host => "%(CONFIG_AMQP_HOST)s", @@ -7,13 +16,7 @@ rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', verbose => true, debug => %(CONFIG_DEBUG_MODE)s, - nova_public_key => { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_PUBLIC)s', - }, - nova_private_key => { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_SECRET)s', - }, + nova_public_key => $public_key, + nova_private_key => $private_key, nova_shell => '/bin/bash', } diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 7efe8d80b..6f18cd205 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -1,3 +1,4 @@ + package{'python-cinderclient': before => Class["nova"] } @@ -21,7 +22,7 @@ nova_config{ "DEFAULT/volume_api_class": value => "nova.volume.cinder.API"; - "libvirt/live_migration_uri": value => "qemu+ssh://nova@%%s/system?no_verify=1&keyfile=/etc/nova/ssh/nova_migration_key"; + "libvirt/live_migration_uri": value => "%(CONFIG_NOVA_COMPUTE_MIGRATE_URL)s"; } class {"nova::compute": @@ -74,4 +75,3 @@ command => '/usr/sbin/tuned-adm profile virtual-host', require => Service['tuned'], } - From f4b5965644c80b9c1c3dd3b6e0f9fe430310dd9c Mon Sep 17 00:00:00 2001 From: Gilles Dubreuil Date: Wed, 13 Aug 2014 16:48:31 +1000 Subject: [PATCH 0111/1017] Added FW rules for live migration - Added existing rules for tcp migration - Added 16509 (libvirt) port for both ssh and tcp RHBZ#1117524 Change-Id: I5d154d877e7104fb3780b7243ebc0d1e429d5834 --- packstack/plugins/nova_300.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 67f2e3de4..6af1eb4cd 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -488,10 +488,11 @@ def create_compute_manifest(config, messages): config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute.pp") - if migrate_protocol == 'ssh': + if migrate_protocol == 'ssh' or migrate_protocol == 'tcp': for c_host in compute_hosts: config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" - config['FIREWALL_PORTS'] = "'49152-49215'" + config['FIREWALL_PORTS'] = ['16509'] + config['FIREWALL_PORTS'].append('49152-49215') config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' config['FIREWALL_ALLOWED'] = "'%s'" % c_host From 81c7348f2b01540169836967766001e678a3f055 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 14 Aug 2014 13:27:09 +0200 Subject: [PATCH 0112/1017] Removed iptables rules duplication Port 16509 should be opened on compute hosts only. This patch is removing rule from controller host. Change-Id: I6056e261a5ddffd5f13a4d10ce9a47c2677d3ffc --- packstack/plugins/nova_300.py | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 6af1eb4cd..a2ed9c995 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -327,7 +327,7 @@ def initSequences(controller): {'title': 'Creating ssh keys for Nova migration', 'functions': [create_ssh_keys]}, {'title': 'Gathering ssh host keys for Nova migration', - 'functions': [gather_host_keys]}, + 'functions': [gather_host_keys]}, {'title': 'Adding Nova Compute manifest entries', 'functions': [create_compute_manifest]}, {'title': 'Adding Nova Scheduler manifest entries', @@ -488,17 +488,15 @@ def create_compute_manifest(config, messages): config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute.pp") - if migrate_protocol == 'ssh' or migrate_protocol == 'tcp': - for c_host in compute_hosts: - config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" - config['FIREWALL_PORTS'] = ['16509'] - config['FIREWALL_PORTS'].append('49152-49215') - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'%s'" % c_host - config['FIREWALL_SERVICE_ID'] = ("nova_qemu_migration_%s_%s" - % (host, c_host)) - manifestdata += getManifestTemplate("firewall.pp") + for c_host in compute_hosts: + config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" + config['FIREWALL_PORTS'] = ['16509', '49152-49215'] + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'%s'" % c_host + config['FIREWALL_SERVICE_ID'] = ("nova_qemu_migration_%s_%s" + % (host, c_host)) + manifestdata += getManifestTemplate("firewall.pp") if config['CONFIG_VMWARE_BACKEND'] == 'y': manifestdata += getManifestTemplate("nova_compute_vmware.pp") @@ -534,8 +532,6 @@ def create_compute_manifest(config, messages): manifestdata += getManifestTemplate("nova_ceilometer.pp") config['FIREWALL_PORTS'] = ['5900-5999'] - if migrate_protocol == 'tcp': - config['FIREWALL_PORTS'].append('16509') config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = "nova compute" config['FIREWALL_SERVICE_ID'] = "nova_compute" From c656a3d89661083b73be3914c889b1a2c8f58154 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Tue, 17 Jun 2014 14:13:08 -0600 Subject: [PATCH 0113/1017] Enable API services to all hosts Open the API ports to all hosts. Change-Id: I3363cf5f683595ce55d3bb2c57968c21b8f29cba Fixes: rhbz#1099787 --- packstack/plugins/cinder_250.py | 9 ++++++-- packstack/plugins/glance_200.py | 12 +++------- packstack/plugins/heat_750.py | 23 +++++++++++++++++-- packstack/plugins/neutron_350.py | 19 ++++++++------- packstack/plugins/nova_300.py | 7 ++++++ packstack/plugins/swift_600.py | 7 ++++++ packstack/puppet/templates/heat.pp | 1 + packstack/puppet/templates/heat_cfn.pp | 1 + packstack/puppet/templates/heat_cloudwatch.pp | 1 + packstack/puppet/templates/nova_api.pp | 5 ---- packstack/puppet/templates/swift_proxy.pp | 5 ---- 11 files changed, 57 insertions(+), 33 deletions(-) diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index ad37ccc3b..a7c826c47 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -352,7 +352,7 @@ def create_manifest(config, messages): manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" - config['FIREWALL_PORTS'] = "['3260', '8776']" + config['FIREWALL_PORTS'] = "['3260']" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' if (config['CONFIG_NOVA_INSTALL'] == 'y' and @@ -365,5 +365,10 @@ def create_manifest(config, messages): config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") - + # cinder API should be open for everyone + config['FIREWALL_SERVICE_NAME'] = "cinder-api" + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "cinder_API" + config['FIREWALL_PORTS'] = "['8776']" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index e57ad8abe..9a47d49e8 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -96,14 +96,8 @@ def create_manifest(config, messages): config['FIREWALL_PORTS'] = "'9292'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' - if config['CONFIG_NOVA_INSTALL'] == 'y': - for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): - config['FIREWALL_ALLOWED'] = "'%s'" % host - config['FIREWALL_SERVICE_ID'] = "glance_%s" % host - manifestdata += getManifestTemplate("firewall.pp") - else: - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "glance_ALL" - manifestdata += getManifestTemplate("firewall.pp") + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "glance_API" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index 42faa0fdc..fe80e0932 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -187,10 +187,15 @@ def create_manifest(config, messages): manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat.pp") - if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y': manifestdata += getManifestTemplate("heat_trusts.pp") - + config['FIREWALL_SERVICE_NAME'] = "heat" + config['FIREWALL_PORTS'] = "'8004'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "heat" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) @@ -208,6 +213,13 @@ def create_cloudwatch_manifest(config, messages): manifestfile = "%s_heatcw.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cloudwatch.pp") + config['FIREWALL_SERVICE_NAME'] = "heat api cloudwatch" + config['FIREWALL_PORTS'] = "'8003'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "heat_api_cloudwatch" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, marker='heat') @@ -215,4 +227,11 @@ def create_cfn_manifest(config, messages): manifestfile = "%s_heatcnf.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cfn.pp") + config['FIREWALL_SERVICE_NAME'] = "heat_cfn" + config['FIREWALL_PORTS'] = "'8000'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "heat_cfn" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, marker='heat') diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 01a7a6aa5..63051454c 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -760,16 +760,15 @@ def create_manifests(config, messages): # XXX I am not completely sure about this, but it seems necessary: manifest_data += getManifestTemplate(plugin_manifest) - # Firewall Rules - for f_host in q_hosts: - config['FIREWALL_SERVICE_NAME'] = "neutron server" - config['FIREWALL_PORTS'] = "'9696'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'%s'" % f_host - config['FIREWALL_SERVICE_ID'] = ("neutron_server_%s_%s" - % (host, f_host)) - manifest_data += getManifestTemplate("firewall.pp") + #Firewall + config['FIREWALL_SERVICE_NAME'] = "neutron server" + config['FIREWALL_PORTS'] = "'9696'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = ("neutron_server_%s" + % (host)) + manifest_data += getManifestTemplate("firewall.pp") appendManifestFile(manifest_file, manifest_data, 'neutron') diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 6af1eb4cd..bd11f1972 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -428,6 +428,13 @@ def create_api_manifest(config, messages): "'%s'" % config['CONFIG_NEUTRON_METADATA_PW'] manifestfile = "%s_api_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_api.pp") + config['FIREWALL_SERVICE_NAME'] = "nova api" + config['FIREWALL_PORTS'] = "['8773', '8774', '8775']" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "nova_api" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, 'novaapi') diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 2df6aa674..ca497f348 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -276,6 +276,13 @@ def device_def(dev_type, host, dev_port, devicename, zone): def create_proxy_manifest(config, messages): manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("swift_proxy.pp") + config['FIREWALL_SERVICE_NAME'] = "swift proxy" + config['FIREWALL_PORTS'] = "'8080'" + config['FIREWALL_CHAIN'] = "INPUT" + config['FIREWALL_PROTOCOL'] = 'tcp' + config['FIREWALL_ALLOWED'] = "'ALL'" + config['FIREWALL_SERVICE_ID'] = "swift_proxy" + manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index 34a867d12..fe54c55b1 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -18,3 +18,4 @@ domain_admin => '%(CONFIG_HEAT_DOMAIN_ADMIN)s', domain_password => '%(CONFIG_HEAT_DOMAIN_PASSWORD)s', } + diff --git a/packstack/puppet/templates/heat_cfn.pp b/packstack/puppet/templates/heat_cfn.pp index eae4f7a65..0c94116f1 100644 --- a/packstack/puppet/templates/heat_cfn.pp +++ b/packstack/puppet/templates/heat_cfn.pp @@ -8,3 +8,4 @@ internal_address => '%(CONFIG_CONTROLLER_HOST)s', password => '%(CONFIG_HEAT_KS_PW)s' } + diff --git a/packstack/puppet/templates/heat_cloudwatch.pp b/packstack/puppet/templates/heat_cloudwatch.pp index 5ca0300ad..d1d02015f 100644 --- a/packstack/puppet/templates/heat_cloudwatch.pp +++ b/packstack/puppet/templates/heat_cloudwatch.pp @@ -1,3 +1,4 @@ class { 'heat::api_cloudwatch': } + diff --git a/packstack/puppet/templates/nova_api.pp b/packstack/puppet/templates/nova_api.pp index 7d5bc5718..76fb187fc 100644 --- a/packstack/puppet/templates/nova_api.pp +++ b/packstack/puppet/templates/nova_api.pp @@ -9,8 +9,3 @@ Package<| title == 'nova-common' |> -> Class['nova::api'] -firewall { '001 novaapi incoming': - proto => 'tcp', - dport => ['8773', '8774', '8775'], - action => 'accept', -} diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index c87796b45..99ab6a84c 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -67,8 +67,3 @@ auth_host => '%(CONFIG_CONTROLLER_HOST)s', } -firewall { '001 swift proxy incoming': - proto => 'tcp', - dport => ['8080'], - action => 'accept', -} From 16a766d81f2c525e95defa340949535826b26f82 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Wed, 20 Aug 2014 14:05:40 -0600 Subject: [PATCH 0114/1017] Add ignore unknown variables errors switch Add ignore unknown variables errors switch to sysctl in packstack puppet module neutron bridge manifest. Change-Id: If7c0bb538bd0fa995e1fd6a72105d6415ae78ee5 Fixes: rhbz#1132129 --- packstack/puppet/modules/packstack/manifests/neutron/bridge.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp index 4b67889ec..a5782b434 100644 --- a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp +++ b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp @@ -23,7 +23,7 @@ match => 'net.bridge.bridge-nf-call-arptables\s*=', } -> exec { 'sysctl_refresh': path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], - command => 'sysctl -p /etc/sysctl.conf', + command => 'sysctl -e -p /etc/sysctl.conf', logoutput => 'on_failure', } } From 0464e047d3396cedea56d53adfd0b5a0970db1e0 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Thu, 21 Aug 2014 13:12:53 +0200 Subject: [PATCH 0115/1017] RHSM HTTP proxy This patch add possibility to configure HTTP proxy for subscription-manager. Change-Id: I27ae4e9396630e81b10344982b90bee01723f56b Fixes: rhbz#1123875 --- packstack/plugins/serverprep_001.py | 166 ++++++++++++++++++++++------ 1 file changed, 132 insertions(+), 34 deletions(-) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index f2ff3b527..86221d6ce 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -69,6 +69,24 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "rhn-satellite-server", + "USAGE": ("To subscribe each server with RHN Satellite,fill " + "Satellite's URL here. Note that either satellite's " + "username/password or activation key has " + "to be provided"), + "PROMPT": ("To subscribe each server with RHN Satellite enter " + "RHN Satellite server URL"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SATELLITE_URL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ], + + "RHSM": [ {"CMD_OPTION": "rh-password", "USAGE": ("To subscribe each server with Red Hat subscription " "manager, include this with CONFIG_RH_USER"), @@ -83,7 +101,7 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, - {"CMD_OPTION": "rhn-enable-optional", + {"CMD_OPTION": "rh-enable-optional", "USAGE": "To enable RHEL optional repos use value \"y\"", "PROMPT": "To enable RHEL optional repos use value \"y\"", "OPTION_LIST": ["y", "n"], @@ -96,18 +114,60 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, - {"CMD_OPTION": "rhn-satellite-server", - "USAGE": ("To subscribe each server with RHN Satellite,fill " - "Satellite's URL here. Note that either satellite's " - "username/password or activation key has " - "to be provided"), - "PROMPT": ("To subscribe each server with RHN Satellite enter " - "RHN Satellite server URL"), + {"CMD_OPTION": "rh-proxy-host", + "USAGE": ("Specify a HTTP proxy to use with Red Hat subscription " + "manager"), + "PROMPT": ("Specify a HTTP proxy to use with Red Hat subscription" + " manager"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_RH_PROXY", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ], + + "RHSM_PROXY": [ + {"CMD_OPTION": "rh-proxy-port", + "USAGE": ("Specify port of Red Hat subscription manager HTTP " + "proxy"), + "PROMPT": ("Specify port of Red Hat subscription manager HTTP " + "proxy"), "OPTION_LIST": [], "DEFAULT_VALUE": "", "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_SATELLITE_URL", + "CONF_NAME": "CONFIG_RH_PROXY_PORT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rh-proxy-user", + "USAGE": ("Specify a username to use with Red Hat subscription " + "manager HTTP proxy"), + "PROMPT": ("Specify a username to use with Red Hat subscription " + "manager HTTP proxy"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_RH_PROXY_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "rh-proxy-password", + "USAGE": ("Specify a password to use with Red Hat subscription " + "manager HTTP proxy"), + "PROMPT": ("Specify a password to use with Red Hat subscription " + "manager HTTP proxy"), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_RH_PROXY_PW", "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False} @@ -240,6 +300,12 @@ def initConfig(controller): ] } + def filled_rhsm(config): + return bool(config.get('CONFIG_RH_USER')) + + def filled_rhsm_proxy(config): + return bool(config.get('CONFIG_RH_PROXY')) + def filled_satellite(config): return bool(config.get('CONFIG_SATELLITE_URL')) @@ -257,26 +323,42 @@ def filled_satellite_proxy(config): config = controller.CONF if (is_all_in_one(config) and is_rhel()) or not is_all_in_one(config): - conf_groups.append({"GROUP_NAME": "RHEL", - "DESCRIPTION": "RHEL config", - "PRE_CONDITION": lambda x: 'yes', - "PRE_CONDITION_MATCH": "yes", - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}) - - conf_groups.append({"GROUP_NAME": "SATELLITE", - "DESCRIPTION": "RHN Satellite config", - "PRE_CONDITION": filled_satellite, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}) - - conf_groups.append({"GROUP_NAME": "SATELLITE_PROXY", - "DESCRIPTION": "RHN Satellite proxy config", - "PRE_CONDITION": filled_satellite_proxy, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}) + conf_groups.extend([ + {"GROUP_NAME": "RHEL", + "DESCRIPTION": "RHEL config", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "RHSM", + "DESCRIPTION": "RH subscription manager config", + "PRE_CONDITION": filled_rhsm, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "RHSM_PROXY", + "DESCRIPTION": "RH subscription manager proxy config", + "PRE_CONDITION": filled_rhsm_proxy, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "SATELLITE", + "DESCRIPTION": "RHN Satellite config", + "PRE_CONDITION": filled_satellite, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "SATELLITE_PROXY", + "DESCRIPTION": "RHN Satellite proxy config", + "PRE_CONDITION": filled_satellite_proxy, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + ]) for group in conf_groups: params = conf_params[group["GROUP_NAME"]] @@ -359,13 +441,24 @@ def run_rhn_reg(host, server_url, username=None, password=None, server.execute(mask_list=mask) -def run_rhsm_reg(config, host, username, password): +def run_rhsm_reg(host, username, password, optional=False, proxy_server=None, + proxy_port=None, proxy_user=None, proxy_password=None): """ Registers given host to Red Hat Repositories via subscription manager. """ releasever = config['HOST_DETAILS'][host]['release'].split('.')[0] server = utils.ScriptRunner(host) + # configure proxy if it is necessary + if proxy_server: + cmd = ('subscription-manager config ' + '--server.proxy_hostname=%(proxy_server)s ' + '--server.proxy_port=%(proxy_port)s') + if proxy_user: + cmd += (' --server.proxy_user=%(proxy_user)s ' + '--server.proxy_password=%(proxy_password)s') + server.append(cmd % locals()) + # register host cmd = ('subscription-manager register --username=\"%s\" ' '--password=\"%s\" --autosubscribe || true') @@ -379,7 +472,7 @@ def run_rhsm_reg(config, host, username, password): " | grep -i 'Pool ID:' | awk '{print $3}')") server.append(cmd % pool) - if config['CONFIG_RH_OPTIONAL'] == 'y': + if optional: server.append("subscription-manager repos " "--enable rhel-%s-server-optional-rpms" % releasever) server.append("subscription-manager repos " @@ -507,8 +600,8 @@ def server_prep(config, messages): rh_username = None sat_url = None if is_rhel(): - rh_username = config["CONFIG_RH_USER"].strip() - rh_password = config["CONFIG_RH_PW"].strip() + rh_username = config.get("CONFIG_RH_USER") + rh_password = config.get("CONFIG_RH_PW") sat_registered = set() @@ -533,7 +626,12 @@ def server_prep(config, messages): for hostname in filtered_hosts(config): # Subscribe to Red Hat Repositories if configured if rh_username: - run_rhsm_reg(config, hostname, rh_username, rh_password) + run_rhsm_reg(hostname, rh_username, rh_password, + optional=(config.get('CONFIG_RH_OPTIONAL') == 'y'), + proxy_server=config.get('CONFIG_RH_PROXY'), + proxy_port=config.get('CONFIG_RH_PROXY_PORT'), + proxy_user=config.get('CONFIG_RH_PROXY_USER'), + proxy_password=config.get('CONFIG_RH_PROXY_PASSWORD')) # Subscribe to RHN Satellite if configured if sat_url and hostname not in sat_registered: From 5226c3b071eac1a46dc2099bc6314b7d9f179222 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 21 Aug 2014 16:19:35 +0200 Subject: [PATCH 0116/1017] Install and update packages required by packstack Just installing puppet can fail with deployments where puppet was preinstalled in older version. We need to ensure we have the latest packages. Change-Id: I0866357d4cd11f9255381d2d108182c555ba6787 Closes-Bug: rhbz#1132408 --- packstack/plugins/puppet_950.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 9fefc6b2a..d1678696a 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -149,9 +149,11 @@ def install_deps(config, messages): for hostname in filtered_hosts(config): server = utils.ScriptRunner(hostname) - for package in deps: - server.append("rpm -q --whatprovides %s || yum install -y %s" - % (package, package)) + packages = ' '.join(deps) + server.append("yum install -y %s" + % packages) + server.append("yum update -y %s" + % packages) server.execute() From c60d74b6b9d76571bb5a9583648e863236bede9a Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Fri, 22 Aug 2014 11:41:47 +0200 Subject: [PATCH 0117/1017] Correct value of $public_bridge_name This patch corrects value of $public_ovs_bridge_name in provision_demo.pp template. Change-Id: I6fb10e3dfb97a5e1d4d191cce5649d09f8649ab9 Closes-bug: #1360107 --- packstack/puppet/templates/provision_demo.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index ab782f07d..95d997312 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -25,7 +25,7 @@ $fixed_range = '10.0.0.0/24' $router_name = 'router1' $setup_ovs_bridge = %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s - $public_bridge_name = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + $public_bridge_name = '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s' ## Users From 732990c18e7e55aaa711a5eab68f96c6a80f18ff Mon Sep 17 00:00:00 2001 From: Ryan Hefner Date: Thu, 12 Jun 2014 00:52:29 -0400 Subject: [PATCH 0118/1017] Enables config of NetApp's Cinder driver Change-Id: I6f75477c3ab333294efc082a7968fc7b6f154d44 --- docs/packstack.rst | 63 ++- packstack/plugins/cinder_250.py | 460 +++++++++++++++++- .../templates/cinder_netapp_7mode_iscsi.pp | 22 + .../templates/cinder_netapp_7mode_nfs.pp | 23 + .../templates/cinder_netapp_cdot_iscsi.pp | 21 + .../templates/cinder_netapp_cdot_nfs.pp | 24 + .../puppet/templates/cinder_netapp_eseries.pp | 23 + 7 files changed, 633 insertions(+), 3 deletions(-) create mode 100644 packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp create mode 100644 packstack/puppet/templates/cinder_netapp_7mode_nfs.pp create mode 100644 packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp create mode 100644 packstack/puppet/templates/cinder_netapp_cdot_nfs.pp create mode 100644 packstack/puppet/templates/cinder_netapp_eseries.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index a36a85700..715c6d8e7 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -163,7 +163,7 @@ Cinder Config parameters The password to use for the Cinder to authenticate with Keystone. **CONFIG_CINDER_BACKEND** - The Cinder backend to use ['lvm', 'gluster', 'nfs', 'vmdk']. + The Cinder backend to use ['lvm', 'gluster', 'nfs', 'vmdk', 'netapp']. Cinder volume create Config parameters -------------------------------------- @@ -189,6 +189,67 @@ Cinder NFS Config parameters **CONFIG_CINDER_NFS_MOUNTS** A single or comma separated list of NFS exports to mount. +Cinder NetApp Config parameters +---------------------------- + +**CONFIG_CINDER_NETAPP_LOGIN** + (required) Password for the administrative user account specified in the netapp_login parameter. + +**CONFIG_CINDER_NETAPP_PASSWORD** + (required) The hostname (or IP address) for the storage system or proxy server. + +**CONFIG_CINDER_NETAPP_HOSTNAME** + (required) The hostname (or IP address) for the storage system or proxy server. + +**CONFIG_CINDER_NETAPP_SERVER_PORT** + (optional) The TCP port to use for communication with ONTAPI on the storage system. Traditionally, port 80 is used for HTTP and port 443 is used for HTTPS; however, this value should be changed if an alternate port has been configured on the storage system or proxy server. Defaults to 80 + +**CONFIG_CINDER_NETAPP_STORAGE_FAMILY** + (optional) The storage family type used on the storage system; valid values are ontap_7mode for using Data ONTAP operating in 7-Mode or ontap_cluster for using clustered Data ONTAP, or eseries for NetApp E-Series. Defaults to ontap_cluster. + +**CONFIG_CINDER_NETAPP_TRANSPORT_TYPE** + (optional) The transport protocol used when communicating with ONTAPI on the storage system or proxy server. Valid values are http or https. Defaults to http. + +**CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL** + (optional) The storage protocol to be used on the data path with the storage system; valid values are iscsi or nfs. Defaults to nfs. + +**CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER** + (optional) The quantity to be multiplied by the requested volume size to ensure enough space is available on the virtual storage server (Vserver) to fulfill the volume creation request. Defaults to 1.0. + +**CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES** + (optional) This parameter specifies the threshold for last access time for images in the NFS image cache. When a cache cleaning cycle begins, images in the cache that have not been accessed in the last M minutes, where M is the value of this parameter, will be deleted from the cache to create free space on the NFS share. Defaults to 720. + +**CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START** + (optional) If the percentage of available space for an NFS share has dropped below the value specified by this parameter, the NFS image cache will be cleaned. Defaults to 20. + +**CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP** + (optional) When the percentage of available space on an NFS share has reached the percentage specified by this parameter, the driver will stop clearing files from the NFS image cache that have not been accessed in the last M minutes, where M is the value of the expiry_thres_minutes parameter. Defaults to 60. + +**CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG** + (optional) File with the list of available NFS shares. Defaults to ''. + +**CONFIG_CINDER_NETAPP_VOLUME_LIST** + (optional) This parameter is only utilized when the storage protocol is configured to use iSCSI. This parameter is used to restrict provisioning to the specified controller volumes. Specify the value of this parameter to be a comma separated list of NetApp controller volume names to be used for provisioning. Defaults to ''. + +**CONFIG_CINDER_NETAPP_VFILER** + (optional) The vFiler unit on which provisioning of block storage volumes will be done. This parameter is only used by the driver when connecting to an instance with a storage family of Data ONTAP operating in 7-Mode and the storage protocol selected is iSCSI. Only use this parameter when utilizing the MultiStore feature on the NetApp storage system. Defaults to ''. + +**CONFIG_CINDER_NETAPP_VSERVER** + (optional) This parameter specifies the virtual storage server (Vserver) name on the storage cluster on which provisioning of block storage volumes should occur. If using the NFS storage protocol, this parameter is mandatory for storage service catalog support (utilized by Cinder volume type extra_specs support). If this parameter is specified, the exports belonging to the Vserver will only be used for provisioning in the future. Block storage volumes on exports not belonging to the Vserver specified by this parameter will continue to function normally. Defaults to ''. + +**CONFIG_CINDER_NETAPP_CONTROLLER_IPS** + (optional) This option is only utilized when the storage family is configured to eseries. This option is used to restrict provisioning to the specified controllers. Specify the value of this option to be a comma separated list of controller hostnames or IP addresses to be used for provisioning. Defaults to ''. + +**CONFIG_CINDER_NETAPP_SA_PASSWORD** + (optional) Password for the NetApp E-Series storage array. Defaults to ''. + +**CONFIG_CINDER_NETAPP_WEBSERVICE_PATH** + (optional) This option is used to specify the path to the E-Series proxy application on a proxy server. The value is combined with the value of the netapp_transport_type, netapp_server_hostname, and netapp_server_port options to create the URL used by the driver to connect to the proxy application. Defaults to '/devmgr/v2'. + +**CONFIG_CINDER_NETAPP_STORAGE_POOLS** + (optional) This option is used to restrict provisioning to the specified storage pools. Only dynamic disk pools are currently supported. Specify the value of this option to be a comma separated list of disk pool names to be used for provisioning. Defaults to ''. + + Nova Options ------------ diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index a7c826c47..2a30baa4a 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -31,6 +31,9 @@ PLUGIN_NAME = "OS-Cinder" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') +NETAPP_DEFAULT_STORAGE_FAMILY = "ontap_cluster" +NETAPP_DEFAULT_STORAGE_PROTOCOL = "nfs" + def initConfig(controller): params = [ @@ -63,9 +66,9 @@ def initConfig(controller): {"CMD_OPTION": "cinder-backend", "USAGE": ("The Cinder backend to use, valid options are: lvm, " - "gluster, nfs"), + "gluster, nfs, netapp"), "PROMPT": "Enter the Cinder backend to be configured", - "OPTION_LIST": ["lvm", "gluster", "nfs", "vmdk"], + "OPTION_LIST": ["lvm", "gluster", "nfs", "vmdk", "netapp"], "VALIDATORS": [validators.validate_options], "DEFAULT_VALUE": "lvm", "MASK_INPUT": False, @@ -200,6 +203,440 @@ def check_nfs_options(config): "POST_CONDITION_MATCH": True} controller.addGroup(group, params) + def check_netapp_options(config): + return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and + config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'netapp') + + params = [ + {"CMD_OPTION": "cinder-netapp-login", + "USAGE": ("(required) Administrative user account name used to " + "access the storage system or proxy server. "), + "PROMPT": ("Enter a NetApp login"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_LOGIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-password", + "USAGE": ("(required) Password for the administrative user account " + "specified in the netapp_login parameter."), + "PROMPT": ("Enter a NetApp password"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-hostname", + "USAGE": ("(required) The hostname (or IP address) for the storage " + "system or proxy server."), + "PROMPT": ("Enter a NetApp hostname"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_HOSTNAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-server-port", + "USAGE": ("(optional) The TCP port to use for communication with " + "ONTAPI on the storage system. Traditionally, port 80 is " + "used for HTTP and port 443 is used for HTTPS; however, " + "this value should be changed if an alternate port has " + "been configured on the storage system or proxy server. " + "Defaults to 80."), + "PROMPT": ("Enter a NetApp server port"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_port], + "PROCESSORS": [], + "DEFAULT_VALUE": 80, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_SERVER_PORT", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-storage-family", + "USAGE": ("(optional) The storage family type used on the storage " + "system; valid values are ontap_7mode for using Data ONTAP " + "operating in 7-Mode or ontap_cluster for using clustered " + "Data ONTAP, or eseries for NetApp E-Series. " + "Defaults to %s." % NETAPP_DEFAULT_STORAGE_FAMILY), + "PROMPT": ("Enter a NetApp storage family"), + "OPTION_LIST": ["ontap_7mode", "ontap_cluster", "eseries"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [], + "DEFAULT_VALUE": NETAPP_DEFAULT_STORAGE_FAMILY, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_FAMILY", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-transport-type", + "USAGE": ("(optional) The transport protocol used when communicating " + "with ONTAPI on the storage system or proxy server. Valid " + "values are http or https. " + "Defaults to http."), + "PROMPT": ("Enter a NetApp transport type"), + "OPTION_LIST": ["http", "https"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [], + "DEFAULT_VALUE": "http", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_TRANSPORT_TYPE", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-storage-protocol", + "USAGE": ("(optional) The storage protocol to be used on the data " + "path with the storage system; valid values are iscsi " + "or nfs. " + "Defaults to %s." % NETAPP_DEFAULT_STORAGE_PROTOCOL), + "PROMPT": ("Enter a NetApp storage protocol"), + "OPTION_LIST": ["iscsi", "nfs"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [], + "DEFAULT_VALUE": NETAPP_DEFAULT_STORAGE_PROTOCOL, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + + group = {"GROUP_NAME": "CINDERNETAPPMAIN", + "DESCRIPTION": "Cinder NetApp main configuration", + "PRE_CONDITION": check_netapp_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + + controller.addGroup(group, params) + + def check_netapp_ontap_iscsi_options(config): + storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', + NETAPP_DEFAULT_STORAGE_FAMILY) + storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', + NETAPP_DEFAULT_STORAGE_PROTOCOL) + return (check_netapp_options(config) and + storage_family in ['ontap_cluster', 'ontap_7mode'] and + storage_protocol == "iscsi") + + params = [ + {"CMD_OPTION": "cinder-netapp-size-multiplier", + "USAGE": ("(optional) The quantity to be multiplied by the requested " + "volume size to ensure enough space is available on the " + "virtual storage server (Vserver) to fulfill the volume " + "creation request. " + "Defaults to 1.0."), + "PROMPT": ("Enter a NetApp size multiplier"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "1.0", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERNETAPPONTAPISCSI ", + "DESCRIPTION": "Cinder NetApp ONTAP-iSCSI configuration", + "PRE_CONDITION": check_netapp_ontap_iscsi_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + def check_netapp_nfs_settings(config): + storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', + NETAPP_DEFAULT_STORAGE_PROTOCOL) + return (check_netapp_options(config) and + storage_protocol == "nfs") + + params = [ + {"CMD_OPTION": "cinder-netapp-expiry-thres-minutes", + "USAGE": ("(optional) This parameter specifies the threshold for " + "last access time for images in the NFS image cache. When " + "a cache cleaning cycle begins, images in the cache that " + "have not been accessed in the last M minutes, where M is " + "the value of this parameter, will be deleted from the " + "cache to create free space on the NFS share. " + "Defaults to 720."), + "PROMPT": ("Enter a threshold"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_integer], + "PROCESSORS": [], + "DEFAULT_VALUE": 720, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-thres-avl-size-perc-start", + "USAGE": ("(optional) If the percentage of available space for an " + "NFS share has dropped below the value specified by this " + "parameter, the NFS image cache will be cleaned. " + "Defaults to 20"), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_integer], + "PROCESSORS": [], + "DEFAULT_VALUE": 20, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-thres-avl-size-perc-stop", + "USAGE": ("(optional) When the percentage of available space on an " + "NFS share has reached the percentage specified by this " + "parameter, the driver will stop clearing files from the " + "NFS image cache that have not been accessed in the last M " + "minutes, where M is the value of the expiry_thres_minutes " + "parameter. " + "Defaults to 60."), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_integer], + "PROCESSORS": [], + "DEFAULT_VALUE": 60, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-nfs-shares-config", + "USAGE": ("(optional) File with the list of available NFS shares. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp NFS share config file"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_file], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERNETAPPNFS", + "DESCRIPTION": "Cinder NetApp NFS configuration", + "PRE_CONDITION": check_netapp_nfs_settings, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + def check_netapp_7modeiscsi_options(config): + storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', + NETAPP_DEFAULT_STORAGE_FAMILY) + storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', + NETAPP_DEFAULT_STORAGE_PROTOCOL) + return (check_netapp_options(config) and + storage_family == 'ontap_7mode' and + storage_protocol == 'iscsi') + + params = [ + {"CMD_OPTION": "cinder-netapp-volume-list", + "USAGE": ("(optional) This parameter is only utilized when the " + "storage protocol is configured to use iSCSI. This " + "parameter is used to restrict provisioning to the " + "specified controller volumes. Specify the value of this " + "parameter to be a comma separated list of NetApp " + "controller volume names to be used for provisioning. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp volume list"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_VOLUME_LIST", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-vfiler", + "USAGE": ("(optional) The vFiler unit on which provisioning of block " + "storage volumes will be done. This parameter is only used " + "by the driver when connecting to an instance with a " + "storage family of Data ONTAP operating in 7-Mode and the " + "storage protocol selected is iSCSI. Only use this " + "parameter when utilizing the MultiStore feature on the " + "NetApp storage system. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp vFiler"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_VFILER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERNETAPPISCSI7MODE", + "DESCRIPTION": "Cinder NetApp iSCSI & 7-mode configuration", + "PRE_CONDITION": check_netapp_7modeiscsi_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + def check_netapp_vserver_options(config): + storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', + NETAPP_DEFAULT_STORAGE_FAMILY) + storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', + NETAPP_DEFAULT_STORAGE_PROTOCOL) + + return (check_netapp_options(config) and + storage_family == "ontap_cluster" and + storage_protocol in ['nfs', 'iscsi']) + + params = [ + {"CMD_OPTION": "cinder-netapp-vserver", + "USAGE": ("(optional) This parameter specifies the virtual storage " + "server (Vserver) name on the storage cluster on which " + "provisioning of block storage volumes should occur. If " + "using the NFS storage protocol, this parameter is " + "mandatory for storage service catalog support (utilized " + "by Cinder volume type extra_specs support). If this " + "parameter is specified, the exports belonging to the " + "Vserver will only be used for provisioning in the future. " + "Block storage volumes on exports not belonging to the " + "Vserver specified by this parameter will continue to " + "function normally. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp Vserver"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_VSERVER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERNETAPPVSERVER", + "DESCRIPTION": "Cinder NetApp vServer configuration", + "PRE_CONDITION": check_netapp_vserver_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + def check_netapp_eseries_options(config): + storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', + NETAPP_DEFAULT_STORAGE_FAMILY) + return (check_netapp_options(config) and + storage_family == "eseries") + + params = [ + {"CMD_OPTION": "cinder-netapp-controller-ips", + "USAGE": ("(optional) This option is only utilized when the storage " + "family is configured to eseries. This option is used to " + "restrict provisioning to the specified controllers. " + "Specify the value of this option to be a comma separated " + "list of controller hostnames or IP addresses to be used " + "for provisioning. " + "Defaults to ''."), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_multi_ping], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_CONTROLLER_IPS", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-sa-password", + "USAGE": ("(optional) Password for the NetApp E-Series storage " + "array. " + "Defaults to ''."), + "PROMPT": ("Enter a password"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_SA_PASSWORD", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-webservice-path", + "USAGE": ("(optional) This option is used to specify the path to the " + "E-Series proxy application on a proxy server. The value " + "is combined with the value of the netapp_transport_type, " + "netapp_server_hostname, and netapp_server_port options to " + "create the URL used by the driver to connect to the proxy " + "application. " + "Defaults to '/devmgr/v2'."), + "PROMPT": ("Enter a path"), + "OPTION_LIST": ["^[/].*$"], + "VALIDATORS": [validators.validate_regexp], + "PROCESSORS": [], + "DEFAULT_VALUE": "/devmgr/v2", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_WEBSERVICE_PATH", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-storage-pools", + "USAGE": ("(optional) This option is used to restrict provisioning " + "to the specified storage pools. Only dynamic disk pools " + "are currently supported. Specify the value of this option " + "to be a comma separated list of disk pool names to be " + "used for provisioning. " + "Defaults to ''."), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_POOLS", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "CINDERNETAPPESERIES", + "DESCRIPTION": "Cinder NetApp E-Series configuration", + "PRE_CONDITION": check_netapp_eseries_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + def initSequences(controller): if controller.CONF['CONFIG_CINDER_INSTALL'] != 'y': @@ -346,6 +783,25 @@ def create_manifest(config, messages): manifestdata += getManifestTemplate("cinder_nfs.pp") elif config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") + if config['CONFIG_CINDER_BACKEND'] == "netapp": + puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp" + puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp" + puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp" + puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp" + puppet_eseries = "cinder_netapp_eseries.pp" + + if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": + if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": + manifestdata += getManifestTemplate(puppet_cdot_iscsi) + elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": + manifestdata += getManifestTemplate(puppet_cdot_nfs) + elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode": + if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": + manifestdata += getManifestTemplate(puppet_7mode_iscsi) + elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": + manifestdata += getManifestTemplate(puppet_7mode_nfs) + elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": + manifestdata += getManifestTemplate(puppet_eseries) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': diff --git a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp new file mode 100644 index 000000000..5773d2aa8 --- /dev/null +++ b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp @@ -0,0 +1,22 @@ +# Copyright (c) – 2014, Ryan Hefner. All rights reserved. + +package { 'iscsi-initiator-utils': ensure => present } + +cinder_config { + "DEFAULT/enabled_backends": value => "myBackend"; +} + +cinder::backend::netapp{ 'myBackend': + netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", + netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", + netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", + netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", + netapp_size_multiplier => "%(CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER)s", + netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", + netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", + netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", + netapp_vfiler => "%(CONFIG_CINDER_NETAPP_VFILER)s", + netapp_volume_list => ["%(CONFIG_CINDER_NETAPP_VOLUME_LIST)s"], + + require => Package['iscsi-initiator-utils'], +} diff --git a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp new file mode 100644 index 000000000..9b8e90eb3 --- /dev/null +++ b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp @@ -0,0 +1,23 @@ +# Copyright (c) – 2014, Ryan Hefner. All rights reserved. + +package { 'nfs-utils': ensure => present } + +cinder_config { + "DEFAULT/enabled_backends": value => "myBackend"; +} + +cinder::backend::netapp{ 'myBackend': + netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", + netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", + netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", + netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", + netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", + netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", + netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", + expiry_thres_minutes => "%(CONFIG_CINDER_EXPIRY_THRES_MINUTES)s", + thres_avl_size_perc_start => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START)s", + thres_avl_size_perc_stop => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP)s", + nfs_shares_config => "%(CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG)s", + + require => Package['nfs-utils'], +} diff --git a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp new file mode 100644 index 000000000..09c235daa --- /dev/null +++ b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp @@ -0,0 +1,21 @@ +# Copyright (c) – 2014, Ryan Hefner. All rights reserved. + +package { 'iscsi-initiator-utils': ensure => present } + +cinder_config { + "DEFAULT/enabled_backends": value => "myBackend"; +} + +cinder::backend::netapp{ 'myBackend': + netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", + netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", + netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", + netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", + netapp_size_multiplier => "%(CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER)s", + netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", + netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", + netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", + netapp_vserver => "%(CONFIG_CINDER_NETAPP_VSERVER)s", + + require => Package['iscsi-initiator-utils'], +} diff --git a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp new file mode 100644 index 000000000..960e3329a --- /dev/null +++ b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp @@ -0,0 +1,24 @@ +# Copyright (c) – 2014, Ryan Hefner. All rights reserved. + +package { 'nfs-utils': ensure => present } + +cinder_config { + "DEFAULT/enabled_backends": value => "myBackend"; +} + +cinder::backend::netapp{ 'myBackend': + netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", + netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", + netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", + netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", + netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", + netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", + netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", + netapp_vserver => "%(CONFIG_CINDER_NETAPP_VSERVER)s", + expiry_thres_minutes => "%(CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES)s", + thres_avl_size_perc_start => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START)s", + thres_avl_size_perc_stop => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP)s", + nfs_shares_config => "%(CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG)s", + + require => Package['nfs-utils'], +} diff --git a/packstack/puppet/templates/cinder_netapp_eseries.pp b/packstack/puppet/templates/cinder_netapp_eseries.pp new file mode 100644 index 000000000..b137d2e00 --- /dev/null +++ b/packstack/puppet/templates/cinder_netapp_eseries.pp @@ -0,0 +1,23 @@ +# Copyright (c) – 2014, Ryan Hefner. All rights reserved. + +package { 'iscsi-initiator-utils': ensure => present } + +cinder_config { + "DEFAULT/enabled_backends": value => "myBackend"; +} + +cinder::backend::netapp{ 'myBackend': + netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", + netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", + netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", + netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", + netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", + netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", + netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", + netapp_controller_ips => "%(CONFIG_CINDER_NETAPP_CONTROLLER_IPS)s", + netapp_sa_password => "%(CONFIG_CINDER_NETAPP_SA_PASSWORD)s", + netapp_storage_pools => "%(CONFIG_CINDER_NETAPP_STORAGE_POOLS)s", + netapp_webservice_path => "%(CONFIG_CINDER_NETAPP_WEBSERVICE_PATH)s", + + require => Package['iscsi-initiator-utils'], +} From 27944e1f07d039a63de562d527b4fb431e7ba09e Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 26 Aug 2014 07:27:39 -0400 Subject: [PATCH 0119/1017] Make packstack compatible with latest puppetlabs-mysql module Update of mysql module allows us to update all openstack puppet modules to their latest versions. This will allow us to test and deploy Juno release. Requires: https://github.com/redhat-openstack/openstack-puppet-modules/pull/96 Requires: rhbz#1134328 Closes-Bug: rhbz#1129760 Change-Id: I155b9fbf258d12a64d7b6e2be3f623b709b7289e --- packstack/puppet/templates/cinder_qpid.pp | 1 + packstack/puppet/templates/cinder_rabbitmq.pp | 1 + packstack/puppet/templates/glance.pp | 2 ++ .../templates/glance_ceilometer_rabbitmq.pp | 2 +- packstack/puppet/templates/keystone.pp | 1 + .../puppet/templates/mysql_cinder_install.pp | 1 + .../puppet/templates/mysql_glance_install.pp | 1 + .../puppet/templates/mysql_heat_install.pp | 1 + packstack/puppet/templates/mysql_install.pp | 22 ++++++++++++------- .../templates/mysql_keystone_install.pp | 1 + .../puppet/templates/mysql_neutron_install.pp | 1 + .../puppet/templates/mysql_nova_install.pp | 1 + packstack/puppet/templates/neutron_api.pp | 1 + 13 files changed, 27 insertions(+), 9 deletions(-) diff --git a/packstack/puppet/templates/cinder_qpid.pp b/packstack/puppet/templates/cinder_qpid.pp index 33fd39de3..b676f01f1 100644 --- a/packstack/puppet/templates/cinder_qpid.pp +++ b/packstack/puppet/templates/cinder_qpid.pp @@ -9,4 +9,5 @@ sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MYSQL_HOST)s/cinder", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/cinder_rabbitmq.pp b/packstack/puppet/templates/cinder_rabbitmq.pp index da12e38cd..725252dbc 100644 --- a/packstack/puppet/templates/cinder_rabbitmq.pp +++ b/packstack/puppet/templates/cinder_rabbitmq.pp @@ -7,4 +7,5 @@ sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MYSQL_HOST)s/cinder", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index c38b94bb0..3c890ad79 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -8,6 +8,7 @@ sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/glance", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, + mysql_module => '2.2', } class { 'glance::backend::file': } @@ -20,4 +21,5 @@ sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/glance", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp b/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp index a549229ab..57c6beda9 100644 --- a/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp @@ -2,7 +2,7 @@ class { 'glance::notify::rabbitmq': rabbit_host => '%(CONFIG_AMQP_HOST)s', rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - rabbit_use_ssl => '%(CONFIG_AMQP_ENABLE_SSL)s', + rabbit_use_ssl => %(CONFIG_AMQP_ENABLE_SSL)s, rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', } diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index 111ac2885..30a01eb9c 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -5,6 +5,7 @@ token_format => "%(CONFIG_KEYSTONE_TOKEN_FORMAT)s", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, + mysql_module => '2.2', } class {"keystone::roles::admin": diff --git a/packstack/puppet/templates/mysql_cinder_install.pp b/packstack/puppet/templates/mysql_cinder_install.pp index 9c1b9b46f..4a10614f5 100644 --- a/packstack/puppet/templates/mysql_cinder_install.pp +++ b/packstack/puppet/templates/mysql_cinder_install.pp @@ -3,4 +3,5 @@ host => "%%", allowed_hosts => "%%", charset => "utf8", + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mysql_glance_install.pp b/packstack/puppet/templates/mysql_glance_install.pp index a6bc1dee5..6c868da53 100644 --- a/packstack/puppet/templates/mysql_glance_install.pp +++ b/packstack/puppet/templates/mysql_glance_install.pp @@ -3,4 +3,5 @@ host => "%%", allowed_hosts => "%%", charset => "utf8", + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mysql_heat_install.pp b/packstack/puppet/templates/mysql_heat_install.pp index 98d76f7a5..19aa67b28 100644 --- a/packstack/puppet/templates/mysql_heat_install.pp +++ b/packstack/puppet/templates/mysql_heat_install.pp @@ -3,4 +3,5 @@ host => "%%", allowed_hosts => "%%", charset => "utf8", + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mysql_install.pp index 6a33cba5d..c9e80f12c 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mysql_install.pp @@ -13,11 +13,17 @@ } class {"mysql::server": - package_name => "mariadb-galera-server", - manage_service => $manage_service, - config_hash => {bind_address => "0.0.0.0", - default_engine => "InnoDB", - root_password => "%(CONFIG_MYSQL_PW)s",} + package_name => "mariadb-galera-server", + service_manage => $manage_service, + restart => true, + root_password => "%(CONFIG_MYSQL_PW)s", + override_options => { + 'mysqld' => { bind_address => "0.0.0.0", + default_storage_engine => "InnoDB", + max_connections => "1024", + open_files_limit => '-1', + } + } } include packstack::innodb @@ -26,15 +32,15 @@ # this is done in mysql::server::account_security but has problems # when there is no fqdn, so we're defining a slightly different one here database_user { [ 'root@127.0.0.1', 'root@::1', '@localhost', '@%%' ]: - ensure => 'absent', require => Class['mysql::config'], + ensure => 'absent', require => Class['mysql::server'], } if ($::fqdn != "" and $::fqdn != "localhost") { database_user { [ "root@${::fqdn}", "@${::fqdn}"]: - ensure => 'absent', require => Class['mysql::config'], + ensure => 'absent', require => Class['mysql::server'], } } if ($::fqdn != $::hostname and $::hostname != "localhost") { database_user { ["root@${::hostname}", "@${::hostname}"]: - ensure => 'absent', require => Class['mysql::config'], + ensure => 'absent', require => Class['mysql::server'], } } diff --git a/packstack/puppet/templates/mysql_keystone_install.pp b/packstack/puppet/templates/mysql_keystone_install.pp index 9adf46b5f..2ef9bdbff 100644 --- a/packstack/puppet/templates/mysql_keystone_install.pp +++ b/packstack/puppet/templates/mysql_keystone_install.pp @@ -3,4 +3,5 @@ password => "%(CONFIG_KEYSTONE_DB_PW)s", allowed_hosts => "%%", charset => "utf8", + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mysql_neutron_install.pp b/packstack/puppet/templates/mysql_neutron_install.pp index c2771a177..3070dfa74 100644 --- a/packstack/puppet/templates/mysql_neutron_install.pp +++ b/packstack/puppet/templates/mysql_neutron_install.pp @@ -4,4 +4,5 @@ allowed_hosts => "%%", dbname => '%(CONFIG_NEUTRON_L2_DBNAME)s', charset => "utf8", + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mysql_nova_install.pp b/packstack/puppet/templates/mysql_nova_install.pp index 80f88d34f..2049beeaa 100644 --- a/packstack/puppet/templates/mysql_nova_install.pp +++ b/packstack/puppet/templates/mysql_nova_install.pp @@ -3,4 +3,5 @@ host => "%%", allowed_hosts => "%%", charset => "utf8", + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index e2f198550..486ab03dc 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -4,6 +4,7 @@ auth_password => $neutron_user_password, auth_host => '%(CONFIG_CONTROLLER_HOST)s', enabled => true, + mysql_module => '2.2', } exec { 'neutron-db-manage upgrade': From ea2a4f6628769eab26a923332da87ad01904a338 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Mon, 1 Sep 2014 21:11:46 +0200 Subject: [PATCH 0120/1017] Improved versioning This patch adds versioning system which is consistent with other OpenStack projects. Change-Id: Ia835bf21f800c8c7c65f282a719dbf399d24bb80 --- bin/release.sh | 25 +++++++------ packstack/version.py | 85 +++++++++++++++++++++++++++++++++++++++----- 2 files changed, 90 insertions(+), 20 deletions(-) diff --git a/bin/release.sh b/bin/release.sh index 29502bd3b..d512c59a2 100755 --- a/bin/release.sh +++ b/bin/release.sh @@ -1,19 +1,22 @@ #!/usr/bin/env bash -# + +SCRIPT_PATH="${BASH_SOURCE[0]}" +SCRIPT_DIR=`dirname $SCRIPT_PATH` +cd $SCRIPT_DIR/.. git reset --hard -git submodule sync -git submodule update --init -git status -s | grep "." && ( echo "Contains unknown files" ; exit 1 ) -if [ "$1" = "release" ] ; then - sed -i -e 's/FINAL=False/FINAL=True/g' packstack/version.py - SNAPTAG="" -else - SNAPTAG=$(git log --oneline | wc -l) - sed -i -e "s/SNAPTAG=None/SNAPTAG=${SNAPTAG}/g" packstack/version.py +if [ -n "$1" ] ; then + git tag -a -m $1 $1 fi -python setup.py setopt -o tag_build -s "$SNAPTAG" -c egg_info +VERSION=`python setup.py --version` + +sed -i -e "s/RESERVE_STR = None/RESERVE_STR = '$VERSION'/g" packstack/version.py python setup.py sdist + +if [ -n "$1" ] ; then + echo "Packstack was released with tag '$1'. Please don't forget to push tag upstream (git push --tags)." +fi + git checkout packstack/version.py diff --git a/packstack/version.py b/packstack/version.py index d1a0130ca..f7ce34bb4 100644 --- a/packstack/version.py +++ b/packstack/version.py @@ -1,14 +1,81 @@ +# -*- coding: utf-8 -*- + +import os +import pkg_resources + +from .installer.utils import execute + + +VERSION = ['2014', '2'] +OS_RELEASE = 'Juno' +RESERVE_STR = None + + +def vr_from_git(): + """Returns VR string calculated from GIT repo.""" + proj_dir = os.path.dirname(os.path.dirname(__file__)) + rc, tag = execute( + 'git describe --exact-match', + workdir=proj_dir, + use_shell=True, + can_fail=False, + log=False + ) + if not rc: + # we are on tagged commit, so let's use the tag as VR string + return tag.strip() + + rc, description = execute( + 'git describe --always', + workdir=proj_dir, + use_shell=True, + log=False + ) + if '-' in description: + # last tag has been found + tag, snap_tag, git_hash = description.split('-') + else: + # no tag has been found + rc, git_hash = execute( + 'git log -n1 --pretty=format:%h', + workdir=proj_dir, + use_shell=True, + log=False + ) + git_hash = 'g{0}'.format(git_hash) + rc, snap_tag = execute( + 'git log --oneline | wc -l', + workdir=proj_dir, + use_shell=True, + log=False + ) + return '{0}.dev{1}.{2}'.format( + '.'.join(VERSION), + snap_tag.strip(), + git_hash.strip(), + ) + + +def vr_from_setuptools(): + """Returns VR string fetched from setuptools.""" + requirement = pkg_resources.Requirement.parse('packstack') + provider = pkg_resources.get_provider(requirement) + return provider.version -VERSION = ['2014', '1', '1'] -FINAL=False -RELEASE="Icehouse" -SNAPTAG=None def release_string(): - return RELEASE + return OS_RELEASE + def version_string(): - if FINAL: - return '.'.join(filter(None, VERSION)) - else: - return '.'.join(filter(None, VERSION))+"dev{0}".format(SNAPTAG) + try: + version = vr_from_git() + except Exception: + # Not a git repo, so get version from setuptools + try: + version = vr_from_setuptools() + except Exception: + # In case of problem with setuptools, return version + # saved by release.sh or VERSION if nothing was saved + version = RESERVE_STR if RESERVE_STR else '.'.join(VERSION) + return version From b26280d8350275173e2dbace58932e7356fab2f4 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Fri, 22 Aug 2014 15:28:01 +0200 Subject: [PATCH 0121/1017] Unsupported option This patch adds possibility of using unsupported parameter CONFIG_STORAGE_HOST, which allows Packstack to install Glance and Cinder to separate host. Change-Id: I71e82356a3c1ccdeaf784706f44535f8126c93fe Resolves: rhbz#1131866 --- packstack/plugins/cinder_250.py | 18 +- packstack/plugins/glance_200.py | 8 +- packstack/plugins/prescript_000.py | 880 ++++++++++-------- packstack/plugins/provision_700.py | 17 + packstack/puppet/templates/cinder.pp | 3 +- packstack/puppet/templates/cinder_lvm.pp | 2 +- packstack/puppet/templates/keystone_cinder.pp | 8 +- packstack/puppet/templates/keystone_glance.pp | 6 +- .../puppet/templates/nova_common_qpid.pp | 2 +- .../puppet/templates/nova_common_rabbitmq.pp | 2 +- packstack/puppet/templates/provision_demo.pp | 16 +- .../puppet/templates/provision_demo_glance.pp | 15 + .../puppet/templates/provision_tempest.pp | 17 - .../templates/provision_tempest_glance.pp | 53 ++ 14 files changed, 628 insertions(+), 419 deletions(-) create mode 100644 packstack/puppet/templates/provision_demo_glance.pp create mode 100644 packstack/puppet/templates/provision_tempest_glance.pp diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index a7c826c47..a80c46253 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -223,10 +223,12 @@ def initSequences(controller): def check_cinder_vg(config, messages): cinders_volume = 'cinder-volumes' + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] # Do we have a cinder-volumes vg? have_cinders_volume = False - server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) + server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) server.append('vgdisplay %s' % cinders_volume) try: server.execute() @@ -235,7 +237,7 @@ def check_cinder_vg(config, messages): pass # Configure system LVM settings (snapshot_autoextend) - server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) + server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) server.append('sed -i -r "s/^ *snapshot_autoextend_threshold +=.*/' ' snapshot_autoextend_threshold = 80/" ' '/etc/lvm/lvm.conf') @@ -260,7 +262,7 @@ def check_cinder_vg(config, messages): # TO-DO: This is implemented in cinder::setup_test_volume class. # We should use it instead of this Python code - server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) + server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) server.append('systemctl') try: server.execute() @@ -315,7 +317,7 @@ def check_cinder_vg(config, messages): # fails. try: logging.debug("Release loop device, volume creation failed") - server = utils.ScriptRunner(config['CONFIG_CONTROLLER_HOST']) + server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) server.append('losetup -d $(losetup -j %s | cut -d : -f 1)' % cinders_volume_path) server.execute() @@ -328,14 +330,20 @@ def check_cinder_vg(config, messages): def create_keystone_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_cinder.pp") appendManifestFile(manifestfile, manifestdata) def create_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate(get_mq(config, "cinder")) - manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "lvm": diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 9a47d49e8..810c228d3 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -80,13 +80,19 @@ def initSequences(controller): #-------------------------- step functions -------------------------- def create_keystone_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_glance.pp") appendManifestFile(manifestfile, manifestdata) def create_manifest(config, messages): - manifestfile = "%s_glance.pp" % config['CONFIG_CONTROLLER_HOST'] + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestfile = "%s_glance.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("glance.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': mq_template = get_mq(config, "glance_ceilometer") diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index eba27458b..8095ee931 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -27,382 +27,522 @@ def initConfig(controller): default_ssh_key = os.path.join(os.environ["HOME"], ".ssh/*.pub") default_ssh_key = (glob.glob(default_ssh_key) + [""])[0] - params = [ - {"CMD_OPTION": "ssh-public-key", - "USAGE": ("Path to a Public key to install on servers. If a usable " - "key has not been installed on the remote servers the user " - "will be prompted for a password and this key will be " - "installed so the password will not be required again"), - "PROMPT": ("Enter the path to your ssh Public key to install " - "on servers"), - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_file, validators.validate_sshkey], - "PROCESSORS": [processors.process_ssh_key], - "DEFAULT_VALUE": default_ssh_key, - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_SSH_KEY", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "mysql-install", - "USAGE": "Set to 'y' if you would like Packstack to install MySQL", - "PROMPT": "Should Packstack install MySQL DB", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_MYSQL_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-glance-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Image Service (Glance)"), - "PROMPT": "Should Packstack install OpenStack Image Service (Glance)", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_GLANCE_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-cinder-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Block Storage (Cinder)"), - "PROMPT": ("Should Packstack install OpenStack Block Storage " - "(Cinder) service"), - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-nova-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Compute (Nova)"), - "PROMPT": "Should Packstack install OpenStack Compute (Nova) service", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NOVA_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-neutron-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Networking (Neutron). Otherwise Nova Network " - "will be used."), - "PROMPT": ("Should Packstack install OpenStack Networking (Neutron) " - "service"), - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NEUTRON_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-horizon-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Dashboard (Horizon)"), - "PROMPT": "Should Packstack install OpenStack Dashboard (Horizon)", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_HORIZON_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-swift-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Object Storage (Swift)"), - "PROMPT": "Should Packstack install OpenStack Object Storage (Swift)", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_SWIFT_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-ceilometer-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Metering (Ceilometer)"), - "PROMPT": "Should Packstack install OpenStack Metering (Ceilometer)", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CEILOMETER_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-heat-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "OpenStack Orchestration (Heat)"), - "PROMPT": "Should Packstack install OpenStack Orchestration (Heat)", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "n", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_HEAT_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-client-install", - "USAGE": ("Set to 'y' if you would like Packstack to install " - "the OpenStack Client packages. An admin \"rc\" file will " - "also be installed"), - "PROMPT": "Should Packstack install OpenStack client tools", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CLIENT_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "ntp-servers", - "USAGE": ("Comma separated list of NTP servers. Leave plain if " - "Packstack should not install ntpd on instances."), - "PROMPT": ("Enter a comma separated list of NTP server(s). Leave " - "plain if Packstack should not install ntpd " - "on instances."), - "OPTION_LIST": [], - "DEFAULT_VALUE": '', - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NTP_SERVERS", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "nagios-install", - "USAGE": ("Set to 'y' if you would like Packstack to install Nagios " - "to monitor OpenStack hosts"), - "PROMPT": ("Should Packstack install Nagios to monitor OpenStack " - "hosts"), - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": 'y', - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NAGIOS_INSTALL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "exclude-servers", - "USAGE": ("Comma separated list of servers to be excluded from " - "installation in case you are running Packstack the second " - "time with the same answer file and don't want Packstack " - "to touch these servers. Leave plain if you don't need to " - "exclude any server."), - "PROMPT": ("Enter a comma separated list of server(s) to be excluded." - " Leave plain if you don't need to exclude any server."), - "OPTION_LIST": [], - "DEFAULT_VALUE": '', - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "EXCLUDE_SERVERS", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-debug-mode", - "USAGE": ("Set to 'y' if you want to run OpenStack services in debug " - "mode. Otherwise set to 'n'."), - "PROMPT": "Do you want to run OpenStack services in debug mode", - "OPTION_LIST": ["y", "n"], - "DEFAULT_VALUE": "n", - "VALIDATORS": [validators.validate_options], - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_DEBUG_MODE", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CONF_NAME": "CONFIG_CONTROLLER_HOST", - "CMD_OPTION": "os-controller-host", - "USAGE": ("The IP address of the server on which to install OpenStack" - " services specific to controller role such as API servers," - " Horizon, etc."), - "PROMPT": "Enter the IP address of the controller host", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_ip, - validators.validate_ssh], - "DEFAULT_VALUE": utils.get_localhost_ip(), - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False, - "DEPRECATES": ['CONFIG_CEILOMETER_HOST', - 'CONFIG_CINDER_HOST', - 'CONFIG_GLANCE_HOST', - 'CONFIG_HORIZON_HOST', - 'CONFIG_HEAT_HOST', - 'CONFIG_KEYSTONE_HOST', - 'CONFIG_NAGIOS_HOST', - 'CONFIG_NEUTRON_SERVER_HOST', - 'CONFIG_NEUTRON_LBAAS_HOSTS', - 'CONFIG_NOVA_API_HOST', - 'CONFIG_NOVA_CERT_HOST', - 'CONFIG_NOVA_VNCPROXY_HOST', - 'CONFIG_NOVA_SCHED_HOST', - 'CONFIG_OSCLIENT_HOST', - 'CONFIG_SWIFT_PROXY_HOSTS']}, - - {"CONF_NAME": "CONFIG_COMPUTE_HOSTS", - "CMD_OPTION": "os-compute-hosts", - "USAGE": ("The list of IP addresses of the server on which to install" - " the Nova compute service"), - "PROMPT": ("Enter list of IP addresses on which to install compute " - "service"), - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_multi_ip, - validators.validate_multi_ssh], - "DEFAULT_VALUE": utils.get_localhost_ip(), - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False, - "DEPRECATES": ['CONFIG_NOVA_COMPUTE_HOSTS']}, - - {"CONF_NAME": "CONFIG_NETWORK_HOSTS", - "CMD_OPTION": "os-network-hosts", - "USAGE": ("The list of IP addresses of the server on which " - "to install the network service such as Nova " - "network or Neutron"), - "PROMPT": ("Enter list of IP addresses on which to install " - "network service"), - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_multi_ip, - validators.validate_multi_ssh], - "DEFAULT_VALUE": utils.get_localhost_ip(), - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False, - "DEPRECATES": ['CONFIG_NEUTRON_L3_HOSTS', - 'CONFIG_NEUTRON_DHCP_HOSTS', - 'CONFIG_NEUTRON_METADATA_HOSTS', - 'CONFIG_NOVA_NETWORK_HOSTS']}, - - {"CMD_OPTION": "os-vmware", - "USAGE": ("Set to 'y' if you want to use VMware vCenter as hypervisor" - " and storage. Otherwise set to 'n'."), - "PROMPT": ("Do you want to use VMware vCenter as hypervisor and " - "datastore"), - "OPTION_LIST": ["y", "n"], - "DEFAULT_VALUE": "n", - "VALIDATORS": [validators.validate_options], - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_VMWARE_BACKEND", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "GLOBAL", - "DESCRIPTION": "Global Options", - "PRE_CONDITION": lambda x: 'yes', - "PRE_CONDITION_MATCH": "yes", - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) + params = { + "GLOBAL": [ + {"CMD_OPTION": "ssh-public-key", + "USAGE": ( + "Path to a Public key to install on servers. If a usable " + "key has not been installed on the remote servers the user " + "will be prompted for a password and this key will be " + "installed so the password will not be required again" + ), + "PROMPT": ( + "Enter the path to your ssh Public key to install on servers" + ), + "OPTION_LIST": [], + "VALIDATORS": [ + validators.validate_file, + validators.validate_sshkey + ], + "PROCESSORS": [processors.process_ssh_key], + "DEFAULT_VALUE": default_ssh_key, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SSH_KEY", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "mysql-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install MySQL" + ), + "PROMPT": "Should Packstack install MySQL DB", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MYSQL_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-glance-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Image Service (Glance)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Image Service (Glance)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_GLANCE_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-cinder-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Block Storage (Cinder)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Block Storage " + "(Cinder) service" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-nova-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Compute (Nova)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Compute (Nova) service" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-neutron-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Networking (Neutron). Otherwise Nova Network " + "will be used." + ), + "PROMPT": ( + "Should Packstack install OpenStack Networking (Neutron) " + "service" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NEUTRON_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-horizon-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Dashboard (Horizon)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Dashboard (Horizon)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HORIZON_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-swift-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Object Storage (Swift)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Object Storage (Swift)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SWIFT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-ceilometer-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Metering (Ceilometer)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Metering (Ceilometer)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CEILOMETER_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-heat-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Orchestration (Heat)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Orchestration (Heat)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_HEAT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-client-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "the OpenStack Client packages. An admin \"rc\" file will " + "also be installed" + ), + "PROMPT": "Should Packstack install OpenStack client tools", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CLIENT_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "ntp-servers", + "USAGE": ("Comma separated list of NTP servers. Leave plain if " + "Packstack should not install ntpd on instances."), + "PROMPT": ("Enter a comma separated list of NTP server(s). Leave " + "plain if Packstack should not install ntpd " + "on instances."), + "OPTION_LIST": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NTP_SERVERS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "nagios-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install Nagios " + "to monitor OpenStack hosts" + ), + "PROMPT": ( + "Should Packstack install Nagios to monitor OpenStack " + "hosts" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'y', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NAGIOS_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "exclude-servers", + "USAGE": ( + "Comma separated list of servers to be excluded from " + "installation in case you are running Packstack the second " + "time with the same answer file and don't want Packstack " + "to touch these servers. Leave plain if you don't need to " + "exclude any server." + ), + "PROMPT": ( + "Enter a comma separated list of server(s) to be excluded." + " Leave plain if you don't need to exclude any server." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "EXCLUDE_SERVERS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-debug-mode", + "USAGE": ( + "Set to 'y' if you want to run OpenStack services in debug " + "mode. Otherwise set to 'n'." + ), + "PROMPT": "Do you want to run OpenStack services in debug mode", + "OPTION_LIST": ["y", "n"], + "DEFAULT_VALUE": "n", + "VALIDATORS": [validators.validate_options], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_DEBUG_MODE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_CONTROLLER_HOST", + "CMD_OPTION": "os-controller-host", + "USAGE": ( + "The IP address of the server on which to install OpenStack" + " services specific to controller role such as API servers," + " Horizon, etc." + ), + "PROMPT": "Enter the IP address of the controller host", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip, + validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False, + "DEPRECATES": ['CONFIG_CEILOMETER_HOST', + 'CONFIG_CINDER_HOST', + 'CONFIG_GLANCE_HOST', + 'CONFIG_HORIZON_HOST', + 'CONFIG_HEAT_HOST', + 'CONFIG_KEYSTONE_HOST', + 'CONFIG_NAGIOS_HOST', + 'CONFIG_NEUTRON_SERVER_HOST', + 'CONFIG_NEUTRON_LBAAS_HOSTS', + 'CONFIG_NOVA_API_HOST', + 'CONFIG_NOVA_CERT_HOST', + 'CONFIG_NOVA_VNCPROXY_HOST', + 'CONFIG_NOVA_SCHED_HOST', + 'CONFIG_OSCLIENT_HOST', + 'CONFIG_SWIFT_PROXY_HOSTS']}, + + {"CONF_NAME": "CONFIG_COMPUTE_HOSTS", + "CMD_OPTION": "os-compute-hosts", + "USAGE": ( + "The list of IP addresses of the server on which to install" + " the Nova compute service" + ), + "PROMPT": ( + "Enter list of IP addresses on which to install compute " + "service" + ), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_multi_ip, + validators.validate_multi_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False, + "DEPRECATES": ['CONFIG_NOVA_COMPUTE_HOSTS']}, + + {"CONF_NAME": "CONFIG_NETWORK_HOSTS", + "CMD_OPTION": "os-network-hosts", + "USAGE": ("The list of IP addresses of the server on which " + "to install the network service such as Nova " + "network or Neutron"), + "PROMPT": ("Enter list of IP addresses on which to install " + "network service"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_multi_ip, + validators.validate_multi_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False, + "DEPRECATES": ['CONFIG_NEUTRON_L3_HOSTS', + 'CONFIG_NEUTRON_DHCP_HOSTS', + 'CONFIG_NEUTRON_METADATA_HOSTS', + 'CONFIG_NOVA_NETWORK_HOSTS']}, + + {"CMD_OPTION": "os-vmware", + "USAGE": ( + "Set to 'y' if you want to use VMware vCenter as hypervisor" + " and storage. Otherwise set to 'n'." + ), + "PROMPT": ( + "Do you want to use VMware vCenter as hypervisor and " + "datastore" + ), + "OPTION_LIST": ["y", "n"], + "DEFAULT_VALUE": "n", + "VALIDATORS": [validators.validate_options], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_VMWARE_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "os-vmware", + "USAGE": ( + "Set to 'y' if you want to use VMware vCenter as hypervisor" + " and storage. Otherwise set to 'n'." + ), + "PROMPT": ( + "Do you want to use VMware vCenter as hypervisor and " + "datastore" + ), + "OPTION_LIST": ["y", "n"], + "DEFAULT_VALUE": "n", + "VALIDATORS": [validators.validate_options], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_VMWARE_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "unsupported", + "USAGE": ( + "Set to 'y' if you want to use unsupported parameters. " + "This should be used only if you know what you are doing." + "Issues caused by using unsupported options won't be fixed " + "before next major release." + ), + "PROMPT": ( + "Enable this on your own risk. Do you want to use unsupported " + "parameters" + ), + "OPTION_LIST": ["y", "n"], + "DEFAULT_VALUE": "n", + "VALIDATORS": [validators.validate_options], + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_UNSUPPORTED", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "VMWARE": [ + {"CMD_OPTION": "vcenter-host", + "USAGE": "The IP address of the VMware vCenter server", + "PROMPT": ( + "Enter the IP address of the VMware vCenter server to use " + "with Nova" + ), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "vcenter-username", + "USAGE": "The username to authenticate to VMware vCenter server", + "PROMPT": ("Enter the username to authenticate on VMware " + "vCenter server"), + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "vcenter-password", + "USAGE": "The password to authenticate to VMware vCenter server", + "PROMPT": ("Enter the password to authenticate on VMware " + "vCenter server"), + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "vcenter-cluster", + "USAGE": "The name of the vCenter cluster", + "PROMPT": "Enter the name of the vCenter datastore", + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_VCENTER_CLUSTER_NAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "UNSUPPORTED": [ + {"CONF_NAME": "CONFIG_STORAGE_HOST", + "CMD_OPTION": "os-storage-host", + "USAGE": ( + "(Unsupported!) The IP address of the server on which " + "to install OpenStack services specific to storage servers " + "such as Glance and Cinder." + ), + "PROMPT": "Enter the IP address of the storage host", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip, + validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + } def use_vcenter(config): return (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'y') - params = [ - {"CMD_OPTION": "vcenter-host", - "USAGE": "The IP address of the VMware vCenter server", - "PROMPT": ("Enter the IP address of the VMware vCenter server to use " - "with Nova"), - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_ip], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_VCENTER_HOST", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "vcenter-username", - "USAGE": "The username to authenticate to VMware vCenter server", - "PROMPT": ("Enter the username to authenticate on VMware " - "vCenter server"), - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_VCENTER_USER", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "vcenter-password", - "USAGE": "The password to authenticate to VMware vCenter server", - "PROMPT": ("Enter the password to authenticate on VMware " - "vCenter server"), - "DEFAULT_VALUE": "", - "MASK_INPUT": True, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_VCENTER_PASSWORD", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "vcenter-cluster", - "USAGE": "The name of the vCenter cluster", - "PROMPT": "Enter the name of the vCenter datastore", - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_VCENTER_CLUSTER_NAME", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, + def unsupported_enabled(config): + return config['CONFIG_UNSUPPORTED'] == 'y' + + groups = [ + {"GROUP_NAME": "GLOBAL", + "DESCRIPTION": "Global Options", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "VMWARE", + "DESCRIPTION": "vCenter Config Parameters", + "PRE_CONDITION": use_vcenter, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "UNSUPPORTED", + "DESCRIPTION": "Global unsupported options", + "PRE_CONDITION": unsupported_enabled, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} ] - group = {"GROUP_NAME": "VMWARE", - "DESCRIPTION": "vCenter Config Parameters", - "PRE_CONDITION": use_vcenter, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) + for group in groups: + controller.addGroup(group, params[group['GROUP_NAME']]) def initSequences(controller): diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 144c8b9ec..8262ff3d4 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -228,6 +228,10 @@ def initSequences(controller): {'title': 'Adding Provisioning Tempest manifest entries', 'functions': [create_tempest_manifest]} ) + provision_steps.append( + {'title': 'Adding Provisioning Glance manifest entries', + 'functions': [create_storage_manifest]} + ) marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') @@ -276,6 +280,19 @@ def create_demo_manifest(config, messages): appendManifestFile(manifest_file, manifest_data) +def create_storage_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + if config['CONFIG_PROVISION_TEMPEST'] == "y": + template = "provision_tempest_glance.pp" + else: + template = "provision_demo_glance.pp" + manifest_file = '%s_provision_glance.pp' % config['CONFIG_STORAGE_HOST'] + manifest_data = getManifestTemplate(template) + appendManifestFile(manifest_file, manifest_data) + + def create_tempest_manifest(config, messages): using_neutron(config) using_heat(config) diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index aa5f2f4d0..3b8c9fbb3 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -1,5 +1,5 @@ cinder_config { - "DEFAULT/glance_host": value => "%(CONFIG_CONTROLLER_HOST)s"; + "DEFAULT/glance_host": value => "%(CONFIG_STORAGE_HOST)s"; } package {'python-keystone': @@ -18,3 +18,4 @@ class {'cinder::volume': } + diff --git a/packstack/puppet/templates/cinder_lvm.pp b/packstack/puppet/templates/cinder_lvm.pp index 9d46ce8b7..4a7a437f6 100644 --- a/packstack/puppet/templates/cinder_lvm.pp +++ b/packstack/puppet/templates/cinder_lvm.pp @@ -4,6 +4,6 @@ } class {'cinder::volume::iscsi': - iscsi_ip_address => '%(CONFIG_CONTROLLER_HOST)s', + iscsi_ip_address => '%(CONFIG_STORAGE_HOST)s', require => Package['lvm2'], } diff --git a/packstack/puppet/templates/keystone_cinder.pp b/packstack/puppet/templates/keystone_cinder.pp index 0655da753..0270adb3f 100644 --- a/packstack/puppet/templates/keystone_cinder.pp +++ b/packstack/puppet/templates/keystone_cinder.pp @@ -1,9 +1,9 @@ class {"cinder::keystone::auth": - password => "%(CONFIG_CINDER_KS_PW)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", + password => "%(CONFIG_CINDER_KS_PW)s", + public_address => "%(CONFIG_STORAGE_HOST)s", + admin_address => "%(CONFIG_STORAGE_HOST)s", + internal_address => "%(CONFIG_STORAGE_HOST)s", } keystone_service { "${cinder::keystone::auth::auth_name}_v2": diff --git a/packstack/puppet/templates/keystone_glance.pp b/packstack/puppet/templates/keystone_glance.pp index 51827253e..4249a2623 100644 --- a/packstack/puppet/templates/keystone_glance.pp +++ b/packstack/puppet/templates/keystone_glance.pp @@ -1,7 +1,7 @@ class {"glance::keystone::auth": password => "%(CONFIG_GLANCE_KS_PW)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", + public_address => "%(CONFIG_STORAGE_HOST)s", + admin_address => "%(CONFIG_STORAGE_HOST)s", + internal_address => "%(CONFIG_STORAGE_HOST)s", } diff --git a/packstack/puppet/templates/nova_common_qpid.pp b/packstack/puppet/templates/nova_common_qpid.pp index 81570a2b4..192b421b5 100644 --- a/packstack/puppet/templates/nova_common_qpid.pp +++ b/packstack/puppet/templates/nova_common_qpid.pp @@ -9,7 +9,7 @@ } class { "nova": - glance_api_servers => "%(CONFIG_CONTROLLER_HOST)s:9292", + glance_api_servers => "%(CONFIG_STORAGE_HOST)s:9292", qpid_hostname => "%(CONFIG_AMQP_HOST)s", qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index 243611b11..c6e199f9f 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -9,7 +9,7 @@ } class { "nova": - glance_api_servers => "%(CONFIG_CONTROLLER_HOST)s:9292", + glance_api_servers => "%(CONFIG_STORAGE_HOST)s:9292", rabbit_host => "%(CONFIG_AMQP_HOST)s", rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index 95d997312..70d079a1a 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -11,11 +11,6 @@ # Heat Using Trusts $heat_using_trusts = '%(CONFIG_HEAT_USING_TRUSTS)s' - ## Glance - $image_name = 'cirros' - $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' - $image_ssh_user = 'cirros' - ## Neutron $public_network_name = 'public' $public_subnet_name = 'public_subnet' @@ -48,16 +43,7 @@ } } - ## Images - - glance_image { $image_name: - ensure => present, - is_public => 'yes', - container_format => 'bare', - disk_format => 'qcow2', - source => $image_source, - } - + ## Neutron if %(PROVISION_NEUTRON_AVAILABLE)s { diff --git a/packstack/puppet/templates/provision_demo_glance.pp b/packstack/puppet/templates/provision_demo_glance.pp new file mode 100644 index 000000000..2f79b3bd0 --- /dev/null +++ b/packstack/puppet/templates/provision_demo_glance.pp @@ -0,0 +1,15 @@ + + ## Images + ## Glance + $image_name = 'cirros' + $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_ssh_user = 'cirros' + + glance_image { $image_name: + ensure => present, + is_public => 'yes', + container_format => 'bare', + disk_format => 'qcow2', + source => $image_source, + } + diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 4b02ab7b1..3317ac900 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -81,16 +81,6 @@ } } - ## Images - - glance_image { $image_name: - ensure => present, - is_public => 'yes', - container_format => 'bare', - disk_format => 'qcow2', - source => $image_source, - } - # Support creation of a second glance image # distinct from the first, for tempest. It # doesn't need to be a different image, just @@ -111,13 +101,6 @@ $image_alt_ssh_user_real = $image_ssh_user_alt } - glance_image { $image_name_alt: - ensure => present, - is_public => 'yes', - container_format => 'bare', - disk_format => 'qcow2', - source => $image_source_alt_real, - } } else { $image_name_alt_real = $image_name } diff --git a/packstack/puppet/templates/provision_tempest_glance.pp b/packstack/puppet/templates/provision_tempest_glance.pp new file mode 100644 index 000000000..4793f6095 --- /dev/null +++ b/packstack/puppet/templates/provision_tempest_glance.pp @@ -0,0 +1,53 @@ + + ## Glance + $image_name = 'cirros' + $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_ssh_user = 'cirros' + + ## Tempest + + $image_name_alt = false + $image_source_alt = false + $image_ssh_user_alt = false + ## Images + + glance_image { $image_name: + ensure => present, + is_public => 'yes', + container_format => 'bare', + disk_format => 'qcow2', + source => $image_source, + } + + # Support creation of a second glance image + # distinct from the first, for tempest. It + # doesn't need to be a different image, just + # have a different name and ref in glance. + if $image_name_alt { + $image_name_alt_real = $image_name_alt + if ! $image_source_alt { + # Use the same source by default + $image_source_alt_real = $image_source + } else { + $image_source_alt_real = $image_source_alt + } + + if ! $image_ssh_user_alt { + # Use the same user by default + $image_alt_ssh_user_real = $image_ssh_user + } else { + $image_alt_ssh_user_real = $image_ssh_user_alt + } + + glance_image { $image_name_alt: + ensure => present, + is_public => 'yes', + container_format => 'bare', + disk_format => 'qcow2', + source => $image_source_alt_real, + } + } else { + $image_name_alt_real = $image_name + } + + From aafd611a5fec4753363b0d246b7d70faeca487d5 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 5 Sep 2014 10:44:13 +0200 Subject: [PATCH 0122/1017] Add dependant openstacklib to list of puppet modules Openstack modules now use openstacklib for common setups such as database. Change-Id: Ia95ce244b2a48c90e4921d3f771326be45fd2321 --- packstack/plugins/puppet_950.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index d1678696a..d1d1bae3a 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -164,7 +164,8 @@ def copy_puppet_modules(config, messages): 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', 'packstack', 'qpid', 'rabbitmq', 'remote', 'rsync', 'ssh', 'stdlib', 'swift', 'sysctl', 'tempest', - 'vcsrepo', 'vlan', 'vswitch', 'xinetd')) + 'vcsrepo', 'vlan', 'vswitch', 'xinetd', + 'openstacklib')) # write puppet manifest to disk manifestfiles.writeManifests() From 67b98ec17954f55a62b144dffc1885a63e44cc09 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 5 Sep 2014 10:50:44 +0200 Subject: [PATCH 0123/1017] Call rpm --whatprovides on packages required to run puppet We install the packages with one yum command but it won't return error if some of the packages are missing. We better check that using rpm. Change-Id: Ie2537c5c0e3348d2c7df6b9bfc40939985171b45 --- packstack/plugins/puppet_950.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index d1d1bae3a..1a3d34c49 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -154,6 +154,9 @@ def install_deps(config, messages): % packages) server.append("yum update -y %s" % packages) + # yum does not fail if one of the packages is missing + for package in deps: + server.append("rpm -q --whatprovides %s" % (package)) server.execute() From 63d9c503e9a3946aa2ffc5432b79f04c5e797785 Mon Sep 17 00:00:00 2001 From: Rich Bowen Date: Fri, 5 Sep 2014 14:54:13 -0400 Subject: [PATCH 0124/1017] Links to get-involved type resources Change-Id: I21328d0abdf455f564ba343d454c3eaf469c4c48 --- README | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README b/README index 5b6731ebe..d156136e4 100644 --- a/README +++ b/README @@ -1,5 +1,10 @@ Utility to install OpenStack on Red Hat based operating system. -See other branches for older openstack versions +See other branches for older openstack versions. Details on how to +contribute to Packstack may be found in the Packstack wiki at +https://wiki.openstack.org/wiki/Packstack Additional information about +involvement in the community around Packstack can be found at +https://openstack.redhat.com/Get_involved + This utility can be used to install openstack on a single or group of hosts (over ssh) From dc9902f4873e46d7a33df2dcc3dc139ecd883168 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Thu, 5 Jun 2014 13:54:46 -0600 Subject: [PATCH 0125/1017] Deprecates MySQL parameters in favor of MariaDB Change-Id: I7723b1df6a5f8fc12b86763a57042db29358a522 Fixes: rhbz#1102486 --- docs/packstack.rst | 20 +++--- packstack/modules/common.py | 2 +- .../plugins/{mysql_003.py => mariadb_003.py} | 65 ++++++++++--------- packstack/plugins/nova_300.py | 2 +- packstack/plugins/prescript_000.py | 11 ++-- packstack/puppet/templates/cinder_qpid.pp | 2 +- packstack/puppet/templates/cinder_rabbitmq.pp | 2 +- packstack/puppet/templates/glance.pp | 4 +- packstack/puppet/templates/heat_qpid.pp | 2 +- packstack/puppet/templates/heat_rabbitmq.pp | 2 +- packstack/puppet/templates/keystone.pp | 2 +- ...r_install.pp => mariadb_cinder_install.pp} | 0 ...install.pp => mariadb_cinder_noinstall.pp} | 18 ++--- ...e_install.pp => mariadb_glance_install.pp} | 0 ...install.pp => mariadb_glance_noinstall.pp} | 18 ++--- ...eat_install.pp => mariadb_heat_install.pp} | 0 ...noinstall.pp => mariadb_heat_noinstall.pp} | 18 ++--- .../{mysql_install.pp => mariadb_install.pp} | 2 +- ...install.pp => mariadb_keystone_install.pp} | 0 ...stall.pp => mariadb_keystone_noinstall.pp} | 18 ++--- ..._install.pp => mariadb_neutron_install.pp} | 0 ...nstall.pp => mariadb_neutron_noinstall.pp} | 18 ++--- ...ysql_noinstall.pp => mariadb_noinstall.pp} | 0 ...ova_install.pp => mariadb_nova_install.pp} | 0 ...noinstall.pp => mariadb_nova_noinstall.pp} | 18 ++--- packstack/puppet/templates/neutron.pp | 2 +- tests/installer/test_setup_params.py | 10 +-- 27 files changed, 120 insertions(+), 116 deletions(-) rename packstack/plugins/{mysql_003.py => mariadb_003.py} (63%) rename packstack/puppet/templates/{mysql_cinder_install.pp => mariadb_cinder_install.pp} (100%) rename packstack/puppet/templates/{mysql_cinder_noinstall.pp => mariadb_cinder_noinstall.pp} (52%) rename packstack/puppet/templates/{mysql_glance_install.pp => mariadb_glance_install.pp} (100%) rename packstack/puppet/templates/{mysql_glance_noinstall.pp => mariadb_glance_noinstall.pp} (52%) rename packstack/puppet/templates/{mysql_heat_install.pp => mariadb_heat_install.pp} (100%) rename packstack/puppet/templates/{mysql_heat_noinstall.pp => mariadb_heat_noinstall.pp} (51%) rename packstack/puppet/templates/{mysql_install.pp => mariadb_install.pp} (96%) rename packstack/puppet/templates/{mysql_keystone_install.pp => mariadb_keystone_install.pp} (100%) rename packstack/puppet/templates/{mysql_keystone_noinstall.pp => mariadb_keystone_noinstall.pp} (53%) rename packstack/puppet/templates/{mysql_neutron_install.pp => mariadb_neutron_install.pp} (100%) rename packstack/puppet/templates/{mysql_neutron_noinstall.pp => mariadb_neutron_noinstall.pp} (55%) rename packstack/puppet/templates/{mysql_noinstall.pp => mariadb_noinstall.pp} (100%) rename packstack/puppet/templates/{mysql_nova_install.pp => mariadb_nova_install.pp} (100%) rename packstack/puppet/templates/{mysql_nova_noinstall.pp => mariadb_nova_noinstall.pp} (51%) diff --git a/docs/packstack.rst b/docs/packstack.rst index 715c6d8e7..b66cb2630 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -57,8 +57,8 @@ Global Options **CONFIG_NEUTRON_INSTALL** Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). -**CONFIG_MYSQL_INSTALL** - Set to 'y' if you would like Packstack to install MySQL. +**CONFIG_MARIADB_INSTALL** + Set to 'y' if you would like Packstack to install MariaDB. **CONFIG_CONTROLLER_HOST** The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. This parameter replaced following deprecated parameters: CONFIG_CEILOMETER_HOST, CONFIG_CINDER_HOST, CONFIG_GLANCE_HOST, CONFIG_HORIZON_HOST, CONFIG_HEAT_HOST, CONFIG_KEYSTONE_HOST, CONFIG_NAGIOS_HOST, CONFIG_NEUTRON_SERVER_HOST, CONFIG_NEUTRON_LBAAS_HOSTS, CONFIG_NOVA_API_HOST, CONFIG_NOVA_CERT_HOST, CONFIG_NOVA_VNCPROXY_HOST, CONFIG_NOVA_SCHED_HOST, CONFIG_OSCLIENT_HOST, CONFIG_SWIFT_PROXY_HOSTS. @@ -76,17 +76,17 @@ SSH Configs **CONFIG_SSH_KEY** Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again. -MySQL Config parameters +MariaDB Config parameters ----------------------- -**CONFIG_MYSQL_HOST** - The IP address of the server on which to install MySQL. +**CONFIG_MARIADB_HOST** + The IP address of the server on which to install MariaDB. -**CONFIG_MYSQL_USER** - Username for the MySQL admin user. +**CONFIG_MARIADB_USER** + Username for the MariaDB admin user. -**CONFIG_MYSQL_PW** - Password for the MySQL admin user. +**CONFIG_MARIADB_PW** + Password for the MariaDB admin user. AMQP Config parameters ---------------------- @@ -419,7 +419,7 @@ Heat Config Parameters ---------------------- **CONFIG_HEAT_DB_PW** - The password used by Heat user to authenticate against MySQL. + The password used by Heat user to authenticate against MariaDB. **CONFIG_HEAT_AUTH_ENC_KEY** The encryption key to use for authentication info in database. diff --git a/packstack/modules/common.py b/packstack/modules/common.py index a3446ae81..143347766 100644 --- a/packstack/modules/common.py +++ b/packstack/modules/common.py @@ -18,7 +18,7 @@ def filtered_hosts(config, exclude=True, dbhost=True): for hosttype, hostname in utils.host_iter(config): # if dbhost is being taken into account and we are not installing MySQL # then we should omit the MySQL host - if dbhost and not dbinst and hosttype == 'CONFIG_MYSQL_HOST': + if dbhost and not dbinst and hosttype == 'CONFIG_MARIADB_HOST': continue if vcenter and hosttype == 'CONFIG_VCENTER_HOST': continue diff --git a/packstack/plugins/mysql_003.py b/packstack/plugins/mariadb_003.py similarity index 63% rename from packstack/plugins/mysql_003.py rename to packstack/plugins/mariadb_003.py index 84d7f8277..eca7f24a2 100644 --- a/packstack/plugins/mysql_003.py +++ b/packstack/plugins/mariadb_003.py @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- """ -Installs and configures MySQL +Installs and configures MariaDB """ import uuid @@ -18,55 +18,58 @@ #------------------ oVirt installer initialization ------------------ -PLUGIN_NAME = "MySQL" +PLUGIN_NAME = "MariaDB" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') def initConfig(controller): params = [ - {"CMD_OPTION": "mysql-host", - "USAGE": ("The IP address of the server on which to install MySQL or " - "IP address of DB server to use if MySQL installation was " - "not selected"), - "PROMPT": "Enter the IP address of the MySQL server", + {"CMD_OPTION": "mariadb-host", + "USAGE": ("The IP address of the server on which to install MariaDB " + "or IP address of DB server to use if MariaDB " + "installation was not selected"), + "PROMPT": "Enter the IP address of the MariaDB server", "OPTION_LIST": [], "VALIDATORS": [validators.validate_ssh], "DEFAULT_VALUE": utils.get_localhost_ip(), "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_MYSQL_HOST", + "CONF_NAME": "CONFIG_MARIADB_HOST", "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_MYSQL_HOST']}, - {"CMD_OPTION": "mysql-user", - "USAGE": "Username for the MySQL admin user", - "PROMPT": "Enter the username for the MySQL admin user", + {"CMD_OPTION": "mariadb-user", + "USAGE": "Username for the MariaDB admin user", + "PROMPT": "Enter the username for the MariaDB admin user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], "DEFAULT_VALUE": "root", "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_MYSQL_USER", + "CONF_NAME": "CONFIG_MARIADB_USER", "USE_DEFAULT": True, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_MYSQL_USER']}, - {"CMD_OPTION": "mysql-pw", - "USAGE": "Password for the MySQL admin user", - "PROMPT": "Enter the password for the MySQL admin user", + {"CMD_OPTION": "mariadb-pw", + "USAGE": "Password for the MariaDB admin user", + "PROMPT": "Enter the password for the MariaDB admin user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], "DEFAULT_VALUE": uuid.uuid4().hex[:16], "MASK_INPUT": True, "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_MYSQL_PW", + "CONF_NAME": "CONFIG_MARIADB_PW", "USE_DEFAULT": False, "NEED_CONFIRM": True, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_MYSQL_PW']}, ] - group = {"GROUP_NAME": "MYSQL", - "DESCRIPTION": "MySQL Config parameters", + group = {"GROUP_NAME": "MARIADB", + "DESCRIPTION": "MariaDB Config parameters", "PRE_CONDITION": lambda x: 'yes', "PRE_CONDITION_MATCH": "yes", "POST_CONDITION": False, @@ -75,31 +78,31 @@ def initConfig(controller): def initSequences(controller): - mysqlsteps = [ - {'title': 'Adding MySQL manifest entries', + mariadbsteps = [ + {'title': 'Adding MariaDB manifest entries', 'functions': [create_manifest]} ] - controller.addSequence("Installing MySQL", [], [], mysqlsteps) + controller.addSequence("Installing MariaDB", [], [], mariadbsteps) #-------------------------- step functions -------------------------- def create_manifest(config, messages): - if config['CONFIG_MYSQL_INSTALL'] == 'y': + if config['CONFIG_MARIADB_INSTALL'] == 'y': suffix = 'install' - host = config['CONFIG_MYSQL_HOST'] + host = config['CONFIG_MARIADB_HOST'] else: suffix = 'noinstall' host = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_mysql.pp" % host - manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] + manifestfile = "%s_mariadb.pp" % host + manifestdata = [getManifestTemplate('mariadb_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. - template = "mysql_%s_%s.pp" % (module, suffix) + template = "mariadb_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) @@ -109,13 +112,13 @@ def append_for(module, suffix): hosts = filtered_hosts(config, exclude=False, dbhost=True) - config['FIREWALL_SERVICE_NAME'] = "mysql" + config['FIREWALL_SERVICE_NAME'] = "mariadb" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host - config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host + config['FIREWALL_SERVICE_ID'] = "mariadb_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre') diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 42e39765c..56e76b2d4 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -625,7 +625,7 @@ def create_common_manifest(config, messages): perms = "nova" else: perms = "nova:%(CONFIG_NOVA_DB_PW)s" - sqlconn = "mysql://%s@%%(CONFIG_MYSQL_HOST)s/nova" % perms + sqlconn = "mysql://%s@%%(CONFIG_MARIADB_HOST)s/nova" % perms config['CONFIG_NOVA_SQL_CONN'] = sqlconn % config # for nova-network in multihost mode each compute host is metadata diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 8095ee931..6511a7fa3 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -53,20 +53,21 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, - {"CMD_OPTION": "mysql-install", + {"CMD_OPTION": "mariadb-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install MySQL" + "Set to 'y' if you would like Packstack to install MariaDB" ), - "PROMPT": "Should Packstack install MySQL DB", + "PROMPT": "Should Packstack install MariaDB", "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], "DEFAULT_VALUE": "y", "MASK_INPUT": False, "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_MYSQL_INSTALL", + "CONF_NAME": "CONFIG_MARIADB_INSTALL", "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ['CONFIG_MYSQL_INSTALL']}, {"CMD_OPTION": "os-glance-install", "USAGE": ( diff --git a/packstack/puppet/templates/cinder_qpid.pp b/packstack/puppet/templates/cinder_qpid.pp index b676f01f1..8bce730f2 100644 --- a/packstack/puppet/templates/cinder_qpid.pp +++ b/packstack/puppet/templates/cinder_qpid.pp @@ -6,7 +6,7 @@ qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MYSQL_HOST)s/cinder", + sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MARIADB_HOST)s/cinder", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, mysql_module => '2.2', diff --git a/packstack/puppet/templates/cinder_rabbitmq.pp b/packstack/puppet/templates/cinder_rabbitmq.pp index 725252dbc..2045fdc5b 100644 --- a/packstack/puppet/templates/cinder_rabbitmq.pp +++ b/packstack/puppet/templates/cinder_rabbitmq.pp @@ -4,7 +4,7 @@ rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MYSQL_HOST)s/cinder", + sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MARIADB_HOST)s/cinder", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, mysql_module => '2.2', diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 3c890ad79..d6220c689 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -5,7 +5,7 @@ keystone_user => "glance", keystone_password => "%(CONFIG_GLANCE_KS_PW)s", pipeline => 'keystone', - sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/glance", + sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MARIADB_HOST)s/glance", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, mysql_module => '2.2', @@ -18,7 +18,7 @@ keystone_tenant => "services", keystone_user => "glance", keystone_password => "%(CONFIG_GLANCE_KS_PW)s", - sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/glance", + sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MARIADB_HOST)s/glance", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, mysql_module => '2.2', diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index ffe760aeb..efbf2b1a1 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -11,5 +11,5 @@ qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', verbose => true, debug => %(CONFIG_DEBUG_MODE)s, - sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MYSQL_HOST)s/heat", + sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MARIADB_HOST)s/heat", } diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index 7c8e750dd..08f7913a2 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -9,5 +9,5 @@ rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', verbose => true, debug => %(CONFIG_DEBUG_MODE)s, - sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MYSQL_HOST)s/heat", + sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MARIADB_HOST)s/heat", } diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index 30a01eb9c..fe056583b 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -1,7 +1,7 @@ class {"keystone": admin_token => "%(CONFIG_KEYSTONE_ADMIN_TOKEN)s", - sql_connection => "mysql://keystone_admin:%(CONFIG_KEYSTONE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/keystone", + sql_connection => "mysql://keystone_admin:%(CONFIG_KEYSTONE_DB_PW)s@%(CONFIG_MARIADB_HOST)s/keystone", token_format => "%(CONFIG_KEYSTONE_TOKEN_FORMAT)s", verbose => true, debug => %(CONFIG_DEBUG_MODE)s, diff --git a/packstack/puppet/templates/mysql_cinder_install.pp b/packstack/puppet/templates/mariadb_cinder_install.pp similarity index 100% rename from packstack/puppet/templates/mysql_cinder_install.pp rename to packstack/puppet/templates/mariadb_cinder_install.pp diff --git a/packstack/puppet/templates/mysql_cinder_noinstall.pp b/packstack/puppet/templates/mariadb_cinder_noinstall.pp similarity index 52% rename from packstack/puppet/templates/mysql_cinder_noinstall.pp rename to packstack/puppet/templates/mariadb_cinder_noinstall.pp index c41ad44a6..c5c7ae5ad 100644 --- a/packstack/puppet/templates/mysql_cinder_noinstall.pp +++ b/packstack/puppet/templates/mariadb_cinder_noinstall.pp @@ -2,26 +2,26 @@ remote_database { 'cinder': ensure => 'present', charset => 'utf8', - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', } remote_database_user { 'cinder@%%': password_hash => mysql_password('%(CONFIG_CINDER_DB_PW)s'), - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database['cinder'], } remote_database_grant { 'cinder@%%/cinder': privileges => "all", - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database_user['cinder@%%'], } diff --git a/packstack/puppet/templates/mysql_glance_install.pp b/packstack/puppet/templates/mariadb_glance_install.pp similarity index 100% rename from packstack/puppet/templates/mysql_glance_install.pp rename to packstack/puppet/templates/mariadb_glance_install.pp diff --git a/packstack/puppet/templates/mysql_glance_noinstall.pp b/packstack/puppet/templates/mariadb_glance_noinstall.pp similarity index 52% rename from packstack/puppet/templates/mysql_glance_noinstall.pp rename to packstack/puppet/templates/mariadb_glance_noinstall.pp index 1578aec71..defd85e0c 100644 --- a/packstack/puppet/templates/mysql_glance_noinstall.pp +++ b/packstack/puppet/templates/mariadb_glance_noinstall.pp @@ -2,26 +2,26 @@ remote_database { 'glance': ensure => 'present', charset => 'utf8', - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', } remote_database_user { 'glance@%%': password_hash => mysql_password('%(CONFIG_GLANCE_DB_PW)s' ), - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database['glance'], } remote_database_grant { 'glance@%%/glance': privileges => "all", - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database_user['glance@%%'], } diff --git a/packstack/puppet/templates/mysql_heat_install.pp b/packstack/puppet/templates/mariadb_heat_install.pp similarity index 100% rename from packstack/puppet/templates/mysql_heat_install.pp rename to packstack/puppet/templates/mariadb_heat_install.pp diff --git a/packstack/puppet/templates/mysql_heat_noinstall.pp b/packstack/puppet/templates/mariadb_heat_noinstall.pp similarity index 51% rename from packstack/puppet/templates/mysql_heat_noinstall.pp rename to packstack/puppet/templates/mariadb_heat_noinstall.pp index 7bc36eb88..f0964e9ce 100644 --- a/packstack/puppet/templates/mysql_heat_noinstall.pp +++ b/packstack/puppet/templates/mariadb_heat_noinstall.pp @@ -2,26 +2,26 @@ remote_database { 'heat': ensure => 'present', charset => 'utf8', - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', } remote_database_user { 'heat@%%': password_hash => mysql_password('%(CONFIG_HEAT_DB_PW)s'), - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database['heat'], } remote_database_grant { 'heat@%%/heat': privileges => "all", - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database_user['heat@%%'], } diff --git a/packstack/puppet/templates/mysql_install.pp b/packstack/puppet/templates/mariadb_install.pp similarity index 96% rename from packstack/puppet/templates/mysql_install.pp rename to packstack/puppet/templates/mariadb_install.pp index c9e80f12c..fe7b97921 100644 --- a/packstack/puppet/templates/mysql_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -16,7 +16,7 @@ package_name => "mariadb-galera-server", service_manage => $manage_service, restart => true, - root_password => "%(CONFIG_MYSQL_PW)s", + root_password => "%(CONFIG_MARIADB_PW)s", override_options => { 'mysqld' => { bind_address => "0.0.0.0", default_storage_engine => "InnoDB", diff --git a/packstack/puppet/templates/mysql_keystone_install.pp b/packstack/puppet/templates/mariadb_keystone_install.pp similarity index 100% rename from packstack/puppet/templates/mysql_keystone_install.pp rename to packstack/puppet/templates/mariadb_keystone_install.pp diff --git a/packstack/puppet/templates/mysql_keystone_noinstall.pp b/packstack/puppet/templates/mariadb_keystone_noinstall.pp similarity index 53% rename from packstack/puppet/templates/mysql_keystone_noinstall.pp rename to packstack/puppet/templates/mariadb_keystone_noinstall.pp index 7d71dc49a..71a562443 100644 --- a/packstack/puppet/templates/mysql_keystone_noinstall.pp +++ b/packstack/puppet/templates/mariadb_keystone_noinstall.pp @@ -2,26 +2,26 @@ remote_database { 'keystone': ensure => 'present', charset => 'utf8', - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', } remote_database_user { 'keystone_admin@%%': password_hash => mysql_password('%(CONFIG_KEYSTONE_DB_PW)s' ), - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database['keystone'], } remote_database_grant { 'keystone_admin@%%/keystone': privileges => "all", - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database_user['keystone_admin@%%'], } diff --git a/packstack/puppet/templates/mysql_neutron_install.pp b/packstack/puppet/templates/mariadb_neutron_install.pp similarity index 100% rename from packstack/puppet/templates/mysql_neutron_install.pp rename to packstack/puppet/templates/mariadb_neutron_install.pp diff --git a/packstack/puppet/templates/mysql_neutron_noinstall.pp b/packstack/puppet/templates/mariadb_neutron_noinstall.pp similarity index 55% rename from packstack/puppet/templates/mysql_neutron_noinstall.pp rename to packstack/puppet/templates/mariadb_neutron_noinstall.pp index 913b38886..3ddac8ac6 100644 --- a/packstack/puppet/templates/mysql_neutron_noinstall.pp +++ b/packstack/puppet/templates/mariadb_neutron_noinstall.pp @@ -2,26 +2,26 @@ remote_database { '%(CONFIG_NEUTRON_L2_DBNAME)s': ensure => 'present', charset => 'utf8', - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', } remote_database_user { 'neutron@%%': password_hash => mysql_password('%(CONFIG_NEUTRON_DB_PW)s' ), - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database['%(CONFIG_NEUTRON_L2_DBNAME)s'], } remote_database_grant { 'neutron@%%/%(CONFIG_NEUTRON_L2_DBNAME)s': privileges => "all", - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database_user['neutron@%%'], } diff --git a/packstack/puppet/templates/mysql_noinstall.pp b/packstack/puppet/templates/mariadb_noinstall.pp similarity index 100% rename from packstack/puppet/templates/mysql_noinstall.pp rename to packstack/puppet/templates/mariadb_noinstall.pp diff --git a/packstack/puppet/templates/mysql_nova_install.pp b/packstack/puppet/templates/mariadb_nova_install.pp similarity index 100% rename from packstack/puppet/templates/mysql_nova_install.pp rename to packstack/puppet/templates/mariadb_nova_install.pp diff --git a/packstack/puppet/templates/mysql_nova_noinstall.pp b/packstack/puppet/templates/mariadb_nova_noinstall.pp similarity index 51% rename from packstack/puppet/templates/mysql_nova_noinstall.pp rename to packstack/puppet/templates/mariadb_nova_noinstall.pp index 4a0c627ef..f4ccf4531 100644 --- a/packstack/puppet/templates/mysql_nova_noinstall.pp +++ b/packstack/puppet/templates/mariadb_nova_noinstall.pp @@ -2,26 +2,26 @@ remote_database { 'nova': ensure => 'present', charset => 'utf8', - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', } remote_database_user { 'nova@%%': password_hash => mysql_password('%(CONFIG_NOVA_DB_PW)s' ), - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database['nova'], } remote_database_grant { 'nova@%%/nova': privileges => "all", - db_host => '%(CONFIG_MYSQL_HOST)s', - db_user => '%(CONFIG_MYSQL_USER)s', - db_password => '%(CONFIG_MYSQL_PW)s', + db_host => '%(CONFIG_MARIADB_HOST)s', + db_user => '%(CONFIG_MARIADB_USER)s', + db_password => '%(CONFIG_MARIADB_PW)s', provider => 'mysql', require => Remote_database_user['nova@%%'], } diff --git a/packstack/puppet/templates/neutron.pp b/packstack/puppet/templates/neutron.pp index 5afbcfe0b..ab4243786 100644 --- a/packstack/puppet/templates/neutron.pp +++ b/packstack/puppet/templates/neutron.pp @@ -1,4 +1,4 @@ -$neutron_db_host = '%(CONFIG_MYSQL_HOST)s' +$neutron_db_host = '%(CONFIG_MARIADB_HOST)s' $neutron_db_name = '%(CONFIG_NEUTRON_L2_DBNAME)s' $neutron_db_user = 'neutron' $neutron_db_password = '%(CONFIG_NEUTRON_DB_PW)s' diff --git a/tests/installer/test_setup_params.py b/tests/installer/test_setup_params.py index f8ffaf139..2e2ea4061 100644 --- a/tests/installer/test_setup_params.py +++ b/tests/installer/test_setup_params.py @@ -38,7 +38,7 @@ def setUp(self): "DEFAULT_VALUE": "127.0.0.1", "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_MYSQL_HOST", + "CONF_NAME": "CONFIG_MARIADB_HOST", "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False} @@ -71,9 +71,9 @@ def setUp(self): "POST_CONDITION": False, "POST_CONDITION_MATCH": False} self.params = [ - {"CONF_NAME": "CONFIG_MYSQL_HOST", "PROMPT": "find_me"}, - {"CONF_NAME": "CONFIG_MYSQL_USER"}, - {"CONF_NAME": "CONFIG_MYSQL_PW"}] + {"CONF_NAME": "CONFIG_MARIADB_HOST", "PROMPT": "find_me"}, + {"CONF_NAME": "CONFIG_MARIADB_USER"}, + {"CONF_NAME": "CONFIG_MARIADB_PW"}] def test_group_init(self): """ @@ -93,4 +93,4 @@ def test_search(self): param_list = group.search('PROMPT', 'find_me') self.assertEqual(len(param_list), 1) self.assertIsInstance(param_list[0], Parameter) - self.assertEqual(param_list[0].CONF_NAME, 'CONFIG_MYSQL_HOST') + self.assertEqual(param_list[0].CONF_NAME, 'CONFIG_MARIADB_HOST') From 770d5da9317b6997bdab3b396b513a502df9aa9c Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 3 Sep 2014 09:39:35 -0400 Subject: [PATCH 0126/1017] Refactor cinder plugin and extend it with multiple backends support Closes-Bug: rhbz#1139246 Change-Id: I9803939d45e9bafea9b21274a4c64248a037cd33 --- docs/packstack.rst | 3 +- packstack/plugins/cinder_250.py | 1315 ++++++++--------- packstack/plugins/nova_300.py | 4 +- packstack/puppet/templates/cinder.pp | 26 +- packstack/puppet/templates/cinder_backup.pp | 6 +- packstack/puppet/templates/cinder_gluster.pp | 13 +- packstack/puppet/templates/cinder_lvm.pp | 78 +- .../templates/cinder_netapp_7mode_iscsi.pp | 13 +- .../templates/cinder_netapp_7mode_nfs.pp | 13 +- .../templates/cinder_netapp_cdot_iscsi.pp | 13 +- .../templates/cinder_netapp_cdot_nfs.pp | 13 +- .../puppet/templates/cinder_netapp_eseries.pp | 13 +- packstack/puppet/templates/cinder_nfs.pp | 13 +- packstack/puppet/templates/cinder_vmdk.pp | 8 +- 14 files changed, 782 insertions(+), 749 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 715c6d8e7..c3a23cec2 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -163,8 +163,7 @@ Cinder Config parameters The password to use for the Cinder to authenticate with Keystone. **CONFIG_CINDER_BACKEND** - The Cinder backend to use ['lvm', 'gluster', 'nfs', 'vmdk', 'netapp']. - + A comma separated ordered list of the Cinder backends to use, valid options are: lvm, gluster, nfs, vmdk. Cinder volume create Config parameters -------------------------------------- diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 3bf87de3d..fb31bdcc0 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -36,612 +36,564 @@ def initConfig(controller): - params = [ - {"CMD_OPTION": "cinder-db-passwd", - "USAGE": "The password to use for the Cinder to access DB", - "PROMPT": "Enter the password for the Cinder DB access", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_DB_PW", - "USE_DEFAULT": True, - "NEED_CONFIRM": True, - "CONDITION": False}, - - {"CMD_OPTION": "cinder-ks-passwd", - "USAGE": ("The password to use for the Cinder to authenticate with " - "Keystone"), - "PROMPT": "Enter the password for the Cinder Keystone access", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_KS_PW", - "USE_DEFAULT": True, - "NEED_CONFIRM": True, - "CONDITION": False}, - - {"CMD_OPTION": "cinder-backend", - "USAGE": ("The Cinder backend to use, valid options are: lvm, " - "gluster, nfs, netapp"), - "PROMPT": "Enter the Cinder backend to be configured", - "OPTION_LIST": ["lvm", "gluster", "nfs", "vmdk", "netapp"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "lvm", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_BACKEND", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, + conf_params = { + "CINDER": [ + {"CMD_OPTION": "cinder-db-passwd", + "USAGE": "The password to use for the Cinder to access DB", + "PROMPT": "Enter the password for the Cinder DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_DB_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "cinder-ks-passwd", + "USAGE": ("The password to use for the Cinder to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Cinder Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_KS_PW", + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "cinder-backend", + "USAGE": ("The Cinder backend to use, valid options are: lvm, " + "gluster, nfs, netapp"), + "PROMPT": "Enter the Cinder backend to be configured", + "OPTION_LIST": ["lvm", "gluster", "nfs", "vmdk", "netapp"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "lvm", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERVOLUMECREATE": [ + {"CMD_OPTION": "cinder-volumes-create", + "USAGE": ("Create Cinder's volumes group. This should only be " + "done for testing on a proof-of-concept installation " + "of Cinder. This will create a file-backed volume group" + " and is not suitable for production usage."), + "PROMPT": ("Should Cinder's volumes group be created (for " + "proof-of-concept installation)?"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_VOLUMES_CREATE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERVOLUMESIZE": [ + {"CMD_OPTION": "cinder-volumes-size", + "USAGE": ("Cinder's volumes group size. Note that actual volume " + "size will be extended with 3% more space for VG " + "metadata."), + "PROMPT": "Enter Cinder's volumes group usable size", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "20G", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_VOLUMES_SIZE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERGLUSTERMOUNTS": [ + {"CMD_OPTION": "cinder-gluster-mounts", + "USAGE": ("A single or comma separated list of gluster volume " + "shares to mount, eg: ip-address:/vol-name, " + "domain:/vol-name "), + "PROMPT": ("Enter a single or comma separated list of gluster " + "volume shares to use with Cinder"), + "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'", + "^'[a-zA-Z0-9][\-\.\w]*:/.*'"], + "VALIDATORS": [validators.validate_multi_regexp], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_GLUSTER_MOUNTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNFSMOUNTS": [ + {"CMD_OPTION": "cinder-nfs-mounts", + "USAGE": ("A single or comma seprated list of NFS exports to " + "mount, eg: ip-address:/export-name "), + "PROMPT": ("Enter a single or comma seprated list of NFS exports " + "to use with Cinder"), + "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'"], + "VALIDATORS": [validators.validate_multi_regexp], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NFS_MOUNTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNETAPPMAIN": [ + {"CMD_OPTION": "cinder-netapp-login", + "USAGE": ("(required) Administrative user account name used to " + "access the storage system or proxy server. "), + "PROMPT": ("Enter a NetApp login"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_LOGIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-password", + "USAGE": ("(required) Password for the administrative user " + "account specified in the netapp_login parameter."), + "PROMPT": ("Enter a NetApp password"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-hostname", + "USAGE": ("(required) The hostname (or IP address) for the " + "storage system or proxy server."), + "PROMPT": ("Enter a NetApp hostname"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_HOSTNAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-server-port", + "USAGE": ("(optional) The TCP port to use for communication with " + "ONTAPI on the storage system. Traditionally, port 80 " + "is used for HTTP and port 443 is used for HTTPS; " + "however, this value should be changed if an alternate " + "port has been configured on the storage system or " + "proxy server. Defaults to 80."), + "PROMPT": ("Enter a NetApp server port"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_port], + "PROCESSORS": [], + "DEFAULT_VALUE": 80, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_SERVER_PORT", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-storage-family", + "USAGE": ("(optional) The storage family type used on the storage" + " system; valid values are ontap_7mode for using Data " + "ONTAP operating in 7-Mode or ontap_cluster for using " + "clustered Data ONTAP, or eseries for NetApp E-Series. " + "Defaults to %s." % NETAPP_DEFAULT_STORAGE_FAMILY), + "PROMPT": ("Enter a NetApp storage family"), + "OPTION_LIST": ["ontap_7mode", "ontap_cluster", "eseries"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [], + "DEFAULT_VALUE": NETAPP_DEFAULT_STORAGE_FAMILY, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_FAMILY", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-transport-type", + "USAGE": ("(optional) The transport protocol used when " + "communicating with ONTAPI on the storage system or " + "proxy server. Valid values are http or https. " + "Defaults to http."), + "PROMPT": ("Enter a NetApp transport type"), + "OPTION_LIST": ["http", "https"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [], + "DEFAULT_VALUE": "http", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_TRANSPORT_TYPE", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-storage-protocol", + "USAGE": ("(optional) The storage protocol to be used on the data" + " path with the storage system; valid values are iscsi " + "or nfs. " + "Defaults to %s." % NETAPP_DEFAULT_STORAGE_PROTOCOL), + "PROMPT": ("Enter a NetApp storage protocol"), + "OPTION_LIST": ["iscsi", "nfs"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [], + "DEFAULT_VALUE": NETAPP_DEFAULT_STORAGE_PROTOCOL, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNETAPPONTAPISCSI": [ + {"CMD_OPTION": "cinder-netapp-size-multiplier", + "USAGE": ("(optional) The quantity to be multiplied by the " + "requested volume size to ensure enough space is " + "available on the virtual storage server (Vserver)" + " to fulfill the volume creation request. " + "Defaults to 1.0."), + "PROMPT": ("Enter a NetApp size multiplier"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "1.0", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNETAPPNFS": [ + {"CMD_OPTION": "cinder-netapp-expiry-thres-minutes", + "USAGE": ("(optional) This parameter specifies the threshold for " + "last access time for images in the NFS image cache. " + "When a cache cleaning cycle begins, images in the " + "cache that have not been accessed in the last M " + "minutes, where M is the value of this parameter, will " + "be deleted from the cache to create free space on the " + "NFS share. Defaults to 720."), + "PROMPT": ("Enter a threshold"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_integer], + "PROCESSORS": [], + "DEFAULT_VALUE": 720, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-thres-avl-size-perc-start", + "USAGE": ("(optional) If the percentage of available space for an" + " NFS share has dropped below the value specified by " + "this parameter, the NFS image cache will be cleaned. " + "Defaults to 20"), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_integer], + "PROCESSORS": [], + "DEFAULT_VALUE": 20, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-thres-avl-size-perc-stop", + "USAGE": ("(optional) When the percentage of available space on " + "an NFS share has reached the percentage specified by " + "this parameter, the driver will stop clearing files " + "from the NFS image cache that have not been accessed " + "in the last M minutes, where M is the value of the " + "expiry_thres_minutes parameter. " + "Defaults to 60."), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_integer], + "PROCESSORS": [], + "DEFAULT_VALUE": 60, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-nfs-shares-config", + "USAGE": ("(optional) File with the list of available NFS shares." + " Defaults to ''."), + "PROMPT": ("Enter a NetApp NFS share config file"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_file], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNETAPPISCSI7MODE": [ + {"CMD_OPTION": "cinder-netapp-volume-list", + "USAGE": ("(optional) This parameter is only utilized when the " + "storage protocol is configured to use iSCSI. This " + "parameter is used to restrict provisioning to the " + "specified controller volumes. Specify the value of " + "this parameter to be a comma separated list of NetApp " + "controller volume names to be used for provisioning. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp volume list"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_VOLUME_LIST", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-vfiler", + "USAGE": ("(optional) The vFiler unit on which provisioning of " + "block storage volumes will be done. This parameter is " + "only used by the driver when connecting to an instance" + " with a storage family of Data ONTAP operating in " + "7-Mode and the storage protocol selected is iSCSI. " + "Only use this parameter when utilizing the MultiStore " + "feature on the NetApp storage system. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp vFiler"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_VFILER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNETAPPVSERVER": [ + {"CMD_OPTION": "cinder-netapp-vserver", + "USAGE": ("(optional) This parameter specifies the virtual " + "storage server (Vserver) name on the storage cluster " + "on which provisioning of block storage volumes should " + "occur. If using the NFS storage protocol, this " + "parameter is mandatory for storage service catalog " + "support (utilized by Cinder volume type extra_specs " + "support). If this parameter is specified, the exports " + "belonging to the Vserver will only be used for " + "provisioning in the future. Block storage volumes on " + "exports not belonging to the Vserver specified by this" + " parameter will " + "continue to function normally. " + "Defaults to ''."), + "PROMPT": ("Enter a NetApp Vserver"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_VSERVER", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "CINDERNETAPPESERIES": [ + {"CMD_OPTION": "cinder-netapp-controller-ips", + "USAGE": ("(optional) This option is only utilized when the " + "storage family is configured to eseries. This option " + "is used to restrict provisioning to the specified " + "controllers. Specify the value of this option to be a " + "comma separated list of controller hostnames or IP " + "addresses to be used for provisioning. " + "Defaults to ''."), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_multi_ping], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_CONTROLLER_IPS", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-sa-password", + "USAGE": ("(optional) Password for the NetApp E-Series storage " + "array. " + "Defaults to ''."), + "PROMPT": ("Enter a password"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_SA_PASSWORD", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-webservice-path", + "USAGE": ("(optional) This option is used to specify the path to " + "the E-Series proxy application on a proxy server. The " + "value is combined with the value of the " + "netapp_transport_type, netapp_server_hostname, and " + "netapp_server_port options to create the URL used by " + "the driver to connect to the proxy application. " + "Defaults to '/devmgr/v2'."), + "PROMPT": ("Enter a path"), + "OPTION_LIST": ["^[/].*$"], + "VALIDATORS": [validators.validate_regexp], + "PROCESSORS": [], + "DEFAULT_VALUE": "/devmgr/v2", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_WEBSERVICE_PATH", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-storage-pools", + "USAGE": ("(optional) This option is used to restrict " + "provisioning to the specified storage pools. Only " + "dynamic disk pools are currently supported. Specify " + "the value of this option to be a comma separated list " + "of disk pool names to be used for provisioning. " + "Defaults to ''."), + "PROMPT": ("Enter a value"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_POOLS", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + } + + conf_groups = [ + {"GROUP_NAME": "CINDER", + "DESCRIPTION": "Cinder Config parameters", + "PRE_CONDITION": "CONFIG_CINDER_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERVOLUMECREATE", + "DESCRIPTION": "Cinder volume create Config parameters", + "PRE_CONDITION": check_lvm_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERVOLUMESIZE", + "DESCRIPTION": "Cinder volume size Config parameters", + "PRE_CONDITION": check_lvm_vg_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERGLUSTERMOUNTS", + "DESCRIPTION": "Cinder gluster Config parameters", + "PRE_CONDITION": check_gluster_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNFSMOUNTS", + "DESCRIPTION": "Cinder NFS Config parameters", + "PRE_CONDITION": check_nfs_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPMAIN", + "DESCRIPTION": "Cinder NetApp main configuration", + "PRE_CONDITION": check_netapp_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPONTAPISCSI", + "DESCRIPTION": "Cinder NetApp ONTAP-iSCSI configuration", + "PRE_CONDITION": check_netapp_ontap_iscsi_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPNFS", + "DESCRIPTION": "Cinder NetApp NFS configuration", + "PRE_CONDITION": check_netapp_nfs_settings, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPISCSI7MODE", + "DESCRIPTION": "Cinder NetApp iSCSI & 7-mode configuration", + "PRE_CONDITION": check_netapp_7modeiscsi_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPVSERVER", + "DESCRIPTION": "Cinder NetApp vServer configuration", + "PRE_CONDITION": check_netapp_vserver_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPESERIES", + "DESCRIPTION": "Cinder NetApp E-Series configuration", + "PRE_CONDITION": check_netapp_eseries_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, ] - group = {"GROUP_NAME": "CINDER", - "DESCRIPTION": "Cinder Config parameters", - "PRE_CONDITION": "CONFIG_CINDER_INSTALL", - "PRE_CONDITION_MATCH": "y", - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_lvm_options(config): - return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and - config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'lvm') - - params = [ - {"CMD_OPTION": "cinder-volumes-create", - "USAGE": ("Create Cinder's volumes group. This should only be done " - "for testing on a proof-of-concept installation of Cinder. " - "This will create a file-backed volume group and is not " - "suitable for production usage."), - "PROMPT": ("Should Cinder's volumes group be created (for " - "proof-of-concept installation)?"), - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_VOLUMES_CREATE", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERVOLUMECREATE", - "DESCRIPTION": "Cinder volume create Config parameters", - "PRE_CONDITION": check_lvm_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_lvm_vg_options(config): - return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and - config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'lvm' and - config.get('CONFIG_CINDER_VOLUMES_CREATE', 'y') == 'y') - - params = [ - {"CMD_OPTION": "cinder-volumes-size", - "USAGE": ("Cinder's volumes group size. Note that actual volume size " - "will be extended with 3% more space for VG metadata."), - "PROMPT": "Enter Cinder's volumes group usable size", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": "20G", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_VOLUMES_SIZE", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERVOLUMESIZE", - "DESCRIPTION": "Cinder volume size Config parameters", - "PRE_CONDITION": check_lvm_vg_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_gluster_options(config): - return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and - config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'gluster') - - params = [ - {"CMD_OPTION": "cinder-gluster-mounts", - "USAGE": ("A single or comma separated list of gluster volume shares " - "to mount, eg: ip-address:/vol-name, domain:/vol-name "), - "PROMPT": ("Enter a single or comma separated list of gluster volume " - "shares to use with Cinder"), - "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'", - "^'[a-zA-Z0-9][\-\.\w]*:/.*'"], - "VALIDATORS": [validators.validate_multi_regexp], - "PROCESSORS": [processors.process_add_quotes_around_values], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_GLUSTER_MOUNTS", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERGLUSTERMOUNTS", - "DESCRIPTION": "Cinder gluster Config parameters", - "PRE_CONDITION": check_gluster_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_nfs_options(config): - return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and - config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'nfs') - - params = [ - {"CMD_OPTION": "cinder-nfs-mounts", - "USAGE": ("A single or comma seprated list of NFS exports to mount, " - "eg: ip-address:/export-name "), - "PROMPT": ("Enter a single or comma seprated list of NFS exports to " - "use with Cinder"), - "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'"], - "VALIDATORS": [validators.validate_multi_regexp], - "PROCESSORS": [processors.process_add_quotes_around_values], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_NFS_MOUNTS", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERNFSMOUNTS", - "DESCRIPTION": "Cinder NFS Config parameters", - "PRE_CONDITION": check_nfs_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_netapp_options(config): - return (config.get('CONFIG_CINDER_INSTALL', 'n') == 'y' and - config.get('CONFIG_CINDER_BACKEND', 'lvm') == 'netapp') - - params = [ - {"CMD_OPTION": "cinder-netapp-login", - "USAGE": ("(required) Administrative user account name used to " - "access the storage system or proxy server. "), - "PROMPT": ("Enter a NetApp login"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_LOGIN", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-password", - "USAGE": ("(required) Password for the administrative user account " - "specified in the netapp_login parameter."), - "PROMPT": ("Enter a NetApp password"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_PASSWORD", - "USE_DEFAULT": False, - "NEED_CONFIRM": True, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-hostname", - "USAGE": ("(required) The hostname (or IP address) for the storage " - "system or proxy server."), - "PROMPT": ("Enter a NetApp hostname"), - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [processors.process_add_quotes_around_values], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_HOSTNAME", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-server-port", - "USAGE": ("(optional) The TCP port to use for communication with " - "ONTAPI on the storage system. Traditionally, port 80 is " - "used for HTTP and port 443 is used for HTTPS; however, " - "this value should be changed if an alternate port has " - "been configured on the storage system or proxy server. " - "Defaults to 80."), - "PROMPT": ("Enter a NetApp server port"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_port], - "PROCESSORS": [], - "DEFAULT_VALUE": 80, - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_NETAPP_SERVER_PORT", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-storage-family", - "USAGE": ("(optional) The storage family type used on the storage " - "system; valid values are ontap_7mode for using Data ONTAP " - "operating in 7-Mode or ontap_cluster for using clustered " - "Data ONTAP, or eseries for NetApp E-Series. " - "Defaults to %s." % NETAPP_DEFAULT_STORAGE_FAMILY), - "PROMPT": ("Enter a NetApp storage family"), - "OPTION_LIST": ["ontap_7mode", "ontap_cluster", "eseries"], - "VALIDATORS": [validators.validate_options], - "PROCESSORS": [], - "DEFAULT_VALUE": NETAPP_DEFAULT_STORAGE_FAMILY, - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_FAMILY", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-transport-type", - "USAGE": ("(optional) The transport protocol used when communicating " - "with ONTAPI on the storage system or proxy server. Valid " - "values are http or https. " - "Defaults to http."), - "PROMPT": ("Enter a NetApp transport type"), - "OPTION_LIST": ["http", "https"], - "VALIDATORS": [validators.validate_options], - "PROCESSORS": [], - "DEFAULT_VALUE": "http", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_TRANSPORT_TYPE", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-storage-protocol", - "USAGE": ("(optional) The storage protocol to be used on the data " - "path with the storage system; valid values are iscsi " - "or nfs. " - "Defaults to %s." % NETAPP_DEFAULT_STORAGE_PROTOCOL), - "PROMPT": ("Enter a NetApp storage protocol"), - "OPTION_LIST": ["iscsi", "nfs"], - "VALIDATORS": [validators.validate_options], - "PROCESSORS": [], - "DEFAULT_VALUE": NETAPP_DEFAULT_STORAGE_PROTOCOL, - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - - group = {"GROUP_NAME": "CINDERNETAPPMAIN", - "DESCRIPTION": "Cinder NetApp main configuration", - "PRE_CONDITION": check_netapp_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - - controller.addGroup(group, params) - - def check_netapp_ontap_iscsi_options(config): - storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', - NETAPP_DEFAULT_STORAGE_FAMILY) - storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', - NETAPP_DEFAULT_STORAGE_PROTOCOL) - return (check_netapp_options(config) and - storage_family in ['ontap_cluster', 'ontap_7mode'] and - storage_protocol == "iscsi") - - params = [ - {"CMD_OPTION": "cinder-netapp-size-multiplier", - "USAGE": ("(optional) The quantity to be multiplied by the requested " - "volume size to ensure enough space is available on the " - "virtual storage server (Vserver) to fulfill the volume " - "creation request. " - "Defaults to 1.0."), - "PROMPT": ("Enter a NetApp size multiplier"), - "OPTION_LIST": [""], - "VALIDATORS": [], - "PROCESSORS": [], - "DEFAULT_VALUE": "1.0", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERNETAPPONTAPISCSI ", - "DESCRIPTION": "Cinder NetApp ONTAP-iSCSI configuration", - "PRE_CONDITION": check_netapp_ontap_iscsi_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_netapp_nfs_settings(config): - storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', - NETAPP_DEFAULT_STORAGE_PROTOCOL) - return (check_netapp_options(config) and - storage_protocol == "nfs") - - params = [ - {"CMD_OPTION": "cinder-netapp-expiry-thres-minutes", - "USAGE": ("(optional) This parameter specifies the threshold for " - "last access time for images in the NFS image cache. When " - "a cache cleaning cycle begins, images in the cache that " - "have not been accessed in the last M minutes, where M is " - "the value of this parameter, will be deleted from the " - "cache to create free space on the NFS share. " - "Defaults to 720."), - "PROMPT": ("Enter a threshold"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_integer], - "PROCESSORS": [], - "DEFAULT_VALUE": 720, - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-thres-avl-size-perc-start", - "USAGE": ("(optional) If the percentage of available space for an " - "NFS share has dropped below the value specified by this " - "parameter, the NFS image cache will be cleaned. " - "Defaults to 20"), - "PROMPT": ("Enter a value"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_integer], - "PROCESSORS": [], - "DEFAULT_VALUE": 20, - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-thres-avl-size-perc-stop", - "USAGE": ("(optional) When the percentage of available space on an " - "NFS share has reached the percentage specified by this " - "parameter, the driver will stop clearing files from the " - "NFS image cache that have not been accessed in the last M " - "minutes, where M is the value of the expiry_thres_minutes " - "parameter. " - "Defaults to 60."), - "PROMPT": ("Enter a value"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_integer], - "PROCESSORS": [], - "DEFAULT_VALUE": 60, - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-nfs-shares-config", - "USAGE": ("(optional) File with the list of available NFS shares. " - "Defaults to ''."), - "PROMPT": ("Enter a NetApp NFS share config file"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_file], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERNETAPPNFS", - "DESCRIPTION": "Cinder NetApp NFS configuration", - "PRE_CONDITION": check_netapp_nfs_settings, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_netapp_7modeiscsi_options(config): - storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', - NETAPP_DEFAULT_STORAGE_FAMILY) - storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', - NETAPP_DEFAULT_STORAGE_PROTOCOL) - return (check_netapp_options(config) and - storage_family == 'ontap_7mode' and - storage_protocol == 'iscsi') - - params = [ - {"CMD_OPTION": "cinder-netapp-volume-list", - "USAGE": ("(optional) This parameter is only utilized when the " - "storage protocol is configured to use iSCSI. This " - "parameter is used to restrict provisioning to the " - "specified controller volumes. Specify the value of this " - "parameter to be a comma separated list of NetApp " - "controller volume names to be used for provisioning. " - "Defaults to ''."), - "PROMPT": ("Enter a NetApp volume list"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_NETAPP_VOLUME_LIST", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-vfiler", - "USAGE": ("(optional) The vFiler unit on which provisioning of block " - "storage volumes will be done. This parameter is only used " - "by the driver when connecting to an instance with a " - "storage family of Data ONTAP operating in 7-Mode and the " - "storage protocol selected is iSCSI. Only use this " - "parameter when utilizing the MultiStore feature on the " - "NetApp storage system. " - "Defaults to ''."), - "PROMPT": ("Enter a NetApp vFiler"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_NETAPP_VFILER", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERNETAPPISCSI7MODE", - "DESCRIPTION": "Cinder NetApp iSCSI & 7-mode configuration", - "PRE_CONDITION": check_netapp_7modeiscsi_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_netapp_vserver_options(config): - storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', - NETAPP_DEFAULT_STORAGE_FAMILY) - storage_protocol = config.get('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL', - NETAPP_DEFAULT_STORAGE_PROTOCOL) - - return (check_netapp_options(config) and - storage_family == "ontap_cluster" and - storage_protocol in ['nfs', 'iscsi']) - - params = [ - {"CMD_OPTION": "cinder-netapp-vserver", - "USAGE": ("(optional) This parameter specifies the virtual storage " - "server (Vserver) name on the storage cluster on which " - "provisioning of block storage volumes should occur. If " - "using the NFS storage protocol, this parameter is " - "mandatory for storage service catalog support (utilized " - "by Cinder volume type extra_specs support). If this " - "parameter is specified, the exports belonging to the " - "Vserver will only be used for provisioning in the future. " - "Block storage volumes on exports not belonging to the " - "Vserver specified by this parameter will continue to " - "function normally. " - "Defaults to ''."), - "PROMPT": ("Enter a NetApp Vserver"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_VSERVER", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERNETAPPVSERVER", - "DESCRIPTION": "Cinder NetApp vServer configuration", - "PRE_CONDITION": check_netapp_vserver_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) - - def check_netapp_eseries_options(config): - storage_family = config.get('CONFIG_CINDER_NETAPP_STORAGE_FAMILY', - NETAPP_DEFAULT_STORAGE_FAMILY) - return (check_netapp_options(config) and - storage_family == "eseries") - - params = [ - {"CMD_OPTION": "cinder-netapp-controller-ips", - "USAGE": ("(optional) This option is only utilized when the storage " - "family is configured to eseries. This option is used to " - "restrict provisioning to the specified controllers. " - "Specify the value of this option to be a comma separated " - "list of controller hostnames or IP addresses to be used " - "for provisioning. " - "Defaults to ''."), - "PROMPT": ("Enter a value"), - "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_multi_ping], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_CONTROLLER_IPS", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-sa-password", - "USAGE": ("(optional) Password for the NetApp E-Series storage " - "array. " - "Defaults to ''."), - "PROMPT": ("Enter a password"), - "OPTION_LIST": [""], - "VALIDATORS": [], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_CINDER_NETAPP_SA_PASSWORD", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-webservice-path", - "USAGE": ("(optional) This option is used to specify the path to the " - "E-Series proxy application on a proxy server. The value " - "is combined with the value of the netapp_transport_type, " - "netapp_server_hostname, and netapp_server_port options to " - "create the URL used by the driver to connect to the proxy " - "application. " - "Defaults to '/devmgr/v2'."), - "PROMPT": ("Enter a path"), - "OPTION_LIST": ["^[/].*$"], - "VALIDATORS": [validators.validate_regexp], - "PROCESSORS": [], - "DEFAULT_VALUE": "/devmgr/v2", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_NETAPP_WEBSERVICE_PATH", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "cinder-netapp-storage-pools", - "USAGE": ("(optional) This option is used to restrict provisioning " - "to the specified storage pools. Only dynamic disk pools " - "are currently supported. Specify the value of this option " - "to be a comma separated list of disk pool names to be " - "used for provisioning. " - "Defaults to ''."), - "PROMPT": ("Enter a value"), - "OPTION_LIST": [""], - "VALIDATORS": [], - "PROCESSORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_CINDER_NETAPP_STORAGE_POOLS", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - ] - group = {"GROUP_NAME": "CINDERNETAPPESERIES", - "DESCRIPTION": "Cinder NetApp E-Series configuration", - "PRE_CONDITION": check_netapp_eseries_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) + for group in conf_groups: + params = conf_params[group["GROUP_NAME"]] + controller.addGroup(group, params) def initSequences(controller): - if controller.CONF['CONFIG_CINDER_INSTALL'] != 'y': + config = controller.CONF + if config['CONFIG_CINDER_INSTALL'] != 'y': return + config['CONFIG_CINDER_BACKEND'] = str( + [i.strip() for i in config['CONFIG_CINDER_BACKEND'].split(',') if i] + ) + cinder_steps = [ {'title': 'Adding Cinder Keystone manifest entries', 'functions': [create_keystone_manifest]}, @@ -649,13 +601,71 @@ def initSequences(controller): 'functions': [create_manifest]} ] - if controller.CONF['CONFIG_CINDER_BACKEND'] == 'lvm': + if 'lvm' in config['CONFIG_CINDER_BACKEND']: cinder_steps.append( {'title': 'Checking if the Cinder server has a cinder-volumes vg', 'functions': [check_cinder_vg]}) controller.addSequence("Installing OpenStack Cinder", [], [], cinder_steps) +#------------------------- helper functions ------------------------- + +def check_lvm_options(config): + return (config['CONFIG_CINDER_INSTALL'] == 'y' and + 'lvm' in config['CONFIG_CINDER_BACKEND']) + + +def check_lvm_vg_options(config): + return (config['CONFIG_CINDER_INSTALL'] == 'y' and + 'lvm' in config['CONFIG_CINDER_BACKEND'] and + config['CONFIG_CINDER_VOLUMES_CREATE'] == 'y') + + +def check_gluster_options(config): + return (config['CONFIG_CINDER_INSTALL'] == 'y' and + 'gluster' in config['CONFIG_CINDER_BACKEND']) + + +def check_nfs_options(config): + return (config['CONFIG_CINDER_INSTALL'] == 'y' and + 'nfs' in config['CONFIG_CINDER_BACKEND']) + + +def check_netapp_options(config): + return (config['CONFIG_CINDER_INSTALL'] == 'y' and + 'netapp' in config['CONFIG_CINDER_BACKEND']) + + +def check_netapp_ontap_iscsi_options(config): + return (check_netapp_options(config) and + config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] in + ['ontap_cluster', 'ontap_7mode'] and + config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi") + + +def check_netapp_nfs_settings(config): + return (check_netapp_options(config) and + config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs") + + +def check_netapp_7modeiscsi_options(config): + return (check_netapp_options(config) and + config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == 'ontap_7mode' and + config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == 'iscsi') + + +def check_netapp_vserver_options(config): + return (check_netapp_options(config) and + config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster" + and config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] in + ['nfs', 'iscsi']) + + +def check_netapp_eseries_options(config): + return (check_netapp_options(config) and + config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries") + + #-------------------------- step functions -------------------------- def check_cinder_vg(config, messages): @@ -663,57 +673,11 @@ def check_cinder_vg(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - # Do we have a cinder-volumes vg? - have_cinders_volume = False - server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) - server.append('vgdisplay %s' % cinders_volume) - try: - server.execute() - have_cinders_volume = True - except exceptions.ScriptRuntimeError: - pass - - # Configure system LVM settings (snapshot_autoextend) - server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) - server.append('sed -i -r "s/^ *snapshot_autoextend_threshold +=.*/' - ' snapshot_autoextend_threshold = 80/" ' - '/etc/lvm/lvm.conf') - server.append('sed -i -r "s/^ *snapshot_autoextend_percent +=.*/' - ' snapshot_autoextend_percent = 20/" ' - '/etc/lvm/lvm.conf') - try: - server.execute() - except exceptions.ScriptRuntimeError: - logging.info("Warning: Unable to set system LVM settings.") - if config["CONFIG_CINDER_VOLUMES_CREATE"] != "y": if not have_cinders_volume: raise exceptions.MissingRequirements("The cinder server should " "contain a cinder-volumes " "volume group") - else: - if have_cinders_volume: - messages.append( - output_messages.INFO_CINDER_VOLUMES_EXISTS) - return - - # TO-DO: This is implemented in cinder::setup_test_volume class. - # We should use it instead of this Python code - server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) - server.append('systemctl') - try: - server.execute() - rst_cmd = 'systemctl restart openstack-cinder-volume.service' - except exceptions.ScriptRuntimeError: - rst_cmd = 'service openstack-cinder-volume restart' - - server.clear() - logging.info("A new cinder volumes group will be created") - server.append('yum install -y lvm2') - - cinders_volume_path = '/var/lib/cinder' - server.append('mkdir -p %s' % cinders_volume_path) - logging.debug("Volume's path: %s" % cinders_volume_path) match = re.match('^(?P\d+)G$', config['CONFIG_CINDER_VOLUMES_SIZE'].strip()) @@ -725,45 +689,7 @@ def check_cinder_vg(config, messages): cinders_reserve = int(cinders_volume_size * 0.03) cinders_volume_size = cinders_volume_size + cinders_reserve - cinders_volume_path = os.path.join(cinders_volume_path, cinders_volume) - server.append('dd if=/dev/zero of=%s bs=1 count=0 seek=%sM' - % (cinders_volume_path, cinders_volume_size)) - server.append('LOFI=$(losetup --show -f %s)' % cinders_volume_path) - server.append('pvcreate $LOFI') - server.append('vgcreate %s $LOFI' % cinders_volume) - - # Add the loop device on boot - server.append('grep %(volume)s /etc/rc.d/rc.local || ' - 'echo "losetup -f %(path)s && ' - 'vgchange -a y %(volume)s && ' - '%(restart_cmd)s" ' - '>> /etc/rc.d/rc.local' % - {'volume': cinders_volume, 'restart_cmd': rst_cmd, - 'path': cinders_volume_path}) - server.append('grep "#!" /etc/rc.d/rc.local || ' - 'sed -i \'1i#!/bin/sh\' /etc/rc.d/rc.local') - server.append('chmod +x /etc/rc.d/rc.local') - - # Let's make sure it exists - server.append('vgdisplay %s' % cinders_volume) - - try: - server.execute() - except exceptions.ScriptRuntimeError: - # Release loop device if cinder's volume creation - # fails. - try: - logging.debug("Release loop device, volume creation failed") - server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) - server.append('losetup -d $(losetup -j %s | cut -d : -f 1)' - % cinders_volume_path) - server.execute() - except: - pass - - raise exceptions.MissingRequirements("Cinder's volume group '%s' " - "could not be created" - % cinders_volume) + config['CONFIG_CINDER_VOLUMES_SIZE'] = 'sM' % cinders_volume_size def create_keystone_manifest(config, messages): @@ -783,21 +709,15 @@ def create_manifest(config, messages): manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder.pp") - if config['CONFIG_CINDER_BACKEND'] == "lvm": - manifestdata += getManifestTemplate("cinder_lvm.pp") - elif config['CONFIG_CINDER_BACKEND'] == "gluster": - manifestdata += getManifestTemplate("cinder_gluster.pp") - elif config['CONFIG_CINDER_BACKEND'] == "nfs": - manifestdata += getManifestTemplate("cinder_nfs.pp") - elif config['CONFIG_CINDER_BACKEND'] == "vmdk": - manifestdata += getManifestTemplate("cinder_vmdk.pp") - if config['CONFIG_CINDER_BACKEND'] == "netapp": + backends = config['CONFIG_CINDER_BACKEND'].strip('[]') + backends = [i.strip('\' ') for i in backends.split(',')] + if 'netapp' in backends: + backends.remove('netapp') puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp" puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp" puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp" puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp" puppet_eseries = "cinder_netapp_eseries.pp" - if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_cdot_iscsi) @@ -810,6 +730,9 @@ def create_manifest(config, messages): manifestdata += getManifestTemplate(puppet_7mode_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": manifestdata += getManifestTemplate(puppet_eseries) + for backend in backends: + manifestdata += getManifestTemplate('cinder_%s.pp' % backend) + if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 42e39765c..9093285a7 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -511,11 +511,11 @@ def create_compute_manifest(config, messages): manifestdata += getManifestTemplate("nova_compute_libvirt.pp") if (config['CONFIG_VMWARE_BACKEND'] != 'y' and config['CONFIG_CINDER_INSTALL'] == 'y' and - config['CONFIG_CINDER_BACKEND'] == 'gluster'): + 'gluster' in config['CONFIG_CINDER_BACKEND']): manifestdata += getManifestTemplate("nova_gluster.pp") if (config['CONFIG_VMWARE_BACKEND'] != 'y' and config['CONFIG_CINDER_INSTALL'] == 'y' and - config['CONFIG_CINDER_BACKEND'] == 'nfs'): + 'nfs' in config['CONFIG_CINDER_BACKEND']): manifestdata += getManifestTemplate("nova_nfs.pp") manifestfile = "%s_nova.pp" % host diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index 3b8c9fbb3..247f289ef 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -1,16 +1,16 @@ cinder_config { - "DEFAULT/glance_host": value => "%(CONFIG_STORAGE_HOST)s"; + "DEFAULT/glance_host": value => "%(CONFIG_STORAGE_HOST)s"; } package {'python-keystone': - notify => Class['cinder::api'], + notify => Class['cinder::api'], } class {'cinder::api': - keystone_password => '%(CONFIG_CINDER_KS_PW)s', - keystone_tenant => "services", - keystone_user => "cinder", - keystone_auth_host => "%(CONFIG_CONTROLLER_HOST)s", + keystone_password => '%(CONFIG_CINDER_KS_PW)s', + keystone_tenant => "services", + keystone_user => "cinder", + keystone_auth_host => "%(CONFIG_CONTROLLER_HOST)s", } class {'cinder::scheduler': @@ -19,3 +19,17 @@ class {'cinder::volume': } +class {'cinder::client': +} + +# Cinder::Type requires keystone credentials +Cinder::Type { + os_password => '%(CONFIG_CINDER_KS_PW)s', + os_tenant_name => "services", + os_username => "cinder", + os_auth_url => "http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/", +} + +class { 'cinder::backends': + enabled_backends => %(CONFIG_CINDER_BACKEND)s, +} diff --git a/packstack/puppet/templates/cinder_backup.pp b/packstack/puppet/templates/cinder_backup.pp index b6e93088f..1b5f41c22 100644 --- a/packstack/puppet/templates/cinder_backup.pp +++ b/packstack/puppet/templates/cinder_backup.pp @@ -1,8 +1,8 @@ -class {'cinder::backup': +class { 'cinder::backup': } -class {'cinder::backup::swift': - backup_swift_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8080/v1/AUTH_' +class { 'cinder::backup::swift': + backup_swift_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8080/v1/AUTH_' } Class['cinder::api'] ~> Service['cinder-backup'] diff --git a/packstack/puppet/templates/cinder_gluster.pp b/packstack/puppet/templates/cinder_gluster.pp index e3621f789..6b2e292cc 100644 --- a/packstack/puppet/templates/cinder_gluster.pp +++ b/packstack/puppet/templates/cinder_gluster.pp @@ -1,6 +1,13 @@ package { 'glusterfs-fuse': ensure => present } -class { 'cinder::volume::glusterfs': - glusterfs_shares => [%(CONFIG_CINDER_GLUSTER_MOUNTS)s], - require => Package['glusterfs-fuse'], +cinder::backend::glusterfs { 'gluster': + glusterfs_shares => [%(CONFIG_CINDER_GLUSTER_MOUNTS)s], + require => Package['glusterfs-fuse'], + glusterfs_shares_config => '/etc/cinder/glusterfs_shares.conf', +} + +cinder::type { 'glusterfs': + set_key => 'volume_backend_name', + set_value => 'gluster', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_lvm.pp b/packstack/puppet/templates/cinder_lvm.pp index 4a7a437f6..4cce3ac0a 100644 --- a/packstack/puppet/templates/cinder_lvm.pp +++ b/packstack/puppet/templates/cinder_lvm.pp @@ -1,9 +1,81 @@ +class { 'cinder::setup_test_volume': + size => '%(CONFIG_CINDER_VOLUMES_SIZE)s', + loopback_device => '/dev/loop2', + volume_path => '/var/lib/cinder', + volume_name => 'cinder-volumes', +} + +# Add loop device on boot +$el_releases = ["RedHat", "CentOS", "Scientific"] +if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { + + file_line{ 'rc.local_losetup_cinder_volume': + path => '/etc/rc.d/rc.local', + match => '^.*/var/lib/cinder/cinder-volumes.*$', + line => 'losetup -f /var/lib/cinder/cinder-volumes && service openstack-cinder-volume restart', + } + + file { '/etc/rc.d/rc.local': + mode => '0755', + } + +} else { + + file { 'openstack-losetup': + path => '/usr/lib/systemd/system/openstack-losetup.service', + before => Service['openstack-losetup'], + notify => Exec['/usr/bin/systemctl daemon-reload'], + content => '[Unit] +Description=Setup cinder-volume loop device +DefaultDependencies=false +Before=openstack-cinder-volume.service +After=local-fs.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/sh -c \'/usr/sbin/losetup -j /var/lib/cinder/cinder-volumes | /usr/bin/grep /var/lib/cinder/cinder-volumes || /usr/sbin/losetup -f /var/lib/cinder/cinder-volumes\' +ExecStop=/usr/bin/sh -c \'/usr/sbin/losetup -j /var/lib/cinder/cinder-volumes | /usr/bin/cut -d : -f 1 | /usr/bin/xargs /usr/sbin/losetup -d\' +TimeoutSec=60 +RemainAfterExit=yes + +[Install] +RequiredBy=openstack-cinder-volume.service', + } + + exec { '/usr/bin/systemctl daemon-reload': + refreshonly => true, + before => Service['openstack-losetup'], + } + + service { 'openstack-losetup': + ensure => running, + enable => true, + require => Class['cinder::setup_test_volume'], + } -package { 'lvm2': - ensure => installed, } -class {'cinder::volume::iscsi': +file_line { 'snapshot_autoextend_threshold': + path => '/etc/lvm/lvm.conf', + match => '^ *snapshot_autoextend_threshold +=.*', + line => ' snapshot_autoextend_threshold = 80', + require => Package['lvm2'], +} + +file_line { 'snapshot_autoextend_percent': + path => '/etc/lvm/lvm.conf', + match => '^ *snapshot_autoextend_percent +=.*', + line => ' snapshot_autoextend_percent = 20', + require => Package['lvm2'], +} + +cinder::backend::iscsi { 'lvm': iscsi_ip_address => '%(CONFIG_STORAGE_HOST)s', require => Package['lvm2'], } + +cinder::type { 'iscsi': + set_key => 'volume_backend_name', + set_value => 'lvm', + require => Class['cinder::api'], +} diff --git a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp index 5773d2aa8..79f74a1bd 100644 --- a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp +++ b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp @@ -2,11 +2,7 @@ package { 'iscsi-initiator-utils': ensure => present } -cinder_config { - "DEFAULT/enabled_backends": value => "myBackend"; -} - -cinder::backend::netapp{ 'myBackend': +cinder::backend::netapp { 'netapp': netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", @@ -17,6 +13,11 @@ netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", netapp_vfiler => "%(CONFIG_CINDER_NETAPP_VFILER)s", netapp_volume_list => ["%(CONFIG_CINDER_NETAPP_VOLUME_LIST)s"], + require => Package['iscsi-initiator-utils'], +} - require => Package['iscsi-initiator-utils'], +cinder::type { 'cinder_netapp_7mode_iscsi': + set_key => 'volume_backend_name', + set_value => 'netapp', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp index 9b8e90eb3..960badaa9 100644 --- a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp +++ b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp @@ -2,11 +2,7 @@ package { 'nfs-utils': ensure => present } -cinder_config { - "DEFAULT/enabled_backends": value => "myBackend"; -} - -cinder::backend::netapp{ 'myBackend': +cinder::backend::netapp { 'netapp': netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", @@ -18,6 +14,11 @@ thres_avl_size_perc_start => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START)s", thres_avl_size_perc_stop => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP)s", nfs_shares_config => "%(CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG)s", + require => Package['nfs-utils'], +} - require => Package['nfs-utils'], +cinder::type { 'cinder_netapp_7mode_nfs': + set_key => 'volume_backend_name', + set_value => 'netapp', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp index 09c235daa..de373396c 100644 --- a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp +++ b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp @@ -2,11 +2,7 @@ package { 'iscsi-initiator-utils': ensure => present } -cinder_config { - "DEFAULT/enabled_backends": value => "myBackend"; -} - -cinder::backend::netapp{ 'myBackend': +cinder::backend::netapp { 'netapp': netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", @@ -16,6 +12,11 @@ netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", netapp_vserver => "%(CONFIG_CINDER_NETAPP_VSERVER)s", + require => Package['iscsi-initiator-utils'], +} - require => Package['iscsi-initiator-utils'], +cinder::type { 'cinder_netapp_cdot_iscsi': + set_key => 'volume_backend_name', + set_value => 'netapp', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp index 960e3329a..d4fc0eb3e 100644 --- a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp +++ b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp @@ -2,11 +2,7 @@ package { 'nfs-utils': ensure => present } -cinder_config { - "DEFAULT/enabled_backends": value => "myBackend"; -} - -cinder::backend::netapp{ 'myBackend': +cinder::backend::netapp { 'netapp': netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", @@ -19,6 +15,11 @@ thres_avl_size_perc_start => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START)s", thres_avl_size_perc_stop => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP)s", nfs_shares_config => "%(CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG)s", + require => Package['nfs-utils'], +} - require => Package['nfs-utils'], +cinder::type { 'cinder_netapp_cdot_nfs': + set_key => 'volume_backend_name', + set_value => 'netapp', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_netapp_eseries.pp b/packstack/puppet/templates/cinder_netapp_eseries.pp index b137d2e00..01e92fccb 100644 --- a/packstack/puppet/templates/cinder_netapp_eseries.pp +++ b/packstack/puppet/templates/cinder_netapp_eseries.pp @@ -2,11 +2,7 @@ package { 'iscsi-initiator-utils': ensure => present } -cinder_config { - "DEFAULT/enabled_backends": value => "myBackend"; -} - -cinder::backend::netapp{ 'myBackend': +cinder::backend::netapp { 'netapp': netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", @@ -18,6 +14,11 @@ netapp_sa_password => "%(CONFIG_CINDER_NETAPP_SA_PASSWORD)s", netapp_storage_pools => "%(CONFIG_CINDER_NETAPP_STORAGE_POOLS)s", netapp_webservice_path => "%(CONFIG_CINDER_NETAPP_WEBSERVICE_PATH)s", + require => Package['iscsi-initiator-utils'], +} - require => Package['iscsi-initiator-utils'], +cinder::type { 'cinder_netapp_eseries': + set_key => 'volume_backend_name', + set_value => 'netapp', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_nfs.pp b/packstack/puppet/templates/cinder_nfs.pp index d6f4c376f..fffc9be51 100644 --- a/packstack/puppet/templates/cinder_nfs.pp +++ b/packstack/puppet/templates/cinder_nfs.pp @@ -1,6 +1,13 @@ package { 'nfs-utils': ensure => present } -class { 'cinder::volume::nfs': - nfs_servers => [%(CONFIG_CINDER_NFS_MOUNTS)s], - require => Package['nfs-utils'], +cinder::backend::nfs { 'nfs': + nfs_servers => [%(CONFIG_CINDER_NFS_MOUNTS)s], + require => Package['nfs-utils'], + nfs_shares_config => '/etc/cinder/nfs_shares.conf', +} + +cinder::type { 'nfs': + set_key => 'volume_backend_name', + set_value => 'nfs', + require => Class['cinder::api'], } diff --git a/packstack/puppet/templates/cinder_vmdk.pp b/packstack/puppet/templates/cinder_vmdk.pp index 95728deaa..ff01b302a 100644 --- a/packstack/puppet/templates/cinder_vmdk.pp +++ b/packstack/puppet/templates/cinder_vmdk.pp @@ -1,5 +1,11 @@ -class { 'cinder::volume::vmdk': +cinder::backend::vmdk { 'vmdk': host_ip => "%(CONFIG_VCENTER_HOST)s", host_username => "%(CONFIG_VCENTER_USER)s", host_password => "%(CONFIG_VCENTER_PASSWORD)s", } + +cinder::type { 'vmdk': + set_key => 'volume_backend_name', + set_value => 'vmdk', + require => Class['cinder::api'], +} From de7e1d55071baf28d808a55df0dad1cc2431e6c9 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Mon, 8 Sep 2014 13:51:37 -0700 Subject: [PATCH 0127/1017] Add docs environment to tox.ini As per the governance resolution https://review.openstack.org/119875, projects should have a docs environment in their tox.ini testing interface. Add one. Change-Id: I15c78a3c208820f041c9c3fa957aeb03eb7ab398 --- tox.ini | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tox.ini b/tox.ini index 6c5454605..a8edaa66b 100644 --- a/tox.ini +++ b/tox.ini @@ -26,3 +26,7 @@ setenv = NOSE_WITH_COVERAGE=1 [testenv:venv] commands = {posargs} + +[testenv:docs] +commands = python setup.py build_sphinx + From 7ff03828e9007afacf09b4a1b1e95ec1c29657d6 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 10 Sep 2014 10:31:55 +0200 Subject: [PATCH 0128/1017] Applies packstack::neutron::bridge class to network hosts That puppet class was just applied only on compute hosts. Now it will be applied on network hosts too. Change-Id: I8703eccfb26bec38db82e799e0893d7e4fa5608a Fixes: rhbz#1133968 Signed-off-by: Gael Chamoulaud --- packstack/plugins/neutron_350.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 63051454c..f3143c0f1 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -938,10 +938,10 @@ def create_l2_agent_manifests(config, messages): config[bridge_key], config[iface_key] = if_map.split(':') manifestdata = getManifestTemplate("neutron_ovs_port.pp") appendManifestFile(manifestfile, manifestdata + "\n") - # Additional configurations required for compute hosts - if host in compute_hosts: - manifestdata = getManifestTemplate('neutron_bridge_module.pp') - appendManifestFile(manifestfile, manifestdata + '\n') + # Additional configurations required for compute hosts and + # network hosts. + manifestdata = getManifestTemplate('neutron_bridge_module.pp') + appendManifestFile(manifestfile, manifestdata + '\n') def create_metadata_manifests(config, messages): From b04f4ace822e2f050346a7f2ba588de4cba4f70d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Wed, 10 Sep 2014 10:38:46 +0200 Subject: [PATCH 0129/1017] Missing validator This patch adds validator to CONFIG_SWIFT_STORAGES to make clear that values have to be paths only (without IP addresses). Change-Id: Ia5327ac2df0e8123f75934fdb3ae21dcf839f69c Fixes: rhbz#1128303 --- packstack/plugins/swift_600.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index ca497f348..b632f3b69 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -52,7 +52,7 @@ def initConfig(controller): "setup"), "PROMPT": "Enter the Swift Storage devices e.g. /path/to/dev", "OPTION_LIST": [], - "VALIDATORS": [], + "VALIDATORS": [validate_storage], "DEFAULT_VALUE": '', "MASK_INPUT": False, "LOOSE_VALIDATION": True, @@ -162,6 +162,15 @@ def initSequences(controller): #------------------------- helper functions ------------------------- +def validate_storage(param, options=None): + if not param: + return + if not param.startswith('/'): + raise ParamValidationError( + 'Storage value has to be in format "/path/to/device".' + ) + + def validate_storage_size(param, options=None): match = re.match(r'\d+G|\d+M|\d+K', param, re.IGNORECASE) if not match: From 50eda013c9848fee489f26e9e28da57f3607a10a Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 15 Sep 2014 10:17:51 +0200 Subject: [PATCH 0130/1017] Fixes the swift loopback device creation for test setup. If CONFIG_SWIFT_STORAGES stays blank, packstack should create one loopback device for swift instead of two (/srv/node/swift_loopback and /srv/node/swiftloopback). Change-Id: Id961c4a284abf5b6a2a8d2fccdc0ea7ff498d4a0 Fixes: rhbz#1141125 Signed-off-by: Gael Chamoulaud --- packstack/plugins/swift_600.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index b632f3b69..2cebc3cd3 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -206,7 +206,7 @@ def parse_devices(config): 'device_name': 'device%s' % device_number}) if not devices: devices.append({'device': None, 'zone': 1, - 'device_name': 'swiftloopback'}) + 'device_name': 'swift_loopback'}) return devices From c076aa4164263d1fd657ce503bf177492da23141 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Mon, 15 Sep 2014 13:37:06 +0200 Subject: [PATCH 0131/1017] Just reraise This patch removes hidding of traceback by reraising step exceptions with SequenceError. It will make debugging easier. Change-Id: Ifdb887b8d7cf2c226d7722abf414bdf5ee3628cd --- packstack/installer/core/sequences.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/installer/core/sequences.py b/packstack/installer/core/sequences.py index cd82c7e94..b5f8060c5 100644 --- a/packstack/installer/core/sequences.py +++ b/packstack/installer/core/sequences.py @@ -41,7 +41,7 @@ def run(self, config=None, messages=None): state = utils.state_message(self.title, 'ERROR', 'red') sys.stdout.write('%s\n' % state) sys.stdout.flush() - raise SequenceError(str(ex)) + raise else: state = utils.state_message(self.title, 'DONE', 'green') sys.stdout.write('%s\n' % state) From 887b12f640c5b59af26a366c582d77e938530cba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Mon, 15 Sep 2014 15:21:54 +0200 Subject: [PATCH 0132/1017] Typo fix Change-Id: Ibd2b1f32544bd7e11ff22d7bd456a60c7f7375d1 --- packstack/plugins/dashboard_500.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index 9619470fb..8d4f42dc3 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -151,7 +151,7 @@ def create_manifest(config, messages): resources = config.setdefault('RESOURCES', {}) host_resources = resources.setdefault(horizon_host, []) host_resources.append((ssl_cert, 'ssl_ps_server.crt')) - host_resources.append(ssl_key, 'ssl_ps_server.key') + host_resources.append((ssl_key, 'ssl_ps_server.key')) host_resources.append((ssl_chain, 'ssl_ps_chain.crt')) else: messages.append( From a9fa4d0070fb66723346426b62cf07e3f9e4d673 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 19 Sep 2014 14:37:05 +0200 Subject: [PATCH 0133/1017] Remove obsolete dependancy The root mysql password is no longer set by exec, we don't have to start mariadb before that anymore. Change-Id: Ic05c639e666e024dfdea95dea6a271b0a4abb7f6 --- packstack/puppet/templates/mariadb_install.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index fe7b97921..432253055 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -6,7 +6,6 @@ enable => true, ensure => 'running', require => [ Package['mysql-server'], File['/etc/my.cnf'] ], - before => Exec['set_mysql_rootpw'], } } else { $manage_service = true From 0d7db88e83b29e45d797307a11ef18c1438ab02b Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 22 Sep 2014 14:39:41 +0200 Subject: [PATCH 0134/1017] Adds usage examples for CONFIG_NEUTRON_L2_PLUGIN In a previous patch, I did document it in docs/packstack.rst. It should be documented correctly in the answer file too !!!! Change-Id: I1cc6e555deac4da371fda1de862f987b37c4cdfb Fixes: rhbz#1066019 Signed-off-by: Gael Chamoulaud --- packstack/plugins/neutron_350.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f3143c0f1..10f7e1cae 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -75,7 +75,8 @@ def initConfig(controller): "CONDITION": False}, {"CMD_OPTION": "os-neutron-l2-plugin", - "USAGE": "The name of the L2 plugin to be used with Neutron", + "USAGE": "The name of the L2 plugin to be used with Neutron. " + "(eg. linuxbridge, openvswitch, ml2)", "PROMPT": ("Enter the name of the L2 plugin to be used " "with Neutron"), "OPTION_LIST": ["linuxbridge", "openvswitch", "ml2"], From 01ec93b6ab65845968d508e62d75d0128dc04ff0 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 22 Sep 2014 15:32:30 +0200 Subject: [PATCH 0135/1017] Fix Warning when NetworkManager is active on hosts The warning was just displayed in case of multinode installation, and not for an Allinone installation ! Change-Id: I69105eb5533d7d2f099d51e743f0b9d95a15227d Fixes: rhbz#1130589 Fixes: rhbz#1117115 Signed-off-by: Gael Chamoulaud --- packstack/plugins/neutron_350.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 10f7e1cae..c87b26d95 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -986,7 +986,7 @@ def check_nm_status(config, messages): server.clear() - if len(hosts_with_nm) > 1: + if hosts_with_nm: hosts_list = ', '.join("%s" % x for x in hosts_with_nm) msg = output_messages.WARN_NM_ENABLED messages.append(utils.color_text(msg % hosts_list, 'yellow')) From 512bdce979e90e9c9fcdc0d68e565fe81512f8a1 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Wed, 17 Sep 2014 16:15:03 +0200 Subject: [PATCH 0136/1017] Allow specifying of a global --password option This fixes bz#1108742 by providing a new global parameter "--default-password", that will be the default for all other password parameters if set. Each individual password parameter can override the default global, and if none are set, a random password will be used as before. As part of the change, process_param_value() has been updated, to avoid leaking passwords when they are modified by a processor function. Change-Id: Ic5947567599c8b221b7a9e60acb4708429507741 --- docs/packstack.rst | 5 ++- packstack/installer/output_messages.py | 2 +- packstack/installer/processors.py | 39 +++++++++++++++-- packstack/installer/run_setup.py | 58 ++++++++++++++++++++------ packstack/plugins/amqp_002.py | 15 ++++--- packstack/plugins/ceilometer_800.py | 6 ++- packstack/plugins/cinder_250.py | 10 +++-- packstack/plugins/glance_200.py | 11 +++-- packstack/plugins/heat_750.py | 18 ++++---- packstack/plugins/keystone_100.py | 12 ++++-- packstack/plugins/mariadb_003.py | 4 +- packstack/plugins/nagios_910.py | 4 +- packstack/plugins/neutron_350.py | 16 ++++--- packstack/plugins/nova_300.py | 10 +++-- packstack/plugins/prescript_000.py | 19 +++++++++ packstack/plugins/provision_700.py | 4 +- packstack/plugins/swift_600.py | 6 ++- tests/installer/test_processors.py | 4 +- 18 files changed, 181 insertions(+), 62 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 1d3544957..018f31515 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -43,7 +43,10 @@ Global Options Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. **CONFIG_NTP_SERVERS** - Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances.. + Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances. + +**CONFIG_DEFAULT_PASSWORD** + A default password to be used on all services, databases, keys, etc. It will be overriden by any explicitly set password. Leave plain to not set a default password. **CONFIG_NAGIOS_INSTALL** Set to 'y' if you would like Packstack to install Nagios to monitor openstack hosts ['y', 'n']. diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 4239de971..cf6420398 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -85,5 +85,5 @@ ERR_NO_ANSWER_FILE="Error: Could not find file %s" ERR_ONLY_1_FLAG="Error: The %s flag is mutually exclusive to all other command line options" ERR_REMOVE_REMOTE_VAR="Error: Failed to remove directory %s on %s, it contains sensitive data and should be removed" - +ERR_REMOVE_TMP_FILE="Error: Failed to remove temporary file %s, it contains sensitive data and should be removed" # diff --git a/packstack/installer/processors.py b/packstack/installer/processors.py index 230b03d09..94a50a24f 100644 --- a/packstack/installer/processors.py +++ b/packstack/installer/processors.py @@ -2,6 +2,7 @@ import netaddr import os +import uuid from .utils import ScriptRunner, force_ip from .exceptions import ParamProcessingError, NetworkError @@ -11,7 +12,7 @@ 'process_ssh_key') -def process_cidr(param, process_args=None): +def process_cidr(param, param_name, process_args=None): """ Corrects given CIDR if necessary. """ @@ -24,7 +25,7 @@ def process_cidr(param, process_args=None): raise ParamProcessingError(str(ex)) -def process_host(param, process_args=None): +def process_host(param, param_name, process_args=None): """ Tries to change given parameter to IP address, if it is in hostname format @@ -37,7 +38,7 @@ def process_host(param, process_args=None): raise ParamProcessingError(str(ex)) -def process_ssh_key(param, process_args=None): +def process_ssh_key(param, param_name, process_args=None): """ Generates SSH key if given key in param doesn't exist. In case param is an empty string it generates default SSH key ($HOME/.ssh/id_rsa). @@ -63,7 +64,7 @@ def create_key(path): return param -def process_add_quotes_around_values(param, process_args=None): +def process_add_quotes_around_values(param, param_name, process_args=None): """ Add a single quote character around each element of a comma separated list of values @@ -77,3 +78,33 @@ def process_add_quotes_around_values(param, process_args=None): params_list[index] = elem param = ','.join(params_list) return param + +def process_password(param, param_name, process_args=None): + """ + Process passwords, checking the following: + 1- If there is a user-entered password, use it + 2- Otherwise, check for a global default password, and use it if available + 3- As a last resort, generate a random password + """ + if not hasattr(process_password,"pw_dict"): + process_password.pw_dict = {} + + if param == "PW_PLACEHOLDER": + if process_args["CONFIG_DEFAULT_PASSWORD"] != "": + param = process_args["CONFIG_DEFAULT_PASSWORD"] + else: + # We need to make sure we store the random password we provide + # and return it once we are asked for it again + if param_name.endswith("_CONFIRMED"): + unconfirmed_param = param_name[:-10] + if unconfirmed_param in process_password.pw_dict: + param = process_password.pw_dict[unconfirmed_param] + else: + param = uuid.uuid4().hex[:16] + process_password.pw_dict[unconfirmed_param] = param + elif not param_name in process_password.pw_dict: + param = uuid.uuid4().hex[:16] + process_password.pw_dict[param_name] = param + else: + param = process_password.pw_dict[param_name] + return param diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index d20872916..16ae810b4 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -30,7 +30,7 @@ # List to hold all values to be masked in logging (i.e. passwords and sensitive data) #TODO: read default values from conf_param? masked_value_set = set() - +tmpfiles = [] def initLogging (debug): global logFile @@ -147,8 +147,7 @@ def input_param(param): confirmedParamName = param.CONF_NAME + "_CONFIRMED" confirmedParam.CONF_NAME = confirmedParamName confirmedParam.PROMPT = output_messages.INFO_CONF_PARAMS_PASSWD_CONFIRM_PROMPT - confirmedParam.VALIDATORS = [validators.validate_not_empty] - # Now get both values from user (with existing validations + # Now get both values from user (with existing validations) while True: _getInputFromUser(param) _getInputFromUser(confirmedParam) @@ -274,10 +273,11 @@ def process_param_value(param, value): logging.debug("Processing value of parameter " "%s." % param.CONF_NAME) try: - new_value = proc_func(_value, controller.CONF) + new_value = proc_func(_value, param.CONF_NAME, controller.CONF) if new_value != _value: - msg = output_messages.INFO_CHANGED_VALUE - print msg % (_value, new_value) + if param.MASK_INPUT == False: + msg = output_messages.INFO_CHANGED_VALUE + print msg % (_value, new_value) _value = new_value else: logging.debug("Processor returned the original " @@ -429,6 +429,19 @@ def _getanswerfilepath(): controller.MESSAGES.append(msg) return path +def _gettmpanswerfilepath(): + path = None + msg = "Could not find a suitable path on which to create the temporary answerfile" + + ts = datetime.datetime.now().strftime('%Y%m%d-%H%M%S') + + p = os.path.expanduser("~/") + if os.access(p, os.W_OK): + path = os.path.abspath(os.path.join(p, "tmp-packstack-answers-%s.txt"%ts)) + tmpfiles.append(path) + + return path + def _handleInteractiveParams(): try: logging.debug("Groups: %s" % ', '.join([x.GROUP_NAME for x in controller.getAllGroups()])) @@ -474,13 +487,8 @@ def _handleInteractiveParams(): else: logging.debug("no post condition check for group %s" % group.GROUP_NAME) - path = _getanswerfilepath() - _displaySummary() - if path: - generateAnswerFile(path) - except KeyboardInterrupt: logging.error("keyboard interrupt caught") raise Exception(output_messages.ERR_EXP_KEYBOARD_INTERRUPT) @@ -589,6 +597,11 @@ def _main(configFile=None): # Get parameters _handleParams(configFile) + # Generate answer file + path = _getanswerfilepath() + if path: + generateAnswerFile(path) + # Update masked_value_list with user input values _updateMaskedValueSet() @@ -634,6 +647,20 @@ def remove_remote_var_dirs(): logging.exception(e) controller.MESSAGES.append(utils.color_text(msg, 'red')) +def remove_temp_files(): + """ + Removes any temporary files generated during + configuration + """ + for myfile in tmpfiles: + try: + os.unlink(myfile) + except Exception as e: + msg = output_messages.ERR_REMOVE_TMP_FILE % (myfile) + logging.error(msg) + logging.exception(e) + controller.MESSAGES.append(utils.color_text(msg, 'red')) + def generateAnswerFile(outputFile, overrides={}): sep = os.linesep @@ -688,7 +715,7 @@ def single_step_aio_install(options): single_step_install(options) def single_step_install(options): - answerfilepath = _getanswerfilepath() + answerfilepath = _gettmpanswerfilepath() if not answerfilepath: _printAdditionalMessages() return @@ -892,6 +919,12 @@ def main(): if options.gen_answer_file: # Make sure only --gen-answer-file was supplied validateSingleFlag(options, "gen_answer_file") + answerfilepath = _gettmpanswerfilepath() + if not answerfilepath: + _printAdditionalMessages() + return + generateAnswerFile(answerfilepath) + _handleParams(answerfilepath) generateAnswerFile(options.gen_answer_file) # Are we installing an all in one elif options.allinone: @@ -926,6 +959,7 @@ def main(): finally: remove_remote_var_dirs() + remove_temp_files() # Always print user params to log _printAdditionalMessages() diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index e12cecd10..618c15d7e 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -9,6 +9,7 @@ import os from packstack.installer import validators +from packstack.installer import processors from packstack.installer import basedefs from packstack.installer import utils @@ -95,12 +96,13 @@ def initConfig(controller): "PROMPT": "Enter the password for NSS certificate database", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:32], - "MASK_INPUT": False, + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, "LOOSE_VALIDATION": True, "CONF_NAME": "CONFIG_AMQP_NSS_CERTDB_PW", "USE_DEFAULT": False, - "NEED_CONFIRM": False, + "NEED_CONFIRM": True, "CONDITION": False}, {"CMD_OPTION": "amqp-ssl-port", @@ -186,12 +188,13 @@ def initConfig(controller): "PROMPT": "Enter the password for user authentication", "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], - "MASK_INPUT": False, + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "MASK_INPUT": True, "LOOSE_VALIDATION": True, "CONF_NAME": "CONFIG_AMQP_AUTH_PASSWORD", "USE_DEFAULT": False, - "NEED_CONFIRM": False, + "NEED_CONFIRM": True, "CONDITION": False}, ] group = {"GROUP_NAME": "AMQPAUTH", diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index d33a9509b..3ae344ffb 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -10,6 +10,7 @@ from packstack.installer import utils from packstack.installer import validators +from packstack.installer import processors from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) @@ -44,10 +45,11 @@ def initConfig(controller): "PROMPT": "Enter the password for the Ceilometer Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, ], diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index fb31bdcc0..2c84e8f0b 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -43,11 +43,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Cinder DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_CINDER_DB_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -57,11 +58,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Cinder Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_CINDER_KS_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 810c228d3..ec77e475a 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -8,6 +8,7 @@ import logging from packstack.installer import validators +from packstack.installer import processors from packstack.installer import basedefs from packstack.installer import utils from packstack.installer.utils import split_hosts @@ -29,11 +30,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Glance DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_GLANCE_DB_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -43,11 +45,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Glance Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_GLANCE_KS_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, ] diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index fe80e0932..b0fd68600 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -10,6 +10,7 @@ from packstack.installer import utils from packstack.installer import validators +from packstack.installer import processors from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, @@ -31,11 +32,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Heat MySQL user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_HEAT_DB_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -60,11 +62,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Heat Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_HEAT_KS_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -142,12 +145,13 @@ def initConfig(controller): "PROMPT": "Enter password for Keystone domain admin user for Heat", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], - "MASK_INPUT": False, + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_HEAT_DOMAIN_PASSWORD", "USE_DEFAULT": False, - "NEED_CONFIRM": False, + "NEED_CONFIRM": True, "CONDITION": False}, ] group = {"GROUP_NAME": "Heat", diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 7440ec9cc..ab3ea54c1 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -8,6 +8,7 @@ import uuid from packstack.installer import validators +from packstack.installer import processors from packstack.installer import basedefs from packstack.installer import utils @@ -28,11 +29,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Keystone DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_KEYSTONE_DB_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -54,7 +56,8 @@ def initConfig(controller): "PROMPT": "Enter the password for the Keystone admin user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_PW", @@ -67,7 +70,8 @@ def initConfig(controller): "PROMPT": "Enter the password for the Keystone demo user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_KEYSTONE_DEMO_PW", diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index eca7f24a2..81dbee64e 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -8,6 +8,7 @@ import logging from packstack.installer import validators +from packstack.installer import processors from packstack.installer import utils from packstack.installer.utils import split_hosts from packstack.modules.common import filtered_hosts @@ -59,7 +60,8 @@ def initConfig(controller): "PROMPT": "Enter the password for the MariaDB admin user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", "MASK_INPUT": True, "LOOSE_VALIDATION": True, "CONF_NAME": "CONFIG_MARIADB_PW", diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index dd48967ec..491548c70 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -8,6 +8,7 @@ import logging from packstack.installer import validators +from packstack.installer import processors from packstack.installer import basedefs, output_messages from packstack.installer import utils @@ -29,7 +30,8 @@ def initConfig(controller): "PROMPT": "Enter the password for the nagiosadmin user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", "MASK_INPUT": True, "LOOSE_VALIDATION": True, "CONF_NAME": "CONFIG_NAGIOS_PW", diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f3143c0f1..37fddc7a4 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -12,6 +12,7 @@ from packstack.installer import utils from packstack.installer import exceptions from packstack.installer import validators +from packstack.installer import processors from packstack.installer import output_messages from packstack.installer.utils import split_hosts @@ -36,11 +37,12 @@ def initConfig(controller): "PROMPT": "Enter the password for Neutron Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NEUTRON_KS_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -49,11 +51,12 @@ def initConfig(controller): "PROMPT": "Enter the password for Neutron DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NEUTRON_DB_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -93,11 +96,12 @@ def initConfig(controller): "PROMPT": "Enter Neutron metadata agent password", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NEUTRON_METADATA_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 69e5e872b..42baa1936 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -39,11 +39,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Nova DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NOVA_DB_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -53,11 +54,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Nova Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_NOVA_KS_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 6511a7fa3..491c19448 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -53,6 +53,25 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "default-password", + "USAGE": ( + "Set a default password everywhere. The default password " + "will be overriden by whatever password is set for each " + "individual service or user." + ), + "PROMPT": ( + "Enter a default password to be used. Leave blank for a " + "randomly generated one." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": '', + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_DEFAULT_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + {"CMD_OPTION": "mariadb-install", "USAGE": ( "Set to 'y' if you would like Packstack to install MariaDB" diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 8262ff3d4..dbbf3a9a6 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -9,6 +9,7 @@ from packstack.installer import utils from packstack.installer import validators +from packstack.installer import processors from packstack.modules.common import is_all_in_one from packstack.modules.ospluginutils import (appendManifestFile, @@ -81,7 +82,8 @@ def process_provision(param, process_args=None): "PROMPT": "Enter the password for the Tempest Provisioning user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER_PW", diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index b632f3b69..7ebc5d0f5 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -11,6 +11,7 @@ import netaddr from packstack.installer import validators +from packstack.installer import processors from packstack.installer.exceptions import ParamValidationError from packstack.installer import basedefs from packstack.installer import utils @@ -34,11 +35,12 @@ def initConfig(controller): "PROMPT": "Enter the password for the Swift Keystone access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex[:16], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_SWIFT_KS_PW", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, diff --git a/tests/installer/test_processors.py b/tests/installer/test_processors.py index 91c66a29f..5215c1290 100644 --- a/tests/installer/test_processors.py +++ b/tests/installer/test_processors.py @@ -27,13 +27,13 @@ class ProcessorsTestCase(PackstackTestCaseMixin, TestCase): def test_process_host(self): """Test packstack.installer.processors.process_host""" - proc_local = process_host('localhost', + proc_local = process_host('localhost', 'HOSTNAME', process_args={'allow_localhost': True}) self.assertIn(proc_local, ['127.0.0.1', '::1']) def test_process_ssh_key(self): """Test packstack.installer.processors.process_ssh_key""" - path = process_ssh_key(os.path.join(self.tempdir, 'id_rsa')) + path = process_ssh_key(os.path.join(self.tempdir, 'id_rsa'), 'SSH_KEY') # test if key was created self.assertEquals(True, bool(path)) # test if key exists From 264250b626d71ef6e2eaa4a31c57fad037d49ffb Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Fri, 26 Sep 2014 15:42:06 +0200 Subject: [PATCH 0137/1017] Use a valid e-mail for admin user in keystone The default installation uses test@test.com as the e-mail address for the admin user created in keystone. This patch changes that e-mail to root@localhost, which is consistent with the addresses set for the rest of the users. Fixes bz#1020199 Change-Id: I480f1bd4188d65b5c32de113a07cbdd5ab9beb9d --- packstack/puppet/templates/keystone.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index fe056583b..c938a4582 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -9,7 +9,7 @@ } class {"keystone::roles::admin": - email => "test@test.com", + email => "root@localhost", password => "%(CONFIG_KEYSTONE_ADMIN_PW)s", admin_tenant => "admin" } From f70a6a47decef008c4fa6fe01f1db6dd91928f7d Mon Sep 17 00:00:00 2001 From: Manabu Ori Date: Mon, 29 Sep 2014 13:40:20 +0900 Subject: [PATCH 0138/1017] Add CONFIG_KEYSTONE_REGION option. This changeset makes packstack to support region name other than 'RegionOne'. Change-Id: Ib304c4c0a500d0f11dd9033eafa43251b604cdf1 --- docs/packstack.rst | 3 +++ packstack/plugins/keystone_100.py | 13 +++++++++++++ packstack/puppet/templates/keystone.pp | 1 + packstack/puppet/templates/keystone_ceilometer.pp | 1 + packstack/puppet/templates/keystone_cinder.pp | 1 + packstack/puppet/templates/keystone_glance.pp | 1 + packstack/puppet/templates/keystone_heat.pp | 1 + packstack/puppet/templates/keystone_neutron.pp | 1 + packstack/puppet/templates/keystone_nova.pp | 1 + packstack/puppet/templates/keystone_swift.pp | 1 + packstack/puppet/templates/neutron_metadata.pp | 1 + packstack/puppet/templates/neutron_notifications.pp | 1 + packstack/puppet/templates/nova_neutron.pp | 1 + packstack/puppet/templates/openstack_client.pp | 1 + 14 files changed, 28 insertions(+) diff --git a/docs/packstack.rst b/docs/packstack.rst index 018f31515..83578e813 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -132,6 +132,9 @@ AMQP Config parameters Keystone Config parameters -------------------------- +**CONFIG_KEYSTONE_REGION** + The region name to use for the Keystone. + **CONFIG_KEYSTONE_DB_PW** The password to use for the Keystone to access DB. diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index ab3ea54c1..c939f584d 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -38,6 +38,19 @@ def initConfig(controller): "NEED_CONFIRM": True, "CONDITION": False}, + {"CMD_OPTION": "keystone-region", + "USAGE": "Region name", + "PROMPT": "Region name", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "RegionOne", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_REGION", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "keystone-admin-token", "USAGE": "The token to use for the Keystone service api", "PROMPT": "The token to use for the Keystone service api", diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index fe056583b..8464c66a3 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -15,6 +15,7 @@ } class {"keystone::endpoint": + region => "%(CONFIG_KEYSTONE_REGION)s", public_address => "%(CONFIG_CONTROLLER_HOST)s", admin_address => "%(CONFIG_CONTROLLER_HOST)s", internal_address => "%(CONFIG_CONTROLLER_HOST)s", diff --git a/packstack/puppet/templates/keystone_ceilometer.pp b/packstack/puppet/templates/keystone_ceilometer.pp index fc3ce356e..5fbf12fc5 100644 --- a/packstack/puppet/templates/keystone_ceilometer.pp +++ b/packstack/puppet/templates/keystone_ceilometer.pp @@ -1,5 +1,6 @@ class { 'ceilometer::keystone::auth': + region => '%(CONFIG_KEYSTONE_REGION)s', password => '%(CONFIG_CEILOMETER_KS_PW)s', public_address => "%(CONFIG_CONTROLLER_HOST)s", admin_address => "%(CONFIG_CONTROLLER_HOST)s", diff --git a/packstack/puppet/templates/keystone_cinder.pp b/packstack/puppet/templates/keystone_cinder.pp index 0270adb3f..c175f45ae 100644 --- a/packstack/puppet/templates/keystone_cinder.pp +++ b/packstack/puppet/templates/keystone_cinder.pp @@ -1,5 +1,6 @@ class {"cinder::keystone::auth": + region => "%(CONFIG_KEYSTONE_REGION)s", password => "%(CONFIG_CINDER_KS_PW)s", public_address => "%(CONFIG_STORAGE_HOST)s", admin_address => "%(CONFIG_STORAGE_HOST)s", diff --git a/packstack/puppet/templates/keystone_glance.pp b/packstack/puppet/templates/keystone_glance.pp index 4249a2623..1d907acf2 100644 --- a/packstack/puppet/templates/keystone_glance.pp +++ b/packstack/puppet/templates/keystone_glance.pp @@ -1,5 +1,6 @@ class {"glance::keystone::auth": + region => "%(CONFIG_KEYSTONE_REGION)s", password => "%(CONFIG_GLANCE_KS_PW)s", public_address => "%(CONFIG_STORAGE_HOST)s", admin_address => "%(CONFIG_STORAGE_HOST)s", diff --git a/packstack/puppet/templates/keystone_heat.pp b/packstack/puppet/templates/keystone_heat.pp index 9b86f905f..d05acd11f 100644 --- a/packstack/puppet/templates/keystone_heat.pp +++ b/packstack/puppet/templates/keystone_heat.pp @@ -1,5 +1,6 @@ # heat::keystone::auth class {"heat::keystone::auth": + region => "%(CONFIG_KEYSTONE_REGION)s", password => "%(CONFIG_HEAT_KS_PW)s", public_address => "%(CONFIG_CONTROLLER_HOST)s", admin_address => "%(CONFIG_CONTROLLER_HOST)s", diff --git a/packstack/puppet/templates/keystone_neutron.pp b/packstack/puppet/templates/keystone_neutron.pp index 4699a9150..07842c84f 100644 --- a/packstack/puppet/templates/keystone_neutron.pp +++ b/packstack/puppet/templates/keystone_neutron.pp @@ -1,5 +1,6 @@ class {"neutron::keystone::auth": + region => "%(CONFIG_KEYSTONE_REGION)s", password => "%(CONFIG_NEUTRON_KS_PW)s", public_address => "%(CONFIG_CONTROLLER_HOST)s", admin_address => "%(CONFIG_CONTROLLER_HOST)s", diff --git a/packstack/puppet/templates/keystone_nova.pp b/packstack/puppet/templates/keystone_nova.pp index ccca515d4..f544bf933 100644 --- a/packstack/puppet/templates/keystone_nova.pp +++ b/packstack/puppet/templates/keystone_nova.pp @@ -1,5 +1,6 @@ class {"nova::keystone::auth": + region => "%(CONFIG_KEYSTONE_REGION)s", password => "%(CONFIG_NOVA_KS_PW)s", public_address => "%(CONFIG_CONTROLLER_HOST)s", admin_address => "%(CONFIG_CONTROLLER_HOST)s", diff --git a/packstack/puppet/templates/keystone_swift.pp b/packstack/puppet/templates/keystone_swift.pp index a5de90d3d..be71587eb 100644 --- a/packstack/puppet/templates/keystone_swift.pp +++ b/packstack/puppet/templates/keystone_swift.pp @@ -1,4 +1,5 @@ class { 'swift::keystone::auth': public_address => '%(CONFIG_CONTROLLER_HOST)s', + region => '%(CONFIG_KEYSTONE_REGION)s', password => '%(CONFIG_SWIFT_KS_PW)s', } diff --git a/packstack/puppet/templates/neutron_metadata.pp b/packstack/puppet/templates/neutron_metadata.pp index dc83b1e54..9db8cc8be 100644 --- a/packstack/puppet/templates/neutron_metadata.pp +++ b/packstack/puppet/templates/neutron_metadata.pp @@ -1,6 +1,7 @@ class {'neutron::agents::metadata': auth_password => '%(CONFIG_NEUTRON_KS_PW)s', auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', + auth_region => '%(CONFIG_KEYSTONE_REGION)s', shared_secret => '%(CONFIG_NEUTRON_METADATA_PW)s', metadata_ip => '%(CONFIG_CONTROLLER_HOST)s', debug => %(CONFIG_DEBUG_MODE)s, diff --git a/packstack/puppet/templates/neutron_notifications.pp b/packstack/puppet/templates/neutron_notifications.pp index d8d13a1b0..36983512a 100644 --- a/packstack/puppet/templates/neutron_notifications.pp +++ b/packstack/puppet/templates/neutron_notifications.pp @@ -5,4 +5,5 @@ nova_admin_tenant_name => 'services', nova_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8774/v2', nova_admin_auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', + nova_region_name => '%(CONFIG_KEYSTONE_REGION)s', } diff --git a/packstack/puppet/templates/nova_neutron.pp b/packstack/puppet/templates/nova_neutron.pp index e2b3babd3..4e4e054a7 100644 --- a/packstack/puppet/templates/nova_neutron.pp +++ b/packstack/puppet/templates/nova_neutron.pp @@ -5,6 +5,7 @@ neutron_url => "http://%(CONFIG_CONTROLLER_HOST)s:9696", neutron_admin_tenant_name => "services", neutron_admin_auth_url => "http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0", + neutron_region_name => "%(CONFIG_KEYSTONE_REGION)s", } class {"nova::compute::neutron": diff --git a/packstack/puppet/templates/openstack_client.pp b/packstack/puppet/templates/openstack_client.pp index 86b8333af..350c7672b 100644 --- a/packstack/puppet/templates/openstack_client.pp +++ b/packstack/puppet/templates/openstack_client.pp @@ -9,6 +9,7 @@ export OS_TENANT_NAME=admin export OS_PASSWORD=%(CONFIG_KEYSTONE_ADMIN_PW)s export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/ +export OS_REGION_NAME=%(CONFIG_KEYSTONE_REGION)s export PS1='[\\u@\\h \\W(keystone_admin)]\\$ ' " From 3c91baba29ef2215b4cf95c47776f664b0744783 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Thu, 18 Sep 2014 16:15:12 +0200 Subject: [PATCH 0139/1017] Rename process_args to config in processors.py The process_args variable name in functions found in processors.py is a leftover from previous versions. config is a more appropriate variable name. Change-Id: I38bc821877ac95c84b0d728a8d40681a993d6aa1 --- packstack/installer/processors.py | 18 ++++++++---------- tests/installer/test_processors.py | 3 +-- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/packstack/installer/processors.py b/packstack/installer/processors.py index 94a50a24f..553ce3023 100644 --- a/packstack/installer/processors.py +++ b/packstack/installer/processors.py @@ -12,7 +12,7 @@ 'process_ssh_key') -def process_cidr(param, param_name, process_args=None): +def process_cidr(param, param_name, config=None): """ Corrects given CIDR if necessary. """ @@ -25,20 +25,18 @@ def process_cidr(param, param_name, process_args=None): raise ParamProcessingError(str(ex)) -def process_host(param, param_name, process_args=None): +def process_host(param, param_name, config=None): """ Tries to change given parameter to IP address, if it is in hostname format """ - localhost = process_args and \ - process_args.get('allow_localhost', False) try: - return force_ip(param, allow_localhost=localhost) + return force_ip(param, allow_localhost=True) except NetworkError as ex: raise ParamProcessingError(str(ex)) -def process_ssh_key(param, param_name, process_args=None): +def process_ssh_key(param, param_name, config=None): """ Generates SSH key if given key in param doesn't exist. In case param is an empty string it generates default SSH key ($HOME/.ssh/id_rsa). @@ -64,7 +62,7 @@ def create_key(path): return param -def process_add_quotes_around_values(param, param_name, process_args=None): +def process_add_quotes_around_values(param, param_name, config=None): """ Add a single quote character around each element of a comma separated list of values @@ -79,7 +77,7 @@ def process_add_quotes_around_values(param, param_name, process_args=None): param = ','.join(params_list) return param -def process_password(param, param_name, process_args=None): +def process_password(param, param_name, config=None): """ Process passwords, checking the following: 1- If there is a user-entered password, use it @@ -90,8 +88,8 @@ def process_password(param, param_name, process_args=None): process_password.pw_dict = {} if param == "PW_PLACEHOLDER": - if process_args["CONFIG_DEFAULT_PASSWORD"] != "": - param = process_args["CONFIG_DEFAULT_PASSWORD"] + if config["CONFIG_DEFAULT_PASSWORD"] != "": + param = config["CONFIG_DEFAULT_PASSWORD"] else: # We need to make sure we store the random password we provide # and return it once we are asked for it again diff --git a/tests/installer/test_processors.py b/tests/installer/test_processors.py index 5215c1290..469a625f9 100644 --- a/tests/installer/test_processors.py +++ b/tests/installer/test_processors.py @@ -27,8 +27,7 @@ class ProcessorsTestCase(PackstackTestCaseMixin, TestCase): def test_process_host(self): """Test packstack.installer.processors.process_host""" - proc_local = process_host('localhost', 'HOSTNAME', - process_args={'allow_localhost': True}) + proc_local = process_host('localhost', 'HOSTNAME') self.assertIn(proc_local, ['127.0.0.1', '::1']) def test_process_ssh_key(self): From 35c9d3c392f71840e56aac57bb87b768170475f9 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Tue, 30 Sep 2014 15:04:14 -0600 Subject: [PATCH 0140/1017] Fix NetworkManager facter error When puppet is run with NetworkManager disabled it gets an error from facter that is cascaded to packstack causing a failure. Facter (>= 2.1.0) ships a new structured facts called dhcp_servers which returns a hash of DHCP Server addresses. That fact requires NetworkManager running (https://tickets.puppetlabs.com/browse/FACT-697). Fixes: rhbz#1116403 Change-Id: Ied08f797dd9ea5039e3d03d42eb172c77ab4113a --- packstack/modules/puppet.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packstack/modules/puppet.py b/packstack/modules/puppet.py index 01f29f8d7..bbb0b2285 100644 --- a/packstack/modules/puppet.py +++ b/packstack/modules/puppet.py @@ -27,7 +27,10 @@ 'Could not prefetch database_grant provider.*?\\.my\\.cnf|' # Swift Puppet module tries to install swift-plugin-s3, there is no such # package on RHEL, fixed in the upstream puppet module - 'yum.*?install swift-plugin-s3' + 'yum.*?install swift-plugin-s3|' + # facter gives a weird NM error when it's disabled, due to + # https://tickets.puppetlabs.com/browse/FACT-697 + 'NetworkManager is not running' ) re_notice = re.compile(r"notice: .*Notify\[packstack_info\]" "\/message: defined \'message\' as " From 409b615896afc48593bf011d04db16daca72e9b3 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 2 Oct 2014 09:20:52 -0400 Subject: [PATCH 0141/1017] Remove submodule initialisation as we now use subtrees Change-Id: I2d61bb3a2c20d8f75cf35572bfebe76788284ecc Requires: https://github.com/redhat-openstack/openstack-puppet-modules/pull/113 --- setup.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/setup.py b/setup.py index 4d8e65b4f..2fc19d244 100644 --- a/setup.py +++ b/setup.py @@ -49,8 +49,7 @@ def run(self): pass print 'Cloning %(repo)s to %(destination)s' % locals() cmd = ('cd %(basedir)s; git clone %(repo)s %(repodir)s; ' - 'cd %(repodir)s; git checkout %(branch)s; ' - 'git submodule update --init' % locals()) + 'cd %(repodir)s; git checkout %(branch)s; ' % locals()) proc = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) out, err = proc.communicate() From d9e5ecffc55831c3c754d3d3fd14d34b155321bf Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Thu, 2 Oct 2014 15:24:46 +0200 Subject: [PATCH 0142/1017] Remove mariadb-server package during installation If mariadb-server is installed, it will conflict with requested package mariadb-galera-server, and installation will fail. This patch fixes that by making sure mariadb-server is uninstalled befora mariadb-galera-server installation is attempted. Change-Id: Iebc703b778626223fe2f5875304df9cdc874cabe Fixes: bz#1148578 --- packstack/puppet/templates/mariadb_install.pp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index 432253055..22fe52a14 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -11,11 +11,17 @@ $manage_service = true } +# Package mariadb-server conflicts with mariadb-galera-server +package {"mariadb-server": + ensure => absent, +} + class {"mysql::server": package_name => "mariadb-galera-server", service_manage => $manage_service, restart => true, root_password => "%(CONFIG_MARIADB_PW)s", + require => Package['mariadb-server'], override_options => { 'mysqld' => { bind_address => "0.0.0.0", default_storage_engine => "InnoDB", From 656ed1b95384d008e1e2e52848463ec3912a5bfa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Wed, 8 Oct 2014 17:25:52 +0200 Subject: [PATCH 0143/1017] Removed MariaDB special case Special case for package mysql-server is obsolete from Icehouse release. This patch is related to rhbz#1150104, but it's not a fix for the bug. Change-Id: I84491aa9bb5b6cc099bdcbbee431126c3e3fbeb8 --- packstack/puppet/templates/mariadb_install.pp | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index 22fe52a14..fcdcefe4a 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -1,16 +1,4 @@ -# on EL6 we need to wait for innodb changes before starting mysqld -if $::operatingsystem in ['RedHat','CentOS','Scientific'] and $::operatingsystemmajrelease < 7 { - $manage_service = false - service { 'mysqld': - enable => true, - ensure => 'running', - require => [ Package['mysql-server'], File['/etc/my.cnf'] ], - } -} else { - $manage_service = true -} - # Package mariadb-server conflicts with mariadb-galera-server package {"mariadb-server": ensure => absent, @@ -18,7 +6,6 @@ class {"mysql::server": package_name => "mariadb-galera-server", - service_manage => $manage_service, restart => true, root_password => "%(CONFIG_MARIADB_PW)s", require => Package['mariadb-server'], From e18a706c99f2b5ce393fbb31aaf97eb1a891ef02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Fri, 10 Oct 2014 14:31:05 +0200 Subject: [PATCH 0144/1017] Fixed typo One line was forgotten during MySQL->MariaDB rename, which caused failures for deployments when MariaDB should be installed on separate host. Change-Id: I5b4268868c0f811d9d4aca96aabb4ea120a86285 Fixes: rhbz#1150348 --- packstack/modules/common.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/modules/common.py b/packstack/modules/common.py index 143347766..948a83c26 100644 --- a/packstack/modules/common.py +++ b/packstack/modules/common.py @@ -6,14 +6,14 @@ def filtered_hosts(config, exclude=True, dbhost=True): """ Returns list of hosts which need installation taking into account - CONFIG_MYSQL_INSTAL if parameter dbhost is True and EXCLUDE_SERVERS + CONFIG_MARIADB_INSTALL if parameter dbhost is True and EXCLUDE_SERVERS if parameter exclude is True. """ exclset = set([i.strip() for i in config.get('EXCLUDE_SERVERS', '').split(',') if i.strip()]) result = set() - dbinst = config.get('CONFIG_MYSQL_INSTALL') == 'y' + dbinst = config.get('CONFIG_MARIADB_INSTALL') == 'y' vcenter = config.get('CONFIG_VMWARE_BACKEND') == 'y' for hosttype, hostname in utils.host_iter(config): # if dbhost is being taken into account and we are not installing MySQL From 1151170f534b2e44d9dd3549befa0021e01a1b74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Tue, 14 Oct 2014 19:53:42 +0200 Subject: [PATCH 0145/1017] Load bridge module This patch makes sure bridge module is loaded and net.bridge* config is loaded or makes sysctl fail if it is not loaded. Reverts If7c0bb538bd0fa995e1fd6a72105d6415ae78ee5 which only hides this issue and actually solves nothing. Change-Id: I762f6a88ad4a19d720d762357b71e877315ea182 Fixes: rhbz#1123465 --- .../modules/packstack/manifests/neutron/bridge.pp | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp index a5782b434..fbf6af593 100644 --- a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp +++ b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp @@ -7,9 +7,11 @@ ensure => present, mode => 0700, content => template('packstack/openstack-neutron.modules.erb'), - } - - file_line { '/etc/sysctl.conf bridge-nf-call-ip6tables': + } -> exec { 'load-bridge': + path => ['/sbin', '/usr/sbin'], + command => 'modprobe -b bridge', + logoutput => 'on_failure' + } -> file_line { '/etc/sysctl.conf bridge-nf-call-ip6tables': path => '/etc/sysctl.conf', line => 'net.bridge.bridge-nf-call-ip6tables=1', match => 'net.bridge.bridge-nf-call-ip6tables\s*=', @@ -23,7 +25,7 @@ match => 'net.bridge.bridge-nf-call-arptables\s*=', } -> exec { 'sysctl_refresh': path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], - command => 'sysctl -e -p /etc/sysctl.conf', + command => 'sysctl -p /etc/sysctl.conf', logoutput => 'on_failure', } } From b9cf4bf7e56aea4669dc9b92e52ed4e0c694a32a Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 30 Sep 2014 15:33:08 +0200 Subject: [PATCH 0146/1017] Set up NOVNC with https when using SSL on HORIZON Change-Id: I98d053f2d1558f39fe116a7f90bc6f1b6a4f93f4 Fixes: rhbz#1115896 Signed-off-by: Gael Chamoulaud --- .../packstack/templates/ssl/generate_ssl_certs.sh.erb | 7 +++++++ packstack/puppet/templates/horizon.pp | 7 +++++++ packstack/puppet/templates/nova_vncproxy.pp | 10 ++++++++++ 3 files changed, 24 insertions(+) diff --git a/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb b/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb index c4d4ca0a8..ff0656fdb 100755 --- a/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb +++ b/packstack/puppet/modules/packstack/templates/ssl/generate_ssl_certs.sh.erb @@ -51,3 +51,10 @@ cp /etc/pki/CA/cacert.pem $SSLCHAIN openssl genrsa 2048 > $SSLKEY 2> /dev/null answers $FQDN | openssl req -new -nodes -key $SSLKEY -out ${SSLCERT}.req yes | openssl ca -in ${SSLCERT}.req -out ${SSLCERT} + +# gen key and self signed cert for novnc +SSL_NOVA_NOVNC_CERT=/etc/nova/nova.crt +SSL_NOVA_NOVNC_KEY=/etc/nova/nova.key +answers $FQDN | openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout $SSL_NOVA_NOVNC_KEY -out $SSL_NOVA_NOVNC_CERT +chown root.nova $SSL_NOVA_NOVNC_CERT $SSL_NOVA_NOVNC_KEY +chmod 440 $SSL_NOVA_NOVNC_CERT $SSL_NOVA_NOVNC_KEY diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 4998785fc..867874fcd 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -41,6 +41,13 @@ require => File['/etc/pki/tls/certs/ps_generate_ssl_certs.ssh'], notify => Service['httpd'], before => Class['horizon'], + } -> + exec { 'nova-novncproxy-restart': + # ps_generate_ssl_certs.ssh is generating ssl certs for nova-novncproxy + # so openstack-nova-novncproxy should be restarted. + path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], + command => 'systemctl restart openstack-nova-novncproxy.service', + logoutput => 'on_failure', } apache::listen { '443': } diff --git a/packstack/puppet/templates/nova_vncproxy.pp b/packstack/puppet/templates/nova_vncproxy.pp index e2333fe10..e598bcf2a 100644 --- a/packstack/puppet/templates/nova_vncproxy.pp +++ b/packstack/puppet/templates/nova_vncproxy.pp @@ -1,3 +1,13 @@ +$is_using_ssl_on_horizon = '%(CONFIG_HORIZON_SSL)s' + +if $is_using_ssl_on_horizon == 'y' { + nova_config { + 'DEFAULT/ssl_only': value => 'true'; + 'DEFAULT/cert': value => '/etc/nova/nova.crt'; + 'DEFAULT/key': value => '/etc/nova/nova.key'; + } +} + class {"nova::vncproxy": enabled => true, } From 3e2bb3d5c93625e57a1840077e895feb81dcf5ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Wed, 15 Oct 2014 18:00:52 +0200 Subject: [PATCH 0147/1017] Implement Swift storage backend for Glance Change-Id: I3ed654c669a47c28450f40d1ce369769a7221e52 --- packstack/plugins/glance_200.py | 28 ++++++++++++++++++++++ packstack/puppet/templates/glance.pp | 2 -- packstack/puppet/templates/glance_file.pp | 5 ++++ packstack/puppet/templates/glance_swift.pp | 10 ++++++++ 4 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 packstack/puppet/templates/glance_file.pp create mode 100644 packstack/puppet/templates/glance_swift.pp diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index ec77e475a..3377bb245 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -53,6 +53,23 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, + + {"CMD_OPTION": "glance-backend", + "USAGE": ("Glance storage backend controls how Glance stores disk " + "images. Supported values: file, swift. Note that Swift " + "installation have to be enabled to have swift backend " + "working. Otherwise Packstack will fallback to 'file'."), + "PROMPT": "Glance storage backend", + "OPTION_LIST": ["file", "swift"], + "VALIDATORS": [validators.validate_options], + "PROCESSORS": [process_backend], + "DEFAULT_VALUE": "file", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_GLANCE_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ] group = {"GROUP_NAME": "GLANCE", "DESCRIPTION": "Glance Config parameters", @@ -80,6 +97,14 @@ def initSequences(controller): controller.addSequence("Installing OpenStack Glance", [], [], glancesteps) +#------------------------- helper functions ------------------------- + +def process_backend(value, param_name, config): + if value == 'swift' and config['CONFIG_SWIFT_INSTALL'] != 'y': + return 'file' + return value + + #-------------------------- step functions -------------------------- def create_keystone_manifest(config, messages): @@ -101,6 +126,9 @@ def create_manifest(config, messages): mq_template = get_mq(config, "glance_ceilometer") manifestdata += getManifestTemplate(mq_template) + manifestdata += getManifestTemplate( + 'glance_%s.pp' % config['CONFIG_GLANCE_BACKEND']) + config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" config['FIREWALL_CHAIN'] = "INPUT" diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index d6220c689..f46fad32e 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -11,8 +11,6 @@ mysql_module => '2.2', } -class { 'glance::backend::file': } - class {"glance::registry": auth_host => "%(CONFIG_CONTROLLER_HOST)s", keystone_tenant => "services", diff --git a/packstack/puppet/templates/glance_file.pp b/packstack/puppet/templates/glance_file.pp new file mode 100644 index 000000000..4212023f2 --- /dev/null +++ b/packstack/puppet/templates/glance_file.pp @@ -0,0 +1,5 @@ + +# TO-DO: Make this configurable +class { 'glance::backend::file': + filesystem_store_datadir => '/var/lib/glance/images/' +} diff --git a/packstack/puppet/templates/glance_swift.pp b/packstack/puppet/templates/glance_swift.pp new file mode 100644 index 000000000..45f553f9c --- /dev/null +++ b/packstack/puppet/templates/glance_swift.pp @@ -0,0 +1,10 @@ + +class { 'glance::backend::swift': + swift_store_user => 'services:glance', + swift_store_key => '%(CONFIG_GLANCE_KS_PW)s', + swift_store_auth_address => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0/', + swift_store_container => 'glance', + swift_store_auth_version => '2', + swift_store_large_object_size => '5120', + swift_store_create_container_on_put => true +} From 732b0ff7ab4acd730243d8d6e993ac5f4d7e0ea3 Mon Sep 17 00:00:00 2001 From: Nathan Kinder Date: Thu, 16 Oct 2014 11:29:17 -0700 Subject: [PATCH 0148/1017] Use UUID as default Keystone token format Keystone and puppet-keystone have both changed the default token format to UUID in Juno. Packstack still defaults to the PKI token format. Packstack should have the same default as the other components. Change-Id: I121f7ea58c595393f58df8d7d25ce6e2ff6bfba4 Closes-bug: #1382160 --- packstack/plugins/keystone_100.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index c939f584d..fdedb66de 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -97,7 +97,7 @@ def initConfig(controller): "PROMPT": "Enter the Keystone token format.", "OPTION_LIST": ['UUID', 'PKI'], "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": 'PKI', + "DEFAULT_VALUE": 'UUID', "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": 'CONFIG_KEYSTONE_TOKEN_FORMAT', From f47d6501f62661a35d554e73f1ce931603a15d2f Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Thu, 17 Jul 2014 16:23:35 -0600 Subject: [PATCH 0149/1017] support other components using apache mod_wsgi Keystone is moving to use apache mod_wsgi instead of standalone eventlet daemon. Packstack should support deployment of keystone using this model. A new command line switch --keystone-service-name is added, and a new config parameter CONFIG_KEYSTONE_SERVICE_NAME is added. If this is set to 'httpd', keystone will be set up to use apache mod_wsgi, otherwise, it will be a standalone eventlet service. There is some common apache configuration that must be done by every module that uses apache. There is a new class in packstack called packstack::apache_common. Each component that uses apache must call "include packstack::apache_common". This ensures that a subsequent component manifest will not wipe out apache configuration created by a previous component manifest or the initial apache configuration created by prescript.pp. Change-Id: I73b853507dffb2540638182f3072e65e4d7ad485 Closes-Bug: #1348732 --- packstack/plugins/keystone_100.py | 13 ++++++++++ .../packstack/manifests/apache_common.pp | 26 +++++++++++++++++++ packstack/puppet/templates/horizon.pp | 2 +- packstack/puppet/templates/keystone.pp | 10 +++++++ packstack/puppet/templates/nagios_server.pp | 13 +++------- packstack/puppet/templates/prescript.pp | 5 ++++ 6 files changed, 58 insertions(+), 11 deletions(-) create mode 100644 packstack/puppet/modules/packstack/manifests/apache_common.pp diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index c939f584d..904a57d75 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -104,6 +104,19 @@ def initConfig(controller): "USE_DEFAULT": True, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "keystone-service-name", + "USAGE": "Name of service to use to run keystone (keystone or httpd)", + "PROMPT": "Enter the Keystone service name.", + "OPTION_LIST": ['keystone', 'httpd'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "keystone", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_SERVICE_NAME', + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, ] group = {"GROUP_NAME": "KEYSTONE", "DESCRIPTION": "Keystone Config parameters", diff --git a/packstack/puppet/modules/packstack/manifests/apache_common.pp b/packstack/puppet/modules/packstack/manifests/apache_common.pp new file mode 100644 index 000000000..dd1007c01 --- /dev/null +++ b/packstack/puppet/modules/packstack/manifests/apache_common.pp @@ -0,0 +1,26 @@ +# Code common to all classes that use Apache +# +# This allows multiple modules to safely use ::apache without +# overwriting existing config or the ports file. +# +# Any module that uses apache must include this class +# include packstack_apache_common +class packstack::apache_common { + include ::apache::params + # make sure the include ::apache in the module + # does not overwrite the contents of the config dirs + # from a previous module + if $::apache::params::confd_dir { + File<| title == $::apache::params::confd_dir |> { + purge => false, + } + } + # make sure the ports.conf concat fragments from previous + # runs are not overwritten by subsequent runs + include ::concat::setup + $my_safe_name = regsubst($::apache::params::ports_file, '[/:]', '_', 'G') + $my_fragdir = "${concat::setup::concatdir}/${my_safe_name}" + File<| title == "${my_fragdir}/fragments" |> { + purge => false, + } +} diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 867874fcd..270039284 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -1,4 +1,4 @@ -include concat::setup +include packstack::apache_common $horizon_packages = ["python-memcached", "python-netaddr"] diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index fcec1f576..9d25f4254 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -1,3 +1,4 @@ +$keystone_use_ssl = false class {"keystone": admin_token => "%(CONFIG_KEYSTONE_ADMIN_TOKEN)s", @@ -6,6 +7,15 @@ verbose => true, debug => %(CONFIG_DEBUG_MODE)s, mysql_module => '2.2', + service_name => '%(CONFIG_KEYSTONE_SERVICE_NAME)s', + enable_ssl => $keystone_use_ssl, +} + +if '%(CONFIG_KEYSTONE_SERVICE_NAME)s' == 'httpd' { + include packstack::apache_common + class {"keystone::wsgi::apache": + ssl => $keystone_use_ssl, + } } class {"keystone::roles::admin": diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index 54f732073..68ab5af8e 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -1,3 +1,5 @@ +include packstack::apache_common + package{['nagios', 'nagios-plugins-nrpe']: ensure => present, before => Class['nagios_configs'] @@ -63,11 +65,7 @@ notify => [Service['nagios'], Service['httpd']], } -include concat::setup - -class {'apache': - purge_configs => false, -} +include ::apache class {'apache::mod::php': } service{['nagios']: @@ -81,8 +79,3 @@ dport => ['80'], action => 'accept', } - -# ensure that we won't stop listening on 443 if horizon has ssl enabled -if %(CONFIG_HORIZON_SSL)s { - apache::listen { '443': } -} diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index b75874e50..f5e1858d2 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -1,4 +1,9 @@ include firewall +# This does the initial apache setup for all components that +# require apache/httpd. +# Other packstack components that use apache should do +# include packstack_apache_common +include ::apache $el_releases = ['RedHat', 'CentOS', 'Scientific'] From 1ef56537539f4073be11ce2185f77c3145d3d990 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Sun, 19 Oct 2014 16:12:52 +0200 Subject: [PATCH 0150/1017] Reverts InnoDB performance setting Implementation is not stable and causes problems on some setups. We will have to find another way to setup InnoDB performance options. This reverts commit 48a0d4bcbed7d51de8b85506257783f4b49476fe. This reverts commit 8150f6a0b805ac9e032a48f3e207f0644e1af8b1. This reverts commit 7b2f1f7acb79fcdb16e0fa5e4712e53cdb2dfaec. This reverts commit 2877033d2155b58fac9bc2e3c2e566bc092a2584. This reverts commit fa002b8e368b9e65d1aa5d81f4779f74571f86b0. Change-Id: I2ad10a80413793796f09b411f59e54e3a01c2a61 --- .../lib/facter/innodb_bufferpoolsize.rb | 6 --- .../lib/facter/innodb_logfilesize.rb | 6 --- .../modules/packstack/manifests/innodb.pp | 49 ------------------- .../packstack/templates/innodb.cnf.erb | 5 -- packstack/puppet/templates/mariadb_install.pp | 2 - 5 files changed, 68 deletions(-) delete mode 100644 packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb delete mode 100644 packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb delete mode 100644 packstack/puppet/modules/packstack/manifests/innodb.pp delete mode 100644 packstack/puppet/modules/packstack/templates/innodb.cnf.erb diff --git a/packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb b/packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb deleted file mode 100644 index 9197225c2..000000000 --- a/packstack/puppet/modules/packstack/lib/facter/innodb_bufferpoolsize.rb +++ /dev/null @@ -1,6 +0,0 @@ -Facter.add(:innodb_bufferpoolsize) do - setcode do - memsize = Float(Facter.value('memorysize_mb')) - Integer(memsize * 0.2) - end -end diff --git a/packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb b/packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb deleted file mode 100644 index 5768fc5e5..000000000 --- a/packstack/puppet/modules/packstack/lib/facter/innodb_logfilesize.rb +++ /dev/null @@ -1,6 +0,0 @@ -Facter.add(:innodb_logfilesize) do - setcode do - buffsize = Float(Facter.value('innodb_bufferpoolsize')) - Integer(buffsize * 0.25) - end -end diff --git a/packstack/puppet/modules/packstack/manifests/innodb.pp b/packstack/puppet/modules/packstack/manifests/innodb.pp deleted file mode 100644 index 6e6d8b8e2..000000000 --- a/packstack/puppet/modules/packstack/manifests/innodb.pp +++ /dev/null @@ -1,49 +0,0 @@ -# -# author: Martin Magr -# -# == Class: packstack::innodb -# -# Changes mysql/mariadb configuration for better performance -# -# === Parameters -# -# [*buffer_pool_size*] -# Value for innodb_buffer_pool_size in my.cnf config file. Defaults to 20% -# of available memory -# -# [*log_file_size*] -# Value for innodb_log_file_size in my.cnf config file. Defaults to 25% -# of buffer_pool_size -# -# [*clean*] -# Clean mysql logs before changing log configuration. -# - -class packstack::innodb ( - $buffer_pool_size = $::innodb_bufferpoolsize, - $log_file_size = $::innodb_logfilesize, - $includedir = '/etc/my.cnf.d', - $clean = true, -) -{ - - if $clean { - exec { 'clean_innodb_logs': - path => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'], - command => "service mysqld stop && rm -f /var/lib/mysql/ib_logfile?", - onlyif => "ls /var/lib/mysql/ib_logfile?", - notify => Service['mysqld'], - logoutput => 'on_failure', - subscribe => File["${includedir}/innodb.cnf"], - refreshonly => true, - } - } - - file { "${includedir}/innodb.cnf": - require => Package['mysql-server'], - content => template('packstack/innodb.cnf.erb'), - mode => '0644', - notify => Service['mysqld'], - } - -} diff --git a/packstack/puppet/modules/packstack/templates/innodb.cnf.erb b/packstack/puppet/modules/packstack/templates/innodb.cnf.erb deleted file mode 100644 index ef8e2d525..000000000 --- a/packstack/puppet/modules/packstack/templates/innodb.cnf.erb +++ /dev/null @@ -1,5 +0,0 @@ -[mysqld] -innodb_buffer_pool_size = <%= @buffer_pool_size %>M -innodb_log_file_size = <%= @log_file_size %>M -innodb_flush_method = O_DIRECT -innodb_file_per_table = 1 diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index fcdcefe4a..9e96054d7 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -18,8 +18,6 @@ } } -include packstack::innodb - # deleting database users for security # this is done in mysql::server::account_security but has problems # when there is no fqdn, so we're defining a slightly different one here From dfdb49126b9925fa9aa112642939be3ed54bc748 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 20 Oct 2014 15:41:20 +0200 Subject: [PATCH 0151/1017] Fixes the duplicate creation of service/endpoint for cinder v2. Change-Id: Ice1166b3af5685b8dcbc83dcb0b021a7530aa4cd Fixes: rhbz#1153354 Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/keystone_cinder.pp | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/packstack/puppet/templates/keystone_cinder.pp b/packstack/puppet/templates/keystone_cinder.pp index c175f45ae..2074777b5 100644 --- a/packstack/puppet/templates/keystone_cinder.pp +++ b/packstack/puppet/templates/keystone_cinder.pp @@ -7,15 +7,3 @@ internal_address => "%(CONFIG_STORAGE_HOST)s", } -keystone_service { "${cinder::keystone::auth::auth_name}_v2": - ensure => present, - type => "${cinder::keystone::auth::service_type}v2", - description => "Cinder Service v2", -} - -keystone_endpoint { "${cinder::keystone::auth::region}/${cinder::keystone::auth::auth_name}_v2": - ensure => present, - public_url => "${cinder::keystone::auth::public_protocol}://${cinder::keystone::auth::public_address}:${cinder::keystone::auth::port}/v2/%%(tenant_id)s", - admin_url => "http://${cinder::keystone::auth::admin_address}:${cinder::keystone::auth::port}/v2/%%(tenant_id)s", - internal_url => "http://${cinder::keystone::auth::internal_address}:${cinder::keystone::auth::port}/v2/%%(tenant_id)s", -} From 5279d40e55072b7a3370b58f4bf94afb83662cde Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Tue, 21 Oct 2014 13:00:33 +0200 Subject: [PATCH 0152/1017] Configure chronyd for RHEL 7/CentOS 7/Fedora The default NTP client for Fedora and RHEL 7 is chrony, instead of ntpd. Configuring ntpd for systems where chrony is installed leads to some issues, so the proposed patch will properly configure chrony on RHEL 7, CentOS 7 and Fedora, while keeping ntpd for earlier releases. Change-Id: Ifd59f67909094327cbed280767292a45b542da2a --- packstack/plugins/prescript_000.py | 20 +++++-- packstack/puppet/templates/chrony.pp | 81 ++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+), 4 deletions(-) create mode 100644 packstack/puppet/templates/chrony.pp diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 491c19448..28df91b7e 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -684,8 +684,20 @@ def create_ntp_manifest(config, messages): config['CONFIG_NTP_SERVER_DEF'] = '%s\n' % definiton marker = uuid.uuid4().hex[:16] + for hostname in filtered_hosts(config): - manifestdata = getManifestTemplate('ntpd.pp') - appendManifestFile('%s_ntpd.pp' % hostname, - manifestdata, - marker=marker) + releaseos = config['HOST_DETAILS'][hostname]['os'] + releasever = config['HOST_DETAILS'][hostname]['release'].split('.')[0] + + # Configure chrony for Fedora or RHEL/CentOS 7 + if releaseos == 'Fedora' or releasever == '7': + manifestdata = getManifestTemplate('chrony.pp') + appendManifestFile('%s_chrony.pp' % hostname, + manifestdata, + marker=marker) + # For previous versions, configure ntpd + else: + manifestdata = getManifestTemplate('ntpd.pp') + appendManifestFile('%s_ntpd.pp' % hostname, + manifestdata, + marker=marker) diff --git a/packstack/puppet/templates/chrony.pp b/packstack/puppet/templates/chrony.pp new file mode 100644 index 000000000..3a732d57f --- /dev/null +++ b/packstack/puppet/templates/chrony.pp @@ -0,0 +1,81 @@ +$config_content = " +# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +%(CONFIG_NTP_SERVER_DEF)s + +# Ignore stratum in source selection. +stratumweight 0 + +# Record the rate at which the system clock gains/losses time. +driftfile /var/lib/chrony/drift + +# Enable kernel RTC synchronization. +rtcsync + +# In first three updates step the system clock instead of slew +# if the adjustment is larger than 10 seconds. +makestep 10 3 + +# Allow NTP client access from local network. +#allow 192.168/16 + +# Listen for commands only on localhost. +bindcmdaddress 127.0.0.1 +bindcmdaddress ::1 + +# Serve time even if not synchronized to any NTP server. +#local stratum 10 + +keyfile /etc/chrony.keys + +# Specify the key used as password for chronyc. +commandkey 1 + +# Generate command key if missing. +generatecommandkey + +# Disable logging of client accesses. +noclientlog + +# Send a message to syslog if a clock adjustment is larger than 0.5 seconds. +logchange 0.5 + +logdir /var/log/chrony +#log measurements statistics tracking +" + +package {'chrony': + ensure => 'installed', + name => 'chrony', +} + +package {'ntpdate': + ensure => 'installed', + name => 'ntpdate', +} + +file {'chrony_conf': + path => '/etc/chrony.conf', + ensure => file, + mode => '0644', + content => $config_content, +} + +exec {'stop-chronyd': + command => '/usr/bin/systemctl stop chronyd.service', +} + +exec {'ntpdate': + command => '/usr/sbin/ntpdate %(CONFIG_NTP_SERVERS)s', + tries => 3, +} + +service {'chronyd': + ensure => 'running', + enable => true, + name => 'chronyd', + hasstatus => true, + hasrestart => true, +} + +Package['chrony'] -> Package['ntpdate'] -> File['chrony_conf'] -> Exec['stop-chronyd'] -> Exec['ntpdate'] -> Service['chronyd'] From 15075f0ccf42e4a6cc80ee69a33a592118aeb840 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Wed, 22 Oct 2014 17:43:42 +0200 Subject: [PATCH 0153/1017] Generate answer file only when needed Change Ic5947567599c8b221b7a9e60acb4708429507741 introduced some modifications on the way the answer file was generated. This results in an answer file being generated even if the user specified --answer-file as a parameter. This patch fixes that by not generating an answer file when --answer-file is specified. Change-Id: I52e59d45a4b63a2f1ed70a154bca6b705ed435d2 --- packstack/installer/run_setup.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 16ae810b4..e1058aa6c 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -591,16 +591,17 @@ def _summaryParamsToLog(): def runSequences(): controller.runAllSequences() -def _main(configFile=None): +def _main(options, configFile=None): print output_messages.INFO_HEADER # Get parameters _handleParams(configFile) - # Generate answer file - path = _getanswerfilepath() - if path: - generateAnswerFile(path) + # Generate answer file, only if no answer file was provided + if not options.answer_file: + path = _getanswerfilepath() + if path: + generateAnswerFile(path) # Update masked_value_list with user input values _updateMaskedValueSet() @@ -742,7 +743,7 @@ def single_step_install(options): overrides[key] = value generateAnswerFile(answerfilepath, overrides) - _main(answerfilepath) + _main(options,answerfilepath) def initCmdLineParser(): """ @@ -946,7 +947,7 @@ def main(): raise Exception(output_messages.ERR_NO_ANSWER_FILE % confFile) else: _set_command_line_values(options) - _main(confFile) + _main(options,confFile) except FlagValidationError as ex: optParser.error(str(ex)) From e98aaff2445b7e9c3179719d1c886ac730d6f178 Mon Sep 17 00:00:00 2001 From: Rich Bowen Date: Thu, 23 Oct 2014 15:47:53 -0400 Subject: [PATCH 0154/1017] Grammar tweak Change-Id: I67117abbc6f0f83d7ac28c7f59c89a535d4a4ac7 --- docs/packstack.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 83578e813..0bedacd2a 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -16,7 +16,7 @@ Packstack is a utility that uses uses puppet modules to install OpenStack. It ca - packstack [options] - packstack --gen-answer-file= / packstack --answer-file= -The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. When is created the OPTIONS below will be contained and can be edited by the user. +The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. When is created, it will contain the OPTIONS below, which can then be edited by the user. OPTIONS ======= From 2a4536ab0b02a75be1af5501936f99ae3380c75a Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 24 Oct 2014 08:07:57 +0200 Subject: [PATCH 0155/1017] Revert "Adds Warning when NetworkManager is active on hosts" This reverts commit 2faa9a2cb616615f189a7ed6a7eade9a9f12c0e6. Fixes: rhbz#1117277 Signed-off-by: Gael Chamoulaud Conflicts: packstack/plugins/neutron_350.py Change-Id: I12fb82607b6dedf429954325b31aac0148fd1092 --- packstack/installer/output_messages.py | 3 -- packstack/plugins/neutron_350.py | 41 -------------------------- 2 files changed, 44 deletions(-) diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index cf6420398..40daf6fef 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -55,9 +55,6 @@ INFO_REMOVE_REMOTE_VAR="Removing %s on %s (if it is a remote host)" WARN_WEAK_PASS="Warning: Weak Password." -WARN_NM_ENABLED=("Warning: NetworkManager is active on %s. OpenStack " - "networking currently does not work on systems that have " - "the Network Manager service enabled.") ERR_PING = "Error: the provided hostname is unreachable" ERR_SSH = "Error: could not connect to the ssh server: %s" diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f6619cd85..2a2ffd2c4 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -10,13 +10,10 @@ import uuid from packstack.installer import utils -from packstack.installer import exceptions from packstack.installer import validators from packstack.installer import processors -from packstack.installer import output_messages from packstack.installer.utils import split_hosts -from packstack.modules.common import filtered_hosts from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) @@ -601,8 +598,6 @@ def initSequences(controller): 'functions': [create_metering_agent_manifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions': [create_metadata_manifests]}, - {'title': 'Checking if NetworkManager is enabled and running', - 'functions': [check_nm_status]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps) @@ -958,39 +953,3 @@ def create_metadata_manifests(config, messages): manifestdata = getManifestTemplate('neutron_metadata.pp') manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") - - -def check_nm_status(config, messages): - hosts_with_nm = [] - for host in filtered_hosts(config): - server = utils.ScriptRunner(host) - server.append("systemctl") - rc, out = server.execute(can_fail=False) - server.clear() - - if rc < 1: - server.append("systemctl is-enabled NetworkManager") - rc, is_enabled = server.execute(can_fail=False) - is_enabled = is_enabled.strip("\n ") - server.clear() - - server.append("systemctl is-active NetworkManager") - rc, is_active = server.execute(can_fail=False) - is_active = is_active.strip("\n ") - - if is_enabled == "enabled" or is_active == "active": - hosts_with_nm.append(host) - else: - server.clear() - server.append("service NetworkManager status") - rc, out = server.execute(can_fail=False) - - if rc < 1: - hosts_with_nm.append(host) - - server.clear() - - if hosts_with_nm: - hosts_list = ', '.join("%s" % x for x in hosts_with_nm) - msg = output_messages.WARN_NM_ENABLED - messages.append(utils.color_text(msg % hosts_list, 'yellow')) From 540fefe08b0a8bb9ad142705cf058947e22124ec Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 24 Oct 2014 16:28:53 +0200 Subject: [PATCH 0156/1017] Remove firewalld workaround as it should be part of puppet-firewall now Change-Id: Idbf62b7433d2f3587562c5a3556fd765aaa04aef --- packstack/puppet/templates/prescript.pp | 8 -------- 1 file changed, 8 deletions(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index b75874e50..d6d37dddd 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -19,14 +19,6 @@ } } -# Stop firewalld since everything uses iptables. Firewalld provider will -# have to be implemented in puppetlabs-firewall in future. -service { "firewalld": - ensure => "stopped", - enable => false, - before => Service['iptables'], -} - package { 'audit': ensure => present, } -> From 5713dc34d0b8b7316119657fe3b976bb0c664a91 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Fri, 24 Oct 2014 17:02:32 +0200 Subject: [PATCH 0157/1017] Fix Neutron FWaaS configuration The Neutron FWaaS driver was always loaded, even if CONFIG_NEUTRON_FWAAS was set to "n". This, and the fact that it was configured after the L3 agent was started, caused neutron-l3-agent to be down after Packstack execution. This patch fixes it by setting the right configuration order and making sure the driver is only configured if needed. Change-Id: Idc37f53d64ddf5e08e3229be9241bae2f8ac9e67 --- packstack/plugins/neutron_350.py | 6 +++--- packstack/puppet/templates/neutron_fwaas.pp | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f6619cd85..05a5bae21 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -732,7 +732,7 @@ def create_manifests(config, messages): 'neutron.services.metering.metering_plugin.MeteringPlugin' ) - if config['CONFIG_NEUTRON_FWAAS']: + if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append( 'neutron.services.firewall.fwaas_plugin.FirewallPlugin' ) @@ -823,8 +823,8 @@ def create_l3_manifests(config, messages): manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') appendManifestFile(manifestfile, manifestdata + '\n') - if config['CONFIG_NEUTRON_FWAAS']: - manifestfile = "%s_neutron_fwaas.pp" % (host,) + if config['CONFIG_NEUTRON_FWAAS'] == 'y': +# manifestfile = "%s_neutron_fwaas.pp" % (host,) manifestdata = getManifestTemplate("neutron_fwaas.pp") appendManifestFile(manifestfile, manifestdata + '\n') diff --git a/packstack/puppet/templates/neutron_fwaas.pp b/packstack/puppet/templates/neutron_fwaas.pp index fcdc71c88..ab6bc071b 100644 --- a/packstack/puppet/templates/neutron_fwaas.pp +++ b/packstack/puppet/templates/neutron_fwaas.pp @@ -1,3 +1,5 @@ class { 'neutron::services::fwaas': enabled => true, } + +Class['neutron::services::fwaas'] -> Class['neutron::agents::l3'] From f0b83d6cd79e2410ae6aab82e56b12643878463a Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 27 Oct 2014 10:54:50 +0100 Subject: [PATCH 0158/1017] Switch packstack o-p-m branch to master-patches The o-p-m master-patches branch contains rpm released master version of o-p-m plus rpm patches applied to it ensuring that packstack will work with it as in some cases master o-p-m is unusable for packstack. Change-Id: Ib4e642bb96de1d87a5d36c20d5e2d4e2650353be --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 2fc19d244..e3abf7422 100644 --- a/setup.py +++ b/setup.py @@ -15,7 +15,7 @@ '/usr/share/openstack-puppet/modules') MODULES_REPO = ('https://github.com/redhat-openstack/' 'openstack-puppet-modules.git') -MODULES_BRANCH = 'master' +MODULES_BRANCH = 'master-patches' class InstallModulesCommand(Command): From 219cf98b4f64ae162ca25b56b933625242f17168 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 6 Oct 2014 11:37:22 +0200 Subject: [PATCH 0159/1017] Adds Hiera implementation within Packstack Packstack configures Hiera as data backend. Packstack puppet templates are now using hiera() and hiera_array() functions to fetch data from hiera backend. Packstack generates a defaults.yaml file in the /var/tmp/packstack directory. Firewall rules for each openstack components are inserted into the hiera backend as hash and created by the create_resources function. Change-Id: Iab553a71264b0fc0f26d33a6304b545ad302f664 Fixes: rhbz#1145223 Signed-off-by: Gael Chamoulaud --- packstack/installer/basedefs.py | 2 + packstack/modules/ospluginutils.py | 15 ++ packstack/plugins/amqp_002.py | 30 ++-- packstack/plugins/ceilometer_800.py | 38 +++-- packstack/plugins/cinder_250.py | 72 +++++---- packstack/plugins/dashboard_500.py | 16 +- packstack/plugins/glance_200.py | 25 ++-- packstack/plugins/heat_750.py | 60 +++++--- packstack/plugins/keystone_100.py | 22 +-- packstack/plugins/mariadb_003.py | 22 +-- packstack/plugins/nagios_910.py | 22 ++- packstack/plugins/neutron_350.py | 118 +++++++++------ packstack/plugins/nova_300.py | 102 ++++++++----- packstack/plugins/openstack_client_400.py | 2 +- packstack/plugins/prescript_000.py | 2 +- packstack/plugins/provision_700.py | 4 +- packstack/plugins/puppet_950.py | 28 +++- packstack/plugins/swift_600.py | 41 +++-- packstack/puppet/templates/amqp.pp | 89 +++++------ packstack/puppet/templates/ceilometer.pp | 30 ++-- .../templates/ceilometer_nova_disabled.pp | 4 +- packstack/puppet/templates/ceilometer_qpid.pp | 18 +-- .../puppet/templates/ceilometer_rabbitmq.pp | 14 +- packstack/puppet/templates/chrony.pp | 56 ++++--- packstack/puppet/templates/cinder.pp | 35 +++-- packstack/puppet/templates/cinder_backup.pp | 9 +- packstack/puppet/templates/cinder_gluster.pp | 6 +- packstack/puppet/templates/cinder_lvm.pp | 18 +-- .../templates/cinder_netapp_7mode_iscsi.pp | 20 +-- .../templates/cinder_netapp_7mode_nfs.pp | 22 +-- .../templates/cinder_netapp_cdot_iscsi.pp | 18 +-- .../templates/cinder_netapp_cdot_nfs.pp | 24 +-- .../puppet/templates/cinder_netapp_eseries.pp | 22 +-- packstack/puppet/templates/cinder_nfs.pp | 2 +- packstack/puppet/templates/cinder_qpid.pp | 22 +-- packstack/puppet/templates/cinder_rabbitmq.pp | 18 ++- packstack/puppet/templates/cinder_vmdk.pp | 6 +- packstack/puppet/templates/firewall.pp | 11 -- packstack/puppet/templates/glance.pp | 41 ++--- .../templates/glance_ceilometer_qpid.pp | 10 +- .../templates/glance_ceilometer_rabbitmq.pp | 10 +- packstack/puppet/templates/glance_file.pp | 2 +- packstack/puppet/templates/glance_swift.pp | 7 +- packstack/puppet/templates/global.pp | 2 +- packstack/puppet/templates/heat.pp | 23 +-- packstack/puppet/templates/heat_cfn.pp | 13 +- packstack/puppet/templates/heat_cloudwatch.pp | 3 +- packstack/puppet/templates/heat_qpid.pp | 30 ++-- packstack/puppet/templates/heat_rabbitmq.pp | 26 ++-- packstack/puppet/templates/heat_trusts.pp | 1 + packstack/puppet/templates/horizon.pp | 73 ++++----- packstack/puppet/templates/keystone.pp | 62 ++++---- .../puppet/templates/keystone_ceilometer.pp | 10 +- packstack/puppet/templates/keystone_cinder.pp | 12 +- packstack/puppet/templates/keystone_glance.pp | 12 +- packstack/puppet/templates/keystone_heat.pp | 30 ++-- .../puppet/templates/keystone_neutron.pp | 12 +- packstack/puppet/templates/keystone_nova.pp | 14 +- packstack/puppet/templates/keystone_swift.pp | 6 +- .../templates/mariadb_cinder_install.pp | 10 +- .../templates/mariadb_cinder_noinstall.pp | 38 ++--- .../templates/mariadb_glance_install.pp | 10 +- .../templates/mariadb_glance_noinstall.pp | 38 ++--- .../puppet/templates/mariadb_heat_install.pp | 10 +- .../templates/mariadb_heat_noinstall.pp | 38 ++--- packstack/puppet/templates/mariadb_install.pp | 49 +++--- .../templates/mariadb_keystone_install.pp | 12 +- .../templates/mariadb_keystone_noinstall.pp | 38 ++--- .../templates/mariadb_neutron_install.pp | 12 +- .../templates/mariadb_neutron_noinstall.pp | 43 +++--- .../puppet/templates/mariadb_noinstall.pp | 3 +- .../puppet/templates/mariadb_nova_install.pp | 10 +- .../templates/mariadb_nova_noinstall.pp | 38 ++--- packstack/puppet/templates/mongodb.pp | 7 +- packstack/puppet/templates/nagios_nrpe.pp | 71 ++++----- packstack/puppet/templates/nagios_server.pp | 140 ++++++++++-------- packstack/puppet/templates/neutron.pp | 13 +- packstack/puppet/templates/neutron_api.pp | 21 +-- packstack/puppet/templates/neutron_dhcp.pp | 5 +- packstack/puppet/templates/neutron_l3.pp | 8 +- .../puppet/templates/neutron_lb_agent.pp | 2 +- .../puppet/templates/neutron_lb_plugin.pp | 4 +- packstack/puppet/templates/neutron_lbaas.pp | 4 +- .../puppet/templates/neutron_metadata.pp | 16 +- .../templates/neutron_metering_agent.pp | 4 +- .../puppet/templates/neutron_ml2_plugin.pp | 29 ++-- .../puppet/templates/neutron_notifications.pp | 14 +- .../puppet/templates/neutron_ovs_agent_gre.pp | 16 +- .../templates/neutron_ovs_agent_local.pp | 8 +- .../templates/neutron_ovs_agent_vlan.pp | 8 +- .../templates/neutron_ovs_agent_vxlan.pp | 19 +-- .../puppet/templates/neutron_ovs_bridge.pp | 10 +- .../templates/neutron_ovs_plugin_gre.pp | 6 +- .../templates/neutron_ovs_plugin_local.pp | 4 +- .../templates/neutron_ovs_plugin_vlan.pp | 4 +- .../templates/neutron_ovs_plugin_vxlan.pp | 8 +- .../puppet/templates/neutron_ovs_port.pp | 8 +- packstack/puppet/templates/neutron_qpid.pp | 16 +- .../puppet/templates/neutron_rabbitmq.pp | 14 +- packstack/puppet/templates/nova_api.pp | 10 +- packstack/puppet/templates/nova_ceilometer.pp | 9 +- .../puppet/templates/nova_ceilometer_qpid.pp | 16 +- .../templates/nova_ceilometer_rabbitmq.pp | 14 +- packstack/puppet/templates/nova_cert.pp | 4 +- .../puppet/templates/nova_common_nopw.pp | 9 ++ .../{nova_common.pp => nova_common_pw.pp} | 4 +- .../puppet/templates/nova_common_qpid.pp | 36 ++--- .../puppet/templates/nova_common_rabbitmq.pp | 32 ++-- packstack/puppet/templates/nova_compute.pp | 95 ++++++------ .../puppet/templates/nova_compute_libvirt.pp | 61 ++++---- .../puppet/templates/nova_compute_vmware.pp | 8 +- packstack/puppet/templates/nova_conductor.pp | 4 +- packstack/puppet/templates/nova_network.pp | 66 +++++---- .../puppet/templates/nova_network_libvirt.pp | 9 +- packstack/puppet/templates/nova_neutron.pp | 20 +-- packstack/puppet/templates/nova_sched.pp | 18 +-- packstack/puppet/templates/nova_vncproxy.pp | 20 +-- packstack/puppet/templates/ntpd.pp | 66 +++++---- .../puppet/templates/openstack_client.pp | 59 ++++---- .../puppet/templates/persist_ovs_bridge.pp | 13 +- packstack/puppet/templates/prescript.pp | 4 +- packstack/puppet/templates/provision_demo.pp | 64 ++++---- .../puppet/templates/provision_demo_glance.pp | 8 +- .../puppet/templates/provision_tempest.pp | 86 +++++------ packstack/puppet/templates/sshkey.pp | 8 +- packstack/puppet/templates/swift_builder.pp | 14 +- packstack/puppet/templates/swift_common.pp | 7 +- packstack/puppet/templates/swift_loopback.pp | 6 +- packstack/puppet/templates/swift_proxy.pp | 47 +++--- packstack/puppet/templates/swift_storage.pp | 22 +-- requirements.txt | 1 + setup.py | 2 +- 132 files changed, 1722 insertions(+), 1392 deletions(-) delete mode 100644 packstack/puppet/templates/firewall.pp create mode 100644 packstack/puppet/templates/nova_common_nopw.pp rename packstack/puppet/templates/{nova_common.pp => nova_common_pw.pp} (56%) diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index 6ebebf05f..9e213236a 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -43,6 +43,8 @@ DIR_LOG = VAR_DIR PUPPET_MANIFEST_RELATIVE = "manifests" PUPPET_MANIFEST_DIR = os.path.join(VAR_DIR, PUPPET_MANIFEST_RELATIVE) +HIERADATA_FILE_RELATIVE = "hieradata" +HIERADATA_DIR = os.path.join(VAR_DIR, HIERADATA_FILE_RELATIVE) FILE_INSTALLER_LOG = "setup.log" diff --git a/packstack/modules/ospluginutils.py b/packstack/modules/ospluginutils.py index d69581ea0..2830bf3e5 100644 --- a/packstack/modules/ospluginutils.py +++ b/packstack/modules/ospluginutils.py @@ -2,6 +2,7 @@ import logging import os import re +import yaml from packstack.installer import basedefs from packstack.installer.setup_controller import Controller @@ -11,6 +12,7 @@ PUPPET_DIR = os.path.join(basedefs.DIR_PROJECT_DIR, "puppet") PUPPET_TEMPLATE_DIR = os.path.join(PUPPET_DIR, "templates") +HIERA_DEFAULTS_YAML = os.path.join(basedefs.HIERADATA_DIR, "defaults.yaml") class NovaConfig(object): @@ -80,6 +82,19 @@ def appendManifestFile(manifest_name, data, marker=''): manifestfiles.addFile(manifest_name, marker, data) +def generateHieraDataFile(): + os.mkdir(basedefs.HIERADATA_DIR, 0700) + with open(HIERA_DEFAULTS_YAML, 'w') as outfile: + outfile.write(yaml.dump(controller.CONF, + explicit_start=True, + default_flow_style=False)) + + +def createFirewallResources(hiera_key, default_value='{}'): + hiera_function = "hiera('%s', %s)" % (hiera_key, default_value) + return "create_resources(packstack::firewall, %s)\n\n" % hiera_function + + def gethostlist(CONF): hosts = [] for key, value in CONF.items(): diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index 618c15d7e..5038bd19e 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -15,7 +15,8 @@ from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -219,7 +220,7 @@ def initSequences(controller): def create_manifest(config, messages): server = utils.ScriptRunner(config['CONFIG_AMQP_HOST']) if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': - config['CONFIG_AMQP_ENABLE_SSL'] = 'true' + config['CONFIG_AMQP_ENABLE_SSL'] = True config['CONFIG_AMQP_PROTOCOL'] = 'ssl' config['CONFIG_AMQP_CLIENTS_PORT'] = "5671" if config['CONFIG_AMQP_SSL_SELF_SIGNED'] == 'y': @@ -234,10 +235,10 @@ def create_manifest(config, messages): # Set default values config['CONFIG_AMQP_CLIENTS_PORT'] = "5672" config['CONFIG_AMQP_SSL_PORT'] = "5671" - config['CONFIG_AMQP_SSL_CERT_FILE'] = "" - config['CONFIG_AMQP_SSL_KEY_FILE'] = "" - config['CONFIG_AMQP_NSS_CERTDB_PW'] = "" - config['CONFIG_AMQP_ENABLE_SSL'] = 'false' + config['CONFIG_AMQP_SSL_CERT_FILE'] = '' + config['CONFIG_AMQP_SSL_KEY_FILE'] = '' + config['CONFIG_AMQP_NSS_CERTDB_PW'] = '' + config['CONFIG_AMQP_ENABLE_SSL'] = False config['CONFIG_AMQP_PROTOCOL'] = 'tcp' if config['CONFIG_AMQP_ENABLE_AUTH'] == 'n': @@ -247,14 +248,17 @@ def create_manifest(config, messages): manifestfile = "%s_amqp.pp" % config['CONFIG_AMQP_HOST'] manifestdata = getManifestTemplate('amqp.pp') + fw_details = dict() # All hosts should be able to talk to amqp - config['FIREWALL_SERVICE_NAME'] = "amqp" - config['FIREWALL_PORTS'] = "['5671', '5672']" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' for host in filtered_hosts(config, exclude=False): - config['FIREWALL_ALLOWED'] = "'%s'" % host - config['FIREWALL_SERVICE_ID'] = "amqp_%s" % host - manifestdata += getManifestTemplate("firewall.pp") + key = "amqp_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % host + fw_details[key]['service_name'] = "amqp" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['5671', '5672'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_AMQP_RULES'] = fw_details + manifestdata += createFirewallResources('FIREWALL_AMQP_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index 3ae344ffb..a99d010fa 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -13,7 +13,8 @@ from packstack.installer import processors from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -112,13 +113,17 @@ def create_manifest(config, messages): manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) manifestdata += getManifestTemplate("ceilometer.pp") - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_NAME'] = 'ceilometer-api' - config['FIREWALL_SERVICE_ID'] = 'ceilometer_api' - config['FIREWALL_PORTS'] = "'8777'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - manifestdata += getManifestTemplate("firewall.pp") + fw_details = dict() + key = "ceilometer_api" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "ceilometer-api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8777'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_CEILOMETER_RULES'] = fw_details + manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES') + # Add a template that creates a group for nova because the ceilometer # class needs it if config['CONFIG_NOVA_INSTALL'] == 'n': @@ -129,11 +134,18 @@ def create_manifest(config, messages): def create_mongodb_manifest(config, messages): manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST'] manifestdata = getManifestTemplate("mongodb.pp") - config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] - config['FIREWALL_SERVICE_NAME'] = 'mongodb-server' - config['FIREWALL_PORTS'] = "'27017'" - config['FIREWALL_PROTOCOL'] = 'tcp' - manifestdata += getManifestTemplate("firewall.pp") + + fw_details = dict() + key = "mongodb_server" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % config['CONFIG_CONTROLLER_HOST'] + fw_details[key]['service_name'] = "mongodb-server" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['27017'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_MONGODB_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_MONGODB_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 2c84e8f0b..a03bfe3eb 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -20,7 +20,8 @@ from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) from packstack.installer import exceptions from packstack.installer import output_messages @@ -125,10 +126,10 @@ def initConfig(controller): "domain:/vol-name "), "PROMPT": ("Enter a single or comma separated list of gluster " "volume shares to use with Cinder"), - "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'", - "^'[a-zA-Z0-9][\-\.\w]*:/.*'"], + "OPTION_LIST": ["^([\d]{1,3}\.){3}[\d]{1,3}:/.*", + "^[a-zA-Z0-9][\-\.\w]*:/.*"], "VALIDATORS": [validators.validate_multi_regexp], - "PROCESSORS": [processors.process_add_quotes_around_values], + "PROCESSORS": [], "DEFAULT_VALUE": "", "MASK_INPUT": False, "LOOSE_VALIDATION": True, @@ -144,9 +145,9 @@ def initConfig(controller): "mount, eg: ip-address:/export-name "), "PROMPT": ("Enter a single or comma seprated list of NFS exports " "to use with Cinder"), - "OPTION_LIST": ["^'([\d]{1,3}\.){3}[\d]{1,3}:/.*'"], + "OPTION_LIST": ["^([\d]{1,3}\.){3}[\d]{1,3}:/.*"], "VALIDATORS": [validators.validate_multi_regexp], - "PROCESSORS": [processors.process_add_quotes_around_values], + "PROCESSORS": [], "DEFAULT_VALUE": "", "MASK_INPUT": False, "LOOSE_VALIDATION": True, @@ -592,10 +593,16 @@ def initSequences(controller): if config['CONFIG_CINDER_INSTALL'] != 'y': return - config['CONFIG_CINDER_BACKEND'] = str( + config['CONFIG_CINDER_BACKEND'] = ( [i.strip() for i in config['CONFIG_CINDER_BACKEND'].split(',') if i] ) + for key in ('CONFIG_CINDER_NETAPP_VOLUME_LIST', + 'CONFIG_CINDER_GLUSTER_MOUNTS', + 'CONFIG_CINDER_NFS_MOUNTS'): + if key in config: + config[key] = [i.strip() for i in config[key].split(',') if i] + cinder_steps = [ {'title': 'Adding Cinder Keystone manifest entries', 'functions': [create_keystone_manifest]}, @@ -711,8 +718,7 @@ def create_manifest(config, messages): manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder.pp") - backends = config['CONFIG_CINDER_BACKEND'].strip('[]') - backends = [i.strip('\' ') for i in backends.split(',')] + backends = config['CONFIG_CINDER_BACKEND'] if 'netapp' in backends: backends.remove('netapp') puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp" @@ -740,24 +746,36 @@ def create_manifest(config, messages): if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup.pp') - config['FIREWALL_SERVICE_NAME'] = "cinder" - config['FIREWALL_PORTS'] = "['3260']" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - if (config['CONFIG_NOVA_INSTALL'] == 'y' and + fw_details = dict() + for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): + if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): - for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): - config['FIREWALL_ALLOWED'] = "'%s'" % host - config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host - manifestdata += getManifestTemplate("firewall.pp") - else: - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "cinder_ALL" - manifestdata += getManifestTemplate("firewall.pp") + key = "cinder_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % host + else: + key = "cinder_all" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + + fw_details[key]['service_name'] = "cinder" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['3260'] + fw_details[key]['proto'] = "tcp" + + config['FIREWALL_CINDER_RULES'] = fw_details + manifestdata += createFirewallResources('FIREWALL_CINDER_RULES') + # cinder API should be open for everyone - config['FIREWALL_SERVICE_NAME'] = "cinder-api" - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "cinder_API" - config['FIREWALL_PORTS'] = "['8776']" - manifestdata += getManifestTemplate("firewall.pp") + fw_details = dict() + key = "cinder_api" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "cinder-api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8776'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_CINDER_API_RULES'] = fw_details + manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES') + appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index 8d4f42dc3..f8c95b4b9 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -123,11 +123,11 @@ def create_manifest(config, messages): manifestfile = "%s_horizon.pp" % horizon_host proto = "http" - config["CONFIG_HORIZON_PORT"] = "'80'" + config["CONFIG_HORIZON_PORT"] = 80 sslmanifestdata = '' if config["CONFIG_HORIZON_SSL"] == 'y': - config["CONFIG_HORIZON_SSL"] = 'true' - config["CONFIG_HORIZON_PORT"] = "'443'" + config["CONFIG_HORIZON_SSL"] = True + config["CONFIG_HORIZON_PORT"] = 443 proto = "https" # Are we using the users cert/key files @@ -160,16 +160,16 @@ def create_manifest(config, messages): "/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert." % (utils.COLORS['red'], utils.COLORS['nocolor'], horizon_host)) else: - config["CONFIG_HORIZON_SSL"] = 'false' + config["CONFIG_HORIZON_SSL"] = False - config["CONFIG_HORIZON_NEUTRON_LB"] = 'false' - config["CONFIG_HORIZON_NEUTRON_FW"] = 'false' + config["CONFIG_HORIZON_NEUTRON_LB"] = False + config["CONFIG_HORIZON_NEUTRON_FW"] = False if config['CONFIG_NEUTRON_INSTALL'] == 'y': if config["CONFIG_LBAAS_INSTALL"] == 'y': - config["CONFIG_HORIZON_NEUTRON_LB"] = 'true' + config["CONFIG_HORIZON_NEUTRON_LB"] = True if config["CONFIG_NEUTRON_FWAAS"] == 'y': - config["CONFIG_HORIZON_NEUTRON_FW"] = 'true' + config["CONFIG_HORIZON_NEUTRON_FW"] = True manifestdata = getManifestTemplate("horizon.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 3377bb245..56b1cd3db 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -15,7 +15,8 @@ from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -126,15 +127,15 @@ def create_manifest(config, messages): mq_template = get_mq(config, "glance_ceilometer") manifestdata += getManifestTemplate(mq_template) - manifestdata += getManifestTemplate( - 'glance_%s.pp' % config['CONFIG_GLANCE_BACKEND']) - - config['FIREWALL_SERVICE_NAME'] = "glance" - config['FIREWALL_PORTS'] = "'9292'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "glance_API" - manifestdata += getManifestTemplate("firewall.pp") - + fw_details = dict() + key = "glance_api" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "glance" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['9292'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_GLANCE_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_GLANCE_RULES') appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index b0fd68600..d00f6faa1 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -15,7 +15,8 @@ from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, manifestfiles, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -193,13 +194,18 @@ def create_manifest(config, messages): manifestdata += getManifestTemplate("heat.pp") if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y': manifestdata += getManifestTemplate("heat_trusts.pp") - config['FIREWALL_SERVICE_NAME'] = "heat" - config['FIREWALL_PORTS'] = "'8004'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "heat" - manifestdata += getManifestTemplate("firewall.pp") + + fw_details = dict() + key = "heat" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "heat" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8004'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_HEAT_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_HEAT_RULES') appendManifestFile(manifestfile, manifestdata) @@ -217,13 +223,18 @@ def create_cloudwatch_manifest(config, messages): manifestfile = "%s_heatcw.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cloudwatch.pp") - config['FIREWALL_SERVICE_NAME'] = "heat api cloudwatch" - config['FIREWALL_PORTS'] = "'8003'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "heat_api_cloudwatch" - manifestdata += getManifestTemplate("firewall.pp") + + fw_details = dict() + key = "heat_api_cloudwatch" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "heat api cloudwatch" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8003'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_HEAT_CLOUDWATCH_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_HEAT_CLOUDWATCH_RULES') appendManifestFile(manifestfile, manifestdata, marker='heat') @@ -231,11 +242,16 @@ def create_cfn_manifest(config, messages): manifestfile = "%s_heatcnf.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cfn.pp") - config['FIREWALL_SERVICE_NAME'] = "heat_cfn" - config['FIREWALL_PORTS'] = "'8000'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "heat_cfn" - manifestdata += getManifestTemplate("firewall.pp") + + fw_details = dict() + key = "heat_cfn" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "heat cfn" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8000'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_HEAT_CFN_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_HEAT_CFN_RULES') appendManifestFile(manifestfile, manifestdata, marker='heat') diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 39dfe3ea5..e5965c72a 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -13,7 +13,8 @@ from packstack.installer import utils from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -142,12 +143,15 @@ def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone.pp") - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_NAME'] = "keystone" - config['FIREWALL_SERVICE_ID'] = "keystone" - config['FIREWALL_PORTS'] = "['5000', '35357']" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - manifestdata += getManifestTemplate("firewall.pp") - + fw_details = dict() + key = "keystone" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "keystone" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['5000', '35357'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_KEYSTONE_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_KEYSTONE_RULES') appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 81dbee64e..030180b00 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -14,7 +14,8 @@ from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -114,13 +115,16 @@ def append_for(module, suffix): hosts = filtered_hosts(config, exclude=False, dbhost=True) - config['FIREWALL_SERVICE_NAME'] = "mariadb" - config['FIREWALL_PORTS'] = "'3306'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' + fw_details = dict() for host in hosts: - config['FIREWALL_ALLOWED'] = "'%s'" % host - config['FIREWALL_SERVICE_ID'] = "mariadb_%s" % host - manifestdata.append(getManifestTemplate("firewall.pp")) - + key = "mariadb_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % host + fw_details[key]['service_name'] = "mariadb" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['3306'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_MARIADB_RULES'] = fw_details + + manifestdata.append(createFirewallResources('FIREWALL_MARIADB_RULES')) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre') diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index 491548c70..5ee30f3b7 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -14,7 +14,8 @@ from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -185,14 +186,19 @@ def create_nrpe_manifests(config, messages): config['CONFIG_NRPE_HOST'] = hostname manifestfile = "%s_nagios_nrpe.pp" % hostname manifestdata = getManifestTemplate("nagios_nrpe.pp") + # Only the Nagios host is allowed to talk to nrpe - config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] - config['FIREWALL_SERVICE_NAME'] = "nagios-nrpe" - config['FIREWALL_SERVICE_ID'] = "nagios_nrpe" - config['FIREWALL_PORTS'] = '5666' - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - manifestdata += getManifestTemplate("firewall.pp") + fw_details = dict() + key = "nagios_nrpe" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % config['CONFIG_CONTROLLER_HOST'] + fw_details[key]['service_name'] = "nagios-nrpe" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['5666'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_NAGIOS_NRPE_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_NAGIOS_NRPE_RULES') appendManifestFile(manifestfile, manifestdata) messages.append("To use Nagios, browse to " diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 05a5bae21..de45c1f3b 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -19,7 +19,8 @@ from packstack.modules.common import filtered_hosts from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) + appendManifestFile, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -569,9 +570,12 @@ def initSequences(controller): 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): - config[key] = str([i.strip() for i in config[key].split(',') if i]) + if config[key] == '': + config[key] = [] + else: + config[key] = [i.strip() for i in config[key].split(',') if i] key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' - config[key] = "'%s'" % config[key] if config[key] else 'undef' + config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path @@ -702,8 +706,7 @@ def get_agent_type(config): # "vlan,gre" or "vlan,vxlan" so that VLANs are used if available, # but tunnels are used if not. tenant_types = config.get('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', - "['local']").strip('[]') - tenant_types = [i.strip('"\'') for i in tenant_types.split(',')] + "local") for i in ['gre', 'vxlan', 'vlan']: if i in tenant_types: @@ -737,7 +740,7 @@ def create_manifests(config, messages): 'neutron.services.firewall.fwaas_plugin.FirewallPlugin' ) - config['SERVICE_PLUGINS'] = (str(service_plugins) if service_plugins + config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch': @@ -765,33 +768,44 @@ def create_manifests(config, messages): # XXX I am not completely sure about this, but it seems necessary: manifest_data += getManifestTemplate(plugin_manifest) - #Firewall - config['FIREWALL_SERVICE_NAME'] = "neutron server" - config['FIREWALL_PORTS'] = "'9696'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = ("neutron_server_%s" - % (host)) - manifest_data += getManifestTemplate("firewall.pp") - + # Firewall + fw_details = dict() + key = "neutron_server_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "neutron server" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['9696'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details + + manifest_data += createFirewallResources( + 'FIREWALL_NEUTRON_SERVER_RULES' + ) appendManifestFile(manifest_file, manifest_data, 'neutron') # We also need to open VXLAN/GRE port for agent if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): + fw_details = dict() + key = "neutron_tunnel" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "neutron tunnel port" + fw_details[key]['chain'] = "INPUT" + if use_openvswitch_vxlan(config): - config['FIREWALL_PROTOCOL'] = 'udp' - tunnel_port = ("'%s'" - % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT']) + fw_details[key]['proto'] = 'udp' + tun_port = "%s" % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'] else: - config['FIREWALL_PROTOCOL'] = 'gre' - tunnel_port = 'undef' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port" - config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel") - config['FIREWALL_PORTS'] = tunnel_port - config['FIREWALL_CHAIN'] = "INPUT" - manifest_data = getManifestTemplate('firewall.pp') + fw_details[key]['proto'] = 'gre' + tun_port = 'undef' + + fw_details[key]['ports'] = tun_port + config['FIREWALL_NEUTRON_TUNNEL_RULES'] = fw_details + + manifest_data = createFirewallResources( + 'FIREWALL_NEUTRON_TUNNEL_RULES' + ) appendManifestFile(manifest_file, manifest_data, 'neutron') @@ -839,21 +853,32 @@ def create_dhcp_manifests(config, messages): manifest_data = getManifestTemplate("neutron_dhcp.pp") manifest_file = "%s_neutron.pp" % (host,) # Firewall Rules for dhcp in - config['FIREWALL_PROTOCOL'] = 'udp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in: " - config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_in_%s" % host - config['FIREWALL_PORTS'] = "'67'" - config['FIREWALL_CHAIN'] = "INPUT" - manifest_data += getManifestTemplate("firewall.pp") + fw_details = dict() + key = "neutron_dhcp_in_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "neutron dhcp in" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['67'] + fw_details[key]['proto'] = "udp" + config['FIREWALL_NEUTRON_DHCPIN_RULES'] = fw_details + manifest_data += createFirewallResources( + 'FIREWALL_NEUTRON_DHCPIN_RULES' + ) + # Firewall Rules for dhcp out - config['FIREWALL_PROTOCOL'] = 'udp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_NAME'] = "neutron dhcp out: " - config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_out_%s" % host - config['FIREWALL_PORTS'] = "'68'" - config['FIREWALL_CHAIN'] = "OUTPUT" - manifest_data += getManifestTemplate("firewall.pp") + fw_details = dict() + key = "neutron_dhcp_out_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "neutron dhcp out" + fw_details[key]['chain'] = "OUTPUT" + fw_details[key]['ports'] = ['68'] + fw_details[key]['proto'] = "udp" + config['FIREWALL_NEUTRON_DHCPOUT_RULES'] = fw_details + manifest_data += createFirewallResources( + 'FIREWALL_NEUTRON_DHCPOUT_RULES' + ) appendManifestFile(manifest_file, manifest_data, 'neutron') @@ -895,12 +920,11 @@ def create_l2_agent_manifests(config, messages): # for other plugin template generation if ('l2population' in config.get('CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', [])): - config['CONFIG_NEUTRON_USE_L2POPULATION'] = 'true' + config['CONFIG_NEUTRON_USE_L2POPULATION'] = True else: - config['CONFIG_NEUTRON_USE_L2POPULATION'] = 'false' + config['CONFIG_NEUTRON_USE_L2POPULATION'] = False if agent == "openvswitch": - host_var = 'CONFIG_NEUTRON_OVS_HOST' if plugin == agent: # monolithic plugin installation ovs_type = 'CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE' @@ -919,7 +943,7 @@ def create_l2_agent_manifests(config, messages): # expects this parameter to be an array, this parameter must be # properly formatted by packstack, then consumed by the puppet module. # For example, the input string 'A, B' should formatted as '['A','B']'. - config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = str(bm_arr) + config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = bm_arr elif agent == "linuxbridge": host_var = 'CONFIG_NEUTRON_LB_HOST' template_name = 'neutron_lb_agent.pp' @@ -927,9 +951,9 @@ def create_l2_agent_manifests(config, messages): raise KeyError("Unknown layer2 agent") for host in network_hosts | compute_hosts: - config[host_var] = host manifestfile = "%s_neutron.pp" % (host,) - manifestdata = getManifestTemplate(template_name) + manifestdata = "$cfg_neutron_ovs_host = '%s'\n" % host + manifestdata += getManifestTemplate(template_name) appendManifestFile(manifestfile, manifestdata + "\n") # neutron ovs port only on network hosts if ( diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 42baa1936..23ae134ed 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -15,7 +15,8 @@ from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (NovaConfig, getManifestTemplate, - appendManifestFile, manifestfiles) + appendManifestFile, manifestfiles, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -427,16 +428,21 @@ def create_api_manifest(config, messages): config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = 'undef' else: config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = \ - "'%s'" % config['CONFIG_NEUTRON_METADATA_PW'] + "%s" % config['CONFIG_NEUTRON_METADATA_PW'] manifestfile = "%s_api_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_api.pp") - config['FIREWALL_SERVICE_NAME'] = "nova api" - config['FIREWALL_PORTS'] = "['8773', '8774', '8775']" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "nova_api" - manifestdata += getManifestTemplate("firewall.pp") + + fw_details = dict() + key = "nova_api" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "nova api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8773', '8774', '8775'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_NOVA_API_RULES'] = fw_details + manifestdata += createFirewallResources('FIREWALL_NOVA_API_RULES') + appendManifestFile(manifestfile, manifestdata, 'novaapi') @@ -473,6 +479,8 @@ def create_compute_manifest(config, messages): ) ssh_hostkeys = '' + + ssh_keys_details = {} for host in compute_hosts: try: hostname, aliases, addrs = socket.gethostbyaddr(host) @@ -485,27 +493,33 @@ def create_compute_manifest(config, messages): continue _, host_key_type, host_key_data = hostkey.split() - config['SSH_HOST_NAME'] = hostname - config['SSH_HOST_ALIASES'] = ','.join( - '"%s"' % addr for addr in aliases + addrs - ) - config['SSH_HOST_KEY'] = host_key_data - config['SSH_HOST_KEY_TYPE'] = host_key_type - ssh_hostkeys += getManifestTemplate("sshkey.pp") + key = "%s.%s" % (host_key_type, hostname) + ssh_keys_details.setdefault(key, {}) + ssh_keys_details[key]['ensure'] = 'present' + ssh_keys_details[key]['host_aliases'] = aliases + addrs + ssh_keys_details[key]['key'] = host_key_data + ssh_keys_details[key]['type'] = host_key_type + + config['SSH_KEYS'] = ssh_keys_details + ssh_hostkeys += getManifestTemplate("sshkey.pp") for host in compute_hosts: config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute.pp") + fw_details = dict() + cf_fw_qemu_mig_key = "FIREWALL_NOVA_QEMU_MIG_RULES_%s" % host for c_host in compute_hosts: - config['FIREWALL_SERVICE_NAME'] = "nova qemu migration" - config['FIREWALL_PORTS'] = ['16509', '49152-49215'] - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'%s'" % c_host - config['FIREWALL_SERVICE_ID'] = ("nova_qemu_migration_%s_%s" - % (host, c_host)) - manifestdata += getManifestTemplate("firewall.pp") + key = "nova_qemu_migration_%s_%s" % (host, c_host) + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % c_host + fw_details[key]['service_name'] = "nova qemu migration" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['16509', '49152-49215'] + fw_details[key]['proto'] = "tcp" + + config[cf_fw_qemu_mig_key] = fw_details + manifestdata += createFirewallResources(cf_fw_qemu_mig_key) if config['CONFIG_VMWARE_BACKEND'] == 'y': manifestdata += getManifestTemplate("nova_compute_vmware.pp") @@ -540,14 +554,19 @@ def create_compute_manifest(config, messages): manifestdata += getManifestTemplate(mq_template) manifestdata += getManifestTemplate("nova_ceilometer.pp") - config['FIREWALL_PORTS'] = ['5900-5999'] - config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] - config['FIREWALL_SERVICE_NAME'] = "nova compute" - config['FIREWALL_SERVICE_ID'] = "nova_compute" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - manifestdata += getManifestTemplate("firewall.pp") - + fw_details = dict() + key = "nova_compute" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % config['CONFIG_CONTROLLER_HOST'] + fw_details[key]['service_name'] = "nova compute" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['5900-5999'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_NOVA_COMPUTE_RULES'] = fw_details + + manifestdata += "\n" + createFirewallResources( + 'FIREWALL_NOVA_COMPUTE_RULES' + ) manifestdata += "\n" + nova_config_options.getManifestEntry() manifestdata += "\n" + ssh_hostkeys appendManifestFile(manifestfile, manifestdata) @@ -617,6 +636,7 @@ def create_common_manifest(config, messages): dbacces_hosts |= network_hosts for manifestfile, marker in manifestfiles.getFiles(): + pw_in_sqlconn = False if manifestfile.endswith("_nova.pp"): host, manifest = manifestfile.split('_', 1) host = host.strip() @@ -625,10 +645,17 @@ def create_common_manifest(config, messages): # we should omit password in case we are installing only # nova-compute to the host perms = "nova" + pw_in_sqlconn = False else: - perms = "nova:%(CONFIG_NOVA_DB_PW)s" - sqlconn = "mysql://%s@%%(CONFIG_MARIADB_HOST)s/nova" % perms - config['CONFIG_NOVA_SQL_CONN'] = sqlconn % config + perms = "nova:%s" % config['CONFIG_NOVA_DB_PW'] + pw_in_sqlconn = True + + sqlconn = "mysql://%s@%s/nova" % (perms, + config['CONFIG_MARIADB_HOST']) + if pw_in_sqlconn: + config['CONFIG_NOVA_SQL_CONN_PW'] = sqlconn + else: + config['CONFIG_NOVA_SQL_CONN_NOPW'] = sqlconn # for nova-network in multihost mode each compute host is metadata # host otherwise we use api host @@ -640,7 +667,10 @@ def create_common_manifest(config, messages): config['CONFIG_NOVA_METADATA_HOST'] = metadata data = getManifestTemplate(get_mq(config, "nova_common")) - data += getManifestTemplate("nova_common.pp") + if pw_in_sqlconn: + data += getManifestTemplate("nova_common_pw.pp") + else: + data += getManifestTemplate("nova_common_nopw.pp") appendManifestFile(os.path.split(manifestfile)[1], data) diff --git a/packstack/plugins/openstack_client_400.py b/packstack/plugins/openstack_client_400.py index 5c3562171..30421c1df 100644 --- a/packstack/plugins/openstack_client_400.py +++ b/packstack/plugins/openstack_client_400.py @@ -62,7 +62,7 @@ def create_manifest(config, messages): no_root_allinone = (client_host == utils.get_localhost_ip() and root_home != homedir) - config['NO_ROOT_USER_ALLINONE'] = no_root_allinone and 'true' or 'false' + config['NO_ROOT_USER_ALLINONE'] = no_root_allinone and True or False manifestdata = getManifestTemplate("openstack_client.pp") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 28df91b7e..35266f1cf 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -666,7 +666,7 @@ def discover(config, messages): def create_manifest(config, messages): key = 'CONFIG_DEBUG_MODE' - config[key] = config[key] == 'y' and 'true' or 'false' + config[key] = config[key] == 'y' and True or False for hostname in filtered_hosts(config): manifestfile = "%s_prescript.pp" % hostname diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index dbbf3a9a6..ca19e9f69 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -246,9 +246,9 @@ def initSequences(controller): def marshall_conf_bool(conf, key): if conf[key] == 'y': - conf[key] = 'true' + conf[key] = True else: - conf[key] = 'false' + conf[key] = False def using_heat(config): diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 1a3d34c49..e5ae008f0 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -15,7 +15,8 @@ from packstack.installer.exceptions import ScriptRuntimeError, PuppetError from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import manifestfiles +from packstack.modules.ospluginutils import (manifestfiles, + generateHieraDataFile) from packstack.modules.puppet import scan_logfile, validate_logfile @@ -129,7 +130,7 @@ def run_cleanup(config, messages): def install_deps(config, messages): - deps = ["puppet", "openssh-clients", "tar", "nc"] + deps = ["puppet", "hiera", "openssh-clients", "tar", "nc"] modules_pkg = 'openstack-puppet-modules' local = utils.ScriptRunner() @@ -157,6 +158,18 @@ def install_deps(config, messages): # yum does not fail if one of the packages is missing for package in deps: server.append("rpm -q --whatprovides %s" % (package)) + + # To avoid warning messages such as + # "Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera + # defaults". We create a symbolic link to /etc/hiera.yaml. + server.append('[[ ! -L /etc/puppet/hiera.yaml ]] && ' + 'ln -s /etc/hiera.yaml /etc/puppet/hiera.yaml || ' + 'echo "hiera.yaml symlink already created"') + + server.append("sed -i 's;:datadir:.*;:datadir: " + "%s/hieradata;g' /etc/puppet/hiera.yaml" + % config['HOST_DETAILS'][hostname]['tmpdir']) + server.execute() @@ -170,12 +183,21 @@ def copy_puppet_modules(config, messages): 'vcsrepo', 'vlan', 'vswitch', 'xinetd', 'openstacklib')) - # write puppet manifest to disk + # write puppet manifest to disk manifestfiles.writeManifests() + # write hieradata file to disk + generateHieraDataFile() server = utils.ScriptRunner() for hostname in filtered_hosts(config): host_dir = config['HOST_DETAILS'][hostname]['tmpdir'] + # copy hiera defaults.yaml file + server.append("cd %s" % basedefs.HIERADATA_DIR) + server.append("tar --dereference -cpzf - ../hieradata | " + "ssh -o StrictHostKeyChecking=no " + "-o UserKnownHostsFile=/dev/null " + "root@%s tar -C %s -xpzf -" % (hostname, host_dir)) + # copy Packstack manifests server.append("cd %s/puppet" % basedefs.DIR_PROJECT_DIR) server.append("cd %s" % basedefs.PUPPET_MANIFEST_DIR) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 7ebc5d0f5..f07565118 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -18,7 +18,8 @@ from packstack.installer.utils import split_hosts from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, manifestfiles) + appendManifestFile, manifestfiles, + createFirewallResources) #------------------ oVirt installer initialization ------------------ @@ -287,13 +288,18 @@ def device_def(dev_type, host, dev_port, devicename, zone): def create_proxy_manifest(config, messages): manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("swift_proxy.pp") - config['FIREWALL_SERVICE_NAME'] = "swift proxy" - config['FIREWALL_PORTS'] = "'8080'" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' - config['FIREWALL_ALLOWED'] = "'ALL'" - config['FIREWALL_SERVICE_ID'] = "swift_proxy" - manifestdata += getManifestTemplate("firewall.pp") + + fw_details = dict() + key = "swift_proxy" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "swift proxy" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8080'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_SWIFT_PROXY_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_SWIFT_PROXY_RULES') appendManifestFile(manifestfile, manifestdata) @@ -324,15 +330,18 @@ def create_storage_manifest(config, messages): if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) - config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync" - config['FIREWALL_PORTS'] = "['6000', '6001', '6002', '873']" - config['FIREWALL_CHAIN'] = "INPUT" - config['FIREWALL_PROTOCOL'] = 'tcp' + fw_details = dict() for host in hosts: - config['FIREWALL_ALLOWED'] = "'%s'" % host - config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host - manifestdata += getManifestTemplate("firewall.pp") - + key = "swift_storage_and_rsync_%s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % host + fw_details[key]['service_name'] = "swift storage and rsync" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['6000', '6001', '6002', '873'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_SWIFT_STORAGE_RULES') appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index ea253cfff..931e36708 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -1,42 +1,43 @@ -$amqp = '%(CONFIG_AMQP_BACKEND)s' +$amqp = hiera('CONFIG_AMQP_BACKEND') + case $amqp { 'qpid': { - enable_qpid {"qpid": - enable_ssl => %(CONFIG_AMQP_ENABLE_SSL)s, - enable_auth => '%(CONFIG_AMQP_ENABLE_AUTH)s', + enable_qpid { 'qpid': + enable_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), + enable_auth => hiera('CONFIG_AMQP_ENABLE_AUTH'), } } 'rabbitmq': { - enable_rabbitmq {"rabbitmq":} - + enable_rabbitmq { 'rabbitmq': } } + default: {} } define enable_rabbitmq { - package { "erlang": - ensure => "installed" + package { 'erlang': + ensure => 'installed', } - class {"rabbitmq": - port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - ssl_management_port => '%(CONFIG_AMQP_SSL_PORT)s', - ssl => %(CONFIG_AMQP_ENABLE_SSL)s, - ssl_cert => '%(CONFIG_AMQP_SSL_CERT_FILE)s', - ssl_key => '%(CONFIG_AMQP_SSL_KEY_FILE)s', - default_user => '%(CONFIG_AMQP_AUTH_USER)s', - default_pass => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - package_provider => 'yum', - admin_enable => false, + class { 'rabbitmq': + port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + ssl_management_port => hiera('CONFIG_AMQP_SSL_PORT'), + ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), + ssl_cert => hiera('CONFIG_AMQP_SSL_CERT_FILE'), + ssl_key => hiera('CONFIG_AMQP_SSL_KEY_FILE'), + default_user => hiera('CONFIG_AMQP_AUTH_USER'), + default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + package_provider => 'yum', + admin_enable => false, } - Package['erlang']->Class['rabbitmq'] + Package['erlang'] -> Class['rabbitmq'] } define enable_qpid($enable_ssl = 'n', $enable_auth = 'n') { case $::operatingsystem { 'Fedora': { - if (is_integer($::operatingsystemrelease) and $::operatingsystemrelease >= 20) or $::operatingsystemrelease == "Rawhide" { + if (is_integer($::operatingsystemrelease) and $::operatingsystemrelease >= 20) or $::operatingsystemrelease == 'Rawhide' { $config = '/etc/qpid/qpidd.conf' } else { $config = '/etc/qpidd.conf' @@ -56,18 +57,18 @@ } } - class {"qpid::server": - config_file => $config, - auth => $enable_auth ? { - 'y' => 'yes', - default => 'no', - }, - clustered => false, - ssl_port => '%(CONFIG_AMQP_SSL_PORT)s', - ssl => %(CONFIG_AMQP_ENABLE_SSL)s, - ssl_cert => '%(CONFIG_AMQP_SSL_CERT_FILE)s', - ssl_key => '%(CONFIG_AMQP_SSL_KEY_FILE)s', - ssl_database_password => '%(CONFIG_AMQP_NSS_CERTDB_PW)s', + class { 'qpid::server': + config_file => $config, + auth => $enable_auth ? { + 'y' => 'yes', + default => 'no', + }, + clustered => false, + ssl_port => hiera('CONFIG_AMQP_SSL_PORT'), + ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), + ssl_cert => hiera('CONFIG_AMQP_SSL_CERT_FILE'), + ssl_key => hiera('CONFIG_AMQP_SSL_KEY_FILE'), + ssl_database_password => hiera('CONFIG_AMQP_NSS_CERTDB_PW'), } if $enable_ssl { @@ -82,25 +83,27 @@ } if $enable_auth == 'y' { - add_qpid_user {"qpid_user":} + add_qpid_user { 'qpid_user': } } } define add_qpid_user { - qpid_user { '%(CONFIG_AMQP_AUTH_USER)s': - password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - file => '/var/lib/qpidd/qpidd.sasldb', - realm => 'QPID', - provider => 'saslpasswd2', - require => Class['qpid::server'], + $config_amqp_auth_user = hiera('CONFIG_AMQP_AUTH_USER') + qpid_user { $config_amqp_auth_user: + password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + file => '/var/lib/qpidd/qpidd.sasldb', + realm => 'QPID', + provider => 'saslpasswd2', + require => Class['qpid::server'], } file { 'sasldb_file': - path => '/var/lib/qpidd/qpidd.sasldb', - ensure => file, - owner => 'qpidd', - group => 'qpidd', + ensure => file, + path => '/var/lib/qpidd/qpidd.sasldb', + owner => 'qpidd', + group => 'qpidd', require => Package['qpid-cpp-server'], } } + diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index d7d3c43a2..7955c3709 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -1,28 +1,28 @@ +$config_mongodb_host = hiera('CONFIG_MONGODB_HOST') + class { 'ceilometer::db': - database_connection => 'mongodb://%(CONFIG_MONGODB_HOST)s:27017/ceilometer', + database_connection => "mongodb://${config_mongodb_host}:27017/ceilometer", } -class { 'ceilometer::collector': -} +class { 'ceilometer::collector': } -class { 'ceilometer::agent::notification': -} +class { 'ceilometer::agent::notification': } + +$config_controller_host = hiera('CONFIG_CONTROLLER_HOST') class { 'ceilometer::agent::auth': - auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - auth_password => '%(CONFIG_CEILOMETER_KS_PW)s', + auth_url => "http://${config_controller_host}:35357/v2.0", + auth_password => hiera('CONFIG_CEILOMETER_KS_PW'), } -class { 'ceilometer::agent::central': -} +class { 'ceilometer::agent::central': } -class { 'ceilometer::alarm::notifier': -} +class { 'ceilometer::alarm::notifier':} -class { 'ceilometer::alarm::evaluator': -} +class { 'ceilometer::alarm::evaluator':} class { 'ceilometer::api': - keystone_host => '%(CONFIG_CONTROLLER_HOST)s', - keystone_password => '%(CONFIG_CEILOMETER_KS_PW)s', + keystone_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'), } + diff --git a/packstack/puppet/templates/ceilometer_nova_disabled.pp b/packstack/puppet/templates/ceilometer_nova_disabled.pp index fa360ac54..9bf319b21 100644 --- a/packstack/puppet/templates/ceilometer_nova_disabled.pp +++ b/packstack/puppet/templates/ceilometer_nova_disabled.pp @@ -1,5 +1,5 @@ -group { "nova": - ensure => present, +group { 'nova': + ensure => present, } Group['nova'] -> Class['ceilometer'] diff --git a/packstack/puppet/templates/ceilometer_qpid.pp b/packstack/puppet/templates/ceilometer_qpid.pp index fa54c6f68..900be2d6e 100644 --- a/packstack/puppet/templates/ceilometer_qpid.pp +++ b/packstack/puppet/templates/ceilometer_qpid.pp @@ -1,11 +1,11 @@ class { 'ceilometer': - metering_secret => '%(CONFIG_CEILOMETER_SECRET)s', - qpid_hostname => '%(CONFIG_AMQP_HOST)s', - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s' + metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), } diff --git a/packstack/puppet/templates/ceilometer_rabbitmq.pp b/packstack/puppet/templates/ceilometer_rabbitmq.pp index 914c6bc10..ad0c2df47 100644 --- a/packstack/puppet/templates/ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/ceilometer_rabbitmq.pp @@ -1,9 +1,9 @@ class { 'ceilometer': - metering_secret => '%(CONFIG_CEILOMETER_SECRET)s', - rabbit_host => '%(CONFIG_AMQP_HOST)s', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', + metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), + rabbit_host => hiera('CONFIG_AMQP_HOST'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), } diff --git a/packstack/puppet/templates/chrony.pp b/packstack/puppet/templates/chrony.pp index 3a732d57f..cdcbfb25b 100644 --- a/packstack/puppet/templates/chrony.pp +++ b/packstack/puppet/templates/chrony.pp @@ -1,7 +1,10 @@ +$cfg_ntp_server_def = hiera('CONFIG_NTP_SERVER_DEF') +$cfg_ntp_servers = hiera('CONFIG_NTP_SERVERS') + $config_content = " # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). -%(CONFIG_NTP_SERVER_DEF)s +${cfg_ntp_server_def} # Ignore stratum in source selection. stratumweight 0 @@ -44,38 +47,43 @@ #log measurements statistics tracking " -package {'chrony': - ensure => 'installed', - name => 'chrony', +package { 'chrony': + ensure => 'installed', + name => 'chrony', } -package {'ntpdate': - ensure => 'installed', - name => 'ntpdate', +package { 'ntpdate': + ensure => 'installed', + name => 'ntpdate', } -file {'chrony_conf': - path => '/etc/chrony.conf', - ensure => file, - mode => '0644', - content => $config_content, +file { 'chrony_conf': + ensure => file, + path => '/etc/chrony.conf', + mode => '0644', + content => $config_content, } -exec {'stop-chronyd': - command => '/usr/bin/systemctl stop chronyd.service', +exec { 'stop-chronyd': + command => '/usr/bin/systemctl stop chronyd.service', } -exec {'ntpdate': - command => '/usr/sbin/ntpdate %(CONFIG_NTP_SERVERS)s', - tries => 3, +exec { 'ntpdate': + command => "/usr/sbin/ntpdate ${cfg_ntp_servers}", + tries => 3, } -service {'chronyd': - ensure => 'running', - enable => true, - name => 'chronyd', - hasstatus => true, - hasrestart => true, +service { 'chronyd': + ensure => running, + enable => true, + name => 'chronyd', + hasstatus => true, + hasrestart => true, } -Package['chrony'] -> Package['ntpdate'] -> File['chrony_conf'] -> Exec['stop-chronyd'] -> Exec['ntpdate'] -> Service['chronyd'] +Package['chrony'] -> +Package['ntpdate'] -> +File['chrony_conf'] -> +Exec['stop-chronyd'] -> +Exec['ntpdate'] -> +Service['chronyd'] diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index 247f289ef..8b63b5ea8 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -1,35 +1,34 @@ cinder_config { - "DEFAULT/glance_host": value => "%(CONFIG_STORAGE_HOST)s"; + 'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST'); } -package {'python-keystone': +package { 'python-keystone': notify => Class['cinder::api'], } -class {'cinder::api': - keystone_password => '%(CONFIG_CINDER_KS_PW)s', - keystone_tenant => "services", - keystone_user => "cinder", - keystone_auth_host => "%(CONFIG_CONTROLLER_HOST)s", +class { 'cinder::api': + keystone_password => hiera('CONFIG_CINDER_KS_PW'), + keystone_tenant => 'services', + keystone_user => 'cinder', + keystone_auth_host => hiera('CONFIG_CONTROLLER_HOST'), } -class {'cinder::scheduler': -} +class { 'cinder::scheduler': } -class {'cinder::volume': -} +class { 'cinder::volume': } -class {'cinder::client': -} +class { 'cinder::client': } + +$cinder_config_controller_host = hiera('CONFIG_CONTROLLER_HOST') # Cinder::Type requires keystone credentials Cinder::Type { - os_password => '%(CONFIG_CINDER_KS_PW)s', - os_tenant_name => "services", - os_username => "cinder", - os_auth_url => "http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/", + os_password => hiera('CONFIG_CINDER_KS_PW'), + os_tenant_name => 'services', + os_username => 'cinder', + os_auth_url => "http://${cinder_config_controller_host}:5000/v2.0/", } class { 'cinder::backends': - enabled_backends => %(CONFIG_CINDER_BACKEND)s, + enabled_backends => hiera_array('CONFIG_CINDER_BACKEND'), } diff --git a/packstack/puppet/templates/cinder_backup.pp b/packstack/puppet/templates/cinder_backup.pp index 1b5f41c22..5618bb481 100644 --- a/packstack/puppet/templates/cinder_backup.pp +++ b/packstack/puppet/templates/cinder_backup.pp @@ -1,8 +1,11 @@ -class { 'cinder::backup': -} +class { 'cinder::backup': } + +$cinder_backup_conf_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') class { 'cinder::backup::swift': - backup_swift_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8080/v1/AUTH_' + backup_swift_url => "http://${cinder_config_controller_host}:8080/v1/AUTH_", } Class['cinder::api'] ~> Service['cinder-backup'] + + diff --git a/packstack/puppet/templates/cinder_gluster.pp b/packstack/puppet/templates/cinder_gluster.pp index 6b2e292cc..4ed6d7cac 100644 --- a/packstack/puppet/templates/cinder_gluster.pp +++ b/packstack/puppet/templates/cinder_gluster.pp @@ -1,7 +1,9 @@ -package { 'glusterfs-fuse': ensure => present } +package { 'glusterfs-fuse': + ensure => present, +} cinder::backend::glusterfs { 'gluster': - glusterfs_shares => [%(CONFIG_CINDER_GLUSTER_MOUNTS)s], + glusterfs_shares => hiera_array('CONFIG_CINDER_GLUSTER_MOUNTS'), require => Package['glusterfs-fuse'], glusterfs_shares_config => '/etc/cinder/glusterfs_shares.conf', } diff --git a/packstack/puppet/templates/cinder_lvm.pp b/packstack/puppet/templates/cinder_lvm.pp index 4cce3ac0a..7b52e842b 100644 --- a/packstack/puppet/templates/cinder_lvm.pp +++ b/packstack/puppet/templates/cinder_lvm.pp @@ -1,12 +1,12 @@ class { 'cinder::setup_test_volume': - size => '%(CONFIG_CINDER_VOLUMES_SIZE)s', + size => hiera('CONFIG_CINDER_VOLUMES_SIZE'), loopback_device => '/dev/loop2', - volume_path => '/var/lib/cinder', - volume_name => 'cinder-volumes', + volume_path => '/var/lib/cinder', + volume_name => 'cinder-volumes', } # Add loop device on boot -$el_releases = ["RedHat", "CentOS", "Scientific"] +$el_releases = ['RedHat', 'CentOS', 'Scientific'] if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { file_line{ 'rc.local_losetup_cinder_volume': @@ -44,12 +44,12 @@ exec { '/usr/bin/systemctl daemon-reload': refreshonly => true, - before => Service['openstack-losetup'], + before => Service['openstack-losetup'], } service { 'openstack-losetup': - ensure => running, - enable => true, + ensure => running, + enable => true, require => Class['cinder::setup_test_volume'], } @@ -70,8 +70,8 @@ } cinder::backend::iscsi { 'lvm': - iscsi_ip_address => '%(CONFIG_STORAGE_HOST)s', - require => Package['lvm2'], + iscsi_ip_address => hiera('CONFIG_STORAGE_HOST'), + require => Package['lvm2'], } cinder::type { 'iscsi': diff --git a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp index 79f74a1bd..33f4a71a3 100644 --- a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp +++ b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp @@ -3,16 +3,16 @@ package { 'iscsi-initiator-utils': ensure => present } cinder::backend::netapp { 'netapp': - netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", - netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", - netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", - netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", - netapp_size_multiplier => "%(CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER)s", - netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", - netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", - netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", - netapp_vfiler => "%(CONFIG_CINDER_NETAPP_VFILER)s", - netapp_volume_list => ["%(CONFIG_CINDER_NETAPP_VOLUME_LIST)s"], + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_size_multiplier => hiera('CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_vfiler => hiera('CONFIG_CINDER_NETAPP_VFILER'), + netapp_volume_list => hiera_array('CONFIG_CINDER_NETAPP_VOLUME_LIST'), require => Package['iscsi-initiator-utils'], } diff --git a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp index 960badaa9..5dc2906c3 100644 --- a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp +++ b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp @@ -3,17 +3,17 @@ package { 'nfs-utils': ensure => present } cinder::backend::netapp { 'netapp': - netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", - netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", - netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", - netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", - netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", - netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", - netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", - expiry_thres_minutes => "%(CONFIG_CINDER_EXPIRY_THRES_MINUTES)s", - thres_avl_size_perc_start => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START)s", - thres_avl_size_perc_stop => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP)s", - nfs_shares_config => "%(CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG)s", + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + expiry_thres_minutes => hiera('CONFIG_CINDER_EXPIRY_THRES_MINUTES'), + thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), + thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), + nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), require => Package['nfs-utils'], } diff --git a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp index de373396c..b33383adf 100644 --- a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp +++ b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp @@ -3,15 +3,15 @@ package { 'iscsi-initiator-utils': ensure => present } cinder::backend::netapp { 'netapp': - netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", - netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", - netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", - netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", - netapp_size_multiplier => "%(CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER)s", - netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", - netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", - netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", - netapp_vserver => "%(CONFIG_CINDER_NETAPP_VSERVER)s", + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_size_multiplier => hiera('CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_vserver => hiera('CONFIG_CINDER_NETAPP_VSERVER'), require => Package['iscsi-initiator-utils'], } diff --git a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp index d4fc0eb3e..63b0e014b 100644 --- a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp +++ b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp @@ -3,18 +3,18 @@ package { 'nfs-utils': ensure => present } cinder::backend::netapp { 'netapp': - netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", - netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", - netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", - netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", - netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", - netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", - netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", - netapp_vserver => "%(CONFIG_CINDER_NETAPP_VSERVER)s", - expiry_thres_minutes => "%(CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES)s", - thres_avl_size_perc_start => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START)s", - thres_avl_size_perc_stop => "%(CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP)s", - nfs_shares_config => "%(CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG)s", + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_vserver => hiera('CONFIG_CINDER_NETAPP_VSERVER'), + expiry_thres_minutes => hiera('CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES'), + thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), + thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), + nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), require => Package['nfs-utils'], } diff --git a/packstack/puppet/templates/cinder_netapp_eseries.pp b/packstack/puppet/templates/cinder_netapp_eseries.pp index 01e92fccb..dee48de2f 100644 --- a/packstack/puppet/templates/cinder_netapp_eseries.pp +++ b/packstack/puppet/templates/cinder_netapp_eseries.pp @@ -3,17 +3,17 @@ package { 'iscsi-initiator-utils': ensure => present } cinder::backend::netapp { 'netapp': - netapp_login => "%(CONFIG_CINDER_NETAPP_LOGIN)s", - netapp_password => "%(CONFIG_CINDER_NETAPP_PASSWORD)s", - netapp_server_hostname => "%(CONFIG_CINDER_NETAPP_HOSTNAME)s", - netapp_server_port => "%(CONFIG_CINDER_NETAPP_SERVER_PORT)s", - netapp_storage_family => "%(CONFIG_CINDER_NETAPP_STORAGE_FAMILY)s", - netapp_storage_protocol => "%(CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL)s", - netapp_transport_type => "%(CONFIG_CINDER_NETAPP_TRANSPORT_TYPE)s", - netapp_controller_ips => "%(CONFIG_CINDER_NETAPP_CONTROLLER_IPS)s", - netapp_sa_password => "%(CONFIG_CINDER_NETAPP_SA_PASSWORD)s", - netapp_storage_pools => "%(CONFIG_CINDER_NETAPP_STORAGE_POOLS)s", - netapp_webservice_path => "%(CONFIG_CINDER_NETAPP_WEBSERVICE_PATH)s", + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_controller_ips => hiera('CONFIG_CINDER_NETAPP_CONTROLLER_IPS'), + netapp_sa_password => hiera('CONFIG_CINDER_NETAPP_SA_PASSWORD'), + netapp_storage_pools => hiera('CONFIG_CINDER_NETAPP_STORAGE_POOLS'), + netapp_webservice_path => hiera('CONFIG_CINDER_NETAPP_WEBSERVICE_PATH'), require => Package['iscsi-initiator-utils'], } diff --git a/packstack/puppet/templates/cinder_nfs.pp b/packstack/puppet/templates/cinder_nfs.pp index fffc9be51..7d6a6b0c0 100644 --- a/packstack/puppet/templates/cinder_nfs.pp +++ b/packstack/puppet/templates/cinder_nfs.pp @@ -1,7 +1,7 @@ package { 'nfs-utils': ensure => present } cinder::backend::nfs { 'nfs': - nfs_servers => [%(CONFIG_CINDER_NFS_MOUNTS)s], + nfs_servers => hiera_array('CONFIG_CINDER_NFS_MOUNTS'), require => Package['nfs-utils'], nfs_shares_config => '/etc/cinder/nfs_shares.conf', } diff --git a/packstack/puppet/templates/cinder_qpid.pp b/packstack/puppet/templates/cinder_qpid.pp index 8bce730f2..e31f3df6d 100644 --- a/packstack/puppet/templates/cinder_qpid.pp +++ b/packstack/puppet/templates/cinder_qpid.pp @@ -1,13 +1,15 @@ +$cinder_qpid_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW') +$cinder_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class {'cinder': - rpc_backend => 'cinder.openstack.common.rpc.impl_qpid', - qpid_hostname => "%(CONFIG_AMQP_HOST)s", - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MARIADB_HOST)s/cinder", - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - mysql_module => '2.2', + rpc_backend => 'cinder.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + sql_connection => "mysql://cinder:${cinder_qpid_cfg_cinder_db_pw}@${cinder_qpid_cfg_mariadb_host}/cinder", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/cinder_rabbitmq.pp b/packstack/puppet/templates/cinder_rabbitmq.pp index 2045fdc5b..58102c208 100644 --- a/packstack/puppet/templates/cinder_rabbitmq.pp +++ b/packstack/puppet/templates/cinder_rabbitmq.pp @@ -1,11 +1,13 @@ +$cinder_rab_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW') +$cinder_rab_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class {'cinder': - rabbit_host => "%(CONFIG_AMQP_HOST)s", - rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MARIADB_HOST)s/cinder", - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - mysql_module => '2.2', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + sql_connection => "mysql://cinder:${cinder_rab_cfg_cinder_db_pw}@${cinder_rab_cfg_mariadb_host}/cinder", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/cinder_vmdk.pp b/packstack/puppet/templates/cinder_vmdk.pp index ff01b302a..7d9405fba 100644 --- a/packstack/puppet/templates/cinder_vmdk.pp +++ b/packstack/puppet/templates/cinder_vmdk.pp @@ -1,7 +1,7 @@ cinder::backend::vmdk { 'vmdk': - host_ip => "%(CONFIG_VCENTER_HOST)s", - host_username => "%(CONFIG_VCENTER_USER)s", - host_password => "%(CONFIG_VCENTER_PASSWORD)s", + host_ip => hiera('CONFIG_VCENTER_HOST'), + host_username => hiera('CONFIG_VCENTER_USER'), + host_password => hiera('CONFIG_VCENTER_PASSWORD'), } cinder::type { 'vmdk': diff --git a/packstack/puppet/templates/firewall.pp b/packstack/puppet/templates/firewall.pp deleted file mode 100644 index a52d793f6..000000000 --- a/packstack/puppet/templates/firewall.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Create firewall rules to allow only the FIREWALL_ALLOWED -# hosts that need to connect via FIREWALL_PORTS -# using FIREWALL_CHAIN - -packstack::firewall {'%(FIREWALL_SERVICE_ID)s': - host => %(FIREWALL_ALLOWED)s, - service_name => '%(FIREWALL_SERVICE_NAME)s', - chain => '%(FIREWALL_CHAIN)s', - ports => %(FIREWALL_PORTS)s, - proto => '%(FIREWALL_PROTOCOL)s', -} diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index f46fad32e..2417fc3a6 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -1,23 +1,26 @@ +$glance_ks_pw = hiera('CONFIG_GLANCE_DB_PW') +$glance_mariadb_host = hiera('CONFIG_MARIADB_HOST') -class {"glance::api": - auth_host => "%(CONFIG_CONTROLLER_HOST)s", - keystone_tenant => "services", - keystone_user => "glance", - keystone_password => "%(CONFIG_GLANCE_KS_PW)s", - pipeline => 'keystone', - sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MARIADB_HOST)s/glance", - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - mysql_module => '2.2', +class { 'glance::api': + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => hiera('CONFIG_GLANCE_KS_PW'), + pipeline => 'keystone', + sql_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + mysql_module => '2.2', } -class {"glance::registry": - auth_host => "%(CONFIG_CONTROLLER_HOST)s", - keystone_tenant => "services", - keystone_user => "glance", - keystone_password => "%(CONFIG_GLANCE_KS_PW)s", - sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MARIADB_HOST)s/glance", - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - mysql_module => '2.2', +class { 'glance::registry': + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => hiera('CONFIG_GLANCE_KS_PW'), + sql_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + mysql_module => '2.2', } + diff --git a/packstack/puppet/templates/glance_ceilometer_qpid.pp b/packstack/puppet/templates/glance_ceilometer_qpid.pp index ab5d0fa3e..86b622f24 100644 --- a/packstack/puppet/templates/glance_ceilometer_qpid.pp +++ b/packstack/puppet/templates/glance_ceilometer_qpid.pp @@ -1,8 +1,8 @@ class { 'glance::notify::qpid': - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_hostname => '%(CONFIG_AMQP_HOST)s', - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s' + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), } diff --git a/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp b/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp index 57c6beda9..0d3eb1c2a 100644 --- a/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp @@ -1,9 +1,9 @@ class { 'glance::notify::rabbitmq': - rabbit_host => '%(CONFIG_AMQP_HOST)s', - rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - rabbit_use_ssl => %(CONFIG_AMQP_ENABLE_SSL)s, - rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), } diff --git a/packstack/puppet/templates/glance_file.pp b/packstack/puppet/templates/glance_file.pp index 4212023f2..2623a988b 100644 --- a/packstack/puppet/templates/glance_file.pp +++ b/packstack/puppet/templates/glance_file.pp @@ -1,5 +1,5 @@ # TO-DO: Make this configurable class { 'glance::backend::file': - filesystem_store_datadir => '/var/lib/glance/images/' + filesystem_store_datadir => '/var/lib/glance/images/', } diff --git a/packstack/puppet/templates/glance_swift.pp b/packstack/puppet/templates/glance_swift.pp index 45f553f9c..1eb1bf118 100644 --- a/packstack/puppet/templates/glance_swift.pp +++ b/packstack/puppet/templates/glance_swift.pp @@ -1,10 +1,11 @@ +$gla_bd_ct_h = hiera('CONFIG_CONTROLLER_HOST') class { 'glance::backend::swift': swift_store_user => 'services:glance', - swift_store_key => '%(CONFIG_GLANCE_KS_PW)s', - swift_store_auth_address => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0/', + swift_store_key => hiera('CONFIG_GLANCE_KS_PW'), + swift_store_auth_address => "http://${gla_bd_ct_h}:35357/v2.0/", swift_store_container => 'glance', swift_store_auth_version => '2', swift_store_large_object_size => '5120', - swift_store_create_container_on_put => true + swift_store_create_container_on_put => true, } diff --git a/packstack/puppet/templates/global.pp b/packstack/puppet/templates/global.pp index c2aaad10c..58dd4470c 100644 --- a/packstack/puppet/templates/global.pp +++ b/packstack/puppet/templates/global.pp @@ -1 +1 @@ -Exec { timeout => %(DEFAULT_EXEC_TIMEOUT)s } +Exec { timeout => hiera('DEFAULT_EXEC_TIMEOUT') } diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index fe54c55b1..2d19d3caf 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -1,21 +1,22 @@ -class { 'heat::api': -} +class { 'heat::api': } + +$heat_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') class { 'heat::engine': - heat_metadata_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000', - heat_waitcondition_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8000/v1/waitcondition', - heat_watch_server_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8003', - auth_encryption_key => '%(CONFIG_HEAT_AUTH_ENC_KEY)s', + heat_metadata_server_url => "http://${heat_cfg_ctrl_host}:8000", + heat_waitcondition_server_url => "http://${heat_cfg_ctrl_host}:8000/v1/waitcondition", + heat_watch_server_url => "http://${heat_cfg_ctrl_host}:8003", + auth_encryption_key => hiera('CONFIG_HEAT_AUTH_ENC_KEY'), } class { 'heat::keystone::domain': - auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', + auth_url => "http://${heat_cfg_ctrl_host}:35357/v2.0", keystone_admin => 'admin', - keystone_password => '%(CONFIG_KEYSTONE_ADMIN_PW)s', + keystone_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), keystone_tenant => 'admin', - domain_name => '%(CONFIG_HEAT_DOMAIN)s', - domain_admin => '%(CONFIG_HEAT_DOMAIN_ADMIN)s', - domain_password => '%(CONFIG_HEAT_DOMAIN_PASSWORD)s', + domain_name => hiera('CONFIG_HEAT_DOMAIN'), + domain_admin => hiera('CONFIG_HEAT_DOMAIN_ADMIN'), + domain_password => hiera('CONFIG_HEAT_DOMAIN_PASSWORD'), } diff --git a/packstack/puppet/templates/heat_cfn.pp b/packstack/puppet/templates/heat_cfn.pp index 0c94116f1..cbfeaa761 100644 --- a/packstack/puppet/templates/heat_cfn.pp +++ b/packstack/puppet/templates/heat_cfn.pp @@ -1,11 +1,12 @@ -class { 'heat::api_cfn': -} +class { 'heat::api_cfn': } + +$heat_cfn_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') class { 'heat::keystone::auth_cfn': - admin_address => '%(CONFIG_CONTROLLER_HOST)s', - public_address => '%(CONFIG_CONTROLLER_HOST)s', - internal_address => '%(CONFIG_CONTROLLER_HOST)s', - password => '%(CONFIG_HEAT_KS_PW)s' + admin_address => $heat_cfn_cfg_ctrl_host, + public_address => $heat_cfn_cfg_ctrl_host, + internal_address => $heat_cfn_cfg_ctrl_host, + password => hiera('CONFIG_HEAT_KS_PW'), } diff --git a/packstack/puppet/templates/heat_cloudwatch.pp b/packstack/puppet/templates/heat_cloudwatch.pp index d1d02015f..32eabfcf0 100644 --- a/packstack/puppet/templates/heat_cloudwatch.pp +++ b/packstack/puppet/templates/heat_cloudwatch.pp @@ -1,4 +1,3 @@ -class { 'heat::api_cloudwatch': -} +class { 'heat::api_cloudwatch': } diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index efbf2b1a1..ae7888421 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -1,15 +1,19 @@ +$heat_qpid_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$heat_qpid_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') +$heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') + class { 'heat': - keystone_host => '%(CONFIG_CONTROLLER_HOST)s', - keystone_password => '%(CONFIG_HEAT_KS_PW)s', - auth_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - keystone_ec2_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - rpc_backend => 'heat.openstack.common.rpc.impl_qpid', - qpid_hostname => '%(CONFIG_AMQP_HOST)s', - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MARIADB_HOST)s/heat", + keystone_host => $heat_cfn_cfg_ctrl_host, + keystone_password => hiera('CONFIG_HEAT_KS_PW'), + auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", + keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", + rpc_backend => 'heat.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + sql_connection => "mysql://heat:${heat_qpid_cfg_heat_db_pw}@${heat_qpid_cfg_mariadb_host}/heat", } diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index 08f7913a2..e75e3e165 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -1,13 +1,17 @@ +$heat_rabbitmq_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$heat_rabbitmq_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') +$heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') + class { 'heat': - keystone_host => '%(CONFIG_CONTROLLER_HOST)s', - keystone_password => '%(CONFIG_HEAT_KS_PW)s', - auth_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - keystone_ec2_uri => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - rpc_backend => 'heat.openstack.common.rpc.impl_kombu', - rabbit_host => '%(CONFIG_AMQP_HOST)s', - rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - sql_connection => "mysql://heat:%(CONFIG_HEAT_DB_PW)s@%(CONFIG_MARIADB_HOST)s/heat", + keystone_host => $heat_rabbitmq_cfg_ctrl_host, + keystone_password => hiera('CONFIG_HEAT_KS_PW'), + auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", + keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", + rpc_backend => 'heat.openstack.common.rpc.impl_kombu', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + sql_connection => "mysql://heat:${heat_rabbitmq_cfg_heat_db_pw}@${heat_rabbitmq_cfg_mariadb_host}/heat", } diff --git a/packstack/puppet/templates/heat_trusts.pp b/packstack/puppet/templates/heat_trusts.pp index 87ac7aebe..5ec87aa35 100644 --- a/packstack/puppet/templates/heat_trusts.pp +++ b/packstack/puppet/templates/heat_trusts.pp @@ -8,3 +8,4 @@ ensure => present, roles => ['admin', '_member_', 'heat_stack_owner'], } + diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 270039284..e7214c5b3 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -1,40 +1,47 @@ include packstack::apache_common -$horizon_packages = ["python-memcached", "python-netaddr"] +$horizon_packages = ['python-memcached', 'python-netaddr'] -package {$horizon_packages: - notify => Class["horizon"], - ensure => present, +package { $horizon_packages: + ensure => present, + notify => Class['horizon'], +} + +$is_django_debug = hiera('CONFIG_DEBUG_MODE') ? { + true => 'True', + false => 'False', } class {'horizon': - secret_key => '%(CONFIG_HORIZON_SECRET_KEY)s', - keystone_host => '%(CONFIG_CONTROLLER_HOST)s', + secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'), + keystone_host => hiera('CONFIG_CONTROLLER_HOST'), keystone_default_role => '_member_', - #fqdn => ['%(CONFIG_CONTROLLER_HOST)s', "$::fqdn", 'localhost'], + # fqdn => [hiera('CONFIG_CONTROLLER_HOST'), "$::fqdn", 'localhost'], # TO-DO: Parameter fqdn is used both for ALLOWED_HOSTS in settings_local.py - # and for ServerAlias directives in vhost.conf which is breaking server - # accessibility. We need ALLOWED_HOSTS values, but we have to avoid - # ServerAlias definitions. For now we will use this wildcard hack until - # puppet-horizon will have separate parameter for each config. - fqdn => '*', + # and for ServerAlias directives in vhost.conf which is breaking server + # accessibility. We need ALLOWED_HOSTS values, but we have to avoid + # ServerAlias definitions. For now we will use this wildcard hack until + # puppet-horizon will have separate parameter for each config. + fqdn => '*', can_set_mount_point => 'False', - django_debug => %(CONFIG_DEBUG_MODE)s ? {true => 'True', false => 'False'}, - listen_ssl => %(CONFIG_HORIZON_SSL)s, - horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', - horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', - horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', - neutron_options => { - 'enable_lb' => %(CONFIG_HORIZON_NEUTRON_LB)s, - 'enable_firewall' => %(CONFIG_HORIZON_NEUTRON_FW)s + django_debug => $is_django_debug, + listen_ssl => hiera('CONFIG_HORIZON_SSL'), + horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', + horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', + horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', + neutron_options => { + 'enable_lb' => hiera('CONFIG_HORIZON_NEUTRON_LB'), + 'enable_firewall' => hiera('CONFIG_HORIZON_NEUTRON_FW'), }, } -if %(CONFIG_HORIZON_SSL)s { +$is_horizon_ssl = hiera('CONFIG_HORIZON_SSL') + +if $is_horizon_ssl == true { file {'/etc/pki/tls/certs/ps_generate_ssl_certs.ssh': + ensure => present, content => template('packstack/ssl/generate_ssl_certs.sh.erb'), - ensure => present, - mode => '755', + mode => '0755', } exec {'/etc/pki/tls/certs/ps_generate_ssl_certs.ssh': @@ -62,19 +69,19 @@ } } -class {'memcached':} +class { 'memcached': } -$firewall_port = %(CONFIG_HORIZON_PORT)s +$firewall_port = hiera('CONFIG_HORIZON_PORT') firewall { "001 horizon ${firewall_port} incoming": - proto => 'tcp', - dport => [%(CONFIG_HORIZON_PORT)s], - action => 'accept', + proto => 'tcp', + dport => [$firewall_port], + action => 'accept', } -if ($::selinux != "false"){ - selboolean{'httpd_can_network_connect': - value => on, - persistent => true, - } +if ($::selinux != false) { + selboolean{ 'httpd_can_network_connect': + value => on, + persistent => true, + } } diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index 9d25f4254..2047cf14e 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -1,44 +1,50 @@ $keystone_use_ssl = false +$keystone_service_name = hiera('CONFIG_KEYSTONE_SERVICE_NAME') +$keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') +$keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') -class {"keystone": - admin_token => "%(CONFIG_KEYSTONE_ADMIN_TOKEN)s", - sql_connection => "mysql://keystone_admin:%(CONFIG_KEYSTONE_DB_PW)s@%(CONFIG_MARIADB_HOST)s/keystone", - token_format => "%(CONFIG_KEYSTONE_TOKEN_FORMAT)s", - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - mysql_module => '2.2', - service_name => '%(CONFIG_KEYSTONE_SERVICE_NAME)s', - enable_ssl => $keystone_use_ssl, +class { 'keystone': + admin_token => hiera('CONFIG_KEYSTONE_ADMIN_TOKEN'), + sql_connection => "mysql://keystone_admin:${keystone_cfg_ks_db_pw}@${keystone_cfg_mariadb_host}/keystone", + token_format => hiera('CONFIG_KEYSTONE_TOKEN_FORMAT'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + mysql_module => '2.2', + service_name => $keystone_service_name, + enable_ssl => $keystone_use_ssl, } -if '%(CONFIG_KEYSTONE_SERVICE_NAME)s' == 'httpd' { +if $keystone_service_name == 'httpd' { include packstack::apache_common - class {"keystone::wsgi::apache": + + class { 'keystone::wsgi::apache': ssl => $keystone_use_ssl, } } -class {"keystone::roles::admin": - email => "root@localhost", - password => "%(CONFIG_KEYSTONE_ADMIN_PW)s", - admin_tenant => "admin" +class { 'keystone::roles::admin': + email => 'root@localhost', + password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), + admin_tenant => 'admin', } -class {"keystone::endpoint": - region => "%(CONFIG_KEYSTONE_REGION)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", +class { 'keystone::endpoint': + region => hiera('CONFIG_KEYSTONE_REGION'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), } # Run token flush every minute (without output so we won't spam admins) cron { 'token-flush': - ensure => 'present', - command => '/usr/bin/keystone-manage token_flush >/dev/null 2>&1', - minute => '*/1', - user => 'keystone', - require => [User['keystone'], Group['keystone']], -} -> service { 'crond': - ensure => 'running', - enable => true, + ensure => 'present', + command => '/usr/bin/keystone-manage token_flush >/dev/null 2>&1', + minute => '*/1', + user => 'keystone', + require => [User['keystone'], Group['keystone']], +} -> +service { 'crond': + ensure => 'running', + enable => true, } + diff --git a/packstack/puppet/templates/keystone_ceilometer.pp b/packstack/puppet/templates/keystone_ceilometer.pp index 5fbf12fc5..37c495093 100644 --- a/packstack/puppet/templates/keystone_ceilometer.pp +++ b/packstack/puppet/templates/keystone_ceilometer.pp @@ -1,8 +1,8 @@ class { 'ceilometer::keystone::auth': - region => '%(CONFIG_KEYSTONE_REGION)s', - password => '%(CONFIG_CEILOMETER_KS_PW)s', - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_CEILOMETER_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), } diff --git a/packstack/puppet/templates/keystone_cinder.pp b/packstack/puppet/templates/keystone_cinder.pp index 2074777b5..e96907834 100644 --- a/packstack/puppet/templates/keystone_cinder.pp +++ b/packstack/puppet/templates/keystone_cinder.pp @@ -1,9 +1,9 @@ -class {"cinder::keystone::auth": - region => "%(CONFIG_KEYSTONE_REGION)s", - password => "%(CONFIG_CINDER_KS_PW)s", - public_address => "%(CONFIG_STORAGE_HOST)s", - admin_address => "%(CONFIG_STORAGE_HOST)s", - internal_address => "%(CONFIG_STORAGE_HOST)s", +class { 'cinder::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_CINDER_KS_PW'), + public_address => hiera('CONFIG_STORAGE_HOST'), + admin_address => hiera('CONFIG_STORAGE_HOST'), + internal_address => hiera('CONFIG_STORAGE_HOST'), } diff --git a/packstack/puppet/templates/keystone_glance.pp b/packstack/puppet/templates/keystone_glance.pp index 1d907acf2..8fd6a7f3b 100644 --- a/packstack/puppet/templates/keystone_glance.pp +++ b/packstack/puppet/templates/keystone_glance.pp @@ -1,8 +1,8 @@ -class {"glance::keystone::auth": - region => "%(CONFIG_KEYSTONE_REGION)s", - password => "%(CONFIG_GLANCE_KS_PW)s", - public_address => "%(CONFIG_STORAGE_HOST)s", - admin_address => "%(CONFIG_STORAGE_HOST)s", - internal_address => "%(CONFIG_STORAGE_HOST)s", +class { 'glance::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_GLANCE_KS_PW'), + public_address => hiera('CONFIG_STORAGE_HOST'), + admin_address => hiera('CONFIG_STORAGE_HOST'), + internal_address => hiera('CONFIG_STORAGE_HOST'), } diff --git a/packstack/puppet/templates/keystone_heat.pp b/packstack/puppet/templates/keystone_heat.pp index d05acd11f..2698a2d8d 100644 --- a/packstack/puppet/templates/keystone_heat.pp +++ b/packstack/puppet/templates/keystone_heat.pp @@ -1,18 +1,20 @@ # heat::keystone::auth -class {"heat::keystone::auth": - region => "%(CONFIG_KEYSTONE_REGION)s", - password => "%(CONFIG_HEAT_KS_PW)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", +class { 'heat::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_HEAT_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), } -if '%(CONFIG_HEAT_CFN_INSTALL)s' == 'y' { - # heat::keystone::cfn - class {"heat::keystone::auth_cfn": - password => "%(CONFIG_HEAT_KS_PW)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", - } +$is_heat_cfn_install = hiera('CONFIG_HEAT_CFN_INSTALL') + +if $is_heat_cfn_install == 'y' { + # heat::keystone::cfn + class { "heat::keystone::auth_cfn": + password => hiera('CONFIG_HEAT_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), + } } diff --git a/packstack/puppet/templates/keystone_neutron.pp b/packstack/puppet/templates/keystone_neutron.pp index 07842c84f..9e8bf93cf 100644 --- a/packstack/puppet/templates/keystone_neutron.pp +++ b/packstack/puppet/templates/keystone_neutron.pp @@ -1,8 +1,8 @@ -class {"neutron::keystone::auth": - region => "%(CONFIG_KEYSTONE_REGION)s", - password => "%(CONFIG_NEUTRON_KS_PW)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", +class { 'neutron::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_NEUTRON_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), } diff --git a/packstack/puppet/templates/keystone_nova.pp b/packstack/puppet/templates/keystone_nova.pp index f544bf933..498678776 100644 --- a/packstack/puppet/templates/keystone_nova.pp +++ b/packstack/puppet/templates/keystone_nova.pp @@ -1,9 +1,9 @@ -class {"nova::keystone::auth": - region => "%(CONFIG_KEYSTONE_REGION)s", - password => "%(CONFIG_NOVA_KS_PW)s", - public_address => "%(CONFIG_CONTROLLER_HOST)s", - admin_address => "%(CONFIG_CONTROLLER_HOST)s", - internal_address => "%(CONFIG_CONTROLLER_HOST)s", - cinder => true, +class { 'nova::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_NOVA_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), + cinder => true, } diff --git a/packstack/puppet/templates/keystone_swift.pp b/packstack/puppet/templates/keystone_swift.pp index be71587eb..f07db840c 100644 --- a/packstack/puppet/templates/keystone_swift.pp +++ b/packstack/puppet/templates/keystone_swift.pp @@ -1,5 +1,5 @@ class { 'swift::keystone::auth': - public_address => '%(CONFIG_CONTROLLER_HOST)s', - region => '%(CONFIG_KEYSTONE_REGION)s', - password => '%(CONFIG_SWIFT_KS_PW)s', + public_address => hiera('CONFIG_CONTROLLER_HOST'), + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_SWIFT_KS_PW'), } diff --git a/packstack/puppet/templates/mariadb_cinder_install.pp b/packstack/puppet/templates/mariadb_cinder_install.pp index 4a10614f5..5dfa4ae94 100644 --- a/packstack/puppet/templates/mariadb_cinder_install.pp +++ b/packstack/puppet/templates/mariadb_cinder_install.pp @@ -1,7 +1,7 @@ -class {"cinder::db::mysql": - password => "%(CONFIG_CINDER_DB_PW)s", - host => "%%", - allowed_hosts => "%%", - charset => "utf8", +class { 'cinder::db::mysql': + password => hiera('CONFIG_CINDER_DB_PW'), + host => '%%', + allowed_hosts => '%%', + charset => 'utf8', mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_cinder_noinstall.pp b/packstack/puppet/templates/mariadb_cinder_noinstall.pp index c5c7ae5ad..8e02eb808 100644 --- a/packstack/puppet/templates/mariadb_cinder_noinstall.pp +++ b/packstack/puppet/templates/mariadb_cinder_noinstall.pp @@ -1,27 +1,29 @@ remote_database { 'cinder': - ensure => 'present', - charset => 'utf8', - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', } +$mariadb_cinder_noinstall_db_pw = hiera('CONFIG_CINDER_DB_PW') + remote_database_user { 'cinder@%%': - password_hash => mysql_password('%(CONFIG_CINDER_DB_PW)s'), - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database['cinder'], + password_hash => mysql_password($mariadb_cinder_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['cinder'], } remote_database_grant { 'cinder@%%/cinder': - privileges => "all", - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database_user['cinder@%%'], + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['cinder@%%'], } diff --git a/packstack/puppet/templates/mariadb_glance_install.pp b/packstack/puppet/templates/mariadb_glance_install.pp index 6c868da53..b2fe2951a 100644 --- a/packstack/puppet/templates/mariadb_glance_install.pp +++ b/packstack/puppet/templates/mariadb_glance_install.pp @@ -1,7 +1,7 @@ -class {"glance::db::mysql": - password => "%(CONFIG_GLANCE_DB_PW)s", - host => "%%", - allowed_hosts => "%%", - charset => "utf8", +class { 'glance::db::mysql': + password => hiera('CONFIG_GLANCE_DB_PW'), + host => '%%', + allowed_hosts => '%%', + charset => 'utf8', mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_glance_noinstall.pp b/packstack/puppet/templates/mariadb_glance_noinstall.pp index defd85e0c..510f04213 100644 --- a/packstack/puppet/templates/mariadb_glance_noinstall.pp +++ b/packstack/puppet/templates/mariadb_glance_noinstall.pp @@ -1,27 +1,29 @@ remote_database { 'glance': - ensure => 'present', - charset => 'utf8', - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', } +$mariadb_glance_noinstall_db_pw = hiera('CONFIG_GLANCE_DB_PW') + remote_database_user { 'glance@%%': - password_hash => mysql_password('%(CONFIG_GLANCE_DB_PW)s' ), - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database['glance'], + password_hash => mysql_password($mariadb_glance_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['glance'], } remote_database_grant { 'glance@%%/glance': - privileges => "all", - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database_user['glance@%%'], + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['glance@%%'], } diff --git a/packstack/puppet/templates/mariadb_heat_install.pp b/packstack/puppet/templates/mariadb_heat_install.pp index 19aa67b28..ef99a2ae0 100644 --- a/packstack/puppet/templates/mariadb_heat_install.pp +++ b/packstack/puppet/templates/mariadb_heat_install.pp @@ -1,7 +1,7 @@ -class {"heat::db::mysql": - password => "%(CONFIG_HEAT_DB_PW)s", - host => "%%", - allowed_hosts => "%%", - charset => "utf8", +class { 'heat::db::mysql': + password => hiera('CONFIG_HEAT_DB_PW'), + host => '%%', + allowed_hosts => '%%', + charset => 'utf8', mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_heat_noinstall.pp b/packstack/puppet/templates/mariadb_heat_noinstall.pp index f0964e9ce..d59242fe9 100644 --- a/packstack/puppet/templates/mariadb_heat_noinstall.pp +++ b/packstack/puppet/templates/mariadb_heat_noinstall.pp @@ -1,27 +1,29 @@ remote_database { 'heat': - ensure => 'present', - charset => 'utf8', - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', } +$mariadb_heat_noinstall_db_pw = hiera('CONFIG_HEAT_DB_PW') + remote_database_user { 'heat@%%': - password_hash => mysql_password('%(CONFIG_HEAT_DB_PW)s'), - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database['heat'], + password_hash => mysql_password($mariadb_heat_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['heat'], } remote_database_grant { 'heat@%%/heat': - privileges => "all", - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database_user['heat@%%'], + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['heat@%%'], } diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index 9e96054d7..26dccb790 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -1,36 +1,41 @@ # Package mariadb-server conflicts with mariadb-galera-server -package {"mariadb-server": - ensure => absent, +package { 'mariadb-server': + ensure => absent, } -class {"mysql::server": - package_name => "mariadb-galera-server", - restart => true, - root_password => "%(CONFIG_MARIADB_PW)s", - require => Package['mariadb-server'], - override_options => { - 'mysqld' => { bind_address => "0.0.0.0", - default_storage_engine => "InnoDB", - max_connections => "1024", - open_files_limit => '-1', - } +class { 'mysql::server': + package_name => 'mariadb-galera-server', + restart => true, + root_password => hiera('CONFIG_MARIADB_PW'), + require => Package['mariadb-server'], + override_options => { + 'mysqld' => { bind_address => '0.0.0.0', + default_storage_engine => 'InnoDB', + max_connections => '1024', + open_files_limit => '-1', } + } } # deleting database users for security # this is done in mysql::server::account_security but has problems # when there is no fqdn, so we're defining a slightly different one here database_user { [ 'root@127.0.0.1', 'root@::1', '@localhost', '@%%' ]: - ensure => 'absent', require => Class['mysql::server'], + ensure => 'absent', + require => Class['mysql::server'], } -if ($::fqdn != "" and $::fqdn != "localhost") { - database_user { [ "root@${::fqdn}", "@${::fqdn}"]: - ensure => 'absent', require => Class['mysql::server'], - } + +if ($::fqdn != '' and $::fqdn != 'localhost') { + database_user { [ "root@${::fqdn}", "@${::fqdn}"]: + ensure => 'absent', + require => Class['mysql::server'], + } } -if ($::fqdn != $::hostname and $::hostname != "localhost") { - database_user { ["root@${::hostname}", "@${::hostname}"]: - ensure => 'absent', require => Class['mysql::server'], - } +if ($::fqdn != $::hostname and $::hostname != 'localhost') { + database_user { ["root@${::hostname}", "@${::hostname}"]: + ensure => 'absent', + require => Class['mysql::server'], + } } + diff --git a/packstack/puppet/templates/mariadb_keystone_install.pp b/packstack/puppet/templates/mariadb_keystone_install.pp index 2ef9bdbff..1534bde63 100644 --- a/packstack/puppet/templates/mariadb_keystone_install.pp +++ b/packstack/puppet/templates/mariadb_keystone_install.pp @@ -1,7 +1,7 @@ -class {"keystone::db::mysql": - user => 'keystone_admin', - password => "%(CONFIG_KEYSTONE_DB_PW)s", - allowed_hosts => "%%", - charset => "utf8", - mysql_module => '2.2', +class { 'keystone::db::mysql': + user => 'keystone_admin', + password => hiera('CONFIG_KEYSTONE_DB_PW'), + allowed_hosts => '%%', + charset => 'utf8', + mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_keystone_noinstall.pp b/packstack/puppet/templates/mariadb_keystone_noinstall.pp index 71a562443..e454edbb3 100644 --- a/packstack/puppet/templates/mariadb_keystone_noinstall.pp +++ b/packstack/puppet/templates/mariadb_keystone_noinstall.pp @@ -1,27 +1,29 @@ remote_database { 'keystone': - ensure => 'present', - charset => 'utf8', - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', } +$mariadb_keystone_noinstall_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') + remote_database_user { 'keystone_admin@%%': - password_hash => mysql_password('%(CONFIG_KEYSTONE_DB_PW)s' ), - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database['keystone'], + password_hash => mysql_password($mariadb_keystone_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['keystone'], } remote_database_grant { 'keystone_admin@%%/keystone': - privileges => "all", - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database_user['keystone_admin@%%'], + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['keystone_admin@%%'], } diff --git a/packstack/puppet/templates/mariadb_neutron_install.pp b/packstack/puppet/templates/mariadb_neutron_install.pp index 3070dfa74..6bcad4ef7 100644 --- a/packstack/puppet/templates/mariadb_neutron_install.pp +++ b/packstack/puppet/templates/mariadb_neutron_install.pp @@ -1,8 +1,8 @@ -class {"neutron::db::mysql": - password => "%(CONFIG_NEUTRON_DB_PW)s", - host => "%%", - allowed_hosts => "%%", - dbname => '%(CONFIG_NEUTRON_L2_DBNAME)s', - charset => "utf8", +class { 'neutron::db::mysql': + password => hiera('CONFIG_NEUTRON_DB_PW'), + host => '%%', + allowed_hosts => '%%', + dbname => hiera('CONFIG_NEUTRON_L2_DBNAME'), + charset => 'utf8', mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_neutron_noinstall.pp b/packstack/puppet/templates/mariadb_neutron_noinstall.pp index 3ddac8ac6..fd38d27a3 100644 --- a/packstack/puppet/templates/mariadb_neutron_noinstall.pp +++ b/packstack/puppet/templates/mariadb_neutron_noinstall.pp @@ -1,27 +1,30 @@ -remote_database { '%(CONFIG_NEUTRON_L2_DBNAME)s': - ensure => 'present', - charset => 'utf8', - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', +$mariadb_neutron_noinstall_db_pw = hiera('CONFIG_NEUTRON_DB_PW') +$mariadb_neutron_noinstall_l2_dbname = hiera('CONFIG_NEUTRON_L2_DBNAME') + +remote_database { $mariadb_neutron_noinstall_l2_dbname: + ensure => present, + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', } remote_database_user { 'neutron@%%': - password_hash => mysql_password('%(CONFIG_NEUTRON_DB_PW)s' ), - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database['%(CONFIG_NEUTRON_L2_DBNAME)s'], + password_hash => mysql_password($mariadb_neutron_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database[$mariadb_neutron_noinstall_l2_dbname], } -remote_database_grant { 'neutron@%%/%(CONFIG_NEUTRON_L2_DBNAME)s': - privileges => "all", - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database_user['neutron@%%'], +remote_database_grant { "neutron@%%/${mariadb_neutron_noinstall_l2_dbname}": + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['neutron@%%'], } diff --git a/packstack/puppet/templates/mariadb_noinstall.pp b/packstack/puppet/templates/mariadb_noinstall.pp index 626ee88fa..cc13afc3e 100644 --- a/packstack/puppet/templates/mariadb_noinstall.pp +++ b/packstack/puppet/templates/mariadb_noinstall.pp @@ -1,3 +1,2 @@ -class { 'remote::db': -} +class { 'remote::db': } diff --git a/packstack/puppet/templates/mariadb_nova_install.pp b/packstack/puppet/templates/mariadb_nova_install.pp index 2049beeaa..7f18565ae 100644 --- a/packstack/puppet/templates/mariadb_nova_install.pp +++ b/packstack/puppet/templates/mariadb_nova_install.pp @@ -1,7 +1,7 @@ -class {"nova::db::mysql": - password => "%(CONFIG_NOVA_DB_PW)s", - host => "%%", - allowed_hosts => "%%", - charset => "utf8", +class { 'nova::db::mysql': + password => hiera('CONFIG_NOVA_DB_PW'), + host => '%%', + allowed_hosts => '%%', + charset => 'utf8', mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_nova_noinstall.pp b/packstack/puppet/templates/mariadb_nova_noinstall.pp index f4ccf4531..28b685107 100644 --- a/packstack/puppet/templates/mariadb_nova_noinstall.pp +++ b/packstack/puppet/templates/mariadb_nova_noinstall.pp @@ -1,27 +1,29 @@ remote_database { 'nova': - ensure => 'present', - charset => 'utf8', - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', } +$mariadb_nova_noinstall_db_pw = hiera('CONFIG_NOVA_DB_PW') + remote_database_user { 'nova@%%': - password_hash => mysql_password('%(CONFIG_NOVA_DB_PW)s' ), - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database['nova'], + password_hash => mysql_password($mariadb_nova_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['nova'], } remote_database_grant { 'nova@%%/nova': - privileges => "all", - db_host => '%(CONFIG_MARIADB_HOST)s', - db_user => '%(CONFIG_MARIADB_USER)s', - db_password => '%(CONFIG_MARIADB_PW)s', - provider => 'mysql', - require => Remote_database_user['nova@%%'], + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['nova@%%'], } diff --git a/packstack/puppet/templates/mongodb.pp b/packstack/puppet/templates/mongodb.pp index 490ce4ba1..5343400d4 100644 --- a/packstack/puppet/templates/mongodb.pp +++ b/packstack/puppet/templates/mongodb.pp @@ -1,4 +1,7 @@ +$mongodb_host = hiera('CONFIG_MONGODB_HOST') + class { 'mongodb::server': - smallfiles => true, - bind_ip => ['%(CONFIG_MONGODB_HOST)s'], + smallfiles => true, + bind_ip => [$mongodb_host], } + diff --git a/packstack/puppet/templates/nagios_nrpe.pp b/packstack/puppet/templates/nagios_nrpe.pp index 1aeaada65..30997b225 100644 --- a/packstack/puppet/templates/nagios_nrpe.pp +++ b/packstack/puppet/templates/nagios_nrpe.pp @@ -1,43 +1,48 @@ -package{'nrpe': - ensure => present, - before => Class['nagios_configs'] +package{ 'nrpe': + ensure => present, + before => Class['nagios_configs'], } -file{'/etc/nagios/nrpe.cfg': - ensure => 'present', - mode => '0644', - owner => 'nagios', - group => 'nagios', - require => Package['nrpe'], +file{ '/etc/nagios/nrpe.cfg': + ensure => 'present', + mode => '0644', + owner => 'nagios', + group => 'nagios', + require => Package['nrpe'], } -class nagios_configs(){ - file_line{'allowed_hosts': - path => '/etc/nagios/nrpe.cfg', - match => 'allowed_hosts=', - line => 'allowed_hosts=%(CONFIG_CONTROLLER_HOST)s', - } - - # 5 minute load average - file_line{'load5': - path => '/etc/nagios/nrpe.cfg', - match => 'command\[load5\]=', - line => 'command[load5]=cut /proc/loadavg -f 1 -d " "', - } - - # disk used on /var - file_line{'df_var': - path => '/etc/nagios/nrpe.cfg', - match => "command\[df_var\]=", - line => "command[df_var]=df /var/ | sed -re 's/.* ([0-9]+)%%.*/\\1/' | grep -E '^[0-9]'", - } +class nagios_configs () { + $nagios_configs_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + + file_line{'allowed_hosts': + path => '/etc/nagios/nrpe.cfg', + match => 'allowed_hosts=', + line => "allowed_hosts=${nagios_configs_cfg_ctrl_host}", + } + + # 5 minute load average + file_line{'load5': + path => '/etc/nagios/nrpe.cfg', + match => 'command\[load5\]=', + line => 'command[load5]=cut /proc/loadavg -f 1 -d " "', + } + + # disk used on /var + file_line{'df_var': + path => '/etc/nagios/nrpe.cfg', + match => "command\[df_var\]=", + line => "command[df_var]=df /var/ | sed -re 's/.* ([0-9]+)%%.*/\\1/' | grep -E '^[0-9]'", + } } + class{'nagios_configs': - notify => Service['nrpe'], + notify => Service['nrpe'], } service{'nrpe': - ensure => running, - enable => true, - hasstatus => true, + ensure => running, + enable => true, + hasstatus => true, } + + diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index 68ab5af8e..c9c39e342 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -1,81 +1,99 @@ include packstack::apache_common -package{['nagios', 'nagios-plugins-nrpe']: - ensure => present, - before => Class['nagios_configs'] +package { ['nagios', 'nagios-plugins-nrpe']: + ensure => present, + before => Class['nagios_configs'], } # We need to preferably install nagios-plugins-ping exec { 'nagios-plugins-ping': - path => '/usr/bin', - command => 'yum install -y -d 0 -e 0 monitoring-plugins-ping', - onlyif => 'yum install -y -d 0 -e 0 nagios-plugins-ping &> /dev/null && exit 1 || exit 0', - before => Class['nagios_configs'] + path => '/usr/bin', + command => 'yum install -y -d 0 -e 0 monitoring-plugins-ping', + onlyif => 'yum install -y -d 0 -e 0 nagios-plugins-ping &> /dev/null && exit 1 || exit 0', + before => Class['nagios_configs'] } class nagios_configs(){ - file{['/etc/nagios/nagios_command.cfg', '/etc/nagios/nagios_host.cfg']: - ensure => 'present', - mode => '0644', - owner => 'nagios', - group => 'nagios', - } - - # Remove the entry for localhost, it contains services we're not - # monitoring - file{['/etc/nagios/objects/localhost.cfg']: - ensure => 'present', - content => '', - } - - file_line{'nagios_host': - path => '/etc/nagios/nagios.cfg', - line => 'cfg_file=/etc/nagios/nagios_host.cfg', - } - - file_line{'nagios_command': - path => '/etc/nagios/nagios.cfg', - line => 'cfg_file=/etc/nagios/nagios_command.cfg', - } - - file_line{'nagios_service': - path => '/etc/nagios/nagios.cfg', - line => 'cfg_file=/etc/nagios/nagios_service.cfg', - } - - nagios_command{'check_nrpe': - command_line => '/usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$', - } - - exec{'nagiospasswd': - command => '/usr/bin/htpasswd -b /etc/nagios/passwd nagiosadmin %(CONFIG_NAGIOS_PW)s', - } - - file {"/etc/nagios/keystonerc_admin": - ensure => "present", owner => "nagios", mode => '0600', - content => "export OS_USERNAME=admin + file { ['/etc/nagios/nagios_command.cfg', '/etc/nagios/nagios_host.cfg']: + ensure => 'present', + mode => '0644', + owner => 'nagios', + group => 'nagios', + } + + # Remove the entry for localhost, it contains services we're not + # monitoring + file { ['/etc/nagios/objects/localhost.cfg']: + ensure => 'present', + content => '', + } + + file_line { 'nagios_host': + path => '/etc/nagios/nagios.cfg', + line => 'cfg_file=/etc/nagios/nagios_host.cfg', + } + + file_line { 'nagios_command': + path => '/etc/nagios/nagios.cfg', + line => 'cfg_file=/etc/nagios/nagios_command.cfg', + } + + file_line { 'nagios_service': + path => '/etc/nagios/nagios.cfg', + line => 'cfg_file=/etc/nagios/nagios_service.cfg', + } + + nagios_command { 'check_nrpe': + command_line => '/usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$', + } + + $cfg_nagios_pw = hiera('CONFIG_NAGIOS_PW') + + exec { 'nagiospasswd': + command => "/usr/bin/htpasswd -b /etc/nagios/passwd nagiosadmin ${cfg_nagios_pw}", + } + + $nagios_cfg_ks_adm_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') + $nagios_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + + file { '/etc/nagios/keystonerc_admin': + ensure => 'present', + owner => 'nagios', + mode => '0600', + content => "export OS_USERNAME=admin export OS_TENANT_NAME=admin -export OS_PASSWORD=%(CONFIG_KEYSTONE_ADMIN_PW)s -export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0/ ",} +export OS_PASSWORD=${nagios_cfg_ks_adm_pw} +export OS_AUTH_URL=http://${nagios_cfg_ctrl_host}:35357/v2.0/ ", + } - %(CONFIG_NAGIOS_MANIFEST_CONFIG)s + %(CONFIG_NAGIOS_MANIFEST_CONFIG)s } -class{'nagios_configs': - notify => [Service['nagios'], Service['httpd']], +class { 'nagios_configs': + notify => [Service['nagios'], Service['httpd']], } -include ::apache -class {'apache::mod::php': } +include concat::setup -service{['nagios']: - ensure => running, - enable => true, - hasstatus => true, +class { 'apache': + purge_configs => false, +} + +class { 'apache::mod::php': } + +service { ['nagios']: + ensure => running, + enable => true, + hasstatus => true, } firewall { '001 nagios incoming': - proto => 'tcp', - dport => ['80'], - action => 'accept', + proto => 'tcp', + dport => ['80'], + action => 'accept', +} + +# ensure that we won't stop listening on 443 if horizon has ssl enabled +if hiera('CONFIG_HORIZON_SSL') { + apache::listen { '443': } } diff --git a/packstack/puppet/templates/neutron.pp b/packstack/puppet/templates/neutron.pp index ab4243786..085d7bfe7 100644 --- a/packstack/puppet/templates/neutron.pp +++ b/packstack/puppet/templates/neutron.pp @@ -1,9 +1,8 @@ -$neutron_db_host = '%(CONFIG_MARIADB_HOST)s' -$neutron_db_name = '%(CONFIG_NEUTRON_L2_DBNAME)s' -$neutron_db_user = 'neutron' -$neutron_db_password = '%(CONFIG_NEUTRON_DB_PW)s' -$neutron_sql_connection = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}" - -$neutron_user_password = '%(CONFIG_NEUTRON_KS_PW)s' +$neutron_db_host = hiera('CONFIG_MARIADB_HOST') +$neutron_db_name = hiera('CONFIG_NEUTRON_L2_DBNAME') +$neutron_db_user = 'neutron' +$neutron_db_password = hiera('CONFIG_NEUTRON_DB_PW') +$neutron_sql_connection = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}" +$neutron_user_password = hiera('CONFIG_NEUTRON_KS_PW') diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index 486ab03dc..66d41afd0 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -1,17 +1,18 @@ class { 'neutron::server': sql_connection => $neutron_sql_connection, - connection => $neutron_sql_connection, - auth_password => $neutron_user_password, - auth_host => '%(CONFIG_CONTROLLER_HOST)s', - enabled => true, + connection => $neutron_sql_connection, + auth_password => $neutron_user_password, + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + enabled => true, mysql_module => '2.2', } exec { 'neutron-db-manage upgrade': - command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head', - path => '/usr/bin', - user => 'neutron', - logoutput => 'on_failure', - before => Service['neutron-server'], - require => [Neutron_config['database/connection'], Neutron_config['DEFAULT/core_plugin']], + command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head', + path => '/usr/bin', + user => 'neutron', + logoutput => 'on_failure', + before => Service['neutron-server'], + require => [Neutron_config['database/connection'], Neutron_config['DEFAULT/core_plugin']], } + diff --git a/packstack/puppet/templates/neutron_dhcp.pp b/packstack/puppet/templates/neutron_dhcp.pp index 8880c8228..10c052b0e 100644 --- a/packstack/puppet/templates/neutron_dhcp.pp +++ b/packstack/puppet/templates/neutron_dhcp.pp @@ -1,4 +1,5 @@ class { 'neutron::agents::dhcp': - interface_driver => '%(CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER)s', - debug => %(CONFIG_DEBUG_MODE)s, + interface_driver => hiera('CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'), + debug => hiera('CONFIG_DEBUG_MODE'), } + diff --git a/packstack/puppet/templates/neutron_l3.pp b/packstack/puppet/templates/neutron_l3.pp index 8e91c5429..35b0e3c73 100644 --- a/packstack/puppet/templates/neutron_l3.pp +++ b/packstack/puppet/templates/neutron_l3.pp @@ -1,9 +1,9 @@ class { 'neutron::agents::l3': - interface_driver => '%(CONFIG_NEUTRON_L3_INTERFACE_DRIVER)s', - external_network_bridge => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - debug => %(CONFIG_DEBUG_MODE)s, + interface_driver => hiera('CONFIG_NEUTRON_L3_INTERFACE_DRIVER'), + external_network_bridge => hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE'), + debug => hiera('CONFIG_DEBUG_MODE'), } sysctl::value { 'net.ipv4.ip_forward': - value => '1' + value => '1', } diff --git a/packstack/puppet/templates/neutron_lb_agent.pp b/packstack/puppet/templates/neutron_lb_agent.pp index a22c22fd6..a0a0217d7 100644 --- a/packstack/puppet/templates/neutron_lb_agent.pp +++ b/packstack/puppet/templates/neutron_lb_agent.pp @@ -1,3 +1,3 @@ class {'neutron::agents::linuxbridge': - physical_interface_mappings => '%(CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS)s', + physical_interface_mappings => hiera('CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS'), } diff --git a/packstack/puppet/templates/neutron_lb_plugin.pp b/packstack/puppet/templates/neutron_lb_plugin.pp index 90ecfc4bd..e1a282d23 100644 --- a/packstack/puppet/templates/neutron_lb_plugin.pp +++ b/packstack/puppet/templates/neutron_lb_plugin.pp @@ -1,4 +1,4 @@ class { 'neutron::plugins::linuxbridge': - tenant_network_type => '%(CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE)s', - network_vlan_ranges => '%(CONFIG_NEUTRON_LB_VLAN_RANGES)s', + tenant_network_type => hiera('CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE'), + network_vlan_ranges => hiera('CONFIG_NEUTRON_LB_VLAN_RANGES'), } diff --git a/packstack/puppet/templates/neutron_lbaas.pp b/packstack/puppet/templates/neutron_lbaas.pp index 6d27267a7..fa27350f0 100644 --- a/packstack/puppet/templates/neutron_lbaas.pp +++ b/packstack/puppet/templates/neutron_lbaas.pp @@ -1,6 +1,6 @@ class { 'neutron::agents::lbaas': - interface_driver => '%(CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER)s', + interface_driver => hiera('CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'), device_driver => 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver', user_group => 'haproxy', - debug => %(CONFIG_DEBUG_MODE)s, + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/neutron_metadata.pp b/packstack/puppet/templates/neutron_metadata.pp index 9db8cc8be..7900bb5bf 100644 --- a/packstack/puppet/templates/neutron_metadata.pp +++ b/packstack/puppet/templates/neutron_metadata.pp @@ -1,8 +1,10 @@ -class {'neutron::agents::metadata': - auth_password => '%(CONFIG_NEUTRON_KS_PW)s', - auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - auth_region => '%(CONFIG_KEYSTONE_REGION)s', - shared_secret => '%(CONFIG_NEUTRON_METADATA_PW)s', - metadata_ip => '%(CONFIG_CONTROLLER_HOST)s', - debug => %(CONFIG_DEBUG_MODE)s, +$neutron_metadata_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + +class { 'neutron::agents::metadata': + auth_password => hiera('CONFIG_NEUTRON_KS_PW'), + auth_url => "http://${neutron_metadata_cfg_ctrl_host}:35357/v2.0", + auth_region => hiera('CONFIG_KEYSTONE_REGION'), + shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'), + metadata_ip => hiera('CONFIG_CONTROLLER_HOST'), + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/neutron_metering_agent.pp b/packstack/puppet/templates/neutron_metering_agent.pp index e2f1275c2..ccae46adf 100644 --- a/packstack/puppet/templates/neutron_metering_agent.pp +++ b/packstack/puppet/templates/neutron_metering_agent.pp @@ -1,4 +1,4 @@ class { 'neutron::agents::metering': - interface_driver => '%(CONFIG_NEUTRON_METERING_IFCE_DRIVER)s', - debug => %(CONFIG_DEBUG_MODE)s, + interface_driver => hiera('CONFIG_NEUTRON_METERING_IFCE_DRIVER'), + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/neutron_ml2_plugin.pp b/packstack/puppet/templates/neutron_ml2_plugin.pp index 6e2f97ad3..b826d792e 100644 --- a/packstack/puppet/templates/neutron_ml2_plugin.pp +++ b/packstack/puppet/templates/neutron_ml2_plugin.pp @@ -1,17 +1,26 @@ +if hiera('CONFIG_NEUTRON_ML2_VXLAN_GROUP') == '' { + $vxlan_group_value = undef +} else { + $vxlan_group_value = hiera('CONFIG_NEUTRON_ML2_VXLAN_GROUP') +} + class { 'neutron::plugins::ml2': - type_drivers => %(CONFIG_NEUTRON_ML2_TYPE_DRIVERS)s, - tenant_network_types => %(CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES)s, - mechanism_drivers => %(CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS)s, - flat_networks => %(CONFIG_NEUTRON_ML2_FLAT_NETWORKS)s, - network_vlan_ranges => %(CONFIG_NEUTRON_ML2_VLAN_RANGES)s, - tunnel_id_ranges => %(CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES)s, - vxlan_group => %(CONFIG_NEUTRON_ML2_VXLAN_GROUP)s, - vni_ranges => %(CONFIG_NEUTRON_ML2_VNI_RANGES)s, + type_drivers => hiera_array('CONFIG_NEUTRON_ML2_TYPE_DRIVERS'), + tenant_network_types => hiera_array('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'), + mechanism_drivers => hiera_array('CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'), + flat_networks => hiera_array('CONFIG_NEUTRON_ML2_FLAT_NETWORKS'), + network_vlan_ranges => hiera_array('CONFIG_NEUTRON_ML2_VLAN_RANGES'), + tunnel_id_ranges => hiera_array('CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES'), + vxlan_group => $vxlan_group_value, + vni_ranges => hiera_array('CONFIG_NEUTRON_ML2_VNI_RANGES'), enable_security_group => true, } -# For cases where "neutron-db-manage upgrade" command is called we need to fill config file first +# For cases where "neutron-db-manage upgrade" command is called +# we need to fill config file first if defined(Exec['neutron-db-manage upgrade']) { - Neutron_plugin_ml2<||> -> File['/etc/neutron/plugin.ini'] -> Exec['neutron-db-manage upgrade'] + Neutron_plugin_ml2<||> -> + File['/etc/neutron/plugin.ini'] -> + Exec['neutron-db-manage upgrade'] } diff --git a/packstack/puppet/templates/neutron_notifications.pp b/packstack/puppet/templates/neutron_notifications.pp index 36983512a..95e00951b 100644 --- a/packstack/puppet/templates/neutron_notifications.pp +++ b/packstack/puppet/templates/neutron_notifications.pp @@ -1,9 +1,11 @@ +$neutron_notif_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + # Configure nova notifications system class { 'neutron::server::notifications': - nova_admin_username => 'nova', - nova_admin_password => '%(CONFIG_NOVA_KS_PW)s', - nova_admin_tenant_name => 'services', - nova_url => 'http://%(CONFIG_CONTROLLER_HOST)s:8774/v2', - nova_admin_auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - nova_region_name => '%(CONFIG_KEYSTONE_REGION)s', + nova_admin_username => 'nova', + nova_admin_password => hiera('CONFIG_NOVA_KS_PW'), + nova_admin_tenant_name => 'services', + nova_url => "http://${neutron_notif_cfg_ctrl_host}:8774/v2", + nova_admin_auth_url => "http://${neutron_notif_cfg_ctrl_host}:35357/v2.0", + nova_region_name => hiera('CONFIG_KEYSTONE_REGION'), } diff --git a/packstack/puppet/templates/neutron_ovs_agent_gre.pp b/packstack/puppet/templates/neutron_ovs_agent_gre.pp index fd39ef742..f9ec26120 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_gre.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_gre.pp @@ -1,21 +1,23 @@ -if "%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s" { - $iface = regsubst('%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s', '[\.\-\:]', '_', 'G') +$ovs_agent_gre_cfg_neut_ovs_tun_if = hiera('CONFIG_NEUTRON_OVS_TUNNEL_IF') + +if $ovs_agent_gre_cfg_neut_ovs_tun_if != '' { + $iface = regsubst($ovs_agent_gre_cfg_neut_ovs_tun_if, '[\.\-\:]', '_', 'G') $localip = inline_template("<%%= scope.lookupvar('::ipaddress_${iface}') %%>") } else { - $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' + $localip = $cfg_neutron_ovs_host } -if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { +if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { class { 'neutron::agents::ml2::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), enable_tunneling => true, tunnel_types => ['gre'], local_ip => $localip, - l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, + l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), } } else { class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), enable_tunneling => true, tunnel_types => ['gre'], local_ip => $localip, diff --git a/packstack/puppet/templates/neutron_ovs_agent_local.pp b/packstack/puppet/templates/neutron_ovs_agent_local.pp index 371a2c82c..f3d6f4ba6 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_local.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_local.pp @@ -1,12 +1,12 @@ -if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { +if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { class { 'neutron::agents::ml2::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, - l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), + l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), } } else { class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), } file { 'ovs_neutron_plugin.ini': diff --git a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp index 371a2c82c..f3d6f4ba6 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp @@ -1,12 +1,12 @@ -if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { +if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { class { 'neutron::agents::ml2::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, - l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), + l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), } } else { class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), } file { 'ovs_neutron_plugin.ini': diff --git a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp index afa38eb1a..6813afc13 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp @@ -1,27 +1,28 @@ +$ovs_agent_vxlan_cfg_neut_ovs_tun_if = hiera('CONFIG_NEUTRON_OVS_TUNNEL_IF') -if "%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s" { - $iface = regsubst('%(CONFIG_NEUTRON_OVS_TUNNEL_IF)s', '[\.\-\:]', '_', 'G') +if $ovs_agent_vxlan_cfg_neut_ovs_tun_if != '' { + $iface = regsubst($ovs_agent_vxlan_cfg_neut_ovs_tun_if, '[\.\-\:]', '_', 'G') $localip = inline_template("<%%= scope.lookupvar('::ipaddress_${iface}') %%>") } else { - $localip = '%(CONFIG_NEUTRON_OVS_HOST)s' + $localip = $cfg_neutron_ovs_host } -if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { +if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { class { 'neutron::agents::ml2::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), enable_tunneling => true, tunnel_types => ['vxlan'], local_ip => $localip, - vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, - l2_population => %(CONFIG_NEUTRON_USE_L2POPULATION)s, + vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'), + l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), } } else { class { 'neutron::agents::ovs': - bridge_mappings => %(CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS)s, + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), enable_tunneling => true, tunnel_types => ['vxlan'], local_ip => $localip, - vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, + vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'), } file { 'ovs_neutron_plugin.ini': diff --git a/packstack/puppet/templates/neutron_ovs_bridge.pp b/packstack/puppet/templates/neutron_ovs_bridge.pp index dea5fc656..307aabded 100644 --- a/packstack/puppet/templates/neutron_ovs_bridge.pp +++ b/packstack/puppet/templates/neutron_ovs_bridge.pp @@ -1,10 +1,14 @@ -if '%(CONFIG_NEUTRON_L2_PLUGIN)s' == 'ml2' { +$ovs_bridge_cfg_neut_l2_plugin = hiera('CONFIG_NEUTRON_L2_PLUGIN') + +if $ovs_bridge_cfg_neut_l2_plugin == 'ml2' { $agent_service = 'neutron-ovs-agent-service' } else { $agent_service = 'neutron-plugin-ovs-service' } -vs_bridge { '%(CONFIG_NEUTRON_OVS_BRIDGE)s': +$config_neutron_ovs_bridge = hiera('CONFIG_NEUTRON_OVS_BRIDGE') + +vs_bridge { $config_neutron_ovs_bridge: ensure => present, - require => Service["${agent_service}"] + require => Service[$agent_service], } diff --git a/packstack/puppet/templates/neutron_ovs_plugin_gre.pp b/packstack/puppet/templates/neutron_ovs_plugin_gre.pp index 90e0e7fef..12d9f44df 100644 --- a/packstack/puppet/templates/neutron_ovs_plugin_gre.pp +++ b/packstack/puppet/templates/neutron_ovs_plugin_gre.pp @@ -1,5 +1,5 @@ class { 'neutron::plugins::ovs': - tenant_network_type => '%(CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE)s', - network_vlan_ranges => '%(CONFIG_NEUTRON_OVS_VLAN_RANGES)s', - tunnel_id_ranges => '%(CONFIG_NEUTRON_OVS_TUNNEL_RANGES)s', + tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), + network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), + tunnel_id_ranges => hiera('CONFIG_NEUTRON_OVS_TUNNEL_RANGES'), } diff --git a/packstack/puppet/templates/neutron_ovs_plugin_local.pp b/packstack/puppet/templates/neutron_ovs_plugin_local.pp index 08b293093..ee515fe6a 100644 --- a/packstack/puppet/templates/neutron_ovs_plugin_local.pp +++ b/packstack/puppet/templates/neutron_ovs_plugin_local.pp @@ -1,4 +1,4 @@ class { 'neutron::plugins::ovs': - tenant_network_type => '%(CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE)s', - network_vlan_ranges => '%(CONFIG_NEUTRON_OVS_VLAN_RANGES)s', + tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), + network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), } diff --git a/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp b/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp index 08b293093..ee515fe6a 100644 --- a/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp +++ b/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp @@ -1,4 +1,4 @@ class { 'neutron::plugins::ovs': - tenant_network_type => '%(CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE)s', - network_vlan_ranges => '%(CONFIG_NEUTRON_OVS_VLAN_RANGES)s', + tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), + network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), } diff --git a/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp b/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp index 5504cb0a3..86e2b1298 100644 --- a/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp @@ -1,7 +1,7 @@ class { 'neutron::plugins::ovs': - tenant_network_type => '%(CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE)s', - network_vlan_ranges => '%(CONFIG_NEUTRON_OVS_VLAN_RANGES)s', - tunnel_id_ranges => '%(CONFIG_NEUTRON_OVS_TUNNEL_RANGES)s', - vxlan_udp_port => %(CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT)s, + tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), + network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), + tunnel_id_ranges => hiera('CONFIG_NEUTRON_OVS_TUNNEL_RANGES'), + vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'), } diff --git a/packstack/puppet/templates/neutron_ovs_port.pp b/packstack/puppet/templates/neutron_ovs_port.pp index 787c0510a..80015e56c 100644 --- a/packstack/puppet/templates/neutron_ovs_port.pp +++ b/packstack/puppet/templates/neutron_ovs_port.pp @@ -1,5 +1,7 @@ -vs_port { '%(CONFIG_NEUTRON_OVS_IFACE)s': - bridge => '%(CONFIG_NEUTRON_OVS_BRIDGE)s', - ensure => present +$cfg_neutron_ovs_iface = hiera('CONFIG_NEUTRON_OVS_IFACE') + +vs_port { $cfg_neutron_ovs_iface: + ensure => present, + bridge => hiera('CONFIG_NEUTRON_OVS_BRIDGE'), } diff --git a/packstack/puppet/templates/neutron_qpid.pp b/packstack/puppet/templates/neutron_qpid.pp index 9c107c86e..831e18879 100644 --- a/packstack/puppet/templates/neutron_qpid.pp +++ b/packstack/puppet/templates/neutron_qpid.pp @@ -1,14 +1,14 @@ class { 'neutron': rpc_backend => 'neutron.openstack.common.rpc.impl_qpid', - qpid_hostname => '%(CONFIG_AMQP_HOST)s', - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', - core_plugin => '%(CONFIG_NEUTRON_CORE_PLUGIN)s', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + core_plugin => hiera('CONFIG_NEUTRON_CORE_PLUGIN'), allow_overlapping_ips => true, - service_plugins => %(SERVICE_PLUGINS)s, + service_plugins => hiera_array('SERVICE_PLUGINS'), verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/neutron_rabbitmq.pp b/packstack/puppet/templates/neutron_rabbitmq.pp index e84c23408..b4f62f39e 100644 --- a/packstack/puppet/templates/neutron_rabbitmq.pp +++ b/packstack/puppet/templates/neutron_rabbitmq.pp @@ -1,12 +1,12 @@ class { 'neutron': - rabbit_host => '%(CONFIG_AMQP_HOST)s', - rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - rabbit_user => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - core_plugin => '%(CONFIG_NEUTRON_CORE_PLUGIN)s', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + core_plugin => hiera('CONFIG_NEUTRON_CORE_PLUGIN'), allow_overlapping_ips => true, - service_plugins => %(SERVICE_PLUGINS)s, + service_plugins => hiera_array('SERVICE_PLUGINS'), verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/nova_api.pp b/packstack/puppet/templates/nova_api.pp index 76fb187fc..c8379c927 100644 --- a/packstack/puppet/templates/nova_api.pp +++ b/packstack/puppet/templates/nova_api.pp @@ -1,10 +1,10 @@ require 'keystone::python' -class {"nova::api": - enabled => true, - auth_host => "%(CONFIG_CONTROLLER_HOST)s", - admin_password => "%(CONFIG_NOVA_KS_PW)s", - neutron_metadata_proxy_shared_secret => %(CONFIG_NEUTRON_METADATA_PW_UNQUOTED)s +class { 'nova::api': + enabled => true, + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + admin_password => hiera('CONFIG_NOVA_KS_PW'), + neutron_metadata_proxy_shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW_UNQUOTED'), } Package<| title == 'nova-common' |> -> Class['nova::api'] diff --git a/packstack/puppet/templates/nova_ceilometer.pp b/packstack/puppet/templates/nova_ceilometer.pp index ec22d67a2..7bca6458d 100644 --- a/packstack/puppet/templates/nova_ceilometer.pp +++ b/packstack/puppet/templates/nova_ceilometer.pp @@ -1,8 +1,9 @@ +$nova_ceil_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') class { 'ceilometer::agent::auth': - auth_url => 'http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0', - auth_password => '%(CONFIG_CEILOMETER_KS_PW)s', + auth_url => "http://${nova_ceil_cfg_ctrl_host}:35357/v2.0", + auth_password => hiera('CONFIG_CEILOMETER_KS_PW'), } -class { 'ceilometer::agent::compute': -} +class { 'ceilometer::agent::compute': } + diff --git a/packstack/puppet/templates/nova_ceilometer_qpid.pp b/packstack/puppet/templates/nova_ceilometer_qpid.pp index eee1b85b2..c849a817a 100644 --- a/packstack/puppet/templates/nova_ceilometer_qpid.pp +++ b/packstack/puppet/templates/nova_ceilometer_qpid.pp @@ -1,15 +1,15 @@ class { 'ceilometer': - metering_secret => '%(CONFIG_CEILOMETER_SECRET)s', - qpid_hostname => '%(CONFIG_AMQP_HOST)s', - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', + metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, + debug => hiera('CONFIG_DEBUG_MODE'), # for some strange reason ceilometer needs to be in nova group - require => Package['nova-common'], + require => Package['nova-common'], } diff --git a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp index 27766e2de..7e0725e95 100644 --- a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp @@ -1,12 +1,12 @@ class { 'ceilometer': - metering_secret => '%(CONFIG_CEILOMETER_SECRET)s', - rabbit_host => '%(CONFIG_AMQP_HOST)s', - rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, + metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), # for some strange reason ceilometer needs to be in nova group - require => Package['nova-common'], + require => Package['nova-common'], } diff --git a/packstack/puppet/templates/nova_cert.pp b/packstack/puppet/templates/nova_cert.pp index 165c73431..6a63f65e5 100644 --- a/packstack/puppet/templates/nova_cert.pp +++ b/packstack/puppet/templates/nova_cert.pp @@ -1,4 +1,4 @@ -class {"nova::cert": - enabled => true, +class { 'nova::cert': + enabled => true, } diff --git a/packstack/puppet/templates/nova_common_nopw.pp b/packstack/puppet/templates/nova_common_nopw.pp new file mode 100644 index 000000000..977f36fc8 --- /dev/null +++ b/packstack/puppet/templates/nova_common_nopw.pp @@ -0,0 +1,9 @@ + +# Ensure Firewall changes happen before nova services start +# preventing a clash with rules being set by nova-compute and nova-network +Firewall <| |> -> Class['nova'] + +nova_config{ + 'DEFAULT/sql_connection': value => hiera('CONFIG_NOVA_SQL_CONN_NOPW'); + 'DEFAULT/metadata_host': value => hiera('CONFIG_CONTROLLER_HOST'); +} diff --git a/packstack/puppet/templates/nova_common.pp b/packstack/puppet/templates/nova_common_pw.pp similarity index 56% rename from packstack/puppet/templates/nova_common.pp rename to packstack/puppet/templates/nova_common_pw.pp index a417be52b..18435d604 100644 --- a/packstack/puppet/templates/nova_common.pp +++ b/packstack/puppet/templates/nova_common_pw.pp @@ -4,6 +4,6 @@ Firewall <| |> -> Class['nova'] nova_config{ - "DEFAULT/sql_connection": value => "%(CONFIG_NOVA_SQL_CONN)s"; - "DEFAULT/metadata_host": value => "%(CONFIG_CONTROLLER_HOST)s"; + 'DEFAULT/sql_connection': value => hiera('CONFIG_NOVA_SQL_CONN_PW'); + 'DEFAULT/metadata_host': value => hiera('CONFIG_CONTROLLER_HOST'); } diff --git a/packstack/puppet/templates/nova_common_qpid.pp b/packstack/puppet/templates/nova_common_qpid.pp index 192b421b5..6e23c4774 100644 --- a/packstack/puppet/templates/nova_common_qpid.pp +++ b/packstack/puppet/templates/nova_common_qpid.pp @@ -1,24 +1,26 @@ $private_key = { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_SECRET)s', + type => hiera('NOVA_MIGRATION_KEY_TYPE'), + key => hiera('NOVA_MIGRATION_KEY_SECRET'), } $public_key = { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_PUBLIC)s', + type => hiera('NOVA_MIGRATION_KEY_TYPE'), + key => hiera('NOVA_MIGRATION_KEY_PUBLIC'), } -class { "nova": - glance_api_servers => "%(CONFIG_STORAGE_HOST)s:9292", - qpid_hostname => "%(CONFIG_AMQP_HOST)s", - qpid_username => '%(CONFIG_AMQP_AUTH_USER)s', - qpid_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - rpc_backend => 'nova.openstack.common.rpc.impl_qpid', - qpid_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - qpid_protocol => '%(CONFIG_AMQP_PROTOCOL)s', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - nova_public_key => $public_key, - nova_private_key => $private_key, - nova_shell => '/bin/bash', +$nova_common_qpid_cfg_storage_host = hiera('CONFIG_STORAGE_HOST') + +class { 'nova': + glance_api_servers => "${nova_common_qpid_cfg_storage_host}:9292", + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + rpc_backend => 'nova.openstack.common.rpc.impl_qpid', + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + nova_public_key => $public_key, + nova_private_key => $private_key, + nova_shell => '/bin/bash', } diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index c6e199f9f..53593217f 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -1,22 +1,24 @@ $private_key = { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_SECRET)s', + type => hiera('NOVA_MIGRATION_KEY_TYPE'), + key => hiera('NOVA_MIGRATION_KEY_SECRET'), } $public_key = { - type => '%(NOVA_MIGRATION_KEY_TYPE)s', - key => '%(NOVA_MIGRATION_KEY_PUBLIC)s', + type => hiera('NOVA_MIGRATION_KEY_TYPE'), + key => hiera('NOVA_MIGRATION_KEY_PUBLIC'), } -class { "nova": - glance_api_servers => "%(CONFIG_STORAGE_HOST)s:9292", - rabbit_host => "%(CONFIG_AMQP_HOST)s", - rabbit_port => '%(CONFIG_AMQP_CLIENTS_PORT)s', - rabbit_userid => '%(CONFIG_AMQP_AUTH_USER)s', - rabbit_password => '%(CONFIG_AMQP_AUTH_PASSWORD)s', - verbose => true, - debug => %(CONFIG_DEBUG_MODE)s, - nova_public_key => $public_key, - nova_private_key => $private_key, - nova_shell => '/bin/bash', +$nova_common_rabbitmq_cfg_storage_host = hiera('CONFIG_STORAGE_HOST') + +class { 'nova': + glance_api_servers => "${nova_common_rabbitmq_cfg_storage_host}:9292", + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + nova_public_key => $public_key, + nova_private_key => $private_key, + nova_shell => '/bin/bash', } diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 5e595d4a9..2cd645955 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -1,86 +1,93 @@ -package{'python-cinderclient': - before => Class["nova"] +package{ 'python-cinderclient': + before => Class['nova'] } -# Install the private key to be used for live migration. This needs to be configured -# into libvirt/live_migration_uri in nova.conf. +# Install the private key to be used for live migration. This needs to be +# configured into libvirt/live_migration_uri in nova.conf. file { '/etc/nova/ssh': ensure => directory, owner => root, group => root, - mode => 0700, + mode => '0700', } file { '/etc/nova/ssh/nova_migration_key': - content => '%(NOVA_MIGRATION_KEY_SECRET)s', - mode => 0600, + content => hiera('NOVA_MIGRATION_KEY_SECRET'), + mode => '0600', owner => root, group => root, require => File['/etc/nova/ssh'], } nova_config{ - "DEFAULT/volume_api_class": value => "nova.volume.cinder.API"; - "libvirt/live_migration_uri": value => "%(CONFIG_NOVA_COMPUTE_MIGRATE_URL)s"; + 'DEFAULT/volume_api_class': + value => 'nova.volume.cinder.API'; + 'libvirt/live_migration_uri': + value => hiera('CONFIG_NOVA_COMPUTE_MIGRATE_URL'); } -$config_horizon_ssl = '%(CONFIG_HORIZON_SSL)s' +$config_horizon_ssl = hiera('CONFIG_HORIZON_SSL') $vncproxy_proto = $config_horizon_ssl ? { - 'y' => 'https', - 'n' => 'http', + true => 'https', + false => 'http', default => 'http', } class { 'nova::compute': enabled => true, - vncproxy_host => '%(CONFIG_CONTROLLER_HOST)s', + vncproxy_host => hiera('CONFIG_CONTROLLER_HOST'), vncproxy_protocol => $vncproxy_proto, - vncserver_proxyclient_address => '%(CONFIG_NOVA_COMPUTE_HOST)s', + vncserver_proxyclient_address => hiera('CONFIG_NOVA_COMPUTE_HOST'), } # Note : remove this once we're installing a version of openstack that isn't # supported on RHEL 6.3 -if $::is_virtual_packstack == "true" and $::osfamily == "RedHat" and - $::operatingsystemrelease == "6.3"{ - file { "/usr/bin/qemu-system-x86_64": - ensure => link, - target => "/usr/libexec/qemu-kvm", - notify => Service["nova-compute"], - } +if $::is_virtual_packstack == 'true' and $::osfamily == 'RedHat' and + $::operatingsystemrelease == '6.3'{ + file { '/usr/bin/qemu-system-x86_64': + ensure => link, + target => '/usr/libexec/qemu-kvm', + notify => Service['nova-compute'], + } } # Tune the host with a virtual hosts profile -package {'tuned': - ensure => present, +package { 'tuned': + ensure => present, } -service {'tuned': - ensure => running, - require => Package['tuned'], +service { 'tuned': + ensure => running, + require => Package['tuned'], } if $::operatingsystem == 'Fedora' and $::operatingsystemrelease == 19 { - # older tuned service is sometimes stucked on Fedora 19 - exec {'tuned-update': - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - command => 'yum update -y tuned', - logoutput => 'on_failure', - } - - exec {'tuned-restart': - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - command => 'systemctl restart tuned.service', - logoutput => 'on_failure', - } - - Service['tuned'] -> Exec['tuned-update'] -> Exec['tuned-restart'] -> Exec['tuned-virtual-host'] + # older tuned service is sometimes stucked on Fedora 19 + exec { 'tuned-update': + path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], + command => 'yum update -y tuned', + logoutput => 'on_failure', + } + + exec { 'tuned-restart': + path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], + command => 'systemctl restart tuned.service', + logoutput => 'on_failure', + } + + Service['tuned'] -> + Exec['tuned-update'] -> + Exec['tuned-restart'] -> + Exec['tuned-virtual-host'] } -exec {'tuned-virtual-host': - unless => '/usr/sbin/tuned-adm active | /bin/grep virtual-host', - command => '/usr/sbin/tuned-adm profile virtual-host', - require => Service['tuned'], +exec { 'tuned-virtual-host': + unless => '/usr/sbin/tuned-adm active | /bin/grep virtual-host', + command => '/usr/sbin/tuned-adm profile virtual-host', + require => Service['tuned'], } + + diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index ece830d0c..59b6aa791 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -3,56 +3,57 @@ # Ensure Firewall changes happen before libvirt service start # preventing a clash with rules being set by libvirt -if $::is_virtual_packstack == "true" { - $libvirt_virt_type = "qemu" - $libvirt_cpu_mode = "none" -}else{ - $libvirt_virt_type = "kvm" +if $::is_virtual_packstack == 'true' { + $libvirt_virt_type = 'qemu' + $libvirt_cpu_mode = 'none' +} else { + $libvirt_virt_type = 'kvm' } nova_config{ - "libvirt/inject_partition": value => "-1"; + 'libvirt/inject_partition': value => '-1'; } # We need to preferably install qemu-kvm-rhev exec { 'qemu-kvm': - path => '/usr/bin', - command => 'yum install -y -d 0 -e 0 qemu-kvm', - onlyif => 'yum install -y -d 0 -e 0 qemu-kvm-rhev &> /dev/null && exit 1 || exit 0', - before => Class['nova::compute::libvirt'] + path => '/usr/bin', + command => 'yum install -y -d 0 -e 0 qemu-kvm', + onlyif => 'yum install -y -d 0 -e 0 qemu-kvm-rhev &> /dev/null && exit 1 || exit 0', + before => Class['nova::compute::libvirt'], } class { 'nova::compute::libvirt': - libvirt_virt_type => "$libvirt_virt_type", - libvirt_cpu_mode => "$libvirt_cpu_mode", - vncserver_listen => "0.0.0.0", - migration_support => true, + libvirt_virt_type => $libvirt_virt_type, + libvirt_cpu_mode => $libvirt_cpu_mode, + vncserver_listen => '0.0.0.0', + migration_support => true, } -exec {'load_kvm': - user => 'root', - command => '/bin/sh /etc/sysconfig/modules/kvm.modules', - onlyif => '/usr/bin/test -e /etc/sysconfig/modules/kvm.modules', +exec { 'load_kvm': + user => 'root', + command => '/bin/sh /etc/sysconfig/modules/kvm.modules', + onlyif => '/usr/bin/test -e /etc/sysconfig/modules/kvm.modules', } -Class['nova::compute']-> Exec["load_kvm"] +Class['nova::compute'] -> Exec['load_kvm'] file_line { 'libvirt-guests': - path => '/etc/sysconfig/libvirt-guests', - line => 'ON_BOOT=ignore', - match => '^[\s#]*ON_BOOT=.*', - require => Class['nova::compute::libvirt'] + path => '/etc/sysconfig/libvirt-guests', + line => 'ON_BOOT=ignore', + match => '^[\s#]*ON_BOOT=.*', + require => Class['nova::compute::libvirt'], } -# Remove libvirt's default network (usually virbr0) as it's unnecessary and can be confusing +# Remove libvirt's default network (usually virbr0) as it's unnecessary and +# can be confusing exec {'virsh-net-destroy-default': - onlyif => '/usr/bin/virsh net-list | grep default', - command => '/usr/bin/virsh net-destroy default', - require => Package['libvirt'], + onlyif => '/usr/bin/virsh net-list | grep default', + command => '/usr/bin/virsh net-destroy default', + require => Package['libvirt'], } exec {'virsh-net-undefine-default': - onlyif => '/usr/bin/virsh net-list --inactive | grep default', - command => '/usr/bin/virsh net-undefine default', - require => Exec['virsh-net-destroy-default'], + onlyif => '/usr/bin/virsh net-list --inactive | grep default', + command => '/usr/bin/virsh net-undefine default', + require => Exec['virsh-net-destroy-default'], } diff --git a/packstack/puppet/templates/nova_compute_vmware.pp b/packstack/puppet/templates/nova_compute_vmware.pp index a1a1d08e1..e51c05efb 100644 --- a/packstack/puppet/templates/nova_compute_vmware.pp +++ b/packstack/puppet/templates/nova_compute_vmware.pp @@ -1,6 +1,6 @@ class { 'nova::compute::vmware': - host_ip => "%(CONFIG_VCENTER_HOST)s", - host_username => "%(CONFIG_VCENTER_USER)s", - host_password => "%(CONFIG_VCENTER_PASSWORD)s", - cluster_name => "%(CONFIG_VCENTER_CLUSTER_NAME)s", + host_ip => hiera('CONFIG_VCENTER_HOST'), + host_username => hiera('CONFIG_VCENTER_USER'), + host_password => hiera('CONFIG_VCENTER_PASSWORD'), + cluster_name => hiera('CONFIG_VCENTER_CLUSTER_NAME'), } diff --git a/packstack/puppet/templates/nova_conductor.pp b/packstack/puppet/templates/nova_conductor.pp index ed8750eaf..e8fdba3b1 100644 --- a/packstack/puppet/templates/nova_conductor.pp +++ b/packstack/puppet/templates/nova_conductor.pp @@ -1,4 +1,4 @@ -class {"nova::conductor": - enabled => true, +class { 'nova::conductor': + enabled => true, } diff --git a/packstack/puppet/templates/nova_network.pp b/packstack/puppet/templates/nova_network.pp index f826cdecd..1f2cd33b4 100644 --- a/packstack/puppet/templates/nova_network.pp +++ b/packstack/puppet/templates/nova_network.pp @@ -1,41 +1,55 @@ +$default_floating_pool = hiera('CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL') +$auto_assign_floating_ip = hiera('CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP') + nova_config { - "DEFAULT/default_floating_pool": value => '%(CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL)s'; - "DEFAULT/auto_assign_floating_ip": value => '%(CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP)s'; + 'DEFAULT/default_floating_pool': value => $default_floating_pool; + 'DEFAULT/auto_assign_floating_ip': value => $auto_assign_floating_ip; } -$multihost = %(CONFIG_NOVA_NETWORK_MULTIHOST)s +$multihost = hiera('CONFIG_NOVA_NETWORK_MULTIHOST') if $multihost { - nova_config { - "DEFAULT/multi_host": value => true; - "DEFAULT/send_arp_for_ha": value => true; - } + nova_config { + 'DEFAULT/multi_host': value => true; + 'DEFAULT/send_arp_for_ha': value => true; + } } -$manager = '%(CONFIG_NOVA_NETWORK_MANAGER)s' +$manager = hiera('CONFIG_NOVA_NETWORK_MANAGER') + +$nova_net_manager_list = [ + 'nova.network.manager.VlanManager', + 'nova.network.manager.FlatDHCPManager' +] + $overrides = {} -if $manager in ['nova.network.manager.VlanManager', 'nova.network.manager.FlatDHCPManager'] { - $overrides['force_dhcp_release'] = false + +if $manager in $nova_net_manager_list { + $overrides['force_dhcp_release'] = false } + if $manager == 'nova.network.manager.VlanManager' { - $overrides['vlan_start'] = '%(CONFIG_NOVA_NETWORK_VLAN_START)s' - $net_size = '%(CONFIG_NOVA_NETWORK_SIZE)s' - $net_num = '%(CONFIG_NOVA_NETWORK_NUMBER)s' + $overrides['vlan_start'] = hiera('CONFIG_NOVA_NETWORK_VLAN_START') + $net_size = hiera('CONFIG_NOVA_NETWORK_SIZE') + $net_num = hiera('CONFIG_NOVA_NETWORK_NUMBER') } else { - $net_size = '%(CONFIG_NOVA_NETWORK_FIXEDSIZE)s' - $net_num = 1 + $net_size = hiera('CONFIG_NOVA_NETWORK_FIXEDSIZE') + $net_num = 1 } -class { "nova::network": - enabled => true, - network_manager => $manager, - num_networks => $net_num , - network_size => $net_size, - private_interface => '%(CONFIG_NOVA_NETWORK_PRIVIF)s', - public_interface => '%(CONFIG_NOVA_NETWORK_PUBIF)s', - fixed_range => '%(CONFIG_NOVA_NETWORK_FIXEDRANGE)s', - floating_range => '%(CONFIG_NOVA_NETWORK_FLOATRANGE)s', - config_overrides => $overrides, + +class { 'nova::network': + enabled => true, + network_manager => $manager, + num_networks => $net_num , + network_size => $net_size, + private_interface => hiera('CONFIG_NOVA_NETWORK_PRIVIF'), + public_interface => hiera('CONFIG_NOVA_NETWORK_PUBIF'), + fixed_range => hiera('CONFIG_NOVA_NETWORK_FIXEDRANGE'), + floating_range => hiera('CONFIG_NOVA_NETWORK_FLOATRANGE'), + config_overrides => $overrides, } -package { 'dnsmasq': ensure => present } +package { 'dnsmasq': + ensure => present, +} diff --git a/packstack/puppet/templates/nova_network_libvirt.pp b/packstack/puppet/templates/nova_network_libvirt.pp index f145c73f3..a29a26090 100644 --- a/packstack/puppet/templates/nova_network_libvirt.pp +++ b/packstack/puppet/templates/nova_network_libvirt.pp @@ -1,9 +1,10 @@ -$vmware_backend = '%(CONFIG_VMWARE_BACKEND)s' +$vmware_backend = hiera('CONFIG_VMWARE_BACKEND') + if $vmware_backend == 'n' { exec { 'libvirtd_reload': - path => ['/usr/sbin/', '/sbin'], - command => 'service libvirtd reload', + path => ['/usr/sbin/', '/sbin'], + command => 'service libvirtd reload', logoutput => 'on_failure', - require => Class['nova::network'], + require => Class['nova::network'], } } diff --git a/packstack/puppet/templates/nova_neutron.pp b/packstack/puppet/templates/nova_neutron.pp index 4e4e054a7..89af616ad 100644 --- a/packstack/puppet/templates/nova_neutron.pp +++ b/packstack/puppet/templates/nova_neutron.pp @@ -1,13 +1,15 @@ -class {"nova::network::neutron": - neutron_admin_password => "%(CONFIG_NEUTRON_KS_PW)s", - neutron_auth_strategy => "keystone", - neutron_url => "http://%(CONFIG_CONTROLLER_HOST)s:9696", - neutron_admin_tenant_name => "services", - neutron_admin_auth_url => "http://%(CONFIG_CONTROLLER_HOST)s:35357/v2.0", - neutron_region_name => "%(CONFIG_KEYSTONE_REGION)s", +$nova_neutron_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + +class { 'nova::network::neutron': + neutron_admin_password => hiera('CONFIG_NEUTRON_KS_PW'), + neutron_auth_strategy => 'keystone', + neutron_url => "http://${nova_neutron_cfg_ctrl_host}:9696", + neutron_admin_tenant_name => 'services', + neutron_admin_auth_url => "http://${nova_neutron_cfg_ctrl_host}:35357/v2.0", + neutron_region_name => hiera('CONFIG_KEYSTONE_REGION'), } -class {"nova::compute::neutron": - libvirt_vif_driver => "%(CONFIG_NOVA_LIBVIRT_VIF_DRIVER)s", +class { 'nova::compute::neutron': + libvirt_vif_driver => hiera('CONFIG_NOVA_LIBVIRT_VIF_DRIVER'), } diff --git a/packstack/puppet/templates/nova_sched.pp b/packstack/puppet/templates/nova_sched.pp index 1278568c7..7415c14d4 100644 --- a/packstack/puppet/templates/nova_sched.pp +++ b/packstack/puppet/templates/nova_sched.pp @@ -1,13 +1,13 @@ nova_config{ - # OpenStack doesn't include the CoreFilter (= CPU Filter) by default - "DEFAULT/scheduler_default_filters": - value => "RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,CoreFilter"; - "DEFAULT/cpu_allocation_ratio": - value => "%(CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO)s"; - "DEFAULT/ram_allocation_ratio": - value => "%(CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO)s"; + # OpenStack doesn't include the CoreFilter (= CPU Filter) by default + 'DEFAULT/scheduler_default_filters': + value => 'RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,CoreFilter'; + 'DEFAULT/cpu_allocation_ratio': + value => hiera('CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO'); + 'DEFAULT/ram_allocation_ratio': + value => hiera('CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO'); } -class {"nova::scheduler": - enabled => true, +class { 'nova::scheduler': + enabled => true, } diff --git a/packstack/puppet/templates/nova_vncproxy.pp b/packstack/puppet/templates/nova_vncproxy.pp index e598bcf2a..2463de0f0 100644 --- a/packstack/puppet/templates/nova_vncproxy.pp +++ b/packstack/puppet/templates/nova_vncproxy.pp @@ -1,24 +1,24 @@ -$is_using_ssl_on_horizon = '%(CONFIG_HORIZON_SSL)s' +$is_using_ssl_on_horizon = hiera('CONFIG_HORIZON_SSL') -if $is_using_ssl_on_horizon == 'y' { +if $is_using_ssl_on_horizon == true { nova_config { - 'DEFAULT/ssl_only': value => 'true'; + 'DEFAULT/ssl_only': value => true; 'DEFAULT/cert': value => '/etc/nova/nova.crt'; 'DEFAULT/key': value => '/etc/nova/nova.key'; } } -class {"nova::vncproxy": - enabled => true, +class { 'nova::vncproxy': + enabled => true, } -class {"nova::consoleauth": - enabled => true, +class { 'nova::consoleauth': + enabled => true, } firewall { '001 novncproxy incoming': - proto => 'tcp', - dport => ['6080'], - action => 'accept', + proto => 'tcp', + dport => ['6080'], + action => 'accept', } diff --git a/packstack/puppet/templates/ntpd.pp b/packstack/puppet/templates/ntpd.pp index 72dd6ef0a..1a969c2a3 100644 --- a/packstack/puppet/templates/ntpd.pp +++ b/packstack/puppet/templates/ntpd.pp @@ -1,3 +1,6 @@ +$cfg_ntp_server_def = hiera('CONFIG_NTP_SERVER_DEF') +$cfg_ntp_servers = hiera('CONFIG_NTP_SERVERS') + $config_content = " driftfile /var/lib/ntp/drift @@ -17,7 +20,7 @@ # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). -%(CONFIG_NTP_SERVER_DEF)s +${cfg_ntp_server_def} #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client @@ -53,42 +56,47 @@ #statistics clockstats cryptostats loopstats peerstats " - -package {'ntp': - ensure => 'installed', - name => 'ntp', +package { 'ntp': + ensure => 'installed', + name => 'ntp', } -file {'ntp_config': - path => '/etc/ntp.conf', - ensure => file, - mode => '0644', - content => $config_content, +file { 'ntp_config': + ensure => file, + path => '/etc/ntp.conf', + mode => '0644', + content => $config_content, } -exec {'stop-ntpd': - command => $osfamily ? { - # Unfortunately, the RedHat osfamily doesn't only include RHEL and - # derivatives thereof but also Fedora so further differentiation by - # operatingsystem is necessary. - 'RedHat' => $operatingsystem ? { - 'Fedora' => '/usr/bin/systemctl stop ntpd.service', - default => '/sbin/service ntpd stop', - }, +# Unfortunately, the RedHat osfamily doesn't only include RHEL and +# derivatives thereof but also Fedora so further differentiation by +# operatingsystem is necessary. +$command = $osfamily ? { + 'RedHat' => $operatingsystem ? { + 'Fedora' => '/usr/bin/systemctl stop ntpd.service', + default => '/sbin/service ntpd stop', }, } -exec {'ntpdate': - command => '/usr/sbin/ntpdate %(CONFIG_NTP_SERVERS)s', - tries => 3, +exec { 'stop-ntpd': + command => $command, +} + +exec { 'ntpdate': + command => "/usr/sbin/ntpdate ${cfg_ntp_servers}", + tries => 3, } -service {'ntpd': - ensure => 'running', - enable => true, - name => 'ntpd', - hasstatus => true, - hasrestart => true, +service { 'ntpd': + ensure => running, + enable => true, + name => 'ntpd', + hasstatus => true, + hasrestart => true, } -Package['ntp'] -> File['ntp_config'] -> Exec['stop-ntpd'] -> Exec['ntpdate'] -> Service['ntpd'] +Package['ntp'] -> +File['ntp_config'] -> +Exec['stop-ntpd'] -> +Exec['ntpdate'] -> +Service['ntpd'] diff --git a/packstack/puppet/templates/openstack_client.pp b/packstack/puppet/templates/openstack_client.pp index 350c7672b..0997c33e5 100644 --- a/packstack/puppet/templates/openstack_client.pp +++ b/packstack/puppet/templates/openstack_client.pp @@ -1,43 +1,52 @@ -$clientdeps = ["python-iso8601"] +$clientdeps = ['python-iso8601'] package { $clientdeps: } -$clientlibs = ["python-novaclient", "python-keystoneclient", "python-glanceclient", "python-swiftclient", "python-cinderclient"] +$clientlibs = ['python-novaclient', 'python-keystoneclient', + 'python-glanceclient', 'python-swiftclient', + 'python-cinderclient'] + package { $clientlibs: } +$ost_cl_keystone_admin_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') +$ost_cl_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$ost_cl_keystone_region = hiera('CONFIG_KEYSTONE_REGION') +$ost_cl_keystone_demo_pw = hiera('CONFIG_KEYSTONE_DEMO_PW') + $rcadmin_content = "export OS_USERNAME=admin export OS_TENANT_NAME=admin -export OS_PASSWORD=%(CONFIG_KEYSTONE_ADMIN_PW)s -export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/ -export OS_REGION_NAME=%(CONFIG_KEYSTONE_REGION)s +export OS_PASSWORD=${ost_cl_keystone_admin_pw} +export OS_AUTH_URL=http://${ost_cl_ctrl_host}:5000/v2.0/ +export OS_REGION_NAME=${ost_cl_keystone_region} export PS1='[\\u@\\h \\W(keystone_admin)]\\$ ' " -file {"${::home_dir}/keystonerc_admin": - ensure => "present", - mode => '0600', - content => $rcadmin_content, +file { "${::home_dir}/keystonerc_admin": + ensure => 'present', + mode => '0600', + content => $rcadmin_content, } -if '%(CONFIG_PROVISION_DEMO)s' == 'y' { - file {"${::home_dir}/keystonerc_demo": - ensure => "present", - mode => '0600', - content => "export OS_USERNAME=demo +if hiera('CONFIG_PROVISION_DEMO') == 'y' { + file { "${::home_dir}/keystonerc_demo": + ensure => 'present', + mode => '0600', + content => "export OS_USERNAME=demo export OS_TENANT_NAME=demo -export OS_PASSWORD=%(CONFIG_KEYSTONE_DEMO_PW)s -export OS_AUTH_URL=http://%(CONFIG_CONTROLLER_HOST)s:5000/v2.0/ +export OS_PASSWORD=${ost_cl_keystone_demo_pw} +export OS_AUTH_URL=http://${ost_cl_ctrl_host}:5000/v2.0/ export PS1='[\\u@\\h \\W(keystone_demo)]\\$ ' ", - } + } } -if %(NO_ROOT_USER_ALLINONE)s { - file {"%(HOME_DIR)s/keystonerc_admin": - ensure => present, - owner => '%(NO_ROOT_USER)s', - group => '%(NO_ROOT_GROUP)s', - mode => '0600', - content => $rcadmin_content, - } +if hiera('NO_ROOT_USER_ALLINONE') == true { + $ost_cl_home_dir = hiera('HOME_DIR') + file { "${ost_cl_home_dir}/keystonerc_admin": + ensure => present, + owner => hiera('NO_ROOT_USER'), + group => hiera('NO_ROOT_GROUP'), + mode => '0600', + content => $rcadmin_content, + } } diff --git a/packstack/puppet/templates/persist_ovs_bridge.pp b/packstack/puppet/templates/persist_ovs_bridge.pp index 861479d2f..215d7b514 100644 --- a/packstack/puppet/templates/persist_ovs_bridge.pp +++ b/packstack/puppet/templates/persist_ovs_bridge.pp @@ -1,11 +1,14 @@ -$net_script = "DEVICE=%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s +$persist_ovs_br_neut_l3_ext_br = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE') +$persist_ovs_br_ext_br_var = hiera('EXT_BRIDGE_VAR') + +$net_script = "DEVICE=${persist_ovs_br_neut_l3_ext_br} DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=static -IPADDR=$ipaddress_%(EXT_BRIDGE_VAR)s -NETMASK=$netmask_%(EXT_BRIDGE_VAR)s +IPADDR=${ipaddress}_${persist_ovs_br_ext_br_var} +NETMASK=${netmask}_${persist_ovs_br_ext_br_var} ONBOOT=yes" -file { "/etc/sysconfig/network-scripts/ifcfg-%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s": - content => $net_script +file { "/etc/sysconfig/network-scripts/ifcfg-${persist_ovs_br_neut_l3_ext_br}": + content => $net_script, } diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 730af9748..bde453f9e 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -8,7 +8,7 @@ $el_releases = ['RedHat', 'CentOS', 'Scientific'] # We don't have openstack-selinux package for Fedora -if $::operatingsystem != "Fedora" { +if $::operatingsystem != 'Fedora' { package{ 'openstack-selinux': ensure => present, } @@ -16,7 +16,7 @@ # For older RHEL-6 releases kernel/iptools does not support netns if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { - $info = "The RDO kernel that includes network namespace (netns) support has been installed on host $::ipaddress." + $info = "The RDO kernel that includes network namespace (netns) support has been installed on host ${::ipaddress}." $warning = " This is a community supplied kernel and is not officially supported by Red Hat. Installing this kernel on RHEL systems may impact your ability to get support from Red Hat." class { 'packstack::netns': diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index 70d079a1a..3db71fce2 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -1,26 +1,27 @@ ## Keystone # non admin user $username = 'demo' - $password = '%(CONFIG_KEYSTONE_DEMO_PW)s' + $password = hiera('CONFIG_KEYSTONE_DEMO_PW') $tenant_name = 'demo' # admin user $admin_username = 'admin' - $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' + $admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW') $admin_tenant_name = 'admin' # Heat Using Trusts - $heat_using_trusts = '%(CONFIG_HEAT_USING_TRUSTS)s' + $heat_using_trusts = hiera('CONFIG_HEAT_USING_TRUSTS') ## Neutron $public_network_name = 'public' $public_subnet_name = 'public_subnet' - $floating_range = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + $floating_range = hiera('CONFIG_PROVISION_DEMO_FLOATRANGE') $private_network_name = 'private' $private_subnet_name = 'private_subnet' $fixed_range = '10.0.0.0/24' $router_name = 'router1' - $setup_ovs_bridge = %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s - $public_bridge_name = '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s' + $setup_ovs_bridge = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') + $public_bridge_name = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE') + $provision_neutron_avail = hiera('PROVISION_NEUTRON_AVAILABLE') ## Users @@ -30,23 +31,22 @@ description => 'default tenant', } keystone_user { $username: - ensure => present, - enabled => true, - tenant => $tenant_name, - password => $password, + ensure => present, + enabled => true, + tenant => $tenant_name, + password => $password, } if $heat_using_trusts == 'y' { keystone_user_role { "${username}@${tenant_name}": - ensure => present, - roles => ['_member_', 'heat_stack_owner'], + ensure => present, + roles => ['_member_', 'heat_stack_owner'], } } - ## Neutron - if %(PROVISION_NEUTRON_AVAILABLE)s { + if $provision_neutron_avail { $neutron_deps = [Neutron_network[$public_network_name]] neutron_network { $public_network_name: @@ -55,11 +55,11 @@ tenant_name => $admin_tenant_name, } neutron_subnet { $public_subnet_name: - ensure => 'present', - cidr => $floating_range, - enable_dhcp => false, - network_name => $public_network_name, - tenant_name => $admin_tenant_name, + ensure => 'present', + cidr => $floating_range, + enable_dhcp => false, + network_name => $public_network_name, + tenant_name => $admin_tenant_name, } neutron_network { $private_network_name: ensure => present, @@ -92,27 +92,27 @@ } } -if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s { +if $setup_ovs_bridge { firewall { '000 nat': - chain => 'POSTROUTING', - jump => 'MASQUERADE', - source => $::openstack::provision::floating_range, + chain => 'POSTROUTING', + jump => 'MASQUERADE', + source => $::openstack::provision::floating_range, outiface => $::gateway_device, - table => 'nat', - proto => 'all', + table => 'nat', + proto => 'all', } firewall { '000 forward out': - chain => 'FORWARD', - action => 'accept', - outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - proto => 'all', + chain => 'FORWARD', + action => 'accept', + outiface => $public_bridge_name, + proto => 'all', } firewall { '000 forward in': - chain => 'FORWARD', + chain => 'FORWARD', action => 'accept', - iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - proto => 'all', + iniface => $public_bridge_name, + proto => 'all', } } diff --git a/packstack/puppet/templates/provision_demo_glance.pp b/packstack/puppet/templates/provision_demo_glance.pp index 2f79b3bd0..36d1c9ffb 100644 --- a/packstack/puppet/templates/provision_demo_glance.pp +++ b/packstack/puppet/templates/provision_demo_glance.pp @@ -1,9 +1,9 @@ - + ## Images ## Glance - $image_name = 'cirros' - $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' - $image_ssh_user = 'cirros' + $image_name = 'cirros' + $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_ssh_user = 'cirros' glance_image { $image_name: ensure => present, diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 3317ac900..3b93e5b55 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -1,24 +1,26 @@ +$provision_tempest_user = hiera('CONFIG_PROVISION_TEMPEST_USER') +$provision_demo = hiera('CONFIG_PROVISION_DEMO') -if '%(CONFIG_PROVISION_TEMPEST_USER)s' != '' { +if $provision_tempest_user != '' { ## Keystone # non admin user - $username = '%(CONFIG_PROVISION_TEMPEST_USER)s' + $username = $provision_tempest_user - if '%(CONFIG_PROVISION_TEMPEST_USER)s' == 'demo' and - '%(CONFIG_PROVISION_DEMO)s' == 'y' { - $password = '%(CONFIG_KEYSTONE_DEMO_PW)s' + if $provision_tempest_user == 'demo' and + $provision_demo == 'y' { + $password = hiera('CONFIG_KEYSTONE_DEMO_PW') } else { - $password = '%(CONFIG_PROVISION_TEMPEST_USER_PW)s' + $password = hiera('CONFIG_PROVISION_TEMPEST_USER_PW') } - $tenant_name = '%(CONFIG_PROVISION_TEMPEST_USER)s' + $tenant_name = $provision_tempest_user # admin user $admin_username = 'admin' - $admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s' + $admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW') $admin_tenant_name = 'admin' # Heat Using Trusts - $heat_using_trusts = '%(CONFIG_HEAT_USING_TRUSTS)s' + $heat_using_trusts = hiera('CONFIG_HEAT_USING_TRUSTS') ## Glance $image_name = 'cirros' @@ -28,24 +30,24 @@ ## Neutron $public_network_name = 'public' $public_subnet_name = 'public_subnet' - $floating_range = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + $floating_range = hiera('CONFIG_PROVISION_DEMO_FLOATRANGE') $private_network_name = 'private' $private_subnet_name = 'private_subnet' $fixed_range = '10.0.0.0/24' $router_name = 'router1' - $setup_ovs_bridge = %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s - $public_bridge_name = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s' + $setup_ovs_bridge = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') + $public_bridge_name = hiera('CONFIG_PROVISION_DEMO_FLOATRANGE') ## Tempest - $configure_tempest = %(CONFIG_PROVISION_TEMPEST)s + $configure_tempest = hiera('CONFIG_PROVISION_TEMPEST') $image_name_alt = false $image_source_alt = false $image_ssh_user_alt = false $identity_uri = undef - $tempest_repo_uri = '%(CONFIG_PROVISION_TEMPEST_REPO_URI)s' - $tempest_repo_revision = '%(CONFIG_PROVISION_TEMPEST_REPO_REVISION)s' + $tempest_repo_uri = hiera('CONFIG_PROVISION_TEMPEST_REPO_URI') + $tempest_repo_revision = hiera('CONFIG_PROVISION_TEMPEST_REPO_REVISION') $tempest_clone_path = '/var/lib/tempest' $tempest_clone_owner = 'root' $setup_venv = false @@ -55,7 +57,7 @@ $glance_available = true $heat_available = undef $horizon_available = undef - $neutron_available = %(PROVISION_NEUTRON_AVAILABLE)s + $neutron_available = hiera('PROVISION_NEUTRON_AVAILABLE') $nova_available = true $swift_available = undef @@ -68,16 +70,16 @@ } keystone_user { $username: - ensure => present, - enabled => true, - tenant => $tenant_name, - password => $password, + ensure => present, + enabled => true, + tenant => $tenant_name, + password => $password, } if $heat_using_trusts == 'y' { keystone_user_role { "${username}@${tenant_name}": - ensure => present, - roles => ['_member_', 'heat_stack_owner'], + ensure => present, + roles => ['_member_', 'heat_stack_owner'], } } @@ -117,11 +119,11 @@ } neutron_subnet { $public_subnet_name: - ensure => 'present', - cidr => $floating_range, - enable_dhcp => false, - network_name => $public_network_name, - tenant_name => $admin_tenant_name, + ensure => 'present', + cidr => $floating_range, + enable_dhcp => false, + network_name => $public_network_name, + tenant_name => $admin_tenant_name, } neutron_network { $private_network_name: @@ -197,38 +199,38 @@ } } - if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s { + if hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') { firewall { '000 nat': - chain => 'POSTROUTING', - jump => 'MASQUERADE', - source => $::openstack::provision::floating_range, + chain => 'POSTROUTING', + jump => 'MASQUERADE', + source => $::openstack::provision::floating_range, outiface => $::gateway_device, - table => 'nat', - proto => 'all', + table => 'nat', + proto => 'all', } firewall { '000 forward out': - chain => 'FORWARD', - action => 'accept', - outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - proto => 'all', + chain => 'FORWARD', + action => 'accept', + outiface => hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE'), + proto => 'all', } firewall { '000 forward in': - chain => 'FORWARD', + chain => 'FORWARD', action => 'accept', - iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s', - proto => 'all', + iniface => hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE'), + proto => 'all', } } } else { ## Standalone Tempest installation class { 'tempest': - tempest_repo_uri => '%(CONFIG_PROVISION_TEMPEST_REPO_URI)s', + tempest_repo_uri => hiera('CONFIG_PROVISION_TEMPEST_REPO_URI'), tempest_clone_path => '/var/lib/tempest', tempest_clone_owner => 'root', setup_venv => false, - tempest_repo_revision => '%(CONFIG_PROVISION_TEMPEST_REPO_REVISION)s', + tempest_repo_revision => hiera('CONFIG_PROVISION_TEMPEST_REPO_REVISION'), configure_images => false, configure_networks => false, cinder_available => undef, diff --git a/packstack/puppet/templates/sshkey.pp b/packstack/puppet/templates/sshkey.pp index b5dca384e..212fa8d4c 100644 --- a/packstack/puppet/templates/sshkey.pp +++ b/packstack/puppet/templates/sshkey.pp @@ -1,6 +1,2 @@ -sshkey { '%(SSH_HOST_KEY_TYPE)s.%(SSH_HOST_NAME)s': - ensure => present, - host_aliases => [%(SSH_HOST_ALIASES)s], - key => '%(SSH_HOST_KEY)s', - type => '%(SSH_HOST_KEY_TYPE)s', -} + +create_resources(sshkey, hiera('SSH_KEYS', {})) diff --git a/packstack/puppet/templates/swift_builder.pp b/packstack/puppet/templates/swift_builder.pp index 385ea8ebe..d45aed572 100644 --- a/packstack/puppet/templates/swift_builder.pp +++ b/packstack/puppet/templates/swift_builder.pp @@ -1,19 +1,19 @@ class { 'swift::ringbuilder': part_power => '18', - replicas => '%(CONFIG_SWIFT_STORAGE_REPLICAS)s', + replicas => hiera('CONFIG_SWIFT_STORAGE_REPLICAS'), min_part_hours => 1, require => Class['swift'], } # sets up an rsync db that can be used to sync the ring DB class { 'swift::ringserver': - local_net_ip => "%(CONFIG_CONTROLLER_HOST)s", + local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), } -if ($::selinux != "false"){ - selboolean{'rsync_export_all_ro': - value => on, - persistent => true, - } +if ($::selinux != false) { + selboolean { 'rsync_export_all_ro': + value => on, + persistent => true, + } } diff --git a/packstack/puppet/templates/swift_common.pp b/packstack/puppet/templates/swift_common.pp index c4d79c6a7..51a47dd4b 100644 --- a/packstack/puppet/templates/swift_common.pp +++ b/packstack/puppet/templates/swift_common.pp @@ -2,8 +2,9 @@ class { 'ssh::server::install': } Class['swift'] -> Service <| |> + class { 'swift': - # not sure how I want to deal with this shared secret - swift_hash_suffix => '%(CONFIG_SWIFT_HASH)s', - package_ensure => latest, + # not sure how I want to deal with this shared secret + swift_hash_suffix => hiera('CONFIG_SWIFT_HASH'), + package_ensure => latest, } diff --git a/packstack/puppet/templates/swift_loopback.pp b/packstack/puppet/templates/swift_loopback.pp index 52eee4f12..ad5b57f5e 100644 --- a/packstack/puppet/templates/swift_loopback.pp +++ b/packstack/puppet/templates/swift_loopback.pp @@ -3,6 +3,8 @@ base_dir => '/srv/loopback-device', mnt_base_dir => '/srv/node', require => Class['swift'], - fstype => '%(CONFIG_SWIFT_STORAGE_FSTYPE)s', - seek => '%(CONFIG_SWIFT_STORAGE_SEEK)s', + fstype => hiera('CONFIG_SWIFT_STORAGE_FSTYPE'), + seek => hiera('CONFIG_SWIFT_STORAGE_SEEK'), } + + diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 99ab6a84c..4b3b7b4bf 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -1,11 +1,10 @@ package { 'curl': ensure => present } -class { 'memcached': -} +class { 'memcached': } class { 'swift::proxy': - proxy_local_net_ip => '%(CONFIG_CONTROLLER_HOST)s', + proxy_local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), pipeline => [ 'catch_errors', 'bulk', @@ -28,16 +27,16 @@ # configure all of the middlewares class { [ - 'swift::proxy::catch_errors', - 'swift::proxy::healthcheck', - 'swift::proxy::cache', - 'swift::proxy::crossdomain', - 'swift::proxy::staticweb', - 'swift::proxy::tempurl', - 'swift::proxy::account_quotas', - 'swift::proxy::formpost', - 'swift::proxy::slo', - 'swift::proxy::container_quotas' + 'swift::proxy::catch_errors', + 'swift::proxy::healthcheck', + 'swift::proxy::cache', + 'swift::proxy::crossdomain', + 'swift::proxy::staticweb', + 'swift::proxy::tempurl', + 'swift::proxy::account_quotas', + 'swift::proxy::formpost', + 'swift::proxy::slo', + 'swift::proxy::container_quotas' ]: } class { 'swift::proxy::bulk': @@ -48,22 +47,22 @@ } class { 'swift::proxy::ratelimit': - clock_accuracy => 1000, - max_sleep_time_seconds => 60, - log_sleep_time_seconds => 0, - rate_buffer_seconds => 5, - account_ratelimit => 0 + clock_accuracy => 1000, + max_sleep_time_seconds => 60, + log_sleep_time_seconds => 0, + rate_buffer_seconds => 5, + account_ratelimit => 0 } class { 'swift::proxy::keystone': - operator_roles => ['admin', 'SwiftOperator'], + operator_roles => ['admin', 'SwiftOperator'], } class { 'swift::proxy::authtoken': - admin_user => 'swift', - admin_tenant_name => 'services', - admin_password => '%(CONFIG_SWIFT_KS_PW)s', - # assume that the controller host is the swift api server - auth_host => '%(CONFIG_CONTROLLER_HOST)s', + admin_user => 'swift', + admin_tenant_name => 'services', + admin_password => hiera('CONFIG_SWIFT_KS_PW'), + # assume that the controller host is the swift api server + auth_host => hiera('CONFIG_CONTROLLER_HOST'), } diff --git a/packstack/puppet/templates/swift_storage.pp b/packstack/puppet/templates/swift_storage.pp index b819c2d3f..5895bf6cb 100644 --- a/packstack/puppet/templates/swift_storage.pp +++ b/packstack/puppet/templates/swift_storage.pp @@ -1,22 +1,22 @@ # install all swift storage servers together class { 'swift::storage::all': - storage_local_net_ip => '%(CONFIG_CONTROLLER_HOST)s', - allow_versions => true, - require => Class['swift'], + storage_local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), + allow_versions => true, + require => Class['swift'], } -if(!defined(File['/srv/node'])) { +if (!defined(File['/srv/node'])) { file { '/srv/node': - owner => 'swift', - group => 'swift', - ensure => directory, + ensure => directory, + owner => 'swift', + group => 'swift', require => Package['openstack-swift'], } } -swift::ringsync{ ["account", "container", "object"]: - ring_server => '%(CONFIG_CONTROLLER_HOST)s', - before => Class['swift::storage::all'], - require => Class['swift'], +swift::ringsync{ ['account', 'container', 'object']: + ring_server => hiera('CONFIG_CONTROLLER_HOST'), + before => Class['swift::storage::all'], + require => Class['swift'], } diff --git a/requirements.txt b/requirements.txt index 3721f7851..a4f778dfa 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1,2 @@ netaddr>=0.7.6 +PyYAML>=3.10 diff --git a/setup.py b/setup.py index e3abf7422..c68a67272 100644 --- a/setup.py +++ b/setup.py @@ -90,7 +90,7 @@ def read(fname): include_package_data=True, long_description=read('README'), zip_safe=False, - install_requires=['netaddr'], + install_requires=['netaddr', 'PyYAML'], classifiers=[ "Development Status :: 3 - Alpha", "Topic :: Utilities", From bb0ba39e25623c34d10a2bec7832a9d54a49998f Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Mon, 27 Oct 2014 15:36:41 +0100 Subject: [PATCH 0160/1017] Always enable EPEL repo when installing RDO The EPEL repository is a requirement for RDO installation. This requirement was previously handled by a downstream patch on the package changing the default value of CONFIG_USE_EPEL, but this is complex to maintain. This patch overrides the specified value of CONFIG_USE_EPEL when RDO is being installed, while respecting it for other distributions. Change-Id: I393128333abacc841bf32adcf104d4635f616539 --- docs/packstack.rst | 2 +- packstack/plugins/serverprep_001.py | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 0bedacd2a..1fa1ec9d2 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -355,7 +355,7 @@ Server Prepare Configs ---------------------- **CONFIG_USE_EPEL** - Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. + Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. When installing RDO, this option will be overriden, as EPEL is a requirement for RDO. **CONFIG_REPO** A comma separated list of URLs to any additional yum repositories to install. diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index 86221d6ce..8345a98a2 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -565,6 +565,10 @@ def manage_rdo(host, config): except exceptions.ExecuteRuntimeError: # RDO repo is not installed, so we don't need to continue return + # We are installing RDO. EPEL is a requirement, so enable it, overriding + # any configured option + config['CONFIG_USE_EPEL'] = 'y' + match = re.match(r'^(?P\w+)\-(?P\d+\.[\d\w]+)\n', out) version, release = match.group('version'), match.group('release') rdo_url = ("http://rdo.fedorapeople.org/openstack/openstack-%(version)s/" @@ -653,10 +657,10 @@ def server_prep(config, messages): 'echo "no rhos-log-collector available"' % sos_rpms) server.execute() - # enable or disable EPEL according to configuration - manage_epel(hostname, config) # enable RDO if it is installed locally manage_rdo(hostname, config) + # enable or disable EPEL according to configuration + manage_epel(hostname, config) reponame = 'rhel-server-ost-6-4-rpms' server.clear() From c73211cfac0a63bad317b944bbbfa41cb675d79f Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Mon, 27 Oct 2014 18:20:40 +0100 Subject: [PATCH 0161/1017] Check for puppet execution errors If the puppet package is installed, but puppet fails to execute due to some unforeseen reason (e.g. not having execution permissions), Packstack will silently ignore the issue. Fixing that. Change-Id: I530e83413feca175f2579239362f6afaa8434bf3 Fixes: bz#1153296 --- packstack/modules/puppet.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/modules/puppet.py b/packstack/modules/puppet.py index bbb0b2285..cdc02f5af 100644 --- a/packstack/modules/puppet.py +++ b/packstack/modules/puppet.py @@ -17,7 +17,8 @@ '^Invalid parameter|^Duplicate declaration:|^Could not find resource|' '^Could not parse for|^/usr/bin/puppet:\d+: .+|.+\(LoadError\)|' '^Could not autoload|' - '^\/usr\/bin\/env\: jruby\: No such file or directory' + '^\/usr\/bin\/env\: jruby\: No such file or directory|' + 'failed to execute puppet' ) re_ignore = re.compile( # Puppet preloads a provider using the mysql command before it is installed From 25efd9c698c41055a3db1198900a54ce0e0fe586 Mon Sep 17 00:00:00 2001 From: "Robbie Harwood (frozencemetery)" Date: Thu, 23 Oct 2014 11:17:24 -0400 Subject: [PATCH 0162/1017] Instructions for development setup The development setup described here uses symlinks to immediately propogate changes to the packstack and opm repositories; this was found useful in the course of developing new packstack plugins. Change-Id: Ifc8fbd6f65f77981eb2c9964a3ab5683abfc4db8 --- README | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/README b/README index d156136e4..f1dc3ab94 100644 --- a/README +++ b/README @@ -65,3 +65,55 @@ Debugging To make packstack write more detailed information into the log file you can use the -d switch: $ packstack -d --allinone + +Developing + +!!! Warning: this procedure installs openstack-puppet-modules containing code +!!! that has not been upstreamed and fully tested yet and as such will not be +!!! as robust as the other install procedures. It is recommended to install +!!! from RPM instead. + +To ease development of packstack and openstack-puppet-modules, it can be +useful to install from git such that updates to the git repositories are +immediately effective without reinstallation of packstack and +openstack-puppet-modules. + +To do this, start with a minimal fedora20 installation. Then remove any +relevant packages that might conflict: + +# yum -y erase openstack-{packstack*,puppet-modules} + +Disable selinux by changing "enforcing" to "permissive" in +/etc/sysconfig/selinux, then reboot to allow service changes to take effect +and swap over networking. Then install packages: + +# yum -y install git python-setuptools + +And install RDO: + +# yum -y install https://rdo.fedorapeople.org/rdo-release.rpm +# yum -y update + +Now we get openstack-puppet-modules. Because `python setup.py +install_puppet_modules` from packstack copies rather than linking, this is not +entirely straightforward: + +# git clone https://github.com/redhat-openstack/openstack-puppet-modules +# cd openstack-puppet-modules +# git checkout master-patches +# mkdir /usr/share/openstack-puppet +# ln -sv /root/openstack-puppet-modules /usr/share/openstack-puppet/modules + +Then we get packstack, and perform a similar dance: + +# git clone https://github.com/stackforge/packstack +# cd packstack +# python setup.py develop +# cd /usr/share/openstack-puppet/modules +# ln -sv /root/packstack/packstack/puppet/modules/packstack +# ln -sv /root/packstack/packstack/puppet/modules/remote + + +And we're done. Changes to the contents of packstack and +openstack-puppet-modules repositories are picked up by the packstack +executable without further intervention, and packstack is ready to install. From 6342d8cff8b3f7cd288a52c5f81580edfcdfe435 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 29 Oct 2014 16:38:44 +0100 Subject: [PATCH 0163/1017] Fix LVM Cinder Volume Creation Change-Id: Ia220f4818a52848be12cbc460f456feebc02e362 Fixes: rhbz#1148552 Signed-off-by: Gael Chamoulaud --- packstack/plugins/cinder_250.py | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 2c84e8f0b..b5d828754 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -598,15 +598,18 @@ def initSequences(controller): cinder_steps = [ {'title': 'Adding Cinder Keystone manifest entries', - 'functions': [create_keystone_manifest]}, - {'title': 'Adding Cinder manifest entries', - 'functions': [create_manifest]} + 'functions': [create_keystone_manifest]} ] if 'lvm' in config['CONFIG_CINDER_BACKEND']: cinder_steps.append( {'title': 'Checking if the Cinder server has a cinder-volumes vg', 'functions': [check_cinder_vg]}) + + cinder_steps.append( + {'title': 'Adding Cinder manifest entries', + 'functions': [create_manifest]} + ) controller.addSequence("Installing OpenStack Cinder", [], [], cinder_steps) @@ -675,12 +678,22 @@ def check_cinder_vg(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - if config["CONFIG_CINDER_VOLUMES_CREATE"] != "y": + # Do we have a cinder-volumes vg? + have_cinders_volume = False + server = utils.ScriptRunner(config['CONFIG_STORAGE_HOST']) + server.append('vgdisplay %s' % cinders_volume) + try: + server.execute() + have_cinders_volume = True + except exceptions.ScriptRuntimeError: + pass + + if config["CONFIG_CINDER_VOLUMES_CREATE"] == "n": if not have_cinders_volume: raise exceptions.MissingRequirements("The cinder server should " "contain a cinder-volumes " "volume group") - + else: match = re.match('^(?P\d+)G$', config['CONFIG_CINDER_VOLUMES_SIZE'].strip()) if not match: @@ -691,7 +704,7 @@ def check_cinder_vg(config, messages): cinders_reserve = int(cinders_volume_size * 0.03) cinders_volume_size = cinders_volume_size + cinders_reserve - config['CONFIG_CINDER_VOLUMES_SIZE'] = 'sM' % cinders_volume_size + config['CONFIG_CINDER_VOLUMES_SIZE'] = '%sM' % cinders_volume_size def create_keystone_manifest(config, messages): From 145c6e23900e382494ead9d50f90e6b5665d679a Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Tue, 28 Oct 2014 11:43:25 +0100 Subject: [PATCH 0164/1017] Allow --default-password with --gen-answer-file Previously, it was not possible to specify a default password when creating an answer file. This patch fixes that by allowing to run "packstack --gen-answer-file= --default-password= / packstack --answer-file= +- packstack --gen-answer-file= [--default-password=] / packstack --answer-file= -The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. When is created, it will contain the OPTIONS below, which can then be edited by the user. +The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. Optionally, it is possible to specify a default password when generating the answer file, and this default password will be used for all accounts. + +When is created, it will contain the OPTIONS below, which can then be edited by the user. OPTIONS ======= diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index e1058aa6c..22102483e 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -857,7 +857,7 @@ def countCmdLineFlags(options, flag): counter = 0 # make sure only flag was supplied for key, value in options.__dict__.items(): - if key in (flag, 'debug', 'timeout', 'dry_run'): + if key in (flag, 'debug', 'timeout', 'dry_run', 'default_password'): next # If anything but flag was called, increment elif value: @@ -924,7 +924,12 @@ def main(): if not answerfilepath: _printAdditionalMessages() return - generateAnswerFile(answerfilepath) + # We can also override defaults with command line options + overrides = {} + _set_command_line_values(options) + for key,value in commandLineValues.items(): + overrides[key] = value + generateAnswerFile(answerfilepath,overrides) _handleParams(answerfilepath) generateAnswerFile(options.gen_answer_file) # Are we installing an all in one @@ -942,6 +947,12 @@ def main(): # Make sure only --answer-file was supplied if options.answer_file: validateSingleFlag(options, "answer_file") + # If using an answer file, setting a default password + # does not really make sense + if getattr(options,'default_password',None): + msg = ('Please do not set --default-password ' + 'when specifying an answer file.') + raise FlagValidationError(msg) confFile = os.path.expanduser(options.answer_file) if not os.path.exists(confFile): raise Exception(output_messages.ERR_NO_ANSWER_FILE % confFile) From c4c790a6aecc88c2092b48eb58602c46013a3f46 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 27 Oct 2014 15:32:11 +0100 Subject: [PATCH 0165/1017] Fix several deprecation warnings database_user -> mysql_user mysql_module removal sql_connection -> database_connection Needs: https://github.com/redhat-openstack/openstack-puppet-modules/pull/132 Change-Id: Ia7e22b0d809e40e64dc664f281f7274a4102751c Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/cinder_qpid.pp | 19 ++++++----- packstack/puppet/templates/cinder_rabbitmq.pp | 15 ++++----- packstack/puppet/templates/glance.pp | 32 +++++++++---------- packstack/puppet/templates/heat_qpid.pp | 26 +++++++-------- packstack/puppet/templates/heat_rabbitmq.pp | 22 ++++++------- packstack/puppet/templates/keystone.pp | 15 ++++----- .../templates/mariadb_cinder_install.pp | 1 - .../templates/mariadb_glance_install.pp | 1 - .../puppet/templates/mariadb_heat_install.pp | 1 - packstack/puppet/templates/mariadb_install.pp | 6 ++-- .../templates/mariadb_keystone_install.pp | 1 - .../templates/mariadb_neutron_install.pp | 1 - .../puppet/templates/mariadb_nova_install.pp | 1 - packstack/puppet/templates/neutron_api.pp | 11 +++---- 14 files changed, 70 insertions(+), 82 deletions(-) diff --git a/packstack/puppet/templates/cinder_qpid.pp b/packstack/puppet/templates/cinder_qpid.pp index e31f3df6d..3bcac0efc 100644 --- a/packstack/puppet/templates/cinder_qpid.pp +++ b/packstack/puppet/templates/cinder_qpid.pp @@ -2,14 +2,13 @@ $cinder_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class {'cinder': - rpc_backend => 'cinder.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), - qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), - qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), - qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), - qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), - sql_connection => "mysql://cinder:${cinder_qpid_cfg_cinder_db_pw}@${cinder_qpid_cfg_mariadb_host}/cinder", - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - mysql_module => '2.2', + rpc_backend => 'cinder.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + database_connection => "mysql://cinder:${cinder_qpid_cfg_cinder_db_pw}@${cinder_qpid_cfg_mariadb_host}/cinder", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/cinder_rabbitmq.pp b/packstack/puppet/templates/cinder_rabbitmq.pp index 58102c208..ffc32c18a 100644 --- a/packstack/puppet/templates/cinder_rabbitmq.pp +++ b/packstack/puppet/templates/cinder_rabbitmq.pp @@ -2,12 +2,11 @@ $cinder_rab_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class {'cinder': - rabbit_host => hiera('CONFIG_AMQP_HOST'), - rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), - rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), - rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), - sql_connection => "mysql://cinder:${cinder_rab_cfg_cinder_db_pw}@${cinder_rab_cfg_mariadb_host}/cinder", - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - mysql_module => '2.2', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + database_connection => "mysql://cinder:${cinder_rab_cfg_cinder_db_pw}@${cinder_rab_cfg_mariadb_host}/cinder", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 2417fc3a6..9d7aaad62 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -2,25 +2,23 @@ $glance_mariadb_host = hiera('CONFIG_MARIADB_HOST') class { 'glance::api': - auth_host => hiera('CONFIG_CONTROLLER_HOST'), - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => hiera('CONFIG_GLANCE_KS_PW'), - pipeline => 'keystone', - sql_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - mysql_module => '2.2', + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => hiera('CONFIG_GLANCE_KS_PW'), + pipeline => 'keystone', + database_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), } class { 'glance::registry': - auth_host => hiera('CONFIG_CONTROLLER_HOST'), - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => hiera('CONFIG_GLANCE_KS_PW'), - sql_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - mysql_module => '2.2', + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => hiera('CONFIG_GLANCE_KS_PW'), + database_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index ae7888421..356bc2e0f 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -3,17 +3,17 @@ $heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class { 'heat': - keystone_host => $heat_cfn_cfg_ctrl_host, - keystone_password => hiera('CONFIG_HEAT_KS_PW'), - auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", - keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", - rpc_backend => 'heat.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), - qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), - qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), - qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), - qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - sql_connection => "mysql://heat:${heat_qpid_cfg_heat_db_pw}@${heat_qpid_cfg_mariadb_host}/heat", + keystone_host => $heat_cfn_cfg_ctrl_host, + keystone_password => hiera('CONFIG_HEAT_KS_PW'), + auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", + keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", + rpc_backend => 'heat.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + database_connection => "mysql://heat:${heat_qpid_cfg_heat_db_pw}@${heat_qpid_cfg_mariadb_host}/heat", } diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index e75e3e165..9d383a0ac 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -3,15 +3,15 @@ $heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class { 'heat': - keystone_host => $heat_rabbitmq_cfg_ctrl_host, - keystone_password => hiera('CONFIG_HEAT_KS_PW'), - auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", - keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", - rpc_backend => 'heat.openstack.common.rpc.impl_kombu', - rabbit_host => hiera('CONFIG_AMQP_HOST'), - rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), - rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - sql_connection => "mysql://heat:${heat_rabbitmq_cfg_heat_db_pw}@${heat_rabbitmq_cfg_mariadb_host}/heat", + keystone_host => $heat_rabbitmq_cfg_ctrl_host, + keystone_password => hiera('CONFIG_HEAT_KS_PW'), + auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", + keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", + rpc_backend => 'heat.openstack.common.rpc.impl_kombu', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + database_connection => "mysql://heat:${heat_rabbitmq_cfg_heat_db_pw}@${heat_rabbitmq_cfg_mariadb_host}/heat", } diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index 2047cf14e..bcc47f867 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -4,14 +4,13 @@ $keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') class { 'keystone': - admin_token => hiera('CONFIG_KEYSTONE_ADMIN_TOKEN'), - sql_connection => "mysql://keystone_admin:${keystone_cfg_ks_db_pw}@${keystone_cfg_mariadb_host}/keystone", - token_format => hiera('CONFIG_KEYSTONE_TOKEN_FORMAT'), - verbose => true, - debug => hiera('CONFIG_DEBUG_MODE'), - mysql_module => '2.2', - service_name => $keystone_service_name, - enable_ssl => $keystone_use_ssl, + admin_token => hiera('CONFIG_KEYSTONE_ADMIN_TOKEN'), + database_connection => "mysql://keystone_admin:${keystone_cfg_ks_db_pw}@${keystone_cfg_mariadb_host}/keystone", + token_format => hiera('CONFIG_KEYSTONE_TOKEN_FORMAT'), + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + service_name => $keystone_service_name, + enable_ssl => $keystone_use_ssl, } if $keystone_service_name == 'httpd' { diff --git a/packstack/puppet/templates/mariadb_cinder_install.pp b/packstack/puppet/templates/mariadb_cinder_install.pp index 5dfa4ae94..ae006d4ec 100644 --- a/packstack/puppet/templates/mariadb_cinder_install.pp +++ b/packstack/puppet/templates/mariadb_cinder_install.pp @@ -3,5 +3,4 @@ host => '%%', allowed_hosts => '%%', charset => 'utf8', - mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_glance_install.pp b/packstack/puppet/templates/mariadb_glance_install.pp index b2fe2951a..856b6a07a 100644 --- a/packstack/puppet/templates/mariadb_glance_install.pp +++ b/packstack/puppet/templates/mariadb_glance_install.pp @@ -3,5 +3,4 @@ host => '%%', allowed_hosts => '%%', charset => 'utf8', - mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_heat_install.pp b/packstack/puppet/templates/mariadb_heat_install.pp index ef99a2ae0..9d8e43bfe 100644 --- a/packstack/puppet/templates/mariadb_heat_install.pp +++ b/packstack/puppet/templates/mariadb_heat_install.pp @@ -3,5 +3,4 @@ host => '%%', allowed_hosts => '%%', charset => 'utf8', - mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index 26dccb790..3ef048896 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -21,19 +21,19 @@ # deleting database users for security # this is done in mysql::server::account_security but has problems # when there is no fqdn, so we're defining a slightly different one here -database_user { [ 'root@127.0.0.1', 'root@::1', '@localhost', '@%%' ]: +mysql_user { [ 'root@127.0.0.1', 'root@::1', '@localhost', '@%%' ]: ensure => 'absent', require => Class['mysql::server'], } if ($::fqdn != '' and $::fqdn != 'localhost') { - database_user { [ "root@${::fqdn}", "@${::fqdn}"]: + mysql_user { [ "root@${::fqdn}", "@${::fqdn}"]: ensure => 'absent', require => Class['mysql::server'], } } if ($::fqdn != $::hostname and $::hostname != 'localhost') { - database_user { ["root@${::hostname}", "@${::hostname}"]: + mysql_user { ["root@${::hostname}", "@${::hostname}"]: ensure => 'absent', require => Class['mysql::server'], } diff --git a/packstack/puppet/templates/mariadb_keystone_install.pp b/packstack/puppet/templates/mariadb_keystone_install.pp index 1534bde63..7cf428965 100644 --- a/packstack/puppet/templates/mariadb_keystone_install.pp +++ b/packstack/puppet/templates/mariadb_keystone_install.pp @@ -3,5 +3,4 @@ password => hiera('CONFIG_KEYSTONE_DB_PW'), allowed_hosts => '%%', charset => 'utf8', - mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_neutron_install.pp b/packstack/puppet/templates/mariadb_neutron_install.pp index 6bcad4ef7..b109c3a4b 100644 --- a/packstack/puppet/templates/mariadb_neutron_install.pp +++ b/packstack/puppet/templates/mariadb_neutron_install.pp @@ -4,5 +4,4 @@ allowed_hosts => '%%', dbname => hiera('CONFIG_NEUTRON_L2_DBNAME'), charset => 'utf8', - mysql_module => '2.2', } diff --git a/packstack/puppet/templates/mariadb_nova_install.pp b/packstack/puppet/templates/mariadb_nova_install.pp index 7f18565ae..ea5d006a3 100644 --- a/packstack/puppet/templates/mariadb_nova_install.pp +++ b/packstack/puppet/templates/mariadb_nova_install.pp @@ -3,5 +3,4 @@ host => '%%', allowed_hosts => '%%', charset => 'utf8', - mysql_module => '2.2', } diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index 66d41afd0..39d498cbc 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -1,10 +1,9 @@ class { 'neutron::server': - sql_connection => $neutron_sql_connection, - connection => $neutron_sql_connection, - auth_password => $neutron_user_password, - auth_host => hiera('CONFIG_CONTROLLER_HOST'), - enabled => true, - mysql_module => '2.2', + database_connection => $neutron_sql_connection, + connection => $neutron_sql_connection, + auth_password => $neutron_user_password, + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + enabled => true, } exec { 'neutron-db-manage upgrade': From 47df7a58ef502fc45144028bb5f762a411436025 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Thu, 6 Nov 2014 17:16:43 +0100 Subject: [PATCH 0166/1017] Fix virbr0 elimination on compute nodes https://review.openstack.org/41319 added some code to remove the default virbr0 bridge created by libvirt. However, it requires the libvirtd service to be up, not just installed. Thus, it was not working as expected. Change-Id: Idf82db9ede802d9875aab142db596ee544aadd97 --- packstack/puppet/templates/nova_compute_libvirt.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index 59b6aa791..b00d04ee5 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -49,7 +49,7 @@ exec {'virsh-net-destroy-default': onlyif => '/usr/bin/virsh net-list | grep default', command => '/usr/bin/virsh net-destroy default', - require => Package['libvirt'], + require => Service['libvirt'], } exec {'virsh-net-undefine-default': From 82b24fc11a4419eab9b4956c472e4eac726ae066 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Wed, 5 Nov 2014 12:14:32 +0100 Subject: [PATCH 0167/1017] Allow alternate locations for Cirros image When creating the demo environment, the Cirros image was downloaded from a hardcoded location. This can create issues in environments placed behind a proxy or isolated. This patch adds a new config option (CONFIG_PROVISION_DEMO_CIRROS_URL) where a local file path or remote URL can be specified. Be aware that it requires a fix to puppet-glance to work (https://review.openstack.org/132813). Change-Id: I2e6a3ba9822624d16c63f88c30d24d26d6d0c3e0 Fixes: bz#1147716 --- docs/packstack.rst | 4 +++- packstack/plugins/provision_700.py | 21 ++++++++++++++++++- .../puppet/templates/provision_demo_glance.pp | 2 +- .../puppet/templates/provision_tempest.pp | 2 +- .../templates/provision_tempest_glance.pp | 2 +- 5 files changed, 26 insertions(+), 5 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 1b51db29f..4df075021 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -537,6 +537,9 @@ Provision Config Parameters **CONFIG_PROVISION_DEMO_FLOATRANGE** The CIDR network address for the floating IP subnet. +**CONFIG_PROVISION_CIRROS_URL** + A URL or local file location for the Cirros demo image used for Glance. + **CONFIG_PROVISION_TEMPEST** Whether to configure tempest for testing. @@ -552,7 +555,6 @@ Provision Config Parameters **CONFIG_PROVISION_TEMPEST_REPO_URI** The uri of the tempest git repository to use. - Log files and Debug info ------------------------ diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index ca19e9f69..784840960 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -21,6 +21,10 @@ PLUGIN_NAME = "OS-Provision" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') +DEMO_CIRRUS_URL = ( + 'http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img' +) + def initConfig(controller): @@ -106,6 +110,21 @@ def process_provision(param, process_args=None): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "provision-cirros-url", + "USAGE": "A URL or local file location for the Cirros demo image " + "used for Glance", + "PROMPT": "Enter the URL or local file location for the Cirros " + "image", + "OPTION_LIST": False, + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": DEMO_CIRRUS_URL, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_PROVISION_CIRROS_URL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], "TEMPEST_GIT_REFS": [ @@ -286,7 +305,7 @@ def create_storage_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - if config['CONFIG_PROVISION_TEMPEST'] == "y": + if config['CONFIG_PROVISION_TEMPEST']: template = "provision_tempest_glance.pp" else: template = "provision_demo_glance.pp" diff --git a/packstack/puppet/templates/provision_demo_glance.pp b/packstack/puppet/templates/provision_demo_glance.pp index 36d1c9ffb..062d0a2af 100644 --- a/packstack/puppet/templates/provision_demo_glance.pp +++ b/packstack/puppet/templates/provision_demo_glance.pp @@ -2,7 +2,7 @@ ## Images ## Glance $image_name = 'cirros' - $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_source = hiera('CONFIG_PROVISION_CIRROS_URL') $image_ssh_user = 'cirros' glance_image { $image_name: diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 3b93e5b55..98a0db52d 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -24,7 +24,7 @@ ## Glance $image_name = 'cirros' - $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_source = hiera('CONFIG_PROVISION_TEMPEST_CIRROS_URL') $image_ssh_user = 'cirros' ## Neutron diff --git a/packstack/puppet/templates/provision_tempest_glance.pp b/packstack/puppet/templates/provision_tempest_glance.pp index 4793f6095..a4b83aaad 100644 --- a/packstack/puppet/templates/provision_tempest_glance.pp +++ b/packstack/puppet/templates/provision_tempest_glance.pp @@ -1,7 +1,7 @@ ## Glance $image_name = 'cirros' - $image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img' + $image_source = hiera('CONFIG_PROVISION_CIRROS_URL') $image_ssh_user = 'cirros' ## Tempest From 34065abc59ce904eced78deba1f41f7c53a1b6ab Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 7 Nov 2014 15:50:13 +0100 Subject: [PATCH 0168/1017] Fix swift loopback creation - Device name for swift::storage::loopback cannot contain undescore unless we want to specify metadata. Change-Id: I5631e4cd79ab2a0fdaf7ad206c7e3f6606266daf Signed-off-by: Gael Chamoulaud --- packstack/plugins/swift_600.py | 2 +- packstack/puppet/templates/swift_loopback.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 6be80c0c8..f07565118 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -209,7 +209,7 @@ def parse_devices(config): 'device_name': 'device%s' % device_number}) if not devices: devices.append({'device': None, 'zone': 1, - 'device_name': 'swift_loopback'}) + 'device_name': 'swiftloopback'}) return devices diff --git a/packstack/puppet/templates/swift_loopback.pp b/packstack/puppet/templates/swift_loopback.pp index ad5b57f5e..80abf4e3a 100644 --- a/packstack/puppet/templates/swift_loopback.pp +++ b/packstack/puppet/templates/swift_loopback.pp @@ -1,5 +1,5 @@ -swift::storage::loopback { 'swift_loopback': +swift::storage::loopback { 'swiftloopback': base_dir => '/srv/loopback-device', mnt_base_dir => '/srv/node', require => Class['swift'], From a2aea47871240879bed52638e5e5f2048aee360a Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Wed, 5 Nov 2014 17:48:09 +0100 Subject: [PATCH 0169/1017] Set MTU=1400 for GRE and VXLAN tenant networks On GRE / VXLAN tenant networks, the instance MTU should be lower than the physical network card MTU to avoid fragmentation. With this patch, Packstack will detect those cases and set mtu for instances to 1400 using DHCP. The instance OS should have proper support for this, e.g. Cirros is known to work starting on version 0.33. Change-Id: Ibea6a8ee4bf582c10f50e24d9c4bc76ff474ada2 --- packstack/plugins/neutron_350.py | 5 ++++- packstack/puppet/templates/neutron_dhcp_mtu.pp | 14 ++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 packstack/puppet/templates/neutron_dhcp_mtu.pp diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 15a6d5871..55ca653db 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -845,7 +845,10 @@ def create_dhcp_manifests(config, messages): for host in network_hosts: config["CONFIG_NEUTRON_DHCP_HOST"] = host config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) - manifest_data = getManifestTemplate("neutron_dhcp.pp") + if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): + manifest_data = getManifestTemplate("neutron_dhcp_mtu.pp") + else: + manifest_data = getManifestTemplate("neutron_dhcp.pp") manifest_file = "%s_neutron.pp" % (host,) # Firewall Rules for dhcp in fw_details = dict() diff --git a/packstack/puppet/templates/neutron_dhcp_mtu.pp b/packstack/puppet/templates/neutron_dhcp_mtu.pp new file mode 100644 index 000000000..c89313fe8 --- /dev/null +++ b/packstack/puppet/templates/neutron_dhcp_mtu.pp @@ -0,0 +1,14 @@ +class { 'neutron::agents::dhcp': + interface_driver => hiera('CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'), + debug => hiera('CONFIG_DEBUG_MODE'), + dnsmasq_config_file => '/etc/neutron/dnsmasq-neutron.conf', + require => File['/etc/neutron/dnsmasq-neutron.conf'], +} + +file { '/etc/neutron/dnsmasq-neutron.conf': + content => 'dhcp-option-force=26,1400', + owner => 'root', + group => 'neutron', + mode => '0640', +} + From d114ca89311affe2b5b9c7b4ef4fa5d1cc02fc40 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 10 Nov 2014 14:37:30 +0100 Subject: [PATCH 0170/1017] Revert "Configures Heat to use Trusts by default" - This is managed by the puppet-heat module itself, (https://review.openstack.org/126940). This reverts commit 581a79ed8507a8ffe4388a67060e0b32899d4f86. Signed-off-by: Gael Chamoulaud Conflicts: packstack/plugins/heat_750.py packstack/puppet/templates/heat_trusts.pp packstack/puppet/templates/provision_demo.pp packstack/puppet/templates/provision_tempest.pp Change-Id: I61b06f6f2d7de9cbf32061437abef9c5d7860531 --- docs/packstack.rst | 3 --- packstack/plugins/heat_750.py | 21 ------------------- packstack/plugins/provision_700.py | 7 ------- packstack/puppet/templates/heat.pp | 6 ++++++ packstack/puppet/templates/heat_trusts.pp | 11 ---------- .../puppet/templates/keystone_heat_trusts.pp | 4 ---- packstack/puppet/templates/provision_demo.pp | 5 +---- .../puppet/templates/provision_tempest.pp | 5 +---- 8 files changed, 8 insertions(+), 54 deletions(-) delete mode 100644 packstack/puppet/templates/heat_trusts.pp delete mode 100644 packstack/puppet/templates/keystone_heat_trusts.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index 4df075021..66b3276b5 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -434,9 +434,6 @@ Heat Config Parameters **CONFIG_HEAT_KS_PW** The password to use for the Heat to authenticate with Keystone. -**CONFIG_HEAT_USING_TRUSTS** - Set to 'y' if you would like Packstack to install heat with trusts as deferred auth method. If not, the stored password method will be used. - **CONFIG_HEAT_CLOUDWATCH_INSTALL** Set to 'y' if you would like Packstack to install Heat CloudWatch API. diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_750.py index d00f6faa1..344230d5c 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_750.py @@ -86,21 +86,6 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, - {"CMD_OPTION": "os-heat-using-trusts", - "USAGE": ("Set to 'y' if you would like Packstack to install Heat " - "with trusts as deferred auth method. " - "If not, the stored password method will be used."), - "PROMPT": "Should Packstack configure Heat to use trusts", - "OPTION_LIST": ["y", "n"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_HEAT_USING_TRUSTS", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "os-heat-cfn-install", "USAGE": ("Set to 'y' if you would like Packstack to install Heat " "CloudFormation API"), @@ -192,8 +177,6 @@ def create_manifest(config, messages): manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat.pp") - if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y': - manifestdata += getManifestTemplate("heat_trusts.pp") fw_details = dict() key = "heat" @@ -212,10 +195,6 @@ def create_manifest(config, messages): def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_heat.pp") - - if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y': - manifestdata += getManifestTemplate("keystone_heat_trusts.pp") - appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 784840960..bd36f2afe 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -270,11 +270,6 @@ def marshall_conf_bool(conf, key): conf[key] = False -def using_heat(config): - if config['CONFIG_HEAT_INSTALL'] != "y": - config['CONFIG_HEAT_USING_TRUSTS'] = "n" - - def using_neutron(config): # Using the neutron or nova api servers as the provisioning target # will suffice for the all-in-one case. @@ -295,7 +290,6 @@ def using_neutron(config): def create_demo_manifest(config, messages): using_neutron(config) - using_heat(config) manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST'] manifest_data = getManifestTemplate("provision_demo.pp") appendManifestFile(manifest_file, manifest_data) @@ -316,7 +310,6 @@ def create_storage_manifest(config, messages): def create_tempest_manifest(config, messages): using_neutron(config) - using_heat(config) manifest_file = '%s_provision_tempest.pp' % \ config['CONFIG_CONTROLLER_HOST'] manifest_data = getManifestTemplate("provision_tempest.pp") diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index 2d19d3caf..61ebad509 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -10,6 +10,12 @@ auth_encryption_key => hiera('CONFIG_HEAT_AUTH_ENC_KEY'), } +keystone_user_role { 'admin@admin': + ensure => present, + roles => ['admin', '_member_', 'heat_stack_owner'], + require => Class['heat::engine'], +} + class { 'heat::keystone::domain': auth_url => "http://${heat_cfg_ctrl_host}:35357/v2.0", keystone_admin => 'admin', diff --git a/packstack/puppet/templates/heat_trusts.pp b/packstack/puppet/templates/heat_trusts.pp deleted file mode 100644 index 5ec87aa35..000000000 --- a/packstack/puppet/templates/heat_trusts.pp +++ /dev/null @@ -1,11 +0,0 @@ - -heat_config { - 'DEFAULT/deferred_auth_method' : value => 'trusts'; - 'DEFAULT/trusts_delegated_roles' : value => 'heat_stack_owner'; -} - -keystone_user_role { 'admin@admin': - ensure => present, - roles => ['admin', '_member_', 'heat_stack_owner'], -} - diff --git a/packstack/puppet/templates/keystone_heat_trusts.pp b/packstack/puppet/templates/keystone_heat_trusts.pp deleted file mode 100644 index 495a9a4aa..000000000 --- a/packstack/puppet/templates/keystone_heat_trusts.pp +++ /dev/null @@ -1,4 +0,0 @@ - -keystone_role { 'heat_stack_owner': - ensure => present, -} diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index 3db71fce2..0d4c92186 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -8,9 +8,6 @@ $admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW') $admin_tenant_name = 'admin' - # Heat Using Trusts - $heat_using_trusts = hiera('CONFIG_HEAT_USING_TRUSTS') - ## Neutron $public_network_name = 'public' $public_subnet_name = 'public_subnet' @@ -37,7 +34,7 @@ password => $password, } - if $heat_using_trusts == 'y' { + if hiera('CONFIG_HEAT_INSTALL') == 'y' { keystone_user_role { "${username}@${tenant_name}": ensure => present, roles => ['_member_', 'heat_stack_owner'], diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 98a0db52d..64ff1f313 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -19,9 +19,6 @@ $admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW') $admin_tenant_name = 'admin' - # Heat Using Trusts - $heat_using_trusts = hiera('CONFIG_HEAT_USING_TRUSTS') - ## Glance $image_name = 'cirros' $image_source = hiera('CONFIG_PROVISION_TEMPEST_CIRROS_URL') @@ -76,7 +73,7 @@ password => $password, } - if $heat_using_trusts == 'y' { + if hiera('CONFIG_HEAT_INSTALL') == 'y' { keystone_user_role { "${username}@${tenant_name}": ensure => present, roles => ['_member_', 'heat_stack_owner'], From d4df05ada336b9eb38a4e54c8ffce2d058dde4c9 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 11 Nov 2014 12:38:16 +0100 Subject: [PATCH 0171/1017] Ensure Heat is set up before running provisioning Change-Id: I54cd53697e24a7fa729e580d410c14e2869328b5 --- packstack/plugins/{heat_750.py => heat_650.py} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename packstack/plugins/{heat_750.py => heat_650.py} (99%) diff --git a/packstack/plugins/heat_750.py b/packstack/plugins/heat_650.py similarity index 99% rename from packstack/plugins/heat_750.py rename to packstack/plugins/heat_650.py index 344230d5c..12a52ed24 100644 --- a/packstack/plugins/heat_750.py +++ b/packstack/plugins/heat_650.py @@ -189,7 +189,7 @@ def create_manifest(config, messages): config['FIREWALL_HEAT_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_HEAT_RULES') - appendManifestFile(manifestfile, manifestdata) + appendManifestFile(manifestfile, manifestdata, marker='heat') def create_keystone_manifest(config, messages): From f199e5e48d3a6feca8b73806acf4ea9e2833d5f7 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Wed, 12 Nov 2014 12:35:54 +0100 Subject: [PATCH 0172/1017] Do not override defaults in local_settings By default, the puppet-horizon module sets some additional variables in /etc/openstack-dashboard/local_settings that conflict with the default values in the package version. Specifically: COMPRESS_OFFLINE = True FILE_UPLOAD_TEMP_DIR = '/tmp' This patch fixes that and sets COMPRESS_OFFLINE to False and FILE_UPLOAD_TEMP_DIR to /var/tmp. Please note it requires patch https://review.openstack.org/133929 to puppet-horizon to work. Change-Id: I48a838a04619efbbf8187e2d3cd22246f5ba29b6 Fixes: bz#1148770 --- packstack/puppet/templates/horizon.pp | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index e7214c5b3..0b4470d53 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -22,16 +22,18 @@ # accessibility. We need ALLOWED_HOSTS values, but we have to avoid # ServerAlias definitions. For now we will use this wildcard hack until # puppet-horizon will have separate parameter for each config. - fqdn => '*', - can_set_mount_point => 'False', - django_debug => $is_django_debug, - listen_ssl => hiera('CONFIG_HORIZON_SSL'), - horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', - horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', - horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', - neutron_options => { - 'enable_lb' => hiera('CONFIG_HORIZON_NEUTRON_LB'), - 'enable_firewall' => hiera('CONFIG_HORIZON_NEUTRON_FW'), + fqdn => '*', + can_set_mount_point => 'False', + compress_offline => false, + django_debug => $is_django_debug, + file_upload_temp_dir => '/var/tmp', + listen_ssl => hiera('CONFIG_HORIZON_SSL'), + horizon_cert => '/etc/pki/tls/certs/ssl_ps_server.crt', + horizon_key => '/etc/pki/tls/private/ssl_ps_server.key', + horizon_ca => '/etc/pki/tls/certs/ssl_ps_chain.crt', + neutron_options => { + 'enable_lb' => hiera('CONFIG_HORIZON_NEUTRON_LB'), + 'enable_firewall' => hiera('CONFIG_HORIZON_NEUTRON_FW'), }, } From 9be16f3ee50c2fc9af0324cd34d955718aeb4580 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 10 Nov 2014 13:39:44 +0100 Subject: [PATCH 0173/1017] Switch README file to Markdown - Global reformating - Add link to the Puppet Style Guide Change-Id: I7b45bafa79946814d3a44e95651f446b518f58bd Signed-off-by: Gael Chamoulaud --- MANIFEST.in | 1 + README | 119 ---------------------------------------------- README.md | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++++ setup.py | 2 +- 4 files changed, 135 insertions(+), 120 deletions(-) delete mode 100644 README create mode 100644 README.md diff --git a/MANIFEST.in b/MANIFEST.in index fa1e2b820..c87312f16 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,5 +1,6 @@ include docs/* include LICENSE +include README.md recursive-include packstack/puppet * recursive-include packstack/templates * global-exclude .gitignore diff --git a/README b/README deleted file mode 100644 index f1dc3ab94..000000000 --- a/README +++ /dev/null @@ -1,119 +0,0 @@ -Utility to install OpenStack on Red Hat based operating system. -See other branches for older openstack versions. Details on how to -contribute to Packstack may be found in the Packstack wiki at -https://wiki.openstack.org/wiki/Packstack Additional information about -involvement in the community around Packstack can be found at -https://openstack.redhat.com/Get_involved - - -This utility can be used to install openstack on a single or -group of hosts (over ssh) - -This utility is still in the early stages, a lot of the configuration -options have yet to be added - -Installation of packstack: -$ yum install -y git -$ git clone git://github.com/stackforge/packstack.git -$ cd packstack && sudo python setup.py install - -Installation of openstack-puppet-modules (REQUIRED if running packstack from source): -$ sudo python setup.py install_puppet_modules - -Option 1 (using answer file) -$ packstack --gen-answer-file=ans.txt - -# then edit ans.txt as appropriate e.g. -o set CONFIG_SSH_KEY to a public ssh key to be installed to remote machines -o Edit the IP address to anywhere you want to install a piece of openstack on another server -o Edit the 3 network interfaces to whatever makes sense in your setup - -you'll need to use a icehouse repository for example for RHEL -CONFIG_REPO=http://repos.fedorapeople.org/repos/openstack/openstack-icehouse/epel-6/ - - -$ packstack --answer-file=ans.txt - -Option 2 (prompts for configuration options) -$ packstack - -that's it, if everything went well you can now start using openstack -$ cd -$ . keystonerc_admin -$ nova list -$ swift list # if you have installed swift - - -Config options -CONFIG_NOVA_COMPUTE_HOSTS : - a comma seperated list of ip addresses on which to install nova compute -CONFIG_SWIFT_STORAGE_HOSTS : - a comma seperate list of swift storage devices - 1.1.1.1 : create a testing loopback device and use this for storage - 1.1.1.1/sdb : use /dev/sdb on 1.1.1.1 as a storage device - -Logging - -The location of the log files and generated puppet manifests are in the -/var/tmp/packstack directory under a directory named by the date in which -packstack was run and a random string (e.g. /var/tmp/packstack/20131022-204316-Bf3Ek2). -Inside, we find a manifest directory and the openstack-setup.log file; puppet -manifests and a log file for each one are found inside the manifest directory. - -Debugging - -To make packstack write more detailed information into the log file you can use the -d switch: - -$ packstack -d --allinone - -Developing - -!!! Warning: this procedure installs openstack-puppet-modules containing code -!!! that has not been upstreamed and fully tested yet and as such will not be -!!! as robust as the other install procedures. It is recommended to install -!!! from RPM instead. - -To ease development of packstack and openstack-puppet-modules, it can be -useful to install from git such that updates to the git repositories are -immediately effective without reinstallation of packstack and -openstack-puppet-modules. - -To do this, start with a minimal fedora20 installation. Then remove any -relevant packages that might conflict: - -# yum -y erase openstack-{packstack*,puppet-modules} - -Disable selinux by changing "enforcing" to "permissive" in -/etc/sysconfig/selinux, then reboot to allow service changes to take effect -and swap over networking. Then install packages: - -# yum -y install git python-setuptools - -And install RDO: - -# yum -y install https://rdo.fedorapeople.org/rdo-release.rpm -# yum -y update - -Now we get openstack-puppet-modules. Because `python setup.py -install_puppet_modules` from packstack copies rather than linking, this is not -entirely straightforward: - -# git clone https://github.com/redhat-openstack/openstack-puppet-modules -# cd openstack-puppet-modules -# git checkout master-patches -# mkdir /usr/share/openstack-puppet -# ln -sv /root/openstack-puppet-modules /usr/share/openstack-puppet/modules - -Then we get packstack, and perform a similar dance: - -# git clone https://github.com/stackforge/packstack -# cd packstack -# python setup.py develop -# cd /usr/share/openstack-puppet/modules -# ln -sv /root/packstack/packstack/puppet/modules/packstack -# ln -sv /root/packstack/packstack/puppet/modules/remote - - -And we're done. Changes to the contents of packstack and -openstack-puppet-modules repositories are picked up by the packstack -executable without further intervention, and packstack is ready to install. diff --git a/README.md b/README.md new file mode 100644 index 000000000..a73d31734 --- /dev/null +++ b/README.md @@ -0,0 +1,133 @@ +# Packstack + +Utility to install **OpenStack** on **Red Hat** based operating system. See +other branches for older **OpenStack** versions. Details on how to +contribute to **Packstack** may be found in the **Packstack** wiki at + Additional information +about involvement in the community around **Packstack** can be found at + + + +This utility can be used to install **OpenStack** on a single or group of +hosts (over `ssh`). + +This utility is still in the early stages, a lot of the configuration +options have yet to be added. + +## Installation of packstack: + + $ yum install -y git + $ git clone git://github.com/stackforge/packstack.git + $ cd packstack && sudo python setup.py install + +## Installation of openstack-puppet-modules (REQUIRED if running packstack from source): + + $ sudo python setup.py install_puppet_modules + +### Option 1 (using answer file) + + $ packstack --gen-answer-file=ans.txt + +Then edit `ans.txt` as appropriate e.g. + +- set `CONFIG_SSH_KEY` to a public ssh key to be installed to remote machines +- Edit the IP address to anywhere you want to install a piece of openstack on another server +- Edit the 3 network interfaces to whatever makes sense in your setup + +you'll need to use a icehouse repository for example for RHEL + + $ CONFIG_REPO=http://repos.fedorapeople.org/repos/openstack/openstack-icehouse/epel-6/ + + $ packstack --answer-file=ans.txt + +### Option 2 (prompts for configuration options) + + $ packstack + +that's it, if everything went well you can now start using openstack + + $ cd + $ . keystonerc_admin + $ nova list + $ swift list # if you have installed swift + +## Config options + +- `CONFIG_NOVA_COMPUTE_HOSTS` : + * A comma separated list of ip addresses on which to install nova compute +- `CONFIG_SWIFT_STORAGE_HOSTS` : + * A comma separated list of swift storage devices + * `1.1.1.1`: create a testing loopback device and use this for storage + * `1.1.1.1/sdb`: use `/dev/sdb` on `1.1.1.1` as a storage device + +## Logging + +The location of the log files and generated puppet manifests are in the +`/var/tmp/packstack` directory under a directory named by the date in which +**Packstack** was run and a random string (e.g. `/var/tmp/packstack/20131022-204316-Bf3Ek2`). +Inside, we find a manifest directory and the `openstack-setup.log` file; puppet +manifests and a log file for each one are found inside the manifest directory. + +## Debugging + +To make **Packstack** write more detailed information into the log file you can use the `-d` switch: + + $ packstack -d --allinone + +## Developing + +**Warning:** +this procedure installs **openstack-puppet-modules** containing code that has +not been upstreamed and fully tested yet and as such will not be as robust as +the other install procedures. It is recommended to install from **RPM** +instead. + +To ease development of **Packstack** and **openstack-puppet-modules**, it can be +useful to install from *git* such that updates to the git repositories are +immediately effective without reinstallation of packstack and +**openstack-puppet-modules**. + +To do this, start with a minimal **Fedora 20** installation. Then remove any +relevant packages that might conflict: + + $ yum -y erase openstack-{packstack*,puppet-modules} + +Disable **SELinux** by changing "`enforcing`" to "`permissive`" in +`/etc/sysconfig/selinux`, then reboot to allow service changes to take effect +and swap over networking. Then install packages: + + $ yum -y install git python-setuptools + +And install **RDO**: + + $ yum -y install https://rdo.fedorapeople.org/rdo-release.rpm + $ yum -y update + +Now we get **openstack-puppet-modules**. Because `python setup.py +install_puppet_modules` from **Packstack** copies rather than linking, this is not +entirely straightforward: + + $ git clone https://github.com/redhat-openstack/openstack-puppet-modules + $ cd openstack-puppet-modules + $ git checkout master-patches + $ mkdir /usr/share/openstack-puppet + $ ln -sv /root/openstack-puppet-modules /usr/share/openstack-puppet/modules + +Then we get **Packstack**, and perform a similar dance: + + $ git clone https://github.com/stackforge/packstack + $ cd packstack + $ python setup.py develop + $ cd /usr/share/openstack-puppet/modules + $ ln -sv /root/packstack/packstack/puppet/modules/packstack + $ ln -sv /root/packstack/packstack/puppet/modules/remote + +And we're done. Changes to the contents of **Packstack** and +**openstack-puppet-modules** repositories are picked up by the **Packstack** +executable without further intervention, and **Packstack** is ready to install. + +## Puppet Style Guide + +**IMPORTANT** + +Please, respect the Puppet Style Guide as much as possible ! diff --git a/setup.py b/setup.py index c68a67272..bcc6b071d 100644 --- a/setup.py +++ b/setup.py @@ -88,7 +88,7 @@ def read(fname): url="https://github.com/stackforge/packstack", packages=find_packages('.'), include_package_data=True, - long_description=read('README'), + long_description=read('README.md'), zip_safe=False, install_requires=['netaddr', 'PyYAML'], classifiers=[ From b2c341d4a52c46181b7ed506ce05c5b4eabcd89b Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 12 Nov 2014 17:36:08 +0100 Subject: [PATCH 0174/1017] Introduce Puppet-lint/syntax test into Packstack - Add puppet-lint and puppet-syntax - To run puppet-lint, please look at the README.md file. Change-Id: I4b9e5d0c030b891545bc07f10091d748cdc1482e Signed-off-by: Gael Chamoulaud --- .gitignore | 2 ++ Gemfile | 17 +++++++++++++++++ README.md | 28 ++++++++++++++++++++++++++++ Rakefile | 20 ++++++++++++++++++++ 4 files changed, 67 insertions(+) create mode 100644 Gemfile create mode 100644 Rakefile diff --git a/.gitignore b/.gitignore index 726885683..b2eb9bdbe 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,6 @@ *.swp *.log .tox +vendor/* +Gemfile.lock packstack.egg-info diff --git a/Gemfile b/Gemfile new file mode 100644 index 000000000..9e6d4a367 --- /dev/null +++ b/Gemfile @@ -0,0 +1,17 @@ +source 'https://rubygems.org' + +group :development, :test do + gem 'puppetlabs_spec_helper', :require => false + gem 'puppet-lint', '~> 1.1' + gem 'puppet-lint-param-docs', '1.1.0' + gem 'puppet-syntax' + gem 'rake', '10.1.1' +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/README.md b/README.md index a73d31734..1e68b996f 100644 --- a/README.md +++ b/README.md @@ -131,3 +131,31 @@ executable without further intervention, and **Packstack** is ready to install. **IMPORTANT** Please, respect the Puppet Style Guide as much as possible ! + +## Running local Puppet-lint tests + +It assumes that both `bundler` as well as `rubygems` (and `ruby`) are already +installed on the system. If not, run this command: + + $ sudo yum install rubygems rubygem-bundler ruby ruby-devel -y + +Go into the **Packstack** root directory. + + $ cd packstack/ + +A `Rakefile` contains all you need to run puppet-lint task automatically over +all the puppet manifests included in the **Packstack** project. + + $ ls -l packstack/puppet/templates/ + +and + + $ ls -l packstack/puppet/modules/ + +The default puppet-lint pattern for `.pp` files is `**/*.pp`. So there is no +need to go inside those directories to run puppet-lint ! + + $ mkdir vendor + $ export GEM_HOME=vendor + $ bundle install + $ bundle exec rake lint diff --git a/Rakefile b/Rakefile new file mode 100644 index 000000000..dc9efc974 --- /dev/null +++ b/Rakefile @@ -0,0 +1,20 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +require 'puppet-syntax/tasks/puppet-syntax' + +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.with_filename = false +PuppetLint.configuration.send('disable_names_containing_dash') +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_parameter_defaults') +exclude_paths = ['spec/**/*','pkg/**/*','vendor/**/*'] +exclude_lint_paths = exclude_paths + +PuppetLint.configuration.ignore_paths = exclude_lint_paths +PuppetSyntax.exclude_paths = exclude_paths + +task(:default).clear +task :default => :lint + +desc 'Run syntax, lint' +task :test => [:syntax,:lint] From 13e543e0f050e73ed24094c95e74eb04eb11940d Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 17 Nov 2014 16:26:20 +0100 Subject: [PATCH 0175/1017] Add workaround for PuppetLint.configuration.ignore_paths - https://github.com/rodjek/puppet-lint/issues/331 Change-Id: Ic6578b2ffa84f6f3955e49e4279be972ea4a5a96 Signed-off-by: Gael Chamoulaud --- Gemfile | 2 +- Rakefile | 31 ++++++++++++++++++++----------- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/Gemfile b/Gemfile index 9e6d4a367..a7479cf28 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,4 @@ -source 'https://rubygems.org' +source ENV["GEM_SOURCE"] || "https://rubygems.org" group :development, :test do gem 'puppetlabs_spec_helper', :require => false diff --git a/Rakefile b/Rakefile index dc9efc974..6ff42650e 100644 --- a/Rakefile +++ b/Rakefile @@ -2,19 +2,28 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-lint/tasks/puppet-lint' require 'puppet-syntax/tasks/puppet-syntax' +PuppetLint.configuration.relative = true +PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}" PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.with_filename = false -PuppetLint.configuration.send('disable_names_containing_dash') -PuppetLint.configuration.send('disable_80chars') PuppetLint.configuration.send('disable_class_parameter_defaults') -exclude_paths = ['spec/**/*','pkg/**/*','vendor/**/*'] -exclude_lint_paths = exclude_paths +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_containing_dash') +PuppetLint.configuration.send('disable_quoted_booleans') +PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.ignore_paths = exclude_lint_paths -PuppetSyntax.exclude_paths = exclude_paths +exclude_paths = [ +"pkg/**/*", +"vendor/**/*", +"spec/**/*", +] -task(:default).clear -task :default => :lint +Rake::Task[:lint].clear +PuppetLint.configuration.ignore_paths = exclude_paths +PuppetSyntax.exclude_paths = exclude_paths -desc 'Run syntax, lint' -task :test => [:syntax,:lint] +desc "Run syntax, lint" +task :test => [ + :syntax, + :lint, +] From 4fe6406bbe1eb4f042d666babdf42d9d15bc6871 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 18 Nov 2014 10:42:52 +0100 Subject: [PATCH 0176/1017] Remove Deprecated parameters for keystone::endpoint class List of deprecated parameters and their replacements: - public_protocol (replaced by public_url) - public_address (replaced by public_url) - public_port (replaced by public_url) - internal_address (replaced by internal_url) - internal_port (replaced by internal_url) - admin_address (replaced by admin_url) - admin_port (replaced by admin_url) Change-Id: I9233c2b398bc4d357310c2eb931ffe69f6bdeede Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/keystone.pp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index bcc47f867..f2a8e5d20 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -2,6 +2,7 @@ $keystone_service_name = hiera('CONFIG_KEYSTONE_SERVICE_NAME') $keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') $keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') class { 'keystone': admin_token => hiera('CONFIG_KEYSTONE_ADMIN_TOKEN'), @@ -28,10 +29,10 @@ } class { 'keystone::endpoint': - region => hiera('CONFIG_KEYSTONE_REGION'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", + internal_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", + admin_url => "http://${keystone_endpoint_cfg_ctrl_host}:35357", + region => hiera('CONFIG_KEYSTONE_REGION'), } # Run token flush every minute (without output so we won't spam admins) From e95098f5d5f21f830664608eebf964d4c46e3796 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 20 Nov 2014 11:14:11 +0100 Subject: [PATCH 0177/1017] [Neutron] Fix undef hiera value for gre protocol We have to use 'None 'in python to pass 'undef' to hiera. Change-Id: I72fc58c765b2fc67a2b27c677fd1fa1e9762244f --- packstack/plugins/neutron_350.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 55ca653db..f00752a61 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -793,7 +793,7 @@ def create_manifests(config, messages): tun_port = "%s" % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'] else: fw_details[key]['proto'] = 'gre' - tun_port = 'undef' + tun_port = None fw_details[key]['ports'] = tun_port config['FIREWALL_NEUTRON_TUNNEL_RULES'] = fw_details From e20697ba6c7ba254d71acb9b237222e9b30c2266 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 15 Jul 2014 22:31:11 +0200 Subject: [PATCH 0178/1017] Adds Warning when NetworkManager is active on hosts Fixes: rhbz#1117115 Signed-off-by: Gael Chamoulaud (cherry picked from commit 2faa9a2cb616615f189a7ed6a7eade9a9f12c0e6) (cherry picked from commit ff7caad9f1943d3d09f511efad8a1dcbb6a165c7) Conflicts: packstack/plugins/neutron_350.py Change-Id: I7e0fed8b47dabb492f2f3e683f8e8d65497ad816 --- packstack/installer/output_messages.py | 3 ++ packstack/plugins/neutron_350.py | 41 ++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 40daf6fef..cf6420398 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -55,6 +55,9 @@ INFO_REMOVE_REMOTE_VAR="Removing %s on %s (if it is a remote host)" WARN_WEAK_PASS="Warning: Weak Password." +WARN_NM_ENABLED=("Warning: NetworkManager is active on %s. OpenStack " + "networking currently does not work on systems that have " + "the Network Manager service enabled.") ERR_PING = "Error: the provided hostname is unreachable" ERR_SSH = "Error: could not connect to the ssh server: %s" diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f00752a61..efd4b7e93 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -10,10 +10,13 @@ import uuid from packstack.installer import utils +from packstack.installer import exceptions from packstack.installer import validators from packstack.installer import processors +from packstack.installer import output_messages from packstack.installer.utils import split_hosts +from packstack.modules.common import filtered_hosts from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile, @@ -602,6 +605,8 @@ def initSequences(controller): 'functions': [create_metering_agent_manifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions': [create_metadata_manifests]}, + {'title': 'Checking if NetworkManager is enabled and running', + 'functions': [check_nm_status]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps) @@ -980,3 +985,39 @@ def create_metadata_manifests(config, messages): manifestdata = getManifestTemplate('neutron_metadata.pp') manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") + + +def check_nm_status(config, messages): + hosts_with_nm = [] + for host in filtered_hosts(config): + server = utils.ScriptRunner(host) + server.append("systemctl") + rc, out = server.execute(can_fail=False) + server.clear() + + if rc < 1: + server.append("systemctl is-enabled NetworkManager") + rc, is_enabled = server.execute(can_fail=False) + is_enabled = is_enabled.strip("\n ") + server.clear() + + server.append("systemctl is-active NetworkManager") + rc, is_active = server.execute(can_fail=False) + is_active = is_active.strip("\n ") + + if is_enabled == "enabled" or is_active == "active": + hosts_with_nm.append(host) + else: + server.clear() + server.append("service NetworkManager status") + rc, out = server.execute(can_fail=False) + + if rc < 1: + hosts_with_nm.append(host) + + server.clear() + + if hosts_with_nm: + hosts_list = ', '.join("%s" % x for x in hosts_with_nm) + msg = output_messages.WARN_NM_ENABLED + messages.append(utils.color_text(msg % hosts_list, 'yellow')) From 86a166a4718ae90eab78949f82f4f7c12ded2a6c Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Tue, 25 Nov 2014 16:20:02 +0100 Subject: [PATCH 0179/1017] Configure TCP keepalive setting to all nodes In some cases, it has been observed that services keep their connection to RabbitMQ when they should not (e.g. during a controller server hard reboot), creating instability. This patch aims at fixing this by setting TCP keepalive parameters for RabbitMQ connections, and setting kernel parameters to send keepalive packets more often. Change-Id: I7688a86e4ff617f20d6767f156c5d880e0d4d619 Fixes: bz#1167414 --- packstack/puppet/templates/amqp.pp | 3 +++ packstack/puppet/templates/prescript.pp | 14 ++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 931e36708..509087510 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -29,6 +29,9 @@ default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'), package_provider => 'yum', admin_enable => false, + config_variables => { + 'tcp_listen_options' => "[binary,{packet, raw},{reuseaddr, true},{backlog, 128},{nodelay, true},{exit_on_close, false},{keepalive, true}]" + } } Package['erlang'] -> Class['rabbitmq'] diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index bde453f9e..547f99947 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -32,3 +32,17 @@ enable => true, } +# The following kernel parameters help alleviate some RabbitMQ +# connection issues + +sysctl::value { 'net.ipv4.tcp_keepalive_intvl': + value => '1', +} + +sysctl::value { 'net.ipv4.tcp_keepalive_probes': + value => '5', +} + +sysctl::value { 'net.ipv4.tcp_keepalive_time': + value => '5', +} From 730f1497a943af7e4c53b25a03255ed400ecdc79 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 26 Nov 2014 18:48:24 -0500 Subject: [PATCH 0180/1017] [Neutron] Ensure ovs agent setup runs for all CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES Previously we used to pick only the first type from tenant network types, Now packstack parses whole array and sets ovs agent on nodes accordingly. Closes-Bug: rhbz#1163697 rhbz#1168242 Change-Id: I15be465c7d910cee7224c0bf78e2a6a9d93f9bb4 --- packstack/plugins/neutron_350.py | 26 +++++---------- ...vs_agent_vxlan.pp => neutron_ovs_agent.pp} | 14 ++++---- .../puppet/templates/neutron_ovs_agent_gre.pp | 33 ------------------- .../templates/neutron_ovs_agent_local.pp | 19 ----------- .../templates/neutron_ovs_agent_vlan.pp | 19 ----------- 5 files changed, 16 insertions(+), 95 deletions(-) rename packstack/puppet/templates/{neutron_ovs_agent_vxlan.pp => neutron_ovs_agent.pp} (78%) delete mode 100644 packstack/puppet/templates/neutron_ovs_agent_gre.pp delete mode 100644 packstack/puppet/templates/neutron_ovs_agent_local.pp delete mode 100644 packstack/puppet/templates/neutron_ovs_agent_vlan.pp diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f00752a61..f62e612c3 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -696,19 +696,6 @@ def get_values(val): return [x.strip() for x in val.split(',')] if val else [] -def get_agent_type(config): - # The only real use case I can think of for multiples right now is to list - # "vlan,gre" or "vlan,vxlan" so that VLANs are used if available, - # but tunnels are used if not. - tenant_types = config.get('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', - "local") - - for i in ['gre', 'vxlan', 'vlan']: - if i in tenant_types: - return i - return tenant_types[0] - - #-------------------------- step functions -------------------------- def create_manifests(config, messages): @@ -928,10 +915,15 @@ def create_l2_agent_manifests(config, messages): ovs_type = 'CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE' ovs_type = config.get(ovs_type, 'local') elif plugin == 'ml2': - ovs_type = get_agent_type(config) + ovs_type = 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES' + ovs_type = config.get(ovs_type, 'local') else: raise RuntimeError('Invalid combination of plugin and agent.') - template_name = "neutron_ovs_agent_%s.pp" % ovs_type + tunnel = use_openvswitch_vxlan(config) or use_openvswitch_gre(config) + config["CONFIG_NEUTRON_OVS_TUNNELING"] = tunnel + tunnel_types = set(ovs_type) & set(['gre', 'vxlan']) + config["CONFIG_NEUTRON_OVS_TUNNEL_TYPES"] = list(tunnel_types) + template_name = "neutron_ovs_agent.pp" bm_arr = get_values(config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"]) iface_arr = get_values(config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"]) @@ -956,8 +948,8 @@ def create_l2_agent_manifests(config, messages): # neutron ovs port only on network hosts if ( agent == "openvswitch" and ( - (host in network_hosts and ovs_type in ['vxlan', 'gre']) - or ovs_type == 'vlan') + (host in network_hosts and tunnel_types) + or 'vlan' in ovs_type) ): bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' iface_key = 'CONFIG_NEUTRON_OVS_IFACE' diff --git a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp b/packstack/puppet/templates/neutron_ovs_agent.pp similarity index 78% rename from packstack/puppet/templates/neutron_ovs_agent_vxlan.pp rename to packstack/puppet/templates/neutron_ovs_agent.pp index 6813afc13..44e4ea7fc 100644 --- a/packstack/puppet/templates/neutron_ovs_agent_vxlan.pp +++ b/packstack/puppet/templates/neutron_ovs_agent.pp @@ -1,4 +1,4 @@ -$ovs_agent_vxlan_cfg_neut_ovs_tun_if = hiera('CONFIG_NEUTRON_OVS_TUNNEL_IF') +$ovs_agent_vxlan_cfg_neut_ovs_tun_if = hiera('CONFIG_NEUTRON_OVS_TUNNEL_IF',undef) if $ovs_agent_vxlan_cfg_neut_ovs_tun_if != '' { $iface = regsubst($ovs_agent_vxlan_cfg_neut_ovs_tun_if, '[\.\-\:]', '_', 'G') @@ -10,19 +10,19 @@ if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { class { 'neutron::agents::ml2::ovs': bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - enable_tunneling => true, - tunnel_types => ['vxlan'], + enable_tunneling => hiera('CONFIG_NEUTRON_OVS_TUNNELING'), + tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), local_ip => $localip, - vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'), + vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef), l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), } } else { class { 'neutron::agents::ovs': bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - enable_tunneling => true, - tunnel_types => ['vxlan'], + enable_tunneling => hiera('CONFIG_NEUTRON_OVS_TUNNELING'), + tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), local_ip => $localip, - vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'), + vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef), } file { 'ovs_neutron_plugin.ini': diff --git a/packstack/puppet/templates/neutron_ovs_agent_gre.pp b/packstack/puppet/templates/neutron_ovs_agent_gre.pp deleted file mode 100644 index f9ec26120..000000000 --- a/packstack/puppet/templates/neutron_ovs_agent_gre.pp +++ /dev/null @@ -1,33 +0,0 @@ -$ovs_agent_gre_cfg_neut_ovs_tun_if = hiera('CONFIG_NEUTRON_OVS_TUNNEL_IF') - -if $ovs_agent_gre_cfg_neut_ovs_tun_if != '' { - $iface = regsubst($ovs_agent_gre_cfg_neut_ovs_tun_if, '[\.\-\:]', '_', 'G') - $localip = inline_template("<%%= scope.lookupvar('::ipaddress_${iface}') %%>") -} else { - $localip = $cfg_neutron_ovs_host -} - -if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { - class { 'neutron::agents::ml2::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - enable_tunneling => true, - tunnel_types => ['gre'], - local_ip => $localip, - l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), - } -} else { - class { 'neutron::agents::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - enable_tunneling => true, - tunnel_types => ['gre'], - local_ip => $localip, - } - - file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], - require => Package['neutron-plugin-ovs'], - } -} diff --git a/packstack/puppet/templates/neutron_ovs_agent_local.pp b/packstack/puppet/templates/neutron_ovs_agent_local.pp deleted file mode 100644 index f3d6f4ba6..000000000 --- a/packstack/puppet/templates/neutron_ovs_agent_local.pp +++ /dev/null @@ -1,19 +0,0 @@ - -if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { - class { 'neutron::agents::ml2::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), - } -} else { - class { 'neutron::agents::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - } - - file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], - require => Package['neutron-plugin-ovs'], - } -} diff --git a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp b/packstack/puppet/templates/neutron_ovs_agent_vlan.pp deleted file mode 100644 index f3d6f4ba6..000000000 --- a/packstack/puppet/templates/neutron_ovs_agent_vlan.pp +++ /dev/null @@ -1,19 +0,0 @@ - -if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { - class { 'neutron::agents::ml2::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), - } -} else { - class { 'neutron::agents::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - } - - file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], - require => Package['neutron-plugin-ovs'], - } -} From 852bffc509de7581847a4cc5db8b0ac0bedaef60 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Thu, 27 Nov 2014 03:21:06 -0800 Subject: [PATCH 0181/1017] Remove code only used for RHEL 6.3 Because there are no more EPEL6 repositories on https://repos.fedorapeople.org/repos/openstack/openstack-juno/ this code can be removed. Change-Id: Ic8daa0962ad7336f5b9a07c4e44560c860301cc5 --- packstack/puppet/templates/nova_compute.pp | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 2cd645955..7a640b00b 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -42,18 +42,6 @@ vncserver_proxyclient_address => hiera('CONFIG_NOVA_COMPUTE_HOST'), } - -# Note : remove this once we're installing a version of openstack that isn't -# supported on RHEL 6.3 -if $::is_virtual_packstack == 'true' and $::osfamily == 'RedHat' and - $::operatingsystemrelease == '6.3'{ - file { '/usr/bin/qemu-system-x86_64': - ensure => link, - target => '/usr/libexec/qemu-kvm', - notify => Service['nova-compute'], - } -} - # Tune the host with a virtual hosts profile package { 'tuned': ensure => present, From a27c2bb2715e333dc5bdf476782b0127cf333a6c Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 26 Nov 2014 22:34:08 -0500 Subject: [PATCH 0182/1017] [Neutron] Deprecate ovs and linuxbridge plugins They are no longer available in Juno. Change-Id: Ic191384ca46594340ce5cf13b08218299e784117 --- docs/packstack.rst | 18 -- packstack/plugins/neutron_350.py | 273 +++--------------- packstack/plugins/provision_700.py | 3 +- .../puppet/templates/neutron_lb_plugin.pp | 4 - .../puppet/templates/neutron_ovs_agent.pp | 32 +- .../puppet/templates/neutron_ovs_bridge.pp | 8 +- .../templates/neutron_ovs_plugin_gre.pp | 5 - .../templates/neutron_ovs_plugin_local.pp | 4 - .../templates/neutron_ovs_plugin_vlan.pp | 4 - .../templates/neutron_ovs_plugin_vxlan.pp | 7 - 10 files changed, 53 insertions(+), 305 deletions(-) delete mode 100644 packstack/puppet/templates/neutron_lb_plugin.pp delete mode 100644 packstack/puppet/templates/neutron_ovs_plugin_gre.pp delete mode 100644 packstack/puppet/templates/neutron_ovs_plugin_local.pp delete mode 100644 packstack/puppet/templates/neutron_ovs_plugin_vlan.pp delete mode 100644 packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index 66b3276b5..2123df45d 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -461,39 +461,21 @@ Neutron Config Parameters **CONFIG_NEUTRON_L3_EXT_BRIDGE** The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. -**CONFIG_NEUTRON_L2_PLUGIN** - The name of the L2 plugin to be used with Neutron. (eg. linuxbridge, openvswitch, ml2). - **CONFIG_NEUTRON_METADATA_PW** A comma separated list of IP addresses on which to install Neutron metadata agent. **CONFIG_NEUTRON_FWAAS** Whether to configure neutron Firewall as a Service. -**CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE** - The type of network to allocate for tenant networks (eg. vlan, local, gre). - -**CONFIG_NEUTRON_LB_VLAN_RANGES** - A comma separated list of VLAN ranges for the Neutron linuxbridge plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). - **CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). -**CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE** - Type of network to allocate for tenant networks (eg. vlan, local, gre). - -**CONFIG_NEUTRON_OVS_VLAN_RANGES** - A comma separated list of VLAN ranges for the Neutron openvswitch plugin (eg. physnet1:1:4094,physnet2,physnet3:3000:3999). - **CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). **CONFIG_NEUTRON_OVS_BRIDGE_IFACES** A comma separated list of colon-separated OVS brid. -**CONFIG_NEUTRON_OVS_TUNNEL_RANGES** - A comma separated list of tunnel ranges for the Neutron openvswitch plugin. - **CONFIG_NEUTRON_OVS_TUNNEL_IF** Override the IP used for GRE tunnels on this hypervisor to the IP found on the specified interface (defaults to the HOST IP). diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f8b913695..3647fab9f 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -78,21 +78,6 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, - {"CMD_OPTION": "os-neutron-l2-plugin", - "USAGE": "The name of the L2 plugin to be used with Neutron. " - "(eg. linuxbridge, openvswitch, ml2)", - "PROMPT": ("Enter the name of the L2 plugin to be used " - "with Neutron"), - "OPTION_LIST": ["linuxbridge", "openvswitch", "ml2"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "ml2", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NEUTRON_L2_PLUGIN", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "os-neutron-metadata-pw", "USAGE": "Neutron metadata agent password", "PROMPT": "Enter Neutron metadata agent password", @@ -149,40 +134,7 @@ def initConfig(controller): "CONDITION": False}, ], - "NEUTRON_LB_PLUGIN": [ - {"CMD_OPTION": "os-neutron-lb-tenant-network-type", - "USAGE": ("The type of network to allocate for tenant networks " - "(eg. vlan, local)"), - "PROMPT": ("Enter the type of network to allocate for tenant " - "networks"), - "OPTION_LIST": ["local", "vlan"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "local", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-neutron-lb-vlan-ranges", - "USAGE": ("A comma separated list of VLAN ranges for the Neutron " - "linuxbridge plugin (eg. physnet1:1:4094,physnet2," - "physnet3:3000:3999)"), - "PROMPT": ("Enter a comma separated list of VLAN ranges for " - "the Neutron linuxbridge plugin"), - "OPTION_LIST": [], - "VALIDATORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_NEUTRON_LB_VLAN_RANGES", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ], - - "NEUTRON_LB_PLUGIN_AND_AGENT": [ + "NEUTRON_LB_AGENT": [ {"CMD_OPTION": "os-neutron-lb-interface-mappings", "USAGE": ("A comma separated list of interface mappings for the " "Neutron linuxbridge plugin (eg. physnet1:br-eth1," @@ -200,40 +152,7 @@ def initConfig(controller): "CONDITION": False}, ], - "NEUTRON_OVS_PLUGIN": [ - {"CMD_OPTION": "os-neutron-ovs-tenant-network-type", - "USAGE": ("Type of network to allocate for tenant networks " - "(eg. vlan, local, gre, vxlan)"), - "PROMPT": ("Enter the type of network to allocate for tenant " - "networks"), - "OPTION_LIST": ["local", "vlan", "gre", "vxlan"], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "vxlan", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "os-neutron-ovs-vlan-ranges", - "USAGE": ("A comma separated list of VLAN ranges for the Neutron " - "openvswitch plugin (eg. physnet1:1:4094,physnet2," - "physnet3:3000:3999)"), - "PROMPT": ("Enter a comma separated list of VLAN ranges for the " - "Neutron openvswitch plugin"), - "OPTION_LIST": [], - "VALIDATORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_NEUTRON_OVS_VLAN_RANGES", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ], - - "NEUTRON_OVS_PLUGIN_AND_AGENT": [ + "NEUTRON_OVS_AGENT": [ {"CMD_OPTION": "os-neutron-ovs-bridge-mappings", "USAGE": ("A comma separated list of bridge mappings for the " "Neutron openvswitch plugin (eg. physnet1:br-eth1," @@ -267,24 +186,7 @@ def initConfig(controller): "CONDITION": False}, ], - "NEUTRON_OVS_PLUGIN_TUNNEL": [ - {"CMD_OPTION": "os-neutron-ovs-tunnel-ranges", - "USAGE": ("A comma separated list of tunnel ranges for the " - "Neutron openvswitch plugin (eg. 1:1000)"), - "PROMPT": ("Enter a comma separated list of tunnel ranges for " - "the Neutron openvswitch plugin"), - "OPTION_LIST": [], - "VALIDATORS": [], - "DEFAULT_VALUE": "", - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_NEUTRON_OVS_TUNNEL_RANGES", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - ], - - "NEUTRON_OVS_PLUGIN_AND_AGENT_TUNNEL": [ + "NEUTRON_OVS_AGENT_TUNNEL": [ {"CMD_OPTION": "os-neutron-ovs-tunnel-if", "USAGE": ("The interface for the OVS tunnel. Packstack will " "override the IP address used for tunnels on this " @@ -303,7 +205,7 @@ def initConfig(controller): "CONDITION": False}, ], - "NEUTRON_OVS_PLUGIN_AND_AGENT_VXLAN": [ + "NEUTRON_OVS_AGENT_VXLAN": [ {"CMD_OPTION": "os-neutron-ovs-vxlan-udp-port", "CONF_NAME": "CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT", "USAGE": "VXLAN UDP port", @@ -313,7 +215,6 @@ def initConfig(controller): "DEFAULT_VALUE": 4789, "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, @@ -487,54 +388,33 @@ def initConfig(controller): {"GROUP_NAME": "NEUTRON_ML2_PLUGIN", "DESCRIPTION": "Neutron ML2 plugin config", - "PRE_CONDITION": use_ml2_plugin, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "NEUTRON_LB_PLUGIN", - "DESCRIPTION": "Neutron LB plugin config", - "PRE_CONDITION": use_linuxbridge_plugin, + "PRE_CONDITION": neutron_install, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME": "NEUTRON_LB_PLUGIN_AND_AGENT", + {"GROUP_NAME": "NEUTRON_LB_AGENT", "DESCRIPTION": "Neutron LB agent config", - "PRE_CONDITION": use_linuxbridge_agent, + "PRE_CONDITION": use_ml2_with_linuxbridge, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME": "NEUTRON_OVS_PLUGIN", - "DESCRIPTION": "Neutron OVS plugin config", - "PRE_CONDITION": use_openvswitch_plugin, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_AND_AGENT", + {"GROUP_NAME": "NEUTRON_OVS_AGENT", "DESCRIPTION": "Neutron OVS agent config", - "PRE_CONDITION": use_openvswitch_agent, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_TUNNEL", - "DESCRIPTION": "Neutron OVS plugin config for tunnels", - "PRE_CONDITION": use_openvswitch_plugin_tunnel, + "PRE_CONDITION": use_ml2_with_ovs, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_AND_AGENT_TUNNEL", + {"GROUP_NAME": "NEUTRON_OVS_AGENT_TUNNEL", "DESCRIPTION": "Neutron OVS agent config for tunnels", - "PRE_CONDITION": use_openvswitch_agent_tunnel, + "PRE_CONDITION": use_ml2_with_ovs, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME": "NEUTRON_OVS_PLUGIN_AND_AGENT_VXLAN", + {"GROUP_NAME": "NEUTRON_OVS_AGENT_VXLAN", "DESCRIPTION": "Neutron OVS agent config for VXLAN", "PRE_CONDITION": use_openvswitch_vxlan, "PRE_CONDITION_MATCH": True, @@ -551,31 +431,22 @@ def initSequences(controller): if config['CONFIG_NEUTRON_INSTALL'] != 'y': return - if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch': - plugin_db = 'ovs_neutron' - plugin_path = ('neutron.plugins.openvswitch.ovs_neutron_plugin.' - 'OVSNeutronPluginV2') - elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge': - plugin_db = 'neutron_linux_bridge' - plugin_path = ('neutron.plugins.linuxbridge.lb_neutron_plugin.' - 'LinuxBridgePluginV2') - elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2': - plugin_db = 'neutron' - plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' - # values modification - for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', - 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', - 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', - 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', - 'CONFIG_NEUTRON_ML2_VLAN_RANGES', - 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', - 'CONFIG_NEUTRON_ML2_VNI_RANGES'): - if config[key] == '': - config[key] = [] - else: - config[key] = [i.strip() for i in config[key].split(',') if i] - key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' - config[key] = "%s" % config[key] if config[key] else '' + plugin_db = 'neutron' + plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' + # values modification + for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', + 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', + 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', + 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', + 'CONFIG_NEUTRON_ML2_VLAN_RANGES', + 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', + 'CONFIG_NEUTRON_ML2_VNI_RANGES'): + if config[key] == '': + config[key] = [] + else: + config[key] = [i.strip() for i in config[key].split(',') if i] + key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' + config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path @@ -614,75 +485,35 @@ def initSequences(controller): #------------------------- helper functions ------------------------- -def use_ml2_plugin(config): - return (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2') - +def neutron_install(config): + return config['CONFIG_NEUTRON_INSTALL'] == 'y' -def use_linuxbridge_plugin(config): - result = (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge') - if result: - config["CONFIG_NEUTRON_L2_AGENT"] = 'linuxbridge' - return result - -def use_linuxbridge_agent(config): - ml2_used = (use_ml2_plugin(config) and +def use_ml2_with_linuxbridge(config): + ml2_used = (neutron_install(config) and config["CONFIG_NEUTRON_L2_AGENT"] == 'linuxbridge') - return use_linuxbridge_plugin(config) or ml2_used - - -def use_openvswitch_plugin(config): - result = (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch') - if result: - config["CONFIG_NEUTRON_L2_AGENT"] = 'openvswitch' - return result - - -def use_openvswitch_plugin_tunnel(config): - tun_types = ('gre', 'vxlan') - return (use_openvswitch_plugin(config) and - config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] in tun_types) + return ml2_used def use_ml2_with_ovs(config): - return (use_ml2_plugin(config) and + return (neutron_install(config) and config["CONFIG_NEUTRON_L2_AGENT"] == 'openvswitch') -def use_openvswitch_agent(config): - return use_openvswitch_plugin(config) or use_ml2_with_ovs(config) - - -def use_openvswitch_agent_tunnel(config): - return (use_openvswitch_plugin_tunnel(config) or - use_ml2_with_ovs(config)) - - def use_openvswitch_vxlan(config): - ovs_vxlan = ( - use_openvswitch_plugin_tunnel(config) and - config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] == 'vxlan' - ) ml2_vxlan = ( use_ml2_with_ovs(config) and 'vxlan' in config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] ) - return ovs_vxlan or ml2_vxlan + return ml2_vxlan def use_openvswitch_gre(config): - ovs_vxlan = ( - use_openvswitch_plugin_tunnel(config) and - config['CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'] == 'gre' - ) ml2_vxlan = ( use_ml2_with_ovs(config) and 'gre' in config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] ) - return ovs_vxlan or ml2_vxlan + return ml2_vxlan def get_if_driver(config): @@ -711,11 +542,11 @@ def create_manifests(config, messages): service_plugins.append( 'neutron.services.loadbalancer.plugin.LoadBalancerPlugin' ) - if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2': - # ML2 uses the L3 Router service plugin to implement l3 agent - service_plugins.append( - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' - ) + + # ML2 uses the L3 Router service plugin to implement l3 agent + service_plugins.append( + 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' + ) if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append( @@ -730,13 +561,7 @@ def create_manifests(config, messages): config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') - if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch': - nettype = config.get("CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE", "local") - plugin_manifest = 'neutron_ovs_plugin_%s.pp' % nettype - elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge': - plugin_manifest = 'neutron_lb_plugin.pp' - elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2': - plugin_manifest = 'neutron_ml2_plugin.pp' + plugin_manifest = 'neutron_ml2_plugin.pp' for host in q_hosts: manifest_file = "%s_neutron.pp" % (host,) @@ -805,7 +630,6 @@ def create_keystone_manifest(config, messages): def create_l3_manifests(config, messages): global network_hosts - plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] if config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] == 'provider': config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] = '' @@ -833,7 +657,6 @@ def create_l3_manifests(config, messages): def create_dhcp_manifests(config, messages): global network_hosts - plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] for host in network_hosts: config["CONFIG_NEUTRON_DHCP_HOST"] = host config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) @@ -902,7 +725,6 @@ def create_metering_agent_manifests(config, messages): def create_l2_agent_manifests(config, messages): global network_hosts, compute_hosts - plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] agent = config["CONFIG_NEUTRON_L2_AGENT"] # CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS will be available only for ML2 @@ -915,15 +737,8 @@ def create_l2_agent_manifests(config, messages): config['CONFIG_NEUTRON_USE_L2POPULATION'] = False if agent == "openvswitch": - if plugin == agent: - # monolithic plugin installation - ovs_type = 'CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE' - ovs_type = config.get(ovs_type, 'local') - elif plugin == 'ml2': - ovs_type = 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES' - ovs_type = config.get(ovs_type, 'local') - else: - raise RuntimeError('Invalid combination of plugin and agent.') + ovs_type = 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES' + ovs_type = config.get(ovs_type, 'local') tunnel = use_openvswitch_vxlan(config) or use_openvswitch_gre(config) config["CONFIG_NEUTRON_OVS_TUNNELING"] = tunnel tunnel_types = set(ovs_type) & set(['gre', 'vxlan']) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index bd36f2afe..6c927aabc 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -180,8 +180,7 @@ def check_provisioning_tempest(config): return (config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y') def allow_all_in_one_ovs_bridge(config): - return (config['CONFIG_NEUTRON_INSTALL'] == 'y' and - config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch') + return (config['CONFIG_NEUTRON_INSTALL'] == 'y') conf_groups = [ {"GROUP_NAME": "PROVISION_INIT", diff --git a/packstack/puppet/templates/neutron_lb_plugin.pp b/packstack/puppet/templates/neutron_lb_plugin.pp deleted file mode 100644 index e1a282d23..000000000 --- a/packstack/puppet/templates/neutron_lb_plugin.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'neutron::plugins::linuxbridge': - tenant_network_type => hiera('CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE'), - network_vlan_ranges => hiera('CONFIG_NEUTRON_LB_VLAN_RANGES'), -} diff --git a/packstack/puppet/templates/neutron_ovs_agent.pp b/packstack/puppet/templates/neutron_ovs_agent.pp index 44e4ea7fc..239fd34db 100644 --- a/packstack/puppet/templates/neutron_ovs_agent.pp +++ b/packstack/puppet/templates/neutron_ovs_agent.pp @@ -7,29 +7,11 @@ $localip = $cfg_neutron_ovs_host } -if hiera('CONFIG_NEUTRON_L2_PLUGIN') == 'ml2' { - class { 'neutron::agents::ml2::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - enable_tunneling => hiera('CONFIG_NEUTRON_OVS_TUNNELING'), - tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), - local_ip => $localip, - vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef), - l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), - } -} else { - class { 'neutron::agents::ovs': - bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), - enable_tunneling => hiera('CONFIG_NEUTRON_OVS_TUNNELING'), - tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), - local_ip => $localip, - vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef), - } - - file { 'ovs_neutron_plugin.ini': - path => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini', - owner => 'root', - group => 'neutron', - before => Service['ovs-cleanup-service'], - require => Package['neutron-plugin-ovs'], - } +class { 'neutron::agents::ml2::ovs': + bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), + enable_tunneling => hiera('CONFIG_NEUTRON_OVS_TUNNELING'), + tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), + local_ip => $localip, + vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef), + l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), } diff --git a/packstack/puppet/templates/neutron_ovs_bridge.pp b/packstack/puppet/templates/neutron_ovs_bridge.pp index 307aabded..d12019461 100644 --- a/packstack/puppet/templates/neutron_ovs_bridge.pp +++ b/packstack/puppet/templates/neutron_ovs_bridge.pp @@ -1,10 +1,4 @@ -$ovs_bridge_cfg_neut_l2_plugin = hiera('CONFIG_NEUTRON_L2_PLUGIN') - -if $ovs_bridge_cfg_neut_l2_plugin == 'ml2' { - $agent_service = 'neutron-ovs-agent-service' -} else { - $agent_service = 'neutron-plugin-ovs-service' -} +$agent_service = 'neutron-ovs-agent-service' $config_neutron_ovs_bridge = hiera('CONFIG_NEUTRON_OVS_BRIDGE') diff --git a/packstack/puppet/templates/neutron_ovs_plugin_gre.pp b/packstack/puppet/templates/neutron_ovs_plugin_gre.pp deleted file mode 100644 index 12d9f44df..000000000 --- a/packstack/puppet/templates/neutron_ovs_plugin_gre.pp +++ /dev/null @@ -1,5 +0,0 @@ -class { 'neutron::plugins::ovs': - tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), - network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), - tunnel_id_ranges => hiera('CONFIG_NEUTRON_OVS_TUNNEL_RANGES'), -} diff --git a/packstack/puppet/templates/neutron_ovs_plugin_local.pp b/packstack/puppet/templates/neutron_ovs_plugin_local.pp deleted file mode 100644 index ee515fe6a..000000000 --- a/packstack/puppet/templates/neutron_ovs_plugin_local.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'neutron::plugins::ovs': - tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), - network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), -} diff --git a/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp b/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp deleted file mode 100644 index ee515fe6a..000000000 --- a/packstack/puppet/templates/neutron_ovs_plugin_vlan.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'neutron::plugins::ovs': - tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), - network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), -} diff --git a/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp b/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp deleted file mode 100644 index 86e2b1298..000000000 --- a/packstack/puppet/templates/neutron_ovs_plugin_vxlan.pp +++ /dev/null @@ -1,7 +0,0 @@ - -class { 'neutron::plugins::ovs': - tenant_network_type => hiera('CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE'), - network_vlan_ranges => hiera('CONFIG_NEUTRON_OVS_VLAN_RANGES'), - tunnel_id_ranges => hiera('CONFIG_NEUTRON_OVS_TUNNEL_RANGES'), - vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'), -} From 58bd73af9757e7031aa29d252bc318953c39639d Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 24 Nov 2014 15:17:30 +0100 Subject: [PATCH 0183/1017] Avoid KeyError: 'CONFIG_CINDER_VOLUMES_SIZE' error - When CONFIG_CINDER_VOLUMES_CREATE=n, it should always pass in the cinder volume size calculation block. Change-Id: I6cf6fd4767c66dc87ea31cbafe17bb8fcfebbf70 Fixes: rhbz#1164359 Signed-off-by: Gael Chamoulaud --- packstack/plugins/cinder_250.py | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 529a8747b..e3224025b 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -629,8 +629,7 @@ def check_lvm_options(config): def check_lvm_vg_options(config): return (config['CONFIG_CINDER_INSTALL'] == 'y' and - 'lvm' in config['CONFIG_CINDER_BACKEND'] and - config['CONFIG_CINDER_VOLUMES_CREATE'] == 'y') + 'lvm' in config['CONFIG_CINDER_BACKEND']) def check_gluster_options(config): @@ -700,18 +699,17 @@ def check_cinder_vg(config, messages): raise exceptions.MissingRequirements("The cinder server should " "contain a cinder-volumes " "volume group") - else: - match = re.match('^(?P\d+)G$', - config['CONFIG_CINDER_VOLUMES_SIZE'].strip()) - if not match: - msg = 'Invalid Cinder volumes VG size.' - raise exceptions.ParamValidationError(msg) - - cinders_volume_size = int(match.group('size')) * 1024 - cinders_reserve = int(cinders_volume_size * 0.03) - - cinders_volume_size = cinders_volume_size + cinders_reserve - config['CONFIG_CINDER_VOLUMES_SIZE'] = '%sM' % cinders_volume_size + match = re.match('^(?P\d+)G$', + config['CONFIG_CINDER_VOLUMES_SIZE'].strip()) + if not match: + msg = 'Invalid Cinder volumes VG size.' + raise exceptions.ParamValidationError(msg) + + cinders_volume_size = int(match.group('size')) * 1024 + cinders_reserve = int(cinders_volume_size * 0.03) + + cinders_volume_size = cinders_volume_size + cinders_reserve + config['CONFIG_CINDER_VOLUMES_SIZE'] = '%sM' % cinders_volume_size def create_keystone_manifest(config, messages): From 438e92a024cc299f6248e5a43f85412fdab441b9 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Fri, 28 Nov 2014 17:16:06 +0100 Subject: [PATCH 0184/1017] Do not create cinder-volumes if not needed When CONFIG_CINDER_VOLUMES_CREATE=n, Packstack tries to create cinder-volumes anyway after commit 58bd73af9757e7031aa29d252bc318953c39639d . Change-Id: I4d385b45024602539c85164d9fe410fda510bab1 --- packstack/puppet/templates/cinder_lvm.pp | 78 ++++++++++++++---------- 1 file changed, 45 insertions(+), 33 deletions(-) diff --git a/packstack/puppet/templates/cinder_lvm.pp b/packstack/puppet/templates/cinder_lvm.pp index 7b52e842b..424496105 100644 --- a/packstack/puppet/templates/cinder_lvm.pp +++ b/packstack/puppet/templates/cinder_lvm.pp @@ -1,31 +1,34 @@ -class { 'cinder::setup_test_volume': - size => hiera('CONFIG_CINDER_VOLUMES_SIZE'), - loopback_device => '/dev/loop2', - volume_path => '/var/lib/cinder', - volume_name => 'cinder-volumes', -} +$create_cinder_volume = hiera('CONFIG_CINDER_VOLUMES_CREATE') + +if $create_cinder_volume == 'y' { + class { 'cinder::setup_test_volume': + size => hiera('CONFIG_CINDER_VOLUMES_SIZE'), + loopback_device => '/dev/loop2', + volume_path => '/var/lib/cinder', + volume_name => 'cinder-volumes', + } -# Add loop device on boot -$el_releases = ['RedHat', 'CentOS', 'Scientific'] -if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { + # Add loop device on boot + $el_releases = ['RedHat', 'CentOS', 'Scientific'] + if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { - file_line{ 'rc.local_losetup_cinder_volume': - path => '/etc/rc.d/rc.local', - match => '^.*/var/lib/cinder/cinder-volumes.*$', - line => 'losetup -f /var/lib/cinder/cinder-volumes && service openstack-cinder-volume restart', - } + file_line{ 'rc.local_losetup_cinder_volume': + path => '/etc/rc.d/rc.local', + match => '^.*/var/lib/cinder/cinder-volumes.*$', + line => 'losetup -f /var/lib/cinder/cinder-volumes && service openstack-cinder-volume restart', + } - file { '/etc/rc.d/rc.local': - mode => '0755', - } + file { '/etc/rc.d/rc.local': + mode => '0755', + } -} else { + } else { - file { 'openstack-losetup': - path => '/usr/lib/systemd/system/openstack-losetup.service', - before => Service['openstack-losetup'], - notify => Exec['/usr/bin/systemctl daemon-reload'], - content => '[Unit] + file { 'openstack-losetup': + path => '/usr/lib/systemd/system/openstack-losetup.service', + before => Service['openstack-losetup'], + notify => Exec['/usr/bin/systemctl daemon-reload'], + content => '[Unit] Description=Setup cinder-volume loop device DefaultDependencies=false Before=openstack-cinder-volume.service @@ -40,21 +43,28 @@ [Install] RequiredBy=openstack-cinder-volume.service', - } + } - exec { '/usr/bin/systemctl daemon-reload': - refreshonly => true, - before => Service['openstack-losetup'], - } + exec { '/usr/bin/systemctl daemon-reload': + refreshonly => true, + before => Service['openstack-losetup'], + } - service { 'openstack-losetup': - ensure => running, - enable => true, - require => Class['cinder::setup_test_volume'], - } + service { 'openstack-losetup': + ensure => running, + enable => true, + require => Class['cinder::setup_test_volume'], + } + } +} +else { + package {'lvm2': + ensure => 'present', + } } + file_line { 'snapshot_autoextend_threshold': path => '/etc/lvm/lvm.conf', match => '^ *snapshot_autoextend_threshold +=.*', @@ -74,6 +84,8 @@ require => Package['lvm2'], } + + cinder::type { 'iscsi': set_key => 'volume_backend_name', set_value => 'lvm', From c470c4229f57ab65b76e0ae87df7a6c155471d14 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 1 Dec 2014 12:01:05 +0100 Subject: [PATCH 0185/1017] Check packstack/version.py for PEP8 issues Change-Id: If7666db19a2a37c5fb55ad54570cc68c9a9b2ceb --- tox.ini | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index a8edaa66b..1920c6e04 100644 --- a/tox.ini +++ b/tox.ini @@ -18,7 +18,8 @@ downloadcache = ~/cache/pip [testenv:pep8] deps=pep8==1.2 commands = pep8 --exclude=*.pyc --repeat --show-source \ - packstack/modules packstack/plugins tests setup.py + packstack/modules packstack/plugins tests setup.py \ + packstack/version.py [testenv:cover] From cd76075a141a512dbb134028a15cc2b7be01012f Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 1 Dec 2014 19:06:40 +0100 Subject: [PATCH 0186/1017] Remove RHEL6 specific code in prescript.pp Because there are no more EPEL6 repositories on https://repos.fedorapeople.org/repos/openstack/openstack-juno/ this code can be removed. Change-Id: I2b212ac1121f27dbc943c86610d14b6bbb52d7b3 --- packstack/puppet/templates/prescript.pp | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index bde453f9e..ef9d431cb 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -5,8 +5,6 @@ # include packstack_apache_common include ::apache -$el_releases = ['RedHat', 'CentOS', 'Scientific'] - # We don't have openstack-selinux package for Fedora if $::operatingsystem != 'Fedora' { package{ 'openstack-selinux': @@ -14,16 +12,6 @@ } } -# For older RHEL-6 releases kernel/iptools does not support netns -if $::operatingsystem in $el_releases and $::operatingsystemmajrelease < 7 { - $info = "The RDO kernel that includes network namespace (netns) support has been installed on host ${::ipaddress}." - $warning = " This is a community supplied kernel and is not officially supported by Red Hat. Installing this kernel on RHEL systems may impact your ability to get support from Red Hat." - - class { 'packstack::netns': - warning => "${info}${warning}" - } -} - package { 'audit': ensure => present, } -> From 41c2bdf9b06c5bb90ccb460e5dc070e26bb69e33 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 1 Dec 2014 19:16:41 +0100 Subject: [PATCH 0187/1017] The httpd service should only be installed on the controller node At the moment the httpd service is installed on every node. It is not necessary to install the httpd service on the network, storage, and compute nodes. Change-Id: I1656a6679fb9bfc26ef4b59b2e2e28dc7f68a71e --- packstack/puppet/templates/prescript.pp | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index bde453f9e..c5d14d99e 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -1,9 +1,8 @@ include firewall -# This does the initial apache setup for all components that -# require apache/httpd. -# Other packstack components that use apache should do -# include packstack_apache_common -include ::apache + +if $::ipaddress == hiera('CONFIG_CONTROLLER_HOST') { + include ::apache +} $el_releases = ['RedHat', 'CentOS', 'Scientific'] From 3da12069efc9044b8f8f8fd4d4118c406f4fe649 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Sun, 30 Nov 2014 18:30:22 +0100 Subject: [PATCH 0188/1017] Packstack Plugins Clean-up - Deleted unused import - Pep8 compliance - Deleted unused variables Change-Id: I45f135b2467427cd7ee3b5ba32745af2a631458a Signed-off-by: Gael Chamoulaud --- packstack/plugins/amqp_002.py | 11 +- packstack/plugins/ceilometer_800.py | 6 +- packstack/plugins/cinder_250.py | 131 ++++++++--------- packstack/plugins/dashboard_500.py | 6 +- packstack/plugins/glance_200.py | 11 +- packstack/plugins/heat_650.py | 9 +- packstack/plugins/keystone_100.py | 6 +- packstack/plugins/mariadb_003.py | 8 +- packstack/plugins/nagios_910.py | 10 +- packstack/plugins/neutron_350.py | 36 ++--- packstack/plugins/nova_300.py | 10 +- packstack/plugins/openstack_client_400.py | 7 +- packstack/plugins/postscript_948.py | 8 +- packstack/plugins/prescript_000.py | 169 +++++++++++----------- packstack/plugins/provision_700.py | 51 +++---- packstack/plugins/puppet_950.py | 19 +-- packstack/plugins/serverprep_001.py | 28 ++-- packstack/plugins/swift_600.py | 10 +- 18 files changed, 239 insertions(+), 297 deletions(-) diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index 5038bd19e..c497c64a4 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -1,16 +1,11 @@ # -*- coding: utf-8 -*- """ -Installs and configures amqp +Installs and configures AMQP """ -import logging -import uuid -import os - from packstack.installer import validators from packstack.installer import processors -from packstack.installer import basedefs from packstack.installer import utils from packstack.modules.common import filtered_hosts @@ -19,7 +14,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- AMQP Packstack Plugin Initialization -------------- PLUGIN_NAME = "AMQP" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -215,7 +210,7 @@ def initSequences(controller): controller.addSequence("Installing AMQP", [], [], amqpsteps) -#-------------------------- step functions -------------------------- +# ------------------------ step functions ------------------------- def create_manifest(config, messages): server = utils.ScriptRunner(config['CONFIG_AMQP_HOST']) diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index a99d010fa..7d6d9ca99 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -4,8 +4,6 @@ Installs and configures Ceilometer """ -import logging -import os import uuid from packstack.installer import utils @@ -17,7 +15,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Ceilometer Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Ceilometer" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -106,7 +104,7 @@ def initSequences(controller): steps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST'] diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index e3224025b..1b43f1fca 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -4,17 +4,13 @@ Installs and configures Cinder """ -import os import re -import uuid -import logging from packstack.installer import exceptions from packstack.installer import processors from packstack.installer import validators from packstack.installer.utils import split_hosts -from packstack.installer import basedefs from packstack.installer import utils @@ -23,11 +19,8 @@ appendManifestFile, createFirewallResources) -from packstack.installer import exceptions -from packstack.installer import output_messages - -#------------------ oVirt installer initialization ------------------ +# ------------------ Cinder Packstack Plugin initialization ------------------ PLUGIN_NAME = "OS-Cinder" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -453,7 +446,7 @@ def initConfig(controller): {"CMD_OPTION": "cinder-netapp-sa-password", "USAGE": ("(optional) Password for the NetApp E-Series storage " "array. " - "Defaults to ''."), + "Defaults to ''."), "PROMPT": ("Enter a password"), "OPTION_LIST": [""], "VALIDATORS": [], @@ -502,7 +495,7 @@ def initConfig(controller): "USE_DEFAULT": True, "NEED_CONFIRM": False, "CONDITION": False}, - ] + ] } conf_groups = [ @@ -527,62 +520,62 @@ def initConfig(controller): "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME": "CINDERGLUSTERMOUNTS", - "DESCRIPTION": "Cinder gluster Config parameters", - "PRE_CONDITION": check_gluster_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNFSMOUNTS", - "DESCRIPTION": "Cinder NFS Config parameters", - "PRE_CONDITION": check_nfs_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNETAPPMAIN", - "DESCRIPTION": "Cinder NetApp main configuration", - "PRE_CONDITION": check_netapp_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNETAPPONTAPISCSI", - "DESCRIPTION": "Cinder NetApp ONTAP-iSCSI configuration", - "PRE_CONDITION": check_netapp_ontap_iscsi_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNETAPPNFS", - "DESCRIPTION": "Cinder NetApp NFS configuration", - "PRE_CONDITION": check_netapp_nfs_settings, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNETAPPISCSI7MODE", - "DESCRIPTION": "Cinder NetApp iSCSI & 7-mode configuration", - "PRE_CONDITION": check_netapp_7modeiscsi_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNETAPPVSERVER", - "DESCRIPTION": "Cinder NetApp vServer configuration", - "PRE_CONDITION": check_netapp_vserver_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - - {"GROUP_NAME": "CINDERNETAPPESERIES", - "DESCRIPTION": "Cinder NetApp E-Series configuration", - "PRE_CONDITION": check_netapp_eseries_options, - "PRE_CONDITION_MATCH": True, - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True}, - ] + {"GROUP_NAME": "CINDERGLUSTERMOUNTS", + "DESCRIPTION": "Cinder gluster Config parameters", + "PRE_CONDITION": check_gluster_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNFSMOUNTS", + "DESCRIPTION": "Cinder NFS Config parameters", + "PRE_CONDITION": check_nfs_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPMAIN", + "DESCRIPTION": "Cinder NetApp main configuration", + "PRE_CONDITION": check_netapp_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPONTAPISCSI", + "DESCRIPTION": "Cinder NetApp ONTAP-iSCSI configuration", + "PRE_CONDITION": check_netapp_ontap_iscsi_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPNFS", + "DESCRIPTION": "Cinder NetApp NFS configuration", + "PRE_CONDITION": check_netapp_nfs_settings, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPISCSI7MODE", + "DESCRIPTION": "Cinder NetApp iSCSI & 7-mode configuration", + "PRE_CONDITION": check_netapp_7modeiscsi_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPVSERVER", + "DESCRIPTION": "Cinder NetApp vServer configuration", + "PRE_CONDITION": check_netapp_vserver_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "CINDERNETAPPESERIES", + "DESCRIPTION": "Cinder NetApp E-Series configuration", + "PRE_CONDITION": check_netapp_eseries_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + ] for group in conf_groups: params = conf_params[group["GROUP_NAME"]] controller.addGroup(group, params) @@ -620,7 +613,7 @@ def initSequences(controller): controller.addSequence("Installing OpenStack Cinder", [], [], cinder_steps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def check_lvm_options(config): return (config['CONFIG_CINDER_INSTALL'] == 'y' and @@ -677,7 +670,7 @@ def check_netapp_eseries_options(config): config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries") -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def check_cinder_vg(config, messages): cinders_volume = 'cinder-volumes' @@ -700,7 +693,7 @@ def check_cinder_vg(config, messages): "contain a cinder-volumes " "volume group") match = re.match('^(?P\d+)G$', - config['CONFIG_CINDER_VOLUMES_SIZE'].strip()) + config['CONFIG_CINDER_VOLUMES_SIZE'].strip()) if not match: msg = 'Invalid Cinder volumes VG size.' raise exceptions.ParamValidationError(msg) diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index f8c95b4b9..151394ab3 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -4,12 +4,10 @@ Installs and configures OpenStack Horizon """ -import logging import os import uuid from packstack.installer import validators -from packstack.installer import basedefs, output_messages from packstack.installer import exceptions from packstack.installer import utils @@ -17,7 +15,7 @@ appendManifestFile) -#------------------ oVirt installer initialization ------------------ +# ------------- Horizon Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Horizon" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -115,7 +113,7 @@ def initSequences(controller): controller.addSequence("Installing OpenStack Horizon", [], [], steps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): config["CONFIG_HORIZON_SECRET_KEY"] = uuid.uuid4().hex diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 56b1cd3db..188d41a21 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -4,21 +4,16 @@ Installs and configures Glance """ -import uuid -import logging - from packstack.installer import validators from packstack.installer import processors -from packstack.installer import basedefs from packstack.installer import utils -from packstack.installer.utils import split_hosts from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile, createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Glance Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Glance" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -98,7 +93,7 @@ def initSequences(controller): controller.addSequence("Installing OpenStack Glance", [], [], glancesteps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def process_backend(value, param_name, config): if value == 'swift' and config['CONFIG_SWIFT_INSTALL'] != 'y': @@ -106,7 +101,7 @@ def process_backend(value, param_name, config): return value -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_keystone_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': diff --git a/packstack/plugins/heat_650.py b/packstack/plugins/heat_650.py index 12a52ed24..7a058893d 100644 --- a/packstack/plugins/heat_650.py +++ b/packstack/plugins/heat_650.py @@ -1,12 +1,10 @@ # -*- coding: utf-8 -*- """ -Installs and configures heat +Installs and configures Heat """ import uuid -import logging -import os from packstack.installer import utils from packstack.installer import validators @@ -14,12 +12,11 @@ from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, - manifestfiles, appendManifestFile, createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Heat Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Heat" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -171,7 +168,7 @@ def initSequences(controller): controller.addSequence("Installing Heat", [], [], steps) -#-------------------------- step functions -------------------------- +# ------------------------ step functions ------------------------- def create_manifest(config, messages): manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index e5965c72a..5ff7361fb 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -4,12 +4,10 @@ Installs and configures Keystone """ -import logging import uuid from packstack.installer import validators from packstack.installer import processors -from packstack.installer import basedefs from packstack.installer import utils from packstack.modules.ospluginutils import (getManifestTemplate, @@ -17,7 +15,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Keystone Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Keystone" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -137,7 +135,7 @@ def initSequences(controller): keystonesteps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 030180b00..668a6c79d 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -4,13 +4,9 @@ Installs and configures MariaDB """ -import uuid -import logging - from packstack.installer import validators from packstack.installer import processors from packstack.installer import utils -from packstack.installer.utils import split_hosts from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (getManifestTemplate, @@ -18,7 +14,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- MariaDB Packstack Plugin Initialization -------------- PLUGIN_NAME = "MariaDB" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -88,7 +84,7 @@ def initSequences(controller): controller.addSequence("Installing MariaDB", [], [], mariadbsteps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): if config['CONFIG_MARIADB_INSTALL'] == 'y': diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index 5ee30f3b7..19ea24a51 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -4,12 +4,8 @@ Installs and configures Nagios """ -import uuid -import logging - from packstack.installer import validators from packstack.installer import processors -from packstack.installer import basedefs, output_messages from packstack.installer import utils from packstack.modules.common import filtered_hosts @@ -18,7 +14,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Nagios Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Nagios" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -62,7 +58,7 @@ def initSequences(controller): controller.addSequence("Installing Nagios", [], [], nagiossteps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def _serviceentry(**kwargs): s = 'define service {\n' @@ -90,7 +86,7 @@ def nagios_host(hostname, **kwargs): return "%s}\n" % out -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): manifest_entries = '' diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 3647fab9f..9085b98c6 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -1,16 +1,10 @@ # -*- coding: utf-8 -*- """ -Installs and configures neutron +Installs and configures Neutron """ -import logging -import os -import re -import uuid - from packstack.installer import utils -from packstack.installer import exceptions from packstack.installer import validators from packstack.installer import processors from packstack.installer import output_messages @@ -23,7 +17,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Neutron Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Neutron" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -483,7 +477,7 @@ def initSequences(controller): neutron_steps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def neutron_install(config): return config['CONFIG_NEUTRON_INSTALL'] == 'y' @@ -532,7 +526,7 @@ def get_values(val): return [x.strip() for x in val.split(',')] if val else [] -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifests(config, messages): global q_hosts @@ -649,7 +643,7 @@ def create_l3_manifests(config, messages): appendManifestFile(manifestfile, manifestdata + '\n') if config['CONFIG_NEUTRON_FWAAS'] == 'y': -# manifestfile = "%s_neutron_fwaas.pp" % (host,) + # manifestfile = "%s_neutron_fwaas.pp" % (host,) manifestdata = getManifestTemplate("neutron_fwaas.pp") appendManifestFile(manifestfile, manifestdata + '\n') @@ -767,16 +761,16 @@ def create_l2_agent_manifests(config, messages): appendManifestFile(manifestfile, manifestdata + "\n") # neutron ovs port only on network hosts if ( - agent == "openvswitch" and ( - (host in network_hosts and tunnel_types) - or 'vlan' in ovs_type) - ): - bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' - iface_key = 'CONFIG_NEUTRON_OVS_IFACE' - for if_map in iface_arr: - config[bridge_key], config[iface_key] = if_map.split(':') - manifestdata = getManifestTemplate("neutron_ovs_port.pp") - appendManifestFile(manifestfile, manifestdata + "\n") + agent == "openvswitch" and ( + (host in network_hosts and tunnel_types) + or 'vlan' in ovs_type) + ): + bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' + iface_key = 'CONFIG_NEUTRON_OVS_IFACE' + for if_map in iface_arr: + config[bridge_key], config[iface_key] = if_map.split(':') + manifestdata = getManifestTemplate("neutron_ovs_port.pp") + appendManifestFile(manifestfile, manifestdata + "\n") # Additional configurations required for compute hosts and # network hosts. manifestdata = getManifestTemplate('neutron_bridge_module.pp') diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 23ae134ed..0c25f362d 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -1,12 +1,10 @@ # -*- coding: utf-8 -*- """ -Installs and configures nova +Installs and configures Nova """ import os -import uuid -import logging import platform import socket @@ -19,7 +17,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Nova Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Nova" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -347,7 +345,7 @@ def initSequences(controller): novaapisteps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def check_ifcfg(host, device): """ @@ -381,7 +379,7 @@ def bring_up_ifcfg(host, device): raise ScriptRuntimeError(msg) -#-------------------------- step functions -------------------------- +# ------------------------ Step Functions ------------------------- def create_ssh_keys(config, messages): migration_key = os.path.join(basedefs.VAR_DIR, 'nova_migration_key') diff --git a/packstack/plugins/openstack_client_400.py b/packstack/plugins/openstack_client_400.py index 30421c1df..1ea2f6260 100644 --- a/packstack/plugins/openstack_client_400.py +++ b/packstack/plugins/openstack_client_400.py @@ -4,18 +4,15 @@ Installs and configures an OpenStack Client """ -import logging import os -from packstack.installer import validators -from packstack.installer import basedefs, output_messages from packstack.installer import utils from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile) -#------------------ oVirt installer initialization ------------------ +# ------------- OpenStack Client Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Client" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -43,7 +40,7 @@ def initSequences(controller): osclientsteps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): client_host = config['CONFIG_CONTROLLER_HOST'].strip() diff --git a/packstack/plugins/postscript_948.py b/packstack/plugins/postscript_948.py index d563cdbe4..2736c108f 100644 --- a/packstack/plugins/postscript_948.py +++ b/packstack/plugins/postscript_948.py @@ -1,11 +1,9 @@ # -*- coding: utf-8 -*- """ -Installs and configures an OpenStack Client +Plugin responsible for post-installation configuration """ -import logging - from packstack.installer import utils from packstack.modules.common import filtered_hosts @@ -13,7 +11,7 @@ appendManifestFile) -#------------------ oVirt installer initialization ------------------ +# ------------- Postscript Packstack Plugin Initialization -------------- PLUGIN_NAME = "Postscript" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -38,7 +36,7 @@ def initSequences(controller): postscript_steps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_manifest(config, messages): for hostname in filtered_hosts(config): diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 35266f1cf..1b1d12d9b 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -5,7 +5,6 @@ """ import glob -import logging import os import re import uuid @@ -18,7 +17,7 @@ appendManifestFile) -#------------------ oVirt installer initialization ------------------ +# ------------- Prescript Packstack Plugin Initialization -------------- PLUGIN_NAME = "Prescript" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -31,18 +30,18 @@ def initConfig(controller): "GLOBAL": [ {"CMD_OPTION": "ssh-public-key", "USAGE": ( - "Path to a Public key to install on servers. If a usable " - "key has not been installed on the remote servers the user " - "will be prompted for a password and this key will be " - "installed so the password will not be required again" + "Path to a Public key to install on servers. If a usable " + "key has not been installed on the remote servers the user " + "will be prompted for a password and this key will be " + "installed so the password will not be required again" ), "PROMPT": ( - "Enter the path to your ssh Public key to install on servers" + "Enter the path to your ssh Public key to install on servers" ), "OPTION_LIST": [], "VALIDATORS": [ - validators.validate_file, - validators.validate_sshkey + validators.validate_file, + validators.validate_sshkey ], "PROCESSORS": [processors.process_ssh_key], "DEFAULT_VALUE": default_ssh_key, @@ -55,13 +54,13 @@ def initConfig(controller): {"CMD_OPTION": "default-password", "USAGE": ( - "Set a default password everywhere. The default password " - "will be overriden by whatever password is set for each " - "individual service or user." + "Set a default password everywhere. The default password " + "will be overriden by whatever password is set for each " + "individual service or user." ), "PROMPT": ( - "Enter a default password to be used. Leave blank for a " - "randomly generated one." + "Enter a default password to be used. Leave blank for a " + "randomly generated one." ), "OPTION_LIST": [], "DEFAULT_VALUE": '', @@ -74,7 +73,7 @@ def initConfig(controller): {"CMD_OPTION": "mariadb-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install MariaDB" + "Set to 'y' if you would like Packstack to install MariaDB" ), "PROMPT": "Should Packstack install MariaDB", "OPTION_LIST": ["y", "n"], @@ -90,11 +89,11 @@ def initConfig(controller): {"CMD_OPTION": "os-glance-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Image Service (Glance)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Image Service (Glance)" ), "PROMPT": ( - "Should Packstack install OpenStack Image Service (Glance)" + "Should Packstack install OpenStack Image Service (Glance)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -108,12 +107,12 @@ def initConfig(controller): {"CMD_OPTION": "os-cinder-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Block Storage (Cinder)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Block Storage (Cinder)" ), "PROMPT": ( - "Should Packstack install OpenStack Block Storage " - "(Cinder) service" + "Should Packstack install OpenStack Block Storage " + "(Cinder) service" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -127,11 +126,11 @@ def initConfig(controller): {"CMD_OPTION": "os-nova-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Compute (Nova)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Compute (Nova)" ), "PROMPT": ( - "Should Packstack install OpenStack Compute (Nova) service" + "Should Packstack install OpenStack Compute (Nova) service" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -145,13 +144,13 @@ def initConfig(controller): {"CMD_OPTION": "os-neutron-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Networking (Neutron). Otherwise Nova Network " - "will be used." + "Set to 'y' if you would like Packstack to install " + "OpenStack Networking (Neutron). Otherwise Nova Network " + "will be used." ), "PROMPT": ( - "Should Packstack install OpenStack Networking (Neutron) " - "service" + "Should Packstack install OpenStack Networking (Neutron) " + "service" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -165,11 +164,11 @@ def initConfig(controller): {"CMD_OPTION": "os-horizon-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Dashboard (Horizon)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Dashboard (Horizon)" ), "PROMPT": ( - "Should Packstack install OpenStack Dashboard (Horizon)" + "Should Packstack install OpenStack Dashboard (Horizon)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -183,11 +182,11 @@ def initConfig(controller): {"CMD_OPTION": "os-swift-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Object Storage (Swift)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Object Storage (Swift)" ), "PROMPT": ( - "Should Packstack install OpenStack Object Storage (Swift)" + "Should Packstack install OpenStack Object Storage (Swift)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -201,11 +200,11 @@ def initConfig(controller): {"CMD_OPTION": "os-ceilometer-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Metering (Ceilometer)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Metering (Ceilometer)" ), "PROMPT": ( - "Should Packstack install OpenStack Metering (Ceilometer)" + "Should Packstack install OpenStack Metering (Ceilometer)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -219,11 +218,11 @@ def initConfig(controller): {"CMD_OPTION": "os-heat-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Orchestration (Heat)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Orchestration (Heat)" ), "PROMPT": ( - "Should Packstack install OpenStack Orchestration (Heat)" + "Should Packstack install OpenStack Orchestration (Heat)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -237,9 +236,9 @@ def initConfig(controller): {"CMD_OPTION": "os-client-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "the OpenStack Client packages. An admin \"rc\" file will " - "also be installed" + "Set to 'y' if you would like Packstack to install " + "the OpenStack Client packages. An admin \"rc\" file will " + "also be installed" ), "PROMPT": "Should Packstack install OpenStack client tools", "OPTION_LIST": ["y", "n"], @@ -269,12 +268,12 @@ def initConfig(controller): {"CMD_OPTION": "nagios-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install Nagios " - "to monitor OpenStack hosts" + "Set to 'y' if you would like Packstack to install Nagios " + "to monitor OpenStack hosts" ), "PROMPT": ( - "Should Packstack install Nagios to monitor OpenStack " - "hosts" + "Should Packstack install Nagios to monitor OpenStack " + "hosts" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -288,15 +287,15 @@ def initConfig(controller): {"CMD_OPTION": "exclude-servers", "USAGE": ( - "Comma separated list of servers to be excluded from " - "installation in case you are running Packstack the second " - "time with the same answer file and don't want Packstack " - "to touch these servers. Leave plain if you don't need to " - "exclude any server." + "Comma separated list of servers to be excluded from " + "installation in case you are running Packstack the second " + "time with the same answer file and don't want Packstack " + "to touch these servers. Leave plain if you don't need to " + "exclude any server." ), "PROMPT": ( - "Enter a comma separated list of server(s) to be excluded." - " Leave plain if you don't need to exclude any server." + "Enter a comma separated list of server(s) to be excluded." + " Leave plain if you don't need to exclude any server." ), "OPTION_LIST": [], "DEFAULT_VALUE": '', @@ -309,8 +308,8 @@ def initConfig(controller): {"CMD_OPTION": "os-debug-mode", "USAGE": ( - "Set to 'y' if you want to run OpenStack services in debug " - "mode. Otherwise set to 'n'." + "Set to 'y' if you want to run OpenStack services in debug " + "mode. Otherwise set to 'n'." ), "PROMPT": "Do you want to run OpenStack services in debug mode", "OPTION_LIST": ["y", "n"], @@ -326,9 +325,9 @@ def initConfig(controller): {"CONF_NAME": "CONFIG_CONTROLLER_HOST", "CMD_OPTION": "os-controller-host", "USAGE": ( - "The IP address of the server on which to install OpenStack" - " services specific to controller role such as API servers," - " Horizon, etc." + "The IP address of the server on which to install OpenStack" + " services specific to controller role such as API servers," + " Horizon, etc." ), "PROMPT": "Enter the IP address of the controller host", "OPTION_LIST": [], @@ -359,12 +358,12 @@ def initConfig(controller): {"CONF_NAME": "CONFIG_COMPUTE_HOSTS", "CMD_OPTION": "os-compute-hosts", "USAGE": ( - "The list of IP addresses of the server on which to install" - " the Nova compute service" + "The list of IP addresses of the server on which to install" + " the Nova compute service" ), "PROMPT": ( - "Enter list of IP addresses on which to install compute " - "service" + "Enter list of IP addresses on which to install compute " + "service" ), "OPTION_LIST": [], "VALIDATORS": [validators.validate_multi_ip, @@ -400,12 +399,12 @@ def initConfig(controller): {"CMD_OPTION": "os-vmware", "USAGE": ( - "Set to 'y' if you want to use VMware vCenter as hypervisor" - " and storage. Otherwise set to 'n'." + "Set to 'y' if you want to use VMware vCenter as hypervisor" + " and storage. Otherwise set to 'n'." ), "PROMPT": ( - "Do you want to use VMware vCenter as hypervisor and " - "datastore" + "Do you want to use VMware vCenter as hypervisor and " + "datastore" ), "OPTION_LIST": ["y", "n"], "DEFAULT_VALUE": "n", @@ -419,12 +418,12 @@ def initConfig(controller): {"CMD_OPTION": "os-vmware", "USAGE": ( - "Set to 'y' if you want to use VMware vCenter as hypervisor" - " and storage. Otherwise set to 'n'." + "Set to 'y' if you want to use VMware vCenter as hypervisor" + " and storage. Otherwise set to 'n'." ), "PROMPT": ( - "Do you want to use VMware vCenter as hypervisor and " - "datastore" + "Do you want to use VMware vCenter as hypervisor and " + "datastore" ), "OPTION_LIST": ["y", "n"], "DEFAULT_VALUE": "n", @@ -438,14 +437,14 @@ def initConfig(controller): {"CMD_OPTION": "unsupported", "USAGE": ( - "Set to 'y' if you want to use unsupported parameters. " - "This should be used only if you know what you are doing." - "Issues caused by using unsupported options won't be fixed " - "before next major release." + "Set to 'y' if you want to use unsupported parameters. " + "This should be used only if you know what you are doing." + "Issues caused by using unsupported options won't be fixed " + "before next major release." ), "PROMPT": ( - "Enable this on your own risk. Do you want to use unsupported " - "parameters" + "Enable this on your own risk. Do you want to use " + "insupported parameters" ), "OPTION_LIST": ["y", "n"], "DEFAULT_VALUE": "n", @@ -462,8 +461,8 @@ def initConfig(controller): {"CMD_OPTION": "vcenter-host", "USAGE": "The IP address of the VMware vCenter server", "PROMPT": ( - "Enter the IP address of the VMware vCenter server to use " - "with Nova" + "Enter the IP address of the VMware vCenter server to use " + "with Nova" ), "OPTION_LIST": [], "VALIDATORS": [validators.validate_ip], @@ -515,9 +514,9 @@ def initConfig(controller): {"CONF_NAME": "CONFIG_STORAGE_HOST", "CMD_OPTION": "os-storage-host", "USAGE": ( - "(Unsupported!) The IP address of the server on which " - "to install OpenStack services specific to storage servers " - "such as Glance and Cinder." + "(Unsupported!) The IP address of the server on which " + "to install OpenStack services specific to storage servers " + "such as Glance and Cinder." ), "PROMPT": "Enter the IP address of the storage host", "OPTION_LIST": [], @@ -588,7 +587,7 @@ def initSequences(controller): prescript_steps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def install_keys_on_host(hostname, sshkeydata): server = utils.ScriptRunner(hostname) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 6c927aabc..3c88c01b7 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -1,12 +1,9 @@ # -*- coding: utf-8 -*- """ -Installs and configures neutron +Installs and configures Provisioning for demo usage and testing """ -import logging -import uuid - from packstack.installer import utils from packstack.installer import validators from packstack.installer import processors @@ -16,7 +13,7 @@ getManifestTemplate) -#------------------ oVirt installer initialization ------------------ +# ------------- Provision Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Provision" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -82,20 +79,20 @@ def process_provision(param, process_args=None): "CONDITION": False}, {"CMD_OPTION": "provision-tempest-user-passwd", - "USAGE": "The password to use for the Tempest Provisioning user", - "PROMPT": "Enter the password for the Tempest Provisioning user", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": "PW_PLACEHOLDER", - "PROCESSORS": [processors.process_password], - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER_PW", - "USE_DEFAULT": False, - "NEED_CONFIRM": True, - "CONDITION": False}, - - ], + "USAGE": "The password to use for the Tempest Provisioning user", + "PROMPT": "Enter the password for the Tempest Provisioning user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + ], "PROVISION_DEMO": [ {"CMD_OPTION": "provision-demo-floatrange", @@ -125,7 +122,7 @@ def process_provision(param, process_args=None): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, - ], + ], "TEMPEST_GIT_REFS": [ {"CMD_OPTION": "provision-tempest-repo-uri", @@ -209,7 +206,7 @@ def allow_all_in_one_ovs_bridge(config): "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - ] + ] for group in conf_groups: paramList = conf_params[group["GROUP_NAME"]] controller.addGroup(group, paramList) @@ -232,7 +229,7 @@ def initSequences(controller): config = controller.CONF if (config['CONFIG_PROVISION_DEMO'] != "y" and - config['CONFIG_PROVISION_TEMPEST'] != "y"): + config['CONFIG_PROVISION_TEMPEST'] != "y"): return provision_steps = [] @@ -249,9 +246,9 @@ def initSequences(controller): 'functions': [create_tempest_manifest]} ) provision_steps.append( - {'title': 'Adding Provisioning Glance manifest entries', - 'functions': [create_storage_manifest]} - ) + {'title': 'Adding Provisioning Glance manifest entries', + 'functions': [create_storage_manifest]} + ) marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST') marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') @@ -260,7 +257,7 @@ def initSequences(controller): [], [], provision_steps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def marshall_conf_bool(conf, key): if conf[key] == 'y': @@ -285,7 +282,7 @@ def using_neutron(config): marshall_conf_bool(config, 'PROVISION_NEUTRON_AVAILABLE') -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_demo_manifest(config, messages): using_neutron(config) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index e5ae008f0..f64fa8abe 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -1,26 +1,25 @@ # -*- coding: utf-8 -*- """ -Installs and configures puppet +Installs and configures Puppet """ import sys import logging import os -import platform import time from packstack.installer import utils -from packstack.installer import basedefs, output_messages +from packstack.installer import basedefs from packstack.installer.exceptions import ScriptRuntimeError, PuppetError from packstack.modules.common import filtered_hosts from packstack.modules.ospluginutils import (manifestfiles, - generateHieraDataFile) + generateHieraDataFile) from packstack.modules.puppet import scan_logfile, validate_logfile -#------------------ oVirt installer initialization ------------------ +# ------------- Puppet Packstack Plugin Initialization -------------- PLUGIN_NAME = "Puppet" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -60,7 +59,7 @@ def initSequences(controller): controller.addSequence("Puppet", [], [], puppetsteps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def wait_for_puppet(currently_running, messages): log_len = 0 @@ -121,7 +120,7 @@ def wait_for_puppet(currently_running, messages): raise -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def run_cleanup(config, messages): localserver = utils.ScriptRunner() @@ -151,10 +150,8 @@ def install_deps(config, messages): for hostname in filtered_hosts(config): server = utils.ScriptRunner(hostname) packages = ' '.join(deps) - server.append("yum install -y %s" - % packages) - server.append("yum update -y %s" - % packages) + server.append("yum install -y %s" % packages) + server.append("yum update -y %s" % packages) # yum does not fail if one of the packages is missing for package in deps: server.append("rpm -q --whatprovides %s" % (package)) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index 8345a98a2..f80ad203b 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -1,16 +1,14 @@ # -*- coding: utf-8 -*- """ -prepare server +Plugin responsible for Server Preparation. """ import os import re -import uuid import logging import platform -from packstack.installer import basedefs from packstack.installer import exceptions from packstack.installer import utils from packstack.installer import validators @@ -18,7 +16,7 @@ from packstack.modules.common import filtered_hosts, is_all_in_one -#------------------ oVirt installer initialization ------------------ +# ------------ Server Preparation Packstack Plugin Initialization ------------- PLUGIN_NAME = "OS-SERVERPREPARE" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -372,7 +370,7 @@ def initSequences(controller): controller.addSequence("Preparing servers", [], [], preparesteps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def is_rhel(): return 'Red Hat Enterprise Linux' in platform.linux_distribution()[0] @@ -452,8 +450,8 @@ def run_rhsm_reg(host, username, password, optional=False, proxy_server=None, # configure proxy if it is necessary if proxy_server: cmd = ('subscription-manager config ' - '--server.proxy_hostname=%(proxy_server)s ' - '--server.proxy_port=%(proxy_port)s') + '--server.proxy_hostname=%(proxy_server)s ' + '--server.proxy_port=%(proxy_port)s') if proxy_user: cmd += (' --server.proxy_user=%(proxy_user)s ' '--server.proxy_password=%(proxy_password)s') @@ -598,7 +596,7 @@ def manage_rdo(host, config): raise exceptions.ScriptRuntimeError(msg) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def server_prep(config, messages): rh_username = None @@ -631,11 +629,11 @@ def server_prep(config, messages): # Subscribe to Red Hat Repositories if configured if rh_username: run_rhsm_reg(hostname, rh_username, rh_password, - optional=(config.get('CONFIG_RH_OPTIONAL') == 'y'), - proxy_server=config.get('CONFIG_RH_PROXY'), - proxy_port=config.get('CONFIG_RH_PROXY_PORT'), - proxy_user=config.get('CONFIG_RH_PROXY_USER'), - proxy_password=config.get('CONFIG_RH_PROXY_PASSWORD')) + optional=(config.get('CONFIG_RH_OPTIONAL') == 'y'), + proxy_server=config.get('CONFIG_RH_PROXY'), + proxy_port=config.get('CONFIG_RH_PROXY_PORT'), + proxy_user=config.get('CONFIG_RH_PROXY_USER'), + proxy_password=config.get('CONFIG_RH_PROXY_PASSWORD')) # Subscribe to RHN Satellite if configured if sat_url and hostname not in sat_registered: @@ -649,8 +647,8 @@ def server_prep(config, messages): # Installing rhos-log-collector and sos-plugins-openstack if # these rpms are available from yum. sos_rpms = ' '.join(('rhos-log-collector', - 'sos', - 'sos-plugins-openstack')) + 'sos', + 'sos-plugins-openstack')) server.append('yum list available rhos-log-collector && ' 'yum -y install %s || ' diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index f07565118..4f121f563 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -1,19 +1,17 @@ # -*- coding: utf-8 -*- """ -Installs and configures an OpenStack Swift +Installs and configures Swift """ import os import re import uuid -import logging import netaddr from packstack.installer import validators from packstack.installer import processors from packstack.installer.exceptions import ParamValidationError -from packstack.installer import basedefs from packstack.installer import utils from packstack.installer.utils import split_hosts @@ -22,7 +20,7 @@ createFirewallResources) -#------------------ oVirt installer initialization ------------------ +# ------------- Swift Packstack Plugin Initialization -------------- PLUGIN_NAME = "OS-Swift" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') @@ -163,7 +161,7 @@ def initSequences(controller): controller.addSequence("Installing OpenStack Swift", [], [], steps) -#------------------------- helper functions ------------------------- +# ------------------------- helper functions ------------------------- def validate_storage(param, options=None): if not param: @@ -246,7 +244,7 @@ def get_storage_size(config): return intsize -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_keystone_manifest(config, messages): # parse devices in first step From 951177819d537524a642fdbb67382a49e05b878c Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Sun, 28 Sep 2014 23:50:29 -0600 Subject: [PATCH 0189/1017] Open VXLAN port only to NETWORK_HOSTS Packstack opens VXLAN port without source-address limit. It should be open only for source addresses of mahcines running neutron-l2-agent (like openvswitch) Fixes: rhbz#1144816 Change-Id: I4c1da8635cf03fa1571c1dad289ba737f65a301d --- packstack/plugins/neutron_350.py | 39 ++++++++++++++++---------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 3647fab9f..eea6e6d58 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -597,27 +597,28 @@ def create_manifests(config, messages): appendManifestFile(manifest_file, manifest_data, 'neutron') # We also need to open VXLAN/GRE port for agent + manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): - fw_details = dict() - key = "neutron_tunnel" - fw_details.setdefault(key, {}) - fw_details[key]['host'] = "ALL" - fw_details[key]['service_name'] = "neutron tunnel port" - fw_details[key]['chain'] = "INPUT" + cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s" + % host) + for n_host in network_hosts: + fw_details = dict() + key = "neutron_tunnel_%s_%s" % (host, n_host) + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % n_host + fw_details[key]['service_name'] = "neutron tunnel port" + fw_details[key]['chain'] = "INPUT" + if use_openvswitch_vxlan(config): + fw_details[key]['proto'] = 'udp' + tun_port = ("%s" + % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT']) + else: + fw_details[key]['proto'] = 'gre' + tun_port = None + fw_details[key]['ports'] = tun_port + config[cf_fw_nt_key] = fw_details + manifest_data += createFirewallResources(cf_fw_nt_key) - if use_openvswitch_vxlan(config): - fw_details[key]['proto'] = 'udp' - tun_port = "%s" % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT'] - else: - fw_details[key]['proto'] = 'gre' - tun_port = None - - fw_details[key]['ports'] = tun_port - config['FIREWALL_NEUTRON_TUNNEL_RULES'] = fw_details - - manifest_data = createFirewallResources( - 'FIREWALL_NEUTRON_TUNNEL_RULES' - ) appendManifestFile(manifest_file, manifest_data, 'neutron') From 2f560fd06eb733b4c39ac925f0178a7f2dce6ed5 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Thu, 27 Nov 2014 03:14:53 -0800 Subject: [PATCH 0190/1017] Use is_virtual instead of is_virtual_packstack At least on Virtualbox is_virtual_packstack is not working. $ grep hypervisor /proc/cpuinfo > /dev/null && echo true || echo false false Change-Id: I8a1fec615de3eb774950f75e38dfbf334bd81ba2 --- .../modules/packstack/lib/facter/is_virtual_packstack.rb | 9 --------- packstack/puppet/templates/nova_compute_libvirt.pp | 2 +- 2 files changed, 1 insertion(+), 10 deletions(-) delete mode 100644 packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb diff --git a/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb b/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb deleted file mode 100644 index f792b3a66..000000000 --- a/packstack/puppet/modules/packstack/lib/facter/is_virtual_packstack.rb +++ /dev/null @@ -1,9 +0,0 @@ - -# is_virtual doesn't seem to work on all kvm vm's -# this custom one seem to do better - -Facter.add("is_virtual_packstack") do - setcode do - Facter::Util::Resolution.exec('grep hypervisor /proc/cpuinfo > /dev/null && echo true || echo false') - end -end diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index b00d04ee5..6ad7f920f 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -3,7 +3,7 @@ # Ensure Firewall changes happen before libvirt service start # preventing a clash with rules being set by libvirt -if $::is_virtual_packstack == 'true' { +if $::is_virtual == 'true' { $libvirt_virt_type = 'qemu' $libvirt_cpu_mode = 'none' } else { From b0da39d309d0ca348f608e4954dc7cd23e75e02c Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Tue, 2 Dec 2014 14:41:36 -0700 Subject: [PATCH 0191/1017] change default keystone service to httpd Change-Id: Ib55f1cf27bf607ffb27643eab0c96d470edf49d8 --- packstack/plugins/keystone_100.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index e5965c72a..d83d5c3e3 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -111,7 +111,7 @@ def initConfig(controller): "PROMPT": "Enter the Keystone service name.", "OPTION_LIST": ['keystone', 'httpd'], "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "keystone", + "DEFAULT_VALUE": "httpd", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": 'CONFIG_KEYSTONE_SERVICE_NAME', From db33ea7ab8933da9d38c500010aba092ab0c51b4 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 5 Dec 2014 12:28:50 +0100 Subject: [PATCH 0192/1017] Remove deprecated code in packstack/plugins/serverprep_001.py Change-Id: Ic64b7ea781441267a179bda6b3c69320a049cf60 --- packstack/plugins/serverprep_001.py | 7 ------- 1 file changed, 7 deletions(-) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index f80ad203b..e35f03065 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -660,13 +660,6 @@ def server_prep(config, messages): # enable or disable EPEL according to configuration manage_epel(hostname, config) - reponame = 'rhel-server-ost-6-4-rpms' - server.clear() - server.append('yum install -y yum-plugin-priorities || true') - server.append('rpm -q epel-release && yum-config-manager ' - '--setopt="%(reponame)s.priority=1" ' - '--save %(reponame)s' % locals()) - # Add yum repositories if configured CONFIG_REPO = config["CONFIG_REPO"].strip() if CONFIG_REPO: From 4832b747a10480ad2b84e353172f461882aaec6d Mon Sep 17 00:00:00 2001 From: Chris Dent Date: Sun, 16 Nov 2014 16:46:11 +0000 Subject: [PATCH 0193/1017] redis-based group membership coordination for ceilometer If CONFIG_CEILOMETER_COORDINATION_BACKEND is set to 'redis' then a redis manifest is created to install redis on the appropriate host and configure the ceilometer-central-agent and ceilometer-alarm-evaluator to use it for group membership coordination. The other valid option is 'none', in which case no coordination will be done. 'redis' is the default. Change-Id: I07261f5fd433c13a57a614c15b13f0cad6c79d6a --- docs/packstack.rst | 9 ++++ packstack/plugins/ceilometer_800.py | 69 +++++++++++++++++++++++- packstack/plugins/puppet_950.py | 6 +-- packstack/puppet/templates/ceilometer.pp | 19 +++++-- packstack/puppet/templates/redis.pp | 9 ++++ 5 files changed, 105 insertions(+), 7 deletions(-) create mode 100644 packstack/puppet/templates/redis.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index 2123df45d..1a1dd3a5c 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -422,6 +422,15 @@ Ceilometer Config Parameters **CONFIG_CEILOMETER_KS_PW** The password to use for Ceilometer to authenticate with Keystone. +**CONFIG_CEILOMETER_COORDINATION_BACKEND** + Specify an optional backend for group membership coordination in the alarm evaluator and central agent. Currently the only valid option are 'redis' or 'none'. The default is 'redis'. + +**CONFIG_REDIS_HOST** + The IP address of the server on which to install Redis, if Redis is being used for coordination. + +**CONFIG_REDIS_PORT** + The port on which the Redis server will listen, if Redis is being used for coordination. + Heat Config Parameters ---------------------- diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index 7d6d9ca99..1fd777ff4 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -51,6 +51,18 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, + + {"CONF_NAME": "CONFIG_CEILOMETER_COORDINATION_BACKEND", + "CMD_OPTION": "ceilometer-coordination-backend", + "USAGE": "Backend driver for group membership coordination", + "PROMPT": "Enter the coordination driver", + "OPTION_LIST": ['redis', 'none'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'redis', + "MASK_INPUT": False, + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, ], "MONGODB": [ @@ -68,6 +80,33 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, ], + "REDIS": [ + {"CMD_OPTION": "redis-host", + "USAGE": ("The IP address of the server on which to install " + "redis"), + "PROMPT": "Enter the IP address of the redis server", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_REDIS_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-port", + "USAGE": "The port on which the redis server listens", + "PROMPT": "Enter the port of the redis server", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_port], + "DEFAULT_VALUE": 6379, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_REDIS_PORT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], } ceilometer_groups = [ @@ -84,6 +123,13 @@ def initConfig(controller): "PRE_CONDITION_MATCH": "y", "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "REDIS", + "DESCRIPTION": "Redis Config parameters", + "PRE_CONDITION": "CONFIG_CEILOMETER_COORDINATION_BACKEND", + "PRE_CONDITION_MATCH": "redis", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, ] for group in ceilometer_groups: paramList = ceilometer_params[group["GROUP_NAME"]] @@ -96,6 +142,8 @@ def initSequences(controller): steps = [{'title': 'Adding MongoDB manifest entries', 'functions': [create_mongodb_manifest]}, + {'title': 'Adding Redis manifest entries', + 'functions': [create_redis_manifest]}, {'title': 'Adding Ceilometer manifest entries', 'functions': [create_manifest]}, {'title': 'Adding Ceilometer Keystone manifest entries', @@ -126,7 +174,7 @@ def create_manifest(config, messages): # class needs it if config['CONFIG_NOVA_INSTALL'] == 'n': manifestdata += getManifestTemplate("ceilometer_nova_disabled.pp") - appendManifestFile(manifestfile, manifestdata) + appendManifestFile(manifestfile, manifestdata, 'ceilometer') def create_mongodb_manifest(config, messages): @@ -147,6 +195,25 @@ def create_mongodb_manifest(config, messages): appendManifestFile(manifestfile, manifestdata, 'pre') +def create_redis_manifest(config, messages): + if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': + manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_HOST'] + manifestdata = getManifestTemplate("redis.pp") + + fw_details = dict() + key = "redis_server" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % config['CONFIG_CONTROLLER_HOST'] + fw_details[key]['service_name'] = "redis-server" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = config['CONFIG_REDIS_PORT'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_REDIS_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_REDIS_RULES') + appendManifestFile(manifestfile, manifestdata, 'pre') + + def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_ceilometer.pp") diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index f64fa8abe..ae8bb0594 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -175,9 +175,9 @@ def copy_puppet_modules(config, messages): 'concat', 'firewall', 'glance', 'heat', 'horizon', 'inifile', 'keystone', 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', - 'packstack', 'qpid', 'rabbitmq', 'remote', 'rsync', - 'ssh', 'stdlib', 'swift', 'sysctl', 'tempest', - 'vcsrepo', 'vlan', 'vswitch', 'xinetd', + 'packstack', 'qpid', 'rabbitmq', 'redis', 'remote', + 'rsync', 'ssh', 'stdlib', 'swift', 'sysctl', + 'tempest', 'vcsrepo', 'vlan', 'vswitch', 'xinetd', 'openstacklib')) # write puppet manifest to disk diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index 7955c3709..28c9002e7 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -1,5 +1,15 @@ $config_mongodb_host = hiera('CONFIG_MONGODB_HOST') +$config_ceilometer_coordination_backend = hiera('CONFIG_CEILOMETER_COORDINATION_BACKEND') + +if $config_ceilometer_coordination_backend == 'redis' { + $redis_host = hiera('CONFIG_REDIS_HOST') + $redis_port = hiera('CONFIG_REDIS_PORT') + $coordination_url = "redis://${redis_host}:${redis_port}" +} else { + $coordination_url = '' +} + class { 'ceilometer::db': database_connection => "mongodb://${config_mongodb_host}:27017/ceilometer", } @@ -15,14 +25,17 @@ auth_password => hiera('CONFIG_CEILOMETER_KS_PW'), } -class { 'ceilometer::agent::central': } +class { 'ceilometer::agent::central': + coordination_url => $coordination_url, +} class { 'ceilometer::alarm::notifier':} -class { 'ceilometer::alarm::evaluator':} +class { 'ceilometer::alarm::evaluator': + coordination_url => $coordination_url, +} class { 'ceilometer::api': keystone_host => hiera('CONFIG_CONTROLLER_HOST'), keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'), } - diff --git a/packstack/puppet/templates/redis.pp b/packstack/puppet/templates/redis.pp new file mode 100644 index 000000000..ab4aaba88 --- /dev/null +++ b/packstack/puppet/templates/redis.pp @@ -0,0 +1,9 @@ +$redis_host = hiera('CONFIG_REDIS_HOST') +$redis_port = hiera('CONFIG_REDIS_PORT') + +class { 'redis': + bind => $redis_host, + port => $redis_port, + appendonly => true, + daemonize => false, +} From 8138aee5dc21bc12ee6b62a23e9d1ef52176b7ff Mon Sep 17 00:00:00 2001 From: Maxime Leroy Date: Wed, 3 Dec 2014 16:09:16 +0100 Subject: [PATCH 0194/1017] Fix issues if ML2 neutron is configured with linuxbridge + For linuxbridge, the external_network_bridge option should be empty. See: https://github.com/openstack/neutron/blob/master/etc/l3_agent.ini#L43 We should allow CONFIG_NEUTRON_L3_EXT_BRIDGE to have an empty value. + The example given in usage for NEUTRON_LB_PLUGIN_AND_AGENT is false. The linuxbridge need to have a mapping between a network and interface, not a network and a bridge. See: https://github.com/openstack/neutron/ blob/master/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini#L23 + create_l3_manifests try to read CONFIG_NEUTRON_OVS_BRIDGE_MAPPING for all types of bridge. This patch fix the issue by moving the 'if openvswitch' test. Closes-Bug: #1399733 Change-Id: Ia7297c9941d93f822ed4b7ea4f4bf4932304ac64 --- packstack/plugins/neutron_350.py | 36 +++++++++++++++++--------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 9085b98c6..527ea4344 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -56,14 +56,14 @@ def initConfig(controller): "CONDITION": False}, {"CMD_OPTION": "os-neutron-l3-ext-bridge", - "USAGE": ("The name of the bridge that the Neutron L3 agent will " - "use for external traffic, or 'provider' if using " - "provider networks"), - "PROMPT": ("Enter the bridge the Neutron L3 agent will use for " - "external traffic, or 'provider' if using provider " - "networks"), + "USAGE": ("The name of the ovs bridge (or empty for linuxbridge)" + " that the Neutron L3 agent will use for external " + " traffic, or 'provider' using provider networks. "), + "PROMPT": ("Enter the ovs bridge the Neutron L3 agent will use " + "for external traffic, or 'provider' if using " + "provider networks."), "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], + "VALIDATORS": [], "DEFAULT_VALUE": "br-ex", "MASK_INPUT": False, "LOOSE_VALIDATION": True, @@ -131,8 +131,8 @@ def initConfig(controller): "NEUTRON_LB_AGENT": [ {"CMD_OPTION": "os-neutron-lb-interface-mappings", "USAGE": ("A comma separated list of interface mappings for the " - "Neutron linuxbridge plugin (eg. physnet1:br-eth1," - "physnet2:br-eth2,physnet3:br-eth3)"), + "Neutron linuxbridge plugin (eg. physnet1:eth1," + "physnet2:eth2,physnet3:eth3)"), "PROMPT": ("Enter a comma separated list of interface mappings " "for the Neutron linuxbridge plugin"), "OPTION_LIST": [], @@ -633,14 +633,16 @@ def create_l3_manifests(config, messages): manifestdata = getManifestTemplate("neutron_l3.pp") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + '\n') - ext_bridge = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] - mapping = find_mapping(config['CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'], - ext_bridge) if ext_bridge else None - if (config['CONFIG_NEUTRON_L2_AGENT'] == 'openvswitch' and ext_bridge - and not mapping): - config['CONFIG_NEUTRON_OVS_BRIDGE'] = ext_bridge - manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') - appendManifestFile(manifestfile, manifestdata + '\n') + + if config['CONFIG_NEUTRON_L2_AGENT'] == 'openvswitch': + ext_bridge = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'] + mapping = find_mapping( + config['CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'], + ext_bridge) if ext_bridge else None + if (ext_bridge and not mapping): + config['CONFIG_NEUTRON_OVS_BRIDGE'] = ext_bridge + manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') + appendManifestFile(manifestfile, manifestdata + '\n') if config['CONFIG_NEUTRON_FWAAS'] == 'y': # manifestfile = "%s_neutron_fwaas.pp" % (host,) From d40b40f0ec522ee45082f302deb8b4cf2b3709df Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Sat, 6 Dec 2014 16:01:38 +0100 Subject: [PATCH 0195/1017] Use '.pp' as default ending for template files Change-Id: Id5072e5d9f296403b272ac3f57fff2a19f7dea74 --- packstack/modules/ospluginutils.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packstack/modules/ospluginutils.py b/packstack/modules/ospluginutils.py index 2830bf3e5..d89e444f5 100644 --- a/packstack/modules/ospluginutils.py +++ b/packstack/modules/ospluginutils.py @@ -74,6 +74,8 @@ def writeManifests(self): def getManifestTemplate(template_name): + if not template_name.endswith(".pp"): + template_name += ".pp" with open(os.path.join(PUPPET_TEMPLATE_DIR, template_name)) as fp: return fp.read() % controller.CONF From b8cf4d4617bdba22757dfb4960773618236009dd Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Sun, 7 Dec 2014 14:14:23 +0100 Subject: [PATCH 0196/1017] Fix Tempest Provisioning - Use 'CONFIG_PROVISION_CIRROS_URL' instead of 'CONFIG_PROVISION_TEMPEST_CIRROS_URL' which doesn't exist. Change-Id: Iecc560cddb45dc3fc9c5b74dd852304e5ea19390 Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/provision_tempest.pp | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 64ff1f313..8920484d7 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -21,7 +21,7 @@ ## Glance $image_name = 'cirros' - $image_source = hiera('CONFIG_PROVISION_TEMPEST_CIRROS_URL') + $image_source = hiera('CONFIG_PROVISION_CIRROS_URL') $image_ssh_user = 'cirros' ## Neutron @@ -160,10 +160,7 @@ ## Tempest if $configure_tempest { - $tempest_requires = concat([ - Keystone_user[$username], - Glance_image[$image_name], - ], $neutron_deps) + $tempest_requires = concat([Keystone_user[$username]], $neutron_deps) class { 'tempest': tempest_repo_uri => $tempest_repo_uri, From 85ceabbfaf0e6cac1c733bc02a0a291087cb4cc0 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 9 Dec 2014 20:05:40 +0100 Subject: [PATCH 0197/1017] Change the APP_NAME to Packstack Instead of 'Welcome to Installer setup utility' it should be 'Welcome to the Packstack setup utility'. Change-Id: I698d17645f4a53ce738be5ea463335466408ed6e --- packstack/installer/basedefs.py | 2 +- packstack/installer/output_messages.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index 9e213236a..676569c8a 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -13,7 +13,7 @@ from .utils import get_current_user -APP_NAME = "Installer" +APP_NAME = "Packstack" FILE_YUM_VERSION_LOCK = "/etc/yum/pluginconf.d/versionlock.list" diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index cf6420398..3103a2d22 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -18,7 +18,7 @@ ####INFO MESSAGES#### ##################### -INFO_HEADER="Welcome to %s setup utility" % basedefs.APP_NAME +INFO_HEADER="Welcome to the %s setup utility" % basedefs.APP_NAME INFO_INSTALL_SUCCESS="\n **** Installation completed successfully ******\n" INFO_INSTALL="Installing:" INFO_DSPLY_PARAMS="\n%s will be installed using the following configuration:" % basedefs.APP_NAME From 0aed083ba415f3012572e9e9775ea435473a2d15 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 9 Dec 2014 20:14:19 +0100 Subject: [PATCH 0198/1017] Update to Fedora 21 and remove Fedora 19 support With the release of Fedora 21 the end of life of Fedora 19 will come in 1 month (https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle) and support for Fedora 19 should be dropped. Change-Id: Ib34f38ebcab07254be0d5edba2964d476767f998 --- README.md | 2 +- .../puppet/modules/remote/manifests/params.pp | 6 +----- packstack/puppet/templates/nova_compute.pp | 20 ------------------- 3 files changed, 2 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index 1e68b996f..99778a8aa 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,7 @@ useful to install from *git* such that updates to the git repositories are immediately effective without reinstallation of packstack and **openstack-puppet-modules**. -To do this, start with a minimal **Fedora 20** installation. Then remove any +To do this, start with a minimal **Fedora 21** installation. Then remove any relevant packages that might conflict: $ yum -y erase openstack-{packstack*,puppet-modules} diff --git a/packstack/puppet/modules/remote/manifests/params.pp b/packstack/puppet/modules/remote/manifests/params.pp index ce1909cf9..eb65c055c 100644 --- a/packstack/puppet/modules/remote/manifests/params.pp +++ b/packstack/puppet/modules/remote/manifests/params.pp @@ -6,11 +6,7 @@ case $::operatingsystem { 'Fedora': { - if (is_integer($::operatingsystemrelease) and $::operatingsystemrelease >= 19) or $::operatingsystemrelease == 'Rawhide' { - $mysql_client_package = 'mariadb' - } else { - $mysql_client_package = 'mysql' - } + $mysql_client_package = 'mariadb' } 'RedHat', 'CentOS', 'Scientific': { diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 7a640b00b..43f47bd28 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -52,26 +52,6 @@ require => Package['tuned'], } -if $::operatingsystem == 'Fedora' and $::operatingsystemrelease == 19 { - # older tuned service is sometimes stucked on Fedora 19 - exec { 'tuned-update': - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - command => 'yum update -y tuned', - logoutput => 'on_failure', - } - - exec { 'tuned-restart': - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - command => 'systemctl restart tuned.service', - logoutput => 'on_failure', - } - - Service['tuned'] -> - Exec['tuned-update'] -> - Exec['tuned-restart'] -> - Exec['tuned-virtual-host'] -} - exec { 'tuned-virtual-host': unless => '/usr/sbin/tuned-adm active | /bin/grep virtual-host', command => '/usr/sbin/tuned-adm profile virtual-host', From 8acb7cc11db0a2a0f649808c324773d66c9a6ff0 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 9 Dec 2014 21:37:39 +0100 Subject: [PATCH 0199/1017] Print the used logfile also at the beginning Change-Id: Icb3a44c36b50b31b3436c3e693f6d88879b70080 --- packstack/installer/basedefs.py | 1 + packstack/installer/run_setup.py | 31 ++++++++++++++++--------------- 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index 9e213236a..f35280368 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -41,6 +41,7 @@ _tmpdirprefix = datetime.datetime.now().strftime('%Y%m%d-%H%M%S-') VAR_DIR = tempfile.mkdtemp(prefix=_tmpdirprefix, dir=PACKSTACK_VAR_DIR) DIR_LOG = VAR_DIR +FILE_LOG = 'openstack-setup.log' PUPPET_MANIFEST_RELATIVE = "manifests" PUPPET_MANIFEST_DIR = os.path.join(VAR_DIR, PUPPET_MANIFEST_RELATIVE) HIERADATA_FILE_RELATIVE = "hieradata" diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 22102483e..b749e9624 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -33,11 +33,8 @@ tmpfiles = [] def initLogging (debug): - global logFile - try: - logFilename = "openstack-setup.log" - logFile = os.path.join(basedefs.DIR_LOG, logFilename) + logFile = os.path.join(basedefs.DIR_LOG, basedefs.FILE_LOG) # Create the log file with specific permissions, puppet has a habbit of putting # passwords in logs @@ -61,6 +58,8 @@ def initLogging (debug): logging.error(traceback.format_exc()) raise Exception(output_messages.ERR_EXP_FAILED_INIT_LOGGER) + return logFile + def _getInputFromUser(param): """ this private func reads the data from the user @@ -568,7 +567,7 @@ def _printAdditionalMessages(): for msg in controller.MESSAGES: print output_messages.INFO_ADDTIONAL_MSG_BULLET%(msg) -def _addFinalInfoMsg(): +def _addFinalInfoMsg(logFile): """ add info msg to the user finalizing the successfull install of rhemv @@ -591,8 +590,10 @@ def _summaryParamsToLog(): def runSequences(): controller.runAllSequences() -def _main(options, configFile=None): +def _main(options, configFile=None, logFile=None): print output_messages.INFO_HEADER + print("") + print(output_messages.INFO_LOG_FILE_PATH % logFile) # Get parameters _handleParams(configFile) @@ -622,7 +623,7 @@ def _main(options, configFile=None): #_lockRpmVersion() # Print info - _addFinalInfoMsg() + _addFinalInfoMsg(logFile) print output_messages.INFO_INSTALL_SUCCESS @@ -693,7 +694,7 @@ def generateAnswerFile(outputFile, overrides={}): 'conf_name': param.CONF_NAME} ans_file.write(fmt % args) -def single_step_aio_install(options): +def single_step_aio_install(options, logFile): """ Installs an All in One host on this host""" options.install_hosts = utils.get_localhost_ip() @@ -713,9 +714,9 @@ def single_step_aio_install(options): not options.provision_all_in_one_ovs_bridge): options.provision_all_in_one_ovs_bridge = "y" - single_step_install(options) + single_step_install(options, logFile) -def single_step_install(options): +def single_step_install(options, logFile): answerfilepath = _gettmpanswerfilepath() if not answerfilepath: _printAdditionalMessages() @@ -743,7 +744,7 @@ def single_step_install(options): overrides[key] = value generateAnswerFile(answerfilepath, overrides) - _main(options,answerfilepath) + _main(options,answerfilepath, logFile) def initCmdLineParser(): """ @@ -907,7 +908,7 @@ def main(): raise SystemExit # Initialize logging - initLogging (options.debug) + logFile = initLogging (options.debug) # Parse parameters runConfiguration = True @@ -938,10 +939,10 @@ def main(): msg = ('Please use either --allinone or --answer-file, ' 'but not both.') raise FlagValidationError(msg) - single_step_aio_install(options) + single_step_aio_install(options, logFile) # Are we installing in a single step elif options.install_hosts: - single_step_install(options) + single_step_install(options, logFile) # Otherwise, run main() else: # Make sure only --answer-file was supplied @@ -958,7 +959,7 @@ def main(): raise Exception(output_messages.ERR_NO_ANSWER_FILE % confFile) else: _set_command_line_values(options) - _main(options,confFile) + _main(options, confFile, logFile) except FlagValidationError as ex: optParser.error(str(ex)) From 4055f34cd367ba928029a75edca00fc59daaa726 Mon Sep 17 00:00:00 2001 From: "Sahid O. Ferdjaoui" Date: Wed, 13 Aug 2014 18:09:08 +0200 Subject: [PATCH 0200/1017] network: set the default floating ip pool name The default public network used by packstack to create floating ip is 'public' we should configure nova.conf to use the good value during the build process to provide the possibility to use the command 'floating-ip-create' without the optional argument 'pool'. Closes-Bug: #1356462 Related-Bug: #1355621 Change-Id: Ie5158b44dee320816fa4eae20bb2e28a4e58c451 --- docs/packstack.rst | 3 --- packstack/plugins/nova_300.py | 15 +-------------- packstack/puppet/templates/nova_common_nopw.pp | 8 ++++++++ packstack/puppet/templates/nova_common_pw.pp | 12 ++++++++++-- packstack/puppet/templates/nova_network.pp | 2 -- 5 files changed, 19 insertions(+), 21 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 2123df45d..1863e2185 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -302,9 +302,6 @@ Nova Options **CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** Automatically assign a floating IP to new instances. -**CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL** - Name of the default floating pool to which the specified floating ranges are added to. - **CONFIG_NOVA_NETWORK_MANAGER** Nova network manager. diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 23ae134ed..b026c4a0e 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -111,6 +111,7 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + ], "NOVA_NETWORK": [ @@ -198,20 +199,6 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, - {"CMD_OPTION": "novanetwork-default-floating-pool", - "USAGE": ("Name of the default floating pool to which the " - "specified floating ranges are added to"), - "PROMPT": "What should the default floating pool be called?", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": "nova", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - {"CMD_OPTION": "novanetwork-auto-assign-floating-ip", "USAGE": "Automatically assign a floating IP to new instances", "PROMPT": ("Should new instances automatically have a floating " diff --git a/packstack/puppet/templates/nova_common_nopw.pp b/packstack/puppet/templates/nova_common_nopw.pp index 977f36fc8..30d98cc73 100644 --- a/packstack/puppet/templates/nova_common_nopw.pp +++ b/packstack/puppet/templates/nova_common_nopw.pp @@ -1,3 +1,10 @@ +$config_use_neutron = hiera('CONFIG_NEUTRON_INSTALL') + +if $config_use_neutron == 'y' { + $default_floating_pool = 'public' +} else { + $default_floating_pool = 'nova' +} # Ensure Firewall changes happen before nova services start # preventing a clash with rules being set by nova-compute and nova-network @@ -6,4 +13,5 @@ nova_config{ 'DEFAULT/sql_connection': value => hiera('CONFIG_NOVA_SQL_CONN_NOPW'); 'DEFAULT/metadata_host': value => hiera('CONFIG_CONTROLLER_HOST'); + 'DEFAULT/default_floating_pool': value => $default_floating_pool; } diff --git a/packstack/puppet/templates/nova_common_pw.pp b/packstack/puppet/templates/nova_common_pw.pp index 18435d604..539390096 100644 --- a/packstack/puppet/templates/nova_common_pw.pp +++ b/packstack/puppet/templates/nova_common_pw.pp @@ -1,9 +1,17 @@ +$config_use_neutron = hiera('CONFIG_NEUTRON_INSTALL') + +if $config_use_neutron == 'y' { + $default_floating_pool = 'public' +} else { + $default_floating_pool = 'nova' +} # Ensure Firewall changes happen before nova services start # preventing a clash with rules being set by nova-compute and nova-network Firewall <| |> -> Class['nova'] nova_config{ - 'DEFAULT/sql_connection': value => hiera('CONFIG_NOVA_SQL_CONN_PW'); - 'DEFAULT/metadata_host': value => hiera('CONFIG_CONTROLLER_HOST'); + 'DEFAULT/sql_connection': value => hiera('CONFIG_NOVA_SQL_CONN_PW'); + 'DEFAULT/metadata_host': value => hiera('CONFIG_CONTROLLER_HOST'); + 'DEFAULT/default_floating_pool': value => $default_floating_pool; } diff --git a/packstack/puppet/templates/nova_network.pp b/packstack/puppet/templates/nova_network.pp index 1f2cd33b4..56a65433c 100644 --- a/packstack/puppet/templates/nova_network.pp +++ b/packstack/puppet/templates/nova_network.pp @@ -1,9 +1,7 @@ -$default_floating_pool = hiera('CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL') $auto_assign_floating_ip = hiera('CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP') nova_config { - 'DEFAULT/default_floating_pool': value => $default_floating_pool; 'DEFAULT/auto_assign_floating_ip': value => $auto_assign_floating_ip; } From 494c28246767ab241a63a3a7d890feae14bc2ec7 Mon Sep 17 00:00:00 2001 From: Marc Villacorta Date: Fri, 12 Dec 2014 12:58:34 +0100 Subject: [PATCH 0201/1017] 'if' expects 'bool' but gets 'string' Change-Id: Id3505946d928992f19e89731e71f281df9243587 --- packstack/puppet/templates/horizon.pp | 2 +- packstack/puppet/templates/swift_builder.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 0b4470d53..408f27c55 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -81,7 +81,7 @@ action => 'accept', } -if ($::selinux != false) { +if str2bool($::selinux) { selboolean{ 'httpd_can_network_connect': value => on, persistent => true, diff --git a/packstack/puppet/templates/swift_builder.pp b/packstack/puppet/templates/swift_builder.pp index d45aed572..cc5122843 100644 --- a/packstack/puppet/templates/swift_builder.pp +++ b/packstack/puppet/templates/swift_builder.pp @@ -11,7 +11,7 @@ local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), } -if ($::selinux != false) { +if str2bool($::selinux) { selboolean { 'rsync_export_all_ro': value => on, persistent => true, From a532dd9638e26aa23809fa054197041fbf67474f Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 8 Dec 2014 08:39:57 +0100 Subject: [PATCH 0202/1017] Fix spelling of OpenStack According to the OpenStack Documentation conventions it should be OpenStack and not Openstack or openstack. https://wiki.openstack.org/wiki/Documentation/Conventions#OpenStack.2C_not_Openstack_or_openstack Change-Id: I08a0432dd00a122a4e335f9af0577892737cd64d --- README.md | 4 +- packstack/plugins/nova_300.py | 4 +- setup.py | 2 +- spec/openstack-packstack.spec | 81 ----------------------------------- 4 files changed, 5 insertions(+), 86 deletions(-) delete mode 100644 spec/openstack-packstack.spec diff --git a/README.md b/README.md index 1e68b996f..741306d0d 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ options have yet to be added. Then edit `ans.txt` as appropriate e.g. - set `CONFIG_SSH_KEY` to a public ssh key to be installed to remote machines -- Edit the IP address to anywhere you want to install a piece of openstack on another server +- Edit the IP address to anywhere you want to install a piece of OpenStack on another server - Edit the 3 network interfaces to whatever makes sense in your setup you'll need to use a icehouse repository for example for RHEL @@ -44,7 +44,7 @@ you'll need to use a icehouse repository for example for RHEL $ packstack -that's it, if everything went well you can now start using openstack +that's it, if everything went well you can now start using OpenStack $ cd $ . keystonerc_admin diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 0c25f362d..d1ee07d32 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -309,7 +309,7 @@ def initSequences(controller): return if controller.CONF['CONFIG_NEUTRON_INSTALL'] == 'y': - network_title = ('Adding Openstack Network-related ' + network_title = ('Adding OpenStack Network-related ' 'Nova manifest entries') network_function = create_neutron_manifest else: @@ -374,7 +374,7 @@ def bring_up_ifcfg(host, device): server.execute() except ScriptRuntimeError: msg = ('Failed to bring up network interface %s on host %s.' - ' Interface should be up so Openstack can work' + ' Interface should be up so OpenStack can work' ' properly.' % (device, host)) raise ScriptRuntimeError(msg) diff --git a/setup.py b/setup.py index bcc6b071d..b020f846b 100644 --- a/setup.py +++ b/setup.py @@ -82,7 +82,7 @@ def read(fname): version=version.version_string(), author="Derek Higgins", author_email="derekh@redhat.com", - description=("A utility to install openstack"), + description=("A utility to install OpenStack"), license="ASL 2.0", keywords="openstack", url="https://github.com/stackforge/packstack", diff --git a/spec/openstack-packstack.spec b/spec/openstack-packstack.spec deleted file mode 100644 index c01897c73..000000000 --- a/spec/openstack-packstack.spec +++ /dev/null @@ -1,81 +0,0 @@ - -%global git_revno %GIT_REVNO% - -Name: openstack-packstack -Version: 2012.2.2 -#Release: 1%{?dist} -Release: 0.1.dev%{git_revno}%{?dist} -Summary: Openstack Install Utility - -Group: Applications/System -License: ASL 2.0 -URL: https://github.com/fedora-openstack/packstack -#Source0: https://github.com/downloads/fedora-openstack/packstack/packstack-%{version}.tar.gz -Source0: https://github.com/downloads/fedora-openstack/packstack/packstack-%{version}dev%{git_revno}.tar.gz - -BuildArch: noarch - -BuildRequires: python2-devel -BuildRequires: python-setuptools -%if 0%{?rhel} -BuildRequires: python-sphinx10 -%else -BuildRequires: python-sphinx -%endif - -Requires: openssh-clients - -%description -Packstack is a utility that uses puppet modules to install openstack -packstack can be used to deploy various parts of openstack on multiple -pre installed servers over ssh. It does this be using puppet manifests to -apply puppet labs modules (https://github.com/puppetlabs/) - -%prep -#%setup -n packstack-%{version} -%setup -n packstack-%{version}dev%{git_revno} - -# Sanitizing a lot of the files in the puppet modules, they come from seperate upstream projects -find packstack/puppet/modules \( -name .fixtures.yml -o -name .gemfile -o -name ".travis.yml" -o -name .rspec \) -exec rm {} \; -find packstack/puppet/modules \( -name "*.py" -o -name "*.rb" -o -name "*.pl" \) -exec sed -i '/^#!/{d;q}' {} \; -exec chmod -x {} \; -find packstack/puppet/modules \( -name "*.sh" \) -exec sed -i 's/^#!.*/#!\/bin\/bash/g' {} \; -exec chmod +x {} \; -find packstack/puppet/modules -name site.pp -size 0 -exec rm {} \; - -# Moving this data directory out temporarily as it causes setup.py to throw errors -rm -rf %{_builddir}/puppet -mv packstack/puppet %{_builddir}/puppet - -%build -# puppet on fedora already has this module, using this one causes problems -%if 0%{?fedora} - rm -rf %{_builddir}/puppet/modules/create_resources -%endif - -%{__python} setup.py build - -cd docs -%if 0%{?rhel} -make man SPHINXBUILD=sphinx-1.0-build -%else -make man -%endif - -%install -%{__python} setup.py install --skip-build --root %{buildroot} -mv %{_builddir}/puppet %{buildroot}/%{python_sitelib}/packstack/puppet - -mkdir -p %{buildroot}%{_mandir}/man1 -install -p -D -m 644 docs/_build/man/*.1 %{buildroot}%{_mandir}/man1/ - -%files -%doc LICENSE -%{_bindir}/packstack -%{python_sitelib}/packstack -%{python_sitelib}/packstack-%{version}*.egg-info -%{_mandir}/man1/packstack.1.gz - -%changelog - -* Thu Dec 06 2012 Derek Higgins -- Not keeping change log here, see downstream distributions for actual packaging - From ebed2e6b92b38d4ddbd7035af6dd45166face7cc Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 8 Dec 2014 11:41:31 +0100 Subject: [PATCH 0203/1017] Remove Puppet templates endings when calling getManifestTemplate getManifestTemplate sets the default template ending 'pp' when not set in the filename. It is not longer necessary to use the default template ending when calling getManifestTemplate. Change-Id: Ie0c487eef6196fe6276694d7973e943d42a59ae9 --- packstack/plugins/amqp_002.py | 2 +- packstack/plugins/ceilometer_800.py | 8 ++--- packstack/plugins/cinder_250.py | 20 ++++++------ packstack/plugins/dashboard_500.py | 2 +- packstack/plugins/glance_200.py | 4 +-- packstack/plugins/heat_650.py | 8 ++--- packstack/plugins/keystone_100.py | 2 +- packstack/plugins/mariadb_003.py | 4 +-- packstack/plugins/nagios_910.py | 4 +-- packstack/plugins/neutron_350.py | 34 ++++++++++---------- packstack/plugins/nova_300.py | 38 +++++++++++------------ packstack/plugins/openstack_client_400.py | 2 +- packstack/plugins/postscript_948.py | 4 +-- packstack/plugins/prescript_000.py | 6 ++-- packstack/plugins/provision_700.py | 10 +++--- packstack/plugins/swift_600.py | 12 +++---- 16 files changed, 80 insertions(+), 80 deletions(-) diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index c497c64a4..07155a822 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -241,7 +241,7 @@ def create_manifest(config, messages): config['CONFIG_AMQP_AUTH_USER'] = 'guest' manifestfile = "%s_amqp.pp" % config['CONFIG_AMQP_HOST'] - manifestdata = getManifestTemplate('amqp.pp') + manifestdata = getManifestTemplate('amqp') fw_details = dict() # All hosts should be able to talk to amqp diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index 1fd777ff4..ff8383540 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -157,7 +157,7 @@ def initSequences(controller): def create_manifest(config, messages): manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) - manifestdata += getManifestTemplate("ceilometer.pp") + manifestdata += getManifestTemplate("ceilometer") fw_details = dict() key = "ceilometer_api" @@ -173,13 +173,13 @@ def create_manifest(config, messages): # Add a template that creates a group for nova because the ceilometer # class needs it if config['CONFIG_NOVA_INSTALL'] == 'n': - manifestdata += getManifestTemplate("ceilometer_nova_disabled.pp") + manifestdata += getManifestTemplate("ceilometer_nova_disabled") appendManifestFile(manifestfile, manifestdata, 'ceilometer') def create_mongodb_manifest(config, messages): manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST'] - manifestdata = getManifestTemplate("mongodb.pp") + manifestdata = getManifestTemplate("mongodb") fw_details = dict() key = "mongodb_server" @@ -216,5 +216,5 @@ def create_redis_manifest(config, messages): def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_ceilometer.pp") + manifestdata = getManifestTemplate("keystone_ceilometer") appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 1b43f1fca..dd1ce07d5 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -710,7 +710,7 @@ def create_keystone_manifest(config, messages): config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_cinder.pp") + manifestdata = getManifestTemplate("keystone_cinder") appendManifestFile(manifestfile, manifestdata) @@ -720,16 +720,16 @@ def create_manifest(config, messages): manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] - manifestdata += getManifestTemplate("cinder.pp") + manifestdata += getManifestTemplate("cinder") backends = config['CONFIG_CINDER_BACKEND'] if 'netapp' in backends: backends.remove('netapp') - puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp" - puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp" - puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp" - puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp" - puppet_eseries = "cinder_netapp_eseries.pp" + puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi" + puppet_cdot_nfs = "cinder_netapp_cdot_nfs" + puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi" + puppet_7mode_nfs = "cinder_netapp_7mode_nfs" + puppet_eseries = "cinder_netapp_eseries" if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_cdot_iscsi) @@ -743,12 +743,12 @@ def create_manifest(config, messages): elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": manifestdata += getManifestTemplate(puppet_eseries) for backend in backends: - manifestdata += getManifestTemplate('cinder_%s.pp' % backend) + manifestdata += getManifestTemplate('cinder_%s' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': - manifestdata += getManifestTemplate('cinder_ceilometer.pp') + manifestdata += getManifestTemplate('cinder_ceilometer') if config['CONFIG_SWIFT_INSTALL'] == 'y': - manifestdata += getManifestTemplate('cinder_backup.pp') + manifestdata += getManifestTemplate('cinder_backup') fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index 151394ab3..abd7d5938 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -169,7 +169,7 @@ def create_manifest(config, messages): if config["CONFIG_NEUTRON_FWAAS"] == 'y': config["CONFIG_HORIZON_NEUTRON_FW"] = True - manifestdata = getManifestTemplate("horizon.pp") + manifestdata = getManifestTemplate("horizon") appendManifestFile(manifestfile, manifestdata) msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n" diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 188d41a21..062b1b971 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -108,7 +108,7 @@ def create_keystone_manifest(config, messages): config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_glance.pp") + manifestdata = getManifestTemplate("keystone_glance") appendManifestFile(manifestfile, manifestdata) @@ -117,7 +117,7 @@ def create_manifest(config, messages): config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_glance.pp" % config['CONFIG_STORAGE_HOST'] - manifestdata = getManifestTemplate("glance.pp") + manifestdata = getManifestTemplate("glance") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': mq_template = get_mq(config, "glance_ceilometer") manifestdata += getManifestTemplate(mq_template) diff --git a/packstack/plugins/heat_650.py b/packstack/plugins/heat_650.py index 7a058893d..3bc3293e9 100644 --- a/packstack/plugins/heat_650.py +++ b/packstack/plugins/heat_650.py @@ -173,7 +173,7 @@ def initSequences(controller): def create_manifest(config, messages): manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) - manifestdata += getManifestTemplate("heat.pp") + manifestdata += getManifestTemplate("heat") fw_details = dict() key = "heat" @@ -191,14 +191,14 @@ def create_manifest(config, messages): def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_heat.pp") + manifestdata = getManifestTemplate("keystone_heat") appendManifestFile(manifestfile, manifestdata) def create_cloudwatch_manifest(config, messages): manifestfile = "%s_heatcw.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) - manifestdata += getManifestTemplate("heat_cloudwatch.pp") + manifestdata += getManifestTemplate("heat_cloudwatch") fw_details = dict() key = "heat_api_cloudwatch" @@ -217,7 +217,7 @@ def create_cloudwatch_manifest(config, messages): def create_cfn_manifest(config, messages): manifestfile = "%s_heatcnf.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) - manifestdata += getManifestTemplate("heat_cfn.pp") + manifestdata += getManifestTemplate("heat_cfn") fw_details = dict() key = "heat_cfn" diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 5ff7361fb..217b96b60 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -139,7 +139,7 @@ def initSequences(controller): def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone.pp") + manifestdata = getManifestTemplate("keystone") fw_details = dict() key = "keystone" diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 668a6c79d..91d542421 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -95,13 +95,13 @@ def create_manifest(config, messages): host = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_mariadb.pp" % host - manifestdata = [getManifestTemplate('mariadb_%s.pp' % suffix)] + manifestdata = [getManifestTemplate('mariadb_%s' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. - template = "mariadb_%s_%s.pp" % (module, suffix) + template = "mariadb_%s_%s" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index 19ea24a51..a33b278eb 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -173,7 +173,7 @@ def create_manifest(config, messages): config['CONFIG_NAGIOS_MANIFEST_CONFIG'] = manifest_entries manifestfile = "%s_nagios.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nagios_server.pp") + manifestdata = getManifestTemplate("nagios_server") appendManifestFile(manifestfile, manifestdata) @@ -181,7 +181,7 @@ def create_nrpe_manifests(config, messages): for hostname in filtered_hosts(config): config['CONFIG_NRPE_HOST'] = hostname manifestfile = "%s_nagios_nrpe.pp" % hostname - manifestdata = getManifestTemplate("nagios_nrpe.pp") + manifestdata = getManifestTemplate("nagios_nrpe") # Only the Nagios host is allowed to talk to nrpe fw_details = dict() diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 0650f71e2..a35975c65 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -555,19 +555,19 @@ def create_manifests(config, messages): config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') - plugin_manifest = 'neutron_ml2_plugin.pp' + plugin_manifest = 'neutron_ml2_plugin' for host in q_hosts: manifest_file = "%s_neutron.pp" % (host,) - manifest_data = getManifestTemplate("neutron.pp") + manifest_data = getManifestTemplate("neutron") manifest_data += getManifestTemplate(get_mq(config, "neutron")) appendManifestFile(manifest_file, manifest_data, 'neutron') if host in api_hosts: manifest_file = "%s_neutron.pp" % (host,) - manifest_data = getManifestTemplate("neutron_api.pp") + manifest_data = getManifestTemplate("neutron_api") if config['CONFIG_NOVA_INSTALL'] == 'y': - template_name = "neutron_notifications.pp" + template_name = "neutron_notifications" manifest_data += getManifestTemplate(template_name) # Set up any l2 plugin configs we need only on neutron api nodes @@ -618,7 +618,7 @@ def create_manifests(config, messages): def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_neutron.pp") + manifestdata = getManifestTemplate("keystone_neutron") appendManifestFile(manifestfile, manifestdata) @@ -631,7 +631,7 @@ def create_l3_manifests(config, messages): for host in network_hosts: config['CONFIG_NEUTRON_L3_HOST'] = host config['CONFIG_NEUTRON_L3_INTERFACE_DRIVER'] = get_if_driver(config) - manifestdata = getManifestTemplate("neutron_l3.pp") + manifestdata = getManifestTemplate("neutron_l3") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + '\n') @@ -642,12 +642,12 @@ def create_l3_manifests(config, messages): ext_bridge) if ext_bridge else None if (ext_bridge and not mapping): config['CONFIG_NEUTRON_OVS_BRIDGE'] = ext_bridge - manifestdata = getManifestTemplate('neutron_ovs_bridge.pp') + manifestdata = getManifestTemplate('neutron_ovs_bridge') appendManifestFile(manifestfile, manifestdata + '\n') if config['CONFIG_NEUTRON_FWAAS'] == 'y': # manifestfile = "%s_neutron_fwaas.pp" % (host,) - manifestdata = getManifestTemplate("neutron_fwaas.pp") + manifestdata = getManifestTemplate("neutron_fwaas") appendManifestFile(manifestfile, manifestdata + '\n') @@ -658,9 +658,9 @@ def create_dhcp_manifests(config, messages): config["CONFIG_NEUTRON_DHCP_HOST"] = host config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): - manifest_data = getManifestTemplate("neutron_dhcp_mtu.pp") + manifest_data = getManifestTemplate("neutron_dhcp_mtu") else: - manifest_data = getManifestTemplate("neutron_dhcp.pp") + manifest_data = getManifestTemplate("neutron_dhcp") manifest_file = "%s_neutron.pp" % (host,) # Firewall Rules for dhcp in fw_details = dict() @@ -701,7 +701,7 @@ def create_lbaas_manifests(config, messages): for host in network_hosts: config['CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'] = get_if_driver(config) - manifestdata = getManifestTemplate("neutron_lbaas.pp") + manifestdata = getManifestTemplate("neutron_lbaas") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") @@ -714,7 +714,7 @@ def create_metering_agent_manifests(config, messages): for host in network_hosts: config['CONFIG_NEUTRON_METERING_IFCE_DRIVER'] = get_if_driver(config) - manifestdata = getManifestTemplate("neutron_metering_agent.pp") + manifestdata = getManifestTemplate("neutron_metering_agent") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") @@ -740,7 +740,7 @@ def create_l2_agent_manifests(config, messages): config["CONFIG_NEUTRON_OVS_TUNNELING"] = tunnel tunnel_types = set(ovs_type) & set(['gre', 'vxlan']) config["CONFIG_NEUTRON_OVS_TUNNEL_TYPES"] = list(tunnel_types) - template_name = "neutron_ovs_agent.pp" + template_name = "neutron_ovs_agent" bm_arr = get_values(config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"]) iface_arr = get_values(config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"]) @@ -753,7 +753,7 @@ def create_l2_agent_manifests(config, messages): config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = bm_arr elif agent == "linuxbridge": host_var = 'CONFIG_NEUTRON_LB_HOST' - template_name = 'neutron_lb_agent.pp' + template_name = 'neutron_lb_agent' else: raise KeyError("Unknown layer2 agent") @@ -772,11 +772,11 @@ def create_l2_agent_manifests(config, messages): iface_key = 'CONFIG_NEUTRON_OVS_IFACE' for if_map in iface_arr: config[bridge_key], config[iface_key] = if_map.split(':') - manifestdata = getManifestTemplate("neutron_ovs_port.pp") + manifestdata = getManifestTemplate("neutron_ovs_port") appendManifestFile(manifestfile, manifestdata + "\n") # Additional configurations required for compute hosts and # network hosts. - manifestdata = getManifestTemplate('neutron_bridge_module.pp') + manifestdata = getManifestTemplate('neutron_bridge_module') appendManifestFile(manifestfile, manifestdata + '\n') @@ -786,7 +786,7 @@ def create_metadata_manifests(config, messages): return for host in network_hosts: config['CONFIG_NEUTRON_METADATA_HOST'] = host - manifestdata = getManifestTemplate('neutron_metadata.pp') + manifestdata = getManifestTemplate('neutron_metadata') manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n") diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index d1ee07d32..5d7a41136 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -428,7 +428,7 @@ def create_api_manifest(config, messages): config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = \ "%s" % config['CONFIG_NEUTRON_METADATA_PW'] manifestfile = "%s_api_nova.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nova_api.pp") + manifestdata = getManifestTemplate("nova_api") fw_details = dict() key = "nova_api" @@ -446,19 +446,19 @@ def create_api_manifest(config, messages): def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_nova.pp") + manifestdata = getManifestTemplate("keystone_nova") appendManifestFile(manifestfile, manifestdata) def create_cert_manifest(config, messages): manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nova_cert.pp") + manifestdata = getManifestTemplate("nova_cert") appendManifestFile(manifestfile, manifestdata) def create_conductor_manifest(config, messages): manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nova_conductor.pp") + manifestdata = getManifestTemplate("nova_conductor") appendManifestFile(manifestfile, manifestdata) @@ -499,11 +499,11 @@ def create_compute_manifest(config, messages): ssh_keys_details[key]['type'] = host_key_type config['SSH_KEYS'] = ssh_keys_details - ssh_hostkeys += getManifestTemplate("sshkey.pp") + ssh_hostkeys += getManifestTemplate("sshkey") for host in compute_hosts: config["CONFIG_NOVA_COMPUTE_HOST"] = host - manifestdata = getManifestTemplate("nova_compute.pp") + manifestdata = getManifestTemplate("nova_compute") fw_details = dict() cf_fw_qemu_mig_key = "FIREWALL_NOVA_QEMU_MIG_RULES_%s" % host @@ -520,17 +520,17 @@ def create_compute_manifest(config, messages): manifestdata += createFirewallResources(cf_fw_qemu_mig_key) if config['CONFIG_VMWARE_BACKEND'] == 'y': - manifestdata += getManifestTemplate("nova_compute_vmware.pp") + manifestdata += getManifestTemplate("nova_compute_vmware") else: - manifestdata += getManifestTemplate("nova_compute_libvirt.pp") + manifestdata += getManifestTemplate("nova_compute_libvirt") if (config['CONFIG_VMWARE_BACKEND'] != 'y' and config['CONFIG_CINDER_INSTALL'] == 'y' and 'gluster' in config['CONFIG_CINDER_BACKEND']): - manifestdata += getManifestTemplate("nova_gluster.pp") + manifestdata += getManifestTemplate("nova_gluster") if (config['CONFIG_VMWARE_BACKEND'] != 'y' and config['CONFIG_CINDER_INSTALL'] == 'y' and 'nfs' in config['CONFIG_CINDER_BACKEND']): - manifestdata += getManifestTemplate("nova_nfs.pp") + manifestdata += getManifestTemplate("nova_nfs") manifestfile = "%s_nova.pp" % host nova_config_options = NovaConfig() @@ -550,7 +550,7 @@ def create_compute_manifest(config, messages): if config['CONFIG_CEILOMETER_INSTALL'] == 'y': mq_template = get_mq(config, "nova_ceilometer") manifestdata += getManifestTemplate(mq_template) - manifestdata += getManifestTemplate("nova_ceilometer.pp") + manifestdata += getManifestTemplate("nova_ceilometer") fw_details = dict() key = "nova_compute" @@ -602,26 +602,26 @@ def create_network_manifest(config, messages): config['CONFIG_NOVA_NETWORK_FIXEDSIZE'] = str(net_size) manifestfile = "%s_nova.pp" % host - manifestdata = getManifestTemplate("nova_network.pp") + manifestdata = getManifestTemplate("nova_network") # Restart libvirt if we deploy nova network on compute if host in compute_hosts: - manifestdata += getManifestTemplate("nova_network_libvirt.pp") + manifestdata += getManifestTemplate("nova_network_libvirt") # in multihost mode each compute host runs nova-api-metadata if multihost and host != api_host and host in compute_hosts: - manifestdata += getManifestTemplate("nova_metadata.pp") + manifestdata += getManifestTemplate("nova_metadata") appendManifestFile(manifestfile, manifestdata) def create_sched_manifest(config, messages): manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nova_sched.pp") + manifestdata = getManifestTemplate("nova_sched") appendManifestFile(manifestfile, manifestdata) def create_vncproxy_manifest(config, messages): manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nova_vncproxy.pp") + manifestdata = getManifestTemplate("nova_vncproxy") appendManifestFile(manifestfile, manifestdata) @@ -666,9 +666,9 @@ def create_common_manifest(config, messages): data = getManifestTemplate(get_mq(config, "nova_common")) if pw_in_sqlconn: - data += getManifestTemplate("nova_common_pw.pp") + data += getManifestTemplate("nova_common_pw") else: - data += getManifestTemplate("nova_common_nopw.pp") + data += getManifestTemplate("nova_common_nopw") appendManifestFile(os.path.split(manifestfile)[1], data) @@ -681,5 +681,5 @@ def create_neutron_manifest(config, messages): for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): - data = getManifestTemplate("nova_neutron.pp") + data = getManifestTemplate("nova_neutron") appendManifestFile(os.path.split(manifestfile)[1], data) diff --git a/packstack/plugins/openstack_client_400.py b/packstack/plugins/openstack_client_400.py index 1ea2f6260..fca78d8a3 100644 --- a/packstack/plugins/openstack_client_400.py +++ b/packstack/plugins/openstack_client_400.py @@ -61,7 +61,7 @@ def create_manifest(config, messages): root_home != homedir) config['NO_ROOT_USER_ALLINONE'] = no_root_allinone and True or False - manifestdata = getManifestTemplate("openstack_client.pp") + manifestdata = getManifestTemplate("openstack_client") appendManifestFile(manifestfile, manifestdata) msg = ("File %s/keystonerc_admin has been created on OpenStack client host" diff --git a/packstack/plugins/postscript_948.py b/packstack/plugins/postscript_948.py index 2736c108f..74c7f9724 100644 --- a/packstack/plugins/postscript_948.py +++ b/packstack/plugins/postscript_948.py @@ -41,7 +41,7 @@ def initSequences(controller): def create_manifest(config, messages): for hostname in filtered_hosts(config): manifestfile = "%s_postscript.pp" % hostname - manifestdata = getManifestTemplate("postscript.pp") + manifestdata = getManifestTemplate("postscript") appendManifestFile(manifestfile, manifestdata, 'postscript') # TO-DO: remove this temporary fix for nova-network/neutron # undeterministic behavior @@ -52,5 +52,5 @@ def create_manifest(config, messages): if config.get('CONFIG_NEUTRON_INSTALL', 'n') == 'y' and provision: fmted = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-', '_') config['EXT_BRIDGE_VAR'] = fmted - manifestdata = getManifestTemplate("persist_ovs_bridge.pp") + manifestdata = getManifestTemplate("persist_ovs_bridge") appendManifestFile(manifestfile, manifestdata, 'postscript') diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 1b1d12d9b..4a6152c88 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -669,7 +669,7 @@ def create_manifest(config, messages): for hostname in filtered_hosts(config): manifestfile = "%s_prescript.pp" % hostname - manifestdata = getManifestTemplate("prescript.pp") + manifestdata = getManifestTemplate("prescript") appendManifestFile(manifestfile, manifestdata) @@ -690,13 +690,13 @@ def create_ntp_manifest(config, messages): # Configure chrony for Fedora or RHEL/CentOS 7 if releaseos == 'Fedora' or releasever == '7': - manifestdata = getManifestTemplate('chrony.pp') + manifestdata = getManifestTemplate('chrony') appendManifestFile('%s_chrony.pp' % hostname, manifestdata, marker=marker) # For previous versions, configure ntpd else: - manifestdata = getManifestTemplate('ntpd.pp') + manifestdata = getManifestTemplate('ntpd') appendManifestFile('%s_ntpd.pp' % hostname, manifestdata, marker=marker) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 3c88c01b7..437d183c7 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -287,7 +287,7 @@ def using_neutron(config): def create_demo_manifest(config, messages): using_neutron(config) manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST'] - manifest_data = getManifestTemplate("provision_demo.pp") + manifest_data = getManifestTemplate("provision_demo") appendManifestFile(manifest_file, manifest_data) @@ -296,10 +296,10 @@ def create_storage_manifest(config, messages): config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] if config['CONFIG_PROVISION_TEMPEST']: - template = "provision_tempest_glance.pp" + template = "provision_tempest_glance" else: - template = "provision_demo_glance.pp" - manifest_file = '%s_provision_glance.pp' % config['CONFIG_STORAGE_HOST'] + template = "provision_demo_glance" + manifest_file = '%s_provision_glance' % config['CONFIG_STORAGE_HOST'] manifest_data = getManifestTemplate(template) appendManifestFile(manifest_file, manifest_data) @@ -308,5 +308,5 @@ def create_tempest_manifest(config, messages): using_neutron(config) manifest_file = '%s_provision_tempest.pp' % \ config['CONFIG_CONTROLLER_HOST'] - manifest_data = getManifestTemplate("provision_tempest.pp") + manifest_data = getManifestTemplate("provision_tempest") appendManifestFile(manifest_file, manifest_data) diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 4f121f563..2a58aac03 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -251,7 +251,7 @@ def create_keystone_manifest(config, messages): global devices devices = parse_devices(config) manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_swift.pp") + manifestdata = getManifestTemplate("keystone_swift") appendManifestFile(manifestfile, manifestdata) @@ -267,7 +267,7 @@ def device_def(dev_type, host, dev_port, devicename, zone): return fmt % (dev_type, host, dev_port, devicename, zone) manifestfile = "%s_ring_swift.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("swift_builder.pp") + manifestdata = getManifestTemplate("swift_builder") # Add each device to the ring devicename = 0 @@ -285,7 +285,7 @@ def device_def(dev_type, host, dev_port, devicename, zone): def create_proxy_manifest(config, messages): manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("swift_proxy.pp") + manifestdata = getManifestTemplate("swift_proxy") fw_details = dict() key = "swift_proxy" @@ -305,7 +305,7 @@ def create_storage_manifest(config, messages): global devices manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("swift_storage.pp") + manifestdata = getManifestTemplate("swift_storage") # this need to happen once per storage device for device in devices: @@ -321,7 +321,7 @@ def create_storage_manifest(config, messages): else: # create loopback device if none was specified config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config) - manifestdata += "\n" + getManifestTemplate("swift_loopback.pp") + manifestdata += "\n" + getManifestTemplate("swift_loopback") # set allowed hosts for firewall hosts = set([config['CONFIG_CONTROLLER_HOST']]) @@ -346,5 +346,5 @@ def create_storage_manifest(config, messages): def create_common_manifest(config, messages): for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_swift.pp"): - data = getManifestTemplate("swift_common.pp") + data = getManifestTemplate("swift_common") appendManifestFile(os.path.split(manifestfile)[1], data) From ab23c7e6b316f8231567836915ba95b3095eff3f Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 16 Dec 2014 09:09:39 -0500 Subject: [PATCH 0204/1017] Fix deprecations token_format to token_provider connection to database_connection keystone_host to keystone_url Change-Id: Ibba64f2052b5bbd570d45acea15e7ed1ee47edec --- packstack/puppet/templates/horizon.pp | 4 +++- packstack/puppet/templates/keystone.pp | 3 ++- packstack/puppet/templates/neutron_api.pp | 1 - 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 408f27c55..411e0c258 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -1,5 +1,7 @@ include packstack::apache_common +$keystone_host = hiera('CONFIG_CONTROLLER_HOST') + $horizon_packages = ['python-memcached', 'python-netaddr'] package { $horizon_packages: @@ -14,7 +16,7 @@ class {'horizon': secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'), - keystone_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_url => "http://${keystone_host}:5000/v2.0", keystone_default_role => '_member_', # fqdn => [hiera('CONFIG_CONTROLLER_HOST'), "$::fqdn", 'localhost'], # TO-DO: Parameter fqdn is used both for ALLOWED_HOSTS in settings_local.py diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index f2a8e5d20..fc17a8a2f 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -3,11 +3,12 @@ $keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') $keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$keystone_token_provider_str = downcase(hiera('CONFIG_KEYSTONE_TOKEN_FORMAT')) class { 'keystone': admin_token => hiera('CONFIG_KEYSTONE_ADMIN_TOKEN'), database_connection => "mysql://keystone_admin:${keystone_cfg_ks_db_pw}@${keystone_cfg_mariadb_host}/keystone", - token_format => hiera('CONFIG_KEYSTONE_TOKEN_FORMAT'), + token_provider => "keystone.token.providers.${keystone_token_provider_str}.Provider", verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), service_name => $keystone_service_name, diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index 39d498cbc..b0a6f37f2 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -1,6 +1,5 @@ class { 'neutron::server': database_connection => $neutron_sql_connection, - connection => $neutron_sql_connection, auth_password => $neutron_user_password, auth_host => hiera('CONFIG_CONTROLLER_HOST'), enabled => true, From e07307b436420490a4cd4df1d85d1143cf8b0e5f Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 16 Dec 2014 17:55:18 +0100 Subject: [PATCH 0205/1017] Fix duplicate declaration of neutron_tunnel firewall rule If we have more than one network node we have to ensure firewall rules are generated with not only host but also destination ip in name. Change-Id: I6c990fe301731078ddfa42de9552a591336b6788 Resolves: rhbz#1174001 --- packstack/plugins/neutron_350.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index a35975c65..3b1720887 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -593,9 +593,9 @@ def create_manifests(config, messages): # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): - cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s" - % host) for n_host in network_hosts: + cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" + % (host, n_host)) fw_details = dict() key = "neutron_tunnel_%s_%s" % (host, n_host) fw_details.setdefault(key, {}) From e6c9fb738d28ffa30101c97e10722e53a86e4439 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 17 Dec 2014 17:09:46 +0100 Subject: [PATCH 0206/1017] Ensure yum-utils is installed on nodes before running yum-config Change-Id: Ie77b9f70087116ebbbbf6376a4379a3bb3e078f2 Resolves: rhbz#1093828 --- packstack/plugins/serverprep_001.py | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index e35f03065..c408922e7 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -530,6 +530,7 @@ def manage_epel(host, config): enabled = '(0|False)' server.clear() + server.append('rpm -q yum-utils || yum -y install yum-utils') server.append('yum-config-manager --%(cmd)s epel' % locals()) rc, out = server.execute() From c3828202e73e2fe3063f25ca267f38b297ab933d Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 18 Dec 2014 13:54:02 +0100 Subject: [PATCH 0207/1017] [Rabbitmq] allow non-localhost connections to 'guest' user From fedora 22+ rabbitmq is less permissive on guest user, we have to allow access on this user from other hosts. Change-Id: Ic94d97c146b151cde11bcc62e1ce14703b433053 Resolves: rhbz#1175428 --- packstack/puppet/templates/amqp.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 509087510..20ad88dc2 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -30,7 +30,8 @@ package_provider => 'yum', admin_enable => false, config_variables => { - 'tcp_listen_options' => "[binary,{packet, raw},{reuseaddr, true},{backlog, 128},{nodelay, true},{exit_on_close, false},{keepalive, true}]" + 'tcp_listen_options' => "[binary,{packet, raw},{reuseaddr, true},{backlog, 128},{nodelay, true},{exit_on_close, false},{keepalive, true}]", + 'loopback_users' => "[]", } } From 665d11a07736d9f63999bdff0471d5d98a56b6b2 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 18 Dec 2014 14:38:41 +0100 Subject: [PATCH 0208/1017] [Provision] Don't provision glance images if Glance wasn't installed Change-Id: I307a1c273d3a410edd69eade880b93ccddb17ae6 Resolves: rhbz#1175726 --- packstack/plugins/provision_700.py | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 437d183c7..0be3f0c4e 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -292,16 +292,17 @@ def create_demo_manifest(config, messages): def create_storage_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - - if config['CONFIG_PROVISION_TEMPEST']: - template = "provision_tempest_glance" - else: - template = "provision_demo_glance" - manifest_file = '%s_provision_glance' % config['CONFIG_STORAGE_HOST'] - manifest_data = getManifestTemplate(template) - appendManifestFile(manifest_file, manifest_data) + if config['CONFIG_GLANCE_INSTALL'] == 'y': + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + if config['CONFIG_PROVISION_TEMPEST']: + template = "provision_tempest_glance" + else: + template = "provision_demo_glance" + manifest_file = '%s_provision_glance' % config['CONFIG_STORAGE_HOST'] + manifest_data = getManifestTemplate(template) + appendManifestFile(manifest_file, manifest_data) def create_tempest_manifest(config, messages): From 2edd3aeba85566b68d6cc8edc0fafc47380a577c Mon Sep 17 00:00:00 2001 From: "Robbie Harwood (frozencemetery)" Date: Tue, 2 Dec 2014 17:45:02 -0500 Subject: [PATCH 0209/1017] Sahara support to Packstack in time for Juno Change-Id: Ic5381aede97d03d79151700afa3257ae8b1fd277 --- docs/packstack.rst | 16 ++- packstack/plugins/mariadb_003.py | 2 +- packstack/plugins/prescript_000.py | 35 ++++++ packstack/plugins/puppet_950.py | 6 +- packstack/plugins/sahara_800.py | 105 ++++++++++++++++++ packstack/puppet/templates/keystone_sahara.pp | 6 + .../templates/mariadb_sahara_install.pp | 5 + .../templates/mariadb_sahara_noinstall.pp | 28 +++++ packstack/puppet/templates/sahara.pp | 19 ++++ packstack/puppet/templates/sahara_qpid.pp | 7 ++ packstack/puppet/templates/sahara_rabbitmq.pp | 6 + 11 files changed, 230 insertions(+), 5 deletions(-) create mode 100644 packstack/plugins/sahara_800.py create mode 100644 packstack/puppet/templates/keystone_sahara.pp create mode 100644 packstack/puppet/templates/mariadb_sahara_install.pp create mode 100644 packstack/puppet/templates/mariadb_sahara_noinstall.pp create mode 100644 packstack/puppet/templates/sahara.pp create mode 100644 packstack/puppet/templates/sahara_qpid.pp create mode 100644 packstack/puppet/templates/sahara_rabbitmq.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index 681d128c7..bcce6aabb 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -41,6 +41,9 @@ Global Options **CONFIG_SWIFT_INSTALL** Set to 'y' if you would like Packstack to install Swift ['y', 'n']. +**CONFIG_SAHARA_INSTALL** + Set to 'y' if you would like Packstack to install Sahara ['y', 'n']. + **CONFIG_CLIENT_INSTALL** Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. @@ -509,7 +512,6 @@ Neutron Config Parameters **CONFIG_NEUTRON_ML2_VNI_RANGES** A comma separated list of **:** tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. - Provision Config Parameters --------------------------- @@ -540,6 +542,18 @@ Provision Config Parameters **CONFIG_PROVISION_TEMPEST_REPO_URI** The uri of the tempest git repository to use. +Sahara Config Parameters +------------------------ + +**CONFIG_SAHARA_DB_PW** + The password to use for Sahara to access DB. + +**CONFIG_SAHARA_HOST** + The IP address of the server on which to install Sahara if Sahara is being installed. + +**CONFIG_SAHARA_KS_PW** + The password to use for Sahara to authenticate with Keystone. + Log files and Debug info ------------------------ diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 91d542421..915def2ff 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -105,7 +105,7 @@ def append_for(module, suffix): manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) - for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: + for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat', 'sahara']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 4a6152c88..1336b8d48 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -234,6 +234,24 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "os-sahara-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Clustering (Sahara)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Clustering (Sahara)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_SAHARA_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "os-client-install", "USAGE": ( "Set to 'y' if you would like Packstack to install " @@ -528,6 +546,23 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CONF_NAME": "CONFIG_SAHARA_HOST", + "CMD_OPTION": "os-sahara-host", + "USAGE": ( + "(Unsupported!) The IP address of the server on which " + "to install OpenStack services specific to Sahara" + ), + "PROMPT": "Enter the IP address of the Sahara host", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip, + validators.validate_ssh], + "DEFAULT_VALUE": utils.get_localhost_ip(), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ] } diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index ae8bb0594..803a00d4c 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -176,9 +176,9 @@ def copy_puppet_modules(config, messages): 'inifile', 'keystone', 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', 'packstack', 'qpid', 'rabbitmq', 'redis', 'remote', - 'rsync', 'ssh', 'stdlib', 'swift', 'sysctl', - 'tempest', 'vcsrepo', 'vlan', 'vswitch', 'xinetd', - 'openstacklib')) + 'rsync', 'sahara', 'ssh', 'stdlib', 'swift', + 'sysctl', 'tempest', 'vcsrepo', 'vlan', 'vswitch', + 'xinetd', 'openstacklib')) # write puppet manifest to disk manifestfiles.writeManifests() diff --git a/packstack/plugins/sahara_800.py b/packstack/plugins/sahara_800.py new file mode 100644 index 000000000..d3e7c11f7 --- /dev/null +++ b/packstack/plugins/sahara_800.py @@ -0,0 +1,105 @@ +# -*- coding: utf-8 -*- + +""" +Installs and configures Sahara +""" + +from packstack.installer import utils +from packstack.installer import validators +from packstack.installer import processors +from packstack.modules.shortcuts import get_mq +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile, + createFirewallResources) + +#------------------ Sahara installer initialization ------------------ + +PLUGIN_NAME = "OS-Sahara" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, "blue") + + +def initConfig(controller): + params = [ + {"CONF_NAME": "CONFIG_SAHARA_DB_PW", + "CMD_OPTION": "sahara-db-passwd", + "PROMPT": "Enter the password to use for Sahara to access the DB", + "USAGE": "The password to use for the Sahara DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_SAHARA_KS_PW", + "CMD_OPTION": "sahara-ks-passwd", + "USAGE": ("The password to use for Sahara to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for Sahara Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + ] + group = {"GROUP_NAME": "SAHARA", + "DESCRIPTION": "Sahara Config parameters", + "PRE_CONDITION": "CONFIG_SAHARA_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + controller.addGroup(group, params) + + +def initSequences(controller): + conf = controller.CONF + if conf["CONFIG_SAHARA_INSTALL"] != 'y': + return + + saharasteps = [ + {"title": "Adding Sahara Keystone manifest entries", + "functions": [create_keystone_manifest]}, + {"title": "Adding Sahara manifest entries", + "functions": [create_manifest]}, + ] + controller.addSequence("Installing Sahara", [], [], saharasteps) + +#-------------------------- step functions -------------------------- + + +def create_keystone_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_SAHARA_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("keystone_sahara") + appendManifestFile(manifestfile, manifestdata) + + +def create_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestfile = "%s_sahara.pp" % config['CONFIG_STORAGE_HOST'] + manifestdata = getManifestTemplate(get_mq(config, "sahara")) + manifestdata += getManifestTemplate("sahara.pp") + + fw_details = dict() + key = "sahara-api" + fw_details.setdefault(key, {}) + fw_details[key]["host"] = "ALL" + fw_details[key]["service_name"] = "sahara api" + fw_details[key]["chain"] = "INPUT" + fw_details[key]["ports"] = ["8386"] + fw_details[key]["proto"] = "tcp" + config["FIREWALL_SAHARA_CFN_RULES"] = fw_details + + manifestdata += createFirewallResources("FIREWALL_SAHARA_CFN_RULES") + appendManifestFile(manifestfile, manifestdata, marker='sahara') diff --git a/packstack/puppet/templates/keystone_sahara.pp b/packstack/puppet/templates/keystone_sahara.pp new file mode 100644 index 000000000..e8b3ea3c4 --- /dev/null +++ b/packstack/puppet/templates/keystone_sahara.pp @@ -0,0 +1,6 @@ +class { 'sahara::keystone::auth': + password => hiera('CONFIG_SAHARA_KS_PW'), + public_address => hiera('CONFIG_SAHARA_HOST'), + admin_address => hiera('CONFIG_SAHARA_HOST'), + internal_address => hiera('CONFIG_SAHARA_HOST'), +} diff --git a/packstack/puppet/templates/mariadb_sahara_install.pp b/packstack/puppet/templates/mariadb_sahara_install.pp new file mode 100644 index 000000000..d284aed82 --- /dev/null +++ b/packstack/puppet/templates/mariadb_sahara_install.pp @@ -0,0 +1,5 @@ +class { 'sahara::db::mysql': + password => hiera('CONFIG_SAHARA_DB_PW'), + host => '%%', + allowed_hosts => '%%', +} diff --git a/packstack/puppet/templates/mariadb_sahara_noinstall.pp b/packstack/puppet/templates/mariadb_sahara_noinstall.pp new file mode 100644 index 000000000..3d7968ce3 --- /dev/null +++ b/packstack/puppet/templates/mariadb_sahara_noinstall.pp @@ -0,0 +1,28 @@ +remote_database { 'sahara': + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', +} + +$sahara_cfg_sahara_db_pw = hiera('CONFIG_SAHARA_DB_PW') + +remote_database_user { 'sahara@%%': + password_hash => mysql_password($sahara_cfg_sahara_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['sahara'], +} + +remote_database_grant { 'sahara@%%/sahara': + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['sahara@%%'], +} diff --git a/packstack/puppet/templates/sahara.pp b/packstack/puppet/templates/sahara.pp new file mode 100644 index 000000000..b9d23a81b --- /dev/null +++ b/packstack/puppet/templates/sahara.pp @@ -0,0 +1,19 @@ +$sahara_cfg_sahara_db_pw = hiera('CONFIG_SAHARA_DB_PW') +$sahara_cfg_sahara_mariadb_host = hiera('CONFIG_MARIADB_HOST') + +$sahara_cfg_config_neutron_install = hiera('CONFIG_NEUTRON_INSTALL') + +$sahara_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') +class { 'sahara': + database_connection => + "mysql://sahara:${sahara_cfg_sahara_db_pw}@${sahara_cfg_sahara_mariadb_host}/sahara", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), + os_username => 'admin', + os_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), + os_tenant_name => 'admin', + os_auth_url => "http://${sahara_cfg_controller_host}:5000/v2.0", + identity_url => "http://${sahara_cfg_controller_host}:35357/", + use_neutron => ($sahara_cfg_controller_host == 'y'), + service_host => hiera('CONFIG_SAHARA_HOST'), +} diff --git a/packstack/puppet/templates/sahara_qpid.pp b/packstack/puppet/templates/sahara_qpid.pp new file mode 100644 index 000000000..19fb8b861 --- /dev/null +++ b/packstack/puppet/templates/sahara_qpid.pp @@ -0,0 +1,7 @@ +class { 'sahara::notify::qpid': + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_PASSWORD'), +} diff --git a/packstack/puppet/templates/sahara_rabbitmq.pp b/packstack/puppet/templates/sahara_rabbitmq.pp new file mode 100644 index 000000000..125df13df --- /dev/null +++ b/packstack/puppet/templates/sahara_rabbitmq.pp @@ -0,0 +1,6 @@ +class { 'sahara::notify::rabbitmq': + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), +} From ac26b748625f41dbbc5d0e4e6d8459b224d80356 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 19 Dec 2014 14:43:57 +0100 Subject: [PATCH 0210/1017] Load br_netfilter module on Fedora 22+ /proc/sys/net/bridge/* is now provided by br_netfilter module Change-Id: Ib575bb234991f9d58c40c0472a2f2e99aab74cb3 --- .../puppet/modules/packstack/manifests/neutron/bridge.pp | 8 ++++++++ .../packstack/templates/openstack-neutron.modules.erb | 1 + 2 files changed, 9 insertions(+) diff --git a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp index fbf6af593..81ba8fb7d 100644 --- a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp +++ b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp @@ -2,6 +2,14 @@ # Loads bridge modules and sets appropriate sysctl.conf variables class packstack::neutron::bridge { + if $::operatingsystem == 'Fedora' and (is_integer($::operatingsystemrelease) and $::operatingsystemrelease >= 22 or $::operatingsystemrelease == 'Rawhide') { + exec { 'load-br-netfilter': + path => ['/sbin', '/usr/sbin'], + command => 'modprobe -b br_netfilter', + logoutput => 'on_failure', + before => Exec['load-bridge'], + } + } file { 'bridge-module-loader': path => '/etc/sysconfig/modules/openstack-neutron.modules', ensure => present, diff --git a/packstack/puppet/modules/packstack/templates/openstack-neutron.modules.erb b/packstack/puppet/modules/packstack/templates/openstack-neutron.modules.erb index 8ac4fea87..81cc1b110 100644 --- a/packstack/puppet/modules/packstack/templates/openstack-neutron.modules.erb +++ b/packstack/puppet/modules/packstack/templates/openstack-neutron.modules.erb @@ -1,3 +1,4 @@ #!/bin/sh modprobe -b bridge >/dev/null 2>&1 +modprobe -b br_netfilter >/dev/null 2>&1 exit 0 From ab47974d481871408c09e5942360389077d6dce7 Mon Sep 17 00:00:00 2001 From: Solly Ross Date: Wed, 8 Oct 2014 16:23:40 -0400 Subject: [PATCH 0211/1017] Trove Support This commit adds support for Trove to Packstack. Change-Id: I8a4c00099da3f78f44a7fd25c094a42fa54bb447 --- docs/packstack.rst | 21 +++ packstack/plugins/mariadb_003.py | 3 +- packstack/plugins/prescript_000.py | 18 ++ packstack/plugins/puppet_950.py | 13 +- packstack/plugins/trove_850.py | 159 ++++++++++++++++++ packstack/puppet/templates/keystone_trove.pp | 8 + .../puppet/templates/mariadb_trove_install.pp | 6 + .../templates/mariadb_trove_noinstall.pp | 29 ++++ packstack/puppet/templates/trove.pp | 25 +++ packstack/puppet/templates/trove_qpid.pp | 21 +++ packstack/puppet/templates/trove_rabbitmq.pp | 19 +++ 11 files changed, 315 insertions(+), 7 deletions(-) create mode 100644 packstack/plugins/trove_850.py create mode 100644 packstack/puppet/templates/keystone_trove.pp create mode 100644 packstack/puppet/templates/mariadb_trove_install.pp create mode 100644 packstack/puppet/templates/mariadb_trove_noinstall.pp create mode 100644 packstack/puppet/templates/trove.pp create mode 100644 packstack/puppet/templates/trove_qpid.pp create mode 100644 packstack/puppet/templates/trove_rabbitmq.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index bcce6aabb..9b901c3c7 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -68,6 +68,9 @@ Global Options **CONFIG_MARIADB_INSTALL** Set to 'y' if you would like Packstack to install MariaDB. +**CONFIG_TROVE_INSTALL** + Set to 'y' if you would like Packstack to install Openstack Database (Trove) + **CONFIG_CONTROLLER_HOST** The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. This parameter replaced following deprecated parameters: CONFIG_CEILOMETER_HOST, CONFIG_CINDER_HOST, CONFIG_GLANCE_HOST, CONFIG_HORIZON_HOST, CONFIG_HEAT_HOST, CONFIG_KEYSTONE_HOST, CONFIG_NAGIOS_HOST, CONFIG_NEUTRON_SERVER_HOST, CONFIG_NEUTRON_LBAAS_HOSTS, CONFIG_NOVA_API_HOST, CONFIG_NOVA_CERT_HOST, CONFIG_NOVA_VNCPROXY_HOST, CONFIG_NOVA_SCHED_HOST, CONFIG_OSCLIENT_HOST, CONFIG_SWIFT_PROXY_HOSTS. @@ -512,6 +515,24 @@ Neutron Config Parameters **CONFIG_NEUTRON_ML2_VNI_RANGES** A comma separated list of **:** tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. +Trove Config Parameters +----------------------- + +**CONFIG_TROVE_DB_PW** + The password to use for Trove to access DB. + +**CONFIG_TROVE_KS_PW** + The password to use for Trove to authenticate with Keystone. + +**CONFIG_TROVE_NOVA_USER** + The user to use when Trove launches instances in Nova + +**CONFIG_TROVE_NOVA_TENANT** + The tenant to use when Trove launches instances in Nova + +**CONFIG_TROVE_NOVA_PW** + The password to use when Trove launches instances in Nova + Provision Config Parameters --------------------------- diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 915def2ff..0d66de308 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -105,7 +105,8 @@ def append_for(module, suffix): manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) - for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat', 'sahara']: + for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat', 'sahara', + 'trove']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 1336b8d48..c10b0963c 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -252,6 +252,24 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "os-trove-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Database (Trove)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Database (Trove)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_TROVE_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "os-client-install", "USAGE": ( "Set to 'y' if you would like Packstack to install " diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 803a00d4c..49105253d 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -173,12 +173,13 @@ def install_deps(config, messages): def copy_puppet_modules(config, messages): os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder', 'concat', 'firewall', 'glance', 'heat', 'horizon', - 'inifile', 'keystone', 'memcached', 'mongodb', - 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', - 'packstack', 'qpid', 'rabbitmq', 'redis', 'remote', - 'rsync', 'sahara', 'ssh', 'stdlib', 'swift', - 'sysctl', 'tempest', 'vcsrepo', 'vlan', 'vswitch', - 'xinetd', 'openstacklib')) + 'inifile', 'keystone', 'memcached', + 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', + 'openstack', 'packstack', 'qpid', 'rabbitmq', + 'redis', 'remote', 'rsync', 'sahara', 'ssh', + 'stdlib', 'swift', 'sysctl', 'tempest', 'trove', + 'vcsrepo', 'vlan', 'vswitch', 'xinetd', + 'openstacklib')) # write puppet manifest to disk manifestfiles.writeManifests() diff --git a/packstack/plugins/trove_850.py b/packstack/plugins/trove_850.py new file mode 100644 index 000000000..6a8916df7 --- /dev/null +++ b/packstack/plugins/trove_850.py @@ -0,0 +1,159 @@ +# -*- coding: utf-8 -*- + +""" +Installs and configures Trove +""" + +import uuid + +from packstack.installer import utils +from packstack.installer import validators +from packstack.installer import processors +from packstack.modules.shortcuts import get_mq +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile, + createFirewallResources) + + +# ------------------ Trove Packstack Plugin initialization ------------------ + +PLUGIN_NAME = "OS-Trove" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') + + +# NOVA_USER, NOVA_TENANT, NOVA_PW + +def process_trove_nova_pw(param, param_name, config=None): + if (param == 'PW_PLACEHOLDER' and + config['CONFIG_TROVE_NOVA_USER'] == 'admin'): + return config['CONFIG_KEYSTONE_ADMIN_PW'] + else: + return param + + +def initConfig(controller): + parameters = [ + {"CONF_NAME": "CONFIG_TROVE_DB_PW", + "CMD_OPTION": "trove-db-passwd", + "PROMPT": "Enter the password to use for Trove to access the DB", + "USAGE": "The password to use for the Trove DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_TROVE_KS_PW", + "CMD_OPTION": "trove-ks-passwd", + "USAGE": ("The password to use for Trove to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for Trove Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_TROVE_NOVA_USER", + "CMD_OPTION": "trove-nova-user", + "USAGE": "The user to use when Trove connects to Nova", + "PROMPT": "Enter the user for Trove to use to connect to Nova", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "admin", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_TROVE_NOVA_TENANT", + "CMD_OPTION": "trove-nova-tenant", + "USAGE": "The tenant to use when Trove connects to Nova", + "PROMPT": "Enter the tenant for Trove to use to connect to Nova", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "services", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_TROVE_NOVA_PW", + "CMD_OPTION": "trove-nova-passwd", + "USAGE": "The password to use when Trove connects to Nova", + "PROMPT": "Enter the password for Trove to use to connect to Nova", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", # default is admin pass + "PROCESSORS": [process_trove_nova_pw], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + ] + + group = {"GROUP_NAME": "Trove", + "DESCRIPTION": "Trove config parameters", + "PRE_CONDITION": "CONFIG_TROVE_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + + controller.addGroup(group, parameters) + + +def initSequences(controller): + config = controller.CONF + if config['CONFIG_TROVE_INSTALL'] != 'y': + return + + steps = [ + {'title': 'Adding Trove Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Trove manifest entries', + 'functions': [create_manifest]}, + ] + + controller.addSequence("Installing Trove", [], [], steps) + +# ------------------------ step functions -------------------------- + + +def create_keystone_manifest(config, messages): + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("keystone_trove.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_manifest(config, messages): + if (config['CONFIG_TROVE_NOVA_USER'] == 'admin' and + config['CONFIG_TROVE_NOVA_PW'] == ''): + config['CONFIG_TROVE_NOVA_PW'] = config['CONFIG_KEYSTONE_ADMIN_PW'] + + manifestfile = "%s_trove.pp" % config["CONFIG_CONTROLLER_HOST"] + manifestdata = getManifestTemplate(get_mq(config, "trove")) + manifestdata += getManifestTemplate('trove.pp') + + fw_details = dict() + key = "trove" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "trove api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8779'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_TROVE_API_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_TROVE_API_RULES') + appendManifestFile(manifestfile, manifestdata, marker='trove') diff --git a/packstack/puppet/templates/keystone_trove.pp b/packstack/puppet/templates/keystone_trove.pp new file mode 100644 index 000000000..85ca06ea7 --- /dev/null +++ b/packstack/puppet/templates/keystone_trove.pp @@ -0,0 +1,8 @@ + +class { 'trove::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_TROVE_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), +} diff --git a/packstack/puppet/templates/mariadb_trove_install.pp b/packstack/puppet/templates/mariadb_trove_install.pp new file mode 100644 index 000000000..c76be844b --- /dev/null +++ b/packstack/puppet/templates/mariadb_trove_install.pp @@ -0,0 +1,6 @@ +class { 'trove::db::mysql': + password => hiera('CONFIG_TROVE_DB_PW'), + host => '%%', + allowed_hosts => '%%', + charset => 'utf8', +} diff --git a/packstack/puppet/templates/mariadb_trove_noinstall.pp b/packstack/puppet/templates/mariadb_trove_noinstall.pp new file mode 100644 index 000000000..b8758c835 --- /dev/null +++ b/packstack/puppet/templates/mariadb_trove_noinstall.pp @@ -0,0 +1,29 @@ + +remote_database {'trove': + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', +} + +$trove_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') + +remote_database_user { 'trove@%%': + password_hash => mysql_password($trove_cfg_trove_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['trove'], +} + +remote_database_grant { 'trove@%%/trove': + privileges => "all", + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['trove@%%'], +} diff --git a/packstack/puppet/templates/trove.pp b/packstack/puppet/templates/trove.pp new file mode 100644 index 000000000..0d1304f93 --- /dev/null +++ b/packstack/puppet/templates/trove.pp @@ -0,0 +1,25 @@ +class { 'trove::api': + enabled => true, + keystone_password => hiera('CONFIG_TROVE_KS_PW'), + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_port => 35357, + cert_file => false, + key_file => false, + ca_file => false, + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), +} + +$trove_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + +class { 'trove::conductor': + auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), +} + +class { 'trove::taskmanager': + auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), +} diff --git a/packstack/puppet/templates/trove_qpid.pp b/packstack/puppet/templates/trove_qpid.pp new file mode 100644 index 000000000..ccafee0c4 --- /dev/null +++ b/packstack/puppet/templates/trove_qpid.pp @@ -0,0 +1,21 @@ +$trove_qpid_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') +$trove_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$trove_qpid_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') + +class { 'trove': + rpc_backend => 'trove.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + database_connection => "mysql://trove:${trove_qpid_cfg_trove_db_pw}@${trove_qpid_cfg_mariadb_host}/trove", + nova_proxy_admin_user => hiera('CONFIG_TROVE_NOVA_USER'), + nova_proxy_admin_tenant_name => hiera('CONFIG_TROVE_NOVA_TENANT'), + nova_proxy_admin_pass => hiera('CONFIG_TROVE_NOVA_PW'), + nova_compute_url => "http://${trove_qpid_cfg_controller_host}:8774/v2", + cinder_url => "http://${trove_qpid_cfg_controller_host}:8776/v1", + swift_url => "http://${trove_qpid_cfg_controller_host}:8080/v1/AUTH_", + use_neutron => hiera('CONFIG_NEUTRON_INSTALL'), +} + diff --git a/packstack/puppet/templates/trove_rabbitmq.pp b/packstack/puppet/templates/trove_rabbitmq.pp new file mode 100644 index 000000000..c94848989 --- /dev/null +++ b/packstack/puppet/templates/trove_rabbitmq.pp @@ -0,0 +1,19 @@ +$trove_rabmq_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') +$trove_rabmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$trove_rabmq_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') + +class { 'trove': + rpc_backend => 'trove.openstack.common.rpc.impl_kombu', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + database_connection => "mysql://trove:${trove_rabmq_cfg_trove_db_pw}@${trove_rabmq_cfg_mariadb_host}/trove", + nova_proxy_admin_user => hiera('CONFIG_TROVE_NOVA_USER'), + nova_proxy_admin_tenant_name => hiera('CONFIG_TROVE_NOVA_TENANT'), + nova_proxy_admin_pass => hiera('CONFIG_TROVE_NOVA_PW'), + nova_compute_url => "http://${trove_rabmq_cfg_controller_host}:8774/v2", + cinder_url => "http://${trove_rabmq_cfg_controller_host}:8776/v1", + swift_url => "http://${trove_rabmq_cfg_controller_host}:8080/v1/AUTH_", + use_neutron => hiera('CONFIG_NEUTRON_INSTALL'), +} From 8d2b33cddc024a58a475b4f43fa151bf44889920 Mon Sep 17 00:00:00 2001 From: Ryan Hallisey Date: Wed, 10 Dec 2014 16:15:11 -0500 Subject: [PATCH 0212/1017] Ironic support for packstack Ironic is currently not a supported plugin for packstack. This patch will create the Ironic plugin. Change-Id: Ia4a239beaf2609bd11cfc35f29527f53c0d6c9f2 --- docs/packstack.rst | 20 +++- packstack/plugins/ironic_275.py | 107 ++++++++++++++++++ packstack/plugins/mariadb_003.py | 2 +- packstack/plugins/neutron_350.py | 6 + packstack/plugins/nova_300.py | 41 ++++++- packstack/plugins/prescript_000.py | 19 ++++ packstack/plugins/puppet_950.py | 2 +- packstack/puppet/templates/ironic.pp | 12 ++ packstack/puppet/templates/ironic_qpid.pp | 14 +++ packstack/puppet/templates/ironic_rabbitmq.pp | 13 +++ packstack/puppet/templates/keystone_ironic.pp | 9 ++ .../templates/mariadb_ironic_install.pp | 6 + .../templates/mariadb_ironic_noinstall.pp | 29 +++++ packstack/puppet/templates/nova_compute.pp | 1 + .../puppet/templates/nova_compute_ironic.pp | 9 ++ .../puppet/templates/nova_sched_ironic.pp | 4 + 16 files changed, 285 insertions(+), 9 deletions(-) create mode 100644 packstack/plugins/ironic_275.py create mode 100644 packstack/puppet/templates/ironic.pp create mode 100644 packstack/puppet/templates/ironic_qpid.pp create mode 100644 packstack/puppet/templates/ironic_rabbitmq.pp create mode 100644 packstack/puppet/templates/keystone_ironic.pp create mode 100644 packstack/puppet/templates/mariadb_ironic_install.pp create mode 100644 packstack/puppet/templates/mariadb_ironic_noinstall.pp create mode 100644 packstack/puppet/templates/nova_compute_ironic.pp create mode 100644 packstack/puppet/templates/nova_sched_ironic.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index 9b901c3c7..c431da17d 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -44,6 +44,9 @@ Global Options **CONFIG_SAHARA_INSTALL** Set to 'y' if you would like Packstack to install Sahara ['y', 'n']. +**CONFIG_IRONIC_INSTALL** + Set to 'y' if you would like Packstack to install Ironic ['y', 'n']. + **CONFIG_CLIENT_INSTALL** Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. @@ -72,7 +75,7 @@ Global Options Set to 'y' if you would like Packstack to install Openstack Database (Trove) **CONFIG_CONTROLLER_HOST** - The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. This parameter replaced following deprecated parameters: CONFIG_CEILOMETER_HOST, CONFIG_CINDER_HOST, CONFIG_GLANCE_HOST, CONFIG_HORIZON_HOST, CONFIG_HEAT_HOST, CONFIG_KEYSTONE_HOST, CONFIG_NAGIOS_HOST, CONFIG_NEUTRON_SERVER_HOST, CONFIG_NEUTRON_LBAAS_HOSTS, CONFIG_NOVA_API_HOST, CONFIG_NOVA_CERT_HOST, CONFIG_NOVA_VNCPROXY_HOST, CONFIG_NOVA_SCHED_HOST, CONFIG_OSCLIENT_HOST, CONFIG_SWIFT_PROXY_HOSTS. + The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. This parameter replaced following deprecated parameters: CONFIG_CEILOMETER_HOST, CONFIG_CINDER_HOST, CONFIG_GLANCE_HOST, CONFIG_HORIZON_HOST, CONFIG_HEAT_HOST, CONFIG_IRONIC_HOST, CONFIG_KEYSTONE_HOST, CONFIG_NAGIOS_HOST, CONFIG_NEUTRON_SERVER_HOST, CONFIG_NEUTRON_LBAAS_HOSTS, CONFIG_NOVA_API_HOST, CONFIG_NOVA_CERT_HOST, CONFIG_NOVA_VNCPROXY_HOST, CONFIG_NOVA_SCHED_HOST, CONFIG_OSCLIENT_HOST, CONFIG_SWIFT_PROXY_HOSTS. **CONFIG_COMPUTE_HOSTS** The list of IP addresses of the server on which to install the Nova compute service. This parameter replaced following deprecated parameters: CONFIG_NOVA_COMPUTE_HOSTS. @@ -275,6 +278,9 @@ Nova Options **CONFIG_NOVA_NETWORK_HOSTS** List of IP address of the servers on which to install the Nova Network service. +**CONFIG_NOVA_COMPUTE_MANAGER** + The driver that will manage the running instances from creation to destruction. + **CONFIG_NOVA_DB_PW** The password to use for the Nova to access DB. @@ -320,6 +326,15 @@ Nova Options **CONFIG_NOVA_NETWORK_VLAN_START** First VLAN for private networks. +Ironic Config parameters +----------------------- + +**CONFIG_IRONIC_DB_PW** + The password used by Ironic user to authenticate against MariaDB. + +**CONFIG_IRONIC_KS_PW** + The password to use for the Ironic to authenticate with Keystone. + OpenStack Horizon Config parameters ----------------------------------- @@ -426,7 +441,8 @@ Ceilometer Config Parameters The password to use for Ceilometer to authenticate with Keystone. **CONFIG_CEILOMETER_COORDINATION_BACKEND** - Specify an optional backend for group membership coordination in the alarm evaluator and central agent. Currently the only valid option are 'redis' or 'none'. The default is 'redis'. + Specify an optional backend for group membership coordination in the alarm evaluator and central + agent. Currently the only valid option are 'redis' or 'none'. The default is 'redis'. **CONFIG_REDIS_HOST** The IP address of the server on which to install Redis, if Redis is being used for coordination. diff --git a/packstack/plugins/ironic_275.py b/packstack/plugins/ironic_275.py new file mode 100644 index 000000000..67e1b8807 --- /dev/null +++ b/packstack/plugins/ironic_275.py @@ -0,0 +1,107 @@ +# -*- coding: utf-8 -*- + +""" +Installs and configures Ironic +""" + +from packstack.installer import utils, validators, processors + +from packstack.modules.shortcuts import get_mq +from packstack.modules.ospluginutils import (getManifestTemplate, + appendManifestFile, + createFirewallResources) + +# ------------------ Ironic Packstack Plugin initialization ------------------ + +PLUGIN_NAME = "OS-Ironic" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') + + +def initConfig(controller): + ironic_params = [ + {"CONF_NAME": "CONFIG_IRONIC_DB_PW", + "CMD_OPTION": "os-ironic-db-passwd", + "PROMPT": "Enter the password for the Ironic MySQL user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CONF_NAME": "CONFIG_IRONIC_KS_PW", + "CMD_OPTION": "os-ironic-ks-passwd", + "USAGE": ("The password to use for Ironic to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for Ironic Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "USE_DEFAULT": True, + "NEED_CONFIRM": True, + "CONDITION": False}, + ] + + ironic_group = {"GROUP_NAME": "IRONIC", + "DESCRIPTION": "Ironic Options", + "PRE_CONDITION": "CONFIG_IRONIC_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} + + controller.addGroup(ironic_group, ironic_params) + + +def initSequences(controller): + if controller.CONF['CONFIG_IRONIC_INSTALL'] != 'y': + return + + steps = [ + {'title': 'Adding Ironic Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Ironic manifest entries', + 'functions': [create_manifest]}, + ] + + controller.addSequence("Installing OpenStack Ironic", [], [], + steps) + + +# -------------------------- step functions -------------------------- + +def create_manifest(config, messages): + + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestfile = "%s_ironic.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate(get_mq(config, "ironic")) + manifestdata += getManifestTemplate("ironic.pp") + + fw_details = dict() + key = "ironic-api" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "ironic-api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['6385'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_IRONIC_API_RULES'] = fw_details + + manifestdata += createFirewallResources('FIREWALL_IRONIC_API_RULES') + appendManifestFile(manifestfile, manifestdata, 'pre') + + +def create_keystone_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_IRONIC_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("keystone_ironic.pp") + appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 0d66de308..e3ed62b73 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -106,7 +106,7 @@ def append_for(module, suffix): append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat', 'sahara', - 'trove']: + 'trove', 'ironic']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 3b1720887..95259de01 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -424,6 +424,12 @@ def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return + if config['CONFIG_IRONIC_INSTALL'] == 'y': + config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat' + config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat' + if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']: + config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch' + config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'physnet1' plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 79f7464bb..671640513 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -110,6 +110,20 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "nova-compute-manager", + "USAGE": ("The manager that will run nova compute."), + "PROMPT": ("Enter the compute manager for nova " + "migration"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "nova.compute.manager.ComputeManager", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_COMPUTE_MANAGER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], "NOVA_NETWORK": [ @@ -489,6 +503,10 @@ def create_compute_manifest(config, messages): ssh_hostkeys += getManifestTemplate("sshkey") for host in compute_hosts: + if config['CONFIG_IRONIC_INSTALL'] == 'y': + cm = 'ironic.nova.compute.manager.ClusteredComputeManager' + config['CONFIG_NOVA_COMPUTE_MANAGER'] = cm + config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute") @@ -507,9 +525,12 @@ def create_compute_manifest(config, messages): manifestdata += createFirewallResources(cf_fw_qemu_mig_key) if config['CONFIG_VMWARE_BACKEND'] == 'y': - manifestdata += getManifestTemplate("nova_compute_vmware") + manifestdata += getManifestTemplate("nova_compute_vmware.pp") + elif config['CONFIG_IRONIC_INSTALL'] == 'y': + manifestdata += getManifestTemplate("nova_compute_ironic.pp") else: - manifestdata += getManifestTemplate("nova_compute_libvirt") + manifestdata += getManifestTemplate("nova_compute_libvirt.pp") + if (config['CONFIG_VMWARE_BACKEND'] != 'y' and config['CONFIG_CINDER_INSTALL'] == 'y' and 'gluster' in config['CONFIG_CINDER_BACKEND']): @@ -602,7 +623,13 @@ def create_network_manifest(config, messages): def create_sched_manifest(config, messages): manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("nova_sched") + if config['CONFIG_IRONIC_INSTALL'] == 'y': + manifestdata = getManifestTemplate("nova_sched_ironic.pp") + ram_alloc = '1.0' + config['CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO'] = ram_alloc + manifestdata += getManifestTemplate("nova_sched.pp") + else: + manifestdata = getManifestTemplate("nova_sched.pp") appendManifestFile(manifestfile, manifestdata) @@ -663,8 +690,12 @@ def create_neutron_manifest(config, messages): if config['CONFIG_NEUTRON_INSTALL'] != "y": return - virt_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - config['CONFIG_NOVA_LIBVIRT_VIF_DRIVER'] = virt_driver + if config['CONFIG_IRONIC_INSTALL'] == 'y': + virt_driver = 'nova.virt.firewall.NoopFirewallDriver' + config['CONFIG_NOVA_LIBVIRT_VIF_DRIVER'] = virt_driver + else: + virt_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + config['CONFIG_NOVA_LIBVIRT_VIF_DRIVER'] = virt_driver for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index c10b0963c..0e0a6268b 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -270,6 +270,24 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "os-ironic-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Bare Metal (Ironic)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Bare Metal (Ironic)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_IRONIC_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "os-client-install", "USAGE": ( "Set to 'y' if you would like Packstack to install " @@ -380,6 +398,7 @@ def initConfig(controller): 'CONFIG_GLANCE_HOST', 'CONFIG_HORIZON_HOST', 'CONFIG_HEAT_HOST', + 'CONFIG_IRONIC_HOST', 'CONFIG_KEYSTONE_HOST', 'CONFIG_NAGIOS_HOST', 'CONFIG_NEUTRON_SERVER_HOST', diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 49105253d..a71669468 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -173,7 +173,7 @@ def install_deps(config, messages): def copy_puppet_modules(config, messages): os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder', 'concat', 'firewall', 'glance', 'heat', 'horizon', - 'inifile', 'keystone', 'memcached', + 'inifile', 'ironic', 'keystone', 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', 'packstack', 'qpid', 'rabbitmq', 'redis', 'remote', 'rsync', 'sahara', 'ssh', diff --git a/packstack/puppet/templates/ironic.pp b/packstack/puppet/templates/ironic.pp new file mode 100644 index 000000000..37fbce494 --- /dev/null +++ b/packstack/puppet/templates/ironic.pp @@ -0,0 +1,12 @@ +ironic_config { + 'glance/glance_host': value => hiera('CONFIG_STORAGE_HOST'); +} + +class { 'ironic::api': + auth_host => hiera('CONFIG_CONTROLLER_HOST'), + admin_password => hiera('CONFIG_IRONIC_KS_PW'), +} + +class { 'ironic::client': } + +class { 'ironic::conductor': } diff --git a/packstack/puppet/templates/ironic_qpid.pp b/packstack/puppet/templates/ironic_qpid.pp new file mode 100644 index 000000000..51b683bf0 --- /dev/null +++ b/packstack/puppet/templates/ironic_qpid.pp @@ -0,0 +1,14 @@ +$ironic_qpid_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW') +$ironic_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') + +class { 'ironic': + rpc_backend => 'ironic.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + database_connection => "mysql://ironic:${ironic_qpid_cfg_ironic_db_pw}@${ironic_qpid_cfg_mariadb_host}/ironic", + debug => true, + verbose => true, +} diff --git a/packstack/puppet/templates/ironic_rabbitmq.pp b/packstack/puppet/templates/ironic_rabbitmq.pp new file mode 100644 index 000000000..129414728 --- /dev/null +++ b/packstack/puppet/templates/ironic_rabbitmq.pp @@ -0,0 +1,13 @@ +$ironic_rabbitmq_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW') +$ironic_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') + +class { 'ironic': + rpc_backend => 'ironic.openstack.common.rpc.impl_kombu', + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + database_connection => "mysql://ironic:${ironic_rabbitmq_cfg_ironic_db_pw}@${ironic_rabbitmq_cfg_mariadb_host}/ironic", + debug => true, + verbose => true, +} diff --git a/packstack/puppet/templates/keystone_ironic.pp b/packstack/puppet/templates/keystone_ironic.pp new file mode 100644 index 000000000..b787e673d --- /dev/null +++ b/packstack/puppet/templates/keystone_ironic.pp @@ -0,0 +1,9 @@ + +class {'ironic::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_IRONIC_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), +} + diff --git a/packstack/puppet/templates/mariadb_ironic_install.pp b/packstack/puppet/templates/mariadb_ironic_install.pp new file mode 100644 index 000000000..9040fdf5e --- /dev/null +++ b/packstack/puppet/templates/mariadb_ironic_install.pp @@ -0,0 +1,6 @@ +class { 'ironic::db::mysql': + password => hiera('CONFIG_IRONIC_DB_PW'), + host => '%%', + allowed_hosts => '%%', + charset => 'utf8', +} diff --git a/packstack/puppet/templates/mariadb_ironic_noinstall.pp b/packstack/puppet/templates/mariadb_ironic_noinstall.pp new file mode 100644 index 000000000..19e1fff86 --- /dev/null +++ b/packstack/puppet/templates/mariadb_ironic_noinstall.pp @@ -0,0 +1,29 @@ + +remote_database { 'ironic': + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', +} + +$mariadb_ironic_noinstall_db_pw = hiera('CONFIG_IRONIC_DB_PW') + +remote_database_user { 'ironic@%%': + password_hash => mysql_password($mariadb_ironic_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['ironic'], +} + +remote_database_grant { 'ironic@%%/ironic': + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['ironic@%%'], +} diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 43f47bd28..22c4f0950 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -40,6 +40,7 @@ vncproxy_host => hiera('CONFIG_CONTROLLER_HOST'), vncproxy_protocol => $vncproxy_proto, vncserver_proxyclient_address => hiera('CONFIG_NOVA_COMPUTE_HOST'), + compute_manager => hiera('CONFIG_NOVA_COMPUTE_MANAGER'), } # Tune the host with a virtual hosts profile diff --git a/packstack/puppet/templates/nova_compute_ironic.pp b/packstack/puppet/templates/nova_compute_ironic.pp new file mode 100644 index 000000000..52232f205 --- /dev/null +++ b/packstack/puppet/templates/nova_compute_ironic.pp @@ -0,0 +1,9 @@ +$ironic_config_controller_host = hiera('CONFIG_CONTROLLER_HOST') + +class {'nova::compute::ironic': + admin_user => 'ironic', + admin_passwd => hiera('CONFIG_IRONIC_KS_PW'), + admin_url => "http://${ironic_config_controller_host}:35357/v2.0", + admin_tenant_name => 'services', + api_endpoint => "http://${ironic_config_controller_host}:6385/v1", +} diff --git a/packstack/puppet/templates/nova_sched_ironic.pp b/packstack/puppet/templates/nova_sched_ironic.pp new file mode 100644 index 000000000..126d9ea75 --- /dev/null +++ b/packstack/puppet/templates/nova_sched_ironic.pp @@ -0,0 +1,4 @@ +nova_config { + 'DEFAULT/scheduler_host_manager': + value => 'nova.scheduler.ironic_host_manager.IronicHostManager'; +} From 917d2af7d84c2c3a694599979660b292d3e9f5c8 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Sat, 6 Dec 2014 15:52:46 +0100 Subject: [PATCH 0213/1017] Use flake8 and hacking instead of pep8 for Python syntax checks All new findings of flake8 and hacking are ignored for the moment to only change the used tool with this change. Ignored checks should be enabled in the future. Change-Id: I041f7d1427b897692506b2041b8cc50a40d97cc5 --- tox.ini | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tox.ini b/tox.ini index 1920c6e04..af18681f1 100644 --- a/tox.ini +++ b/tox.ini @@ -16,11 +16,8 @@ sitepackages = True downloadcache = ~/cache/pip [testenv:pep8] -deps=pep8==1.2 -commands = pep8 --exclude=*.pyc --repeat --show-source \ - packstack/modules packstack/plugins tests setup.py \ - packstack/version.py - +deps=hacking>=0.9.5,<0.10 +commands = flake8 [testenv:cover] setenv = NOSE_WITH_COVERAGE=1 @@ -30,4 +27,12 @@ commands = {posargs} [testenv:docs] commands = python setup.py build_sphinx - + +[flake8] +# H803 skipped on purpose per list discussion. +# E123, E125 skipped as they are invalid PEP-8. +# +# All other checks should be enabled in the future. +ignore = E123,E125,H803,E128,F403,F821,E127,F811,E265,F401,F841,E228,E129,E231,E501,E222,E211,E302,E272,E111,E502,E202,W601,E271,E721,E225,E712,E261,E131,E126,E303,E711,E241,E713,E121,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 +show-source = True +exclude=.venv,.git,.tox From 3f74acf7b11c0ddfbfeb2e2b9d6798b0f04a5406 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Tue, 6 Jan 2015 12:26:04 +0100 Subject: [PATCH 0214/1017] Don't always delete temporary directories In debug mode it is useful to have temporary directory available on each host. This patch implements skipping the cleanup during debug. Change-Id: I6e95366c0e421e48b0f7ac19f44a25d5159c31f6 --- packstack/installer/run_setup.py | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index b749e9624..4948adeb7 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -627,17 +627,24 @@ def _main(options, configFile=None, logFile=None): print output_messages.INFO_INSTALL_SUCCESS -def remove_remote_var_dirs(): +def remove_remote_var_dirs(options, config, messages): """ Removes the temp directories on remote hosts, doesn't remove data on localhost """ - for host in gethostlist(controller.CONF): + for host in gethostlist(config): try: - host_dir = controller.CONF['HOST_DETAILS'][host]['tmpdir'] + host_dir = config['HOST_DETAILS'][host]['tmpdir'] except KeyError: # Nothing was added to this host yet, so we have nothing to delete continue + if options.debug: + # we keep temporary directories on hosts in debug mode + messages.append( + 'Note temporary directory {host_dir} on host {host} was ' + 'not deleted for debugging purposes.'.format(**locals()) + ) + continue logging.debug(output_messages.INFO_REMOVE_REMOTE_VAR % (host_dir, host)) server = utils.ScriptRunner(host) server.append('rm -rf %s' % host_dir) @@ -647,7 +654,7 @@ def remove_remote_var_dirs(): msg = output_messages.ERR_REMOVE_REMOTE_VAR % (host_dir, host) logging.error(msg) logging.exception(e) - controller.MESSAGES.append(utils.color_text(msg, 'red')) + messages.append(utils.color_text(msg, 'red')) def remove_temp_files(): """ @@ -971,7 +978,7 @@ def main(): sys.exit(1) finally: - remove_remote_var_dirs() + remove_remote_var_dirs(options, controller.CONF, controller.MESSAGES) remove_temp_files() # Always print user params to log From 9b2777586dcfd60c3ed426b49107710045641da7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Tue, 6 Jan 2015 17:26:35 +0100 Subject: [PATCH 0215/1017] Set correct vncserver_proxyclient_address Current logic for setting the variable in nova.conf does not work because hieradata/defaults.yaml is genereted once for all host and not for each host separately. This patch is fixing the issue the easiest possible way. More bulletproof solution should come in the future. Change-Id: If1a51bb45c785be185981ad811b6b94228f67ede Fixes: rhbz#1172241 --- packstack/plugins/nova_300.py | 1 - packstack/puppet/templates/nova_compute.pp | 12 +++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 671640513..6553ca9e5 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -507,7 +507,6 @@ def create_compute_manifest(config, messages): cm = 'ironic.nova.compute.manager.ClusteredComputeManager' config['CONFIG_NOVA_COMPUTE_MANAGER'] = cm - config["CONFIG_NOVA_COMPUTE_HOST"] = host manifestdata = getManifestTemplate("nova_compute") fw_details = dict() diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 22c4f0950..6cc4b7941 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -35,11 +35,19 @@ default => 'http', } +if ($::fqdn != '' and $::fqdn != 'localhost') { + $vncproxy_server = $::fqdn +} else { + # Multihost does not work without proper FQDN setup, so we use controller IP, + # because this case can come up only in usecase, which is all-in-one + $vncproxy_server = hiera('CONFIG_CONTROLLER_HOST') +} + class { 'nova::compute': enabled => true, vncproxy_host => hiera('CONFIG_CONTROLLER_HOST'), vncproxy_protocol => $vncproxy_proto, - vncserver_proxyclient_address => hiera('CONFIG_NOVA_COMPUTE_HOST'), + vncserver_proxyclient_address => $vncproxy_server, compute_manager => hiera('CONFIG_NOVA_COMPUTE_MANAGER'), } @@ -58,5 +66,3 @@ command => '/usr/sbin/tuned-adm profile virtual-host', require => Service['tuned'], } - - From 3fd2f89875510098595642c171e14ba2e51f727f Mon Sep 17 00:00:00 2001 From: Chris Dent Date: Mon, 5 Jan 2015 23:38:16 +0000 Subject: [PATCH 0216/1017] Add support for redis sentinel and slaves If the correct configuration settings are set in the answer file redis and redis-sentinel will be installed and configured on slave and sentinel hosts. The sentinels will monitor the master and keep track of the slaves. If the master dies, then the sentinels will consensually establish a new master. Change-Id: I7acc5e4f7bb99692bfe1c8694e8ddb0c472160f4 --- docs/packstack.rst | 29 +++- packstack/plugins/ceilometer_800.py | 174 +++++++++++++++++-- packstack/puppet/templates/ceilometer.pp | 11 +- packstack/puppet/templates/redis.pp | 4 +- packstack/puppet/templates/redis_sentinel.pp | 11 ++ packstack/puppet/templates/redis_slave.pp | 11 ++ 6 files changed, 215 insertions(+), 25 deletions(-) create mode 100644 packstack/puppet/templates/redis_sentinel.pp create mode 100644 packstack/puppet/templates/redis_slave.pp diff --git a/docs/packstack.rst b/docs/packstack.rst index c431da17d..80bf277a3 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -444,11 +444,36 @@ Ceilometer Config Parameters Specify an optional backend for group membership coordination in the alarm evaluator and central agent. Currently the only valid option are 'redis' or 'none'. The default is 'redis'. -**CONFIG_REDIS_HOST** +**CONFIG_REDIS_MASTER_HOST** The IP address of the server on which to install Redis, if Redis is being used for coordination. **CONFIG_REDIS_PORT** - The port on which the Redis server will listen, if Redis is being used for coordination. + The port on which all Redis servers will listen, if Redis is being used for coordination. + +**CONFIG_REDIS_HA** + Whether redis-sentinel and redis-slaves should be used to to enable high availability in Redis + coordination. Valid options are 'y' or 'n'. Default is 'n'. The following settings only apply if + 'y' is chosen. + +**CONFIG_REDIS_SLAVE_HOSTS** + A comma-separated list of hosts that will operate as Redis slaves and on which Redis will be + installed. + +**CONFIG_REDIS_SENTINEL_HOSTS** + A comma-separated list of hosts that will operate as Redis sentinels and on which Redis will be + installed. + +**CONFIG_REDIS_SENTINEL_CONTACT_HOST** + One of the sentinel hosts which will be used to configure coordination. + +**CONFIG_REDIS_SENTINEL_PORT** + The port on which all Redis sentinels will listen. Defaults to 26379. + +**CONFIG_REDIS_SENTINEL_QUORUM** + The quorum value for the Redis sentinels. Default value is 2, but you should change this. + +**CONFIG_REDIS_MASTER_NAME** + The logical name of the initial Redis master, required in sentinel and client configuration. Heat Config Parameters ---------------------- diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index ff8383540..f35d6a87c 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -9,6 +9,7 @@ from packstack.installer import utils from packstack.installer import validators from packstack.installer import processors +from packstack.installer.utils import split_hosts from packstack.modules.shortcuts import get_mq from packstack.modules.ospluginutils import (getManifestTemplate, appendManifestFile, @@ -81,31 +82,120 @@ def initConfig(controller): "CONDITION": False}, ], "REDIS": [ - {"CMD_OPTION": "redis-host", + {"CMD_OPTION": "redis-master-host", "USAGE": ("The IP address of the server on which to install " - "redis"), - "PROMPT": "Enter the IP address of the redis server", + "redis master server"), + "PROMPT": "Enter the IP address of the redis master server", "OPTION_LIST": [], "VALIDATORS": [validators.validate_ssh], "DEFAULT_VALUE": utils.get_localhost_ip(), "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_REDIS_HOST", + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_MASTER_HOST", "USE_DEFAULT": False, "NEED_CONFIRM": False, - "CONDITION": False}, + "CONDITION": False, + "DEPRECATES": ["CONFIG_REDIS_HOST"]}, {"CMD_OPTION": "redis-port", - "USAGE": "The port on which the redis server listens", - "PROMPT": "Enter the port of the redis server", + "USAGE": "The port on which the redis server(s) listens", + "PROMPT": "Enter the port of the redis server(s)", "OPTION_LIST": [], "VALIDATORS": [validators.validate_port], "DEFAULT_VALUE": 6379, "MASK_INPUT": False, - "LOOSE_VALIDATION": True, + "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_REDIS_PORT", "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "redis-ha", + "USAGE": "Should redis try to use HA", + "PROMPT": "Should redis try to use HA?", + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_HA", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-slaves", + "USAGE": "The hosts on which to install redis slaves", + "PROMPT": "Enter the IP addresses of the redis slave servers", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_multi_ssh], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_SLAVE_HOSTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-sentinels", + "USAGE": "The hosts on which to install redis sentinel servers", + "PROMPT": "Enter the IP addresses of the redis sentinel servers", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_multi_ssh], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_SENTINEL_HOSTS", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-sentinel-contact", + "USAGE": "The host to configure as the coordination sentinel", + "PROMPT": + "Enter the IP address of the coordination redis sentinel", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ssh], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_SENTINEL_CONTACT_HOST", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-sentinel-port", + "USAGE": "The port on which redis sentinel servers listen", + "PROMPT": ("Enter the port on which the redis sentinel servers" + " listen"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_port], + "DEFAULT_VALUE": 26379, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_SENTINEL_PORT", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-sentinel-quorum", + "USAGE": "The quorum value for redis sentinel servers", + "PROMPT": ( + "Enter the quorum value for the redis sentinel servers"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_integer], + "DEFAULT_VALUE": 2, + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_SENTINEL_QUORUM", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "redis-sentinel-master-name", + "USAGE": "The name of the master server watched by the sentinel", + "PROMPT": ( + "Enter the logical name of the master server"), + "OPTION_LIST": [r'[a-z]+'], + "VALIDATORS": [validators.validate_regexp], + "DEFAULT_VALUE": 'mymaster', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_REDIS_MASTER_NAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, ], } @@ -197,24 +287,70 @@ def create_mongodb_manifest(config, messages): def create_redis_manifest(config, messages): if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': - manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_HOST'] + + # master + manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST'] manifestdata = getManifestTemplate("redis.pp") - fw_details = dict() - key = "redis_server" - fw_details.setdefault(key, {}) - fw_details[key]['host'] = "%s" % config['CONFIG_CONTROLLER_HOST'] - fw_details[key]['service_name'] = "redis-server" - fw_details[key]['chain'] = "INPUT" - fw_details[key]['ports'] = config['CONFIG_REDIS_PORT'] - fw_details[key]['proto'] = "tcp" - config['FIREWALL_REDIS_RULES'] = fw_details + master_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( + split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( + split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) + config['FIREWALL_REDIS_RULES'] = _create_redis_firewall_rules( + master_clients, config['CONFIG_REDIS_PORT']) manifestdata += createFirewallResources('FIREWALL_REDIS_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') + # slaves + if config['CONFIG_REDIS_HA'] == 'y': + for slave in split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS']): + config['CONFIG_REDIS_HOST'] = slave + manifestfile = "%s_redis_slave.pp" % slave + manifestdata = getManifestTemplate("redis_slave.pp") + + slave_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( + split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( + split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) + config['FIREWALL_REDIS_SLAVE_RULES'] = ( + _create_redis_firewall_rules( + slave_clients, config['CONFIG_REDIS_PORT'])) + + manifestdata += createFirewallResources( + 'FIREWALL_REDIS_SLAVE_RULES') + appendManifestFile(manifestfile, manifestdata, 'pre') + + # sentinels + if config['CONFIG_REDIS_HA'] == 'y': + for sentinel in split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']): + manifestfile = "%s_redis_sentinel.pp" % sentinel + manifestdata = getManifestTemplate("redis_sentinel.pp") + + config['FIREWALL_SENTINEL_RULES'] = ( + _create_redis_firewall_rules( + split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']), + config['CONFIG_REDIS_SENTINEL_PORT'])) + + manifestdata += createFirewallResources( + 'FIREWALL_SENTINEL_RULES') + appendManifestFile(manifestfile, manifestdata, 'pre') + def create_keystone_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_ceilometer") appendManifestFile(manifestfile, manifestdata) + + +# ------------------------- helper functions ------------------------- + +def _create_redis_firewall_rules(hosts, port): + fw_details = dict() + for host in hosts: + key = "redis service from %s" % host + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "%s" % host + fw_details[key]['service_name'] = "redis service" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = port + fw_details[key]['proto'] = "tcp" + return fw_details diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index 28c9002e7..e6f05fcd9 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -3,9 +3,16 @@ $config_ceilometer_coordination_backend = hiera('CONFIG_CEILOMETER_COORDINATION_BACKEND') if $config_ceilometer_coordination_backend == 'redis' { - $redis_host = hiera('CONFIG_REDIS_HOST') + $redis_host = hiera('CONFIG_REDIS_MASTER_HOST') $redis_port = hiera('CONFIG_REDIS_PORT') - $coordination_url = "redis://${redis_host}:${redis_port}" + $sentinel_host = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST') + if $sentinel_host != '' { + $master_name = hiera('CONFIG_REDIS_MASTER_NAME') + $sentinel_port = hiera('CONFIG_REDIS_SENTINEL_PORT') + $coordination_url = "redis://${sentinel_host}:${sentinel_port}?sentinel=${master_name}" + } else { + $coordination_url = "redis://${redis_host}:${redis_port}" + } } else { $coordination_url = '' } diff --git a/packstack/puppet/templates/redis.pp b/packstack/puppet/templates/redis.pp index ab4aaba88..68ea76a98 100644 --- a/packstack/puppet/templates/redis.pp +++ b/packstack/puppet/templates/redis.pp @@ -1,8 +1,8 @@ -$redis_host = hiera('CONFIG_REDIS_HOST') $redis_port = hiera('CONFIG_REDIS_PORT') +$redis_master_host = hiera('CONFIG_REDIS_MASTER_HOST') class { 'redis': - bind => $redis_host, + bind => $redis_master_host, port => $redis_port, appendonly => true, daemonize => false, diff --git a/packstack/puppet/templates/redis_sentinel.pp b/packstack/puppet/templates/redis_sentinel.pp new file mode 100644 index 000000000..b58406d5c --- /dev/null +++ b/packstack/puppet/templates/redis_sentinel.pp @@ -0,0 +1,11 @@ +$redis_master_host = hiera('CONFIG_REDIS_MASTER_HOST') +$redis_master_port = hiera('CONFIG_REDIS_PORT') +$redis_master_name = hiera('CONFIG_REDIS_MASTER_NAME') +$redis_sentinel_quorum = hiera('CONFIG_REDIS_SENTINEL_QUORUM') + +class { 'redis::sentinel': + master_name => "${redis_master_name}", + redis_host => $redis_master_host, + redis_port => $redis_master_port, + quorum => $redis_sentinel_quorum, +} diff --git a/packstack/puppet/templates/redis_slave.pp b/packstack/puppet/templates/redis_slave.pp new file mode 100644 index 000000000..7d26f3224 --- /dev/null +++ b/packstack/puppet/templates/redis_slave.pp @@ -0,0 +1,11 @@ +$redis_host = hiera('CONFIG_REDIS_HOST') +$redis_port = hiera('CONFIG_REDIS_PORT') +$redis_master_host = hiera('CONFIG_REDIS_MASTER_HOST') + +class { 'redis': + bind => $redis_host, + port => $redis_port, + appendonly => true, + daemonize => false, + slaveof => "${redis_master_host} ${redis_port}", +} From 05a27ebb9cd98be2071fd4027fab425f8c508015 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 9 Jan 2015 08:35:42 +0100 Subject: [PATCH 0217/1017] Enable PEP8 checks for E211, E222, E225, E228 * E211 whitespace before '(' * E222 multiple spaces after operator * E225 missing whitespace around operator * E228 missing whitespace around modulo operator Change-Id: I19f51d646bbb9a8854555419a4139c059207ea60 --- packstack/installer/output_messages.py | 102 ++++++++++++------------ packstack/installer/run_setup.py | 40 +++++----- packstack/installer/setup_controller.py | 10 +-- tox.ini | 2 +- 4 files changed, 77 insertions(+), 77 deletions(-) diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 3103a2d22..8907dc7b9 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -18,28 +18,28 @@ ####INFO MESSAGES#### ##################### -INFO_HEADER="Welcome to the %s setup utility" % basedefs.APP_NAME -INFO_INSTALL_SUCCESS="\n **** Installation completed successfully ******\n" -INFO_INSTALL="Installing:" -INFO_DSPLY_PARAMS="\n%s will be installed using the following configuration:" % basedefs.APP_NAME -INFO_USE_PARAMS="Proceed with the configuration listed above" -INFO_DONE="DONE" -INFO_ERROR="ERROR" -INFO_LOG_FILE_PATH="The installation log file is available at: %s" -INFO_MANIFEST_PATH="The generated manifests are available at: %s" -INFO_ADDTIONAL_MSG="Additional information:" -INFO_ADDTIONAL_MSG_BULLET=" * %s" -INFO_CONF_PARAMS_PASSWD_CONFIRM_PROMPT="Confirm password" -INFO_VAL_PATH_SPACE="Error: mount point %s contains only %s of available space while a minimum of %s is required" -INFO_VAL_NOT_INTEGER="Error: value is not an integer" -INFO_VAL_PORT_NOT_RANGE="Error: port is outside the range of %i - 65535" -INFO_VAL_STRING_EMPTY="Warning: The %s parameter is empty" -INFO_VAL_NOT_IN_OPTIONS="Error: response is not part of the following accepted answers: %s" -INFO_VAL_NOT_DOMAIN="Error: domain is not a valid domain name" -INFO_VAL_NOT_USER="Error: user name contains illegal characters" -INFO_VAL_PORT_OCCUPIED="Error: TCP Port %s is already open by %s (pid: %s)" -INFO_VAL_PORT_OCCUPIED_BY_JBOSS="Error: TCP Port %s is used by JBoss" -INFO_VAL_PASSWORD_DONT_MATCH="Error: passwords don't match" +INFO_HEADER = "Welcome to the %s setup utility" % basedefs.APP_NAME +INFO_INSTALL_SUCCESS = "\n **** Installation completed successfully ******\n" +INFO_INSTALL = "Installing:" +INFO_DSPLY_PARAMS = "\n%s will be installed using the following configuration:" % basedefs.APP_NAME +INFO_USE_PARAMS = "Proceed with the configuration listed above" +INFO_DONE = "DONE" +INFO_ERROR = "ERROR" +INFO_LOG_FILE_PATH = "The installation log file is available at: %s" +INFO_MANIFEST_PATH = "The generated manifests are available at: %s" +INFO_ADDTIONAL_MSG = "Additional information:" +INFO_ADDTIONAL_MSG_BULLET = " * %s" +INFO_CONF_PARAMS_PASSWD_CONFIRM_PROMPT = "Confirm password" +INFO_VAL_PATH_SPACE = "Error: mount point %s contains only %s of available space while a minimum of %s is required" +INFO_VAL_NOT_INTEGER = "Error: value is not an integer" +INFO_VAL_PORT_NOT_RANGE = "Error: port is outside the range of %i - 65535" +INFO_VAL_STRING_EMPTY = "Warning: The %s parameter is empty" +INFO_VAL_NOT_IN_OPTIONS = "Error: response is not part of the following accepted answers: %s" +INFO_VAL_NOT_DOMAIN = "Error: domain is not a valid domain name" +INFO_VAL_NOT_USER = "Error: user name contains illegal characters" +INFO_VAL_PORT_OCCUPIED = "Error: TCP Port %s is already open by %s (pid: %s)" +INFO_VAL_PORT_OCCUPIED_BY_JBOSS = "Error: TCP Port %s is used by JBoss" +INFO_VAL_PASSWORD_DONT_MATCH = "Error: passwords don't match" INFO_CHANGED_VALUE = ("Packstack changed given value %s to required " "value %s") @@ -48,42 +48,42 @@ "services might not run correctly when hostname" " is used.") -INFO_STRING_LEN_LESS_THAN_MIN="String length is less than the minimum allowed: %s" -INFO_STRING_EXCEEDS_MAX_LENGTH="String length exceeds the maximum length allowed: %s" -INFO_STRING_CONTAINS_ILLEGAL_CHARS="String contains illegal characters" -INFO_CINDER_VOLUMES_EXISTS="Did not create a cinder volume group, one already existed" -INFO_REMOVE_REMOTE_VAR="Removing %s on %s (if it is a remote host)" +INFO_STRING_LEN_LESS_THAN_MIN = "String length is less than the minimum allowed: %s" +INFO_STRING_EXCEEDS_MAX_LENGTH = "String length exceeds the maximum length allowed: %s" +INFO_STRING_CONTAINS_ILLEGAL_CHARS = "String contains illegal characters" +INFO_CINDER_VOLUMES_EXISTS = "Did not create a cinder volume group, one already existed" +INFO_REMOVE_REMOTE_VAR = "Removing %s on %s (if it is a remote host)" -WARN_WEAK_PASS="Warning: Weak Password." -WARN_NM_ENABLED=("Warning: NetworkManager is active on %s. OpenStack " +WARN_WEAK_PASS = "Warning: Weak Password." +WARN_NM_ENABLED = ("Warning: NetworkManager is active on %s. OpenStack " "networking currently does not work on systems that have " "the Network Manager service enabled.") ERR_PING = "Error: the provided hostname is unreachable" ERR_SSH = "Error: could not connect to the ssh server: %s" ERR_FILE = "Error: the provided file is not present" -ERR_CHECK_LOG_FILE_FOR_MORE_INFO="Please check log file %s for more information" -ERR_YUM_LOCK="Internal Error: Can't edit versionlock " +ERR_CHECK_LOG_FILE_FOR_MORE_INFO = "Please check log file %s for more information" +ERR_YUM_LOCK = "Internal Error: Can't edit versionlock " ERR_FAILED_START_SERVICE = "Error: Can't start the %s service" ERR_FAILED_STOP_SERVICE = "Error: Can't stop the %s service" -ERR_EXP_HANDLE_PARAMS="Failed handling user parameters input" -ERR_EXP_KEYBOARD_INTERRUPT="Keyboard interrupt caught." -ERR_READ_RPM_VER="Error reading version number for package %s" -ERR_EXP_READ_INPUT_PARAM="Error while trying to read parameter %s from user." -ERR_EXP_VALIDATE_PARAM="Error validating parameter %s from user." -ERR_EXP_HANDLE_ANSWER_FILE="Failed handling answer file: %s" -ERR_EXP_GET_CFG_IPS="Could not get list of available IP addresses on this host" -ERR_EXP_GET_CFG_IPS_CODES="Failed to get list of IP addresses" -ERR_EXP_CANT_FIND_IP="Could not find any configured IP address" -ERR_DIDNT_RESOLVED_IP="%s did not resolve into an IP address" -ERR_IPS_NOT_CONFIGED="Some or all of the IP addresses: (%s) which were resolved from the FQDN %s are not configured on any interface on this host" -ERR_IPS_NOT_CONFIGED_ON_INT="The IP (%s) which was resolved from the FQDN %s is not configured on any interface on this host" -ERR_IPS_HAS_NO_PTR="None of the IP addresses on this host(%s) holds a PTR record for the FQDN: %s" -ERR_IP_HAS_NO_PTR="The IP %s does not hold a PTR record for the FQDN: %s" -ERR_EXP_FAILED_INIT_LOGGER="Unexpected error: Failed to initiate logger, please check file system permission" -ERR_FAILURE="General failure" -ERR_NO_ANSWER_FILE="Error: Could not find file %s" -ERR_ONLY_1_FLAG="Error: The %s flag is mutually exclusive to all other command line options" -ERR_REMOVE_REMOTE_VAR="Error: Failed to remove directory %s on %s, it contains sensitive data and should be removed" -ERR_REMOVE_TMP_FILE="Error: Failed to remove temporary file %s, it contains sensitive data and should be removed" +ERR_EXP_HANDLE_PARAMS = "Failed handling user parameters input" +ERR_EXP_KEYBOARD_INTERRUPT = "Keyboard interrupt caught." +ERR_READ_RPM_VER = "Error reading version number for package %s" +ERR_EXP_READ_INPUT_PARAM = "Error while trying to read parameter %s from user." +ERR_EXP_VALIDATE_PARAM = "Error validating parameter %s from user." +ERR_EXP_HANDLE_ANSWER_FILE = "Failed handling answer file: %s" +ERR_EXP_GET_CFG_IPS = "Could not get list of available IP addresses on this host" +ERR_EXP_GET_CFG_IPS_CODES = "Failed to get list of IP addresses" +ERR_EXP_CANT_FIND_IP = "Could not find any configured IP address" +ERR_DIDNT_RESOLVED_IP = "%s did not resolve into an IP address" +ERR_IPS_NOT_CONFIGED = "Some or all of the IP addresses: (%s) which were resolved from the FQDN %s are not configured on any interface on this host" +ERR_IPS_NOT_CONFIGED_ON_INT = "The IP (%s) which was resolved from the FQDN %s is not configured on any interface on this host" +ERR_IPS_HAS_NO_PTR = "None of the IP addresses on this host(%s) holds a PTR record for the FQDN: %s" +ERR_IP_HAS_NO_PTR = "The IP %s does not hold a PTR record for the FQDN: %s" +ERR_EXP_FAILED_INIT_LOGGER = "Unexpected error: Failed to initiate logger, please check file system permission" +ERR_FAILURE = "General failure" +ERR_NO_ANSWER_FILE = "Error: Could not find file %s" +ERR_ONLY_1_FLAG = "Error: The %s flag is mutually exclusive to all other command line options" +ERR_REMOVE_REMOTE_VAR = "Error: Failed to remove directory %s on %s, it contains sensitive data and should be removed" +ERR_REMOVE_TMP_FILE = "Error: Failed to remove temporary file %s, it contains sensitive data and should be removed" # diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 4948adeb7..e737237fa 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -32,7 +32,7 @@ masked_value_set = set() tmpfiles = [] -def initLogging (debug): +def initLogging(debug): try: logFile = os.path.join(basedefs.DIR_LOG, basedefs.FILE_LOG) @@ -40,14 +40,14 @@ def initLogging (debug): # passwords in logs os.close(os.open(logFile, os.O_CREAT | os.O_EXCL, 0600)) - hdlr = logging.FileHandler (filename=logFile, mode='w') + hdlr = logging.FileHandler(filename=logFile, mode='w') if (debug): level = logging.DEBUG else: level = logging.INFO - fmts='%(asctime)s::%(levelname)s::%(module)s::%(lineno)d::%(name)s:: %(message)s' - dfmt='%Y-%m-%d %H:%M:%S' + fmts = '%(asctime)s::%(levelname)s::%(module)s::%(lineno)d::%(name)s:: %(message)s' + dfmt = '%Y-%m-%d %H:%M:%S' fmt = logging.Formatter(fmts, dfmt) hdlr.setFormatter(fmt) @@ -164,8 +164,8 @@ def _askYesNo(question=None): message = StringIO() while True: - askString = "\r%s? (yes|no): "%(question) - logging.debug("asking user: %s"%askString) + askString = "\r%s? (yes|no): " % (question) + logging.debug("asking user: %s" % askString) message.write(askString) message.seek(0) @@ -175,7 +175,7 @@ def _askYesNo(question=None): continue answer = raw[0].lower() - logging.debug("user answered read: %s"%(answer)) + logging.debug("user answered read: %s" % (answer)) if answer not in 'yn': continue @@ -398,9 +398,9 @@ def _handleAnswerFileParams(answerFile): # Handle post condition match for group if postConditionValue != group.POST_CONDITION_MATCH: - logging.error("The group condition (%s) returned: %s, which differs from the excpeted output: %s"%\ + logging.error("The group condition (%s) returned: %s, which differs from the excpeted output: %s" %\ (group.GROUP_NAME, postConditionValue, group.POST_CONDITION_MATCH)) - raise ValueError(output_messages.ERR_EXP_GROUP_VALIDATION_ANS_FILE%\ + raise ValueError(output_messages.ERR_EXP_GROUP_VALIDATION_ANS_FILE %\ (group.GROUP_NAME, postConditionValue, group.POST_CONDITION_MATCH)) else: logging.debug("condition (%s) passed" % group.POST_CONDITION) @@ -411,7 +411,7 @@ def _handleAnswerFileParams(answerFile): except Exception as e: logging.error(traceback.format_exc()) - raise Exception(output_messages.ERR_EXP_HANDLE_ANSWER_FILE%(e)) + raise Exception(output_messages.ERR_EXP_HANDLE_ANSWER_FILE % (e)) def _getanswerfilepath(): @@ -422,7 +422,7 @@ def _getanswerfilepath(): p = os.path.expanduser("~/") if os.access(p, os.W_OK): - path = os.path.abspath(os.path.join(p, "packstack-answers-%s.txt"%ts)) + path = os.path.abspath(os.path.join(p, "packstack-answers-%s.txt" % ts)) msg = "A new answerfile was created in: %s" % path controller.MESSAGES.append(msg) @@ -436,7 +436,7 @@ def _gettmpanswerfilepath(): p = os.path.expanduser("~/") if os.access(p, os.W_OK): - path = os.path.abspath(os.path.join(p, "tmp-packstack-answers-%s.txt"%ts)) + path = os.path.abspath(os.path.join(p, "tmp-packstack-answers-%s.txt" % ts)) tmpfiles.append(path) return path @@ -517,7 +517,7 @@ def _getConditionValue(matchMember): input_param(param) returnValue = controller.CONF[matchMember] else: - raise TypeError("%s type (%s) is not supported"%(matchMember, type(matchMember))) + raise TypeError("%s type (%s) is not supported" % (matchMember, type(matchMember))) return returnValue @@ -565,16 +565,16 @@ def _printAdditionalMessages(): if len(controller.MESSAGES) > 0: print "\n",output_messages.INFO_ADDTIONAL_MSG for msg in controller.MESSAGES: - print output_messages.INFO_ADDTIONAL_MSG_BULLET%(msg) + print output_messages.INFO_ADDTIONAL_MSG_BULLET % (msg) def _addFinalInfoMsg(logFile): """ add info msg to the user finalizing the successfull install of rhemv """ - controller.MESSAGES.append(output_messages.INFO_LOG_FILE_PATH%(logFile)) + controller.MESSAGES.append(output_messages.INFO_LOG_FILE_PATH % (logFile)) controller.MESSAGES.append( - output_messages.INFO_MANIFEST_PATH%(basedefs.PUPPET_MANIFEST_DIR)) + output_messages.INFO_MANIFEST_PATH % (basedefs.PUPPET_MANIFEST_DIR)) def _summaryParamsToLog(): @@ -724,7 +724,7 @@ def single_step_aio_install(options, logFile): single_step_install(options, logFile) def single_step_install(options, logFile): - answerfilepath = _gettmpanswerfilepath() + answerfilepath = _gettmpanswerfilepath() if not answerfilepath: _printAdditionalMessages() return @@ -915,7 +915,7 @@ def main(): raise SystemExit # Initialize logging - logFile = initLogging (options.debug) + logFile = initLogging(options.debug) # Parse parameters runConfiguration = True @@ -928,7 +928,7 @@ def main(): if options.gen_answer_file: # Make sure only --gen-answer-file was supplied validateSingleFlag(options, "gen_answer_file") - answerfilepath = _gettmpanswerfilepath() + answerfilepath = _gettmpanswerfilepath() if not answerfilepath: _printAdditionalMessages() return @@ -974,7 +974,7 @@ def main(): logging.error(traceback.format_exc()) print print utils.color_text("ERROR : " + str(e), 'red') - print output_messages.ERR_CHECK_LOG_FILE_FOR_MORE_INFO%(logFile) + print output_messages.ERR_CHECK_LOG_FILE_FOR_MORE_INFO % (logFile) sys.exit(1) finally: diff --git a/packstack/installer/setup_controller.py b/packstack/installer/setup_controller.py index 6bf9908e7..8de391227 100644 --- a/packstack/installer/setup_controller.py +++ b/packstack/installer/setup_controller.py @@ -15,11 +15,11 @@ def steps_new_format(steplist): class Controller(object): - __GROUPS=[] - __SEQUENCES=[] - __PLUGINS=[] - MESSAGES=[] - CONF={} + __GROUPS = [] + __SEQUENCES = [] + __PLUGINS = [] + MESSAGES = [] + CONF = {} __single = None # the one, true Singleton ... for god's sake why ??? :) diff --git a/tox.ini b/tox.ini index af18681f1..46a8466e6 100644 --- a/tox.ini +++ b/tox.ini @@ -33,6 +33,6 @@ commands = python setup.py build_sphinx # E123, E125 skipped as they are invalid PEP-8. # # All other checks should be enabled in the future. -ignore = E123,E125,H803,E128,F403,F821,E127,F811,E265,F401,F841,E228,E129,E231,E501,E222,E211,E302,E272,E111,E502,E202,W601,E271,E721,E225,E712,E261,E131,E126,E303,E711,E241,E713,E121,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 +ignore = E123,E125,H803,E128,F403,F821,E127,F811,E265,F401,F841,E129,E231,E501,E302,E272,E111,E502,E202,W601,E271,E721,E712,E261,E131,E126,E303,E711,E241,E713,E121,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 show-source = True exclude=.venv,.git,.tox From b148189d18b54ae2efed3dc369d6d1b690675b46 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 9 Jan 2015 13:31:11 +0100 Subject: [PATCH 0218/1017] Enable PEP8 checks for E121, E129, E231, E265, E302 * E121 continuation line under-indented for hanging indent * E129 visually indented line with same indent as next logical line * E302 expected 2 blank lines, found x * E231 missing whitespace after ',' * E265 block comment should start with '# ' Change-Id: If22172e8a60e962ddbf43db01e7633c60af0a1bc --- docs/conf.py | 88 +++++++++++++------------- packstack/installer/output_messages.py | 4 -- packstack/installer/processors.py | 3 +- packstack/installer/run_setup.py | 77 +++++++++++++++------- packstack/installer/validators.py | 2 + packstack/plugins/cinder_250.py | 2 +- packstack/plugins/prescript_000.py | 12 ++-- packstack/plugins/sahara_800.py | 4 +- tests/installer/test_drones.py | 2 +- tests/installer/test_processors.py | 2 +- tox.ini | 2 +- 11 files changed, 114 insertions(+), 84 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index 938dcdad2..c2453bb8c 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -19,12 +19,12 @@ # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) +# sys.path.insert(0, os.path.abspath('.')) # -- General configuration ----------------------------------------------------- # If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' +# needs_sphinx = '1.0' # Add any Sphinx extension module names here, as strings. They can be extensions # coming with Sphinx (named 'sphinx.ext.*') or your custom ones. @@ -37,7 +37,7 @@ source_suffix = '.rst' # The encoding of source files. -#source_encoding = 'utf-8-sig' +# source_encoding = 'utf-8-sig' # The master toctree document. master_doc = 'index' @@ -57,37 +57,37 @@ # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. -#language = None +# language = None # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: -#today = '' +# today = '' # Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' +# today_fmt = '%B %d, %Y' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. exclude_patterns = ['_build'] # The reST default role (used for this markup: `text`) to use for all documents. -#default_role = None +# default_role = None # If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True +# add_function_parentheses = True # If true, the current module name will be prepended to all description # unit titles (such as .. function::). -#add_module_names = True +# add_module_names = True # If true, sectionauthor and moduleauthor directives will be shown in the # output. They are ignored by default. -#show_authors = False +# show_authors = False # The name of the Pygments (syntax highlighting) style to use. pygments_style = 'sphinx' # A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] +# modindex_common_prefix = [] # -- Options for HTML output --------------------------------------------------- @@ -99,26 +99,26 @@ # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the # documentation. -#html_theme_options = {} +# html_theme_options = {} # Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] +# html_theme_path = [] # The name for this set of Sphinx documents. If None, it defaults to # " v documentation". -#html_title = None +# html_title = None # A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None +# html_short_title = None # The name of an image file (relative to this directory) to place at the top # of the sidebar. -#html_logo = None +# html_logo = None # The name of an image file (within the static path) to use as favicon of the # docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. -#html_favicon = None +# html_favicon = None # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, @@ -127,44 +127,44 @@ # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' +# html_last_updated_fmt = '%b %d, %Y' # If true, SmartyPants will be used to convert quotes and dashes to # typographically correct entities. -#html_use_smartypants = True +# html_use_smartypants = True # Custom sidebar templates, maps document names to template names. -#html_sidebars = {} +# html_sidebars = {} # Additional templates that should be rendered to pages, maps page names to # template names. -#html_additional_pages = {} +# html_additional_pages = {} # If false, no module index is generated. -#html_domain_indices = True +# html_domain_indices = True # If false, no index is generated. -#html_use_index = True +# html_use_index = True # If true, the index is split into individual pages for each letter. -#html_split_index = False +# html_split_index = False # If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True +# html_show_sourcelink = True # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True +# html_show_sphinx = True # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True +# html_show_copyright = True # If true, an OpenSearch description file will be output, and all pages will # contain a tag referring to it. The value of this option must be the # base URL from which the finished HTML is served. -#html_use_opensearch = '' +# html_use_opensearch = '' # This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None +# html_file_suffix = None # Output file base name for HTML help builder. htmlhelp_basename = 'packstackdoc' @@ -174,40 +174,40 @@ latex_elements = { # The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', +# 'papersize': 'letterpaper', # The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', +# 'pointsize': '10pt', # Additional stuff for the LaTeX preamble. -#'preamble': '', +# 'preamble': '', } # Grouping the document tree into LaTeX files. List of tuples # (source start file, target name, title, author, documentclass [howto/manual]). latex_documents = [ - ('index', 'packstack.tex', u'packstack Documentation', u'Derek Higgins', 'manual'), + ('index', 'packstack.tex', u'packstack Documentation', u'Derek Higgins', 'manual'), ] # The name of an image file (relative to this directory) to place at the top of # the title page. -#latex_logo = None +# latex_logo = None # For "manual" documents, if this is true, then toplevel headings are parts, # not chapters. -#latex_use_parts = False +# latex_use_parts = False # If true, show page references after internal links. -#latex_show_pagerefs = False +# latex_show_pagerefs = False # If true, show URL addresses after external links. -#latex_show_urls = False +# latex_show_urls = False # Documents to append as an appendix to all manuals. -#latex_appendices = [] +# latex_appendices = [] # If false, no module index is generated. -#latex_domain_indices = True +# latex_domain_indices = True # -- Options for manual page output -------------------------------------------- @@ -219,7 +219,7 @@ ] # If true, show URL addresses after external links. -#man_show_urls = False +# man_show_urls = False # -- Options for Texinfo output ------------------------------------------------ @@ -228,16 +228,16 @@ # (source start file, target name, title, author, # dir menu entry, description, category) texinfo_documents = [ - ('index', 'packstack', u'packstack Documentation', + ('index', 'packstack', u'packstack Documentation', u'Derek Higgins', 'packstack', 'One line description of project.', 'Miscellaneous'), ] # Documents to append as an appendix to all manuals. -#texinfo_appendices = [] +# texinfo_appendices = [] # If false, no module index is generated. -#texinfo_domain_indices = True +# texinfo_domain_indices = True # How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' +# texinfo_show_urls = 'footnote' diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 8907dc7b9..c7f52f667 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -14,10 +14,6 @@ import basedefs -##################### -####INFO MESSAGES#### -##################### - INFO_HEADER = "Welcome to the %s setup utility" % basedefs.APP_NAME INFO_INSTALL_SUCCESS = "\n **** Installation completed successfully ******\n" INFO_INSTALL = "Installing:" diff --git a/packstack/installer/processors.py b/packstack/installer/processors.py index 553ce3023..37b0566b7 100644 --- a/packstack/installer/processors.py +++ b/packstack/installer/processors.py @@ -77,6 +77,7 @@ def process_add_quotes_around_values(param, param_name, config=None): param = ','.join(params_list) return param + def process_password(param, param_name, config=None): """ Process passwords, checking the following: @@ -84,7 +85,7 @@ def process_password(param, param_name, config=None): 2- Otherwise, check for a global default password, and use it if available 3- As a last resort, generate a random password """ - if not hasattr(process_password,"pw_dict"): + if not hasattr(process_password, "pw_dict"): process_password.pw_dict = {} if param == "PW_PLACEHOLDER": diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index e737237fa..f03a9359a 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -28,10 +28,11 @@ commandLineValues = {} # List to hold all values to be masked in logging (i.e. passwords and sensitive data) -#TODO: read default values from conf_param? +# TODO: read default values from conf_param? masked_value_set = set() tmpfiles = [] + def initLogging(debug): try: logFile = os.path.join(basedefs.DIR_LOG, basedefs.FILE_LOG) @@ -60,6 +61,7 @@ def initLogging(debug): return logFile + def _getInputFromUser(param): """ this private func reads the data from the user @@ -89,7 +91,7 @@ def _getInputFromUser(param): message.write(": ") message.seek(0) - #mask password or hidden fields + # mask password or hidden fields if (param.MASK_INPUT): userInput = getpass.getpass("%s :" % (param.PROMPT)) @@ -133,6 +135,7 @@ def _getInputFromUser(param): logging.error(traceback.format_exc()) raise Exception(output_messages.ERR_EXP_READ_INPUT_PARAM % (param.CONF_NAME)) + def input_param(param): """ this func will read input from user @@ -141,7 +144,7 @@ def input_param(param): # We need to check if a param needs confirmation, (i.e. ask user twice) # Do not validate if it was given from the command line if (param.NEED_CONFIRM and not commandLineValues.has_key(param.CONF_NAME)): - #create a copy of the param so we can call it twice + # create a copy of the param so we can call it twice confirmedParam = copy.deepcopy(param) confirmedParamName = param.CONF_NAME + "_CONFIRMED" confirmedParam.CONF_NAME = confirmedParamName @@ -160,6 +163,7 @@ def input_param(param): return param + def _askYesNo(question=None): message = StringIO() @@ -182,6 +186,7 @@ def _askYesNo(question=None): return answer == 'y' + def _addDefaultsToMaskedValueSet(): """ For every param in conf_params @@ -195,6 +200,7 @@ def _addDefaultsToMaskedValueSet(): if ((param.MASK_INPUT == True) and param.DEFAULT_VALUE != ""): masked_value_set.add(param.DEFAULT_VALUE) + def _updateMaskedValueSet(): """ For every param in conf @@ -207,6 +213,7 @@ def _updateMaskedValueSet(): if (controller.getParamKeyValue(confName, "MASK_INPUT") == True): masked_value_set.add(controller.CONF[confName]) + def mask(input): """ Gets a dict/list/str and search maksked values in them. @@ -234,6 +241,7 @@ def mask(input): return output + def removeMaskString(maskedString): """ remove an element from masked_value_set @@ -252,6 +260,7 @@ def removeMaskString(maskedString): if found: masked_value_set.remove(maskedString) + def validate_param_value(param, value): cname = param.CONF_NAME logging.debug("Validating parameter %s." % cname) @@ -265,6 +274,7 @@ def validate_param_value(param, value): print 'Parameter %s failed validation: %s' % (cname, ex) raise + def process_param_value(param, value): _value = value proclist = param.PROCESSORS or [] @@ -287,6 +297,7 @@ def process_param_value(param, value): raise return _value + def _handleGroupCondition(config, conditionName, conditionValue): """ handle params group pre/post condition @@ -364,6 +375,7 @@ def _loadParamFromFile(config, section, param_name): return value + def _handleAnswerFileParams(answerFile): """ handle loading and validating @@ -428,6 +440,7 @@ def _getanswerfilepath(): controller.MESSAGES.append(msg) return path + def _gettmpanswerfilepath(): path = None msg = "Could not find a suitable path on which to create the temporary answerfile" @@ -441,6 +454,7 @@ def _gettmpanswerfilepath(): return path + def _handleInteractiveParams(): try: logging.debug("Groups: %s" % ', '.join([x.GROUP_NAME for x in controller.getAllGroups()])) @@ -461,7 +475,7 @@ def _handleInteractiveParams(): for param in group.parameters.itervalues(): if not param.CONDITION: input_param(param) - #update password list, so we know to mask them + # update password list, so we know to mask them _updateMaskedValueSet() postConditionValue = True @@ -474,8 +488,8 @@ def _handleInteractiveParams(): if postConditionValue == group.POST_CONDITION_MATCH: inputLoop = False else: - #we clear the value of all params in the group - #in order to re-input them by the user + # we clear the value of all params in the group + # in order to re-input them by the user for param in group.parameters.itervalues(): if controller.CONF.has_key(param.CONF_NAME): del controller.CONF[param.CONF_NAME] @@ -498,6 +512,7 @@ def _handleInteractiveParams(): logging.error(traceback.format_exc()) raise Exception(output_messages.ERR_EXP_HANDLE_PARAMS) + def _handleParams(configFile): _addDefaultsToMaskedValueSet() if configFile: @@ -505,13 +520,14 @@ def _handleParams(configFile): else: _handleInteractiveParams() + def _getConditionValue(matchMember): returnValue = False if type(matchMember) == types.FunctionType: returnValue = matchMember(controller.CONF) elif type(matchMember) == types.StringType: - #we assume that if we get a string as a member it is the name - #of a member of conf_params + # we assume that if we get a string as a member it is the name + # of a member of conf_params if not controller.CONF.has_key(matchMember): param = controller.getParamByName(matchMember) input_param(param) @@ -521,6 +537,7 @@ def _getConditionValue(matchMember): return returnValue + def _displaySummary(): print output_messages.INFO_DSPLY_PARAMS @@ -561,12 +578,14 @@ def _displaySummary(): else: logging.debug("user chose to accept user parameters") + def _printAdditionalMessages(): if len(controller.MESSAGES) > 0: - print "\n",output_messages.INFO_ADDTIONAL_MSG + print "\n", output_messages.INFO_ADDTIONAL_MSG for msg in controller.MESSAGES: print output_messages.INFO_ADDTIONAL_MSG_BULLET % (msg) + def _addFinalInfoMsg(logFile): """ add info msg to the user finalizing the @@ -590,6 +609,7 @@ def _summaryParamsToLog(): def runSequences(): controller.runAllSequences() + def _main(options, configFile=None, logFile=None): print output_messages.INFO_HEADER print("") @@ -611,7 +631,7 @@ def _main(options, configFile=None, logFile=None): logging.debug(mask(controller.CONF)) # Start configuration stage - print "\n",output_messages.INFO_INSTALL + print "\n", output_messages.INFO_INSTALL # Initialize Sequences initPluginsSequences() @@ -620,7 +640,7 @@ def _main(options, configFile=None, logFile=None): runSequences() # Lock rhevm version - #_lockRpmVersion() + # _lockRpmVersion() # Print info _addFinalInfoMsg(logFile) @@ -656,6 +676,7 @@ def remove_remote_var_dirs(options, config, messages): logging.exception(e) messages.append(utils.color_text(msg, 'red')) + def remove_temp_files(): """ Removes any temporary files generated during @@ -701,6 +722,7 @@ def generateAnswerFile(outputFile, overrides={}): 'conf_name': param.CONF_NAME} ans_file.write(fmt % args) + def single_step_aio_install(options, logFile): """ Installs an All in One host on this host""" @@ -717,12 +739,13 @@ def single_step_aio_install(options, logFile): # If we are doing an all-in-one install, do demo provisioning # unless specifically told not to - if (options.os_neutron_install != "n" and \ - not options.provision_all_in_one_ovs_bridge): - options.provision_all_in_one_ovs_bridge = "y" + if (options.os_neutron_install != "n" and + not options.provision_all_in_one_ovs_bridge): + options.provision_all_in_one_ovs_bridge = "y" single_step_install(options, logFile) + def single_step_install(options, logFile): answerfilepath = _gettmpanswerfilepath() if not answerfilepath: @@ -747,11 +770,12 @@ def single_step_install(options, logFile): # We can also override defaults with command line options _set_command_line_values(options) - for key,value in commandLineValues.items(): + for key, value in commandLineValues.items(): overrides[key] = value generateAnswerFile(answerfilepath, overrides) - _main(options,answerfilepath, logFile) + _main(options, answerfilepath, logFile) + def initCmdLineParser(): """ @@ -761,7 +785,7 @@ def initCmdLineParser(): # Init parser and all general flags usage = "usage: %prog [options] [--help]" - parser = OptionParser(usage=usage,version="%prog {0} {1}".format(version.release_string(), version.version_string())) + parser = OptionParser(usage=usage, version="%prog {0} {1}".format(version.release_string(), version.version_string())) parser.add_option("--gen-answer-file", help="Generate a template of an answer file, using this option excludes all other options") parser.add_option("--answer-file", help="Runs the configuration in non-interactive mode, extracting all information from the \ configuration file. using this option excludes all other options") @@ -796,6 +820,7 @@ def initCmdLineParser(): return parser + def printOptions(): """ print and document the available options to the answer file (rst format) @@ -815,6 +840,7 @@ def printOptions(): print " %s %s" % (paramUsage, optionsList) print + def plugin_compare(x, y): """ Used to sort the plugin file list @@ -826,6 +852,7 @@ def plugin_compare(x, y): y_cmp = y_match.group(1) return int(x_cmp) - int(y_cmp) + def loadPlugins(): """ Load All plugins from ./plugins @@ -852,8 +879,9 @@ def loadPlugins(): logging.error(traceback.format_exc()) raise Exception("Failed to load plugin from file %s" % item) + def checkPlugin(plugin): - for funcName in ['initConfig','initSequences']: + for funcName in ['initConfig', 'initSequences']: if not hasattr(plugin, funcName): raise ImportError("Plugin %s does not contain the %s function" % (plugin.__class__, funcName)) @@ -877,7 +905,7 @@ def countCmdLineFlags(options, flag): def validateSingleFlag(options, flag): counter = countCmdLineFlags(options, flag) if counter > 0: - flag = flag.replace("_","-") + flag = flag.replace("_", "-") msg = output_messages.ERR_ONLY_1_FLAG % ("--%s" % flag) raise FlagValidationError(msg) @@ -886,18 +914,21 @@ def initPluginsConfig(): for plugin in controller.getAllPlugins(): plugin.initConfig(controller) + def initPluginsSequences(): for plugin in controller.getAllPlugins(): plugin.initSequences(controller) + def _set_command_line_values(options): for key, value in options.__dict__.items(): # Replace the _ with - in the string since optparse replace _ with - for group in controller.getAllGroups(): - param = group.search("CMD_OPTION", key.replace("_","-")) + param = group.search("CMD_OPTION", key.replace("_", "-")) if len(param) > 0 and value: commandLineValues[param[0].CONF_NAME] = value + def main(): try: # Load Plugins @@ -935,9 +966,9 @@ def main(): # We can also override defaults with command line options overrides = {} _set_command_line_values(options) - for key,value in commandLineValues.items(): + for key, value in commandLineValues.items(): overrides[key] = value - generateAnswerFile(answerfilepath,overrides) + generateAnswerFile(answerfilepath, overrides) _handleParams(answerfilepath) generateAnswerFile(options.gen_answer_file) # Are we installing an all in one @@ -957,7 +988,7 @@ def main(): validateSingleFlag(options, "answer_file") # If using an answer file, setting a default password # does not really make sense - if getattr(options,'default_password',None): + if getattr(options, 'default_password', None): msg = ('Please do not set --default-password ' 'when specifying an answer file.') raise FlagValidationError(msg) diff --git a/packstack/installer/validators.py b/packstack/installer/validators.py index 35876989a..92c11fc5c 100644 --- a/packstack/installer/validators.py +++ b/packstack/installer/validators.py @@ -208,6 +208,8 @@ def validate_multi_ping(param, options=None): _tested_ports = [] + + def touch_port(host, port): """ Check that provided host is listening on provided port. diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index dd1ce07d5..8156fbfa4 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -753,7 +753,7 @@ def create_manifest(config, messages): fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and - config['CONFIG_VMWARE_BACKEND'] == 'n'): + config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 0e0a6268b..19e6f777e 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -254,11 +254,11 @@ def initConfig(controller): {"CMD_OPTION": "os-trove-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Database (Trove)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Database (Trove)" ), "PROMPT": ( - "Should Packstack install OpenStack Database (Trove)" + "Should Packstack install OpenStack Database (Trove)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], @@ -272,11 +272,11 @@ def initConfig(controller): {"CMD_OPTION": "os-ironic-install", "USAGE": ( - "Set to 'y' if you would like Packstack to install " - "OpenStack Bare Metal (Ironic)" + "Set to 'y' if you would like Packstack to install " + "OpenStack Bare Metal (Ironic)" ), "PROMPT": ( - "Should Packstack install OpenStack Bare Metal (Ironic)" + "Should Packstack install OpenStack Bare Metal (Ironic)" ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], diff --git a/packstack/plugins/sahara_800.py b/packstack/plugins/sahara_800.py index d3e7c11f7..08478795e 100644 --- a/packstack/plugins/sahara_800.py +++ b/packstack/plugins/sahara_800.py @@ -12,7 +12,7 @@ appendManifestFile, createFirewallResources) -#------------------ Sahara installer initialization ------------------ +# ------------------ Sahara installer initialization ------------------ PLUGIN_NAME = "OS-Sahara" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, "blue") @@ -71,7 +71,7 @@ def initSequences(controller): ] controller.addSequence("Installing Sahara", [], [], saharasteps) -#-------------------------- step functions -------------------------- +# -------------------------- step functions -------------------------- def create_keystone_manifest(config, messages): diff --git a/tests/installer/test_drones.py b/tests/installer/test_drones.py index 0b3b64f6b..ba755caf2 100644 --- a/tests/installer/test_drones.py +++ b/tests/installer/test_drones.py @@ -33,7 +33,7 @@ def setUp(self): def tearDown(self): # remove the temp directory - #shutil.rmtree(self.tempdir) + # shutil.rmtree(self.tempdir) pass def setUp(self): diff --git a/tests/installer/test_processors.py b/tests/installer/test_processors.py index 469a625f9..d7161c1bd 100644 --- a/tests/installer/test_processors.py +++ b/tests/installer/test_processors.py @@ -38,4 +38,4 @@ def test_process_ssh_key(self): # test if key exists # XXX: process_ssh_key does not create ssh key during test run # ... not sure why, nevertheless it works in normal run - #self.assertEquals(True, os.path.isfile(path)) + # self.assertEquals(True, os.path.isfile(path)) diff --git a/tox.ini b/tox.ini index 46a8466e6..b7a4f6135 100644 --- a/tox.ini +++ b/tox.ini @@ -33,6 +33,6 @@ commands = python setup.py build_sphinx # E123, E125 skipped as they are invalid PEP-8. # # All other checks should be enabled in the future. -ignore = E123,E125,H803,E128,F403,F821,E127,F811,E265,F401,F841,E129,E231,E501,E302,E272,E111,E502,E202,W601,E271,E721,E712,E261,E131,E126,E303,E711,E241,E713,E121,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 +ignore = E123,E125,H803,E128,F403,F821,E127,F811,F401,F841,E501,E272,E111,E502,E202,W601,E271,E721,E712,E261,E131,E126,E303,E711,E241,E713,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 show-source = True exclude=.venv,.git,.tox From 6f41529b222ad36222ceaf19ff667ae40447df84 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Mon, 12 Jan 2015 11:51:21 -0700 Subject: [PATCH 0219/1017] Fix --version switch error When you use the --version switch you get this error: UnboundLocalError: local variable 'options' referenced before assignment Change-Id: I84fadc601c0b53e68b57a94d07fc735a04b33a96 --- packstack/installer/run_setup.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index e737237fa..5a8d9e6a2 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -899,6 +899,8 @@ def _set_command_line_values(options): commandLineValues[param[0].CONF_NAME] = value def main(): + options = "" + try: # Load Plugins loadPlugins() From aa1a6e986f2fa23e55134c741ae23cbb5bc708df Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 13 Jan 2015 11:23:35 -0500 Subject: [PATCH 0220/1017] [Apache] Fix concat::setup deprecation warning Change-Id: I7d106d49acc3e29831b5dd7bc068b8dd7dc0e3b0 --- packstack/puppet/modules/packstack/manifests/apache_common.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/packstack/puppet/modules/packstack/manifests/apache_common.pp b/packstack/puppet/modules/packstack/manifests/apache_common.pp index dd1007c01..97a29bdae 100644 --- a/packstack/puppet/modules/packstack/manifests/apache_common.pp +++ b/packstack/puppet/modules/packstack/manifests/apache_common.pp @@ -17,7 +17,6 @@ } # make sure the ports.conf concat fragments from previous # runs are not overwritten by subsequent runs - include ::concat::setup $my_safe_name = regsubst($::apache::params::ports_file, '[/:]', '_', 'G') $my_fragdir = "${concat::setup::concatdir}/${my_safe_name}" File<| title == "${my_fragdir}/fragments" |> { From 37a4004873b6a0aec51f92b36b381f5468394424 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Wed, 14 Jan 2015 16:11:55 +0100 Subject: [PATCH 0221/1017] Bulletproof novncproxy setting This patch implements setting correct IP address in case FQDNs have not been correctly set and somebody is trying to deploy multihost OpenStack. Change-Id: Ib24ea4f5cbcb6a44f5d9d8d0a699e163c3b65c25 Fixes: rhbz#1172241 --- packstack/plugins/prescript_000.py | 3 +- packstack/puppet/modules/packstack/Gemfile | 14 ++++++++ packstack/puppet/modules/packstack/Rakefile | 6 ++++ .../puppet/parser/functions/choose_my_ip.rb | 30 ++++++++++++++++ .../modules/packstack/spec/spec_helper.rb | 10 ++++++ .../parser/functions/choose_my_ip_spec.rb | 36 +++++++++++++++++++ packstack/puppet/templates/nova_compute.pp | 9 +++-- 7 files changed, 102 insertions(+), 6 deletions(-) create mode 100644 packstack/puppet/modules/packstack/Gemfile create mode 100644 packstack/puppet/modules/packstack/Rakefile create mode 100644 packstack/puppet/modules/packstack/lib/puppet/parser/functions/choose_my_ip.rb create mode 100644 packstack/puppet/modules/packstack/spec/spec_helper.rb create mode 100644 packstack/puppet/modules/packstack/spec/unit/puppet/parser/functions/choose_my_ip_spec.rb diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 0e0a6268b..0f5a29de8 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -698,7 +698,8 @@ def discover(config, messages): # be used for that too). details = {} release_regexp = re.compile(r'^(?P.*) release (?P[\d\.]*)') - for host in filtered_hosts(config): + config['HOST_LIST'] = list(filtered_hosts(config)) + for host in config['HOST_LIST']: details.setdefault(host, {}) server = utils.ScriptRunner(host) # discover OS and release diff --git a/packstack/puppet/modules/packstack/Gemfile b/packstack/puppet/modules/packstack/Gemfile new file mode 100644 index 000000000..5c7ec5e83 --- /dev/null +++ b/packstack/puppet/modules/packstack/Gemfile @@ -0,0 +1,14 @@ +source 'https://rubygems.org' + +group :development, :test do + gem 'puppetlabs_spec_helper', :require => false + gem 'puppet-lint', '~> 0.3.2' + gem 'rake', '10.1.1' + gem 'rspec', '< 2.99' +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end diff --git a/packstack/puppet/modules/packstack/Rakefile b/packstack/puppet/modules/packstack/Rakefile new file mode 100644 index 000000000..4c2b2ed07 --- /dev/null +++ b/packstack/puppet/modules/packstack/Rakefile @@ -0,0 +1,6 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' + +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_parameter_defaults') diff --git a/packstack/puppet/modules/packstack/lib/puppet/parser/functions/choose_my_ip.rb b/packstack/puppet/modules/packstack/lib/puppet/parser/functions/choose_my_ip.rb new file mode 100644 index 000000000..20eb5b0ad --- /dev/null +++ b/packstack/puppet/modules/packstack/lib/puppet/parser/functions/choose_my_ip.rb @@ -0,0 +1,30 @@ + +# Function returns host's IP selected from list of IPs +module Puppet::Parser::Functions + newfunction(:choose_my_ip, :type => :rvalue) do |args| + + if args.size < 1 + raise( + Puppet::ParseError, + "choose_my_ip(): Wrong number of arguments given (#{args.size} for 1)" + ) + end + + host_list = args[0] + if not host_list.kind_of?(Array) + host_list = [host_list] + end + my_ips = lookupvar('interfaces').split(',').map do |interface| + interface.strip! + lookupvar("ipaddress_#{interface}") + end + + result = nil + host_list.each do |ip| + if my_ips.include? ip + result = ip + end + end + result + end +end diff --git a/packstack/puppet/modules/packstack/spec/spec_helper.rb b/packstack/puppet/modules/packstack/spec/spec_helper.rb new file mode 100644 index 000000000..7cbc76a1e --- /dev/null +++ b/packstack/puppet/modules/packstack/spec/spec_helper.rb @@ -0,0 +1,10 @@ +require 'puppetlabs_spec_helper/module_spec_helper' + +fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures')) + +RSpec.configure do |c| + c.alias_it_should_behave_like_to :it_configures, 'configures' + c.alias_it_should_behave_like_to :it_raises, 'raises' + c.module_path = File.join(fixture_path, 'modules') + c.manifest_dir = File.join(fixture_path, 'manifests') +end diff --git a/packstack/puppet/modules/packstack/spec/unit/puppet/parser/functions/choose_my_ip_spec.rb b/packstack/puppet/modules/packstack/spec/unit/puppet/parser/functions/choose_my_ip_spec.rb new file mode 100644 index 000000000..2283e509e --- /dev/null +++ b/packstack/puppet/modules/packstack/spec/unit/puppet/parser/functions/choose_my_ip_spec.rb @@ -0,0 +1,36 @@ + +require 'spec_helper' + +describe "choose_my_ip function" do + + let :scope do + PuppetlabsSpec::PuppetInternals.scope + end + + let :subject do + function_name = Puppet::Parser::Functions.function(:choose_my_ip) + scope.method(function_name) + end + + context "basic unit tests" do + before :each do + scope.stubs(:lookupvar).with('interfaces').returns('eth0,eth1,lo') + scope.stubs(:lookupvar).with('ipaddress_eth1').returns('1.2.3.4') + scope.stubs(:lookupvar).with('ipaddress_eth0').returns('2.3.4.5') + scope.stubs(:lookupvar).with('ipaddress_lo').returns('127.0.0.1') + end + + it 'should select correct ip' do + result = subject.call([['1.1.1.1', '2.3.4.5', '3.3.3.3']]) + result.should(eq('2.3.4.5')) + end + + it "should raise a ParseError if there is less than 1 arguments" do + lambda { scope.function_choose_my_ip([]) }.should( + raise_error(Puppet::ParseError) + ) + end + + end + +end diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 6cc4b7941..1d71990bd 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -35,12 +35,11 @@ default => 'http', } -if ($::fqdn != '' and $::fqdn != 'localhost') { - $vncproxy_server = $::fqdn +if ($::fqdn == '' or $::fqdn =~ /localhost/) { + # For cases where FQDNs have not been correctly set + $vncproxy_server = choose_my_ip(hiera('HOST_LIST')) } else { - # Multihost does not work without proper FQDN setup, so we use controller IP, - # because this case can come up only in usecase, which is all-in-one - $vncproxy_server = hiera('CONFIG_CONTROLLER_HOST') + $vncproxy_server = $::fqdn } class { 'nova::compute': From 496681dd51a06c0f7e65f3dfa26f1426f7fec7fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Thu, 15 Jan 2015 12:17:27 +0100 Subject: [PATCH 0222/1017] Remove QPID ssl package installation onlyif does not work as it supposed to and it failing Puppet with: Debug: /Stage[main]/Main/Enable_qpid[qpid]/Exec[install_qpid_ssl]/onlyif: Error: No matching Packages to list While from Puppet PoV this is valid message, we would need to add special error ignore rule in Packstack just for this case. Because separate ssl package for QPID won't be used for Juno+, this rule is removed. Backports to Icehouse- has to have the special error ignore rule instead. Change-Id: Ieb637094fb89bacb9ef6f1cafd38e1b56d044ef1 Fixes: rhbz#1179859 --- packstack/puppet/templates/amqp.pp | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 20ad88dc2..491dc5328 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -75,17 +75,6 @@ ssl_database_password => hiera('CONFIG_AMQP_NSS_CERTDB_PW'), } - if $enable_ssl { - # If there is qpid-cpp-server-ssl install it - exec { 'install_qpid_ssl': - path => '/usr/bin', - command => 'yum install -y -d 0 -e 0 qpid-cpp-server-ssl', - onlyif => 'yum info qpid-cpp-server-ssl', - before => Service['qpidd'], - require => Package['qpid-cpp-server'], - } - } - if $enable_auth == 'y' { add_qpid_user { 'qpid_user': } } @@ -110,4 +99,3 @@ require => Package['qpid-cpp-server'], } } - From 5a19134459fd9e88e05163a06a1c6887d7bbae9f Mon Sep 17 00:00:00 2001 From: Chris Dent Date: Mon, 12 Jan 2015 16:12:01 +0000 Subject: [PATCH 0223/1017] Update redis-sentinel support to handle multiple sentinels If there are multiple sentinels we would like to configure the coordination backend to use all of them. This change makes that possible by constructing a coordination url that lists all the sentinel hosts: one in the netloc portion of the url and the rest as sentinel_fallback parameters. If no sentinel hosts are provided, none are used. If only one is provided, only the first host is set, no fallbacks. This change also ensures that the configured sentinel port is respected in the generated sentinel configurations and in the ceilometer coordination url and that redis slaves bind to an appropriate host. This URL format will be present in the forthcoming tooz 0.11. Change-Id: I49edd2143b800ee1c3020fc04ed5ad817ddffe6c --- packstack/plugins/ceilometer_800.py | 15 +++++++++++++++ packstack/puppet/templates/ceilometer.pp | 8 +++++++- packstack/puppet/templates/redis_sentinel.pp | 11 +++++++---- packstack/puppet/templates/redis_slave.pp | 2 +- 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index f35d6a87c..bf76dd43f 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -249,6 +249,21 @@ def create_manifest(config, messages): manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) manifestdata += getManifestTemplate("ceilometer") + if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': + # Determine if we need to configure multiple sentinel hosts as + # fallbacks for use in coordination url. + sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']) + sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT'] + sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] + if len(sentinel_hosts) > 1: + sentinel_fallbacks = '&'.join(['sentinel_fallback=%s:%s' % + (host, sentinel_port) + for host in sentinel_hosts + if host != sentinel_contact]) + else: + sentinel_fallbacks = '' + config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks + fw_details = dict() key = "ceilometer_api" fw_details.setdefault(key, {}) diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index e6f05fcd9..9ab7ead5a 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -6,10 +6,16 @@ $redis_host = hiera('CONFIG_REDIS_MASTER_HOST') $redis_port = hiera('CONFIG_REDIS_PORT') $sentinel_host = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST') + $sentinel_fallbacks = hiera('CONFIG_REDIS_SENTINEL_FALLBACKS') if $sentinel_host != '' { $master_name = hiera('CONFIG_REDIS_MASTER_NAME') $sentinel_port = hiera('CONFIG_REDIS_SENTINEL_PORT') - $coordination_url = "redis://${sentinel_host}:${sentinel_port}?sentinel=${master_name}" + $base_coordination_url = "redis://${sentinel_host}:${sentinel_port}?sentinel=${master_name}" + if $sentinel_fallbacks != '' { + $coordination_url = "${base_coordination_url}&${sentinel_fallbacks}" + } else { + $coordination_url = $base_coordination_url + } } else { $coordination_url = "redis://${redis_host}:${redis_port}" } diff --git a/packstack/puppet/templates/redis_sentinel.pp b/packstack/puppet/templates/redis_sentinel.pp index b58406d5c..04512ef74 100644 --- a/packstack/puppet/templates/redis_sentinel.pp +++ b/packstack/puppet/templates/redis_sentinel.pp @@ -2,10 +2,13 @@ $redis_master_port = hiera('CONFIG_REDIS_PORT') $redis_master_name = hiera('CONFIG_REDIS_MASTER_NAME') $redis_sentinel_quorum = hiera('CONFIG_REDIS_SENTINEL_QUORUM') +$redis_sentinel_port = hiera('CONFIG_REDIS_SENTINEL_PORT') class { 'redis::sentinel': - master_name => "${redis_master_name}", - redis_host => $redis_master_host, - redis_port => $redis_master_port, - quorum => $redis_sentinel_quorum, + master_name => "${redis_master_name}", + redis_host => $redis_master_host, + redis_port => $redis_master_port, + quorum => $redis_sentinel_quorum, + sentinel_port => $redis_sentinel_port, + log_file => '/var/log/redis/sentinel.log', } diff --git a/packstack/puppet/templates/redis_slave.pp b/packstack/puppet/templates/redis_slave.pp index 7d26f3224..00be092e5 100644 --- a/packstack/puppet/templates/redis_slave.pp +++ b/packstack/puppet/templates/redis_slave.pp @@ -3,7 +3,7 @@ $redis_master_host = hiera('CONFIG_REDIS_MASTER_HOST') class { 'redis': - bind => $redis_host, + bind => '0.0.0.0', port => $redis_port, appendonly => true, daemonize => false, From 713b745e0efbaaba5695055f6125464f72afcee1 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 16 Jan 2015 12:59:54 +0100 Subject: [PATCH 0224/1017] Enable PEP8 checks for F401, E202, E271, E272, E711, E712 * F401 module imported but unused * E271 multiple spaces after keyword * E272 multiple spaces before keyword * E202 remove extraneous whitespace * E711 comparison to None should be 'if cond is None:' * E712 comparison to True/False should be 'if cond is True/False:' or 'if cond:' Change-Id: I56a1dbee2ae17b8315a55215e2c676e0de8311f7 --- docs/conf.py | 2 +- packstack/installer/basedefs.py | 1 - packstack/installer/core/sequences.py | 2 +- packstack/installer/run_setup.py | 12 ++++++------ packstack/installer/setup_controller.py | 4 ++-- packstack/installer/validators.py | 4 ---- packstack/modules/ospluginutils.py | 3 --- packstack/plugins/trove_850.py | 2 -- .../puppet/modules/packstack/lib/facter/netns.py | 1 - setup.py | 1 - tests/installer/test_drones.py | 2 -- tests/installer/test_processors.py | 2 -- tests/modules/test_ospluginutils.py | 1 - tests/modules/test_puppet.py | 2 +- tests/test_base.py | 5 ----- tests/test_plugin_serverprep.py | 2 -- tox.ini | 2 +- 17 files changed, 12 insertions(+), 36 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index c2453bb8c..d9305ca21 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -11,7 +11,7 @@ # All configuration values have a default; values that are commented out # serve to show the default. -import sys, os +import sys sys.path.append('..') from packstack import version as packstackversion diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index e0cd58798..266e20c1e 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -5,7 +5,6 @@ """ import os -import pwd import sys import datetime import tempfile diff --git a/packstack/installer/core/sequences.py b/packstack/installer/core/sequences.py index b5f8060c5..a9680be8e 100644 --- a/packstack/installer/core/sequences.py +++ b/packstack/installer/core/sequences.py @@ -3,7 +3,7 @@ """ Base class for steps & sequences """ -import re + import sys import logging import traceback diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 4c98f776e..416130aa7 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -197,7 +197,7 @@ def _addDefaultsToMaskedValueSet(): for group in controller.getAllGroups(): for param in group.parameters.itervalues(): # Keep default password values masked, but ignore default empty values - if ((param.MASK_INPUT == True) and param.DEFAULT_VALUE != ""): + if ((param.MASK_INPUT is True) and param.DEFAULT_VALUE != ""): masked_value_set.add(param.DEFAULT_VALUE) @@ -210,7 +210,7 @@ def _updateMaskedValueSet(): global masked_value_set for confName in controller.CONF: # Add all needed values to masked_value_set - if (controller.getParamKeyValue(confName, "MASK_INPUT") == True): + if (controller.getParamKeyValue(confName, "MASK_INPUT") is True): masked_value_set.add(controller.CONF[confName]) @@ -284,7 +284,7 @@ def process_param_value(param, value): try: new_value = proc_func(_value, param.CONF_NAME, controller.CONF) if new_value != _value: - if param.MASK_INPUT == False: + if param.MASK_INPUT is False: msg = output_messages.INFO_CHANGED_VALUE print msg % (_value, new_value) _value = new_value @@ -541,7 +541,7 @@ def _getConditionValue(matchMember): def _displaySummary(): print output_messages.INFO_DSPLY_PARAMS - print "=" * (len(output_messages.INFO_DSPLY_PARAMS) - 1) + print "=" * (len(output_messages.INFO_DSPLY_PARAMS) - 1) logging.info("*** User input summary ***") for group in controller.getAllGroups(): for param in group.parameters.itervalues(): @@ -603,7 +603,7 @@ def _summaryParamsToLog(): for param in group.parameters.itervalues(): if controller.CONF.has_key(param.CONF_NAME): maskedValue = mask(controller.CONF[param.CONF_NAME]) - logging.debug("%s: %s" % (param.CMD_OPTION, maskedValue )) + logging.debug("%s: %s" % (param.CMD_OPTION, maskedValue)) def runSequences(): @@ -892,7 +892,7 @@ def countCmdLineFlags(options, flag): """ counter = 0 # make sure only flag was supplied - for key, value in options.__dict__.items(): + for key, value in options.__dict__.items(): if key in (flag, 'debug', 'timeout', 'dry_run', 'default_password'): next # If anything but flag was called, increment diff --git a/packstack/installer/setup_controller.py b/packstack/installer/setup_controller.py index 8de391227..b18b7e7a7 100644 --- a/packstack/installer/setup_controller.py +++ b/packstack/installer/setup_controller.py @@ -86,7 +86,7 @@ def insertSequenceBeforeSequence(self, sequenceName, desc, cond, cond_match, ste sequence will be inserted BEFORE "update x" """ index = self.__getSequenceIndexByDesc(sequenceName) - if index == None: + if index is None: index = len(self.getAllSequences()) self.__SEQUENCES.insert(index, Sequence(desc, steps_new_format(steps), @@ -119,7 +119,7 @@ def insertGroupBeforeGroup(self, groupName, group, params): group will be inserted BEFORE "update x" """ index = self.__getGroupIndexByDesc(groupName) - if index == None: + if index is None: index = len(self.getAllGroups()) self.__GROUPS.insert(index, Group(group, params)) diff --git a/packstack/installer/validators.py b/packstack/installer/validators.py index 92c11fc5c..6b6be3f90 100644 --- a/packstack/installer/validators.py +++ b/packstack/installer/validators.py @@ -8,13 +8,9 @@ import re import socket import logging -import tempfile -import traceback -import basedefs from . import utils -from .setup_controller import Controller from .exceptions import ParamValidationError diff --git a/packstack/modules/ospluginutils.py b/packstack/modules/ospluginutils.py index d89e444f5..9e7a7df7e 100644 --- a/packstack/modules/ospluginutils.py +++ b/packstack/modules/ospluginutils.py @@ -1,12 +1,9 @@ -import logging import os -import re import yaml from packstack.installer import basedefs from packstack.installer.setup_controller import Controller -from packstack.installer.exceptions import PackStackError controller = Controller() diff --git a/packstack/plugins/trove_850.py b/packstack/plugins/trove_850.py index 6a8916df7..60a92a03d 100644 --- a/packstack/plugins/trove_850.py +++ b/packstack/plugins/trove_850.py @@ -4,8 +4,6 @@ Installs and configures Trove """ -import uuid - from packstack.installer import utils from packstack.installer import validators from packstack.installer import processors diff --git a/packstack/puppet/modules/packstack/lib/facter/netns.py b/packstack/puppet/modules/packstack/lib/facter/netns.py index 076e50ee8..a24d90c4a 100644 --- a/packstack/puppet/modules/packstack/lib/facter/netns.py +++ b/packstack/puppet/modules/packstack/lib/facter/netns.py @@ -8,7 +8,6 @@ import subprocess import sys import tempfile -import time import uuid import unittest diff --git a/setup.py b/setup.py index b020f846b..312fbe81c 100644 --- a/setup.py +++ b/setup.py @@ -4,7 +4,6 @@ import os import shutil import subprocess -import sys from setuptools import setup, find_packages, Command diff --git a/tests/installer/test_drones.py b/tests/installer/test_drones.py index ba755caf2..9df86f7ed 100644 --- a/tests/installer/test_drones.py +++ b/tests/installer/test_drones.py @@ -18,12 +18,10 @@ import os import shutil import tempfile -import subprocess from unittest import TestCase from ..test_base import PackstackTestCaseMixin from packstack.installer.core.drones import * -from packstack.installer import utils class SshTarballTransferMixinTestCase(PackstackTestCaseMixin, TestCase): diff --git a/tests/installer/test_processors.py b/tests/installer/test_processors.py index d7161c1bd..e97ca7276 100644 --- a/tests/installer/test_processors.py +++ b/tests/installer/test_processors.py @@ -16,8 +16,6 @@ # under the License. import os -import shutil -import tempfile from unittest import TestCase from packstack.installer.processors import * diff --git a/tests/modules/test_ospluginutils.py b/tests/modules/test_ospluginutils.py index 0b802ebc4..63077ad67 100644 --- a/tests/modules/test_ospluginutils.py +++ b/tests/modules/test_ospluginutils.py @@ -15,7 +15,6 @@ # License for the specific language governing permissions and limitations # under the License. -import os from unittest import TestCase from ..test_base import PackstackTestCaseMixin diff --git a/tests/modules/test_puppet.py b/tests/modules/test_puppet.py index c3ea9a0bc..0cefdcc16 100644 --- a/tests/modules/test_puppet.py +++ b/tests/modules/test_puppet.py @@ -21,7 +21,7 @@ from ..test_base import PackstackTestCaseMixin from packstack.installer.exceptions import PuppetError -from packstack.modules.puppet import validate_logfile, scan_logfile +from packstack.modules.puppet import validate_logfile class PuppetTestCase(PackstackTestCaseMixin, TestCase): diff --git a/tests/test_base.py b/tests/test_base.py index 1045699eb..27d1a0c53 100644 --- a/tests/test_base.py +++ b/tests/test_base.py @@ -19,12 +19,7 @@ import tempfile import subprocess import logging -import re -from packstack.installer.utils.shell import block_fmt -from packstack.installer.exceptions import (ScriptRuntimeError, - NetworkError) -from packstack.installer.utils.strings import mask_string LOG = logging.getLogger(__name__) diff --git a/tests/test_plugin_serverprep.py b/tests/test_plugin_serverprep.py index ef775880e..11001e42d 100644 --- a/tests/test_plugin_serverprep.py +++ b/tests/test_plugin_serverprep.py @@ -14,12 +14,10 @@ # License for the specific language governing permissions and limitations # under the License. -import os from unittest import TestCase from test_base import PackstackTestCaseMixin from packstack.plugins import serverprep_001 -from packstack.installer.setup_controller import Controller class OSPluginUtilsTestCase(PackstackTestCaseMixin, TestCase): diff --git a/tox.ini b/tox.ini index b7a4f6135..19efcc64a 100644 --- a/tox.ini +++ b/tox.ini @@ -33,6 +33,6 @@ commands = python setup.py build_sphinx # E123, E125 skipped as they are invalid PEP-8. # # All other checks should be enabled in the future. -ignore = E123,E125,H803,E128,F403,F821,E127,F811,F401,F841,E501,E272,E111,E502,E202,W601,E271,E721,E712,E261,E131,E126,E303,E711,E241,E713,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 +ignore = E123,E125,H803,E128,F403,F821,E127,F811,F841,E501,E111,E502,W601,E721,E261,E131,E126,E303,E241,E713,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 show-source = True exclude=.venv,.git,.tox From 1e93a38908e0532d0b377ec391fd2a679218da7a Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 16 Jan 2015 15:52:35 +0100 Subject: [PATCH 0225/1017] Enable PEP8 checks for E111, E241, E261, E401, E502, E713, E721 * E111 indentation is not a multiple of four * E241 multiple spaces after ',' * E261 at least two spaces before inline comment * E401 multiple imports on one line * E502 the backslash is redundant between brackets * E713 test for membership should be 'not in' * E721 do not compare types, use 'isinstance()' Change-Id: I7315dac1734e6adc4ecf2cc2f0cc45d5d6d8b411 --- packstack/installer/core/drones.py | 2 +- packstack/installer/processors.py | 2 +- packstack/installer/run_setup.py | 29 +++++++++++++------------ packstack/installer/setup_controller.py | 2 +- tox.ini | 2 +- 5 files changed, 19 insertions(+), 18 deletions(-) diff --git a/packstack/installer/core/drones.py b/packstack/installer/core/drones.py index fd1a6991b..9e82efa57 100644 --- a/packstack/installer/core/drones.py +++ b/packstack/installer/core/drones.py @@ -249,7 +249,7 @@ def set_observer(self, observer): Registers an observer. Given object should be subclass of class DroneObserver. """ - for attr in ('applying', 'checking', 'finished'): + for attr in ('applying', 'checking', 'finished'): if not hasattr(observer, attr): raise ValueError('Observer object should be a subclass ' 'of class DroneObserver.') diff --git a/packstack/installer/processors.py b/packstack/installer/processors.py index 37b0566b7..2c6d530d3 100644 --- a/packstack/installer/processors.py +++ b/packstack/installer/processors.py @@ -101,7 +101,7 @@ def process_password(param, param_name, config=None): else: param = uuid.uuid4().hex[:16] process_password.pw_dict[unconfirmed_param] = param - elif not param_name in process_password.pw_dict: + elif param_name not in process_password.pw_dict: param = uuid.uuid4().hex[:16] process_password.pw_dict[param_name] = param else: diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 416130aa7..c82d66c80 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -129,7 +129,8 @@ def _getInputFromUser(param): del commandLineValues[param.CONF_NAME] loop = True except KeyboardInterrupt: - print "" # add the new line so messages wont be displayed in the same line as the question + # add the new line so messages wont be displayed in the same line as the question + print "" raise except: logging.error(traceback.format_exc()) @@ -222,21 +223,21 @@ def mask(input): If it finds, it replaces them with '********' """ output = copy.deepcopy(input) - if type(input) == types.DictType: + if isinstance(input, types.DictType): for key in input: - if type(input[key]) == types.StringType: + if isinstance(input[key], types.StringType): output[key] = utils.mask_string(input[key], masked_value_set) - if type(input) == types.ListType: + if isinstance(input, types.ListType): for item in input: org = item orgIndex = input.index(org) - if type(item) == types.StringType: + if isinstance(item, types.StringType): item = utils.mask_string(item, masked_value_set) if item != org: output.remove(org) output.insert(orgIndex, item) - if type(input) == types.StringType: + if isinstance(input, types.StringType): output = utils.mask_string(input, masked_value_set) return output @@ -312,7 +313,7 @@ def _handleGroupCondition(config, conditionName, conditionValue): # If the condition is a string - just read it to global conf # We assume that if we get a string as a member it is the name of a member of conf_params - elif type(conditionName) == types.StringType: + elif isinstance(conditionName, types.StringType): conditionValue = _loadParamFromFile(config, "general", conditionName) else: # Any other type is invalid @@ -410,9 +411,9 @@ def _handleAnswerFileParams(answerFile): # Handle post condition match for group if postConditionValue != group.POST_CONDITION_MATCH: - logging.error("The group condition (%s) returned: %s, which differs from the excpeted output: %s" %\ + logging.error("The group condition (%s) returned: %s, which differs from the excpeted output: %s" % (group.GROUP_NAME, postConditionValue, group.POST_CONDITION_MATCH)) - raise ValueError(output_messages.ERR_EXP_GROUP_VALIDATION_ANS_FILE %\ + raise ValueError(output_messages.ERR_EXP_GROUP_VALIDATION_ANS_FILE % (group.GROUP_NAME, postConditionValue, group.POST_CONDITION_MATCH)) else: logging.debug("condition (%s) passed" % group.POST_CONDITION) @@ -523,9 +524,9 @@ def _handleParams(configFile): def _getConditionValue(matchMember): returnValue = False - if type(matchMember) == types.FunctionType: + if isinstance(matchMember, types.FunctionType): returnValue = matchMember(controller.CONF) - elif type(matchMember) == types.StringType: + elif isinstance(matchMember, types.StringType): # we assume that if we get a string as a member it is the name # of a member of conf_params if not controller.CONF.has_key(matchMember): @@ -875,9 +876,9 @@ def loadPlugins(): checkPlugin(moduleobj) controller.addPlugin(moduleobj) except: - logging.error("Failed to load plugin from file %s", item) - logging.error(traceback.format_exc()) - raise Exception("Failed to load plugin from file %s" % item) + logging.error("Failed to load plugin from file %s", item) + logging.error(traceback.format_exc()) + raise Exception("Failed to load plugin from file %s" % item) def checkPlugin(plugin): diff --git a/packstack/installer/setup_controller.py b/packstack/installer/setup_controller.py index b18b7e7a7..6429d0753 100644 --- a/packstack/installer/setup_controller.py +++ b/packstack/installer/setup_controller.py @@ -21,7 +21,7 @@ class Controller(object): MESSAGES = [] CONF = {} - __single = None # the one, true Singleton ... for god's sake why ??? :) + __single = None # the one, true Singleton ... for god's sake why ??? :) def __new__(self, *args, **kwargs): """ diff --git a/tox.ini b/tox.ini index 19efcc64a..ec837b1d2 100644 --- a/tox.ini +++ b/tox.ini @@ -33,6 +33,6 @@ commands = python setup.py build_sphinx # E123, E125 skipped as they are invalid PEP-8. # # All other checks should be enabled in the future. -ignore = E123,E125,H803,E128,F403,F821,E127,F811,F841,E501,E111,E502,W601,E721,E261,E131,E126,E303,E241,E713,E122,E401,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 +ignore = E123,E125,H803,E128,F403,F821,E127,F811,F841,E501,W601,E131,E126,E303,E122,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 show-source = True exclude=.venv,.git,.tox From f27a2deb0e1ef3a20684608a4899aec0d89f581c Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 19 Jan 2015 15:14:10 +0100 Subject: [PATCH 0226/1017] Add missing usage information for CONFIG_IRONIC_DB_PW Change-Id: Ib49a03a8f2bef88ef0da3f359ec5a8062ea33b1b --- packstack/plugins/ironic_275.py | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/plugins/ironic_275.py b/packstack/plugins/ironic_275.py index 67e1b8807..d35c84a8f 100644 --- a/packstack/plugins/ironic_275.py +++ b/packstack/plugins/ironic_275.py @@ -22,6 +22,7 @@ def initConfig(controller): {"CONF_NAME": "CONFIG_IRONIC_DB_PW", "CMD_OPTION": "os-ironic-db-passwd", "PROMPT": "Enter the password for the Ironic MySQL user", + "USAGE": "The password to use for the Ironic DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], "DEFAULT_VALUE": "PW_PLACEHOLDER", From 53d9c766a8b62136cafd30230ac7e3b830c8d490 Mon Sep 17 00:00:00 2001 From: Luigi Toscano Date: Tue, 20 Jan 2015 15:47:16 +0100 Subject: [PATCH 0227/1017] Fix: Correctly set the use_neutron option The wrong variable was read, which lead to a wrong value of "use_neutron" (always false) even if neutron was installed. Change-Id: I4a03244659e9fc3da9c0ec6def789b410eb4ee99 Closes-Bug: #1412822 --- packstack/puppet/templates/sahara.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/sahara.pp b/packstack/puppet/templates/sahara.pp index b9d23a81b..b5313cc5b 100644 --- a/packstack/puppet/templates/sahara.pp +++ b/packstack/puppet/templates/sahara.pp @@ -14,6 +14,6 @@ os_tenant_name => 'admin', os_auth_url => "http://${sahara_cfg_controller_host}:5000/v2.0", identity_url => "http://${sahara_cfg_controller_host}:35357/", - use_neutron => ($sahara_cfg_controller_host == 'y'), + use_neutron => ($sahara_cfg_config_neutron_install == 'y'), service_host => hiera('CONFIG_SAHARA_HOST'), } From c8de4c0c1c714d1467636464f2aacc727847e74c Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 21 Jan 2015 09:36:17 +0100 Subject: [PATCH 0228/1017] Standardize DB Product Name Change-Id: I05b6e4ec3d206db6e88a5ee5cbe4b08bc9255e05 Signed-off-by: Gael Chamoulaud --- packstack/modules/common.py | 8 ++++---- packstack/plugins/heat_650.py | 4 ++-- packstack/plugins/ironic_275.py | 2 +- .../lib/puppet/provider/remote_database/mysql.rb | 2 +- .../remote/lib/puppet/type/remote_database_user.rb | 2 +- tests/installer/test_setup_params.py | 10 +++++----- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/packstack/modules/common.py b/packstack/modules/common.py index 948a83c26..539be2912 100644 --- a/packstack/modules/common.py +++ b/packstack/modules/common.py @@ -16,8 +16,8 @@ def filtered_hosts(config, exclude=True, dbhost=True): dbinst = config.get('CONFIG_MARIADB_INSTALL') == 'y' vcenter = config.get('CONFIG_VMWARE_BACKEND') == 'y' for hosttype, hostname in utils.host_iter(config): - # if dbhost is being taken into account and we are not installing MySQL - # then we should omit the MySQL host + # if dbhost is being taken into account and we are not installing + # MariaDB then we should omit the MariaDB host if dbhost and not dbinst and hosttype == 'CONFIG_MARIADB_HOST': continue if vcenter and hosttype == 'CONFIG_VCENTER_HOST': @@ -34,6 +34,6 @@ def is_all_in_one(config): returns False. """ # Even if some host have been excluded from installation, we must count - # with them when checking all-in-one. MySQL host should however be omitted - # if we are not installing MySQL + # with them when checking all-in-one. MariaDB host should however be + # omitted if we are not installing MariaDB. return len(filtered_hosts(config, exclude=False, dbhost=True)) == 1 diff --git a/packstack/plugins/heat_650.py b/packstack/plugins/heat_650.py index 3bc3293e9..26182dc21 100644 --- a/packstack/plugins/heat_650.py +++ b/packstack/plugins/heat_650.py @@ -26,8 +26,8 @@ def initConfig(controller): parameters = [ {"CMD_OPTION": "os-heat-mysql-password", "USAGE": ('The password used by Heat user to authenticate against ' - 'MySQL'), - "PROMPT": "Enter the password for the Heat MySQL user", + 'DB'), + "PROMPT": "Enter the password for the Heat DB user", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], "DEFAULT_VALUE": "PW_PLACEHOLDER", diff --git a/packstack/plugins/ironic_275.py b/packstack/plugins/ironic_275.py index d35c84a8f..c67aab442 100644 --- a/packstack/plugins/ironic_275.py +++ b/packstack/plugins/ironic_275.py @@ -21,7 +21,7 @@ def initConfig(controller): ironic_params = [ {"CONF_NAME": "CONFIG_IRONIC_DB_PW", "CMD_OPTION": "os-ironic-db-passwd", - "PROMPT": "Enter the password for the Ironic MySQL user", + "PROMPT": "Enter the password for the Ironic DB user", "USAGE": "The password to use for the Ironic DB access", "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], diff --git a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb index fe14d723c..a430acb7a 100644 --- a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb +++ b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb @@ -1,6 +1,6 @@ Puppet::Type.type(:remote_database).provide(:mysql) do - desc "Manages remote MySQL database." + desc "Manages remote MariaDB database." defaultfor :kernel => 'Linux' diff --git a/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb index 0db0ef024..938cca048 100644 --- a/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb +++ b/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb @@ -12,7 +12,7 @@ raise(ArgumentError, "Invalid database user #{value}") unless value =~ /[\w-]*@[\w%\.:]+/ username = value.split('@')[0] if username.size > 16 - raise ArgumentError, "MySQL usernames are limited to a maximum of 16 characters" + raise ArgumentError, "MariaDB usernames are limited to a maximum of 16 characters" end end end diff --git a/tests/installer/test_setup_params.py b/tests/installer/test_setup_params.py index 2e2ea4061..5dd943d10 100644 --- a/tests/installer/test_setup_params.py +++ b/tests/installer/test_setup_params.py @@ -29,10 +29,10 @@ class ParameterTestCase(PackstackTestCaseMixin, TestCase): def setUp(self): super(ParameterTestCase, self).setUp() self.data = { - "CMD_OPTION": "mysql-host", + "CMD_OPTION": "mariadb-host", "USAGE": ("The IP address of the server on which to " - "install MySQL"), - "PROMPT": "Enter the IP address of the MySQL server", + "install MariaDB"), + "PROMPT": "Enter the IP address of the MariaDB server", "OPTION_LIST": [], "VALIDATORS": [], "DEFAULT_VALUE": "127.0.0.1", @@ -64,8 +64,8 @@ class GroupTestCase(PackstackTestCaseMixin, TestCase): def setUp(self): super(GroupTestCase, self).setUp() self.attrs = { - "GROUP_NAME": "MYSQL", - "DESCRIPTION": "MySQL Config parameters", + "GROUP_NAME": "MARIADB", + "DESCRIPTION": "MariaDB Config parameters", "PRE_CONDITION": "y", "PRE_CONDITION_MATCH": "y", "POST_CONDITION": False, From 3725cb12da924ad706fd9f07689241a0b213ce86 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 13 Jan 2015 11:24:10 -0500 Subject: [PATCH 0229/1017] [Keystone] Fix keystone::endpoint deprecation - Change keystone::endpoint in favor of keystone::resource::service_identity Change-Id: I1b8c0a3ccd45046050b5bd0ee38f8212fe6db4e4 --- packstack/puppet/templates/keystone.pp | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index fc17a8a2f..7f04e541d 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -29,11 +29,15 @@ admin_tenant => 'admin', } -class { 'keystone::endpoint': - public_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", - internal_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", - admin_url => "http://${keystone_endpoint_cfg_ctrl_host}:35357", - region => hiera('CONFIG_KEYSTONE_REGION'), +keystone::resource::service_identity { 'keystone': + public_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", + internal_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", + admin_url => "http://${keystone_endpoint_cfg_ctrl_host}:35357", + region => hiera('CONFIG_KEYSTONE_REGION'), + service_type => 'identity', + service_description => 'OpenStack Identity Service', + configure_user => false, + configure_user_role => false, } # Run token flush every minute (without output so we won't spam admins) From c532db1461d622c2eecd753fe324485f5a22cbb5 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Wed, 21 Jan 2015 17:21:34 +0100 Subject: [PATCH 0230/1017] Enable several PEP8 checks * E122 continuation line missing indentation or outdented * E126 continuation line over-indented for hanging indent * E127 continuation line over-indented for visual indent * E128 continuation line under-indented for visual indent * E131 continuation line unaligned for hanging indent * E303 too many blank lines * W601 .has_key() is deprecated, use 'in' * H234 assertEquals is deprecated, use assertEqual * H401 docstring should not start with a space * H402 one line docstring needs punctuation. Change-Id: I1c264dba19bfe7cb9173e8999429827bd026b930 --- docs/conf.py | 16 ++++---- packstack/installer/basedefs.py | 2 - packstack/installer/core/drones.py | 30 +++++++-------- packstack/installer/core/sequences.py | 1 - packstack/installer/output_messages.py | 4 +- packstack/installer/run_setup.py | 38 +++++++++---------- packstack/installer/utils/shell.py | 3 +- packstack/modules/puppet.py | 4 +- packstack/plugins/ceilometer_800.py | 6 +-- packstack/plugins/neutron_350.py | 2 +- .../modules/packstack/lib/facter/netns.py | 4 +- tests/installer/test_processors.py | 6 +-- tests/installer/test_sequences.py | 2 +- tests/installer/test_utils.py | 16 ++++---- tests/installer/test_validators.py | 20 +++++----- tests/modules/test_ospluginutils.py | 2 +- tests/modules/test_puppet.py | 2 +- tests/test_plugin_serverprep.py | 2 +- tox.ini | 2 +- 19 files changed, 79 insertions(+), 83 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index d9305ca21..f062349bd 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -173,14 +173,14 @@ # -- Options for LaTeX output -------------------------------------------------- latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -# 'papersize': 'letterpaper', + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', -# The font size ('10pt', '11pt' or '12pt'). -# 'pointsize': '10pt', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', -# Additional stuff for the LaTeX preamble. -# 'preamble': '', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', } # Grouping the document tree into LaTeX files. List of tuples @@ -229,8 +229,8 @@ # dir menu entry, description, category) texinfo_documents = [ ('index', 'packstack', u'packstack Documentation', - u'Derek Higgins', 'packstack', 'One line description of project.', - 'Miscellaneous'), + u'Derek Higgins', 'packstack', 'One line description of project.', + 'Miscellaneous'), ] # Documents to append as an appendix to all manuals. diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index 266e20c1e..2a8cbaf72 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -52,8 +52,6 @@ DIR_PLUGINS = os.path.join(DIR_PROJECT_DIR, "plugins") DIR_MODULES = os.path.join(DIR_PROJECT_DIR, "modules") - - EXEC_RPM = "rpm" EXEC_SEMANAGE = "semanage" EXEC_NSLOOKUP = "nslookup" diff --git a/packstack/installer/core/drones.py b/packstack/installer/core/drones.py index 9e82efa57..4c874cc66 100644 --- a/packstack/installer/core/drones.py +++ b/packstack/installer/core/drones.py @@ -24,8 +24,8 @@ def _transfer(self, pack_path, pack_dest, res_dir): script.append("scp %(pack_path)s root@%(node)s:%(pack_dest)s" % args) script.append("ssh -o StrictHostKeyChecking=no " - "-o UserKnownHostsFile=/dev/null root@%(node)s " - "tar -C %(res_dir)s -xpzf %(pack_dest)s" % args) + "-o UserKnownHostsFile=/dev/null root@%(node)s " + "tar -C %(res_dir)s -xpzf %(pack_dest)s" % args) try: script.execute() except ScriptRuntimeError as ex: @@ -124,15 +124,15 @@ def __init__(self, node, resource_dir=None, recipe_dir=None, # remote host IP or hostname self.node = node # working directories on remote host - self.resource_dir = resource_dir or \ - '/tmp/drone%s' % uuid.uuid4().hex[:8] - self.recipe_dir = recipe_dir or \ - os.path.join(self.resource_dir, 'recipes') + self.resource_dir = (resource_dir or + '/tmp/drone%s' % uuid.uuid4().hex[:8]) + self.recipe_dir = (recipe_dir or + os.path.join(self.resource_dir, 'recipes')) # temporary directories - self.remote_tmpdir = remote_tmpdir or \ - '/tmp/drone%s' % uuid.uuid4().hex[:8] - self.local_tmpdir = local_tmpdir or \ - tempfile.mkdtemp(prefix='drone') + self.remote_tmpdir = (remote_tmpdir or + '/tmp/drone%s' % uuid.uuid4().hex[:8]) + self.local_tmpdir = (local_tmpdir or + tempfile.mkdtemp(prefix='drone')) def init_node(self): """ @@ -335,7 +335,7 @@ def init_node(self): server = utils.ScriptRunner(self.node) for pkg in ("puppet", "openssh-clients", "tar"): server.append("rpm -q --whatprovides %(pkg)s || " - "yum install -y %(pkg)s" % locals()) + "yum install -y %(pkg)s" % locals()) server.execute() def add_resource(self, path, resource_type=None): @@ -352,8 +352,8 @@ def _finished(self, recipe): recipe_base.replace(".finished", ".log")) local = utils.ScriptRunner() local.append('scp -o StrictHostKeyChecking=no ' - '-o UserKnownHostsFile=/dev/null ' - 'root@%s:%s %s' % (self.node, recipe, log)) + '-o UserKnownHostsFile=/dev/null ' + 'root@%s:%s %s' % (self.node, recipe, log)) try: # once a remote puppet run has finished, we retrieve # the log file and check it for errors @@ -390,8 +390,8 @@ def _apply(self, recipe): mdir = self._module_dir server.append( "( flock %(rdir)s/ps.lock " - "puppet apply %(loglevel)s --modulepath %(mdir)s " - "%(recipe)s > %(running)s 2>&1 < /dev/null; " + "puppet apply %(loglevel)s --modulepath %(mdir)s " + "%(recipe)s > %(running)s 2>&1 < /dev/null; " "mv %(running)s %(finished)s ) " "> /dev/null 2>&1 < /dev/null &" % locals()) server.execute() diff --git a/packstack/installer/core/sequences.py b/packstack/installer/core/sequences.py index a9680be8e..64c76cbb6 100644 --- a/packstack/installer/core/sequences.py +++ b/packstack/installer/core/sequences.py @@ -48,7 +48,6 @@ def run(self, config=None, messages=None): sys.stdout.flush() - class Sequence(object): """ Wrapper for sequence of setup steps. diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index c7f52f667..840028e28 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -52,8 +52,8 @@ WARN_WEAK_PASS = "Warning: Weak Password." WARN_NM_ENABLED = ("Warning: NetworkManager is active on %s. OpenStack " - "networking currently does not work on systems that have " - "the Network Manager service enabled.") + "networking currently does not work on systems that have " + "the Network Manager service enabled.") ERR_PING = "Error: the provided hostname is unreachable" ERR_SSH = "Error: could not connect to the ssh server: %s" diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index c82d66c80..233920e67 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -77,7 +77,7 @@ def _getInputFromUser(param): else: while loop: # If the value was not supplied by the command line flags - if not commandLineValues.has_key(param.CONF_NAME): + if param.CONF_NAME not in commandLineValues: message = StringIO() message.write(param.PROMPT) @@ -121,11 +121,11 @@ def _getInputFromUser(param): controller.CONF[param.CONF_NAME] = userInput continue else: - if commandLineValues.has_key(param.CONF_NAME): + if param.CONF_NAME in commandLineValues: del commandLineValues[param.CONF_NAME] else: # Delete value from commandLineValues so that we will prompt the user for input - if commandLineValues.has_key(param.CONF_NAME): + if param.CONF_NAME in commandLineValues: del commandLineValues[param.CONF_NAME] loop = True except KeyboardInterrupt: @@ -144,7 +144,7 @@ def input_param(param): """ # We need to check if a param needs confirmation, (i.e. ask user twice) # Do not validate if it was given from the command line - if (param.NEED_CONFIRM and not commandLineValues.has_key(param.CONF_NAME)): + if param.NEED_CONFIRM and param.CONF_NAME not in commandLineValues: # create a copy of the param so we can call it twice confirmedParam = copy.deepcopy(param) confirmedParamName = param.CONF_NAME + "_CONFIRMED" @@ -492,9 +492,9 @@ def _handleInteractiveParams(): # we clear the value of all params in the group # in order to re-input them by the user for param in group.parameters.itervalues(): - if controller.CONF.has_key(param.CONF_NAME): + if param.CONF_NAME in controller.CONF: del controller.CONF[param.CONF_NAME] - if commandLineValues.has_key(param.CONF_NAME): + if param.CONF_NAME in commandLineValues: del commandLineValues[param.CONF_NAME] else: inputLoop = False @@ -529,7 +529,7 @@ def _getConditionValue(matchMember): elif isinstance(matchMember, types.StringType): # we assume that if we get a string as a member it is the name # of a member of conf_params - if not controller.CONF.has_key(matchMember): + if matchMember not in controller.CONF: param = controller.getParamByName(matchMember) input_param(param) returnValue = controller.CONF[matchMember] @@ -546,7 +546,7 @@ def _displaySummary(): logging.info("*** User input summary ***") for group in controller.getAllGroups(): for param in group.parameters.itervalues(): - if not param.USE_DEFAULT and controller.CONF.has_key(param.CONF_NAME): + if not param.USE_DEFAULT and param.CONF_NAME in controller.CONF: cmdOption = param.CMD_OPTION l = 30 - len(cmdOption) maskParam = param.MASK_INPUT @@ -564,14 +564,14 @@ def _displaySummary(): logging.debug("user chose to re-enter the user parameters") for group in controller.getAllGroups(): for param in group.parameters.itervalues(): - if controller.CONF.has_key(param.CONF_NAME): + if param.CONF_NAME in controller.CONF: if not param.MASK_INPUT: param.DEFAULT_VALUE = controller.CONF[param.CONF_NAME] # Remove the string from mask_value_set in order # to remove values that might be over overwritten. removeMaskString(controller.CONF[param.CONF_NAME]) del controller.CONF[param.CONF_NAME] - if commandLineValues.has_key(param.CONF_NAME): + if param.CONF_NAME in commandLineValues: del commandLineValues[param.CONF_NAME] print "" logging.debug("calling handleParams in interactive mode") @@ -602,7 +602,7 @@ def _summaryParamsToLog(): logging.debug("*** The following params were used as user input:") for group in controller.getAllGroups(): for param in group.parameters.itervalues(): - if controller.CONF.has_key(param.CONF_NAME): + if param.CONF_NAME in controller.CONF: maskedValue = mask(controller.CONF[param.CONF_NAME]) logging.debug("%s: %s" % (param.CMD_OPTION, maskedValue)) @@ -725,7 +725,7 @@ def generateAnswerFile(outputFile, overrides={}): def single_step_aio_install(options, logFile): - """ Installs an All in One host on this host""" + """Installs an All in One host on this host.""" options.install_hosts = utils.get_localhost_ip() @@ -788,15 +788,15 @@ def initCmdLineParser(): usage = "usage: %prog [options] [--help]" parser = OptionParser(usage=usage, version="%prog {0} {1}".format(version.release_string(), version.version_string())) parser.add_option("--gen-answer-file", help="Generate a template of an answer file, using this option excludes all other options") - parser.add_option("--answer-file", help="Runs the configuration in non-interactive mode, extracting all information from the \ - configuration file. using this option excludes all other options") + parser.add_option("--answer-file", help="Runs the configuration in non-interactive mode, extracting all information from the" + "configuration file. using this option excludes all other options") parser.add_option("--install-hosts", help="Install on a set of hosts in a single step. The format should be a comma separated list " - "of hosts, the first is setup as a controller, and the others are setup as compute nodes." - "if only a single host is supplied then it is setup as an all in one installation. An answerfile " - "will also be generated and should be used if Packstack needs to be run a second time ") + "of hosts, the first is setup as a controller, and the others are setup as compute nodes." + "if only a single host is supplied then it is setup as an all in one installation. An answerfile " + "will also be generated and should be used if Packstack needs to be run a second time ") parser.add_option("--allinone", action="store_true", help="Shorthand for --install-hosts= --novanetwork-pubif= " - "--novacompute-privif=lo --novanetwork-privif=lo --os-swift-install=y --nagios-install=y " - ", this option can be used to install an all in one OpenStack on this host") + "--novacompute-privif=lo --novanetwork-privif=lo --os-swift-install=y --nagios-install=y " + ", this option can be used to install an all in one OpenStack on this host") parser.add_option("-t", "--timeout", default=300, help="The timeout for puppet Exec calls") parser.add_option("-o", "--options", action="store_true", dest="options", help="Print details on options available in answer file(rst format)") diff --git a/packstack/installer/utils/shell.py b/packstack/installer/utils/shell.py index c78087b98..33c8b5854 100644 --- a/packstack/installer/utils/shell.py +++ b/packstack/installer/utils/shell.py @@ -90,8 +90,7 @@ def execute(self, can_fail=True, mask_list=None, log=True): environ = os.environ environ['LANG'] = 'en_US.UTF8' obj = subprocess.Popen(cmd, stdin=_PIPE, stdout=_PIPE, stderr=_PIPE, - close_fds=True, shell=False, - env=environ) + close_fds=True, shell=False, env=environ) script = "function t(){ exit $? ; } \n trap t ERR \n" + script out, err = obj.communicate(script) diff --git a/packstack/modules/puppet.py b/packstack/modules/puppet.py index cdc02f5af..ddec2cac0 100644 --- a/packstack/modules/puppet.py +++ b/packstack/modules/puppet.py @@ -34,8 +34,8 @@ 'NetworkManager is not running' ) re_notice = re.compile(r"notice: .*Notify\[packstack_info\]" - "\/message: defined \'message\' as " - "\'(?P.*)\'") + "\/message: defined \'message\' as " + "\'(?P.*)\'") surrogates = [ # Value in /etc/sysctl.conf cannot be changed diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index f35d6a87c..452ea2bfb 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -310,10 +310,10 @@ def create_redis_manifest(config, messages): slave_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( - split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) + split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) config['FIREWALL_REDIS_SLAVE_RULES'] = ( - _create_redis_firewall_rules( - slave_clients, config['CONFIG_REDIS_PORT'])) + _create_redis_firewall_rules( + slave_clients, config['CONFIG_REDIS_PORT'])) manifestdata += createFirewallResources( 'FIREWALL_REDIS_SLAVE_RULES') diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 95259de01..a692fea76 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -601,7 +601,7 @@ def create_manifests(config, messages): if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): for n_host in network_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" - % (host, n_host)) + % (host, n_host)) fw_details = dict() key = "neutron_tunnel_%s_%s" % (host, n_host) fw_details.setdefault(key, {}) diff --git a/packstack/puppet/modules/packstack/lib/facter/netns.py b/packstack/puppet/modules/packstack/lib/facter/netns.py index a24d90c4a..14f2f82d6 100644 --- a/packstack/puppet/modules/packstack/lib/facter/netns.py +++ b/packstack/puppet/modules/packstack/lib/facter/netns.py @@ -117,8 +117,8 @@ def test_neutron_netns_cmds(self): # Check that iptables filtering and save/restore can be performed try: iptables_filename = os.path.join( - tempfile.gettempdir(), - 'iptables-%s' % str(uuid.uuid4())) + tempfile.gettempdir(), + 'iptables-%s' % str(uuid.uuid4())) e('%%(ns1)s iptables-save > %s' % iptables_filename) e('%(ns1)s iptables -A INPUT -p icmp --icmp-type 8 -j DROP') e('%(ns2)s ping -c 1 -w 1 %(address1_1)s', return_code=1) diff --git a/tests/installer/test_processors.py b/tests/installer/test_processors.py index e97ca7276..11485a918 100644 --- a/tests/installer/test_processors.py +++ b/tests/installer/test_processors.py @@ -24,15 +24,15 @@ class ProcessorsTestCase(PackstackTestCaseMixin, TestCase): def test_process_host(self): - """Test packstack.installer.processors.process_host""" + """Test packstack.installer.processors.process_host.""" proc_local = process_host('localhost', 'HOSTNAME') self.assertIn(proc_local, ['127.0.0.1', '::1']) def test_process_ssh_key(self): - """Test packstack.installer.processors.process_ssh_key""" + """Test packstack.installer.processors.process_ssh_key.""" path = process_ssh_key(os.path.join(self.tempdir, 'id_rsa'), 'SSH_KEY') # test if key was created - self.assertEquals(True, bool(path)) + self.assertEqual(True, bool(path)) # test if key exists # XXX: process_ssh_key does not create ssh key during test run # ... not sure why, nevertheless it works in normal run diff --git a/tests/installer/test_sequences.py b/tests/installer/test_sequences.py index a7bcf5c35..6feea44ed 100644 --- a/tests/installer/test_sequences.py +++ b/tests/installer/test_sequences.py @@ -67,7 +67,7 @@ def setUp(self): 'title': 'Step 3'}] self.seq = Sequence('test', self.steps, condition='test', - cond_match='test') + cond_match='test') def tearDown(self): super(SequenceTestCase, self).tearDown() diff --git a/tests/installer/test_utils.py b/tests/installer/test_utils.py index c538f05ca..34dd69292 100644 --- a/tests/installer/test_utils.py +++ b/tests/installer/test_utils.py @@ -44,7 +44,7 @@ def tearDown(self): shutil.rmtree(self.tempdir) def test_sorteddict(self): - """Test packstack.installer.utils.datastructures.SortedDict""" + """Test packstack.installer.utils.datastructures.SortedDict.""" sdict = SortedDict() sdict['1'] = 1 sdict['2'] = 2 @@ -53,7 +53,7 @@ def test_sorteddict(self): self.assertListEqual(sdict.values(), [1, 2, 3, 4, 5]) def test_retry(self): - """Test packstack.installer.utils.decorators.retry""" + """Test packstack.installer.utils.decorators.retry.""" @retry(count=3, delay=0, retry_on=ValueError) def test_sum(): @@ -72,12 +72,12 @@ def test_sum(): self.assertRaises(ValueError, test_sum) def test_network(self): - """Test packstack.installer.utils.network functions""" + """Test packstack.installer.utils.network functions.""" self.assertIn(host2ip('localhost', allow_localhost=True), ['127.0.0.1', '::1']) def test_shell(self): - """Test packstack.installer.utils.shell functions""" + """Test packstack.installer.utils.shell functions.""" rc, out = execute(['echo', 'this is test']) self.assertEqual(out.strip(), 'this is test') rc, out = execute('echo "this is test"', use_shell=True) @@ -97,9 +97,9 @@ def test_shell(self): self.assertEqual(out.strip(), 'this is test') def test_strings(self): - """Test packstack.installer.utils.strings functions""" + """Test packstack.installer.utils.strings functions.""" self.assertEqual(color_text('test text', 'red'), - '\033[0;31mtest text\033[0m') + '\033[0;31mtest text\033[0m') self.assertEqual(mask_string('test text', mask_list=['text']), 'test %s' % STR_MASK) masked = mask_string("test '\\''text'\\''", @@ -108,9 +108,9 @@ def test_strings(self): self.assertEqual(masked, 'test %s' % STR_MASK) def test_shortcuts(self): - """Test packstack.installer.utils.shortcuts functions""" + """Test packstack.installer.utils.shortcuts functions.""" conf = {"A_HOST": "1.1.1.1", "B_HOSTS": "2.2.2.2,1.1.1.1", "C_HOSTS": "3.3.3.3/vdc"} hostlist = list(hosts(conf)) hostlist.sort() - self.assertEquals(['1.1.1.1', '2.2.2.2', '3.3.3.3'], hostlist) + self.assertEqual(['1.1.1.1', '2.2.2.2', '3.3.3.3'], hostlist) diff --git a/tests/installer/test_validators.py b/tests/installer/test_validators.py index e81e59fa7..68e094878 100644 --- a/tests/installer/test_validators.py +++ b/tests/installer/test_validators.py @@ -34,24 +34,24 @@ def tearDown(self): shutil.rmtree(self.tempdir) def test_validate_integer(self): - """Test packstack.installer.validators.validate_integer""" + """Test packstack.installer.validators.validate_integer.""" validate_integer('1') self.assertRaises(ParamValidationError, validate_integer, 'test') def test_validate_regexp(self): - """Test packstack.installer.validators.validate_regexp""" + """Test packstack.installer.validators.validate_regexp.""" validate_regexp('Test_123', options=['\w']) self.assertRaises(ParamValidationError, validate_regexp, '!#$%', options=['\w']) def test_validate_port(self): - """Test packstack.installer.validators.validate_port""" + """Test packstack.installer.validators.validate_port.""" validate_port('666') self.assertRaises(ParamValidationError, validate_port, 'test') self.assertRaises(ParamValidationError, validate_port, '-3') def test_validate_not_empty(self): - """Test packstack.installer.validators.validate_not_empty""" + """Test packstack.installer.validators.validate_not_empty.""" validate_not_empty('test') validate_not_empty(False) self.assertRaises(ParamValidationError, validate_not_empty, '') @@ -59,20 +59,20 @@ def test_validate_not_empty(self): self.assertRaises(ParamValidationError, validate_not_empty, {}) def test_validate_options(self): - """Test packstack.installer.validators.validate_options""" + """Test packstack.installer.validators.validate_options.""" validate_options('a', options=['a', 'b']) validate_options('b', options=['a', 'b']) self.assertRaises(ParamValidationError, validate_options, 'c', options=['a', 'b']) def test_validate_ip(self): - """Test packstack.installer.validators.validate_ip""" + """Test packstack.installer.validators.validate_ip.""" validate_ip('127.0.0.1') validate_ip('::1') self.assertRaises(ParamValidationError, validate_ip, 'test') def test_validate_file(self): - """Test packstack.installer.validators.validate_file""" + """Test packstack.installer.validators.validate_file.""" fname = os.path.join(self.tempdir, '.test_validate_file') bad_name = os.path.join(self.tempdir, '.me_no_exists') with open(fname, 'w') as f: @@ -81,18 +81,18 @@ def test_validate_file(self): self.assertRaises(ParamValidationError, validate_file, bad_name) def test_validate_ping(self): - """Test packstack.installer.validators.validate_ping""" + """Test packstack.installer.validators.validate_ping.""" # ping to broadcast fails self.assertRaises(ParamValidationError, validate_ping, '255.255.255.255') def test_validate_ssh(self): - """Test packstack.installer.validators.validate_ssh""" + """Test packstack.installer.validators.validate_ssh.""" # ssh to broadcast fails self.assertRaises(ParamValidationError, validate_ssh, '255.255.255.255') def test_validate_float(self): - """Test packstack.installer.validators.validate_float""" + """Test packstack.installer.validators.validate_float.""" validate_float('5.3') self.assertRaises(ParamValidationError, validate_float, 'test') diff --git a/tests/modules/test_ospluginutils.py b/tests/modules/test_ospluginutils.py index 63077ad67..1691503e1 100644 --- a/tests/modules/test_ospluginutils.py +++ b/tests/modules/test_ospluginutils.py @@ -27,4 +27,4 @@ def test_gethostlist(self): "C_HOSTS": "3.3.3.3/vdc"} hosts = gethostlist(conf) hosts.sort() - self.assertEquals(['1.1.1.1', '2.2.2.2', '3.3.3.3'], hosts) + self.assertEqual(['1.1.1.1', '2.2.2.2', '3.3.3.3'], hosts) diff --git a/tests/modules/test_puppet.py b/tests/modules/test_puppet.py index 0cefdcc16..825aa8f65 100644 --- a/tests/modules/test_puppet.py +++ b/tests/modules/test_puppet.py @@ -27,7 +27,7 @@ class PuppetTestCase(PackstackTestCaseMixin, TestCase): def test_validate_logfile(self): - """Test packstack.modules.validate_logfile""" + """Test packstack.modules.validate_logfile.""" filename = os.path.join(self.tempdir, "puppet.log") # test valid run with open(filename, "w") as fp: diff --git a/tests/test_plugin_serverprep.py b/tests/test_plugin_serverprep.py index 11001e42d..5884de153 100644 --- a/tests/test_plugin_serverprep.py +++ b/tests/test_plugin_serverprep.py @@ -22,7 +22,7 @@ class OSPluginUtilsTestCase(PackstackTestCaseMixin, TestCase): def test_rhn_creds_quoted(self): - """Make sure RHN password is quoted""" + """Make sure RHN password is quoted.""" # On non-RHEL, the CONFIG_{RH,SATELLITE} options are never set, # i.e. this test would always fail. Therefore, only run it on RHEL. diff --git a/tox.ini b/tox.ini index ec837b1d2..584e0448e 100644 --- a/tox.ini +++ b/tox.ini @@ -33,6 +33,6 @@ commands = python setup.py build_sphinx # E123, E125 skipped as they are invalid PEP-8. # # All other checks should be enabled in the future. -ignore = E123,E125,H803,E128,F403,F821,E127,F811,F841,E501,W601,E131,E126,E303,E122,H402,H302,H303,H304,H301,H306,H234,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H401,H232 +ignore = E123,E125,H803,F403,F821,F811,F841,E501,H302,H303,H304,H301,H306,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H232 show-source = True exclude=.venv,.git,.tox From 7f5af0708b4515d1de8cacd83fee4e460614f4f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Fri, 23 Jan 2015 13:08:32 +0100 Subject: [PATCH 0231/1017] IPv6 fixes This patch makes validate_ssh works for IPv6 addresses.Also file transport via scp has been fixed to work via IPv6 address Change-Id: I55c88d3fcaaa8decd647aa38404ac653d5f5dbba --- packstack/installer/validators.py | 4 ++-- packstack/plugins/puppet_950.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packstack/installer/validators.py b/packstack/installer/validators.py index 6b6be3f90..6b7de387e 100644 --- a/packstack/installer/validators.py +++ b/packstack/installer/validators.py @@ -138,7 +138,7 @@ def validate_ip(param, options=None): for family in (socket.AF_INET, socket.AF_INET6): try: socket.inet_pton(family, param) - break + return family except socket.error: continue else: @@ -213,7 +213,7 @@ def touch_port(host, port): key = "%s:%d" % (host, port) if key in _tested_ports: return - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s = socket.socket(validate_ip(host), socket.SOCK_STREAM) s.connect((host, port)) s.shutdown(socket.SHUT_RDWR) s.close() diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index a71669468..957df0506 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -85,7 +85,7 @@ def wait_for_puppet(currently_running, messages): log = log.replace(".finished", ".log") local_server.append('scp -o StrictHostKeyChecking=no ' '-o UserKnownHostsFile=/dev/null ' - 'root@%s:%s %s' + 'root@[%s]:%s %s' % (hostname, finished_logfile, log)) # To not pollute logs we turn of logging of command execution local_server.execute(log=False) @@ -209,7 +209,7 @@ def copy_puppet_modules(config, messages): for path, localname in resources.get(hostname, []): server.append("scp -o StrictHostKeyChecking=no " "-o UserKnownHostsFile=/dev/null " - "%s root@%s:%s/resources/%s" % + "%s root@[%s]:%s/resources/%s" % (path, hostname, host_dir, localname)) # copy Puppet modules required by Packstack From 9f20bb0c50a1a58397c15a28fbe5318a43e6fd60 Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Thu, 16 Oct 2014 18:26:50 -0600 Subject: [PATCH 0232/1017] support Keystone LDAP identity backend Add support for the Keystone LDAP identity backend. This includes all of the class parameters of the puppet-keystone keystone::ldap class. This also adds a validator for LDAP DN values and LDAP URL values. Closes-Bug: #1383793 Change-Id: I493c183335627a27d8061e0345948457c2bc8e42 --- packstack/installer/validators.py | 47 +- packstack/plugins/keystone_100.py | 888 ++++++++++++++++-- .../puppet/parser/functions/hiera_undef.rb | 21 + packstack/puppet/templates/keystone.pp | 59 ++ 4 files changed, 913 insertions(+), 102 deletions(-) create mode 100644 packstack/puppet/modules/packstack/lib/puppet/parser/functions/hiera_undef.rb diff --git a/packstack/installer/validators.py b/packstack/installer/validators.py index 6b6be3f90..d1785e2e0 100644 --- a/packstack/installer/validators.py +++ b/packstack/installer/validators.py @@ -19,7 +19,7 @@ 'validate_options', 'validate_multi_options', 'validate_ip', 'validate_multi_ip', 'validate_file', 'validate_ping', 'validate_multi_ping', 'validate_ssh', 'validate_multi_ssh', - 'validate_sshkey') + 'validate_sshkey', 'validate_ldap_url', 'validate_ldap_dn') def validate_integer(param, options=None): @@ -261,3 +261,48 @@ def validate_sshkey(param, options=None): msg = 'Public SSH key is required. You passed private key.' if msg: raise ParamValidationError(msg) + + +def validate_ldap_url(param, options=None): + """ + Raises ParamValidationError if provided param is not a valid LDAP URL + """ + if not param: + return + try: + import ldapurl + except ImportError: + msg = ( + 'The python ldap package is required to use this functionality.' + ) + raise ParamValidationError(msg) + + try: + ldapurl.LDAPUrl(param) + except ValueError as ve: + msg = ('The given string [%s] is not a valid LDAP URL: %s' % + (param, ve)) + raise ParamValidationError(msg) + + +def validate_ldap_dn(param, options=None): + """ + Raises ParamValidationError if provided param is not a valid LDAP DN + """ + if not param: + return + try: + import ldap + import ldap.dn + except ImportError: + msg = ( + 'The python ldap package is required to use this functionality.' + ) + raise ParamValidationError(msg) + + try: + ldap.dn.str2dn(param) + except ldap.DECODING_ERROR as de: + msg = ('The given string [%s] is not a valid LDAP DN: %s' % + (param, de)) + raise ParamValidationError(msg) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index ef8c9086a..2dd1d31b7 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -22,112 +22,760 @@ def initConfig(controller): - params = [ - {"CMD_OPTION": "keystone-db-passwd", - "USAGE": "The password to use for the Keystone to access DB", - "PROMPT": "Enter the password for the Keystone DB access", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "PROCESSORS": [processors.process_password], - "DEFAULT_VALUE": "PW_PLACEHOLDER", - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_KEYSTONE_DB_PW", - "USE_DEFAULT": False, - "NEED_CONFIRM": True, - "CONDITION": False}, - - {"CMD_OPTION": "keystone-region", - "USAGE": "Region name", - "PROMPT": "Region name", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": "RegionOne", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_KEYSTONE_REGION", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "keystone-admin-token", - "USAGE": "The token to use for the Keystone service api", - "PROMPT": "The token to use for the Keystone service api", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": uuid.uuid4().hex, - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_TOKEN", - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "keystone-admin-passwd", - "USAGE": "The password to use for the Keystone admin user", - "PROMPT": "Enter the password for the Keystone admin user", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": "PW_PLACEHOLDER", - "PROCESSORS": [processors.process_password], - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_PW", - "USE_DEFAULT": False, - "NEED_CONFIRM": True, - "CONDITION": False}, - - {"CMD_OPTION": "keystone-demo-passwd", - "USAGE": "The password to use for the Keystone demo user", - "PROMPT": "Enter the password for the Keystone demo user", - "OPTION_LIST": [], - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": "PW_PLACEHOLDER", - "PROCESSORS": [processors.process_password], - "MASK_INPUT": True, - "LOOSE_VALIDATION": False, - "CONF_NAME": "CONFIG_KEYSTONE_DEMO_PW", - "USE_DEFAULT": False, - "NEED_CONFIRM": True, - "CONDITION": False}, - - {"CMD_OPTION": "keystone-token-format", - "USAGE": "Kestone token format. Use either UUID or PKI", - "PROMPT": "Enter the Keystone token format.", - "OPTION_LIST": ['UUID', 'PKI'], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": 'UUID', - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": 'CONFIG_KEYSTONE_TOKEN_FORMAT', - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "keystone-service-name", - "USAGE": "Name of service to use to run keystone (keystone or httpd)", - "PROMPT": "Enter the Keystone service name.", - "OPTION_LIST": ['keystone', 'httpd'], - "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "httpd", - "MASK_INPUT": False, - "LOOSE_VALIDATION": False, - "CONF_NAME": 'CONFIG_KEYSTONE_SERVICE_NAME', - "USE_DEFAULT": True, - "NEED_CONFIRM": False, - "CONDITION": False}, + keystone_params = { + "KEYSTONE": [ # base keystone options + {"CMD_OPTION": "keystone-db-passwd", + "USAGE": "The password to use for the Keystone to access DB", + "PROMPT": "Enter the password for the Keystone DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [processors.process_password], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_DB_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-region", + "USAGE": "Region name", + "PROMPT": "Region name", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "RegionOne", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_REGION", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-admin-token", + "USAGE": "The token to use for the Keystone service api", + "PROMPT": "The token to use for the Keystone service api", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": uuid.uuid4().hex, + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_TOKEN", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-admin-passwd", + "USAGE": "The password to use for the Keystone admin user", + "PROMPT": "Enter the password for the Keystone admin user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_ADMIN_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-demo-passwd", + "USAGE": "The password to use for the Keystone demo user", + "PROMPT": "Enter the password for the Keystone demo user", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_KEYSTONE_DEMO_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-token-format", + "USAGE": "Keystone token format. Use either UUID or PKI", + "PROMPT": "Enter the Keystone token format.", + "OPTION_LIST": ['UUID', 'PKI'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'UUID', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_TOKEN_FORMAT', + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-service-name", + "USAGE": ( + "Name of service to use to run keystone (keystone or httpd)" + ), + "PROMPT": "Enter the Keystone service name.", + "OPTION_LIST": ['keystone', 'httpd'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "httpd", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_SERVICE_NAME', + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-identity-backend", + "USAGE": "Type of identity backend (sql or ldap)", + "PROMPT": "Enter the Keystone identity backend type.", + "OPTION_LIST": ['sql', 'ldap'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "sql", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_IDENTITY_BACKEND', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ], + + "KEYSTONE_LDAP": [ # keystone ldap identity backend options + {"CMD_OPTION": "keystone-ldap-url", + "USAGE": "Keystone LDAP backend URL", + "PROMPT": "Enter the Keystone LDAP backend URL.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ldap_url], + "DEFAULT_VALUE": host_to_ldap_url(utils.get_localhost_ip()), + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_URL', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-dn", + "USAGE": ( + "Keystone LDAP backend user DN. Used to bind to the LDAP " + "server when the LDAP server does not allow anonymous " + "authentication." + ), + "PROMPT": "Enter the Keystone LDAP user DN.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ldap_dn], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_DN', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-password", + "USAGE": "Keystone LDAP backend password for user DN", + "PROMPT": "Enter the Keystone LDAP user password.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_PASSWORD', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-suffix", + "USAGE": "Keystone LDAP backend base suffix", + "PROMPT": "Enter the Keystone LDAP suffix.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty, + validators.validate_ldap_dn], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_SUFFIX', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-query-scope", + "USAGE": "Keystone LDAP backend query scope (base, one, sub)", + "PROMPT": "Enter the Keystone LDAP query scope.", + "OPTION_LIST": ['base', 'one', 'sub'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "one", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_QUERY_SCOPE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-page-size", + "USAGE": "Keystone LDAP backend query page size", + "PROMPT": "Enter the Keystone LDAP query page size.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_integer], + "DEFAULT_VALUE": "-1", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_PAGE_SIZE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-subtree", + "USAGE": "Keystone LDAP backend user subtree", + "PROMPT": "Enter the Keystone LDAP user subtree.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty, + validators.validate_ldap_dn], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_SUBTREE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-filter", + "USAGE": "Keystone LDAP backend user query filter", + "PROMPT": "Enter the Keystone LDAP user query filter.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_FILTER', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-objectclass", + "USAGE": "Keystone LDAP backend user objectclass", + "PROMPT": "Enter the Keystone LDAP user objectclass.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_OBJECTCLASS', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-id-attribute", + "USAGE": "Keystone LDAP backend user ID attribute", + "PROMPT": "Enter the Keystone LDAP user ID attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ID_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-name-attribute", + "USAGE": "Keystone LDAP backend user name attribute", + "PROMPT": "Enter the Keystone LDAP user name attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_NAME_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-mail-attribute", + "USAGE": "Keystone LDAP backend user email address attribute", + "PROMPT": "Enter the Keystone LDAP user email address attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_MAIL_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-enabled-attribute", + "USAGE": "Keystone LDAP backend user enabled attribute", + "PROMPT": "Enter the Keystone LDAP user enabled attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-enabled-mask", + "USAGE": ( + "Keystone LDAP backend - bit mask applied to " + "user enabled attribute" + ), + "PROMPT": "Enter the Keystone LDAP user enabled mask.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_integer], + "DEFAULT_VALUE": "-1", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-enabled-default", + "USAGE": ( + "Keystone LDAP backend - value of enabled attribute which " + "indicates user is enabled" + ), + "PROMPT": "Enter the Keystone LDAP user enabled default.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "TRUE", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_DEFAULT', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-enabled-invert", + "USAGE": "Keystone LDAP backend - users are disabled not enabled", + "PROMPT": "Enter the Keystone LDAP user enabled invert (n or y).", + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-attribute-ignore", + "USAGE": ( + "Comma separated list of attributes stripped " + "from user entry upon update" + ), + "PROMPT": ( + "Enter the comma separated Keystone LDAP user " + "attributes to ignore." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ATTRIBUTE_IGNORE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-default-project-id-attribute", + "USAGE": ( + "Keystone LDAP attribute mapped to default_project_id " + "for users" + ), + "PROMPT": ( + "Enter the Keystone LDAP user default_project_id attribute." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": + 'CONFIG_KEYSTONE_LDAP_USER_DEFAULT_PROJECT_ID_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-allow-create", + "USAGE": ( + "Set to 'y' if you want to be able to create Keystone " + "users through the Keystone interface. Set to 'n' if you " + "will create directly in the LDAP backend." + ), + "PROMPT": ( + "Do you want to allow user create through Keystone (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-allow-update", + "USAGE": ( + "Set to 'y' if you want to be able to update Keystone " + "users through the Keystone interface. Set to 'n' if you " + "will update directly in the LDAP backend." + ), + "PROMPT": ( + "Do you want to allow user update through Keystone (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-allow-delete", + "USAGE": ( + "Set to 'y' if you want to be able to delete Keystone " + "users through the Keystone interface. Set to 'n' if you " + "will delete directly in the LDAP backend." + ), + "PROMPT": ( + "Do you want to allow user delete through Keystone (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-pass-attribute", + "USAGE": "Keystone LDAP attribute mapped to password", + "PROMPT": "Enter the Keystone LDAP user password attribute.", + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_PASS_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-enabled-emulation-dn", + "USAGE": ( + "DN of the group entry to hold enabled users when " + "using enabled emulation." + ), + "PROMPT": "Enter the Keystone LDAP enabled emulation DN.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ldap_dn], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-user-additional-attribute-mapping", + "USAGE": ( + 'List of additional LDAP attributes used for mapping ' + 'additional attribute mappings for users. Attribute ' + 'mapping format is :, where ' + 'ldap_attr is the attribute in the LDAP entry and ' + 'user_attr is the Identity API attribute.' + ), + "PROMPT": ( + "Enter the comma separated Keystone LDAP user additional " + "attribute mappings in the form " + "ldap_attr:user_attr[,ldap_attr:user_attr]...." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": + 'CONFIG_KEYSTONE_LDAP_USER_ADDITIONAL_ATTRIBUTE_MAPPING', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-subtree", + "USAGE": "Keystone LDAP backend group subtree", + "PROMPT": "Enter the Keystone LDAP group subtree.", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty, + validators.validate_ldap_dn], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_SUBTREE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-filter", + "USAGE": "Keystone LDAP backend group query filter", + "PROMPT": "Enter the Keystone LDAP group query filter.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_FILTER', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-objectclass", + "USAGE": "Keystone LDAP backend group objectclass", + "PROMPT": "Enter the Keystone LDAP group objectclass.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_OBJECTCLASS', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-id-attribute", + "USAGE": "Keystone LDAP backend group ID attribute", + "PROMPT": "Enter the Keystone LDAP group ID attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_ID_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-name-attribute", + "USAGE": "Keystone LDAP backend group name attribute", + "PROMPT": "Enter the Keystone LDAP group name attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_NAME_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-member-attribute", + "USAGE": "Keystone LDAP backend group member attribute", + "PROMPT": "Enter the Keystone LDAP group member attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_MEMBER_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-desc-attribute", + "USAGE": "Keystone LDAP backend group description attribute", + "PROMPT": "Enter the Keystone LDAP group description attribute.", + "OPTION_LIST": [], + "VALIDATORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_DESC_ATTRIBUTE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-attribute-ignore", + "USAGE": ( + "Comma separated list of attributes stripped from " + "group entry upon update" + ), + "PROMPT": ( + "Enter the comma separated Keystone LDAP group " + "attributes to ignore." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_ATTRIBUTE_IGNORE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-allow-create", + "USAGE": ( + "Set to 'y' if you want to be able to create Keystone " + "groups through the Keystone interface. Set to 'n' if you " + "will create directly in the LDAP backend." + ), + "PROMPT": ( + "Do you want to allow group create through Keystone (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-allow-update", + "USAGE": ( + "Set to 'y' if you want to be able to update Keystone " + "groups through the Keystone interface. Set to 'n' if you " + "will update directly in the LDAP backend." + ), + "PROMPT": ( + "Do you want to allow group update through Keystone (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-allow-delete", + "USAGE": ( + "Set to 'y' if you want to be able to delete Keystone " + "groups through the Keystone interface. Set to 'n' if you " + "will delete directly in the LDAP backend." + ), + "PROMPT": ( + "Do you want to allow group delete through Keystone (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-group-additional-attribute-mapping", + "USAGE": ( + 'List of additional LDAP attributes used for mapping ' + 'additional attribute mappings for groups. Attribute ' + 'mapping format is :, where ' + 'ldap_attr is the attribute in the LDAP entry and ' + 'group_attr is the Identity API attribute.' + ), + "PROMPT": ( + "Enter the comma separated Keystone LDAP group additional " + "attribute mappings in the form " + "ldap_attr:group_attr[,ldap_attr:group_attr]...." + ), + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": + 'CONFIG_KEYSTONE_LDAP_GROUP_ADDITIONAL_ATTRIBUTE_MAPPING', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-use-tls", + "USAGE": "Should Keystone LDAP use TLS", + "PROMPT": ( + "Enable TLS for Keystone communicating with " + "LDAP servers (n or y)." + ), + "OPTION_LIST": ['n', 'y'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'n', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_USE_TLS', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-tls-cacertdir", + "USAGE": "Keystone LDAP CA certificate directory", + "PROMPT": "CA Certificate directory for Keystone LDAP.", + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_TLS_CACERTDIR', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-tls-cacertfile", + "USAGE": "Keystone LDAP CA certificate file", + "PROMPT": "CA Certificate file for Keystone LDAP.", + "OPTION_LIST": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_TLS_CACERTFILE', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "keystone-ldap-tls-req-cert", + "USAGE": ( + "Keystone LDAP certificate checking strictness " + "(never, allow, demand)" + ), + "PROMPT": ( + "Keystone LDAP certificate checking strictness " + "(never, allow, demand)" + ), + "OPTION_LIST": ["never", "allow", "demand"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "demand", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_LDAP_TLS_REQ_CERT', + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False} + ] + } + + keystone_groups = [ + {"GROUP_NAME": "KEYSTONE", + "DESCRIPTION": "Keystone Config parameters", + "PRE_CONDITION": lambda x: 'yes', + "PRE_CONDITION_MATCH": "yes", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "KEYSTONE_LDAP", + "DESCRIPTION": "Keystone LDAP Identity Backend Config parameters", + "PRE_CONDITION": 'CONFIG_KEYSTONE_IDENTITY_BACKEND', + "PRE_CONDITION_MATCH": "ldap", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True} ] - group = {"GROUP_NAME": "KEYSTONE", - "DESCRIPTION": "Keystone Config parameters", - "PRE_CONDITION": lambda x: 'yes', - "PRE_CONDITION_MATCH": "yes", - "POST_CONDITION": False, - "POST_CONDITION_MATCH": True} - controller.addGroup(group, params) + for group in keystone_groups: + params = keystone_params[group["GROUP_NAME"]] + controller.addGroup(group, params) def initSequences(controller): keystonesteps = [ + {'title': + 'Fixing Keystone LDAP config parameters to be undef if empty', + 'functions': [munge_ldap_config_params]}, {'title': 'Adding Keystone manifest entries', 'functions': [create_manifest]}, ] @@ -135,8 +783,46 @@ def initSequences(controller): keystonesteps) +# ------------------------- helper functions ------------------------- + +def host_to_ldap_url(hostfqdn): + """Converts a host fqdn into an appropriate default + LDAP URL. + """ + return "ldap://%s" % hostfqdn + + # -------------------------- step functions -------------------------- +def munge_ldap_config_params(config, messages): + def is_bool(keyname): + return keyname in ( + 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT', + 'CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE', + 'CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE', + 'CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE', + 'CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE', + 'CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE', + 'CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE', + 'CONFIG_KEYSTONE_LDAP_USE_TLS' + ) + + def yn_to_bool(val): + return {'n': False, 'y': True}.get(val, False) + + for key in config: + if not key.startswith('CONFIG_KEYSTONE_LDAP_'): + continue + if key in ('CONFIG_KEYSTONE_LDAP_PAGE_SIZE', + 'CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK'): + if config[key] == '-1': + config[key] = None + elif is_bool(key): + config[key] = yn_to_bool(config[key]) + elif config[key] == '': + config[key] = None + + def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone") diff --git a/packstack/puppet/modules/packstack/lib/puppet/parser/functions/hiera_undef.rb b/packstack/puppet/modules/packstack/lib/puppet/parser/functions/hiera_undef.rb new file mode 100644 index 000000000..cf6881895 --- /dev/null +++ b/packstack/puppet/modules/packstack/lib/puppet/parser/functions/hiera_undef.rb @@ -0,0 +1,21 @@ +# Copyright (c) 2013 puppet@camptocamp.com All rights reserved. + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +module Puppet::Parser::Functions + newfunction(:hiera_undef, :type => :rvalue) do |*args| + require 'hiera_puppet' + key, override = HieraPuppet.parse_args(args) + HieraPuppet.lookup(key, :undef, self, override, :priority) + end +end diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index 7f04e541d..d4b61df99 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -40,6 +40,65 @@ configure_user_role => false, } +# default assignment driver is SQL +$assignment_driver = "keystone.assignment.backends.sql.Assignment" + +if hiera('CONFIG_KEYSTONE_IDENTITY_BACKEND') == 'ldap' { + + if hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN', undef) { + $user_enabled_emulation = true + } else { + $user_enabled_emulation = false + } + + # should be supported and enabled in the next release of puppet-keystone +# user_enabled_invert => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT'), + class {"keystone::ldap": + url => hiera_undef('CONFIG_KEYSTONE_LDAP_URL', undef), + user => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_DN', undef), + password => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_PASSWORD', undef), + suffix => hiera_undef('CONFIG_KEYSTONE_LDAP_SUFFIX', undef), + query_scope => hiera_undef('CONFIG_KEYSTONE_LDAP_QUERY_SCOPE', undef), + page_size => hiera_undef('CONFIG_KEYSTONE_LDAP_PAGE_SIZE', undef), + user_tree_dn => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_SUBTREE', undef), + user_filter => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_FILTER', undef), + user_objectclass => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_OBJECTCLASS', undef), + user_id_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ID_ATTRIBUTE', undef), + user_name_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_NAME_ATTRIBUTE', undef), + user_mail_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_MAIL_ATTRIBUTE', undef), + user_enabled_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE', undef), + user_enabled_mask => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK', undef), + user_enabled_default => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ENABLED_DEFAULT', undef), + user_attribute_ignore => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ATTRIBUTE_IGNORE', undef), + user_default_project_id_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_DEFAULT_PROJECT_ID_ATTRIBUTE', undef), + user_allow_create => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE', undef), + user_allow_update => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE', undef), + user_allow_delete => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE', undef), + user_pass_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_PASS_ATTRIBUTE', undef), + user_enabled_emulation => $user_enabled_emulation, + user_enabled_emulation_dn => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN', undef), + user_additional_attribute_mapping => hiera_undef('CONFIG_KEYSTONE_LDAP_USER_ADDITIONAL_ATTRIBUTE_MAPPING', undef), + group_tree_dn => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_SUBTREE', undef), + group_filter => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_FILTER', undef), + group_objectclass => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_OBJECTCLASS', undef), + group_id_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_ID_ATTRIBUTE', undef), + group_name_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_NAME_ATTRIBUTE', undef), + group_member_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_MEMBER_ATTRIBUTE', undef), + group_desc_attribute => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_DESC_ATTRIBUTE', undef), + group_attribute_ignore => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_ATTRIBUTE_IGNORE', undef), + group_allow_create => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE', undef), + group_allow_update => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE', undef), + group_allow_delete => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE', undef), + group_additional_attribute_mapping => hiera_undef('CONFIG_KEYSTONE_LDAP_GROUP_ADDITIONAL_ATTRIBUTE_MAPPING', undef), + use_tls => hiera_undef('CONFIG_KEYSTONE_LDAP_USE_TLS', undef), + tls_cacertdir => hiera_undef('CONFIG_KEYSTONE_LDAP_TLS_CACERTDIR', undef), + tls_cacertfile => hiera_undef('CONFIG_KEYSTONE_LDAP_TLS_CACERTFILE', undef), + tls_req_cert => hiera_undef('CONFIG_KEYSTONE_LDAP_TLS_REQ_CERT', undef), + identity_driver => "keystone.identity.backends.ldap.Identity", + assignment_driver => $assignment_driver, + } +} + # Run token flush every minute (without output so we won't spam admins) cron { 'token-flush': ensure => 'present', From a324396c7111531f414d9729c1025cc594ea7ac5 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 13 Jan 2015 11:24:41 -0500 Subject: [PATCH 0233/1017] [Keystone] Fix deprecation of cinder parameter in Nova::Keystone::Auth Change-Id: I0f4bf7768e07cf0fa66bcb33c1b713bdd8b9fbf9 --- packstack/puppet/templates/keystone_nova.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/packstack/puppet/templates/keystone_nova.pp b/packstack/puppet/templates/keystone_nova.pp index 498678776..6130f1a52 100644 --- a/packstack/puppet/templates/keystone_nova.pp +++ b/packstack/puppet/templates/keystone_nova.pp @@ -5,5 +5,4 @@ public_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_CONTROLLER_HOST'), - cinder => true, } From e20b1dec0e7612e3eedf9c1d580d620b68b9ca09 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 14 Jan 2015 09:05:05 -0500 Subject: [PATCH 0234/1017] [Horizon] Switch deprecated can_set_mount_point to hypervisor_options Change-Id: I5a7258e0adbc0c536f37f43ef9f52ec06156f3b0 --- packstack/puppet/templates/horizon.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 411e0c258..c191f728d 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -25,7 +25,7 @@ # ServerAlias definitions. For now we will use this wildcard hack until # puppet-horizon will have separate parameter for each config. fqdn => '*', - can_set_mount_point => 'False', + hypervisor_options => {'can_set_mount_point' => false, }, compress_offline => false, django_debug => $is_django_debug, file_upload_temp_dir => '/var/tmp', From 200066d3213d9c1cdde4ce1fabd4b97d7f80e0ae Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 14 Jan 2015 09:19:39 -0500 Subject: [PATCH 0235/1017] [Horizon] switch from fqdn option to allowed_hosts and server_aliases Change-Id: Id7141dddb5e4b3ed16347bcb3091bba6a8d52ce3 --- packstack/puppet/templates/horizon.pp | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index c191f728d..dffe895b7 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -18,13 +18,8 @@ secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'), keystone_url => "http://${keystone_host}:5000/v2.0", keystone_default_role => '_member_', - # fqdn => [hiera('CONFIG_CONTROLLER_HOST'), "$::fqdn", 'localhost'], - # TO-DO: Parameter fqdn is used both for ALLOWED_HOSTS in settings_local.py - # and for ServerAlias directives in vhost.conf which is breaking server - # accessibility. We need ALLOWED_HOSTS values, but we have to avoid - # ServerAlias definitions. For now we will use this wildcard hack until - # puppet-horizon will have separate parameter for each config. - fqdn => '*', + server_aliases => [hiera('CONFIG_CONTROLLER_HOST'), "$::fqdn", 'localhost'], + allowed_hosts => '*', hypervisor_options => {'can_set_mount_point' => false, }, compress_offline => false, django_debug => $is_django_debug, From 50c72f1aa4f81dfb035b195b788f322818ba90c2 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 27 Jan 2015 05:30:41 -0500 Subject: [PATCH 0236/1017] [Nova] remove deprecated option nova_shell Change-Id: I18c1fbe4abd897762c2636f5d8c1e82c27a934d6 --- packstack/puppet/templates/nova_common_qpid.pp | 1 - packstack/puppet/templates/nova_common_rabbitmq.pp | 1 - 2 files changed, 2 deletions(-) diff --git a/packstack/puppet/templates/nova_common_qpid.pp b/packstack/puppet/templates/nova_common_qpid.pp index 6e23c4774..c463f1684 100644 --- a/packstack/puppet/templates/nova_common_qpid.pp +++ b/packstack/puppet/templates/nova_common_qpid.pp @@ -22,5 +22,4 @@ debug => hiera('CONFIG_DEBUG_MODE'), nova_public_key => $public_key, nova_private_key => $private_key, - nova_shell => '/bin/bash', } diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index 53593217f..38cf67596 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -20,5 +20,4 @@ debug => hiera('CONFIG_DEBUG_MODE'), nova_public_key => $public_key, nova_private_key => $private_key, - nova_shell => '/bin/bash', } From 0b01e023dfea6337366d34ac61bc006fb7b19e05 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 27 Jan 2015 08:06:46 -0500 Subject: [PATCH 0237/1017] [Nova] use new libvirt_inject_partition parameter Change-Id: I15c457045110ea8c7abbaeea7db9ca0671da4d85 --- packstack/puppet/templates/nova_compute_libvirt.pp | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index 6ad7f920f..a30a89c2a 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -10,10 +10,6 @@ $libvirt_virt_type = 'kvm' } -nova_config{ - 'libvirt/inject_partition': value => '-1'; -} - # We need to preferably install qemu-kvm-rhev exec { 'qemu-kvm': path => '/usr/bin', @@ -23,10 +19,11 @@ } class { 'nova::compute::libvirt': - libvirt_virt_type => $libvirt_virt_type, - libvirt_cpu_mode => $libvirt_cpu_mode, - vncserver_listen => '0.0.0.0', - migration_support => true, + libvirt_virt_type => $libvirt_virt_type, + libvirt_cpu_mode => $libvirt_cpu_mode, + vncserver_listen => '0.0.0.0', + migration_support => true, + libvirt_inject_partition => '-1', } exec { 'load_kvm': From 1c8171731a8f8d997a8eb39f0b8613542c1e683d Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 27 Jan 2015 15:45:53 +0100 Subject: [PATCH 0238/1017] Revert "[Apache] Fix concat::setup deprecation warning" This reverts commit aa1a6e986f2fa23e55134c741ae23cbb5bc708df. Change-Id: Ib2caa3e3d456c91b718d8e371cd2c07768a4faf4 --- packstack/puppet/modules/packstack/manifests/apache_common.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/puppet/modules/packstack/manifests/apache_common.pp b/packstack/puppet/modules/packstack/manifests/apache_common.pp index 97a29bdae..dd1007c01 100644 --- a/packstack/puppet/modules/packstack/manifests/apache_common.pp +++ b/packstack/puppet/modules/packstack/manifests/apache_common.pp @@ -17,6 +17,7 @@ } # make sure the ports.conf concat fragments from previous # runs are not overwritten by subsequent runs + include ::concat::setup $my_safe_name = regsubst($::apache::params::ports_file, '[/:]', '_', 'G') $my_fragdir = "${concat::setup::concatdir}/${my_safe_name}" File<| title == "${my_fragdir}/fragments" |> { From b99de0b812c02b4fba8d3428202f1bae000bbcb6 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 28 Jan 2015 17:22:20 +0100 Subject: [PATCH 0239/1017] [Neutron] start using bridge_uplinks for ovs agent Previously we used to connect iface and bridge for ovs setup like on picture with manually connecting in neutron_ovs_port, but now this should be done by neutron::agents::ml2::ovs with providing bridge_uplinks option. +---------------+ +---------------+ | | | | | | | | | | | | | | | | +---|------|----+ +---|------|----+ +------|-----------/ | | +------------------/ [sw1] [sw2] Change-Id: Ia0eb089d9b3f93d01f3c4a2bbadfe2cf64a06a9c Closes-Bug: rhbz#1177788 --- packstack/plugins/neutron_350.py | 12 ++++-------- packstack/puppet/templates/neutron_ovs_agent.pp | 1 + packstack/puppet/templates/neutron_ovs_port.pp | 7 ------- 3 files changed, 5 insertions(+), 15 deletions(-) delete mode 100644 packstack/puppet/templates/neutron_ovs_port.pp diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 95259de01..ca23be177 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -757,6 +757,7 @@ def create_l2_agent_manifests(config, messages): # properly formatted by packstack, then consumed by the puppet module. # For example, the input string 'A, B' should formatted as '['A','B']'. config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = bm_arr + config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"] = [] elif agent == "linuxbridge": host_var = 'CONFIG_NEUTRON_LB_HOST' template_name = 'neutron_lb_agent' @@ -766,20 +767,15 @@ def create_l2_agent_manifests(config, messages): for host in network_hosts | compute_hosts: manifestfile = "%s_neutron.pp" % (host,) manifestdata = "$cfg_neutron_ovs_host = '%s'\n" % host - manifestdata += getManifestTemplate(template_name) - appendManifestFile(manifestfile, manifestdata + "\n") # neutron ovs port only on network hosts if ( agent == "openvswitch" and ( (host in network_hosts and tunnel_types) or 'vlan' in ovs_type) ): - bridge_key = 'CONFIG_NEUTRON_OVS_BRIDGE' - iface_key = 'CONFIG_NEUTRON_OVS_IFACE' - for if_map in iface_arr: - config[bridge_key], config[iface_key] = if_map.split(':') - manifestdata = getManifestTemplate("neutron_ovs_port") - appendManifestFile(manifestfile, manifestdata + "\n") + config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"] = iface_arr + manifestdata += getManifestTemplate(template_name) + appendManifestFile(manifestfile, manifestdata + "\n") # Additional configurations required for compute hosts and # network hosts. manifestdata = getManifestTemplate('neutron_bridge_module') diff --git a/packstack/puppet/templates/neutron_ovs_agent.pp b/packstack/puppet/templates/neutron_ovs_agent.pp index 239fd34db..15f4a3547 100644 --- a/packstack/puppet/templates/neutron_ovs_agent.pp +++ b/packstack/puppet/templates/neutron_ovs_agent.pp @@ -8,6 +8,7 @@ } class { 'neutron::agents::ml2::ovs': + bridge_uplinks => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_IFACES'), bridge_mappings => hiera_array('CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'), enable_tunneling => hiera('CONFIG_NEUTRON_OVS_TUNNELING'), tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), diff --git a/packstack/puppet/templates/neutron_ovs_port.pp b/packstack/puppet/templates/neutron_ovs_port.pp deleted file mode 100644 index 80015e56c..000000000 --- a/packstack/puppet/templates/neutron_ovs_port.pp +++ /dev/null @@ -1,7 +0,0 @@ -$cfg_neutron_ovs_iface = hiera('CONFIG_NEUTRON_OVS_IFACE') - -vs_port { $cfg_neutron_ovs_iface: - ensure => present, - bridge => hiera('CONFIG_NEUTRON_OVS_BRIDGE'), -} - From 8b8082f086f5eb6a2151c4ae264cd609e1835d6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Mon, 5 Jan 2015 13:20:07 +0100 Subject: [PATCH 0240/1017] Fixed Cirros image provisioning Added missing region option for files glance-api.conf and glance-cache.conf. Change-Id: I1fb6deccbf12138e698e6e44775f4603f1bb12ff Closes-bug: #1406039 --- packstack/plugins/keystone_100.py | 2 +- packstack/puppet/templates/glance.pp | 2 +- packstack/puppet/templates/provision_demo_glance.pp | 1 - 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 2dd1d31b7..108b7eb9d 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -47,7 +47,7 @@ def initConfig(controller): "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_KEYSTONE_REGION", - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 9d7aaad62..e1090d161 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -10,6 +10,7 @@ database_connection => "mysql://glance:${glance_ks_pw}@${glance_mariadb_host}/glance", verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), + os_region_name => hiera('CONFIG_KEYSTONE_REGION') } class { 'glance::registry': @@ -21,4 +22,3 @@ verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), } - diff --git a/packstack/puppet/templates/provision_demo_glance.pp b/packstack/puppet/templates/provision_demo_glance.pp index 062d0a2af..e9f7fe583 100644 --- a/packstack/puppet/templates/provision_demo_glance.pp +++ b/packstack/puppet/templates/provision_demo_glance.pp @@ -12,4 +12,3 @@ disk_format => 'qcow2', source => $image_source, } - From d4be291913df8956afd37de8967cdef3e72f58ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Fri, 30 Jan 2015 14:11:26 +0100 Subject: [PATCH 0241/1017] Unified validators When parameter value should not be empty, user has to explicitly use validate_not_empty validator. Some validators did not follow this rule. This patch is fixing it. Change-Id: I92fb0773a2bc69fe05f79ba03dd487b15da5d9c6 --- packstack/installer/validators.py | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/packstack/installer/validators.py b/packstack/installer/validators.py index 2851de6a8..91555131b 100644 --- a/packstack/installer/validators.py +++ b/packstack/installer/validators.py @@ -26,6 +26,8 @@ def validate_integer(param, options=None): """ Raises ParamValidationError if given param is not integer. """ + if not param: + return options = options or [] try: int(param) @@ -40,6 +42,8 @@ def validate_float(param, options=None): """ Raises ParamValidationError if given param is not a float. """ + if not param: + return options = options or [] try: float(param) @@ -55,6 +59,8 @@ def validate_regexp(param, options=None): Raises ParamValidationError if given param doesn't match at least one of regular expressions given in options. """ + if not param: + return options = options or [] for regex in options: if re.search(regex, param): @@ -81,6 +87,8 @@ def validate_port(param, options=None): Raises ParamValidationError if given param is not a decimal number in range (0, 65535). """ + if not param: + return options = options or [] validate_integer(param, options) port = int(param) @@ -107,9 +115,10 @@ def validate_options(param, options=None): """ Raises ParamValidationError if given param is not member of options. """ - options = options or [] + if not param: + return - # TO-DO: to be more flexible, remove this and exit in case param is empty + options = options or [] validate_not_empty(param, options) if param not in options: logging.debug('validate_options(%s, options=%s) failed.' % @@ -135,6 +144,8 @@ def validate_ip(param, options=None): Raises ParamValidationError if given parameter value is not in IPv4 or IPv6 address. """ + if not param: + return for family in (socket.AF_INET, socket.AF_INET6): try: socket.inet_pton(family, param) @@ -162,10 +173,10 @@ def validate_file(param, options=None): """ Raises ParamValidationError if provided file in param does not exist. """ - options = options or [] - # TO-DO: to be more flexible, remove this and exit in case param is empty - validate_not_empty(param) + if not param: + return + options = options or [] if not os.path.isfile(param): logging.debug('validate_file(%s, options=%s) failed.' % (param, options)) @@ -178,10 +189,9 @@ def validate_ping(param, options=None): Raises ParamValidationError if provided host does not answer to ICMP echo request. """ + if not param: + return options = options or [] - # TO-DO: to be more flexible, remove this and exit in case param is empty - validate_not_empty(param) - rc, out = utils.execute(['/bin/ping', '-c', '1', str(param)], can_fail=False) if rc != 0: @@ -197,8 +207,6 @@ def validate_multi_ping(param, options=None): do not answer to ICMP echo request. """ options = options or [] - # TO-DO: to be more flexible, remove this and exit in case param is empty - validate_not_empty(param) for host in param.split(","): validate_ping(host.strip()) @@ -225,6 +233,8 @@ def validate_ssh(param, options=None): Raises ParamValidationError if provided host does not listen on port 22. """ + if not param: + return options = options or [] try: touch_port(param.strip(), 22) From 2113f4263b5b64306d015a88f046c178eccc195f Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 30 Jan 2015 16:26:12 +0100 Subject: [PATCH 0242/1017] Add a note to use 16, 24, or 32 chars for CONFIG_HEAT_AUTH_ENC_KEY The note helps to avoid the bug https://bugs.launchpad.net/heat/+bug/1415887. Change-Id: Iabdfed72256b50a236a6ed27d36ff03fbe32c140 --- packstack/plugins/heat_650.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/heat_650.py b/packstack/plugins/heat_650.py index 26182dc21..d07828e48 100644 --- a/packstack/plugins/heat_650.py +++ b/packstack/plugins/heat_650.py @@ -41,9 +41,9 @@ def initConfig(controller): {"CMD_OPTION": "heat-auth-encryption-key", "USAGE": ("The encryption key to use for authentication info " - "in database"), + "in database (16, 24, or 32 chars)"), "PROMPT": ("Enter the authentication key for Heat to use for " - "authenticate info in database"), + "authenticate info in database (16, 24, or 32 chars)"), "OPTION_LIST": [], "VALIDATORS": [validators.validate_not_empty], "DEFAULT_VALUE": uuid.uuid4().hex[:16], From 871d74b16aa62477839f7d1da49e8127968fb027 Mon Sep 17 00:00:00 2001 From: Hiroki Aramaki Date: Sat, 31 Jan 2015 08:50:33 +0900 Subject: [PATCH 0243/1017] Add vmdk to cinder usage option. Packstack vmdk option have already supported but there is no vmdk options at usage. Change-Id: Ie3e0e047e2fc88ac6295da8a1d6a732fb343f949 --- packstack/plugins/cinder_250.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 8156fbfa4..b1e1f6cec 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -63,7 +63,7 @@ def initConfig(controller): {"CMD_OPTION": "cinder-backend", "USAGE": ("The Cinder backend to use, valid options are: lvm, " - "gluster, nfs, netapp"), + "gluster, nfs, vmdk, netapp"), "PROMPT": "Enter the Cinder backend to be configured", "OPTION_LIST": ["lvm", "gluster", "nfs", "vmdk", "netapp"], "VALIDATORS": [validators.validate_options], From d7916cec6004df0184763dc82a5726de04bc4487 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Mon, 2 Feb 2015 10:03:25 +0100 Subject: [PATCH 0244/1017] Enable PEP8 checks H102, H232, H233, H301, H904 * H102 Apache 2.0 license header not found * H232 Python 3.x incompatible octal xxx should be written as 0oxxx * H233 Python 3.x incompatible use of print operator * H301 one import per line * H904 Wrap long lines in parentheses instead of a backslash Change-Id: I07003acb76eaa719daabc451239067494efa2bba --- docs/conf.py | 12 +++ packstack/installer/basedefs.py | 14 +++- packstack/installer/core/drones.py | 12 +++ packstack/installer/core/parameters.py | 12 +++ packstack/installer/core/sequences.py | 12 +++ packstack/installer/exceptions.py | 12 +++ packstack/installer/output_messages.py | 13 ++++ packstack/installer/processors.py | 18 ++++- packstack/installer/run_setup.py | 77 +++++++++++-------- packstack/installer/setup_controller.py | 13 ++++ packstack/installer/utils/__init__.py | 34 ++++++-- packstack/installer/utils/datastructures.py | 12 +++ packstack/installer/utils/decorators.py | 12 +++ packstack/installer/utils/network.py | 15 +++- packstack/installer/utils/shell.py | 17 +++- packstack/installer/utils/shortcuts.py | 12 +++ packstack/installer/utils/strings.py | 12 +++ packstack/installer/validators.py | 12 +++ packstack/modules/common.py | 12 +++ packstack/modules/ospluginutils.py | 18 ++++- packstack/modules/puppet.py | 12 +++ packstack/plugins/amqp_002.py | 19 ++++- packstack/plugins/ceilometer_800.py | 19 ++++- packstack/plugins/cinder_250.py | 19 ++++- packstack/plugins/dashboard_500.py | 17 +++- packstack/plugins/glance_200.py | 18 ++++- packstack/plugins/heat_650.py | 19 ++++- packstack/plugins/ironic_275.py | 22 +++++- packstack/plugins/keystone_100.py | 19 ++++- packstack/plugins/mariadb_003.py | 19 ++++- packstack/plugins/nagios_910.py | 19 ++++- packstack/plugins/neutron_350.py | 19 ++++- packstack/plugins/nova_300.py | 29 +++++-- packstack/plugins/openstack_client_400.py | 17 +++- packstack/plugins/postscript_948.py | 17 +++- packstack/plugins/prescript_000.py | 27 +++++-- packstack/plugins/provision_700.py | 21 +++-- packstack/plugins/puppet_950.py | 24 ++++-- packstack/plugins/sahara_800.py | 18 ++++- packstack/plugins/serverprep_001.py | 16 +++- packstack/plugins/swift_600.py | 20 ++++- packstack/plugins/trove_850.py | 19 ++++- .../modules/packstack/lib/facter/netns.py | 14 +++- packstack/version.py | 12 +++ setup.py | 22 +++++- tests/installer/test_drones.py | 9 +-- tests/installer/test_run_setup.py | 9 ++- tests/installer/test_sequences.py | 4 +- tests/installer/test_utils.py | 3 +- tox.ini | 2 +- 50 files changed, 708 insertions(+), 147 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index f062349bd..08e20631b 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -1,5 +1,17 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # packstack documentation build configuration file, created by # sphinx-quickstart on Thu Nov 15 20:34:41 2012. # diff --git a/packstack/installer/basedefs.py b/packstack/installer/basedefs.py index 2a8cbaf72..f0649c742 100644 --- a/packstack/installer/basedefs.py +++ b/packstack/installer/basedefs.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ This module provides all the predefined variables. @@ -18,7 +30,7 @@ PACKSTACK_VAR_DIR = "/var/tmp/packstack" try: - os.mkdir(PACKSTACK_VAR_DIR, 0700) + os.mkdir(PACKSTACK_VAR_DIR, 0o700) except OSError: # directory is already created, check ownership stat = os.stat(PACKSTACK_VAR_DIR) diff --git a/packstack/installer/core/drones.py b/packstack/installer/core/drones.py index 4c874cc66..98c5c243e 100644 --- a/packstack/installer/core/drones.py +++ b/packstack/installer/core/drones.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import stat diff --git a/packstack/installer/core/parameters.py b/packstack/installer/core/parameters.py index e27c5e0c1..7450f9d4a 100644 --- a/packstack/installer/core/parameters.py +++ b/packstack/installer/core/parameters.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Container set for groups and parameters diff --git a/packstack/installer/core/sequences.py b/packstack/installer/core/sequences.py index 64c76cbb6..224fd384d 100644 --- a/packstack/installer/core/sequences.py +++ b/packstack/installer/core/sequences.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Base class for steps & sequences diff --git a/packstack/installer/exceptions.py b/packstack/installer/exceptions.py index cf0dc4d4c..a37b7b005 100644 --- a/packstack/installer/exceptions.py +++ b/packstack/installer/exceptions.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. __all__ = ( 'PackStackError', diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 840028e28..295d6fdde 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -1,3 +1,16 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + ''' external text file to hold all user visible text. info messages begins with INFO_ and error msg with ERR_ diff --git a/packstack/installer/processors.py b/packstack/installer/processors.py index 2c6d530d3..948abbed6 100644 --- a/packstack/installer/processors.py +++ b/packstack/installer/processors.py @@ -1,11 +1,25 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import netaddr import os import uuid -from .utils import ScriptRunner, force_ip -from .exceptions import ParamProcessingError, NetworkError +from .utils import force_ip +from .utils import ScriptRunner +from .exceptions import NetworkError +from .exceptions import ParamProcessingError __all__ = ('ParamProcessingError', 'process_cidr', 'process_host', diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 233920e67..c3503ca45 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -1,3 +1,16 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + import ConfigParser import copy import datetime @@ -11,14 +24,16 @@ import types import textwrap -from optparse import OptionParser, OptionGroup +from optparse import OptionGroup +from optparse import OptionParser import basedefs import validators from . import utils import processors import output_messages -from .exceptions import FlagValidationError, ParamValidationError +from .exceptions import FlagValidationError +from .exceptions import ParamValidationError from packstack import version from packstack.modules.ospluginutils import gethostlist @@ -39,7 +54,7 @@ def initLogging(debug): # Create the log file with specific permissions, puppet has a habbit of putting # passwords in logs - os.close(os.open(logFile, os.O_CREAT | os.O_EXCL, 0600)) + os.close(os.open(logFile, os.O_CREAT | os.O_EXCL, 0o600)) hdlr = logging.FileHandler(filename=logFile, mode='w') if (debug): @@ -82,8 +97,8 @@ def _getInputFromUser(param): message.write(param.PROMPT) val_list = param.VALIDATORS or [] - if validators.validate_regexp not in val_list \ - and param.OPTION_LIST: + if(validators.validate_regexp not in val_list + and param.OPTION_LIST): message.write(" [%s]" % "|".join(param.OPTION_LIST)) if param.DEFAULT_VALUE: @@ -130,7 +145,7 @@ def _getInputFromUser(param): loop = True except KeyboardInterrupt: # add the new line so messages wont be displayed in the same line as the question - print "" + print("") raise except: logging.error(traceback.format_exc()) @@ -158,7 +173,7 @@ def input_param(param): logging.debug("Param confirmation passed, value for both questions is identical") break else: - print output_messages.INFO_VAL_PASSWORD_DONT_MATCH + print(output_messages.INFO_VAL_PASSWORD_DONT_MATCH) else: _getInputFromUser(param) @@ -272,7 +287,7 @@ def validate_param_value(param, value): try: val_func(value, opt_list) except ParamValidationError as ex: - print 'Parameter %s failed validation: %s' % (cname, ex) + print('Parameter %s failed validation: %s' % (cname, ex)) raise @@ -287,14 +302,14 @@ def process_param_value(param, value): if new_value != _value: if param.MASK_INPUT is False: msg = output_messages.INFO_CHANGED_VALUE - print msg % (_value, new_value) + print(msg % (_value, new_value)) _value = new_value else: logging.debug("Processor returned the original " "value: %s" % _value) except processors.ParamProcessingError as ex: - print ("Value processing of parameter %s " - "failed.\n%s" % (param.CONF_NAME, ex)) + print("Value processing of parameter %s " + "failed.\n%s" % (param.CONF_NAME, ex)) raise return _value @@ -541,8 +556,8 @@ def _getConditionValue(matchMember): def _displaySummary(): - print output_messages.INFO_DSPLY_PARAMS - print "=" * (len(output_messages.INFO_DSPLY_PARAMS) - 1) + print(output_messages.INFO_DSPLY_PARAMS) + print("=" * (len(output_messages.INFO_DSPLY_PARAMS) - 1)) logging.info("*** User input summary ***") for group in controller.getAllGroups(): for param in group.parameters.itervalues(): @@ -553,11 +568,11 @@ def _displaySummary(): # Only call mask on a value if the param has MASK_INPUT set to True if maskParam: logging.info("%s: %s" % (cmdOption, mask(controller.CONF[param.CONF_NAME]))) - print "%s:" % (cmdOption) + " " * l + mask(controller.CONF[param.CONF_NAME]) + print("%s:" % (cmdOption) + " " * l + mask(controller.CONF[param.CONF_NAME])) else: # Otherwise, log & display it as it is logging.info("%s: %s" % (cmdOption, str(controller.CONF[param.CONF_NAME]))) - print "%s:" % (cmdOption) + " " * l + str(controller.CONF[param.CONF_NAME]) + print("%s:" % (cmdOption) + " " * l + str(controller.CONF[param.CONF_NAME])) logging.info("*** User input summary ***") answer = _askYesNo(output_messages.INFO_USE_PARAMS) if not answer: @@ -573,7 +588,7 @@ def _displaySummary(): del controller.CONF[param.CONF_NAME] if param.CONF_NAME in commandLineValues: del commandLineValues[param.CONF_NAME] - print "" + print("") logging.debug("calling handleParams in interactive mode") return _handleParams(None) else: @@ -582,9 +597,9 @@ def _displaySummary(): def _printAdditionalMessages(): if len(controller.MESSAGES) > 0: - print "\n", output_messages.INFO_ADDTIONAL_MSG + print("\n", output_messages.INFO_ADDTIONAL_MSG) for msg in controller.MESSAGES: - print output_messages.INFO_ADDTIONAL_MSG_BULLET % (msg) + print(output_messages.INFO_ADDTIONAL_MSG_BULLET % (msg)) def _addFinalInfoMsg(logFile): @@ -612,7 +627,7 @@ def runSequences(): def _main(options, configFile=None, logFile=None): - print output_messages.INFO_HEADER + print(output_messages.INFO_HEADER) print("") print(output_messages.INFO_LOG_FILE_PATH % logFile) @@ -632,7 +647,7 @@ def _main(options, configFile=None, logFile=None): logging.debug(mask(controller.CONF)) # Start configuration stage - print "\n", output_messages.INFO_INSTALL + print("\n", output_messages.INFO_INSTALL) # Initialize Sequences initPluginsSequences() @@ -645,7 +660,7 @@ def _main(options, configFile=None, logFile=None): # Print info _addFinalInfoMsg(logFile) - print output_messages.INFO_INSTALL_SUCCESS + print(output_messages.INFO_INSTALL_SUCCESS) def remove_remote_var_dirs(options, config, messages): @@ -703,7 +718,7 @@ def generateAnswerFile(outputFile, overrides={}): # the mode -rw------- if os.path.exists(outputFile): os.remove(outputFile) - fd = os.open(outputFile, os.O_WRONLY | os.O_CREAT | os.O_EXCL, 0600) + fd = os.open(outputFile, os.O_WRONLY | os.O_CREAT | os.O_EXCL, 0o600) with os.fdopen(fd, "w") as ans_file: ans_file.write("[general]%s" % os.linesep) @@ -829,17 +844,17 @@ def printOptions(): # For each group, create a group option for group in controller.getAllGroups(): - print "%s" % group.DESCRIPTION - print "-" * len(group.DESCRIPTION) - print + print("%s" % group.DESCRIPTION) + print("-" * len(group.DESCRIPTION)) + print() for param in group.parameters.itervalues(): cmdOption = param.CONF_NAME paramUsage = param.USAGE optionsList = param.OPTION_LIST or "" - print "%s" % (("**%s**" % str(cmdOption)).ljust(30)) - print " %s %s" % (paramUsage, optionsList) - print + print("%s" % (("**%s**" % str(cmdOption)).ljust(30))) + print(" %s %s" % (paramUsage, optionsList)) + print() def plugin_compare(x, y): @@ -1006,9 +1021,9 @@ def main(): optParser.error(str(ex)) except Exception as e: logging.error(traceback.format_exc()) - print - print utils.color_text("ERROR : " + str(e), 'red') - print output_messages.ERR_CHECK_LOG_FILE_FOR_MORE_INFO % (logFile) + print() + print(utils.color_text("ERROR : " + str(e), 'red')) + print(output_messages.ERR_CHECK_LOG_FILE_FOR_MORE_INFO % (logFile)) sys.exit(1) finally: diff --git a/packstack/installer/setup_controller.py b/packstack/installer/setup_controller.py index 6429d0753..34b78a05e 100644 --- a/packstack/installer/setup_controller.py +++ b/packstack/installer/setup_controller.py @@ -1,3 +1,16 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + """ Controller class is a SINGLETON which handles all groups, params, sequences, steps and replaces the CONF dictionary. diff --git a/packstack/installer/utils/__init__.py b/packstack/installer/utils/__init__.py index 92031e65f..76f4db297 100644 --- a/packstack/installer/utils/__init__.py +++ b/packstack/installer/utils/__init__.py @@ -1,13 +1,35 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. from .datastructures import SortedDict from .decorators import retry -from .network import get_localhost_ip, host2ip, force_ip, device_from_ip -from .shell import ScriptRunner, execute -from .shortcuts import (host_iter, hosts, get_current_user, - get_current_username, split_hosts) -from .strings import (COLORS, color_text, mask_string, state_format, - state_message) +from .network import get_localhost_ip +from .network import host2ip +from .network import force_ip +from .network import device_from_ip +from .shell import execute +from .shell import ScriptRunner +from .shortcuts import host_iter +from .shortcuts import hosts +from .shortcuts import get_current_user +from .shortcuts import get_current_username +from .shortcuts import split_hosts +from .strings import COLORS +from .strings import color_text +from .strings import mask_string +from .strings import state_format +from .strings import state_message __all__ = ('SortedDict', diff --git a/packstack/installer/utils/datastructures.py b/packstack/installer/utils/datastructures.py index 542f18dcb..a451ff247 100644 --- a/packstack/installer/utils/datastructures.py +++ b/packstack/installer/utils/datastructures.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import copy from types import GeneratorType diff --git a/packstack/installer/utils/decorators.py b/packstack/installer/utils/decorators.py index 1f9a1fdf7..dcf1d7758 100644 --- a/packstack/installer/utils/decorators.py +++ b/packstack/installer/utils/decorators.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import time diff --git a/packstack/installer/utils/network.py b/packstack/installer/utils/network.py index 89e64ddcc..be2118bb7 100644 --- a/packstack/installer/utils/network.py +++ b/packstack/installer/utils/network.py @@ -1,10 +1,23 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import re import socket from ..exceptions import NetworkError -from .shell import execute, ScriptRunner +from .shell import execute +from .shell import ScriptRunner def get_localhost_ip(): diff --git a/packstack/installer/utils/shell.py b/packstack/installer/utils/shell.py index 33c8b5854..0a9d3349e 100644 --- a/packstack/installer/utils/shell.py +++ b/packstack/installer/utils/shell.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import re import os @@ -6,8 +18,9 @@ import logging import subprocess -from ..exceptions import (ExecuteRuntimeError, ScriptRuntimeError, - NetworkError) +from ..exceptions import ExecuteRuntimeError +from ..exceptions import NetworkError +from ..exceptions import ScriptRuntimeError from .strings import mask_string diff --git a/packstack/installer/utils/shortcuts.py b/packstack/installer/utils/shortcuts.py index 4371d48bd..52b380abb 100644 --- a/packstack/installer/utils/shortcuts.py +++ b/packstack/installer/utils/shortcuts.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import grp import os diff --git a/packstack/installer/utils/strings.py b/packstack/installer/utils/strings.py index 5c46eb16a..b49724bda 100644 --- a/packstack/installer/utils/strings.py +++ b/packstack/installer/utils/strings.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import re diff --git a/packstack/installer/validators.py b/packstack/installer/validators.py index 91555131b..cfa3264bb 100644 --- a/packstack/installer/validators.py +++ b/packstack/installer/validators.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Contains all core validation functions. diff --git a/packstack/modules/common.py b/packstack/modules/common.py index 539be2912..df2aad6ca 100644 --- a/packstack/modules/common.py +++ b/packstack/modules/common.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. from ..installer import utils diff --git a/packstack/modules/ospluginutils.py b/packstack/modules/ospluginutils.py index 9e7a7df7e..63cffe054 100644 --- a/packstack/modules/ospluginutils.py +++ b/packstack/modules/ospluginutils.py @@ -1,3 +1,15 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import yaml @@ -61,10 +73,10 @@ def writeManifests(self): if not self.global_data: with open(os.path.join(PUPPET_TEMPLATE_DIR, "global.pp")) as gfp: self.global_data = gfp.read() % controller.CONF - os.mkdir(basedefs.PUPPET_MANIFEST_DIR, 0700) + os.mkdir(basedefs.PUPPET_MANIFEST_DIR, 0o700) for fname, data in self.data.items(): path = os.path.join(basedefs.PUPPET_MANIFEST_DIR, fname) - fd = os.open(path, os.O_WRONLY | os.O_CREAT | os.O_EXCL, 0600) + fd = os.open(path, os.O_WRONLY | os.O_CREAT | os.O_EXCL, 0o600) with os.fdopen(fd, 'w') as fp: fp.write(self.global_data + data) manifestfiles = ManifestFiles() @@ -82,7 +94,7 @@ def appendManifestFile(manifest_name, data, marker=''): def generateHieraDataFile(): - os.mkdir(basedefs.HIERADATA_DIR, 0700) + os.mkdir(basedefs.HIERADATA_DIR, 0o700) with open(HIERA_DEFAULTS_YAML, 'w') as outfile: outfile.write(yaml.dump(controller.CONF, explicit_start=True, diff --git a/packstack/modules/puppet.py b/packstack/modules/puppet.py index ddec2cac0..bbc76137d 100644 --- a/packstack/modules/puppet.py +++ b/packstack/modules/puppet.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import logging import os diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index 07155a822..9ed18734c 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures AMQP @@ -9,10 +21,9 @@ from packstack.installer import utils from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- AMQP Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index 3d43e85a1..c27161b3e 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Ceilometer @@ -11,10 +23,9 @@ from packstack.installer import processors from packstack.installer.utils import split_hosts from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Ceilometer Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 8156fbfa4..368bc4946 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Cinder @@ -15,10 +27,9 @@ from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------------ Cinder Packstack Plugin initialization ------------------ diff --git a/packstack/plugins/dashboard_500.py b/packstack/plugins/dashboard_500.py index abd7d5938..3e87af391 100644 --- a/packstack/plugins/dashboard_500.py +++ b/packstack/plugins/dashboard_500.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures OpenStack Horizon @@ -11,9 +23,8 @@ from packstack.installer import exceptions from packstack.installer import utils -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Horizon Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 062b1b971..88b0a9a3a 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Glance @@ -9,9 +21,9 @@ from packstack.installer import utils from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Glance Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/heat_650.py b/packstack/plugins/heat_650.py index 26182dc21..83e9512d6 100644 --- a/packstack/plugins/heat_650.py +++ b/packstack/plugins/heat_650.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Heat @@ -11,10 +23,9 @@ from packstack.installer import processors from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Heat Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/ironic_275.py b/packstack/plugins/ironic_275.py index c67aab442..da66b391f 100644 --- a/packstack/plugins/ironic_275.py +++ b/packstack/plugins/ironic_275.py @@ -1,15 +1,29 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Ironic """ -from packstack.installer import utils, validators, processors +from packstack.installer import utils +from packstack.installer import validators +from packstack.installer import processors from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------------ Ironic Packstack Plugin initialization ------------------ diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 2dd1d31b7..f716a1d57 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Keystone @@ -10,10 +22,9 @@ from packstack.installer import processors from packstack.installer import utils -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Keystone Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index e3ed62b73..99a06d9c0 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures MariaDB @@ -9,10 +21,9 @@ from packstack.installer import utils from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- MariaDB Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/nagios_910.py b/packstack/plugins/nagios_910.py index a33b278eb..26f9acbf3 100644 --- a/packstack/plugins/nagios_910.py +++ b/packstack/plugins/nagios_910.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Nagios @@ -9,10 +21,9 @@ from packstack.installer import utils from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Nagios Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index f102f1c63..0c597fd0e 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Neutron @@ -12,10 +24,9 @@ from packstack.modules.common import filtered_hosts from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Neutron Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 6553ca9e5..1c13cf129 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Nova @@ -8,14 +20,18 @@ import platform import socket -from packstack.installer import basedefs, processors, utils, validators +from packstack.installer import basedefs +from packstack.installer import processors +from packstack.installer import utils +from packstack.installer import validators from packstack.installer.exceptions import ScriptRuntimeError from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (NovaConfig, getManifestTemplate, - appendManifestFile, manifestfiles, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate +from packstack.modules.ospluginutils import manifestfiles +from packstack.modules.ospluginutils import NovaConfig # ------------- Nova Packstack Plugin Initialization -------------- @@ -426,8 +442,7 @@ def create_api_manifest(config, messages): if config['CONFIG_NEUTRON_INSTALL'] != 'y': config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = 'undef' else: - config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = \ - "%s" % config['CONFIG_NEUTRON_METADATA_PW'] + config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = "%s" % config['CONFIG_NEUTRON_METADATA_PW'] manifestfile = "%s_api_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_api") diff --git a/packstack/plugins/openstack_client_400.py b/packstack/plugins/openstack_client_400.py index fca78d8a3..f3c966ca6 100644 --- a/packstack/plugins/openstack_client_400.py +++ b/packstack/plugins/openstack_client_400.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures an OpenStack Client @@ -8,9 +20,8 @@ from packstack.installer import utils -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import getManifestTemplate # ------------- OpenStack Client Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/postscript_948.py b/packstack/plugins/postscript_948.py index 74c7f9724..9dd6f6da2 100644 --- a/packstack/plugins/postscript_948.py +++ b/packstack/plugins/postscript_948.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Plugin responsible for post-installation configuration @@ -7,9 +19,8 @@ from packstack.installer import utils from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Postscript Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index e3a32368f..c00586ce1 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Plugin responsible for setting OpenStack global options @@ -9,13 +21,16 @@ import re import uuid -from packstack.installer import (basedefs, exceptions, processors, utils, - validators) - -from packstack.modules.common import filtered_hosts, is_all_in_one -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile) +from packstack.installer import basedefs +from packstack.installer import exceptions +from packstack.installer import processors +from packstack.installer import utils +from packstack.installer import validators +from packstack.modules.common import filtered_hosts +from packstack.modules.common import is_all_in_one +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Prescript Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 0be3f0c4e..44b1e236b 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Provisioning for demo usage and testing @@ -9,9 +21,8 @@ from packstack.installer import processors from packstack.modules.common import is_all_in_one -from packstack.modules.ospluginutils import (appendManifestFile, - getManifestTemplate) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import getManifestTemplate # ------------- Provision Packstack Plugin Initialization -------------- @@ -307,7 +318,7 @@ def create_storage_manifest(config, messages): def create_tempest_manifest(config, messages): using_neutron(config) - manifest_file = '%s_provision_tempest.pp' % \ - config['CONFIG_CONTROLLER_HOST'] + manifest_file = ('%s_provision_tempest.pp' % + config['CONFIG_CONTROLLER_HOST']) manifest_data = getManifestTemplate("provision_tempest") appendManifestFile(manifest_file, manifest_data) diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 957df0506..982172b3f 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Puppet @@ -11,12 +23,14 @@ from packstack.installer import utils from packstack.installer import basedefs -from packstack.installer.exceptions import ScriptRuntimeError, PuppetError +from packstack.installer.exceptions import PuppetError +from packstack.installer.exceptions import ScriptRuntimeError from packstack.modules.common import filtered_hosts -from packstack.modules.ospluginutils import (manifestfiles, - generateHieraDataFile) -from packstack.modules.puppet import scan_logfile, validate_logfile +from packstack.modules.ospluginutils import generateHieraDataFile +from packstack.modules.ospluginutils import manifestfiles +from packstack.modules.puppet import validate_logfile +from packstack.modules.puppet import scan_logfile # ------------- Puppet Packstack Plugin Initialization -------------- @@ -245,7 +259,7 @@ def apply_puppet_manifest(config, messages): continue host_dir = config['HOST_DETAILS'][hostname]['tmpdir'] - print "Applying %s" % manifest + print("Applying %s" % manifest) server = utils.ScriptRunner(hostname) man_path = os.path.join(config['HOST_DETAILS'][hostname]['tmpdir'], diff --git a/packstack/plugins/sahara_800.py b/packstack/plugins/sahara_800.py index 08478795e..8824b6011 100644 --- a/packstack/plugins/sahara_800.py +++ b/packstack/plugins/sahara_800.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Sahara @@ -8,9 +20,9 @@ from packstack.installer import validators from packstack.installer import processors from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------------ Sahara installer initialization ------------------ diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index c408922e7..04b7a9ae8 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Plugin responsible for Server Preparation. @@ -13,8 +25,8 @@ from packstack.installer import utils from packstack.installer import validators -from packstack.modules.common import filtered_hosts, is_all_in_one - +from packstack.modules.common import filtered_hosts +from packstack.modules.common import is_all_in_one # ------------ Server Preparation Packstack Plugin Initialization ------------- diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index 2a58aac03..160e2a479 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Swift @@ -15,10 +27,10 @@ from packstack.installer import utils from packstack.installer.utils import split_hosts -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, manifestfiles, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate +from packstack.modules.ospluginutils import manifestfiles # ------------- Swift Packstack Plugin Initialization -------------- diff --git a/packstack/plugins/trove_850.py b/packstack/plugins/trove_850.py index 60a92a03d..7ff3ca41e 100644 --- a/packstack/plugins/trove_850.py +++ b/packstack/plugins/trove_850.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Installs and configures Trove @@ -8,10 +20,9 @@ from packstack.installer import validators from packstack.installer import processors from packstack.modules.shortcuts import get_mq -from packstack.modules.ospluginutils import (getManifestTemplate, - appendManifestFile, - createFirewallResources) - +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources +from packstack.modules.ospluginutils import getManifestTemplate # ------------------ Trove Packstack Plugin initialization ------------------ diff --git a/packstack/puppet/modules/packstack/lib/facter/netns.py b/packstack/puppet/modules/packstack/lib/facter/netns.py index 14f2f82d6..e8bd553be 100644 --- a/packstack/puppet/modules/packstack/lib/facter/netns.py +++ b/packstack/puppet/modules/packstack/lib/facter/netns.py @@ -1,5 +1,17 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import contextlib import inspect @@ -14,7 +26,7 @@ def execute(cmd_string, check_error=True, return_code=0, input=None, block=True, error_msg='Error executing cmd'): - print cmd_string + print(cmd_string) cmd = cmd_string.split(' ') proc = subprocess.Popen(cmd, stdin=subprocess.PIPE, diff --git a/packstack/version.py b/packstack/version.py index f7ce34bb4..06f83e753 100644 --- a/packstack/version.py +++ b/packstack/version.py @@ -1,4 +1,16 @@ # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import pkg_resources diff --git a/setup.py b/setup.py index 312fbe81c..2510942fc 100644 --- a/setup.py +++ b/setup.py @@ -1,11 +1,25 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import shutil import subprocess -from setuptools import setup, find_packages, Command +from setuptools import setup +from setuptools import find_packages +from setuptools import Command from packstack import version @@ -42,11 +56,11 @@ def run(self): # install third-party modules from openstack-puppet-modules repo if not os.path.exists(self.destination): try: - os.makedirs(basedir, 0755) + os.makedirs(basedir, 0o755) except OSError: # base directory exists pass - print 'Cloning %(repo)s to %(destination)s' % locals() + print('Cloning %(repo)s to %(destination)s' % locals()) cmd = ('cd %(basedir)s; git clone %(repo)s %(repodir)s; ' 'cd %(repodir)s; git checkout %(branch)s; ' % locals()) proc = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, @@ -63,7 +77,7 @@ def run(self): continue dest = os.path.join(self.destination, module) - print 'Copying module %(module)s to %(dest)s' % locals() + print('Copying module %(module)s to %(dest)s' % locals()) shutil.rmtree(dest, ignore_errors=True) shutil.copytree(source, dest) diff --git a/tests/installer/test_drones.py b/tests/installer/test_drones.py index 9df86f7ed..5251027db 100644 --- a/tests/installer/test_drones.py +++ b/tests/installer/test_drones.py @@ -82,11 +82,10 @@ def test_tarball_packing(self): tarball = tarfile.open(pack_path) tarball.extractall(path=self.tempdir) # check content of files - for path, content in \ - [('resources/res1.txt', 'resource one'), - ('resources/resdir/res2.txt', 'resource two'), - ('recipes/rec1.pp', 'recipe one'), - ('recipes/rec2.pp', 'recipe two')]: + for path, content in [('resources/res1.txt', 'resource one'), + ('resources/resdir/res2.txt', 'resource two'), + ('recipes/rec1.pp', 'recipe one'), + ('recipes/rec2.pp', 'recipe two')]: with open(os.path.join(self.tempdir, path)) as f: fcont = f.read() self.assertEqual(fcont, content) diff --git a/tests/installer/test_run_setup.py b/tests/installer/test_run_setup.py index d104b1854..a74ee81d6 100644 --- a/tests/installer/test_run_setup.py +++ b/tests/installer/test_run_setup.py @@ -21,10 +21,13 @@ import sys from unittest import TestCase -from packstack.modules import ospluginutils, puppet -from packstack.installer import run_setup, basedefs +from packstack.modules import ospluginutils +from packstack.modules import puppet +from packstack.installer import basedefs +from packstack.installer import run_setup -from ..test_base import PackstackTestCaseMixin, FakePopen +from ..test_base import FakePopen +from ..test_base import PackstackTestCaseMixin def makefile(path, content): diff --git a/tests/installer/test_sequences.py b/tests/installer/test_sequences.py index 6feea44ed..d00cc768e 100644 --- a/tests/installer/test_sequences.py +++ b/tests/installer/test_sequences.py @@ -48,8 +48,8 @@ def func(config, messages): contents = sys.stdout.getvalue() state = '[ %s ]\n' % utils.color_text('DONE', 'green') - if not contents.startswith('Running test') or \ - not contents.endswith(state): + if(not contents.startswith('Running test') or + not contents.endswith(state)): raise AssertionError('Step run test failed: %s' % contents) diff --git a/tests/installer/test_utils.py b/tests/installer/test_utils.py index 34dd69292..2826870eb 100644 --- a/tests/installer/test_utils.py +++ b/tests/installer/test_utils.py @@ -23,7 +23,8 @@ import tempfile from unittest import TestCase -from ..test_base import PackstackTestCaseMixin, FakePopen +from ..test_base import FakePopen +from ..test_base import PackstackTestCaseMixin from packstack.installer.utils import * from packstack.installer.utils.strings import STR_MASK from packstack.installer.exceptions import ExecuteRuntimeError diff --git a/tox.ini b/tox.ini index 584e0448e..eb334ce24 100644 --- a/tox.ini +++ b/tox.ini @@ -33,6 +33,6 @@ commands = python setup.py build_sphinx # E123, E125 skipped as they are invalid PEP-8. # # All other checks should be enabled in the future. -ignore = E123,E125,H803,F403,F821,F811,F841,E501,H302,H303,H304,H301,H306,H405,H404,H904,H201,H305,H307,H501,H102,H233,H101,H233,H232 +ignore = E123,E125,H803,F403,F821,F811,F841,E501,H302,H303,H304,H306,H405,H404,H305,H307,H501,H201,H101 show-source = True exclude=.venv,.git,.tox From f878e1bc19345abc13aaaa803a951f78d12a871c Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Mon, 2 Feb 2015 21:16:46 -0700 Subject: [PATCH 0245/1017] Fixes heat missing configuration file If the keystone_heat manifest is added to the keystone.pp manifest it will fail because of missing heat.conf file. This is due the fact that heat is not installed yet, this manifest should be appended to the heat.pp manifest to avoid this error. For this to work, this puppet-heat patch is needed https://review.openstack.org/146734 Change-Id: I765cb7fa7bd8d346235fa2c1fc3ca6eea7b9f636 --- packstack/plugins/heat_650.py | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/packstack/plugins/heat_650.py b/packstack/plugins/heat_650.py index 26182dc21..6b99c7188 100644 --- a/packstack/plugins/heat_650.py +++ b/packstack/plugins/heat_650.py @@ -153,8 +153,6 @@ def initSequences(controller): steps = [ {'title': 'Adding Heat manifest entries', 'functions': [create_manifest]}, - {'title': 'Adding Heat Keystone manifest entries', - 'functions': [create_keystone_manifest]} ] if config.get('CONFIG_HEAT_CLOUDWATCH_INSTALL', 'n') == 'y': @@ -174,6 +172,7 @@ def create_manifest(config, messages): manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat") + manifestdata += getManifestTemplate("keystone_heat") fw_details = dict() key = "heat" @@ -189,12 +188,6 @@ def create_manifest(config, messages): appendManifestFile(manifestfile, manifestdata, marker='heat') -def create_keystone_manifest(config, messages): - manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate("keystone_heat") - appendManifestFile(manifestfile, manifestdata) - - def create_cloudwatch_manifest(config, messages): manifestfile = "%s_heatcw.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) From 513852553479da717c5c87cca76c38c5fc95b82e Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Tue, 3 Feb 2015 10:01:40 -0700 Subject: [PATCH 0246/1017] Fix missing heat_stack_owner role The configure_delegated_roles has to be set to true in order for this role to be created. Change-Id: I856ddaab56001c01a926ee9ed60ce4a2e596e3f1 --- packstack/puppet/templates/keystone_heat.pp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/packstack/puppet/templates/keystone_heat.pp b/packstack/puppet/templates/keystone_heat.pp index 2698a2d8d..5b4a7a9a2 100644 --- a/packstack/puppet/templates/keystone_heat.pp +++ b/packstack/puppet/templates/keystone_heat.pp @@ -1,10 +1,11 @@ # heat::keystone::auth class { 'heat::keystone::auth': - region => hiera('CONFIG_KEYSTONE_REGION'), - password => hiera('CONFIG_HEAT_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_HEAT_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), + configure_delegated_roles => true, } $is_heat_cfn_install = hiera('CONFIG_HEAT_CFN_INSTALL') From 2d6e97c009e84a868dcae9f9782a353f19c42f67 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 3 Feb 2015 17:20:47 +0100 Subject: [PATCH 0247/1017] [Keystone] Fix keystone url With switch to keystone::resource::service_identity we lost api version string from keystone url. We now have CONFIG_KEYSTONE_API_VERSION option which defaults to v2.0 but can be set to v3. Change-Id: I6a8ebc18268a06c1eebffc78d9374e907cf92b4f --- packstack/plugins/keystone_100.py | 13 +++++++++++++ packstack/puppet/templates/keystone.pp | 9 ++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 2dd1d31b7..01e516016 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -92,6 +92,19 @@ def initConfig(controller): "NEED_CONFIRM": True, "CONDITION": False}, + {"CMD_OPTION": "keystone-api-version", + "USAGE": "Keystone API version string", + "PROMPT": "Enter the Keystone API version string.", + "OPTION_LIST": ['v2.0', 'v3'], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": 'v2.0', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": 'CONFIG_KEYSTONE_API_VERSION', + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "keystone-token-format", "USAGE": "Keystone token format. Use either UUID or PKI", "PROMPT": "Enter the Keystone token format.", diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index d4b61df99..f9d932ec2 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -4,6 +4,9 @@ $keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $keystone_token_provider_str = downcase(hiera('CONFIG_KEYSTONE_TOKEN_FORMAT')) +$keystone_api_version_str = hiera('CONFIG_KEYSTONE_API_VERSION') +$keystone_url = "http://${keystone_endpoint_cfg_ctrl_host}:5000/${keystone_api_version_str}" +$keystone_admin_url = "http://${keystone_endpoint_cfg_ctrl_host}:35357/${keystone_api_version_str}" class { 'keystone': admin_token => hiera('CONFIG_KEYSTONE_ADMIN_TOKEN'), @@ -30,9 +33,9 @@ } keystone::resource::service_identity { 'keystone': - public_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", - internal_url => "http://${keystone_endpoint_cfg_ctrl_host}:5000", - admin_url => "http://${keystone_endpoint_cfg_ctrl_host}:35357", + public_url => $keystone_url, + internal_url => $keystone_url, + admin_url => $keystone_admin_url, region => hiera('CONFIG_KEYSTONE_REGION'), service_type => 'identity', service_description => 'OpenStack Identity Service', From 880324fd0647728f718335327fb44f68142d358c Mon Sep 17 00:00:00 2001 From: Alan Pevec Date: Tue, 3 Feb 2015 19:02:24 +0100 Subject: [PATCH 0248/1017] Packstack master is Kilo now Change-Id: I9a01c059f38369efa533cbad965f29eae43fd557 --- packstack/version.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/version.py b/packstack/version.py index f7ce34bb4..7f6f301fe 100644 --- a/packstack/version.py +++ b/packstack/version.py @@ -6,8 +6,8 @@ from .installer.utils import execute -VERSION = ['2014', '2'] -OS_RELEASE = 'Juno' +VERSION = ['2015', '1'] +OS_RELEASE = 'Kilo' RESERVE_STR = None From 0a7304ebb2c1618d2eb495d82af5d4973a293258 Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Thu, 5 Feb 2015 16:54:47 -0500 Subject: [PATCH 0249/1017] load br_netfilter module if necessary This change causes the 'br_netfilter' kernel module to be loaded if the 'bridge' module does not provide the net.bridge.* sysctls. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1189681 Change-Id: Icafa41c3511af3e3be6339022e89d4b14cbbaf99 --- .../modules/packstack/manifests/neutron/bridge.pp | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp index 81ba8fb7d..1d20d9df3 100644 --- a/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp +++ b/packstack/puppet/modules/packstack/manifests/neutron/bridge.pp @@ -2,14 +2,6 @@ # Loads bridge modules and sets appropriate sysctl.conf variables class packstack::neutron::bridge { - if $::operatingsystem == 'Fedora' and (is_integer($::operatingsystemrelease) and $::operatingsystemrelease >= 22 or $::operatingsystemrelease == 'Rawhide') { - exec { 'load-br-netfilter': - path => ['/sbin', '/usr/sbin'], - command => 'modprobe -b br_netfilter', - logoutput => 'on_failure', - before => Exec['load-bridge'], - } - } file { 'bridge-module-loader': path => '/etc/sysconfig/modules/openstack-neutron.modules', ensure => present, @@ -19,6 +11,11 @@ path => ['/sbin', '/usr/sbin'], command => 'modprobe -b bridge', logoutput => 'on_failure' + } -> exec { 'load-bridge-netfilter': + path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], + command => 'modprobe -b br_netfilter', + logoutput => 'on_failure', + unless => 'test -d /proc/sys/net/bridge' } -> file_line { '/etc/sysctl.conf bridge-nf-call-ip6tables': path => '/etc/sysctl.conf', line => 'net.bridge.bridge-nf-call-ip6tables=1', From 4a4f0c128be1f3e762664aa269108c6951fe2578 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Thu, 5 Feb 2015 14:06:14 +0100 Subject: [PATCH 0250/1017] Get rid of puppet-openstack dependency This patch is required when [1] will get merged. Also Tempest parameter groups are sanitized in this patch [1] https://github.com/redhat-openstack/openstack-puppet-modules/pull/246 Change-Id: I2adbc47f4d472dd134dc67b4aebc26daa038cee3 --- packstack/plugins/provision_700.py | 61 +++++++++++-------- packstack/puppet/templates/provision_demo.pp | 2 +- .../puppet/templates/provision_tempest.pp | 2 +- 3 files changed, 39 insertions(+), 26 deletions(-) diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 0be3f0c4e..5e201cd38 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -60,7 +60,39 @@ def process_provision(param, process_args=None): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + ], + + "PROVISION_DEMO": [ + {"CMD_OPTION": "provision-demo-floatrange", + "USAGE": "The CIDR network address for the floating IP subnet", + "PROMPT": "Enter the network address for the floating IP subnet", + "OPTION_LIST": False, + "VALIDATORS": False, + "DEFAULT_VALUE": "172.24.4.224/28", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_PROVISION_DEMO_FLOATRANGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "provision-cirros-url", + "USAGE": "A URL or local file location for the Cirros demo image " + "used for Glance", + "PROMPT": "Enter the URL or local file location for the Cirros " + "image", + "OPTION_LIST": False, + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": DEMO_CIRRUS_URL, + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_PROVISION_CIRROS_URL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + "PROVISION_TEMPEST": [ {"CMD_OPTION": "provision-tempest-user", "USAGE": "The name of the Tempest Provisioning user. If you " "don't provide a user name, Tempest will be configured " @@ -92,10 +124,7 @@ def process_provision(param, process_args=None): "NEED_CONFIRM": True, "CONDITION": False}, - ], - - "PROVISION_DEMO": [ - {"CMD_OPTION": "provision-demo-floatrange", + {"CMD_OPTION": "provision-tempest-floatrange", "USAGE": "The CIDR network address for the floating IP subnet", "PROMPT": "Enter the network address for the floating IP subnet", "OPTION_LIST": False, @@ -103,28 +132,11 @@ def process_provision(param, process_args=None): "DEFAULT_VALUE": "172.24.4.224/28", "MASK_INPUT": False, "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_PROVISION_DEMO_FLOATRANGE", - "USE_DEFAULT": False, - "NEED_CONFIRM": False, - "CONDITION": False}, - - {"CMD_OPTION": "provision-cirros-url", - "USAGE": "A URL or local file location for the Cirros demo image " - "used for Glance", - "PROMPT": "Enter the URL or local file location for the Cirros " - "image", - "OPTION_LIST": False, - "VALIDATORS": [validators.validate_not_empty], - "DEFAULT_VALUE": DEMO_CIRRUS_URL, - "MASK_INPUT": False, - "LOOSE_VALIDATION": True, - "CONF_NAME": "CONFIG_PROVISION_CIRROS_URL", + "CONF_NAME": "CONFIG_PROVISION_TEMPEST_FLOATRANGE", "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, - ], - "TEMPEST_GIT_REFS": [ {"CMD_OPTION": "provision-tempest-repo-uri", "USAGE": "The uri of the tempest git repository to use", "PROMPT": "What is the uri of the Tempest git repository?", @@ -189,12 +201,13 @@ def allow_all_in_one_ovs_bridge(config): {"GROUP_NAME": "PROVISION_DEMO", "DESCRIPTION": "Provisioning demo config", + "PRE_CONDITION": check_provisioning_demo, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, - {"GROUP_NAME": "TEMPEST_GIT_REFS", - "DESCRIPTION": "Optional tempest git uri and branch", + {"GROUP_NAME": "PROVISION_TEMPEST", + "DESCRIPTION": "Provisioning tempest config", "PRE_CONDITION": check_provisioning_tempest, "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index 0d4c92186..aa87b2826 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -93,7 +93,7 @@ firewall { '000 nat': chain => 'POSTROUTING', jump => 'MASQUERADE', - source => $::openstack::provision::floating_range, + source => hiera('CONFIG_PROVISION_DEMO_FLOATRANGE'), outiface => $::gateway_device, table => 'nat', proto => 'all', diff --git a/packstack/puppet/templates/provision_tempest.pp b/packstack/puppet/templates/provision_tempest.pp index 8920484d7..8bcb3dafb 100644 --- a/packstack/puppet/templates/provision_tempest.pp +++ b/packstack/puppet/templates/provision_tempest.pp @@ -197,7 +197,7 @@ firewall { '000 nat': chain => 'POSTROUTING', jump => 'MASQUERADE', - source => $::openstack::provision::floating_range, + source => hiera('CONFIG_PROVISION_TEMPEST_FLOATRANGE'), outiface => $::gateway_device, table => 'nat', proto => 'all', From 276e2a3aa9a4e3ce1b5e9af1063ee76ae792f82c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Fri, 6 Feb 2015 10:46:07 +0100 Subject: [PATCH 0251/1017] Removing puppet-remote This module will have separate upstream repo and will be moved to OPM Change-Id: I8c76f599193e64b30a887d4e61a6f5ebc3641550 --- .../puppet/provider/remote_database/mysql.rb | 99 --------- .../provider/remote_database_grant/mysql.rb | 194 ------------------ .../provider/remote_database_user/mysql.rb | 48 ----- .../remote/lib/puppet/type/remote_database.rb | 35 ---- .../lib/puppet/type/remote_database_grant.rb | 86 -------- .../lib/puppet/type/remote_database_user.rb | 37 ---- .../puppet/modules/remote/manifests/db.pp | 15 -- .../puppet/modules/remote/manifests/params.pp | 34 --- 8 files changed, 548 deletions(-) delete mode 100644 packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb delete mode 100644 packstack/puppet/modules/remote/lib/puppet/provider/remote_database_grant/mysql.rb delete mode 100644 packstack/puppet/modules/remote/lib/puppet/provider/remote_database_user/mysql.rb delete mode 100644 packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb delete mode 100644 packstack/puppet/modules/remote/lib/puppet/type/remote_database_grant.rb delete mode 100644 packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb delete mode 100644 packstack/puppet/modules/remote/manifests/db.pp delete mode 100644 packstack/puppet/modules/remote/manifests/params.pp diff --git a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb deleted file mode 100644 index a430acb7a..000000000 --- a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database/mysql.rb +++ /dev/null @@ -1,99 +0,0 @@ -Puppet::Type.type(:remote_database).provide(:mysql) do - - desc "Manages remote MariaDB database." - - defaultfor :kernel => 'Linux' - - optional_commands :mysql => 'mysql' - optional_commands :mysqladmin => 'mysqladmin' - - def self.instances - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "show databases" - ).split("\n").collect do |name| - new(:name => name) - end - end - - def create - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "create database `#{@resource[:name]}` - character set #{@resource[:charset]} - collate #{@resource[:collate]}" - ) - end - - def destroy - mysqladmin( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - '-f', - 'drop', @resource[:name] - ) - end - - def charset - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "show create database `#{resource[:name]}`").match(/.*?(\S+)\s\*\// - )[1] - end - - def charset=(value) - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "alter database `#{resource[:name]}` character set #{value}" - ) - end - - def collate - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "use #{resource[:name]}; show variables like 'collation_database'" - ).match(/\s*collation_database\s+(\S+)/)[1] - end - - def collate=(value) - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "alter database `#{resource[:name]}` collate #{value}" - ) - end - - def exists? - begin - mysql( - "--host=#{@resource[:db_host]}", - "--user=#{@resource[:db_user]}", - "--password=#{@resource[:db_password]}", - "-NBe", - "show databases" - ).match(/^#{@resource[:name]}$/) - rescue => e - debug(e.message) - return nil - end - end - -end diff --git a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_grant/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_grant/mysql.rb deleted file mode 100644 index e9c747be4..000000000 --- a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_grant/mysql.rb +++ /dev/null @@ -1,194 +0,0 @@ -# A grant is either global or per-db. This can be distinguished by the syntax -# of the name: -# user@host => global -# user@host/db => per-db - -Puppet::Type.type(:remote_database_grant).provide(:mysql) do - - desc "Uses mysql as database." - - defaultfor :kernel => 'Linux' - - optional_commands :mysql => 'mysql' - optional_commands :mysqladmin => 'mysqladmin' - - def user_privs - @_user_privs || query_user_privs - end - - def db_privs - @_db_privs || query_db_privs - end - - def query_user_privs - results = mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-Be", "describe user") - column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] } - @_user_privs = column_names.delete_if { |e| !( e =~/_priv$/) } - end - - def query_db_privs - results = mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-Be", "describe db") - column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] } - @_db_privs = column_names.delete_if { |e| !(e =~/_priv$/) } - end - - def mysql_flush - mysqladmin("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", "flush-privileges") - end - - # this parses the - def split_name(string) - matches = /^([^@]*)@([^\/]*)(\/(.*))?$/.match(string).captures.compact - case matches.length - when 2 - { - :type => :user, - :user => matches[0], - :host => matches[1] - } - when 4 - { - :type => :db, - :user => matches[0], - :host => matches[1], - :db => matches[3] - } - end - end - - def create_row - unless @resource.should(:privileges).empty? - name = split_name(@resource[:name]) - case name[:type] - when :user - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-e", "INSERT INTO user (host, user) VALUES ('%s', '%s')" % [ - name[:host], name[:user], - ]) - when :db - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-e", "INSERT INTO db (host, user, db) VALUES ('%s', '%s', '%s')" % [ - name[:host], name[:user], name[:db], - ]) - end - mysql_flush - end - end - - def destroy - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-e", "REVOKE ALL ON '%s'.* FROM '%s@%s'" % [ @resource[:privileges], @resource[:database], @resource[:name], @resource[:host] ]) - end - - def row_exists? - name = split_name(@resource[:name]) - fields = [:user, :host] - if name[:type] == :db - fields << :db - end - not mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", '-NBe', 'SELECT "1" FROM %s WHERE %s' % [ name[:type], fields.map do |f| "%s=\"%s\"" % [f, name[f]] end.join(' AND ')]).empty? - end - - def all_privs_set? - all_privs = case split_name(@resource[:name])[:type] - when :user - user_privs - when :db - db_privs - end - all_privs = all_privs.collect do |p| p.downcase end.sort.join("|") - privs = privileges.collect do |p| p.downcase end.sort.join("|") - - all_privs == privs - end - - def privileges - name = split_name(@resource[:name]) - privs = "" - - case name[:type] - when :user - privs = mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-Be", 'select * from mysql.user where user="%s" and host="%s"' % [ name[:user], name[:host] ]) - when :db - privs = mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-Be", 'select * from mysql.db where user="%s" and host="%s" and db="%s"' % [ name[:user], name[:host], name[:db] ]) - end - - if privs.match(/^$/) - privs = [] # no result, no privs - else - # returns a line with field names and a line with values, each tab-separated - privs = privs.split(/\n/).map! do |l| l.chomp.split(/\t/) end - # transpose the lines, so we have key/value pairs - privs = privs[0].zip(privs[1]) - privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end - end - - privs.collect do |p| p[0] end - end - - def privileges=(privs) - unless row_exists? - create_row - end - - # puts "Setting privs: ", privs.join(", ") - name = split_name(@resource[:name]) - stmt = '' - where = '' - all_privs = [] - case name[:type] - when :user - stmt = 'update user set ' - where = ' where user="%s" and host="%s"' % [ name[:user], name[:host] ] - all_privs = user_privs - when :db - stmt = 'update db set ' - where = ' where user="%s" and host="%s" and db="%s"' % [ name[:user], name[:host], name[:db] ] - all_privs = db_privs - end - - if privs[0].downcase == 'all' - privs = all_privs - end - - # Downcase the requested priviliges for case-insensitive selection - # we don't map! here because the all_privs object has to remain in - # the same case the DB gave it to us in - privs = privs.map { |p| p.downcase } - - # puts "stmt:", stmt - set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p.downcase) ? 'Y' : 'N'] end.join(', ') - # puts "set:", set - stmt = stmt << set << where - - validate_privs privs, all_privs - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-Be", stmt) - mysql_flush - end - - def validate_privs(set_privs, all_privs) - all_privs = all_privs.collect { |p| p.downcase } - set_privs = set_privs.collect { |p| p.downcase } - invalid_privs = Array.new - hints = Array.new - # Test each of the user provided privs to see if they exist in all_privs - set_privs.each do |priv| - invalid_privs << priv unless all_privs.include?(priv) - hints << "#{priv}_priv" if all_privs.include?("#{priv}_priv") - end - unless invalid_privs.empty? - # Print a decently helpful and gramatically correct error message - hints = "Did you mean '#{hints.join(',')}'?" unless hints.empty? - p = invalid_privs.size > 1 ? ['s', 'are not valid'] : ['', 'is not valid'] - detail = ["The privilege#{p[0]} '#{invalid_privs.join(',')}' #{p[1]}."] - fail [detail, hints].join(' ') - end - end - -end diff --git a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_user/mysql.rb b/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_user/mysql.rb deleted file mode 100644 index 6a942ab64..000000000 --- a/packstack/puppet/modules/remote/lib/puppet/provider/remote_database_user/mysql.rb +++ /dev/null @@ -1,48 +0,0 @@ -Puppet::Type.type(:remote_database_user).provide(:mysql) do - - desc "manage users for a mysql database." - - defaultfor :kernel => 'Linux' - - optional_commands :mysql => 'mysql' - optional_commands :mysqladmin => 'mysqladmin' - - def self.instances - users = mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", '-BNe', "select concat(User, '@', Host) as User from mysql.user").split("\n") - users.select{ |user| user =~ /.+@/ }.collect do |name| - new(:name => name) - end - end - - def create - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-e", "create user '%s' identified by PASSWORD '%s'" % [ @resource[:name].sub("@", "'@'"), @resource.value(:password_hash) ]) - end - - def destroy - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-e", "drop user '%s'" % @resource.value(:name).sub("@", "'@'") ) - end - - def password_hash - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-NBe", "select password from mysql.user where CONCAT(user, '@', host) = '%s'" % @resource.value(:name)).chomp - end - - def password_hash=(string) - mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-e", "SET PASSWORD FOR '%s' = '%s'" % [ @resource[:name].sub("@", "'@'"), string ] ) - end - - def exists? - not mysql("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", - "mysql", "-NBe", "select '1' from mysql.user where CONCAT(user, '@', host) = '%s'" % @resource.value(:name)).empty? - end - - def flush - @property_hash.clear - mysqladmin("--host=#{@resource[:db_host]}", "--user=#{@resource[:db_user]}", "--password=#{@resource[:db_password]}", "flush-privileges") - end - -end diff --git a/packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb deleted file mode 100644 index ea6a0c8b9..000000000 --- a/packstack/puppet/modules/remote/lib/puppet/type/remote_database.rb +++ /dev/null @@ -1,35 +0,0 @@ - -Puppet::Type.newtype(:remote_database) do - @doc = "Manage databases remotely." - - ensurable - - newparam(:name, :namevar=>true) do - desc "The name of the database." - end - - newparam(:db_host) do - desc "The hostname of the database server to connect." - end - - newparam(:db_user) do - desc "The user name to use when connecting to the server." - end - - newparam(:db_password) do - desc "The password with which to connect to the database server." - end - - newproperty(:charset) do - desc "The characterset to use for a database" - defaultto :utf8 - newvalue(/^\S+$/) - end - - newproperty(:collate) do - desc 'The collate setting for the database' - defaultto :utf8_general_ci - newvalue(/^\S+$/) - end - -end diff --git a/packstack/puppet/modules/remote/lib/puppet/type/remote_database_grant.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database_grant.rb deleted file mode 100644 index 36ce077a8..000000000 --- a/packstack/puppet/modules/remote/lib/puppet/type/remote_database_grant.rb +++ /dev/null @@ -1,86 +0,0 @@ - -Puppet::Type.newtype(:remote_database_grant) do - @doc = "Manage a database user's rights remotely." - #ensurable - - autorequire :remote_database do - # puts "Starting db autoreq for %s" % self[:name] - reqs = [] - matches = self[:name].match(/^([^@]+)@([^\/]+)\/(.+)$/) - unless matches.nil? - reqs << matches[3] - end - # puts "Autoreq: '%s'" % reqs.join(" ") - reqs - end - - autorequire :remote_database_user do - # puts "Starting user autoreq for %s" % self[:name] - reqs = [] - matches = self[:name].match(/^([^@]+)@([^\/]+).*$/) - unless matches.nil? - reqs << "%s@%s" % [ matches[1], matches[2] ] - end - # puts "Autoreq: '%s'" % reqs.join(" ") - reqs - end - - newparam(:name, :namevar=>true) do - desc "The primary key: either user@host for global privilges or user@host/database for database specific privileges" - end - - newparam(:db_host) do - desc "The hostname of the database server to connect." - end - - newparam(:db_user) do - desc "The user name to use when connecting to the server." - end - - newparam(:db_password) do - desc "The password with which to connect to the database server." - end - - newproperty(:privileges, :array_matching => :all) do - desc "The privileges the user should have. The possible values are implementation dependent." - - def should_to_s(newvalue = @should) - if newvalue - unless newvalue.is_a?(Array) - newvalue = [ newvalue ] - end - newvalue.collect do |v| v.downcase end.sort.join ", " - else - nil - end - end - - def is_to_s(currentvalue = @is) - if currentvalue - unless currentvalue.is_a?(Array) - currentvalue = [ currentvalue ] - end - currentvalue.collect do |v| v.downcase end.sort.join ", " - else - nil - end - end - - # use the sorted outputs for comparison - def insync?(is) - if defined? @should and @should - case self.should_to_s - when "all" - self.provider.all_privs_set? - when self.is_to_s(is) - true - else - false - end - else - true - end - end - end - -end diff --git a/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb b/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb deleted file mode 100644 index 938cca048..000000000 --- a/packstack/puppet/modules/remote/lib/puppet/type/remote_database_user.rb +++ /dev/null @@ -1,37 +0,0 @@ - -Puppet::Type.newtype(:remote_database_user) do - @doc = "Manage a database user remotely. This includes management of users password as well as priveleges" - - ensurable - - newparam(:name, :namevar=>true) do - desc "The name of the user. This uses the 'username@hostname' or username@hostname." - validate do |value| - # https://dev.mysql.com/doc/refman/5.1/en/account-names.html - # Regex should problably be more like this: /^[`'"]?[^`'"]*[`'"]?@[`'"]?[\w%\.]+[`'"]?$/ - raise(ArgumentError, "Invalid database user #{value}") unless value =~ /[\w-]*@[\w%\.:]+/ - username = value.split('@')[0] - if username.size > 16 - raise ArgumentError, "MariaDB usernames are limited to a maximum of 16 characters" - end - end - end - - newproperty(:password_hash) do - desc "The password hash of the user. Use mysql_password() for creating such a hash." - newvalue(/\w+/) - end - - newparam(:db_host) do - desc "The hostname of the database server to connect." - end - - newparam(:db_user) do - desc "The user name to use when connecting to the server." - end - - newparam(:db_password) do - desc "The password with which to connect to the database server." - end - -end diff --git a/packstack/puppet/modules/remote/manifests/db.pp b/packstack/puppet/modules/remote/manifests/db.pp deleted file mode 100644 index 28eaafbfb..000000000 --- a/packstack/puppet/modules/remote/manifests/db.pp +++ /dev/null @@ -1,15 +0,0 @@ - -class remote::db ( - $mysql_client_package = $remote::params::mysql_client_package, - $mysql_client_package_ensure = 'present', -) inherits remote::params { - - package { $mysql_client_package: - ensure => $mysql_client_package_ensure, - } - - Package[$mysql_client_package] -> Remote_database<||> - Package[$mysql_client_package] -> Remote_database_user<||> - Package[$mysql_client_package] -> Remote_database_grant<||> - -} diff --git a/packstack/puppet/modules/remote/manifests/params.pp b/packstack/puppet/modules/remote/manifests/params.pp deleted file mode 100644 index eb65c055c..000000000 --- a/packstack/puppet/modules/remote/manifests/params.pp +++ /dev/null @@ -1,34 +0,0 @@ - -class remote::params { - - case $::osfamily { - 'RedHat': { - case $::operatingsystem { - - 'Fedora': { - $mysql_client_package = 'mariadb' - } - - 'RedHat', 'CentOS', 'Scientific': { - if $::operatingsystemmajrelease >= 7 { - $mysql_client_package = 'mariadb' - } else { - $mysql_client_package = 'mysql' - } - } - - default: { - $mysql_client_package = 'mysql' - } - } - } - - 'Debian': { - $mysql_client_package = 'mysql' - } - - default: { - fail("Unsupported platform") - } - } -} From 719f141d8dcc5e6a68b9df05fea5bba9114f039e Mon Sep 17 00:00:00 2001 From: Alan Pevec Date: Sat, 7 Feb 2015 16:43:10 +0100 Subject: [PATCH 0252/1017] Add Openstack unified client https://www.redhat.com/archives/rdo-list/2015-February/msg00030.html Change-Id: I83e6f261cba9e34ec362f40fb94d7fd91cad5aaf --- packstack/puppet/templates/openstack_client.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/puppet/templates/openstack_client.pp b/packstack/puppet/templates/openstack_client.pp index 0997c33e5..de02f5458 100644 --- a/packstack/puppet/templates/openstack_client.pp +++ b/packstack/puppet/templates/openstack_client.pp @@ -4,7 +4,7 @@ $clientlibs = ['python-novaclient', 'python-keystoneclient', 'python-glanceclient', 'python-swiftclient', - 'python-cinderclient'] + 'python-cinderclient', 'python-openstackclient'] package { $clientlibs: } From cd467f7491c0dd01dbae5e5813ffef4fe58dedb6 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 9 Dec 2014 22:11:41 +0100 Subject: [PATCH 0253/1017] Install rhos-log-collector only on RHEL systems - sos-plugins-openstack is obsolete and had been backported into the main package since sos-3.0-23.el7_0.4 released Nov 2014 [1] - sos is in fedora, so it should be install on fedora too. [1] https://rhn.redhat.com/errata/RHBA-2014-1871.html Change-Id: I7a94a09913388303dd271bfa3e055563716617d2 --- packstack/plugins/serverprep_001.py | 15 ++++++--------- packstack/puppet/templates/prescript.pp | 4 ++++ 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/packstack/plugins/serverprep_001.py b/packstack/plugins/serverprep_001.py index 04b7a9ae8..8938be5f6 100644 --- a/packstack/plugins/serverprep_001.py +++ b/packstack/plugins/serverprep_001.py @@ -657,15 +657,12 @@ def server_prep(config, messages): server.append('rpm -q --whatprovides yum-utils || ' 'yum install -y yum-utils') - # Installing rhos-log-collector and sos-plugins-openstack if - # these rpms are available from yum. - sos_rpms = ' '.join(('rhos-log-collector', - 'sos', - 'sos-plugins-openstack')) - - server.append('yum list available rhos-log-collector && ' - 'yum -y install %s || ' - 'echo "no rhos-log-collector available"' % sos_rpms) + if is_rhel(): + # Installing rhos-log-collector if it is available from yum. + server.append('yum list available rhos-log-collector && ' + 'yum -y install rhos-log-collector || ' + 'echo "no rhos-log-collector available"') + server.execute() # enable RDO if it is installed locally diff --git a/packstack/puppet/templates/prescript.pp b/packstack/puppet/templates/prescript.pp index 33dcf7852..b4cc7cbad 100644 --- a/packstack/puppet/templates/prescript.pp +++ b/packstack/puppet/templates/prescript.pp @@ -11,6 +11,10 @@ } } +package { 'sos': + ensure => present, +} + package { 'audit': ensure => present, } -> From 69a00b87101e7ac8908ae3c3a2b167d7f76e04a8 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 2 Feb 2015 12:41:59 +0100 Subject: [PATCH 0254/1017] [AMQP] cherrypick ssl fixes from freeipa patches Change-Id: I96c93d97d300e3e4c0502b2658be7390970c8a08 Resolves: rhbz#1147823, rhbz#1185921, rhbz#1147224 --- packstack/plugins/amqp_002.py | 15 +++++ packstack/puppet/templates/amqp.pp | 56 +++++++++++++++---- .../puppet/templates/ceilometer_rabbitmq.pp | 3 +- packstack/puppet/templates/cinder_rabbitmq.pp | 1 + packstack/puppet/templates/heat_rabbitmq.pp | 2 + packstack/puppet/templates/ironic_rabbitmq.pp | 1 + .../puppet/templates/neutron_rabbitmq.pp | 1 + .../templates/nova_ceilometer_rabbitmq.pp | 2 + .../puppet/templates/nova_common_rabbitmq.pp | 1 + packstack/puppet/templates/sahara_rabbitmq.pp | 1 + 10 files changed, 70 insertions(+), 13 deletions(-) diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index 9ed18734c..f89e89fce 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -126,6 +126,21 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "amqp-ssl-cacert-file", + "USAGE": ("The filename of the CAcertificate that the AMQP service " + "is going to use for verification"), + "PROMPT": ("Enter the filename of the SSL CAcertificate for the AMQP" + " service"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "/etc/pki/tls/certs/amqp_selfcert.pem", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_AMQP_SSL_CACERT_FILE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "amqp-ssl-cert-file", "USAGE": ("The filename of the certificate that the AMQP service " "is going to use"), diff --git a/packstack/puppet/templates/amqp.pp b/packstack/puppet/templates/amqp.pp index 491dc5328..e7beb1f63 100644 --- a/packstack/puppet/templates/amqp.pp +++ b/packstack/puppet/templates/amqp.pp @@ -1,9 +1,10 @@ $amqp = hiera('CONFIG_AMQP_BACKEND') +$amqp_enable_ssl = hiera('CONFIG_AMQP_ENABLE_SSL') case $amqp { 'qpid': { enable_qpid { 'qpid': - enable_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), + enable_ssl => $amqp_enable_ssl, enable_auth => hiera('CONFIG_AMQP_ENABLE_AUTH'), } } @@ -19,19 +20,50 @@ ensure => 'installed', } - class { 'rabbitmq': - port => hiera('CONFIG_AMQP_CLIENTS_PORT'), - ssl_management_port => hiera('CONFIG_AMQP_SSL_PORT'), - ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), - ssl_cert => hiera('CONFIG_AMQP_SSL_CERT_FILE'), - ssl_key => hiera('CONFIG_AMQP_SSL_KEY_FILE'), - default_user => hiera('CONFIG_AMQP_AUTH_USER'), - default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'), - package_provider => 'yum', - admin_enable => false, - config_variables => { + if $amqp_enable_ssl { + + $kombu_ssl_ca_certs = hiera('CONFIG_AMQP_SSL_CACERT_FILE') + $kombu_ssl_keyfile = hiera('CONFIG_AMQP_SSL_KEY_FILE') + $kombu_ssl_certfile = hiera('CONFIG_AMQP_SSL_CERT_FILE') + + $files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ] + file { $files_to_set_owner: + owner => 'rabbitmq', + group => 'rabbitmq', + require => Package['rabbitmq-server'], + notify => Service['rabbitmq-server'], + } + + class {"rabbitmq": + ssl_port => hiera('CONFIG_AMQP_SSL_PORT'), + ssl_only => true, + ssl => $amqp_enable_ssl, + ssl_cacert => $kombu_ssl_ca_certs, + ssl_cert => $kombu_ssl_certfile, + ssl_key => $kombu_ssl_keyfile, + default_user => hiera('CONFIG_AMQP_AUTH_USER'), + default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + package_provider => 'yum', + admin_enable => false, + # FIXME: it's ugly to not to require client certs + ssl_fail_if_no_peer_cert => false, + config_variables => { 'tcp_listen_options' => "[binary,{packet, raw},{reuseaddr, true},{backlog, 128},{nodelay, true},{exit_on_close, false},{keepalive, true}]", 'loopback_users' => "[]", + } + } + } else { + class {"rabbitmq": + port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + ssl => $amqp_enable_ssl, + default_user => hiera('CONFIG_AMQP_AUTH_USER'), + default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + package_provider => 'yum', + admin_enable => false, + config_variables => { + 'tcp_listen_options' => "[binary,{packet, raw},{reuseaddr, true},{backlog, 128},{nodelay, true},{exit_on_close, false},{keepalive, true}]", + 'loopback_users' => "[]", + } } } diff --git a/packstack/puppet/templates/ceilometer_rabbitmq.pp b/packstack/puppet/templates/ceilometer_rabbitmq.pp index ad0c2df47..4aeda329f 100644 --- a/packstack/puppet/templates/ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/ceilometer_rabbitmq.pp @@ -1,9 +1,10 @@ class { 'ceilometer': metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), - rabbit_host => hiera('CONFIG_AMQP_HOST'), verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), + rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), } diff --git a/packstack/puppet/templates/cinder_rabbitmq.pp b/packstack/puppet/templates/cinder_rabbitmq.pp index ffc32c18a..685f75db4 100644 --- a/packstack/puppet/templates/cinder_rabbitmq.pp +++ b/packstack/puppet/templates/cinder_rabbitmq.pp @@ -4,6 +4,7 @@ class {'cinder': rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), database_connection => "mysql://cinder:${cinder_rab_cfg_cinder_db_pw}@${cinder_rab_cfg_mariadb_host}/cinder", diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index 9d383a0ac..0d1bc0201 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -9,6 +9,8 @@ keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", rpc_backend => 'heat.openstack.common.rpc.impl_kombu', rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), verbose => true, diff --git a/packstack/puppet/templates/ironic_rabbitmq.pp b/packstack/puppet/templates/ironic_rabbitmq.pp index 129414728..988457bab 100644 --- a/packstack/puppet/templates/ironic_rabbitmq.pp +++ b/packstack/puppet/templates/ironic_rabbitmq.pp @@ -5,6 +5,7 @@ rpc_backend => 'ironic.openstack.common.rpc.impl_kombu', rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), database_connection => "mysql://ironic:${ironic_rabbitmq_cfg_ironic_db_pw}@${ironic_rabbitmq_cfg_mariadb_host}/ironic", diff --git a/packstack/puppet/templates/neutron_rabbitmq.pp b/packstack/puppet/templates/neutron_rabbitmq.pp index b4f62f39e..d53f43bf7 100644 --- a/packstack/puppet/templates/neutron_rabbitmq.pp +++ b/packstack/puppet/templates/neutron_rabbitmq.pp @@ -2,6 +2,7 @@ class { 'neutron': rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), core_plugin => hiera('CONFIG_NEUTRON_CORE_PLUGIN'), diff --git a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp index 7e0725e95..110f16649 100644 --- a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp @@ -2,6 +2,8 @@ class { 'ceilometer': metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), verbose => true, diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index 38cf67596..307658b83 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -14,6 +14,7 @@ glance_api_servers => "${nova_common_rabbitmq_cfg_storage_host}:9292", rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), verbose => true, diff --git a/packstack/puppet/templates/sahara_rabbitmq.pp b/packstack/puppet/templates/sahara_rabbitmq.pp index 125df13df..5c74078ba 100644 --- a/packstack/puppet/templates/sahara_rabbitmq.pp +++ b/packstack/puppet/templates/sahara_rabbitmq.pp @@ -1,6 +1,7 @@ class { 'sahara::notify::rabbitmq': rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), } From ad0b88c8a2e0cb68c1c23ad052f2a190283c225c Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Wed, 11 Feb 2015 14:47:05 +0100 Subject: [PATCH 0255/1017] Fix duplicate configure_delegated_roles in Heat Change-Id: I5a0100c04b51aa0871c003354278a0a8bf70402c Signed-off-by: Gael Chamoulaud --- packstack/puppet/templates/heat.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index 61ebad509..fc030127d 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -8,6 +8,7 @@ heat_waitcondition_server_url => "http://${heat_cfg_ctrl_host}:8000/v1/waitcondition", heat_watch_server_url => "http://${heat_cfg_ctrl_host}:8003", auth_encryption_key => hiera('CONFIG_HEAT_AUTH_ENC_KEY'), + configure_delegated_roles => false, } keystone_user_role { 'admin@admin': From 1ace90a8fc6912765092edd33e92654982aa1371 Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 17 Feb 2015 21:42:29 +0100 Subject: [PATCH 0256/1017] Fix Printing messages - Since d7916cec6004df0184763dc82a5726de04bc4487, some messages were printed badly. This commit fixes this. Change-Id: I45d6c82facfdb5c5d2de20fcd2349cb49e82fd38 Signed-off-by: Gael Chamoulaud --- packstack/installer/run_setup.py | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index c3503ca45..4c5d1133b 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -597,7 +597,7 @@ def _displaySummary(): def _printAdditionalMessages(): if len(controller.MESSAGES) > 0: - print("\n", output_messages.INFO_ADDTIONAL_MSG) + print(output_messages.INFO_ADDTIONAL_MSG) for msg in controller.MESSAGES: print(output_messages.INFO_ADDTIONAL_MSG_BULLET % (msg)) @@ -628,8 +628,7 @@ def runSequences(): def _main(options, configFile=None, logFile=None): print(output_messages.INFO_HEADER) - print("") - print(output_messages.INFO_LOG_FILE_PATH % logFile) + print("\n" + output_messages.INFO_LOG_FILE_PATH % logFile) # Get parameters _handleParams(configFile) @@ -647,7 +646,7 @@ def _main(options, configFile=None, logFile=None): logging.debug(mask(controller.CONF)) # Start configuration stage - print("\n", output_messages.INFO_INSTALL) + print("\n" + output_messages.INFO_INSTALL) # Initialize Sequences initPluginsSequences() @@ -845,16 +844,14 @@ def printOptions(): # For each group, create a group option for group in controller.getAllGroups(): print("%s" % group.DESCRIPTION) - print("-" * len(group.DESCRIPTION)) - print() + print("-" * len(group.DESCRIPTION) + "\n") for param in group.parameters.itervalues(): cmdOption = param.CONF_NAME paramUsage = param.USAGE optionsList = param.OPTION_LIST or "" print("%s" % (("**%s**" % str(cmdOption)).ljust(30))) - print(" %s %s" % (paramUsage, optionsList)) - print() + print(" %s %s" % (paramUsage, optionsList) + "\n") def plugin_compare(x, y): @@ -1021,8 +1018,7 @@ def main(): optParser.error(str(ex)) except Exception as e: logging.error(traceback.format_exc()) - print() - print(utils.color_text("ERROR : " + str(e), 'red')) + print("\n" + utils.color_text("ERROR : " + str(e), 'red')) print(output_messages.ERR_CHECK_LOG_FILE_FOR_MORE_INFO % (logFile)) sys.exit(1) From 72690e0b3c64a94a1ccd737b12a55f92edc3a2d3 Mon Sep 17 00:00:00 2001 From: Ryan Hefner Date: Thu, 9 Oct 2014 01:07:17 -0400 Subject: [PATCH 0257/1017] Enable Manila in Packstack Enables the configuration of the Manila File Share Service in Packstack. Uses the puppet-manila module for installation and configuration. Change-Id: I4509c9fbdc9317e03b32964b7b02672439e306fc --- packstack/plugins/manila_255.py | 347 ++++++++++++++++++ packstack/plugins/mariadb_003.py | 2 +- packstack/plugins/prescript_000.py | 19 + packstack/plugins/puppet_950.py | 12 +- packstack/puppet/templates/keystone_manila.pp | 7 + packstack/puppet/templates/manila.pp | 29 ++ packstack/puppet/templates/manila_generic.pp | 23 ++ packstack/puppet/templates/manila_netapp.pp | 10 + packstack/puppet/templates/manila_qpid.pp | 15 + packstack/puppet/templates/manila_rabbitmq.pp | 13 + .../templates/mariadb_manila_install.pp | 5 + .../templates/mariadb_manila_noinstall.pp | 29 ++ .../puppet/templates/openstack_client.pp | 4 + 13 files changed, 508 insertions(+), 7 deletions(-) create mode 100644 packstack/plugins/manila_255.py create mode 100644 packstack/puppet/templates/keystone_manila.pp create mode 100644 packstack/puppet/templates/manila.pp create mode 100644 packstack/puppet/templates/manila_generic.pp create mode 100644 packstack/puppet/templates/manila_netapp.pp create mode 100644 packstack/puppet/templates/manila_qpid.pp create mode 100644 packstack/puppet/templates/manila_rabbitmq.pp create mode 100644 packstack/puppet/templates/mariadb_manila_install.pp create mode 100644 packstack/puppet/templates/mariadb_manila_noinstall.pp diff --git a/packstack/plugins/manila_255.py b/packstack/plugins/manila_255.py new file mode 100644 index 000000000..1a7a77c16 --- /dev/null +++ b/packstack/plugins/manila_255.py @@ -0,0 +1,347 @@ +# -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +Installs and configures Manila +""" +from packstack.installer import processors +from packstack.installer import validators +from packstack.installer import utils + +from packstack.modules.shortcuts import get_mq +from packstack.modules.ospluginutils import getManifestTemplate +from packstack.modules.ospluginutils import appendManifestFile +from packstack.modules.ospluginutils import createFirewallResources + +# ------------- Manila Packstack Plugin Initialization -------------- + +PLUGIN_NAME = "OS-Manila" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') + + +def initConfig(controller): + conf_params = { + "MANILA": [ + {"CMD_OPTION": "manila-db-passwd", + "USAGE": "The password to use for the Manila to access DB", + "PROMPT": "Enter the password for the Manila DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_DB_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "manila-ks-passwd", + "USAGE": ("The password to use for the Manila to authenticate " + "with Keystone"), + "PROMPT": "Enter the password for the Manila Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_KS_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "manila-backend", + "USAGE": ("The Manila backend to use, valid options are: " + "generic, netapp"), + "PROMPT": "Enter the Manila backend to be configured", + "OPTION_LIST": ["generic", "netapp"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "generic", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_BACKEND", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "MANILANETAPP": [ + {"CMD_OPTION": "manila-netapp-nas-transport-type", + "USAGE": ("The transport protocol used when " + "communicating with ONTAPI on the storage system or " + "proxy server. Valid values are http or https. " + "Defaults to http"), + "PROMPT": ("Enter a NetApp transport type"), + "OPTION_LIST": ["http", "https"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "http", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_NAS_TRANSPORT_TYPE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-netapp-nas-login", + "USAGE": ("Administrative user account name used to " + "access the storage system or proxy server. "), + "PROMPT": ("Enter a NetApp login"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "admin", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_NAS_LOGIN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-netapp-nas-password", + "USAGE": ("Password for the administrative user " + "account specified in the netapp_nas_login parameter."), + "PROMPT": ("Enter a NetApp password"), + "OPTION_LIST": [""], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "", + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_NAS_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "manila-netapp-nas-server-hostname", + "USAGE": ("The hostname (or IP address) for the " + "storage system or proxy server."), + "PROMPT": ("Enter a NetApp hostname"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "PROCESSORS": [processors.process_add_quotes_around_values], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_NAS_SERVER_HOSTNAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-netapp-aggregate-name-search-pattern", + "USAGE": ("Pattern for searching available aggregates " + "for provisioning."), + "PROMPT": ("Enter a NetApp aggregate name search pattern"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "(.*)", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_AGGREGATE_NAME_SEARCH_PATTERN", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-netapp-root-volume-aggregate", + "USAGE": ("Name of aggregate to create root volume " + "on. "), + "PROMPT": ("Enter a NetApp root volume aggregate"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_ROOT_VOLUME_AGGREGATE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-netapp-root-volume-name", + "USAGE": ("Root volume name. "), + "PROMPT": ("Enter a NetApp root volume name"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "root", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_NETAPP_ROOT_VOLUME_NAME", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + + "MANILAGENERIC": [ + {"CMD_OPTION": "manila-generic-volume-name-template", + "USAGE": ("Volume name template. " + "Defaults to manila-share-%s"), + "PROMPT": ("Enter a volume name template"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "manila-share-%s", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_GENERIC_VOLUME_NAME_TEMPLATE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-generic-share-mount-path", + "USAGE": ("Share mount path. " + "Defaults to /shares"), + "PROMPT": ("Enter a share mount path"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "/shares", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_GENERIC_SHARE_MOUNT_PATH", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-service-image-location", + "USAGE": ("Location of disk image for service " + "instance."), + "PROMPT": ("Enter a service image location"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": 'https://www.dropbox.com/s/vi5oeh10q1qkckh/' + 'ubuntu_1204_nfs_cifs.qcow2', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_SERVICE_IMAGE_LOCATION", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-service-instance-user", + "USAGE": ("User in service instance."), + "PROMPT": ("Enter a service instance user"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": 'ubuntu', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_SERVICE_INSTANCE_USER", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "manila-service-instance-password", + "USAGE": ("Password to service instance user."), + "PROMPT": ("Enter a service instance password"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": 'ubuntu', + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_SERVICE_INSTANCE_PASSWORD", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ] + } + + conf_groups = [ + {"GROUP_NAME": "MANILA", + "DESCRIPTION": "Manila Config parameters", + "PRE_CONDITION": "CONFIG_MANILA_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "MANILANETAPP", + "DESCRIPTION": "Manila NetApp configuration", + "PRE_CONDITION": check_netapp_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "MANILAGENERIC", + "DESCRIPTION": "Manila generic driver configuration", + "PRE_CONDITION": check_generic_options, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + ] + for group in conf_groups: + params = conf_params[group["GROUP_NAME"]] + controller.addGroup(group, params) + + +def initSequences(controller): + config = controller.CONF + if config['CONFIG_MANILA_INSTALL'] != 'y': + return + + config['CONFIG_MANILA_BACKEND'] = ( + [i.strip() for i in config['CONFIG_MANILA_BACKEND'].split(',') if i] + ) + + manila_steps = [ + {'title': 'Adding Manila Keystone manifest entries', + 'functions': [create_keystone_manifest]}, + {'title': 'Adding Manila manifest entries', + 'functions': [create_manifest]} + ] + + controller.addSequence("Installing OpenStack Manila", [], [], manila_steps) + + +# ------------------------- helper functions ------------------------- + +def check_netapp_options(config): + return (config.get('CONFIG_MANILA_INSTALL', 'n') == 'y' and + config.get('CONFIG_MANILA_BACKEND', 'generic') == 'netapp') + + +def check_generic_options(config): + return (config.get('CONFIG_MANILA_INSTALL', 'n') == 'y' and + config.get('CONFIG_MANILA_BACKEND', 'generic') == 'generic') + + +# -------------------------- step functions -------------------------- + +def create_keystone_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestdata = getManifestTemplate("keystone_manila.pp") + appendManifestFile(manifestfile, manifestdata) + + +def create_manifest(config, messages): + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + + manifestdata = getManifestTemplate(get_mq(config, "manila")) + manifestfile = "%s_manila.pp" % config['CONFIG_STORAGE_HOST'] + manifestdata += getManifestTemplate("manila.pp") + + backends = config['CONFIG_MANILA_BACKEND'] + for backend in backends: + manifestdata += getManifestTemplate('manila_%s.pp' % backend) + + # manila API should be open for everyone + fw_details = dict() + key = "manila_api" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "manila-api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['8786'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_MANILA_API_RULES'] = fw_details + manifestdata += createFirewallResources('FIREWALL_MANILA_API_RULES') + + appendManifestFile(manifestfile, manifestdata) diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 99a06d9c0..2431bf1b8 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -117,7 +117,7 @@ def append_for(module, suffix): append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat', 'sahara', - 'trove', 'ironic']: + 'trove', 'ironic', 'manila']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index c00586ce1..8d2230bd7 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -139,6 +139,25 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "os-manila-install", + "USAGE": ( + "Set to 'y' if you would like Packstack to install " + "OpenStack Shared File System (Manila)" + ), + "PROMPT": ( + "Should Packstack install OpenStack Shared File System " + "(Manila) service" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "y", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MANILA_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "os-nova-install", "USAGE": ( "Set to 'y' if you would like Packstack to install " diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 982172b3f..d654a968b 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -187,12 +187,12 @@ def install_deps(config, messages): def copy_puppet_modules(config, messages): os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder', 'concat', 'firewall', 'glance', 'heat', 'horizon', - 'inifile', 'ironic', 'keystone', 'memcached', - 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', - 'openstack', 'packstack', 'qpid', 'rabbitmq', - 'redis', 'remote', 'rsync', 'sahara', 'ssh', - 'stdlib', 'swift', 'sysctl', 'tempest', 'trove', - 'vcsrepo', 'vlan', 'vswitch', 'xinetd', + 'inifile', 'ironic', 'keystone', 'manila', + 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', + 'nssdb', 'openstack', 'packstack', 'qpid', + 'rabbitmq', 'redis', 'remote', 'rsync', 'sahara', + 'ssh', 'stdlib', 'swift', 'sysctl', 'tempest', + 'trove', 'vcsrepo', 'vlan', 'vswitch', 'xinetd', 'openstacklib')) # write puppet manifest to disk diff --git a/packstack/puppet/templates/keystone_manila.pp b/packstack/puppet/templates/keystone_manila.pp new file mode 100644 index 000000000..d49d4f9f6 --- /dev/null +++ b/packstack/puppet/templates/keystone_manila.pp @@ -0,0 +1,7 @@ + +class { 'manila::keystone::auth': + password => hiera('CONFIG_MANILA_KS_PW'), + public_address => hiera('CONFIG_CONTROLLER_HOST'), + admin_address => hiera('CONFIG_CONTROLLER_HOST'), + internal_address => hiera('CONFIG_CONTROLLER_HOST'), +} diff --git a/packstack/puppet/templates/manila.pp b/packstack/puppet/templates/manila.pp new file mode 100644 index 000000000..5433b2440 --- /dev/null +++ b/packstack/puppet/templates/manila.pp @@ -0,0 +1,29 @@ +manila_config { + 'DEFAULT/glance_host': value => hiera('CONFIG_CONTROLLER_HOST'); +} + +package { 'python-keystone': + notify => Class['manila::api'], +} + +class { 'manila::api': + keystone_password => hiera('CONFIG_MANILA_KS_PW'), + keystone_tenant => 'services', + keystone_user => 'manila', + keystone_auth_host => hiera('CONFIG_CONTROLLER_HOST'), +} + +class { 'manila::network::neutron': + neutron_admin_password => hiera('CONFIG_NEUTRON_KS_PW'), + neutron_admin_tenant_name => 'services', +} + +class { 'manila::scheduler': +} + +class { 'manila::share': +} + +class { 'manila::backends': + enabled_share_backends => hiera('CONFIG_MANILA_BACKEND'), +} diff --git a/packstack/puppet/templates/manila_generic.pp b/packstack/puppet/templates/manila_generic.pp new file mode 100644 index 000000000..90c0385c2 --- /dev/null +++ b/packstack/puppet/templates/manila_generic.pp @@ -0,0 +1,23 @@ + +package { 'nfs-utils': ensure => present } + +manila::backend::generic{ 'generic': + volume_name_template => hiera('CONFIG_MANILA_GENERIC_VOLUME_NAME_TEMPLATE'), + share_mount_path => hiera('CONFIG_MANILA_GENERIC_SHARE_MOUNT_PATH'), +} + +manila::service_instance{ 'generic': + service_image_location => hiera('CONFIG_MANILA_SERVICE_IMAGE_LOCATION'), + service_instance_user => hiera('CONFIG_MANILA_SERVICE_INSTANCE_USER'), + service_instance_password => hiera('CONFIG_MANILA_SERVICE_INSTANCE_PASSWORD'), +} + +class { 'manila::compute::nova': + nova_admin_password => hiera('CONFIG_NOVA_KS_PW'), + nova_admin_tenant_name => 'services', +} + +class { 'manila::volume::cinder': + cinder_admin_password => hiera('CONFIG_CINDER_KS_PW'), + cinder_admin_tenant_name => 'services', +} diff --git a/packstack/puppet/templates/manila_netapp.pp b/packstack/puppet/templates/manila_netapp.pp new file mode 100644 index 000000000..e9c591f04 --- /dev/null +++ b/packstack/puppet/templates/manila_netapp.pp @@ -0,0 +1,10 @@ + +manila::backend::netapp{ 'netapp': + netapp_nas_transport_type => hiera('CONFIG_MANILA_NETAPP_NAS_TRANSPORT_TYPE'), + netapp_nas_login => hiera('CONFIG_MANILA_NETAPP_NAS_LOGIN'), + netapp_nas_password => hiera('CONFIG_MANILA_NETAPP_NAS_PASSWORD'), + netapp_nas_server_hostname => hiera('CONFIG_MANILA_NETAPP_NAS_SERVER_HOSTNAME'), + netapp_aggregate_name_search_pattern => hiera('CONFIG_MANILA_NETAPP_AGGREGATE_NAME_SEARCH_PATTERN'), + netapp_root_volume_aggregate => hiera('CONFIG_MANILA_NETAPP_ROOT_VOLUME_AGGREGATE'), + netapp_root_volume_name => hiera('CONFIG_MANILA_NETAPP_ROOT_VOLUME_NAME'), +} diff --git a/packstack/puppet/templates/manila_qpid.pp b/packstack/puppet/templates/manila_qpid.pp new file mode 100644 index 000000000..fee5f3ed6 --- /dev/null +++ b/packstack/puppet/templates/manila_qpid.pp @@ -0,0 +1,15 @@ + +$db_pw = hiera('CONFIG_MANILA_DB_PW') +$mariadb_host = hiera('CONFIG_MARIADB_HOST') + +class {'manila': + rpc_backend => 'manila.openstack.common.rpc.impl_qpid', + qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), + qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), + qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + sql_connection => "mysql://manila:${db_pw}@${mariadb_host}/manila", + verbose => true, + debug => hiera(CONFIG_DEBUG_MODE), +} diff --git a/packstack/puppet/templates/manila_rabbitmq.pp b/packstack/puppet/templates/manila_rabbitmq.pp new file mode 100644 index 000000000..92e4f2340 --- /dev/null +++ b/packstack/puppet/templates/manila_rabbitmq.pp @@ -0,0 +1,13 @@ + +$db_pw = hiera('CONFIG_MANILA_DB_PW') +$mariadb_host = hiera('CONFIG_MARIADB_HOST') + +class { 'manila': + rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + sql_connection => "mysql://manila:${db_pw}@${mariadb_host}/manila", + verbose => true, + debug => hiera('CONFIG_DEBUG_MODE'), +} diff --git a/packstack/puppet/templates/mariadb_manila_install.pp b/packstack/puppet/templates/mariadb_manila_install.pp new file mode 100644 index 000000000..bd6ca311d --- /dev/null +++ b/packstack/puppet/templates/mariadb_manila_install.pp @@ -0,0 +1,5 @@ +class { 'manila::db::mysql': + password => hiera('CONFIG_MANILA_DB_PW'), + allowed_hosts => '%%', + charset => 'utf8', +} diff --git a/packstack/puppet/templates/mariadb_manila_noinstall.pp b/packstack/puppet/templates/mariadb_manila_noinstall.pp new file mode 100644 index 000000000..250cdbc54 --- /dev/null +++ b/packstack/puppet/templates/mariadb_manila_noinstall.pp @@ -0,0 +1,29 @@ + +remote_database { 'manila': + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', +} + +$mariadb_manila_noinstall_db_pw = hiera('CONFIG_MANILA_DB_PW') + +remote_database_user { 'manila@%%': + password_hash => mysql_password($mariadb_manila_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['manila'], +} + +remote_database_grant { 'manila@%%/manila': + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['manila@%%'], +} diff --git a/packstack/puppet/templates/openstack_client.pp b/packstack/puppet/templates/openstack_client.pp index de02f5458..051ea7327 100644 --- a/packstack/puppet/templates/openstack_client.pp +++ b/packstack/puppet/templates/openstack_client.pp @@ -8,6 +8,10 @@ package { $clientlibs: } +if hiera('CONFIG_MANILA_INSTALL') == 'y' { + package { 'python-manilaclient': } +} + $ost_cl_keystone_admin_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') $ost_cl_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $ost_cl_keystone_region = hiera('CONFIG_KEYSTONE_REGION') From 1304a190edb699ae9f08456080a10e5cded74823 Mon Sep 17 00:00:00 2001 From: Hiroki Aramaki Date: Fri, 20 Feb 2015 17:58:43 +0900 Subject: [PATCH 0258/1017] Generate random password for ironic Ironic config use default value(PW_PLACEHOLDER) for password. Other component(ex:Glance) generate random value for password. This change ironic also use random value for password. Change-Id: I3af60e7df6e16e13ff73cdbb87bc2293546d88c7 Closes-Bug: #1423035 --- packstack/plugins/ironic_275.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/plugins/ironic_275.py b/packstack/plugins/ironic_275.py index da66b391f..962ea78ce 100644 --- a/packstack/plugins/ironic_275.py +++ b/packstack/plugins/ironic_275.py @@ -43,7 +43,7 @@ def initConfig(controller): "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, @@ -58,7 +58,7 @@ def initConfig(controller): "PROCESSORS": [processors.process_password], "MASK_INPUT": True, "LOOSE_VALIDATION": False, - "USE_DEFAULT": True, + "USE_DEFAULT": False, "NEED_CONFIRM": True, "CONDITION": False}, ] From 184dad441c131768127e89d32aed2f35e1fc531e Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Fri, 20 Feb 2015 11:17:07 +0100 Subject: [PATCH 0259/1017] Allow command-line options with --gen-answer-file Previously, packstack --gen-answer-file did not allow settting any other command-line option other than the default password. This is not required, with this patch the answer file would contain any command-line specified option as well. Change-Id: Ic5180fa37bb0dc1371f58132f9c70dd655c0fc8c --- docs/packstack.rst | 4 ++-- packstack/installer/run_setup.py | 4 +--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index 80bf277a3..baa5a8782 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -14,9 +14,9 @@ Packstack is a utility that uses uses puppet modules to install OpenStack. It ca - packstack - packstack [options] -- packstack --gen-answer-file= [--default-password=] / packstack --answer-file= +- packstack --gen-answer-file= [options] / packstack --answer-file= -The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. Optionally, it is possible to specify a default password when generating the answer file, and this default password will be used for all accounts. +The third option allows the user to generate a default answer file, edit the default options and finally run Packstack a second time using this answer file. This is the easiest way to run Packstack and the one that will be documented here. Optionally, it is possible to set additional command-line options (such as a default password), and those options will be set in the answer file. When is created, it will contain the OPTIONS below, which can then be edited by the user. diff --git a/packstack/installer/run_setup.py b/packstack/installer/run_setup.py index 4c5d1133b..2026a76ea 100644 --- a/packstack/installer/run_setup.py +++ b/packstack/installer/run_setup.py @@ -801,7 +801,7 @@ def initCmdLineParser(): # Init parser and all general flags usage = "usage: %prog [options] [--help]" parser = OptionParser(usage=usage, version="%prog {0} {1}".format(version.release_string(), version.version_string())) - parser.add_option("--gen-answer-file", help="Generate a template of an answer file, using this option excludes all other options") + parser.add_option("--gen-answer-file", help="Generate a template of an answer file.") parser.add_option("--answer-file", help="Runs the configuration in non-interactive mode, extracting all information from the" "configuration file. using this option excludes all other options") parser.add_option("--install-hosts", help="Install on a set of hosts in a single step. The format should be a comma separated list " @@ -972,8 +972,6 @@ def main(): # If --gen-answer-file was supplied, do not run main if options.gen_answer_file: - # Make sure only --gen-answer-file was supplied - validateSingleFlag(options, "gen_answer_file") answerfilepath = _gettmpanswerfilepath() if not answerfilepath: _printAdditionalMessages() From f91f058d047f10a85497efd093d76033756b7578 Mon Sep 17 00:00:00 2001 From: Ivan Chavero Date: Tue, 2 Dec 2014 12:48:46 -0700 Subject: [PATCH 0260/1017] Allow network range for nova networks This patch adds the option to set an ip range for instances. For this patch to work this other patch is needed for puppet nova https://review.openstack.org/#/c/135123/ Change-Id: I6eabe1268003117c69d77fd8501df2c6d2f8329a Fixes: rhbz#1127404 --- packstack/plugins/nova_300.py | 56 ++++++++++++++++++++++ packstack/puppet/templates/nova_network.pp | 2 + 2 files changed, 58 insertions(+) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 1c13cf129..37329d152 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -240,6 +240,20 @@ def initConfig(controller): "USE_DEFAULT": False, "NEED_CONFIRM": False, "CONDITION": False}, + + {"CMD_OPTION": "novanetwork-allowed-range", + "USAGE": "Reserve an IP Address Range for Instances", + "PROMPT": ("Reserve IP Adress Range for Instances"), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_NOVA_NETWORK_ALLOWED_RANGE", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], "NOVA_NETWORK_VLAN": [ @@ -282,6 +296,35 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, ], + + "NOVA_NETWORK_ALLOWED_IP_RANGE": [ + {"CMD_OPTION": "nova-network-allowed-start-ip", + "USAGE": "First IP of the range of allowed addresses", + "PROMPT": ("Start IP"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_ALLOWED_START_IP", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + + {"CMD_OPTION": "nova-network-allowed-end-ip", + "USAGE": "Last IP of the range of allowed addresses", + "PROMPT": ("End IP"), + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_ip], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": True, + "CONF_NAME": "CONFIG_NOVA_NETWORK_ALLOWED_END_IP", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + ], + } def use_nova_network(config): @@ -294,6 +337,11 @@ def use_nova_network_vlan(config): config['CONFIG_NEUTRON_INSTALL'] != 'y' and config['CONFIG_NOVA_NETWORK_MANAGER'] == manager) + def use_nova_network_ip_range(config): + return (config['CONFIG_NOVA_INSTALL'] == 'y' and + config['CONFIG_NEUTRON_INSTALL'] != 'y' and + config['CONFIG_NOVA_NETWORK_ALLOWED_RANGE'] == 'y') + nova_groups = [ {"GROUP_NAME": "NOVA", "DESCRIPTION": "Nova Options", @@ -315,6 +363,14 @@ def use_nova_network_vlan(config): "PRE_CONDITION_MATCH": True, "POST_CONDITION": False, "POST_CONDITION_MATCH": True}, + + {"GROUP_NAME": "NOVA_NETWORK_ALLOWED_IP_RANGE", + "DESCRIPTION": "Nova Network Allowed IP Range ", + "PRE_CONDITION": use_nova_network_ip_range, + "PRE_CONDITION_MATCH": True, + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + ] for group in nova_groups: params = nova_params[group["GROUP_NAME"]] diff --git a/packstack/puppet/templates/nova_network.pp b/packstack/puppet/templates/nova_network.pp index 56a65433c..abfc96889 100644 --- a/packstack/puppet/templates/nova_network.pp +++ b/packstack/puppet/templates/nova_network.pp @@ -45,6 +45,8 @@ fixed_range => hiera('CONFIG_NOVA_NETWORK_FIXEDRANGE'), floating_range => hiera('CONFIG_NOVA_NETWORK_FLOATRANGE'), config_overrides => $overrides, + allowed_start => hiera('CONFIG_NOVA_NETWORK_ALLOWED_START_IP'), + allowed_end => hiera('CONFIG_NOVA_NETWORK_ALLOWED_END_IP'), } package { 'dnsmasq': From 2df86b0efea053f73a2e48d34234ee4ce9820ab7 Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Mon, 23 Feb 2015 18:27:50 +0100 Subject: [PATCH 0261/1017] Do not enable Manila by default By default, Manila installation is configured. This is inconsistent with the default for other similar services (Trove, Sahara, Heat), so this patch changes the default. Change-Id: Iac529b01dbf6a6f0eb9bc12bb2f38f2800203df1 --- packstack/plugins/prescript_000.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 8d2230bd7..ff86fae19 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -150,7 +150,7 @@ def initConfig(controller): ), "OPTION_LIST": ["y", "n"], "VALIDATORS": [validators.validate_options], - "DEFAULT_VALUE": "y", + "DEFAULT_VALUE": "n", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_MANILA_INSTALL", From 4f38313169314d8ad6aa97297a20a985697993ca Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Fri, 20 Feb 2015 16:10:00 +0100 Subject: [PATCH 0262/1017] [Glance] Fix deprecation of *auth_host* parameter in Glance::Api - *auth_host* has been deprecated in favor of *auth_uri* and *identity_uri* - Dependent of pr-264 [1] [1] - https://github.com/redhat-openstack/openstack-puppet-modules/pull/264 Signed-off-by: Gael Chamoulaud Change-Id: I6bc2e872d0fa487637121530e3aa0d7894eb23bf --- packstack/puppet/templates/glance.pp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 9d7aaad62..8c7072794 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -1,8 +1,10 @@ $glance_ks_pw = hiera('CONFIG_GLANCE_DB_PW') $glance_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$glance_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') class { 'glance::api': - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_uri => "http://${glance_cfg_ctrl_host}:5000/", + identity_uri => "http://${glance_cfg_ctrl_host}:35357/v2.0", keystone_tenant => 'services', keystone_user => 'glance', keystone_password => hiera('CONFIG_GLANCE_KS_PW'), @@ -13,7 +15,8 @@ } class { 'glance::registry': - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_uri => "http://${glance_cfg_ctrl_host}:5000/", + identity_uri => "http://${glance_cfg_ctrl_host}:35357/v2.0", keystone_tenant => 'services', keystone_user => 'glance', keystone_password => hiera('CONFIG_GLANCE_KS_PW'), From 48a531cb173db7933d3eddcc4cd8ff5f0c6a838f Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Wed, 25 Feb 2015 23:24:23 +0100 Subject: [PATCH 0263/1017] [Neutron] open tunnel port also for compute_hosts Neutron l2 agent is being installed on network_hosts and compute_hosts Resolves-Bug: rhbz#1195258 Change-Id: I4b4fc4ace91f9f7af64ecb089884bf914478d411 --- packstack/plugins/neutron_350.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index 0c597fd0e..d00aacdeb 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -610,7 +610,7 @@ def create_manifests(config, messages): # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): - for n_host in network_hosts: + for n_host in network_hosts | compute_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, n_host)) fw_details = dict() From a15a1f6dac544a981a1e6803a29ac38cab68300b Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Tue, 3 Mar 2015 14:41:52 +0100 Subject: [PATCH 0264/1017] [Packstack] Manpage sync Change-Id: If299ec5a866fba34464b5e80f7ca7f5c18d0fa87 Signed-off-by: Gael Chamoulaud --- docs/packstack.rst | 931 ++++++++++++++++++++++++++++++--------------- 1 file changed, 622 insertions(+), 309 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index baa5a8782..cdf0dfda2 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -26,595 +26,908 @@ OPTIONS Global Options -------------- +**CONFIG_SSH_KEY** + Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again + +**CONFIG_DEFAULT_PASSWORD** + Set a default password everywhere. The default password will be overriden by whatever password is set for each individual service or user. + +**CONFIG_MARIADB_INSTALL** + Set to 'y' if you would like Packstack to install MariaDB ['y', 'n'] + **CONFIG_GLANCE_INSTALL** - Set to 'y' if you would like Packstack to install Glance ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Image Service (Glance) ['y', 'n'] **CONFIG_CINDER_INSTALL** - Set to 'y' if you would like Packstack to install Cinder ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Block Storage (Cinder) ['y', 'n'] + +**CONFIG_MANILA_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Shared File System (Manila) ['y', 'n'] **CONFIG_NOVA_INSTALL** - Set to 'y' if you would like Packstack to install Nova ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Compute (Nova) ['y', 'n'] + +**CONFIG_NEUTRON_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). Otherwise Nova Network will be used. ['y', 'n'] **CONFIG_HORIZON_INSTALL** - Set to 'y' if you would like Packstack to install Horizon ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Dashboard (Horizon) ['y', 'n'] **CONFIG_SWIFT_INSTALL** - Set to 'y' if you would like Packstack to install Swift ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Object Storage (Swift) ['y', 'n'] + +**CONFIG_CEILOMETER_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer) ['y', 'n'] + +**CONFIG_HEAT_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat) ['y', 'n'] **CONFIG_SAHARA_INSTALL** - Set to 'y' if you would like Packstack to install Sahara ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Clustering (Sahara) ['y', 'n'] + +**CONFIG_TROVE_INSTALL** + Set to 'y' if you would like Packstack to install OpenStack Database (Trove) ['y', 'n'] **CONFIG_IRONIC_INSTALL** - Set to 'y' if you would like Packstack to install Ironic ['y', 'n']. + Set to 'y' if you would like Packstack to install OpenStack Bare Metal (Ironic) ['y', 'n'] **CONFIG_CLIENT_INSTALL** - Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n']. + Set to 'y' if you would like Packstack to install the OpenStack Client packages. An admin "rc" file will also be installed ['y', 'n'] **CONFIG_NTP_SERVERS** Comma separated list of NTP servers. Leave plain if Packstack should not install ntpd on instances. -**CONFIG_DEFAULT_PASSWORD** - A default password to be used on all services, databases, keys, etc. It will be overriden by any explicitly set password. Leave plain to not set a default password. - **CONFIG_NAGIOS_INSTALL** - Set to 'y' if you would like Packstack to install Nagios to monitor openstack hosts ['y', 'n']. - -**CONFIG_CEILOMETER_INSTALL** - Set to 'y' if you would like Packstack to install OpenStack Metering (Ceilometer). - -**CONFIG_HEAT_INSTALL** - Set to 'y' if you would like Packstack to install OpenStack Orchestration (Heat). + Set to 'y' if you would like Packstack to install Nagios to monitor OpenStack hosts ['y', 'n'] -**CONFIG_NEUTRON_INSTALL** - Set to 'y' if you would like Packstack to install OpenStack Networking (Neutron). - -**CONFIG_MARIADB_INSTALL** - Set to 'y' if you would like Packstack to install MariaDB. +**EXCLUDE_SERVERS** + Comma separated list of servers to be excluded from installation in case you are running Packstack the second time with the same answer file and don't want Packstack to touch these servers. Leave plain if you don't need to exclude any server. -**CONFIG_TROVE_INSTALL** - Set to 'y' if you would like Packstack to install Openstack Database (Trove) +**CONFIG_DEBUG_MODE** + Set to 'y' if you want to run OpenStack services in debug mode. Otherwise set to 'n'. ['y', 'n'] **CONFIG_CONTROLLER_HOST** - The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. This parameter replaced following deprecated parameters: CONFIG_CEILOMETER_HOST, CONFIG_CINDER_HOST, CONFIG_GLANCE_HOST, CONFIG_HORIZON_HOST, CONFIG_HEAT_HOST, CONFIG_IRONIC_HOST, CONFIG_KEYSTONE_HOST, CONFIG_NAGIOS_HOST, CONFIG_NEUTRON_SERVER_HOST, CONFIG_NEUTRON_LBAAS_HOSTS, CONFIG_NOVA_API_HOST, CONFIG_NOVA_CERT_HOST, CONFIG_NOVA_VNCPROXY_HOST, CONFIG_NOVA_SCHED_HOST, CONFIG_OSCLIENT_HOST, CONFIG_SWIFT_PROXY_HOSTS. + The IP address of the server on which to install OpenStack services specific to controller role such as API servers, Horizon, etc. **CONFIG_COMPUTE_HOSTS** - The list of IP addresses of the server on which to install the Nova compute service. This parameter replaced following deprecated parameters: CONFIG_NOVA_COMPUTE_HOSTS. + The list of IP addresses of the server on which to install the Nova compute service **CONFIG_NETWORK_HOSTS** - The list of IP addresses of the server on which to install the network service such as Nova network or Neutron. This parameter replaced following deprecated parameters: CONFIG_NEUTRON_L3_HOSTS, CONFIG_NEUTRON_DHCP_HOSTS, CONFIG_NEUTRON_METADATA_HOSTS, CONFIG_NOVA_NETWORK_HOSTS. + The list of IP addresses of the server on which to install the network service such as Nova network or Neutron +**CONFIG_VMWARE_BACKEND** + Set to 'y' if you want to use VMware vCenter as hypervisor and storage. Otherwise set to 'n'. ['y', 'n'] -SSH Configs ------------- +**CONFIG_UNSUPPORTED** + Set to 'y' if you want to use unsupported parameters. This should be used only if you know what you are doing.Issues caused by using unsupported options won't be fixed before next major release. ['y', 'n'] -**CONFIG_SSH_KEY** - Path to a Public key to install on servers. If a usable key has not been installed on the remote servers the user will be prompted for a password and this key will be installed so the password will not be required again. +vCenter Config Parameters +------------------------- -MariaDB Config parameters +**CONFIG_VCENTER_HOST** + The IP address of the VMware vCenter server + +**CONFIG_VCENTER_USER** + The username to authenticate to VMware vCenter server + +**CONFIG_VCENTER_PASSWORD** + The password to authenticate to VMware vCenter server + +**CONFIG_VCENTER_CLUSTER_NAME** + The name of the vCenter cluster + +Global unsupported options +-------------------------- + +**CONFIG_STORAGE_HOST** + (Unsupported!) The IP address of the server on which to install OpenStack services specific to storage servers such as Glance and Cinder. + +**CONFIG_SAHARA_HOST** + (Unsupported!) The IP address of the server on which to install OpenStack services specific to Sahara + +Server Prepare Configs ----------------------- -**CONFIG_MARIADB_HOST** - The IP address of the server on which to install MariaDB. +**CONFIG_USE_EPEL** + To subscribe each server to EPEL enter "y" ['y', 'n'] -**CONFIG_MARIADB_USER** - Username for the MariaDB admin user. +**CONFIG_REPO** + A comma separated list of URLs to any additional yum repositories to install -**CONFIG_MARIADB_PW** - Password for the MariaDB admin user. +RHEL config +----------- + +**CONFIG_RH_USER** + To subscribe each server with Red Hat subscription manager, include this with CONFIG_RH_PW + +**CONFIG_SATELLITE_URL** + To subscribe each server with RHN Satellite,fill Satellite's URL here. Note that either satellite's username/password or activation key has to be provided + +RH subscription manager config +------------------------------ + +**CONFIG_RH_PW** + To subscribe each server with Red Hat subscription manager, include this with CONFIG_RH_USER + +**CONFIG_RH_OPTIONAL** + To enable RHEL optional repos use value "y" ['y', 'n'] + +**CONFIG_RH_PROXY** + Specify a HTTP proxy to use with Red Hat subscription manager + +RH subscription manager proxy config +------------------------------------ + +**CONFIG_RH_PROXY_PORT** + Specify port of Red Hat subscription manager HTTP proxy + +**CONFIG_RH_PROXY_USER** + Specify a username to use with Red Hat subscription manager HTTP proxy + +**CONFIG_RH_PROXY_PW** + Specify a password to use with Red Hat subscription manager HTTP proxy + +RHN Satellite config +-------------------- + +**CONFIG_SATELLITE_USER** + Username to access RHN Satellite + +**CONFIG_SATELLITE_PW** + Password to access RHN Satellite + +**CONFIG_SATELLITE_AKEY** + Activation key for subscription to RHN Satellite + +**CONFIG_SATELLITE_CACERT** + Specify a path or URL to a SSL CA certificate to use + +**CONFIG_SATELLITE_PROFILE** + If required specify the profile name that should be used as an identifier for the system in RHN Satellite + +**CONFIG_SATELLITE_FLAGS** + Comma separated list of flags passed to rhnreg_ks. Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', 'norhnsd', 'nopackages'] + +**CONFIG_SATELLITE_PROXY** + Specify a HTTP proxy to use with RHN Satellite + +RHN Satellite proxy config +-------------------------- + +**CONFIG_SATELLITE_PROXY_USER** + Specify a username to use with an authenticated HTTP proxy + +**CONFIG_SATELLITE_PROXY_PW** + Specify a password to use with an authenticated HTTP proxy. AMQP Config parameters ---------------------- - **CONFIG_AMQP_BACKEND** - Set the AMQP service backend. Allowed values are: qpid, rabbitmq + Set the AMQP service backend. Allowed values are: qpid, rabbitmq ['qpid', 'rabbitmq'] **CONFIG_AMQP_HOST** - The IP address of the server on which to install the QPID service. + The IP address of the server on which to install the AMQP service **CONFIG_AMQP_ENABLE_SSL** - Enable SSL for the QPID service. + Enable SSL for the AMQP service ['y', 'n'] + +**CONFIG_AMQP_ENABLE_AUTH** + Enable Authentication for the AMQP service ['y', 'n'] + +AMQP Config SSL parameters +-------------------------- **CONFIG_AMQP_NSS_CERTDB_PW** - The password for the NSS certificate database of the QPID service. + The password for the NSS certificate database of the AMQP service **CONFIG_AMQP_SSL_PORT** - The port in which the QPID service listens to SSL connections. + The port in which the AMQP service listens to SSL connections + +**CONFIG_AMQP_SSL_CACERT_FILE** + The filename of the CAcertificate that the AMQP service is going to use for verification **CONFIG_AMQP_SSL_CERT_FILE** - The filename of the certificate that the QPID service is going to use. + The filename of the certificate that the AMQP service is going to use **CONFIG_AMQP_SSL_KEY_FILE** - The filename of the private key that the QPID service is going to use. + The filename of the private key that the AMQP service is going to use **CONFIG_AMQP_SSL_SELF_SIGNED** - Auto Generates self signed SSL certificate and key. + Auto Generates self signed SSL certificate and key ['y', 'n'] -**CONFIG_AMQP_ENABLE_AUTH** - Enable Authentication for the AMQP service +AMQP Config Athentication parameters +------------------------------------ **CONFIG_AMQP_AUTH_USER** User for amqp authentication **CONFIG_AMQP_AUTH_PASSWORD** - Password for user authentication + Password for user authentication ['y', 'n'] + +MariaDB Config parameters +------------------------- +**CONFIG_MARIADB_HOST** + The IP address of the server on which to install MariaDB or IP address of DB server to use if MariaDB installation was not selected + +**CONFIG_MARIADB_USER** + Username for the MariaDB admin user + +**CONFIG_MARIADB_PW** + Password for the MariaDB admin user Keystone Config parameters -------------------------- -**CONFIG_KEYSTONE_REGION** - The region name to use for the Keystone. - **CONFIG_KEYSTONE_DB_PW** - The password to use for the Keystone to access DB. + The password to use for the Keystone to access DB + +**CONFIG_KEYSTONE_REGION** + Region name **CONFIG_KEYSTONE_ADMIN_TOKEN** - The token to use for the Keystone service api. + The token to use for the Keystone service api **CONFIG_KEYSTONE_ADMIN_PW** - The password to use for the Keystone admin user. + The password to use for the Keystone admin user **CONFIG_KEYSTONE_DEMO_PW** The password to use for the Keystone demo user +**CONFIG_KEYSTONE_API_VERSION** + Keystone API version string ['v2.0', 'v3'] + **CONFIG_KEYSTONE_TOKEN_FORMAT** - Kestone token format. Use either UUID or PKI + Keystone token format. Use either UUID or PKI ['UUID', 'PKI'] + +**CONFIG_KEYSTONE_** + Name of service to use to run keystone (keystone or httpd) ['keystone', 'httpd'] + +**CONFIG_KEYSTONE_IDENTITY_BACKEND** + Type of identity backend (sql or ldap) ['sql', 'ldap'] + +Keystone LDAP Identity Backend Config parameters +------------------------------------------------ + +**CONFIG_KEYSTONE_LDAP_URL** + Keystone LDAP backend URL + +**CONFIG_KEYSTONE_LDAP_USER_DN** + Keystone LDAP backend user DN. Used to bind to the LDAP server when the LDAP server does not allow anonymous authentication. + +**CONFIG_KEYSTONE_LDAP_USER_PASSWORD** + Keystone LDAP backend password for user DN + +**CONFIG_KEYSTONE_LDAP_SUFFIX** + Keystone LDAP backend base suffix + +**CONFIG_KEYSTONE_LDAP_QUERY_SCOPE** + Keystone LDAP backend query scope (base, one, sub) ['base', 'one', 'sub'] + +**CONFIG_KEYSTONE_LDAP_PAGE_SIZE** + Keystone LDAP backend query page size + +**CONFIG_KEYSTONE_LDAP_USER_SUBTREE** + Keystone LDAP backend user subtree + +**CONFIG_KEYSTONE_LDAP_USER_FILTER** + Keystone LDAP backend user query filter + +**CONFIG_KEYSTONE_LDAP_USER_OBJECTCLASS** + Keystone LDAP backend user objectclass + +**CONFIG_KEYSTONE_LDAP_USER_ID_ATTRIBUTE** + Keystone LDAP backend user ID attribute + +**CONFIG_KEYSTONE_LDAP_USER_NAME_ATTRIBUTE** + Keystone LDAP backend user name attribute + +**CONFIG_KEYSTONE_LDAP_USER_MAIL_ATTRIBUTE** + Keystone LDAP backend user email address attribute + +**CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE** + Keystone LDAP backend user enabled attribute + +**CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK** + Keystone LDAP backend - bit mask applied to user enabled attribute + +**CONFIG_KEYSTONE_LDAP_USER_ENABLED_DEFAULT** + Keystone LDAP backend - value of enabled attribute which indicates user is enabled + +**CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT** + Keystone LDAP backend - users are disabled not enabled ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_USER_ATTRIBUTE_IGNORE** + Comma separated list of attributes stripped from user entry upon update + +**CONFIG_KEYSTONE_LDAP_USER_DEFAULT_PROJECT_ID_ATTRIBUTE** + Keystone LDAP attribute mapped to default_project_id for users + +**CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE** + Set to 'y' if you want to be able to create Keystone users through the Keystone interface. Set to 'n' if you will create directly in the LDAP backend. ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE** + Set to 'y' if you want to be able to update Keystone users through the Keystone interface. Set to 'n' if you will update directly in the LDAP backend. ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE** + Set to 'y' if you want to be able to delete Keystone users through the Keystone interface. Set to 'n' if you will delete directly in the LDAP backend. ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_USER_PASS_ATTRIBUTE** + Keystone LDAP attribute mapped to password + +**CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN** + DN of the group entry to hold enabled users when using enabled emulation. + +**CONFIG_KEYSTONE_LDAP_USER_ADDITIONAL_ATTRIBUTE_MAPPING** + List of additional LDAP attributes used for mapping additional attribute mappings for users. Attribute mapping format is :, where ldap_attr is the attribute in the LDAP entry and user_attr is the Identity API attribute. + +**CONFIG_KEYSTONE_LDAP_GROUP_SUBTREE** + Keystone LDAP backend group subtree + +**CONFIG_KEYSTONE_LDAP_GROUP_FILTER** + Keystone LDAP backend group query filter + +**CONFIG_KEYSTONE_LDAP_GROUP_OBJECTCLASS** + Keystone LDAP backend group objectclass + +**CONFIG_KEYSTONE_LDAP_GROUP_ID_ATTRIBUTE** + Keystone LDAP backend group ID attribute + +**CONFIG_KEYSTONE_LDAP_GROUP_NAME_ATTRIBUTE** + Keystone LDAP backend group name attribute + +**CONFIG_KEYSTONE_LDAP_GROUP_MEMBER_ATTRIBUTE** + Keystone LDAP backend group member attribute + +**CONFIG_KEYSTONE_LDAP_GROUP_DESC_ATTRIBUTE** + Keystone LDAP backend group description attribute + +**CONFIG_KEYSTONE_LDAP_GROUP_ATTRIBUTE_IGNORE** + Comma separated list of attributes stripped from group entry upon update + +**CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE** + Set to 'y' if you want to be able to create Keystone groups through the Keystone interface. Set to 'n' if you will create directly in the LDAP backend. ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE** + Set to 'y' if you want to be able to update Keystone groups through the Keystone interface. Set to 'n' if you will update directly in the LDAP backend. ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE** + Set to 'y' if you want to be able to delete Keystone groups through the Keystone interface. Set to 'n' if you will delete directly in the LDAP backend. ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_GROUP_ADDITIONAL_ATTRIBUTE_MAPPING** + List of additional LDAP attributes used for mapping additional attribute mappings for groups. Attribute mapping format is :, where ldap_attr is the attribute in the LDAP entry and group_attr is the Identity API attribute. + +**CONFIG_KEYSTONE_LDAP_USE_TLS** + Should Keystone LDAP use TLS ['n', 'y'] + +**CONFIG_KEYSTONE_LDAP_TLS_CACERTDIR** + Keystone LDAP CA certificate directory + +**CONFIG_KEYSTONE_LDAP_TLS_CACERTFILE** + Keystone LDAP CA certificate file + +**CONFIG_KEYSTONE_LDAP_TLS_REQ_CERT** + Keystone LDAP certificate checking strictness (never, allow, demand) ['never', 'allow', 'demand'] Glance Config parameters ------------------------ **CONFIG_GLANCE_DB_PW** - The password to use for the Glance to access DB. + The password to use for the Glance to access DB **CONFIG_GLANCE_KS_PW** - The password to use for the Glance to authenticate with Keystone. + The password to use for the Glance to authenticate with Keystone + +**CONFIG_GLANCE_BACKEND** + Glance storage backend controls how Glance stores disk images. Supported values: file, swift. Note that Swift installation have to be enabled to have swift backend working. Otherwise Packstack will fallback to 'file'. ['file', 'swift'] Cinder Config parameters ------------------------ **CONFIG_CINDER_DB_PW** - The password to use for the Cinder to access DB. + The password to use for the Cinder to access DB **CONFIG_CINDER_KS_PW** - The password to use for the Cinder to authenticate with Keystone. + The password to use for the Cinder to authenticate with Keystone **CONFIG_CINDER_BACKEND** - A comma separated ordered list of the Cinder backends to use, valid options are: lvm, gluster, nfs, vmdk. + The Cinder backend to use, valid options are: lvm, gluster, nfs, vmdk, netapp ['lvm', 'gluster', 'nfs', 'vmdk', 'netapp'] + Cinder volume create Config parameters -------------------------------------- **CONFIG_CINDER_VOLUMES_CREATE** - Create Cinder's volumes group ['y', 'n']. + Create Cinder's volumes group. This should only be done for testing on a proof-of-concept installation of Cinder. This will create a file-backed volume group and is not suitable for production usage. ['y', 'n'] Cinder volume size Config parameters ------------------------------------ **CONFIG_CINDER_VOLUMES_SIZE** - Cinder's volumes group size. + Cinder's volumes group size. Note that actual volume size will be extended with 3% more space for VG metadata. Cinder gluster Config parameters -------------------------------- **CONFIG_CINDER_GLUSTER_MOUNTS** - A single or comma separated list of gluster volume shares. + A single or comma separated list of gluster volume shares to mount, eg: ip-address:/vol-name, domain:/vol-name ['^([\\d]{1,3}\\.){3}[\\d]{1,3}:/.*', '^[a-zA-Z0-9][\\-\\.\\w]*:/.*'] Cinder NFS Config parameters ---------------------------- **CONFIG_CINDER_NFS_MOUNTS** - A single or comma separated list of NFS exports to mount. + A single or comma seprated list of NFS exports to mount, eg: ip-address:/export-name ['^([\\d]{1,3}\\.){3}[\\d]{1,3}:/.*'] -Cinder NetApp Config parameters ----------------------------- +Cinder NetApp main configuration +-------------------------------- **CONFIG_CINDER_NETAPP_LOGIN** - (required) Password for the administrative user account specified in the netapp_login parameter. + (required) Administrative user account name used to access the storage system or proxy server. [''] **CONFIG_CINDER_NETAPP_PASSWORD** - (required) The hostname (or IP address) for the storage system or proxy server. + (required) Password for the administrative user account specified in the netapp_login parameter. [''] **CONFIG_CINDER_NETAPP_HOSTNAME** (required) The hostname (or IP address) for the storage system or proxy server. **CONFIG_CINDER_NETAPP_SERVER_PORT** - (optional) The TCP port to use for communication with ONTAPI on the storage system. Traditionally, port 80 is used for HTTP and port 443 is used for HTTPS; however, this value should be changed if an alternate port has been configured on the storage system or proxy server. Defaults to 80 + (optional) The TCP port to use for communication with ONTAPI on the storage system. Traditionally, port 80 is used for HTTP and port 443 is used for HTTPS; however, this value should be changed if an alternate port has been configured on the storage system or proxy server. Defaults to 80. [''] **CONFIG_CINDER_NETAPP_STORAGE_FAMILY** - (optional) The storage family type used on the storage system; valid values are ontap_7mode for using Data ONTAP operating in 7-Mode or ontap_cluster for using clustered Data ONTAP, or eseries for NetApp E-Series. Defaults to ontap_cluster. + (optional) The storage family type used on the storage system; valid values are ontap_7mode for using Data ONTAP operating in 7-Mode or ontap_cluster for using clustered Data ONTAP, or eseries for NetApp E-Series. Defaults to ontap_cluster. ['ontap_7mode', 'ontap_cluster', 'eseries'] **CONFIG_CINDER_NETAPP_TRANSPORT_TYPE** - (optional) The transport protocol used when communicating with ONTAPI on the storage system or proxy server. Valid values are http or https. Defaults to http. + (optional) The transport protocol used when communicating with ONTAPI on the storage system or proxy server. Valid values are http or https. Defaults to http. ['http', 'https'] **CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL** - (optional) The storage protocol to be used on the data path with the storage system; valid values are iscsi or nfs. Defaults to nfs. + (optional) The storage protocol to be used on the data path with the storage system; valid values are iscsi or nfs. Defaults to nfs. ['iscsi', 'nfs'] + +Cinder NetApp ONTAP-iSCSI configuration +--------------------------------------- **CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER** - (optional) The quantity to be multiplied by the requested volume size to ensure enough space is available on the virtual storage server (Vserver) to fulfill the volume creation request. Defaults to 1.0. + (optional) The quantity to be multiplied by the requested volume size to ensure enough space is available on the virtual storage server (Vserver) to fulfill the volume creation request. Defaults to 1.0. [''] + +Cinder NetApp NFS configuration +------------------------------- **CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES** - (optional) This parameter specifies the threshold for last access time for images in the NFS image cache. When a cache cleaning cycle begins, images in the cache that have not been accessed in the last M minutes, where M is the value of this parameter, will be deleted from the cache to create free space on the NFS share. Defaults to 720. + (optional) This parameter specifies the threshold for last access time for images in the NFS image cache. When a cache cleaning cycle begins, images in the cache that have not been accessed in the last M minutes, where M is the value of this parameter, will be deleted from the cache to create free space on the NFS share. Defaults to 720. [''] **CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START** - (optional) If the percentage of available space for an NFS share has dropped below the value specified by this parameter, the NFS image cache will be cleaned. Defaults to 20. + (optional) If the percentage of available space for an NFS share has dropped below the value specified by this parameter, the NFS image cache will be cleaned. Defaults to 20 [''] **CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP** - (optional) When the percentage of available space on an NFS share has reached the percentage specified by this parameter, the driver will stop clearing files from the NFS image cache that have not been accessed in the last M minutes, where M is the value of the expiry_thres_minutes parameter. Defaults to 60. + (optional) When the percentage of available space on an NFS share has reached the percentage specified by this parameter, the driver will stop clearing files from the NFS image cache that have not been accessed in the last M minutes, where M is the value of the expiry_thres_minutes parameter. Defaults to 60. [''] **CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG** - (optional) File with the list of available NFS shares. Defaults to ''. + (optional) File with the list of available NFS shares. Defaults to ''. [''] + +Cinder NetApp iSCSI & 7-mode configuration +------------------------------------------ **CONFIG_CINDER_NETAPP_VOLUME_LIST** - (optional) This parameter is only utilized when the storage protocol is configured to use iSCSI. This parameter is used to restrict provisioning to the specified controller volumes. Specify the value of this parameter to be a comma separated list of NetApp controller volume names to be used for provisioning. Defaults to ''. + (optional) This parameter is only utilized when the storage protocol is configured to use iSCSI. This parameter is used to restrict provisioning to the specified controller volumes. Specify the value of this parameter to be a comma separated list of NetApp controller volume names to be used for provisioning. Defaults to ''. [''] **CONFIG_CINDER_NETAPP_VFILER** - (optional) The vFiler unit on which provisioning of block storage volumes will be done. This parameter is only used by the driver when connecting to an instance with a storage family of Data ONTAP operating in 7-Mode and the storage protocol selected is iSCSI. Only use this parameter when utilizing the MultiStore feature on the NetApp storage system. Defaults to ''. + (optional) The vFiler unit on which provisioning of block storage volumes will be done. This parameter is only used by the driver when connecting to an instance with a storage family of Data ONTAP operating in 7-Mode and the storage protocol selected is iSCSI. Only use this parameter when utilizing the MultiStore feature on the NetApp storage system. Defaults to ''. [''] + +Cinder NetApp vServer configuration +----------------------------------- **CONFIG_CINDER_NETAPP_VSERVER** - (optional) This parameter specifies the virtual storage server (Vserver) name on the storage cluster on which provisioning of block storage volumes should occur. If using the NFS storage protocol, this parameter is mandatory for storage service catalog support (utilized by Cinder volume type extra_specs support). If this parameter is specified, the exports belonging to the Vserver will only be used for provisioning in the future. Block storage volumes on exports not belonging to the Vserver specified by this parameter will continue to function normally. Defaults to ''. + (optional) This parameter specifies the virtual storage server (Vserver) name on the storage cluster on which provisioning of block storage volumes should occur. If using the NFS storage protocol, this parameter is mandatory for storage service catalog support (utilized by Cinder volume type extra_specs support). If this parameter is specified, the exports belonging to the Vserver will only be used for provisioning in the future. Block storage volumes on exports not belonging to the Vserver specified by this parameter will continue to function normally. Defaults to ''. [''] + +Cinder NetApp E-Series configuration +------------------------------------ **CONFIG_CINDER_NETAPP_CONTROLLER_IPS** - (optional) This option is only utilized when the storage family is configured to eseries. This option is used to restrict provisioning to the specified controllers. Specify the value of this option to be a comma separated list of controller hostnames or IP addresses to be used for provisioning. Defaults to ''. + (optional) This option is only utilized when the storage family is configured to eseries. This option is used to restrict provisioning to the specified controllers. Specify the value of this option to be a comma separated list of controller hostnames or IP addresses to be used for provisioning. Defaults to ''. [''] **CONFIG_CINDER_NETAPP_SA_PASSWORD** - (optional) Password for the NetApp E-Series storage array. Defaults to ''. + (optional) Password for the NetApp E-Series storage array. Defaults to ''. [''] **CONFIG_CINDER_NETAPP_WEBSERVICE_PATH** - (optional) This option is used to specify the path to the E-Series proxy application on a proxy server. The value is combined with the value of the netapp_transport_type, netapp_server_hostname, and netapp_server_port options to create the URL used by the driver to connect to the proxy application. Defaults to '/devmgr/v2'. + (optional) This option is used to specify the path to the E-Series proxy application on a proxy server. The value is combined with the value of the netapp_transport_type, netapp_server_hostname, and netapp_server_port options to create the URL used by the driver to connect to the proxy application. Defaults to '/devmgr/v2'. ['^[/].*$'] **CONFIG_CINDER_NETAPP_STORAGE_POOLS** - (optional) This option is used to restrict provisioning to the specified storage pools. Only dynamic disk pools are currently supported. Specify the value of this option to be a comma separated list of disk pool names to be used for provisioning. Defaults to ''. + (optional) This option is used to restrict provisioning to the specified storage pools. Only dynamic disk pools are currently supported. Specify the value of this option to be a comma separated list of disk pool names to be used for provisioning. Defaults to ''. [''] +Manila Config parameters +------------------------ -Nova Options ------------- +**CONFIG_MANILA_DB_PW** + The password to use for the Manila to access DB -**CONFIG_NOVA_COMPUTE_PRIVIF** - Private interface for Flat DHCP on the Nova compute servers. +**CONFIG_MANILA_KS_PW** + The password to use for the Manila to authenticate with Keystone -**CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL** - Protocol used for instance migration. Allowed values are tcp and ssh. Note that by defaul nova user is created with /sbin/nologin shell so that ssh protocol won't be working. To make ssh protocol work you have to fix nova user on compute hosts manually. +**CONFIG_MANILA_BACKEND** + The Manila backend to use, valid options are: generic, netapp ['generic', 'netapp'] -**CONFIG_NOVA_NETWORK_HOSTS** - List of IP address of the servers on which to install the Nova Network service. +Manila NetApp configuration +--------------------------- -**CONFIG_NOVA_COMPUTE_MANAGER** - The driver that will manage the running instances from creation to destruction. +**CONFIG_MANILA_NETAPP_NAS_TRANSPORT_TYPE** + The transport protocol used when communicating with ONTAPI on the storage system or proxy server. Valid values are http or https. Defaults to http ['http', 'https'] -**CONFIG_NOVA_DB_PW** - The password to use for the Nova to access DB. +**CONFIG_MANILA_NETAPP_NAS_LOGIN** + Administrative user account name used to access the storage system or proxy server. [''] -**CONFIG_NOVA_KS_PW** - The password to use for the Nova to authenticate with Keystone. +**CONFIG_MANILA_NETAPP_NAS_PASSWORD** + Password for the administrative user account specified in the netapp_nas_login parameter. [''] -**CONFIG_NOVA_NETWORK_PUBIF** - Public interface on the Nova network server. +**CONFIG_MANILA_NETAPP_NAS_SERVER_HOSTNAME** + The hostname (or IP address) for the storage system or proxy server. -**CONFIG_NOVA_NETWORK_PRIVIF** - Private interface for Flat DHCP on the Nova network server. +**CONFIG_MANILA_NETAPP_AGGREGATE_NAME_SEARCH_PATTERN** + Pattern for searching available aggregates for provisioning. -**CONFIG_NOVA_NETWORK_FIXEDRANGE** - IP Range for Flat DHCP ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. +**CONFIG_MANILA_NETAPP_ROOT_VOLUME_AGGREGATE** + Name of aggregate to create root volume on. -**CONFIG_NOVA_NETWORK_FLOATRANGE** - IP Range for Floating IP's ['^([\\d]{1,3}\\.){3}[\\d]{1,3}/\\d\\d?$']. +**CONFIG_MANILA_NETAPP_ROOT_VOLUME_NAME** + Root volume name. + +Manila generic driver configuration +----------------------------------- -**CONFIG_NOVA_SCHED_HOST** - The IP address of the server on which to install the Nova Scheduler service. +**CONFIG_MANILA_GENERIC_VOLUME_NAME_TEMPLATE** + Volume name template. Defaults to manila-share-%s + +**CONFIG_MANILA_GENERIC_SHARE_MOUNT_PATH** + Share mount path. Defaults to /shares + +**CONFIG_MANILA_SERVICE_IMAGE_LOCATION** + Location of disk image for service instance. + +**CONFIG_MANILA_SERVICE_INSTANCE_USER** + User in service instance. + +**CONFIG_MANILA_SERVICE_INSTANCE_PASSWORD** + Password to service instance user. + +Ironic Options +-------------- + +**CONFIG_IRONIC_DB_PW** + The password to use for the Ironic DB access + +**CONFIG_IRONIC_KS_PW** + The password to use for Ironic to authenticate with Keystone + +Nova Options +------------ + +**CONFIG_NOVA_DB_PW** + The password to use for the Nova to access DB + +**CONFIG_NOVA_KS_PW** + The password to use for the Nova to authenticate with Keystone **CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO** - The overcommitment ratio for virtual to physical CPUs. Set to 1.0 to disable CPU overcommitment. + The overcommitment ratio for virtual to physical CPUs. Set to 1.0 to disable CPU overcommitment **CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO** - The overcommitment ratio for virtual to physical RAM. Set to 1.0 to disable RAM overcommitment. + The overcommitment ratio for virtual to physical RAM. Set to 1.0 to disable RAM overcommitment -**CONFIG_NOVA_CONDUCTOR_HOST** - The IP address of the server on which to install the Nova Conductor service. +**CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL** + Protocol used for instance migration. Allowed values are tcp and ssh. Note that by defaul nova user is created with /sbin/nologin shell so that ssh protocol won't be working. To make ssh protocol work you have to fix nova user on compute hosts manually. ['tcp', 'ssh'] -**CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** - Automatically assign a floating IP to new instances. +**CONFIG_NOVA_COMPUTE_MANAGER** + The manager that will run nova compute. -**CONFIG_NOVA_NETWORK_MANAGER** - Nova network manager. +Nova Network Options +-------------------- -**CONFIG_NOVA_NETWORK_NUMBER** - Number of networks to support. +**CONFIG_NOVA_COMPUTE_PRIVIF** + Private interface for Flat DHCP on the Nova compute servers -**CONFIG_NOVA_NETWORK_SIZE** - Number of addresses in each private subnet. +**CONFIG_NOVA_NETWORK_MANAGER** + Nova network manager ['^nova\\.network\\.manager\\.\\w+Manager$'] -**CONFIG_NOVA_NETWORK_VLAN_START** - First VLAN for private networks. +**CONFIG_NOVA_NETWORK_PUBIF** + Public interface on the Nova network server -Ironic Config parameters ------------------------ +**CONFIG_NOVA_NETWORK_PRIVIF** + Private interface for network manager on the Nova network server -**CONFIG_IRONIC_DB_PW** - The password used by Ironic user to authenticate against MariaDB. +**CONFIG_NOVA_NETWORK_FIXEDRANGE** + IP Range for network manager ['^[\\:\\.\\da-fA-f]+(\\/\\d+){0,1}$'] -**CONFIG_IRONIC_KS_PW** - The password to use for the Ironic to authenticate with Keystone. +**CONFIG_NOVA_NETWORK_FLOATRANGE** + IP Range for Floating IP's ['^[\\:\\.\\da-fA-f]+(\\/\\d+){0,1}$'] -OpenStack Horizon Config parameters ------------------------------------ +**CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP** + Automatically assign a floating IP to new instances ['y', 'n'] -**CONFIG_HORIZON_SSL** - To set up Horizon communication over https set this to "y" ['y', 'n']. +Nova Network VLAN Options +------------------------- -**CONFIG_SSL_CERT** - PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase. +**CONFIG_NOVA_NETWORK_VLAN_START** + First VLAN for private networks -**CONFIG_SSL_KEY** - Keyfile corresponding to the certificate if one was entered. +**CONFIG_NOVA_NETWORK_NUMBER** + Number of networks to support -**CONFIG_SSL_CACHAIN** - PEM encoded CA certificates from which the certificate chain of the server certificate can be assembled. +**CONFIG_NOVA_NETWORK_SIZE** + Number of addresses in each private subnet -OpenStack Swift Config parameters ---------------------------------- +Neutron config +-------------- -**CONFIG_SWIFT_KS_PW** - The password to use for the Swift to authenticate with Keystone. +**CONFIG_NEUTRON_KS_PW** + The password to use for Neutron to authenticate with Keystone -**CONFIG_SWIFT_STORAGES** - A comma separated list of devices which to use as Swift Storage device. Each entry should take the format /path/to/dev, for example /dev/vdb will install /dev/vdb as Swift storage device (packstack does not create the filesystem, you must do this first). If value is omitted Packstack will create a loopback device for test setup +**CONFIG_NEUTRON_DB_PW** + The password to use for Neutron to access DB -**CONFIG_SWIFT_STORAGE_ZONES** - Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured. +**CONFIG_NEUTRON_L3_EXT_BRIDGE** + The name of the ovs bridge (or empty for linuxbridge) that the Neutron L3 agent will use for external traffic, or 'provider' using provider networks. -**CONFIG_SWIFT_STORAGE_REPLICAS** - Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured. +**CONFIG_NEUTRON_METADATA_PW** + Neutron metadata agent password -**CONFIG_SWIFT_STORAGE_FSTYPE** - FileSystem type for storage nodes ['xfs', 'ext4']. +**CONFIG_LBAAS_INSTALL** + Set to 'y' if you would like Packstack to install Neutron LBaaS ['y', 'n'] -**CONFIG_SWIFT_HASH** - Shared secret for Swift. +**CONFIG_NEUTRON_METERING_AGENT_INSTALL** + Set to 'y' if you would like Packstack to install Neutron L3 Metering agent ['y', 'n'] -Server Prepare Configs ----------------------- +**CONFIG_NEUTRON_FWAAS** + Whether to configure neutron Firewall as a Service ['y', 'n'] -**CONFIG_USE_EPEL** - Install OpenStack from EPEL. If set to "y" EPEL will be installed on each server ['y', 'n']. When installing RDO, this option will be overriden, as EPEL is a requirement for RDO. +Neutron ML2 plugin config +------------------------- -**CONFIG_REPO** - A comma separated list of URLs to any additional yum repositories to install. +**CONFIG_NEUTRON_ML2_TYPE_DRIVERS** + A comma separated list of network type driver entrypoints to be loaded from the neutron.ml2.type_drivers namespace. ['local', 'flat', 'vlan', 'gre', 'vxlan'] -**CONFIG_RH_USER** - To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_PW**. +**CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES** + A comma separated ordered list of network_types to allocate as tenant networks. The value 'local' is only useful for single-box testing but provides no connectivity between hosts. ['local', 'vlan', 'gre', 'vxlan'] -**CONFIG_RH_PW** - To subscribe each server with Red Hat subscription manager, include this with **CONFIG_RH_USER**. +**CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS** + A comma separated ordered list of networking mechanism driver entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace. ['logger', 'test', 'linuxbridge', 'openvswitch', 'hyperv', 'ncs', 'arista', 'cisco_nexus', 'l2population'] -**CONFIG_RH_BETA_REPO** - To subscribe each server with Red Hat subscription manager, to Red Hat Beta RPM's ['y', 'n']. +**CONFIG_NEUTRON_ML2_FLAT_NETWORKS** + A comma separated list of physical_network names with which flat networks can be created. Use * to allow flat networks with arbitrary physical_network names. -**CONFIG_SATELLITE_URL** - To subscribe each server with RHN Satellite,fill Satellite's URL here. Note that either satellite's username/password or activation key has to be provided. +**CONFIG_NEUTRON_ML2_VLAN_RANGES** + A comma separated list of :: or specifying physical_network names usable for VLAN provider and tenant networks, as well as ranges of VLAN tags on each available for allocation to tenant networks. -RHN Satellite config --------------------- +**CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES** + A comma separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation. Should be an array with tun_max +1 - tun_min > 1000000 -**CONFIG_SATELLITE_USER** - Username to access RHN Satellite. +**CONFIG_NEUTRON_ML2_VXLAN_GROUP** + Multicast group for VXLAN. If unset, disables VXLAN enable sending allocate broadcast traffic to this multicast group. When left unconfigured, will disable multicast VXLAN mode. Should be an Multicast IP (v4 or v6) address. -**CONFIG_SATELLITE_PW** - Password to access RHN Satellite. +**CONFIG_NEUTRON_ML2_VNI_RANGES** + A comma separated list of : tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. -**CONFIG_SATELLITE_AKEY** - Activation key for subscription to RHN Satellite. +**CONFIG_NEUTRON_L2_AGENT** + The name of the L2 agent to be used with Neutron ['linuxbridge', 'openvswitch'] -**CONFIG_SATELLITE_CACERT** - Specify a path or URL to a SSL CA certificate to use. +Neutron LB agent config +----------------------- -**CONFIG_SATELLITE_PROFILE** - If required specify the profile name that should be used as an identifier for the system in RHN Satellite. +**CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** + A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:eth1,physnet2:eth2,physnet3:eth3) -**CONFIG_SATELLITE_FLAGS** - Comma separated list of flags passed to rhnreg_ks. Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', 'norhnsd', 'nopackages']. +Neutron OVS agent config +------------------------ -**CONFIG_SATELLITE_PROXY** - Specify a HTTP proxy to use with RHN Satellite. +**CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** + A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3) -RHN Satellite proxy config --------------------------- +**CONFIG_NEUTRON_OVS_BRIDGE_IFACES** + A comma separated list of colon-separated OVS bridge:interface pairs. The interface will be added to the associated bridge. -**CONFIG_SATELLITE_PROXY_USER** - Specify a username to use with an authenticated HTTP proxy. +Neutron OVS agent config for tunnels +------------------------------------ -**CONFIG_SATELLITE_PROXY_PW** - Specify a password to use with an authenticated HTTP proxy. +**CONFIG_NEUTRON_OVS_TUNNEL_IF** + The interface for the OVS tunnel. Packstack will override the IP address used for tunnels on this hypervisor to the IP found on the specified interface. (eg. eth1) -Nagios Config parameters ------------------------- +Neutron OVS agent config for VXLAN +---------------------------------- -**CONFIG_NAGIOS_PW** - The password of the nagiosadmin user on the Nagios server. +**CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT** + VXLAN UDP port -Ceilometer Config Parameters +NOVACLIENT Config parameters ---------------------------- -**CONFIG_CEILOMETER_SECRET** - Secret key for signing metering messages. +OpenStack Horizon Config parameters +----------------------------------- -**CONFIG_CEILOMETER_KS_PW** - The password to use for Ceilometer to authenticate with Keystone. +**CONFIG_HORIZON_SSL** + To set up Horizon communication over https set this to 'y' ['y', 'n'] -**CONFIG_CEILOMETER_COORDINATION_BACKEND** - Specify an optional backend for group membership coordination in the alarm evaluator and central - agent. Currently the only valid option are 'redis' or 'none'. The default is 'redis'. +SSL Config parameters +--------------------- -**CONFIG_REDIS_MASTER_HOST** - The IP address of the server on which to install Redis, if Redis is being used for coordination. +**CONFIG_SSL_CERT** + PEM encoded certificate to be used for ssl on the https server, leave blank if one should be generated, this certificate should not require a passphrase -**CONFIG_REDIS_PORT** - The port on which all Redis servers will listen, if Redis is being used for coordination. +**CONFIG_SSL_KEY** + SSL keyfile corresponding to the certificate if one was entered -**CONFIG_REDIS_HA** - Whether redis-sentinel and redis-slaves should be used to to enable high availability in Redis - coordination. Valid options are 'y' or 'n'. Default is 'n'. The following settings only apply if - 'y' is chosen. +**CONFIG_SSL_CACHAIN** + PEM encoded CA certificates from which the certificate chain of the server certificate can be assembled. -**CONFIG_REDIS_SLAVE_HOSTS** - A comma-separated list of hosts that will operate as Redis slaves and on which Redis will be - installed. +OpenStack Swift Config parameters +--------------------------------- -**CONFIG_REDIS_SENTINEL_HOSTS** - A comma-separated list of hosts that will operate as Redis sentinels and on which Redis will be - installed. +**CONFIG_SWIFT_KS_PW** + The password to use for the Swift to authenticate with Keystone -**CONFIG_REDIS_SENTINEL_CONTACT_HOST** - One of the sentinel hosts which will be used to configure coordination. +**CONFIG_SWIFT_STORAGES** + A comma separated list of devices which to use as Swift Storage device. Each entry should take the format /path/to/dev, for example /dev/vdb will install /dev/vdb as Swift storage device (packstack does not create the filesystem, you must do this first). If value is omitted Packstack will create a loopback device for test setup -**CONFIG_REDIS_SENTINEL_PORT** - The port on which all Redis sentinels will listen. Defaults to 26379. +**CONFIG_SWIFT_STORAGE_ZONES** + Number of swift storage zones, this number MUST be no bigger than the number of storage devices configured -**CONFIG_REDIS_SENTINEL_QUORUM** - The quorum value for the Redis sentinels. Default value is 2, but you should change this. +**CONFIG_SWIFT_STORAGE_REPLICAS** + Number of swift storage replicas, this number MUST be no bigger than the number of storage zones configured -**CONFIG_REDIS_MASTER_NAME** - The logical name of the initial Redis master, required in sentinel and client configuration. +**CONFIG_SWIFT_STORAGE_FSTYPE** + FileSystem type for storage nodes ['xfs', 'ext4'] + +**CONFIG_SWIFT_HASH** + Shared secret for Swift + +**CONFIG_SWIFT_STORAGE_SIZE** + Size of the swift loopback file storage device -Heat Config Parameters +Heat Config parameters ---------------------- **CONFIG_HEAT_DB_PW** - The password used by Heat user to authenticate against MariaDB. + The password used by Heat user to authenticate against DB **CONFIG_HEAT_AUTH_ENC_KEY** - The encryption key to use for authentication info in database. + The encryption key to use for authentication info in database (16, 24, or 32 chars) **CONFIG_HEAT_KS_PW** - The password to use for the Heat to authenticate with Keystone. + The password to use for the Heat to authenticate with Keystone **CONFIG_HEAT_CLOUDWATCH_INSTALL** - Set to 'y' if you would like Packstack to install Heat CloudWatch API. + Set to 'y' if you would like Packstack to install Heat CloudWatch API ['y', 'n'] **CONFIG_HEAT_CFN_INSTALL** - Set to 'y' if you would like Packstack to install Heat CloudFormation API. + Set to 'y' if you would like Packstack to install Heat CloudFormation API ['y', 'n'] **CONFIG_HEAT_DOMAIN** - Name of Keystone domain for Heat. By default, the value is **heat**. + Name of Keystone domain for Heat **CONFIG_HEAT_DOMAIN_ADMIN** - Name of Keystone domain admin user for Heat. By default, the value is **heat_admin**. + Name of Keystone domain admin user for Heat **CONFIG_HEAT_DOMAIN_PASSWORD** - Password for Keystone domain admin user for Heat. + Password for Keystone domain admin user for Heat -Neutron Config Parameters -------------------------- +Provisioning demo config +------------------------ -**CONFIG_NEUTRON_KS_PW** - The password to use for Neutron to authenticate with Keystone. +**CONFIG_PROVISION_DEMO** + Whether to provision for demo usage and testing. Note that provisioning is only supported for all-in-one installations. ['y', 'n'] -**CONFIG_NEUTRON_DB_PW** - The password to use for Neutron to access DB. +**CONFIG_PROVISION_TEMPEST** + Whether to configure tempest for testing ['y', 'n'] -**CONFIG_NEUTRON_L3_EXT_BRIDGE** - The name of the bridge that the Neutron L3 agent will use for external traffic, or 'provider' if using provider networks. +Provisioning demo config +------------------------ -**CONFIG_NEUTRON_METADATA_PW** - A comma separated list of IP addresses on which to install Neutron metadata agent. +**CONFIG_PROVISION_DEMO_FLOATRANGE** + The CIDR network address for the floating IP subnet -**CONFIG_NEUTRON_FWAAS** - Whether to configure neutron Firewall as a Service. +**CONFIG_PROVISION_CIRROS_URL** + A URL or local file location for the Cirros demo image used for Glance -**CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS** - A comma separated list of interface mappings for the Neutron linuxbridge plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). +Provisioning tempest config +--------------------------- -**CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS** - A comma separated list of bridge mappings for the Neutron openvswitch plugin (eg. physnet1:br-eth1,physnet2:br-eth2,physnet3:br-eth3). +**CONFIG_PROVISION_TEMPEST_USER** + The name of the Tempest Provisioning user. If you don't provide a user name, Tempest will be configured in a standalone mode -**CONFIG_NEUTRON_OVS_BRIDGE_IFACES** - A comma separated list of colon-separated OVS brid. +**CONFIG_PROVISION_TEMPEST_USER_PW** + The password to use for the Tempest Provisioning user -**CONFIG_NEUTRON_OVS_TUNNEL_IF** - Override the IP used for GRE tunnels on this hypervisor to the IP found on the specified interface (defaults to the HOST IP). +**CONFIG_PROVISION_TEMPEST_FLOATRANGE** + The CIDR network address for the floating IP subnet -**CONFIG_NEUTRON_ML2_TYPE_DRIVERS** - A comma separated list of network type (eg: local, flat, vlan, gre, vxlan). +**CONFIG_PROVISION_TEMPEST_REPO_URI** + The uri of the tempest git repository to use -**CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES** - A comma separated ordered list of network_types to allocate as tenant networks (eg: local, flat, vlan, gre, vxlan). The value 'local' is only useful for single-box testing but provides no connectivity between hosts. +**CONFIG_PROVISION_TEMPEST_REPO_REVISION** + The revision of the tempest git repository to use -**CONFIG_NEUTRON_ML2_SM_DRIVERS** - A comma separated ordered list of networking mechanism driver entrypoints to be loaded from the **neutron.ml2.mechanism_drivers** namespace (eg: logger, test, linuxbridge, openvswitch, hyperv, ncs, arista, cisco_nexus, l2population). +Provisioning all-in-one ovs bridge config +----------------------------------------- -**CONFIG_NEUTRON_ML2_FLAT_NETWORKS** - A comma separated list of physical_network names with which flat networks can be created. Use * to allow flat networks with arbitrary physical_network names. +**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE** + Whether to configure the ovs external bridge in an all-in-one deployment ['y', 'n'] -**CONFIG_NEUTRON_ML2_VLAN_RANGES** - A comma separated list of **::** or **** specifying physical_network names usable for VLAN provider and tenant networks, as well as ranges of VLAN tags on each available for allocation to tenant networks. +Ceilometer Config parameters +---------------------------- -**CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES** - A comma separated list of **:** tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation. Should be an array with **tun_max +1 - tun_min > 1000000**. +**CONFIG_CEILOMETER_SECRET** + Secret key for signing metering messages -**CONFIG_NEUTRON_ML2_VXLAN_GROUP** - Multicast group for VXLAN. If unset, disables VXLAN enable sending allocate broadcast traffic to this multicast group. When left unconfigured, will disable multicast VXLAN mode. Should be an **Multicast IP (v4 or v6)** address. +**CONFIG_CEILOMETER_KS_PW** + The password to use for Ceilometer to authenticate with Keystone -**CONFIG_NEUTRON_ML2_VNI_RANGES** - A comma separated list of **:** tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. Min value is 0 and Max value is 16777215. +**CONFIG_CEILOMETER_COORDINATION_BACKEND** + Backend driver for group membership coordination ['redis', 'none'] + +MONGODB Config parameters +------------------------- + +**CONFIG_MONGODB_HOST** + The IP address of the server on which to install MongoDB -Trove Config Parameters +Redis Config parameters ----------------------- -**CONFIG_TROVE_DB_PW** - The password to use for Trove to access DB. +**CONFIG_REDIS_MASTER_HOST** + The IP address of the server on which to install redis master server -**CONFIG_TROVE_KS_PW** - The password to use for Trove to authenticate with Keystone. +**CONFIG_REDIS_PORT** + The port on which the redis server(s) listens -**CONFIG_TROVE_NOVA_USER** - The user to use when Trove launches instances in Nova +**CONFIG_REDIS_HA** + Should redis try to use HA ['y', 'n'] -**CONFIG_TROVE_NOVA_TENANT** - The tenant to use when Trove launches instances in Nova +**CONFIG_REDIS_SLAVE_HOSTS** + The hosts on which to install redis slaves -**CONFIG_TROVE_NOVA_PW** - The password to use when Trove launches instances in Nova +**CONFIG_REDIS_SENTINEL_HOSTS** + The hosts on which to install redis sentinel servers -Provision Config Parameters ---------------------------- +**CONFIG_REDIS_SENTINEL_CONTACT_HOST** + The host to configure as the coordination sentinel -**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE** - Whether to configure the ovs external bridge in an all-in-one deployment. +**CONFIG_REDIS_SENTINEL_PORT** + The port on which redis sentinel servers listen -**CONFIG_PROVISION_DEMO** - Whether to provision for demo usage and testing. +**CONFIG_REDIS_SENTINEL_QUORUM** + The quorum value for redis sentinel servers -**CONFIG_PROVISION_DEMO_FLOATRANGE** - The CIDR network address for the floating IP subnet. +**CONFIG_REDIS_MASTER_NAME** + The name of the master server watched by the sentinel ['[a-z]+'] -**CONFIG_PROVISION_CIRROS_URL** - A URL or local file location for the Cirros demo image used for Glance. +Sahara Config parameters +------------------------ -**CONFIG_PROVISION_TEMPEST** - Whether to configure tempest for testing. +**CONFIG_SAHARA_DB_PW** + The password to use for the Sahara DB access -**CONFIG_PROVISION_TEMPEST_USER** - The name of the Tempest Provisioning user. If you don't provide a user name, Tempest will be configured in a standalone mode. If you choose the **demo** user, packstack will use the password from **CONFIG_KEYSTONE_DEMO_PW** if **CONFIG_PROVISION_DEMO** is enabled. If not, the **CONFIG_PROVISION_TEMPEST_USER_PW** will be used. +**CONFIG_SAHARA_KS_PW** + The password to use for Sahara to authenticate with Keystone -**CONFIG_PROVISION_TEMPEST_USER_PW** - The password to use for the Tempest Provisioning user. +Trove config parameters +----------------------- -**CONFIG_PROVISION_TEMPEST_REPO_REVISION** - The revision of the tempest git repository to use. +**CONFIG_TROVE_DB_PW** + The password to use for the Trove DB access -**CONFIG_PROVISION_TEMPEST_REPO_URI** - The uri of the tempest git repository to use. +**CONFIG_TROVE_KS_PW** + The password to use for Trove to authenticate with Keystone -Sahara Config Parameters ------------------------- +**CONFIG_TROVE_NOVA_USER** + The user to use when Trove connects to Nova -**CONFIG_SAHARA_DB_PW** - The password to use for Sahara to access DB. +**CONFIG_TROVE_NOVA_TENANT** + The tenant to use when Trove connects to Nova -**CONFIG_SAHARA_HOST** - The IP address of the server on which to install Sahara if Sahara is being installed. +**CONFIG_TROVE_NOVA_PW** + The password to use when Trove connects to Nova -**CONFIG_SAHARA_KS_PW** - The password to use for Sahara to authenticate with Keystone. +Nagios Config parameters +------------------------ + +**CONFIG_NAGIOS_PW** + The password of the nagiosadmin user on the Nagios server Log files and Debug info ------------------------ From 21c7d6348541934aa9c3c8ff70b8fd7f47b28a3a Mon Sep 17 00:00:00 2001 From: Javier Pena Date: Tue, 3 Mar 2015 16:53:46 +0100 Subject: [PATCH 0265/1017] Fix identity_uri in Glance config Previously, identity_uri was set to the full Keystone URL, including version. This breaks the Glance client, which fails unless the version part is removed. Change-Id: I711f457be9c6e180139c899d52358a09bc800d83 --- packstack/puppet/templates/glance.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 20a4b7e6a..e287a8707 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -4,7 +4,7 @@ class { 'glance::api': auth_uri => "http://${glance_cfg_ctrl_host}:5000/", - identity_uri => "http://${glance_cfg_ctrl_host}:35357/v2.0", + identity_uri => "http://${glance_cfg_ctrl_host}:35357", keystone_tenant => 'services', keystone_user => 'glance', keystone_password => hiera('CONFIG_GLANCE_KS_PW'), @@ -17,7 +17,7 @@ class { 'glance::registry': auth_uri => "http://${glance_cfg_ctrl_host}:5000/", - identity_uri => "http://${glance_cfg_ctrl_host}:35357/v2.0", + identity_uri => "http://${glance_cfg_ctrl_host}:35357", keystone_tenant => 'services', keystone_user => 'glance', keystone_password => hiera('CONFIG_GLANCE_KS_PW'), From cd9a97491497e9b81181cdf0de98aff614dc6f28 Mon Sep 17 00:00:00 2001 From: Ryan Hefner Date: Sat, 28 Feb 2015 16:39:03 -0500 Subject: [PATCH 0266/1017] Combine NetApp Puppet templates into one file Now that Packstack is using Hiera instead of Python string replacement, we can combine all of the NetApp Puppet templates into one file and simplify the plugin code. Change-Id: I1ba0c12ebbe288d97074bb5d8b4f0d9b9d3146c2 --- packstack/plugins/cinder_250.py | 22 +---- packstack/puppet/templates/cinder_netapp.pp | 99 +++++++++++++++++++ .../templates/cinder_netapp_7mode_iscsi.pp | 23 ----- .../templates/cinder_netapp_7mode_nfs.pp | 24 ----- .../templates/cinder_netapp_cdot_iscsi.pp | 22 ----- .../templates/cinder_netapp_cdot_nfs.pp | 25 ----- .../puppet/templates/cinder_netapp_eseries.pp | 24 ----- 7 files changed, 100 insertions(+), 139 deletions(-) create mode 100644 packstack/puppet/templates/cinder_netapp.pp delete mode 100644 packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp delete mode 100644 packstack/puppet/templates/cinder_netapp_7mode_nfs.pp delete mode 100644 packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp delete mode 100644 packstack/puppet/templates/cinder_netapp_cdot_nfs.pp delete mode 100644 packstack/puppet/templates/cinder_netapp_eseries.pp diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index dee41b9b7..0f0263c3e 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -733,27 +733,7 @@ def create_manifest(config, messages): manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder") - backends = config['CONFIG_CINDER_BACKEND'] - if 'netapp' in backends: - backends.remove('netapp') - puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi" - puppet_cdot_nfs = "cinder_netapp_cdot_nfs" - puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi" - puppet_7mode_nfs = "cinder_netapp_7mode_nfs" - puppet_eseries = "cinder_netapp_eseries" - if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": - if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": - manifestdata += getManifestTemplate(puppet_cdot_iscsi) - elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": - manifestdata += getManifestTemplate(puppet_cdot_nfs) - elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode": - if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": - manifestdata += getManifestTemplate(puppet_7mode_iscsi) - elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": - manifestdata += getManifestTemplate(puppet_7mode_nfs) - elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": - manifestdata += getManifestTemplate(puppet_eseries) - for backend in backends: + for backend in config['CONFIG_CINDER_BACKEND']: manifestdata += getManifestTemplate('cinder_%s' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': diff --git a/packstack/puppet/templates/cinder_netapp.pp b/packstack/puppet/templates/cinder_netapp.pp new file mode 100644 index 000000000..40fbea4de --- /dev/null +++ b/packstack/puppet/templates/cinder_netapp.pp @@ -0,0 +1,99 @@ +# Copyright (c) – 2014, Ryan Hefner. All rights reserved. + +$netapp_storage_family = hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY') +$netapp_storage_protocol = hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL') +$netapp_backend_name = 'netapp' + +if $netapp_storage_family == 'ontap_cluster' { + if $netapp_storage_protocol == 'nfs' { + cinder::backend::netapp { $netapp_backend_name: + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_vserver => hiera('CONFIG_CINDER_NETAPP_VSERVER'), + expiry_thres_minutes => hiera('CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES'), + thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), + thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), + nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), + } + + package { 'nfs-utils': ensure => present } + } + elsif $netapp_storage_protocol == 'iscsi' { + cinder::backend::netapp { $netapp_backend_name: + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_size_multiplier => hiera('CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_vserver => hiera('CONFIG_CINDER_NETAPP_VSERVER'), + } + + package { 'iscsi-initiator-utils': ensure => present } + } +} +elsif $netapp_storage_family == 'ontap_7mode' { + if $netapp_storage_protocol == 'nfs' { + cinder::backend::netapp { $netapp_backend_name: + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + expiry_thres_minutes => hiera('CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES'), + thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), + thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), + nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), + } + + package { 'nfs-utils': ensure => present } + } + elsif $netapp_storage_protocol == 'iscsi' { + cinder::backend::netapp { $netapp_backend_name: + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_size_multiplier => hiera('CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_vfiler => hiera('CONFIG_CINDER_NETAPP_VFILER'), + netapp_volume_list => hiera('CONFIG_CINDER_NETAPP_VOLUME_LIST'), + } + + package { 'iscsi-initiator-utils': ensure => present } + } +} +elsif $netapp_storage_family == 'eseries' { + cinder::backend::netapp { $netapp_backend_name: + netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), + netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), + netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), + netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), + netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), + netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), + netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), + netapp_controller_ips => hiera('CONFIG_CINDER_NETAPP_CONTROLLER_IPS'), + netapp_sa_password => hiera('CONFIG_CINDER_NETAPP_SA_PASSWORD'), + netapp_storage_pools => hiera('CONFIG_CINDER_NETAPP_STORAGE_POOLS'), + netapp_webservice_path => hiera('CONFIG_CINDER_NETAPP_WEBSERVICE_PATH'), + } + + package { 'iscsi-initiator-utils': ensure => present } +} + +cinder::type { $netapp_backend_name: + set_key => 'volume_backend_name', + set_value => $netapp_backend_name, + require => Class['cinder::api'], +} diff --git a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp b/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp deleted file mode 100644 index 33f4a71a3..000000000 --- a/packstack/puppet/templates/cinder_netapp_7mode_iscsi.pp +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright (c) – 2014, Ryan Hefner. All rights reserved. - -package { 'iscsi-initiator-utils': ensure => present } - -cinder::backend::netapp { 'netapp': - netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), - netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), - netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), - netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), - netapp_size_multiplier => hiera('CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER'), - netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), - netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), - netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), - netapp_vfiler => hiera('CONFIG_CINDER_NETAPP_VFILER'), - netapp_volume_list => hiera_array('CONFIG_CINDER_NETAPP_VOLUME_LIST'), - require => Package['iscsi-initiator-utils'], -} - -cinder::type { 'cinder_netapp_7mode_iscsi': - set_key => 'volume_backend_name', - set_value => 'netapp', - require => Class['cinder::api'], -} diff --git a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp b/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp deleted file mode 100644 index 5dc2906c3..000000000 --- a/packstack/puppet/templates/cinder_netapp_7mode_nfs.pp +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright (c) – 2014, Ryan Hefner. All rights reserved. - -package { 'nfs-utils': ensure => present } - -cinder::backend::netapp { 'netapp': - netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), - netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), - netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), - netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), - netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), - netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), - netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), - expiry_thres_minutes => hiera('CONFIG_CINDER_EXPIRY_THRES_MINUTES'), - thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), - thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), - nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), - require => Package['nfs-utils'], -} - -cinder::type { 'cinder_netapp_7mode_nfs': - set_key => 'volume_backend_name', - set_value => 'netapp', - require => Class['cinder::api'], -} diff --git a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp b/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp deleted file mode 100644 index b33383adf..000000000 --- a/packstack/puppet/templates/cinder_netapp_cdot_iscsi.pp +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright (c) – 2014, Ryan Hefner. All rights reserved. - -package { 'iscsi-initiator-utils': ensure => present } - -cinder::backend::netapp { 'netapp': - netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), - netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), - netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), - netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), - netapp_size_multiplier => hiera('CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER'), - netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), - netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), - netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), - netapp_vserver => hiera('CONFIG_CINDER_NETAPP_VSERVER'), - require => Package['iscsi-initiator-utils'], -} - -cinder::type { 'cinder_netapp_cdot_iscsi': - set_key => 'volume_backend_name', - set_value => 'netapp', - require => Class['cinder::api'], -} diff --git a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp b/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp deleted file mode 100644 index 63b0e014b..000000000 --- a/packstack/puppet/templates/cinder_netapp_cdot_nfs.pp +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright (c) – 2014, Ryan Hefner. All rights reserved. - -package { 'nfs-utils': ensure => present } - -cinder::backend::netapp { 'netapp': - netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), - netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), - netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), - netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), - netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), - netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), - netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), - netapp_vserver => hiera('CONFIG_CINDER_NETAPP_VSERVER'), - expiry_thres_minutes => hiera('CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES'), - thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), - thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), - nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), - require => Package['nfs-utils'], -} - -cinder::type { 'cinder_netapp_cdot_nfs': - set_key => 'volume_backend_name', - set_value => 'netapp', - require => Class['cinder::api'], -} diff --git a/packstack/puppet/templates/cinder_netapp_eseries.pp b/packstack/puppet/templates/cinder_netapp_eseries.pp deleted file mode 100644 index dee48de2f..000000000 --- a/packstack/puppet/templates/cinder_netapp_eseries.pp +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright (c) – 2014, Ryan Hefner. All rights reserved. - -package { 'iscsi-initiator-utils': ensure => present } - -cinder::backend::netapp { 'netapp': - netapp_login => hiera('CONFIG_CINDER_NETAPP_LOGIN'), - netapp_password => hiera('CONFIG_CINDER_NETAPP_PASSWORD'), - netapp_server_hostname => hiera('CONFIG_CINDER_NETAPP_HOSTNAME'), - netapp_server_port => hiera('CONFIG_CINDER_NETAPP_SERVER_PORT'), - netapp_storage_family => hiera('CONFIG_CINDER_NETAPP_STORAGE_FAMILY'), - netapp_storage_protocol => hiera('CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'), - netapp_transport_type => hiera('CONFIG_CINDER_NETAPP_TRANSPORT_TYPE'), - netapp_controller_ips => hiera('CONFIG_CINDER_NETAPP_CONTROLLER_IPS'), - netapp_sa_password => hiera('CONFIG_CINDER_NETAPP_SA_PASSWORD'), - netapp_storage_pools => hiera('CONFIG_CINDER_NETAPP_STORAGE_POOLS'), - netapp_webservice_path => hiera('CONFIG_CINDER_NETAPP_WEBSERVICE_PATH'), - require => Package['iscsi-initiator-utils'], -} - -cinder::type { 'cinder_netapp_eseries': - set_key => 'volume_backend_name', - set_value => 'netapp', - require => Class['cinder::api'], -} From ab4d95ad102a81e7d9587e4c7a93607f53fda2a2 Mon Sep 17 00:00:00 2001 From: Ryan Hefner Date: Tue, 13 Jan 2015 16:29:03 -0500 Subject: [PATCH 0267/1017] Add support for new nfs_shares parameter A new nfs_shares parameter was added in puppet-cinder that allows a user to optionally specify an array of shares and that will be written into the file listed at nfs_shares_config. Change-Id: I2f697caed3804af21b793f6d6949bbe815983849 --- docs/packstack.rst | 6 +++++- packstack/plugins/cinder_250.py | 21 ++++++++++++++++++--- packstack/puppet/templates/cinder_netapp.pp | 2 ++ 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/docs/packstack.rst b/docs/packstack.rst index cdf0dfda2..ba0f3e552 100644 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -500,8 +500,12 @@ Cinder NetApp NFS configuration **CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP** (optional) When the percentage of available space on an NFS share has reached the percentage specified by this parameter, the driver will stop clearing files from the NFS image cache that have not been accessed in the last M minutes, where M is the value of the expiry_thres_minutes parameter. Defaults to 60. [''] +**CONFIG_CINDER_NETAPP_NFS_SHARES** + (optional) Single or comma-separated list of NetApp NFS shares for Cinder to use. Format: ip-address:/export-name. Defaults to ''. [''] + **CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG** - (optional) File with the list of available NFS shares. Defaults to ''. [''] + (optional) File with the list of available NFS shares. Defaults to '/etc/cinder/shares.conf'. [''] + Cinder NetApp iSCSI & 7-mode configuration ------------------------------------------ diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 0f0263c3e..294223c62 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -348,14 +348,29 @@ def initConfig(controller): "USE_DEFAULT": True, "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "cinder-netapp-nfs-shares", + "USAGE": ("(optional) Single or comma-separated list of NetApp NFS shares " + "for Cinder to use. Format: ip-address:/export-name" + " Defaults to ''."), + "PROMPT": ("Enter a single or comma-separated list of NetApp NFS shares"), + "OPTION_LIST": [""], + "VALIDATORS": [], + "PROCESSORS": [], + "DEFAULT_VALUE": "", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_CINDER_NETAPP_NFS_SHARES", + "USE_DEFAULT": True, + "NEED_CONFIRM": False, + "CONDITION": False}, {"CMD_OPTION": "cinder-netapp-nfs-shares-config", "USAGE": ("(optional) File with the list of available NFS shares." - " Defaults to ''."), + " Defaults to '/etc/cinder/shares.conf'."), "PROMPT": ("Enter a NetApp NFS share config file"), "OPTION_LIST": [""], - "VALIDATORS": [validators.validate_file], + "VALIDATORS": [], "PROCESSORS": [], - "DEFAULT_VALUE": "", + "DEFAULT_VALUE": "/etc/cinder/shares.conf", "MASK_INPUT": False, "LOOSE_VALIDATION": False, "CONF_NAME": "CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG", diff --git a/packstack/puppet/templates/cinder_netapp.pp b/packstack/puppet/templates/cinder_netapp.pp index 40fbea4de..5a40f8fb3 100644 --- a/packstack/puppet/templates/cinder_netapp.pp +++ b/packstack/puppet/templates/cinder_netapp.pp @@ -18,6 +18,7 @@ expiry_thres_minutes => hiera('CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES'), thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), + nfs_shares => hiera_array('CONFIG_CINDER_NETAPP_NFS_SHARES'), nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), } @@ -52,6 +53,7 @@ expiry_thres_minutes => hiera('CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES'), thres_avl_size_perc_start => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START'), thres_avl_size_perc_stop => hiera('CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP'), + nfs_shares => hiera_array('CONFIG_CINDER_NETAPP_NFS_SHARES'), nfs_shares_config => hiera('CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG'), } From 537883460063e3f5ec5f81affa16e83f284911ad Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Wed, 18 Mar 2015 11:16:43 -0400 Subject: [PATCH 0268/1017] updated README.md to document --allinone This addresses https://bugzilla.redhat.com/show_bug.cgi?id=956078 by (a) explicitly documenting the --allinone option and (b) documenting the use of --answer-file when re-running packstack. Change-Id: I82ed9ea9f71d66294b6df025940d01b7adfc3f65 --- README.md | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c8cc0bca4..5ce4c91d5 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,22 @@ options have yet to be added. $ sudo python setup.py install_puppet_modules -### Option 1 (using answer file) +### Option 1 (all-in-one) + + $ packstack --allinone + +This will install all **OpenStack** services on a single host without +prompting for any configuration information. This will generate an +"answers" file (`packstack-answers--