def get_swift_hosts(config):
"""Get a set of all the Swift hosts"""
hosts = split_hosts(config['CONFIG_SWIFT_STORAGE_HOSTS'])
# remove "/device" from the storage host names
hosts = set(host.split('/', 1)[0] for host in hosts)
hosts |= split_hosts(config['CONFIG_SWIFT_PROXY_HOSTS'])
return hosts
def get_swift_hosts(config):
"""Get a set of all the Swift hosts"""
hosts = split_hosts(config['CONFIG_SWIFT_STORAGE_HOSTS'])
# remove "/device" from the storage host names
hosts = set(host.split('/', 1)[0] for host in hosts)
hosts |= split_hosts(config['CONFIG_SWIFT_PROXY_HOSTS'])
return hosts
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch':
plugin_db = 'ovs_neutron'
plugin_path = ('neutron.plugins.openvswitch.ovs_neutron_plugin.'
'OVSNeutronPluginV2')
elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge':
plugin_db = 'neutron_linux_bridge'
plugin_path = ('neutron.plugins.linuxbridge.lb_neutron_plugin.'
'LinuxBridgePluginV2')
elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2':
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
config[key] = str([i.strip() for i in config[key].split(',') if i])
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "'%s'" % config[key] if config[key] else 'undef'
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
neutron_steps = [
{'title': 'Adding Neutron API manifest entries',
'functions': [create_manifests]},
{'title': 'Adding Neutron Keystone manifest entries',
'functions': [create_keystone_manifest]},
{'title': 'Adding Neutron L3 manifest entries',
'functions': [create_l3_manifests]},
{'title': 'Adding Neutron L2 Agent manifest entries',
'functions': [create_l2_agent_manifests]},
{'title': 'Adding Neutron DHCP Agent manifest entries',
'functions': [create_dhcp_manifests]},
{'title': 'Adding Neutron LBaaS Agent manifest entries',
'functions': [create_lbaas_manifests]},
{'title': 'Adding Neutron Metering Agent manifest entries',
'functions': [create_metering_agent_manifests]},
{'title': 'Adding Neutron Metadata Agent manifest entries',
'functions': [create_metadata_manifests]},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch':
plugin_db = 'ovs_neutron'
plugin_path = ('neutron.plugins.openvswitch.ovs_neutron_plugin.'
'OVSNeutronPluginV2')
elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge':
plugin_db = 'neutron_linux_bridge'
plugin_path = ('neutron.plugins.linuxbridge.lb_neutron_plugin.'
'LinuxBridgePluginV2')
elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2':
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
config[key] = str([i.strip() for i in config[key].split(',') if i])
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "'%s'" % config[key] if config[key] else 'undef'
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
neutron_steps = [
{'title': 'Adding Neutron API manifest entries',
'functions': [create_manifests]},
{'title': 'Adding Neutron Keystone manifest entries',
'functions': [create_keystone_manifest]},
{'title': 'Adding Neutron L3 manifest entries',
'functions': [create_l3_manifests]},
{'title': 'Adding Neutron L2 Agent manifest entries',
'functions': [create_l2_agent_manifests]},
{'title': 'Adding Neutron DHCP Agent manifest entries',
'functions': [create_dhcp_manifests]},
{'title': 'Adding Neutron LBaaS Agent manifest entries',
'functions': [create_lbaas_manifests]},
{'title': 'Adding Neutron Metering Agent manifest entries',
'functions': [create_metering_agent_manifests]},
{'title': 'Adding Neutron Metadata Agent manifest entries',
'functions': [create_metadata_manifests]},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
if config[key] == '':
config[key] = []
else:
config[key] = [i.strip() for i in config[key].split(',') if i]
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "%s" % config[key] if config[key] else ''
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
neutron_steps = [
{'title': 'Adding Neutron API manifest entries',
'functions': [create_manifests]},
{'title': 'Adding Neutron Keystone manifest entries',
'functions': [create_keystone_manifest]},
{'title': 'Adding Neutron L3 manifest entries',
'functions': [create_l3_manifests]},
{'title': 'Adding Neutron L2 Agent manifest entries',
'functions': [create_l2_agent_manifests]},
{'title': 'Adding Neutron DHCP Agent manifest entries',
'functions': [create_dhcp_manifests]},
{'title': 'Adding Neutron LBaaS Agent manifest entries',
'functions': [create_lbaas_manifests]},
{'title': 'Adding Neutron Metering Agent manifest entries',
'functions': [create_metering_agent_manifests]},
{'title': 'Adding Neutron Metadata Agent manifest entries',
'functions': [create_metadata_manifests]},
{'title': 'Checking if NetworkManager is enabled and running',
'functions': [check_nm_status]},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)
def create_manifest(config, messages):
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata += getManifestTemplate("cinder.pp")
if config['CONFIG_CINDER_BACKEND'] == "lvm":
manifestdata += getManifestTemplate("cinder_lvm.pp")
elif config['CONFIG_CINDER_BACKEND'] == "gluster":
manifestdata += getManifestTemplate("cinder_gluster.pp")
elif config['CONFIG_CINDER_BACKEND'] == "nfs":
manifestdata += getManifestTemplate("cinder_nfs.pp")
elif config['CONFIG_CINDER_BACKEND'] == "vmdk":
manifestdata += getManifestTemplate("cinder_vmdk.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup.pp')
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "['3260', '8776']"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata += getManifestTemplate("cinder.pp")
if config['CONFIG_CINDER_BACKEND'] == "gluster":
manifestdata += getManifestTemplate("cinder_gluster.pp")
if config['CONFIG_CINDER_BACKEND'] == "nfs":
manifestdata += getManifestTemplate("cinder_nfs.pp")
if config['CONFIG_CINDER_BACKEND'] == "vmdk":
manifestdata += getManifestTemplate("cinder_vmdk.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup.pp')
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "['3260', '8776']"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
if (config['CONFIG_NOVA_INSTALL'] == 'y'
and config['CONFIG_VMWARE_BACKEND'] == 'n'):
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
if config['CONFIG_MYSQL_INSTALL'] == 'y':
install = True
suffix = 'install'
else:
install = False
suffix = 'noinstall'
manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST']
manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)]
def append_for(module, suffix):
# Modules have to be appended to the existing mysql.pp
# otherwise pp will fail for some of them saying that
# Mysql::Config definition is missing.
template = "mysql_%s_%s.pp" % (module, suffix)
manifestdata.append(getManifestTemplate(template))
append_for("keystone", suffix)
for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']:
if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y':
append_for(mod, suffix)
hosts = set([config['CONFIG_CONTROLLER_HOST']])
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
config['FIREWALL_SERVICE_NAME'] = "mysql"
config['FIREWALL_PORTS'] = "'3306'"
config['FIREWALL_CHAIN'] = "INPUT"
for host in hosts:
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host
manifestdata.append(getManifestTemplate("firewall.pp"))
appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_manifest(config):
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST']
manifestdata += getManifestTemplate("cinder.pp")
if config['CONFIG_CINDER_BACKEND'] == "gluster":
manifestdata += getManifestTemplate("cinder_gluster.pp")
if config['CONFIG_CINDER_BACKEND'] == "nfs":
manifestdata += getManifestTemplate("cinder_nfs.pp")
if config['CONFIG_CINDER_BACKEND'] == "vmdk":
manifestdata += getManifestTemplate("cinder_vmdk.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
config['CONFIG_SWIFT_PROXY'] = config[
'CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip()
manifestdata += getManifestTemplate('cinder_backup.pp')
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "'3260', '8776'"
config['FIREWALL_CHAIN'] = "INPUT"
if config['CONFIG_NOVA_INSTALL'] == 'y':
for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config):
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST']
manifestdata += getManifestTemplate("cinder.pp")
if config['CONFIG_CINDER_BACKEND'] == "gluster":
manifestdata += getManifestTemplate("cinder_gluster.pp")
if config['CONFIG_CINDER_BACKEND'] == "nfs":
manifestdata += getManifestTemplate("cinder_nfs.pp")
if config['CONFIG_CINDER_BACKEND'] == "vmdk":
manifestdata += getManifestTemplate("cinder_vmdk.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip()
manifestdata += getManifestTemplate('cinder_backup.pp')
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "'3260', '8776'"
config['FIREWALL_CHAIN'] = "INPUT"
if config['CONFIG_NOVA_INSTALL'] == 'y':
for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config):
manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST']
manifestdata = getManifestTemplate("cinder.pp")
if config['CONFIG_CINDER_BACKEND'] == "gluster":
manifestdata += getManifestTemplate("cinder_gluster.pp")
if config['CONFIG_CINDER_BACKEND'] == "nfs":
manifestdata += getManifestTemplate("cinder_nfs.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip()
manifestdata += getManifestTemplate('cinder_backup.pp')
hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts = split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS'])
else:
hosts.add('ALL',)
config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i.strip() for i in hosts if i.strip()])
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "'3260', '8776'"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "ceilometer"))
manifestdata += getManifestTemplate("ceilometer")
if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis':
# Determine if we need to configure multiple sentinel hosts as
# fallbacks for use in coordination url.
sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])
sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT']
sentinel_host = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = "[%s]" % (
sentinel_host)
else:
config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = sentinel_host
sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if len(sentinel_hosts) > 1:
sentinel_format = 'sentinel_fallback=%s:%s'
if config['CONFIG_IP_VERSION'] == 'ipv6':
sentinel_format = 'sentinel_fallback=[%s]:%s'
sentinel_fallbacks = '&'.join([sentinel_format %
(host, sentinel_port)
for host in sentinel_hosts
if host != sentinel_contact])
else:
sentinel_fallbacks = ''
config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks
if config['CONFIG_AMQP_ENABLE_SSL'] == 'y':
ssl_cert_file = config['CONFIG_CEILOMETER_SSL_CERT'] = (
'/etc/pki/tls/certs/ssl_amqp_ceilometer.crt'
)
ssl_key_file = config['CONFIG_CEILOMETER_SSL_KEY'] = (
'/etc/pki/tls/private/ssl_amqp_ceilometer.key'
)
ssl_host = config['CONFIG_CONTROLLER_HOST']
service = 'ceilometer'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
fw_details = dict()
key = "ceilometer_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "ceilometer-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8777']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CEILOMETER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES')
# Add a template that creates a group for nova because the ceilometer
# class needs it
if config['CONFIG_NOVA_INSTALL'] == 'n':
manifestdata += getManifestTemplate("ceilometer_nova_disabled")
appendManifestFile(manifestfile, manifestdata, 'ceilometer')
def prepare_puppet_modules(config, messages):
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
manifestdata = getManifestTemplate("controller")
manifestfile = "%s_controller.pp" % config['CONFIG_CONTROLLER_HOST']
appendManifestFile(manifestfile, manifestdata, marker='controller')
for host in network_hosts:
manifestdata = getManifestTemplate("network")
manifestfile = "%s_network.pp" % host
appendManifestFile(manifestfile, manifestdata, marker='network')
for host in compute_hosts:
manifestdata = getManifestTemplate("compute")
manifestfile = "%s_compute.pp" % host
appendManifestFile(manifestfile, manifestdata, marker='compute')
def prepare_puppet_modules(config, messages):
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
manifestdata = getManifestTemplate("controller")
manifestfile = "%s_controller.pp" % config['CONFIG_CONTROLLER_HOST']
appendManifestFile(manifestfile, manifestdata, marker='controller')
for host in network_hosts:
manifestdata = getManifestTemplate("network")
manifestfile = "%s_network.pp" % host
appendManifestFile(manifestfile, manifestdata, marker='network')
for host in compute_hosts:
manifestdata = getManifestTemplate("compute")
manifestfile = "%s_compute.pp" % host
appendManifestFile(manifestfile, manifestdata, marker='compute')
def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder.pp")
backends = config['CONFIG_CINDER_BACKEND'].strip('[]')
backends = [i.strip('\' ') for i in backends.split(',')]
if 'netapp' in backends:
backends.remove('netapp')
puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp"
puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp"
puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp"
puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp"
puppet_eseries = "cinder_netapp_eseries.pp"
if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_cdot_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_cdot_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_7mode_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_7mode_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries":
manifestdata += getManifestTemplate(puppet_eseries)
for backend in backends:
manifestdata += getManifestTemplate('cinder_%s.pp' % backend)
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup.pp')
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "['3260']"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_ALL"
manifestdata += getManifestTemplate("firewall.pp")
# cinder API should be open for everyone
config['FIREWALL_SERVICE_NAME'] = "cinder-api"
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_API"
config['FIREWALL_PORTS'] = "['8776']"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder.pp")
backends = config['CONFIG_CINDER_BACKEND'].strip('[]')
backends = [i.strip('\' ') for i in backends.split(',')]
if 'netapp' in backends:
backends.remove('netapp')
puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp"
puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp"
puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp"
puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp"
puppet_eseries = "cinder_netapp_eseries.pp"
if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_cdot_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_cdot_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_7mode_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_7mode_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries":
manifestdata += getManifestTemplate(puppet_eseries)
for backend in backends:
manifestdata += getManifestTemplate('cinder_%s.pp' % backend)
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup.pp')
config['FIREWALL_SERVICE_NAME'] = "cinder"
config['FIREWALL_PORTS'] = "['3260']"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
if (config['CONFIG_NOVA_INSTALL'] == 'y'
and config['CONFIG_VMWARE_BACKEND'] == 'n'):
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_ALL"
manifestdata += getManifestTemplate("firewall.pp")
# cinder API should be open for everyone
config['FIREWALL_SERVICE_NAME'] = "cinder-api"
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "cinder_API"
config['FIREWALL_PORTS'] = "['8776']"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
if config['CONFIG_AMQP_ENABLE_SSL'] == 'y':
ssl_host = config['CONFIG_STORAGE_HOST']
ssl_cert_file = config['CONFIG_CINDER_SSL_CERT'] = (
'/etc/pki/tls/certs/ssl_amqp_cinder.crt'
)
ssl_key_file = config['CONFIG_CINDER_SSL_KEY'] = (
'/etc/pki/tls/private/ssl_amqp_cinder.key'
)
service = 'cinder'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder")
for backend in config['CONFIG_CINDER_BACKEND']:
manifestdata += getManifestTemplate('cinder_%s' % backend)
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup')
fw_details = dict()
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
key = "cinder_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
else:
key = "cinder_all"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['3260']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_RULES')
# cinder API should be open for everyone
fw_details = dict()
key = "cinder_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8776']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_API_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES')
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "ceilometer"))
manifestdata += getManifestTemplate("ceilometer")
if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis':
# Determine if we need to configure multiple sentinel hosts as
# fallbacks for use in coordination url.
sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])
sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT']
sentinel_host = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = "[%s]" % (
sentinel_host)
else:
config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = sentinel_host
sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if len(sentinel_hosts) > 1:
sentinel_format = 'sentinel_fallback=%s:%s'
if config['CONFIG_IP_VERSION'] == 'ipv6':
sentinel_format = 'sentinel_fallback=[%s]:%s'
sentinel_fallbacks = '&'.join([
sentinel_format % (host, sentinel_port)
for host in sentinel_hosts if host != sentinel_contact
])
else:
sentinel_fallbacks = ''
config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks
if config['CONFIG_AMQP_ENABLE_SSL'] == 'y':
ssl_cert_file = config['CONFIG_CEILOMETER_SSL_CERT'] = (
'/etc/pki/tls/certs/ssl_amqp_ceilometer.crt')
ssl_key_file = config['CONFIG_CEILOMETER_SSL_KEY'] = (
'/etc/pki/tls/private/ssl_amqp_ceilometer.key')
ssl_host = config['CONFIG_CONTROLLER_HOST']
service = 'ceilometer'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
fw_details = dict()
key = "ceilometer_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "ceilometer-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8777']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CEILOMETER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES')
# Add a template that creates a group for nova because the ceilometer
# class needs it
if config['CONFIG_NOVA_INSTALL'] == 'n':
manifestdata += getManifestTemplate("ceilometer_nova_disabled")
appendManifestFile(manifestfile, manifestdata, 'ceilometer')
def createmanifest(config):
if config['CONFIG_MYSQL_INSTALL'] == 'y':
install = True
suffix = 'install'
else:
install = False
suffix = 'noinstall'
# In case we are not installing MySQL server, mysql* manifests have
# to be run from Keystone host
host = install and config['CONFIG_MYSQL_HOST'] \
or config['CONFIG_KEYSTONE_HOST']
manifestfile = "%s_mysql.pp" % host
manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)]
def append_for(module, suffix):
# Modules have to be appended to the existing mysql.pp
# otherwise pp will fail for some of them saying that
# Mysql::Config definition is missing.
template = "mysql_%s_%s.pp" % (module, suffix)
manifestdata.append(getManifestTemplate(template))
append_for("keystone", suffix)
hosts = set()
for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']:
if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y':
append_for(mod, suffix)
# Check wich modules are enabled so we can allow their
# hosts on the firewall
if mod != 'nova' and mod != 'neutron':
hosts.add(config.get('CONFIG_%s_HOST' % mod.upper()).strip())
elif mod == 'neutron':
hosts.add(config.get('CONFIG_NEUTRON_SERVER_HOST').strip())
elif config['CONFIG_NOVA_INSTALL'] != 'n':
#In that remote case that we have lot's of nova hosts
hosts.add(config.get('CONFIG_NOVA_API_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_CERT_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_VNCPROXY_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_CONDUCTOR_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_SCHED_HOST').strip())
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
dbhosts = split_hosts(config['CONFIG_NOVA_NETWORK_HOSTS'])
hosts |= dbhosts
for host in config.get('CONFIG_NOVA_COMPUTE_HOSTS').split(','):
hosts.add(host.strip())
config['FIREWALL_SERVICE_NAME'] = "mysql"
config['FIREWALL_PORTS'] = "'3306'"
config['FIREWALL_CHAIN'] = "INPUT"
for host in hosts:
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host
manifestdata.append(getManifestTemplate("firewall.pp"))
appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def createmanifest(config):
if config["CONFIG_MYSQL_INSTALL"] == "y":
install = True
suffix = "install"
else:
install = False
suffix = "noinstall"
# In case we are not installing MySQL server, mysql* manifests have
# to be run from Keystone host
host = install and config["CONFIG_MYSQL_HOST"] or config["CONFIG_KEYSTONE_HOST"]
manifestfile = "%s_mysql.pp" % host
manifestdata = [getManifestTemplate("mysql_%s.pp" % suffix)]
def append_for(module, suffix):
# Modules have to be appended to the existing mysql.pp
# otherwise pp will fail for some of them saying that
# Mysql::Config definition is missing.
template = "mysql_%s_%s.pp" % (module, suffix)
manifestdata.append(getManifestTemplate(template))
append_for("keystone", suffix)
hosts = set()
for mod in ["nova", "cinder", "glance", "neutron", "heat"]:
if config["CONFIG_%s_INSTALL" % mod.upper()] == "y":
append_for(mod, suffix)
# Check wich modules are enabled so we can allow their
# hosts on the firewall
if mod != "nova" and mod != "neutron":
hosts.add(config.get("CONFIG_%s_HOST" % mod.upper()).strip())
elif mod == "neutron":
hosts.add(config.get("CONFIG_NEUTRON_SERVER_HOST").strip())
elif config["CONFIG_NOVA_INSTALL"] != "n":
# In that remote case that we have lot's of nova hosts
hosts.add(config.get("CONFIG_NOVA_API_HOST").strip())
hosts.add(config.get("CONFIG_NOVA_CERT_HOST").strip())
hosts.add(config.get("CONFIG_NOVA_VNCPROXY_HOST").strip())
hosts.add(config.get("CONFIG_NOVA_CONDUCTOR_HOST").strip())
hosts.add(config.get("CONFIG_NOVA_SCHED_HOST").strip())
if config["CONFIG_NEUTRON_INSTALL"] != "y":
dbhosts = split_hosts(config["CONFIG_NOVA_NETWORK_HOSTS"])
hosts |= dbhosts
for host in config.get("CONFIG_NOVA_COMPUTE_HOSTS").split(","):
hosts.add(host.strip())
config["FIREWALL_SERVICE_NAME"] = "mysql"
config["FIREWALL_PORTS"] = "'3306'"
config["FIREWALL_CHAIN"] = "INPUT"
for host in hosts:
config["FIREWALL_ALLOWED"] = "'%s'" % host
config["FIREWALL_SERVICE_ID"] = "mysql_%s" % host
manifestdata.append(getManifestTemplate("firewall.pp"))
appendManifestFile(manifestfile, "\n".join(manifestdata), "pre")
def initSequences(controller):
if controller.CONF['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "openvswitch":
controller.CONF['CONFIG_NEUTRON_L2_DBNAME'] = 'ovs_neutron'
controller.CONF['CONFIG_NEUTRON_CORE_PLUGIN'] = 'neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2'
elif controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "linuxbridge":
controller.CONF['CONFIG_NEUTRON_L2_DBNAME'] = 'neutron_linux_bridge'
controller.CONF['CONFIG_NEUTRON_CORE_PLUGIN'] = 'neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2'
global api_hosts, l3_hosts, dhcp_hosts, lbaas_hosts, meta_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_SERVER_HOST'])
l3_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_L3_HOSTS'])
dhcp_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_DHCP_HOSTS'])
lbaas_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_LBAAS_HOSTS'])
meta_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_METADATA_HOSTS'])
compute_hosts = set()
if controller.CONF['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(controller.CONF['CONFIG_NOVA_COMPUTE_HOSTS'])
q_hosts = api_hosts | l3_hosts | dhcp_hosts | compute_hosts | meta_hosts
neutron_steps = [
{'title': 'Adding Neutron API manifest entries', 'functions':[createManifest]},
{'title': 'Adding Neutron Keystone manifest entries', 'functions':[createKeystoneManifest]},
{'title': 'Adding Neutron L3 manifest entries', 'functions':[createL3Manifests]},
{'title': 'Adding Neutron L2 Agent manifest entries', 'functions':[createL2AgentManifests]},
{'title': 'Adding Neutron DHCP Agent manifest entries', 'functions':[createDHCPManifests]},
{'title': 'Adding Neutron LBaaS Agent manifest entries', 'functions':[createLBaaSManifests]},
{'title': 'Adding Neutron Metadata Agent manifest entries', 'functions':[createMetadataManifests]},
]
controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def createmanifest(config):
if config['CONFIG_MYSQL_INSTALL'] == 'y':
install = True
suffix = 'install'
else:
install = False
suffix = 'noinstall'
# In case we are not installing MySQL server, mysql* manifests have
# to be run from Keystone host
host = install and config['CONFIG_MYSQL_HOST'] \
or config['CONFIG_KEYSTONE_HOST']
manifestfile = "%s_mysql.pp" % host
manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)]
def append_for(module, suffix):
# Modules have to be appended to the existing mysql.pp
# otherwise pp will fail for some of them saying that
# Mysql::Config definition is missing.
template = "mysql_%s_%s.pp" % (module, suffix)
manifestdata.append(getManifestTemplate(template))
append_for("keystone", suffix)
hosts = set()
for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']:
if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y':
append_for(mod, suffix)
# Check wich modules are enabled so we can allow their
# hosts on the firewall
if mod != 'nova' and mod != 'neutron':
hosts.add(config.get('CONFIG_%s_HOST' % mod.upper()).strip())
elif mod == 'neutron':
hosts.add(config.get('CONFIG_NEUTRON_SERVER_HOST').strip())
elif config['CONFIG_NOVA_INSTALL'] != 'n':
#In that remote case that we have lot's of nova hosts
hosts.add(config.get('CONFIG_NOVA_API_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_CERT_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_VNCPROXY_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_CONDUCTOR_HOST').strip())
hosts.add(config.get('CONFIG_NOVA_SCHED_HOST').strip())
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
dbhosts = split_hosts(config['CONFIG_NOVA_NETWORK_HOSTS'])
hosts |= dbhosts
for host in config.get('CONFIG_NOVA_COMPUTE_HOSTS').split(','):
hosts.add(host.strip())
config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts])
config['FIREWALL_SERVICE_NAME'] = "mysql"
config['FIREWALL_PORTS'] = "'3306'"
manifestdata.append(getManifestTemplate("firewall.pp"))
appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_redis_manifest(config, messages):
if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis':
redis_master_host = config['CONFIG_REDIS_MASTER_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_REDIS_MASTER_HOST_URL'] = "[%s]" % redis_master_host
else:
config['CONFIG_REDIS_MASTER_HOST_URL'] = redis_master_host
# master
manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST']
manifestdata = getManifestTemplate("redis.pp")
master_clients = set([config['CONFIG_CONTROLLER_HOST']]).union(
split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union(
split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']))
config['FIREWALL_REDIS_RULES'] = _create_redis_firewall_rules(
master_clients, config['CONFIG_REDIS_PORT'])
manifestdata += createFirewallResources('FIREWALL_REDIS_RULES')
appendManifestFile(manifestfile, manifestdata, 'pre')
# slaves
if config['CONFIG_REDIS_HA'] == 'y':
for slave in split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS']):
config['CONFIG_REDIS_HOST'] = slave
manifestfile = "%s_redis_slave.pp" % slave
manifestdata = getManifestTemplate("redis_slave.pp")
slave_clients = set([config['CONFIG_CONTROLLER_HOST']]).union(
split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union(
split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']))
config['FIREWALL_REDIS_SLAVE_RULES'] = (
_create_redis_firewall_rules(slave_clients,
config['CONFIG_REDIS_PORT']))
manifestdata += createFirewallResources(
'FIREWALL_REDIS_SLAVE_RULES')
appendManifestFile(manifestfile, manifestdata, 'pre')
# sentinels
if config['CONFIG_REDIS_HA'] == 'y':
for sentinel in split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']):
manifestfile = "%s_redis_sentinel.pp" % sentinel
manifestdata = getManifestTemplate("redis_sentinel.pp")
config['FIREWALL_SENTINEL_RULES'] = (
_create_redis_firewall_rules(
split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']),
config['CONFIG_REDIS_SENTINEL_PORT']))
manifestdata += createFirewallResources(
'FIREWALL_SENTINEL_RULES')
appendManifestFile(manifestfile, manifestdata, 'pre')
def create_redis_manifest(config, messages):
if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis':
redis_master_host = config['CONFIG_REDIS_MASTER_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_REDIS_MASTER_HOST_URL'] = "[%s]" % redis_master_host
else:
config['CONFIG_REDIS_MASTER_HOST_URL'] = redis_master_host
# master
manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST']
manifestdata = getManifestTemplate("redis.pp")
master_clients = set([config['CONFIG_CONTROLLER_HOST']]).union(
split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union(
split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']))
config['FIREWALL_REDIS_RULES'] = _create_redis_firewall_rules(
master_clients, config['CONFIG_REDIS_PORT'])
manifestdata += createFirewallResources('FIREWALL_REDIS_RULES')
appendManifestFile(manifestfile, manifestdata, 'pre')
# slaves
if config['CONFIG_REDIS_HA'] == 'y':
for slave in split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS']):
config['CONFIG_REDIS_HOST'] = slave
manifestfile = "%s_redis_slave.pp" % slave
manifestdata = getManifestTemplate("redis_slave.pp")
slave_clients = set([config['CONFIG_CONTROLLER_HOST']]).union(
split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union(
split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']))
config['FIREWALL_REDIS_SLAVE_RULES'] = (
_create_redis_firewall_rules(
slave_clients, config['CONFIG_REDIS_PORT']))
manifestdata += createFirewallResources(
'FIREWALL_REDIS_SLAVE_RULES')
appendManifestFile(manifestfile, manifestdata, 'pre')
# sentinels
if config['CONFIG_REDIS_HA'] == 'y':
for sentinel in split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']):
manifestfile = "%s_redis_sentinel.pp" % sentinel
manifestdata = getManifestTemplate("redis_sentinel.pp")
config['FIREWALL_SENTINEL_RULES'] = (
_create_redis_firewall_rules(
split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']),
config['CONFIG_REDIS_SENTINEL_PORT']))
manifestdata += createFirewallResources(
'FIREWALL_SENTINEL_RULES')
appendManifestFile(manifestfile, manifestdata, 'pre')
def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder")
for backend in config['CONFIG_CINDER_BACKEND']:
manifestdata += getManifestTemplate('cinder_%s' % backend)
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup')
fw_details = dict()
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
key = "cinder_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
else:
key = "cinder_all"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['3260']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_RULES')
# cinder API should be open for everyone
fw_details = dict()
key = "cinder_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8776']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_API_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES')
appendManifestFile(manifestfile, manifestdata)
def createstoragemanifest(config):
# this need to happen once per storage host
for host in set([device['host'] for device in devices]):
controller.CONF["CONFIG_SWIFT_STORAGE_CURRENT"] = host
manifestfile = "%s_swift.pp"%host
manifestdata = getManifestTemplate("swift_storage.pp")
appendManifestFile(manifestfile, manifestdata)
# this need to happen once per storage device
for device in devices:
host = device['host']
devicename = device['device_name']
device = device['device']
if device:
check_device(host, device)
manifestfile = "%s_swift.pp"%host
if device:
manifestdata = "\n" + 'swift::storage::%s{"%s":\n device => "/dev/%s",\n}'% (controller.CONF["CONFIG_SWIFT_STORAGE_FSTYPE"], devicename, device)
else:
config['SWIFT_STORAGE_SEEK'] = get_storage_size(config['CONFIG_SWIFT_STORAGE_SIZE'])
controller.CONF["SWIFT_STORAGE_DEVICES"] = "'%s'"%devicename
manifestdata = "\n" + getManifestTemplate("swift_loopback.pp")
# Allowed host list for firewall
hosts = split_hosts(config['CONFIG_SWIFT_STORAGE_HOSTS'])
hosts |= split_hosts(config['CONFIG_SWIFT_PROXY_HOSTS'])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS'])
config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts])
# Firewall rules for storage and rsync
config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync"
config['FIREWALL_PORTS'] = "'6000', '6001', '6002', '873'"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def createmanifest(config):
manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST']
manifestdata = getManifestTemplate("glance.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('glance_ceilometer.pp')
hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts = split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS'])
else:
hosts.add('ALL',)
config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts])
config['FIREWALL_SERVICE_NAME'] = "glance"
config['FIREWALL_PORTS'] = "'9292'"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def createstoragemanifest(config):
# this need to happen once per storage host
for host in set([device['host'] for device in devices]):
controller.CONF["CONFIG_SWIFT_STORAGE_CURRENT"] = host
manifestfile = "%s_swift.pp" % host
manifestdata = getManifestTemplate("swift_storage.pp")
appendManifestFile(manifestfile, manifestdata)
# this need to happen once per storage device
for device in devices:
host = device['host']
devicename = device['device_name']
device = device['device']
if device:
check_device(host, device)
manifestfile = "%s_swift.pp" % host
if device:
manifestdata = "\n" + 'swift::storage::%s{"%s":\n device => "/dev/%s",\n}' % (
controller.CONF["CONFIG_SWIFT_STORAGE_FSTYPE"], devicename,
device)
else:
config['SWIFT_STORAGE_SEEK'] = get_storage_size(
config['CONFIG_SWIFT_STORAGE_SIZE'])
controller.CONF["SWIFT_STORAGE_DEVICES"] = "'%s'" % devicename
manifestdata = "\n" + getManifestTemplate("swift_loopback.pp")
appendManifestFile(manifestfile, manifestdata)
# set allowed hosts for firewall
swift_hosts = get_swift_hosts(config)
hosts = swift_hosts.copy()
manifestdata = ""
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS'])
config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync"
config['FIREWALL_PORTS'] = "'6000', '6001', '6002', '873'"
config['FIREWALL_CHAIN'] = "INPUT"
for host in hosts:
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
for host in swift_hosts:
manifestfile = "%s_swift.pp" % host
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
if config['CONFIG_AMQP_ENABLE_SSL'] == 'y':
ssl_host = config['CONFIG_STORAGE_HOST']
ssl_cert_file = config['CONFIG_CINDER_SSL_CERT'] = (
'/etc/pki/tls/certs/ssl_amqp_cinder.crt'
)
ssl_key_file = config['CONFIG_CINDER_SSL_KEY'] = (
'/etc/pki/tls/private/ssl_amqp_cinder.key'
)
service = 'cinder'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
fw_details = dict()
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
key = "cinder_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
else:
key = "cinder_all"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['3260']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_RULES'] = fw_details
# cinder API should be open for everyone
fw_details = dict()
key = "cinder_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8776']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_API_RULES'] = fw_details
def create_manifest(config, messages):
if config['CONFIG_AMQP_ENABLE_SSL'] == 'y':
ssl_host = config['CONFIG_STORAGE_HOST']
ssl_cert_file = config['CONFIG_CINDER_SSL_CERT'] = (
'/etc/pki/tls/certs/ssl_amqp_cinder.crt'
)
ssl_key_file = config['CONFIG_CINDER_SSL_KEY'] = (
'/etc/pki/tls/private/ssl_amqp_cinder.key'
)
service = 'cinder'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
fw_details = dict()
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
key = "cinder_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
else:
key = "cinder_all"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['3260']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_RULES'] = fw_details
# cinder API should be open for everyone
fw_details = dict()
key = "cinder_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8776']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_API_RULES'] = fw_details
def createmanifest(config):
manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST']
manifestdata = getManifestTemplate("glance.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate(get_mq(config, "glance_ceilometer"))
config['FIREWALL_SERVICE_NAME'] = "glance"
config['FIREWALL_PORTS'] = "'9292'"
config['FIREWALL_CHAIN'] = "INPUT"
if config['CONFIG_NOVA_INSTALL'] == 'y':
for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "glance_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "glance_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_ceph_preflight_manifest(config, messages):
for host in split_hosts(config['CONFIG_STORAGE_HOST']):
manifest_file = "%s_ceph_firewall.pp" % host
# Firewall Rules for dhcp in
config['FIREWALL_PROTOCOL'] = 'tcp'
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_NAME'] = "Ceph monitor: "
config['FIREWALL_SERVICE_ID'] = "ceph_monitor_%s" % host
config['FIREWALL_PORTS'] = "['6789']"
config['FIREWALL_CHAIN'] = "INPUT"
manifest_data = getManifestTemplate("firewall.pp")
# Firewall Rules for dhcp out
config['FIREWALL_PROTOCOL'] = 'tcp'
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_NAME'] = "Ceph OSDs"
config['FIREWALL_SERVICE_ID'] = "ceph_osds_%s" % host
config['FIREWALL_PORTS'] = "['6800-7100']"
config['FIREWALL_CHAIN'] = "INPUT"
manifest_data += getManifestTemplate("firewall.pp")
appendManifestFile(manifest_file, manifest_data)
def createmanifest(config):
manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST']
manifestdata = getManifestTemplate("glance.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate(get_mq(config,
"glance_ceilometer"))
config['FIREWALL_SERVICE_NAME'] = "glance"
config['FIREWALL_PORTS'] = "'9292'"
config['FIREWALL_CHAIN'] = "INPUT"
if config['CONFIG_NOVA_INSTALL'] == 'y':
for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "glance_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "glance_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_storage_manifest(config, messages):
global devices
manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate("swift_storage")
# this need to happen once per storage device
for device in devices:
host = config['CONFIG_STORAGE_HOST']
devicename = device['device_name']
device = device['device']
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
if device:
check_device(host, device)
manifestdata += ('\nswift::storage::%s { "%s":\n'
' device => "%s",\n}\n' %
(fstype, devicename, device))
else:
# create loopback device if none was specified
config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config)
manifestdata += "\n" + getManifestTemplate("swift_loopback")
# set allowed hosts for firewall
hosts = set([config['CONFIG_STORAGE_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
fw_details = dict()
for host in hosts:
key = "swift_storage_and_rsync_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
fw_details[key]['service_name'] = "swift storage and rsync"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['6000', '6001', '6002', '873']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_SWIFT_STORAGE_RULES')
appendManifestFile(manifestfile, manifestdata)
def create_storage_manifest(config, messages):
global devices
manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate("swift_storage")
# this need to happen once per storage device
for device in devices:
host = config['CONFIG_STORAGE_HOST']
devicename = device['device_name']
device = device['device']
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
if device:
check_device(host, device)
manifestdata += ('\nswift::storage::%s { "%s":\n'
' device => "%s",\n}\n'
% (fstype, devicename, device))
else:
# create loopback device if none was specified
config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config)
manifestdata += "\n" + getManifestTemplate("swift_loopback")
# set allowed hosts for firewall
hosts = set([config['CONFIG_STORAGE_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
fw_details = dict()
for host in hosts:
key = "swift_storage_and_rsync_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
fw_details[key]['service_name'] = "swift storage and rsync"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['6000', '6001', '6002', '873']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_SWIFT_STORAGE_RULES')
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
manifestfile = "%s_glance.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("glance.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
mq_template = get_mq(config, "glance_ceilometer")
manifestdata += getManifestTemplate(mq_template)
config['FIREWALL_SERVICE_NAME'] = "glance"
config['FIREWALL_PORTS'] = "'9292'"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
if config['CONFIG_NOVA_INSTALL'] == 'y':
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "glance_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "glance_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
manifestfile = "%s_glance.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("glance.pp")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
mq_template = get_mq(config, "glance_ceilometer")
manifestdata += getManifestTemplate(mq_template)
config['FIREWALL_SERVICE_NAME'] = "glance"
config['FIREWALL_PORTS'] = "'9292'"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
if config['CONFIG_NOVA_INSTALL'] == 'y':
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "glance_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
else:
config['FIREWALL_ALLOWED'] = "'ALL'"
config['FIREWALL_SERVICE_ID'] = "glance_ALL"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_storage_manifest(config, messages):
global devices
manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("swift_storage.pp")
# this need to happen once per storage device
for device in devices:
host = config['CONFIG_CONTROLLER_HOST']
devicename = device['device_name']
device = device['device']
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
if device:
check_device(host, device)
manifestdata += ('\nswift::storage::%s { "%s":\n'
' device => "%s",\n}\n' %
(fstype, devicename, device))
else:
# create loopback device if none was specified
config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config)
manifestdata += "\n" + getManifestTemplate("swift_loopback.pp")
# set allowed hosts for firewall
hosts = set([config['CONFIG_CONTROLLER_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync"
config['FIREWALL_PORTS'] = "['6000', '6001', '6002', '873']"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
for host in hosts:
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_storage_manifest(config, messages):
global devices
devicename = 0
swift_dev_details = dict()
host = utils.force_ip(config['CONFIG_STORAGE_HOST_URL'])
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
# this need to happen once per storage device
for device in devices:
if device['device'] is None:
config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config)
else:
devicename = device['device_name']
devicedev = device['device']
key = "dev_%s_%s" % (host, devicename)
swift_dev_details.setdefault(key, {})
swift_dev_details[key]['device'] = "%s" % devicename
swift_dev_details[key]['dev'] = "%s" % devicedev
swift_dev_details[key]['fstype'] = "%s" % fstype
config['CONFIG_SWIFT_STORAGE_DEVICES'] = swift_dev_details
# set allowed hosts for firewall
hosts = set([config['CONFIG_STORAGE_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
fw_details = dict()
for host in hosts:
key = "swift_storage_and_rsync_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
fw_details[key]['service_name'] = "swift storage and rsync"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['6000', '6001', '6002', '873']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details
def create_storage_manifest(config, messages):
global devices
devicename = 0
swift_dev_details = dict()
host = utils.force_ip(config['CONFIG_STORAGE_HOST_URL'])
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
# this need to happen once per storage device
for device in devices:
if device['device'] is None:
config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config)
else:
devicename = device['device_name']
devicedev = device['device']
key = "dev_%s_%s" % (host, devicename)
swift_dev_details.setdefault(key, {})
swift_dev_details[key]['device'] = "%s" % devicename
swift_dev_details[key]['dev'] = "%s" % devicedev
swift_dev_details[key]['fstype'] = "%s" % fstype
config['CONFIG_SWIFT_STORAGE_DEVICES'] = swift_dev_details
# set allowed hosts for firewall
hosts = set([config['CONFIG_STORAGE_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
fw_details = dict()
for host in hosts:
key = "swift_storage_and_rsync_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
fw_details[key]['service_name'] = "swift storage and rsync"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['6000', '6001', '6002', '873']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details
def create_storage_manifest(config, messages):
global devices
manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("swift_storage.pp")
# this need to happen once per storage device
for device in devices:
host = config['CONFIG_CONTROLLER_HOST']
devicename = device['device_name']
device = device['device']
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
if device:
check_device(host, device)
manifestdata += ('\nswift::storage::%s { "%s":\n'
' device => "%s",\n}\n'
% (fstype, devicename, device))
else:
# create loopback device if none was specified
config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config)
manifestdata += "\n" + getManifestTemplate("swift_loopback.pp")
# set allowed hosts for firewall
hosts = set([config['CONFIG_CONTROLLER_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync"
config['FIREWALL_PORTS'] = "['6000', '6001', '6002', '873']"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
for host in hosts:
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages):
manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "ceilometer"))
manifestdata += getManifestTemplate("ceilometer")
if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis':
# Determine if we need to configure multiple sentinel hosts as
# fallbacks for use in coordination url.
sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])
sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT']
sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if len(sentinel_hosts) > 1:
sentinel_fallbacks = '&'.join([
'sentinel_fallback=%s:%s' % (host, sentinel_port)
for host in sentinel_hosts if host != sentinel_contact
])
else:
sentinel_fallbacks = ''
config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks
fw_details = dict()
key = "ceilometer_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "ceilometer-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8777']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CEILOMETER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES')
# Add a template that creates a group for nova because the ceilometer
# class needs it
if config['CONFIG_NOVA_INSTALL'] == 'n':
manifestdata += getManifestTemplate("ceilometer_nova_disabled")
appendManifestFile(manifestfile, manifestdata, 'ceilometer')
def create_manifest(config, messages):
if config['CONFIG_MYSQL_INSTALL'] == 'y':
install = True
suffix = 'install'
else:
install = False
suffix = 'noinstall'
manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST']
manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)]
def append_for(module, suffix):
# Modules have to be appended to the existing mysql.pp
# otherwise pp will fail for some of them saying that
# Mysql::Config definition is missing.
template = "mysql_%s_%s.pp" % (module, suffix)
manifestdata.append(getManifestTemplate(template))
append_for("keystone", suffix)
for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']:
if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y':
append_for(mod, suffix)
hosts = set([config['CONFIG_CONTROLLER_HOST']])
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])
config['FIREWALL_SERVICE_NAME'] = "mysql"
config['FIREWALL_PORTS'] = "'3306'"
config['FIREWALL_CHAIN'] = "INPUT"
config['FIREWALL_PROTOCOL'] = 'tcp'
for host in hosts:
config['FIREWALL_ALLOWED'] = "'%s'" % host
config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host
manifestdata.append(getManifestTemplate("firewall.pp"))
appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if config['CONFIG_IRONIC_INSTALL'] == 'y':
config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat'
config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat'
if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']:
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch'
config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'physnet1'
if use_ml2_with_sriovnicswitch(config):
if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']
and 'linuxbridge' not in
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch'
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
if config[key] == '':
config[key] = []
else:
config[key] = [i.strip() for i in config[key].split(',') if i]
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "%s" % config[key] if config[key] else ''
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
if config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] == 'y':
config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = True
else:
config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = False
neutron_steps = [
{'title': 'Preparing Neutron LBaaS Agent entries',
'functions': [create_lbaas_manifests]},
{'title': 'Preparing Neutron API entries',
'functions': [create_manifests]},
{'title': 'Preparing Neutron L3 entries',
'functions': [create_l3_manifests]},
{'title': 'Preparing Neutron L2 Agent entries',
'functions': [create_l2_agent_manifests]},
{'title': 'Preparing Neutron DHCP Agent entries',
'functions': [create_dhcp_manifests]},
{'title': 'Preparing Neutron Metering Agent entries',
'functions': [create_metering_agent_manifests]},
{'title': 'Checking if NetworkManager is enabled and running',
'functions': [check_nm_status]},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if config['CONFIG_IRONIC_INSTALL'] == 'y':
config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat'
config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat'
if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']:
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch'
config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'physnet1'
if use_ml2_with_sriovnicswitch(config):
if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']
and 'linuxbridge'
not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch'
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
if config[key] == '':
config[key] = []
else:
config[key] = [i.strip() for i in config[key].split(',') if i]
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "%s" % config[key] if config[key] else ''
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
if config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] == 'y':
config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = True
else:
config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = False
neutron_steps = [
{
'title': 'Preparing Neutron LBaaS Agent entries',
'functions': [create_lbaas_manifests]
},
{
'title': 'Preparing Neutron API entries',
'functions': [create_manifests]
},
{
'title': 'Preparing Neutron L3 entries',
'functions': [create_l3_manifests]
},
{
'title': 'Preparing Neutron L2 Agent entries',
'functions': [create_l2_agent_manifests]
},
{
'title': 'Preparing Neutron DHCP Agent entries',
'functions': [create_dhcp_manifests]
},
{
'title': 'Preparing Neutron Metering Agent entries',
'functions': [create_metering_agent_manifests]
},
{
'title': 'Checking if NetworkManager is enabled and running',
'functions': [check_nm_status]
},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)
def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder.pp")
backends = config['CONFIG_CINDER_BACKEND']
if 'netapp' in backends:
backends.remove('netapp')
puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp"
puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp"
puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp"
puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp"
puppet_eseries = "cinder_netapp_eseries.pp"
if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_cdot_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_cdot_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_7mode_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_7mode_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries":
manifestdata += getManifestTemplate(puppet_eseries)
for backend in backends:
manifestdata += getManifestTemplate('cinder_%s.pp' % backend)
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer.pp')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup.pp')
fw_details = dict()
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
if (config['CONFIG_NOVA_INSTALL'] == 'y' and
config['CONFIG_VMWARE_BACKEND'] == 'n'):
key = "cinder_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
else:
key = "cinder_all"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['3260']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_RULES')
# cinder API should be open for everyone
fw_details = dict()
key = "cinder_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8776']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_API_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES')
appendManifestFile(manifestfile, manifestdata)
def create_bridge_manifest(config, messages):
for host in utils.split_hosts(config['CONFIG_NETWORK_HOSTS']):
manifest_file = '{}_provision_bridge.pp'.format(host)
manifest_data = getManifestTemplate("provision_bridge")
appendManifestFile(manifest_file, manifest_data, 'bridge')
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if config['CONFIG_IRONIC_INSTALL'] == 'y':
config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat'
config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat'
if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']:
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch'
config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'extnet'
if use_ml2_with_sriovnicswitch(config):
if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']
and 'linuxbridge'
not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch'
if use_ml2_with_ovn(config):
if ('ovn' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] = 'ovn'
# OVN only supports geneve encapsulation
if ('geneve' not in config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS']):
config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', geneve'
config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] = 'geneve'
# VPNaaS, LBaaS and FWaaS are not supported with OVN
config['CONFIG_NEUTRON_FWAAS'] = 'n'
config['CONFIG_NEUTRON_VPNAAS'] = 'n'
config['CONFIG_LBAAS_INSTALL'] = 'n'
config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] = 'n'
# When using OVN we need to create the same L2 infrastucture as
# for OVS, so I'm copying value for required variables and use
# the same logic
ovs_tunnel_sub = 'CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS'
ovn_tunnel_sub = 'CONFIG_NEUTRON_OVN_TUNNEL_SUBNETS'
config[ovs_tunnel_sub] = config[ovn_tunnel_sub]
ovs_tunnel_if = 'CONFIG_NEUTRON_OVS_TUNNEL_IF'
ovn_tunnel_if = 'CONFIG_NEUTRON_OVN_TUNNEL_IF'
config[ovs_tunnel_if] = config[ovn_tunnel_if]
ovs_mappings = 'CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'
ovn_mappings = 'CONFIG_NEUTRON_OVN_BRIDGE_MAPPINGS'
config[ovs_mappings] = config[ovn_mappings]
ovs_ifaces = 'CONFIG_NEUTRON_OVS_BRIDGE_IFACES'
ovn_ifaces = 'CONFIG_NEUTRON_OVN_BRIDGE_IFACES'
config[ovs_ifaces] = config[ovn_ifaces]
ovs_compute = 'CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE'
ovn_compute = 'CONFIG_NEUTRON_OVN_BRIDGES_COMPUTE'
config[ovs_compute] = config[ovn_compute]
ovs_external = 'CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET'
ovn_external = 'CONFIG_NEUTRON_OVN_EXTERNAL_PHYSNET'
config[ovs_external] = config[ovn_external]
elif use_ml2_with_ovs(config):
if ('openvswitch'
not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] = 'openvswitch'
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
if config[key] == '':
config[key] = []
else:
config[key] = [i.strip() for i in config[key].split(',') if i]
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "%s" % config[key] if config[key] else ''
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
neutron_steps = [
{
'title': 'Preparing Neutron LBaaS Agent entries',
'functions': [create_lbaas_manifests]
},
{
'title': 'Preparing Neutron API entries',
'functions': [create_manifests]
},
{
'title': 'Preparing Neutron L3 entries',
'functions': [create_l3_manifests]
},
{
'title': 'Preparing Neutron L2 Agent entries',
'functions': [create_l2_agent_manifests]
},
{
'title': 'Preparing Neutron DHCP Agent entries',
'functions': [create_dhcp_manifests]
},
{
'title': 'Preparing Neutron Metering Agent entries',
'functions': [create_metering_agent_manifests]
},
{
'title': 'Checking if NetworkManager is enabled and running',
'functions': [check_nm_status]
},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)
def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder")
backends = config['CONFIG_CINDER_BACKEND']
if 'netapp' in backends:
backends.remove('netapp')
puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi"
puppet_cdot_nfs = "cinder_netapp_cdot_nfs"
puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi"
puppet_7mode_nfs = "cinder_netapp_7mode_nfs"
puppet_eseries = "cinder_netapp_eseries"
if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_cdot_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_cdot_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode":
if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi":
manifestdata += getManifestTemplate(puppet_7mode_iscsi)
elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs":
manifestdata += getManifestTemplate(puppet_7mode_nfs)
elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries":
manifestdata += getManifestTemplate(puppet_eseries)
for backend in backends:
manifestdata += getManifestTemplate('cinder_%s' % backend)
if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_ceilometer')
if config['CONFIG_SWIFT_INSTALL'] == 'y':
manifestdata += getManifestTemplate('cinder_backup')
fw_details = dict()
for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']):
if (config['CONFIG_NOVA_INSTALL'] == 'y'
and config['CONFIG_VMWARE_BACKEND'] == 'n'):
key = "cinder_%s" % host
fw_details.setdefault(key, {})
fw_details[key]['host'] = "%s" % host
else:
key = "cinder_all"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['3260']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_RULES')
# cinder API should be open for everyone
fw_details = dict()
key = "cinder_api"
fw_details.setdefault(key, {})
fw_details[key]['host'] = "ALL"
fw_details[key]['service_name'] = "cinder-api"
fw_details[key]['chain'] = "INPUT"
fw_details[key]['ports'] = ['8776']
fw_details[key]['proto'] = "tcp"
config['FIREWALL_CINDER_API_RULES'] = fw_details
manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES')
appendManifestFile(manifestfile, manifestdata)
def create_bridge_manifest(config, messages):
for host in utils.split_hosts(config['CONFIG_NETWORK_HOSTS']):
manifest_file = '{}_provision_bridge.pp'.format(host)
manifest_data = getManifestTemplate("provision_bridge")
appendManifestFile(manifest_file, manifest_data, 'bridge')
def initSequences(controller):
config = controller.CONF
if config['CONFIG_NEUTRON_INSTALL'] != 'y':
return
if config['CONFIG_IRONIC_INSTALL'] == 'y':
config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat'
config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat'
if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']:
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch'
config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'extnet'
if use_ml2_with_sriovnicswitch(config):
if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']
and 'linuxbridge' not in
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch'
if use_ml2_with_ovn(config):
if ('ovn' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']):
config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] = 'ovn'
# OVN only supports geneve encapsulation
if ('geneve' not in config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS']):
config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', geneve'
config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] = 'geneve'
# VPNaaS, LBaaS and FWaaS are not supported with OVN
config['CONFIG_NEUTRON_FWAAS'] = 'n'
config['CONFIG_NEUTRON_VPNAAS'] = 'n'
config['CONFIG_LBAAS_INSTALL'] = 'n'
config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] = 'n'
# When using OVN we need to create the same L2 infrastucture as
# for OVS, so I'm copying value for required variables and use
# the same logic
ovs_tunnel_sub = 'CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS'
ovn_tunnel_sub = 'CONFIG_NEUTRON_OVN_TUNNEL_SUBNETS'
config[ovs_tunnel_sub] = config[ovn_tunnel_sub]
ovs_tunnel_if = 'CONFIG_NEUTRON_OVS_TUNNEL_IF'
ovn_tunnel_if = 'CONFIG_NEUTRON_OVN_TUNNEL_IF'
config[ovs_tunnel_if] = config[ovn_tunnel_if]
ovs_mappings = 'CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS'
ovn_mappings = 'CONFIG_NEUTRON_OVN_BRIDGE_MAPPINGS'
config[ovs_mappings] = config[ovn_mappings]
ovs_ifaces = 'CONFIG_NEUTRON_OVS_BRIDGE_IFACES'
ovn_ifaces = 'CONFIG_NEUTRON_OVN_BRIDGE_IFACES'
config[ovs_ifaces] = config[ovn_ifaces]
ovs_compute = 'CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE'
ovn_compute = 'CONFIG_NEUTRON_OVN_BRIDGES_COMPUTE'
config[ovs_compute] = config[ovn_compute]
ovs_external = 'CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET'
ovn_external = 'CONFIG_NEUTRON_OVN_EXTERNAL_PHYSNET'
config[ovs_external] = config[ovn_external]
plugin_db = 'neutron'
plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin'
# values modification
for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS',
'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES',
'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS',
'CONFIG_NEUTRON_ML2_FLAT_NETWORKS',
'CONFIG_NEUTRON_ML2_VLAN_RANGES',
'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES',
'CONFIG_NEUTRON_ML2_VNI_RANGES'):
if config[key] == '':
config[key] = []
else:
config[key] = [i.strip() for i in config[key].split(',') if i]
key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP'
config[key] = "%s" % config[key] if config[key] else ''
config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db
config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path
global api_hosts, network_hosts, compute_hosts, q_hosts
api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST'])
network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS'])
compute_hosts = set()
if config['CONFIG_NOVA_INSTALL'] == 'y':
compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS'])
q_hosts = api_hosts | network_hosts | compute_hosts
neutron_steps = [
{'title': 'Preparing Neutron LBaaS Agent entries',
'functions': [create_lbaas_manifests]},
{'title': 'Preparing Neutron API entries',
'functions': [create_manifests]},
{'title': 'Preparing Neutron L3 entries',
'functions': [create_l3_manifests]},
{'title': 'Preparing Neutron L2 Agent entries',
'functions': [create_l2_agent_manifests]},
{'title': 'Preparing Neutron DHCP Agent entries',
'functions': [create_dhcp_manifests]},
{'title': 'Preparing Neutron Metering Agent entries',
'functions': [create_metering_agent_manifests]},
{'title': 'Checking if NetworkManager is enabled and running',
'functions': [check_nm_status]},
]
controller.addSequence("Installing OpenStack Neutron", [], [],
neutron_steps)