def check_nm_status(config, messages): hosts_with_nm = [] for host in filtered_hosts(config): server = utils.ScriptRunner(host) server.append("systemctl") rc, out = server.execute(can_fail=False) server.clear() if rc < 1: server.append("systemctl is-enabled NetworkManager") rc, is_enabled = server.execute(can_fail=False) is_enabled = is_enabled.strip("\n ") server.clear() server.append("systemctl is-active NetworkManager") rc, is_active = server.execute(can_fail=False) is_active = is_active.strip("\n ") if is_enabled == "enabled" or is_active == "active": hosts_with_nm.append(host) else: server.clear() server.append("service NetworkManager status") rc, out = server.execute(can_fail=False) if rc < 1: hosts_with_nm.append(host) server.clear() if hosts_with_nm: hosts_list = ', '.join("%s" % x for x in hosts_with_nm) msg = output_messages.WARN_NM_ENABLED messages.append(utils.color_text(msg % hosts_list, 'yellow'))
def waitforpuppet(currently_running): global controller log_len = 0 twirl = ["-", "\\", "|", "/"] while currently_running: for hostname, finished_logfile in currently_running: log_file = os.path.splitext(os.path.basename(finished_logfile))[0] space_len = basedefs.SPACE_LEN - len(log_file) if len(log_file) > log_len: log_len = len(log_file) if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): twirl = twirl[-1:] + twirl[:-1] sys.stdout.write( ("\rTesting if puppet apply is finished : %s" % log_file).ljust(40 + log_len)) sys.stdout.write("[ %s ]" % twirl[0]) sys.stdout.flush() try: # Once a remote puppet run has finished, we retrieve the log # file and check it for errors local_server = utils.ScriptRunner() log = os.path.join( basedefs.PUPPET_MANIFEST_DIR, os.path.basename(finished_logfile).replace( ".finished", ".log")) local_server.append( 'scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@%s:%s %s' % (hostname, finished_logfile, log)) # Errors are expected here if the puppet run isn't finished so we suppress logging them local_server.execute(logerrors=False) # If we got to this point the puppet apply has finished currently_running.remove((hostname, finished_logfile)) # clean off the last "testing apply" msg if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): sys.stdout.write(("\r").ljust(45 + log_len)) except ScriptRuntimeError: # the test raises an exception if the file doesn't exist yet # TO-DO: We need to start testing 'e' for unexpected exceptions time.sleep(3) continue # check log file for relevant notices controller.MESSAGES.extend(scan_puppet_logfile(log)) # check the log file for errors validate_puppet_logfile(log) sys.stdout.write(("\r%s : " % log_file).ljust(space_len)) print("[ " + utils.color_text(output_messages.INFO_DONE, 'green') + " ]")
def waitforpuppet(currently_running): global controller log_len = 0 twirl = ["-", "\\", "|", "/"] while currently_running: for hostname, finished_logfile in currently_running: log_file = os.path.splitext(os.path.basename(finished_logfile))[0] space_len = basedefs.SPACE_LEN - len(log_file) if len(log_file) > log_len: log_len = len(log_file) if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): twirl = twirl[-1:] + twirl[:-1] sys.stdout.write(("\rTesting if puppet apply is finished : %s" % log_file).ljust(40 + log_len)) sys.stdout.write("[ %s ]" % twirl[0]) sys.stdout.flush() try: # Once a remote puppet run has finished, we retrieve the log # file and check it for errors local_server = utils.ScriptRunner() log = os.path.join( basedefs.PUPPET_MANIFEST_DIR, os.path.basename(finished_logfile).replace(".finished", ".log") ) local_server.append( "scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@%s:%s %s" % (hostname, finished_logfile, log) ) # To not pollute logs we turn of logging of command execution local_server.execute(log=False) # If we got to this point the puppet apply has finished currently_running.remove((hostname, finished_logfile)) # clean off the last "testing apply" msg if hasattr(sys.stdout, "isatty") and sys.stdout.isatty(): sys.stdout.write(("\r").ljust(45 + log_len)) except ScriptRuntimeError: # the test raises an exception if the file doesn't exist yet # TO-DO: We need to start testing 'e' for unexpected exceptions time.sleep(3) continue # check log file for relevant notices controller.MESSAGES.extend(scan_logfile(log)) # check the log file for errors validate_logfile(log) sys.stdout.write(("\r%s : " % log_file).ljust(space_len)) print ("[ " + utils.color_text(output_messages.INFO_DONE, "green") + " ]")
def test_run(self): """ Test packstack.instaler.core.sequences.Step run. """ def func(config): if 'test' not in config: raise AssertionError('Missing config value.') step = Step('test', func, title='Running test') step.run(config={'test': 'test'}) contents = sys.stdout.getvalue() state = '[ %s ]\n' % utils.color_text('DONE', 'green') if not contents.startswith('Running test') or \ not contents.endswith(state): raise AssertionError('Step run test failed: %s' % contents)
def test_run(self): """ Test packstack.instaler.core.sequences.Step run. """ def func(config, messages): if 'test' not in config: raise AssertionError('Missing config value.') step = Step('test', func, title='Running test') step.run(config={'test': 'test'}) contents = sys.stdout.getvalue() state = '[ %s ]\n' % utils.color_text('DONE', 'green') if(not contents.startswith('Running test') or not contents.endswith(state)): raise AssertionError('Step run test failed: %s' % contents)
def test_run(self): """ Test packstack.instaler.core.sequences.Step run. """ def func(config): if "test" not in config: raise AssertionError("Missing config value.") step = Step("test", func, title="Running test") step.run(config={"test": "test"}) contents = sys.stdout.getvalue() state = "[ %s ]\n" % utils.color_text("DONE", "green") if not contents.startswith("Running test") or not contents.endswith(state): raise AssertionError("Step run test failed: %s" % contents)
def test_run(self): """ Test packstack.instaler.core.sequences.Sequence run. """ self.seq.run() contents = sys.stdout.getvalue() self.assertEqual(contents, '') self.seq.run(config={'test': 'test'}, step='2') contents = sys.stdout.getvalue() assert contents.startswith('Step 2') output = [] state_fmt = '[ %s ]\n' self.steps.insert(0, {'title': 'Step 2'}) for i in self.steps: space = 70 - len(i['title']) title = '[ %s ]\n' % utils.color_text('DONE', 'green') output.append('%s...%s' % (i['title'], title.rjust(space))) self.seq.run(config={'test': 'test'}) contents = sys.stdout.getvalue() self.assertEqual(contents, ''.join(output))
def create_manifests(config, messages): global q_hosts service_plugins = [] if config['CONFIG_LBAAS_INSTALL'] == 'y': service_plugins.append('lbaas') # ML2 uses the L3 Router service plugin to implement l3 agent service_plugins.append('router') if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append('metering') if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append('firewall') if config['CONFIG_NEUTRON_VPNAAS'] == 'y': service_plugins.append('vpnaas') config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') config['FIREWALL_DRIVER'] = ("neutron.agent.linux.iptables_firewall." "OVSHybridIptablesFirewallDriver") plugin_manifest = 'neutron_ml2_plugin' if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_NEUTRON_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_neutron.crt' ) ssl_key_file = config['CONFIG_NEUTRON_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_neutron.key' ) service = 'neutron' for host in q_hosts: if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': generate_ssl_cert(config, host, service, ssl_key_file, ssl_cert_file) manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron") manifest_data += getManifestTemplate(get_mq(config, "neutron")) appendManifestFile(manifest_file, manifest_data, 'neutron') if host in api_hosts: manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron_api") if config['CONFIG_NOVA_INSTALL'] == 'y': template_name = "neutron_notifications" manifest_data += getManifestTemplate(template_name) # Set up any l2 plugin configs we need only on neutron api nodes # XXX I am not completely sure about this, but it seems necessary: manifest_data += getManifestTemplate(plugin_manifest) # Firewall fw_details = dict() key = "neutron_server_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "neutron server" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9696'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details manifest_data += createFirewallResources( 'FIREWALL_NEUTRON_SERVER_RULES' ) appendManifestFile(manifest_file, manifest_data, 'neutron') # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if config['CONFIG_IP_VERSION'] == 'ipv6': msg = output_messages.WARN_IPV6_OVS messages.append(utils.color_text(msg % host, 'red')) if (config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS']): tunnel_subnets = map( str.strip, config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS'].split(',') ) for subnet in tunnel_subnets: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, subnet)) config[cf_fw_nt_key] = tunnel_fw_details(config, host, subnet) manifest_data += createFirewallResources(cf_fw_nt_key) else: for n_host in network_hosts | compute_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, n_host)) if config['CONFIG_NEUTRON_OVS_TUNNEL_IF']: if config['CONFIG_USE_SUBNETS'] == 'y': iface = common.cidr_to_ifname( config['CONFIG_NEUTRON_OVS_TUNNEL_IF'], n_host, config) else: iface = config['CONFIG_NEUTRON_OVS_TUNNEL_IF'] ifip = ("ipaddress_%s" % iface) try: src_host = config['HOST_DETAILS'][n_host][ifip] except KeyError: raise KeyError('Couldn\'t detect ipaddress of ' 'interface %s on node %s' % (iface, n_host)) else: src_host = n_host config[cf_fw_nt_key] = tunnel_fw_details(config, host, src_host) manifest_data += createFirewallResources(cf_fw_nt_key) appendManifestFile(manifest_file, manifest_data, 'neutron')
def create_manifests(config, messages): global q_hosts service_plugins = ['qos', 'trunk'] service_providers = [] if config['CONFIG_LBAAS_INSTALL'] == 'y': lbaas_plugin = ('neutron_lbaas.services.loadbalancer.plugin.' 'LoadBalancerPluginv2') service_plugins.append(lbaas_plugin) lbaas_sp = ('LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.' 'plugin_driver.HaproxyOnHostPluginDriver:default') service_providers.append(lbaas_sp) if use_ml2_with_ovn(config): service_plugins.append('ovn-router') else: # ML2 uses the L3 Router service plugin to implement l3 agent for linuxbridge and ovs service_plugins.append('router') if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append('metering') if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append('firewall_v2') fwaas_sp = ( 'FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.' 'service_drivers.agents.agents.FirewallAgentDriver:default') service_providers.append(fwaas_sp) if config['CONFIG_NEUTRON_VPNAAS'] == 'y': service_plugins.append('vpnaas') vpnaas_sp = ('VPN:libreswan:neutron_vpnaas.services.vpn.' 'service_drivers.ipsec.IPsecVPNDriver:default') service_providers.append(vpnaas_sp) config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') config['SERVICE_PROVIDERS'] = (service_providers if service_providers else []) config['FIREWALL_DRIVER'] = ("neutron.agent.linux.iptables_firewall." "OVSHybridIptablesFirewallDriver") plugin_manifest = 'neutron_ml2_plugin' if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_NEUTRON_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_neutron.crt') ssl_key_file = config['CONFIG_NEUTRON_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_neutron.key') service = 'neutron' for host in q_hosts: if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': generate_ssl_cert(config, host, service, ssl_key_file, ssl_cert_file) if host in api_hosts: # Firewall fw_details = dict() key = "neutron_server_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "neutron server" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9696'] fw_details[key]['proto'] = "tcp" if use_ml2_with_ovn(config): key = "ovn_northd_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ovn northd" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['6641'] fw_details[key]['proto'] = "tcp" key = "ovn_southd_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ovn southd" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['6642'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details # We also need to open VXLAN/GRE port for agent if (use_openvswitch_vxlan(config) or use_openvswitch_gre(config) or use_ovn_geneve(config)): if config['CONFIG_IP_VERSION'] == 'ipv6': msg = output_messages.WARN_IPV6_OVS messages.append(utils.color_text(msg % host, 'red')) fw_details = dict() if (config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS']): tunnel_subnets = map( str.strip, config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS'].split(',')) cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s" % host.replace('.', '_')) for subnet in tunnel_subnets: tunnel_fw_details(config, host, subnet, fw_details) config[cf_fw_nt_key] = fw_details else: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s" % host.replace('.', '_')) for n_host in network_hosts | compute_hosts: if config['CONFIG_NEUTRON_OVS_TUNNEL_IF']: if config['CONFIG_USE_SUBNETS'] == 'y': iface = common.cidr_to_ifname( config['CONFIG_NEUTRON_OVS_TUNNEL_IF'], n_host, config) else: iface = config['CONFIG_NEUTRON_OVS_TUNNEL_IF'] ifip = ("ipaddress_%s" % iface) ifip = re.sub('[\.\-\:]', '_', ifip) try: src_host = config['HOST_DETAILS'][n_host][ifip] except KeyError: raise KeyError('Couldn\'t detect ipaddress of ' 'interface %s on node %s' % (iface, n_host)) else: src_host = n_host tunnel_fw_details(config, host, src_host, fw_details) config[cf_fw_nt_key] = fw_details
def create_manifests(config, messages): global q_hosts service_plugins = [] if config['CONFIG_LBAAS_INSTALL'] == 'y': service_plugins.append( 'neutron.services.loadbalancer.plugin.LoadBalancerPlugin') # ML2 uses the L3 Router service plugin to implement l3 agent service_plugins.append( 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin') if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append( 'neutron.services.metering.metering_plugin.MeteringPlugin') if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append( 'neutron.services.firewall.fwaas_plugin.FirewallPlugin') config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') plugin_manifest = 'neutron_ml2_plugin' for host in q_hosts: manifest_file = "%s_neutron.pp" % (host, ) manifest_data = getManifestTemplate("neutron") manifest_data += getManifestTemplate(get_mq(config, "neutron")) appendManifestFile(manifest_file, manifest_data, 'neutron') if host in api_hosts: manifest_file = "%s_neutron.pp" % (host, ) manifest_data = getManifestTemplate("neutron_api") if config['CONFIG_NOVA_INSTALL'] == 'y': template_name = "neutron_notifications" manifest_data += getManifestTemplate(template_name) # Set up any l2 plugin configs we need only on neutron api nodes # XXX I am not completely sure about this, but it seems necessary: manifest_data += getManifestTemplate(plugin_manifest) # Firewall fw_details = dict() key = "neutron_server_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "neutron server" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9696'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details manifest_data += createFirewallResources( 'FIREWALL_NEUTRON_SERVER_RULES') appendManifestFile(manifest_file, manifest_data, 'neutron') # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if config['CONFIG_IP_VERSION'] == 'ipv6': msg = output_messages.WARN_IPV6_OVS messages.append(utils.color_text(msg % host, 'red')) for n_host in network_hosts | compute_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, n_host)) fw_details = dict() key = "neutron_tunnel_%s_%s" % (host, n_host) fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % n_host fw_details[key]['service_name'] = "neutron tunnel port" fw_details[key]['chain'] = "INPUT" if use_openvswitch_vxlan(config): fw_details[key]['proto'] = 'udp' tun_port = ("%s" % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT']) else: fw_details[key]['proto'] = 'gre' tun_port = None fw_details[key]['ports'] = tun_port config[cf_fw_nt_key] = fw_details manifest_data += createFirewallResources(cf_fw_nt_key) appendManifestFile(manifest_file, manifest_data, 'neutron')
def create_manifests(config, messages): global q_hosts service_plugins = ['qos', 'trunk'] service_providers = [] if config['CONFIG_LBAAS_INSTALL'] == 'y': lbaas_plugin = ('neutron_lbaas.services.loadbalancer.plugin.' 'LoadBalancerPluginv2') service_plugins.append(lbaas_plugin) lbaas_sp = ('LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.' 'plugin_driver.HaproxyOnHostPluginDriver:default') service_providers.append(lbaas_sp) if use_ml2_with_ovn(config): service_plugins.append('ovn-router') else: # ML2 uses the L3 Router service plugin to implement l3 agent for linuxbridge and ovs service_plugins.append('router') if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append('metering') if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append('firewall') fwaas_sp = ('FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.' 'OVSHybridIptablesFirewallDriver:default') service_providers.append(fwaas_sp) if config['CONFIG_NEUTRON_VPNAAS'] == 'y': service_plugins.append('vpnaas') vpnaas_sp = ('VPN:libreswan:neutron_vpnaas.services.vpn.' 'service_drivers.ipsec.IPsecVPNDriver:default') service_providers.append(vpnaas_sp) config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') config['SERVICE_PROVIDERS'] = (service_providers if service_providers else []) config['FIREWALL_DRIVER'] = ("neutron.agent.linux.iptables_firewall." "OVSHybridIptablesFirewallDriver") plugin_manifest = 'neutron_ml2_plugin' if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_NEUTRON_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_neutron.crt' ) ssl_key_file = config['CONFIG_NEUTRON_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_neutron.key' ) service = 'neutron' for host in q_hosts: if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': generate_ssl_cert(config, host, service, ssl_key_file, ssl_cert_file) if host in api_hosts: # Firewall fw_details = dict() key = "neutron_server_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "neutron server" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9696'] fw_details[key]['proto'] = "tcp" if use_ml2_with_ovn(config): key = "ovn_northd_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ovn northd" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['6641'] fw_details[key]['proto'] = "tcp" key = "ovn_southd_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ovn southd" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['6642'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details # We also need to open VXLAN/GRE port for agent if (use_openvswitch_vxlan(config) or use_openvswitch_gre(config) or use_ovn_geneve(config)): if config['CONFIG_IP_VERSION'] == 'ipv6': msg = output_messages.WARN_IPV6_OVS messages.append(utils.color_text(msg % host, 'red')) fw_details = dict() if (config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS']): tunnel_subnets = map( str.strip, config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS'].split(',') ) cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s" % host) for subnet in tunnel_subnets: tunnel_fw_details(config, host, subnet, fw_details) config[cf_fw_nt_key] = fw_details else: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s" % host) for n_host in network_hosts | compute_hosts: if config['CONFIG_NEUTRON_OVS_TUNNEL_IF']: if config['CONFIG_USE_SUBNETS'] == 'y': iface = common.cidr_to_ifname( config['CONFIG_NEUTRON_OVS_TUNNEL_IF'], n_host, config) else: iface = config['CONFIG_NEUTRON_OVS_TUNNEL_IF'] ifip = ("ipaddress_%s" % iface) ifip = re.sub('[\.\-\:]', '_', ifip) try: src_host = config['HOST_DETAILS'][n_host][ifip] except KeyError: raise KeyError('Couldn\'t detect ipaddress of ' 'interface %s on node %s' % (iface, n_host)) else: src_host = n_host tunnel_fw_details(config, host, src_host, fw_details) config[cf_fw_nt_key] = fw_details
import uuid import logging import os from packstack.installer import validators from packstack.installer import basedefs from packstack.installer import utils from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile, manifestfiles # Controller object will be initialized from main flow controller = None # Plugin name PLUGIN_NAME = "OS-SWIFT" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') logging.debug("plugin %s loaded", __name__) def initConfig(controllerObject): global controller controller = controllerObject logging.debug("Adding OpenStack Swift configuration") paramsList = [ {"CMD_OPTION" : "os-swift-proxy", "USAGE" : "The IP address on which to install the Swift proxy service", "PROMPT" : "Enter the IP address of the Swift proxy service", "OPTION_LIST" : [], "VALIDATORS" : [validators.validate_ip, validators.validate_ssh], "DEFAULT_VALUE" : utils.get_localhost_ip(), "MASK_INPUT" : False,
def create_manifests(config, messages): global q_hosts service_plugins = [] if config['CONFIG_LBAAS_INSTALL'] == 'y': service_plugins.append('lbaas') # ML2 uses the L3 Router service plugin to implement l3 agent service_plugins.append('router') if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append('metering') if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append('firewall') if config['CONFIG_NEUTRON_VPNAAS'] == 'y': service_plugins.append('vpnaas') config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') plugin_manifest = 'neutron_ml2_plugin' if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_NEUTRON_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_neutron.crt') ssl_key_file = config['CONFIG_NEUTRON_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_neutron.key') service = 'neutron' for host in q_hosts: if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': generate_ssl_cert(config, host, service, ssl_key_file, ssl_cert_file) manifest_file = "%s_neutron.pp" % (host, ) manifest_data = getManifestTemplate("neutron") manifest_data += getManifestTemplate(get_mq(config, "neutron")) appendManifestFile(manifest_file, manifest_data, 'neutron') if host in api_hosts: manifest_file = "%s_neutron.pp" % (host, ) manifest_data = getManifestTemplate("neutron_api") if config['CONFIG_NOVA_INSTALL'] == 'y': template_name = "neutron_notifications" manifest_data += getManifestTemplate(template_name) # Set up any l2 plugin configs we need only on neutron api nodes # XXX I am not completely sure about this, but it seems necessary: manifest_data += getManifestTemplate(plugin_manifest) # Firewall fw_details = dict() key = "neutron_server_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "neutron server" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9696'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details manifest_data += createFirewallResources( 'FIREWALL_NEUTRON_SERVER_RULES') appendManifestFile(manifest_file, manifest_data, 'neutron') # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if config['CONFIG_IP_VERSION'] == 'ipv6': msg = output_messages.WARN_IPV6_OVS messages.append(utils.color_text(msg % host, 'red')) if (config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS']): tunnel_subnets = map( str.strip, config['CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS'].split(',')) for subnet in tunnel_subnets: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, subnet)) config[cf_fw_nt_key] = tunnel_fw_details( config, host, subnet) manifest_data += createFirewallResources(cf_fw_nt_key) else: for n_host in network_hosts | compute_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, n_host)) if config['CONFIG_NEUTRON_OVS_TUNNEL_IF']: if config['CONFIG_USE_SUBNETS'] == 'y': iface = common.cidr_to_ifname( config['CONFIG_NEUTRON_OVS_TUNNEL_IF'], n_host, config) else: iface = config['CONFIG_NEUTRON_OVS_TUNNEL_IF'] ifip = ("ipaddress_%s" % iface) try: src_host = config['HOST_DETAILS'][n_host][ifip] except KeyError: raise KeyError('Couldn\'t detect ipaddress of ' 'interface %s on node %s' % (iface, n_host)) else: src_host = n_host config[cf_fw_nt_key] = tunnel_fw_details( config, host, src_host) manifest_data += createFirewallResources(cf_fw_nt_key) appendManifestFile(manifest_file, manifest_data, 'neutron')
import uuid import logging import os from packstack.installer import validators from packstack.installer import basedefs from packstack.installer import utils from packstack.modules.ospluginutils import getManifestTemplate, appendManifestFile, manifestfiles # Controller object will be initialized from main flow controller = None # Plugin name PLUGIN_NAME = "OS-SWIFT" PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') logging.debug("plugin %s loaded", __name__) def initConfig(controllerObject): global controller controller = controllerObject logging.debug("Adding OpenStack Swift configuration") paramsList = [ {"CMD_OPTION" : "os-swift-proxy", "USAGE" : "The IP address on which to install the Swift proxy service (currently only single proxy is supported)", "PROMPT" : "Enter the IP address of the Swift proxy service", "OPTION_LIST" : [], "VALIDATORS" : [validators.validate_multi_ip, validators.validate_multi_ssh], "DEFAULT_VALUE" : utils.get_localhost_ip(), "MASK_INPUT" : False,
def create_manifests(config, messages): global q_hosts service_plugins = [] if config['CONFIG_LBAAS_INSTALL'] == 'y': service_plugins.append( 'neutron.services.loadbalancer.plugin.LoadBalancerPlugin' ) # ML2 uses the L3 Router service plugin to implement l3 agent service_plugins.append( 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' ) if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': service_plugins.append( 'neutron.services.metering.metering_plugin.MeteringPlugin' ) if config['CONFIG_NEUTRON_FWAAS'] == 'y': service_plugins.append( 'neutron.services.firewall.fwaas_plugin.FirewallPlugin' ) config['SERVICE_PLUGINS'] = (service_plugins if service_plugins else 'undef') plugin_manifest = 'neutron_ml2_plugin' for host in q_hosts: manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron") manifest_data += getManifestTemplate(get_mq(config, "neutron")) appendManifestFile(manifest_file, manifest_data, 'neutron') if host in api_hosts: manifest_file = "%s_neutron.pp" % (host,) manifest_data = getManifestTemplate("neutron_api") if config['CONFIG_NOVA_INSTALL'] == 'y': template_name = "neutron_notifications" manifest_data += getManifestTemplate(template_name) # Set up any l2 plugin configs we need only on neutron api nodes # XXX I am not completely sure about this, but it seems necessary: manifest_data += getManifestTemplate(plugin_manifest) # Firewall fw_details = dict() key = "neutron_server_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "neutron server" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9696'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NEUTRON_SERVER_RULES'] = fw_details manifest_data += createFirewallResources( 'FIREWALL_NEUTRON_SERVER_RULES' ) appendManifestFile(manifest_file, manifest_data, 'neutron') # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if config['CONFIG_IP_VERSION'] == 'ipv6': msg = output_messages.WARN_IPV6_OVS messages.append(utils.color_text(msg % host, 'red')) for n_host in network_hosts | compute_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, n_host)) fw_details = dict() key = "neutron_tunnel_%s_%s" % (host, n_host) fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % n_host fw_details[key]['service_name'] = "neutron tunnel port" fw_details[key]['chain'] = "INPUT" if use_openvswitch_vxlan(config): fw_details[key]['proto'] = 'udp' tun_port = ("%s" % config['CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT']) else: fw_details[key]['proto'] = 'gre' tun_port = None fw_details[key]['ports'] = tun_port config[cf_fw_nt_key] = fw_details manifest_data += createFirewallResources(cf_fw_nt_key) appendManifestFile(manifest_file, manifest_data, 'neutron')