def create_manifest(config): # Using the server host will suffice for the all-in-one case. manifest_file = '%s_provision.pp' % ( controller.CONF['CONFIG_QUANTUM_SERVER_HOST'] ) manifest_data = getManifestTemplate("provision.pp") appendManifestFile(manifest_file, manifest_data)
def create_manifest(config): manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip() manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "'3260', '8776'" config['FIREWALL_CHAIN'] = "INPUT" if config['CONFIG_NOVA_INSTALL'] == 'y': for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_MARIADB_INSTALL'] == 'y': suffix = 'install' host = config['CONFIG_MARIADB_HOST'] else: suffix = 'noinstall' host = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_mariadb.pp" % host manifestdata = [getManifestTemplate('mariadb_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mariadb_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) hosts = filtered_hosts(config, exclude=False, dbhost=True) config['FIREWALL_SERVICE_NAME'] = "mariadb" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mariadb_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_keystone_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_cinder.pp") appendManifestFile(manifestfile, manifestdata)
def createproxymanifest(config): manifestfile = "%s_swift.pp"%controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'] manifestdata = getManifestTemplate("swift_proxy.pp") # If the proxy server is also a storage server then swift::ringsync will be included for the storage server if controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'] not in [h['host'] for h in devices]: manifestdata += 'swift::ringsync{["account","container","object"]:\n ring_server => "%s"\n}'%controller.CONF['CONFIG_SWIFT_BUILDER_HOST'] appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST'] manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) hosts = set([config['CONFIG_CONTROLLER_HOST']]) hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_common_manifest(config, messages): global compute_hosts, network_hosts network_type = (config['CONFIG_NEUTRON_INSTALL'] == "y" and 'neutron' or 'nova') network_multi = len(network_hosts) > 1 dbacces_hosts = set([config.get('CONFIG_CONTROLLER_HOST')]) dbacces_hosts |= network_hosts for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): host, manifest = manifestfile.split('_', 1) host = host.strip() if host in compute_hosts and host not in dbacces_hosts: # we should omit password in case we are installing only # nova-compute to the host perms = "nova" else: perms = "nova:%(CONFIG_NOVA_DB_PW)s" sqlconn = "mysql://%s@%%(CONFIG_MYSQL_HOST)s/nova" % perms config['CONFIG_NOVA_SQL_CONN'] = sqlconn % config # for nova-network in multihost mode each compute host is metadata # host otherwise we use api host if (network_type == 'nova' and network_multi and host in compute_hosts): metadata = host else: metadata = config['CONFIG_CONTROLLER_HOST'] config['CONFIG_NOVA_METADATA_HOST'] = metadata data = getManifestTemplate(get_mq(config, "nova_common")) data += getManifestTemplate("nova_common.pp") appendManifestFile(os.path.split(manifestfile)[1], data)
def create_lbaas_manifests(config): global lbaas_hosts for host in lbaas_hosts: controller.CONF['CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_lbaas.pp") manifestfile = "%s_neutron.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n")
def create_manifest(config, messages): if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_host = config['CONFIG_CONTROLLER_HOST'] ssl_cert_file = config['CONFIG_HEAT_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_heat.crt' ) ssl_key_file = config['CONFIG_HEAT_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_heat.key' ) service = 'heat' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat") manifestdata += getManifestTemplate("keystone_heat") fw_details = dict() key = "heat" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "heat" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8004'] fw_details[key]['proto'] = "tcp" config['FIREWALL_HEAT_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_HEAT_RULES') appendManifestFile(manifestfile, manifestdata, marker='heat')
def createL2AgentManifests(config): global compute_hosts, dhcp_host, l3_hosts if controller.CONF["CONFIG_QUANTUM_L2_PLUGIN"] == "openvswitch": host_var = 'CONFIG_QUANTUM_OVS_HOST' template_name = 'quantum_ovs_agent.pp' # The CONFIG_QUANTUM_OVS_BRIDGE_MAPPINGS parameter contains a # comma-separated list of bridge mappings. Since the puppet module # expects this parameter to be an array, this parameter must be properly # formatted by packstack, then consumed by the puppet module. # For example, the input string 'A, B, C' should formatted as '['A','B','C']'. r = re.compile("[\s,]+") controller.CONF["CONFIG_QUANTUM_OVS_BRIDGE_MAPPINGS"] = \ str(filter(None, r.split(controller.CONF["CONFIG_QUANTUM_OVS_BRIDGE_MAPPINGS"]))) elif controller.CONF["CONFIG_QUANTUM_L2_PLUGIN"] == "linuxbridge": host_var = 'CONFIG_QUANTUM_LB_HOST' template_name = 'quantum_lb_agent.pp' else: raise KeyError("Unknown layer2 agent") # Install l2 agents on every compute host in addition to any hosts listed # specifically for the l2 agent for host in compute_hosts | dhcp_hosts | l3_hosts: controller.CONF[host_var] = host manifestdata = getManifestTemplate(template_name) manifestfile = "%s_quantum.pp" % (host,) appendManifestFile(manifestfile, manifestdata + "\n")
def create_dhcp_manifests(config): global dhcp_hosts plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] for host in dhcp_hosts: config["CONFIG_NEUTRON_DHCP_HOST"] = host config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) manifest_data = getManifestTemplate("neutron_dhcp.pp") manifest_file = "%s_neutron.pp" % (host,) # Firewall Rules for f_host in q_hosts: config['FIREWALL_ALLOWED'] = "'%s'" % f_host config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in" config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_in_%s_%s" % (host, f_host) config['FIREWALL_PORTS'] = "'67'" config['FIREWALL_CHAIN'] = "INPUT" manifest_data += getManifestTemplate("firewall.pp") config['FIREWALL_SERVICE_NAME'] = "neutron dhcp out" config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_out_%s_%s" % (host, f_host) config['FIREWALL_PORTS'] = "'68'" config['FIREWALL_CHAIN'] = "OUTPUT" manifest_data += getManifestTemplate("firewall.pp") appendManifestFile(manifest_file, manifest_data, 'neutron')
def create_keystone_manifest(config, messages): # parse devices in first step global devices devices = parse_devices(config) manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_swift.pp") appendManifestFile(manifestfile, manifestdata)
def createmanifest(config): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' # In case we are not installing MySQL server, mysql* manifests have # to be run from Keystone host host = install and config['CONFIG_MYSQL_HOST'] \ or config['CONFIG_KEYSTONE_HOST'] manifestfile = "%s_mysql.pp" % host manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_manifest(config, messages): manifestfile = "%s_aodh.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "aodh")) manifestdata += getManifestTemplate("aodh") if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_AODH_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_aodh.crt' ) ssl_key_file = config['CONFIG_AODH_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_aodh.key' ) ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'aodh' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) fw_details = dict() key = "aodh_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "aodh-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8042'] fw_details[key]['proto'] = "tcp" config['FIREWALL_AODH_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_AODH_RULES') appendManifestFile(manifestfile, manifestdata, 'aodh')
def createmanifest(config): manifestfile = "%s_qpid.pp"%config['CONFIG_QPID_HOST'] manifestdata = "" ssl_manifestdata = "" server = utils.ScriptRunner(config['CONFIG_QPID_HOST']) ports = set(["'5672'"]) if config['CONFIG_QPID_ENABLE_SSL'] == 'y': ports.add("'%s'" % (config['CONFIG_QPID_SSL_PORT'])) config['CONFIG_QPID_ENABLE_SSL'] = 'true' if config['CONFIG_QPID_SSL_SELF_SIGNED'] == 'y': server.append( "openssl req -batch -new -x509 -nodes -keyout %s -out %s -days 1095" % (config['CONFIG_QPID_SSL_KEY_FILE'], config['CONFIG_QPID_SSL_CERT_FILE']) ) server.execute() ssl_manifestdata = getManifestTemplate('qpid_ssl.pp') else: #Set default values config['CONFIG_QPID_SSL_PORT'] = "5671" config['CONFIG_QPID_SSL_CERT_FILE'] = "" config['CONFIG_QPID_SSL_KEY_FILE'] = "" config['CONFIG_QPID_NSS_CERTDB_PW'] = "" config['CONFIG_QPID_ENABLE_SSL'] = 'false' manifestdata = getManifestTemplate('qpid.pp') manifestdata += ssl_manifestdata #All hosts should be able to talk to qpid hosts = ["'%s'" % i for i in filtered_hosts(config, exclude=False)] config['FIREWALL_ALLOWED'] = ','.join(hosts) config['FIREWALL_SERVICE_NAME'] = "qpid" config['FIREWALL_PORTS'] = ','.join(ports) manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, 'pre')
def create_builder_manifest(config, messages): global devices # The ring file should be built and distributed before the storage services # come up. Specifically the replicator crashes if the ring isn't present def device_def(dev_type, host, dev_port, devicename, zone): fmt = ('\n@@%s { "%s:%s/%s":\n' ' zone => %s,\n' ' weight => 10, }\n') return fmt % (dev_type, host, dev_port, devicename, zone) manifestfile = "%s_ring_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("swift_builder.pp") # Add each device to the ring devicename = 0 for device in devices: host = config['CONFIG_CONTROLLER_HOST'] devicename = device['device_name'] zone = device['zone'] for dev_type, dev_port in [('ring_object_device', 6000), ('ring_container_device', 6001), ('ring_account_device', 6002)]: manifestdata += device_def(dev_type, host, dev_port, devicename, zone) appendManifestFile(manifestfile, manifestdata, 'swiftbuilder')
def create_vncproxy_manifest(config, messages): if config["CONFIG_HORIZON_SSL"] == 'y': if config["CONFIG_VNC_SSL_CERT"]: ssl_cert_file = config["CONFIG_VNC_SSL_CERT"] ssl_key_file = config["CONFIG_VNC_SSL_KEY"] if not os.path.exists(ssl_cert_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_cert_file) if not os.path.exists(ssl_key_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_key_file) final_cert = open(ssl_cert_file, 'rt').read() final_key = open(ssl_key_file, 'rt').read() deliver_ssl_file(final_cert, ssl_cert_file, config['CONFIG_CONTROLLER_HOST']) deliver_ssl_file(final_key, ssl_key_file, config['CONFIG_CONTROLLER_HOST']) else: config["CONFIG_VNC_SSL_CERT"] = '/etc/pki/tls/certs/ssl_vnc.crt' config["CONFIG_VNC_SSL_KEY"] = '/etc/pki/tls/private/ssl_vnc.key' ssl_key_file = config["CONFIG_VNC_SSL_KEY"] ssl_cert_file = config["CONFIG_VNC_SSL_CERT"] ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'vnc' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_vncproxy") appendManifestFile(manifestfile, manifestdata)
def createcommonmanifest(config): dbhost = config['CONFIG_MYSQL_HOST'] dirty = controller.CONF["CONFIG_NOVA_COMPUTE_HOSTS"].split(",") nopass_nodes = [i.strip() for i in dirty if i.strip()] dirty = [config.get('CONFIG_NOVA_CONDUCTOR_HOST'), config.get('CONFIG_NOVA_API_HOST'), config.get('CONFIG_NOVA_CERT_HOST'), config.get('CONFIG_NOVA_VNCPROXY_HOST'), config.get('CONFIG_NOVA_SCHED_HOST'), config.get('CONFIG_NOVA_NETWORK_HOST')] dbpass_nodes = [i.strip() for i in dirty if i and i.strip()] for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): host, manifest = manifestfile.split('_', 1) host = host.strip() if host in nopass_nodes and host not in dbpass_nodes: # we should omit password in case we are installing only # nova-compute to the host perms = "nova" else: perms = "nova:%(CONFIG_NOVA_DB_PW)s" % config config['CONFIG_NOVA_SQL_CONN'] = ("mysql://%s@%s/nova" % (perms, dbhost)) data = getManifestTemplate("nova_common.pp") appendManifestFile(os.path.split(manifestfile)[1], data)
def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone") if config['CONFIG_IP_VERSION'] == 'ipv6': host = config['CONFIG_CONTROLLER_HOST'] config['CONFIG_KEYSTONE_HOST_URL'] = "[%s]" % host else: config['CONFIG_KEYSTONE_HOST_URL'] = config['CONFIG_CONTROLLER_HOST'] config['CONFIG_KEYSTONE_PUBLIC_URL'] = "http://%s:5000/%s" % ( config['CONFIG_KEYSTONE_HOST_URL'], config['CONFIG_KEYSTONE_API_VERSION'] ) config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:35357" % ( config['CONFIG_KEYSTONE_HOST_URL'] ) fw_details = dict() key = "keystone" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "keystone" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['5000', '35357'] fw_details[key]['proto'] = "tcp" config['FIREWALL_KEYSTONE_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_KEYSTONE_RULES') appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config["CONFIG_CONTROLLER_HOST"] manifestdata = getManifestTemplate("keystone") if config["CONFIG_IP_VERSION"] == "ipv6": host = config["CONFIG_CONTROLLER_HOST"] config["CONFIG_KEYSTONE_HOST_URL"] = "[%s]" % host else: config["CONFIG_KEYSTONE_HOST_URL"] = config["CONFIG_CONTROLLER_HOST"] config["CONFIG_KEYSTONE_PUBLIC_URL"] = "http://%s:5000/%s" % ( config["CONFIG_KEYSTONE_HOST_URL"], config["CONFIG_KEYSTONE_API_VERSION"], ) config["CONFIG_KEYSTONE_ADMIN_URL"] = "http://%s:35357" % (config["CONFIG_KEYSTONE_HOST_URL"]) fw_details = dict() key = "keystone" fw_details.setdefault(key, {}) fw_details[key]["host"] = "ALL" fw_details[key]["service_name"] = "keystone" fw_details[key]["chain"] = "INPUT" fw_details[key]["ports"] = ["5000", "35357"] fw_details[key]["proto"] = "tcp" config["FIREWALL_KEYSTONE_RULES"] = fw_details manifestdata += createFirewallResources("FIREWALL_KEYSTONE_RULES") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config): manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata = getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip() manifestdata += getManifestTemplate('cinder_backup.pp') hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': hosts = split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) else: hosts.add('ALL',) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i.strip() for i in hosts if i.strip()]) config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "'3260', '8776'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_host = config['CONFIG_STORAGE_HOST'] ssl_cert_file = config['CONFIG_GLANCE_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_glance.crt' ) ssl_key_file = config['CONFIG_GLANCE_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_glance.key' ) service = 'glance' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestfile = "%s_glance.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("glance") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': mq_template = get_mq(config, "glance_ceilometer") manifestdata += getManifestTemplate(mq_template) fw_details = dict() key = "glance_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "glance" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['9292'] fw_details[key]['proto'] = "tcp" config['FIREWALL_GLANCE_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_GLANCE_RULES') appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config["CONFIG_AMQP_ENABLE_SSL"] == "y": ssl_host = config["CONFIG_CONTROLLER_HOST"] ssl_cert_file = config["CONFIG_HEAT_SSL_CERT"] = "/etc/pki/tls/certs/ssl_amqp_heat.crt" ssl_key_file = config["CONFIG_HEAT_SSL_KEY"] = "/etc/pki/tls/private/ssl_amqp_heat.key" service = "heat" generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestfile = "%s_heat.pp" % config["CONFIG_CONTROLLER_HOST"] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat") manifestdata += getManifestTemplate("keystone_heat") fw_details = dict() key = "heat" fw_details.setdefault(key, {}) fw_details[key]["host"] = "ALL" fw_details[key]["service_name"] = "heat" fw_details[key]["chain"] = "INPUT" fw_details[key]["ports"] = ["8004"] fw_details[key]["proto"] = "tcp" config["FIREWALL_HEAT_RULES"] = fw_details manifestdata += createFirewallResources("FIREWALL_HEAT_RULES") appendManifestFile(manifestfile, manifestdata, marker="heat")
def create_api_manifest(config, messages): # Since this step is running first, let's create necesary variables here # and make them global global compute_hosts, network_hosts com_var = config.get("CONFIG_COMPUTE_HOSTS", "") compute_hosts = set([i.strip() for i in com_var.split(",") if i.strip()]) net_var = config.get("CONFIG_NETWORK_HOSTS", "") network_hosts = set([i.strip() for i in net_var.split(",") if i.strip()]) # This is a hack around us needing to generate the neutron metadata # password, but the nova puppet plugin uses the existence of that # password to determine whether or not to configure neutron metadata # proxy support. So the nova_api.pp template needs unquoted 'undef' # to disable metadata support if neutron is not being installed. if config['CONFIG_NEUTRON_INSTALL'] != 'y': config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = 'undef' else: config['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = "%s" % config['CONFIG_NEUTRON_METADATA_PW'] manifestfile = "%s_api_nova.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("nova_api") fw_details = dict() key = "nova_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "nova api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8773', '8774', '8775'] fw_details[key]['proto'] = "tcp" config['FIREWALL_NOVA_API_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_NOVA_API_RULES') appendManifestFile(manifestfile, manifestdata, 'novaapi')
def create_manifest(config, messages): if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_host = config['CONFIG_SAHARA_HOST'] ssl_cert_file = config['CONFIG_SAHARA_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_sahara.crt' ) ssl_key_file = config['CONFIG_SAHARA_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_sahara.key' ) service = 'sahara' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestfile = "%s_sahara.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate(get_mq(config, "sahara")) manifestdata += getManifestTemplate("sahara.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('sahara_ceilometer') fw_details = dict() key = "sahara-api" fw_details.setdefault(key, {}) fw_details[key]["host"] = "ALL" fw_details[key]["service_name"] = "sahara api" fw_details[key]["chain"] = "INPUT" fw_details[key]["ports"] = ["8386"] fw_details[key]["proto"] = "tcp" config["FIREWALL_SAHARA_CFN_RULES"] = fw_details manifestdata += createFirewallResources("FIREWALL_SAHARA_CFN_RULES") appendManifestFile(manifestfile, manifestdata, marker='sahara')
def create_manifest(config, messages): client_host = config['CONFIG_CONTROLLER_HOST'].strip() manifestfile = "%s_osclient.pp" % client_host server = utils.ScriptRunner(client_host) server.append('echo $HOME') rc, root_home = server.execute() root_home = root_home.strip() homedir = os.path.expanduser('~') config['HOME_DIR'] = homedir uname, gname = utils.get_current_username() config['NO_ROOT_USER'], config['NO_ROOT_GROUP'] = uname, gname no_root_allinone = (client_host == utils.get_localhost_ip() and root_home != homedir) config['NO_ROOT_USER_ALLINONE'] = no_root_allinone and True or False manifestdata = getManifestTemplate("openstack_client.pp") appendManifestFile(manifestfile, manifestdata) msg = ("File %s/keystonerc_admin has been created on OpenStack client host" " %s. To use the command line tools you need to source the file.") messages.append(msg % (root_home, client_host)) if no_root_allinone: msg = ("Copy of keystonerc_admin file has been created for non-root " "user in %s.") messages.append(msg % homedir)
def createL2AgentManifests(config): global compute_hosts, dhcp_host, l3_hosts if controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "openvswitch": host_var = 'CONFIG_NEUTRON_OVS_HOST' template_name = 'neutron_ovs_agent.pp' bm_arr = get_values(controller.CONF["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"]) iface_arr = get_values(controller.CONF["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"]) # The CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS parameter contains a # comma-separated list of bridge mappings. Since the puppet module # expects this parameter to be an array, this parameter must be properly # formatted by packstack, then consumed by the puppet module. # For example, the input string 'A, B, C' should formatted as '['A','B','C']'. controller.CONF["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = str(bm_arr) elif controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "linuxbridge": host_var = 'CONFIG_NEUTRON_LB_HOST' template_name = 'neutron_lb_agent.pp' else: raise KeyError("Unknown layer2 agent") # Install l2 agents on every compute host in addition to any hosts listed # specifically for the l2 agent for host in compute_hosts | dhcp_hosts | l3_hosts: controller.CONF[host_var] = host manifestfile = "%s_neutron.pp" % (host,) manifestdata = getManifestTemplate(template_name) appendManifestFile(manifestfile, manifestdata + "\n") if controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "openvswitch": for if_map in iface_arr: controller.CONF['CONFIG_NEUTRON_OVS_BRIDGE'], controller.CONF['CONFIG_NEUTRON_OVS_IFACE'] = if_map.split(':') manifestdata = getManifestTemplate("neutron_ovs_port.pp") appendManifestFile(manifestfile, manifestdata + "\n")
def createstoragemanifest(): # this need to happen once per storage host for host in set([device['host'] for device in devices]): controller.CONF["CONFIG_SWIFT_STORAGE_CURRENT"] = host manifestfile = "%s_swift.pp"%host manifestdata = getManifestTemplate("swift_storage.pp") appendManifestFile(manifestfile, manifestdata) # this need to happen once per storage device for device in devices: host = device['host'] devicename = device['device_name'] device = device['device'] server = utils.ScriptRunner(host) validate.r_validateDevice(server, device) server.execute() manifestfile = "%s_swift.pp"%host if device: manifestdata = "\n" + 'swift::storage::%s{"%s":\n device => "/dev/%s",\n}'% (controller.CONF["CONFIG_SWIFT_STORAGE_FSTYPE"], devicename, device) else: controller.CONF["SWIFT_STORAGE_DEVICES"] = "'%s'"%devicename manifestdata = "\n" + getManifestTemplate("swift_loopback.pp") appendManifestFile(manifestfile, manifestdata)
def create_dhcp_manifests(config, messages): global network_hosts plugin = config['CONFIG_NEUTRON_L2_PLUGIN'] for host in network_hosts: config["CONFIG_NEUTRON_DHCP_HOST"] = host config['CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = get_if_driver(config) manifest_data = getManifestTemplate("neutron_dhcp.pp") manifest_file = "%s_neutron.pp" % (host,) # Firewall Rules for dhcp in config['FIREWALL_PROTOCOL'] = 'udp' config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "neutron dhcp in: " config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_in_%s" % host config['FIREWALL_PORTS'] = "'67'" config['FIREWALL_CHAIN'] = "INPUT" manifest_data += getManifestTemplate("firewall.pp") # Firewall Rules for dhcp out config['FIREWALL_PROTOCOL'] = 'udp' config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "neutron dhcp out: " config['FIREWALL_SERVICE_ID'] = "neutron_dhcp_out_%s" % host config['FIREWALL_PORTS'] = "'68'" config['FIREWALL_CHAIN'] = "OUTPUT" manifest_data += getManifestTemplate("firewall.pp") appendManifestFile(manifest_file, manifest_data, 'neutron')
def create_ntp_manifest(config, messages): srvlist = [i.strip() for i in config['CONFIG_NTP_SERVERS'].split(',') if i.strip()] config['CONFIG_NTP_SERVERS'] = ' '.join(srvlist) definiton = '\n'.join(['server %s' % i for i in srvlist]) config['CONFIG_NTP_SERVER_DEF'] = '%s\n' % definiton marker = uuid.uuid4().hex[:16] for hostname in filtered_hosts(config): releaseos = config['HOST_DETAILS'][hostname]['os'] releasever = config['HOST_DETAILS'][hostname]['release'].split('.')[0] # Configure chrony for Fedora or RHEL/CentOS 7 if releaseos == 'Fedora' or releasever == '7': manifestdata = getManifestTemplate('chrony.pp') appendManifestFile('%s_chrony.pp' % hostname, manifestdata, marker=marker) # For previous versions, configure ntpd else: manifestdata = getManifestTemplate('ntpd.pp') appendManifestFile('%s_ntpd.pp' % hostname, manifestdata, marker=marker)
def create_mongodb_manifest(config, messages): manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST'] manifestdata = getManifestTemplate("mongodb.pp") config['FIREWALL_ALLOWED'] = "'%s'" % config['CONFIG_CONTROLLER_HOST'] config['FIREWALL_SERVICE_NAME'] = 'mongodb-server' config['FIREWALL_PORTS'] = "'27017'" config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, 'pre')
def create_metadata_manifests(config, messages): global network_hosts if config.get('CONFIG_NOVA_INSTALL') == 'n': return for host in network_hosts: config['CONFIG_NEUTRON_METADATA_HOST'] = host manifestdata = getManifestTemplate('neutron_metadata') manifestfile = "%s_neutron.pp" % (host, ) appendManifestFile(manifestfile, manifestdata + "\n")
def createproxymanifest(): manifestfile = "%s_swift.pp" % controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'] manifestdata = getManifestTemplate("swift_proxy.pp") # If the proxy server is also a storage server then swift::ringsync will be included for the storage server if controller.CONF['CONFIG_SWIFT_PROXY_HOSTS'] not in controller.CONF[ "CONFIG_SWIFT_STORAGE_HOSTS"].split(","): manifestdata += 'swift::ringsync{["account","container","object"]:\n ring_server => "%s"\n}' % controller.CONF[ 'CONFIG_SWIFT_BUILDER_HOST'] appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_host = config['CONFIG_STORAGE_HOST'] ssl_cert_file = config['CONFIG_CINDER_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_cinder.crt') ssl_key_file = config['CONFIG_CINDER_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_cinder.key') service = 'cinder' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder") for backend in config['CONFIG_CINDER_BACKEND']: manifestdata += getManifestTemplate('cinder_%s' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup') fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host else: key = "cinder_all" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['3260'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_RULES') # cinder API should be open for everyone fw_details = dict() key = "cinder_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8776'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_API_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES') appendManifestFile(manifestfile, manifestdata)
def create_l2_agent_manifests(config, messages): global network_hosts, compute_hosts agent = config["CONFIG_NEUTRON_L2_AGENT"] # CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS will be available only for ML2 # plugin deployment, but we need CONFIG_NEUTRON_USE_L2POPULATION also # for other plugin template generation if ('l2population' in config.get('CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', [])): config['CONFIG_NEUTRON_USE_L2POPULATION'] = True else: config['CONFIG_NEUTRON_USE_L2POPULATION'] = False if agent == "openvswitch": ovs_type = 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES' ovs_type = config.get(ovs_type, 'local') tunnel = use_openvswitch_vxlan(config) or use_openvswitch_gre(config) config["CONFIG_NEUTRON_OVS_TUNNELING"] = tunnel tunnel_types = set(ovs_type) & set(['gre', 'vxlan']) config["CONFIG_NEUTRON_OVS_TUNNEL_TYPES"] = list(tunnel_types) template_name = "neutron_ovs_agent" bm_arr = get_values(config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"]) iface_arr = get_values(config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"]) # The CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS parameter contains a # comma-separated list of bridge mappings. Since the puppet module # expects this parameter to be an array, this parameter must be # properly formatted by packstack, then consumed by the puppet module. # For example, the input string 'A, B' should formatted as '['A','B']'. config["CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS"] = bm_arr config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"] = [] elif agent == "linuxbridge": host_var = 'CONFIG_NEUTRON_LB_HOST' template_name = 'neutron_lb_agent' else: raise KeyError("Unknown layer2 agent") for host in network_hosts | compute_hosts: manifestfile = "%s_neutron.pp" % (host, ) manifestdata = "$cfg_neutron_ovs_host = '%s'\n" % host # neutron ovs port only on network hosts if (agent == "openvswitch" and ((host in network_hosts and tunnel_types) or 'vlan' in ovs_type)): if config['CONFIG_USE_SUBNETS'] == 'y': iface_arr = [ common.cidr_to_ifname(i, host, config) for i in iface_arr ] config["CONFIG_NEUTRON_OVS_BRIDGE_IFACES"] = iface_arr manifestdata += getManifestTemplate(template_name) appendManifestFile(manifestfile, manifestdata + "\n") # Additional configurations required for compute hosts and # network hosts. manifestdata = getManifestTemplate('neutron_bridge_module') appendManifestFile(manifestfile, manifestdata + '\n')
def createDHCPManifests(config): global dhcp_hosts for host in dhcp_hosts: controller.CONF["CONFIG_NEUTRON_DHCP_HOST"] = host controller.CONF[ 'CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'] = getInterfaceDriver() manifestdata = getManifestTemplate("neutron_dhcp.pp") manifestfile = "%s_neutron.pp" % (host, ) appendManifestFile(manifestfile, manifestdata + "\n")
def createneutronmanifest(config): if controller.CONF['CONFIG_NEUTRON_INSTALL'] != "y": return controller.CONF['CONFIG_NOVA_LIBVIRT_VIF_DRIVER'] = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): data = getManifestTemplate("nova_neutron.pp") appendManifestFile(os.path.split(manifestfile)[1], data)
def create_manifest(config, messages): for hostname in filtered_hosts(config): manifestfile = "%s_postscript.pp" % hostname manifestdata = getManifestTemplate("postscript.pp") appendManifestFile(manifestfile, manifestdata, 'postscript') if config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") != 'n': fmted = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-', '_') config['EXT_BRIDGE_VAR'] = fmted manifestdata = getManifestTemplate("persist_ovs_bridge.pp") appendManifestFile(manifestfile, manifestdata, 'postscript')
def create_manifest(config): manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata = getManifestTemplate("cinder.pp") if controller.CONF['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if controller.CONF['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") appendManifestFile(manifestfile, manifestdata)
def create_vpnaas_manifests(config, messages): global network_hosts if config['CONFIG_NEUTRON_VPNAAS'] != 'y': return for host in network_hosts: manifestdata = getManifestTemplate("neutron_vpnaas") manifestfile = "%s_neutron.pp" % (host, ) appendManifestFile(manifestfile, manifestdata + "\n")
def create_sriovnicswitch_manifests(config, messages): global compute_hosts if not use_ml2_with_sriovnicswitch(config): return for host in compute_hosts: manifestdata = getManifestTemplate("neutron_sriov") manifestfile = "%s_neutron.pp" % (host, ) appendManifestFile(manifestfile, manifestdata + "\n")
def create_sched_manifest(config, messages): manifestfile = "%s_nova.pp" % config['CONFIG_CONTROLLER_HOST'] if config['CONFIG_IRONIC_INSTALL'] == 'y': manifestdata = getManifestTemplate("nova_sched_ironic.pp") ram_alloc = '1.0' config['CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO'] = ram_alloc manifestdata += getManifestTemplate("nova_sched.pp") else: manifestdata = getManifestTemplate("nova_sched.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config): manifestfile = "%s_keystone.pp" % config['CONFIG_KEYSTONE_HOST'] manifestdata = getManifestTemplate("keystone.pp") config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "keystone" config['FIREWALL_SERVICE_ID'] = "keystone" config['FIREWALL_PORTS'] = "'5000', '35357'" config['FIREWALL_CHAIN'] = "INPUT" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def createmanifest(config): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' # In case we are not installing MySQL server, mysql* manifests have # to be run from Keystone host host = install and config['CONFIG_MYSQL_HOST'] \ or config['CONFIG_KEYSTONE_HOST'] manifestfile = "%s_mysql.pp" % host manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) hosts = set() for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) # Check wich modules are enabled so we can allow their # hosts on the firewall if mod != 'nova' and mod != 'neutron': hosts.add(config.get('CONFIG_%s_HOST' % mod.upper()).strip()) elif mod == 'neutron': hosts.add(config.get('CONFIG_NEUTRON_SERVER_HOST').strip()) elif config['CONFIG_NOVA_INSTALL'] != 'n': #In that remote case that we have lot's of nova hosts hosts.add(config.get('CONFIG_NOVA_API_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_CERT_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_VNCPROXY_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_CONDUCTOR_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_SCHED_HOST').strip()) if config['CONFIG_NEUTRON_INSTALL'] != 'y': dbhosts = split_hosts(config['CONFIG_NOVA_NETWORK_HOSTS']) hosts |= dbhosts for host in config.get('CONFIG_NOVA_COMPUTE_HOSTS').split(','): hosts.add(host.strip()) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_lbaas_manifests(config, messages): global network_hosts if not config['CONFIG_LBAAS_INSTALL'] == 'y': return for host in network_hosts: config['CONFIG_NEUTRON_LBAAS_INTERFACE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_lbaas") manifestfile = "%s_neutron.pp" % (host, ) appendManifestFile(manifestfile, manifestdata + "\n")
def createnrpemanifests(): for hostname in gethostlist(controller.CONF): controller.CONF['CONFIG_NRPE_HOST'] = hostname manifestfile = "%s_nagios_nrpe.pp" % hostname manifestdata = getManifestTemplate("nagios_nrpe.pp") appendManifestFile(manifestfile, manifestdata) controller.MESSAGES.append("To use Nagios, browse to http://%s/nagios " "username : nagiosadmin, password : %s" % (controller.CONF['CONFIG_NAGIOS_HOST'], controller.CONF['CONFIG_NAGIOS_PW']))
def create_proxy_manifest(config, messages): manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("swift_proxy.pp") config['FIREWALL_SERVICE_NAME'] = "swift proxy" config['FIREWALL_PORTS'] = "'8080'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "swift_proxy" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): for hostname in filtered_hosts(config): manifestfile = "%s_postscript.pp" % hostname manifestdata = getManifestTemplate("postscript") appendManifestFile(manifestfile, manifestdata, 'postscript') # TO-DO: remove this temporary fix for nova-network/neutron # nondeterministic behavior provision = ( config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") not in set(['false', 'n', None]) )
def create_metering_agent_manifests(config, messages): global network_hosts if not config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y': return for host in network_hosts: config['CONFIG_NEUTRON_METERING_IFCE_DRIVER'] = get_if_driver(config) manifestdata = getManifestTemplate("neutron_metering_agent") manifestfile = "%s_neutron.pp" % (host, ) appendManifestFile(manifestfile, manifestdata + "\n")
def create_storage_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] if config['CONFIG_PROVISION_TEMPEST']: template = "provision_tempest_glance" else: template = "provision_demo_glance" manifest_file = '%s_provision_glance' % config['CONFIG_STORAGE_HOST'] manifest_data = getManifestTemplate(template) appendManifestFile(manifest_file, manifest_data)
def create_cfn_manifest(config, messages): manifestfile = "%s_heatcnf.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata += getManifestTemplate("heat_cfn.pp") config['FIREWALL_SERVICE_NAME'] = "heat_cfn" config['FIREWALL_PORTS'] = "'8000'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "heat_cfn" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata, marker='heat')
def createL3Manifests(config): global l3_hosts for host in l3_hosts: controller.CONF['CONFIG_QUANTUM_L3_HOST'] = host controller.CONF['CONFIG_QUANTUM_L3_INTERFACE_DRIVER'] = getInterfaceDriver() manifestdata = getManifestTemplate("quantum_l3.pp") manifestfile = "%s_quantum.pp" % (host,) appendManifestFile(manifestfile, manifestdata + '\n') if controller.CONF['CONFIG_QUANTUM_L2_PLUGIN'] == 'openvswitch' and controller.CONF['CONFIG_QUANTUM_L3_EXT_BRIDGE']: controller.CONF['CONFIG_QUANTUM_OVS_BRIDGE'] = controller.CONF['CONFIG_QUANTUM_L3_EXT_BRIDGE'] manifestdata = getManifestTemplate('quantum_ovs_bridge.pp') appendManifestFile(manifestfile, manifestdata + '\n')
def create_manifest(config): manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata = getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') appendManifestFile(manifestfile, manifestdata)
def create_manifest(config): if config['CONFIG_HEAT_CLOUDWATCH_INSTALL'] == 'y': config['CONFIG_HEAT_WATCH_HOST'] = config['CONFIG_HEAT_CLOUDWATCH_HOST'] else: config['CONFIG_HEAT_WATCH_HOST'] = config['CONFIG_HEAT_HOST'] if config['CONFIG_HEAT_CFN_INSTALL'] == 'y': config['CONFIG_HEAT_METADATA_HOST'] = config['CONFIG_HEAT_CFN_HOST'] else: config['CONFIG_HEAT_METADATA_HOST'] = config['CONFIG_HEAT_HOST'] manifestfile = "%s_heat.pp" % controller.CONF['CONFIG_HEAT_HOST'] manifestdata = getManifestTemplate("heat.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config): manifestfile = "%s_keystone.pp" % config['CONFIG_KEYSTONE_HOST'] manifestdata = getManifestTemplate("keystone.pp") hosts = set() for key, value in host_iter(config): if (key.find("MYSQL") != -1) or (key.find("QPID") != -1): continue hosts.add(value.strip()) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts]) config['FIREWALL_SERVICE_NAME'] = "keystone" config['FIREWALL_PORTS'] = "'5000', '35357'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def createmanifest(config): manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST'] manifestdata = getManifestTemplate("glance.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('glance_ceilometer.pp') hosts = set() for host in config['CONFIG_NOVA_COMPUTE_HOSTS'].split(','): hosts.add(host.strip()) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts]) config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone.pp") config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "keystone" config['FIREWALL_SERVICE_ID'] = "keystone" config['FIREWALL_PORTS'] = "['5000', '35357']" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def createmanifest(): client_host = controller.CONF['CONFIG_OSCLIENT_HOST'].strip() manifestfile = "%s_osclient.pp" % client_host manifestdata = getManifestTemplate("openstack_client.pp") appendManifestFile(manifestfile, manifestdata) server = utils.ScriptRunner(client_host) server.append('echo $HOME') rc, root_home = server.execute() msg = ("To use the command line tools you need to source the file " "%s/keystonerc_admin created on %s") controller.MESSAGES.append(msg % (root_home.strip(), client_host))
def createapimanifest(config): # This is a hack around us needing to generate the neutron metadata # password, but the nova puppet plugin uses the existence of that # password to determine whether or not to configure neutron metadata # proxy support. So the nova_api.pp template needs unquoted 'undef' # to disable metadata support if neutron is not being installed. if controller.CONF['CONFIG_NEUTRON_INSTALL'] != 'y': controller.CONF['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = 'undef' else: controller.CONF['CONFIG_NEUTRON_METADATA_PW_UNQUOTED'] = \ "'%s'" % controller.CONF['CONFIG_NEUTRON_METADATA_PW'] manifestfile = "%s_api_nova.pp" % controller.CONF['CONFIG_NOVA_API_HOST'] manifestdata = getManifestTemplate("nova_api.pp") appendManifestFile(manifestfile, manifestdata, 'novaapi')
def create_manifest(config, messages): for hostname in filtered_hosts(config): manifestfile = "%s_postscript.pp" % hostname manifestdata = getManifestTemplate("postscript") appendManifestFile(manifestfile, manifestdata, 'postscript') # TO-DO: remove this temporary fix for nova-network/neutron # undeterministic behavior provision = (config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") not in set(['false', 'n', None])) if config.get('CONFIG_NEUTRON_INSTALL', 'n') == 'y' and provision: fmted = config['CONFIG_NEUTRON_L3_EXT_BRIDGE'].replace('-', '_') config['EXT_BRIDGE_VAR'] = fmted manifestdata = getManifestTemplate("persist_ovs_bridge") appendManifestFile(manifestfile, manifestdata, 'postscript')