def get_swift_hosts(config): """Get a set of all the Swift hosts""" hosts = split_hosts(config['CONFIG_SWIFT_STORAGE_HOSTS']) # remove "/device" from the storage host names hosts = set(host.split('/', 1)[0] for host in hosts) hosts |= split_hosts(config['CONFIG_SWIFT_PROXY_HOSTS']) return hosts
def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return if config['CONFIG_NEUTRON_L2_PLUGIN'] == 'openvswitch': plugin_db = 'ovs_neutron' plugin_path = ('neutron.plugins.openvswitch.ovs_neutron_plugin.' 'OVSNeutronPluginV2') elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'linuxbridge': plugin_db = 'neutron_linux_bridge' plugin_path = ('neutron.plugins.linuxbridge.lb_neutron_plugin.' 'LinuxBridgePluginV2') elif config['CONFIG_NEUTRON_L2_PLUGIN'] == 'ml2': plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' # values modification for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): config[key] = str([i.strip() for i in config[key].split(',') if i]) key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "'%s'" % config[key] if config[key] else 'undef' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path global api_hosts, network_hosts, compute_hosts, q_hosts api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) q_hosts = api_hosts | network_hosts | compute_hosts neutron_steps = [ {'title': 'Adding Neutron API manifest entries', 'functions': [create_manifests]}, {'title': 'Adding Neutron Keystone manifest entries', 'functions': [create_keystone_manifest]}, {'title': 'Adding Neutron L3 manifest entries', 'functions': [create_l3_manifests]}, {'title': 'Adding Neutron L2 Agent manifest entries', 'functions': [create_l2_agent_manifests]}, {'title': 'Adding Neutron DHCP Agent manifest entries', 'functions': [create_dhcp_manifests]}, {'title': 'Adding Neutron LBaaS Agent manifest entries', 'functions': [create_lbaas_manifests]}, {'title': 'Adding Neutron Metering Agent manifest entries', 'functions': [create_metering_agent_manifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions': [create_metadata_manifests]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' # values modification for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): if config[key] == '': config[key] = [] else: config[key] = [i.strip() for i in config[key].split(',') if i] key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path global api_hosts, network_hosts, compute_hosts, q_hosts api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) q_hosts = api_hosts | network_hosts | compute_hosts neutron_steps = [ {'title': 'Adding Neutron API manifest entries', 'functions': [create_manifests]}, {'title': 'Adding Neutron Keystone manifest entries', 'functions': [create_keystone_manifest]}, {'title': 'Adding Neutron L3 manifest entries', 'functions': [create_l3_manifests]}, {'title': 'Adding Neutron L2 Agent manifest entries', 'functions': [create_l2_agent_manifests]}, {'title': 'Adding Neutron DHCP Agent manifest entries', 'functions': [create_dhcp_manifests]}, {'title': 'Adding Neutron LBaaS Agent manifest entries', 'functions': [create_lbaas_manifests]}, {'title': 'Adding Neutron Metering Agent manifest entries', 'functions': [create_metering_agent_manifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions': [create_metadata_manifests]}, {'title': 'Checking if NetworkManager is enabled and running', 'functions': [check_nm_status]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def create_manifest(config, messages): manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "lvm": manifestdata += getManifestTemplate("cinder_lvm.pp") elif config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") elif config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") elif config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "['3260', '8776']" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "['3260', '8776']" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST'] manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) hosts = set([config['CONFIG_CONTROLLER_HOST']]) hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_manifest(config): manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': config['CONFIG_SWIFT_PROXY'] = config[ 'CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip() manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "'3260', '8776'" config['FIREWALL_CHAIN'] = "INPUT" if config['CONFIG_NOVA_INSTALL'] == 'y': for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config): manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata += getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CINDER_BACKEND'] == "vmdk": manifestdata += getManifestTemplate("cinder_vmdk.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip() manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "'3260', '8776'" config['FIREWALL_CHAIN'] = "INPUT" if config['CONFIG_NOVA_INSTALL'] == 'y': for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config): manifestfile = "%s_cinder.pp" % controller.CONF['CONFIG_CINDER_HOST'] manifestdata = getManifestTemplate("cinder.pp") if config['CONFIG_CINDER_BACKEND'] == "gluster": manifestdata += getManifestTemplate("cinder_gluster.pp") if config['CONFIG_CINDER_BACKEND'] == "nfs": manifestdata += getManifestTemplate("cinder_nfs.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': config['CONFIG_SWIFT_PROXY'] = config['CONFIG_SWIFT_PROXY_HOSTS'].split(',')[0].strip() manifestdata += getManifestTemplate('cinder_backup.pp') hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': hosts = split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) else: hosts.add('ALL',) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i.strip() for i in hosts if i.strip()]) config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "'3260', '8776'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) manifestdata += getManifestTemplate("ceilometer") if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': # Determine if we need to configure multiple sentinel hosts as # fallbacks for use in coordination url. sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']) sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT'] sentinel_host = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] if config['CONFIG_IP_VERSION'] == 'ipv6': config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = "[%s]" % ( sentinel_host) else: config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = sentinel_host sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] if len(sentinel_hosts) > 1: sentinel_format = 'sentinel_fallback=%s:%s' if config['CONFIG_IP_VERSION'] == 'ipv6': sentinel_format = 'sentinel_fallback=[%s]:%s' sentinel_fallbacks = '&'.join([sentinel_format % (host, sentinel_port) for host in sentinel_hosts if host != sentinel_contact]) else: sentinel_fallbacks = '' config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_CEILOMETER_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_ceilometer.crt' ) ssl_key_file = config['CONFIG_CEILOMETER_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_ceilometer.key' ) ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'ceilometer' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) fw_details = dict() key = "ceilometer_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ceilometer-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8777'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CEILOMETER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES') # Add a template that creates a group for nova because the ceilometer # class needs it if config['CONFIG_NOVA_INSTALL'] == 'n': manifestdata += getManifestTemplate("ceilometer_nova_disabled") appendManifestFile(manifestfile, manifestdata, 'ceilometer')
def prepare_puppet_modules(config, messages): network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) manifestdata = getManifestTemplate("controller") manifestfile = "%s_controller.pp" % config['CONFIG_CONTROLLER_HOST'] appendManifestFile(manifestfile, manifestdata, marker='controller') for host in network_hosts: manifestdata = getManifestTemplate("network") manifestfile = "%s_network.pp" % host appendManifestFile(manifestfile, manifestdata, marker='network') for host in compute_hosts: manifestdata = getManifestTemplate("compute") manifestfile = "%s_compute.pp" % host appendManifestFile(manifestfile, manifestdata, marker='compute')
def create_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder.pp") backends = config['CONFIG_CINDER_BACKEND'].strip('[]') backends = [i.strip('\' ') for i in backends.split(',')] if 'netapp' in backends: backends.remove('netapp') puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp" puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp" puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp" puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp" puppet_eseries = "cinder_netapp_eseries.pp" if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_cdot_iscsi) elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": manifestdata += getManifestTemplate(puppet_cdot_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_7mode_iscsi) elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": manifestdata += getManifestTemplate(puppet_7mode_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": manifestdata += getManifestTemplate(puppet_eseries) for backend in backends: manifestdata += getManifestTemplate('cinder_%s.pp' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup.pp') config['FIREWALL_SERVICE_NAME'] = "cinder" config['FIREWALL_PORTS'] = "['3260']" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "cinder_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_ALL" manifestdata += getManifestTemplate("firewall.pp") # cinder API should be open for everyone config['FIREWALL_SERVICE_NAME'] = "cinder-api" config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "cinder_API" config['FIREWALL_PORTS'] = "['8776']" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_host = config['CONFIG_STORAGE_HOST'] ssl_cert_file = config['CONFIG_CINDER_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_cinder.crt' ) ssl_key_file = config['CONFIG_CINDER_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_cinder.key' ) service = 'cinder' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder") for backend in config['CONFIG_CINDER_BACKEND']: manifestdata += getManifestTemplate('cinder_%s' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup') fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host else: key = "cinder_all" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['3260'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_RULES') # cinder API should be open for everyone fw_details = dict() key = "cinder_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8776'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_API_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES') appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) manifestdata += getManifestTemplate("ceilometer") if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': # Determine if we need to configure multiple sentinel hosts as # fallbacks for use in coordination url. sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']) sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT'] sentinel_host = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] if config['CONFIG_IP_VERSION'] == 'ipv6': config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = "[%s]" % ( sentinel_host) else: config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = sentinel_host sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] if len(sentinel_hosts) > 1: sentinel_format = 'sentinel_fallback=%s:%s' if config['CONFIG_IP_VERSION'] == 'ipv6': sentinel_format = 'sentinel_fallback=[%s]:%s' sentinel_fallbacks = '&'.join([ sentinel_format % (host, sentinel_port) for host in sentinel_hosts if host != sentinel_contact ]) else: sentinel_fallbacks = '' config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_cert_file = config['CONFIG_CEILOMETER_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_ceilometer.crt') ssl_key_file = config['CONFIG_CEILOMETER_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_ceilometer.key') ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'ceilometer' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) fw_details = dict() key = "ceilometer_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ceilometer-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8777'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CEILOMETER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES') # Add a template that creates a group for nova because the ceilometer # class needs it if config['CONFIG_NOVA_INSTALL'] == 'n': manifestdata += getManifestTemplate("ceilometer_nova_disabled") appendManifestFile(manifestfile, manifestdata, 'ceilometer')
def createmanifest(config): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' # In case we are not installing MySQL server, mysql* manifests have # to be run from Keystone host host = install and config['CONFIG_MYSQL_HOST'] \ or config['CONFIG_KEYSTONE_HOST'] manifestfile = "%s_mysql.pp" % host manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) hosts = set() for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) # Check wich modules are enabled so we can allow their # hosts on the firewall if mod != 'nova' and mod != 'neutron': hosts.add(config.get('CONFIG_%s_HOST' % mod.upper()).strip()) elif mod == 'neutron': hosts.add(config.get('CONFIG_NEUTRON_SERVER_HOST').strip()) elif config['CONFIG_NOVA_INSTALL'] != 'n': #In that remote case that we have lot's of nova hosts hosts.add(config.get('CONFIG_NOVA_API_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_CERT_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_VNCPROXY_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_CONDUCTOR_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_SCHED_HOST').strip()) if config['CONFIG_NEUTRON_INSTALL'] != 'y': dbhosts = split_hosts(config['CONFIG_NOVA_NETWORK_HOSTS']) hosts |= dbhosts for host in config.get('CONFIG_NOVA_COMPUTE_HOSTS').split(','): hosts.add(host.strip()) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def createmanifest(config): if config["CONFIG_MYSQL_INSTALL"] == "y": install = True suffix = "install" else: install = False suffix = "noinstall" # In case we are not installing MySQL server, mysql* manifests have # to be run from Keystone host host = install and config["CONFIG_MYSQL_HOST"] or config["CONFIG_KEYSTONE_HOST"] manifestfile = "%s_mysql.pp" % host manifestdata = [getManifestTemplate("mysql_%s.pp" % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) hosts = set() for mod in ["nova", "cinder", "glance", "neutron", "heat"]: if config["CONFIG_%s_INSTALL" % mod.upper()] == "y": append_for(mod, suffix) # Check wich modules are enabled so we can allow their # hosts on the firewall if mod != "nova" and mod != "neutron": hosts.add(config.get("CONFIG_%s_HOST" % mod.upper()).strip()) elif mod == "neutron": hosts.add(config.get("CONFIG_NEUTRON_SERVER_HOST").strip()) elif config["CONFIG_NOVA_INSTALL"] != "n": # In that remote case that we have lot's of nova hosts hosts.add(config.get("CONFIG_NOVA_API_HOST").strip()) hosts.add(config.get("CONFIG_NOVA_CERT_HOST").strip()) hosts.add(config.get("CONFIG_NOVA_VNCPROXY_HOST").strip()) hosts.add(config.get("CONFIG_NOVA_CONDUCTOR_HOST").strip()) hosts.add(config.get("CONFIG_NOVA_SCHED_HOST").strip()) if config["CONFIG_NEUTRON_INSTALL"] != "y": dbhosts = split_hosts(config["CONFIG_NOVA_NETWORK_HOSTS"]) hosts |= dbhosts for host in config.get("CONFIG_NOVA_COMPUTE_HOSTS").split(","): hosts.add(host.strip()) config["FIREWALL_SERVICE_NAME"] = "mysql" config["FIREWALL_PORTS"] = "'3306'" config["FIREWALL_CHAIN"] = "INPUT" for host in hosts: config["FIREWALL_ALLOWED"] = "'%s'" % host config["FIREWALL_SERVICE_ID"] = "mysql_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), "pre")
def initSequences(controller): if controller.CONF['CONFIG_NEUTRON_INSTALL'] != 'y': return if controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "openvswitch": controller.CONF['CONFIG_NEUTRON_L2_DBNAME'] = 'ovs_neutron' controller.CONF['CONFIG_NEUTRON_CORE_PLUGIN'] = 'neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2' elif controller.CONF["CONFIG_NEUTRON_L2_PLUGIN"] == "linuxbridge": controller.CONF['CONFIG_NEUTRON_L2_DBNAME'] = 'neutron_linux_bridge' controller.CONF['CONFIG_NEUTRON_CORE_PLUGIN'] = 'neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2' global api_hosts, l3_hosts, dhcp_hosts, lbaas_hosts, meta_hosts, compute_hosts, q_hosts api_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_SERVER_HOST']) l3_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_L3_HOSTS']) dhcp_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_DHCP_HOSTS']) lbaas_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_LBAAS_HOSTS']) meta_hosts = split_hosts(controller.CONF['CONFIG_NEUTRON_METADATA_HOSTS']) compute_hosts = set() if controller.CONF['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(controller.CONF['CONFIG_NOVA_COMPUTE_HOSTS']) q_hosts = api_hosts | l3_hosts | dhcp_hosts | compute_hosts | meta_hosts neutron_steps = [ {'title': 'Adding Neutron API manifest entries', 'functions':[createManifest]}, {'title': 'Adding Neutron Keystone manifest entries', 'functions':[createKeystoneManifest]}, {'title': 'Adding Neutron L3 manifest entries', 'functions':[createL3Manifests]}, {'title': 'Adding Neutron L2 Agent manifest entries', 'functions':[createL2AgentManifests]}, {'title': 'Adding Neutron DHCP Agent manifest entries', 'functions':[createDHCPManifests]}, {'title': 'Adding Neutron LBaaS Agent manifest entries', 'functions':[createLBaaSManifests]}, {'title': 'Adding Neutron Metadata Agent manifest entries', 'functions':[createMetadataManifests]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def createmanifest(config): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' # In case we are not installing MySQL server, mysql* manifests have # to be run from Keystone host host = install and config['CONFIG_MYSQL_HOST'] \ or config['CONFIG_KEYSTONE_HOST'] manifestfile = "%s_mysql.pp" % host manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) hosts = set() for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) # Check wich modules are enabled so we can allow their # hosts on the firewall if mod != 'nova' and mod != 'neutron': hosts.add(config.get('CONFIG_%s_HOST' % mod.upper()).strip()) elif mod == 'neutron': hosts.add(config.get('CONFIG_NEUTRON_SERVER_HOST').strip()) elif config['CONFIG_NOVA_INSTALL'] != 'n': #In that remote case that we have lot's of nova hosts hosts.add(config.get('CONFIG_NOVA_API_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_CERT_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_VNCPROXY_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_CONDUCTOR_HOST').strip()) hosts.add(config.get('CONFIG_NOVA_SCHED_HOST').strip()) if config['CONFIG_NEUTRON_INSTALL'] != 'y': dbhosts = split_hosts(config['CONFIG_NOVA_NETWORK_HOSTS']) hosts |= dbhosts for host in config.get('CONFIG_NOVA_COMPUTE_HOSTS').split(','): hosts.add(host.strip()) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts]) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def create_redis_manifest(config, messages): if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': redis_master_host = config['CONFIG_REDIS_MASTER_HOST'] if config['CONFIG_IP_VERSION'] == 'ipv6': config['CONFIG_REDIS_MASTER_HOST_URL'] = "[%s]" % redis_master_host else: config['CONFIG_REDIS_MASTER_HOST_URL'] = redis_master_host # master manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST'] manifestdata = getManifestTemplate("redis.pp") master_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) config['FIREWALL_REDIS_RULES'] = _create_redis_firewall_rules( master_clients, config['CONFIG_REDIS_PORT']) manifestdata += createFirewallResources('FIREWALL_REDIS_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') # slaves if config['CONFIG_REDIS_HA'] == 'y': for slave in split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS']): config['CONFIG_REDIS_HOST'] = slave manifestfile = "%s_redis_slave.pp" % slave manifestdata = getManifestTemplate("redis_slave.pp") slave_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) config['FIREWALL_REDIS_SLAVE_RULES'] = ( _create_redis_firewall_rules(slave_clients, config['CONFIG_REDIS_PORT'])) manifestdata += createFirewallResources( 'FIREWALL_REDIS_SLAVE_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') # sentinels if config['CONFIG_REDIS_HA'] == 'y': for sentinel in split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']): manifestfile = "%s_redis_sentinel.pp" % sentinel manifestdata = getManifestTemplate("redis_sentinel.pp") config['FIREWALL_SENTINEL_RULES'] = ( _create_redis_firewall_rules( split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']), config['CONFIG_REDIS_SENTINEL_PORT'])) manifestdata += createFirewallResources( 'FIREWALL_SENTINEL_RULES') appendManifestFile(manifestfile, manifestdata, 'pre')
def create_redis_manifest(config, messages): if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': redis_master_host = config['CONFIG_REDIS_MASTER_HOST'] if config['CONFIG_IP_VERSION'] == 'ipv6': config['CONFIG_REDIS_MASTER_HOST_URL'] = "[%s]" % redis_master_host else: config['CONFIG_REDIS_MASTER_HOST_URL'] = redis_master_host # master manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST'] manifestdata = getManifestTemplate("redis.pp") master_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) config['FIREWALL_REDIS_RULES'] = _create_redis_firewall_rules( master_clients, config['CONFIG_REDIS_PORT']) manifestdata += createFirewallResources('FIREWALL_REDIS_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') # slaves if config['CONFIG_REDIS_HA'] == 'y': for slave in split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS']): config['CONFIG_REDIS_HOST'] = slave manifestfile = "%s_redis_slave.pp" % slave manifestdata = getManifestTemplate("redis_slave.pp") slave_clients = set([config['CONFIG_CONTROLLER_HOST']]).union( split_hosts(config['CONFIG_REDIS_SLAVE_HOSTS'])).union( split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])) config['FIREWALL_REDIS_SLAVE_RULES'] = ( _create_redis_firewall_rules( slave_clients, config['CONFIG_REDIS_PORT'])) manifestdata += createFirewallResources( 'FIREWALL_REDIS_SLAVE_RULES') appendManifestFile(manifestfile, manifestdata, 'pre') # sentinels if config['CONFIG_REDIS_HA'] == 'y': for sentinel in split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']): manifestfile = "%s_redis_sentinel.pp" % sentinel manifestdata = getManifestTemplate("redis_sentinel.pp") config['FIREWALL_SENTINEL_RULES'] = ( _create_redis_firewall_rules( split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']), config['CONFIG_REDIS_SENTINEL_PORT'])) manifestdata += createFirewallResources( 'FIREWALL_SENTINEL_RULES') appendManifestFile(manifestfile, manifestdata, 'pre')
def create_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder") for backend in config['CONFIG_CINDER_BACKEND']: manifestdata += getManifestTemplate('cinder_%s' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup') fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host else: key = "cinder_all" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['3260'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_RULES') # cinder API should be open for everyone fw_details = dict() key = "cinder_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8776'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_API_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES') appendManifestFile(manifestfile, manifestdata)
def createstoragemanifest(config): # this need to happen once per storage host for host in set([device['host'] for device in devices]): controller.CONF["CONFIG_SWIFT_STORAGE_CURRENT"] = host manifestfile = "%s_swift.pp"%host manifestdata = getManifestTemplate("swift_storage.pp") appendManifestFile(manifestfile, manifestdata) # this need to happen once per storage device for device in devices: host = device['host'] devicename = device['device_name'] device = device['device'] if device: check_device(host, device) manifestfile = "%s_swift.pp"%host if device: manifestdata = "\n" + 'swift::storage::%s{"%s":\n device => "/dev/%s",\n}'% (controller.CONF["CONFIG_SWIFT_STORAGE_FSTYPE"], devicename, device) else: config['SWIFT_STORAGE_SEEK'] = get_storage_size(config['CONFIG_SWIFT_STORAGE_SIZE']) controller.CONF["SWIFT_STORAGE_DEVICES"] = "'%s'"%devicename manifestdata = "\n" + getManifestTemplate("swift_loopback.pp") # Allowed host list for firewall hosts = split_hosts(config['CONFIG_SWIFT_STORAGE_HOSTS']) hosts |= split_hosts(config['CONFIG_SWIFT_PROXY_HOSTS']) if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts]) # Firewall rules for storage and rsync config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync" config['FIREWALL_PORTS'] = "'6000', '6001', '6002', '873'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def createmanifest(config): manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST'] manifestdata = getManifestTemplate("glance.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('glance_ceilometer.pp') hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': hosts = split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) else: hosts.add('ALL',) config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i for i in hosts]) config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def createstoragemanifest(config): # this need to happen once per storage host for host in set([device['host'] for device in devices]): controller.CONF["CONFIG_SWIFT_STORAGE_CURRENT"] = host manifestfile = "%s_swift.pp" % host manifestdata = getManifestTemplate("swift_storage.pp") appendManifestFile(manifestfile, manifestdata) # this need to happen once per storage device for device in devices: host = device['host'] devicename = device['device_name'] device = device['device'] if device: check_device(host, device) manifestfile = "%s_swift.pp" % host if device: manifestdata = "\n" + 'swift::storage::%s{"%s":\n device => "/dev/%s",\n}' % ( controller.CONF["CONFIG_SWIFT_STORAGE_FSTYPE"], devicename, device) else: config['SWIFT_STORAGE_SEEK'] = get_storage_size( config['CONFIG_SWIFT_STORAGE_SIZE']) controller.CONF["SWIFT_STORAGE_DEVICES"] = "'%s'" % devicename manifestdata = "\n" + getManifestTemplate("swift_loopback.pp") appendManifestFile(manifestfile, manifestdata) # set allowed hosts for firewall swift_hosts = get_swift_hosts(config) hosts = swift_hosts.copy() manifestdata = "" if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync" config['FIREWALL_PORTS'] = "'6000', '6001', '6002', '873'" config['FIREWALL_CHAIN'] = "INPUT" for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host manifestdata += getManifestTemplate("firewall.pp") for host in swift_hosts: manifestfile = "%s_swift.pp" % host appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': ssl_host = config['CONFIG_STORAGE_HOST'] ssl_cert_file = config['CONFIG_CINDER_SSL_CERT'] = ( '/etc/pki/tls/certs/ssl_amqp_cinder.crt' ) ssl_key_file = config['CONFIG_CINDER_SSL_KEY'] = ( '/etc/pki/tls/private/ssl_amqp_cinder.key' ) service = 'cinder' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host else: key = "cinder_all" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['3260'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_RULES'] = fw_details # cinder API should be open for everyone fw_details = dict() key = "cinder_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8776'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_API_RULES'] = fw_details
def createmanifest(config): manifestfile = "%s_glance.pp" % controller.CONF['CONFIG_GLANCE_HOST'] manifestdata = getManifestTemplate("glance.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate(get_mq(config, "glance_ceilometer")) config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" config['FIREWALL_CHAIN'] = "INPUT" if config['CONFIG_NOVA_INSTALL'] == 'y': for host in split_hosts(config['CONFIG_NOVA_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "glance_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "glance_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_ceph_preflight_manifest(config, messages): for host in split_hosts(config['CONFIG_STORAGE_HOST']): manifest_file = "%s_ceph_firewall.pp" % host # Firewall Rules for dhcp in config['FIREWALL_PROTOCOL'] = 'tcp' config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "Ceph monitor: " config['FIREWALL_SERVICE_ID'] = "ceph_monitor_%s" % host config['FIREWALL_PORTS'] = "['6789']" config['FIREWALL_CHAIN'] = "INPUT" manifest_data = getManifestTemplate("firewall.pp") # Firewall Rules for dhcp out config['FIREWALL_PROTOCOL'] = 'tcp' config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_NAME'] = "Ceph OSDs" config['FIREWALL_SERVICE_ID'] = "ceph_osds_%s" % host config['FIREWALL_PORTS'] = "['6800-7100']" config['FIREWALL_CHAIN'] = "INPUT" manifest_data += getManifestTemplate("firewall.pp") appendManifestFile(manifest_file, manifest_data)
def create_storage_manifest(config, messages): global devices manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("swift_storage") # this need to happen once per storage device for device in devices: host = config['CONFIG_STORAGE_HOST'] devicename = device['device_name'] device = device['device'] fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"] if device: check_device(host, device) manifestdata += ('\nswift::storage::%s { "%s":\n' ' device => "%s",\n}\n' % (fstype, devicename, device)) else: # create loopback device if none was specified config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config) manifestdata += "\n" + getManifestTemplate("swift_loopback") # set allowed hosts for firewall hosts = set([config['CONFIG_STORAGE_HOST']]) if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) fw_details = dict() for host in hosts: key = "swift_storage_and_rsync_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host fw_details[key]['service_name'] = "swift storage and rsync" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['6000', '6001', '6002', '873'] fw_details[key]['proto'] = "tcp" config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_SWIFT_STORAGE_RULES') appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): manifestfile = "%s_glance.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("glance.pp") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': mq_template = get_mq(config, "glance_ceilometer") manifestdata += getManifestTemplate(mq_template) config['FIREWALL_SERVICE_NAME'] = "glance" config['FIREWALL_PORTS'] = "'9292'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' if config['CONFIG_NOVA_INSTALL'] == 'y': for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "glance_%s" % host manifestdata += getManifestTemplate("firewall.pp") else: config['FIREWALL_ALLOWED'] = "'ALL'" config['FIREWALL_SERVICE_ID'] = "glance_ALL" manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_storage_manifest(config, messages): global devices manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("swift_storage.pp") # this need to happen once per storage device for device in devices: host = config['CONFIG_CONTROLLER_HOST'] devicename = device['device_name'] device = device['device'] fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"] if device: check_device(host, device) manifestdata += ('\nswift::storage::%s { "%s":\n' ' device => "%s",\n}\n' % (fstype, devicename, device)) else: # create loopback device if none was specified config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config) manifestdata += "\n" + getManifestTemplate("swift_loopback.pp") # set allowed hosts for firewall hosts = set([config['CONFIG_CONTROLLER_HOST']]) if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "swift storage and rsync" config['FIREWALL_PORTS'] = "['6000', '6001', '6002', '873']" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "swift_storage_and_rsync_%s" % host manifestdata += getManifestTemplate("firewall.pp") appendManifestFile(manifestfile, manifestdata)
def create_storage_manifest(config, messages): global devices devicename = 0 swift_dev_details = dict() host = utils.force_ip(config['CONFIG_STORAGE_HOST_URL']) fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"] # this need to happen once per storage device for device in devices: if device['device'] is None: config['CONFIG_SWIFT_STORAGE_SEEK'] = get_storage_size(config) else: devicename = device['device_name'] devicedev = device['device'] key = "dev_%s_%s" % (host, devicename) swift_dev_details.setdefault(key, {}) swift_dev_details[key]['device'] = "%s" % devicename swift_dev_details[key]['dev'] = "%s" % devicedev swift_dev_details[key]['fstype'] = "%s" % fstype config['CONFIG_SWIFT_STORAGE_DEVICES'] = swift_dev_details # set allowed hosts for firewall hosts = set([config['CONFIG_STORAGE_HOST']]) if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) fw_details = dict() for host in hosts: key = "swift_storage_and_rsync_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host fw_details[key]['service_name'] = "swift storage and rsync" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['6000', '6001', '6002', '873'] fw_details[key]['proto'] = "tcp" config['FIREWALL_SWIFT_STORAGE_RULES'] = fw_details
def create_manifest(config, messages): manifestfile = "%s_ceilometer.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "ceilometer")) manifestdata += getManifestTemplate("ceilometer") if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': # Determine if we need to configure multiple sentinel hosts as # fallbacks for use in coordination url. sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']) sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT'] sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] if len(sentinel_hosts) > 1: sentinel_fallbacks = '&'.join([ 'sentinel_fallback=%s:%s' % (host, sentinel_port) for host in sentinel_hosts if host != sentinel_contact ]) else: sentinel_fallbacks = '' config['CONFIG_REDIS_SENTINEL_FALLBACKS'] = sentinel_fallbacks fw_details = dict() key = "ceilometer_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "ceilometer-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8777'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CEILOMETER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CEILOMETER_RULES') # Add a template that creates a group for nova because the ceilometer # class needs it if config['CONFIG_NOVA_INSTALL'] == 'n': manifestdata += getManifestTemplate("ceilometer_nova_disabled") appendManifestFile(manifestfile, manifestdata, 'ceilometer')
def create_manifest(config, messages): if config['CONFIG_MYSQL_INSTALL'] == 'y': install = True suffix = 'install' else: install = False suffix = 'noinstall' manifestfile = "%s_mysql.pp" % config['CONFIG_MYSQL_HOST'] manifestdata = [getManifestTemplate('mysql_%s.pp' % suffix)] def append_for(module, suffix): # Modules have to be appended to the existing mysql.pp # otherwise pp will fail for some of them saying that # Mysql::Config definition is missing. template = "mysql_%s_%s.pp" % (module, suffix) manifestdata.append(getManifestTemplate(template)) append_for("keystone", suffix) for mod in ['nova', 'cinder', 'glance', 'neutron', 'heat']: if config['CONFIG_%s_INSTALL' % mod.upper()] == 'y': append_for(mod, suffix) hosts = set([config['CONFIG_CONTROLLER_HOST']]) hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) config['FIREWALL_SERVICE_NAME'] = "mysql" config['FIREWALL_PORTS'] = "'3306'" config['FIREWALL_CHAIN'] = "INPUT" config['FIREWALL_PROTOCOL'] = 'tcp' for host in hosts: config['FIREWALL_ALLOWED'] = "'%s'" % host config['FIREWALL_SERVICE_ID'] = "mysql_%s" % host manifestdata.append(getManifestTemplate("firewall.pp")) appendManifestFile(manifestfile, "\n".join(manifestdata), 'pre')
def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return if config['CONFIG_IRONIC_INSTALL'] == 'y': config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat' config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat' if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']: config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch' config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'physnet1' if use_ml2_with_sriovnicswitch(config): if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] and 'linuxbridge' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch' plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' # values modification for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): if config[key] == '': config[key] = [] else: config[key] = [i.strip() for i in config[key].split(',') if i] key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path global api_hosts, network_hosts, compute_hosts, q_hosts api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) q_hosts = api_hosts | network_hosts | compute_hosts if config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] == 'y': config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = True else: config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = False neutron_steps = [ {'title': 'Preparing Neutron LBaaS Agent entries', 'functions': [create_lbaas_manifests]}, {'title': 'Preparing Neutron API entries', 'functions': [create_manifests]}, {'title': 'Preparing Neutron L3 entries', 'functions': [create_l3_manifests]}, {'title': 'Preparing Neutron L2 Agent entries', 'functions': [create_l2_agent_manifests]}, {'title': 'Preparing Neutron DHCP Agent entries', 'functions': [create_dhcp_manifests]}, {'title': 'Preparing Neutron Metering Agent entries', 'functions': [create_metering_agent_manifests]}, {'title': 'Checking if NetworkManager is enabled and running', 'functions': [check_nm_status]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return if config['CONFIG_IRONIC_INSTALL'] == 'y': config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat' config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat' if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']: config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch' config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'physnet1' if use_ml2_with_sriovnicswitch(config): if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] and 'linuxbridge' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch' plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' # values modification for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): if config[key] == '': config[key] = [] else: config[key] = [i.strip() for i in config[key].split(',') if i] key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path global api_hosts, network_hosts, compute_hosts, q_hosts api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) q_hosts = api_hosts | network_hosts | compute_hosts if config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] == 'y': config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = True else: config['CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED'] = False neutron_steps = [ { 'title': 'Preparing Neutron LBaaS Agent entries', 'functions': [create_lbaas_manifests] }, { 'title': 'Preparing Neutron API entries', 'functions': [create_manifests] }, { 'title': 'Preparing Neutron L3 entries', 'functions': [create_l3_manifests] }, { 'title': 'Preparing Neutron L2 Agent entries', 'functions': [create_l2_agent_manifests] }, { 'title': 'Preparing Neutron DHCP Agent entries', 'functions': [create_dhcp_manifests] }, { 'title': 'Preparing Neutron Metering Agent entries', 'functions': [create_metering_agent_manifests] }, { 'title': 'Checking if NetworkManager is enabled and running', 'functions': [check_nm_status] }, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def create_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder.pp") backends = config['CONFIG_CINDER_BACKEND'] if 'netapp' in backends: backends.remove('netapp') puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi.pp" puppet_cdot_nfs = "cinder_netapp_cdot_nfs.pp" puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi.pp" puppet_7mode_nfs = "cinder_netapp_7mode_nfs.pp" puppet_eseries = "cinder_netapp_eseries.pp" if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_cdot_iscsi) elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": manifestdata += getManifestTemplate(puppet_cdot_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_7mode_iscsi) elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": manifestdata += getManifestTemplate(puppet_7mode_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": manifestdata += getManifestTemplate(puppet_eseries) for backend in backends: manifestdata += getManifestTemplate('cinder_%s.pp' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer.pp') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup.pp') fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host else: key = "cinder_all" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['3260'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_RULES') # cinder API should be open for everyone fw_details = dict() key = "cinder_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8776'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_API_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES') appendManifestFile(manifestfile, manifestdata)
def create_bridge_manifest(config, messages): for host in utils.split_hosts(config['CONFIG_NETWORK_HOSTS']): manifest_file = '{}_provision_bridge.pp'.format(host) manifest_data = getManifestTemplate("provision_bridge") appendManifestFile(manifest_file, manifest_data, 'bridge')
def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return if config['CONFIG_IRONIC_INSTALL'] == 'y': config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat' config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat' if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']: config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch' config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'extnet' if use_ml2_with_sriovnicswitch(config): if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] and 'linuxbridge' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch' if use_ml2_with_ovn(config): if ('ovn' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] = 'ovn' # OVN only supports geneve encapsulation if ('geneve' not in config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS']): config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', geneve' config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] = 'geneve' # VPNaaS, LBaaS and FWaaS are not supported with OVN config['CONFIG_NEUTRON_FWAAS'] = 'n' config['CONFIG_NEUTRON_VPNAAS'] = 'n' config['CONFIG_LBAAS_INSTALL'] = 'n' config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] = 'n' # When using OVN we need to create the same L2 infrastucture as # for OVS, so I'm copying value for required variables and use # the same logic ovs_tunnel_sub = 'CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS' ovn_tunnel_sub = 'CONFIG_NEUTRON_OVN_TUNNEL_SUBNETS' config[ovs_tunnel_sub] = config[ovn_tunnel_sub] ovs_tunnel_if = 'CONFIG_NEUTRON_OVS_TUNNEL_IF' ovn_tunnel_if = 'CONFIG_NEUTRON_OVN_TUNNEL_IF' config[ovs_tunnel_if] = config[ovn_tunnel_if] ovs_mappings = 'CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS' ovn_mappings = 'CONFIG_NEUTRON_OVN_BRIDGE_MAPPINGS' config[ovs_mappings] = config[ovn_mappings] ovs_ifaces = 'CONFIG_NEUTRON_OVS_BRIDGE_IFACES' ovn_ifaces = 'CONFIG_NEUTRON_OVN_BRIDGE_IFACES' config[ovs_ifaces] = config[ovn_ifaces] ovs_compute = 'CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE' ovn_compute = 'CONFIG_NEUTRON_OVN_BRIDGES_COMPUTE' config[ovs_compute] = config[ovn_compute] ovs_external = 'CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET' ovn_external = 'CONFIG_NEUTRON_OVN_EXTERNAL_PHYSNET' config[ovs_external] = config[ovn_external] elif use_ml2_with_ovs(config): if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] = 'openvswitch' plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' # values modification for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): if config[key] == '': config[key] = [] else: config[key] = [i.strip() for i in config[key].split(',') if i] key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path global api_hosts, network_hosts, compute_hosts, q_hosts api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) q_hosts = api_hosts | network_hosts | compute_hosts neutron_steps = [ { 'title': 'Preparing Neutron LBaaS Agent entries', 'functions': [create_lbaas_manifests] }, { 'title': 'Preparing Neutron API entries', 'functions': [create_manifests] }, { 'title': 'Preparing Neutron L3 entries', 'functions': [create_l3_manifests] }, { 'title': 'Preparing Neutron L2 Agent entries', 'functions': [create_l2_agent_manifests] }, { 'title': 'Preparing Neutron DHCP Agent entries', 'functions': [create_dhcp_manifests] }, { 'title': 'Preparing Neutron Metering Agent entries', 'functions': [create_metering_agent_manifests] }, { 'title': 'Checking if NetworkManager is enabled and running', 'functions': [check_nm_status] }, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)
def create_manifest(config, messages): if config['CONFIG_UNSUPPORTED'] != 'y': config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder") backends = config['CONFIG_CINDER_BACKEND'] if 'netapp' in backends: backends.remove('netapp') puppet_cdot_iscsi = "cinder_netapp_cdot_iscsi" puppet_cdot_nfs = "cinder_netapp_cdot_nfs" puppet_7mode_iscsi = "cinder_netapp_7mode_iscsi" puppet_7mode_nfs = "cinder_netapp_7mode_nfs" puppet_eseries = "cinder_netapp_eseries" if config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_cluster": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_cdot_iscsi) elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": manifestdata += getManifestTemplate(puppet_cdot_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "ontap_7mode": if config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "iscsi": manifestdata += getManifestTemplate(puppet_7mode_iscsi) elif config['CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL'] == "nfs": manifestdata += getManifestTemplate(puppet_7mode_nfs) elif config['CONFIG_CINDER_NETAPP_STORAGE_FAMILY'] == "eseries": manifestdata += getManifestTemplate(puppet_eseries) for backend in backends: manifestdata += getManifestTemplate('cinder_%s' % backend) if config['CONFIG_CEILOMETER_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_ceilometer') if config['CONFIG_SWIFT_INSTALL'] == 'y': manifestdata += getManifestTemplate('cinder_backup') fw_details = dict() for host in split_hosts(config['CONFIG_COMPUTE_HOSTS']): if (config['CONFIG_NOVA_INSTALL'] == 'y' and config['CONFIG_VMWARE_BACKEND'] == 'n'): key = "cinder_%s" % host fw_details.setdefault(key, {}) fw_details[key]['host'] = "%s" % host else: key = "cinder_all" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['3260'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_RULES') # cinder API should be open for everyone fw_details = dict() key = "cinder_api" fw_details.setdefault(key, {}) fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "cinder-api" fw_details[key]['chain'] = "INPUT" fw_details[key]['ports'] = ['8776'] fw_details[key]['proto'] = "tcp" config['FIREWALL_CINDER_API_RULES'] = fw_details manifestdata += createFirewallResources('FIREWALL_CINDER_API_RULES') appendManifestFile(manifestfile, manifestdata)
def initSequences(controller): config = controller.CONF if config['CONFIG_NEUTRON_INSTALL'] != 'y': return if config['CONFIG_IRONIC_INSTALL'] == 'y': config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', flat' config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] += ', flat' if 'openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']: config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += 'openvswitch' config['CONFIG_NEUTRON_ML2_FLAT_NETWORKS'] = 'extnet' if use_ml2_with_sriovnicswitch(config): if ('openvswitch' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] and 'linuxbridge' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] += ', openvswitch' if use_ml2_with_ovn(config): if ('ovn' not in config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS']): config['CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'] = 'ovn' # OVN only supports geneve encapsulation if ('geneve' not in config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS']): config['CONFIG_NEUTRON_ML2_TYPE_DRIVERS'] += ', geneve' config['CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'] = 'geneve' # VPNaaS, LBaaS and FWaaS are not supported with OVN config['CONFIG_NEUTRON_FWAAS'] = 'n' config['CONFIG_NEUTRON_VPNAAS'] = 'n' config['CONFIG_LBAAS_INSTALL'] = 'n' config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] = 'n' # When using OVN we need to create the same L2 infrastucture as # for OVS, so I'm copying value for required variables and use # the same logic ovs_tunnel_sub = 'CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS' ovn_tunnel_sub = 'CONFIG_NEUTRON_OVN_TUNNEL_SUBNETS' config[ovs_tunnel_sub] = config[ovn_tunnel_sub] ovs_tunnel_if = 'CONFIG_NEUTRON_OVS_TUNNEL_IF' ovn_tunnel_if = 'CONFIG_NEUTRON_OVN_TUNNEL_IF' config[ovs_tunnel_if] = config[ovn_tunnel_if] ovs_mappings = 'CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS' ovn_mappings = 'CONFIG_NEUTRON_OVN_BRIDGE_MAPPINGS' config[ovs_mappings] = config[ovn_mappings] ovs_ifaces = 'CONFIG_NEUTRON_OVS_BRIDGE_IFACES' ovn_ifaces = 'CONFIG_NEUTRON_OVN_BRIDGE_IFACES' config[ovs_ifaces] = config[ovn_ifaces] ovs_compute = 'CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE' ovn_compute = 'CONFIG_NEUTRON_OVN_BRIDGES_COMPUTE' config[ovs_compute] = config[ovn_compute] ovs_external = 'CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET' ovn_external = 'CONFIG_NEUTRON_OVN_EXTERNAL_PHYSNET' config[ovs_external] = config[ovn_external] plugin_db = 'neutron' plugin_path = 'neutron.plugins.ml2.plugin.Ml2Plugin' # values modification for key in ('CONFIG_NEUTRON_ML2_TYPE_DRIVERS', 'CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES', 'CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS', 'CONFIG_NEUTRON_ML2_FLAT_NETWORKS', 'CONFIG_NEUTRON_ML2_VLAN_RANGES', 'CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES', 'CONFIG_NEUTRON_ML2_VNI_RANGES'): if config[key] == '': config[key] = [] else: config[key] = [i.strip() for i in config[key].split(',') if i] key = 'CONFIG_NEUTRON_ML2_VXLAN_GROUP' config[key] = "%s" % config[key] if config[key] else '' config['CONFIG_NEUTRON_L2_DBNAME'] = plugin_db config['CONFIG_NEUTRON_CORE_PLUGIN'] = plugin_path global api_hosts, network_hosts, compute_hosts, q_hosts api_hosts = split_hosts(config['CONFIG_CONTROLLER_HOST']) network_hosts = split_hosts(config['CONFIG_NETWORK_HOSTS']) compute_hosts = set() if config['CONFIG_NOVA_INSTALL'] == 'y': compute_hosts = split_hosts(config['CONFIG_COMPUTE_HOSTS']) q_hosts = api_hosts | network_hosts | compute_hosts neutron_steps = [ {'title': 'Preparing Neutron LBaaS Agent entries', 'functions': [create_lbaas_manifests]}, {'title': 'Preparing Neutron API entries', 'functions': [create_manifests]}, {'title': 'Preparing Neutron L3 entries', 'functions': [create_l3_manifests]}, {'title': 'Preparing Neutron L2 Agent entries', 'functions': [create_l2_agent_manifests]}, {'title': 'Preparing Neutron DHCP Agent entries', 'functions': [create_dhcp_manifests]}, {'title': 'Preparing Neutron Metering Agent entries', 'functions': [create_metering_agent_manifests]}, {'title': 'Checking if NetworkManager is enabled and running', 'functions': [check_nm_status]}, ] controller.addSequence("Installing OpenStack Neutron", [], [], neutron_steps)