include ::tripleo::packages
include ::tripleo::firewall
+create_resources(kmod::load, hiera('kernel_modules'), {})
create_resources(sysctl::value, hiera('sysctl_settings'), {})
+Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
if count(hiera('ntp::servers')) > 0 {
include ::ntp
before => Service['libvirt'],
}
+# When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
+exec { 'reset-iscsi-initiator-name':
+ command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
+ onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
+}->
+
+file { '/etc/iscsi/.initiator_reset':
+ ensure => present,
+}
+
include ::nova
include ::nova::config
include ::nova::compute
-nova_config {
- 'DEFAULT/my_ip': value => $ipaddress;
- 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
-}
-
$rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
$rbd_persistent_storage = hiera('rbd_persistent_storage', false)
if $rbd_ephemeral_storage or $rbd_persistent_storage {
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
+ class { '::ceph::profile::params':
+ mon_host => $mon_host,
+ }
+ include ::ceph::conf
include ::ceph::profile::client
$client_keys = hiera('ceph::profile::params::client_keys')
package {'nfs-utils': } -> Service['nova-compute']
}
-include ::nova::compute::libvirt
+if str2bool(hiera('nova::use_ipv6', false)) {
+ $vncserver_listen = '::0'
+} else {
+ $vncserver_listen = '0.0.0.0'
+}
+class { '::nova::compute::libvirt' :
+ vncserver_listen => $vncserver_listen,
+}
+
+nova_config {
+ 'DEFAULT/my_ip': value => $ipaddress;
+ 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
+ 'DEFAULT/host': value => $fqdn;
+ # TUNNELLED mode provides a security enhancement when using shared storage but is not
+ # supported when not using shared storage.
+ # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
+ # In future versions of QEMU (2.6, mostly), Dan's native encryption
+ # work will obsolete the need to use TUNNELLED transport mode.
+ 'libvirt/live_migration_tunnelled': value => $rbd_ephemeral_storage;
+}
+
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
file {'/etc/libvirt/qemu.conf':
ensure => present,
}
include ::nova::network::neutron
include ::neutron
+include ::neutron::config
# If the value of core plugin is set to 'nuage',
# include nuage agent,
# require => Class['contrail::vrouter'],
#}
}
+elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
+ # forward all ipv4 traffic
+ # this is required for the vms to pass through the gateways public interface
+ sysctl::value { 'net.ipv4.ip_forward': value => '1' }
+
+ # ifc_ctl_pp needs to be invoked by root as part of the vif.py when a VM is powered on
+ file { '/etc/sudoers.d/ifc_ctl_sudoers':
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0440',
+ content => "nova ALL=(root) NOPASSWD: /opt/pg/bin/ifc_ctl_pp *\n",
+ }
+}
else {
+ # NOTE: this code won't live in puppet-neutron until Neutron OVS agent
+ # can be gracefully restarted. See https://review.openstack.org/#/c/297211
+ # In the meantime, it's safe to restart the agent on each change in neutron.conf,
+ # because Puppet changes are supposed to be done during bootstrap and upgrades.
+ # Some resource managed by Neutron_config (like messaging and logging options) require
+ # a restart of OVS agent. This code does it.
+ # In Newton, OVS agent will be able to be restarted gracefully so we'll drop the code
+ # from here and fix it in puppet-neutron.
+ Neutron_config<||> ~> Service['neutron-ovs-agent-service']
+
include ::neutron::plugins::ml2
include ::neutron::agents::ml2::ovs
n1kv_version => hiera('n1kv_vem_version', undef),
}
}
+
+ if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
+ include ::neutron::agents::bigswitch
+ }
}
+neutron_config {
+ 'DEFAULT/host': value => $fqdn;
+}
include ::ceilometer
include ::ceilometer::config
}
class { '::snmp':
agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
}
hiera_include('compute_classes')
Code Review / apex-tripleo-heat-templates.git / blobdiff