X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fnova-libvirt.yaml;h=ac7cc8f19e4fe6caa3b477890a5f69bca56e7908;hb=30bf7b3ab907c8dddc35d2f9b1640c653acb71c9;hp=1c2958e36052d8ebc045b11b536ab8ce22470793;hpb=fdd4352375c24c189d028f34cc66b3b1f2d474ee;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index 1c2958e3..ac7cc8f1 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -34,7 +34,7 @@ parameters:
     default: openstack
     type: string
   CephClientKey:
-    description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+    description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
     type: string
     hidden: true
   CephClusterFSID:
@@ -84,6 +84,19 @@ parameters:
                  the InternalTLSCAFile parameter) is not desired. The current
                  default reflects TripleO's default CA, which is FreeIPA.
                  It will only be used if internal TLS is enabled.
+  MigrationSshKey:
+    type: json
+    description: >
+      SSH key for migration.
+      Expects a dictionary with keys 'public_key' and 'private_key'.
+      Values should be identical to SSH public/private key files.
+    default:
+      public_key: ''
+      private_key: ''
+  MigrationSshPort:
+    default: 2022
+    description: Target port for migration over ssh
+    type: number
 
 conditions:
 
@@ -125,11 +138,17 @@ outputs:
           - nova::compute::libvirt::manage_libvirt_services: false
           # we manage migration in nova common puppet profile
             nova::compute::libvirt::migration_support: false
-            tripleo::profile::base::nova::manage_migration: true
-            tripleo::profile::base::nova::libvirt_enabled: true
             nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+            nova::compute::rbd::rbd_keyring:
+              list_join:
+              - '.'
+              - - 'client'
+                - {get_param: CephClientUserName}
             nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
             nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
+            tripleo::profile::base::nova::migration::client::libvirt_enabled: true
+            tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]}
+            tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort}
             nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
             nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
             nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents}
@@ -143,14 +162,16 @@ outputs:
                 dport:
                   - 16514
                   - '49152-49215'
-                  - '5900-5999'
+                  - '5900-6923'
 
           -
             if:
               - use_tls_for_live_migration
               -
                 generate_service_certificates: true
-                tripleo::profile::base::nova::libvirt_tls: true
+                tripleo::profile::base::nova::migration::client::libvirt_tls: true
+                nova::migration::libvirt::listen_address:
+                  get_param: [ServiceNetMap, NovaLibvirtNetwork]
                 nova::migration::libvirt::live_migration_inbound_addr:
                   str_replace:
                     template: