1 #Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
15 #Provides HA or non-HA setup for OpenStack Controller with ODL integration
16 #Mandatory common and HA variables are needed to setup each Controller
17 #ha_flag set to true will provide OpenStack HA of the following services:
18 #rabbitmq, galera mariadb, keystone, glance, nova, cinder, horizon, neutron
19 #includes all sub-services of those features (i.e. neutron-server, neutron-lg-agent, etc)
21 class opnfv::controller_networker {
22 if $odl_rest_port == '' { $odl_rest_port= '8081'}
23 if ($odl_flag != '') and str2bool($odl_flag) {
24 $ml2_mech_drivers = ['opendaylight']
25 $this_agent = 'opendaylight'
27 $ml2_mech_drivers = ['openvswitch','l2population']
31 ##Mandatory Common variables
32 if $admin_email == '' { fail('admin_email is empty') }
34 ##Most users will only care about a single user/password for all services
35 ##so lets create one variable that can be used instead of separate usernames/passwords
36 if !$single_username { $single_username = 'octopus' }
37 if !$single_password { $single_password = 'octopus' }
39 if !$keystone_admin_token { $keystone_admin_token = $single_password }
40 if !$neutron_metadata_shared_secret { $neutron_metadata_shared_secret = $single_password }
41 if !$mysql_root_password { $mysql_root_password = $single_password }
42 if !$admin_password { $admin_password = $single_password }
44 ##Check for HA, if not leave old functionality alone
45 if $ha_flag and str2bool($ha_flag) {
46 ##Mandatory HA variables
47 if !$controllers_ip_array { fail('controllers_ip_array is empty') }
48 $controllers_ip_array_str = $controllers_ip_array
49 $controllers_ip_array = split($controllers_ip_array, ',')
50 if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') }
51 $controllers_hostnames_array_str = $controllers_hostnames_array
52 $controllers_hostnames_array = split($controllers_hostnames_array, ',')
53 if !$amqp_vip { fail('amqp_vip is empty') }
54 if !$private_subnet { fail('private_subnet is empty')}
55 if !$cinder_admin_vip { fail('cinder_admin_vip is empty') }
56 if !$cinder_private_vip { fail('cinder_private_vip is empty') }
57 if !$cinder_public_vip { fail('cinder_public_vip is empty') }
58 if !$db_vip { fail('db_vip is empty') }
59 if !$glance_admin_vip { fail('glance_admin_vip is empty') }
60 if !$glance_private_vip { fail('glance_private_vip is empty') }
61 if !$glance_public_vip { fail('glance_public_vip is empty') }
62 if !$horizon_admin_vip { fail('horizon_admin_vip is empty') }
63 if !$horizon_private_vip { fail('horizon_private_vip is empty') }
64 if !$horizon_public_vip { fail('horizon_public_vip is empty') }
65 if !$keystone_admin_vip { fail('keystone_admin_vip is empty') }
66 if !$keystone_private_vip { fail('keystone_private_vip is empty') }
67 if !$keystone_public_vip { fail('keystone_public_vip is empty') }
68 if !$loadbalancer_vip { fail('loadbalancer_vip is empty') }
69 if !$neutron_admin_vip { fail('neutron_admin_vip is empty') }
70 if !$neutron_private_vip { fail('neutron_private_vip is empty') }
71 if !$neutron_public_vip { fail('neutron_public_vip is empty') }
72 if !$nova_admin_vip { fail('nova_admin_vip is empty') }
73 if !$nova_private_vip { fail('nova_private_vip is empty') }
74 if !$nova_public_vip { fail('nova_public_vip is empty') }
75 if $private_network == '' { fail('private_network is empty') }
77 ##Find private interface
78 $ovs_tunnel_if = get_nic_from_network("$private_network")
80 ##Optional HA variables
81 if !$amqp_username { $amqp_username = $single_username }
82 if !$amqp_password { $amqp_password = $single_password }
83 if !$ceph_fsid { $ceph_fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc' }
84 if !$ceph_images_key { $ceph_images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==' }
85 if !$ceph_mon_host { $ceph_mon_host= $controllers_ip_array }
86 if !$ceph_mon_initial_members { $ceph_mon_initial_members = $controllers_hostnames_array}
87 if !$ceph_osd_journal_size { $ceph_osd_journal_size = '1000' }
88 if !$ceph_osd_pool_size { $ceph_osd_pool_size = '1' }
89 if !$ceph_public_network { $ceph_public_network = $private_subnet }
90 if !$ceph_volumes_key { $ceph_volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==' }
91 if !$cinder_db_password { $cinder_db_password = $single_password }
92 if !$cinder_user_password { $cinder_user_password = $single_password }
93 if !$cluster_control_ip { $cluster_control_ip = $controllers_ip_array[0] }
94 if !$horizon_secret { $horizon_secret = $single_password }
95 if !$glance_db_password { $glance_db_password = $single_password }
96 if !$keystone_db_password { $keystone_db_password = $single_password }
97 if !$keystone_user_password { $keystone_user_password = $single_password }
98 if !$lb_backend_server_addrs { $lb_backend_server_addrs = $controllers_ip_array }
99 if !$lb_backend_server_names { $lb_backend_server_names = $controllers_hostnames_array }
100 if !$neutron_db_password { $neutron_db_password = $single_password }
101 if !$neutron_user_password { $neutron_user_password = $single_password }
102 if !$nova_db_password { $nova_db_password = $single_password }
103 if !$nova_user_password { $nova_user_password = $single_password }
104 if !$pcmk_server_addrs {$pcmk_server_addrs = $controllers_ip_array}
105 if !$pcmk_server_names {$pcmk_server_names = ["pcmk-${controllers_hostnames_array[0]}", "pcmk-${controllers_hostnames_array[1]}", "pcmk-${controllers_hostnames_array[2]}"] }
106 if !$rbd_secret_uuid { $rbd_secret_uuid = '3b519746-4021-4f72-957e-5b9d991723be' }
107 if !$storage_network {
108 $storage_iface = $ovs_tunnel_if
110 $storage_iface = get_nic_from_network("$storage_network")
113 ##we assume here that if not provided, the first controller is where ODL will reside
114 ##this is fine for now as we will replace ODL with ODL HA when it is ready
115 if $odl_control_ip == '' { $odl_control_ip = $controllers_ip_array[0] }
117 ###find interface ip of storage network
118 $osd_ip = find_ip("",
122 class { "opnfv::ceph_deploy":
124 osd_pool_default_size => $ceph_osd_pool_size,
125 osd_journal_size => $ceph_osd_journal_size,
126 mon_initial_members => $controllers_hostnames_array_str,
127 mon_host => $controllers_ip_array_str,
129 public_network => $ceph_public_network,
130 cluster_network => $ceph_public_network,
131 images_key => $ceph_images_key,
132 volumes_key => $ceph_volumes_key,
135 class { "quickstack::openstack_common": }
137 class { "quickstack::pacemaker::params":
138 amqp_password => $amqp_password,
139 amqp_username => $amqp_username,
140 amqp_vip => $amqp_vip,
141 ceph_cluster_network => $private_subnet,
142 ceph_fsid => $ceph_fsid,
143 ceph_images_key => $ceph_images_key,
144 ceph_mon_host => $ceph_mon_host,
145 ceph_mon_initial_members => $ceph_mon_initial_members,
146 ceph_osd_journal_size => $ceph_osd_journal_size,
147 ceph_osd_pool_size => $ceph_osd_pool_size,
148 ceph_public_network => $ceph_public_network,
149 ceph_volumes_key => $ceph_volumes_key,
150 cinder_admin_vip => $cinder_admin_vip,
151 cinder_db_password => $cinder_db_password,
152 cinder_private_vip => $cinder_private_vip,
153 cinder_public_vip => $cinder_public_vip,
154 cinder_user_password => $cinder_user_password,
155 cluster_control_ip => $cluster_control_ip,
157 glance_admin_vip => $glance_admin_vip,
158 glance_db_password => $glance_db_password,
159 glance_private_vip => $glance_private_vip,
160 glance_public_vip => $glance_public_vip,
161 glance_user_password => $glance_user_password,
162 heat_cfn_enabled => 'false',
163 horizon_admin_vip => $horizon_admin_vip,
164 horizon_private_vip => $horizon_private_vip,
165 horizon_public_vip => $horizon_public_vip,
166 include_ceilometer => 'false',
167 include_cinder => 'true',
168 include_glance => 'true',
169 include_heat => 'false',
170 include_horizon => 'true',
171 include_keystone => 'true',
172 include_neutron => 'true',
173 include_nosql => 'false',
174 include_nova => 'true',
175 include_swift => 'false',
176 keystone_admin_vip => $keystone_admin_vip,
177 keystone_db_password => $keystone_db_password,
178 keystone_private_vip => $keystone_private_vip,
179 keystone_public_vip => $keystone_public_vip,
180 keystone_user_password => $keystone_user_password,
181 lb_backend_server_addrs => $lb_backend_server_addrs,
182 lb_backend_server_names => $lb_backend_server_names,
183 loadbalancer_vip => $loadbalancer_vip,
185 neutron_admin_vip => $neutron_admin_vip,
186 neutron_db_password => $neutron_db_password,
187 neutron_metadata_proxy_secret => $neutron_metadata_proxy_secret,
188 neutron_private_vip => $neutron_private_vip,
189 neutron_public_vip => $neutron_public_vip,
190 neutron_user_password => $neutron_user_password,
191 nova_admin_vip => $nova_admin_vip,
192 nova_db_password => $nova_db_password,
193 nova_private_vip => $nova_private_vip,
194 nova_public_vip => $nova_public_vip,
195 nova_user_password => $nova_user_password,
196 pcmk_iface => $ovs_tunnel_if,
197 pcmk_server_addrs => $pcmk_server_addrs,
198 pcmk_server_names => $pcmk_server_names,
199 private_iface => $ovs_tunnel_if,
202 class { "quickstack::pacemaker::common": }
204 class { "quickstack::pacemaker::load_balancer": }
206 class { "quickstack::pacemaker::galera":
207 mysql_root_password => $mysql_root_password,
208 wsrep_cluster_members => $controllers_ip_array,
211 class { "quickstack::pacemaker::qpid": }
213 class { "quickstack::pacemaker::rabbitmq": }
215 class { "quickstack::pacemaker::keystone":
216 admin_email => $admin_email,
217 admin_password => $admin_password,
218 admin_token => $keystone_admin_token,
222 keystonerc => 'true',
223 use_syslog => 'true',
227 class { "quickstack::pacemaker::swift": }
229 class { "quickstack::pacemaker::glance":
232 pcmk_fs_manage => 'false',
237 class { "quickstack::pacemaker::nova":
238 neutron_metadata_proxy_secret => $neutron_metadata_shared_secret,
241 class { "quickstack::pacemaker::cinder":
243 rbd_secret_uuid => $rbd_secret_uuid,
249 class { "quickstack::pacemaker::heat": }
251 class { "quickstack::pacemaker::constraints": }
253 class { "quickstack::pacemaker::nosql": }
255 class { "quickstack::pacemaker::memcached": }
257 class { "quickstack::pacemaker::ceilometer":
258 ceilometer_metering_secret => $single_password,
261 class { "quickstack::pacemaker::horizon":
262 horizon_ca => '/etc/ipa/ca.crt',
263 horizon_cert => '/etc/pki/tls/certs/PUB_HOST-horizon.crt',
264 horizon_key => '/etc/pki/tls/private/PUB_HOST-horizon.key',
265 secret_key => $horizon_secret,
269 class { "quickstack::pacemaker::neutron":
270 agent_type => $this_agent,
271 enable_tunneling => 'true',
272 ml2_mechanism_drivers => $ml2_mech_drivers,
273 ml2_network_vlan_ranges => ["physnet1:10:50"],
274 odl_controller_ip => $odl_control_ip,
275 odl_controller_port => $odl_rest_port,
276 ovs_tunnel_iface => $ovs_tunnel_if,
277 ovs_tunnel_types => ["vxlan"],
282 if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') }
283 if $public_ip == '' { fail('public_ip is empty') }
284 if $private_ip == '' { fail('private_ip is empty') }
286 if $odl_control_ip == '' { $odl_control_ip = $private_ip }
288 if $mysql_ip == '' { fail('mysql_ip is empty') }
289 if $mysql_root_password == '' { fail('mysql_root_password is empty') }
290 if $amqp_ip == '' { fail('amqp_ip is empty') }
292 if $memcache_ip == '' { fail('memcache_ip is empty') }
293 if $neutron_ip == '' { fail('neutron_ip is empty') }
295 if $keystone_db_password == '' { fail('keystone_db_password is empty') }
297 if $horizon_secret_key == '' { fail('horizon_secret_key is empty') }
299 if $nova_user_password == '' { fail('nova_user_password is empty') }
300 if $nova_db_password == '' { fail('nova_db_password is empty') }
302 if $cinder_user_password == '' { fail('cinder_user_password is empty') }
303 if $cinder_db_password == '' { fail('cinder_db_password is empty') }
305 if $glance_user_password == '' { fail('glance_user_password is empty') }
306 if $glance_db_password == '' { fail('glance_db_password is empty') }
308 if $neutron_user_password == '' { fail('neutron_user_password is empty') }
309 if $neutron_db_password == '' { fail('neutron_db_password is empty') }
310 if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') }
312 if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') }
313 if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') }
315 if $heat_user_password == '' { fail('heat_user_password is empty') }
316 if $heat_db_password == '' { fail('heat_db_password is empty') }
317 if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') }
319 if $swift_user_password == '' { fail('swift_user_password is empty') }
320 if $swift_shared_secret == '' { fail('swift_shared_secret is empty') }
321 if $swift_admin_password == '' { fail('swift_admin_password is empty') }
323 class { "quickstack::neutron::controller_networker":
324 admin_email => $admin_email,
325 admin_password => $admin_password,
326 agent_type => $this_agent,
327 enable_tunneling => true,
328 ovs_tunnel_iface => $ovs_tunnel_if,
329 ovs_tunnel_network => '',
330 ovs_tunnel_types => ['vxlan'],
331 ovs_l2_population => 'True',
332 external_network_bridge => 'br-ex',
333 tenant_network_type => 'vxlan',
334 tunnel_id_ranges => '1:1000',
335 controller_admin_host => $private_ip,
336 controller_priv_host => $private_ip,
337 controller_pub_host => $public_ip,
339 #support_profile => $quickstack::params::support_profile,
340 #freeipa => $quickstack::params::freeipa,
342 mysql_host => $mysql_ip,
343 mysql_root_password => $mysql_root_password,
344 #amqp_provider => $amqp_provider,
345 amqp_host => $amqp_ip,
346 amqp_username => 'guest',
347 amqp_password => 'guest',
348 #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password,
350 keystone_admin_token => $keystone_admin_token,
351 keystone_db_password => $keystone_db_password,
353 ceilometer_metering_secret => $ceilometer_metering_secret,
354 ceilometer_user_password => $ceilometer_user_password,
356 cinder_backend_gluster => $quickstack::params::cinder_backend_gluster,
357 cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name,
358 cinder_gluster_shares => $quickstack::params::cinder_gluster_shares,
359 cinder_user_password => $cinder_user_password,
360 cinder_db_password => $cinder_db_password,
362 glance_db_password => $glance_db_password,
363 glance_user_password => $glance_user_password,
366 heat_cloudwatch => true,
367 heat_db_password => $heat_db_password,
368 heat_user_password => $heat_user_password,
369 heat_auth_encrypt_key => $heat_auth_encrypt_key,
371 horizon_secret_key => $horizon_secret_key,
372 horizon_ca => $quickstack::params::horizon_ca,
373 horizon_cert => $quickstack::params::horizon_cert,
374 horizon_key => $quickstack::params::horizon_key,
376 ml2_mechanism_drivers => $ml2_mech_drivers,
379 neutron_metadata_proxy_secret => $neutron_metadata_shared_secret,
380 neutron_db_password => $neutron_db_password,
381 neutron_user_password => $neutron_user_password,
383 nova_db_password => $nova_db_password,
384 nova_user_password => $nova_user_password,
386 odl_controller_ip => $odl_control_ip,
387 odl_controller_port => $odl_rest_port,
389 swift_shared_secret => $swift_shared_secret,
390 swift_admin_password => $swift_admin_password,
391 swift_ringserver_ip => '192.168.203.1',
392 swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"],
393 swift_storage_device => 'device1',
Code Review / genesis.git / blob