/
nova.pp
277 lines (254 loc) · 12 KB
/
nova.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
class contrail::profile::openstack::nova(
$host_control_ip = $::contrail::params::host_ip,
$internal_vip = $::contrail::params::internal_vip,
$nova_password = $::contrail::params::os_nova_password,
$neutron_password = $::contrail::params::os_neutron_password,
$openstack_verbose = $::contrail::params::os_verbose,
$openstack_debug = $::contrail::params::os_debug,
$region_name = $::contrail::params::os_region,
$allowed_hosts = $::contrail::params::os_mysql_allowed_hosts,
$rabbitmq_user = $::contrail::params::os_rabbitmq_user,
$rabbitmq_password = $::contrail::params::os_rabbitmq_password,
$sync_db = $::contrail::params::os_sync_db,
$service_password = $::contrail::params::os_mysql_service_password,
$address_api = $::contrail::params::os_controller_api_address ,
$sriov_enable = $::contrail::params::sriov_enable,
$enable_ceilometer = $::contrail::params::enable_ceilometer,
$package_sku = $::contrail::params::package_sku,
$host_roles = $::contrail::params::host_roles,
$openstack_ip_list = $::contrail::params::openstack_ip_list,
$contrail_internal_vip = $::contrail::params::contrail_internal_vip,
$openstack_rabbit_servers = $::contrail::params::openstack_rabbit_hosts,
$neutron_shared_secret = $::contrail::params::os_neutron_shared_secret,
$storage_management_address = $::contrail::params::os_glance_mgmt_address,
$controller_mgmt_address = $::contrail::params::os_controller_mgmt_address,
$keystone_ip_to_use = $::contrail::params::keystone_ip_to_use,
$keystone_admin_password = $::contrail::params::keystone_admin_password,
$config_ip_to_use = $::contrail::params::config_ip_to_use,
$openstack_ip_to_use = $::contrail::params::openstack_ip_to_use,
$rabbit_use_ssl = $::contrail::params::os_amqp_ssl,
$kombu_ssl_ca_certs = $::contrail::params::kombu_ssl_ca_certs,
$kombu_ssl_certfile = $::contrail::params::kombu_ssl_certfile,
$kombu_ssl_keyfile = $::contrail::params::kombu_ssl_keyfile,
$vncproxy_port = $::contrail::params::vncproxy_port,
$neutron_ip_to_use = $::contrail::params::neutron_ip_to_use
) {
$auth_uri = "http://${keystone_ip_to_use}:5000/"
class {'::nova::db::mysql':
password => $service_password,
allowed_hosts => $allowed_hosts,
}
if ( $package_sku =~ /13\.0/) {
## TODO: Remove once we move to mitaka modules
class {'::nova::db::mysql_api':
password => $service_password,
allowed_hosts => $allowed_hosts,
}
$enabled_apis = ['osapi_compute,metadata']
}
else {
$enabled_apis = ['ec2,osapi_compute,metadata']
}
$compute_ip_list = $::contrail::params::compute_ip_list
$tmp_index = inline_template('<%= @compute_ip_list.index(@host_control_ip) %>')
if ($tmp_index != nil and $tmp_index != undef and $tmp_index != "" ) {
$contrail_is_compute = true
} else {
$contrail_is_compute = false
}
$memcache_ip_ports = suffix($openstack_ip_list, ":11211")
if ($internal_vip != "" and $internal_vip != undef) {
$vncproxy_host = $host_control_ip
$osapi_compute_workers = '40'
$database_idle_timeout = '180'
$nova_api_port = '9774'
$metadata_port = '9775'
$mysql_ip_address = $internal_vip
$mysql_port_url = ":33306/nova"
$mysql_port_url_api = ":33306/nova_api"
} else {
$vncproxy_host = $openstack_ip_to_use
$osapi_compute_workers = $::processorcount
$database_idle_timeout = '3600'
$nova_api_port = '8774'
$metadata_port = '8775'
$mysql_ip_address = $host_control_ip
$mysql_port_url = "/nova"
$mysql_port_url_api = "/nova_api"
}
$database_credentials = join([$service_password, "@", $mysql_ip_address],'')
$keystone_db_conn = join(["mysql://nova:",$database_credentials,$mysql_port_url],'')
case $package_sku {
/13\.0/: {
$nova_api_db_conn = join(["mysql://nova_api:",$database_credentials, $mysql_port_url_api],'')
class { '::nova':
database_connection => $keystone_db_conn,
glance_api_servers => "http://${openstack_ip_to_use}:9292",
memcached_servers => [$memcache_ip_ports],
rabbit_hosts => $openstack_rabbit_servers,
rabbit_userid => $rabbitmq_user,
rabbit_password => $rabbitmq_password,
verbose => $openstack_verbose,
debug => $openstack_debug,
notification_driver => "nova.openstack.common.notifier.rpc_notifier",
api_database_connection => $nova_api_db_conn,
database_idle_timeout => $database_idle_timeout,
database_min_pool_size => "100",
database_max_pool_size => "350",
database_max_overflow => "700",
database_retry_interval => "5",
database_max_retries => "-1",
rabbit_use_ssl => $rabbit_use_ssl,
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_certfile => $kombu_ssl_certfile,
kombu_ssl_keyfile => $kombu_ssl_keyfile
}
class { '::nova::api':
osapi_compute_listen_port => $nova_api_port,
metadata_listen_port => $metadata_port,
admin_password => $nova_password,
auth_uri => $auth_uri,
enabled => 'true',
neutron_metadata_proxy_shared_secret => $neutron_shared_secret,
sync_db => $sync_db,
osapi_compute_workers => $osapi_compute_workers,
enabled_apis => $enabled_apis
}
class { '::nova::network::neutron':
neutron_admin_password => $neutron_password,
neutron_region_name => $region_name,
neutron_admin_auth_url => "http://${keystone_ip_to_use}:35357/",
neutron_url => "http://${neutron_ip_to_use}:9696",
vif_plugging_is_fatal => false,
vif_plugging_timeout => '0',
}
nova_config {
'DEFAULT/scheduler_max_attempts': value => '10';
'DEFAULT/disable_process_locking': value => 'True';
'DEFAULT/rabbit_retry_interval': value => '1';
'DEFAULT/rabbit_retry_backoff': value => '2';
'DEFAULT/rabbit_max_retries': value => '0';
'DEFAULT/rabbit_interval': value => '15';
'DEFAULT/pool_timeout': value => '120';
'database/db_max_retries': value => '3';
'database/db_retry_interval': value => '1';
'database/connection_debug': value => '10';
'neutron/admin_auth_url' : value => "http://${keystone_ip_to_use}:35357/" ;
'neutron/admin_tenant_name' : value => 'services';
'neutron/admin_username' : value => 'neutron';
'neutron/auth_type' : value => 'password';
'neutron/admin_password' : value => "${keystone_admin_password}";
'neutron/url_timeout' : value => "300";
'compute/compute_driver' : value => "libvirt.LibvirtDriver";
'DEFAULT/rabbit_hosts' : value => "${nova_compute_rabbit_hosts}";
'DEFAULT/novncproxy_base_url' : value => "http://${host_control_ip}:5999/vnc_auto.html";
}
}
default: {
class { '::nova':
database_connection => $keystone_db_conn,
glance_api_servers => "http://${openstack_ip_to_use}:9292",
memcached_servers => [$memcache_ip_ports],
rabbit_hosts => $openstack_rabbit_servers,
rabbit_userid => $rabbitmq_user,
rabbit_password => $rabbitmq_password,
verbose => $openstack_verbose,
debug => $openstack_debug,
notification_driver => "nova.openstack.common.notifier.rpc_notifier",
database_idle_timeout => $database_idle_timeout,
rabbit_use_ssl => $rabbit_use_ssl,
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_certfile => $kombu_ssl_certfile,
kombu_ssl_keyfile => $kombu_ssl_keyfile
}
class { '::nova::api':
admin_password => $nova_password,
auth_host => $keystone_ip_to_use,
auth_uri => $auth_uri,
enabled => 'true',
neutron_metadata_proxy_shared_secret => $neutron_shared_secret,
sync_db => $sync_db,
osapi_compute_workers => $osapi_compute_workers,
enabled_apis => $enabled_apis
}
class { '::nova::network::neutron':
neutron_admin_password => $neutron_password,
neutron_region_name => $region_name,
neutron_admin_auth_url => "http://${keystone_ip_to_use}:35357/v2.0",
neutron_url => "http://${neutron_ip_to_use}:9696",
vif_plugging_is_fatal => false,
vif_plugging_timeout => '0',
}
nova_config {
'DEFAULT/osapi_compute_listen_port': value => $nova_api_port;
'DEFAULT/metadata_listen_port': value => $metadata_port;
'DEFAULT/scheduler_max_attempts': value => '10';
'DEFAULT/disable_process_locking': value => 'True';
'DEFAULT/rabbit_retry_interval': value => '1';
'DEFAULT/rabbit_retry_backoff': value => '2';
'DEFAULT/rabbit_max_retries': value => '0';
'DEFAULT/rabbit_interval': value => '15';
'DEFAULT/pool_timeout': value => '120';
'neutron/username': value => 'neutron';
'neutron/password': value => $neutron_password;
'neutron/auth_plugin': value => 'password';
'neutron/auth_url': value => "http://${keystone_ip_to_use}:5000/";
'database/min_pool_size': value => '100';
'database/max_pool_size': value => '350';
'database/max_overflow': value => '700';
'database/retry_interval': value => '5';
'database/max_retries': value => '-1';
'database/db_max_retries': value => '3';
'database/db_retry_interval': value => '1';
'database/connection_debug': value => '10';
}
}
}
if ($enable_ceilometer) {
$instance_usage_audit = 'True'
$instance_usage_audit_period = 'hour'
}
class { '::nova::vncproxy':
host => $vncproxy_host,
enabled => 'true',
port => $vncproxy_port,
}
class { [
'nova::scheduler',
'nova::consoleauth',
'nova::conductor',
]:
enabled => 'true',
}
if ('compute' in $host_roles) {
# TODO: it's important to set up the vnc properly
class { '::nova::compute':
enabled => $contrail_is_compute,
vnc_enabled => true,
vncserver_proxyclient_address => $management_address,
vncproxy_host => $openstack_ip_to_use,
instance_usage_audit => $instance_usage_audit,
instance_usage_audit_period => $instance_usage_audit_period
}
#TODO make sure we have vif package
class { '::nova::compute::neutron':
libvirt_vif_driver => "nova_contrail_vif.contrailvif.VRouterVIFDriver"
}
}
if ($sriov_enable) {
file_line_after {
'scheduler_default_filters':
line => 'scheduler_default_filters=PciPassthroughFilter',
path => '/etc/nova/nova.conf',
after => '^\s*\[DEFAULT\]';
'scheduler_available_filters':
line => 'scheduler_available_filters=nova.scheduler.filters.pci_passthrough_filter.PciPassthroughFilter',
path => '/etc/nova/nova.conf',
after => '^\s*\[DEFAULT\]';
'scheduler_available_filters2':
line => 'scheduler_available_filters=nova.scheduler.filters.all_filters',
path => '/etc/nova/nova.conf',
after => '^\s*\[DEFAULT\]';
}
}
}