From 2e3b091c396aa72f0bfcf119c2200d561c3f6b30 Mon Sep 17 00:00:00 2001 From: tsurendra Date: Thu, 26 Feb 2015 11:30:30 -0800 Subject: [PATCH] Merging below commits from R2.1 4648977 (HEAD, merge_5) Server Manager: provision complete status is lost when compute role is present Closes-Bug: #1424870 2f9356b Server Manager: provision complete status is lost when compute role is present Closes-Bug: #1424870 74c49e8 Server Manager: external_vip Partial-Bug: #1423179 b23de15 Partial-Bug: #1413364 Server Manager HA, configuration for mysql, nova , haproxy were different from fab provisioning b28a286 Closes-Bug: #1413364 7f67138 Partial-Bug: #1413364 6ce4a85 Partial-Bug: #1413364 681e420 Closes-Bug: #1416585 Fixing multi interface related code changes for 1415585. c7e800c Closes-Bug: #1413364 Server Manager HA, configuration for mysql, nova , haproxy were different from fab provisioning c3278ea Closes-Bug: #1417411 Server Manager: Remove keystone-auth.conf for config server, untill multi-tenancy is enabled 5b179d3 Closes-Bug: #1413365 server manager HA , rabbitmq clustering should happen on control interface 0d3522f Partial-Bug: #1416585 Changes to clean up parameter list passed to puppet modules and document." into R2.1 847e258 Closes-Bug: #1416354 Provisioning External router is not happening through server-manager d4a9b95 Closes-Bug: #1412757 Not able to login to WebUI c191800 Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs)." into R2.1" 8bc7246 Closes-Bug: #1415787 Nova is not able to connect to AMQP server 5290115 Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs)." into R2.1 ae53bf4 Closes-bug: #1413361 server manager HA , supervisor is not starting contrail-api service when it is down. 60d20eb Partial: #1413364 server manager HA , configuration for mysql ,nova , haproxy were different from fab provisioning. 7478e72 Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs)." into R2.1 95f4b05 Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs)." into R2.1 700dd4c Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs)." into R2.1 292b0ba Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs)." into R2.1 b797518 Partial-Bug: #1397496 Server Manager changes to make use of new structure puppet modules for contrail and openstack (from puppet-labs). Change-Id: If3f4512e9fb2aa4cc7ad99239d4011ee9838db6d --- .../modules/cinder/manifests/api.pp | 28 +- .../modules/cinder/manifests/db/sync.pp | 27 +- .../modules/contrail/files/add_etc_host.py | 27 + .../contrail/files/add_reserved_ports.py | 35 ++ .../contrail/files/check-mysql-status.py | 23 + .../contrail/files/check-wsrep-status.py | 12 +- .../modules/contrail/files/contrail_sudoers | 7 + .../files/fix-cmon-params-and-add-ssh-keys.py | 32 +- .../modules/contrail/files/fix-mem-cache.py | 4 + .../contrail/files/generate_haproxy.py | 539 ++++++++++++++++++ .../contrail/files/set_rabbit_tcp_params.py | 3 + .../contrail/files/setup-cmon-schema.py | 6 +- .../contrail/files/setup_passwordless_ssh.py | 7 + .../modules/contrail/manifests/common.pp | 60 +- .../modules/contrail/manifests/compute.pp | 32 +- .../modules/contrail/manifests/config.pp | 41 +- .../modules/contrail/manifests/ha_config.pp | 69 ++- .../modules/contrail/manifests/haproxy.pp | 295 ++-------- .../modules/contrail/manifests/keepalived.pp | 280 ++++++++- .../contrail/manifests/lib/post_openstack.pp | 29 + .../contrail/manifests/lib/upgrade-kernel.pp | 50 +- .../modules/contrail/manifests/params.pp | 1 + .../manifests/profile/openstack/glance/api.pp | 3 +- .../manifests/profile/openstack_controller.pp | 18 +- .../contrail/manifests/provision_complete.pp | 19 +- .../contrail/manifests/provision_contrail.pp | 12 +- .../templates/contrail-keystone-auth.conf.erb | 16 - .../contrail/templates/rabbitmq_config.erb | 2 +- .../glance/manifests/notify/rabbitmq.pp | 6 +- .../classes/glance_notify_rabbitmq_spec.rb | 4 +- .../horizon/templates/local_settings.py.erb | 21 + .../keepalived/manifests/vrrp/script.pp | 1 + .../keepalived/templates/vrrp_instance.erb | 7 +- .../keepalived/templates/vrrp_script.erb | 3 + .../modules/mysql/manifests/params.pp | 22 +- .../modules/mysql/templates/my.cnf.erb | 5 + .../openstack/manifests/common/ceilometer.pp | 13 +- .../openstack/manifests/common/cinder.pp | 12 +- .../manifests/common/contrail/neutron.pp | 14 +- .../manifests/common/contrail/nova.pp | 39 +- .../openstack/manifests/common/glance.pp | 86 ++- .../openstack/manifests/common/keystone.pp | 32 +- .../openstack/manifests/common/neutron.pp | 12 +- .../openstack/manifests/common/nova.pp | 86 ++- .../manifests/profile/contrail/glance/api.pp | 2 +- .../profile/contrail/nova/compute.pp | 23 +- .../openstack/manifests/profile/glance/api.pp | 15 +- .../openstack/manifests/profile/horizon.pp | 12 + .../manifests/profile/neutron/server.pp | 3 +- .../openstack/manifests/profile/nova/api.pp | 3 +- .../openstack/manifests/profile/provision.pp | 16 +- .../manifests/resources/connectors.pp | 10 +- 52 files changed, 1644 insertions(+), 480 deletions(-) create mode 100644 contrail/environment/modules/contrail/files/add_etc_host.py create mode 100644 contrail/environment/modules/contrail/files/add_reserved_ports.py create mode 100644 contrail/environment/modules/contrail/files/check-mysql-status.py create mode 100644 contrail/environment/modules/contrail/files/contrail_sudoers create mode 100755 contrail/environment/modules/contrail/files/generate_haproxy.py create mode 100644 contrail/environment/modules/contrail/manifests/lib/post_openstack.pp delete mode 100644 contrail/environment/modules/contrail/templates/contrail-keystone-auth.conf.erb diff --git a/contrail/environment/modules/cinder/manifests/api.pp b/contrail/environment/modules/cinder/manifests/api.pp index 479a4dcc..2e20661b 100644 --- a/contrail/environment/modules/cinder/manifests/api.pp +++ b/contrail/environment/modules/cinder/manifests/api.pp @@ -124,15 +124,29 @@ if $enabled { Cinder_config<||> ~> Exec['cinder-manage db_sync'] + $sync_db = $::contrail::params::sync_db - exec { 'cinder-manage db_sync': - command => $::cinder::params::db_sync_command, - path => '/usr/bin', - user => 'cinder', - refreshonly => true, - logoutput => 'on_failure', - require => Package['cinder'], + if ($sync_db) + { + exec { 'cinder-manage db_sync': + command => $::cinder::params::db_sync_command, + path => '/usr/bin', + user => 'cinder', + refreshonly => true, + logoutput => 'on_failure', + require => Package['cinder'], + } + } else { + exec { 'cinder-manage db_sync': + command => "touch /tmp/cinder_db_sync.1", + path => '/usr/bin', + user => 'cinder', + refreshonly => true, + logoutput => 'on_failure', + require => Package['cinder'], + } } + if $manage_service { $ensure = 'running' } diff --git a/contrail/environment/modules/cinder/manifests/db/sync.pp b/contrail/environment/modules/cinder/manifests/db/sync.pp index 942f2521..740df2cd 100644 --- a/contrail/environment/modules/cinder/manifests/db/sync.pp +++ b/contrail/environment/modules/cinder/manifests/db/sync.pp @@ -2,13 +2,26 @@ class cinder::db::sync { include cinder::params + $sync_db = $::contrail::params::sync_db - exec { 'cinder-manage db_sync': - command => $::cinder::params::db_sync_command, - path => '/usr/bin', - user => 'cinder', - refreshonly => true, - require => [File[$::cinder::params::cinder_conf], Class['cinder']], - logoutput => 'on_failure', + + if( $sync_db) { + exec { 'cinder-manage db_sync': + command => $::cinder::params::db_sync_command, + path => '/usr/bin', + user => 'cinder', + refreshonly => true, + require => [File[$::cinder::params::cinder_conf], Class['cinder']], + logoutput => 'on_failure', + } + } else { + exec { 'cinder-manage db_sync': + command => "touch /tmp/cinder_db_sync", + path => '/usr/bin', + user => 'cinder', + refreshonly => true, + require => [File[$::cinder::params::cinder_conf], Class['cinder']], + logoutput => 'on_failure', + } } } diff --git a/contrail/environment/modules/contrail/files/add_etc_host.py b/contrail/environment/modules/contrail/files/add_etc_host.py new file mode 100644 index 00000000..4e3f499e --- /dev/null +++ b/contrail/environment/modules/contrail/files/add_etc_host.py @@ -0,0 +1,27 @@ +#!/usr/bin/python +# +# Copyright (c) 2013 Juniper Networks, Inc. All rights reserved. +# +import sys +import argparse +import ConfigParser +import commands +import itertools +import paramiko +import sys, getopt, string +import os, stat +from stat import S_ISDIR + +def main(args_str=None): + config_ip_list_str = sys.argv[1] + config_name_list_str = sys.argv[2] + + config_ip_list = config_ip_list_str.split(",") + config_name_list = config_name_list_str.split(",") + + for config_name, config_ip in zip(config_name_list, config_ip_list): + status, output = commands.getstatusoutput("echo '%s %sctl' >> /etc/hosts" %(config_ip, config_name)) + +if __name__ == "__main__": + main(sys.argv[1:]) + diff --git a/contrail/environment/modules/contrail/files/add_reserved_ports.py b/contrail/environment/modules/contrail/files/add_reserved_ports.py new file mode 100644 index 00000000..23ae0890 --- /dev/null +++ b/contrail/environment/modules/contrail/files/add_reserved_ports.py @@ -0,0 +1,35 @@ +# Copyright (c) 2013 Juniper Networks, Inc. All rights reserved. +# +import commands +import sys + + + +def main(args_str=None): + + ports_str = sys.argv[1] + + status, output = commands.getstatusoutput("cat /proc/sys/net/ipv4/ip_local_reserved_ports") + if status != 0: + sys.exit(-1) + else: + existing_ports = output + + status, output = commands.getstatusoutput("sysctl -w net.ipv4.ip_local_reserved_ports=%s,%s" % (ports_str, existing_ports)) + + if status != 0: + sys.exit(-1) + + status, output = commands.getstatusoutput("grep '^net.ipv4.ip_local_reserved_ports' /etc/sysctl.conf > /dev/null 2>&1") + + + if status != 0: + status, output = commands.getstatusoutput('echo "net.ipv4.ip_local_reserved_ports = %s" >> /etc/sysctl.conf' % ports_str) + else: + status, output = commands.getstatusoutput("sed -i 's/net.ipv4.ip_local_reserved_ports\s*=\s*/net.ipv4.ip_local_reserved_ports=%s,/' /etc/sysctl.conf" % ports_str) + + if status != 0: + sys.exit(-1) + +if __name__ == "__main__": + main(sys.argv[1:]) diff --git a/contrail/environment/modules/contrail/files/check-mysql-status.py b/contrail/environment/modules/contrail/files/check-mysql-status.py new file mode 100644 index 00000000..b9943ded --- /dev/null +++ b/contrail/environment/modules/contrail/files/check-mysql-status.py @@ -0,0 +1,23 @@ +import commands +import sys +import os.path + +def main(args_str=None): + + status,output = commands.getstatusoutput("cat /etc/contrail/mysql.token") + mysql_token = output + status,output = commands.getstatusoutput('service mysql status') + +# if status != 0: +# sys.exit(0) + +# If we are not able to connect to mysql,its probably stucik , kill it! + status,output = commands.getstatusoutput('mysql -uroot -p%s -e "show status like \'wsrep_cluster_size\'"' % mysql_token ) + print "wsrep_cluster_size: %s" % output + #if output.find("4") == -1: + if status != 0: + status,output = commands.getstatusoutput('pkill -9 mysql') + +if __name__ == "__main__": + main(sys.argv[1:]) + diff --git a/contrail/environment/modules/contrail/files/check-wsrep-status.py b/contrail/environment/modules/contrail/files/check-wsrep-status.py index 9d303890..ebd6388e 100644 --- a/contrail/environment/modules/contrail/files/check-wsrep-status.py +++ b/contrail/environment/modules/contrail/files/check-wsrep-status.py @@ -1,6 +1,6 @@ import commands import sys - +import os.path def main(args_str=None): openstack_ip_list_str = sys.argv[1] @@ -22,6 +22,16 @@ def main(args_str=None): print "wsrep_cluster_size: %s" % output #if output.find("4") == -1: if output.find(str(number_openstack_nodes)) == -1: + uuid, output = commands.getstatusoutput("cat /var/lib/mysql/grastate.dat | grep uuid | awk '{print $2;}'") + commands.getstatusoutput("service mysql restart") + + for os_ip in os_ip_list: +# if not os.path.exists("/etc/clear_mysql"): + status,output = commands.getstatusoutput('ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null %s "rm -rf /var/lib/mysql/grastate.dat"' % (os_ip)) + status,output = commands.getstatusoutput('ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null %s "service mysql restart"' % (os_ip)) + print "cleaning mysql in %s" % (output) + open("/etc/clear_mysql", 'a').close() + sys.exit(1) if __name__ == "__main__": main(sys.argv[1:]) diff --git a/contrail/environment/modules/contrail/files/contrail_sudoers b/contrail/environment/modules/contrail/files/contrail_sudoers new file mode 100644 index 00000000..e8f5431c --- /dev/null +++ b/contrail/environment/modules/contrail/files/contrail_sudoers @@ -0,0 +1,7 @@ + +Defaults:contrail !requiretty + +Cmnd_Alias CONFIGRESTART = /usr/sbin/service supervisor-config restart + +contrail ALL = (root) NOPASSWD:CONFIGRESTART + diff --git a/contrail/environment/modules/contrail/files/fix-cmon-params-and-add-ssh-keys.py b/contrail/environment/modules/contrail/files/fix-cmon-params-and-add-ssh-keys.py index d33c82da..2d489b03 100644 --- a/contrail/environment/modules/contrail/files/fix-cmon-params-and-add-ssh-keys.py +++ b/contrail/environment/modules/contrail/files/fix-cmon-params-and-add-ssh-keys.py @@ -7,15 +7,6 @@ import paramiko import os.path -def create_ssh_keys(): - if not os.path.isfile('/root/.ssh/id_rsa') and not os.path.isfile('/root/.ssh/id_rsa.pub'): - commands.getstatusoutput('ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""') - elif not os.path.isfile('/root/.ssh/id_rsa') or not os.path.isfile('/root/.ssh/id_rsa.pub'): - commands.getstatusoutput('rm -rf /root/.ssh/id_rsa*') - commands.getstatusoutput('ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""') - - - def main(args_str=None): compute_host_list_str = sys.argv[1] config_host_list_str = sys.argv[2] @@ -31,31 +22,14 @@ def main(args_str=None): computes = 'COMPUTES=("' + '" "'.join(compute_host_list) + '")' commands.getstatusoutput("echo '%s' >> %s" % (computes, cmon_param)) - commands.getstatusoutput("echo 'COMPUTES_SIZE=%s' >> %s" % (compute_sz, cmon_param)) + commands.getstatusoutput("echo 'COMPUTES_SIZE=%s' >> %s" % ("${#COMPUTES[@]}", cmon_param)) commands.getstatusoutput("echo 'COMPUTES_USER=root' >> %s" % cmon_param) commands.getstatusoutput("echo 'PERIODIC_RMQ_CHK_INTER=60' >> %s" % cmon_param) + commands.getstatusoutput("echo 'RABBITMQ_RESET=True' >> %s" % cmon_param) amqps = 'DIPHOSTS=("' + '" "'.join(amqp_host_list) + '")' commands.getstatusoutput("echo '%s' >> %s" % (amqps, cmon_param)) - commands.getstatusoutput("echo 'DIPS_HOST_SIZE=%s' >> %s" % (amqp_sz, cmon_param)) - + commands.getstatusoutput("echo 'DIPS_HOST_SIZE=%s' >> %s" % ("${#DIPHOSTS[@]}", cmon_param)) - #Copy the ssh keys of openstack to every compute - create_ssh_keys() - status,output = commands.getstatusoutput("cat /root/.ssh/id_rsa.pub") - publick_key = output - port = 22 - username = "root" - password = "c0ntrail123" - for compute_host in compute_host_list: - s = paramiko.SSHClient() - s.load_system_host_keys() - s.set_missing_host_key_policy(paramiko.AutoAddPolicy()) - s.connect(compute_host, port, username, password) - command = "mkdir -p /root/ssh/" - s.exec_command(command) - command = "echo %s > /root/.ssh/authorized_keys" % output - s.exec_command(command) - s.close() if __name__ == "__main__": main(sys.argv[1:]) diff --git a/contrail/environment/modules/contrail/files/fix-mem-cache.py b/contrail/environment/modules/contrail/files/fix-mem-cache.py index a2d1c5e7..c0a3c0b5 100755 --- a/contrail/environment/modules/contrail/files/fix-mem-cache.py +++ b/contrail/environment/modules/contrail/files/fix-mem-cache.py @@ -43,6 +43,10 @@ def main(args_str=None): commands.getstatusoutput('echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf') if commands.getstatusoutput("grep '^net.ipv4.tcp_fin_timeout' /etc/sysctl.conf")[0] != 0: commands.getstatusoutput('echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf') + if commands.getstatusoutput("grep '^net.unix.max_dgram_qlen' /etc/sysctl.conf")[0] != 0: + commands.getstatusoutput('echo "net.unix.max_dgram_qlen = 1000" >> /etc/sysctl.conf') + + commands.getstatusoutput('sysctl -p') if __name__ == "__main__": main(sys.argv[1:]) diff --git a/contrail/environment/modules/contrail/files/generate_haproxy.py b/contrail/environment/modules/contrail/files/generate_haproxy.py new file mode 100755 index 00000000..c0df1864 --- /dev/null +++ b/contrail/environment/modules/contrail/files/generate_haproxy.py @@ -0,0 +1,539 @@ +#!/usr/bin/python +# +# Copyright (c) 2013 Juniper Networks, Inc. All rights reserved. +# +import string +import sys + +haproxy_template = string.Template(""" + +global + spread-checks 4 + tune.maxrewrite 1024 + tune.bufsize 16384 + log /dev/log local0 + log /dev/log local1 notice + chroot /var/lib/haproxy + stats socket /run/haproxy/admin.sock mode 660 level admin + stats timeout 30s + user haproxy + group haproxy + daemon + + # Default SSL material locations + ca-base /etc/ssl/certs + crt-base /etc/ssl/private + + # Default ciphers to use on SSL-enabled listening sockets. + # For more information, see ciphers(1SSL). + ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL + +defaults + log global + mode http + option tcplog + option dontlognull + timeout connect 5000 + timeout client 50000 + timeout server 50000 + errorfile 400 /etc/haproxy/errors/400.http + errorfile 403 /etc/haproxy/errors/403.http + errorfile 408 /etc/haproxy/errors/408.http + errorfile 500 /etc/haproxy/errors/500.http + errorfile 502 /etc/haproxy/errors/502.http + errorfile 503 /etc/haproxy/errors/503.http + errorfile 504 /etc/haproxy/errors/504.http +#contrail-collector-marker-start +$__collector_ha_proxy +#contrail-collector-marker-end + +#contrail-openstack-marker-start +$__openstack_ha_proxy +#contrail-openstack-marker-end + +#contrail-config-marker-start +$__config_ha_proxy +#contrail-config-marker-end + + +""") + +collector_ha_template = string.Template("""#contrail-collector-marker-start +listen contrail-collector-stats :5938 + mode http + stats enable + stats uri / + stats auth $__contrail_hap_user__:$__contrail_hap_passwd__ + +frontend contrail-analytics-api *:8081 + default_backend contrail-analytics-api + +backend contrail-analytics-api + option nolinger + balance roundrobin + option tcp-check + tcp-check connect port 6379 + default-server error-limit 1 on-error mark-down +$__contrail_analytics_api_backend_servers__ + +#contrail-collector-marker-end +""") + +openstack_ha_template = string.Template("""#contrail-openstack-marker-start +listen contrail-openstack-stats :5936 + mode http + stats enable + stats uri / + stats auth $__contrail_hap_user__:$__contrail_hap_passwd__ + +frontend openstack-keystone *:5000 + default_backend keystone-backend + +backend keystone-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin + + option tcp-check + tcp-check connect port 3306 + default-server error-limit 1 on-error mark-down + + option tcp-check + option httpchk + tcp-check connect port 3337 + tcp-check send Host:localhost + http-check expect ! rstatus ^5 + default-server error-limit 1 on-error mark-down + + option tcp-check + tcp-check connect port 6000 + default-server error-limit 1 on-error mark-down + +$__keystone_backend_servers__ + +frontend openstack-keystone-admin *:35357 + default_backend keystone-admin-backend + +backend keystone-admin-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin + + option tcp-check + tcp-check connect port 3306 + default-server error-limit 1 on-error mark-down + + option tcp-check + option httpchk + tcp-check connect port 3337 + tcp-check send Host:localhost + http-check expect ! rstatus ^5 + default-server error-limit 1 on-error mark-down + + option tcp-check + tcp-check connect port 35358 + default-server error-limit 1 on-error mark-down + +$__keystone_admin_backend_servers__ + +frontend openstack-glance *:9292 + default_backend glance-backend + +backend glance-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin + + option tcp-check + tcp-check connect port 3306 + default-server error-limit 1 on-error mark-down + + option tcp-check + option httpchk + tcp-check connect port 3337 + tcp-check send Host:localhost + http-check expect ! rstatus ^5 + default-server error-limit 1 on-error mark-down + + option tcp-check + tcp-check connect port 9393 + default-server error-limit 1 on-error mark-down +$__glance_backend_servers__ + +frontend openstack-cinder *:8776 + default_backend cinder-backend + +backend cinder-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin +$__cinder_backend_servers__ + +frontend ceph-rest-api-server *:5005 + default_backend ceph-rest-api-server-backend + +backend ceph-rest-api-server-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin +$__ceph_restapi_backend_servers__ + + +frontend openstack-nova-api *:8774 + default_backend nova-api-backend + +backend nova-api-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin + + option tcp-check + tcp-check connect port 3306 + default-server error-limit 1 on-error mark-down + + option tcp-check + option httpchk + tcp-check connect port 3337 + tcp-check send Host:localhost + http-check expect ! rstatus ^5 + default-server error-limit 1 on-error mark-down + + option tcp-check + tcp-check connect port 9774 + default-server error-limit 1 on-error mark-down + +$__nova_api_backend_servers__ + +frontend openstack-nova-meta *:8775 + default_backend nova-meta-backend + +backend nova-meta-backend + option tcpka + option nolinger + timeout server 24h + balance roundrobin + + option tcp-check + tcp-check connect port 3306 + default-server error-limit 1 on-error mark-down + + option tcp-check + option httpchk + tcp-check connect port 3337 + tcp-check send Host:localhost + http-check expect ! rstatus ^5 + default-server error-limit 1 on-error mark-down + + option tcp-check + tcp-check connect port 9775 + default-server error-limit 1 on-error mark-down + +$__nova_meta_backend_servers__ + +#frontend openstack-nova-vnc *:6080 +# default_backend nova-vnc-backend + +#backend nova-vnc-backend +# option tcpka +# option nolinger +# timeout server 5h +# balance roundrobin +# $__nova_vnc_backend_servers__ + +listen memcached 0.0.0.0:11222 + mode tcp + balance roundrobin + option tcplog + maxconn 10000 + balance roundrobin + option tcpka + option nolinger + timeout connect 5s + timeout client 48h + timeout server 48h +$__memcached_servers__ + +listen rabbitmq 0.0.0.0:5673 + mode tcp + maxconn 10000 + balance leastconn + option tcpka + option nolinger + option forceclose + timeout client 48h + timeout server 48h + timeout client-fin 60s + timeout server-fin 60s +$__rabbitmq_servers__ + +listen mysql 0.0.0.0:33306 + mode tcp + balance leastconn + option tcpka + option nolinger + option forceclose + maxconn 10000 + timeout connect 30s + timeout client 24h + timeout server 24h + timeout client-fin 60s + timeout server-fin 60s +$__mysql_servers__ + +#contrail-openstack-marker-end +""") + +config_ha_template = string.Template(""" +#contrail-config-marker-start +listen contrail-config-stats :5937 + mode http + stats enable + stats uri / + stats auth $__contrail_hap_user__:$__contrail_hap_passwd__ + +frontend quantum-server *:9696 + default_backend quantum-server-backend + +frontend contrail-api *:8082 + default_backend contrail-api-backend + +frontend contrail-discovery *:5998 + default_backend contrail-discovery-backend + +backend quantum-server-backend + option nolinger + balance roundrobin +$__contrail_quantum_servers__ + #server 10.84.14.2 10.84.14.2:9697 check + +backend contrail-api-backend + option nolinger + balance roundrobin +$__contrail_api_backend_servers__ + #server 10.84.14.2 10.84.14.2:9100 check + #server 10.84.14.2 10.84.14.2:9101 check + +backend contrail-discovery-backend + option nolinger + balance roundrobin +$__contrail_disc_backend_servers__ + #server 10.84.14.2 10.84.14.2:9110 check + #server 10.84.14.2 10.84.14.2:9111 check + +$__rabbitmq_config__ +#contrail-config-marker-end +""") + + + +def main(args_str=None): + config_stanza = "" + collector_stanza = "" + openstack_stanza = "" + + host_ip = sys.argv[1] + internal_vip = sys.argv[2] + contrail_internal_vip = sys.argv[3] + + config_host_list_str = sys.argv[4] + config_ip_list_str = sys.argv[5] + + openstack_host_list_str = sys.argv[6] + openstack_ip_list_str = sys.argv[7] + + collector_host_list_str = sys.argv[8] + collector_ip_list_str = sys.argv[9] + + config_host_list = config_host_list_str.split(",") + config_ip_list = config_ip_list_str.split(",") + + openstack_host_list = openstack_host_list_str.split(",") + openstack_ip_list = openstack_ip_list_str.split(",") + + collector_host_list = collector_host_list_str.split(",") + collector_ip_list = collector_ip_list_str.split(",") + + + if host_ip in config_ip_list: + config_stanza = generate_config_ha_config(config_ip_list, openstack_ip_list, host_ip) + + if host_ip in config_ip_list and (internal_vip != "none" or contrail_internal_vip != "none"): + collector_stanza = generate_collector_ha_config(collector_ip_list, host_ip) + + if (internal_vip != "none" or contrail_internal_vip != "none") and (host_ip in openstack_ip_list): + openstack_stanza = generate_openstack_ha_config(openstack_ip_list, host_ip) + + haproxy_config = haproxy_template.safe_substitute({ + '__collector_ha_proxy' : collector_stanza, + '__config_ha_proxy' : config_stanza, + '__openstack_ha_proxy' : openstack_stanza, + }) + + cfg_file = open('/etc/haproxy/haproxy.cfg', 'w+') + cfg_file.write(haproxy_config) + cfg_file.close() + + +def generate_collector_ha_config(collector_ip_list, mgmt_host_ip): + contrail_analytics_api_server_lines = '' + space = ' ' * 3 + + for server_index, host_ip in enumerate(collector_ip_list): +# server_index = env.roledefs['collector'].index(host_string) + 1 +# mgmt_host_ip = hstr_to_ip(host_string) +# host_ip = hstr_to_ip(get_control_host_string(host_string)) + contrail_analytics_api_server_lines +=\ + '%s server %s %s:9081 check inter 2000 rise 2 fall 3\n'\ + % (space, host_ip, host_ip) + +# for host_string in env.roledefs['collector']: + haproxy_config = collector_ha_template.safe_substitute({ + '__contrail_analytics_api_backend_servers__' : contrail_analytics_api_server_lines, + '__contrail_hap_user__': 'haproxy', + '__contrail_hap_passwd__': 'contrail123', + }) + return haproxy_config + +def generate_config_ha_config(config_ip_list, openstack_ip_list, mgmt_ip): + q_listen_port = 9697 + q_server_lines = '' + api_listen_port = 9100 + api_server_lines = '' + disc_listen_port = 9110 + disc_server_lines = '' + nworkers = 1 + rabbitmq_config = """ +listen rabbitmq 0.0.0.0:5673 + mode tcp + maxconn 10000 + balance roundrobin + option tcpka + option redispatch + timeout client 48h + timeout server 48h\n""" + space = ' ' * 3 + for server_index, host_ip in enumerate(config_ip_list): +# server_index = env.roledefs['cfgm'].index(host_string) + 1 +# host_ip = hstr_to_ip(get_control_host_string(host_string)) + q_server_lines = q_server_lines + \ + ' server %s %s:%s check inter 2000 rise 2 fall 3\n' \ + %(host_ip, host_ip, str(q_listen_port)) + for i in range(nworkers): + api_server_lines = api_server_lines + \ + ' server %s %s:%s check inter 2000 rise 2 fall 3\n' \ + %(host_ip, host_ip, str(api_listen_port + i)) + disc_server_lines = disc_server_lines + \ + ' server %s %s:%s check inter 2000 rise 2 fall 3\n' \ + %(host_ip, host_ip, str(disc_listen_port + i)) + rabbitmq_config +=\ + '%s server rabbit%s %s:5672 check inter 2000 rise 2 fall 3 weight 1 maxconn 500\n'\ + % (space, server_index, host_ip) + + if mgmt_ip in openstack_ip_list: + # Openstack and cfgm are same nodes. + # Dont add rabbitmq confing twice in haproxy, as setup_ha has added already. + rabbitmq_config = '' + + haproxy_config = config_ha_template.safe_substitute({ + '__contrail_quantum_servers__': q_server_lines, + '__contrail_api_backend_servers__': api_server_lines, + '__contrail_disc_backend_servers__': disc_server_lines, + '__contrail_hap_user__': 'haproxy', + '__contrail_hap_passwd__': 'contrail123', + '__rabbitmq_config__': rabbitmq_config, + }) + + return haproxy_config + +def generate_openstack_ha_config(openstack_ip_list, mgmt_host_ip): + + keystone_server_lines = '' + keystone_admin_server_lines = '' + glance_server_lines = '' + cinder_server_lines = '' + ceph_restapi_server_lines = '' + nova_api_server_lines = '' + nova_meta_server_lines = '' + nova_vnc_server_lines = '' + memcached_server_lines = '' + rabbitmq_server_lines = '' + mysql_server_lines = '' + space = ' ' * 3 + + for server_index, host_ip in enumerate(openstack_ip_list): +# server_index = env.roledefs['openstack'].index(host_string) + 1 +# mgmt_host_ip = hstr_to_ip(host_string) +# host_ip = hstr_to_ip(get_control_host_string(host_string)) + keystone_server_lines +=\ + '%s server %s %s:6000 check inter 2000 rise 2 fall 1\n'\ + % (space, host_ip, host_ip) + keystone_admin_server_lines +=\ + '%s server %s %s:35358 check inter 2000 rise 2 fall 1\n'\ + % (space, host_ip, host_ip) + glance_server_lines +=\ + '%s server %s %s:9393 check inter 2000 rise 2 fall 1\n'\ + % (space, host_ip, host_ip) + cinder_server_lines +=\ + '%s server %s %s:9776 check inter 2000 rise 2 fall 3\n'\ + % (space, host_ip, host_ip) + ceph_restapi_server_lines +=\ + '%s server %s %s:5006 check inter 2000 rise 2 fall 3\n'\ + % (space, host_ip, host_ip) + nova_api_server_lines +=\ + '%s server %s %s:9774 check inter 2000 rise 2 fall 1\n'\ + % (space, host_ip, host_ip) + nova_meta_server_lines +=\ + '%s server %s %s:9775 check inter 2000 rise 2 fall 1\n'\ + % (space, host_ip, host_ip) + nova_vnc_server_lines +=\ + '%s server %s %s:6999 check inter 2000 rise 2 fall 3\n'\ + % (space, mgmt_host_ip, mgmt_host_ip) + if server_index <= 2: + memcached_server_lines +=\ + '%s server repcache%s %s:11211 check inter 2000 rise 2 fall 3\n'\ + % (space, server_index, host_ip) + if server_index == 1: + rabbitmq_server_lines +=\ + '%s server rabbit%s %s:5672 weight 200 check inter 2000 rise 2 fall 3\n'\ + % (space, server_index, host_ip) + else: + rabbitmq_server_lines +=\ + '%s server rabbit%s %s:5672 weight 100 check inter 2000 rise 2 fall 3 backup\n'\ + % (space, server_index, host_ip) + if server_index == 1: + mysql_server_lines +=\ + '%s server mysql%s %s:3306 weight 200 check inter 2000 rise 2 fall 3\n'\ + % (space, server_index, host_ip) + else: + mysql_server_lines +=\ + '%s server mysql%s %s:3306 weight 100 check inter 2000 rise 2 fall 3 backup\n'\ + % (space, server_index, host_ip) + + + haproxy_config = openstack_ha_template.safe_substitute({ + '__keystone_backend_servers__' : keystone_server_lines, + '__keystone_admin_backend_servers__' : keystone_admin_server_lines, + '__glance_backend_servers__' : glance_server_lines, + '__cinder_backend_servers__' : cinder_server_lines, + '__ceph_restapi_backend_servers__' : ceph_restapi_server_lines, + '__nova_api_backend_servers__' : nova_api_server_lines, + '__nova_meta_backend_servers__' : nova_meta_server_lines, +# '__nova_vnc_backend_servers__' : nova_vnc_server_lines, + '__memcached_servers__' : memcached_server_lines, + '__rabbitmq_servers__' : rabbitmq_server_lines, + '__mysql_servers__' : mysql_server_lines, + '__contrail_hap_user__': 'haproxy', + '__contrail_hap_passwd__': 'contrail123', + }) + + return haproxy_config + +if __name__ == "__main__": + main(sys.argv[1:]) + diff --git a/contrail/environment/modules/contrail/files/set_rabbit_tcp_params.py b/contrail/environment/modules/contrail/files/set_rabbit_tcp_params.py index cc919139..e9e813a5 100644 --- a/contrail/environment/modules/contrail/files/set_rabbit_tcp_params.py +++ b/contrail/environment/modules/contrail/files/set_rabbit_tcp_params.py @@ -20,7 +20,10 @@ def main(args_str=None): commands.getstatusoutput("sed -i 's/net.ipv4.tcp_keepalive_intvl\s\s*/net.ipv4.tcp_keepalive_intvl = 1/' /etc/sysctl.conf") + status, output = commands.getstatusoutput("sysctl -p") + if status != 0: + sys.exit(-1) if __name__ == "__main__": main(sys.argv[1:]) diff --git a/contrail/environment/modules/contrail/files/setup-cmon-schema.py b/contrail/environment/modules/contrail/files/setup-cmon-schema.py index 2e211ab3..bd2fe340 100644 --- a/contrail/environment/modules/contrail/files/setup-cmon-schema.py +++ b/contrail/environment/modules/contrail/files/setup-cmon-schema.py @@ -12,6 +12,8 @@ def main(argv): os_master = sys.argv[1] self_ip = sys.argv[2] internal_vip = sys.argv[3] + openstack_ip_list_str = sys.argv[4] + openstack_ip_list = openstack_ip_list_str.split(",") mysql_svc = 'mysql' @@ -46,7 +48,9 @@ def main(argv): status,output = commands.getstatusoutput('%s "GRANT ALL PRIVILEGES on *.* TO cmon@%s IDENTIFIED BY \'cmon\' WITH GRANT OPTION"' % (mysql_cmd, internal_vip)) - + for openstack_ip in openstack_ip_list: + status,output = commands.getstatusoutput('%s "GRANT ALL PRIVILEGES on *.* TO cmon@%s IDENTIFIED BY \'cmon\' WITH GRANT OPTION"' % + (mysql_cmd, openstack_ip)) mysql_cmon_user_cmd = 'mysql -u root -p%s -e "CREATE USER \'cmon\'@\'%s\' IDENTIFIED BY \'cmon\'"' % ( mysql_token, self_ip) diff --git a/contrail/environment/modules/contrail/files/setup_passwordless_ssh.py b/contrail/environment/modules/contrail/files/setup_passwordless_ssh.py index 58f66197..cde58c20 100644 --- a/contrail/environment/modules/contrail/files/setup_passwordless_ssh.py +++ b/contrail/environment/modules/contrail/files/setup_passwordless_ssh.py @@ -43,6 +43,13 @@ def main(args_str=None): s.close() i = i + 1 + for host in host_list: + cmd = "ssh -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null %s true" % (host) + res, output = commands.getstatusoutput(cmd) + if res !=0 : + sys.exit(-1) + + if __name__ == "__main__": main(sys.argv[1:]) diff --git a/contrail/environment/modules/contrail/manifests/common.pp b/contrail/environment/modules/contrail/manifests/common.pp index 44a41ee9..6ef0ec95 100644 --- a/contrail/environment/modules/contrail/manifests/common.pp +++ b/contrail/environment/modules/contrail/manifests/common.pp @@ -53,11 +53,25 @@ #contrail_repo_type => $contrail_repo_type } -> + contrail::lib::upgrade-kernel{ kernel_upgrade: + contrail_kernel_upgrade => $kernel_upgrade, + contrail_kernel_version => $kernel_version + } -> # Ensure /etc/hosts has an entry for self to map dns name to ip address host { "$hostname" : ensure => present, ip => "$host_mgmt_ip" } + -> + exec { "setmysql" : + #command => "python /etc/contrail/contrail_setup_utils/enable_kernel_core.py && echo enable-kernel-core >> /etc/contrail/contrail_common_exec.out", + command => "mkdir -p /var/log/mysql && echo setmysql >> /etc/contrail/contrail_common_exec.out", + unless => "grep -qx setmysql /etc/contrail/contrail_common_exec.out", + provider => shell, + logoutput => "true" + } + -> + package { 'libssl0.9.8' : ensure => present,} # Disable SELINUX on boot, if not already disabled. if ($operatingsystem == "Centos" or $operatingsystem == "Fedora") { @@ -121,6 +135,25 @@ } } +##HACk for mysql on openstack-ha + if ($::contrail::params::internal_vip != "") { + file { "/opt/check-mysql-status.py" : + ensure => present, + mode => 0755, + group => root, + source => "puppet:///modules/$module_name/check-mysql-status.py" + } + -> + exec { "exec_check_mysql" : + command => "python /opt/check-mysql-status.py", + cwd => "/opt/", +# unless => "grep -qx exec_check_mysql /etc/contrail/contrail_common_exec.out", + provider => shell, + require => [ File["/opt/check-mysql-status.py"] ], + logoutput => 'true', + } +} + # Core pattern exec { 'core_pattern_1': command => 'echo \'kernel.core_pattern = /var/crashes/core.%e.%p.%h.%t\' >> /etc/sysctl.conf', @@ -167,4 +200,29 @@ provider => shell, logoutput => "true" } -} + file { "/tmp/facts.yaml": + content => inline_template("<%= scope.to_hash.reject { |k,v| !( k.is_a?(String) && v.is_a?(String) ) }.to_yaml %>"), + } +# if ( ($internal_vip != "" and $internal_vip != undef) or +# ($contrail_internal_vip != "" and $contrail_internal_vip != undef) or +# ($external_vip != "" and $external_vip != undef) or +# ($contrail_external_vip != "" and $contrail_external_vip != undef)) + #set the reserved ports +# { + + file { "/opt/contrail/bin/add_reserved_ports.py" : + ensure => present, + mode => 0755, + group => root, + source => "puppet:///modules/$module_name/add_reserved_ports.py" + } + -> + exec { "add_reserved_ports" : + command => "python add_reserved_ports.py 35357,35358,33306 && echo add_reserved_ports >> /etc/contrail/contrail_common_exec.out", + cwd => "/opt/contrail/bin/", + unless => "grep -qx add_reserved_ports /etc/contrail/contrail_common_exec.out", + provider => shell, + logoutput => 'true' + } + } +#} diff --git a/contrail/environment/modules/contrail/manifests/compute.pp b/contrail/environment/modules/contrail/manifests/compute.pp index 3232700a..25764597 100644 --- a/contrail/environment/modules/contrail/manifests/compute.pp +++ b/contrail/environment/modules/contrail/manifests/compute.pp @@ -276,7 +276,7 @@ $contrail_netmask = inline_template("<%= scope.lookupvar('netmask_' + @contrail_dev) %>") $contrail_cidr = convert_netmask_to_cidr($contrail_netmask) } - if ($multinet == "true") { + if ($multinet == true) { $contrail_gway = $host_non_mgmt_gateway } else { @@ -583,8 +583,19 @@ provider => shell, logoutput => "true" - } - + } -> + contrail::lib::report_status { "compute_completed": state => "compute_completed" } -> + file { "/etc/contrail/interface_renamed" : + ensure => present, + mode => 0644, + content => "2" + } -> + exec { "flag-reboot-server" : + command => "echo flag-reboot-server >> /etc/contrail/contrail_compute_exec.out", + unless => ["grep -qx flag-reboot-server /etc/contrail/contrail_compute_exec.out"], + provider => "shell", + logoutput => 'true' + } # Now reboot the system if ($operatingsystem == "Centos" or $operatingsystem == "Fedora") { exec { "cp-ifcfg-file" : @@ -592,22 +603,9 @@ before => Exec["reboot-server"], unless => "grep -qx cp-ifcfg-file /etc/contrail/contrail_compute_exec.out", provider => "shell", - require => Exec["fix-keystone-admin-password"], + require => Exec["flag-reboot-server"], logoutput => 'true' } } - contrail::lib::report_status { "compute_completed": state => "compute_completed" }-> - file { "/etc/contrail/interface_renamed" : - ensure => present, - mode => 0644, - content => "2" - } -> - exec { "reboot-server" : - command => "echo reboot-server-2 >> /etc/contrail/contrail_compute_exec.out && reboot", - unless => ["grep -qx reboot-server-2 /etc/contrail/contrail_compute_exec.out"], - require => Exec["fix-keystone-admin-password"], - provider => "shell", - logoutput => 'true' - } } } diff --git a/contrail/environment/modules/contrail/manifests/config.pp b/contrail/environment/modules/contrail/manifests/config.pp index 92249831..14cb9eda 100644 --- a/contrail/environment/modules/contrail/manifests/config.pp +++ b/contrail/environment/modules/contrail/manifests/config.pp @@ -294,6 +294,12 @@ } else { $master = "no" } + + + $cfgm_ip_list_shell = inline_template('<%= @config_ip_list.map{ |ip| "#{ip}" }.join(",") %>') + $cfgm_name_list_shell = inline_template('<%= @config_name_list.map{ |ip| "#{ip}" }.join(",") %>') + $rabbit_env = "NODE_IP_ADDRESS=${host_control_ip}\nNODENAME=rabbit@${hostname}ctl\n" + case $::operatingsystem { Ubuntu: { file {"/etc/init/supervisor-config.override": ensure => absent, require => Package['contrail-openstack-config']} @@ -380,6 +386,7 @@ content => template("$module_name/ctrl-details.erb"), } } + # Ensure service.token file is present with right content. if ! defined(File["/etc/contrail/service.token"]) { file { "/etc/contrail/service.token" : @@ -395,7 +402,14 @@ logoutput => true } -> - + #form the sudoers + file { "/etc/sudoers.d/contrail_sudoers" : + ensure => present, + mode => 0440, + group => root, + source => "puppet:///modules/$module_name/contrail_sudoers" + } + -> # Ensure log4j.properties file is present with right content. file { "/etc/ifmap-server/log4j.properties" : ensure => present, @@ -535,6 +549,31 @@ content => template("$module_name/$rabbitmq_conf_template"), } -> + file { "/etc/rabbitmq/rabbitmq-env.conf" : + ensure => present, + mode => 0755, +# user => root, + group => root, + content => "$rabbit_env", +# source => "puppet:///modules/$module_name/add_etc_host.py" + } + -> + file { "/etc/contrail/add_etc_host.py" : + ensure => present, + mode => 0755, +# user => root, + group => root, + source => "puppet:///modules/$module_name/add_etc_host.py" + } + -> + exec { "add-etc-hosts" : + command => "python /etc/contrail/add_etc_host.py $cfgm_ip_list_shell $cfgm_name_list_shell & echo add-etc-hosts >> /etc/contrail/contrail_config_exec.out", + require => File["/etc/contrail/add_etc_host.py"], + unless => "grep -qx add-etc-hosts /etc/contrail/contrail_config_exec.out", + provider => shell, + logoutput => true + } + -> file { "/etc/contrail/form_rmq_cluster.sh" : ensure => present, mode => 0755, diff --git a/contrail/environment/modules/contrail/manifests/ha_config.pp b/contrail/environment/modules/contrail/manifests/ha_config.pp index fb12442c..aa7de9f4 100644 --- a/contrail/environment/modules/contrail/manifests/ha_config.pp +++ b/contrail/environment/modules/contrail/manifests/ha_config.pp @@ -50,10 +50,12 @@ $config_passwd_list = $::contrail::params::config_passwd_list, $compute_passwd_list = $::contrail::params::compute_passwd_list, $openstack_user_list = $::contrail::params::openstack_user_list, - $keystone_ip = $::contrail::params::keystone_ip + $keystone_ip = $::contrail::params::keystone_ip, + $nfs_server = $::contrail::params::nfs_server, + $nfs_glance_path = $::contrail::params::nfs_glance_path, ) inherits ::contrail::params { # Main code for class - if($internal_vip != '') { + if($internal_vip != '' and $host_control_ip in $openstack_ip_list) { if ($operatingsystem == "Ubuntu") { $wsrep_conf='/etc/mysql/conf.d/wsrep.cnf' } else { @@ -67,7 +69,7 @@ $keystone_ip_to_use = $internal_vip } - $tmp_index = inline_template('<%= @openstack_mgmt_ip_list.index(@host_control_ip) %>') + $tmp_index = inline_template('<%= @openstack_ip_list.index(@host_control_ip) %>') if ($tmp_index != nil) { $openstack_index = $tmp_index + 1 } @@ -75,9 +77,23 @@ $os_username = $openstack_user_list[0] $os_passwd = $openstack_passwd_list[0] - $glance_path ="/var/lib/glance/images" + if ($nfs_server != "" and nfs_server != undef) { - $nfs_server = $openstack_ip_list[0] + $contrail_nfs_server = $nfs_server + + } else { + $contrail_nfs_server = $openstack_ip_list[0] + } + + if ($nfs_glance_path != "" and nfs_glance_path != undef) { + + $contrail_nfs_glance_path = $nfs_glance_path + + } else { + $contrail_nfs_glance_path = "/var/lib/glance/images" + } + + $openstack_mgmt_ip_list_shell = inline_template('<%= @openstack_mgmt_ip_list.map{ |ip| "#{ip}" }.join(",") %>') $openstack_ip_list_shell = inline_template('<%= @openstack_ip_list.map{ |name2| "#{name2}" }.join(" ") %>') @@ -93,7 +109,7 @@ $contrail_exec_vnc_galera = "MYSQL_ROOT_PW=$mysql_root_password ADMIN_TOKEN=$keystone_admin_token setup-vnc-galera --self_ip $host_control_ip --keystone_ip $keystone_ip_to_use --galera_ip_list $openstack_ip_list_shell --internal_vip $internal_vip --openstack_index $openstack_index && echo exec_vnc_galera >> /etc/contrail/contrail_openstack_exec.out" $contrail_exec_check_wsrep = "python check-wsrep-status.py $openstack_mgmt_ip_list_shell && echo check-wsrep >> /etc/contrail/contrail_openstack_exec.out" - $contrail_exec_setup_cmon_schema = "python setup-cmon-schema.py $os_master $host_control_ip $internal_vip && echo exec_setup_cmon_schema >> /etc/contrail/contrail_openstack_exec.out" + $contrail_exec_setup_cmon_schema = "python setup-cmon-schema.py $os_master $host_control_ip $internal_vip $openstack_mgmt_ip_list_shell && echo exec_setup_cmon_schema >> /etc/contrail/contrail_openstack_exec.out" $contrail_exec_password_less_ssh = "python /opt/contrail/bin/setup_passwordless_ssh.py $openstack_mgmt_ip_list_shell $openstack_user_list_shell $openstack_passwd_list_shell && echo exec-setup-password-less-ssh >> /etc/contrail/contrail_openstack_exec.out" #########Chhandak-HA @@ -162,6 +178,23 @@ require => [ File["/opt/contrail/bin/check_galera.py"] ], logoutput => 'true', } + -> + file { "/opt/contrail/bin/check-wsrep-status.py" : + ensure => present, + mode => 0755, + group => root, + source => "puppet:///modules/$module_name/check-wsrep-status.py" + } + -> + exec { "exec_check_wsrep" : + command => $contrail_exec_check_wsrep, + cwd => "/opt/contrail/bin/", + unless => "grep -qx exec_check_wsrep /etc/contrail/contrail_openstack_exec.out", + provider => shell, + require => [ File["/opt/contrail/bin/check-wsrep-status.py"] ], + logoutput => 'true', + } + -> exec { "fix_wsrep_cluster_address" : command => "sudo sed -ibak 's#wsrep_cluster_address=.*#wsrep_cluster_address=gcomm://$openstack_ip_list_wsrep#g' $wsrep_conf && service mysql restart && echo exec_fix_wsrep_cluster_address >> /etc/contrail/contrail_openstack_exec.out", @@ -172,13 +205,17 @@ provider => shell, logoutput => 'true', } - -> + + + } + #This will be skipped if there is an external nfs server + if ($contrail_nfs_server == $host_control_ip) { package { 'nfs-kernel-server': ensure => present, } -> exec { "create-nfs" : - command => "echo \"/var/lib/glance/images *(rw,sync,no_subtree_check)\" >> /etc/exports && sudo /etc/init.d/nfs-kernel-server restart && echo create-nfs >> /etc/contrail/contrail_compute_exec.out ", + command => "echo \"/var/lib/glance/images *(rw,sync,no_subtree_check)\" >> /etc/exports && sudo /etc/init.d/nfs-kernel-server restart && chown root:root /var/lib/glance/images && chmod 777 /var/lib/glance/images && echo create-nfs >> /etc/contrail/contrail_compute_exec.out ", require => [ ], unless => "grep -qx create-nfs /etc/contrail/contrail_compute_exec.out", provider => shell, @@ -186,6 +223,7 @@ } } + # setup_cmon file { "/opt/contrail/bin/setup-cmon-schema.py" : ensure => present, @@ -202,6 +240,7 @@ require => [ File["/opt/contrail/bin/setup-cmon-schema.py"] ], logoutput => 'true', } +/* -> exec { "setup-cluster-monitor" : command => "service contrail-hamon restart && chkconfig contrail-hamon on && echo setup-cluster-monitor >> /etc/contrail/contrail_openstack_exec.out ", @@ -211,6 +250,7 @@ tries => 3, try_sleep => 15, } +*/ -> exec { "fix_xinetd_conf" : command => "sed -i -e 's#only_from = 0.0.0.0/0#only_from = $host_control_ip 127.0.0.1#' /etc/xinetd.d/contrail-mysqlprobe && service xinetd restart && chkconfig xinetd on && echo fix_xinetd_conf >> /etc/contrail/contrail_openstack_exec.out", @@ -248,7 +288,7 @@ cwd => "/opt/contrail/bin/", unless => "grep -qx fix-cmon-params-and-add-ssh-keys /etc/contrail/contrail_openstack_exec.out", provider => shell, - require => [ File["/opt/contrail/bin/fix-cmon-params-and-add-ssh-keys.py"] ], + require => [ File["/opt/contrail/bin/fix-cmon-params-and-add-ssh-keys.py"], Exec["exec_vnc_galera"] ], logoutput => 'true', } -> @@ -267,21 +307,22 @@ unless => "grep -qx exec-transfer-keys /etc/contrail/contrail_openstack_exec.out", require => File["/opt/contrail/bin/transfer_keys.py"] } - if ($openstack_index != "1" ) { + #This wil be executed for all openstacks ,if there is an external nfs server + if ($contrail_nfs_server != $host_control_ip ) { package { 'nfs-common': ensure => present, } -> exec { "mount-nfs" : - command => "sudo mount $nfs_server:$glance_path /var/lib/glance/images && echo create-nfs >> /etc/contrail/contrail_openstack_exec.out", + command => "sudo mount $contrail_nfs_server:$contrail_nfs_glance_path /var/lib/glance/images && echo mount-nfs >> /etc/contrail/contrail_openstack_exec.out", require => [ ], - unless => "grep -qx create-nfs /etc/contrail/contrail_openstack_exec.out", + unless => "grep -qx mount-nfs /etc/contrail/contrail_openstack_exec.out", provider => shell, logoutput => "true" } exec { "add-fstab" : - command => "echo \"$nfs_server:$glance_path /var/lib/glance/images nfs nfsvers=3,hard,intr,auto 0 0\" >> /etc/fstab && echo add-fstab >> /etc/contrail/contrail_openstack_exec.out ", - unless => "grep -qx create-nfs /etc/contrail/contrail_oprenstack_exec.out", + command => "echo \"$contrail_nfs_server:$contrail_nfs_glance_path /var/lib/glance/images nfs nfsvers=3,hard,intr,auto 0 0\" >> /etc/fstab && echo add-fstab >> /etc/contrail/contrail_openstack_exec.out ", + unless => "grep -qx add-fstab /etc/contrail/contrail_openstack_exec.out", provider => shell, logoutput => "true" } diff --git a/contrail/environment/modules/contrail/manifests/haproxy.pp b/contrail/environment/modules/contrail/manifests/haproxy.pp index 3eebee49..bf161230 100644 --- a/contrail/environment/modules/contrail/manifests/haproxy.pp +++ b/contrail/environment/modules/contrail/manifests/haproxy.pp @@ -21,9 +21,10 @@ $contrail_internal_vip = $::contrail::params::contrail_internal_vip, $internal_vip = $::contrail::params::internal_vip, $host_ip = $::contrail::params::host_ip -) inherits ::haproxy { +) { require ::contrail::params + # Debug - Print all variables notify { "Haproxy - config_ip_list = $config_ip_list":; } notify { "Haproxy - config_name_list = $config_name_list":;} @@ -36,261 +37,59 @@ notify { "Haproxy - host_ip = $host_ip":;} $manage_amqp = "no" - - if ($host_ip in $config_ip_list) { - notify { "Haproxy - Setting up ha-cfg for config":;} - - haproxy::listen { 'contrail-api': - ipaddress => '0.0.0.0', - ports => '8082', - mode => 'http', - options => {} - } - - haproxy::balancermember { 'contrail-api-member': - listening_service => 'contrail-api', - ports => '9100', - ipaddresses => $config_ip_list, - server_names => $config_name_list, - options => 'check', - } - - haproxy::listen { 'contrail-discovery': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '5998', - mode => 'http', - options => {} - } - - haproxy::balancermember { 'contrail-discovery-member': - listening_service => 'contrail-discovery', - ports => '9110', - ipaddresses => $config_ip_list, - server_names => $config_name_list, - options => 'check', - } - - haproxy::listen { 'rabbit': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '5673', - mode => 'tcp', - options => { } - } - haproxy::weight { 'rabbit-member': - listening_service => 'rabbit', - ports => '5672', - ipaddresses => $config_ip_list, - server_names => $config_name_list, - options => ['check','inter 2000','rise 2','fall 3'], - } - - haproxy::listen { 'quantum-server': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '9696', - mode => 'tcp', - options => { } - } - - haproxy::balancermember { 'quantum-server-member': - listening_service => 'quantum-server', - ports => '9697', - ipaddresses => $config_ip_list, - server_names => $config_name_list, - options => 'check', - } - + if ($internal_vip == undef or $internal_vip == "") { + $ha_internal_vip = "none" + } else { + $ha_internal_vip = $internal_vip + } + if ($contrail_internal_vip == undef or $contrail_internal_vip == "") { + $ha_contrail_internal_vip = "none" + } else { + $ha_contrail_internal_vip = $contrail_internal_vip } - #Add openstack HA - if ($host_ip in $openstack_ip_list and $internal_vip != "") { - notify { "Haproxy - Setting up ha-cfg for openstack-ha":;} - - haproxy::listen { 'openstack-keystone': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '5000', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger'] - } - } - - haproxy::balancermember { 'openstack-keystone-member': - listening_service => 'openstack-keystone', - ports => '6000', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - - haproxy::listen { 'openstack-keystoneadmin': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '35357', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger'] - } - } - - haproxy::balancermember { 'openstack-keystoneadmin-member': - listening_service => 'openstack-keystoneadmin', - ports => '35358', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - haproxy::listen { 'openstack-glance': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '9292', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger'] - } - } - haproxy::balancermember { 'openstack-glance-member': - listening_service => 'openstack-glance', - ports => '9393', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - - haproxy::listen { 'openstack-cinder': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '8776', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger'] - } - } - - haproxy::balancermember { 'openstack-cinder-member': - listening_service => 'openstack-cinder', - ports => '9776', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - - haproxy::listen { 'openstack-novaapi': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '8774', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger'] - } - } - - haproxy::balancermember { 'openstack-novaapi-member': - listening_service => 'openstack-novaapi', - ports => '9774', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - - haproxy::listen { 'openstack-novameta': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '8775', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger'] - } - } - - haproxy::balancermember { 'openstack-novameta-member': - listening_service => 'openstack-novameta', - ports => '9775', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - - haproxy::listen { 'memcached': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '11222', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger', 'tcplog'] - } - } - haproxy::balancermember { 'memcached-member': - listening_service => 'memcached', - ports => '11211', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } + $openstack_ip_list_shell = inline_template('<%= @openstack_ip_list.map{ |name2| "#{name2}" }.join(",") %>') + $config_ip_list_shell = inline_template('<%= @config_ip_list.map{ |name2| "#{name2}" }.join(",") %>') + $collector_ip_list_shell = inline_template('<%= @collector_ip_list.map{ |name2| "#{name2}" }.join(",") %>') - #if openstack needs a separate rabbitmq cluster - if (!($host_ip in $config_ip_list) and ($manage_amqp == "yes")) { - haproxy::listen { 'rabbitmq': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '5673', - mode => 'tcp', - options => { - option => ['tcpka', 'redispatch'] - } - } + $openstack_name_list_shell = inline_template('<%= @openstack_name_list.map{ |name2| "#{name2}" }.join(",") %>') + $config_name_list_shell = inline_template('<%= @config_name_list.map{ |name2| "#{name2}" }.join(",") %>') + $collector_name_list_shell = inline_template('<%= @collector_name_list.map{ |name2| "#{name2}" }.join(",") %>') - haproxy::balancermember { 'rabbitmq-member': - listening_service => 'rabbitmq', - ports => '5672', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } - } + $contrail_exec_haproxy_gen = "python /opt/contrail/bin/generate_haproxy.py $host_ip $ha_internal_vip $ha_contrail_internal_vip $config_name_list_shell $config_ip_list_shell $openstack_name_list_shell $openstack_ip_list_shell $collector_name_list_shell $collector_ip_list_shell && service haproxy restart && echo generate_ha_config >> /etc/contrail/contrail_openstack_exec.out" - haproxy::listen { 'mysql': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '33306', - mode => 'tcp', - options => { - option => ['tcpka', 'nolinger', 'redispatch'] - } - } - haproxy::balancermember { 'mysql-member': - listening_service => 'mysql', - ports => '3306', - ipaddresses => $openstack_ip_list, - server_names => $openstack_name_list, - options => 'check', - } + package { 'haproxy' : ensure => present,} + -> + file { "/etc/haproxy/haproxy.cfg" : + ensure => present, + require => Package["haproxy"], + notify => Service["haproxy"] + } + -> + service { "haproxy": + ensure => "running", + enable => "true", + subscribe => File['/etc/haproxy/haproxy.cfg'], + require => Package["haproxy"] + } + -> + file { "/opt/contrail/bin/generate_haproxy.py" : + ensure => present, + mode => 0755, + group => root, + source => "puppet:///modules/$module_name/generate_haproxy.py" + } + -> + exec { "generate_ha_config" : + command => $contrail_exec_haproxy_gen, + cwd => "/opt/contrail/bin/", + unless => "grep -qx generate_ha_config /etc/contrail/contrail_openstack_exec.out", + provider => shell, + require => [ File["/opt/contrail/bin/generate_haproxy.py"] ], + logoutput => 'true' } - #Add collector HA - if ($host_ip in $config_ip_list and $contrail_internal_vip != "") { - notify { "Haproxy - Setting up ha-cfg for collector":;} - haproxy::listen { 'contrail-analyticsapi': - collect_exported => true, - ipaddress => '0.0.0.0', - ports => '8081', - mode => 'tcp', - options => { - option => ['nolinger'] - } - } - haproxy::balancermember { 'contrail-analyticsapi-member': - listening_service => 'contrail-analyticsapi', - ports => '9081', - ipaddresses => $collector_ip_list, - server_names => $collector_name_list, - options => 'check', - } - } } diff --git a/contrail/environment/modules/contrail/manifests/keepalived.pp b/contrail/environment/modules/contrail/manifests/keepalived.pp index c8bbfa33..96e7ca07 100644 --- a/contrail/environment/modules/contrail/manifests/keepalived.pp +++ b/contrail/environment/modules/contrail/manifests/keepalived.pp @@ -27,6 +27,8 @@ $config_ip_list = $::contrail::params::config_ip_list, $internal_vip = $::contrail::params::internal_vip, $contrail_internal_vip = $::contrail::params::contrail_internal_vip, + $external_vip = $::contrail::params::external_vip, + $contrail_external_vip = $::contrail::params::contrail_external_vip, $keepalived_vrid = $::contrail::params::keepalived_vrid, $openstack_ip_list = $::contrail::params::openstack_ip_list ) inherits ::contrail::params { @@ -41,57 +43,283 @@ notify { "Keepalived - openstack_ip_list = $openstack_ip_list":; } $control_data_intf = get_device_name("$host_control_ip") + + if ($host_control_ip in $openstack_ip_list and $external_vip != "") { + + notify { "Keepalived - Setting up external_vip ":; } + $e_num_nodes = inline_template('<%= @openstack_ip_list.length %>') + $e_tmp_index = inline_template('<%= @openstack_ip_list.index(@host_control_ip) %>') + if ($e_tmp_index == nil) { + fail("Host $host_control_ip not found in servers of config roles") + } + + $e_config_index = $e_tmp_index + 1 + notify { "Keepalived - e_config_index = $e_config_index":; } + + if ($e_config_index == 1 ) { + $e_keepalived_state = "MASTER" + $e_contrail_garp_master_delay = 5 + $e_contrail_preempt_delay = 7 + } + elsif ($e_config_index ==2 and $e_num_nodes > 2 ) { + $e_keepalived_state = "MASTER" + $e_contrail_garp_master_delay = 1 + $e_contrail_preempt_delay = 1 + } + else { + $e_keepalived_state = "BACKUP" + $e_contrail_garp_master_delay = 1 + $e_contrail_preempt_delay = 1 + } + + include ::keepalived + + + $e_interface = find_matching_interface($external_vip) + + $e_contrail_keepalived_vrid = $keepalived_vrid + 1 + $e_keepalived_priority = $e_contrail_keepalived_vrid - $e_config_index + + keepalived::vrrp::script { 'check_haproxy_external_vip': + script => '/usr/bin/killall -0 haproxy', + timeout => '3', + interval => '1', + rise => '2', + fall => '2', + } + + keepalived::vrrp::script { 'check_peers_external_vip': + script => '/opt/contrail/bin/chk_ctrldata.sh', + interval => '1', + timeout => '3', + rise => '1', + fall => '1', + + } + keepalived::vrrp::instance { "VI_$e_contrail_keepalived_vrid": + interface => $e_interface, + state => $e_keepalived_state, + virtual_router_id => "$e_contrail_keepalived_vrid", + priority => "$e_keepalived_priority", + auth_type => 'PASS', + auth_pass => 'secret', + virtual_ipaddress => $external_vip, + garp_master_refresh => 1, + garp_master_repeat => 3, + garp_master_delay => $e_contrail_garp_master_delay, + preempt_delay => $e_contrail_preempt_delay, + vmac_xmit_base => true, + track_interface => $control_data_intf, + track_script => ['check_haproxy_external_vip','check_peers_external_vip'], + } + } + + if ($host_control_ip in $openstack_ip_list and $internal_vip != "") { - $vip = $internal_vip - $ip_list = $openstack_ip_list - notify { "Keepalived - Setting up internal_vip ":; } + include ::keepalived - } elsif ($host_control_ip in $config_ip_list and $contrail_internal_vip != "" ) { - $vip = $contrail_internal_vip - $ip_list = $config_ip_list - notify { "Keepalived - Setting up contrail_internal_vip ":; } + $i_interface = find_matching_interface($internal_vip) + + $i_contrail_keepalived_vrid = $keepalived_vrid + 2 + notify { "Keepalived - Setting up internal_vip":; } + $i_num_nodes = inline_template('<%= @openstack_ip_list.length %>') + $i_tmp_index = inline_template('<%= @openstack_ip_list.index(@host_control_ip) %>') + if ($i_tmp_index == nil) { + fail("Host $host_control_ip not found in servers of config roles") + } + + $i_config_index = $i_tmp_index + 1 + notify { "Keepalived - i_config_index = $i_config_index":; } + + if ($i_config_index == 1 ) { + $i_keepalived_state = "MASTER" + $i_contrail_garp_master_delay = 5 + $i_contrail_preempt_delay = 7 + } + elsif ($i_config_index ==2 and $i_num_nodes > 2 ) { + $i_keepalived_state = "MASTER" + $i_contrail_garp_master_delay = 1 + $i_contrail_preempt_delay = 1 + } + else { + $i_keepalived_state = "BACKUP" + $i_contrail_garp_master_delay = 1 + $i_contrail_preempt_delay = 1 + } + + + $i_keepalived_priority = $i_contrail_keepalived_vrid - $i_config_index + keepalived::vrrp::script { 'check_haproxy_internal_vip': + script => '/usr/bin/killall -0 haproxy', + timeout => '3', + interval => '1', + rise => '2', + fall => '2', + } + + keepalived::vrrp::script { 'check_peers_internal_vip': + script => '/opt/contrail/bin/chk_ctrldata.sh', + interval => '1', + timeout => '3', + rise => '1', + fall => '1', - } else { - $vip = "" + } + keepalived::vrrp::instance { "VI_$i_contrail_keepalived_vrid": + interface => $i_interface, + state => $i_keepalived_state, + virtual_router_id => "$i_contrail_keepalived_vrid", + priority => "$i_keepalived_priority", + auth_type => 'PASS', + auth_pass => 'secret', + virtual_ipaddress => $internal_vip, + garp_master_refresh => 1, + garp_master_repeat => 3, + garp_master_delay => $i_contrail_garp_master_delay, + preempt_delay => $i_contrail_preempt_delay, + vmac_xmit_base => true, + track_interface => $control_data_intf, + track_script => ['check_haproxy_internal_vip','check_peers_internal_vip'], + } } - if ($vip != "") { - $tmp_index = inline_template('<%= @ip_list.index(@host_control_ip) %>') - if ($tmp_index == nil) { + + if ($host_control_ip in $config_ip_list and $contrail_internal_vip != "") { + include ::keepalived + + $ci_num_nodes = inline_template('<%= @config_ip_list.length %>') + $ci_tmp_index = inline_template('<%= @config_ip_list.index(@host_control_ip) %>') + notify { "Keepalived - Setting up contrail_internal_vip":; } + + if ($ci_tmp_index == nil) { fail("Host $host_control_ip not found in servers of config roles") } - $config_index = $tmp_index + 1 - $keepalived_priority = $keepalived_vrid + $config_index - 1 - if ($config_index == 1) { - $keepalived_state = "MASTER" + + $ci_config_index = $ci_tmp_index + 1 + notify { "Keepalived - ci_config_index = $ci_config_index":; } + + if ($ci_config_index == 1 ) { + $ci_keepalived_state = "MASTER" + $ci_contrail_garp_master_delay = 5 + $ci_contrail_preempt_delay = 7 + } + elsif ($ci_config_index ==2 and $ci_num_nodes > 2 ) { + $ci_keepalived_state = "MASTER" + $ci_contrail_garp_master_delay = 1 + $ci_contrail_preempt_delay = 1 } else { - $keepalived_state = "BACKUP" + $ci_keepalived_state = "BACKUP" + $ci_contrail_garp_master_delay = 1 + $ci_contrail_preempt_delay = 1 } + + $ci_contrail_keepalived_vrid = $keepalived_vrid + 3 + + $ci_keepalived_priority = $ci_contrail_keepalived_vrid - $ci_config_index + + $ci_interface = find_matching_interface($contrail_internal_vip) + keepalived::vrrp::script { 'check_haproxy_contrail_internal_vip': + script => '/usr/bin/killall -0 haproxy', + timeout => '3', + interval => '1', + rise => '2', + fall => '2', + } + + keepalived::vrrp::script { 'check_peers_contrail_internal_vip': + script => '/opt/contrail/bin/chk_ctrldata.sh', + interval => '1', + timeout => '3', + rise => '1', + fall => '1', + + } + keepalived::vrrp::instance { "VI_$ci_contrail_keepalived_vrid": + interface => $ci_interface, + state => $keepalived_state, + virtual_router_id => "$ci_contrail_keepalived_vrid", + priority => "$ci_keepalived_priority", + auth_type => 'PASS', + auth_pass => 'secret', + virtual_ipaddress => $contrail_internal_vip, + garp_master_refresh => 1, + garp_master_repeat => 3, + garp_master_delay => $ci_contrail_garp_master_delay, + preempt_delay => $ci_contrail_preempt_delay, + vmac_xmit_base => true, + track_interface => $control_data_intf, + track_script => ['check_haproxy_contrail_internal_vip','check_peers_contrail_internal_vip'], + } + } + + if ($host_control_ip in $config_ip_list and $contrail_external_vip != "") { + notify { "Keepalived - Setting up contrail_external_vip":; } include ::keepalived - $interface = find_matching_interface($vip) - keepalived::vrrp::script { 'check_haproxy': + $ce_num_nodes = inline_template('<%= @config_ip_list.length %>') + $ce_tmp_index = inline_template('<%= @config_ip_list.index(@host_control_ip) %>') + if ($ce_tmp_index == nil) { + fail("Host $host_control_ip not found in servers of config roles") + } + + $ce_config_index = $ce_tmp_index + 1 + notify { "Keepalived - ce_config_index = $ce_config_index":; } + + if ($ce_config_index == 1 ) { + $ce_keepalived_state = "MASTER" + $ce_contrail_garp_master_delay = 5 + $ce_contrail_preempt_delay = 7 + } + elsif ($ce_config_index ==2 and $ce_num_nodes > 2 ) { + $ce_keepalived_state = "MASTER" + $ce_contrail_garp_master_delay = 1 + $ce_contrail_preempt_delay = 1 + } + else { + $ce_keepalived_state = "BACKUP" + $ce_contrail_garp_master_delay = 1 + $ce_contrail_preempt_delay = 1 + } + + $ce_contrail_keepalived_vrid = $keepalived_vrid + 4 + $ce_keepalived_priority = $ce_contrail_keepalived_vrid - $ce_config_index + + $ce_interface = find_matching_interface($contrail_external_vip) + + keepalived::vrrp::script { 'check_haproxy_contrail_external_vip': script => '/usr/bin/killall -0 haproxy', + timeout => '3', + interval => '1', + rise => '2', + fall => '2', } - keepalived::vrrp::script { 'check_peers': + keepalived::vrrp::script { 'check_peers_contrail_external_vip': script => '/opt/contrail/bin/chk_ctrldata.sh', + interval => '1', + timeout => '3', + rise => '1', + fall => '1', + } - keepalived::vrrp::instance { "VI_$keepalived_vrid": - interface => $interface, + keepalived::vrrp::instance { "VI_$ce_contrail_keepalived_vrid": + interface => $ce_interface, state => $keepalived_state, - virtual_router_id => "$keepalived_vrid", - priority => "$keepalived_priority", + virtual_router_id => "$ce_contrail_keepalived_vrid", + priority => "$ce_keepalived_priority", auth_type => 'PASS', auth_pass => 'secret', - virtual_ipaddress => $vip, + virtual_ipaddress => $contrail_external_vip, garp_master_refresh => 1, garp_master_repeat => 3, + garp_master_delay => $ce_contrail_garp_master_delay, + preempt_delay => $ce_contrail_preempt_delay, vmac_xmit_base => true, track_interface => $control_data_intf, - track_script => ['check_proxy','check_peers'], + track_script => ['check_haproxy_contrail_external_vip','check_peers_contrail_external_vip'], } } + } diff --git a/contrail/environment/modules/contrail/manifests/lib/post_openstack.pp b/contrail/environment/modules/contrail/manifests/lib/post_openstack.pp new file mode 100644 index 00000000..ab1d42c9 --- /dev/null +++ b/contrail/environment/modules/contrail/manifests/lib/post_openstack.pp @@ -0,0 +1,29 @@ +define contrail::lib::post_openstack($host_control_ip, $openstack_ip_list, $internal_vip) { + if ($host_control_ip in $openstack_ip_list) { + + package { 'contrail-openstack': + ensure => present, + } + -> + exec { "exec_start_supervisor_openstack" : + command => "service supervisor-openstack start && echo start_supervisor_openstack >> /etc/contrail/contrail_openstack_exec.out", + unless => "grep -qx start_supervisor_openstack /etc/contrail/contrail_openstack_exec.out", + provider => shell, + require => [ Package["contrail-openstack"] ], + logoutput => 'true' + } + + #Make ha-mon start later + if($internal_vip != "") { + exec { "ha-mon-restart": + command => "service contrail-hamon restart && echo contrail-ha-mon >> /etc/contrail/contrail_openstack_exec.out", + provider => shell, + logoutput => "true", + unless => "grep -qx contrail-ha-mon /etc/contrail/contrail_openstack_exec.out", + } + } + + } + +} +#end of upgrade-kernel diff --git a/contrail/environment/modules/contrail/manifests/lib/upgrade-kernel.pp b/contrail/environment/modules/contrail/manifests/lib/upgrade-kernel.pp index f0690c6b..5f22434d 100644 --- a/contrail/environment/modules/contrail/manifests/lib/upgrade-kernel.pp +++ b/contrail/environment/modules/contrail/manifests/lib/upgrade-kernel.pp @@ -1,20 +1,42 @@ -define contrail::lib::upgrade-kernel($contrail_kernel_version) { +define contrail::lib::upgrade-kernel($contrail_kernel_upgrade, $contrail_kernel_version) { $headers = "linux-headers-${contrail_kernel_version}" $headers_generic = "linux-headers-${contrail_kernel_version}-generic" $image = "linux-image-${contrail_kernel_version}" - package { 'apparmor' : ensure => '2.7.102-0ubuntu3.10',} - -> - package { $headers : ensure => present, } - -> - package { $headers_generic : ensure => present, } - -> - package { $image : ensure => present, } - -> - exec { "upgrade-kernel-reboot": - command => "echo upgrade-kernel-reboot >> /etc/contrail/contrail_common_exec.out && reboot ", - provider => shell, - logoutput => "true", - unless => ["grep -qx upgrade-kernel-reboot /etc/contrail/contrail_common_exec.out"] + + if ($operatingsystem == "Ubuntu" and $contrail_kernel_upgrade == "yes") + { + if ($lsbdistrelease == "14.04") { + package { $headers : ensure => present, } + -> + package { $headers_generic : ensure => present, } + -> + package { $image : ensure => present, } + -> + exec { "upgrade-kernel-reboot": + command => "echo upgrade-kernel-reboot >> /etc/contrail/contrail_common_exec.out && reboot ", + provider => shell, + logoutput => "true", + unless => ["grep -qx upgrade-kernel-reboot /etc/contrail/contrail_common_exec.out"] + } + } else { + package { 'apparmor' : ensure => '2.7.102-0ubuntu3.10',} + -> + package { $headers : ensure => present, } + -> + package { $headers_generic : ensure => present, } + -> + package { $image : ensure => present, } + -> + exec { "upgrade-kernel-reboot": + command => "echo upgrade-kernel-reboot >> /etc/contrail/contrail_common_exec.out && reboot ", + provider => shell, + logoutput => "true", + unless => ["grep -qx upgrade-kernel-reboot /etc/contrail/contrail_common_exec.out"] + } + } + } else { + #TODO for other flavours do nothing } + } #end of upgrade-kernel diff --git a/contrail/environment/modules/contrail/manifests/params.pp b/contrail/environment/modules/contrail/manifests/params.pp index aca586a1..734862f6 100644 --- a/contrail/environment/modules/contrail/manifests/params.pp +++ b/contrail/environment/modules/contrail/manifests/params.pp @@ -510,6 +510,7 @@ $compute_passwd_list, $host_roles = "", $external_bgp = "", + $sync_db = "", $contrail_plugin_location = "NEUTRON_PLUGIN_CONFIG=\'/etc/neutron/plugins/opencontrail/ContrailPlugin.ini\'" ) { # Manifests use keystone_admin_token to refer to keystone_service_token too. Hence set diff --git a/contrail/environment/modules/contrail/manifests/profile/openstack/glance/api.pp b/contrail/environment/modules/contrail/manifests/profile/openstack/glance/api.pp index 58c07e9a..b35eb3cd 100644 --- a/contrail/environment/modules/contrail/manifests/profile/openstack/glance/api.pp +++ b/contrail/environment/modules/contrail/manifests/profile/openstack/glance/api.pp @@ -4,7 +4,8 @@ class contrail::profile::openstack::glance::api { $api_network = $::openstack::config::network_api $api_address = ip_for_network($api_network) - $sync_db = true + # $sync_db = true + $sync_db = $::contrail::params::sync_db $management_network = $::openstack::config::network_management $management_address = ip_for_network($management_network) diff --git a/contrail/environment/modules/contrail/manifests/profile/openstack_controller.pp b/contrail/environment/modules/contrail/manifests/profile/openstack_controller.pp index 665a164c..836eea9f 100644 --- a/contrail/environment/modules/contrail/manifests/profile/openstack_controller.pp +++ b/contrail/environment/modules/contrail/manifests/profile/openstack_controller.pp @@ -15,6 +15,22 @@ contain ::contrail::contrail_openstack Class['::openstack::profile::provision']->Class['::contrail::contrail_openstack'] #Contrail expects neutron to run on config nodes only - #contain ::contrail::profile::openstack::neutron::server + contain ::contrail::profile::openstack::neutron::server + + package { 'contrail-openstack-dashboard': + ensure => present, + } + + +# Though neutron runs on config, setup the db in openstack node + exec { 'neutron-db-sync': + command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head', + path => '/usr/bin', + before => Service['neutron-server'], + require => Neutron_config['database/connection'], + refreshonly => true + } + + Class['::neutron::db::mysql'] -> Exec['neutron-db-sync'] } diff --git a/contrail/environment/modules/contrail/manifests/provision_complete.pp b/contrail/environment/modules/contrail/manifests/provision_complete.pp index dfe23693..a20632dd 100644 --- a/contrail/environment/modules/contrail/manifests/provision_complete.pp +++ b/contrail/environment/modules/contrail/manifests/provision_complete.pp @@ -2,9 +2,24 @@ $state = undef ) { - contrail::lib::report_status { $state: state => $state } + $host_control_ip = $::contrail::params::host_ip + $openstack_ip_list = $::contrail::params::openstack_ip_list + $internal_vip = $::contrail::params::internal_vip + -} + contrail::lib::post_openstack{post_openstack: host_control_ip => $host_control_ip, openstack_ip_list => $openstack_ip_list, internal_vip => $internal_vip} + -> + contrail::lib::report_status { $state: state => $state} + -> + exec { "do-reboot-server" : + command => "/sbin/reboot && echo do-reboot-server >> /etc/contrail/contrail_common_exec.out", + onlyif => "grep -qx flag-reboot-server /etc/contrail/contrail_compute_exec.out", + unless => "grep -qx do-reboot-server /etc/contrail/contrail_common_exec.out", + provider => shell, + logoutput => 'true' + } + +} diff --git a/contrail/environment/modules/contrail/manifests/provision_contrail.pp b/contrail/environment/modules/contrail/manifests/provision_contrail.pp index e459b953..c4a1d7e8 100644 --- a/contrail/environment/modules/contrail/manifests/provision_contrail.pp +++ b/contrail/environment/modules/contrail/manifests/provision_contrail.pp @@ -48,6 +48,11 @@ # Flag to indicate if openstack multi-tenancy is enabled. # (optional) - Defaults to True. # +# +# [*external_bgp*] +# IP address of the external bgp peer. +# (optional) - Defaults to "". +# class contrail::provision_contrail ( $keystone_admin_tenant = $::contrail::params::keystone_admin_tenant, $keystone_admin_user = $::contrail::params::keystone_admin_user, @@ -60,11 +65,12 @@ $router_asn = $::contrail::params::router_asn, $control_ip_list = $::contrail::params::control_ip_list, $control_name_list = $::contrail::params::control_name_list, - $multi_tenancy = $::contrail::params::multi_tenancy + $multi_tenancy = $::contrail::params::multi_tenancy, + $external_bgp = $::contrail::params::external_bgp, ) { # Initialize the multi tenancy option will update latter based on vns argument - if ($multi_tenancy == "True") { + if ($multi_tenancy == true) { $mt_options = "admin,$keystone_admin_password,$keystone_admin_tenant" } else { $mt_options = "None" @@ -119,7 +125,7 @@ } -> exec { "provision-external-bgp" : - command => "python /etc/contrail/contrail_setup_utils/setup_external_bgp.py --bgp_params \"$contrail_bgp_params\" --api_server_ip \"$config_ip_to_use\" --api_server_port 8082 --router_asn \"$router_asn\" --mt_options \"$mt_options\" && echo provision-external-bgp >> /etc/contrail/contrail_config_exec.out", + command => "python /etc/contrail/contrail_setup_utils/setup_external_bgp.py --bgp_params \"$external_bgp\" --api_server_ip \"$config_ip_to_use\" --api_server_port 8082 --router_asn \"$router_asn\" --mt_options \"$mt_options\" && echo provision-external-bgp >> /etc/contrail/contrail_config_exec.out", require => [ File["/etc/contrail/contrail_setup_utils/setup_external_bgp.py"] ], unless => "grep -qx provision-external-bgp /etc/contrail/contrail_config_exec.out", provider => shell, diff --git a/contrail/environment/modules/contrail/templates/contrail-keystone-auth.conf.erb b/contrail/environment/modules/contrail/templates/contrail-keystone-auth.conf.erb deleted file mode 100644 index ab75729e..00000000 --- a/contrail/environment/modules/contrail/templates/contrail-keystone-auth.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ -[KEYSTONE] -<% if @keystone_ip != "" -%> -auth_host=<%= @keystone_ip %> -<% elsif @internal_vip != "" -%> -auth_host=<%= @internal_vip %> -<% else -%> -auth_host=<%= @openstack_ip %> -<% end -%> -auth_protocol=<%= @keystone_auth_protocol %> -auth_port=<%= @keystone_auth_port %> -admin_user=<%= @keystone_admin_user %> -admin_password=<%= @keystone_admin_password %> -admin_token=<%= @keystone_service_token %> -admin_tenant_name=<%= @keystone_admin_tenant %> -insecure=<%= keystone_insecure_flag %> -<%= memcached_opt %> diff --git a/contrail/environment/modules/contrail/templates/rabbitmq_config.erb b/contrail/environment/modules/contrail/templates/rabbitmq_config.erb index b08a2f78..647d41a0 100644 --- a/contrail/environment/modules/contrail/templates/rabbitmq_config.erb +++ b/contrail/environment/modules/contrail/templates/rabbitmq_config.erb @@ -1,6 +1,6 @@ [ {rabbit, [ {tcp_listeners, [{"<%= @host_control_ip %>", 5672}]}, {cluster_partition_handling, autoheal},{loopback_users, []}, - {cluster_nodes, {[<%= @config_name_list.map{ |val| "rabbit\@#{val}" }.join(',') %>], disc}}, + {cluster_nodes, {[<%= @config_name_list.map{ |val| "rabbit\@#{val}ctl" }.join(',') %>], disc}}, {vm_memory_high_watermark, 0.4}, {disk_free_limit,50000000}, {log_levels,[{connection, info},{mirroring, info}]}, diff --git a/contrail/environment/modules/glance/manifests/notify/rabbitmq.pp b/contrail/environment/modules/glance/manifests/notify/rabbitmq.pp index 7f6fcf9f..211f975c 100644 --- a/contrail/environment/modules/glance/manifests/notify/rabbitmq.pp +++ b/contrail/environment/modules/glance/manifests/notify/rabbitmq.pp @@ -74,14 +74,12 @@ if $rabbit_hosts { glance_api_config { - 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ','); +# 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ','); 'DEFAULT/rabbit_ha_queues': value => true } } else { glance_api_config { - 'DEFAULT/rabbit_host': value => $rabbit_host; - 'DEFAULT/rabbit_port': value => $rabbit_port; - 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}"; +# 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}"; 'DEFAULT/rabbit_ha_queues': value => false } } diff --git a/contrail/environment/modules/glance/spec/classes/glance_notify_rabbitmq_spec.rb b/contrail/environment/modules/glance/spec/classes/glance_notify_rabbitmq_spec.rb index 47163fa0..f3f8739e 100644 --- a/contrail/environment/modules/glance/spec/classes/glance_notify_rabbitmq_spec.rb +++ b/contrail/environment/modules/glance/spec/classes/glance_notify_rabbitmq_spec.rb @@ -34,12 +34,12 @@ :rabbit_password => 'pass', :rabbit_userid => 'guest2', :rabbit_host => 'localhost2', - :rabbit_port => '5673', + :rabbit_port => '5672', :rabbit_durable_queues => true, } it { should contain_glance_api_config('DEFAULT/rabbit_userid').with_value('guest2') } it { should contain_glance_api_config('DEFAULT/rabbit_host').with_value('localhost2') } - it { should contain_glance_api_config('DEFAULT/rabbit_port').with_value('5673') } + it { should contain_glance_api_config('DEFAULT/rabbit_port').with_value('5672') } it { should contain_glance_api_config('DEFAULT/rabbit_durable_queues').with_value('true') } end end diff --git a/contrail/environment/modules/horizon/templates/local_settings.py.erb b/contrail/environment/modules/horizon/templates/local_settings.py.erb index e2b10de3..a3c0022b 100644 --- a/contrail/environment/modules/horizon/templates/local_settings.py.erb +++ b/contrail/environment/modules/horizon/templates/local_settings.py.erb @@ -102,6 +102,16 @@ LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) # SECRET_KEY = secret_key.generate_or_read_from_file(os.path.join(LOCAL_PATH, '.secret_key_store')) SECRET_KEY = '<%= @secret_key %>' +import hashlib +def hash_key(key, key_prefix, version): + new_key = ':'.join([key_prefix, str(version), key]) + if len(new_key) > 250: + m = hashlib.md5() + m.update(new_key) + new_key = m.hexdigest() + return new_key + + # We recommend you use memcached for development; otherwise after every reload # of the django development server, you will have to login again. To use # memcached set CACHES to something like @@ -126,6 +136,7 @@ CACHES = { <% else %> 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache' <% end %> + 'KEY_FUNCTION': hash_key, } } @@ -553,3 +564,13 @@ COMPRESS_OFFLINE = <%= @compress_offline.to_s.capitalize %> # so we add this option to change the directory where uploaded files are temporarily # stored until they are loaded into Glance. FILE_UPLOAD_TEMP_DIR = '<%= @file_upload_temp_dir %>' + + +# Enable the Ubuntu theme if it is present. +try: + from ubuntu_theme import * +except ImportError: + pass + +ALLOWED_HOSTS = '*' +HORIZON_CONFIG['customization_module'] = 'contrail_openstack_dashboard.overrides' diff --git a/contrail/environment/modules/keepalived/manifests/vrrp/script.pp b/contrail/environment/modules/keepalived/manifests/vrrp/script.pp index 9fa85285..596caf96 100644 --- a/contrail/environment/modules/keepalived/manifests/vrrp/script.pp +++ b/contrail/environment/modules/keepalived/manifests/vrrp/script.pp @@ -25,6 +25,7 @@ $weight = undef, $fall = undef, $rise = undef, + $timeout = undef, $no_weight = false, ) { if ! $script { diff --git a/contrail/environment/modules/keepalived/templates/vrrp_instance.erb b/contrail/environment/modules/keepalived/templates/vrrp_instance.erb index 0e27ab6c..91db362e 100644 --- a/contrail/environment/modules/keepalived/templates/vrrp_instance.erb +++ b/contrail/environment/modules/keepalived/templates/vrrp_instance.erb @@ -17,10 +17,15 @@ vrrp_instance <%= @name %> { <%- if @preempt_delay -%> preempt_delay <%= @preempt_delay %> <%- end -%> - <%- if @garp_master_refresh -%> garp_master_refresh <%= @garp_master_refresh %> <%- end -%> + <%- if @garp_master_repeat -%> + garp_master_repeat <%= @garp_master_repeat %> + <%- end -%> + <%- if @vmac_xmit_base == true -%> + vmac_xmit_base + <%- end -%> # notify scripts and alerts are optional # diff --git a/contrail/environment/modules/keepalived/templates/vrrp_script.erb b/contrail/environment/modules/keepalived/templates/vrrp_script.erb index 1b40ae66..3be36df9 100644 --- a/contrail/environment/modules/keepalived/templates/vrrp_script.erb +++ b/contrail/environment/modules/keepalived/templates/vrrp_script.erb @@ -4,6 +4,9 @@ vrrp_script <%= @name %> { <%- unless @no_weight -%> weight <%= @weight %> <%- end -%> + <%- if @timeout-%> + timeout <%= @timeout%> + <%- end -%> <%- if @fall -%> fall <%= @fall %> <%- end -%> diff --git a/contrail/environment/modules/mysql/manifests/params.pp b/contrail/environment/modules/mysql/manifests/params.pp index 67dd785b..81fb55fc 100644 --- a/contrail/environment/modules/mysql/manifests/params.pp +++ b/contrail/environment/modules/mysql/manifests/params.pp @@ -19,7 +19,7 @@ $php_package_provider = undef $python_package_ensure = 'present' $python_package_provider = undef - $ruby_package_ensure = 'present' + $ruby_package_ensure = 'absent' $ruby_package_provider = undef @@ -30,7 +30,7 @@ $server_package_name = 'mariadb-server' } else { $client_package_name = 'mysql' - $server_package_name = 'mysql-server' + $server_package_name = 'mysql-server-wsrep' } $basedir = '/usr' $config_file = '/etc/my.cnf' @@ -95,7 +95,7 @@ 'Debian': { $client_package_name = 'mysql-client' - $server_package_name = 'mysql-server' + $server_package_name = 'mysql-server-wsrep' $basedir = '/usr' $config_file = '/etc/mysql/my.cnf' @@ -126,7 +126,7 @@ $log_error = "/var/db/mysql/${::hostname}.err" $pidfile = '/var/db/mysql/mysql.pid' $root_group = 'wheel' - $server_service_name = 'mysql-server' + $server_service_name = 'mysql-server-wsrep' $socket = '/tmp/mysql.sock' $ssl_ca = undef $ssl_cert = undef @@ -144,7 +144,7 @@ case $::operatingsystem { 'Amazon': { $client_package_name = 'mysql' - $server_package_name = 'mysql-server' + $server_package_name = 'mysql-server-wsrep' $basedir = '/usr' $config_file = '/etc/my.cnf' $datadir = '/var/lib/mysql' @@ -196,12 +196,12 @@ 'bind-address' => '127.0.0.1', 'datadir' => $mysql::params::datadir, 'expire_logs_days' => '10', - 'key_buffer_size' => '16M', +# 'key_buffer_size' => '16M', 'log-error' => $mysql::params::log_error, - 'max_allowed_packet' => '16M', +# 'max_allowed_packet' => '16M', 'max_binlog_size' => '100M', - 'max_connections' => '151', - 'myisam_recover' => 'BACKUP', + 'max_connections' => '10000', +# 'myisam_recover' => 'BACKUP', 'pid-file' => $mysql::params::pidfile, 'port' => '3306', 'query_cache_limit' => '1M', @@ -218,12 +218,12 @@ 'user' => 'mysql', }, 'mysqldump' => { - 'max_allowed_packet' => '16M', +# 'max_allowed_packet' => '16M', 'quick' => true, 'quote-names' => true, }, 'isamchk' => { - 'key_buffer_size' => '16M', +# 'key_buffer_size' => '16M', }, } diff --git a/contrail/environment/modules/mysql/templates/my.cnf.erb b/contrail/environment/modules/mysql/templates/my.cnf.erb index 5aa959ba..70552575 100644 --- a/contrail/environment/modules/mysql/templates/my.cnf.erb +++ b/contrail/environment/modules/mysql/templates/my.cnf.erb @@ -15,4 +15,9 @@ <% end %> <% end -%> +[mysqld] +wait_timeout = 60 +interactive_timeout = 60 +lock_wait_timeout = 600 + !includedir /etc/mysql/conf.d/ diff --git a/contrail/environment/modules/openstack/manifests/common/ceilometer.pp b/contrail/environment/modules/openstack/manifests/common/ceilometer.pp index 1a6daae9..5f9e96ea 100644 --- a/contrail/environment/modules/openstack/manifests/common/ceilometer.pp +++ b/contrail/environment/modules/openstack/manifests/common/ceilometer.pp @@ -5,6 +5,15 @@ $controller_management_address = $::openstack::config::controller_address_management + $internal_vip = $::contrail::params::internal_vip + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_management_address + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + } + $mongo_password = $::openstack::config::ceilometer_mongo_password $mongo_connection = "mongodb://${controller_management_address}:27017/ceilometer" @@ -13,10 +22,10 @@ metering_secret => $::openstack::config::ceilometer_meteringsecret, debug => $::openstack::config::debug, verbose => $::openstack::config::verbose, - rabbit_hosts => [$controller_management_address], + rabbit_hosts => [$contrail_rabbit_host], rabbit_userid => $::openstack::config::rabbitmq_user, rabbit_password => $::openstack::config::rabbitmq_password, - rabbit_port => '5673', + rabbit_port => $contrail_rabbit_port, } class { '::ceilometer::api': diff --git a/contrail/environment/modules/openstack/manifests/common/cinder.pp b/contrail/environment/modules/openstack/manifests/common/cinder.pp index 9544054e..c67451f7 100644 --- a/contrail/environment/modules/openstack/manifests/common/cinder.pp +++ b/contrail/environment/modules/openstack/manifests/common/cinder.pp @@ -2,21 +2,29 @@ # Private, and should not be used on its own class openstack::common::cinder { $internal_vip = $::contrail::params::internal_vip + $controller_management_address = $::openstack::config::controller_address_management + $sync_db = $::contrail::params::sync_db if ($internal_vip != "" and $internal_vip != undef) { cinder_config { 'DEFAULT/osapi_volume_listen_port': value => '9776'; } + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_management_address + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] } + class { '::cinder': sql_connection => $::openstack::resources::connectors::cinder, - rabbit_host => $::openstack::config::controller_address_management, + rabbit_host => $contrail_rabbit_host, rabbit_userid => $::openstack::config::rabbitmq_user, rabbit_password => $::openstack::config::rabbitmq_password, debug => $::openstack::config::debug, verbose => $::openstack::config::verbose, mysql_module => '2.2', - rabbit_port => '5673', + rabbit_port => $contrail_rabbit_port, } $storage_server = $::openstack::config::storage_address_api diff --git a/contrail/environment/modules/openstack/manifests/common/contrail/neutron.pp b/contrail/environment/modules/openstack/manifests/common/contrail/neutron.pp index 05348fd8..5a36f6a7 100644 --- a/contrail/environment/modules/openstack/manifests/common/contrail/neutron.pp +++ b/contrail/environment/modules/openstack/manifests/common/contrail/neutron.pp @@ -9,12 +9,22 @@ $data_network = $::openstack::config::network_data $data_address = ip_for_network($data_network) + $internal_vip = $::contrail::params::internal_vip + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_management_address + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + } + + # neutron auth depends upon a keystone configuration include ::openstack::common::keystone class { '::neutron': - rabbit_host => $controller_management_address, - rabbit_port => '5673', + rabbit_host => $contrail_rabbit_host, + rabbit_port => $contrail_rabbit_port, core_plugin => 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2', allow_overlapping_ips => true, rabbit_user => $::openstack::config::rabbitmq_user, diff --git a/contrail/environment/modules/openstack/manifests/common/contrail/nova.pp b/contrail/environment/modules/openstack/manifests/common/contrail/nova.pp index dfb59d7f..d8a19efe 100644 --- a/contrail/environment/modules/openstack/manifests/common/contrail/nova.pp +++ b/contrail/environment/modules/openstack/manifests/common/contrail/nova.pp @@ -12,12 +12,27 @@ $storage_management_address = $::openstack::config::storage_address_management $controller_management_address = $::openstack::config::controller_address_management + $internal_vip = $::contrail::params::internal_vip + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_management_address + $neutron_ip_address = $controller_management_address + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + $neutron_ip_address = $::contrail::params::config_ip_list[0] + } + +# $contrail_internal_vip = $::contrail::params::internal_vip +# $external_vip = $::contrail::params::internal_vip +# $contrail_external_vip = $::contrail::params::contrail_internal_vip + class { '::nova': sql_connection => $::openstack::resources::connectors::nova, glance_api_servers => "http://${storage_management_address}:9292", memcached_servers => ["${controller_management_address}:11211"], - rabbit_hosts => [$controller_management_address], - rabbit_port => '5673', + rabbit_hosts => [$contrail_rabbit_host], + rabbit_port => $contrail_rabbit_port, rabbit_userid => $::openstack::config::rabbitmq_user, rabbit_password => $::openstack::config::rabbitmq_password, debug => $::openstack::config::debug, @@ -36,9 +51,17 @@ sync_db => $sync_db, } - class { '::nova::vncproxy': - host => $::openstack::config::controller_address_api, - enabled => $is_controller, + if ($internal_vip != "" and $internal_vip != undef) { + class { '::nova::vncproxy': + host => $::openstack::config::controller_address_api, + enabled => $is_controller, + port => '6999', + } + } else { + class { '::nova::vncproxy': + host => $::openstack::config::controller_address_api, + enabled => $is_controller, + } } class { [ @@ -68,8 +91,10 @@ class { '::nova::network::neutron': neutron_admin_password => $::openstack::config::neutron_password, neutron_region_name => $::openstack::config::region, - neutron_admin_auth_url => "http://${controller_management_address}:35357/v2.0", - neutron_url => "http://${controller_management_address}:9696", + #neutron_admin_auth_url => "http://${controller_management_address}:35357/v2.0", + #neutron_url => "http://${controller_management_address}:9696", + neutron_admin_auth_url => "http://${$neutron_ip_address}:35357/v2.0", + neutron_url => "http://${$neutron_ip_address}:9696", vif_plugging_is_fatal => false, vif_plugging_timeout => '0', } diff --git a/contrail/environment/modules/openstack/manifests/common/glance.pp b/contrail/environment/modules/openstack/manifests/common/glance.pp index 60d21dc5..4935d44d 100644 --- a/contrail/environment/modules/openstack/manifests/common/glance.pp +++ b/contrail/environment/modules/openstack/manifests/common/glance.pp @@ -7,33 +7,69 @@ $internal_vip = $::contrail::params::internal_vip if ($internal_vip != "" and $internal_vip != undef) { - class { '::glance::api': - keystone_password => $::openstack::config::glance_password, - auth_host => $::openstack::config::controller_address_management, - keystone_tenant => 'services', - keystone_user => 'glance', - sql_connection => $::openstack::resources::connectors::glance, - registry_host => $::openstack::config::storage_address_management, - verbose => $::openstack::config::verbose, - debug => $::openstack::config::debug, - enabled => $::openstack::profile::base::is_storage, - bind_port => '9393', - mysql_module => '2.2', - } + class { '::glance::api': + keystone_password => $::openstack::config::glance_password, + auth_host => $::openstack::config::controller_address_management, + keystone_tenant => 'services', + keystone_user => 'glance', + sql_connection => $::openstack::resources::connectors::glance, + registry_host => $::openstack::config::storage_address_management, + verbose => $::openstack::config::verbose, + debug => $::openstack::config::debug, + enabled => $::openstack::profile::base::is_storage, + database_idle_timeout => "180", + bind_port => '9393', + mysql_module => '2.2', + } + $contrail_rabbit_host = $::openstack::config::controller_address_management + $contrail_rabbit_port = '5673' } else { - class { '::glance::api': - keystone_password => $::openstack::config::glance_password, - auth_host => $::openstack::config::controller_address_management, - keystone_tenant => 'services', - keystone_user => 'glance', - sql_connection => $::openstack::resources::connectors::glance, - registry_host => $::openstack::config::storage_address_management, - verbose => $::openstack::config::verbose, - debug => $::openstack::config::debug, - enabled => $::openstack::profile::base::is_storage, - mysql_module => '2.2', + class { '::glance::api': + keystone_password => $::openstack::config::glance_password, + auth_host => $::openstack::config::controller_address_management, + keystone_tenant => 'services', + keystone_user => 'glance', + sql_connection => $::openstack::resources::connectors::glance, + registry_host => $::openstack::config::storage_address_management, + verbose => $::openstack::config::verbose, + debug => $::openstack::config::debug, + enabled => $::openstack::profile::base::is_storage, + database_idle_timeout => "180", + mysql_module => '2.2', + } + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + $contrail_rabbit_port = '5672' + } -} + + + glance_api_config { +# 'database/idle_timeout': value => "180"; + 'database/min_pool_size': value => "100"; + 'database/max_pool_size': value => "700"; + 'database/max_overflow': value => "1080"; + 'database/retry_interval': value => "5"; + 'database/max_retries': value => "-1"; + 'database/db_max_retries': value => "3"; + 'database/db_retry_interval': value => "1"; + 'database/connection_debug': value => "10"; + 'database/pool_timeout': value => "120"; +# notify => Service['glance-api'] + + } + + -> + # basic service config + glance_api_config {'DEFAULT/rabbit_host': + value => $contrail_rabbit_host, + notify => Service['glance-api'] + } + -> + glance_api_config {'DEFAULT/rabbit_port': + value => $contrail_rabbit_port, + notify => Service['glance-api'] + } + } diff --git a/contrail/environment/modules/openstack/manifests/common/keystone.pp b/contrail/environment/modules/openstack/manifests/common/keystone.pp index a8a90a89..fba32f67 100644 --- a/contrail/environment/modules/openstack/manifests/common/keystone.pp +++ b/contrail/environment/modules/openstack/manifests/common/keystone.pp @@ -1,5 +1,8 @@ class openstack::common::keystone { $internal_vip = $::contrail::params::internal_vip + $sync_db = $::contrail::params::sync_db + + notify { "SYNC_DB = $sync_db":; } if ($internal_vip != "" and $internal_vip != undef) { @@ -14,8 +17,24 @@ sync_db => $sync_db, public_port => '6000', admin_port => '35358', - rabbit_port => '5673', + rabbit_port => '5673', + rabbit_host => $::openstack::config::controller_address_management, } + keystone_config { + 'database/min_pool_size': value => "100"; + 'database/max_pool_size': value => "700"; + 'database/max_overflow': value => "100"; + 'database/retry_interva': value => "5"; + 'database/max_retries': value => "-1"; + 'database/db_max_retries': value => "-1"; + 'database/db_retry_interval': value => "1"; + 'database/connection_debug': value => "10"; + 'database/pool_timeout': value => "120"; + # 'sql/connection': value => $database_connection_real, secret => true; + # 'database/idle_timeout': value => $database_idle_timeout_real; + # 'sql/idle_timeout': value => $database_idle_timeout_real; + } + } else { class { '::keystone': admin_token => $::openstack::config::keystone_admin_token, @@ -26,9 +45,14 @@ admin_bind_host => $admin_bind_host, mysql_module => '2.2', sync_db => $sync_db, - rabbit_port => '5673', + rabbit_port => '5672', + rabbit_host => $::contrail::params::config_ip_list[0], } + keystone_config { + 'identity/driver': value => "keystone.identity.backends.sql.Identity"; + 'ec2/driver': value => "keystone.contrib.ec2.backends.sql.Ec2"; + 'DEFAULT/onready': value => "keystone.common.systemd"; + } - -} + } } diff --git a/contrail/environment/modules/openstack/manifests/common/neutron.pp b/contrail/environment/modules/openstack/manifests/common/neutron.pp index ce973de2..0933f55c 100644 --- a/contrail/environment/modules/openstack/manifests/common/neutron.pp +++ b/contrail/environment/modules/openstack/manifests/common/neutron.pp @@ -5,13 +5,21 @@ # This follows the suggest deployment from the neutron Administrator Guide. class openstack::common::neutron { $controller_management_address = $::openstack::config::controller_address_management - + $sync_db = $::contrail::params::sync_db $data_network = $::openstack::config::network_data $data_address = ip_for_network($data_network) # neutron auth depends upon a keystone configuration include ::openstack::common::keystone + $internal_vip = $::contrail::params::internal_vip + + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_auth_host = $::openstack::config::controller_address_management + } else { + $contrail_auth_host = $::contrail::params::config_ip_list[0] + } + class { '::neutron': rabbit_host => $controller_management_address, core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin', @@ -28,7 +36,7 @@ } class { '::neutron::server': - auth_host => $::openstack::config::controller_address_management, + auth_host => $contrail_auth_host, auth_password => $::openstack::config::neutron_password, database_connection => $::openstack::resources::connectors::neutron, enabled => $::openstack::profile::base::is_controller, diff --git a/contrail/environment/modules/openstack/manifests/common/nova.pp b/contrail/environment/modules/openstack/manifests/common/nova.pp index 6decab23..2a359724 100644 --- a/contrail/environment/modules/openstack/manifests/common/nova.pp +++ b/contrail/environment/modules/openstack/manifests/common/nova.pp @@ -5,6 +5,8 @@ # depends on openstack::profile::base having been added to a node class openstack::common::nova ($is_compute = false) { $is_controller = $::openstack::profile::base::is_controller + $sync_db = $::contrail::params::sync_db + $management_network = $::openstack::config::network_management $management_address = ip_for_network($management_network) @@ -12,43 +14,92 @@ $storage_management_address = $::openstack::config::storage_address_management $controller_management_address = $::openstack::config::controller_address_management $internal_vip = $::contrail::params::internal_vip + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_management_address + $contrail_neutron_server = $controller_management_address + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + $contrail_neutron_server = $::contrail::params::config_ip_list[0] + } + class { '::nova': sql_connection => $::openstack::resources::connectors::nova, glance_api_servers => "http://${storage_management_address}:9292", memcached_servers => ["${controller_management_address}:11211"], - rabbit_hosts => [$controller_management_address], + rabbit_hosts => [$contrail_rabbit_host], rabbit_userid => $::openstack::config::rabbitmq_user, rabbit_password => $::openstack::config::rabbitmq_password, debug => $::openstack::config::debug, verbose => $::openstack::config::verbose, mysql_module => '2.2', - rabbit_port => '5673', + rabbit_port => $contrail_rabbit_port, + database_idle_timeout => '180', notification_driver => "nova.openstack.common.notifier.rpc_notifier", } + nova_config { 'DEFAULT/rabbit_port': - value => '5673', - } + value => $contrail_rabbit_port, + } -> nova_config { 'DEFAULT/default_floating_pool': value => 'public' } + -> + nova_config { 'conductor/workers': + value => '40', + notify => Service['nova-api'] + } if ($internal_vip != "" and $internal_vip != undef) { nova_config { 'DEFAULT/osapi_compute_listen_port': value => '9774'; 'DEFAULT/metadata_listen_port': value => '9775'; + 'database/min_pool_size': value => '100'; + 'database/max_pool_size': value => '350'; + 'database/max_overflow': value => '700'; + 'database/retry_interval': value => '5'; + 'database/max_retries': value => '-1'; + 'database/db_max_retries': value => '3'; + 'database/db_retry_interval': value => '1'; + 'database/connection_debug': value => '10'; + + } + -> + nova_config {'DEFAULT/pool_timeout': + value => '120', + notify => Service['nova-api'] } - } - class { '::nova::api': - admin_password => $::openstack::config::nova_password, - auth_host => $controller_management_address, - enabled => $is_controller, - sync_db => $sync_db, - neutron_metadata_proxy_shared_secret => $::openstack::config::neutron_shared_secret, - } + class { '::nova::api': + admin_password => $::openstack::config::nova_password, + auth_host => $controller_management_address, + enabled => $is_controller, + sync_db => $sync_db, + neutron_metadata_proxy_shared_secret => $::openstack::config::neutron_shared_secret, + osapi_compute_workers => '40' + } + + class { '::nova::vncproxy': + host => $::openstack::config::controller_address_api, + enabled => $is_controller, + port => '6999', + } + + + } else { + class { '::nova::api': + admin_password => $::openstack::config::nova_password, + auth_host => $controller_management_address, + enabled => $is_controller, + sync_db => $sync_db, + neutron_metadata_proxy_shared_secret => $::openstack::config::neutron_shared_secret, + } + + class { '::nova::vncproxy': + host => $::openstack::config::controller_address_api, + enabled => $is_controller, + } - class { '::nova::vncproxy': - host => $::openstack::config::controller_address_api, - enabled => $is_controller, } class { [ @@ -77,8 +128,9 @@ class { '::nova::network::neutron': neutron_admin_password => $::openstack::config::neutron_password, neutron_region_name => $::openstack::config::region, - neutron_admin_auth_url => "http://${controller_management_address}:35357/v2.0", - neutron_url => "http://${controller_management_address}:9696", + #neutron_admin_auth_url => "http://${controller_management_address}:35357/v2.0", + neutron_admin_auth_url => "http://${contrail_neutron_server}:35357/v2.0", + neutron_url => "http://${contrail_neutron_server}:9696", vif_plugging_is_fatal => false, vif_plugging_timeout => '0', } diff --git a/contrail/environment/modules/openstack/manifests/profile/contrail/glance/api.pp b/contrail/environment/modules/openstack/manifests/profile/contrail/glance/api.pp index 28af8298..79d2d76c 100644 --- a/contrail/environment/modules/openstack/manifests/profile/contrail/glance/api.pp +++ b/contrail/environment/modules/openstack/manifests/profile/contrail/glance/api.pp @@ -4,7 +4,7 @@ class openstack::profile::contrail::glance::api { $api_network = $::openstack::config::network_api $api_address = ip_for_network($api_network) - + $sync_db = $::contrail::params::sync_db $management_network = $::openstack::config::network_management $management_address = ip_for_network($management_network) diff --git a/contrail/environment/modules/openstack/manifests/profile/contrail/nova/compute.pp b/contrail/environment/modules/openstack/manifests/profile/contrail/nova/compute.pp index 19a5077a..efb8bff9 100644 --- a/contrail/environment/modules/openstack/manifests/profile/contrail/nova/compute.pp +++ b/contrail/environment/modules/openstack/manifests/profile/contrail/nova/compute.pp @@ -5,20 +5,37 @@ $controller_management_address = $::openstack::config::controller_address_management + $internal_vip = $::contrail::params::internal_vip + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_management_address + $contrail_controller_mgmt_addr = $controller_management_address + + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + $contrail_controller_mgmt_addr = $::contrail::params::config_ip_list[0] + } + include contrail::compute -> class { '::nova::network::neutron': neutron_admin_password => $::openstack::config::neutron_password, neutron_region_name => $::openstack::config::region, - neutron_admin_auth_url => "http://${controller_management_address}:35357/v2.0", - neutron_url => "http://${controller_management_address}:9696", + neutron_admin_auth_url => "http://${contrail_controller_mgmt_addr}:35357/v2.0", + neutron_url => "http://${contrail_controller_mgmt_addr}:9696", vif_plugging_is_fatal => false, vif_plugging_timeout => '0', } -> nova_config { 'DEFAULT/rabbit_port': - value => '5673', + value => $contrail_rabbit_port, notify => Service['nova-compute'] } + nova_config { 'DEFAULT/rabbit_host': + value => $contrail_rabbit_host, + notify => Service['nova-compute'] + } + service {'nova-compute': ensure => 'running' } diff --git a/contrail/environment/modules/openstack/manifests/profile/glance/api.pp b/contrail/environment/modules/openstack/manifests/profile/glance/api.pp index 0347549b..c01ccbc6 100644 --- a/contrail/environment/modules/openstack/manifests/profile/glance/api.pp +++ b/contrail/environment/modules/openstack/manifests/profile/glance/api.pp @@ -5,6 +5,8 @@ $api_network = $::openstack::config::network_api $api_address = ip_for_network($api_network) + $sync_db = $::contrail::params::sync_db + $management_network = $::openstack::config::network_management $management_address = ip_for_network($management_network) @@ -13,6 +15,15 @@ $controller_address = $::openstack::config::controller_address_management + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_rabbit_port = "5673" + $contrail_rabbit_host = $controller_address + } else { + $contrail_rabbit_port = "5672" + $contrail_rabbit_host = $::contrail::params::config_ip_list[0] + } + + if $management_address != $explicit_management_address { fail("Glance Auth setup failed. The inferred location of Glance from the openstack::network::management hiera value is @@ -51,6 +62,8 @@ class { '::glance::notify::rabbitmq': rabbit_password => $::openstack::config::rabbitmq_password, rabbit_userid => $::openstack::config::rabbitmq_user, - rabbit_host => $::openstack::config::controller_address_management, + rabbit_host => $contrail_rabbit_host, + rabbit_port => $contrail_rabbit_port, + } } diff --git a/contrail/environment/modules/openstack/manifests/profile/horizon.pp b/contrail/environment/modules/openstack/manifests/profile/horizon.pp index aa25f45b..1d3ef984 100644 --- a/contrail/environment/modules/openstack/manifests/profile/horizon.pp +++ b/contrail/environment/modules/openstack/manifests/profile/horizon.pp @@ -1,9 +1,21 @@ # Profile to install the horizon web service class openstack::profile::horizon { + $internal_vip = $::contrail::params::internal_vip + + if ($internal_vip != "" and $internal_vip != undef) { + + $contrail_keystone_url = "http://${internal_vip}:5000/v2.0" + } else { + + $contrail_keystone_url = "http://127.0.0.1:5000/v2.0" + } + + class { '::horizon': fqdn => [ '127.0.0.1', $::openstack::config::controller_address_api, $::fqdn ], secret_key => $::openstack::config::horizon_secret_key, cache_server_ip => $::openstack::config::controller_address_management, + keystone_url => $contrail_keystone_url } diff --git a/contrail/environment/modules/openstack/manifests/profile/neutron/server.pp b/contrail/environment/modules/openstack/manifests/profile/neutron/server.pp index 0f211c91..3da73ea3 100644 --- a/contrail/environment/modules/openstack/manifests/profile/neutron/server.pp +++ b/contrail/environment/modules/openstack/manifests/profile/neutron/server.pp @@ -7,5 +7,6 @@ include ::openstack::common::neutron include ::openstack::common::ovs - Class['::neutron::db::mysql'] -> Exec['neutron-db-sync'] +# Run the db at openstack node +# Class['::neutron::db::mysql'] -> Exec['neutron-db-sync'] } diff --git a/contrail/environment/modules/openstack/manifests/profile/nova/api.pp b/contrail/environment/modules/openstack/manifests/profile/nova/api.pp index 3c0bed01..02dbe712 100644 --- a/contrail/environment/modules/openstack/manifests/profile/nova/api.pp +++ b/contrail/environment/modules/openstack/manifests/profile/nova/api.pp @@ -15,12 +15,13 @@ notify { "openstack::common::nova - compute_ip_list = $compute_ip_list":;} notify { "openstack::common::nova - host_ip = $host_ip":;} - if ($tmp_index != nil) { + if ($tmp_index != nil and $tmp_index != undef and $tmp_index != "" ) { $contrail_is_compute = true } else { $contrail_is_compute = false } notify { "openstack::common::nova -contrail_is_compute = $contrail_is_compute":;} + notify { "openstack::common::nova - tmp_index = X$tmp_index X":;} notify { "openstack::common::nova - controller_management_address = $controller_management_address":; } class { '::openstack::common::nova' : diff --git a/contrail/environment/modules/openstack/manifests/profile/provision.pp b/contrail/environment/modules/openstack/manifests/profile/provision.pp index 5e48cacf..deccb097 100644 --- a/contrail/environment/modules/openstack/manifests/profile/provision.pp +++ b/contrail/environment/modules/openstack/manifests/profile/provision.pp @@ -2,6 +2,16 @@ class openstack::profile::provision { require ::openstack::profile::keystone + $internal_vip = $::contrail::params::internal_vip + + if ($internal_vip != "" and $internal_vip != undef) { + $contrail_controller_address_api = $::openstack::config::controller_address_api + $contrail_controller_address_management = $::openstack::config::controller_address_management + } else { + $contrail_controller_address_api = $::contrail::params::config_ip_list[0] + $contrail_controller_address_management = $::contrail::params::config_ip_list[0] + } + $tenants = $::openstack::config::keystone_tenants $users = $::openstack::config::keystone_users class { 'keystone::endpoint': @@ -34,9 +44,9 @@ } class { '::neutron::keystone::auth': password => $::openstack::config::neutron_password, - public_address => $::openstack::config::controller_address_api, - admin_address => $::openstack::config::controller_address_management, - internal_address => $::openstack::config::controller_address_management, + public_address => $contrail_controller_address_api, + admin_address => $contrail_controller_address_management, + internal_address => $contrail_controller_address_management, region => $::openstack::config::region, } # class { '::ceilometer::agent::auth': diff --git a/contrail/environment/modules/openstack/manifests/resources/connectors.pp b/contrail/environment/modules/openstack/manifests/resources/connectors.pp index a4e06b4f..621fe537 100644 --- a/contrail/environment/modules/openstack/manifests/resources/connectors.pp +++ b/contrail/environment/modules/openstack/manifests/resources/connectors.pp @@ -1,6 +1,14 @@ class openstack::resources::connectors { + $internal_vip = $::contrail::params::internal_vip + + if ($internal_vip != "" and $internal_vip != undef) { + $mysql_port = "33306" + $management_ip_address = $::openstack::config::controller_address_management + $management_address = "${management_ip_address}:${mysql_port}" + } else { + $management_address = $::openstack::config::controller_address_management + } - $management_address = $::openstack::config::controller_address_management $password = $::openstack::config::mysql_service_password $keystone = "mysql://keystone:${password}@${management_address}/keystone"