diff --git a/contrail/environment/modules/contrail/manifests/init.pp b/contrail/environment/modules/contrail/manifests/init.pp index 97c244c6..ecb12dd4 100644 --- a/contrail/environment/modules/contrail/manifests/init.pp +++ b/contrail/environment/modules/contrail/manifests/init.pp @@ -583,6 +583,11 @@ # List of host names of all the servers in cluster configured to # be provisioned with global controller package. # +# [*ext_global_controller_ip*] +# ip address of the global controller that will control this region/cluster +# +# [*ext_global_controller_port*] +# external global controller port class contrail ( $host_ip = undef, $uuid = undef, @@ -752,6 +757,8 @@ $config_manage_db = true, $global_controller_ip_list = undef, $global_controller_name_list = undef, + $ext_global_controller_ip = undef, + $ext_global_controller_port = undef, $rabbit_ssl_support = false, $config_amqp_use_ssl = undef, $os_amqp_use_ssl = undef, @@ -815,6 +822,8 @@ #Global Controller Parameters global_controller_ip_list => hiera(contrail::global_controller::global_controller_ip_list, $global_controller_ip_list), global_controller_name_list => hiera(contrail::global_controller::global_controller_name_list, $global_controller_name_list), + ext_global_controller_ip => hiera(contrail::global_controller::external_global_controller_ip, hiera(contrail::params::ext_global_controller_ip, $ext_global_controller_ip)), + ext_global_controller_port => hiera(contrail::global_controller::external_global_controller_port, hiera(contrail::params::ext_global_controller_port, $ext_global_controller_port)), # Openstack Parameters openstack_controller_address_api => hiera(openstack::controller::address::api, hiera(contrail::params::openstack_controller_address_api, $openstack_controller_address_api)), openstack_controller_address_management => hiera(openstack::controller::address::management, hiera(contrail::params::openstack_controller_address_management, $openstack_controller_address_management)), diff --git a/contrail/environment/modules/contrail/manifests/params.pp b/contrail/environment/modules/contrail/manifests/params.pp index 3dfb2e19..e1dbfd27 100644 --- a/contrail/environment/modules/contrail/manifests/params.pp +++ b/contrail/environment/modules/contrail/manifests/params.pp @@ -764,6 +764,8 @@ $user_ceph_config, $global_controller_ip_list, $global_controller_name_list, + $ext_global_controller_ip, + $ext_global_controller_port, $rabbit_ssl_support, $config_amqp_ssl, $openstack_amqp_ssl, diff --git a/contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp b/contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp new file mode 100644 index 00000000..eb81acd1 --- /dev/null +++ b/contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp @@ -0,0 +1,74 @@ +# == Class: global_controller::keystone::auth +# +# This class is used to create keystone endpoints required for contrail global controller +# + +class contrail::profile::global_controller::keystone::auth ( + $password = $::contrail::params::keystone_admin_password, + $region = $::contrail::params::os_region, + $api_server_ip = $::contrail::params::config_ip_to_use, + $api_server_port = '8082', + $opserver_ip = $::contrail::params::collector_ip_to_use, + $opserver_port = '8081', + $cgc_ip = $::contrail::params::ext_global_controller_ip, + $cgc_port = $::contrail::params::ext_global_controller_port, + $email = 'gcg@localhost', + $tenant = 'services', + $configure_endpoint = true, + $configure_user = false, + $configure_user_role = false, +) { + + $api_public_url = "http://${api_server_ip}:${api_server_port}" + $api_internal_url = $api_public_url + $opserver_public_url = "http://${opserver_ip}:${opserver_port}" + $opserver_internal_url = $opserver_public_url + $cgc_public_url = "http://${cgc_ip}:${cgc_port}" + $cgc_internal_url = $cgc_public_url + + keystone::resource::service_identity { 'apiserver': + configure_user => $configure_user, + configure_user_role => $configure_user_role, + configure_endpoint => $configure_endpoint, + service_type => 'apiserver', + service_description => 'Contrail Api Server', + service_name => 'apiserver', + region => $region, + password => $password, + email => $email, + tenant => $tenant, + public_url => $api_public_url, + internal_url => $api_internal_url, + } + + keystone::resource::service_identity { 'opserver': + configure_user => $configure_user, + configure_user_role => $configure_user_role, + configure_endpoint => $configure_endpoint, + service_type => 'opserver', + service_description => 'Contrail OpServer', + service_name => 'opserver', + region => $region, + password => $password, + email => $email, + tenant => $tenant, + public_url => $opserver_public_url, + internal_url => $opserver_internal_url, + } + + keystone::resource::service_identity { 'cgc': + configure_user => $configure_user, + configure_user_role => $configure_user_role, + configure_endpoint => $configure_endpoint, + service_type => 'cgc', + service_description => 'Contrail Global Controller', + service_name => 'cgc', + region => $region, + password => $password, + email => $email, + tenant => $tenant, + public_url => $cgc_public_url, + internal_url => $cgc_internal_url, + } +} + diff --git a/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp b/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp index b57accf5..ddcb0da9 100644 --- a/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp +++ b/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp @@ -119,4 +119,12 @@ internal_address => $openstack_ip_to_use, region => $region_name, } + # if cluster has global-controller referenced provision these endpoints + $cgc_ip = $::contrail::params::ext_global_controller_ip + $cgc_port = $::contrail::params::ext_global_controller_port + if (($cgc_ip != '') and ($cgc_port != '')) { + contain ::contrail::profile::global_controller::keystone::auth + Class['::heat::keystone::auth_cfn'] -> + Class['::contrail::profile::global_controller::keystone::auth'] + } } diff --git a/contrail/environment/modules/contrail/manifests/webui/config.pp b/contrail/environment/modules/contrail/manifests/webui/config.pp index d857d88b..2a209c11 100644 --- a/contrail/environment/modules/contrail/manifests/webui/config.pp +++ b/contrail/environment/modules/contrail/manifests/webui/config.pp @@ -10,6 +10,8 @@ $openstack_ip_to_use = $::contrail::params::openstack_ip_to_use, $webui_key_file_path = $::contrail::params::webui_key_file_path, $webui_cert_file_path = $::contrail::params::webui_cert_file_path, + $ext_global_controller_ip = $::contrail::params::ext_global_controller_ip, + $ext_global_controller_port = $::contrail::params::ext_global_controller_port, ) { if ($is_storage_master) { diff --git a/contrail/environment/modules/contrail/templates/config.global.js.erb b/contrail/environment/modules/contrail/templates/config.global.js.erb index 7dad091b..551f7a7a 100644 --- a/contrail/environment/modules/contrail/templates/config.global.js.erb +++ b/contrail/environment/modules/contrail/templates/config.global.js.erb @@ -275,3 +275,12 @@ module.exports = config; config.server_options = {}; config.server_options.key_file = '<%= @webui_key_file_path %>'; config.server_options.cert_file = '<%= @webui_cert_file_path %>'; + +/* Parameters for global controller */ +<% if @ext_global_controller_ip != "" -%> +config.serviceEndPointFromConfig = false; +config.regionsFromConfig = true; +config.gohan = {}; +config.gohan.url = "http://<%= @ext_global_controller_ip %>:<%= @ext_global_controller_port %>"; +<% end -%> +