From 26fd76f50b426594c688b62b0e9d2902ddd143f8 Mon Sep 17 00:00:00 2001
From: Kamlesh Parmar <kparmar@juniper.net>
Date: Thu, 1 Dec 2016 21:27:11 -0800
Subject: [PATCH] Closes-Bug: #1643072 create apiserver, opserver and
 global-controller keystone endpoints. Add webui config parameters, if global
 controller is specified in cluster.json. Specify global-controller ip and
 port that serves this region/cluster.

{
    "cluster": [
        {
            "id": "cluster-cgc",
            "parameters": {
                "provision": {
                    "contrail": {
                        "database": {
                            "minimum_diskGB": 32
                        },
                        "global_controller": {
                            "external_global_controller_ip": "1.1.1.1",
                            "external_global_controller_port": "1111"
                        }
                    },
                    "kernel_upgrade": false
                }
            }
        }
    ]
}
Endpoints and services created as below:

root@ctrl1-v2:~# keystone service-list
+----------------------------------+------------+----------------+----------------------------------+
|                id                |    name    |      type      |           description            |
+----------------------------------+------------+----------------+----------------------------------+
| 3a5f9a58bb9843a598de9878ba3e4711 | apiserver  |   apiserver    |       Contrail Api Server        |
| 07f20b44d6a44ffd95bbd8606b135093 | ceilometer |    metering    |    Openstack Metering Service    |
| c7ceadcff4bc4be4b88dd964907b867c |    cgc     |      cgc       |    Contrail Global Controller    |
| 4b27ac82c49047d0b5574d3ad9a1dbd8 |   cinder   |     volume     |          Cinder Service          |
| df79672e53b642b2846a0e0edd3ec38d |  cinderv2  |    volumev2    |        Cinder Service v2         |
| 6a74316d2881469baa8db58ac2546c41 |   glance   |     image      |     OpenStack Image Service      |
| 9dda6e7eed0540ffb776cefb47171406 |    heat    | orchestration  | Openstack Orchestration Service  |
| 43f71095e9f54b548f2a7fb4172e70b8 |  heat-cfn  | cloudformation | Openstack Cloudformation Service |
| c531333ea67641deb3faa6337340d8d4 |  keystone  |    identity    |    OpenStack Identity Service    |
| 86538821bb254abe94baa71a8f251339 |  neutron   |    network     |    Neutron Networking Service    |
| 8cbcd86a6302454f9b76fddb0b1e7899 |    nova    |    compute     |    Openstack Compute Service     |
| 1f15926ca39843c69f10c24b2ceef246 |  nova_ec2  |      ec2       |           EC2 Service            |
| 43bd254a4e85468297df8fa704c63915 |   novav3   |   computev3    |   Openstack Compute Service v3   |
| eb90cd2f4e5f490890bd00c4dd94c2f4 |  opserver  |    opserver    |        Contrail OpServer         |

Endpoints:

| 1dbe34a2a3f24617805278ea08c8bda3 | RegionOne |         http://192.168.100.121:8082          |         http://192.168.100.121:8082          |                                              | 3a5f9a58bb9843a598de9878ba3e4711 |
| 1fd39112d0c948ba8be4709bf7fb5930 | RegionOne |             http://1.1.1.1:1111              |             http://1.1.1.1:1111              |                                              | c7ceadcff4bc4be4b88dd964907b867c |
| 51e2636d39264bfe8ea106d3d21d4cbb | RegionOne |         http://192.168.100.121:8081          |         http://192.168.100.121:8081          |                                              | eb90cd2f4e5f490890bd00c4dd94c2f4 |

Change-Id: Ia3c333b8241e63305a9ae1fac69adf02337c86ee
---
 .../modules/contrail/manifests/init.pp        |  9 +++
 .../modules/contrail/manifests/params.pp      |  2 +
 .../global_controller/keystone/auth.pp        | 74 +++++++++++++++++++
 .../manifests/profile/openstack/provision.pp  |  8 ++
 .../contrail/manifests/webui/config.pp        |  2 +
 .../contrail/templates/config.global.js.erb   |  9 +++
 6 files changed, 104 insertions(+)
 create mode 100644 contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp

diff --git a/contrail/environment/modules/contrail/manifests/init.pp b/contrail/environment/modules/contrail/manifests/init.pp
index 33ea9ccd..d894a0b3 100644
--- a/contrail/environment/modules/contrail/manifests/init.pp
+++ b/contrail/environment/modules/contrail/manifests/init.pp
@@ -578,6 +578,11 @@
 #     List of host names of all the servers in cluster configured to
 #     be provisioned with global controller package.
 #
+# [*ext_global_controller_ip*]
+#     ip address of the global controller that will control this region/cluster
+#
+# [*ext_global_controller_port*]
+#     external global controller port
 class contrail (
     $host_ip = undef,
     $uuid = undef,
@@ -746,6 +751,8 @@
     $config_manage_db = true,
     $global_controller_ip_list = undef,
     $global_controller_name_list = undef,
+    $ext_global_controller_ip = undef,
+    $ext_global_controller_port = undef,
     $rabbit_ssl_support = false,
     $config_amqp_use_ssl = undef,
     $os_amqp_use_ssl = undef,
@@ -809,6 +816,8 @@
         #Global Controller Parameters
         global_controller_ip_list =>            hiera(contrail::global_controller::global_controller_ip_list, $global_controller_ip_list),
         global_controller_name_list =>          hiera(contrail::global_controller::global_controller_name_list, $global_controller_name_list),
+        ext_global_controller_ip =>                 hiera(contrail::global_controller::external_global_controller_ip, hiera(contrail::params::ext_global_controller_ip, $ext_global_controller_ip)),
+        ext_global_controller_port =>               hiera(contrail::global_controller::external_global_controller_port, hiera(contrail::params::ext_global_controller_port, $ext_global_controller_port)),
         # Openstack Parameters
 	openstack_controller_address_api =>     hiera(openstack::controller::address::api, hiera(contrail::params::openstack_controller_address_api, $openstack_controller_address_api)),
 	openstack_controller_address_management => hiera(openstack::controller::address::management, hiera(contrail::params::openstack_controller_address_management, $openstack_controller_address_management)),
diff --git a/contrail/environment/modules/contrail/manifests/params.pp b/contrail/environment/modules/contrail/manifests/params.pp
index 8e5bd8bb..ad97b8ca 100644
--- a/contrail/environment/modules/contrail/manifests/params.pp
+++ b/contrail/environment/modules/contrail/manifests/params.pp
@@ -763,6 +763,8 @@
     $user_ceph_config,
     $global_controller_ip_list,
     $global_controller_name_list,
+    $ext_global_controller_ip,
+    $ext_global_controller_port,
     $rabbit_ssl_support,
     $config_amqp_ssl,
     $openstack_amqp_ssl,
diff --git a/contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp b/contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp
new file mode 100644
index 00000000..eb81acd1
--- /dev/null
+++ b/contrail/environment/modules/contrail/manifests/profile/global_controller/keystone/auth.pp
@@ -0,0 +1,74 @@
+# == Class: global_controller::keystone::auth
+#
+# This class is used to create keystone endpoints required for contrail global controller
+#
+
+class contrail::profile::global_controller::keystone::auth (
+  $password = $::contrail::params::keystone_admin_password,
+  $region   = $::contrail::params::os_region,
+  $api_server_ip = $::contrail::params::config_ip_to_use,
+  $api_server_port = '8082',
+  $opserver_ip = $::contrail::params::collector_ip_to_use,
+  $opserver_port = '8081',
+  $cgc_ip = $::contrail::params::ext_global_controller_ip,
+  $cgc_port = $::contrail::params::ext_global_controller_port,
+  $email               = 'gcg@localhost',
+  $tenant              = 'services',
+  $configure_endpoint  = true,
+  $configure_user      = false,
+  $configure_user_role = false,
+) {
+
+  $api_public_url = "http://${api_server_ip}:${api_server_port}"
+  $api_internal_url = $api_public_url
+  $opserver_public_url = "http://${opserver_ip}:${opserver_port}"
+  $opserver_internal_url = $opserver_public_url
+  $cgc_public_url = "http://${cgc_ip}:${cgc_port}"
+  $cgc_internal_url = $cgc_public_url
+
+  keystone::resource::service_identity { 'apiserver':
+    configure_user      => $configure_user,
+    configure_user_role => $configure_user_role,
+    configure_endpoint  => $configure_endpoint,
+    service_type        => 'apiserver',
+    service_description => 'Contrail Api Server',
+    service_name        => 'apiserver',
+    region              => $region,
+    password            => $password,
+    email               => $email,
+    tenant              => $tenant,
+    public_url          => $api_public_url,
+    internal_url        => $api_internal_url,
+  }
+
+  keystone::resource::service_identity { 'opserver':
+    configure_user      => $configure_user,
+    configure_user_role => $configure_user_role,
+    configure_endpoint  => $configure_endpoint,
+    service_type        => 'opserver',
+    service_description => 'Contrail OpServer',
+    service_name        => 'opserver',
+    region              => $region,
+    password            => $password,
+    email               => $email,
+    tenant              => $tenant,
+    public_url          => $opserver_public_url,
+    internal_url        => $opserver_internal_url,
+  }
+
+  keystone::resource::service_identity { 'cgc':
+    configure_user      => $configure_user,
+    configure_user_role => $configure_user_role,
+    configure_endpoint  => $configure_endpoint,
+    service_type        => 'cgc',
+    service_description => 'Contrail Global Controller',
+    service_name        => 'cgc',
+    region              => $region,
+    password            => $password,
+    email               => $email,
+    tenant              => $tenant,
+    public_url          => $cgc_public_url,
+    internal_url        => $cgc_internal_url,
+  }
+}
+
diff --git a/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp b/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp
index ab1e434d..7b9b37ef 100644
--- a/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp
+++ b/contrail/environment/modules/contrail/manifests/profile/openstack/provision.pp
@@ -96,4 +96,12 @@
     internal_address => $openstack_ip_to_use,
     region           => $region_name,
   }
+  # if cluster has global-controller referenced provision these endpoints
+  $cgc_ip = $::contrail::params::ext_global_controller_ip
+  $cgc_port = $::contrail::params::ext_global_controller_port 
+  if (($cgc_ip != '') and ($cgc_port != '')) {
+    contain ::contrail::profile::global_controller::keystone::auth
+    Class['::heat::keystone::auth_cfn'] ->
+    Class['::contrail::profile::global_controller::keystone::auth']
+  }
 }
diff --git a/contrail/environment/modules/contrail/manifests/webui/config.pp b/contrail/environment/modules/contrail/manifests/webui/config.pp
index d857d88b..2a209c11 100644
--- a/contrail/environment/modules/contrail/manifests/webui/config.pp
+++ b/contrail/environment/modules/contrail/manifests/webui/config.pp
@@ -10,6 +10,8 @@
     $openstack_ip_to_use = $::contrail::params::openstack_ip_to_use,
     $webui_key_file_path = $::contrail::params::webui_key_file_path,
     $webui_cert_file_path = $::contrail::params::webui_cert_file_path,
+    $ext_global_controller_ip = $::contrail::params::ext_global_controller_ip,
+    $ext_global_controller_port = $::contrail::params::ext_global_controller_port,
 ) {
 
     if ($is_storage_master) {
diff --git a/contrail/environment/modules/contrail/templates/config.global.js.erb b/contrail/environment/modules/contrail/templates/config.global.js.erb
index 7dad091b..551f7a7a 100644
--- a/contrail/environment/modules/contrail/templates/config.global.js.erb
+++ b/contrail/environment/modules/contrail/templates/config.global.js.erb
@@ -275,3 +275,12 @@ module.exports = config;
 config.server_options = {};
 config.server_options.key_file = '<%= @webui_key_file_path %>';
 config.server_options.cert_file = '<%= @webui_cert_file_path %>';
+
+/* Parameters for global controller */
+<% if @ext_global_controller_ip != "" -%>
+config.serviceEndPointFromConfig = false;
+config.regionsFromConfig = true;
+config.gohan = {};
+config.gohan.url = "http://<%= @ext_global_controller_ip %>:<%= @ext_global_controller_port %>";
+<% end -%>
+