diff --git a/Puppetfile b/Puppetfile index acc9b213e..500d52272 100644 --- a/Puppetfile +++ b/Puppetfile @@ -31,7 +31,7 @@ mod 'galera', :git => 'https://github.com/rohara/puppet-galera.git' mod 'glance', - :commit => '916a90ebdc3e9fafe956b12dcaa0e0ce3e7e3f04', + :commit => '24d5c3425f6016e9eb6447a4041a7419eada3d31', :git => 'https://github.com/stackforge/puppet-glance.git' mod 'gluster', @@ -43,11 +43,11 @@ mod 'haproxy', :git => 'https://github.com/puppetlabs/puppetlabs-haproxy.git' mod 'heat', - :commit => '45a35dc2ec5f01bd79189ada881d083e1a51413b', + :commit => 'd1479219e946bc9cc7fb08d60de9f3ec85cb7176', :git => 'https://github.com/stackforge/puppet-heat.git' mod 'horizon', - :commit => '351c711004ccd9815e9a0d153bc5452461f7852d', + :commit => '353c372d582167d5635b1b2ee9474cf6822db032', :git => 'https://github.com/stackforge/puppet-horizon.git' mod 'inifile', @@ -87,11 +87,11 @@ mod 'nagios', :git => 'https://github.com/gildub/puppet-nagios-openstack.git' mod 'neutron', - :commit => '663b4b16d22f78dbbb89c58170690a3c0a1e0ff2', + :commit => 'bbecaab2ff2d755e8c19e50458bbbd1b7e43fb2a', :git => 'https://github.com/stackforge/puppet-neutron.git' mod 'nova', - :commit => '261ae911fc5c325f6dd739a9b05f508a80a25034', + :commit => '0d1a71f4f6f59c7ec87d571dc63707e200f753b2', :git => 'https://github.com/stackforge/puppet-nova.git' mod 'nssdb', @@ -151,7 +151,7 @@ mod 'stdlib', :git => 'https://github.com/puppetlabs/puppetlabs-stdlib.git' mod 'swift', - :commit => '2193831dd787e9b24382c588dfa49917bcf47262', + :commit => '54fdb8474245deebc7f4a04cd74caf061a4e90f2', :git => 'https://github.com/stackforge/puppet-swift.git' mod 'sysctl', diff --git a/glance/manifests/api.pp b/glance/manifests/api.pp index b033103b0..0b9c21532 100644 --- a/glance/manifests/api.pp +++ b/glance/manifests/api.pp @@ -290,11 +290,11 @@ # known_stores config if $known_stores { glance_api_config { - 'DEFAULT/known_stores': value => join($known_stores, ','); + 'glance_store/stores': value => join($known_stores, ','); } } else { glance_api_config { - 'DEFAULT/known_stores': ensure => absent; + 'glance_store/stores': ensure => absent; } } diff --git a/glance/manifests/backend/cinder.pp b/glance/manifests/backend/cinder.pp index adb680096..75507d7f5 100644 --- a/glance/manifests/backend/cinder.pp +++ b/glance/manifests/backend/cinder.pp @@ -71,7 +71,7 @@ 'DEFAULT/cinder_api_insecure': value => $cinder_api_insecure; 'DEFAULT/cinder_catalog_info': value => $cinder_catalog_info; 'DEFAULT/cinder_http_retries': value => $cinder_http_retries; - 'DEFAULT/default_store': value => 'cinder'; + 'glance_store/default_store': value => 'cinder'; } glance_cache_config { diff --git a/glance/manifests/backend/file.pp b/glance/manifests/backend/file.pp index 9c27719ba..0eb2dcd2b 100644 --- a/glance/manifests/backend/file.pp +++ b/glance/manifests/backend/file.pp @@ -9,11 +9,11 @@ ) inherits glance::api { glance_api_config { - 'DEFAULT/default_store': value => 'file'; - 'DEFAULT/filesystem_store_datadir': value => $filesystem_store_datadir; + 'glance_store/default_store': value => 'file'; + 'glance_store/filesystem_store_datadir': value => $filesystem_store_datadir; } glance_cache_config { - 'DEFAULT/filesystem_store_datadir': value => $filesystem_store_datadir; + 'glance_store/filesystem_store_datadir': value => $filesystem_store_datadir; } } diff --git a/glance/manifests/backend/rbd.pp b/glance/manifests/backend/rbd.pp index 9ff56de7c..a19324f4d 100644 --- a/glance/manifests/backend/rbd.pp +++ b/glance/manifests/backend/rbd.pp @@ -34,11 +34,11 @@ } glance_api_config { - 'DEFAULT/default_store': value => 'rbd'; 'DEFAULT/rbd_store_ceph_conf': value => $rbd_store_ceph_conf; 'DEFAULT/rbd_store_user': value => $rbd_store_user; 'DEFAULT/rbd_store_pool': value => $rbd_store_pool; 'DEFAULT/rbd_store_chunk_size': value => $rbd_store_chunk_size; + 'glance_store/default_store': value => 'rbd'; } package { 'python-ceph': diff --git a/glance/manifests/backend/swift.pp b/glance/manifests/backend/swift.pp index 883125785..4ce897dc1 100644 --- a/glance/manifests/backend/swift.pp +++ b/glance/manifests/backend/swift.pp @@ -26,12 +26,12 @@ ) { glance_api_config { - 'DEFAULT/default_store': value => 'swift'; - 'DEFAULT/swift_store_user': value => $swift_store_user; - 'DEFAULT/swift_store_key': value => $swift_store_key; - 'DEFAULT/swift_store_auth_address': value => $swift_store_auth_address; - 'DEFAULT/swift_store_container': value => $swift_store_container; - 'DEFAULT/swift_store_auth_version': value => $swift_store_auth_version; + 'glance_store/default_store': value => 'swift'; + 'glance_store/swift_store_user': value => $swift_store_user; + 'glance_store/swift_store_key': value => $swift_store_key; + 'glance_store/swift_store_auth_address': value => $swift_store_auth_address; + 'DEFAULT/swift_store_container': value => $swift_store_container; + 'DEFAULT/swift_store_auth_version': value => $swift_store_auth_version; 'DEFAULT/swift_store_create_container_on_put': value => $swift_store_create_container_on_put; 'DEFAULT/swift_store_large_object_size': @@ -39,11 +39,11 @@ } glance_cache_config { - 'DEFAULT/swift_store_user': value => $swift_store_user; - 'DEFAULT/swift_store_key': value => $swift_store_key; - 'DEFAULT/swift_store_auth_address': value => $swift_store_auth_address; - 'DEFAULT/swift_store_container': value => $swift_store_container; - 'DEFAULT/swift_store_auth_version': value => $swift_store_auth_version; + 'glance_store/swift_store_user': value => $swift_store_user; + 'glance_store/swift_store_key': value => $swift_store_key; + 'glance_store/swift_store_auth_address': value => $swift_store_auth_address; + 'DEFAULT/swift_store_container': value => $swift_store_container; + 'DEFAULT/swift_store_auth_version': value => $swift_store_auth_version; 'DEFAULT/swift_store_create_container_on_put': value => $swift_store_create_container_on_put; 'DEFAULT/swift_store_large_object_size': diff --git a/glance/spec/classes/glance_api_spec.rb b/glance/spec/classes/glance_api_spec.rb index 7cbc9946a..aa937c3e1 100644 --- a/glance/spec/classes/glance_api_spec.rb +++ b/glance/spec/classes/glance_api_spec.rb @@ -324,7 +324,7 @@ default_params end - it { should_not contain_glance_api_config('DEFAULT/known_stores').with_value('false') } + it { should_not contain_glance_api_config('glance_store/stores').with_value('false') } end describe 'with known_stores override' do @@ -334,7 +334,7 @@ }) end - it { should contain_glance_api_config('DEFAULT/known_stores').with_value("glance.store.filesystem.Store,glance.store.http.Store") } + it { should contain_glance_api_config('glance_store/stores').with_value("glance.store.filesystem.Store,glance.store.http.Store") } end describe 'with deprecated sql parameters' do diff --git a/glance/spec/classes/glance_backend_cinder_spec.rb b/glance/spec/classes/glance_backend_cinder_spec.rb index 55c82d526..bc4b43c21 100644 --- a/glance/spec/classes/glance_backend_cinder_spec.rb +++ b/glance/spec/classes/glance_backend_cinder_spec.rb @@ -31,7 +31,7 @@ context 'when default parameters' do it 'configures glance-api.conf' do - should contain_glance_api_config('DEFAULT/default_store').with_value('cinder') + should contain_glance_api_config('glance_store/default_store').with_value('cinder') should contain_glance_api_config('DEFAULT/cinder_api_insecure').with_value(false) should contain_glance_api_config('DEFAULT/cinder_catalog_info').with_value('volume:cinder:publicURL') should contain_glance_api_config('DEFAULT/cinder_http_retries').with_value('3') @@ -58,7 +58,7 @@ } end it 'configures glance-api.conf' do - should contain_glance_api_config('DEFAULT/default_store').with_value('cinder') + should contain_glance_api_config('glance_store/default_store').with_value('cinder') should contain_glance_api_config('DEFAULT/cinder_api_insecure').with_value(true) should contain_glance_api_config('DEFAULT/cinder_ca_certificates_file').with_value('/etc/ssh/ca.crt') should contain_glance_api_config('DEFAULT/cinder_catalog_info').with_value('volume:cinder:internalURL') diff --git a/glance/spec/classes/glance_backend_file_spec.rb b/glance/spec/classes/glance_backend_file_spec.rb index fac7fcf46..5a3b5c4e0 100644 --- a/glance/spec/classes/glance_backend_file_spec.rb +++ b/glance/spec/classes/glance_backend_file_spec.rb @@ -10,12 +10,12 @@ end it 'configures glance-api.conf' do - should contain_glance_api_config('DEFAULT/default_store').with_value('file') - should contain_glance_api_config('DEFAULT/filesystem_store_datadir').with_value('/var/lib/glance/images/') + should contain_glance_api_config('glance_store/default_store').with_value('file') + should contain_glance_api_config('glance_store/filesystem_store_datadir').with_value('/var/lib/glance/images/') end it 'configures glance-cache.conf' do - should contain_glance_cache_config('DEFAULT/filesystem_store_datadir').with_value('/var/lib/glance/images/') + should contain_glance_cache_config('glance_store/filesystem_store_datadir').with_value('/var/lib/glance/images/') end describe 'when overriding datadir' do @@ -24,11 +24,11 @@ end it 'configures glance-api.conf' do - should contain_glance_api_config('DEFAULT/filesystem_store_datadir').with_value('/tmp/') + should contain_glance_api_config('glance_store/filesystem_store_datadir').with_value('/tmp/') end it 'configures glance-cache.conf' do - should contain_glance_cache_config('DEFAULT/filesystem_store_datadir').with_value('/tmp/') + should contain_glance_cache_config('glance_store/filesystem_store_datadir').with_value('/tmp/') end end end diff --git a/glance/spec/classes/glance_backend_rbd_spec.rb b/glance/spec/classes/glance_backend_rbd_spec.rb index f78b61e83..d831304cf 100644 --- a/glance/spec/classes/glance_backend_rbd_spec.rb +++ b/glance/spec/classes/glance_backend_rbd_spec.rb @@ -14,7 +14,7 @@ } end - it { should contain_glance_api_config('DEFAULT/default_store').with_value('rbd') } + it { should contain_glance_api_config('glance_store/default_store').with_value('rbd') } it { should contain_glance_api_config('DEFAULT/rbd_store_pool').with_value('images') } it { should contain_glance_api_config('DEFAULT/rbd_store_ceph_conf').with_value('/etc/ceph/ceph.conf') } it { should contain_glance_api_config('DEFAULT/rbd_store_chunk_size').with_value('8') } diff --git a/glance/spec/classes/glance_backend_swift_spec.rb b/glance/spec/classes/glance_backend_swift_spec.rb index 0c5569a90..ddd946c9b 100644 --- a/glance/spec/classes/glance_backend_swift_spec.rb +++ b/glance/spec/classes/glance_backend_swift_spec.rb @@ -21,22 +21,22 @@ describe 'when default parameters' do it 'configures glance-api.conf' do - should contain_glance_api_config('DEFAULT/default_store').with_value('swift') - should contain_glance_api_config('DEFAULT/swift_store_key').with_value('key') - should contain_glance_api_config('DEFAULT/swift_store_user').with_value('user') + should contain_glance_api_config('glance_store/default_store').with_value('swift') + should contain_glance_api_config('glance_store/swift_store_key').with_value('key') + should contain_glance_api_config('glance_store/swift_store_user').with_value('user') should contain_glance_api_config('DEFAULT/swift_store_auth_version').with_value('2') should contain_glance_api_config('DEFAULT/swift_store_large_object_size').with_value('5120') - should contain_glance_api_config('DEFAULT/swift_store_auth_address').with_value('127.0.0.1:5000/v2.0/') + should contain_glance_api_config('glance_store/swift_store_auth_address').with_value('127.0.0.1:5000/v2.0/') should contain_glance_api_config('DEFAULT/swift_store_container').with_value('glance') should contain_glance_api_config('DEFAULT/swift_store_create_container_on_put').with_value(false) end it 'configures glance-cache.conf' do - should contain_glance_cache_config('DEFAULT/swift_store_key').with_value('key') - should contain_glance_cache_config('DEFAULT/swift_store_user').with_value('user') + should contain_glance_cache_config('glance_store/swift_store_key').with_value('key') + should contain_glance_cache_config('glance_store/swift_store_user').with_value('user') should contain_glance_cache_config('DEFAULT/swift_store_auth_version').with_value('2') should contain_glance_cache_config('DEFAULT/swift_store_large_object_size').with_value('5120') - should contain_glance_cache_config('DEFAULT/swift_store_auth_address').with_value('127.0.0.1:5000/v2.0/') + should contain_glance_cache_config('glance_store/swift_store_auth_address').with_value('127.0.0.1:5000/v2.0/') should contain_glance_cache_config('DEFAULT/swift_store_container').with_value('glance') should contain_glance_cache_config('DEFAULT/swift_store_create_container_on_put').with_value(false) end @@ -60,7 +60,7 @@ should contain_glance_api_config('DEFAULT/swift_store_create_container_on_put').with_value(true) should contain_glance_api_config('DEFAULT/swift_store_auth_version').with_value('1') should contain_glance_api_config('DEFAULT/swift_store_large_object_size').with_value('100') - should contain_glance_api_config('DEFAULT/swift_store_auth_address').with_value('127.0.0.2:8080/v1.0/') + should contain_glance_api_config('glance_store/swift_store_auth_address').with_value('127.0.0.2:8080/v1.0/') end it 'configures glance-cache.conf' do @@ -68,7 +68,7 @@ should contain_glance_cache_config('DEFAULT/swift_store_create_container_on_put').with_value(true) should contain_glance_cache_config('DEFAULT/swift_store_auth_version').with_value('1') should contain_glance_cache_config('DEFAULT/swift_store_large_object_size').with_value('100') - should contain_glance_cache_config('DEFAULT/swift_store_auth_address').with_value('127.0.0.2:8080/v1.0/') + should contain_glance_cache_config('glance_store/swift_store_auth_address').with_value('127.0.0.2:8080/v1.0/') end end end diff --git a/heat/manifests/api-cfn.pp b/heat/manifests/api-cfn.pp deleted file mode 100644 index 9ba359aac..000000000 --- a/heat/manifests/api-cfn.pp +++ /dev/null @@ -1,69 +0,0 @@ -# == Class: heat::api-cfn -# -# WARNING: Deprecated class. Use heat::api_cfn instead ! -# Installs & configure the heat CloudFormation API service -# -# === Parameters -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*keystone_host*] -# -# [*keystone_port*] -# -# [*keystone_protocol*] -# -# [*keystone_user*] -# -# [*keystone_tenant*] -# -# [*keystone_password*] -# -# [*keystone_ec2_uri*] -# -# [*auth_uri*] -# -# [*bind_host*] -# -# [*bind_port*] -# -# [*verbose*] -# -# [*debug*] -# -# -class heat::api-cfn ( - $enabled = true, - $keystone_host = '127.0.0.1', - $keystone_port = '35357', - $keystone_protocol = 'http', - $keystone_user = 'heat', - $keystone_tenant = 'services', - $keystone_password = false, - $keystone_ec2_uri = 'http://127.0.0.1:5000/v2.0/ec2tokens', - $auth_uri = 'http://127.0.0.1:5000/v2.0', - $bind_host = '0.0.0.0', - $bind_port = '8000', - $verbose = false, - $debug = false, -) { - - warning('heat::api-cfn is deprecated. Use heat::api_cfn instead.') - - class { 'heat::api_cfn': - enabled => $enabled, - keystone_host => $keystone_host, - keystone_port => $keystone_port, - keystone_protocol => $keystone_protocol, - keystone_user => $keystone_user, - keystone_tenant => $keystone_tenant, - keystone_password => $keystone_password, - keystone_ec2_uri => $keystone_ec2_uri, - auth_uri => $auth_uri, - bind_host => $bind_host, - bind_port => $bind_port, - verbose => $verbose, - debug => $debug, - } -} diff --git a/heat/manifests/api-cloudwatch.pp b/heat/manifests/api-cloudwatch.pp deleted file mode 100644 index 224481133..000000000 --- a/heat/manifests/api-cloudwatch.pp +++ /dev/null @@ -1,69 +0,0 @@ -# == Class: heat::api-cloudwatch -# -# WARNING: Deprecated class. Use heat::api_cloudwatch instead ! -# Installs & configure the heat CloudWatch API service -# -# === Parameters -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*keystone_host*] -# -# [*keystone_port*] -# -# [*keystone_protocol*] -# -# [*keystone_user*] -# -# [*keystone_tenant*] -# -# [*keystone_password*] -# -# [*keystone_ec2_uri*] -# -# [*auth_uri*] -# -# [*bind_host*] -# -# [*bind_port*] -# -# [*verbose*] -# -# [*debug*] -# -# -class heat::api-cloudwatch ( - $enabled = true, - $keystone_host = '127.0.0.1', - $keystone_port = '35357', - $keystone_protocol = 'http', - $keystone_user = 'heat', - $keystone_tenant = 'services', - $keystone_password = false, - $keystone_ec2_uri = 'http://127.0.0.1:5000/v2.0/ec2tokens', - $auth_uri = 'http://127.0.0.1:5000/v2.0', - $bind_host = '0.0.0.0', - $bind_port = '8003', - $verbose = false, - $debug = false, -) { - - warning('heat::api-cloudwatch is deprecated. Use heat::api_cloudwatch instead.') - - class { 'heat::api_cloudwatch': - enabled => $enabled, - keystone_host => $keystone_host, - keystone_port => $keystone_port, - keystone_protocol => $keystone_protocol, - keystone_user => $keystone_user, - keystone_tenant => $keystone_tenant, - keystone_password => $keystone_password, - keystone_ec2_uri => $keystone_ec2_uri, - auth_uri => $auth_uri, - bind_host => $bind_host, - bind_port => $bind_port, - verbose => $verbose, - debug => $debug, - } -} diff --git a/horizon/manifests/wsgi/apache.pp b/horizon/manifests/wsgi/apache.pp index 935530090..1c51b13b7 100644 --- a/horizon/manifests/wsgi/apache.pp +++ b/horizon/manifests/wsgi/apache.pp @@ -142,8 +142,7 @@ require => [ File[$::horizon::params::logdir], Package['horizon'] ], } - $default_vhost_conf = { - ip => $bind_address, + $default_vhost_conf_no_ip = { servername => $servername, serveraliases => os_any2array($final_server_aliases), docroot => '/var/www/', @@ -170,6 +169,16 @@ redirectmatch_status => 'permanent', } + # Only add the 'ip' element to the $default_vhost_conf hash if it was explicitly + # specified in the instantiation of the class. This is because ip => undef gets + # changed to ip => '' via the Puppet function API when ensure_resource is called. + # See https://bugs.launchpad.net/puppet-horizon/+bug/1371345 + if $bind_address { + $default_vhost_conf = merge($default_vhost_conf_no_ip, { ip => $bind_address }) + } else { + $default_vhost_conf = $default_vhost_conf_no_ip + } + ensure_resource('apache::vhost', $vhost_conf_name, merge ($default_vhost_conf, $extra_params, { redirectmatch_regexp => "${redirect_match} ${redirect_url}", })) diff --git a/neutron/lib/puppet/type/neutron_network.rb b/neutron/lib/puppet/type/neutron_network.rb index d151e5c6c..f0d8bf560 100644 --- a/neutron/lib/puppet/type/neutron_network.rb +++ b/neutron/lib/puppet/type/neutron_network.rb @@ -40,7 +40,7 @@ newproperty(:provider_network_type) do desc 'The physical mechanism by which the virtual network is realized.' - newvalues(:flat, :vlan, :local, :gre) + newvalues(:flat, :vlan, :local, :gre, :l3_ext) end newproperty(:provider_physical_network) do diff --git a/nova/manifests/api.pp b/nova/manifests/api.pp index d3c055665..fb8b77247 100644 --- a/nova/manifests/api.pp +++ b/nova/manifests/api.pp @@ -120,6 +120,26 @@ # (optional) Enable or not Nova API v3 # Defaults to false # +# [*validate*] +# (optional) Whether to validate the service is working after any service refreshes +# Defaults to false +# +# [*validation_options*] +# (optional) Service validation options +# Should be a hash of options defined in openstacklib::service_validation +# If empty, defaults values are taken from openstacklib function. +# Default command list nova flavors. +# Require validate set at True. +# Example: +# nova::api::validation_options: +# nova-api: +# command: check_nova.py +# path: /usr/bin:/bin:/usr/sbin:/sbin +# provider: shell +# tries: 5 +# try_sleep: 10 +# Defaults to {} +# class nova::api( $admin_password, $enabled = false, @@ -149,6 +169,8 @@ $ratelimits = undef, $ratelimits_factory = 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory', + $validate = false, + $validation_options = {}, # DEPRECATED PARAMETER $workers = undef, $conductor_workers = undef, @@ -209,22 +231,23 @@ if ($neutron_metadata_proxy_shared_secret){ nova_config { - 'DEFAULT/service_neutron_metadata_proxy': value => true; - 'DEFAULT/neutron_metadata_proxy_shared_secret': + 'neutron/service_metadata_proxy': value => true; + 'neutron/metadata_proxy_shared_secret': value => $neutron_metadata_proxy_shared_secret; } } else { nova_config { - 'DEFAULT/service_neutron_metadata_proxy': value => false; - 'DEFAULT/neutron_metadata_proxy_shared_secret': ensure => absent; + 'neutron/service_metadata_proxy': value => false; + 'neutron/metadata_proxy_shared_secret': ensure => absent; } } if $auth_uri { - nova_config { 'keystone_authtoken/auth_uri': value => $auth_uri; } + $auth_uri_real = $auth_uri } else { - nova_config { 'keystone_authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/"; } + $auth_uri_real = "${auth_protocol}://${auth_host}:5000/" } + nova_config { 'keystone_authtoken/auth_uri': value => $auth_uri_real; } if $auth_version { nova_config { 'keystone_authtoken/auth_version': value => $auth_version; } @@ -312,4 +335,14 @@ 'filter:authtoken/auth_admin_prefix': ensure => absent; } + if $validate { + $defaults = { + 'nova-api' => { + 'command' => "nova --os-auth-url ${auth_uri_real} --os-tenant-name ${admin_tenant_name} --os-username ${admin_user} --os-password ${admin_password} flavor-list", + } + } + $validation_options_hash = merge ($defaults, $validation_options) + create_resources('openstacklib::service_validation', $validation_options_hash, {'subscribe' => 'Service[nova-api]'}) + } + } diff --git a/nova/manifests/client.pp b/nova/manifests/client.pp index d9833d8de..35748c095 100644 --- a/nova/manifests/client.pp +++ b/nova/manifests/client.pp @@ -14,6 +14,7 @@ package { 'python-novaclient': ensure => $ensure, + tag => ['openstack', 'nova'], } } diff --git a/nova/manifests/compute/libvirt.pp b/nova/manifests/compute/libvirt.pp index c853c740a..c27bb4c68 100644 --- a/nova/manifests/compute/libvirt.pp +++ b/nova/manifests/compute/libvirt.pp @@ -110,6 +110,7 @@ ensure => present, before => Package['nova-compute'], require => Package['nova-common'], + tag => ['openstack', 'nova'], } } diff --git a/nova/manifests/compute/neutron.pp b/nova/manifests/compute/neutron.pp index 59623b00a..91ee91cfc 100644 --- a/nova/manifests/compute/neutron.pp +++ b/nova/manifests/compute/neutron.pp @@ -10,9 +10,14 @@ # (optional) The libvirt VIF driver to configure the VIFs. # Defaults to 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'. # - +# [*force_snat_range*] +# (optional) Force SNAT rule to specified network for nova-network +# Default to 0.0.0.0/0 +# Due to architecture constraints in nova_config, it's not possible to setup +# more than one SNAT rule though initial parameter is MultiStrOpt class nova::compute::neutron ( - $libvirt_vif_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + $libvirt_vif_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver', + $force_snat_range = '0.0.0.0/0', ) { if $libvirt_vif_driver == 'nova.virt.libvirt.vif.LibvirtOpenVswitchDriver' { @@ -22,4 +27,21 @@ nova_config { 'libvirt/vif_driver': value => $libvirt_vif_driver; } + + if $libvirt_vif_driver == 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' and $force_snat_range { + # Validate ip and mask for force_snat_range + $force_snat_range_array = split($force_snat_range, '/') + if is_ip_address($force_snat_range_array[0]) and is_integer($force_snat_range_array[1]) { + nova_config { + 'DEFAULT/force_snat_range': value => $force_snat_range; + } + } else { + fail('force_snat_range should be IPv4 or IPv6 CIDR notation') + } + } else { + nova_config { + 'DEFAULT/force_snat_range': ensure => absent; + } + } + } diff --git a/nova/manifests/generic_service.pp b/nova/manifests/generic_service.pp index 2ead9bda5..3328ba5f7 100644 --- a/nova/manifests/generic_service.pp +++ b/nova/manifests/generic_service.pp @@ -37,6 +37,7 @@ ensure => $ensure_package, name => $package_name, notify => Service[$nova_title], + tag => ['openstack', 'nova'], } } } diff --git a/nova/manifests/init.pp b/nova/manifests/init.pp index c97a2e312..85f7b6129 100644 --- a/nova/manifests/init.pp +++ b/nova/manifests/init.pp @@ -473,13 +473,15 @@ package { 'python-nova': ensure => $ensure_package, - require => Package['python-greenlet'] + require => Package['python-greenlet'], + tag => ['openstack', 'nova'], } package { 'nova-common': ensure => $ensure_package, name => $::nova::params::common_package_name, - require => [Package['python-nova'], Anchor['nova-start']] + require => [Package['python-nova'], Anchor['nova-start']], + tag => ['openstack', 'nova'], } file { '/etc/nova/nova.conf': diff --git a/nova/manifests/network/neutron.pp b/nova/manifests/network/neutron.pp index 3e631b201..bf95e900b 100644 --- a/nova/manifests/network/neutron.pp +++ b/nova/manifests/network/neutron.pp @@ -107,29 +107,29 @@ ) { nova_config { - 'DEFAULT/neutron_auth_strategy': value => $neutron_auth_strategy; - 'DEFAULT/network_api_class': value => 'nova.network.neutronv2.api.API'; - 'DEFAULT/neutron_url': value => $neutron_url; - 'DEFAULT/neutron_url_timeout': value => $neutron_url_timeout; - 'DEFAULT/neutron_admin_tenant_name': value => $neutron_admin_tenant_name; - 'DEFAULT/neutron_default_tenant_id': value => $neutron_default_tenant_id; - 'DEFAULT/neutron_region_name': value => $neutron_region_name; - 'DEFAULT/neutron_admin_username': value => $neutron_admin_username; - 'DEFAULT/neutron_admin_password': value => $neutron_admin_password, secret => true; - 'DEFAULT/neutron_admin_auth_url': value => $neutron_admin_auth_url; - 'DEFAULT/neutron_ovs_bridge': value => $neutron_ovs_bridge; - 'DEFAULT/neutron_extension_sync_interval': value => $neutron_extension_sync_interval; - 'DEFAULT/security_group_api': value => $security_group_api; - 'DEFAULT/firewall_driver': value => $firewall_driver; - 'DEFAULT/vif_plugging_is_fatal': value => $vif_plugging_is_fatal; - 'DEFAULT/vif_plugging_timeout': value => $vif_plugging_timeout; - 'DEFAULT/dhcp_domain': value => $dhcp_domain; + 'DEFAULT/dhcp_domain': value => $dhcp_domain; + 'DEFAULT/firewall_driver': value => $firewall_driver; + 'DEFAULT/network_api_class': value => 'nova.network.neutronv2.api.API'; + 'DEFAULT/security_group_api': value => $security_group_api; + 'DEFAULT/vif_plugging_is_fatal': value => $vif_plugging_is_fatal; + 'DEFAULT/vif_plugging_timeout': value => $vif_plugging_timeout; + 'neutron/auth_strategy': value => $neutron_auth_strategy; + 'neutron/url': value => $neutron_url; + 'neutron/url_timeout': value => $neutron_url_timeout; + 'neutron/admin_tenant_name': value => $neutron_admin_tenant_name; + 'neutron/default_tenant_id': value => $neutron_default_tenant_id; + 'neutron/region_name': value => $neutron_region_name; + 'neutron/admin_username': value => $neutron_admin_username; + 'neutron/admin_password': value => $neutron_admin_password, secret => true; + 'neutron/admin_auth_url': value => $neutron_admin_auth_url; + 'neutron/ovs_bridge': value => $neutron_ovs_bridge; + 'neutron/extension_sync_interval': value => $neutron_extension_sync_interval; } if ! $neutron_ca_certificates_file { - nova_config { 'DEFAULT/neutron_ca_certificates_file': ensure => absent } + nova_config { 'neutron/ca_certificates_file': ensure => absent } } else { - nova_config { 'DEFAULT/neutron_ca_certificates_file': value => $neutron_ca_certificates_file } + nova_config { 'neutron/ca_certificates_file': value => $neutron_ca_certificates_file } } } diff --git a/nova/spec/classes/nova_api_spec.rb b/nova/spec/classes/nova_api_spec.rb index 54f937ee6..532ad95e8 100644 --- a/nova/spec/classes/nova_api_spec.rb +++ b/nova/spec/classes/nova_api_spec.rb @@ -28,8 +28,10 @@ should contain_package('nova-api').with( :name => platform_params[:nova_api_package], :ensure => 'present', - :notify => 'Service[nova-api]' + :notify => 'Service[nova-api]', + :tag => ['openstack', 'nova'] ) + should_not contain_exec('validate_nova_api') end it 'configures keystone_authtoken middleware' do @@ -68,8 +70,8 @@ end it 'unconfigures neutron_metadata proxy' do - should contain_nova_config('DEFAULT/service_neutron_metadata_proxy').with(:value => false) - should contain_nova_config('DEFAULT/neutron_metadata_proxy_shared_secret').with(:ensure => 'absent') + should contain_nova_config('neutron/service_metadata_proxy').with(:value => false) + should contain_nova_config('neutron/metadata_proxy_shared_secret').with(:ensure => 'absent') end end @@ -114,7 +116,8 @@ it 'installs nova-api package and service' do should contain_package('nova-api').with( :name => platform_params[:nova_api_package], - :ensure => '2012.1-2' + :ensure => '2012.1-2', + :tag => ['openstack', 'nova'] ) should contain_service('nova-api').with( :name => platform_params[:nova_api_service], @@ -155,8 +158,8 @@ should contain_nova_config('DEFAULT/use_forwarded_for').with('value' => false) should contain_nova_config('DEFAULT/osapi_compute_workers').with('value' => '1') should contain_nova_config('DEFAULT/metadata_workers').with('value' => '2') - should contain_nova_config('DEFAULT/service_neutron_metadata_proxy').with('value' => true) - should contain_nova_config('DEFAULT/neutron_metadata_proxy_shared_secret').with('value' => 'secrete') + should contain_nova_config('neutron/service_metadata_proxy').with('value' => true) + should contain_nova_config('neutron/metadata_proxy_shared_secret').with('value' => 'secrete') should contain_nova_config('DEFAULT/keystone_ec2_url').with('value' => 'https://example.com:5000/v2.0/ec2tokens') end @@ -182,6 +185,45 @@ end end + context 'while validating the service with default command' do + before do + params.merge!({ + :validate => true, + }) + end + it { should contain_exec('execute nova-api validation').with( + :path => '/usr/bin:/bin:/usr/sbin:/sbin', + :provider => 'shell', + :tries => '10', + :try_sleep => '2', + :command => 'nova --os-auth-url http://127.0.0.1:5000/ --os-tenant-name services --os-username nova --os-password passw0rd flavor-list', + )} + + it { should contain_anchor('create nova-api anchor').with( + :require => 'Exec[execute nova-api validation]', + )} + end + + context 'while validating the service with custom command' do + before do + params.merge!({ + :validate => true, + :validation_options => { 'nova-api' => { 'command' => 'my-script' } } + }) + end + it { should contain_exec('execute nova-api validation').with( + :path => '/usr/bin:/bin:/usr/sbin:/sbin', + :provider => 'shell', + :tries => '10', + :try_sleep => '2', + :command => 'my-script', + )} + + it { should contain_anchor('create nova-api anchor').with( + :require => 'Exec[execute nova-api validation]', + )} + end + context 'while not managing service state' do before do params.merge!({ diff --git a/nova/spec/classes/nova_cells_spec.rb b/nova/spec/classes/nova_cells_spec.rb index 626264af5..45328650f 100644 --- a/nova/spec/classes/nova_cells_spec.rb +++ b/nova/spec/classes/nova_cells_spec.rb @@ -60,7 +60,8 @@ it 'installs nova-cells package' do should contain_package('nova-cells').with( :ensure => 'present', - :name => platform_params[:cells_package_name] + :name => platform_params[:cells_package_name], + :tag => ['openstack', 'nova'] ) end diff --git a/nova/spec/classes/nova_client_spec.rb b/nova/spec/classes/nova_client_spec.rb index 2057e2c01..4caae33aa 100644 --- a/nova/spec/classes/nova_client_spec.rb +++ b/nova/spec/classes/nova_client_spec.rb @@ -3,7 +3,12 @@ describe 'nova::client' do context 'with default parameters' do - it { should contain_package('python-novaclient').with_ensure('present') } + it { + should contain_package('python-novaclient').with( + :ensure => 'present', + :tag => ['openstack', 'nova'] + ) + } end context 'with ensure parameter provided' do diff --git a/nova/spec/classes/nova_compute_libvirt_spec.rb b/nova/spec/classes/nova_compute_libvirt_spec.rb index bdf7362d7..2ceb3983e 100644 --- a/nova/spec/classes/nova_compute_libvirt_spec.rb +++ b/nova/spec/classes/nova_compute_libvirt_spec.rb @@ -16,7 +16,8 @@ it { should contain_package('nova-compute-kvm').with( :ensure => 'present', - :before => 'Package[nova-compute]' + :before => 'Package[nova-compute]', + :tag => ['openstack', 'nova'] ) } it { should contain_package('libvirt').with( diff --git a/nova/spec/classes/nova_compute_neutron_spec.rb b/nova/spec/classes/nova_compute_neutron_spec.rb index b67c9fc4b..030968fa8 100644 --- a/nova/spec/classes/nova_compute_neutron_spec.rb +++ b/nova/spec/classes/nova_compute_neutron_spec.rb @@ -1,13 +1,17 @@ require 'spec_helper' describe 'nova::compute::neutron' do - it { should contain_nova_config('libvirt/vif_driver').with_value('nova.virt.libvirt.vif.LibvirtGenericVIFDriver')} + context 'with default parameters' do + it { should contain_nova_config('libvirt/vif_driver').with_value('nova.virt.libvirt.vif.LibvirtGenericVIFDriver')} + it { should contain_nova_config('DEFAULT/force_snat_range').with(:value => '0.0.0.0/0') } + end context 'when overriding params' do let :params do {:libvirt_vif_driver => 'foo' } end it { should contain_nova_config('libvirt/vif_driver').with_value('foo')} + it { should contain_nova_config('DEFAULT/force_snat_range').with_ensure(:absent) } end context 'when overriding with a removed libvirt_vif_driver param' do @@ -19,4 +23,36 @@ end end + context 'with force_snat_range parameter set to false' do + let :params do + { :force_snat_range => false, } + end + it { should contain_nova_config('DEFAULT/force_snat_range').with_ensure('absent') } + end + + context 'with force_snat_range parameter set to 10.0.0.0/24' do + let :params do + { :force_snat_range => '10.0.0.0/24', } + end + + it { should contain_nova_config('DEFAULT/force_snat_range').with_value('10.0.0.0/24') } + end + + context 'with force_snat_range parameter set to fe80::/64' do + let :params do + { :force_snat_range => 'fe80::/64', } + end + + it { should contain_nova_config('DEFAULT/force_snat_range').with_value('fe80::/64') } + end + + context 'with force_snat_range parameter set ip without mask' do + let :params do + { :force_snat_range => '10.0.0.0', } + end + + it { expect { should contain_nova_config('DEFAULT/force_snat_range') }.to \ + raise_error(Puppet::Error, /force_snat_range should be IPv4 or IPv6/) } + end + end diff --git a/nova/spec/classes/nova_compute_spec.rb b/nova/spec/classes/nova_compute_spec.rb index c1fc79d57..253f65506 100644 --- a/nova/spec/classes/nova_compute_spec.rb +++ b/nova/spec/classes/nova_compute_spec.rb @@ -18,7 +18,8 @@ :enable => false }) should contain_package('nova-compute').with({ - :name => platform_params[:nova_compute_package] + :name => platform_params[:nova_compute_package], + :tag => ['openstack', 'nova'] }) end @@ -55,7 +56,8 @@ }) should contain_package('nova-compute').with({ :name => platform_params[:nova_compute_package], - :ensure => '2012.1-2' + :ensure => '2012.1-2', + :tag => ['openstack', 'nova'] }) end diff --git a/nova/spec/classes/nova_init_spec.rb b/nova/spec/classes/nova_init_spec.rb index bc7ea192b..dad359bc5 100644 --- a/nova/spec/classes/nova_init_spec.rb +++ b/nova/spec/classes/nova_init_spec.rb @@ -18,7 +18,8 @@ ) should contain_package('nova-common').with( :name => platform_params[:nova_common_package], - :ensure => 'present' + :ensure => 'present', + :tag => ['openstack', 'nova'] ) end diff --git a/nova/spec/classes/nova_network_neutron_spec.rb b/nova/spec/classes/nova_network_neutron_spec.rb index af12aaf2e..e5fcd9dfd 100644 --- a/nova/spec/classes/nova_network_neutron_spec.rb +++ b/nova/spec/classes/nova_network_neutron_spec.rb @@ -28,23 +28,23 @@ context 'with required parameters' do it 'configures neutron endpoint in nova.conf' do - should contain_nova_config('DEFAULT/neutron_admin_password').with_value(params[:neutron_admin_password]).with_secret(true) + should contain_nova_config('neutron/admin_password').with_value(params[:neutron_admin_password]).with_secret(true) should contain_nova_config('DEFAULT/network_api_class').with_value('nova.network.neutronv2.api.API') - should contain_nova_config('DEFAULT/neutron_auth_strategy').with_value(default_params[:neutron_auth_strategy]) - should contain_nova_config('DEFAULT/neutron_url').with_value(default_params[:neutron_url]) - should contain_nova_config('DEFAULT/neutron_url_timeout').with_value(default_params[:neutron_url_timeout]) - should contain_nova_config('DEFAULT/neutron_admin_tenant_name').with_value(default_params[:neutron_admin_tenant_name]) - should contain_nova_config('DEFAULT/neutron_default_tenant_id').with_value(default_params[:neutron_default_tenant_id]) - should contain_nova_config('DEFAULT/neutron_region_name').with_value(default_params[:neutron_region_name]) - should contain_nova_config('DEFAULT/neutron_admin_username').with_value(default_params[:neutron_admin_username]) - should contain_nova_config('DEFAULT/neutron_admin_auth_url').with_value(default_params[:neutron_admin_auth_url]) - should contain_nova_config('DEFAULT/neutron_extension_sync_interval').with_value(default_params[:neutron_extension_sync_interval]) should contain_nova_config('DEFAULT/dhcp_domain').with_value(default_params[:dhcp_domain]) + should contain_nova_config('neutron/auth_strategy').with_value(default_params[:neutron_auth_strategy]) + should contain_nova_config('neutron/url').with_value(default_params[:neutron_url]) + should contain_nova_config('neutron/url_timeout').with_value(default_params[:neutron_url_timeout]) + should contain_nova_config('neutron/admin_tenant_name').with_value(default_params[:neutron_admin_tenant_name]) + should contain_nova_config('neutron/default_tenant_id').with_value(default_params[:neutron_default_tenant_id]) + should contain_nova_config('neutron/region_name').with_value(default_params[:neutron_region_name]) + should contain_nova_config('neutron/admin_username').with_value(default_params[:neutron_admin_username]) + should contain_nova_config('neutron/admin_auth_url').with_value(default_params[:neutron_admin_auth_url]) + should contain_nova_config('neutron/extension_sync_interval').with_value(default_params[:neutron_extension_sync_interval]) end it 'configures Nova to use Neutron Bridge Security Groups and Firewall' do should contain_nova_config('DEFAULT/firewall_driver').with_value(default_params[:firewall_driver]) should contain_nova_config('DEFAULT/security_group_api').with_value(default_params[:security_group_api]) - should contain_nova_config('DEFAULT/neutron_ovs_bridge').with_value(default_params[:neutron_ovs_bridge]) + should contain_nova_config('neutron/ovs_bridge').with_value(default_params[:neutron_ovs_bridge]) end it 'configures neutron vif plugging events in nova.conf' do should contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(default_params[:vif_plugging_is_fatal]) @@ -73,23 +73,23 @@ end it 'configures neutron endpoint in nova.conf' do - should contain_nova_config('DEFAULT/neutron_auth_strategy').with_value(default_params[:neutron_auth_strategy]) - should contain_nova_config('DEFAULT/neutron_admin_password').with_value(params[:neutron_admin_password]).with_secret(true) + should contain_nova_config('neutron/auth_strategy').with_value(default_params[:neutron_auth_strategy]) + should contain_nova_config('neutron/admin_password').with_value(params[:neutron_admin_password]).with_secret(true) should contain_nova_config('DEFAULT/network_api_class').with_value('nova.network.neutronv2.api.API') - should contain_nova_config('DEFAULT/neutron_url').with_value(params[:neutron_url]) - should contain_nova_config('DEFAULT/neutron_url_timeout').with_value(params[:neutron_url_timeout]) - should contain_nova_config('DEFAULT/neutron_admin_tenant_name').with_value(params[:neutron_admin_tenant_name]) - should contain_nova_config('DEFAULT/neutron_default_tenant_id').with_value(params[:neutron_default_tenant_id]) - should contain_nova_config('DEFAULT/neutron_region_name').with_value(params[:neutron_region_name]) - should contain_nova_config('DEFAULT/neutron_admin_username').with_value(params[:neutron_admin_username]) - should contain_nova_config('DEFAULT/neutron_admin_auth_url').with_value(params[:neutron_admin_auth_url]) - should contain_nova_config('DEFAULT/neutron_extension_sync_interval').with_value(params[:neutron_extension_sync_interval]) should contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain]) + should contain_nova_config('neutron/url').with_value(params[:neutron_url]) + should contain_nova_config('neutron/url_timeout').with_value(params[:neutron_url_timeout]) + should contain_nova_config('neutron/admin_tenant_name').with_value(params[:neutron_admin_tenant_name]) + should contain_nova_config('neutron/default_tenant_id').with_value(params[:neutron_default_tenant_id]) + should contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name]) + should contain_nova_config('neutron/admin_username').with_value(params[:neutron_admin_username]) + should contain_nova_config('neutron/admin_auth_url').with_value(params[:neutron_admin_auth_url]) + should contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval]) end it 'configures Nova to use Neutron Security Groups and Firewall' do should contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver]) should contain_nova_config('DEFAULT/security_group_api').with_value(params[:security_group_api]) - should contain_nova_config('DEFAULT/neutron_ovs_bridge').with_value(params[:neutron_ovs_bridge]) + should contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge]) end it 'configures neutron vif plugging events in nova.conf' do should contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal]) diff --git a/nova/spec/shared_examples.rb b/nova/spec/shared_examples.rb index 52f56c3a8..b7b16517e 100644 --- a/nova/spec/shared_examples.rb +++ b/nova/spec/shared_examples.rb @@ -11,7 +11,8 @@ should contain_package(service[:name]).with({ :name => service[:package_name], :ensure => 'present', - :notify => "Service[#{service[:name]}]" + :notify => "Service[#{service[:name]}]", + :tag => ['openstack', 'nova'] }) should contain_service(service[:name]).with({ :name => service[:service_name], diff --git a/swift/.fixtures.yml b/swift/.fixtures.yml index 7963576f8..c4af4646b 100644 --- a/swift/.fixtures.yml +++ b/swift/.fixtures.yml @@ -1,9 +1,7 @@ fixtures: repositories: "apt": "git://github.com/puppetlabs/puppetlabs-apt.git" - "concat": - repo: "git://github.com/puppetlabs/puppetlabs-concat.git" - ref: '1.0.0' + "concat": "git://github.com/puppetlabs/puppetlabs-concat.git" "inifile": "git://github.com/puppetlabs/puppetlabs-inifile" "keystone": "git://github.com/stackforge/puppet-keystone.git" "memcached": "git://github.com/saz/puppet-memcached.git"