scenario002/centos7: switch RabbitMQ and OpenStack to IPv6

Code Issues Proposed changes

This is a first iteration of testing IPv6 deployment.
This patch will deploy scenario002 on centos7 by using IPv6 network.
To make it work on Ubuntu, it will require more work, that will be done
in future iterations. During my testing, I found some bugs and did not
investigate because I wanted a first scenario working on v6.
Same for scenario001 and scenario003, they'll be tested later.
Change-Id: Ib28b379645b5a3d351438e0408a9de62b9f48302

This commit is contained in:

Emilien Macchi

2016年03月02日 19:09:05 -05:00

parent cf864be1bc

commit 4ed8366f07

8 changed files with 73 additions and 42 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

5
fixtures/scenario002.pp

View File

@@ -16,11 +16,13 @@

case$::osfamily{

'Debian': {

$ipv6 = false

# ironic-conductor is broken for Ubuntu Trusty

# https://bugs.launchpad.net/cloud-archive/+bug/1530869

$ironic_enabled = false

}

'RedHat':{

$ipv6 = true

$ironic_enabled = true

}

default:{

@@ -30,7 +32,8 @@ case $::osfamily {

include::openstack_integration

class{ '::openstack_integration::config':

ssl => true,

ipv6 => $ipv6,

}

include::openstack_integration::cacert

include::openstack_integration::rabbitmq

14
manifests/cinder.pp

View File

@@ -29,11 +29,17 @@ class openstack_integration::cinder (

password => 'cinder',

}

class{ '::cinder::keystone::auth':

password => 'a_big_secret',

public_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",

internal_url=>"http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",

admin_url=>"http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",

public_url_v2=>"http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",

internal_url_v2=>"http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",

admin_url_v2=>"http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",

password=>'a_big_secret',

}

class{ '::cinder':

database_connection => 'mysql+pymysql://cinder:cinder@127.0.0.1/cinder?charset=utf8',

rabbit_host => $::openstack_integration::config::rabbit_host,

rabbit_host => $::openstack_integration::config::ip_for_url,

rabbit_port => $::openstack_integration::config::rabbit_port,

rabbit_userid => 'cinder',

rabbit_password => 'an_even_bigger_secret',

@@ -47,6 +53,8 @@ class openstack_integration::cinder (

identity_uri => $::openstack_integration::config::keystone_admin_uri,

default_volume_type => 'BACKEND_1',

service_workers => 2,

public_endpoint => "http://${::openstack_integration::config::ip_for_url}:8776",

bind_host=>$::openstack_integration::config::host,

}

class{ '::cinder::quota': }

class{ '::cinder::scheduler': }

@@ -56,7 +64,7 @@ class openstack_integration::cinder (

}

class{ '::cinder::cron::db_purge': }

class{ '::cinder::glance':

glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292",

glance_api_servers => "${::openstack_integration::config::base_url}:9292",

}

case$backend{

'iscsi': {

16
manifests/config.pp

View File

@@ -22,19 +22,23 @@ class openstack_integration::config (

}

if$ipv6{

$rabbit_host = '[::1]'

$rabbit_env = {

'RABBITMQ_NODE_IP_ADDRESS' => '::1',

$host = '::1'

$rabbit_env = {

'RABBITMQ_NODE_IP_ADDRESS' => $host,

'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"',

}

$ip_version='6'

}else{

$rabbit_host = '127.0.0.1'

$host = '127.0.0.1'

$rabbit_env = {}

$ip_version='4'

}

$keystone_auth_uri="${proto}://127.0.0.1:5000"

$keystone_admin_uri="${proto}://127.0.0.1:35357"

#inURL,bracketsareneeded

$ip_for_url=normalize_ip_for_uri($host)

$base_url="${proto}://${ip_for_url}"

$keystone_auth_uri="${base_url}:5000"

$keystone_admin_uri="${base_url}:35357"

}

13
manifests/glance.pp

View File

@@ -46,9 +46,9 @@ class openstack_integration::glance (

include::glance

include::glance::client

class{ '::glance::keystone::auth':

public_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",

internal_url=>"${::openstack_integration::config::proto}://127.0.0.1:9292",

admin_url=>"${::openstack_integration::config::proto}://127.0.0.1:9292",

public_url => "${::openstack_integration::config::base_url}:9292",

internal_url=>"${::openstack_integration::config::base_url}:9292",

admin_url=>"${::openstack_integration::config::base_url}:9292",

password=>'a_big_secret',

}

case$backend{

@@ -72,7 +72,7 @@ class openstack_integration::glance (

swift_store_user => 'services:glance',

swift_store_key => 'a_big_secret',

swift_store_create_container_on_put => 'True',

swift_store_auth_address => "${::openstack_integration::config::proto}://127.0.0.1:5000/v2.0",

swift_store_auth_address => "${::openstack_integration::config::base_url}:5000/v2.0",

}

default:{

@@ -89,11 +89,13 @@ class openstack_integration::glance (

workers => 2,

stores => $glance_stores,

default_store => $backend,

bind_host => $::openstack_integration::config::host,

auth_uri => $::openstack_integration::config::keystone_auth_uri,

identity_uri => $::openstack_integration::config::keystone_admin_uri,

registry_client_protocol => $::openstack_integration::config::proto,

registry_client_cert_file => $crt_file,

registry_client_key_file => $key_file,

registry_host => $::openstack_integration::config::host,

cert_file => $crt_file,

key_file => $key_file,

}

@@ -102,6 +104,7 @@ class openstack_integration::glance (

verbose => true,

database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8',

keystone_password => 'a_big_secret',

bind_host => $::openstack_integration::config::host,

workers => 2,

auth_uri => $::openstack_integration::config::keystone_auth_uri,

identity_uri => $::openstack_integration::config::keystone_admin_uri,

@@ -111,7 +114,7 @@ class openstack_integration::glance (

class{ '::glance::notify::rabbitmq':

rabbit_userid => 'glance',

rabbit_password => 'an_even_bigger_secret',

rabbit_host => $::openstack_integration::config::rabbit_host,

rabbit_host => $::openstack_integration::config::ip_for_url,

rabbit_port => $::openstack_integration::config::rabbit_port,

notification_driver => 'messagingv2',

rabbit_use_ssl => $::openstack_integration::config::ssl,

19
manifests/ironic.pp

View File

@@ -28,7 +28,7 @@ class openstack_integration::ironic {

class{ '::ironic':

rabbit_userid => 'ironic',

rabbit_password => 'an_even_bigger_secret',

rabbit_host => $::openstack_integration::config::rabbit_host,

rabbit_host => $::openstack_integration::config::ip_for_url,

rabbit_port => $::openstack_integration::config::rabbit_port,

rabbit_use_ssl => $::openstack_integration::config::ssl,

database_connection => 'mysql+pymysql://ironic:ironic@127.0.0.1/ironic?charset=utf8',

@@ -40,25 +40,26 @@ class openstack_integration::ironic {

password => 'ironic',

}

class{ '::ironic::keystone::auth':

public_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",

internal_url=>"${::openstack_integration::config::proto}://127.0.0.1:6385",

admin_url=>"${::openstack_integration::config::proto}://127.0.0.1:6385",

public_url => "${::openstack_integration::config::base_url}:6385",

internal_url=>"${::openstack_integration::config::base_url}:6385",

admin_url=>"${::openstack_integration::config::base_url}:6385",

password=>'a_big_secret',

}

class{ '::ironic::client': }

class{ '::ironic::api':

auth_uri => $::openstack_integration::config::keystone_auth_uri,

identity_uri => $::openstack_integration::config::keystone_admin_uri,

neutron_url => 'http://127.0.0.1:9696',

neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",

admin_password=>'a_big_secret',

service_name=>'httpd',

}

include::apache

class{ '::ironic::wsgi::apache':

ssl => $::openstack_integration::config::ssl,

ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",

ssl_cert=>$::openstack_integration::params::cert_path,

workers=>2,

bind_host => $::openstack_integration::config::ip_for_url,

ssl => $::openstack_integration::config::ssl,

ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",

ssl_cert=>$::openstack_integration::params::cert_path,

workers=>2,

}

class{ '::ironic::conductor': }

Rabbitmq_user_permissions['ironic@/']->Service<|tag=='ironic-service'|>

12
manifests/keystone.pp

View File

@@ -42,13 +42,17 @@ class openstack_integration::keystone (

default_domain => $default_domain,

using_domain_config => $using_domain_config,

enable_ssl => $::openstack_integration::config::ssl,

public_bind_host => $::openstack_integration::config::host,

admin_bind_host => $::openstack_integration::config::host,

}

include::apache

class{ '::keystone::wsgi::apache':

ssl => $::openstack_integration::config::ssl,

ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",

ssl_cert=>$::openstack_integration::params::cert_path,

workers=>2,

bind_host => $::openstack_integration::config::ip_for_url,

admin_bind_host => $::openstack_integration::config::ip_for_url,

ssl => $::openstack_integration::config::ssl,

ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",

ssl_cert=>$::openstack_integration::params::cert_path,

workers=>2,

}

class{ '::keystone::roles::admin':

email => 'test@example.tld',

8
manifests/neutron.pp

View File

@@ -20,12 +20,15 @@ class openstack_integration::neutron {

password => 'neutron',

}

class{ '::neutron::keystone::auth':

password => 'a_big_secret',

public_url => "http://${::openstack_integration::config::ip_for_url}:9696",

internal_url=>"http://${::openstack_integration::config::ip_for_url}:9696",

admin_url=>"http://${::openstack_integration::config::ip_for_url}:9696",

password=>'a_big_secret',

}

class{ '::neutron':

rabbit_user => 'neutron',

rabbit_password => 'an_even_bigger_secret',

rabbit_host => $::openstack_integration::config::rabbit_host,

rabbit_host => $::openstack_integration::config::ip_for_url,

rabbit_port => $::openstack_integration::config::rabbit_port,

rabbit_use_ssl => $::openstack_integration::config::ssl,

allow_overlapping_ips => true,

@@ -33,6 +36,7 @@ class openstack_integration::neutron {

service_plugins => ['router', 'metering', 'firewall'],

debug => true,

verbose => true,

bind_host => $::openstack_integration::config::host,

}

class{ '::neutron::client': }

class{ '::neutron::server':

28
manifests/nova.pp

View File

@@ -41,23 +41,24 @@ class openstack_integration::nova (

password => 'nova',

}

class{ '::nova::keystone::auth':

public_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",

public_url_v3 =>"${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",

internal_url=>"${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",

internal_url_v3=>"${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",

admin_url =>"${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",

admin_url_v3=>"${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",

public_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",

internal_url =>"${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",

admin_url =>"${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",

public_url_v3 =>"${::openstack_integration::config::base_url}:8774/v3",

internal_url_v3 =>"${::openstack_integration::config::base_url}:8774/v3",

admin_url_v3=>"${::openstack_integration::config::base_url}:8774/v3",

password=>'a_big_secret',

}

class{ '::nova':

database_connection => 'mysql+pymysql://nova:nova@127.0.0.1/nova?charset=utf8',

api_database_connection => 'mysql+pymysql://nova_api:nova@127.0.0.1/nova_api?charset=utf8',

rabbit_host => $::openstack_integration::config::rabbit_host,

rabbit_host => $::openstack_integration::config::ip_for_url,

rabbit_port => $::openstack_integration::config::rabbit_port,

rabbit_userid => 'nova',

rabbit_password => 'an_even_bigger_secret',

rabbit_use_ssl => $::openstack_integration::config::ssl,

glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292",

use_ipv6 => $::openstack_integration::config::ipv6,

glance_api_servers => "${::openstack_integration::config::base_url}:9292",

verbose=>true,

debug=>true,

notification_driver=>'messagingv2',

@@ -67,6 +68,7 @@ class openstack_integration::nova (

admin_password => 'a_big_secret',

auth_uri => $::openstack_integration::config::keystone_auth_uri,

identity_uri => $::openstack_integration::config::keystone_admin_uri,

api_bind_address => $::openstack_integration::config::host,

osapi_v3 => true,

neutron_metadata_proxy_shared_secret => 'a_big_secret',

metadata_workers => 2,

@@ -76,10 +78,11 @@ class openstack_integration::nova (

}

include::apache

class{ '::nova::wsgi::apache':

ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",

ssl_cert=>$::openstack_integration::params::cert_path,

ssl =>$::openstack_integration::config::ssl,

workers =>'2',

bind_host => $::openstack_integration::config::ip_for_url,

ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",

ssl_cert=>$::openstack_integration::params::cert_path,

ssl =>$::openstack_integration::config::ssl,

workers=>'2',

}

class{ '::nova::client': }

class{ '::nova::conductor': }

@@ -114,6 +117,7 @@ class openstack_integration::nova (

class{ '::nova::network::neutron':

neutron_auth_url => "${::openstack_integration::config::keystone_admin_uri}/v3",

neutron_url=>"http://${::openstack_integration::config::ip_for_url}:9696",

neutron_password=>'a_big_secret',

}