Rush has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/405366 )
Change subject: openstack: nova-network and neutron nova::common split
......................................................................
openstack: nova-network and neutron nova::common split
These two paths will not coexist in the same deployment,
and will not exist side by side long term so I am splitting
the configuration rather than mix them with template logic
or other logic branching for the same manifests.
Bug: T171494
Change-Id: Iba0aecdfaa1e35c24dbc13a27d0459ce570abe3b
---
C modules/openstack/manifests/nova/common/neutron.pp
R modules/openstack/manifests/nova/common/nova_network.pp
A modules/openstack/templates/liberty/nova/common/neutron/api-paste.ini.erb
A modules/openstack/templates/liberty/nova/common/neutron/nova.conf.erb
R modules/openstack/templates/liberty/nova/common/nova_network/api-paste.ini.erb
R modules/openstack/templates/liberty/nova/common/nova_network/nova.conf.erb
A modules/profile/manifests/openstack/base/nova/common/neutron.pp
R modules/profile/manifests/openstack/base/nova/common/nova_network.pp
M modules/profile/manifests/openstack/labtest/nova/common.pp
M modules/profile/manifests/openstack/labtestn/nova/common.pp
M modules/profile/manifests/openstack/main/nova/common.pp
M modules/role/manifests/wmcs/openstack/labtestn/control.pp
12 files changed, 190 insertions(+), 84 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/66/405366/1
diff --git a/modules/openstack/manifests/nova/common.pp
b/modules/openstack/manifests/nova/common/neutron.pp
similarity index 69%
copy from modules/openstack/manifests/nova/common.pp
copy to modules/openstack/manifests/nova/common/neutron.pp
index affa993..46073b1 100644
--- a/modules/openstack/manifests/nova/common.pp
+++ b/modules/openstack/manifests/nova/common/neutron.pp
@@ -1,36 +1,6 @@
-class openstack::nova::common(
+class openstack::nova::common::neutron(
$version,
- $nova_controller,
- $nova_api_host,
- $nova_api_host_ip,
- $dmz_cidr,
- $dhcp_domain,
- $quota_floating_ips,
- $dhcp_start,
- $network_flat_interface,
- $flat_network_bridge,
- $fixed_range,
- $network_public_interface,
- $network_public_ip,
- $zone,
- $scheduler_pool,
- $db_user,
- $db_pass,
- $db_host,
- $db_name,
- $ldap_user_pass,
- $libvirt_type,
- $live_migration_uri,
- $glance_host,
- $rabbit_user,
- $rabbit_host,
- $rabbit_pass,
- $spice_hostname,
- $keystone_auth_uri,
- $keystone_admin_uri,
) {
-
- $nova_controller_ip = ipresolve($nova_controller,4)
$packages = [
'unzip',
@@ -63,13 +33,13 @@
file {
'/etc/nova/nova.conf':
- content =>
template("openstack/${version}/nova/common/nova.conf.erb"),
+ content =>
template("openstack/${version}/nova/common/neutron/nova.conf.erb"),
owner => 'nova',
group => 'nogroup',
mode => '0440',
require => Package['nova-common'];
'/etc/nova/api-paste.ini':
- content =>
template("openstack/${version}/nova/common/api-paste.ini.erb"),
+ content =>
template("openstack/${version}/nova/common/neutron/api-paste.ini.erb"),
owner => 'nova',
group => 'nogroup',
mode => '0440',
diff --git a/modules/openstack/manifests/nova/common.pp
b/modules/openstack/manifests/nova/common/nova_network.pp
similarity index 94%
rename from modules/openstack/manifests/nova/common.pp
rename to modules/openstack/manifests/nova/common/nova_network.pp
index affa993..fc1bf28 100644
--- a/modules/openstack/manifests/nova/common.pp
+++ b/modules/openstack/manifests/nova/common/nova_network.pp
@@ -1,4 +1,4 @@
-class openstack::nova::common(
+class openstack::nova::common::nova_network(
$version,
$nova_controller,
$nova_api_host,
@@ -63,13 +63,13 @@
file {
'/etc/nova/nova.conf':
- content =>
template("openstack/${version}/nova/common/nova.conf.erb"),
+ content =>
template("openstack/${version}/nova/common/nova_network/nova.conf.erb"),
owner => 'nova',
group => 'nogroup',
mode => '0440',
require => Package['nova-common'];
'/etc/nova/api-paste.ini':
- content =>
template("openstack/${version}/nova/common/api-paste.ini.erb"),
+ content =>
template("openstack/${version}/nova/common/nova_network/api-paste.ini.erb"),
owner => 'nova',
group => 'nogroup',
mode => '0440',
diff --git
a/modules/openstack/templates/liberty/nova/common/neutron/api-paste.ini.erb
b/modules/openstack/templates/liberty/nova/common/neutron/api-paste.ini.erb
new file mode 100644
index 0000000..80e09dc
--- /dev/null
+++ b/modules/openstack/templates/liberty/nova/common/neutron/api-paste.ini.erb
@@ -0,0 +1,153 @@
+[DEFAULT]
+dhcpbridge_flagfile=/etc/nova/nova.conf
+dhcpbridge=/usr/bin/nova-dhcpbridge
+logdir=/var/log/nova
+state_path=/var/lib/nova
+lock_path=/var/lock/nova
+force_dhcp_release=True
+libvirt_use_virtio_for_bridges=True
+verbose=True
+ec2_private_dns_show_ip=True
+api_paste_config=/etc/nova/api-paste.ini
+enabled_apis=ec2,osapi_compute,metadata
+root@labtestvirt2003:~# cat /etc/nova/api-paste.ini
+############
+# Metadata #
+############
+[composite:metadata]
+use = egg:Paste#urlmap
+/: meta
+
+[pipeline:meta]
+pipeline = ec2faultwrap logrequest metaapp
+
+[app:metaapp]
+paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory
+
+#######
+# EC2 #
+#######
+
+# NOTE: this is now deprecated in favor of
https://github.com/stackforge/ec2-api
+[composite:ec2]
+use = egg:Paste#urlmap
+/: ec2cloud
+
+[composite:ec2cloud]
+use = call:nova.api.auth:pipeline_factory
+noauth2 = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
+keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator
ec2executor
+
+[filter:ec2faultwrap]
+paste.filter_factory = nova.api.ec2:FaultWrapper.factory
+
+[filter:logrequest]
+paste.filter_factory = nova.api.ec2:RequestLogging.factory
+
+[filter:ec2lockout]
+paste.filter_factory = nova.api.ec2:Lockout.factory
+
+[filter:ec2keystoneauth]
+paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory
+
+[filter:ec2noauth]
+paste.filter_factory = nova.api.ec2:NoAuth.factory
+
+[filter:cloudrequest]
+controller = nova.api.ec2.cloud.CloudController
+paste.filter_factory = nova.api.ec2:Requestify.factory
+
+[filter:authorizer]
+paste.filter_factory = nova.api.ec2:Authorizer.factory
+
+[filter:validator]
+paste.filter_factory = nova.api.ec2:Validator.factory
+
+[app:ec2executor]
+paste.app_factory = nova.api.ec2:Executor.factory
+
+#############
+# OpenStack #
+#############
+
+[composite:osapi_compute]
+use = call:nova.api.openstack.urlmap:urlmap_factory
+/: oscomputeversions
+# starting in Liberty the v21 implementation replaces the v2
+# implementation and is suggested that you use it as the default. If
+# this causes issues with your clients you can rollback to the
+# *frozen* v2 api by commenting out the above stanza and using the
+# following instead::
+# /v1.1: openstack_compute_api_legacy_v2
+# /v2: openstack_compute_api_legacy_v2
+# if rolling back to v2 fixes your issue please file a critical bug
+# at - https://bugs.launchpad.net/nova/+bugs
+#
+# v21 is an exactly feature match for v2, except it has more stringent
+# input validation on the wsgi surface (prevents fuzzing early on the
+# API). It also provides new features via API microversions which are
+# opt into for clients. Unaware clients will receive the same frozen
+# v2 API feature set, but with some relaxed validation
+/v1.1: openstack_compute_api_v21_legacy_v2_compatible
+/v2: openstack_compute_api_v21_legacy_v2_compatible
+/v2.1: openstack_compute_api_v21
+
+# NOTE: this is deprecated in favor of
openstack_compute_api_v21_legacy_v2_compatible
+[composite:openstack_compute_api_legacy_v2]
+use = call:nova.api.auth:pipeline_factory
+noauth2 = compute_req_id faultwrap sizelimit noauth2 legacy_ratelimit
osapi_compute_app_legacy_v2
+keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext
legacy_ratelimit osapi_compute_app_legacy_v2
+keystone_nolimit = compute_req_id faultwrap sizelimit authtoken
keystonecontext osapi_compute_app_legacy_v2
+
+[composite:openstack_compute_api_v21]
+use = call:nova.api.auth:pipeline_factory_v21
+noauth2 = compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21
+keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext
osapi_compute_app_v21
+
+[composite:openstack_compute_api_v21_legacy_v2_compatible]
+use = call:nova.api.auth:pipeline_factory_v21
+noauth2 = compute_req_id faultwrap sizelimit noauth2 legacy_v2_compatible
osapi_compute_app_v21
+keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext
legacy_v2_compatible osapi_compute_app_v21
+
+[filter:request_id]
+paste.filter_factory = oslo_middleware:RequestId.factory
+
+[filter:compute_req_id]
+paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory
+
+[filter:faultwrap]
+paste.filter_factory = nova.api.openstack:FaultWrapper.factory
+
+[filter:noauth2]
+paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory
+
+[filter:legacy_ratelimit]
+paste.filter_factory =
nova.api.openstack.compute.limits:RateLimitingMiddleware.factory
+
+[filter:sizelimit]
+paste.filter_factory = oslo_middleware:RequestBodySizeLimiter.factory
+
+[filter:legacy_v2_compatible]
+paste.filter_factory = nova.api.openstack:LegacyV2CompatibleWrapper.factory
+
+[app:osapi_compute_app_legacy_v2]
+paste.app_factory = nova.api.openstack.compute:APIRouter.factory
+
+[app:osapi_compute_app_v21]
+paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory
+
+[pipeline:oscomputeversions]
+pipeline = faultwrap oscomputeversionapp
+
+[app:oscomputeversionapp]
+paste.app_factory = nova.api.openstack.compute.versions:Versions.factory
+
+##########
+# Shared #
+##########
+
+[filter:keystonecontext]
+paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory
+
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
diff --git
a/modules/openstack/templates/liberty/nova/common/neutron/nova.conf.erb
b/modules/openstack/templates/liberty/nova/common/neutron/nova.conf.erb
new file mode 100644
index 0000000..a2a354d
--- /dev/null
+++ b/modules/openstack/templates/liberty/nova/common/neutron/nova.conf.erb
@@ -0,0 +1,12 @@
+[DEFAULT]
+dhcpbridge_flagfile=/etc/nova/nova.conf
+dhcpbridge=/usr/bin/nova-dhcpbridge
+logdir=/var/log/nova
+state_path=/var/lib/nova
+lock_path=/var/lock/nova
+force_dhcp_release=True
+libvirt_use_virtio_for_bridges=True
+verbose=True
+ec2_private_dns_show_ip=True
+api_paste_config=/etc/nova/api-paste.ini
+enabled_apis=ec2,osapi_compute,metadata
diff --git a/modules/openstack/templates/liberty/nova/common/api-paste.ini.erb
b/modules/openstack/templates/liberty/nova/common/nova_network/api-paste.ini.erb
similarity index 100%
rename from modules/openstack/templates/liberty/nova/common/api-paste.ini.erb
rename to
modules/openstack/templates/liberty/nova/common/nova_network/api-paste.ini.erb
diff --git a/modules/openstack/templates/liberty/nova/common/nova.conf.erb
b/modules/openstack/templates/liberty/nova/common/nova_network/nova.conf.erb
similarity index 100%
rename from modules/openstack/templates/liberty/nova/common/nova.conf.erb
rename to
modules/openstack/templates/liberty/nova/common/nova_network/nova.conf.erb
diff --git a/modules/profile/manifests/openstack/base/nova/common/neutron.pp
b/modules/profile/manifests/openstack/base/nova/common/neutron.pp
new file mode 100644
index 0000000..1d96102
--- /dev/null
+++ b/modules/profile/manifests/openstack/base/nova/common/neutron.pp
@@ -0,0 +1,9 @@
+class profile::openstack::base::nova::common::neutron(
+ $version = hiera('profile::openstack::base::version'),
+ ) {
+
+ class {'::openstack::nova::common::neutron':
+ version => $version,
+ }
+ contain '::openstack::nova::common::neutron'
+}
diff --git a/modules/profile/manifests/openstack/base/nova/common.pp
b/modules/profile/manifests/openstack/base/nova/common/nova_network.pp
similarity index 94%
rename from modules/profile/manifests/openstack/base/nova/common.pp
rename to modules/profile/manifests/openstack/base/nova/common/nova_network.pp
index dfc76de..336b9cf 100644
--- a/modules/profile/manifests/openstack/base/nova/common.pp
+++ b/modules/profile/manifests/openstack/base/nova/common/nova_network.pp
@@ -1,4 +1,4 @@
-class profile::openstack::base::nova::common(
+class profile::openstack::base::nova::common::nova_network(
$version = hiera('profile::openstack::base::version'),
$nova_controller = hiera('profile::openstack::base::nova_controller'),
$nova_api_host = hiera('profile::openstack::base::nova_api_host'),
@@ -31,7 +31,7 @@
$keystone_auth_uri = "http://${nova_controller}:${public_port}";
$nova_api_host_ip = ipresolve($nova_api_host,4)
- class {'::openstack::nova::common':
+ class {'::openstack::nova::common::nova_network':
version => $version,
nova_controller => $nova_controller,
nova_api_host => $nova_api_host,
@@ -62,5 +62,5 @@
keystone_auth_uri => $keystone_auth_uri,
keystone_admin_uri => $keystone_admin_uri,
}
- contain '::openstack::nova::common'
+ contain '::openstack::nova::common::nova_network'
}
diff --git a/modules/profile/manifests/openstack/labtest/nova/common.pp
b/modules/profile/manifests/openstack/labtest/nova/common.pp
index 5595c86..0f7d1e4 100644
--- a/modules/profile/manifests/openstack/labtest/nova/common.pp
+++ b/modules/profile/manifests/openstack/labtest/nova/common.pp
@@ -22,7 +22,7 @@
) {
require ::profile::openstack::labtest::cloudrepo
- class {'::profile::openstack::base::nova::common':
+ class {'::profile::openstack::base::nova::common::nova_network':
version => $version,
nova_controller => $nova_controller,
nova_api_host => $nova_api_host,
@@ -44,5 +44,5 @@
rabbit_pass => $rabbit_pass,
spice_hostname => $spice_hostname,
}
- contain '::profile::openstack::base::nova::common'
+ contain '::profile::openstack::base::nova::common::nova_network'
}
diff --git a/modules/profile/manifests/openstack/labtestn/nova/common.pp
b/modules/profile/manifests/openstack/labtestn/nova/common.pp
index 49b878d..322a8eb 100644
--- a/modules/profile/manifests/openstack/labtestn/nova/common.pp
+++ b/modules/profile/manifests/openstack/labtestn/nova/common.pp
@@ -1,48 +1,10 @@
class profile::openstack::labtestn::nova::common(
$version = hiera('profile::openstack::labtestn::version'),
- $nova_controller = hiera('profile::openstack::labtestn::nova_controller'),
- $nova_api_host = hiera('profile::openstack::labtestn::nova_api_host'),
- $dmz_cidr = hiera('profile::openstack::labtestn::nova::dmz_cidr'),
- $dhcp_domain = hiera('profile::openstack::labtestn::nova::dhcp_domain'),
- $dhcp_start = hiera('profile::openstack::labtestn::nova::dhcp_start'),
- $quota_floating_ips =
hiera('profile::openstack::labtestn::nova::quota_floating_ips'),
- $network_flat_interface =
hiera('profile::openstack::labtestn::nova::network_flat_interface'),
- $flat_network_bridge =
hiera('profile::openstack::labtestn::nova::flat_network_bridge'),
- $fixed_range = hiera('profile::openstack::labtestn::nova::fixed_range'),
- $network_public_interface =
hiera('profile::openstack::labtestn::nova::network_public_interface'),
- $network_public_ip =
hiera('profile::openstack::labtestn::nova::network_public_ip'),
- $zone = hiera('profile::openstack::labtestn::nova::zone'),
- $scheduler_pool =
hiera('profile::openstack::labtestn::nova::scheduler_pool'),
- $db_pass = hiera('profile::openstack::labtestn::nova::db_pass'),
- $db_host = hiera('profile::openstack::labtestn::nova::db_host'),
- $ldap_user_pass = hiera('profile::openstack::labtestn::ldap_user_pass'),
- $live_migration_uri =
hiera('profile::openstack::labtestn::nova::live_migration_uri'),
- $rabbit_pass = hiera('profile::openstack::labtestn::nova::rabbit_pass'),
- $spice_hostname = hiera('profile::openstack::labtestn::spice_hostname'),
) {
require ::profile::openstack::labtestn::cloudrepo
- class {'::profile::openstack::base::nova::common':
- version => $version,
- nova_controller => $nova_controller,
- nova_api_host => $nova_api_host,
- dmz_cidr => $dmz_cidr,
- dhcp_domain => $dhcp_domain,
- quota_floating_ips => $quota_floating_ips,
- dhcp_start => $dhcp_start,
- network_flat_interface => $network_flat_interface,
- flat_network_bridge => $flat_network_bridge,
- fixed_range => $fixed_range,
- network_public_interface => $network_public_interface,
- network_public_ip => $network_public_ip,
- zone => $zone,
- scheduler_pool => $scheduler_pool,
- db_pass => $db_pass,
- db_host => $db_host,
- ldap_user_pass => $ldap_user_pass,
- live_migration_uri => $live_migration_uri,
- rabbit_pass => $rabbit_pass,
- spice_hostname => $spice_hostname,
+ class {'::profile::openstack::base::nova::common::neutron':
+ version => $version,
}
- contain '::profile::openstack::base::nova::common'
+ contain '::profile::openstack::base::nova::common::neutron'
}
diff --git a/modules/profile/manifests/openstack/main/nova/common.pp
b/modules/profile/manifests/openstack/main/nova/common.pp
index e135aa9..a65054f 100644
--- a/modules/profile/manifests/openstack/main/nova/common.pp
+++ b/modules/profile/manifests/openstack/main/nova/common.pp
@@ -22,7 +22,7 @@
) {
require ::profile::openstack::main::cloudrepo
- class {'profile::openstack::base::nova::common':
+ class {'profile::openstack::base::nova::common::nova_network':
version => $version,
nova_controller => $nova_controller,
nova_api_host => $nova_api_host,
diff --git a/modules/role/manifests/wmcs/openstack/labtestn/control.pp
b/modules/role/manifests/wmcs/openstack/labtestn/control.pp
index 32b444f..00e3b57 100644
--- a/modules/role/manifests/wmcs/openstack/labtestn/control.pp
+++ b/modules/role/manifests/wmcs/openstack/labtestn/control.pp
@@ -4,7 +4,7 @@
include ::profile::openstack::labtestn::rabbitmq
include ::profile::openstack::labtestn::keystone::service
include ::profile::openstack::labtestn::glance
- include ::profile::openstack::labtestn::nova::common
+ include ::profile::openstack::labtestn::nova::common::neutron
include ::profile::openstack::labtestn::nova::conductor::service
include ::profile::openstack::labtestn::nova::scheduler::service
include ::profile::openstack::labtestn::nova::api::service
--
To view, visit https://gerrit.wikimedia.org/r/405366
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Iba0aecdfaa1e35c24dbc13a27d0459ce570abe3b
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Rush <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
