Last active
August 29, 2015 13:57
-
-
Save michaeltchapman/9738803 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class openstacklib::openstack::regions( | |
$regions_hash, | |
$keystone_user_pw, | |
$nova_user_pw, | |
$neutron_user_pw, | |
$glance_user_pw, | |
$heat_user_pw, | |
$cinder_user_pw, | |
$ceilometer_user_pw | |
$admin_email = 'openstack@localhost', | |
$public_protocol = 'http', | |
$internal_protocol = 'http', | |
$admin_protocol = 'http', | |
$tenant = 'services' | |
) { | |
defaults => { | |
'email' => $admin_email, | |
'tenant' => $tenant, | |
'public_protocol' => $public_protocol, | |
'internal_protocol' => $internal_protocol, | |
'admin_protocol' => $admin_protocol, | |
'shared' => $region_auth['shared'] | |
'keystone_user_pw' => $keystone_user_pw, | |
'nova_user_pw' => $nova_user_pw, | |
'neutron_user_pw' => $neutron_user_pw | |
'glance_user_pw' => $glance_user_pw, | |
'heat_user_pw' => $heat_user_pw, | |
'cinder_user_pw' => $cinder_user_pw, | |
'ceilometer_user_pw' => $ceilometer_user_pw, | |
} | |
create_resources(openstacklib::openstack::region_auth, $regions_hash, $defaults) | |
} | |
define openstacklib::openstack::region_auth( | |
$public_ip, | |
$private_ip, | |
$services, | |
$email, | |
$tenant, | |
$public_protocol, | |
$internal_protocol, | |
$admin_protocol, | |
$shared, | |
$keystone_user_pw, | |
$nova_user_pw, | |
$neutron_user_pw, | |
$glance_user_pw, | |
$heat_user_pw, | |
$cinder_user_pw, | |
$ceilometer_user_pw | |
) | |
{ | |
if (name != 'shared') { | |
$shared_services = $shared['services'] | |
$shared_public_ip = $shared['public_ip'] | |
$shared_private_ip = $shared['private_ip'] | |
if ('keystone' in $services or 'keystone' in $shared_services) { | |
if 'keystone' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/keystone: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => false, | |
service => 'identity', | |
region => $name, | |
project => 'keystone', | |
email => $admin_email, | |
tenant => false, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '', | |
admin_suffix => '', | |
public_port => '5000', | |
admin_port => '35357' | |
} | |
} | |
if ('ceilometer' in $services or 'ceilometer' in $shared_services) { | |
if 'ceilometer' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/ceilometer: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $ceilometer_user_pw, | |
service => 'metering', | |
region => $name, | |
project => 'ceilometer', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '', | |
admin_suffix => '', | |
public_port => '8777', | |
admin_port => '8777' | |
} | |
} | |
if ('heat-cfn' in $services or 'heat-cfn' in $shared_services) { | |
if 'heat-cfn' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/heat-cfn: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $heat_user_pw, | |
service => 'cloudformation', | |
region => $name, | |
project => 'heat', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '', | |
admin_suffix => '', | |
public_port => '8000', | |
admin_port => '8000' | |
} | |
} | |
if ('heat' in $services or 'heat' in $shared_services) { | |
if 'heat' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/heat: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $heat_user_pw, | |
service => 'orchestration', | |
region => $name, | |
project => 'heat', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '/v1/%(tenant_id)s', | |
admin_suffix => '/v1/%(tenant_id)s', | |
public_port => '8004', | |
admin_port => '8004' | |
} | |
} | |
if ('neutron' in $services or 'neutron' in $shared_services) { | |
if 'neutron' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/neutron: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $neutron_user_pw, | |
service => 'network', | |
region => $name, | |
project => 'neutron', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '', | |
admin_suffix => '', | |
public_port => '9696', | |
admin_port => '9696' | |
} | |
} | |
if ('cinder' in $services or 'cinder' in $shared_services) { | |
if 'cinder' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/cinder: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $cinder_user_pw, | |
service => 'volume', | |
region => $name, | |
project => 'cinder', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '/v1/%(tenant_id)s', | |
admin_suffix => '/v1/%(tenant_id)s', | |
public_port => '8776', | |
admin_port => '8776' | |
} | |
} | |
if ('glance' in $services or 'glance' in $shared_services) { | |
if 'glance' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/glance: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $glance_user_pw, | |
service => 'image', | |
region => $name, | |
project => 'glance', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '', | |
admin_suffix => '', | |
public_port => '9292', | |
admin_port => '9292' | |
} | |
} | |
if ('nova' in $services or 'nova' in $shared_services) { | |
if 'nova' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/nova: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $nova_user_pw, | |
service => 'compute', | |
region => $name, | |
project => 'nova', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '/v2/%(tenant_id)s', | |
admin_suffix => '/v2/%(tenant_id)s', | |
public_port => '8774', | |
admin_port => '8774' | |
} | |
} | |
if ('ec2' in $services or 'ec2' in $shared_services) { | |
if 'ec2' in $shared_services { | |
$real_public_ip = $shared_public_ip | |
$real_private_ip = $shared_private_ip | |
} else { | |
$real_public_ip = $public_ip | |
$real_private_ip = $private_ip | |
} | |
service_auth { $name/ec2: | |
public_ip => $real_public_ip, | |
private_ip => $real_private_ip, | |
password => $nova_user_pw, | |
service => 'ec2', | |
region => $name, | |
project => 'nova', | |
email => $admin_email, | |
tenant => $tenant, | |
public_protocol => $public_protocol, | |
internal_protocol => $internal_protocol, | |
admin_protocol => $admin_protocol, | |
public_suffix => '/services/Cloud', | |
admin_suffix => '/services/Admin' | |
} | |
} | |
} | |
} | |
define openstacklib::openstack::service_auth( | |
$project, | |
$public_ip, | |
$private_ip, | |
$password, | |
$service, | |
$region, | |
$email, | |
$tenant, | |
$public_port, | |
$admin_port, | |
$public_protocol, | |
$internal_protocol, | |
$admin_protocol, | |
$endpoint_suffix = "", | |
$tenant = 'services', | |
) { | |
if $tenant { | |
ensure_resource( keystone_user, $project, | |
{ | |
ensure => present, | |
password => $password, | |
email => $email, | |
tenant => $tenant | |
}) | |
ensure_resource( keystone_user_role ,"${project}@${tenant}", | |
{ | |
ensure => present, | |
roles => 'admin' | |
}) | |
} | |
ensure_resource( keystone_service, $project, | |
{ | |
ensure => present, | |
type => $service, | |
description => "Openstack ${service} service" | |
}) | |
ensure_resource( keystone_endpoint, "${region}/${project}", | |
{ | |
ensure => present, | |
public_url => "${public_protocol}://${public_ip}:${public_port}${endpoint_suffix}", | |
internal_url => "${internal_protocol}://${private_ip}:${public_port}${endpoint_suffix}", | |
admin_url => "${admin_protocol}://${private_ip}:${admin_port}${endpoint_suffix}" | |
}) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment