Last active
August 29, 2015 13:57
-
-
Save michaeltchapman/9738803 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class openstacklib::openstack::regions( | |
| $regions_hash, | |
| $keystone_user_pw, | |
| $nova_user_pw, | |
| $neutron_user_pw, | |
| $glance_user_pw, | |
| $heat_user_pw, | |
| $cinder_user_pw, | |
| $ceilometer_user_pw | |
| $admin_email = 'openstack@localhost', | |
| $public_protocol = 'http', | |
| $internal_protocol = 'http', | |
| $admin_protocol = 'http', | |
| $tenant = 'services' | |
| ) { | |
| defaults => { | |
| 'email' => $admin_email, | |
| 'tenant' => $tenant, | |
| 'public_protocol' => $public_protocol, | |
| 'internal_protocol' => $internal_protocol, | |
| 'admin_protocol' => $admin_protocol, | |
| 'shared' => $region_auth['shared'] | |
| 'keystone_user_pw' => $keystone_user_pw, | |
| 'nova_user_pw' => $nova_user_pw, | |
| 'neutron_user_pw' => $neutron_user_pw | |
| 'glance_user_pw' => $glance_user_pw, | |
| 'heat_user_pw' => $heat_user_pw, | |
| 'cinder_user_pw' => $cinder_user_pw, | |
| 'ceilometer_user_pw' => $ceilometer_user_pw, | |
| } | |
| create_resources(openstacklib::openstack::region_auth, $regions_hash, $defaults) | |
| } | |
| define openstacklib::openstack::region_auth( | |
| $public_ip, | |
| $private_ip, | |
| $services, | |
| $email, | |
| $tenant, | |
| $public_protocol, | |
| $internal_protocol, | |
| $admin_protocol, | |
| $shared, | |
| $keystone_user_pw, | |
| $nova_user_pw, | |
| $neutron_user_pw, | |
| $glance_user_pw, | |
| $heat_user_pw, | |
| $cinder_user_pw, | |
| $ceilometer_user_pw | |
| ) | |
| { | |
| if (name != 'shared') { | |
| $shared_services = $shared['services'] | |
| $shared_public_ip = $shared['public_ip'] | |
| $shared_private_ip = $shared['private_ip'] | |
| if ('keystone' in $services or 'keystone' in $shared_services) { | |
| if 'keystone' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/keystone: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => false, | |
| service => 'identity', | |
| region => $name, | |
| project => 'keystone', | |
| email => $admin_email, | |
| tenant => false, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '', | |
| admin_suffix => '', | |
| public_port => '5000', | |
| admin_port => '35357' | |
| } | |
| } | |
| if ('ceilometer' in $services or 'ceilometer' in $shared_services) { | |
| if 'ceilometer' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/ceilometer: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $ceilometer_user_pw, | |
| service => 'metering', | |
| region => $name, | |
| project => 'ceilometer', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '', | |
| admin_suffix => '', | |
| public_port => '8777', | |
| admin_port => '8777' | |
| } | |
| } | |
| if ('heat-cfn' in $services or 'heat-cfn' in $shared_services) { | |
| if 'heat-cfn' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/heat-cfn: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $heat_user_pw, | |
| service => 'cloudformation', | |
| region => $name, | |
| project => 'heat', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '', | |
| admin_suffix => '', | |
| public_port => '8000', | |
| admin_port => '8000' | |
| } | |
| } | |
| if ('heat' in $services or 'heat' in $shared_services) { | |
| if 'heat' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/heat: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $heat_user_pw, | |
| service => 'orchestration', | |
| region => $name, | |
| project => 'heat', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '/v1/%(tenant_id)s', | |
| admin_suffix => '/v1/%(tenant_id)s', | |
| public_port => '8004', | |
| admin_port => '8004' | |
| } | |
| } | |
| if ('neutron' in $services or 'neutron' in $shared_services) { | |
| if 'neutron' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/neutron: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $neutron_user_pw, | |
| service => 'network', | |
| region => $name, | |
| project => 'neutron', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '', | |
| admin_suffix => '', | |
| public_port => '9696', | |
| admin_port => '9696' | |
| } | |
| } | |
| if ('cinder' in $services or 'cinder' in $shared_services) { | |
| if 'cinder' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/cinder: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $cinder_user_pw, | |
| service => 'volume', | |
| region => $name, | |
| project => 'cinder', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '/v1/%(tenant_id)s', | |
| admin_suffix => '/v1/%(tenant_id)s', | |
| public_port => '8776', | |
| admin_port => '8776' | |
| } | |
| } | |
| if ('glance' in $services or 'glance' in $shared_services) { | |
| if 'glance' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/glance: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $glance_user_pw, | |
| service => 'image', | |
| region => $name, | |
| project => 'glance', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '', | |
| admin_suffix => '', | |
| public_port => '9292', | |
| admin_port => '9292' | |
| } | |
| } | |
| if ('nova' in $services or 'nova' in $shared_services) { | |
| if 'nova' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/nova: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $nova_user_pw, | |
| service => 'compute', | |
| region => $name, | |
| project => 'nova', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '/v2/%(tenant_id)s', | |
| admin_suffix => '/v2/%(tenant_id)s', | |
| public_port => '8774', | |
| admin_port => '8774' | |
| } | |
| } | |
| if ('ec2' in $services or 'ec2' in $shared_services) { | |
| if 'ec2' in $shared_services { | |
| $real_public_ip = $shared_public_ip | |
| $real_private_ip = $shared_private_ip | |
| } else { | |
| $real_public_ip = $public_ip | |
| $real_private_ip = $private_ip | |
| } | |
| service_auth { $name/ec2: | |
| public_ip => $real_public_ip, | |
| private_ip => $real_private_ip, | |
| password => $nova_user_pw, | |
| service => 'ec2', | |
| region => $name, | |
| project => 'nova', | |
| email => $admin_email, | |
| tenant => $tenant, | |
| public_protocol => $public_protocol, | |
| internal_protocol => $internal_protocol, | |
| admin_protocol => $admin_protocol, | |
| public_suffix => '/services/Cloud', | |
| admin_suffix => '/services/Admin' | |
| } | |
| } | |
| } | |
| } | |
| define openstacklib::openstack::service_auth( | |
| $project, | |
| $public_ip, | |
| $private_ip, | |
| $password, | |
| $service, | |
| $region, | |
| $email, | |
| $tenant, | |
| $public_port, | |
| $admin_port, | |
| $public_protocol, | |
| $internal_protocol, | |
| $admin_protocol, | |
| $endpoint_suffix = "", | |
| $tenant = 'services', | |
| ) { | |
| if $tenant { | |
| ensure_resource( keystone_user, $project, | |
| { | |
| ensure => present, | |
| password => $password, | |
| email => $email, | |
| tenant => $tenant | |
| }) | |
| ensure_resource( keystone_user_role ,"${project}@${tenant}", | |
| { | |
| ensure => present, | |
| roles => 'admin' | |
| }) | |
| } | |
| ensure_resource( keystone_service, $project, | |
| { | |
| ensure => present, | |
| type => $service, | |
| description => "Openstack ${service} service" | |
| }) | |
| ensure_resource( keystone_endpoint, "${region}/${project}", | |
| { | |
| ensure => present, | |
| public_url => "${public_protocol}://${public_ip}:${public_port}${endpoint_suffix}", | |
| internal_url => "${internal_protocol}://${private_ip}:${public_port}${endpoint_suffix}", | |
| admin_url => "${admin_protocol}://${private_ip}:${admin_port}${endpoint_suffix}" | |
| }) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment