Commit 7f989a52 authored by Thomas Goirand's avatar Thomas Goirand

Adapt puppet manifests so that they also work with Stein's puppet-openstack.

parent ba38ff33
......@@ -41,6 +41,7 @@ openstack-cluster-installer (22) UNRELEASED; urgency=medium
if using Buster.
* Also install gnupg2 in the installed machines of the cluster.
* Add support for Stein's separated placement.
* Adapt puppet manifests so that they also work with Stein's puppet-openstack.
[ Oliver Chaze ]
* swift: do not log in syslog general logs
......
......@@ -1609,54 +1609,105 @@ export OS_CACERT=/etc/ssl/certs/oci-pki-oci-ca-chain.pem
require => Package['keystone'],
})
class { '::keystone':
debug => true,
database_connection => "mysql://keystone:${pass_keystone_db}@127.0.0.1/keystonedb",
catalog_type => 'sql',
admin_token => $pass_keystone_adminuser,
admin_password => $pass_keystone_adminuser,
enabled => true,
service_name => 'httpd',
enable_ssl => $use_ssl,
public_bind_host => "${::fqdn}",
admin_bind_host => "${::fqdn}",
manage_policyrcd => true,
enable_credential_setup => true,
credential_key_repository => '/etc/keystone/credential-keys',
credential_keys => { '/etc/keystone/credential-keys/0' => { 'content' => $pass_keystone_credkey1 },
'/etc/keystone/credential-keys/1' => { 'content' => $pass_keystone_credkey2 },
},
enable_fernet_setup => true,
fernet_replace_keys => false,
fernet_key_repository => '/etc/keystone/fernet-keys',
fernet_max_active_keys => 4,
fernet_keys => { '/etc/keystone/fernet-keys/0' => { 'content' => $pass_keystone_fernkey1 },
if $openstack_release == 'rocky'{
class { '::keystone':
debug => true,
database_connection => "mysql://keystone:${pass_keystone_db}@127.0.0.1/keystonedb",
catalog_type => 'sql',
admin_token => $pass_keystone_adminuser,
admin_password => $pass_keystone_adminuser,
enabled => true,
service_name => 'httpd',
enable_ssl => $use_ssl,
public_bind_host => "${::fqdn}",
admin_bind_host => "${::fqdn}",
manage_policyrcd => true,
enable_credential_setup => true,
credential_key_repository => '/etc/keystone/credential-keys',
credential_keys => { '/etc/keystone/credential-keys/0' => { 'content' => $pass_keystone_credkey1 },
'/etc/keystone/credential-keys/1' => { 'content' => $pass_keystone_credkey2 },
},
enable_fernet_setup => true,
fernet_replace_keys => false,
fernet_key_repository => '/etc/keystone/fernet-keys',
fernet_max_active_keys => 4,
fernet_keys => { '/etc/keystone/fernet-keys/0' => { 'content' => $pass_keystone_fernkey1 },
# With fernet_replace_keys => false, if we don't have the "1" key
# then re-applying puppet is fine, and initial setup is ok too.
# '/etc/keystone/fernet-keys/1' => { 'content' => $pass_keystone_fernkey2 },
},
token_expiration => 604800,
admin_endpoint => "https://${vip_hostname}:${api_port}/identity-admin",
public_endpoint => "https://${vip_hostname}:${api_port}/identity",
default_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'keystone',
'password' => $pass_keystone_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'keystone',
'password' => $pass_keystone_messaging,
}),
rabbit_use_ssl => $use_ssl,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
rabbit_ha_queues => true,
cache_backend => 'dogpile.cache.memcached',
memcache_servers => $memcached_servers,
},
token_expiration => 604800,
admin_endpoint => "https://${vip_hostname}:${api_port}/identity-admin",
public_endpoint => "https://${vip_hostname}:${api_port}/identity",
default_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'keystone',
'password' => $pass_keystone_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'keystone',
'password' => $pass_keystone_messaging,
}),
rabbit_use_ssl => $use_ssl,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
rabbit_ha_queues => true,
cache_backend => 'dogpile.cache.memcached',
memcache_servers => $memcached_servers,
}
} else {
class { '::keystone':
database_connection => "mysql://keystone:${pass_keystone_db}@127.0.0.1/keystonedb",
catalog_type => 'sql',
admin_token => $pass_keystone_adminuser,
admin_password => $pass_keystone_adminuser,
enabled => true,
service_name => 'httpd',
enable_ssl => $use_ssl,
public_bind_host => "${::fqdn}",
admin_bind_host => "${::fqdn}",
manage_policyrcd => true,
enable_credential_setup => true,
credential_key_repository => '/etc/keystone/credential-keys',
credential_keys => { '/etc/keystone/credential-keys/0' => { 'content' => $pass_keystone_credkey1 },
'/etc/keystone/credential-keys/1' => { 'content' => $pass_keystone_credkey2 },
},
enable_fernet_setup => true,
fernet_replace_keys => false,
fernet_key_repository => '/etc/keystone/fernet-keys',
fernet_max_active_keys => 4,
fernet_keys => { '/etc/keystone/fernet-keys/0' => { 'content' => $pass_keystone_fernkey1 },
# With fernet_replace_keys => false, if we don't have the "1" key
# then re-applying puppet is fine, and initial setup is ok too.
# '/etc/keystone/fernet-keys/1' => { 'content' => $pass_keystone_fernkey2 },
},
token_expiration => 604800,
admin_endpoint => "https://${vip_hostname}:${api_port}/identity-admin",
public_endpoint => "https://${vip_hostname}:${api_port}/identity",
default_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'keystone',
'password' => $pass_keystone_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'keystone',
'password' => $pass_keystone_messaging,
}),
rabbit_use_ssl => $use_ssl,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
rabbit_ha_queues => true,
cache_backend => 'dogpile.cache.memcached',
cache_memcache_servers => $memcached_servers,
}
}
include ::apache
class { '::keystone::wsgi::apache':
......@@ -1866,18 +1917,32 @@ test -e \$mon_data/done
}
}
class { '::glance::api':
debug => true,
database_connection => "mysql+pymysql://glance:${pass_glance_db}@127.0.0.1/glancedb?charset=utf8",
workers => 2,
use_stderr => true,
stores => $backend_stores,
default_store => $glance_default_store,
bind_host => $machine_ip,
cert_file => $glance_crt_file,
key_file => $glance_key_file,
enable_v1_api => false,
enable_v2_api => true,
if $openstack_release == 'rocky'{
class { '::glance::api':
debug => true,
database_connection => "mysql+pymysql://glance:${pass_glance_db}@127.0.0.1/glancedb?charset=utf8",
workers => 2,
use_stderr => true,
stores => $backend_stores,
default_store => $glance_default_store,
bind_host => $machine_ip,
cert_file => $glance_crt_file,
key_file => $glance_key_file,
enable_v1_api => false,
enable_v2_api => true,
}
} else {
class { '::glance::api':
database_connection => "mysql+pymysql://glance:${pass_glance_db}@127.0.0.1/glancedb?charset=utf8",
workers => 2,
stores => $backend_stores,
default_store => $glance_default_store,
bind_host => $machine_ip,
cert_file => $glance_crt_file,
key_file => $glance_key_file,
enable_v1_api => false,
enable_v2_api => true,
}
}
class { '::glance::notify::rabbitmq':
......@@ -1967,28 +2032,53 @@ test -e \$mon_data/done
}
}
class { '::heat':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'heat',
'password' => $pass_heat_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'heat',
'password' => $pass_heat_messaging,
}),
host => $machine_hostname,
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
database_connection => "mysql+pymysql://heat:${pass_heat_db}@127.0.0.1/heatdb?charset=utf8",
debug => true,
notification_driver => 'messagingv2',
if $openstack_release == 'rocky'{
class { '::heat':
debug => true,
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'heat',
'password' => $pass_heat_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'heat',
'password' => $pass_heat_messaging,
}),
host => $machine_hostname,
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
database_connection => "mysql+pymysql://heat:${pass_heat_db}@127.0.0.1/heatdb?charset=utf8",
notification_driver => 'messagingv2',
}
} else {
class { '::heat':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'heat',
'password' => $pass_heat_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'heat',
'password' => $pass_heat_messaging,
}),
host => $machine_hostname,
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
database_connection => "mysql+pymysql://heat:${pass_heat_db}@127.0.0.1/heatdb?charset=utf8",
notification_driver => 'messagingv2',
}
}
class { '::heat::keystone::domain':
domain_password => $pass_heat_keystone_domain,
......@@ -2179,7 +2269,7 @@ test -e \$mon_data/done
database_connection => "mysql+pymysql://placement:${pass_placement_db}@127.0.0.1/placementdb?charset=utf8",
}
class { '::placement::api':
$sync_db => true,
sync_db => true,
}
}
......@@ -2294,7 +2384,13 @@ test -e \$mon_data/done
class { '::nova::consoleauth': }
class { '::nova::cron::archive_deleted_rows': }
class { '::nova::scheduler': }
if $openstack_release == 'rocky'{
class { '::nova::scheduler': }
}else{
class { '::nova::scheduler':
workers => '4',
}
}
class { '::nova::scheduler::filter': }
class { '::nova::vncproxy':
host => $machine_ip,
......@@ -2309,21 +2405,38 @@ test -e \$mon_data/done
nova_config {
'neutron/cafile': value => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem';
'neutron/endpoint_override': value => "${base_url}/network";
'glance/cafile': value => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem';
'keystone/cafile': value => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem';
'placement/cafile': value => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem';
'cinder/cafile': value => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem';
'service_user/cafile': value => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem';
'scheduler/workers': value => '4';
}
if $openstack_release == 'rocky'{
nova_config {
'scheduler/workers': value => '4';
}
}
class { '::nova::network::neutron':
neutron_auth_url => "${keystone_auth_uri}/v3",
neutron_url => "${base_url}/network",
neutron_password => $pass_neutron_authtoken,
default_floating_pool => 'public',
dhcp_domain => '',
if $openstack_release == 'rocky'{
class { '::nova::network::neutron':
neutron_auth_url => "${keystone_auth_uri}/v3",
neutron_url => "${base_url}/network",
neutron_password => $pass_neutron_authtoken,
default_floating_pool => 'public',
dhcp_domain => '',
}
nova_config {
'neutron/endpoint_override': value => "${base_url}/network";
}
}else{
class { '::nova::network::neutron':
neutron_auth_url => "${keystone_auth_uri}/v3",
neutron_url => "${base_url}/network",
neutron_password => $pass_neutron_authtoken,
default_floating_pool => 'public',
dhcp_domain => '',
neutron_endpoint_override => "${base_url}/network",
}
}
}
#####################
......@@ -2368,35 +2481,67 @@ test -e \$mon_data/done
$vmnet_mtu_real = $vmnet_mtu
}
class { '::neutron':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'neutron',
'password' => $pass_neutron_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'neutron',
'password' => $pass_neutron_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
allow_overlapping_ips => true,
core_plugin => 'ml2',
service_plugins => ['router', 'metering', 'qos', 'trunk', 'firewall_v2', 'segments', ],
debug => true,
bind_host => $machine_ip,
use_ssl => $use_ssl,
cert_file => $neutron_crt_file,
key_file => $neutron_key_file,
notification_driver => 'messagingv2',
global_physnet_mtu => $vmnet_mtu_real,
if $openstack_release == 'rocky'{
class { '::neutron':
debug => true,
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'neutron',
'password' => $pass_neutron_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'neutron',
'password' => $pass_neutron_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
allow_overlapping_ips => true,
core_plugin => 'ml2',
service_plugins => ['router', 'metering', 'qos', 'trunk', 'firewall_v2', 'segments', ],
bind_host => $machine_ip,
use_ssl => $use_ssl,
cert_file => $neutron_crt_file,
key_file => $neutron_key_file,
notification_driver => 'messagingv2',
global_physnet_mtu => $vmnet_mtu_real,
}
}else{
class { '::neutron':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'neutron',
'password' => $pass_neutron_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'neutron',
'password' => $pass_neutron_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
allow_overlapping_ips => true,
core_plugin => 'ml2',
service_plugins => ['router', 'metering', 'qos', 'trunk', 'firewall_v2', 'segments', ],
bind_host => $machine_ip,
use_ssl => $use_ssl,
cert_file => $neutron_crt_file,
key_file => $neutron_key_file,
notification_driver => 'messagingv2',
global_physnet_mtu => $vmnet_mtu_real,
}
}
class { '::neutron::client': }
class { '::neutron::keystone::authtoken':
......@@ -2511,19 +2656,35 @@ test -e \$mon_data/done
password => $pass_cinder_authtoken,
}
}
class { '::cinder':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'cinder',
'password' => $pass_cinder_messaging,
}),
database_connection => "mysql+pymysql://cinder:${pass_cinder_db}@127.0.0.1/cinderdb?charset=utf8",
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
debug => true,
if $openstack_release == 'rocky'{
class { '::cinder':
debug => true,
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'cinder',
'password' => $pass_cinder_messaging,
}),
database_connection => "mysql+pymysql://cinder:${pass_cinder_db}@127.0.0.1/cinderdb?charset=utf8",
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
}
}else{
class { '::cinder':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'cinder',
'password' => $pass_cinder_messaging,
}),
database_connection => "mysql+pymysql://cinder:${pass_cinder_db}@127.0.0.1/cinderdb?charset=utf8",
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
}
}
class { '::cinder::keystone::authtoken':
password => $pass_cinder_authtoken,
......@@ -2576,9 +2737,15 @@ test -e \$mon_data/done
$gnocchi_key_file = undef
$gnocchi_crt_file = undef
}
class { '::gnocchi':
debug => true,
database_connection => "mysql+pymysql://gnocchi:${pass_gnocchi_db}@127.0.0.1/gnocchidb?charset=utf8",
if $openstack_release == 'rocky'{
class { '::gnocchi':
debug => true,
database_connection => "mysql+pymysql://gnocchi:${pass_gnocchi_db}@127.0.0.1/gnocchidb?charset=utf8",
}
}else{
class { '::gnocchi':
database_connection => "mysql+pymysql://gnocchi:${pass_gnocchi_db}@127.0.0.1/gnocchidb?charset=utf8",
}
}
if $is_first_master {
class { '::gnocchi::keystone::auth':
......@@ -2674,28 +2841,53 @@ test -e \$mon_data/done
### Setup Ceilometer ###
########################
if $has_subrole_ceilometer {
class { '::ceilometer':
telemetry_secret => $pass_ceilometer_telemetry,
default_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'ceilometer',
'password' => $pass_ceilometer_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'ceilometer',
'password' => $pass_ceilometer_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
memcache_servers => $memcached_servers,
debug => true,
if $openstack_release == 'rocky'{
class { '::ceilometer':
debug => true,
telemetry_secret => $pass_ceilometer_telemetry,
default_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'ceilometer',
'password' => $pass_ceilometer_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'ceilometer',
'password' => $pass_ceilometer_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
memcache_servers => $memcached_servers,
}
}else{
class { '::ceilometer':
telemetry_secret => $pass_ceilometer_telemetry,
default_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'ceilometer',
'password' => $pass_ceilometer_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => 'rabbit',
'hosts' => fqdn_rotate($all_masters),
'port' => '5671',
'username' => 'ceilometer',
'password' => $pass_ceilometer_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
memcache_servers => $memcached_servers,
}
}
# We don't need the endpoint, but we need it as this
......@@ -2839,28 +3031,53 @@ test -e \$mon_data/done
$aodh_key_file = undef
$aodh_crt_file = undef
}
class { '::aodh':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'aodh',
'password' => $pass_aodh_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'aodh',
'password' => $pass_aodh_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
debug => true,
database_connection => "mysql+pymysql://aodh:${$pass_aodh_db}@127.0.0.1/aodhdb?charset=utf8",
notification_driver => 'messagingv2',
if $openstack_release == 'rocky'{
class { '::aodh':
debug => true,
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'aodh',
'password' => $pass_aodh_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'aodh',
'password' => $pass_aodh_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
database_connection => "mysql+pymysql://aodh:${$pass_aodh_db}@127.0.0.1/aodhdb?charset=utf8",
notification_driver => 'messagingv2',
}
}else{
class { '::aodh':
default_transport_url => os_transport_url({
'transport' => $messaging_default_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_default_port,
'username' => 'aodh',
'password' => $pass_aodh_messaging,
}),
notification_transport_url => os_transport_url({
'transport' => $messaging_notify_proto,
'hosts' => fqdn_rotate($all_masters),
'port' => $messaging_notify_port,
'username' => 'aodh',
'password' => $pass_aodh_messaging,
}),
rabbit_use_ssl => $use_ssl,
rabbit_ha_queues => true,
kombu_ssl_ca_certs => '/etc/ssl/certs/oci-pki-oci-ca-chain.pem',
amqp_sasl_mechanisms => 'PLAIN',
database_connection => "mysql+pymysql://aodh:${$pass_aodh_db}@127.0.0.1/aodhdb?charset=utf8",
notification_driver => 'messagingv2',
}
}
if $is_first_master {
class { '::aodh::keystone::auth':
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment