Commit f7efa532 authored by Thomas Goirand's avatar Thomas Goirand

* Add the setup of chrony on all machines, with customization of time server

    host for the clock source.
parent 4e7e5fee
......@@ -16,6 +16,8 @@ openstack-cluster-installer (21) UNRELEASED; urgency=medium
/var/lib/nova/.ssh folder, to allow (live) migration using ssh / scp.
* Switch to a db migration system with the schema saved in PHP format.
* Add a cluster-show command.
* Add the setup of chrony on all machines, with customization of time server
host for the clock source.
[ Oliver Chaze ]
* swift: do not log in syslog general logs
......
......@@ -128,6 +128,7 @@ Package: puppet-module-oci
Architecture: all
Depends:
openstack-puppet-modules,
puppet-module-aboe-chrony,
puppet-module-deric-zookeeper,
${misc:Depends},
Description: automatic PXE and puppet-master installer for OpenStack - puppet module
......
......@@ -7,7 +7,7 @@ _ocicli() {
prev="${COMP_WORDS[COMP_CWORD-1]}"
cmd_name="${COMP_WORDS[1]}"
opts="machine-list machine-console machine-show machine-set machine-add machine-remove machine-destroy machine-reboot-on-hdd machine-reboot-on-live machine-ipmi-reboot-on-hdd machine-ipmi-reboot-on-live machine-install-os machine-display-install-cmd machine-install-log machine-set-ipmi location-list location-create location-delete network-create network-list network-delete network-add network-remove network-set cluster-list cluster-create cluster-delete cluster-show-networks cluster-show-machines cluster-show-ips swift-region-list swift-region-create swift-region-delete swift-calculate-ring role-list role-create role-delete"
opts="machine-list machine-console machine-show machine-set machine-add machine-remove machine-destroy machine-reboot-on-hdd machine-reboot-on-live machine-ipmi-reboot-on-hdd machine-ipmi-reboot-on-live machine-install-os machine-display-install-cmd machine-install-log machine-set-ipmi location-list location-create location-delete network-create network-list network-delete network-add network-remove network-set cluster-list cluster-create cluster-delete cluster-set cluster-show cluster-show-networks cluster-show-machines cluster-show-ips swift-region-list swift-region-create swift-region-delete swift-calculate-ring role-list role-create role-delete"
iface_names="none eth0 eth1 eth2 eth3 eth4 eth5 10m1 10m2 10m3 10m4 100m1 100m2 100m3 100m4 1g1 1g2 1g3 1g4 10g1 10g2 10g3 10g4"
case "${cmd_name}" in
......@@ -111,6 +111,22 @@ _ocicli() {
;;
esac
;;
cluster-set)
case ${COMP_CWORD} in
2)
local cluster_list=$(ocicli -csv cluster-list | grep -v "id,name,domain" | cut -d, -f2 | tr \\n " ")
COMPREPLY=( $(compgen -W "${cluster_list}" -- ${cur}) )
return 0
;;
3|5)
COMPREPLY=( $(compgen -W "--time-server-host --swift-part-power" -- ${cur}) )
return 0
;;
*)
return 0
;;
esac
;;
cluster-show-machines|cluster-show-networks|cluster-show-ips|cluster-delete|cluster-show)
local cluster_list=$(ocicli -csv cluster-list | grep -v "id,name,domain" | cut -d, -f2 | tr \\n " ")
COMPREPLY=( $(compgen -W "${cluster_list}" -- ${cur}) )
......
......@@ -52,6 +52,7 @@ usage (){
echo " cluster-create <cluster-name> <domaine-name.com>"
echo " cluster-delete <cluster-name>"
echo " cluster-show <cluster-name>"
echo " cluster-set <cluster-name> [--swift-part-power <int>] [--time-server-host <hostname>]"
echo " cluster-show-networks <cluster-name>"
echo " cluster-show-machines <cluster-name>"
echo " cluster-show-ips <cluster-name>"
......@@ -244,6 +245,7 @@ ocicli_cluster_show (){
OCICLI_CLUSTER_SHOW_SWIFT_ENCRYPTION_KEY=$(cat ${API_RESPONSE_FILE} | jq -r '.["data"]| "\(.swift_encryption_key_id)"')
OCICLI_CLUSTER_SHOW_HAPROXY_CUSTOM_URL=$(cat ${API_RESPONSE_FILE} | jq -r '.["data"]| "\(.haproxy_custom_url)"')
OCICLI_CLUSTER_SHOW_STATSD_HOSTNAME=$(cat ${API_RESPONSE_FILE} | jq -r '.["data"]| "\(.statsd_hostname)"')
OCICLI_CLUSTER_SHOW_TIME_SERVER_HOST=$(cat ${API_RESPONSE_FILE} | jq -r '.["data"]| "\(.time_server_host)"')
echo "Name:,${OCICLI_CLUSTER_SHOW_NAME}"
echo "Domain:,${OCICLI_CLUSTER_SHOW_DOMAIN}"
echo "VIP Hostname:,${OCICLI_CLUSTER_SHOW_VIP_HOSTNAME}"
......@@ -254,6 +256,7 @@ ocicli_cluster_show (){
echo "Swift encryption key uuid:,${OCICLI_CLUSTER_SHOW_SWIFT_ENCRYPTION_KEY}"
echo "Haproxy custom url:,${OCICLI_CLUSTER_SHOW_HAPROXY_CUSTOM_URL}"
echo "Statsd hostname:,${OCICLI_CLUSTER_SHOW_STATSD_HOSTNAME}"
echo "Time server host:,${OCICLI_CLUSTER_SHOW_TIME_SERVER_HOST}"
}
ocicli_swiftregion_list () {
......@@ -440,6 +443,38 @@ case "${ACTION}" in
ocicli_call "action=network_delete&name=${1}"
ocicli_display_status
;;
"cluster-set")
CALL="action=cluster_set&name=${1}"
shift
for i in $@ ; do
case "${1}" in
"--swift-part-power")
if [ -z "${2}" ] ; then
echo "No parameter for --swift-part-power"
usage
exit 1
fi
CALL="${CALL}&swift_part_power=${2}"
shift
shift
;;
"--time-server-host")
if [ -z "${2}" ] ; then
echo "No parameter for --time-server-host"
usage
exit 1
fi
CALL="${CALL}&time_server_host=${2}"
shift
shift
;;
*)
;;
esac
done
ocicli_call $CALL
ocicli_display_status
;;
"network-set")
CALL="action=network_set&network_name=${1}"
shift
......
......@@ -23,6 +23,7 @@
class oci::cephmon(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$all_masters = undef,
$all_masters_ip = undef,
$vip_hostname = undef,
......@@ -46,6 +47,9 @@ class oci::cephmon(
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
class { 'ceph':
fsid => $ceph_fsid,
ensure => 'present',
......
......@@ -17,6 +17,7 @@
class oci::cephosd(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$all_masters = undef,
$all_masters_ip = undef,
$vip_hostname = undef,
......@@ -39,6 +40,9 @@ class oci::cephosd(
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
class { 'ceph':
fsid => $ceph_fsid,
ensure => 'present',
......
class oci::chrony(
$time_server_host = "0.debian.pool.ntp.org"
){
class { '::chrony':
servers => $time_server_host,
makestep_seconds => '120',
makestep_updates => '-1',
}
}
\ No newline at end of file
class oci::compute(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$bridge_mapping_list = undef,
$external_network_list = undef,
$first_master = undef,
......@@ -67,6 +68,9 @@ class oci::compute(
# Some useful sysctl customization
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
# We need haproxy for proxying the metadata proxy server
# because of TLS + Eventlet + Python 3
class { 'haproxy':
......
......@@ -30,6 +30,7 @@
class oci::controller(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$bridge_mapping_list = undef,
$external_network_list = undef,
$machine_iface = undef,
......@@ -339,6 +340,9 @@ export OS_CACERT=/etc/ssl/certs/oci-pki-oci-ca-chain.pem
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
# Add haproxy that will listen on that virtual IP, and load balance
# to the different API daemons using tcp mode (as the APIs will do
# full SSL already).
......
class oci::swiftproxy(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$first_master = undef,
$first_master_ip = undef,
$vip_hostname = undef,
......@@ -41,6 +42,9 @@ class oci::swiftproxy(
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
package { 'rsyslog':
ensure => present,
}
......
class oci::swiftstore(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$network_ipaddr = undef,
$network_cidr = undef,
$block_devices = undef,
......@@ -13,6 +14,9 @@ class oci::swiftstore(
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
package { 'rsyslog':
ensure => present,
}
......
......@@ -7,6 +7,7 @@
class oci::volume(
$machine_hostname = undef,
$machine_ip = undef,
$time_server_host = undef,
$first_master = undef,
$first_master_ip = undef,
$all_masters = undef,
......@@ -45,6 +46,9 @@ class oci::volume(
::oci::sysctl { 'oci-rox': }
# Right on time!
class { '::oci::chrony': time_server_host => $time_sever_host, }
include ::cinder::client
# Cinder main class (ie: cinder-common config)
class { '::cinder':
......
......@@ -157,6 +157,7 @@ function api_actions($con,$conf){
$cluster = mysqli_fetch_array($r);
$cluster_domain = $cluster["domain"];
$cluster_statsd_hostname = $cluster["statsd_hostname"];
$cluster_time_server_host = $cluster["time_server_host"];
$machine_networks = slave_fetch_network_config($con, $conf, $machine_id);
if(sizeof($machine_networks["networks"]) == 0){
......@@ -470,6 +471,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::controller:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= $enc_bridge_list;
if($num_compute_nodes > 0 && $num_network_nodes == 0){
$enc_file .= " machine_iface: br-ex\n";
......@@ -845,6 +847,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::swiftproxy:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= " first_master: $first_master_hostname\n";
$enc_file .= " first_master_ip: $first_master_ipaddr\n";
$enc_file .= " vip_hostname: $vip_hostname\n";
......@@ -907,6 +910,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::swiftstore:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= " network_ipaddr: $network_ip\n";
$enc_file .= " network_cidr: $network_cidr\n";
$enc_file .= " zoneid: $machine_location\n";
......@@ -941,6 +945,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::compute:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= $enc_bridge_list;
$enc_file .= " first_master: $first_master_hostname\n";
$enc_file .= " first_master_ip: $first_master_ipaddr\n";
......@@ -1072,6 +1077,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::cephosd:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= " vip_hostname: $vip_hostname\n";
$enc_file .= " vip_ipaddr: $vip_ipaddr\n";
$enc_file .= " vip_netmask: $vip_netmask\n";
......@@ -1126,6 +1132,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::cephmon:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= " vip_hostname: $vip_hostname\n";
$enc_file .= " vip_ipaddr: $vip_ipaddr\n";
$enc_file .= " vip_netmask: $vip_netmask\n";
......@@ -1168,6 +1175,7 @@ function api_actions($con,$conf){
$enc_file .= " oci::volume:\n";
$enc_file .= " machine_hostname: $machine_hostname\n";
$enc_file .= " machine_ip: $machine_ip\n";
$enc_file .= " time_server_host: $cluster_time_server_host\n";
$enc_file .= $enc_amhn;
$enc_file .= $enc_amip;
$enc_file .= " first_master: $first_master_hostname\n";
......@@ -1256,6 +1264,60 @@ function api_actions($con,$conf){
$json["data"] = mysqli_fetch_array($r);
return $json;
break;
case "cluster_set":
$safe_cluster_name = safe_fqdn("name");
if($safe_cluster_name === FALSE){
$json["status"] = "error";
$json["message"] = "Error: not valid cluster name.";
return $json;
}
$q = "SELECT * FROM clusters WHERE name='$safe_cluster_name'";
$r = mysqli_query($con, $q);
if($r === FALSE){
$json["status"] = "error";
$json["message"] = mysqli_error($con);
return $json;
}
$n = mysqli_num_rows($r);
if($n != 1){
$json["status"] = "error";
$json["message"] = "Error: cluster not found.";
return $json;
}
$update = "";
// Swift part power
if(isset($_REQUEST["swift_part_power"])){
$safe_swift_part_power = safe_int("swift_part_power");
if($safe_swift_part_power === FALSE){
$json["status"] = "error";
$json["message"] = "Error: not valid swift part power.";
}
if($update != ""){
$update .= ", ";
}
$update .= "swift_part_power='$safe_swift_part_power'";
}
// Time server host
if(isset($_REQUEST["time_server_host"])){
$safe_time_server_host = safe_fqdn("time_server_host");
if($safe_swift_part_power === FALSE){
$json["status"] = "error";
$json["message"] = "Error: not valid time server host.";
}
if($update != ""){
$update .= ", ";
}
$update .= "time_server_host='$safe_time_server_host'";
}
$q = "UPDATE clusters SET $update WHERE name='$safe_cluster_name'";
if($update != ""){
$r = mysqli_query($con, $q);
}
return $json;
break;
case "cluster_show_ips":
$safe_cluster_name = safe_fqdn("name");
if($safe_cluster_name === FALSE){
......
......@@ -137,7 +137,8 @@ for($i=0;$i<$nbr_tables;$i++){
$r = mysqli_query($con, $q)or print("\nCannot execute query: \"$q\" line ".__LINE__." in file ".__FILE__.", mysql said: ".mysqli_error($con)."\n");
}else{
$q = "ALTER TABLE $curtbl ADD $v $vc;";
$r = mysqli_query($q)or print("\nCannot execute query: \"$q\" line ".__LINE__." in file ".__FILE__.", mysql said: ".mysqli_error($con)."\n");
echo " (add var: $v)";
$r = mysqli_query($con, $q)or print("\nCannot execute query: \"$q\" line ".__LINE__." in file ".__FILE__.", mysql said: ".mysqli_error($con)."\n");
}
// If it is present in MySQL already, then we need to check if types are marching
// if types don't match, then we issue an ALTER TABLE
......
......@@ -26,7 +26,8 @@ $database = array(
"swift_proxy_hostname" => "varchar(255) NOT NULL default ''",
"swift_encryption_key_id" => "varchar(255) NOT NULL default ''",
"haproxy_custom_url" => "varchar(255) NOT NULL default ''",
"statsd_hostname" => "varchar(255) NOT NULL default ''"
"statsd_hostname" => "varchar(255) NOT NULL default ''",
"time_server_host" => "varchar(255) NOT NULL default '0.debian.pool.ntp.org'",
),
"primary" => "(id)",
"keys" => array(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment