├── file_root ├── openstack │ ├── heat │ │ ├── message_queue │ │ │ ├── icehouse │ │ │ │ └── rabbitmq.sls │ │ │ ├── juno │ │ │ │ └── rabbitmq.sls │ │ │ └── kilo │ │ │ │ └── rabbitmq.sls │ │ ├── packages.sls │ │ ├── init.sls │ │ ├── Ubuntu │ │ │ ├── icehouse │ │ │ │ └── init.sls │ │ │ ├── juno │ │ │ │ └── init.sls │ │ │ └── kilo │ │ │ │ └── init.sls │ │ └── CentOS │ │ │ ├── juno │ │ │ └── init.sls │ │ │ └── kilo │ │ │ └── init.sls │ ├── horizon │ │ ├── init.sls │ │ ├── packages.sls │ │ ├── CentOS │ │ │ └── init.sls │ │ └── Ubuntu │ │ │ └── init.sls │ ├── glance │ │ ├── packages.sls │ │ ├── init.sls │ │ ├── images.sls │ │ ├── Ubuntu │ │ │ ├── icehouse │ │ │ │ └── init.sls │ │ │ └── juno │ │ │ │ └── init.sls │ │ └── CentOS │ │ │ └── juno │ │ │ └── init.sls │ ├── keystone │ │ ├── packages.sls │ │ ├── init.sls │ │ ├── tenants.sls │ │ ├── Ubuntu │ │ │ ├── icehouse │ │ │ │ └── init.sls │ │ │ └── juno │ │ │ │ └── init.sls │ │ ├── services.sls │ │ ├── users.sls │ │ └── CentOS │ │ │ └── juno │ │ │ └── init.sls │ ├── nova │ │ ├── compute │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ ├── Ubuntu │ │ │ │ ├── kilo │ │ │ │ │ └── kvm │ │ │ │ │ │ └── init.sls │ │ │ │ ├── icehouse │ │ │ │ │ └── kvm │ │ │ │ │ │ └── init.sls │ │ │ │ └── juno │ │ │ │ │ └── kvm │ │ │ │ │ └── init.sls │ │ │ └── CentOS │ │ │ │ ├── kilo │ │ │ │ └── kvm │ │ │ │ │ └── init.sls │ │ │ │ └── juno │ │ │ │ └── kvm │ │ │ │ └── init.sls │ │ ├── controller │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ ├── Ubuntu │ │ │ │ ├── icehouse │ │ │ │ │ └── init.sls │ │ │ │ ├── juno │ │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ │ └── init.sls │ │ │ └── CentOS │ │ │ │ ├── juno │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ └── init.sls │ │ └── message_queue │ │ │ ├── juno │ │ │ └── rabbitmq.sls │ │ │ ├── icehouse │ │ │ └── rabbitmq.sls │ │ │ └── kilo │ │ │ └── rabbitmq.sls │ ├── cinder │ │ ├── storage │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ ├── Ubuntu │ │ │ │ ├── mount_volumes_on_boot.sls │ │ │ │ ├── icehouse │ │ │ │ │ └── init.sls │ │ │ │ ├── juno │ │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ │ └── init.sls │ │ │ └── CentOS │ │ │ │ ├── mount_volumes_on_boot.sls │ │ │ │ ├── juno │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ └── init.sls │ │ ├── controller │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ ├── Ubuntu │ │ │ │ ├── icehouse │ │ │ │ │ └── init.sls │ │ │ │ ├── juno │ │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ │ └── init.sls │ │ │ └── CentOS │ │ │ │ ├── juno │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ └── init.sls │ │ ├── message_queue │ │ │ ├── juno │ │ │ │ └── rabbitmq.sls │ │ │ ├── icehouse │ │ │ │ └── rabbitmq.sls │ │ │ └── kilo │ │ │ │ └── rabbitmq.sls │ │ └── loopback_file.sls │ ├── neutron │ │ ├── network │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ ├── openvswitch │ │ │ │ ├── init.sls │ │ │ │ ├── multi_nic.sls │ │ │ │ └── single_nic.sls │ │ │ ├── Ubuntu │ │ │ │ └── openvswitch │ │ │ │ │ ├── multi_nic.sls │ │ │ │ │ └── single_nic.sls │ │ │ └── CentOS │ │ │ │ └── openvswitch │ │ │ │ ├── multi_nic.sls │ │ │ │ └── single_nic.sls │ │ ├── compute │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ └── Ubuntu │ │ │ │ ├── icehouse │ │ │ │ └── init.sls │ │ │ │ └── kilo │ │ │ │ └── init.sls │ │ ├── controller │ │ │ ├── packages.sls │ │ │ ├── init.sls │ │ │ └── Ubuntu │ │ │ │ ├── icehouse │ │ │ │ └── init.sls │ │ │ │ └── juno │ │ │ │ └── init.sls │ │ ├── message_queue │ │ │ ├── juno │ │ │ │ └── rabbitmq.sls │ │ │ ├── kilo │ │ │ │ └── rabbitmq.sls │ │ │ └── icehouse │ │ │ │ └── rabbitmq.sls │ │ ├── routers.sls │ │ ├── security_groups.sls │ │ └── networks.sls │ └── states.jinja ├── reset │ ├── soft │ │ ├── init.sls │ │ └── controller │ │ │ ├── init.sls │ │ │ └── openvswitch.sls │ └── hard │ │ ├── compute │ │ ├── init.sls │ │ └── purge.sls │ │ ├── controller │ │ ├── init.sls │ │ └── purge.sls │ │ ├── network │ │ ├── init.sls │ │ ├── Ubuntu │ │ │ └── init.sls │ │ ├── purge.sls │ │ └── CentOS │ │ │ └── init.sls │ │ ├── storage │ │ ├── init.sls │ │ ├── Ubuntu │ │ │ └── init.sls │ │ ├── CentOS │ │ │ └── init.sls │ │ └── purge.sls │ │ ├── Ubuntu │ │ └── init.sls │ │ ├── CentOS │ │ └── init.sls │ │ └── init.sls ├── system │ ├── upgrade.sls │ ├── init.sls │ ├── Ubuntu │ │ └── init.sls │ └── CentOS │ │ └── init.sls ├── top.sls ├── message_queue │ ├── init.sls │ └── rabbitmq │ │ └── init.sls ├── database │ ├── init.sls │ └── mysql │ │ ├── schema.sls │ │ └── init.sls └── ntp │ └── init.sls └── pillar_root ├── top.sls ├── samples ├── gre │ ├── environment.sls │ ├── networking.sls │ └── credentials.sls ├── vlan │ ├── environment.sls │ ├── credentials.sls │ └── networking.sls ├── vxlan │ ├── environment.sls │ ├── networking.sls │ └── credentials.sls └── single_nic │ ├── environment.sls │ ├── credentials.sls │ └── networking.sls └── default_template ├── environment.sls ├── credentials.sls └── networking.sls /file_root/openstack/heat/message_queue/icehouse/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /file_root/reset/soft/init.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - reset.soft.controller 3 | -------------------------------------------------------------------------------- /file_root/reset/hard/compute/init.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - reset.hard.compute.purge 3 | -------------------------------------------------------------------------------- /file_root/reset/hard/controller/init.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - reset.hard.controller.purge 3 | -------------------------------------------------------------------------------- /file_root/system/upgrade.sls: -------------------------------------------------------------------------------- 1 | system_upgrade: 2 | pkg.uptodate: 3 | - refresh: True 4 | -------------------------------------------------------------------------------- /file_root/reset/hard/network/init.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - reset.hard.network.purge 3 | - reset.hard.network.{{ grains['os'] }} 4 | -------------------------------------------------------------------------------- /file_root/reset/hard/storage/init.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - reset.hard.storage.purge 3 | - reset.hard.storage.{{ grains['os'] }} 4 | -------------------------------------------------------------------------------- /file_root/reset/soft/controller/init.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - reset.soft.controller.openstack 3 | - reset.soft.controller.openvswitch 4 | -------------------------------------------------------------------------------- /file_root/reset/hard/Ubuntu/init.sls: -------------------------------------------------------------------------------- 1 | hard_reset_clean_apt: 2 | cmd.run: 3 | - name: "apt-get autoremove -y && apt-get autoclean -y && apt-get clean -y" 4 | -------------------------------------------------------------------------------- /file_root/top.sls: -------------------------------------------------------------------------------- 1 | {% from "openstack/states.jinja" import minion_states with context %} 2 | 3 | openstack: 4 | "*": 5 | {% for state in minion_states %} 6 | - {{ state }} 7 | {% endfor %} 8 | -------------------------------------------------------------------------------- /file_root/message_queue/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - message_queue.{{ openstack_parameters['message_queue'] }} 6 | -------------------------------------------------------------------------------- /file_root/openstack/horizon/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.horizon.packages 6 | - openstack.horizon.{{ grains['os'] }} 7 | -------------------------------------------------------------------------------- /file_root/reset/hard/storage/Ubuntu/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | hard_reset_storage_losetup_absent: 5 | file.absent: 6 | - name: {{ cinder['conf']['losetup_upstart'] }} 7 | -------------------------------------------------------------------------------- /file_root/openstack/heat/packages.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | 3 | 4 | {% for pkg in heat['packages'] %} 5 | heat_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/glance/packages.sls: -------------------------------------------------------------------------------- 1 | {% set glance = salt['openstack_utils.glance']() %} 2 | 3 | 4 | {% for pkg in glance['packages'] %} 5 | glance_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/horizon/packages.sls: -------------------------------------------------------------------------------- 1 | {% set horizon = salt['openstack_utils.horizon']() %} 2 | 3 | 4 | {% for pkg in horizon['packages'] %} 5 | horizon_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/database/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - database.{{ openstack_parameters['database'] }} 6 | - database.{{ openstack_parameters['database'] }}.schema 7 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/packages.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | 3 | 4 | {% for pkg in keystone['packages'] %} 5 | keystone_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/reset/hard/network/Ubuntu/init.sls: -------------------------------------------------------------------------------- 1 | {% set openvswitch = salt['openstack_utils.openvswitch']() %} 2 | 3 | 4 | hard_reset_network_openvswitch_promisc_delete: 5 | file.absent: 6 | - name: "{{ openvswitch['conf']['promisc_interfaces'] }}" 7 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/packages.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | 3 | 4 | {% for pkg in nova['packages']['compute']['kvm'] %} 5 | nova_compute_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/packages.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | {% for pkg in cinder['packages']['storage'] %} 5 | cinder_storage_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/packages.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | 3 | 4 | {% for pkg in nova['packages']['controller'] %} 5 | nova_controller_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/packages.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | 3 | 4 | {% for pkg in neutron['packages']['network'] %} 5 | neutron_network_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/packages.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | {% for pkg in cinder['packages']['controller'] %} 5 | cinder_controller_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/compute/packages.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | 3 | 4 | {% for pkg in neutron['packages']['compute']['kvm'] %} 5 | neutron_compute_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /pillar_root/top.sls: -------------------------------------------------------------------------------- 1 | openstack: 2 | ",": 3 | - match: list 4 | - {{ grains['os'] }} 5 | - .credentials 6 | - .environment 7 | - .networking 8 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/controller/packages.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | 3 | 4 | {% for pkg in neutron['packages']['controller'] %} 5 | neutron_controller_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /file_root/openstack/glance/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.glance.packages 6 | - openstack.glance.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 7 | - openstack.glance.images 8 | -------------------------------------------------------------------------------- /file_root/reset/hard/CentOS/init.sls: -------------------------------------------------------------------------------- 1 | {% set yum_repository = salt['openstack_utils.yum_repository']() %} 2 | 3 | 4 | {% set repo_name = yum_repository['repositories']['openstack']['name_persist'] %} 5 | hard_reset_clean_yum_openstack: 6 | cmd.run: 7 | - name: rpm -e {{ repo_name }} 8 | - onlyif: rpm -qi {{ repo_name }} 9 | -------------------------------------------------------------------------------- /file_root/openstack/heat/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.heat.packages 6 | - openstack.heat.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 7 | - openstack.heat.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 8 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.keystone.packages 6 | - openstack.keystone.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 7 | - openstack.keystone.tenants 8 | - openstack.keystone.users 9 | - openstack.keystone.services 10 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.nova.compute.packages 6 | - openstack.nova.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 7 | - openstack.nova.compute.{{ grains['os'] }}.{{ openstack_parameters['series'] }}.kvm 8 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.nova.controller.packages 6 | - openstack.nova.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 7 | - openstack.nova.controller.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 8 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/compute/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.neutron.compute.packages 6 | - openstack.neutron.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 7 | - openstack.neutron.compute.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 8 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.cinder.controller.packages 6 | - openstack.cinder.controller.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 7 | - openstack.cinder.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 8 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/controller/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.neutron.controller.packages 6 | - openstack.neutron.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 7 | - openstack.neutron.controller.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 8 | -------------------------------------------------------------------------------- /file_root/reset/hard/storage/CentOS/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | hard_reset_storage_losetup_service_dead: 5 | service.dead: 6 | - enable: False 7 | - name: "{{ salt['openstack_utils.systemd_service_name'](cinder['conf']['losetup_systemd']) }}" 8 | 9 | 10 | hard_reset_storage_losetup_systemd_delete: 11 | file.absent: 12 | - name: "{{ cinder['conf']['losetup_systemd'] }}" -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.neutron.network.packages 6 | - openstack.neutron.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 7 | - openstack.neutron.network.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 8 | - openstack.neutron.network.openvswitch 9 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/openvswitch/init.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | 3 | 4 | include: 5 | {% if salt['openstack_utils.boolean_value'](neutron['single_nic']['enable']) %} 6 | - openstack.neutron.network.openvswitch.single_nic 7 | - openstack.neutron.network.{{ grains['os'] }}.openvswitch.single_nic 8 | {% else %} 9 | - openstack.neutron.network.openvswitch.multi_nic 10 | - openstack.neutron.network.{{ grains['os'] }}.openvswitch.multi_nic 11 | {% endif %} -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - openstack.cinder.storage.packages 6 | - openstack.cinder.loopback_file 7 | - openstack.cinder.message_queue.{{ openstack_parameters['series'] }}.{{ openstack_parameters['message_queue'] }} 8 | - openstack.cinder.storage.{{ grains['os'] }}.{{ openstack_parameters['series'] }} 9 | - openstack.cinder.storage.{{ grains['os'] }}.mount_volumes_on_boot 10 | -------------------------------------------------------------------------------- /file_root/system/init.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | 3 | 4 | include: 5 | - system.{{ grains['os'] }} 6 | {% if salt['openstack_utils.boolean_value'](openstack_parameters['system_upgrade']) %} 7 | - system.upgrade 8 | {% endif %} 9 | 10 | 11 | openstack_series_persisted: 12 | file.managed: 13 | - name: "{{ openstack_parameters['series_persist_file'] }}" 14 | - user: root 15 | - group: root 16 | - mode: 600 17 | - contents: "{{ openstack_parameters['series'] }}" 18 | -------------------------------------------------------------------------------- /file_root/openstack/heat/message_queue/juno/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | heat_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ heat['conf']['heat'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | -------------------------------------------------------------------------------- /file_root/openstack/nova/message_queue/juno/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | -------------------------------------------------------------------------------- /file_root/openstack/nova/message_queue/icehouse/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/message_queue/juno/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/message_queue/icehouse/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/message_queue/juno/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ neutron['conf']['neutron'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | -------------------------------------------------------------------------------- /file_root/openstack/heat/message_queue/kilo/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | heat_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ heat['conf']['heat'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | oslo_messaging_rabbit: 13 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 14 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 15 | rabbit_password: {{ rabbitmq['user_password'] }} 16 | -------------------------------------------------------------------------------- /file_root/openstack/nova/message_queue/kilo/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | oslo_messaging_rabbit: 13 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 14 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 15 | rabbit_password: {{ rabbitmq['user_password'] }} 16 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/message_queue/kilo/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | oslo_messaging_rabbit: 13 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 14 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 15 | rabbit_password: {{ rabbitmq['user_password'] }} 16 | -------------------------------------------------------------------------------- /file_root/ntp/init.sls: -------------------------------------------------------------------------------- 1 | {% set ntp = salt['openstack_utils.ntp']() %} 2 | 3 | 4 | {% for pkg in ntp['packages'] %} 5 | ntp_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | 10 | 11 | ntp_service_dead: 12 | service.dead: 13 | - name: {{ ntp['services']['ntp'] }} 14 | 15 | 16 | ntp_hwclock_sync: 17 | cmd.run: 18 | - name: hwclock --systohc --utc 19 | 20 | 21 | ntp_service_running: 22 | service.running: 23 | - enable: True 24 | - name: {{ ntp['services']['ntp'] }} 25 | - require: 26 | {% for pkg in ntp['packages'] %} 27 | - pkg: ntp_{{ pkg }}_install 28 | {% endfor %} 29 | - cmd: ntp_hwclock_sync 30 | -------------------------------------------------------------------------------- /file_root/reset/hard/network/purge.sls: -------------------------------------------------------------------------------- 1 | #################################### 2 | ### NETWORK NODE HARD RESET ### 3 | #################################### 4 | 5 | 6 | {% set network_services = salt['openstack_utils.os_services']('network') %} 7 | {% for service in network_services %} 8 | hard_reset_network_{{ service }}_stopped: 9 | service.dead: 10 | - enable: False 11 | - name: {{ service }} 12 | {% endfor %} 13 | 14 | 15 | {% set network_packages = salt['openstack_utils.os_packages']('network') %} 16 | {% for pkg in network_packages %} 17 | hard_reset_network_{{ pkg }}_purged: 18 | pkg.purged: 19 | - pkgs: 20 | - {{ pkg }} 21 | {% endfor %} 22 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/message_queue/kilo/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ neutron['conf']['neutron'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "rabbit" 12 | oslo_messaging_rabbit: 13 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 14 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 15 | rabbit_password: {{ rabbitmq['user_password'] }} 16 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/message_queue/icehouse/rabbitmq.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_rabbitmq_conf: 7 | ini.options_present: 8 | - name: "{{ neutron['conf']['neutron'] }}" 9 | - sections: 10 | DEFAULT: 11 | rpc_backend: "neutron.openstack.common.rpc.impl_kombu" 12 | rabbit_host: "{{ openstack_parameters['controller_ip'] }}" 13 | rabbit_userid: "{{ rabbitmq['user_name'] }}" 14 | rabbit_password: {{ rabbitmq['user_password'] }} 15 | 16 | -------------------------------------------------------------------------------- /file_root/system/Ubuntu/init.sls: -------------------------------------------------------------------------------- 1 | {% set apt_repository = salt['openstack_utils.apt_repository']() %} 2 | 3 | 4 | {% for pkg in apt_repository['packages'] %} 5 | system_repository_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | 10 | 11 | system_repository_openstack_repo_absent: 12 | file.absent: 13 | - name: {{ apt_repository['path'] }} 14 | 15 | 16 | {% if apt_repository['deb_repo'] %} 17 | system_repository_openstack_repo_create: 18 | file.managed: 19 | - name: {{ apt_repository['path'] }} 20 | - contents: {{ apt_repository['deb_repo'] }} 21 | - require: 22 | - file: system_repository_openstack_repo_absent 23 | {% endif %} 24 | -------------------------------------------------------------------------------- /file_root/reset/hard/controller/purge.sls: -------------------------------------------------------------------------------- 1 | ###################################### 2 | ### CONTROLLER NODE HARD RESET ### 3 | ###################################### 4 | 5 | 6 | {% set controller_services = salt['openstack_utils.os_services']('controller') %} 7 | {% for service in controller_services %} 8 | hard_reset_controller_{{ service }}_stopped: 9 | service.dead: 10 | - enable: False 11 | - name: {{ service }} 12 | {% endfor %} 13 | 14 | 15 | {% set controller_packages = salt['openstack_utils.os_packages']('controller') %} 16 | {% for pkg in controller_packages %} 17 | hard_reset_controller_{{ pkg }}_purged: 18 | pkg.purged: 19 | - pkgs: 20 | - {{ pkg }} 21 | {% endfor %} 22 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/Ubuntu/mount_volumes_on_boot.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | cinder_storage_losetup_upstart_job: 5 | file.managed: 6 | - name: "{{ cinder['conf']['losetup_upstart'] }}" 7 | - user: root 8 | - group: root 9 | - mode: 644 10 | - contents: | 11 | 12 | start on started {{ cinder['services']['storage']['cinder_volume'] }} 13 | 14 | script 15 | #!/usr/bin/env bash 16 | if [ "`losetup -a | grep {{ cinder['volumes_path'] }}`" = "" ]; then 17 | losetup -f {{ cinder['volumes_path'] }} && vgchange -a y {{ cinder['volumes_group_name'] }} && service {{ cinder['services']['storage']['cinder_volume'] }} restart 18 | fi 19 | end script 20 | - require: 21 | - cmd: cinder_storage_vg_create 22 | 23 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/Ubuntu/openvswitch/multi_nic.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set openvswitch = salt['openstack_utils.openvswitch']() %} 3 | 4 | 5 | openvswitch_interfaces_promisc_upstart_job: 6 | file.managed: 7 | - name: {{ openvswitch['conf']['promisc_interfaces'] }} 8 | - user: root 9 | - group: root 10 | - mode: 644 11 | - contents: | 12 | 13 | start on runlevel [2345] 14 | 15 | script 16 | {% for bridge in neutron['bridges'] %} 17 | {% if neutron['bridges'][bridge] %} 18 | ip link set {{ neutron['bridges'][bridge] }} up promisc on 19 | {% endif %} 20 | {% endfor %} 21 | end script 22 | - require: 23 | {% for bridge in neutron['bridges'] %} 24 | {% if neutron['bridges'][bridge] %} 25 | - cmd: openvswitch_interface_{{ bridge }}_{{ neutron['bridges'][bridge] }}_up 26 | {% endif %} 27 | {% endfor %} 28 | -------------------------------------------------------------------------------- /file_root/reset/hard/init.sls: -------------------------------------------------------------------------------- 1 | {% set hard_reset_states = salt['openstack_utils.hard_reset_states']() %} 2 | 3 | 4 | {% if salt['openstack_utils.openstack_series_persist']() %} 5 | {% if hard_reset_states != [] %} 6 | include: 7 | {% for state in hard_reset_states %} 8 | - {{ state }} 9 | {% endfor %} 10 | - reset.hard.{{ grains['os'] }} 11 | {% endif %} 12 | 13 | 14 | {% set minion_roles = salt['openstack_utils.minion_roles']() %} 15 | {% for role in minion_roles %} 16 | {% set dirs = salt['openstack_utils.minion_packages_dirs'](role) %} 17 | {% set packages = salt['openstack_utils.os_packages'](role) %} 18 | {% if packages %} 19 | {% for dir in dirs %} 20 | hard_reset_{{ role }}_{{ dir }}_absent: 21 | file.absent: 22 | - name: {{ dir }} 23 | - require: 24 | {% for pkg in packages %} 25 | - pkg: hard_reset_{{ role }}_{{ pkg }}_purged 26 | {% endfor %} 27 | {% endfor %} 28 | {% endif %} 29 | {% endfor %} 30 | {% endif %} 31 | -------------------------------------------------------------------------------- /pillar_root/samples/gre/environment.sls: -------------------------------------------------------------------------------- 1 | environment_name: "ubuntu_openstack" 2 | 3 | openstack_series: "kilo" 4 | 5 | db_engine: "mysql" 6 | 7 | message_queue_engine: "rabbitmq" 8 | 9 | reset: "hard" 10 | 11 | debug_mode: False 12 | 13 | system_upgrade: True 14 | 15 | hosts: 16 | "ubuntu.openstack": "192.168.137.71" 17 | 18 | controller: "ubuntu.openstack" 19 | network: "ubuntu.openstack" 20 | storage: 21 | - "ubuntu.openstack" 22 | compute: 23 | - "ubuntu.openstack" 24 | 25 | cinder: 26 | volumes_group_name: "cinder-volumes" 27 | volumes_path: "/var/lib/cinder/cinder-volumes" 28 | volumes_group_size: "10" 29 | loopback_device: "/dev/loop0" 30 | 31 | nova: 32 | cpu_allocation_ratio: "16" 33 | ram_allocation_ratio: "1.5" 34 | 35 | glance: 36 | images: 37 | cirros: 38 | user: "admin" 39 | tenant: "admin" 40 | parameters: 41 | min_disk: 1 42 | min_ram: 0 43 | copy_from: "http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img" 44 | disk_format: qcow2 45 | container_format: bare 46 | is_public: True 47 | protected: False 48 | -------------------------------------------------------------------------------- /pillar_root/samples/vlan/environment.sls: -------------------------------------------------------------------------------- 1 | environment_name: "ubuntu_openstack" 2 | 3 | openstack_series: "kilo" 4 | 5 | db_engine: "mysql" 6 | 7 | message_queue_engine: "rabbitmq" 8 | 9 | reset: "hard" 10 | 11 | debug_mode: False 12 | 13 | system_upgrade: True 14 | 15 | hosts: 16 | "ubuntu.openstack": "192.168.137.71" 17 | 18 | controller: "ubuntu.openstack" 19 | network: "ubuntu.openstack" 20 | storage: 21 | - "ubuntu.openstack" 22 | compute: 23 | - "ubuntu.openstack" 24 | 25 | cinder: 26 | volumes_group_name: "cinder-volumes" 27 | volumes_path: "/var/lib/cinder/cinder-volumes" 28 | volumes_group_size: "10" 29 | loopback_device: "/dev/loop0" 30 | 31 | nova: 32 | cpu_allocation_ratio: "16" 33 | ram_allocation_ratio: "1.5" 34 | 35 | glance: 36 | images: 37 | cirros: 38 | user: "admin" 39 | tenant: "admin" 40 | parameters: 41 | min_disk: 1 42 | min_ram: 0 43 | copy_from: "http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img" 44 | disk_format: qcow2 45 | container_format: bare 46 | is_public: True 47 | protected: False 48 | -------------------------------------------------------------------------------- /pillar_root/samples/vxlan/environment.sls: -------------------------------------------------------------------------------- 1 | environment_name: "ubuntu_openstack" 2 | 3 | openstack_series: "kilo" 4 | 5 | db_engine: "mysql" 6 | 7 | message_queue_engine: "rabbitmq" 8 | 9 | reset: "hard" 10 | 11 | debug_mode: False 12 | 13 | system_upgrade: True 14 | 15 | hosts: 16 | "ubuntu.openstack": "192.168.137.71" 17 | 18 | controller: "ubuntu.openstack" 19 | network: "ubuntu.openstack" 20 | storage: 21 | - "ubuntu.openstack" 22 | compute: 23 | - "ubuntu.openstack" 24 | 25 | cinder: 26 | volumes_group_name: "cinder-volumes" 27 | volumes_path: "/var/lib/cinder/cinder-volumes" 28 | volumes_group_size: "10" 29 | loopback_device: "/dev/loop0" 30 | 31 | nova: 32 | cpu_allocation_ratio: "16" 33 | ram_allocation_ratio: "1.5" 34 | 35 | glance: 36 | images: 37 | cirros: 38 | user: "admin" 39 | tenant: "admin" 40 | parameters: 41 | min_disk: 1 42 | min_ram: 0 43 | copy_from: "http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img" 44 | disk_format: qcow2 45 | container_format: bare 46 | is_public: True 47 | protected: False 48 | -------------------------------------------------------------------------------- /pillar_root/samples/single_nic/environment.sls: -------------------------------------------------------------------------------- 1 | environment_name: "ubuntu_openstack" 2 | 3 | openstack_series: "kilo" 4 | 5 | db_engine: "mysql" 6 | 7 | message_queue_engine: "rabbitmq" 8 | 9 | reset: "hard" 10 | 11 | debug_mode: False 12 | 13 | system_upgrade: True 14 | 15 | hosts: 16 | "ubuntu.openstack": "192.168.137.71" 17 | 18 | controller: "ubuntu.openstack" 19 | network: "ubuntu.openstack" 20 | storage: 21 | - "ubuntu.openstack" 22 | compute: 23 | - "ubuntu.openstack" 24 | 25 | cinder: 26 | volumes_group_name: "cinder-volumes" 27 | volumes_path: "/var/lib/cinder/cinder-volumes" 28 | volumes_group_size: "10" 29 | loopback_device: "/dev/loop0" 30 | 31 | nova: 32 | cpu_allocation_ratio: "16" 33 | ram_allocation_ratio: "1.5" 34 | 35 | glance: 36 | images: 37 | cirros: 38 | user: "admin" 39 | tenant: "admin" 40 | parameters: 41 | min_disk: 1 42 | min_ram: 0 43 | copy_from: "http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img" 44 | disk_format: qcow2 45 | container_format: bare 46 | is_public: True 47 | protected: False 48 | -------------------------------------------------------------------------------- /file_root/openstack/glance/images.sls: -------------------------------------------------------------------------------- 1 | {% set glance = salt['openstack_utils.glance']() %} 2 | {% set keystone = salt['openstack_utils.keystone']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | {% for image in glance['images'] %} 7 | {% set users = salt['openstack_utils.openstack_users'](glance['images'][image]['tenant']) %} 8 | glance_{{ image }}_create: 9 | glance.image_present: 10 | - name: {{ image }} 11 | - connection_user: {{ glance['images'][image]['user'] }} 12 | - connection_tenant: {{ glance['images'][image]['tenant'] }} 13 | - connection_password: {{ users[glance['images'][image]['user']]['password'] }} 14 | - connection_auth_url: {{ keystone['openstack_services']['keystone']['endpoint']['internalurl'].format(openstack_parameters['controller_ip']) }} 15 | {% for param in glance['images'][image]['parameters'] %} 16 | - {{ param }}: {{ glance['images'][image]['parameters'][param] }} 17 | {% endfor %} 18 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 19 | - require: 20 | - cmd: glance_reset 21 | {% endif %} 22 | {% endfor %} 23 | -------------------------------------------------------------------------------- /file_root/message_queue/rabbitmq/init.sls: -------------------------------------------------------------------------------- 1 | {% set rabbitmq = salt['openstack_utils.rabbitmq']() %} 2 | 3 | 4 | {% for pkg in rabbitmq['packages'] %} 5 | rabbitmq_{{ pkg }}_install: 6 | pkg.installed: 7 | - name: {{ pkg }} 8 | {% endfor %} 9 | 10 | 11 | {% for service in rabbitmq['services'] %} 12 | rabbitmq_{{ service }}_running: 13 | service.running: 14 | - enable: True 15 | - name: {{ rabbitmq['services'][service] }} 16 | - require: 17 | {% for pkg in rabbitmq['packages'] %} 18 | - pkg: rabbitmq_{{ pkg }}_install 19 | {% endfor %} 20 | {% endfor %} 21 | 22 | 23 | rabbitmq_openstack_user_create: 24 | cmd.run: 25 | - name: rabbitmqctl add_user {{ rabbitmq['user_name'] }} {{ rabbitmq['user_password'] }} 26 | - unless: rabbitmqctl list_users | awk '{if(NR>1){print $1}}' | grep {{ rabbitmq['user_name'] }} 27 | - require: 28 | {% for service in rabbitmq['services'] %} 29 | - service: rabbitmq_{{ service }}_running 30 | {% endfor %} 31 | 32 | 33 | rabbitmq_openstack_user_permissions_set: 34 | cmd.run: 35 | - name: 'rabbitmqctl set_permissions {{ rabbitmq['user_name'] }} ".*" ".*" ".*"' 36 | - require: 37 | - cmd: rabbitmq_openstack_user_create 38 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/routers.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set keystone = salt['openstack_utils.keystone']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | {% for router in neutron['routers'] %} 7 | neutron_openstack_router_{{ router }}: 8 | neutron.router_present: 9 | - name: {{ router }} 10 | - interfaces: {{ neutron['routers'][router]['interfaces'] }} 11 | - gateway_network: {{ neutron['routers'][router]['gateway_network'] }} 12 | - connection_user: {{ neutron['routers'][router]['user'] }} 13 | - connection_tenant: {{ neutron['routers'][router]['tenant'] }} 14 | {% set tenant_users = salt['openstack_utils.openstack_users'](neutron['routers'][router]['tenant']) %} 15 | - connection_password: {{ tenant_users[neutron['routers'][router]['user']]['password'] }} 16 | - connection_auth_url: "{{ keystone['openstack_services']['keystone']['endpoint']['internalurl'].format(openstack_parameters['controller_ip']) }}" 17 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 18 | - require: 19 | - cmd: neutron_reset 20 | {% endif %} 21 | {% endfor %} 22 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/openvswitch/multi_nic.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | 3 | 4 | {% for bridge in neutron['bridges'] %} 5 | openvswitch_bridge_{{ bridge }}_create: 6 | cmd.run: 7 | - name: "ovs-vsctl add-br {{ bridge }}" 8 | - unless: "ovs-vsctl br-exists {{ bridge }}" 9 | 10 | 11 | openvswitch_bridge_{{ bridge }}_up: 12 | cmd.run: 13 | - name: "ip link set {{ bridge }} up" 14 | - require: 15 | - cmd: openvswitch_bridge_{{ bridge }}_create 16 | 17 | 18 | {% if neutron['bridges'][bridge] %} 19 | openvswitch_interface_{{ bridge }}_{{ neutron['bridges'][bridge] }}_add: 20 | cmd.run: 21 | - name: "ovs-vsctl add-port {{ bridge }} {{ neutron['bridges'][bridge] }}" 22 | - unless: "ovs-vsctl list-ports {{ bridge }} | grep {{ neutron['bridges'][bridge] }}" 23 | - require: 24 | - cmd: openvswitch_bridge_{{ bridge }}_up 25 | 26 | 27 | openvswitch_interface_{{ bridge }}_{{ neutron['bridges'][bridge] }}_up: 28 | cmd.run: 29 | - name: "ip link set {{ neutron['bridges'][bridge] }} up promisc on" 30 | - require: 31 | - cmd: openvswitch_interface_{{ bridge }}_{{ neutron['bridges'][bridge] }}_add 32 | {% endif %} 33 | {% endfor %} 34 | -------------------------------------------------------------------------------- /pillar_root/default_template/environment.sls: -------------------------------------------------------------------------------- 1 | environment_name: "" 2 | 3 | openstack_series: "" 4 | 5 | db_engine: "mysql" 6 | 7 | message_queue_engine: "rabbitmq" 8 | 9 | reset: "" 10 | 11 | debug_mode: 12 | 13 | system_upgrade: 14 | 15 | hosts: 16 | "": "" 17 | 18 | controller: "" 19 | network: "" 20 | storage: 21 | - "" 22 | compute: 23 | - "" 24 | 25 | cinder: 26 | volumes_group_name: "cinder-volumes" 27 | volumes_path: "/var/lib/cinder/cinder-volumes" 28 | volumes_group_size: "" 29 | loopback_device: "/dev/loop0" 30 | 31 | nova: 32 | cpu_allocation_ratio: "16" 33 | ram_allocation_ratio: "1.5" 34 | 35 | glance: 36 | images: 37 | : 38 | user: "" 39 | tenant: "" 40 | parameters: 41 | min_disk: "" 42 | min_ram: "" 43 | copy_from: "" 44 | disk_format: "" 45 | container_format: "" 46 | is_public: 47 | protected: 48 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/tenants.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | {% for tenant_name in keystone['openstack_tenants'] %} 5 | keystone_{{ tenant_name }}_tenant: 6 | keystone: 7 | - tenant_present 8 | - name: {{ tenant_name }} 9 | - connection_token: "{{ keystone['admin_token'] }}" 10 | - connection_endpoint: "{{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }}" 11 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 12 | - require: 13 | - cmd: keystone_reset 14 | {% endif %} 15 | {% endfor %} 16 | 17 | {% for role_name in keystone['openstack_roles'] %} 18 | keystone_{{ role_name }}_role: 19 | keystone: 20 | - role_present 21 | - name: {{ role_name }} 22 | - connection_token: "{{ keystone['admin_token'] }}" 23 | - connection_endpoint: "{{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }}" 24 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 25 | - require: 26 | - cmd: keystone_reset 27 | {% endif %} 28 | {% endfor %} 29 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/CentOS/mount_volumes_on_boot.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | cinder_storage_systemd_service: 5 | ini.options_present: 6 | - name: {{ cinder['conf']['losetup_systemd'] }} 7 | - sections: 8 | Unit: 9 | Description: "Setup cinder-volume loop device" 10 | DefaultDependencies: "false" 11 | Before: "{{ cinder['services']['storage']['cinder_volume'] }}.service" 12 | After: "local-fs.target" 13 | Service: 14 | Type: "oneshot" 15 | ExecStart: "/usr/bin/sh -c '/usr/sbin/losetup -j {{ cinder['volumes_path'] }} | /usr/bin/grep {{ cinder['volumes_path'] }} || /usr/sbin/losetup -f {{ cinder['volumes_path'] }}'" 16 | ExecStop: "/usr/bin/sh -c '/usr/sbin/losetup -j {{ cinder['volumes_path'] }} | /usr/bin/cut -d : -f 1 | /usr/bin/xargs /usr/sbin/losetup -d'" 17 | TimeoutSec: "60" 18 | RemainAfterExit: "yes" 19 | Install: 20 | RequiredBy: "{{ cinder['services']['storage']['cinder_volume'] }}.service" 21 | 22 | 23 | cinder_storage_losetup_service_enabled: 24 | service.enabled: 25 | - name: "{{ salt['openstack_utils.systemd_service_name'](cinder['conf']['losetup_systemd']) }}" 26 | - require: 27 | - ini: cinder_storage_systemd_service 28 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/security_groups.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set keystone = salt['openstack_utils.keystone']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | {% for security_group in neutron['security_groups'] %} 7 | openstack_security_group_{{ security_group }}: 8 | neutron.security_group_present: 9 | - name: {{ security_group }} 10 | - description: {{ neutron['security_groups'][security_group]['description'] }} 11 | - rules: {{ neutron['security_groups'][security_group]['rules'] }} 12 | - connection_user: {{ neutron['security_groups'][security_group]['user'] }} 13 | - connection_tenant: {{ neutron['security_groups'][security_group]['tenant'] }} 14 | {% set tenant_users = salt['openstack_utils.openstack_users'](neutron['security_groups'][security_group]['tenant']) %} 15 | - connection_password: {{ tenant_users[neutron['security_groups'][security_group]['user']]['password'] }} 16 | - connection_auth_url: "{{ keystone['openstack_services']['keystone']['endpoint']['internalurl'].format(openstack_parameters['controller_ip']) }}" 17 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 18 | - require: 19 | - cmd: neutron_reset 20 | {% endif %} 21 | {% endfor %} 22 | -------------------------------------------------------------------------------- /file_root/reset/hard/storage/purge.sls: -------------------------------------------------------------------------------- 1 | #################################### 2 | ### STORAGE NODE HARD RESET ### 3 | #################################### 4 | 5 | {% set cinder = salt['openstack_utils.cinder']() %} 6 | 7 | 8 | {% set storage_services = salt['openstack_utils.os_services']('storage') %} 9 | {% for service in storage_services %} 10 | hard_reset_storage_{{ service }}_stopped: 11 | service.dead: 12 | - enable: False 13 | - name: {{ service }} 14 | {% endfor %} 15 | 16 | 17 | {% set storage_packages = salt['openstack_utils.os_packages']('storage') %} 18 | {% for pkg in storage_packages %} 19 | hard_reset_storage_{{ pkg }}_purged: 20 | pkg.purged: 21 | - pkgs: 22 | - {{ pkg }} 23 | {% endfor %} 24 | 25 | 26 | hard_reset_storage_vg_delete: 27 | cmd.run: 28 | - name: vgremove -f {{ cinder['volumes_group_name'] }} 29 | - onlyif: vgdisplay {{ cinder['volumes_group_name'] }} 30 | 31 | 32 | hard_reset_storage_pv_delete: 33 | cmd.run: 34 | - name: pvremove -y {{ cinder['loopback_device'] }} 35 | - onlyif: pvdisplay {{ cinder['loopback_device'] }} 36 | 37 | 38 | hard_reset_storage_lv_delete: 39 | cmd.run: 40 | - name: losetup -d {{ cinder['loopback_device'] }} 41 | - onlyif: losetup {{ cinder['loopback_device'] }} 42 | 43 | 44 | hard_reset_storage_volumes_file_delete: 45 | file.absent: 46 | - name: {{ cinder['volumes_path'] }} 47 | -------------------------------------------------------------------------------- /file_root/reset/hard/network/CentOS/init.sls: -------------------------------------------------------------------------------- 1 | {% set openvswitch = salt['openstack_utils.openvswitch']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | 4 | 5 | hard_reset_network_openvswitch_promisc_script_delete: 6 | file.absent: 7 | - name: "{{ openvswitch['conf']['promisc_interfaces_script'] }}" 8 | 9 | 10 | hard_reset_network_openvswitch_promisc_service_dead: 11 | service.dead: 12 | - enable: False 13 | - name: "{{ salt['openstack_utils.systemd_service_name'](openvswitch['conf']['promisc_interfaces_systemd']) }}" 14 | 15 | 16 | hard_reset_network_openvswitch_promisc_systemd_delete: 17 | file.absent: 18 | - name: "{{ openvswitch['conf']['promisc_interfaces_systemd'] }}" 19 | 20 | 21 | {% for bridge in neutron['bridges'] %} 22 | hard_reset_network_openvswitch_{{ bridge }}_ovs_bridge_network_script_delete: 23 | file.absent: 24 | - name: "{{ openvswitch['conf']['network_scripts'] }}/ifcfg-{{ bridge }}" 25 | 26 | 27 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 28 | hard_reset_network_openvswitch_proxy-veth-{{ bridge }}_ovs_port_network_script_delete: 29 | file.absent: 30 | - name: "{{ openvswitch['conf']['network_scripts'] }}/ifcfg-proxy-veth-{{ bridge }}" 31 | - require: 32 | - file: hard_reset_network_openvswitch_{{ bridge }}_ovs_bridge_network_script_delete 33 | {% endif %} 34 | {% endfor %} -------------------------------------------------------------------------------- /file_root/openstack/horizon/CentOS/init.sls: -------------------------------------------------------------------------------- 1 | {% set horizon = salt['openstack_utils.horizon']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | 5 | horizon_local_settings: 6 | file.managed: 7 | - source: salt://openstack/horizon/local_settings.py 8 | - name: {{ horizon['conf']['local_settings'] }} 9 | - user: root 10 | - group: root 11 | - mode: 644 12 | - template: jinja 13 | - defaults: 14 | controller_ip: "{{ openstack_parameters['controller_ip'] }}" 15 | - require: 16 | {% for pkg in horizon['packages'] %} 17 | - pkg: horizon_{{ pkg }}_install 18 | {% endfor %} 19 | 20 | 21 | horizon_fix_permissions: 22 | file.directory: 23 | - name: {{ horizon['files']['openstack_dashboard_static'] }} 24 | - user: apache 25 | - group: apache 26 | - recurse: 27 | - user 28 | - group 29 | - require: 30 | {% for pkg in horizon['packages'] %} 31 | - pkg: horizon_{{ pkg }}_install 32 | {% endfor %} 33 | 34 | 35 | horizon_setsebool_on: 36 | cmd.run: 37 | - name: setsebool -P httpd_can_network_connect on 38 | - unless: sestatus | egrep "SELinux\sstatus:\s*disabled" 39 | - require: 40 | - file: horizon_local_settings 41 | 42 | 43 | {% for service in horizon['services'] %} 44 | horizon_{{ service }}_running: 45 | service.running: 46 | - enable: True 47 | - name: {{ horizon['services'][service] }} 48 | - watch: 49 | - file: horizon_local_settings 50 | {% endfor %} 51 | -------------------------------------------------------------------------------- /file_root/database/mysql/schema.sls: -------------------------------------------------------------------------------- 1 | {% set mysql = salt['openstack_utils.mysql']() %} 2 | 3 | 4 | {% for database in mysql['databases'] %} 5 | mysql_{{ database }}_db: 6 | mysql_database.present: 7 | - name: {{ mysql['databases'][database]['db_name'] }} 8 | - character_set: 'utf8' 9 | - connection_user: root 10 | - connection_pass: {{ mysql['root_password'] }} 11 | - connection_charset: utf8 12 | 13 | 14 | {% for host in ['localhost', '%'] %} 15 | mysql_{{ database }}_{{ host }}_account: 16 | mysql_user.present: 17 | - name: {{ mysql['databases'][database]['username'] }} 18 | - password: {{ mysql['databases'][database]['password'] }} 19 | - host: "{{ host }}" 20 | - connection_user: root 21 | - connection_pass: {{ mysql['root_password'] }} 22 | - connection_charset: utf8 23 | - require: 24 | - mysql_database: mysql_{{ database }}_db 25 | {% endfor %} 26 | 27 | 28 | {% for host in ['localhost', '%'] %} 29 | mysql_{{ database }}_{{ host }}_grants: 30 | mysql_grants.present: 31 | - grant: all 32 | - database: "{{ mysql['databases'][database]['db_name'] }}.*" 33 | - user: {{ mysql['databases'][database]['username'] }} 34 | - password: {{ mysql['databases'][database]['password'] }} 35 | - host: "{{ host }}" 36 | - connection_user: root 37 | - connection_pass: {{ mysql['root_password'] }} 38 | - connection_charset: utf8 39 | - require: 40 | - mysql_user: mysql_{{ database }}_{{ host }}_account 41 | {% endfor %} 42 | {% endfor %} 43 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/loopback_file.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | 3 | 4 | {% set blocks_4k = ((cinder['volumes_group_size']|int)*(2**30)/4096)|int %} 5 | cinder_storage_volumes_group_dd_file: 6 | cmd.run: 7 | - name: dd if=/dev/zero of={{ cinder['volumes_path'] }} bs=4K count={{ blocks_4k }} 8 | - unless: losetup {{ cinder['loopback_device'] }} 9 | - require: 10 | {% for pkg in cinder['packages']['storage'] %} 11 | - pkg: cinder_storage_{{ pkg }}_install 12 | {% endfor %} 13 | file.managed: 14 | - name: {{ cinder['volumes_path'] }} 15 | - user: cinder 16 | - group: cinder 17 | - mode: 644 18 | - unless: losetup {{ cinder['loopback_device'] }} 19 | - require: 20 | - cmd: cinder_storage_volumes_group_dd_file 21 | 22 | 23 | cinder_storage_lv_create: 24 | cmd.run: 25 | - name: losetup {{ cinder['loopback_device'] }} {{ cinder['volumes_path'] }} 26 | - unless: losetup {{ cinder['loopback_device'] }} 27 | - require: 28 | - file: cinder_storage_volumes_group_dd_file 29 | 30 | 31 | cinder_storage_pv_create: 32 | cmd.run: 33 | - name: pvcreate {{ cinder['loopback_device'] }} 34 | - unless: pvdisplay {{ cinder['loopback_device'] }} 35 | - require: 36 | - cmd: cinder_storage_lv_create 37 | 38 | 39 | cinder_storage_vg_create: 40 | cmd.run: 41 | - name: vgcreate {{ cinder['volumes_group_name'] }} {{ cinder['loopback_device'] }} 42 | - unless: vgdisplay {{ cinder['volumes_group_name'] }} 43 | - require: 44 | - cmd: cinder_storage_pv_create 45 | -------------------------------------------------------------------------------- /file_root/reset/hard/compute/purge.sls: -------------------------------------------------------------------------------- 1 | #################################### 2 | ### COMPUTE NODE HARD RESET ### 3 | #################################### 4 | 5 | 6 | {% set script_path = "/tmp/nova-vms-cleanup.sh" %} 7 | hard_reset_compute_destroy_vms_script: 8 | file.managed: 9 | - user: root 10 | - group: root 11 | - mode: 400 12 | - name: "{{ script_path }}" 13 | - contents: | 14 | #!/bin/bash 15 | virsh list --all 2>/dev/null 16 | if [ $? -eq 127 ]; then 17 | echo "Libvirt is not installed" 18 | exit 0 19 | fi 20 | for x in $(virsh list --all | grep -E "instance-[0-9a-fA-F]{8}" | awk '{print $2}') ; do 21 | virsh destroy $x ; 22 | virsh undefine $x ; 23 | done ; 24 | 25 | 26 | hard_reset_compute_destroy_vms_run: 27 | cmd.run: 28 | - name: "bash {{ script_path }}" 29 | - require: 30 | - file: hard_reset_compute_destroy_vms_script 31 | 32 | 33 | hard_reset_compute_destroy_vms_script_delete: 34 | file.absent: 35 | - name: "{{ script_path }}" 36 | 37 | 38 | {% set compute_services = salt['openstack_utils.os_services']('compute') %} 39 | {% for service in compute_services %} 40 | hard_reset_compute_{{ service }}_stopped: 41 | service.dead: 42 | - enable: False 43 | - name: {{ service }} 44 | {% endfor %} 45 | 46 | 47 | {% set compute_packages = salt['openstack_utils.os_packages']('compute') %} 48 | {% for pkg in compute_packages %} 49 | hard_reset_compute_{{ pkg }}_purged: 50 | pkg.purged: 51 | - pkgs: 52 | - {{ pkg }} 53 | {% endfor %} 54 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | 5 | keystone_conf: 6 | ini.options_present: 7 | - name: {{ keystone['conf']['keystone'] }} 8 | - sections: 9 | DEFAULT: 10 | admin_token: {{ keystone['admin_token'] }} 11 | log_dir: {{ keystone['files']['log_dir'] }} 12 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 13 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 14 | database: 15 | connection: "mysql://{{ keystone['database']['username'] }}:{{ keystone['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ keystone['database']['db_name'] }}" 16 | - require: 17 | {% for pkg in keystone['packages'] %} 18 | - pkg: keystone_{{ pkg }}_install 19 | {% endfor %} 20 | 21 | 22 | keystone_db_sync: 23 | cmd.run: 24 | - name: su -s /bin/sh -c "keystone-manage db_sync" keystone 25 | - require: 26 | - ini: keystone_conf 27 | 28 | 29 | keystone_service_running: 30 | service.running: 31 | - enable: True 32 | - name: {{ keystone['services']['keystone'] }} 33 | - require: 34 | - cmd: keystone_db_sync 35 | - watch: 36 | - ini: keystone_conf 37 | 38 | 39 | keystone_sqlite_delete: 40 | file.absent: 41 | - name: {{ keystone['files']['sqlite'] }} 42 | - require: 43 | - cmd: keystone_db_sync 44 | 45 | 46 | keystone_wait: 47 | cmd.run: 48 | - name: sleep 5 49 | - require: 50 | - service: keystone_service_running 51 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/services.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | {% for service_name in keystone['openstack_services'] %} 5 | keystone_{{ service_name }}_service: 6 | keystone: 7 | - service_present 8 | - name: {{ service_name }} 9 | - service_type: {{ keystone['openstack_services'][service_name]['service_type'] }} 10 | - description: {{ keystone['openstack_services'][service_name]['description'] }} 11 | - connection_token: {{ keystone['admin_token'] }} 12 | - connection_endpoint: {{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }} 13 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 14 | - require: 15 | - cmd: keystone_reset 16 | {% endif %} 17 | 18 | keystone_{{ service_name }}_endpoint: 19 | keystone: 20 | - endpoint_present 21 | - name: {{ service_name }} 22 | - publicurl: {{ keystone['openstack_services'][service_name]['endpoint']['publicurl'].format(openstack_parameters['controller_ip']) }} 23 | - adminurl: {{ keystone['openstack_services'][service_name]['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }} 24 | - internalurl: {{ keystone['openstack_services'][service_name]['endpoint']['internalurl'].format(openstack_parameters['controller_ip']) }} 25 | - region: "RegionOne" 26 | - connection_token: {{ keystone['admin_token'] }} 27 | - connection_endpoint: {{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }} 28 | - require: 29 | - keystone: keystone_{{ service_name }}_service 30 | {% endfor %} 31 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | 5 | keystone_conf: 6 | ini.options_present: 7 | - name: {{ keystone['conf']['keystone'] }} 8 | - sections: 9 | DEFAULT: 10 | admin_token: {{ keystone['admin_token'] }} 11 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 12 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 13 | database: 14 | connection: "mysql://{{ keystone['database']['username'] }}:{{ keystone['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ keystone['database']['db_name'] }}" 15 | token: 16 | provider: "keystone.token.providers.uuid.Provider" 17 | driver: "keystone.token.persistence.backends.sql.Token" 18 | revoke: 19 | driver: "keystone.contrib.revoke.backends.sql.Revoke" 20 | - require: 21 | {% for pkg in keystone['packages'] %} 22 | - pkg: keystone_{{ pkg }}_install 23 | {% endfor %} 24 | 25 | 26 | keystone_db_sync: 27 | cmd.run: 28 | - name: su -s /bin/sh -c "keystone-manage db_sync" keystone 29 | - require: 30 | - ini: keystone_conf 31 | 32 | 33 | keystone_service_running: 34 | service.running: 35 | - enable: True 36 | - name: {{ keystone['services']['keystone'] }} 37 | - require: 38 | - cmd: keystone_db_sync 39 | - watch: 40 | - ini: keystone_conf 41 | 42 | 43 | keystone_sqlite_delete: 44 | file.absent: 45 | - name: {{ keystone['files']['sqlite'] }} 46 | - require: 47 | - cmd: keystone_db_sync 48 | 49 | 50 | keystone_wait: 51 | cmd.run: 52 | - name: sleep 5 53 | - require: 54 | - service: keystone_service_running 55 | -------------------------------------------------------------------------------- /file_root/system/CentOS/init.sls: -------------------------------------------------------------------------------- 1 | {% set system = salt['openstack_utils.system']() %} 2 | {% set yum_repository = salt['openstack_utils.yum_repository']() %} 3 | 4 | 5 | {% for pkg in system['packages'] %} 6 | system_{{ pkg }}_install: 7 | pkg.installed: 8 | - name: {{ pkg }} 9 | {% endfor %} 10 | 11 | 12 | system_network_manager_dead: 13 | service.dead: 14 | - name: {{ system['services']['network_manager'] }} 15 | - enable: False 16 | - require: 17 | {% for pkg in system['packages'] %} 18 | - pkg: system_{{ pkg }}_install 19 | {% endfor %} 20 | 21 | 22 | system_network_running: 23 | service.running: 24 | - name: {{ system['services']['network'] }} 25 | - enable: True 26 | - require: 27 | - service: system_network_manager_dead 28 | 29 | 30 | system_firewalld_dead: 31 | service.dead: 32 | - name: {{ system['services']['firewalld'] }} 33 | - enable: False 34 | - require: 35 | {% for pkg in system['packages'] %} 36 | - pkg: system_{{ pkg }}_install 37 | {% endfor %} 38 | 39 | 40 | system_iptables_running: 41 | service.running: 42 | - name: {{ system['services']['iptables'] }} 43 | - enable: True 44 | - require: 45 | - service: system_firewalld_dead 46 | 47 | 48 | {% for repo in yum_repository['repositories'] %} 49 | system_repository_{{ repo }}_repo_install: 50 | cmd.run: 51 | - name: rpm -ivh {{ yum_repository['repositories'][repo]['url'] }} 52 | - unless: rpm -qi {{ yum_repository['repositories'][repo]['name'] }} 53 | - require: 54 | {% for pkg in system['packages'] %} 55 | - pkg: system_{{ pkg }}_install 56 | {% endfor %} 57 | {% endfor %} 58 | 59 | 60 | {% for pkg in yum_repository['packages'] %} 61 | system_repository_{{ pkg }}_install: 62 | pkg.installed: 63 | - name: {{ pkg }} 64 | - require: 65 | {% for repo in yum_repository['repositories'] %} 66 | - cmd: system_repository_{{ repo }}_repo_install 67 | {% endfor %} 68 | {% endfor %} 69 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/users.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | {% for tenant_name in keystone['openstack_tenants'] %} 5 | {% set tenant_users = salt['openstack_utils.openstack_users'](tenant_name) %} 6 | {% for user in tenant_users %} 7 | keystone_{{ user }}_user: 8 | keystone: 9 | - user_present 10 | - name: {{ user }} 11 | - password: {{ tenant_users[user]['password'] }} 12 | - email: {{ tenant_users[user]['email'] }} 13 | - tenant: {{ tenant_name }} 14 | - roles: 15 | - {{ tenant_name }}: {{ tenant_users[user]['roles'] }} 16 | - connection_token: "{{ keystone['admin_token'] }}" 17 | - connection_endpoint: "{{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }}" 18 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 19 | - require: 20 | - cmd: keystone_reset 21 | {% endif %} 22 | 23 | {% if tenant_users[user].has_key('keystonerc') and 24 | tenant_users[user]['keystonerc'].has_key('create') and 25 | salt['openstack_utils.boolean_value'](tenant_users[user]['keystonerc']['create']) %} 26 | keystonerc_{{ user }}_create: 27 | file.managed: 28 | - name: {{ tenant_users[user]['keystonerc']['path'] }} 29 | - contents: | 30 | export OS_USERNAME={{ user }} 31 | export OS_PROJECT_NAME={{ tenant_name }} 32 | export OS_TENANT_NAME={{ tenant_name }} 33 | export OS_PASSWORD={{ tenant_users[user]['password'] }} 34 | export OS_AUTH_URL={{ keystone['openstack_services']['keystone']['endpoint']['publicurl'].format(openstack_parameters['controller_ip']) }} 35 | export OS_VOLUME_API_VERSION=2 36 | export OS_IMAGE_API_VERSION=2 37 | export PS1='[\u@\h \W(keystonerc_{{ user }})]\$ ' 38 | - require: 39 | - keystone: keystone_{{ user }}_user 40 | {% endif %} 41 | {% endfor %} 42 | {% endfor %} 43 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_storage_conf: 7 | ini.options_present: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | database: 11 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 12 | DEFAULT: 13 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 14 | glance_host: "{{ openstack_parameters['controller_ip'] }}" 15 | volume_group: {{ cinder['volumes_group_name'] }} 16 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 17 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 18 | keystone_authtoken: 19 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 20 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 21 | auth_port: 35357 22 | auth_protocol: http 23 | admin_tenant_name: service 24 | admin_user: cinder 25 | admin_password: "{{ service_users['cinder']['password'] }}" 26 | - require: 27 | {% for pkg in cinder['packages']['storage'] %} 28 | - pkg: cinder_storage_{{ pkg }}_install 29 | {% endfor %} 30 | 31 | 32 | {% for service in cinder['services']['storage'] %} 33 | cinder_storage_{{ service }}_running: 34 | service.running: 35 | - enable: True 36 | - name: {{ cinder['services']['storage'][service] }} 37 | - watch: 38 | - ini: cinder_storage_conf 39 | {% endfor %} 40 | 41 | 42 | cinder_storage_wait: 43 | cmd.run: 44 | - name: sleep 5 45 | - require: 46 | {% for service in cinder['services']['storage'] %} 47 | - service: cinder_storage_{{ service }}_running 48 | {% endfor %} 49 | -------------------------------------------------------------------------------- /file_root/openstack/horizon/Ubuntu/init.sls: -------------------------------------------------------------------------------- 1 | {% set horizon = salt['openstack_utils.horizon']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | 5 | horizon_ubuntu_theme_purge: 6 | pkg.purged: 7 | - name: {{ horizon['conf']['ubuntu_theme'] }} 8 | - require: 9 | {% for pkg in horizon['packages'] %} 10 | - pkg: horizon_{{ pkg }}_install 11 | {% endfor %} 12 | 13 | 14 | horizon_apache2_conf: 15 | file.managed: 16 | - name: {{ horizon['conf']['apache2'] }} 17 | - user: root 18 | - group: root 19 | - mode: 644 20 | - contents: | 21 | WSGIScriptAlias /dashboard /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi 22 | WSGIDaemonProcess horizon user=horizon group=horizon processes=3 threads=10 23 | WSGIProcessGroup horizon 24 | Alias /static /usr/share/openstack-dashboard/openstack_dashboard/static/ 25 | Alias /horizon/static /usr/share/openstack-dashboard/openstack_dashboard/static/ 26 | 27 | Order allow,deny 28 | Allow from all 29 | 30 | - require: 31 | - pkg: horizon_ubuntu_theme_purge 32 | 33 | 34 | horizon_local_settings: 35 | file.managed: 36 | - source: salt://openstack/horizon/local_settings.py 37 | - name: {{ horizon['conf']['local_settings'] }} 38 | - user: root 39 | - group: root 40 | - mode: 644 41 | - template: jinja 42 | - defaults: 43 | controller_ip: "{{ openstack_parameters['controller_ip'] }}" 44 | - require: 45 | - file: horizon_apache2_conf 46 | 47 | 48 | horizon_memcached_running: 49 | service.running: 50 | - enable: True 51 | - name: {{ horizon['services']['memcached'] }} 52 | - watch: 53 | - file: horizon_local_settings 54 | - file: horizon_apache2_conf 55 | 56 | 57 | horizon_apache_running: 58 | service.running: 59 | - enable: True 60 | - name: {{ horizon['services']['apache'] }} 61 | - watch: 62 | - file: horizon_local_settings 63 | - file: horizon_apache2_conf 64 | - require: 65 | - service: horizon_memcached_running 66 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_controller_conf: 7 | ini.options_present: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | DEFAULT: 11 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 12 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 13 | database: 14 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 15 | keystone_authtoken: 16 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 17 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 18 | auth_port: 35357 19 | auth_protocol: http 20 | admin_tenant_name: service 21 | admin_user: cinder 22 | admin_password: "{{ service_users['cinder']['password'] }}" 23 | - require: 24 | {% for pkg in cinder['packages']['controller'] %} 25 | - pkg: cinder_controller_{{ pkg }}_install 26 | {% endfor %} 27 | 28 | 29 | cinder_db_sync: 30 | cmd.run: 31 | - name: "su -s /bin/sh -c 'cinder-manage db sync' cinder" 32 | - require: 33 | - ini: cinder_controller_conf 34 | 35 | 36 | cinder_controller_sqlite_delete: 37 | file.absent: 38 | - name: {{ cinder['files']['sqlite'] }} 39 | - require: 40 | - cmd: cinder_db_sync 41 | 42 | 43 | {% for service in cinder['services']['controller'] %} 44 | cinder_controller_{{ service }}_running: 45 | service.running: 46 | - enable: True 47 | - name: {{ cinder['services']['controller'][service] }} 48 | - watch: 49 | - ini: cinder_controller_conf 50 | {% endfor %} 51 | 52 | 53 | cinder_controller_wait: 54 | cmd.run: 55 | - name: sleep 5 56 | - require: 57 | {% for service in cinder['services']['controller'] %} 58 | - service: cinder_controller_{{ service }}_running 59 | {% endfor %} 60 | -------------------------------------------------------------------------------- /file_root/openstack/keystone/CentOS/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set keystone = salt['openstack_utils.keystone']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | 5 | keystone_conf: 6 | ini.options_present: 7 | - name: {{ keystone['conf']['keystone'] }} 8 | - sections: 9 | DEFAULT: 10 | admin_token: {{ keystone['admin_token'] }} 11 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 12 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 13 | database: 14 | connection: "mysql://{{ keystone['database']['username'] }}:{{ keystone['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ keystone['database']['db_name'] }}" 15 | token: 16 | provider: "keystone.token.providers.uuid.Provider" 17 | driver: "keystone.token.persistence.backends.sql.Token" 18 | revoke: 19 | driver: "keystone.contrib.revoke.backends.sql.Revoke" 20 | - require: 21 | {% for pkg in keystone['packages'] %} 22 | - pkg: keystone_{{ pkg }}_install 23 | {% endfor %} 24 | 25 | 26 | keystone_pki_setup: 27 | cmd.run: 28 | - name: | 29 | keystone-manage pki_setup --keystone-user keystone --keystone-group keystone && \ 30 | chown -R keystone:keystone /var/log/keystone && \ 31 | chown -R keystone:keystone /etc/keystone/ssl && \ 32 | chmod -R o-rwx /etc/keystone/ssl 33 | - require: 34 | - ini: keystone_conf 35 | 36 | 37 | keystone_db_sync: 38 | cmd.run: 39 | - name: su -s /bin/sh -c "keystone-manage db_sync" keystone 40 | - require: 41 | - cmd: keystone_pki_setup 42 | 43 | 44 | keystone_service_running: 45 | service.running: 46 | - enable: True 47 | - name: {{ keystone['services']['keystone'] }} 48 | - require: 49 | - cmd: keystone_db_sync 50 | - watch: 51 | - ini: keystone_conf 52 | 53 | 54 | keystone_sqlite_delete: 55 | file.absent: 56 | - name: {{ keystone['files']['sqlite'] }} 57 | - require: 58 | - cmd: keystone_db_sync 59 | 60 | 61 | keystone_wait: 62 | cmd.run: 63 | - name: sleep 5 64 | - require: 65 | - service: keystone_service_running 66 | -------------------------------------------------------------------------------- /pillar_root/samples/vxlan/networking.sls: -------------------------------------------------------------------------------- 1 | neutron: 2 | integration_bridge: "br-int" 3 | 4 | external_bridge: "br-ex" 5 | 6 | single_nic: 7 | enable: False 8 | interface: "eth0" 9 | set_up_script: "/root/br-proxy.sh" 10 | 11 | type_drivers: 12 | vxlan: 13 | physnets: 14 | physnet0: 15 | bridge: "br-ex" 16 | hosts: 17 | "ubuntu.openstack": "eth2" 18 | physnet1: 19 | bridge: "br-data" 20 | hosts: 21 | "ubuntu.openstack": "eth1" 22 | tunnels: 23 | tunnel_1: 24 | vni_range: "100:1000" 25 | 26 | tunneling: 27 | enable: True 28 | types: 29 | - vxlan 30 | bridge: "br-tun" 31 | 32 | networks: 33 | public: 34 | user: "admin" 35 | tenant: "admin" 36 | shared: True 37 | admin_state_up: True 38 | router_external: True 39 | subnets: 40 | public_subnet: 41 | cidr: '192.168.137.0/24' 42 | allocation_pools: 43 | - start: '192.168.137.80' 44 | end: '192.168.137.90' 45 | enable_dhcp: False 46 | gateway_ip: "192.168.137.2" 47 | private: 48 | user: "admin" 49 | tenant: "admin" 50 | admin_state_up: True 51 | subnets: 52 | private_subnet: 53 | cidr: '10.0.1.0/24' 54 | dns_nameservers: 55 | - 8.8.8.8 56 | 57 | routers: 58 | router1: 59 | user: "admin" 60 | tenant: "admin" 61 | interfaces: 62 | - "private_subnet" 63 | gateway_network: "public" 64 | 65 | security_groups: 66 | default: 67 | user: admin 68 | tenant: admin 69 | description: 'default' 70 | rules: # Allow all traffic on the default security group 71 | - direction: "ingress" 72 | ethertype: "IPv4" 73 | protocol: "TCP" 74 | port_range_min: "1" 75 | port_range_max: "65535" 76 | remote_ip_prefix: "0.0.0.0/0" 77 | - direction: "ingress" 78 | ethertype: "IPv4" 79 | protocol: "UDP" 80 | port_range_min: "1" 81 | port_range_max: "65535" 82 | remote_ip_prefix: "0.0.0.0/0" 83 | - direction: ingress 84 | protocol: ICMP 85 | remote_ip_prefix: '0.0.0.0/0' 86 | -------------------------------------------------------------------------------- /pillar_root/samples/gre/networking.sls: -------------------------------------------------------------------------------- 1 | neutron: 2 | integration_bridge: "br-int" 3 | 4 | external_bridge: "br-ex" 5 | 6 | single_nic: 7 | enable: False 8 | interface: "eth0" 9 | set_up_script: "/root/br-proxy.sh" 10 | 11 | type_drivers: 12 | gre: 13 | physnets: 14 | physnet0: 15 | bridge: "br-ex" 16 | hosts: 17 | "ubuntu.openstack": "eth2" 18 | physnet1: 19 | bridge: "br-data" 20 | hosts: 21 | "ubuntu.openstack": "eth1" 22 | tunnels: 23 | tunnel_1: 24 | tunnel_id_ranges: "100:1000" 25 | 26 | tunneling: 27 | enable: True 28 | types: 29 | - gre 30 | bridge: "br-tun" 31 | 32 | networks: 33 | public: 34 | user: "admin" 35 | tenant: "admin" 36 | shared: True 37 | admin_state_up: True 38 | router_external: True 39 | subnets: 40 | public_subnet: 41 | cidr: '192.168.137.0/24' 42 | allocation_pools: 43 | - start: '192.168.137.80' 44 | end: '192.168.137.90' 45 | enable_dhcp: False 46 | gateway_ip: "192.168.137.2" 47 | private: 48 | user: "admin" 49 | tenant: "admin" 50 | admin_state_up: True 51 | subnets: 52 | private_subnet: 53 | cidr: '10.0.1.0/24' 54 | dns_nameservers: 55 | - 8.8.8.8 56 | 57 | routers: 58 | router1: 59 | user: "admin" 60 | tenant: "admin" 61 | interfaces: 62 | - "private_subnet" 63 | gateway_network: "public" 64 | 65 | security_groups: 66 | default: 67 | user: admin 68 | tenant: admin 69 | description: 'default' 70 | rules: # Allow all traffic on the default security group 71 | - direction: "ingress" 72 | ethertype: "IPv4" 73 | protocol: "TCP" 74 | port_range_min: "1" 75 | port_range_max: "65535" 76 | remote_ip_prefix: "0.0.0.0/0" 77 | - direction: "ingress" 78 | ethertype: "IPv4" 79 | protocol: "UDP" 80 | port_range_min: "1" 81 | port_range_max: "65535" 82 | remote_ip_prefix: "0.0.0.0/0" 83 | - direction: ingress 84 | protocol: ICMP 85 | remote_ip_prefix: '0.0.0.0/0' 86 | -------------------------------------------------------------------------------- /pillar_root/default_template/credentials.sls: -------------------------------------------------------------------------------- 1 | mysql: 2 | root_password: "" 3 | 4 | rabbitmq: 5 | user_name: "openstack" 6 | user_password: "" 7 | 8 | databases: 9 | nova: 10 | db_name: "nova" 11 | username: "nova" 12 | password: "" 13 | keystone: 14 | db_name: "keystone" 15 | username: "keystone" 16 | password: "" 17 | cinder: 18 | db_name: "cinder" 19 | username: "cinder" 20 | password: "" 21 | glance: 22 | db_name: "glance" 23 | username: "glance" 24 | password: "" 25 | neutron: 26 | db_name: "neutron" 27 | username: "neutron" 28 | password: "" 29 | heat: 30 | db_name: "heat" 31 | username: "heat" 32 | password: "" 33 | 34 | neutron: 35 | metadata_secret: "" 36 | 37 | keystone: 38 | admin_token: "" 39 | roles: 40 | - "admin" 41 | - "heat_stack_owner" 42 | - "heat_stack_user" 43 | tenants: 44 | admin: 45 | users: 46 | admin: 47 | password: "" 48 | roles: 49 | - "admin" 50 | - "heat_stack_owner" 51 | email: "salt@openstack.com" 52 | keystonerc: 53 | create: 54 | path: 55 | service: 56 | users: 57 | cinder: 58 | password: "" 59 | roles: 60 | - "admin" 61 | email: "salt@openstack.com" 62 | glance: 63 | password: "" 64 | roles: 65 | - "admin" 66 | email: "salt@openstack.com" 67 | neutron: 68 | password: "" 69 | roles: 70 | - "admin" 71 | email: "salt@openstack.com" 72 | nova: 73 | password: "" 74 | roles: 75 | - "admin" 76 | email: "salt@openstack.com" 77 | heat: 78 | password: "" 79 | roles: 80 | - "admin" 81 | email: "salt@openstack.com" 82 | heat-cfn: 83 | password: "" 84 | roles: 85 | - "admin" 86 | email: "salt@openstack.com" 87 | -------------------------------------------------------------------------------- /pillar_root/samples/gre/credentials.sls: -------------------------------------------------------------------------------- 1 | mysql: 2 | root_password: "RandomPassword123" 3 | 4 | rabbitmq: 5 | user_name: "openstack" 6 | user_password: "RandomPassword123" 7 | 8 | databases: 9 | nova: 10 | db_name: "nova" 11 | username: "nova" 12 | password: "RandomPassword123" 13 | keystone: 14 | db_name: "keystone" 15 | username: "keystone" 16 | password: "RandomPassword123" 17 | cinder: 18 | db_name: "cinder" 19 | username: "cinder" 20 | password: "RandomPassword123" 21 | glance: 22 | db_name: "glance" 23 | username: "glance" 24 | password: "RandomPassword123" 25 | neutron: 26 | db_name: "neutron" 27 | username: "neutron" 28 | password: "RandomPassword123" 29 | heat: 30 | db_name: "heat" 31 | username: "heat" 32 | password: "RandomPassword123" 33 | 34 | neutron: 35 | metadata_secret: "RandomPassword123" 36 | 37 | keystone: 38 | admin_token: "RandomPassword123" 39 | roles: 40 | - "admin" 41 | - "heat_stack_owner" 42 | - "heat_stack_user" 43 | tenants: 44 | admin: 45 | users: 46 | admin: 47 | password: "RandomPassword123" 48 | roles: 49 | - "admin" 50 | - "heat_stack_owner" 51 | email: "salt@openstack.com" 52 | keystonerc: 53 | create: True 54 | path: /root/keystonerc_admin 55 | service: 56 | users: 57 | cinder: 58 | password: "RandomPassword123" 59 | roles: 60 | - "admin" 61 | email: "salt@openstack.com" 62 | glance: 63 | password: "RandomPassword123" 64 | roles: 65 | - "admin" 66 | email: "salt@openstack.com" 67 | neutron: 68 | password: "RandomPassword123" 69 | roles: 70 | - "admin" 71 | email: "salt@openstack.com" 72 | nova: 73 | password: "RandomPassword123" 74 | roles: 75 | - "admin" 76 | email: "salt@openstack.com" 77 | heat: 78 | password: "RandomPassword123" 79 | roles: 80 | - "admin" 81 | email: "salt@openstack.com" 82 | heat-cfn: 83 | password: "RandomPassword123" 84 | roles: 85 | - "admin" 86 | email: "salt@openstack.com" 87 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/networks.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set keystone = salt['openstack_utils.keystone']() %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | {% for network in neutron['networks'] %} 7 | neutron_openstack_network_{{ network }}: 8 | neutron.network_present: 9 | - name: {{ network }} 10 | - connection_user: {{ neutron['networks'][network]['user'] }} 11 | - connection_tenant: {{ neutron['networks'][network]['tenant'] }} 12 | {% set tenant_users = salt['openstack_utils.openstack_users'](neutron['networks'][network]['tenant']) %} 13 | - connection_password: {{ tenant_users[neutron['networks'][network]['user']]['password'] }} 14 | - connection_auth_url: "{{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }}" 15 | {% for network_param in neutron['networks'][network] %} 16 | {% if network_param not in ['subnets', 'user', 'tenant'] %} 17 | - {{ network_param }}: {{ neutron['networks'][network][network_param] }} 18 | {% endif %} 19 | {% endfor %} 20 | {% if salt['openstack_utils.compare_ignore_case'](openstack_parameters['reset'], 'soft') %} 21 | - require: 22 | - cmd: neutron_reset 23 | {% endif %} 24 | 25 | 26 | {% set network_subnets = salt['openstack_utils.subnets'](network) %} 27 | {% for subnet in network_subnets %} 28 | neutron_openstack_subnet_{{ subnet }}: 29 | neutron.subnet_present: 30 | - name: {{ subnet }} 31 | - network: {{ network }} 32 | - connection_user: {{ neutron['networks'][network]['user'] }} 33 | - connection_tenant: {{ neutron['networks'][network]['tenant'] }} 34 | {% set tenant_users = salt['openstack_utils.openstack_users'](neutron['networks'][network]['tenant']) %} 35 | - connection_password: {{ tenant_users[neutron['networks'][network]['user']]['password'] }} 36 | - connection_auth_url: "{{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }}" 37 | {% for subnet_param in network_subnets[subnet] %} 38 | - {{ subnet_param }}: {{ network_subnets[subnet][subnet_param] }} 39 | {% endfor %} 40 | - require: 41 | - neutron: neutron_openstack_network_{{ network }} 42 | {% endfor %} 43 | {% endfor %} 44 | -------------------------------------------------------------------------------- /pillar_root/samples/vlan/credentials.sls: -------------------------------------------------------------------------------- 1 | mysql: 2 | root_password: "RandomPassword123" 3 | 4 | rabbitmq: 5 | user_name: "openstack" 6 | user_password: "RandomPassword123" 7 | 8 | databases: 9 | nova: 10 | db_name: "nova" 11 | username: "nova" 12 | password: "RandomPassword123" 13 | keystone: 14 | db_name: "keystone" 15 | username: "keystone" 16 | password: "RandomPassword123" 17 | cinder: 18 | db_name: "cinder" 19 | username: "cinder" 20 | password: "RandomPassword123" 21 | glance: 22 | db_name: "glance" 23 | username: "glance" 24 | password: "RandomPassword123" 25 | neutron: 26 | db_name: "neutron" 27 | username: "neutron" 28 | password: "RandomPassword123" 29 | heat: 30 | db_name: "heat" 31 | username: "heat" 32 | password: "RandomPassword123" 33 | 34 | neutron: 35 | metadata_secret: "RandomPassword123" 36 | 37 | keystone: 38 | admin_token: "RandomPassword123" 39 | roles: 40 | - "admin" 41 | - "heat_stack_owner" 42 | - "heat_stack_user" 43 | tenants: 44 | admin: 45 | users: 46 | admin: 47 | password: "RandomPassword123" 48 | roles: 49 | - "admin" 50 | - "heat_stack_owner" 51 | email: "salt@openstack.com" 52 | keystonerc: 53 | create: True 54 | path: /root/keystonerc_admin 55 | service: 56 | users: 57 | cinder: 58 | password: "RandomPassword123" 59 | roles: 60 | - "admin" 61 | email: "salt@openstack.com" 62 | glance: 63 | password: "RandomPassword123" 64 | roles: 65 | - "admin" 66 | email: "salt@openstack.com" 67 | neutron: 68 | password: "RandomPassword123" 69 | roles: 70 | - "admin" 71 | email: "salt@openstack.com" 72 | nova: 73 | password: "RandomPassword123" 74 | roles: 75 | - "admin" 76 | email: "salt@openstack.com" 77 | heat: 78 | password: "RandomPassword123" 79 | roles: 80 | - "admin" 81 | email: "salt@openstack.com" 82 | heat-cfn: 83 | password: "RandomPassword123" 84 | roles: 85 | - "admin" 86 | email: "salt@openstack.com" 87 | -------------------------------------------------------------------------------- /pillar_root/samples/vxlan/credentials.sls: -------------------------------------------------------------------------------- 1 | mysql: 2 | root_password: "RandomPassword123" 3 | 4 | rabbitmq: 5 | user_name: "openstack" 6 | user_password: "RandomPassword123" 7 | 8 | databases: 9 | nova: 10 | db_name: "nova" 11 | username: "nova" 12 | password: "RandomPassword123" 13 | keystone: 14 | db_name: "keystone" 15 | username: "keystone" 16 | password: "RandomPassword123" 17 | cinder: 18 | db_name: "cinder" 19 | username: "cinder" 20 | password: "RandomPassword123" 21 | glance: 22 | db_name: "glance" 23 | username: "glance" 24 | password: "RandomPassword123" 25 | neutron: 26 | db_name: "neutron" 27 | username: "neutron" 28 | password: "RandomPassword123" 29 | heat: 30 | db_name: "heat" 31 | username: "heat" 32 | password: "RandomPassword123" 33 | 34 | neutron: 35 | metadata_secret: "RandomPassword123" 36 | 37 | keystone: 38 | admin_token: "RandomPassword123" 39 | roles: 40 | - "admin" 41 | - "heat_stack_owner" 42 | - "heat_stack_user" 43 | tenants: 44 | admin: 45 | users: 46 | admin: 47 | password: "RandomPassword123" 48 | roles: 49 | - "admin" 50 | - "heat_stack_owner" 51 | email: "salt@openstack.com" 52 | keystonerc: 53 | create: True 54 | path: /root/keystonerc_admin 55 | service: 56 | users: 57 | cinder: 58 | password: "RandomPassword123" 59 | roles: 60 | - "admin" 61 | email: "salt@openstack.com" 62 | glance: 63 | password: "RandomPassword123" 64 | roles: 65 | - "admin" 66 | email: "salt@openstack.com" 67 | neutron: 68 | password: "RandomPassword123" 69 | roles: 70 | - "admin" 71 | email: "salt@openstack.com" 72 | nova: 73 | password: "RandomPassword123" 74 | roles: 75 | - "admin" 76 | email: "salt@openstack.com" 77 | heat: 78 | password: "RandomPassword123" 79 | roles: 80 | - "admin" 81 | email: "salt@openstack.com" 82 | heat-cfn: 83 | password: "RandomPassword123" 84 | roles: 85 | - "admin" 86 | email: "salt@openstack.com" 87 | -------------------------------------------------------------------------------- /pillar_root/samples/single_nic/credentials.sls: -------------------------------------------------------------------------------- 1 | mysql: 2 | root_password: "RandomPassword123" 3 | 4 | rabbitmq: 5 | user_name: "openstack" 6 | user_password: "RandomPassword123" 7 | 8 | databases: 9 | nova: 10 | db_name: "nova" 11 | username: "nova" 12 | password: "RandomPassword123" 13 | keystone: 14 | db_name: "keystone" 15 | username: "keystone" 16 | password: "RandomPassword123" 17 | cinder: 18 | db_name: "cinder" 19 | username: "cinder" 20 | password: "RandomPassword123" 21 | glance: 22 | db_name: "glance" 23 | username: "glance" 24 | password: "RandomPassword123" 25 | neutron: 26 | db_name: "neutron" 27 | username: "neutron" 28 | password: "RandomPassword123" 29 | heat: 30 | db_name: "heat" 31 | username: "heat" 32 | password: "RandomPassword123" 33 | 34 | neutron: 35 | metadata_secret: "RandomPassword123" 36 | 37 | keystone: 38 | admin_token: "RandomPassword123" 39 | roles: 40 | - "admin" 41 | - "heat_stack_owner" 42 | - "heat_stack_user" 43 | tenants: 44 | admin: 45 | users: 46 | admin: 47 | password: "RandomPassword123" 48 | roles: 49 | - "admin" 50 | - "heat_stack_owner" 51 | email: "salt@openstack.com" 52 | keystonerc: 53 | create: True 54 | path: /root/keystonerc_admin 55 | service: 56 | users: 57 | cinder: 58 | password: "RandomPassword123" 59 | roles: 60 | - "admin" 61 | email: "salt@openstack.com" 62 | glance: 63 | password: "RandomPassword123" 64 | roles: 65 | - "admin" 66 | email: "salt@openstack.com" 67 | neutron: 68 | password: "RandomPassword123" 69 | roles: 70 | - "admin" 71 | email: "salt@openstack.com" 72 | nova: 73 | password: "RandomPassword123" 74 | roles: 75 | - "admin" 76 | email: "salt@openstack.com" 77 | heat: 78 | password: "RandomPassword123" 79 | roles: 80 | - "admin" 81 | email: "salt@openstack.com" 82 | heat-cfn: 83 | password: "RandomPassword123" 84 | roles: 85 | - "admin" 86 | email: "salt@openstack.com" 87 | -------------------------------------------------------------------------------- /pillar_root/samples/single_nic/networking.sls: -------------------------------------------------------------------------------- 1 | neutron: 2 | integration_bridge: "br-int" 3 | 4 | external_bridge: "br-ex" 5 | 6 | single_nic: 7 | enable: True 8 | interface: "eth0" 9 | set_up_script: "/root/br-proxy.sh" 10 | 11 | type_drivers: 12 | flat: 13 | physnets: 14 | physnet0: 15 | bridge: "br-ex" 16 | hosts: 17 | "ubuntu.openstack": "" 18 | vlan: 19 | physnets: 20 | physnet1: 21 | bridge: "br-data" 22 | vlan_range: "100:200" 23 | hosts: 24 | "ubuntu.openstack": "" 25 | 26 | tunneling: 27 | enable: False 28 | types: 29 | - vxlan 30 | bridge: "br-tun" 31 | 32 | networks: 33 | public: 34 | user: "admin" 35 | tenant: "admin" 36 | shared: True 37 | admin_state_up: True 38 | router_external: True 39 | provider_physical_network: "physnet0" 40 | provider_network_type: "flat" 41 | subnets: 42 | public_subnet: 43 | cidr: '192.168.137.0/24' 44 | allocation_pools: 45 | - start: '192.168.137.80' 46 | end: '192.168.137.90' 47 | enable_dhcp: False 48 | gateway_ip: "192.168.137.2" 49 | private: 50 | user: "admin" 51 | tenant: "admin" 52 | admin_state_up: True 53 | subnets: 54 | private_subnet: 55 | cidr: '10.0.1.0/24' 56 | dns_nameservers: 57 | - 8.8.8.8 58 | 59 | routers: 60 | router1: 61 | user: "admin" 62 | tenant: "admin" 63 | interfaces: 64 | - "private_subnet" 65 | gateway_network: "public" 66 | 67 | security_groups: 68 | default: 69 | user: admin 70 | tenant: admin 71 | description: 'default' 72 | rules: # Allow all traffic on the default security group 73 | - direction: "ingress" 74 | ethertype: "IPv4" 75 | protocol: "TCP" 76 | port_range_min: "1" 77 | port_range_max: "65535" 78 | remote_ip_prefix: "0.0.0.0/0" 79 | - direction: "ingress" 80 | ethertype: "IPv4" 81 | protocol: "UDP" 82 | port_range_min: "1" 83 | port_range_max: "65535" 84 | remote_ip_prefix: "0.0.0.0/0" 85 | - direction: ingress 86 | protocol: ICMP 87 | remote_ip_prefix: '0.0.0.0/0' 88 | -------------------------------------------------------------------------------- /pillar_root/samples/vlan/networking.sls: -------------------------------------------------------------------------------- 1 | neutron: 2 | integration_bridge: "br-int" 3 | 4 | external_bridge: "br-ex" 5 | 6 | single_nic: 7 | enable: False 8 | interface: "eth0" 9 | set_up_script: "/root/br-proxy.sh" 10 | 11 | type_drivers: 12 | flat: 13 | physnets: 14 | physnet0: 15 | bridge: "br-ex" 16 | hosts: 17 | "ubuntu.openstack": "eth2" 18 | vlan: 19 | physnets: 20 | physnet1: 21 | bridge: "br-data" 22 | vlan_range: "100:200" 23 | hosts: 24 | "ubuntu.openstack": "eth1" 25 | 26 | tunneling: 27 | enable: False 28 | types: 29 | - vxlan 30 | bridge: "br-tun" 31 | 32 | networks: 33 | public: 34 | user: "admin" 35 | tenant: "admin" 36 | shared: True 37 | admin_state_up: True 38 | router_external: True 39 | provider_physical_network: "physnet0" 40 | provider_network_type: "flat" 41 | subnets: 42 | public_subnet: 43 | cidr: '192.168.137.0/24' 44 | allocation_pools: 45 | - start: '192.168.137.80' 46 | end: '192.168.137.90' 47 | enable_dhcp: False 48 | gateway_ip: "192.168.137.2" 49 | private: 50 | user: "admin" 51 | tenant: "admin" 52 | admin_state_up: True 53 | subnets: 54 | private_subnet: 55 | cidr: '10.0.1.0/24' 56 | dns_nameservers: 57 | - 8.8.8.8 58 | 59 | routers: 60 | router1: 61 | user: "admin" 62 | tenant: "admin" 63 | interfaces: 64 | - "private_subnet" 65 | gateway_network: "public" 66 | 67 | security_groups: 68 | default: 69 | user: admin 70 | tenant: admin 71 | description: 'default' 72 | rules: # Allow all traffic on the default security group 73 | - direction: "ingress" 74 | ethertype: "IPv4" 75 | protocol: "TCP" 76 | port_range_min: "1" 77 | port_range_max: "65535" 78 | remote_ip_prefix: "0.0.0.0/0" 79 | - direction: "ingress" 80 | ethertype: "IPv4" 81 | protocol: "UDP" 82 | port_range_min: "1" 83 | port_range_max: "65535" 84 | remote_ip_prefix: "0.0.0.0/0" 85 | - direction: ingress 86 | protocol: ICMP 87 | remote_ip_prefix: '0.0.0.0/0' 88 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/CentOS/openvswitch/multi_nic.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set openvswitch = salt['openstack_utils.openvswitch']() %} 3 | 4 | 5 | {% for bridge in neutron['bridges'] %} 6 | {% if neutron['bridges'][bridge] %} 7 | openvswitch_{{ neutron['bridges'][bridge] }}_ovs_port_network_script: 8 | file.managed: 9 | - name: "{{ openvswitch['conf']['network_scripts'] }}/ifcfg-{{ neutron['bridges'][bridge] }}" 10 | - user: root 11 | - group: root 12 | - mode: 644 13 | - contents: | 14 | DEVICE={{ neutron['bridges'][bridge] }} 15 | ONBOOT=yes 16 | TYPE=OVSPort 17 | DEVICETYPE=ovs 18 | OVS_BRIDGE={{ bridge }} 19 | ONBOOT=yes 20 | NOZEROCONF=yes 21 | BOOTPROTO=none 22 | {% endif %} 23 | {% endfor %} 24 | 25 | 26 | openvswitch_promisc_interfaces_script: 27 | file.managed: 28 | - name: {{ openvswitch['conf']['promisc_interfaces_script'] }} 29 | - user: root 30 | - group: root 31 | - mode: 755 32 | - contents: | 33 | #!/usr/bin/env bash 34 | {% for bridge in neutron['bridges'] %} 35 | ip link set {{ bridge }} up 36 | {% if neutron['bridges'][bridge] %} 37 | ip link set {{ neutron['bridges'][bridge] }} up promisc on 38 | {% endif %} 39 | {% endfor %} 40 | - require: 41 | {% for bridge in neutron['bridges'] %} 42 | {% if neutron['bridges'][bridge] %} 43 | - cmd: openvswitch_interface_{{ bridge }}_{{ neutron['bridges'][bridge] }}_up 44 | {% endif %} 45 | {% endfor %} 46 | 47 | 48 | openvswitch_promisc_interfaces_systemd_service: 49 | ini.options_present: 50 | - name: {{ openvswitch['conf']['promisc_interfaces_systemd'] }} 51 | - sections: 52 | Unit: 53 | Description: "Set openvswitch ports in promisc mode" 54 | After: "network.target" 55 | Service: 56 | Type: "oneshot" 57 | ExecStart: "{{ openvswitch['conf']['promisc_interfaces_script'] }}" 58 | Install: 59 | WantedBy: "default.target" 60 | - require: 61 | - file: openvswitch_promisc_interfaces_script 62 | 63 | 64 | openstack_promisc_interfaces_enable: 65 | service.enabled: 66 | - name: "{{ salt['openstack_utils.systemd_service_name'](openvswitch['conf']['promisc_interfaces_systemd']) }}" 67 | - require: 68 | - ini: openvswitch_promisc_interfaces_systemd_service 69 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_storage_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in cinder['packages']['storage'] %} 16 | - pkg: cinder_storage_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | cinder_storage_conf: 21 | ini.options_present: 22 | - name: "{{ cinder['conf']['cinder'] }}" 23 | - sections: 24 | database: 25 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 26 | DEFAULT: 27 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 28 | glance_host: "{{ openstack_parameters['controller_ip'] }}" 29 | volume_group: {{ cinder['volumes_group_name'] }} 30 | auth_strategy: keystone 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | keystone_authtoken: 34 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 35 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 36 | admin_tenant_name: service 37 | admin_user: cinder 38 | admin_password: "{{ service_users['cinder']['password'] }}" 39 | - require: 40 | - ini: cinder_storage_conf_keystone_authtoken 41 | 42 | 43 | {% for service in cinder['services']['storage'] %} 44 | cinder_storage_{{ service }}_running: 45 | service.running: 46 | - enable: True 47 | - name: {{ cinder['services']['storage'][service] }} 48 | - watch: 49 | - ini: cinder_storage_conf 50 | {% endfor %} 51 | 52 | 53 | cinder_storage_wait: 54 | cmd.run: 55 | - name: sleep 5 56 | - require: 57 | {% for service in cinder['services']['storage'] %} 58 | - service: cinder_storage_{{ service }}_running 59 | {% endfor %} 60 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/CentOS/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_storage_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in cinder['packages']['storage'] %} 16 | - pkg: cinder_storage_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | cinder_storage_conf: 21 | ini.options_present: 22 | - name: "{{ cinder['conf']['cinder'] }}" 23 | - sections: 24 | database: 25 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 26 | DEFAULT: 27 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 28 | glance_host: "{{ openstack_parameters['controller_ip'] }}" 29 | volume_group: {{ cinder['volumes_group_name'] }} 30 | iscsi_helper: lioadm 31 | auth_strategy: keystone 32 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 34 | keystone_authtoken: 35 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 36 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 37 | admin_tenant_name: service 38 | admin_user: cinder 39 | admin_password: "{{ service_users['cinder']['password'] }}" 40 | - require: 41 | - ini: cinder_storage_conf_keystone_authtoken 42 | 43 | 44 | {% for service in cinder['services']['storage'] %} 45 | cinder_storage_{{ service }}_running: 46 | service.running: 47 | - enable: True 48 | - name: {{ cinder['services']['storage'][service] }} 49 | - watch: 50 | - ini: cinder_storage_conf 51 | {% endfor %} 52 | 53 | 54 | cinder_storage_wait: 55 | cmd.run: 56 | - name: sleep 5 57 | - require: 58 | {% for service in cinder['services']['storage'] %} 59 | - service: cinder_storage_{{ service }}_running 60 | {% endfor %} 61 | -------------------------------------------------------------------------------- /file_root/openstack/glance/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set glance = salt['openstack_utils.glance']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | {% for conf in ['api', 'registry'] %} 7 | glance_{{ conf }}_conf: 8 | ini.options_present: 9 | - name: "{{ glance['conf'][conf] }}" 10 | - sections: 11 | database: 12 | connection: "mysql://{{ glance['database']['username'] }}:{{ glance['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ glance['database']['db_name'] }}" 13 | keystone_authtoken: 14 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 15 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 16 | auth_port: "35357" 17 | auth_protocol: http 18 | admin_tenant_name: service 19 | admin_user: glance 20 | admin_password: "{{ service_users['glance']['password'] }}" 21 | paste_deploy: 22 | flavor: keystone 23 | DEFAULT: 24 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 25 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 26 | - require: 27 | {% for pkg in glance['packages'] %} 28 | - pkg: glance_{{ pkg }}_install 29 | {% endfor %} 30 | {% endfor %} 31 | 32 | 33 | glance_db_sync: 34 | cmd.run: 35 | - name: "su -s /bin/sh -c 'glance-manage db_sync' glance" 36 | - require: 37 | - ini: glance_api_conf 38 | - ini: glance_registry_conf 39 | 40 | 41 | glance_registry_running: 42 | service.running: 43 | - enable: True 44 | - name: "{{ glance['services']['registry'] }}" 45 | - require: 46 | - cmd: glance_db_sync 47 | - watch: 48 | - ini: glance_registry_conf 49 | 50 | 51 | glance_api_running: 52 | service.running: 53 | - enable: True 54 | - name: "{{ glance['services']['api'] }}" 55 | - require: 56 | - cmd: glance_db_sync 57 | - watch: 58 | - ini: glance_api_conf 59 | 60 | 61 | glance_sqlite_delete: 62 | file.absent: 63 | - name: "{{ glance['files']['sqlite'] }}" 64 | - require: 65 | - cmd: glance_db_sync 66 | 67 | 68 | glance_wait: 69 | cmd.run: 70 | - name: sleep 5 71 | - require: 72 | - service: glance_registry_running 73 | - service: glance_api_running 74 | -------------------------------------------------------------------------------- /file_root/openstack/heat/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | heat_conf: 7 | ini.options_present: 8 | - name: "{{ heat['conf']['heat'] }}" 9 | - sections: 10 | database: 11 | connection: "mysql://{{ heat['database']['username'] }}:{{ heat['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ heat['database']['db_name'] }}" 12 | DEFAULT: 13 | heat_metadata_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000" 14 | heat_waitcondition_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000/v1/waitcondition" 15 | log_dir: "{{ heat['files']['log_dir'] }}" 16 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 17 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 18 | keystone_authtoken: 19 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 20 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 21 | auth_port: 35357 22 | auth_protocol: http 23 | admin_tenant_name: service 24 | admin_user: heat 25 | admin_password: "{{ service_users['heat']['password'] }}" 26 | ec2authtoken: 27 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 28 | - require: 29 | {% for pkg in heat['packages'] %} 30 | - pkg: heat_{{ pkg }}_install 31 | {% endfor %} 32 | 33 | 34 | heat_db_sync: 35 | cmd.run: 36 | - name: "su -s /bin/sh -c 'heat-manage db_sync' heat" 37 | - require: 38 | - ini: heat_conf 39 | 40 | 41 | heat_sqlite_delete: 42 | file.absent: 43 | - name: "{{ heat['files']['sqlite'] }}" 44 | - require: 45 | - cmd: heat_db_sync 46 | 47 | 48 | {% for service in heat['services'] %} 49 | heat_service_{{ service }}_running: 50 | service.running: 51 | - name: {{ heat['services'][service] }} 52 | - enable: True 53 | - require: 54 | - cmd: heat_db_sync 55 | - watch: 56 | - ini: heat_conf 57 | {% endfor %} 58 | 59 | 60 | heat_wait: 61 | cmd.run: 62 | - name: sleep 5 63 | - require: 64 | {% for service in heat['services'] %} 65 | - service: heat_service_{{ service }}_running 66 | {% endfor %} 67 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/CentOS/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_controller_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in cinder['packages']['controller'] %} 16 | - pkg: cinder_controller_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | cinder_controller_conf: 21 | ini.options_present: 22 | - name: "{{ cinder['conf']['cinder'] }}" 23 | - sections: 24 | DEFAULT: 25 | my_ip: {{ openstack_parameters['controller_ip'] }} 26 | auth_strategy: keystone 27 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 28 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 29 | database: 30 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 31 | keystone_authtoken: 32 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 33 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 34 | admin_tenant_name: service 35 | admin_user: cinder 36 | admin_password: "{{ service_users['cinder']['password'] }}" 37 | - require: 38 | - ini: cinder_controller_conf_keystone_authtoken 39 | 40 | 41 | cinder_db_sync: 42 | cmd.run: 43 | - name: "su -s /bin/sh -c 'cinder-manage db sync' cinder" 44 | - require: 45 | - ini: cinder_controller_conf 46 | 47 | 48 | cinder_controller_sqlite_delete: 49 | file.absent: 50 | - name: {{ cinder['files']['sqlite'] }} 51 | - require: 52 | - cmd: cinder_db_sync 53 | 54 | 55 | {% for service in cinder['services']['controller'] %} 56 | cinder_controller_{{ service }}_running: 57 | service.running: 58 | - enable: True 59 | - name: {{ cinder['services']['controller'][service] }} 60 | - watch: 61 | - ini: cinder_controller_conf 62 | {% endfor %} 63 | 64 | 65 | cinder_controller_wait: 66 | cmd.run: 67 | - name: sleep 5 68 | - require: 69 | {% for service in cinder['services']['controller'] %} 70 | - service: cinder_controller_{{ service }}_running 71 | {% endfor %} 72 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_controller_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in cinder['packages']['controller'] %} 16 | - pkg: cinder_controller_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | cinder_controller_conf: 21 | ini.options_present: 22 | - name: "{{ cinder['conf']['cinder'] }}" 23 | - sections: 24 | DEFAULT: 25 | my_ip: {{ openstack_parameters['controller_ip'] }} 26 | auth_strategy: keystone 27 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 28 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 29 | database: 30 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 31 | keystone_authtoken: 32 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 33 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 34 | admin_tenant_name: service 35 | admin_user: cinder 36 | admin_password: "{{ service_users['cinder']['password'] }}" 37 | - require: 38 | - ini: cinder_controller_conf_keystone_authtoken 39 | 40 | 41 | cinder_db_sync: 42 | cmd.run: 43 | - name: "su -s /bin/sh -c 'cinder-manage db sync' cinder" 44 | - require: 45 | - ini: cinder_controller_conf 46 | 47 | 48 | cinder_controller_sqlite_delete: 49 | file.absent: 50 | - name: {{ cinder['files']['sqlite'] }} 51 | - require: 52 | - cmd: cinder_db_sync 53 | 54 | 55 | {% for service in cinder['services']['controller'] %} 56 | cinder_controller_{{ service }}_running: 57 | service.running: 58 | - enable: True 59 | - name: {{ cinder['services']['controller'][service] }} 60 | - watch: 61 | - ini: cinder_controller_conf 62 | {% endfor %} 63 | 64 | 65 | cinder_controller_wait: 66 | cmd.run: 67 | - name: sleep 5 68 | - require: 69 | {% for service in cinder['services']['controller'] %} 70 | - service: cinder_controller_{{ service }}_running 71 | {% endfor %} 72 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/openvswitch/single_nic.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | 3 | 4 | openvswitch_bridge_br-proxy_create: 5 | cmd.run: 6 | - name: "ovs-vsctl add-br br-proxy" 7 | - unless: "ovs-vsctl br-exists br-proxy" 8 | 9 | 10 | openvswitch_bridge_br-proxy_up: 11 | cmd.run: 12 | - name: "ip link set br-proxy promisc on" 13 | - require: 14 | - cmd: openvswitch_bridge_br-proxy_create 15 | 16 | 17 | openvswitch_{{ neutron['single_nic']['interface'] }}_up: 18 | cmd.run: 19 | - name: "ip link set {{ neutron['single_nic']['interface'] }} promisc on" 20 | - require: 21 | - cmd: openvswitch_bridge_br-proxy_up 22 | 23 | 24 | {% set index = 1 %} 25 | {% for bridge in neutron['bridges'] %} 26 | openvswitch_bridge_{{ bridge }}_create: 27 | cmd.run: 28 | - name: "ovs-vsctl add-br {{ bridge }}" 29 | - unless: "ovs-vsctl br-exists {{ bridge }}" 30 | - require: 31 | - cmd: openvswitch_{{ neutron['single_nic']['interface'] }}_up 32 | 33 | 34 | openvswitch_bridge_{{ bridge }}_up: 35 | cmd.run: 36 | - name: "ip link set {{ bridge }} up" 37 | - require: 38 | - cmd: openvswitch_bridge_{{ bridge }}_create 39 | 40 | 41 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 42 | openvswitch_veth_{{ bridge }}_create: 43 | cmd.run: 44 | - name: "ip link add veth-proxy-{{ index }} type veth peer name veth-{{ index }}-proxy" 45 | - unless: "ip link list | egrep veth-proxy-{{ index }}" 46 | - require: 47 | - cmd: openvswitch_bridge_{{ bridge }}_up 48 | 49 | 50 | openvswitch_veth-{{ index }}-proxy_add: 51 | cmd.run: 52 | - name: "ovs-vsctl add-port {{ bridge }} veth-{{ index }}-proxy" 53 | - unless: "ovs-vsctl list-ports {{ bridge }} | grep veth-{{ index }}-proxy" 54 | - require: 55 | - cmd: openvswitch_veth_{{ bridge }}_create 56 | 57 | 58 | openvswitch_veth-{{ index }}-proxy_up: 59 | cmd.run: 60 | - name: "ip link set veth-{{ index }}-proxy up promisc on" 61 | - require: 62 | - cmd: openvswitch_veth-{{ index }}-proxy_add 63 | 64 | 65 | openvswitch_veth-proxy-{{ index }}_add: 66 | cmd.run: 67 | - name: "ovs-vsctl add-port br-proxy veth-proxy-{{ index }}" 68 | - unless: "ovs-vsctl list-ports br-proxy | grep veth-proxy-{{ index }}" 69 | - require: 70 | - cmd: openvswitch_veth_{{ bridge }}_create 71 | 72 | 73 | openvswitch_veth-proxy-{{ index }}_up: 74 | cmd.run: 75 | - name: "ip link set veth-proxy-{{ index }} up promisc on" 76 | - require: 77 | - cmd: openvswitch_veth-proxy-{{ index }}_add 78 | {% endif %} 79 | {% set index = index + 1 %} 80 | {% endfor %} 81 | -------------------------------------------------------------------------------- /file_root/openstack/states.jinja: -------------------------------------------------------------------------------- 1 | {% set reset_type = '%s' % salt['pillar.get']('reset') %} 2 | 3 | 4 | {% set controller_states = [] %} 5 | {% set network_states = [] %} 6 | {% set compute_states = [] %} 7 | {% set storage_states = [] %} 8 | 9 | {% if reset_type.lower() == 'soft' %} 10 | {% set controller_states = [ "reset.soft" ] %} 11 | {% elif reset_type.lower() == 'hard' %} 12 | {% set controller_states = [ "reset.hard" ] %} 13 | {% set network_states = [ "reset.hard" ] %} 14 | {% set compute_states = [ "reset.hard" ] %} 15 | {% set storage_states = [ "reset.hard" ] %} 16 | {% endif %} 17 | 18 | {% set controller_states = controller_states + [ 19 | "ntp", 20 | "system", 21 | "database", 22 | "message_queue", 23 | "openstack.keystone", 24 | "openstack.glance", 25 | "openstack.nova.controller", 26 | "openstack.neutron.controller", 27 | "openstack.cinder.controller", 28 | "openstack.heat", 29 | "openstack.horizon" 30 | ] 31 | %} 32 | 33 | {% set network_states = network_states + [ 34 | "openstack.neutron.network" 35 | ] 36 | %} 37 | 38 | {% set compute_states = compute_states + [ 39 | "openstack.neutron.compute", 40 | "openstack.nova.compute" 41 | ] 42 | %} 43 | 44 | {% set storage_states = storage_states + [ 45 | "openstack.cinder.storage" 46 | ] 47 | %} 48 | 49 | 50 | {% set minion_states = [] %} 51 | {% set minion_id = grains['id'] %} 52 | 53 | {% if minion_id == pillar['controller'] %} 54 | {% for state in controller_states %} 55 | {% if state not in minion_states %} 56 | {% do minion_states.append(state) %} 57 | {% endif %} 58 | {% endfor %} 59 | {% endif %} 60 | 61 | {% if minion_id == pillar['network'] %} 62 | {% for state in network_states %} 63 | {% if state not in minion_states %} 64 | {% do minion_states.append(state) %} 65 | {% endif %} 66 | {% endfor %} 67 | {% endif %} 68 | 69 | {% if minion_id in pillar['compute'] %} 70 | {% for state in compute_states %} 71 | {% if state not in minion_states %} 72 | {% do minion_states.append(state) %} 73 | {% endif %} 74 | {% endfor %} 75 | {% endif %} 76 | 77 | {% if minion_id == pillar['controller'] %} 78 | {% do minion_states.append("openstack.neutron.networks") %} 79 | {% do minion_states.append("openstack.neutron.routers") %} 80 | {% do minion_states.append("openstack.neutron.security_groups") %} 81 | {% endif %} 82 | 83 | {% if minion_id in pillar['storage'] %} 84 | {% for state in storage_states %} 85 | {% if state not in minion_states %} 86 | {% do minion_states.append(state) %} 87 | {% endif %} 88 | {% endfor %} 89 | {% endif %} 90 | -------------------------------------------------------------------------------- /file_root/openstack/heat/CentOS/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | 7 | heat_conf_keystone_authtoken: 8 | ini.sections_absent: 9 | - name: "{{ heat['conf']['heat'] }}" 10 | - sections: 11 | keystone_authtoken: 12 | - auth_host 13 | - auth_port 14 | - auth_protocol 15 | - require: 16 | {% for pkg in heat['packages'] %} 17 | - pkg: heat_{{ pkg }}_install 18 | {% endfor %} 19 | 20 | 21 | heat_conf: 22 | ini.options_present: 23 | - name: "{{ heat['conf']['heat'] }}" 24 | - sections: 25 | database: 26 | connection: "mysql://{{ heat['database']['username'] }}:{{ heat['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ heat['database']['db_name'] }}" 27 | DEFAULT: 28 | heat_metadata_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000" 29 | heat_waitcondition_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000/v1/waitcondition" 30 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 31 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | keystone_authtoken: 33 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 34 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 35 | admin_tenant_name: service 36 | admin_user: heat 37 | admin_password: "{{ service_users['heat']['password'] }}" 38 | ec2authtoken: 39 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 40 | - require: 41 | - ini: heat_conf_keystone_authtoken 42 | 43 | 44 | heat_db_sync: 45 | cmd.run: 46 | - name: "su -s /bin/sh -c 'heat-manage db_sync' heat" 47 | - require: 48 | - ini: heat_conf 49 | 50 | 51 | heat_sqlite_delete: 52 | file.absent: 53 | - name: "{{ heat['files']['sqlite'] }}" 54 | - require: 55 | - cmd: heat_db_sync 56 | 57 | 58 | {% for service in heat['services'] %} 59 | heat_service_{{ service }}_running: 60 | service.running: 61 | - name: {{ heat['services'][service] }} 62 | - enable: True 63 | - require: 64 | - cmd: heat_db_sync 65 | - watch: 66 | - ini: heat_conf 67 | {% endfor %} 68 | 69 | 70 | heat_wait: 71 | cmd.run: 72 | - name: sleep 5 73 | - require: 74 | {% for service in heat['services'] %} 75 | - service: heat_service_{{ service }}_running 76 | {% endfor %} 77 | -------------------------------------------------------------------------------- /file_root/openstack/heat/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | 7 | heat_conf_keystone_authtoken: 8 | ini.sections_absent: 9 | - name: "{{ heat['conf']['heat'] }}" 10 | - sections: 11 | keystone_authtoken: 12 | - auth_host 13 | - auth_port 14 | - auth_protocol 15 | - require: 16 | {% for pkg in heat['packages'] %} 17 | - pkg: heat_{{ pkg }}_install 18 | {% endfor %} 19 | 20 | 21 | heat_conf: 22 | ini.options_present: 23 | - name: "{{ heat['conf']['heat'] }}" 24 | - sections: 25 | database: 26 | connection: "mysql://{{ heat['database']['username'] }}:{{ heat['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ heat['database']['db_name'] }}" 27 | DEFAULT: 28 | heat_metadata_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000" 29 | heat_waitcondition_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000/v1/waitcondition" 30 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 31 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | keystone_authtoken: 33 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 34 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 35 | admin_tenant_name: service 36 | admin_user: heat 37 | admin_password: "{{ service_users['heat']['password'] }}" 38 | ec2authtoken: 39 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 40 | - require: 41 | - ini: heat_conf_keystone_authtoken 42 | 43 | 44 | heat_db_sync: 45 | cmd.run: 46 | - name: "su -s /bin/sh -c 'heat-manage db_sync' heat" 47 | - require: 48 | - ini: heat_conf 49 | 50 | 51 | heat_sqlite_delete: 52 | file.absent: 53 | - name: "{{ heat['files']['sqlite'] }}" 54 | - require: 55 | - cmd: heat_db_sync 56 | 57 | 58 | {% for service in heat['services'] %} 59 | heat_service_{{ service }}_running: 60 | service.running: 61 | - name: {{ heat['services'][service] }} 62 | - enable: True 63 | - require: 64 | - cmd: heat_db_sync 65 | - watch: 66 | - ini: heat_conf 67 | {% endfor %} 68 | 69 | 70 | heat_wait: 71 | cmd.run: 72 | - name: sleep 5 73 | - require: 74 | {% for service in heat['services'] %} 75 | - service: heat_service_{{ service }}_running 76 | {% endfor %} 77 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/Ubuntu/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_controller_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | - keystone_authtoken 11 | - require: 12 | {% for pkg in cinder['packages']['controller'] %} 13 | - pkg: cinder_controller_{{ pkg }}_install 14 | {% endfor %} 15 | 16 | 17 | cinder_controller_conf: 18 | ini.options_present: 19 | - name: "{{ cinder['conf']['cinder'] }}" 20 | - sections: 21 | DEFAULT: 22 | my_ip: {{ openstack_parameters['controller_ip'] }} 23 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 24 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 25 | database: 26 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 27 | keystone_authtoken: 28 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 29 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 30 | auth_plugin: "password" 31 | project_domain_id: "default" 32 | user_domain_id: "default" 33 | project_name: "service" 34 | username: "cinder" 35 | password: "{{ service_users['cinder']['password'] }}" 36 | oslo_concurrency: 37 | lock_path: "{{ cinder['files']['lock'] }}" 38 | - require: 39 | - ini: cinder_controller_conf_keystone_authtoken 40 | 41 | 42 | cinder_db_sync: 43 | cmd.run: 44 | - name: "su -s /bin/sh -c 'cinder-manage db sync' cinder" 45 | - require: 46 | - ini: cinder_controller_conf 47 | 48 | 49 | cinder_controller_sqlite_delete: 50 | file.absent: 51 | - name: {{ cinder['files']['sqlite'] }} 52 | - require: 53 | - cmd: cinder_db_sync 54 | 55 | 56 | {% for service in cinder['services']['controller'] %} 57 | cinder_controller_{{ service }}_running: 58 | service.running: 59 | - enable: True 60 | - name: {{ cinder['services']['controller'][service] }} 61 | - watch: 62 | - ini: cinder_controller_conf 63 | {% endfor %} 64 | 65 | 66 | cinder_controller_wait: 67 | cmd.run: 68 | - name: sleep 5 69 | - require: 70 | {% for service in cinder['services']['controller'] %} 71 | - service: cinder_controller_{{ service }}_running 72 | {% endfor %} 73 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/CentOS/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_storage_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | - keystone_authtoken 11 | - require: 12 | {% for pkg in cinder['packages']['storage'] %} 13 | - pkg: cinder_storage_{{ pkg }}_install 14 | {% endfor %} 15 | 16 | 17 | cinder_storage_conf: 18 | ini.options_present: 19 | - name: "{{ cinder['conf']['cinder'] }}" 20 | - sections: 21 | database: 22 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 23 | DEFAULT: 24 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 25 | glance_host: "{{ openstack_parameters['controller_ip'] }}" 26 | auth_strategy: keystone 27 | enabled_backends: lvm 28 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 29 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 30 | keystone_authtoken: 31 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 32 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 33 | auth_plugin: "password" 34 | project_domain_id: "default" 35 | user_domain_id: "default" 36 | project_name: "service" 37 | username: "cinder" 38 | password: "{{ service_users['cinder']['password'] }}" 39 | lvm: 40 | volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver 41 | volume_group: {{ cinder['volumes_group_name'] }} 42 | iscsi_protocol: iscsi 43 | iscsi_helper: lioadm 44 | oslo_concurrency: 45 | lock_path: "{{ cinder['files']['lock'] }}" 46 | - require: 47 | - ini: cinder_storage_conf_keystone_authtoken 48 | 49 | 50 | {% for service in cinder['services']['storage'] %} 51 | cinder_storage_{{ service }}_running: 52 | service.running: 53 | - enable: True 54 | - name: {{ cinder['services']['storage'][service] }} 55 | - watch: 56 | - ini: cinder_storage_conf 57 | {% endfor %} 58 | 59 | 60 | cinder_storage_wait: 61 | cmd.run: 62 | - name: sleep 5 63 | - require: 64 | {% for service in cinder['services']['storage'] %} 65 | - service: cinder_storage_{{ service }}_running 66 | {% endfor %} 67 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/storage/Ubuntu/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_storage_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - sections: 10 | - keystone_authtoken 11 | - require: 12 | {% for pkg in cinder['packages']['storage'] %} 13 | - pkg: cinder_storage_{{ pkg }}_install 14 | {% endfor %} 15 | 16 | 17 | cinder_storage_conf: 18 | ini.options_present: 19 | - name: "{{ cinder['conf']['cinder'] }}" 20 | - sections: 21 | database: 22 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 23 | DEFAULT: 24 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 25 | glance_host: "{{ openstack_parameters['controller_ip'] }}" 26 | auth_strategy: keystone 27 | enabled_backends: lvm 28 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 29 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 30 | keystone_authtoken: 31 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 32 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 33 | auth_plugin: "password" 34 | project_domain_id: "default" 35 | user_domain_id: "default" 36 | project_name: "service" 37 | username: "cinder" 38 | password: "{{ service_users['cinder']['password'] }}" 39 | lvm: 40 | volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver 41 | volume_group: {{ cinder['volumes_group_name'] }} 42 | iscsi_protocol: iscsi 43 | iscsi_helper: tgtadm 44 | oslo_concurrency: 45 | lock_path: "{{ cinder['files']['lock'] }}" 46 | - require: 47 | - ini: cinder_storage_conf_keystone_authtoken 48 | 49 | 50 | {% for service in cinder['services']['storage'] %} 51 | cinder_storage_{{ service }}_running: 52 | service.running: 53 | - enable: True 54 | - name: {{ cinder['services']['storage'][service] }} 55 | - watch: 56 | - ini: cinder_storage_conf 57 | {% endfor %} 58 | 59 | 60 | cinder_storage_wait: 61 | cmd.run: 62 | - name: sleep 5 63 | - require: 64 | {% for service in cinder['services']['storage'] %} 65 | - service: cinder_storage_{{ service }}_running 66 | {% endfor %} 67 | -------------------------------------------------------------------------------- /pillar_root/default_template/networking.sls: -------------------------------------------------------------------------------- 1 | neutron: 2 | integration_bridge: "br-int" 3 | 4 | external_bridge: "" 5 | 6 | single_nic: 7 | enable: 8 | interface: "" 9 | set_up_script: "" 10 | 11 | type_drivers: 12 | flat: 13 | physnets: 14 | : 15 | bridge: "" 16 | hosts: 17 | "": "" 18 | vlan: 19 | physnets: 20 | : 21 | bridge: "" 22 | vlan_range: ":" 23 | hosts: 24 | "": "" 25 | gre: 26 | physnets: 27 | : 28 | bridge: "" 29 | hosts: 30 | "": "" 31 | tunnels: 32 | : 33 | tunnel_id_ranges: ":" 34 | vxlan: 35 | physnets: 36 | : 37 | bridge: "" 38 | hosts: 39 | "": "" 40 | vxlan_group: "" 41 | tunnels: 42 | : 43 | vni_range: ":" 44 | 45 | tunneling: 46 | enable: 47 | types: 48 | - "" 49 | bridge: "br-tun" 50 | 51 | networks: 52 | : 53 | user: "" 54 | tenant: "" 55 | provider_physical_network: "" 56 | provider_network_type: "" 57 | shared: 58 | admin_state_up: 59 | router_external: 60 | subnets: 61 | : 62 | cidr: '' 63 | allocation_pools: 64 | - start: '' 65 | end: '' 66 | enable_dhcp: 67 | dns_nameservers: 68 | - 69 | - 70 | 71 | routers: 72 | : 73 | user: "" 74 | tenant: "" 75 | interfaces: 76 | - "" 77 | - "" 78 | gateway_network: "" 79 | 80 | security_groups: 81 | : 82 | user: "" 83 | tenant: "" 84 | description: "" 85 | rules: 86 | - direction: "" 87 | ethertype: "" 88 | protocol: "" 89 | port_range_min: "" 90 | port_range_max: "" 91 | remote_ip_prefix: "" 92 | -------------------------------------------------------------------------------- /file_root/reset/soft/controller/openvswitch.sls: -------------------------------------------------------------------------------- 1 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | 4 | 5 | # Delete all OVS bridges created in the previous OpenStack deployment 6 | 7 | {% set ovs_service_available = salt['service.available'](neutron['services']['network']['ovs']) %} 8 | {% set single_nic_enable = salt['openstack_utils.boolean_value'](neutron['single_nic']['enable']) %} 9 | openvswitch_bridges_cleanup_script: 10 | file.managed: 11 | - user: root 12 | - group: root 13 | - mode: 400 14 | - name: "/tmp/openvswitch_bridges_cleanup.sh" 15 | - contents: | 16 | #!/bin/bash 17 | set -e 18 | 19 | OPENVSWITCH="{{ ovs_service_available }}" 20 | if [ $OPENVSWITCH != "True" ]; then 21 | echo "OpenvSwitch service is not installed." 22 | exit 0 23 | fi 24 | 25 | OPENVSWITCH="{{ ovs_service_available }}" 26 | if [ $OPENVSWITCH == "True" ]; then 27 | {% if single_nic_enable %} 28 | for i in `ovs-vsctl show | grep Bridge | awk '{print $2}' | grep -v br-proxy`; do 29 | {% else %} 30 | for i in `ovs-vsctl show | grep Bridge | awk '{print $2}'`; do 31 | {% endif %} 32 | BRIDGE=`echo $i | sed -r "s/^\"(.*)\"$/\1/g"` 33 | ovs-vsctl del-br $BRIDGE 34 | {% if single_nic_enable %} 35 | for PROXY_PORT in `ovs-vsctl list-ifaces br-proxy | egrep "proxy-veth[0-9]+"`; do 36 | ovs-vsctl del-port $PROXY_PORT 37 | done 38 | {% endif %} 39 | done 40 | else 41 | echo "OpenvSwitch service is not running." 42 | exit 1 43 | fi 44 | exit 0 45 | 46 | - require: 47 | - cmd: services_check 48 | 49 | openvswitch_bridges_cleanup: 50 | cmd.run: 51 | - name: "bash /tmp/openvswitch_bridges_cleanup.sh" 52 | - require: 53 | - file: openvswitch_bridges_cleanup_script 54 | 55 | openvswitch_bridges_cleanup_delete: 56 | file.absent: 57 | - name: "/tmp/openvswitch_bridges_cleanup.sh" 58 | - require: 59 | - file: openvswitch_bridges_cleanup_script 60 | 61 | 62 | # Single NIC scenario 63 | # Delete virtual cables' network scripts from previous OpenStack deployment 64 | 65 | {% if single_nic_enable %} 66 | {% if grains['os'] == 'CentOS' %} 67 | centos_veths_network_scripts_delete: 68 | cmd.run: 69 | - name: | 70 | for i in `ls /etc/sysconfig/network-scripts/`; do 71 | if [ "`echo $i | egrep 'ifcfg-proxy-veth[0-9]+'`" != "" ]; then 72 | rm "/etc/sysconfig/network-scripts/$i" 73 | fi 74 | done 75 | - require: 76 | - cmd: openvswitch_bridges_cleanup 77 | {% endif %} 78 | {% endif %} 79 | 80 | 81 | -------------------------------------------------------------------------------- /file_root/openstack/cinder/controller/CentOS/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set cinder = salt['openstack_utils.cinder']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | cinder_conf_create: 7 | file.copy: 8 | - name: "{{ cinder['conf']['cinder'] }}" 9 | - source: "{{ cinder['conf']['cinder_conf_dist'] }}" 10 | - user: cinder 11 | - group: cinder 12 | - require: 13 | {% for pkg in cinder['packages']['controller'] %} 14 | - pkg: cinder_controller_{{ pkg }}_install 15 | {% endfor %} 16 | 17 | 18 | cinder_controller_conf_keystone_authtoken: 19 | ini.sections_absent: 20 | - name: "{{ cinder['conf']['cinder'] }}" 21 | - sections: 22 | - keystone_authtoken 23 | - require: 24 | - file: cinder_conf_create 25 | 26 | 27 | cinder_controller_conf: 28 | ini.options_present: 29 | - name: "{{ cinder['conf']['cinder'] }}" 30 | - sections: 31 | DEFAULT: 32 | my_ip: {{ openstack_parameters['controller_ip'] }} 33 | auth_strategy: keystone 34 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 35 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 36 | database: 37 | connection: "mysql://{{ cinder['database']['username'] }}:{{ cinder['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ cinder['database']['db_name'] }}" 38 | keystone_authtoken: 39 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 40 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 41 | auth_plugin: "password" 42 | project_domain_id: "default" 43 | user_domain_id: "default" 44 | project_name: "service" 45 | username: "cinder" 46 | password: "{{ service_users['cinder']['password'] }}" 47 | oslo_concurrency: 48 | lock_path: "{{ cinder['files']['lock'] }}" 49 | - require: 50 | - ini: cinder_controller_conf_keystone_authtoken 51 | 52 | 53 | cinder_db_sync: 54 | cmd.run: 55 | - name: "su -s /bin/sh -c 'cinder-manage db sync' cinder" 56 | - require: 57 | - ini: cinder_controller_conf 58 | 59 | 60 | cinder_controller_sqlite_delete: 61 | file.absent: 62 | - name: {{ cinder['files']['sqlite'] }} 63 | - require: 64 | - cmd: cinder_db_sync 65 | 66 | 67 | {% for service in cinder['services']['controller'] %} 68 | cinder_controller_{{ service }}_running: 69 | service.running: 70 | - enable: True 71 | - name: {{ cinder['services']['controller'][service] }} 72 | - watch: 73 | - ini: cinder_controller_conf 74 | {% endfor %} 75 | 76 | 77 | cinder_controller_wait: 78 | cmd.run: 79 | - name: sleep 5 80 | - require: 81 | {% for service in cinder['services']['controller'] %} 82 | - service: cinder_controller_{{ service }}_running 83 | {% endfor %} 84 | -------------------------------------------------------------------------------- /file_root/database/mysql/init.sls: -------------------------------------------------------------------------------- 1 | {% set mysql = salt['openstack_utils.mysql']() %} 2 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 3 | 4 | 5 | {% for pkg in mysql['packages'] %} 6 | mysql_{{ pkg }}_install: 7 | pkg.installed: 8 | - name: {{ pkg }} 9 | {% endfor %} 10 | 11 | 12 | mysql_conf: 13 | file.managed: 14 | - user: root 15 | - group: root 16 | - mode: 644 17 | - name: {{ mysql['conf']['mysqld'] }} 18 | - contents: | 19 | [mysqld] 20 | bind-address = {{ openstack_parameters['controller_ip'] }} 21 | default-storage-engine = innodb 22 | innodb_file_per_table 23 | collation-server = utf8_general_ci 24 | init-connect = 'SET NAMES utf8' 25 | character-set-server = utf8 26 | - require: 27 | {% for pkg in mysql['packages'] %} 28 | - pkg: mysql_{{ pkg }}_install 29 | {% endfor %} 30 | 31 | 32 | mysql_service_running: 33 | service.running: 34 | - enable: True 35 | - name: {{ mysql['services']['mysql'] }} 36 | - watch: 37 | - file: mysql_conf 38 | 39 | 40 | mysql_secure_installation_script: 41 | file.managed: 42 | - user: root 43 | - group: root 44 | - mode: 400 45 | - name: "/tmp/mysql-secure-installation.sh" 46 | - contents: | 47 | #!/bin/bash 48 | mysql -u root -p"{{ mysql['root_password'] }}" -e "" &> /dev/null 49 | if [ $? -eq 0 ]; then 50 | echo "MySQL root password was already set." 51 | else 52 | mysql -u root -e "" &> /dev/null 53 | if [ $? -eq 0 ]; then 54 | mysqladmin -u root password "{{ mysql['root_password'] }}" 55 | echo "MySQL root password has been successfully set." 56 | else 57 | echo "ERROR: Cannot change MySQL root password." >&2 58 | exit 1 59 | fi 60 | fi 61 | mysql -u root -p"{{ mysql['root_password'] }}" -e "UPDATE mysql.user SET Password=PASSWORD('{{ mysql['root_password'] }}') WHERE User='root';" 62 | mysql -u root -p"{{ mysql['root_password'] }}" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" 63 | mysql -u root -p"{{ mysql['root_password'] }}" -e "DELETE FROM mysql.user WHERE User='';" 64 | mysql -u root -p"{{ mysql['root_password'] }}" -e "use test;" &> /dev/null 65 | if [ $? -eq 0 ]; then 66 | mysql -u root -p"{{ mysql['root_password'] }}" -e "DROP DATABASE test;" 67 | fi 68 | mysql -u root -p"{{ mysql['root_password'] }}" -e "FLUSH PRIVILEGES;" 69 | echo "Finished MySQL secure installation." 70 | exit 0 71 | - require: 72 | - service: mysql_service_running 73 | 74 | 75 | mysql_secure_installation_run: 76 | cmd: 77 | - run 78 | - name: "bash /tmp/mysql-secure-installation.sh" 79 | - require: 80 | - file: mysql_secure_installation_script 81 | 82 | 83 | mysql_secure_installation_script_delete: 84 | file: 85 | - absent 86 | - name: "/tmp/mysql-secure-installation.sh" 87 | -------------------------------------------------------------------------------- /file_root/openstack/heat/Ubuntu/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | {% set keystone = salt['openstack_utils.keystone']() %} 5 | {% set admin_users = salt['openstack_utils.openstack_users']('admin') %} 6 | 7 | 8 | heat_conf: 9 | ini.options_present: 10 | - name: "{{ heat['conf']['heat'] }}" 11 | - sections: 12 | database: 13 | connection: "mysql://{{ heat['database']['username'] }}:{{ heat['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ heat['database']['db_name'] }}" 14 | DEFAULT: 15 | heat_metadata_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000" 16 | heat_waitcondition_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000/v1/waitcondition" 17 | stack_domain_admin: heat_domain_admin 18 | stack_domain_admin_password: {{ service_users['heat']['password'] }} 19 | stack_user_domain_name: heat_user_domain 20 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 21 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 22 | keystone_authtoken: 23 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 24 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 25 | admin_tenant_name: service 26 | admin_user: heat 27 | admin_password: {{ service_users['heat']['password'] }} 28 | ec2authtoken: 29 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 30 | - require: 31 | {% for pkg in heat['packages'] %} 32 | - pkg: heat_{{ pkg }}_install 33 | {% endfor %} 34 | 35 | 36 | heat_domain_create: 37 | cmd.run: 38 | - name: | 39 | export OS_USERNAME=admin && \ 40 | export OS_TENANT_NAME=admin && \ 41 | export OS_PASSWORD={{ admin_users['admin']['password'] }} && \ 42 | export OS_AUTH_URL={{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }} && \ 43 | heat-keystone-setup-domain \ 44 | --stack-user-domain-name heat_user_domain \ 45 | --stack-domain-admin heat_domain_admin \ 46 | --stack-domain-admin-password {{ service_users['heat']['password'] }} 47 | - require: 48 | - ini: heat_conf 49 | 50 | 51 | heat_db_sync: 52 | cmd.run: 53 | - name: "su -s /bin/sh -c 'heat-manage db_sync' heat" 54 | - require: 55 | - cmd: heat_domain_create 56 | 57 | 58 | heat_sqlite_delete: 59 | file.absent: 60 | - name: "{{ heat['files']['sqlite'] }}" 61 | - require: 62 | - cmd: heat_db_sync 63 | 64 | 65 | {% for service in heat['services'] %} 66 | heat_service_{{ service }}_running: 67 | service.running: 68 | - name: {{ heat['services'][service] }} 69 | - enable: True 70 | - require: 71 | - cmd: heat_db_sync 72 | - watch: 73 | - ini: heat_conf 74 | {% endfor %} 75 | 76 | 77 | heat_wait: 78 | cmd.run: 79 | - name: sleep 5 80 | - require: 81 | {% for service in heat['services'] %} 82 | - service: heat_service_{{ service }}_running 83 | {% endfor %} 84 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/Ubuntu/openvswitch/single_nic.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set openvswitch = salt['openstack_utils.openvswitch']() %} 3 | 4 | 5 | openvswitch_interfaces_promisc_upstart_job: 6 | file.managed: 7 | - name: {{ openvswitch['conf']['promisc_interfaces'] }} 8 | - user: root 9 | - group: root 10 | - mode: 644 11 | - contents: | 12 | 13 | start on runlevel [2345] 14 | 15 | script 16 | #!/usr/bin/env bash 17 | ip link set br-proxy up promisc on 18 | {% set index = 1 %} 19 | {% for bridge in neutron['bridges'] %} 20 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 21 | ip link add veth-proxy-{{ index }} type veth peer name veth-{{ index }}-proxy 22 | ip link set veth-{{ index }}-proxy up promisc on 23 | ip link set veth-proxy-{{ index }} up promisc on 24 | {% endif %} 25 | {% set index = index + 1 %} 26 | {% endfor %} 27 | end script 28 | - require: 29 | {% set index = 1 %} 30 | {% for bridge in neutron['bridges'] %} 31 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 32 | - cmd: openvswitch_veth-proxy-{{ index }}_up 33 | - cmd: openvswitch_veth-{{ index }}-proxy_up 34 | {% endif %} 35 | {% set index = index + 1 %} 36 | {% endfor %} 37 | 38 | 39 | openvswitch_br-proxy_network_interface: 40 | cmd.run: 41 | - name: sed -i "s/{{ neutron['single_nic']['interface'] }}/br-proxy/" {{ openvswitch['conf']['interfaces'] }} 42 | - unless: egrep "br-proxy" "{{ openvswitch['conf']['interfaces'] }}" 43 | - require: 44 | - file: openvswitch_interfaces_promisc_upstart_job 45 | 46 | 47 | openvswitch_{{ openvswitch['conf']['interfaces'] }}_network_interface: 48 | file.append: 49 | - name: "{{ openvswitch['conf']['interfaces'] }}" 50 | - unless: egrep "{{ neutron['single_nic']['interface'] }}" "{{ openvswitch['conf']['interfaces'] }}" 51 | - text: | 52 | 53 | auto {{ neutron['single_nic']['interface'] }} 54 | iface {{ neutron['single_nic']['interface'] }} inet manual 55 | up ifconfig $IFACE 0.0.0.0 up 56 | up ip link set $IFACE promisc on 57 | down ip link set $IFACE promisc off 58 | down ifconfig $IFACE down 59 | 60 | - require: 61 | - cmd: openvswitch_br-proxy_network_interface 62 | 63 | 64 | openvswitch_br-proxy_script_create: 65 | file.managed: 66 | - name: {{ neutron['single_nic']['set_up_script'] }} 67 | - user: root 68 | - group: root 69 | - mode: 755 70 | - contents: | 71 | #!/usr/bin/env bash 72 | set -e 73 | 74 | # This script should be executed at the end of the salt states execution 75 | # to set up the br-proxy used for the current single NIC OpenStack deployment. 76 | 77 | ifdown {{ neutron['single_nic']['interface'] }} && ifup {{ neutron['single_nic']['interface'] }} 78 | ifup br-proxy 79 | if [ "`ovs-vsctl list-ports br-proxy | grep {{ neutron['single_nic']['interface'] }}`" = "" ]; then 80 | ovs-vsctl add-port br-proxy {{ neutron['single_nic']['interface'] }} 81 | else 82 | echo "{{ neutron['single_nic']['interface'] }} was already added to br-proxy" 83 | fi 84 | - require: 85 | - file: openvswitch_{{ openvswitch['conf']['interfaces'] }}_network_interface 86 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/Ubuntu/kilo/kvm/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_compute_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | - keystone_authtoken 11 | - require: 12 | {% for pkg in nova['packages']['compute']['kvm'] %} 13 | - pkg: nova_compute_{{ pkg }}_install 14 | {% endfor %} 15 | 16 | 17 | {% set minion_ip = salt['openstack_utils.minion_ip'](grains['id']) %} 18 | nova_compute_conf: 19 | ini.options_present: 20 | - name: {{ nova['conf']['nova'] }} 21 | - sections: 22 | DEFAULT: 23 | auth_strategy: keystone 24 | my_ip: {{ minion_ip }} 25 | vnc_enabled: True 26 | vncserver_listen: 0.0.0.0 27 | vncserver_proxyclient_address: {{ minion_ip }} 28 | novncproxy_base_url: "http://{{ openstack_parameters['controller_ip'] }}:6080/vnc_auto.html" 29 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 30 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 31 | network_api_class: nova.network.neutronv2.api.API 32 | security_group_api: neutron 33 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 34 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 35 | keystone_authtoken: 36 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 37 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 38 | auth_plugin: "password" 39 | project_domain_id: "default" 40 | user_domain_id: "default" 41 | project_name: "service" 42 | username: "nova" 43 | password: "{{ service_users['nova']['password'] }}" 44 | glance: 45 | host: "{{ openstack_parameters['controller_ip'] }}" 46 | oslo_concurrency: 47 | lock_path: "{{ nova['files']['nova_tmp'] }}" 48 | neutron: 49 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 50 | auth_strategy: keystone 51 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 52 | admin_tenant_name: service 53 | admin_username: neutron 54 | admin_password: "{{ service_users['neutron']['password'] }}" 55 | - require: 56 | - ini: nova_compute_conf_keystone_authtoken 57 | 58 | 59 | nova_compute_conf_virt_type: 60 | ini.options_present: 61 | - name: {{ nova['conf']['nova_compute'] }} 62 | - sections: 63 | libvirt: 64 | virt_type: {{ nova['libvirt_virt_type'] }} 65 | - require: 66 | - ini: nova_compute_conf 67 | 68 | 69 | nova_compute_running: 70 | service.running: 71 | - enable: True 72 | - name: {{ nova['services']['compute']['kvm']['nova'] }} 73 | - watch: 74 | - ini: nova_compute_conf 75 | - ini: nova_compute_conf_virt_type 76 | 77 | 78 | nova_compute_sqlite_delete: 79 | file.absent: 80 | - name: {{ nova['files']['sqlite'] }} 81 | - require: 82 | - service: nova_compute_running 83 | 84 | 85 | nova_compute_wait: 86 | cmd.run: 87 | - name: sleep 5 88 | - require: 89 | - service: nova_compute_running 90 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/CentOS/kilo/kvm/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_compute_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | - keystone_authtoken 11 | - require: 12 | {% for pkg in nova['packages']['compute']['kvm'] %} 13 | - pkg: nova_compute_{{ pkg }}_install 14 | {% endfor %} 15 | 16 | 17 | {% set minion_ip = salt['openstack_utils.minion_ip'](grains['id']) %} 18 | nova_compute_conf: 19 | ini.options_present: 20 | - name: {{ nova['conf']['nova'] }} 21 | - sections: 22 | DEFAULT: 23 | auth_strategy: keystone 24 | my_ip: {{ minion_ip }} 25 | vnc_enabled: True 26 | vncserver_listen: 0.0.0.0 27 | vncserver_proxyclient_address: {{ minion_ip }} 28 | novncproxy_base_url: "http://{{ openstack_parameters['controller_ip'] }}:6080/vnc_auto.html" 29 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 30 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 31 | network_api_class: nova.network.neutronv2.api.API 32 | security_group_api: neutron 33 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 34 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 35 | keystone_authtoken: 36 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 37 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 38 | auth_plugin: "password" 39 | project_domain_id: "default" 40 | user_domain_id: "default" 41 | project_name: "service" 42 | username: "nova" 43 | password: "{{ service_users['nova']['password'] }}" 44 | glance: 45 | host: "{{ openstack_parameters['controller_ip'] }}" 46 | oslo_concurrency: 47 | lock_path: "{{ nova['files']['nova_tmp'] }}" 48 | neutron: 49 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 50 | auth_strategy: keystone 51 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 52 | admin_tenant_name: service 53 | admin_username: neutron 54 | admin_password: "{{ service_users['neutron']['password'] }}" 55 | libvirt: 56 | virt_type: {{ nova['libvirt_virt_type'] }} 57 | - require: 58 | - ini: nova_compute_conf_keystone_authtoken 59 | 60 | 61 | {% for service in nova['services']['compute']['kvm'] %} 62 | nova_compute_{{ service }}_running: 63 | service.running: 64 | - enable: True 65 | - name: {{ nova['services']['compute']['kvm'][service] }} 66 | - watch: 67 | - ini: nova_compute_conf 68 | {% endfor %} 69 | 70 | 71 | nova_compute_sqlite_delete: 72 | file.absent: 73 | - name: {{ nova['files']['sqlite'] }} 74 | - require: 75 | {% for service in nova['services']['compute']['kvm'] %} 76 | - service: nova_compute_{{ service }}_running 77 | {% endfor %} 78 | 79 | 80 | nova_compute_wait: 81 | cmd.run: 82 | - name: sleep 5 83 | - require: 84 | {% for service in nova['services']['compute']['kvm'] %} 85 | - service: nova_compute_{{ service }}_running 86 | {% endfor %} 87 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/CentOS/juno/kvm/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_compute_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in nova['packages']['compute']['kvm'] %} 16 | - pkg: nova_compute_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | nova_compute_conf: 21 | ini.options_present: 22 | - name: {{ nova['conf']['nova'] }} 23 | - sections: 24 | DEFAULT: 25 | auth_strategy: keystone 26 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 27 | vnc_enabled: True 28 | vncserver_listen: "0.0.0.0" 29 | vncserver_proxyclient_address: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 30 | novncproxy_base_url: "http://{{ openstack_parameters['controller_ip'] }}:6080/vnc_auto.html" 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | network_api_class: nova.network.neutronv2.api.API 34 | security_group_api: neutron 35 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 36 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 37 | vif_plugging_is_fatal: False 38 | vif_plugging_timeout: 0 39 | keystone_authtoken: 40 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 41 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 42 | admin_tenant_name: service 43 | admin_user: nova 44 | admin_password: "{{ service_users['nova']['password'] }}" 45 | glance: 46 | host: "{{ openstack_parameters['controller_ip'] }}" 47 | neutron: 48 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 49 | auth_strategy: keystone 50 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 51 | admin_tenant_name: service 52 | admin_username: neutron 53 | admin_password: "{{ service_users['neutron']['password'] }}" 54 | libvirt: 55 | virt_type: {{ nova['libvirt_virt_type'] }} 56 | cpu_mode: none 57 | - require: 58 | - ini: nova_compute_conf_keystone_authtoken 59 | 60 | 61 | {% for service in nova['services']['compute']['kvm'] %} 62 | nova_compute_{{ service }}_running: 63 | service.running: 64 | - enable: True 65 | - name: {{ nova['services']['compute']['kvm'][service] }} 66 | - watch: 67 | - ini: nova_compute_conf 68 | {% endfor %} 69 | 70 | 71 | nova_compute_sqlite_delete: 72 | file.absent: 73 | - name: {{ nova['files']['sqlite'] }} 74 | - require: 75 | {% for service in nova['services']['compute']['kvm'] %} 76 | - service: nova_compute_{{ service }}_running 77 | {% endfor %} 78 | 79 | 80 | nova_compute_wait: 81 | cmd.run: 82 | - name: sleep 5 83 | - require: 84 | {% for service in nova['services']['compute']['kvm'] %} 85 | - service: nova_compute_{{ service }}_running 86 | {% endfor %} 87 | -------------------------------------------------------------------------------- /file_root/openstack/heat/CentOS/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set heat = salt['openstack_utils.heat']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | {% set keystone = salt['openstack_utils.keystone']() %} 5 | {% set admin_users = salt['openstack_utils.openstack_users']('admin') %} 6 | 7 | 8 | heat_conf_create: 9 | file.copy: 10 | - name: "{{ heat['conf']['heat'] }}" 11 | - source: "{{ heat['conf']['heat_conf_dist'] }}" 12 | - user: heat 13 | - group: heat 14 | - require: 15 | {% for pkg in heat['packages'] %} 16 | - pkg: heat_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | heat_conf: 21 | ini.options_present: 22 | - name: "{{ heat['conf']['heat'] }}" 23 | - sections: 24 | database: 25 | connection: "mysql://{{ heat['database']['username'] }}:{{ heat['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ heat['database']['db_name'] }}" 26 | DEFAULT: 27 | heat_metadata_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000" 28 | heat_waitcondition_server_url: "http://{{ openstack_parameters['controller_ip'] }}:8000/v1/waitcondition" 29 | stack_domain_admin: heat_domain_admin 30 | stack_domain_admin_password: {{ service_users['heat']['password'] }} 31 | stack_user_domain_name: heat_user_domain 32 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 34 | keystone_authtoken: 35 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 36 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 37 | admin_tenant_name: service 38 | admin_user: heat 39 | admin_password: {{ service_users['heat']['password'] }} 40 | ec2authtoken: 41 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 42 | - require: 43 | {% for pkg in heat['packages'] %} 44 | - pkg: heat_{{ pkg }}_install 45 | {% endfor %} 46 | 47 | 48 | heat_domain_create: 49 | cmd.run: 50 | - name: | 51 | export OS_USERNAME=admin && \ 52 | export OS_TENANT_NAME=admin && \ 53 | export OS_PASSWORD={{ admin_users['admin']['password'] }} && \ 54 | export OS_AUTH_URL={{ keystone['openstack_services']['keystone']['endpoint']['adminurl'].format(openstack_parameters['controller_ip']) }} && \ 55 | heat-keystone-setup-domain \ 56 | --stack-user-domain-name heat_user_domain \ 57 | --stack-domain-admin heat_domain_admin \ 58 | --stack-domain-admin-password {{ service_users['heat']['password'] }} 59 | - require: 60 | - ini: heat_conf 61 | 62 | 63 | heat_db_sync: 64 | cmd.run: 65 | - name: "su -s /bin/sh -c 'heat-manage db_sync' heat" 66 | - require: 67 | - cmd: heat_domain_create 68 | 69 | 70 | heat_sqlite_delete: 71 | file.absent: 72 | - name: "{{ heat['files']['sqlite'] }}" 73 | - require: 74 | - cmd: heat_db_sync 75 | 76 | 77 | {% for service in heat['services'] %} 78 | heat_service_{{ service }}_running: 79 | service.running: 80 | - name: {{ heat['services'][service] }} 81 | - enable: True 82 | - require: 83 | - cmd: heat_db_sync 84 | - watch: 85 | - ini: heat_conf 86 | {% endfor %} 87 | 88 | 89 | heat_wait: 90 | cmd.run: 91 | - name: sleep 5 92 | - require: 93 | {% for service in heat['services'] %} 94 | - service: heat_service_{{ service }}_running 95 | {% endfor %} 96 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/Ubuntu/icehouse/kvm/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_compute_conf: 7 | ini.options_present: 8 | - name: {{ nova['conf']['nova'] }} 9 | - sections: 10 | database: 11 | connection: "mysql://{{ nova['database']['username'] }}:{{ nova['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ nova['database']['db_name'] }}" 12 | DEFAULT: 13 | auth_strategy: keystone 14 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 15 | vnc_enabled: True 16 | vncserver_listen: "0.0.0.0" 17 | vncserver_proxyclient_address: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 18 | novncproxy_base_url: "http://{{ openstack_parameters['controller_ip'] }}:6080/vnc_auto.html" 19 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 20 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 21 | network_api_class: nova.network.neutronv2.api.API 22 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 23 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 24 | security_group_api: neutron 25 | neutron_url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 26 | neutron_auth_strategy: keystone 27 | neutron_admin_tenant_name: service 28 | neutron_admin_username: neutron 29 | neutron_admin_password: "{{ service_users['neutron']['password'] }}" 30 | neutron_admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 31 | vif_plugging_is_fatal: False 32 | vif_plugging_timeout: 10 33 | keystone_authtoken: 34 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 35 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 36 | auth_port: 35357 37 | auth_protocol: http 38 | admin_tenant_name: service 39 | admin_user: nova 40 | admin_password: "{{ service_users['nova']['password'] }}" 41 | glance: 42 | host: "{{ openstack_parameters['controller_ip'] }}" 43 | - require: 44 | {% for pkg in nova['packages']['compute']['kvm'] %} 45 | - pkg: nova_compute_{{ pkg }}_install 46 | {% endfor %} 47 | 48 | 49 | nova_compute_conf_virt_type: 50 | ini.options_present: 51 | - name: {{ nova['conf']['nova_compute'] }} 52 | - sections: 53 | libvirt: 54 | virt_type: {{ nova['libvirt_virt_type'] }} 55 | cpu_mode: none 56 | - require: 57 | - ini: nova_compute_conf 58 | 59 | 60 | {% for service in nova['services']['compute']['kvm'] %} 61 | nova_compute_{{ service }}_running: 62 | service.running: 63 | - enable: True 64 | - name: {{ nova['services']['compute']['kvm'][service] }} 65 | - watch: 66 | - ini: nova_compute_conf 67 | - ini: nova_compute_conf_virt_type 68 | {% endfor %} 69 | 70 | 71 | nova_compute_sqlite_delete: 72 | file.absent: 73 | - name: {{ nova['files']['sqlite'] }} 74 | - require: 75 | {% for service in nova['services']['compute']['kvm'] %} 76 | - service: nova_compute_{{ service }}_running 77 | {% endfor %} 78 | 79 | 80 | nova_compute_wait: 81 | cmd.run: 82 | - name: sleep 5 83 | - require: 84 | {% for service in nova['services']['compute']['kvm'] %} 85 | - service: nova_compute_{{ service }}_running 86 | {% endfor %} 87 | 88 | 89 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 4 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 5 | 6 | 7 | nova_controller_conf: 8 | ini.options_present: 9 | - name: "{{ nova['conf']['nova'] }}" 10 | - sections: 11 | database: 12 | connection: "mysql://{{ nova['database']['username'] }}:{{ nova['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ nova['database']['db_name'] }}" 13 | DEFAULT: 14 | auth_strategy: "keystone" 15 | my_ip: "{{ openstack_parameters['controller_ip'] }}" 16 | vncserver_listen: "{{ openstack_parameters['controller_ip'] }}" 17 | vncserver_proxyclient_address: "{{ openstack_parameters['controller_ip'] }}" 18 | cpu_allocation_ratio: {{ salt['pillar.get']('nova:cpu_allocation_ratio') }} 19 | ram_allocation_ratio: {{ salt['pillar.get']('nova:ram_allocation_ratio') }} 20 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 21 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 22 | service_neutron_metadata_proxy: True 23 | neutron_metadata_proxy_shared_secret: {{ neutron['metadata_secret'] }} 24 | network_api_class: nova.network.neutronv2.api.API 25 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 26 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 27 | security_group_api: neutron 28 | neutron_url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 29 | neutron_auth_strategy: keystone 30 | neutron_admin_tenant_name: service 31 | neutron_admin_username: neutron 32 | neutron_admin_password: "{{ service_users['neutron']['password'] }}" 33 | neutron_admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 34 | vif_plugging_is_fatal: False 35 | vif_plugging_timeout: 10 36 | keystone_authtoken: 37 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 38 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 39 | auth_port: 35357 40 | auth_protocol: http 41 | admin_tenant_name: service 42 | admin_user: nova 43 | admin_password: "{{ service_users['nova']['password'] }}" 44 | glance: 45 | host: "{{ openstack_parameters['controller_ip'] }}" 46 | - require: 47 | {% for pkg in nova['packages']['controller'] %} 48 | - pkg: nova_controller_{{ pkg }}_install 49 | {% endfor %} 50 | 51 | 52 | nova_db_sync: 53 | cmd.run: 54 | - name: "su -s /bin/sh -c 'nova-manage db sync' nova" 55 | - require: 56 | - ini: nova_controller_conf 57 | 58 | 59 | nova_controller_sqlite_delete: 60 | file.absent: 61 | - name: {{ nova['files']['sqlite'] }} 62 | - require: 63 | - cmd: nova_db_sync 64 | 65 | 66 | {% for service in nova['services']['controller'] %} 67 | nova_controller_{{ service }}_running: 68 | service.running: 69 | - enable: True 70 | - name: "{{ nova['services']['controller'][service] }}" 71 | - require: 72 | - cmd: nova_db_sync 73 | - watch: 74 | - ini: nova_controller_conf 75 | {% endfor %} 76 | 77 | 78 | nova_controller_wait: 79 | cmd: 80 | - run 81 | - name: sleep 5 82 | - require: 83 | {% for service in nova['services']['controller'] %} 84 | - service: nova_controller_{{ service }}_running 85 | {% endfor %} 86 | -------------------------------------------------------------------------------- /file_root/openstack/nova/compute/Ubuntu/juno/kvm/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | nova_compute_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ nova['conf']['nova'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in nova['packages']['compute']['kvm'] %} 16 | - pkg: nova_compute_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | nova_compute_conf: 21 | ini.options_present: 22 | - name: {{ nova['conf']['nova'] }} 23 | - sections: 24 | DEFAULT: 25 | auth_strategy: keystone 26 | my_ip: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 27 | vnc_enabled: True 28 | vncserver_listen: "0.0.0.0" 29 | vncserver_proxyclient_address: "{{ salt['openstack_utils.minion_ip'](grains['id']) }}" 30 | novncproxy_base_url: "http://{{ openstack_parameters['controller_ip'] }}:6080/vnc_auto.html" 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | network_api_class: nova.network.neutronv2.api.API 34 | security_group_api: neutron 35 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 36 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 37 | vif_plugging_is_fatal: False 38 | vif_plugging_timeout: 0 39 | keystone_authtoken: 40 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 41 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 42 | admin_tenant_name: service 43 | admin_user: nova 44 | admin_password: "{{ service_users['nova']['password'] }}" 45 | glance: 46 | host: "{{ openstack_parameters['controller_ip'] }}" 47 | neutron: 48 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 49 | auth_strategy: keystone 50 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 51 | admin_tenant_name: service 52 | admin_username: neutron 53 | admin_password: "{{ service_users['neutron']['password'] }}" 54 | 55 | - require: 56 | - ini: nova_compute_conf_keystone_authtoken 57 | 58 | 59 | nova_compute_conf_virt_type: 60 | ini.options_present: 61 | - name: {{ nova['conf']['nova_compute'] }} 62 | - sections: 63 | libvirt: 64 | virt_type: {{ nova['libvirt_virt_type'] }} 65 | cpu_mode: none 66 | - require: 67 | - ini: nova_compute_conf 68 | 69 | 70 | {% for service in nova['services']['compute']['kvm'] %} 71 | nova_compute_{{ service }}_running: 72 | service.running: 73 | - enable: True 74 | - name: {{ nova['services']['compute']['kvm'][service] }} 75 | - watch: 76 | - ini: nova_compute_conf 77 | - ini: nova_compute_conf_virt_type 78 | {% endfor %} 79 | 80 | 81 | nova_compute_sqlite_delete: 82 | file.absent: 83 | - name: {{ nova['files']['sqlite'] }} 84 | - require: 85 | {% for service in nova['services']['compute']['kvm'] %} 86 | - service: nova_compute_{{ service }}_running 87 | {% endfor %} 88 | 89 | 90 | nova_compute_wait: 91 | cmd.run: 92 | - name: sleep 5 93 | - require: 94 | {% for service in nova['services']['compute']['kvm'] %} 95 | - service: nova_compute_{{ service }}_running 96 | {% endfor %} 97 | 98 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/controller/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_controller_conf: 7 | ini.options_present: 8 | - name: "{{ neutron['conf']['neutron'] }}" 9 | - sections: 10 | database: 11 | connection: "mysql://{{ neutron['database']['username'] }}:{{ neutron['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ neutron['database']['db_name'] }}" 12 | DEFAULT: 13 | auth_strategy: keystone 14 | core_plugin: ml2 15 | service_plugins: router 16 | allow_overlapping_ips: True 17 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 18 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 19 | notify_nova_on_port_status_changes: True 20 | notify_nova_on_port_data_changes: True 21 | nova_url: "http://{{ openstack_parameters['controller_ip'] }}:8774/v2" 22 | nova_admin_auth_url: http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0 23 | nova_region_name: RegionOne 24 | nova_admin_username: nova 25 | nova_admin_tenant_id: service 26 | nova_admin_password: "{{ service_users['nova']['password'] }}" 27 | keystone_authtoken: 28 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 29 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 30 | auth_port: 35357 31 | auth_protocol: http 32 | admin_tenant_name: service 33 | admin_user: neutron 34 | admin_password: "{{ service_users['neutron']['password'] }}" 35 | - require: 36 | {% for pkg in neutron['packages']['controller'] %} 37 | - pkg: neutron_controller_{{ pkg }}_install 38 | {% endfor %} 39 | 40 | 41 | neutron_controller_ml2_conf: 42 | ini.options_present: 43 | - name: "{{ neutron['conf']['ml2'] }}" 44 | - sections: 45 | ml2: 46 | type_drivers: "{{ ','.join(neutron['ml2_type_drivers']) }}" 47 | tenant_network_types: "{{ ','.join(neutron['tenant_network_types']) }}" 48 | mechanism_drivers: openvswitch 49 | {% if 'flat' in neutron['ml2_type_drivers'] %} 50 | ml2_type_flat: 51 | flat_networks: "{{ ','.join(neutron['flat_networks']) }}" 52 | {% endif %} 53 | {% if 'vlan' in neutron['ml2_type_drivers'] %} 54 | ml2_type_vlan: 55 | network_vlan_ranges: "{{ ','.join(neutron['vlan_networks']) }}" 56 | {% endif %} 57 | {% if 'gre' in neutron['ml2_type_drivers'] %} 58 | ml2_type_gre: 59 | tunnel_id_ranges: "{{ ','.join(neutron['gre_tunnel_id_ranges']) }}" 60 | {% endif %} 61 | {% if 'vxlan' in neutron['ml2_type_drivers'] %} 62 | ml2_type_vxlan: 63 | vxlan_group: "{{ neutron['vxlan_group'] }}" 64 | vni_ranges: "{{ ','.join(neutron['vxlan_tunnels_vni_ranges']) }}" 65 | {% endif %} 66 | securitygroup: 67 | enable_security_group: True 68 | firewall_driver: "neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver" 69 | - require: 70 | - ini: neutron_controller_conf 71 | 72 | 73 | neutron_controller_server_running: 74 | service.running: 75 | - enable: True 76 | - name: "{{ neutron['services']['controller']['neutron_server'] }}" 77 | - watch: 78 | - ini: neutron_controller_conf 79 | - ini: neutron_controller_ml2_conf 80 | 81 | 82 | neutron_controller_wait: 83 | cmd.run: 84 | - name: sleep 5 85 | - require: 86 | - service: neutron_controller_server_running 87 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/CentOS/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 4 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 5 | 6 | 7 | nova_controller_conf_keystone_authtoken: 8 | ini.sections_absent: 9 | - name: "{{ nova['conf']['nova'] }}" 10 | - sections: 11 | keystone_authtoken: 12 | - auth_host 13 | - auth_port 14 | - auth_protocol 15 | - require: 16 | {% for pkg in nova['packages']['controller'] %} 17 | - pkg: nova_controller_{{ pkg }}_install 18 | {% endfor %} 19 | 20 | 21 | nova_controller_conf: 22 | ini.options_present: 23 | - name: "{{ nova['conf']['nova'] }}" 24 | - sections: 25 | database: 26 | connection: "mysql://{{ nova['database']['username'] }}:{{ nova['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ nova['database']['db_name'] }}" 27 | DEFAULT: 28 | auth_strategy: "keystone" 29 | my_ip: "{{ openstack_parameters['controller_ip'] }}" 30 | vncserver_listen: "{{ openstack_parameters['controller_ip'] }}" 31 | vncserver_proxyclient_address: "{{ openstack_parameters['controller_ip'] }}" 32 | cpu_allocation_ratio: {{ salt['pillar.get']('nova:cpu_allocation_ratio') }} 33 | ram_allocation_ratio: {{ salt['pillar.get']('nova:ram_allocation_ratio') }} 34 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 35 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 36 | network_api_class: nova.network.neutronv2.api.API 37 | security_group_api: neutron 38 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 39 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 40 | vif_plugging_is_fatal: False 41 | vif_plugging_timeout: 0 42 | glance: 43 | host: "{{ openstack_parameters['controller_ip'] }}" 44 | keystone_authtoken: 45 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 46 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 47 | admin_tenant_name: service 48 | admin_user: nova 49 | admin_password: "{{ service_users['nova']['password'] }}" 50 | neutron: 51 | service_metadata_proxy: True 52 | metadata_proxy_shared_secret: {{ neutron['metadata_secret'] }} 53 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 54 | auth_strategy: keystone 55 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 56 | admin_tenant_name: service 57 | admin_username: neutron 58 | admin_password: "{{ service_users['neutron']['password'] }}" 59 | - require: 60 | - ini: nova_controller_conf_keystone_authtoken 61 | 62 | 63 | nova_db_sync: 64 | cmd.run: 65 | - name: "su -s /bin/sh -c 'nova-manage db sync' nova" 66 | - require: 67 | - ini: nova_controller_conf 68 | 69 | 70 | nova_controller_sqlite_delete: 71 | file.absent: 72 | - name: {{ nova['files']['sqlite'] }} 73 | - require: 74 | - cmd: nova_db_sync 75 | 76 | 77 | {% for service in nova['services']['controller'] %} 78 | nova_controller_{{ service }}_running: 79 | service.running: 80 | - enable: True 81 | - name: "{{ nova['services']['controller'][service] }}" 82 | - require: 83 | - cmd: nova_db_sync 84 | - watch: 85 | - ini: nova_controller_conf 86 | {% endfor %} 87 | 88 | 89 | nova_controller_wait: 90 | cmd: 91 | - run 92 | - name: sleep 5 93 | - require: 94 | {% for service in nova['services']['controller'] %} 95 | - service: nova_controller_{{ service }}_running 96 | {% endfor %} 97 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 4 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 5 | 6 | 7 | nova_controller_conf_keystone_authtoken: 8 | ini.sections_absent: 9 | - name: "{{ nova['conf']['nova'] }}" 10 | - sections: 11 | keystone_authtoken: 12 | - auth_host 13 | - auth_port 14 | - auth_protocol 15 | - require: 16 | {% for pkg in nova['packages']['controller'] %} 17 | - pkg: nova_controller_{{ pkg }}_install 18 | {% endfor %} 19 | 20 | 21 | nova_controller_conf: 22 | ini.options_present: 23 | - name: "{{ nova['conf']['nova'] }}" 24 | - sections: 25 | database: 26 | connection: "mysql://{{ nova['database']['username'] }}:{{ nova['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ nova['database']['db_name'] }}" 27 | DEFAULT: 28 | auth_strategy: "keystone" 29 | my_ip: "{{ openstack_parameters['controller_ip'] }}" 30 | vncserver_listen: "{{ openstack_parameters['controller_ip'] }}" 31 | vncserver_proxyclient_address: "{{ openstack_parameters['controller_ip'] }}" 32 | cpu_allocation_ratio: {{ salt['pillar.get']('nova:cpu_allocation_ratio') }} 33 | ram_allocation_ratio: {{ salt['pillar.get']('nova:ram_allocation_ratio') }} 34 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 35 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 36 | network_api_class: nova.network.neutronv2.api.API 37 | security_group_api: neutron 38 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 39 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 40 | vif_plugging_is_fatal: False 41 | vif_plugging_timeout: 0 42 | glance: 43 | host: "{{ openstack_parameters['controller_ip'] }}" 44 | keystone_authtoken: 45 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 46 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 47 | admin_tenant_name: service 48 | admin_user: nova 49 | admin_password: "{{ service_users['nova']['password'] }}" 50 | neutron: 51 | service_metadata_proxy: True 52 | metadata_proxy_shared_secret: {{ neutron['metadata_secret'] }} 53 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 54 | auth_strategy: keystone 55 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 56 | admin_tenant_name: service 57 | admin_username: neutron 58 | admin_password: "{{ service_users['neutron']['password'] }}" 59 | - require: 60 | - ini: nova_controller_conf_keystone_authtoken 61 | 62 | 63 | nova_db_sync: 64 | cmd.run: 65 | - name: "su -s /bin/sh -c 'nova-manage db sync' nova" 66 | - require: 67 | - ini: nova_controller_conf 68 | 69 | 70 | nova_controller_sqlite_delete: 71 | file.absent: 72 | - name: {{ nova['files']['sqlite'] }} 73 | - require: 74 | - cmd: nova_db_sync 75 | 76 | 77 | {% for service in nova['services']['controller'] %} 78 | nova_controller_{{ service }}_running: 79 | service.running: 80 | - enable: True 81 | - name: "{{ nova['services']['controller'][service] }}" 82 | - require: 83 | - cmd: nova_db_sync 84 | - watch: 85 | - ini: nova_controller_conf 86 | {% endfor %} 87 | 88 | 89 | nova_controller_wait: 90 | cmd: 91 | - run 92 | - name: sleep 5 93 | - require: 94 | {% for service in nova['services']['controller'] %} 95 | - service: nova_controller_{{ service }}_running 96 | {% endfor %} 97 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/CentOS/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 4 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 5 | 6 | 7 | nova_controller_conf_keystone_authtoken: 8 | ini.sections_absent: 9 | - name: "{{ nova['conf']['nova'] }}" 10 | - sections: 11 | - keystone_authtoken 12 | - require: 13 | {% for pkg in nova['packages']['controller'] %} 14 | - pkg: nova_controller_{{ pkg }}_install 15 | {% endfor %} 16 | 17 | 18 | nova_controller_conf: 19 | ini.options_present: 20 | - name: "{{ nova['conf']['nova'] }}" 21 | - sections: 22 | database: 23 | connection: "mysql://{{ nova['database']['username'] }}:{{ nova['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ nova['database']['db_name'] }}" 24 | DEFAULT: 25 | auth_strategy: "keystone" 26 | my_ip: "{{ openstack_parameters['controller_ip'] }}" 27 | vncserver_listen: "{{ openstack_parameters['controller_ip'] }}" 28 | vncserver_proxyclient_address: "{{ openstack_parameters['controller_ip'] }}" 29 | cpu_allocation_ratio: {{ salt['pillar.get']('nova:cpu_allocation_ratio') }} 30 | ram_allocation_ratio: {{ salt['pillar.get']('nova:ram_allocation_ratio') }} 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | network_api_class: nova.network.neutronv2.api.API 34 | security_group_api: neutron 35 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 36 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 37 | glance: 38 | host: "{{ openstack_parameters['controller_ip'] }}" 39 | oslo_concurrency: 40 | lock_path: "{{ nova['files']['nova_tmp'] }}" 41 | keystone_authtoken: 42 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 43 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 44 | auth_plugin: "password" 45 | project_domain_id: "default" 46 | user_domain_id: "default" 47 | project_name: "service" 48 | username: "nova" 49 | password: "{{ service_users['nova']['password'] }}" 50 | neutron: 51 | service_metadata_proxy: True 52 | metadata_proxy_shared_secret: {{ neutron['metadata_secret'] }} 53 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 54 | auth_strategy: keystone 55 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 56 | admin_tenant_name: service 57 | admin_username: neutron 58 | admin_password: "{{ service_users['neutron']['password'] }}" 59 | - require: 60 | - ini: nova_controller_conf_keystone_authtoken 61 | 62 | 63 | nova_db_sync: 64 | cmd.run: 65 | - name: "su -s /bin/sh -c 'nova-manage db sync' nova" 66 | - require: 67 | - ini: nova_controller_conf 68 | 69 | 70 | nova_controller_sqlite_delete: 71 | file.absent: 72 | - name: {{ nova['files']['sqlite'] }} 73 | - require: 74 | - cmd: nova_db_sync 75 | 76 | 77 | {% for service in nova['services']['controller'] %} 78 | nova_controller_{{ service }}_running: 79 | service.running: 80 | - enable: True 81 | - name: "{{ nova['services']['controller'][service] }}" 82 | - require: 83 | - cmd: nova_db_sync 84 | - watch: 85 | - ini: nova_controller_conf 86 | {% endfor %} 87 | 88 | 89 | nova_controller_wait: 90 | cmd: 91 | - run 92 | - name: sleep 5 93 | - require: 94 | {% for service in nova['services']['controller'] %} 95 | - service: nova_controller_{{ service }}_running 96 | {% endfor %} 97 | -------------------------------------------------------------------------------- /file_root/openstack/nova/controller/Ubuntu/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set nova = salt['openstack_utils.nova']() %} 2 | {% set neutron = salt['openstack_utils.neutron']() %} 3 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 4 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 5 | 6 | 7 | nova_controller_conf_keystone_authtoken: 8 | ini.sections_absent: 9 | - name: "{{ nova['conf']['nova'] }}" 10 | - sections: 11 | - keystone_authtoken 12 | - require: 13 | {% for pkg in nova['packages']['controller'] %} 14 | - pkg: nova_controller_{{ pkg }}_install 15 | {% endfor %} 16 | 17 | 18 | nova_controller_conf: 19 | ini.options_present: 20 | - name: "{{ nova['conf']['nova'] }}" 21 | - sections: 22 | database: 23 | connection: "mysql://{{ nova['database']['username'] }}:{{ nova['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ nova['database']['db_name'] }}" 24 | DEFAULT: 25 | auth_strategy: "keystone" 26 | my_ip: "{{ openstack_parameters['controller_ip'] }}" 27 | vncserver_listen: "{{ openstack_parameters['controller_ip'] }}" 28 | vncserver_proxyclient_address: "{{ openstack_parameters['controller_ip'] }}" 29 | cpu_allocation_ratio: {{ salt['pillar.get']('nova:cpu_allocation_ratio') }} 30 | ram_allocation_ratio: {{ salt['pillar.get']('nova:ram_allocation_ratio') }} 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | network_api_class: nova.network.neutronv2.api.API 34 | security_group_api: neutron 35 | linuxnet_interface_driver: nova.network.linux_net.LinuxOVSInterfaceDriver 36 | firewall_driver: nova.virt.firewall.NoopFirewallDriver 37 | glance: 38 | host: "{{ openstack_parameters['controller_ip'] }}" 39 | oslo_concurrency: 40 | lock_path: "{{ nova['files']['nova_tmp'] }}" 41 | keystone_authtoken: 42 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 43 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 44 | auth_plugin: "password" 45 | project_domain_id: "default" 46 | user_domain_id: "default" 47 | project_name: "service" 48 | username: "nova" 49 | password: "{{ service_users['nova']['password'] }}" 50 | neutron: 51 | service_metadata_proxy: True 52 | metadata_proxy_shared_secret: {{ neutron['metadata_secret'] }} 53 | url: "http://{{ openstack_parameters['controller_ip'] }}:9696" 54 | auth_strategy: keystone 55 | admin_auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0" 56 | admin_tenant_name: service 57 | admin_username: neutron 58 | admin_password: "{{ service_users['neutron']['password'] }}" 59 | - require: 60 | - ini: nova_controller_conf_keystone_authtoken 61 | 62 | 63 | nova_db_sync: 64 | cmd.run: 65 | - name: "su -s /bin/sh -c 'nova-manage db sync' nova" 66 | - require: 67 | - ini: nova_controller_conf 68 | 69 | 70 | nova_controller_sqlite_delete: 71 | file.absent: 72 | - name: {{ nova['files']['sqlite'] }} 73 | - require: 74 | - cmd: nova_db_sync 75 | 76 | 77 | {% for service in nova['services']['controller'] %} 78 | nova_controller_{{ service }}_running: 79 | service.running: 80 | - enable: True 81 | - name: "{{ nova['services']['controller'][service] }}" 82 | - require: 83 | - cmd: nova_db_sync 84 | - watch: 85 | - ini: nova_controller_conf 86 | {% endfor %} 87 | 88 | 89 | nova_controller_wait: 90 | cmd: 91 | - run 92 | - name: sleep 5 93 | - require: 94 | {% for service in nova['services']['controller'] %} 95 | - service: nova_controller_{{ service }}_running 96 | {% endfor %} 97 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/compute/Ubuntu/icehouse/init.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_compute_sysctl_conf: 7 | ini.options_present: 8 | - name: "{{ neutron['conf']['sysctl'] }}" 9 | - sections: 10 | DEFAULT_IMPLICIT: 11 | net.ipv4.conf.all.rp_filter: 0 12 | net.ipv4.conf.default.rp_filter: 0 13 | 14 | 15 | neutron_compute_sysctl_enable: 16 | cmd.run: 17 | - name: "sysctl -p" 18 | - require: 19 | - ini: neutron_compute_sysctl_conf 20 | 21 | 22 | neutron_compute_conf: 23 | ini.options_present: 24 | - name: "{{ neutron['conf']['neutron'] }}" 25 | - sections: 26 | DEFAULT: 27 | auth_strategy: keystone 28 | core_plugin: ml2 29 | service_plugins: router 30 | allow_overlapping_ips: True 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | keystone_authtoken: 34 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 35 | auth_host: "{{ openstack_parameters['controller_ip'] }}" 36 | auth_port: 35357 37 | auth_protocol: http 38 | admin_tenant_name: service 39 | admin_user: neutron 40 | admin_password: "{{ service_users['neutron']['password'] }}" 41 | - require: 42 | {% for pkg in neutron['packages']['compute']['kvm'] %} 43 | - pkg: neutron_compute_{{ pkg }}_install 44 | {% endfor %} 45 | 46 | 47 | neutron_compute_ml2_conf: 48 | ini.options_present: 49 | - name: "{{ neutron['conf']['ml2'] }}" 50 | - sections: 51 | ml2: 52 | type_drivers: "{{ ','.join(neutron['ml2_type_drivers']) }}" 53 | tenant_network_types: "{{ ','.join(neutron['tenant_network_types']) }}" 54 | mechanism_drivers: openvswitch 55 | {% if 'flat' in neutron['ml2_type_drivers'] %} 56 | ml2_type_flat: 57 | flat_networks: "{{ ','.join(neutron['flat_networks']) }}" 58 | {% endif %} 59 | {% if 'vlan' in neutron['ml2_type_drivers'] %} 60 | ml2_type_vlan: 61 | network_vlan_ranges: "{{ ','.join(neutron['vlan_networks']) }}" 62 | {% endif %} 63 | {% if 'gre' in neutron['ml2_type_drivers'] %} 64 | ml2_type_gre: 65 | tunnel_id_ranges: "{{ ','.join(neutron['gre_tunnel_id_ranges']) }}" 66 | {% endif %} 67 | {% if 'vxlan' in neutron['ml2_type_drivers'] %} 68 | ml2_type_vxlan: 69 | vxlan_group: "{{ neutron['vxlan_group'] }}" 70 | vni_ranges: "{{ ','.join(neutron['vxlan_tunnels_vni_ranges']) }}" 71 | {% endif %} 72 | securitygroup: 73 | enable_security_group: True 74 | firewall_driver: "neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver" 75 | ovs: 76 | integration_bridge: {{ neutron['integration_bridge'] }} 77 | local_ip: {{ salt['openstack_utils.minion_ip'](grains['id']) }} 78 | {% if salt['openstack_utils.boolean_value'](neutron['tunneling']['enable']) %} 79 | enable_tunneling: True 80 | tunnel_bridge: "{{ neutron['tunneling']['bridge'] }}" 81 | tunnel_type: {{ neutron['tunneling']['types'][0] }} 82 | {% else %} 83 | enable_tunneling: False 84 | {% endif %} 85 | - require: 86 | - ini: neutron_compute_conf 87 | 88 | 89 | {% for service in neutron['services']['compute']['kvm'] %} 90 | neutron_compute_{{ service }}_running: 91 | service.running: 92 | - enable: True 93 | - name: "{{ neutron['services']['compute']['kvm'][service] }}" 94 | - watch: 95 | - ini: neutron_compute_conf 96 | - ini: neutron_compute_ml2_conf 97 | {% endfor %} 98 | 99 | 100 | neutron_compute_wait: 101 | cmd.run: 102 | - name: "sleep 5" 103 | - require: 104 | {% for service in neutron['services']['compute']['kvm'] %} 105 | - service: neutron_compute_{{ service }}_running 106 | {% endfor %} 107 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/network/CentOS/openvswitch/single_nic.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set openvswitch = salt['openstack_utils.openvswitch']() %} 3 | 4 | 5 | openvswitch_promisc_interfaces_script: 6 | file.managed: 7 | - name: {{ openvswitch['conf']['promisc_interfaces_script'] }} 8 | - user: root 9 | - group: root 10 | - mode: 755 11 | - contents: | 12 | #!/usr/bin/env bash 13 | ip link set br-proxy up promisc on 14 | ip link set {{ neutron['single_nic']['interface'] }} up promisc on 15 | {% set index = 1 %} 16 | {% for bridge in neutron['bridges'] %} 17 | ip link set {{ bridge }} up 18 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 19 | ip link add veth-proxy-{{ index }} type veth peer name veth-{{ index }}-proxy 20 | ip link set veth-{{ index }}-proxy up promisc on 21 | ip link set veth-proxy-{{ index }} up promisc on 22 | {% endif %} 23 | {% set index = index + 1 %} 24 | {% endfor %} 25 | - require: 26 | {% set index = 1 %} 27 | {% for bridge in neutron['bridges'] %} 28 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 29 | - cmd: openvswitch_veth-proxy-{{ index }}_up 30 | - cmd: openvswitch_veth-{{ index }}-proxy_up 31 | {% endif %} 32 | {% set index = index + 1 %} 33 | {% endfor %} 34 | 35 | 36 | openvswitch_promisc_interfaces_systemd_service: 37 | ini.options_present: 38 | - name: {{ openvswitch['conf']['promisc_interfaces_systemd'] }} 39 | - sections: 40 | Unit: 41 | Description: "Set openvswitch ports in promisc mode" 42 | After: "network.target" 43 | Service: 44 | Type: "oneshot" 45 | ExecStart: "{{ openvswitch['conf']['promisc_interfaces_script'] }}" 46 | Install: 47 | WantedBy: "default.target" 48 | - require: 49 | - file: openvswitch_promisc_interfaces_script 50 | 51 | 52 | openvswitch_promisc_interfaces_enable: 53 | service.enabled: 54 | - name: "{{ salt['openstack_utils.systemd_service_name'](openvswitch['conf']['promisc_interfaces_systemd']) }}" 55 | - require: 56 | - ini: openvswitch_promisc_interfaces_systemd_service 57 | 58 | 59 | {% set ip_configs = salt['openstack_utils.network_script_ip_configs'](neutron['single_nic']['interface']) %} 60 | openvswitch_br-proxy_network_script: 61 | ini.options_present: 62 | - name: "{{ openvswitch['conf']['network_scripts'] }}/ifcfg-br-proxy" 63 | - unless: "ls {{ openvswitch['conf']['network_scripts'] }}/ifcfg-br-proxy" 64 | - sections: 65 | DEFAULT_IMPLICIT: 66 | DEVICE: br-proxy 67 | DEVICETYPE: ovs 68 | TYPE: OVSBridge 69 | {% for config in ip_configs %} 70 | {{ config }}: "{{ ip_configs[config] }}" 71 | {% endfor %} 72 | 73 | 74 | openvswitch_{{ neutron['single_nic']['interface'] }}_ovs_port_network_script: 75 | file.managed: 76 | - name: "{{ openvswitch['conf']['network_scripts'] }}/ifcfg-{{ neutron['single_nic']['interface'] }}" 77 | - user: root 78 | - group: root 79 | - mode: 644 80 | - contents: | 81 | DEVICE={{ neutron['single_nic']['interface'] }} 82 | ONBOOT=yes 83 | HWADDR={{ grains['hwaddr_interfaces'][neutron['single_nic']['interface']] }} 84 | TYPE=OVSPort 85 | DEVICETYPE=ovs 86 | OVS_BRIDGE=br-proxy 87 | ONBOOT=yes 88 | NOZEROCONF=yes 89 | - require: 90 | - ini: openvswitch_br-proxy_network_script 91 | 92 | 93 | {% set index = 1 %} 94 | {% for bridge in neutron['bridges'] %} 95 | {% if bridge not in [ neutron['tunneling']['bridge'], neutron['integration_bridge'] ] %} 96 | openvswitch_veth-proxy-{{ index }}_ovs_port_network_script: 97 | file.managed: 98 | - name: "{{ openvswitch['conf']['network_scripts'] }}/ifcfg-veth-proxy-{{ index }}" 99 | - user: root 100 | - group: root 101 | - mode: 644 102 | - contents: | 103 | DEVICE=veth-proxy-{{ index }} 104 | ONBOOT=yes 105 | TYPE=OVSPort 106 | DEVICETYPE=ovs 107 | OVS_BRIDGE=br-proxy 108 | ONBOOT=yes 109 | NOZEROCONF=yes 110 | - require: 111 | - ini: openvswitch_br-proxy_network_script 112 | {% endif %} 113 | {% set index = index + 1 %} 114 | {% endfor %} 115 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/controller/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_controller_conf_keystone_authtoken: 7 | ini.sections_absent: 8 | - name: "{{ neutron['conf']['neutron'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in neutron['packages']['controller'] %} 16 | - pkg: neutron_controller_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | neutron_controller_conf: 21 | ini.options_present: 22 | - name: "{{ neutron['conf']['neutron'] }}" 23 | - sections: 24 | database: 25 | connection: "mysql://{{ neutron['database']['username'] }}:{{ neutron['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ neutron['database']['db_name'] }}" 26 | DEFAULT: 27 | auth_strategy: keystone 28 | core_plugin: ml2 29 | service_plugins: router 30 | allow_overlapping_ips: True 31 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 32 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 33 | notify_nova_on_port_status_changes: True 34 | notify_nova_on_port_data_changes: True 35 | nova_url: "http://{{ openstack_parameters['controller_ip'] }}:8774/v2" 36 | nova_admin_auth_url: http://{{ openstack_parameters['controller_ip'] }}:35357/v2.0 37 | nova_region_name: RegionOne 38 | nova_admin_username: nova 39 | nova_admin_tenant_id: service 40 | nova_admin_password: "{{ service_users['nova']['password'] }}" 41 | keystone_authtoken: 42 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 43 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 44 | admin_tenant_name: service 45 | admin_user: neutron 46 | admin_password: "{{ service_users['neutron']['password'] }}" 47 | - require: 48 | - ini: neutron_controller_conf_keystone_authtoken 49 | 50 | 51 | neutron_controller_ml2_conf: 52 | ini.options_present: 53 | - name: "{{ neutron['conf']['ml2'] }}" 54 | - sections: 55 | ml2: 56 | type_drivers: "{{ ','.join(neutron['ml2_type_drivers']) }}" 57 | tenant_network_types: "{{ ','.join(neutron['tenant_network_types']) }}" 58 | mechanism_drivers: openvswitch 59 | {% if 'flat' in neutron['ml2_type_drivers'] %} 60 | ml2_type_flat: 61 | flat_networks: "{{ ','.join(neutron['flat_networks']) }}" 62 | {% endif %} 63 | {% if 'vlan' in neutron['ml2_type_drivers'] %} 64 | ml2_type_vlan: 65 | network_vlan_ranges: "{{ ','.join(neutron['vlan_networks']) }}" 66 | {% endif %} 67 | {% if 'gre' in neutron['ml2_type_drivers'] %} 68 | ml2_type_gre: 69 | tunnel_id_ranges: "{{ ','.join(neutron['gre_tunnel_id_ranges']) }}" 70 | {% endif %} 71 | {% if 'vxlan' in neutron['ml2_type_drivers'] %} 72 | ml2_type_vxlan: 73 | vxlan_group: "{{ neutron['vxlan_group'] }}" 74 | vni_ranges: "{{ ','.join(neutron['vxlan_tunnels_vni_ranges']) }}" 75 | {% endif %} 76 | securitygroup: 77 | enable_security_group: True 78 | enable_ipset: True 79 | firewall_driver: "neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver" 80 | - require: 81 | - ini: neutron_controller_conf 82 | 83 | 84 | neutron_db_sync: 85 | cmd.run: 86 | - name: "su -s /bin/sh -c 'neutron-db-manage --config-file {{ neutron['conf']['neutron'] }} --config-file {{ neutron['conf']['ml2'] }} upgrade head' neutron" 87 | 88 | 89 | neutron_controller_server_running: 90 | service.running: 91 | - enable: True 92 | - name: "{{ neutron['services']['controller']['neutron_server'] }}" 93 | - watch: 94 | - ini: neutron_controller_conf 95 | - ini: neutron_controller_ml2_conf 96 | 97 | 98 | neutron_controller_wait: 99 | cmd.run: 100 | - name: sleep 5 101 | - require: 102 | - service: neutron_controller_server_running 103 | -------------------------------------------------------------------------------- /file_root/openstack/glance/Ubuntu/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set glance = salt['openstack_utils.glance']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | glance_api_conf_keystone_authtoken: 7 | ini.options_absent: 8 | - name: "{{ glance['conf']['api'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in glance['packages'] %} 16 | - pkg: glance_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | glance_api_conf: 21 | ini.options_present: 22 | - name: "{{ glance['conf']['api'] }}" 23 | - sections: 24 | database: 25 | connection: "mysql://{{ glance['database']['username'] }}:{{ glance['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ glance['database']['db_name'] }}" 26 | keystone_authtoken: 27 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 28 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 29 | admin_tenant_name: service 30 | admin_user: glance 31 | admin_password: "{{ service_users['glance']['password'] }}" 32 | paste_deploy: 33 | flavor: keystone 34 | glance_store: 35 | default_store: file 36 | filesystem_store_datadir: {{ glance['files']['images_dir'] }} 37 | DEFAULT: 38 | notification_driver: noop 39 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 40 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 41 | - require: 42 | - ini: glance_api_conf_keystone_authtoken 43 | 44 | 45 | glance_registry_conf_keystone_authtoken: 46 | ini.sections_absent: 47 | - name: "{{ glance['conf']['registry'] }}" 48 | - sections: 49 | keystone_authtoken: 50 | - auth_host 51 | - auth_port 52 | - auth_protocol 53 | - require: 54 | {% for pkg in glance['packages'] %} 55 | - pkg: glance_{{ pkg }}_install 56 | {% endfor %} 57 | 58 | 59 | glance_registry_conf: 60 | ini.options_present: 61 | - name: "{{ glance['conf']['registry'] }}" 62 | - sections: 63 | database: 64 | connection: "mysql://{{ glance['database']['username'] }}:{{ glance['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ glance['database']['db_name'] }}" 65 | keystone_authtoken: 66 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 67 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 68 | admin_tenant_name: service 69 | admin_user: glance 70 | admin_password: "{{ service_users['glance']['password'] }}" 71 | paste_deploy: 72 | flavor: keystone 73 | DEFAULT: 74 | notification_driver: noop 75 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 76 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 77 | - require: 78 | - ini: glance_registry_conf_keystone_authtoken 79 | 80 | 81 | glance_db_sync: 82 | cmd.run: 83 | - name: "su -s /bin/sh -c 'glance-manage db_sync' glance" 84 | - require: 85 | - ini: glance_api_conf 86 | - ini: glance_registry_conf 87 | 88 | 89 | glance_registry_running: 90 | service.running: 91 | - enable: True 92 | - name: "{{ glance['services']['registry'] }}" 93 | - require: 94 | - cmd: glance_db_sync 95 | - watch: 96 | - ini: glance_registry_conf 97 | 98 | 99 | glance_api_running: 100 | service.running: 101 | - enable: True 102 | - name: "{{ glance['services']['api'] }}" 103 | - require: 104 | - cmd: glance_db_sync 105 | - watch: 106 | - ini: glance_api_conf 107 | 108 | 109 | glance_sqlite_delete: 110 | file.absent: 111 | - name: "{{ glance['files']['sqlite'] }}" 112 | - require: 113 | - cmd: glance_db_sync 114 | 115 | 116 | glance_wait: 117 | cmd.run: 118 | - name: sleep 5 119 | - require: 120 | - service: glance_registry_running 121 | - service: glance_api_running 122 | -------------------------------------------------------------------------------- /file_root/openstack/glance/CentOS/juno/init.sls: -------------------------------------------------------------------------------- 1 | {% set glance = salt['openstack_utils.glance']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | glance_api_conf_keystone_authtoken: 7 | ini.options_absent: 8 | - name: "{{ glance['conf']['api'] }}" 9 | - sections: 10 | keystone_authtoken: 11 | - auth_host 12 | - auth_port 13 | - auth_protocol 14 | - require: 15 | {% for pkg in glance['packages'] %} 16 | - pkg: glance_{{ pkg }}_install 17 | {% endfor %} 18 | 19 | 20 | glance_api_conf: 21 | ini.options_present: 22 | - name: "{{ glance['conf']['api'] }}" 23 | - sections: 24 | database: 25 | connection: "mysql://{{ glance['database']['username'] }}:{{ glance['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ glance['database']['db_name'] }}" 26 | keystone_authtoken: 27 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 28 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 29 | admin_tenant_name: service 30 | admin_user: glance 31 | admin_password: "{{ service_users['glance']['password'] }}" 32 | paste_deploy: 33 | flavor: keystone 34 | glance_store: 35 | default_store: file 36 | filesystem_store_datadir: {{ glance['files']['images_dir'] }} 37 | DEFAULT: 38 | notification_driver: noop 39 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 40 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 41 | - require: 42 | - ini: glance_api_conf_keystone_authtoken 43 | 44 | 45 | glance_registry_conf_keystone_authtoken: 46 | ini.sections_absent: 47 | - name: "{{ glance['conf']['registry'] }}" 48 | - sections: 49 | keystone_authtoken: 50 | - auth_host 51 | - auth_port 52 | - auth_protocol 53 | - require: 54 | {% for pkg in glance['packages'] %} 55 | - pkg: glance_{{ pkg }}_install 56 | {% endfor %} 57 | 58 | 59 | glance_registry_conf: 60 | ini.options_present: 61 | - name: "{{ glance['conf']['registry'] }}" 62 | - sections: 63 | database: 64 | connection: "mysql://{{ glance['database']['username'] }}:{{ glance['database']['password'] }}@{{ openstack_parameters['controller_ip'] }}/{{ glance['database']['db_name'] }}" 65 | keystone_authtoken: 66 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000/v2.0" 67 | identity_uri: "http://{{ openstack_parameters['controller_ip'] }}:35357" 68 | admin_tenant_name: service 69 | admin_user: glance 70 | admin_password: "{{ service_users['glance']['password'] }}" 71 | paste_deploy: 72 | flavor: keystone 73 | DEFAULT: 74 | notification_driver: noop 75 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 76 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 77 | - require: 78 | - ini: glance_registry_conf_keystone_authtoken 79 | 80 | 81 | glance_db_sync: 82 | cmd.run: 83 | - name: "su -s /bin/sh -c 'glance-manage db_sync' glance" 84 | - require: 85 | - ini: glance_api_conf 86 | - ini: glance_registry_conf 87 | 88 | 89 | glance_registry_running: 90 | service.running: 91 | - enable: True 92 | - name: "{{ glance['services']['registry'] }}" 93 | - require: 94 | - cmd: glance_db_sync 95 | - watch: 96 | - ini: glance_registry_conf 97 | 98 | 99 | glance_api_running: 100 | service.running: 101 | - enable: True 102 | - name: "{{ glance['services']['api'] }}" 103 | - require: 104 | - cmd: glance_db_sync 105 | - watch: 106 | - ini: glance_api_conf 107 | 108 | 109 | glance_sqlite_delete: 110 | file.absent: 111 | - name: "{{ glance['files']['sqlite'] }}" 112 | - require: 113 | - cmd: glance_db_sync 114 | 115 | 116 | glance_wait: 117 | cmd.run: 118 | - name: sleep 5 119 | - require: 120 | - service: glance_registry_running 121 | - service: glance_api_running 122 | -------------------------------------------------------------------------------- /file_root/openstack/neutron/compute/Ubuntu/kilo/init.sls: -------------------------------------------------------------------------------- 1 | {% set neutron = salt['openstack_utils.neutron']() %} 2 | {% set service_users = salt['openstack_utils.openstack_users']('service') %} 3 | {% set openstack_parameters = salt['openstack_utils.openstack_parameters']() %} 4 | 5 | 6 | neutron_compute_sysctl_conf: 7 | ini.options_present: 8 | - name: "{{ neutron['conf']['sysctl'] }}" 9 | - sections: 10 | DEFAULT_IMPLICIT: 11 | net.ipv4.conf.all.rp_filter: 0 12 | net.ipv4.conf.default.rp_filter: 0 13 | 14 | 15 | neutron_compute_sysctl_enable: 16 | cmd.run: 17 | - name: "sysctl -p" 18 | - require: 19 | - ini: neutron_compute_sysctl_conf 20 | 21 | 22 | neutron_compute_conf_keystone_authtoken: 23 | ini.sections_absent: 24 | - name: "{{ neutron['conf']['neutron'] }}" 25 | - sections: 26 | - keystone_authtoken 27 | - require: 28 | {% for pkg in neutron['packages']['compute']['kvm'] %} 29 | - pkg: neutron_compute_{{ pkg }}_install 30 | {% endfor %} 31 | 32 | 33 | neutron_compute_conf: 34 | ini.options_present: 35 | - name: "{{ neutron['conf']['neutron'] }}" 36 | - sections: 37 | DEFAULT: 38 | auth_strategy: keystone 39 | core_plugin: ml2 40 | service_plugins: router 41 | allow_overlapping_ips: True 42 | debug: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 43 | verbose: "{{ salt['openstack_utils.boolean_value'](openstack_parameters['debug_mode']) }}" 44 | keystone_authtoken: 45 | auth_uri: "http://{{ openstack_parameters['controller_ip'] }}:5000" 46 | auth_url: "http://{{ openstack_parameters['controller_ip'] }}:35357" 47 | auth_plugin: "password" 48 | project_domain_id: "default" 49 | user_domain_id: "default" 50 | project_name: "service" 51 | username: "neutron" 52 | password: "{{ service_users['neutron']['password'] }}" 53 | - require: 54 | - ini: neutron_compute_conf_keystone_authtoken 55 | 56 | 57 | neutron_compute_ml2_conf: 58 | ini.options_present: 59 | - name: "{{ neutron['conf']['ml2'] }}" 60 | - sections: 61 | ml2: 62 | type_drivers: "{{ ','.join(neutron['ml2_type_drivers']) }}" 63 | tenant_network_types: "{{ ','.join(neutron['tenant_network_types']) }}" 64 | mechanism_drivers: openvswitch 65 | {% if 'flat' in neutron['ml2_type_drivers'] %} 66 | ml2_type_flat: 67 | flat_networks: "{{ ','.join(neutron['flat_networks']) }}" 68 | {% endif %} 69 | {% if 'vlan' in neutron['ml2_type_drivers'] %} 70 | ml2_type_vlan: 71 | network_vlan_ranges: "{{ ','.join(neutron['vlan_networks']) }}" 72 | {% endif %} 73 | {% if 'gre' in neutron['ml2_type_drivers'] %} 74 | ml2_type_gre: 75 | tunnel_id_ranges: "{{ ','.join(neutron['gre_tunnel_id_ranges']) }}" 76 | {% endif %} 77 | {% if 'vxlan' in neutron['ml2_type_drivers'] %} 78 | ml2_type_vxlan: 79 | vxlan_group: "{{ neutron['vxlan_group'] }}" 80 | vni_ranges: "{{ ','.join(neutron['vxlan_tunnels_vni_ranges']) }}" 81 | {% endif %} 82 | securitygroup: 83 | enable_security_group: True 84 | enable_ipset: True 85 | firewall_driver: "neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver" 86 | ovs: 87 | integration_bridge: {{ neutron['integration_bridge'] }} 88 | local_ip: {{ salt['openstack_utils.minion_ip'](grains['id']) }} 89 | {% if salt['openstack_utils.boolean_value'](neutron['tunneling']['enable']) %} 90 | agent: 91 | tunnel_types: "{{ ','.join(neutron['tunneling']['types']) }}" 92 | {% endif %} 93 | - require: 94 | - ini: neutron_compute_conf 95 | 96 | 97 | {% for service in neutron['services']['compute']['kvm'] %} 98 | neutron_compute_{{ service }}_running: 99 | service.running: 100 | - enable: True 101 | - name: "{{ neutron['services']['compute']['kvm'][service] }}" 102 | - watch: 103 | - ini: neutron_compute_conf 104 | - ini: neutron_compute_ml2_conf 105 | {% endfor %} 106 | 107 | 108 | neutron_compute_wait: 109 | cmd.run: 110 | - name: "sleep 5" 111 | - require: 112 | {% for service in neutron['services']['compute']['kvm'] %} 113 | - service: neutron_compute_{{ service }}_running 114 | {% endfor %} 115 | --------------------------------------------------------------------------------