1 # == Class: neutron::server
3 # Setup and configure the neutron API endpoint
8 # (optional) The state of the package
12 # (optional) The state of the service
16 # (optional) Whether to start/stop the service
20 # REMOVED: Use log_file of neutron class instead.
23 # REMOVED: Use log_dir of neutron class instead.
26 # (optional) The password to use for authentication (keystone)
27 # Defaults to false. Set a value unless you are using noauth
30 # (optional) What auth system to use
31 # Defaults to 'keystone'. Can other be 'noauth'
34 # (optional) The keystone host
35 # Defaults to localhost
38 # (optional) The protocol used to access the auth host
42 # (optional) The keystone auth port
45 # [*auth_admin_prefix*]
46 # (optional) The admin_prefix used to admin endpoint of the auth host
47 # This allow admin auth URIs like http://auth_host:35357/keystone.
48 # (where '/keystone' is the admin prefix)
49 # Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
52 # (optional) The tenant of the auth user
53 # Defaults to services
56 # (optional) The name of the auth user
60 # (optional) The protocol to connect to keystone
64 # (optional) Complete public Identity API endpoint.
65 # Defaults to: $auth_protocol://$auth_host:5000/
67 # [*database_connection*]
68 # (optional) Connection url for the neutron database.
69 # (Defaults to 'sqlite:////var/lib/neutron/ovs.sqlite')
72 # DEPRECATED: Use database_connection instead.
75 # DEPRECATED: Use database_connection instead.
77 # [*database_max_retries*]
78 # (optional) Maximum database connection retries during startup.
82 # DEPRECATED: Use database_max_retries instead.
85 # DEPRECATED: Use database_max_retries instead.
87 # [*database_idle_timeout*]
88 # (optional) Timeout before idle database connections are reaped.
89 # Deprecates sql_idle_timeout
92 # [*sql_idle_timeout*]
93 # DEPRECATED: Use database_idle_timeout instead.
96 # DEPRECATED: Use database_idle_timeout instead.
98 # [*database_retry_interval*]
99 # (optional) Interval between retries of opening a database connection.
102 # [*sql_reconnect_interval*]
103 # DEPRECATED: Use database_retry_interval instead.
106 # DEPRECATED: Use database_retry_interval instead.
108 # [*database_min_pool_size*]
109 # (optional) Minimum number of SQL connections to keep open in a pool.
112 # [*database_max_pool_size*]
113 # (optional) Maximum number of SQL connections to keep open in a pool.
116 # [*database_max_overflow*]
117 # (optional) If set, use this value for max_overflow with sqlalchemy.
121 # (optional) Run neutron-db-manage on api nodes after installing the package.
125 # (optional) Number of separate worker processes to spawn.
126 # The default, count of machine's processors, runs the worker thread in the
128 # Greater than 0 launches that number of child processes as workers.
129 # The parent process manages them.
130 # Defaults to: $::processorcount
133 # (optional) Number of separate RPC worker processes to spawn.
134 # The default, count of machine's processors, runs the worker thread in the
136 # Greater than 0 launches that number of child processes as workers.
137 # The parent process manages them.
138 # Defaults to: $::processorcount
140 # [*agent_down_time*]
141 # (optional) Seconds to regard the agent as down; should be at least twice
142 # report_interval, to be sure the agent is down for good.
143 # agent_down_time is a config for neutron-server, set by class neutron::server
144 # report_interval is a config for neutron agents, set by class neutron
147 # [*router_scheduler_driver*]
148 # (optional) Driver to use for scheduling router to a default L3 agent. Could be:
149 # neutron.scheduler.l3_agent_scheduler.ChanceScheduler to schedule a router in a random way
150 # neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler to allocate on an L3 agent with the least number of routers bound.
151 # Defaults to: neutron.scheduler.l3_agent_scheduler.ChanceScheduler
154 # (optional) Deprecated. Does nothing.
156 # [*router_distributed*]
157 # (optional) Setting the "router_distributed" flag to "True" will default to the creation
158 # of distributed tenant routers.
159 # Also can be the type of the router on the create request (admin-only attribute).
163 # (optional) Enable high availability for virtual routers.
166 # [*max_l3_agents_per_router*]
167 # (optional) Maximum number of l3 agents which a HA router will be scheduled on. If set to '0', a router will be scheduled on every agent.
170 # [*min_l3_agents_per_router*]
171 # (optional) Minimum number of l3 agents which a HA router will be scheduled on.
175 # (optional) CIDR of the administrative network if HA mode is enabled.
176 # Defaults to '169.254.192.0/18'
178 class neutron::server (
179 $package_ensure = 'present',
181 $manage_service = true,
182 $auth_password = false,
183 $auth_type = 'keystone',
184 $auth_host = 'localhost',
185 $auth_port = '35357',
186 $auth_admin_prefix = false,
187 $auth_tenant = 'services',
188 $auth_user = 'neutron',
189 $auth_protocol = 'http',
191 $database_connection = 'sqlite:////var/lib/neutron/ovs.sqlite',
192 $database_max_retries = 10,
193 $database_idle_timeout = 3600,
194 $database_retry_interval = 10,
195 $database_min_pool_size = 1,
196 $database_max_pool_size = 10,
197 $database_max_overflow = 20,
199 $api_workers = $::processorcount,
200 $rpc_workers = $::processorcount,
201 $agent_down_time = '75',
202 $router_scheduler_driver = 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler',
203 $router_distributed = false,
205 $max_l3_agents_per_router = 3,
206 $min_l3_agents_per_router = 2,
207 $l3_ha_net_cidr = '169.254.192.0/18',
208 # DEPRECATED PARAMETERS
209 $mysql_module = undef,
210 $sql_connection = undef,
212 $sql_max_retries = undef,
213 $max_retries = undef,
214 $sql_idle_timeout = undef,
215 $idle_timeout = undef,
216 $sql_reconnect_interval = undef,
217 $retry_interval = undef,
220 $report_interval = undef,
223 include neutron::params
224 include neutron::policy
225 require keystone::python
227 Nova_admin_tenant_id_setter<||> ~> Service['neutron-server']
228 Neutron_config<||> ~> Service['neutron-server']
229 Neutron_api_config<||> ~> Service['neutron-server']
230 Class['neutron::policy'] ~> Service['neutron-server']
233 if $min_l3_agents_per_router <= $max_l3_agents_per_router or $max_l3_agents_per_router == '0' {
235 'DEFAULT/l3_ha': value => true;
236 'DEFAULT/max_l3_agents_per_router': value => $max_l3_agents_per_router;
237 'DEFAULT/min_l3_agents_per_router': value => $min_l3_agents_per_router;
238 'DEFAULT/l3_ha_net_cidr': value => $l3_ha_net_cidr;
241 fail('min_l3_agents_per_router should be less than or equal to max_l3_agents_per_router.')
245 'DEFAULT/l3_ha': value => false;
250 warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.')
254 warning('The sql_connection parameter is deprecated, use database_connection instead.')
255 $database_connection_real = $sql_connection
256 } elsif $connection {
257 warning('The connection parameter is deprecated, use database_connection instead.')
258 $database_connection_real = $connection
260 $database_connection_real = $database_connection
263 if $sql_max_retries {
264 warning('The sql_max_retries parameter is deprecated, use database_max_retries instead.')
265 $database_max_retries_real = $sql_max_retries
266 } elsif $max_retries {
267 warning('The max_retries parameter is deprecated, use database_max_retries instead.')
268 $database_max_retries_real = $max_retries
270 $database_max_retries_real = $database_max_retries
273 if $sql_idle_timeout {
274 warning('The sql_idle_timeout parameter is deprecated, use database_idle_timeout instead.')
275 $database_idle_timeout_real = $sql_idle_timeout
276 } elsif $idle_timeout {
277 warning('The dle_timeout parameter is deprecated, use database_idle_timeout instead.')
278 $database_idle_timeout_real = $idle_timeout
280 $database_idle_timeout_real = $database_idle_timeout
283 if $sql_reconnect_interval {
284 warning('The sql_reconnect_interval parameter is deprecated, use database_retry_interval instead.')
285 $database_retry_interval_real = $sql_reconnect_interval
286 } elsif $retry_interval {
287 warning('The retry_interval parameter is deprecated, use database_retry_interval instead.')
288 $database_retry_interval_real = $retry_interval
290 $database_retry_interval_real = $database_retry_interval
294 fail('The log_dir parameter is removed, use log_dir of neutron class instead.')
298 fail('The log_file parameter is removed, use log_file of neutron class instead.')
301 if $report_interval {
302 fail('The report_interval is removed, use report_interval of neutron class instead.')
305 validate_re($database_connection_real, '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
307 case $database_connection_real {
308 /mysql:\/\/\S+:\S+@\S+\/\S+/: {
309 require 'mysql::bindings'
310 require 'mysql::bindings::python'
312 /postgresql:\/\/\S+:\S+@\S+\/\S+/: {
313 $backend_package = 'python-psycopg2'
316 $backend_package = 'python-pysqlite2'
319 fail("Invalid database_connection parameter: ${database_connection_real}")
324 if ($::neutron::params::server_package) {
326 Package<| title == 'neutron-server' |> ~> Exec['neutron-db-sync']
329 Package<| title == 'neutron' |> ~> Exec['neutron-db-sync']
331 exec { 'neutron-db-sync':
332 command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head',
334 before => Service['neutron-server'],
335 require => Neutron_config['database/connection'],
338 Neutron_config<||> ~> Exec['neutron-db-sync']
342 'DEFAULT/api_workers': value => $api_workers;
343 'DEFAULT/rpc_workers': value => $rpc_workers;
344 'DEFAULT/agent_down_time': value => $agent_down_time;
345 'DEFAULT/router_scheduler_driver': value => $router_scheduler_driver;
346 'DEFAULT/router_distributed': value => $router_distributed;
347 'database/connection': value => $database_connection_real, secret => true;
348 'database/idle_timeout': value => $database_idle_timeout_real;
349 'database/retry_interval': value => $database_retry_interval_real;
350 'database/max_retries': value => $database_max_retries_real;
351 'database/min_pool_size': value => $database_min_pool_size;
352 'database/max_pool_size': value => $database_max_pool_size;
353 'database/max_overflow': value => $database_max_overflow;
356 if ($::neutron::params::server_package) {
357 Package['neutron-server'] -> Neutron_api_config<||>
358 Package['neutron-server'] -> Neutron_config<||>
359 Package['neutron-server'] -> Service['neutron-server']
360 Package['neutron-server'] -> Class['neutron::policy']
361 package { 'neutron-server':
362 ensure => $package_ensure,
363 name => $::neutron::params::server_package,
366 # Some platforms (RedHat) does not provide a neutron-server package.
367 # The neutron api config file is provided by the neutron package.
368 Package['neutron'] -> Class['neutron::policy']
369 Package['neutron'] -> Neutron_api_config<||>
372 if ($auth_type == 'keystone') {
374 if ($auth_password == false) {
375 fail('$auth_password must be set when using keystone authentication.')
378 'keystone_authtoken/auth_host': value => $auth_host;
379 'keystone_authtoken/auth_port': value => $auth_port;
380 'keystone_authtoken/auth_protocol': value => $auth_protocol;
381 'keystone_authtoken/admin_tenant_name': value => $auth_tenant;
382 'keystone_authtoken/admin_user': value => $auth_user;
383 'keystone_authtoken/admin_password': value => $auth_password, secret => true;
387 'filter:authtoken/auth_host': value => $auth_host;
388 'filter:authtoken/auth_port': value => $auth_port;
389 'filter:authtoken/auth_protocol': value => $auth_protocol;
390 'filter:authtoken/admin_tenant_name': value => $auth_tenant;
391 'filter:authtoken/admin_user': value => $auth_user;
392 'filter:authtoken/admin_password': value => $auth_password, secret => true;
395 if $auth_admin_prefix {
396 validate_re($auth_admin_prefix, '^(/.+[^/])?$')
398 'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
401 'filter:authtoken/auth_admin_prefix': value => $auth_admin_prefix;
405 'keystone_authtoken/auth_admin_prefix': ensure => absent;
408 'filter:authtoken/auth_admin_prefix': ensure => absent;
414 'keystone_authtoken/auth_uri': value => $auth_uri;
417 'filter:authtoken/auth_uri': value => $auth_uri;
421 'keystone_authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/";
424 'filter:authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/";
434 $service_ensure = 'running'
436 $service_ensure = 'stopped'
440 service { 'neutron-server':
441 ensure => $service_ensure,
442 name => $::neutron::params::server_service,
446 require => Class['neutron'],