Merge "Allow to set workers for neutron"
diff --git a/README.rst b/README.rst
index 1b16af4..5c60cc2 100644
--- a/README.rst
+++ b/README.rst
@@ -664,6 +664,7 @@
compute:
version: mitaka
dpdk: True
+ vhost_socket_dir: /var/run/openvswitch
backend:
engine: ml2
...
diff --git a/neutron/compute.sls b/neutron/compute.sls
index c6a1df5..cc1f1aa 100644
--- a/neutron/compute.sls
+++ b/neutron/compute.sls
@@ -1,4 +1,4 @@
-{% from "neutron/map.jinja" import compute, fwaas, system_cacerts_file with context %}
+{% from "neutron/map.jinja" import compute, fwaas with context %}
{%- if compute.enabled %}
{% if compute.backend.engine == "ml2" %}
@@ -129,7 +129,7 @@
- makedirs: true
{%- else %}
file.exists:
- - name: {{ compute.message_queue.ssl.get('cacert_file', system_cacerts_file) }}
+ - name: {{ compute.message_queue.ssl.get('cacert_file', compute.cacert_file) }}
{%- endif %}
{%- endif %}
diff --git a/neutron/files/mitaka/neutron-generic.conf.Debian b/neutron/files/mitaka/neutron-generic.conf.Debian
index 36c7fc4..ee5b2bf 100644
--- a/neutron/files/mitaka/neutron-generic.conf.Debian
+++ b/neutron/files/mitaka/neutron-generic.conf.Debian
@@ -1,7 +1,7 @@
{%- if pillar.neutron.gateway is defined %}
-{%- from "neutron/map.jinja" import system_cacerts_file, gateway as neutron with context %}
+{%- from "neutron/map.jinja" import gateway as neutron with context %}
{%- else %}
-{%- from "neutron/map.jinja" import system_cacerts_file, compute as neutron with context %}
+{%- from "neutron/map.jinja" import compute as neutron with context %}
{%- endif %}
[DEFAULT]
@@ -1289,11 +1289,7 @@
kombu_ssl_version = TLSv1_2
{%- endif %}
-{%- if neutron.message_queue.ssl.cacert_file is defined %}
-kombu_ssl_ca_certs = {{ neutron.message_queue.ssl.cacert_file }}
-{%- else %}
-kombu_ssl_ca_certs={{ system_cacerts_file }}
-{%- endif %}
+kombu_ssl_ca_certs = {{ neutron.message_queue.ssl.get('cacert_file', neutron.cacert_file) }}
{%- endif %}
rabbit_userid = {{ neutron.message_queue.user }}
diff --git a/neutron/files/mitaka/neutron-server.conf.Debian b/neutron/files/mitaka/neutron-server.conf.Debian
index 8350857..d676791 100644
--- a/neutron/files/mitaka/neutron-server.conf.Debian
+++ b/neutron/files/mitaka/neutron-server.conf.Debian
@@ -1,4 +1,4 @@
-{%- from "neutron/map.jinja" import fwaas, server, system_cacerts_file with context %}
+{%- from "neutron/map.jinja" import fwaas, server with context %}
[DEFAULT]
@@ -761,7 +761,7 @@
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
{% if server.backend.engine == "ml2" %}
-connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}{%- if server.database.get('ssl',{}).get('enabled',False) %}?ssl_ca={{ server.database.ssl.get('cacert_file', system_cacerts_file) }}{% endif %}
+connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}{%- if server.database.get('ssl',{}).get('enabled',False) %}?ssl_ca={{ server.database.ssl.get('cacert_file', server.cacert_file) }}{% endif %}
{% else %}
connection = sqlite:////var/lib/neutron/neutron.sqlite
{% endif %}
@@ -1397,11 +1397,7 @@
kombu_ssl_version = TLSv1_2
{%- endif %}
-{%- if server.message_queue.ssl.cacert_file is defined %}
-kombu_ssl_ca_certs = {{ server.message_queue.ssl.cacert_file }}
-{%- else %}
-kombu_ssl_ca_certs={{ system_cacerts_file }}
-{%- endif %}
+kombu_ssl_ca_certs = {{ server.message_queue.ssl.get('cacert_file', server.cacert_file) }}
{%- endif %}
rabbit_userid = {{ server.message_queue.user }}
diff --git a/neutron/files/mitaka/openvswitch_agent.ini b/neutron/files/mitaka/openvswitch_agent.ini
index 01162a0..25ecbbd 100644
--- a/neutron/files/mitaka/openvswitch_agent.ini
+++ b/neutron/files/mitaka/openvswitch_agent.ini
@@ -217,6 +217,9 @@
# OVS vhost-user socket directory. (string value)
#vhostuser_socket_dir = /var/run/openvswitch
+{%- if neutron.vhost_socket_dir is defined %}
+vhostuser_socket_dir = {{ neutron.vhost_socket_dir }}
+{%- endif %}
# Address to listen on for OpenFlow connections. Used only for 'native' driver. (IP address value)
#of_listen_address = 127.0.0.1
diff --git a/neutron/files/newton/neutron-generic.conf.Debian b/neutron/files/newton/neutron-generic.conf.Debian
index 3d8c5fb..a9e3a56 100644
--- a/neutron/files/newton/neutron-generic.conf.Debian
+++ b/neutron/files/newton/neutron-generic.conf.Debian
@@ -1,7 +1,7 @@
{%- if pillar.neutron.gateway is defined %}
-{%- from "neutron/map.jinja" import system_cacerts_file, gateway as neutron with context %}
+{%- from "neutron/map.jinja" import gateway as neutron with context %}
{%- else %}
-{%- from "neutron/map.jinja" import system_cacerts_file, compute as neutron with context %}
+{%- from "neutron/map.jinja" import compute as neutron with context %}
{%- endif %}
[DEFAULT]
@@ -1227,11 +1227,7 @@
kombu_ssl_version = TLSv1_2
{%- endif %}
-{%- if neutron.message_queue.ssl.cacert_file is defined %}
-kombu_ssl_ca_certs = {{ neutron.message_queue.ssl.cacert_file }}
-{%- else %}
-kombu_ssl_ca_certs={{ system_cacerts_file }}
-{%- endif %}
+kombu_ssl_ca_certs = {{ neutron.message_queue.ssl.get('cacert_file', neutron.cacert_file) }}
{%- endif %}
# Use durable queues in AMQP. (boolean value)
diff --git a/neutron/files/newton/neutron-server.conf.Debian b/neutron/files/newton/neutron-server.conf.Debian
index 8ef08e1..596413d 100644
--- a/neutron/files/newton/neutron-server.conf.Debian
+++ b/neutron/files/newton/neutron-server.conf.Debian
@@ -1,4 +1,4 @@
-{%- from "neutron/map.jinja" import server, system_cacerts_file with context %}
+{%- from "neutron/map.jinja" import server with context %}
[DEFAULT]
#
@@ -771,7 +771,7 @@
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
{% if server.backend.engine == "ml2" %}
-connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8{%- if server.database.get('ssl',{}).get('enabled',False) %}&ssl_ca={{ server.database.ssl.get('cacert_file', system_cacerts_file) }}{% endif %}
+connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8{%- if server.database.get('ssl',{}).get('enabled',False) %}&ssl_ca={{ server.database.ssl.get('cacert_file', server.cacert_file) }}{% endif %}
{% else %}
connection = sqlite:////var/lib/neutron/neutron.sqlite
{% endif %}
@@ -1323,11 +1323,7 @@
kombu_ssl_version = TLSv1_2
{%- endif %}
-{%- if server.message_queue.ssl.cacert_file is defined %}
-kombu_ssl_ca_certs = {{ server.message_queue.ssl.cacert_file }}
-{%- else %}
-kombu_ssl_ca_certs={{ system_cacerts_file }}
-{%- endif %}
+kombu_ssl_ca_certs = {{ server.message_queue.ssl.get('cacert_file', server.cacert_file) }}
{%- endif %}
# Use durable queues in AMQP. (boolean value)
diff --git a/neutron/files/newton/openvswitch_agent.ini b/neutron/files/newton/openvswitch_agent.ini
index 01162a0..25ecbbd 100644
--- a/neutron/files/newton/openvswitch_agent.ini
+++ b/neutron/files/newton/openvswitch_agent.ini
@@ -217,6 +217,9 @@
# OVS vhost-user socket directory. (string value)
#vhostuser_socket_dir = /var/run/openvswitch
+{%- if neutron.vhost_socket_dir is defined %}
+vhostuser_socket_dir = {{ neutron.vhost_socket_dir }}
+{%- endif %}
# Address to listen on for OpenFlow connections. Used only for 'native' driver. (IP address value)
#of_listen_address = 127.0.0.1
diff --git a/neutron/files/ocata/neutron-generic.conf.Debian b/neutron/files/ocata/neutron-generic.conf.Debian
index 123386d..0d16a6d 100644
--- a/neutron/files/ocata/neutron-generic.conf.Debian
+++ b/neutron/files/ocata/neutron-generic.conf.Debian
@@ -1,7 +1,7 @@
{%- if pillar.neutron.gateway is defined %}
-{%- from "neutron/map.jinja" import system_cacerts_file, gateway as neutron with context %}
+{%- from "neutron/map.jinja" import gateway as neutron with context %}
{%- else %}
-{%- from "neutron/map.jinja" import system_cacerts_file, compute as neutron with context %}
+{%- from "neutron/map.jinja" import compute as neutron with context %}
{%- endif %}
[DEFAULT]
@@ -1535,11 +1535,7 @@
kombu_ssl_version = TLSv1_2
{%- endif %}
-{%- if neutron.message_queue.ssl.cacert_file is defined %}
-kombu_ssl_ca_certs = {{ neutron.message_queue.ssl.cacert_file }}
-{%- else %}
-kombu_ssl_ca_certs={{ system_cacerts_file }}
-{%- endif %}
+kombu_ssl_ca_certs = {{ neutron.message_queue.ssl.get('cacert_file', neutron.cacert_file) }}
{%- endif %}
# Use durable queues in AMQP. (boolean value)
diff --git a/neutron/files/ocata/neutron-server.conf.Debian b/neutron/files/ocata/neutron-server.conf.Debian
index c8cdb6b..ffe2a05 100644
--- a/neutron/files/ocata/neutron-server.conf.Debian
+++ b/neutron/files/ocata/neutron-server.conf.Debian
@@ -1,4 +1,4 @@
-{%- from "neutron/map.jinja" import fwaas, server, system_cacerts_file with context %}
+{%- from "neutron/map.jinja" import fwaas, server with context %}
[DEFAULT]
#
@@ -862,7 +862,7 @@
# Deprecated group/name - [sql]/connection
{% if server.backend.engine in ["ml2", "ovn"] %}
-connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8{%- if server.database.get('ssl',{}).get('enabled',False) %}&ssl_ca={{ server.database.ssl.get('cacert_file', system_cacerts_file) }}{% endif %}
+connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8{%- if server.database.get('ssl',{}).get('enabled',False) %}&ssl_ca={{ server.database.ssl.get('cacert_file', server.cacert_file) }}{% endif %}
{% else %}
connection = sqlite:////var/lib/neutron/neutron.sqlite
{% endif %}
@@ -1638,11 +1638,7 @@
kombu_ssl_version = TLSv1_2
{%- endif %}
-{%- if server.message_queue.ssl.cacert_file is defined %}
-kombu_ssl_ca_certs = {{ server.message_queue.ssl.cacert_file }}
-{%- else %}
-kombu_ssl_ca_certs={{ system_cacerts_file }}
-{%- endif %}
+kombu_ssl_ca_certs = {{ server.message_queue.ssl.get('cacert_file', server.cacert_file) }}
{%- endif %}
# Use durable queues in AMQP. (boolean value)
diff --git a/neutron/files/ocata/openvswitch_agent.ini b/neutron/files/ocata/openvswitch_agent.ini
index a8eecc4..a8ae0d2 100644
--- a/neutron/files/ocata/openvswitch_agent.ini
+++ b/neutron/files/ocata/openvswitch_agent.ini
@@ -276,6 +276,9 @@
# OVS vhost-user socket directory. (string value)
#vhostuser_socket_dir = /var/run/openvswitch
+{%- if neutron.vhost_socket_dir is defined %}
+vhostuser_socket_dir = {{ neutron.vhost_socket_dir }}
+{%- endif %}
# Address to listen on for OpenFlow connections. Used only for 'native' driver.
# (IP address value)
diff --git a/neutron/gateway.sls b/neutron/gateway.sls
index 81513d8..6046b96 100644
--- a/neutron/gateway.sls
+++ b/neutron/gateway.sls
@@ -1,4 +1,4 @@
-{% from "neutron/map.jinja" import gateway, fwaas, system_cacerts_file with context %}
+{% from "neutron/map.jinja" import gateway, fwaas with context %}
{%- if fwaas.get('enabled', False) %}
include:
@@ -77,7 +77,7 @@
- makedirs: true
{%- else %}
file.exists:
- - name: {{ gateway.message_queue.ssl.get('cacert_file', system_cacerts_file) }}
+ - name: {{ gateway.message_queue.ssl.get('cacert_file', gateway.cacert_file) }}
{%- endif %}
{%- endif %}
diff --git a/neutron/map.jinja b/neutron/map.jinja
index 9631d1b..4c95928 100644
--- a/neutron/map.jinja
+++ b/neutron/map.jinja
@@ -1,9 +1,12 @@
-{%- set system_cacerts_file = salt['grains.filter_by']({
- 'Debian': '/etc/ssl/certs/ca-certificates.crt',
- 'RedHat': '/etc/pki/tls/certs/ca-bundle.crt'
-})%}
+{%- set default_params = {
+ 'cacert_file': salt['grains.filter_by']({
+ 'Debian': '/etc/ssl/certs/ca-certificates.crt',
+ 'RedHat': '/etc/pki/tls/certs/ca-bundle.crt'
+ })}
+%}
{% set compute = salt['grains.filter_by']({
+ 'BaseDefaults': default_params,
'Debian': {
'pkgs': ['neutron-openvswitch-agent', 'openvswitch-switch', 'python-pycadf'],
'pkgs_ovn': ['ovn-common', 'ovn-host'],
@@ -24,9 +27,10 @@
'enabled': false
}
},
-}, merge=pillar.neutron.get('compute', {})) %}
+}, merge=pillar.neutron.get('compute', {}), base='BaseDefaults') %}
{% set gateway = salt['grains.filter_by']({
+ 'BaseDefaults': default_params,
'Debian': {
'pkgs': ['neutron-dhcp-agent', 'neutron-openvswitch-agent', 'neutron-l3-agent', 'openvswitch-common', 'neutron-metadata-agent'],
'services': ['neutron-openvswitch-agent', 'neutron-metadata-agent', 'neutron-l3-agent', 'neutron-dhcp-agent'],
@@ -37,9 +41,10 @@
'services': ['neutron-openvswitch-agent', 'neutron-metadata-agent', 'neutron-l3-agent', 'neutron-dhcp-agent'],
'dpdk': false
},
-}, merge=pillar.neutron.get('gateway', {})) %}
+}, merge=pillar.neutron.get('gateway', {}), base='BaseDefaults') %}
{% set server = salt['grains.filter_by']({
+ 'BaseDefaults': default_params,
'Debian': {
'pkgs': ['neutron-server','python-neutron-lbaas', 'gettext-base', 'python-pycadf'],
'pkgs_ovn': ['python-networking-ovn', 'ovn-common', 'ovn-central'],
@@ -66,7 +71,7 @@
'enabled': false
}
},
-}, merge=pillar.neutron.get('server', {})) %}
+}, merge=pillar.neutron.get('server', {}), base='BaseDefaults') %}
{% set client = salt['grains.filter_by']({
'Debian': {
diff --git a/neutron/server.sls b/neutron/server.sls
index ab624f5..a6de469 100644
--- a/neutron/server.sls
+++ b/neutron/server.sls
@@ -1,4 +1,4 @@
-{%- from "neutron/map.jinja" import server, fwaas, system_cacerts_file with context %}
+{%- from "neutron/map.jinja" import server, fwaas with context %}
{%- if fwaas.get('enabled', False) %}
include:
@@ -289,7 +289,7 @@
- makedirs: true
{%- else %}
file.exists:
- - name: {{ server.message_queue.ssl.get('cacert_file', system_cacerts_file) }}
+ - name: {{ server.message_queue.ssl.get('cacert_file', server.cacert_file) }}
{%- endif %}
{%- endif %}
@@ -303,7 +303,7 @@
- makedirs: true
{%- else %}
file.exists:
- - name: {{ server.database.ssl.get('cacert_file', system_cacerts_file) }}
+ - name: {{ server.database.ssl.get('cacert_file', server.cacert_file) }}
{%- endif %}
{%- endif %}