blob: 618a85d0328b12b46ecd22f74de02141051d4945 [file] [log] [blame]
{%- from "octavia/map.jinja" import manager with context %}
{%- if manager.enabled %}
{%- set ssh_dir = salt['file.dirname'](manager.ssh.private_key_file) %}
{%- set image_mine_data = salt['mine.get']('glance:client', 'glanceng.get_image_owner_id', 'pillar').values() %}
{%- set network_mine_data = salt['mine.get']('neutron:client', 'list_octavia_networks', 'pillar').values() %}
{%- set secgroup_mine_data = salt['mine.get']('neutron:client', 'list_octavia_mgmt_security_groups', 'pillar').values() %}
{%- set port_mine_data = salt['mine.get']('neutron:client', 'list_octavia_hm_ports', 'pillar').values() %}
octavia_manager_packages:
pkg.installed:
- names: {{ manager.pkgs }}
{%- if image_mine_data and network_mine_data and secgroup_mine_data %}
/etc/octavia/octavia_manager.conf:
file.managed:
- source: salt://octavia/files/{{ manager.version }}/octavia_manager.conf
- template: jinja
- require:
- pkg: octavia_manager_packages
- context:
amp_image_owner_id: {{ image_mine_data|first }}
amp_boot_network_list: {{ (network_mine_data|first)['networks'][0]['id'] }}
amp_secgroup_list: {{ (secgroup_mine_data|first)['lb-mgmt-sec-grp']['id'] }}
{%- endif %}
/etc/octavia/certificates/openssl.cnf:
file.managed:
- source: salt://octavia/files/{{ manager.version }}/certificates/openssl.cnf
- require:
- pkg: octavia_manager_packages
{% set dhclient_conf_path = '/etc/octavia/dhcp/dhclient.conf' %}
{{ dhclient_conf_path }}:
file.managed:
- source: salt://octavia/files/{{ manager.version }}/dhcp/dhclient.conf
- require:
- pkg: octavia_manager_packages
octavia_ssh_dir:
file.directory:
- name: {{ ssh_dir }}
- user: {{ manager.ssh.user }}
- group: {{ manager.ssh.group }}
- makedirs: true
octavia_ssh_private_key:
file.managed:
- name: {{ manager.ssh.private_key_file }}
- contents_pillar: octavia:manager:ssh:private_key
- user: {{ manager.ssh.user }}
- group: {{ manager.ssh.group }}
- mode: 600
- require:
- file: octavia_ssh_dir
{%- if not grains.get('noservices', False) %}
{% for filename in ['ca_01.pem', 'ca.key', 'client.pem', 'client.key', 'client_all.pem'] %}
/etc/octavia/certs/{{ filename }}:
file.managed:
- source: salt://_certs/octavia/{{ filename }}
- user: octavia
- group: octavia
- mode: 640
{% endfor %}
{%- if image_mine_data and network_mine_data and secgroup_mine_data and port_mine_data %}
{%- for port in port_mine_data %}
{%- for port_name, port_params in port.iteritems() %}
{%- if grains.get('host') in port_name or port_name == 'octavia-health-manager-listen-port'%}
{%- set amp_hm_port_mac = port_params['mac_address'] %}
{%- set amp_hm_port_id = port_params['id'] %}
{%- set amp_hm_port_ip = port_params['fixed_ips'][0]['ip_address'] %}
health_manager_ovs_port:
cmd.run:
- name: "ovs-vsctl -- --may-exist add-port br-int o-hm0 -- set Interface
o-hm0 type=internal -- set Interface o-hm0 external-ids:iface-status=active
-- set Interface o-hm0 external-ids:attached-mac={{ amp_hm_port_mac }} -- set Interface o-hm0
external-ids:iface-id={{ amp_hm_port_id }} -- set Interface o-hm0 external-ids:skip_cleanup=true"
- unless: ovs-vsctl show | grep o-hm0
health_manager_port_set_mac:
cmd.run:
- name: "ip link set dev o-hm0 address {{ amp_hm_port_mac }}"
- unless: "ip link show o-hm0 | grep {{ amp_hm_port_mac }}"
- require:
- cmd: health_manager_ovs_port
ovs_port_o-hm0:
file.managed:
- name: /etc/network/interfaces.u/ifcfg-o-hm0
- makedirs: True
- source: salt://linux/files/ovs_port
- context:
port_name: o-hm0
port:
proto: static
bridge: br-int
ovs_port_type: ovs_port
address: {{ amp_hm_port_ip }}
netmask: 255.255.255.0
hwaddress: {{ amp_hm_port_mac }}
- template: jinja
health_manager_port_dhclient:
cmd.run:
- name: dhclient -v o-hm0 -cf {{ dhclient_conf_path }}
- require:
- cmd: health_manager_port_set_mac
health_manager_port_add_rule:
iptables.append:
- table: filter
- chain: INPUT
- jump: ACCEPT
- in-interface: o-hm0
- dport: 5555
- proto: udp
- save: True
octavia_manager_services:
service.running:
- names: {{ manager.services }}
- enable: true
- watch:
- file: /etc/octavia/octavia_manager.conf
{%- endif %}
{%- endfor %}
{%- endfor %}
{%- endif %}
{%- endif %}
{%- endif %}