Puppet Class: openstack::nova::network::service

Defined in:
modules/openstack/manifests/nova/network/service.pp

Overview

Nova-network is the network service currently used in Labs; some day soon

we hope to replace it with Neutron.

docs.openstack.org/openstack-ops/content/nova-network-deprecation.html

Parameters:

  • active (Any)
  • version (Any)
  • dns_recursor (Any)
  • dns_recursor_secondary (Any)
  • dnsmasq_classles_static_route (Any)
  • tftp_host (Any) (defaults to: 'install1002.wikimedia.org')
  • nova_dnsmasq_aliases (Any) (defaults to: {})


4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# File 'modules/openstack/manifests/nova/network/service.pp', line 4

class openstack::nova::network::service(
    $active,
    $version,
    $dns_recursor,
    $dns_recursor_secondary,
    $dnsmasq_classles_static_route,
    $tftp_host='install1002.wikimedia.org',
    $nova_dnsmasq_aliases={},
    ) {

    $recursor_ip = ipresolve($dns_recursor,4)
    $recursor_secondary_ip = ipresolve($dns_recursor_secondary,4)

    package {  [ 'nova-network', 'dnsmasq' ]:
        ensure  => 'present',
    }

    file { '/etc/dnsmasq-nova.conf':
        ensure  => 'present',
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template("openstack/${version}/nova/network/dnsmasq-nova.conf.erb"),
        notify  => Service['nova-network'],
    }

    # Firewall is managed by nova-network outside of ferm
    # Do Not Include Base::Firewall

    file { '/etc/modprobe.d/nf_conntrack.conf':
        ensure => 'present',
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
        source => 'puppet:///modules/base/firewall/nf_conntrack.conf',
        notify => Service['nova-network'],
    }

    # dnsmasq is run manually by nova-network, we don't want the service running
    service { 'dnsmasq':
        ensure  => stopped,
        enable  => false,
        require => Package['dnsmasq'];
    }

    service { 'nova-network':
        ensure    => $active,
        subscribe => File['/etc/nova/nova.conf'],
        require   => Package['nova-network'];
    }

    sysctl::parameters { 'openstack':
        values   => {
            # Turn off IP filter
            'net.ipv4.conf.default.rp_filter' => 0,
            'net.ipv4.conf.all.rp_filter'     => 0,

            # Enable IP forwarding
            'net.ipv4.ip_forward'             => 1,
            'net.ipv6.conf.all.forwarding'    => 1,

            # Disable RA
            'net.ipv6.conf.all.accept_ra'     => 0,

            # Increase connection tracking size
            # and bucket since all of labs is
            # tracked on the network host
            'net.netfilter.nf_conntrack_max'  => 262144,
        },
        priority => 50,
    }
}