1 # == Class opendaylight::config
3 # This class handles ODL config changes.
4 # It's called from the opendaylight class.
6 class opendaylight::config {
7 # Configuration of Karaf features to install
8 file { 'org.apache.karaf.features.cfg':
10 path => '/opt/opendaylight/etc/org.apache.karaf.features.cfg',
11 # Set user:group owners
15 $features_csv = join($opendaylight::features, ',')
16 file_line { 'featuresBoot':
17 path => '/opt/opendaylight/etc/org.apache.karaf.features.cfg',
18 line => "featuresBoot=${features_csv}",
19 match => '^featuresBoot=.*$',
22 file { 'org.ops4j.pax.web.cfg':
24 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
25 # Set user:group owners
30 $ha_node_count = count($::opendaylight::ha_node_ips)
31 if $::opendaylight::enable_ha and $ha_node_count < 2 {
32 fail("Number of HA nodes less than 2: ${ha_node_count} and HA Enabled")
35 # Configuration of ODL NB REST port to listen on
36 if $opendaylight::enable_tls {
38 if $::opendaylight::tls_keystore_password == undef {
39 fail('Enabling TLS requires setting a TLS password for the ODL keystore')
42 if $::opendaylight::tls_key_file or $::opendaylight::tls_cert_file {
43 if $::opendaylight::tls_key_file and $::opendaylight::tls_cert_file {
44 odl_keystore { 'controller':
45 password => $::opendaylight::tls_keystore_password,
46 cert_file => $::opendaylight::tls_cert_file,
47 key_file => $::opendaylight::tls_key_file,
48 ca_file => $::opendaylight::tls_ca_cert_file,
49 require => File['/opt/opendaylight/configuration/ssl']
52 fail('Must specify both TLS key file path AND certificate file path')
56 augeas {'Remove HTTP ODL REST Port':
57 incl => '/opt/opendaylight/etc/jetty.xml',
58 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
60 changes => ["rm Call[1]/Arg/New/Set[#attribute[name='port']]"]
63 augeas {'ODL SSL REST Port':
64 incl => '/opt/opendaylight/etc/jetty.xml',
65 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
67 changes => ["set New[1]/Set[#attribute[name='securePort']]/Property/#attribute/default ${opendaylight::odl_rest_port}"]
70 file_line { 'set pax TLS port':
72 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
73 line => "org.osgi.service.http.port.secure = ${opendaylight::odl_rest_port}",
74 match => '^#?org.osgi.service.http.port.secure.*$',
75 require => File['org.ops4j.pax.web.cfg']
78 file_line { 'enable pax TLS':
80 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
81 line => 'org.osgi.service.http.secure.enabled = true',
82 match => '^#?org.osgi.service.http.secure.enabled.*$',
83 require => File['org.ops4j.pax.web.cfg']
86 file {'aaa-cert-config.xml':
88 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/aaa-cert-config.xml',
91 content => template('opendaylight/aaa-cert-config.xml.erb'),
94 file_line {'set pax TLS keystore location':
96 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
97 line => 'org.ops4j.pax.web.ssl.keystore = configuration/ssl/ctl.jks',
98 match => '^#?org.ops4j.pax.web.ssl.keystore.*$',
99 require => File['org.ops4j.pax.web.cfg']
101 file_line {'set pax TLS keystore integrity password':
103 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
104 line => "org.ops4j.pax.web.ssl.password = ${opendaylight::tls_keystore_password}",
105 match => '^#?org.ops4j.pax.web.ssl.password.*$',
106 require => File['org.ops4j.pax.web.cfg']
109 file_line {'set pax TLS keystore password':
111 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
112 line => "org.ops4j.pax.web.ssl.keypassword = ${opendaylight::tls_keystore_password}",
113 match => '^#?org.ops4j.pax.web.ssl.keypassword.*$',
114 require => File['org.ops4j.pax.web.cfg']
117 # Enable TLS with OVSDB
118 file { 'org.opendaylight.ovsdb.library.cfg':
120 path => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg',
123 source => 'puppet:///modules/opendaylight/org.opendaylight.ovsdb.library.cfg',
126 # Configure OpenFlow plugin to use TLS
127 $transport_protocol = 'TLS'
129 $transport_protocol = 'TCP'
130 augeas { 'ODL REST Port':
131 incl => '/opt/opendaylight/etc/jetty.xml',
132 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
135 "set Call[1]/Arg/New/Set[#attribute[name='port']]/Property/#attribute/default
136 ${opendaylight::odl_rest_port}"]
139 # Configure OpenFlow plugin to use TCP/TLS
140 file { 'default-openflow-connection-config.xml':
142 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml',
143 # Set user:group owners
146 content => template('opendaylight/default-openflow-connection-config.xml.erb'),
148 $initial_config_dir = '/opt/opendaylight/configuration/initial'
150 file { $initial_config_dir:
157 if $opendaylight::odl_bind_ip != '0.0.0.0' {
158 # Configuration of ODL NB REST IP to listen on
159 augeas { 'ODL REST IP':
160 incl => '/opt/opendaylight/etc/jetty.xml',
161 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
164 "set Call[1]/Arg/New/Set[#attribute[name='host']]/Property/#attribute/default ${opendaylight::odl_bind_ip}"
168 file_line { 'set pax bind IP':
170 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
171 line => "org.ops4j.pax.web.listening.addresses = ${opendaylight::odl_bind_ip}",
172 require => File['org.ops4j.pax.web.cfg']
175 # Configure websocket address
176 file { '/opt/opendaylight/etc/org.opendaylight.restconf.cfg':
178 path => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
182 -> file_line { 'websocket-address':
184 path => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
185 line => "websocket-address=${::opendaylight::odl_bind_ip}",
186 match => '^websocket-address=.*$',
190 # Set any custom log levels
191 $opendaylight::log_levels.each |$log_name, $logging_level| {
192 $underscored_version = regsubst($log_name, '\.', '_', 'G')
193 file_line {"logger-${log_name}-level":
195 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
196 line => "log4j2.logger.${underscored_version}.level = ${logging_level}",
197 match => "log4j2.logger.${underscored_version}.level = .*$"
199 file_line {"logger-${log_name}-name":
201 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
202 line => "log4j2.logger.${underscored_version}.name = ${log_name}",
203 match => "log4j2.logger.${underscored_version}.name = .*$"
207 # set logging mechanism
208 if $opendaylight::log_mechanism == 'console' {
209 file_line { 'consoleappender':
211 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
212 line => 'karaf.log.console=INFO',
213 after => 'log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter',
214 match => '^karaf.log.console.*$'
217 # Set maximum ODL log file size
218 file_line { 'logmaxsize':
220 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
221 line => "log4j2.appender.rolling.policies.size.size = ${::opendaylight::log_max_size}",
222 match => '^log4j2.appender.rolling.policies.size.size.*$'
225 file_line { 'rolloverstrategy':
227 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
228 line => 'log4j2.appender.rolling.strategy.type = DefaultRolloverStrategy'
231 # Set maximum number of ODL log file rollovers to preserve
232 -> file_line { 'logmaxrollover':
234 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
235 line => "log4j2.appender.rolling.strategy.max = ${::opendaylight::log_max_rollover}",
236 match => '^log4j2.appender.rolling.strategy.max.*$'
240 # Configure ODL HA if enabled
241 if $::opendaylight::enable_ha {
242 # Configure ODL OSVDB Clustering
246 path => "${initial_config_dir}/akka.conf",
249 content => template('opendaylight/akka.conf.erb'),
250 require => File[$initial_config_dir]
253 file {'modules.conf':
255 path => "${initial_config_dir}/modules.conf",
258 content => template('opendaylight/modules.conf.erb'),
259 require => File[$initial_config_dir]
262 file {'module-shards.conf':
264 path => "${initial_config_dir}/module-shards.conf",
267 content => template('opendaylight/module-shards.conf.erb'),
268 require => File[$initial_config_dir]
273 '/opt/opendaylight/etc/opendaylight',
274 '/opt/opendaylight/etc/opendaylight/karaf',
275 '/opt/opendaylight/etc/opendaylight/datastore',
276 '/opt/opendaylight/etc/opendaylight/datastore/initial',
277 '/opt/opendaylight/etc/opendaylight/datastore/initial/config',
278 '/opt/opendaylight/configuration/ssl'
288 if ('odl-netvirt-openstack' in $opendaylight::features or 'odl-netvirt-sfc' in $opendaylight::features) {
291 file { 'netvirt-natservice-config.xml':
293 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml',
296 content => template('opendaylight/netvirt-natservice-config.xml.erb'),
297 require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
302 if ('odl-netvirt-sfc' in $opendaylight::features) {
303 file { 'netvirt-elanmanager-config.xml':
305 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-elanmanager-config.xml',
308 source => 'puppet:///modules/opendaylight/netvirt-elanmanager-config.xml',
309 require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
312 file { 'genius-itm-config.xml':
314 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-itm-config.xml',
317 source => 'puppet:///modules/opendaylight/genius-itm-config.xml',
318 require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
322 #configure VPP routing node
323 if ! empty($::opendaylight::vpp_routing_node) {
324 file { 'org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg':
326 path => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg',
330 file_line { 'routing-node':
331 path => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg',
332 line => "routing-node=${::opendaylight::vpp_routing_node}",
333 match => '^routing-node=.*$',
337 # Configure username/password
338 odl_user { $::opendaylight::username:
339 password => $::opendaylight::password,
340 before => Service['opendaylight'],