Code Review / integration / packaging / puppet-opendaylight.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
INTPAK-123 Move to log4j2
[integration/packaging/puppet-opendaylight.git] / manifests / config.pp
1 # == Class opendaylight::config
2 #
3 # This class handles ODL config changes.
4 # It's called from the opendaylight class.
5 #
6 class opendaylight::config {
7   # Configuration of Karaf features to install
8   file { 'org.apache.karaf.features.cfg':
9     ensure => file,
10     path   => '/opt/opendaylight/etc/org.apache.karaf.features.cfg',
11     # Set user:group owners
12     owner  => 'odl',
13     group  => 'odl',
14   }
15   $features_csv = join($opendaylight::features, ',')
16   file_line { 'featuresBoot':
17     path  => '/opt/opendaylight/etc/org.apache.karaf.features.cfg',
18     line  => "featuresBoot=${features_csv}",
19     match => '^featuresBoot=.*$',
20   }
21
22   file { 'org.ops4j.pax.web.cfg':
23     ensure => file,
24     path   => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
25     # Set user:group owners
26     owner  => 'odl',
27     group  => 'odl',
28   }
29
30   $ha_node_count = count($::opendaylight::ha_node_ips)
31   if $::opendaylight::enable_ha and $ha_node_count < 2 {
32     fail("Number of HA nodes less than 2: ${ha_node_count} and HA Enabled")
33   }
34
35   # Configuration of ODL NB REST port to listen on
36   if $opendaylight::enable_tls {
37
38     if $::opendaylight::tls_keystore_password == undef {
39       fail('Enabling TLS requires setting a TLS password for the ODL keystore')
40     }
41
42     if $::opendaylight::tls_key_file or $::opendaylight::tls_cert_file {
43       if $::opendaylight::tls_key_file and $::opendaylight::tls_cert_file {
44         odl_keystore { 'controller':
45           password  => $::opendaylight::tls_keystore_password,
46           cert_file => $::opendaylight::tls_cert_file,
47           key_file  => $::opendaylight::tls_key_file,
48           ca_file   => $::opendaylight::tls_ca_cert_file,
49           require   => File['/opt/opendaylight/configuration/ssl']
50         }
51       } else {
52         fail('Must specify both TLS key file path AND certificate file path')
53       }
54     }
55
56     augeas {'Remove HTTP ODL REST Port':
57       incl    => '/opt/opendaylight/etc/jetty.xml',
58       context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
59       lens    => 'Xml.lns',
60       changes => ["rm Call[1]/Arg/New/Set[#attribute[name='port']]"]
61     }
62
63     augeas {'ODL SSL REST Port':
64       incl    => '/opt/opendaylight/etc/jetty.xml',
65       context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
66       lens    => 'Xml.lns',
67       changes => ["set New[1]/Set[#attribute[name='securePort']]/Property/#attribute/default ${opendaylight::odl_rest_port}"]
68     }
69
70     file_line { 'set pax TLS port':
71       ensure  => present,
72       path    => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
73       line    => "org.osgi.service.http.port.secure = ${opendaylight::odl_rest_port}",
74       match   => '^#?org.osgi.service.http.port.secure.*$',
75       require => File['org.ops4j.pax.web.cfg']
76     }
77
78     file_line { 'enable pax TLS':
79       ensure  => present,
80       path    => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
81       line    => 'org.osgi.service.http.secure.enabled = true',
82       match   => '^#?org.osgi.service.http.secure.enabled.*$',
83       require => File['org.ops4j.pax.web.cfg']
84     }
85
86     file {'aaa-cert-config.xml':
87       ensure  => file,
88       path    => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/aaa-cert-config.xml',
89       owner   => 'odl',
90       group   => 'odl',
91       content => template('opendaylight/aaa-cert-config.xml.erb'),
92     }
93
94     file_line {'set pax TLS keystore location':
95       ensure  => present,
96       path    => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
97       line    => 'org.ops4j.pax.web.ssl.keystore = configuration/ssl/ctl.jks',
98       match   => '^#?org.ops4j.pax.web.ssl.keystore.*$',
99       require => File['org.ops4j.pax.web.cfg']
100     }
101     file_line {'set pax TLS keystore integrity password':
102       ensure  => present,
103       path    => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
104       line    => "org.ops4j.pax.web.ssl.password = ${opendaylight::tls_keystore_password}",
105       match   => '^#?org.ops4j.pax.web.ssl.password.*$',
106       require => File['org.ops4j.pax.web.cfg']
107     }
108
109     file_line {'set pax TLS keystore password':
110       ensure  => present,
111       path    => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
112       line    => "org.ops4j.pax.web.ssl.keypassword = ${opendaylight::tls_keystore_password}",
113       match   => '^#?org.ops4j.pax.web.ssl.keypassword.*$',
114       require => File['org.ops4j.pax.web.cfg']
115     }
116
117     # Enable TLS with OVSDB
118     file { 'org.opendaylight.ovsdb.library.cfg':
119       ensure => file,
120       path   => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg',
121       owner  => 'odl',
122       group  => 'odl',
123       source => 'puppet:///modules/opendaylight/org.opendaylight.ovsdb.library.cfg',
124     }
125
126     # Configure OpenFlow plugin to use TLS
127     $transport_protocol = 'TLS'
128   } else {
129     $transport_protocol = 'TCP'
130     augeas { 'ODL REST Port':
131       incl    => '/opt/opendaylight/etc/jetty.xml',
132       context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
133       lens    => 'Xml.lns',
134       changes => [
135         "set Call[1]/Arg/New/Set[#attribute[name='port']]/Property/#attribute/default
136           ${opendaylight::odl_rest_port}"]
137     }
138   }
139   # Configure OpenFlow plugin to use TCP/TLS
140   file { 'default-openflow-connection-config.xml':
141     ensure  => file,
142     path    => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml',
143     # Set user:group owners
144     owner   => 'odl',
145     group   => 'odl',
146     content => template('opendaylight/default-openflow-connection-config.xml.erb'),
147   }
148   $initial_config_dir = '/opt/opendaylight/configuration/initial'
149
150   file { $initial_config_dir:
151         ensure => directory,
152         mode   => '0755',
153         owner  => 'odl',
154         group  => 'odl',
155   }
156
157   if $opendaylight::odl_bind_ip != '0.0.0.0' {
158     # Configuration of ODL NB REST IP to listen on
159     augeas { 'ODL REST IP':
160       incl    => '/opt/opendaylight/etc/jetty.xml',
161       context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
162       lens    => 'Xml.lns',
163       changes => [
164         "set Call[1]/Arg/New/Set[#attribute[name='host']]/Property/#attribute/default ${opendaylight::odl_bind_ip}"
165       ]
166     }
167
168     file_line { 'set pax bind IP':
169       ensure  => present,
170       path    => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
171       line    => "org.ops4j.pax.web.listening.addresses = ${opendaylight::odl_bind_ip}",
172       require => File['org.ops4j.pax.web.cfg']
173     }
174
175     # Configure websocket address
176     file { '/opt/opendaylight/etc/org.opendaylight.restconf.cfg':
177       ensure => file,
178       path   => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
179       owner  => 'odl',
180       group  => 'odl',
181     }
182     -> file_line { 'websocket-address':
183       ensure => present,
184       path   => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
185       line   => "websocket-address=${::opendaylight::odl_bind_ip}",
186       match  => '^websocket-address=.*$',
187     }
188   }
189
190   # Set any custom log levels
191   $opendaylight::log_levels.each |$log_name, $logging_level| {
192     $underscored_version = regsubst($log_name, '\.', '_', 'G')
193     file_line {"logger-${log_name}-level":
194       ensure => present,
195       path   => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
196       line   => "log4j2.logger.${underscored_version}.level = ${logging_level}",
197       match  => "log4j2.logger.${underscored_version}.level = .*$"
198     }
199     file_line {"logger-${log_name}-name":
200       ensure => present,
201       path   => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
202       line   => "log4j2.logger.${underscored_version}.name = ${log_name}",
203       match  => "log4j2.logger.${underscored_version}.name = .*$"
204     }
205   }
206
207   # set logging mechanism
208   if $opendaylight::log_mechanism == 'console' {
209     file_line { 'consoleappender':
210       ensure => present,
211       path   => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
212       line   => 'karaf.log.console=INFO',
213       after  => 'log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter',
214       match  => '^karaf.log.console.*$'
215     }
216   } else {
217     # Set maximum ODL log file size
218     file_line { 'logmaxsize':
219       ensure => present,
220       path   => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
221       line   => "log4j2.appender.rolling.policies.size.size = ${::opendaylight::log_max_size}",
222       match  => '^log4j2.appender.rolling.policies.size.size.*$'
223     }
224
225     file_line { 'rolloverstrategy':
226       ensure => present,
227       path   => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
228       line   => 'log4j2.appender.rolling.strategy.type = DefaultRolloverStrategy'
229     }
230
231     # Set maximum number of ODL log file rollovers to preserve
232     -> file_line { 'logmaxrollover':
233       ensure => present,
234       path   => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
235       line   => "log4j2.appender.rolling.strategy.max = ${::opendaylight::log_max_rollover}",
236       match  => '^log4j2.appender.rolling.strategy.max.*$'
237     }
238   }
239
240   # Configure ODL HA if enabled
241   if $::opendaylight::enable_ha {
242     # Configure ODL OSVDB Clustering
243
244     file {'akka.conf':
245       ensure  => file,
246       path    => "${initial_config_dir}/akka.conf",
247       owner   => 'odl',
248       group   => 'odl',
249       content => template('opendaylight/akka.conf.erb'),
250       require => File[$initial_config_dir]
251     }
252
253     file {'modules.conf':
254       ensure  => file,
255       path    => "${initial_config_dir}/modules.conf",
256       owner   => 'odl',
257       group   => 'odl',
258       content => template('opendaylight/modules.conf.erb'),
259       require => File[$initial_config_dir]
260     }
261
262     file {'module-shards.conf':
263       ensure  => file,
264       path    => "${initial_config_dir}/module-shards.conf",
265       owner   => 'odl',
266       group   => 'odl',
267       content => template('opendaylight/module-shards.conf.erb'),
268       require => File[$initial_config_dir]
269     }
270   }
271
272   $odl_dirs = [
273     '/opt/opendaylight/etc/opendaylight',
274     '/opt/opendaylight/etc/opendaylight/karaf',
275     '/opt/opendaylight/etc/opendaylight/datastore',
276     '/opt/opendaylight/etc/opendaylight/datastore/initial',
277     '/opt/opendaylight/etc/opendaylight/datastore/initial/config',
278     '/opt/opendaylight/configuration/ssl'
279   ]
280
281   file { $odl_dirs:
282     ensure => directory,
283     mode   => '0755',
284     owner  => 'odl',
285     group  => 'odl',
286   }
287
288   if ('odl-netvirt-openstack' in $opendaylight::features or 'odl-netvirt-sfc' in $opendaylight::features) {
289     # Configure SNAT
290
291     file { 'netvirt-natservice-config.xml':
292       ensure  => file,
293       path    => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml',
294       owner   => 'odl',
295       group   => 'odl',
296       content => template('opendaylight/netvirt-natservice-config.xml.erb'),
297       require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
298     }
299   }
300
301   # SFC Config
302   if ('odl-netvirt-sfc' in $opendaylight::features) {
303     file { 'netvirt-elanmanager-config.xml':
304       ensure  => file,
305       path    => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-elanmanager-config.xml',
306       owner   => 'odl',
307       group   => 'odl',
308       source  => 'puppet:///modules/opendaylight/netvirt-elanmanager-config.xml',
309       require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
310     }
311
312     file { 'genius-itm-config.xml':
313       ensure  => file,
314       path    => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-itm-config.xml',
315       owner   => 'odl',
316       group   => 'odl',
317       source  => 'puppet:///modules/opendaylight/genius-itm-config.xml',
318       require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
319     }
320   }
321
322   #configure VPP routing node
323   if ! empty($::opendaylight::vpp_routing_node) {
324     file { 'org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg':
325       ensure => file,
326       path   => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg',
327       owner  => 'odl',
328       group  => 'odl',
329     }
330     file_line { 'routing-node':
331       path  => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg',
332       line  => "routing-node=${::opendaylight::vpp_routing_node}",
333       match => '^routing-node=.*$',
334     }
335   }
336
337   # Configure username/password
338   odl_user { $::opendaylight::username:
339     password => $::opendaylight::password,
340     before   => Service['opendaylight'],
341   }
342 }
ODL-managed repository for the puppet-opendaylight. - Archived