1 # == Class opendaylight::config
3 # This class handles ODL config changes.
4 # It's called from the opendaylight class.
6 class opendaylight::config {
7 # Configuration of Karaf features to install
8 file { 'org.apache.karaf.features.cfg':
10 path => '/opt/opendaylight/etc/org.apache.karaf.features.cfg',
11 # Set user:group owners
15 $features_csv = join($opendaylight::features, ',')
16 file_line { 'featuresBoot':
17 path => '/opt/opendaylight/etc/org.apache.karaf.features.cfg',
18 line => "featuresBoot=${features_csv}",
19 match => '^featuresBoot=.*$',
22 # Modify karaf to include Java options
23 file_line {'Karaf Java Options':
25 path => '/opt/opendaylight/bin/karaf',
26 line => "EXTRA_JAVA_OPTS=\"${opendaylight::java_options}\"",
27 match => '^EXTRA_JAVA_OPTS=.*$',
28 after => '^PROGNAME=.*$'
31 file { 'org.ops4j.pax.web.cfg':
33 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
34 # Set user:group owners
39 $ha_node_count = count($::opendaylight::ha_node_ips)
40 if $::opendaylight::enable_ha and $ha_node_count < 2 {
41 fail("Number of HA nodes less than 2: ${ha_node_count} and HA Enabled")
44 # Configuration of ODL NB REST port to listen on
45 if $opendaylight::enable_tls {
47 if $::opendaylight::tls_keystore_password == undef {
48 fail('Enabling TLS requires setting a TLS password for the ODL keystore')
51 if $::opendaylight::tls_key_file or $::opendaylight::tls_cert_file {
52 if $::opendaylight::tls_key_file and $::opendaylight::tls_cert_file {
53 odl_keystore { 'controller':
54 password => $::opendaylight::tls_keystore_password,
55 cert_file => $::opendaylight::tls_cert_file,
56 key_file => $::opendaylight::tls_key_file,
57 ca_file => $::opendaylight::tls_ca_cert_file,
58 require => File['/opt/opendaylight/configuration/ssl']
61 fail('Must specify both TLS key file path AND certificate file path')
65 augeas {'Remove HTTP ODL REST Port':
66 incl => '/opt/opendaylight/etc/jetty.xml',
67 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
69 changes => ["rm Call[1]/Arg/New/Set[#attribute[name='port']]"]
72 augeas {'ODL SSL REST Port':
73 incl => '/opt/opendaylight/etc/jetty.xml',
74 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
76 changes => ["set New[1]/Set[#attribute[name='securePort']]/Property/#attribute/default ${opendaylight::odl_rest_port}"]
79 file_line { 'set pax TLS port':
81 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
82 line => "org.osgi.service.http.port.secure = ${opendaylight::odl_rest_port}",
83 match => '^#?org.osgi.service.http.port.secure.*$',
84 require => File['org.ops4j.pax.web.cfg']
87 file_line { 'enable pax TLS':
89 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
90 line => 'org.osgi.service.http.secure.enabled = true',
91 match => '^#?org.osgi.service.http.secure.enabled.*$',
92 require => File['org.ops4j.pax.web.cfg']
95 file_line { 'disable pax HTTP':
97 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
98 line => 'org.osgi.service.http.enabled = false',
99 match => '^#?org.osgi.service.http.enabled.*$',
100 require => File['org.ops4j.pax.web.cfg']
103 file {'aaa-cert-config.xml':
105 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/aaa-cert-config.xml',
108 content => template('opendaylight/aaa-cert-config.xml.erb'),
111 file_line {'set pax TLS keystore location':
113 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
114 line => 'org.ops4j.pax.web.ssl.keystore = configuration/ssl/ctl.jks',
115 match => '^#?org.ops4j.pax.web.ssl.keystore.*$',
116 require => File['org.ops4j.pax.web.cfg']
118 file_line {'set pax TLS keystore integrity password':
120 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
121 line => "org.ops4j.pax.web.ssl.password = ${opendaylight::tls_keystore_password}",
122 match => '^#?org.ops4j.pax.web.ssl.password.*$',
123 require => File['org.ops4j.pax.web.cfg']
126 file_line {'set pax TLS keystore password':
128 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
129 line => "org.ops4j.pax.web.ssl.keypassword = ${opendaylight::tls_keystore_password}",
130 match => '^#?org.ops4j.pax.web.ssl.keypassword.*$',
131 require => File['org.ops4j.pax.web.cfg']
134 # Configure OpenFlow plugin to use TLS
135 $transport_protocol = 'TLS'
137 $transport_protocol = 'TCP'
138 augeas { 'ODL REST Port':
139 incl => '/opt/opendaylight/etc/jetty.xml',
140 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
143 "set Call[1]/Arg/New/Set[#attribute[name='port']]/Property/#attribute/default
144 ${opendaylight::odl_rest_port}"]
147 file_line { 'set pax bind port':
149 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
150 line => "org.osgi.service.http.port = ${opendaylight::odl_rest_port}",
151 match => '^#?org.osgi.service.http.port\s.*$',
152 require => File['org.ops4j.pax.web.cfg']
157 file { 'org.opendaylight.ovsdb.library.cfg':
159 path => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg',
162 content => template('opendaylight/org.opendaylight.ovsdb.library.cfg.erb'),
165 # Configure OpenFlow plugin to use TCP/TLS
166 file { 'default-openflow-connection-config.xml':
168 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml',
169 # Set user:group owners
172 content => template('opendaylight/default-openflow-connection-config.xml.erb'),
174 $initial_config_dir = '/opt/opendaylight/configuration/initial'
176 file { $initial_config_dir:
183 if $opendaylight::odl_bind_ip != '0.0.0.0' {
184 # Configuration of ODL NB REST IP to listen on
185 augeas { 'ODL REST IP':
186 incl => '/opt/opendaylight/etc/jetty.xml',
187 context => '/files/opt/opendaylight/etc/jetty.xml/Configure',
190 "set Call[1]/Arg/New/Set[#attribute[name='host']]/Property/#attribute/default ${opendaylight::odl_bind_ip}"
194 # Configure karaf bind IP
195 file_line { 'set karaf IP':
197 path => '/opt/opendaylight/etc/org.apache.karaf.shell.cfg',
198 line => "sshHost = ${opendaylight::odl_bind_ip}",
199 match => '^sshHost\s*=.*$',
202 file_line { 'set pax bind IP':
204 path => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
205 line => "org.ops4j.pax.web.listening.addresses = ${opendaylight::odl_bind_ip}",
206 require => File['org.ops4j.pax.web.cfg']
209 # Configure websocket address
210 file { '/opt/opendaylight/etc/org.opendaylight.restconf.cfg':
212 path => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
216 -> file_line { 'websocket-address':
218 path => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
219 line => "websocket-address=${::opendaylight::odl_bind_ip}",
220 match => '^websocket-address=.*$',
224 # Configure inactivity probe
225 if $opendaylight::inactivity_probe {
226 file {'netvirt-elanmanager-config.xml':
228 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-elanmanager-config.xml',
231 content => template('opendaylight/netvirt-elanmanager-config.xml.erb')
235 # Set any custom log levels
236 $opendaylight::log_levels.each |$log_name, $logging_level| {
237 $underscored_version = regsubst($log_name, '\.', '_', 'G')
238 file_line {"logger-${log_name}-level":
240 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
241 line => "log4j2.logger.${underscored_version}.level = ${logging_level}",
242 match => "log4j2.logger.${underscored_version}.level = .*$"
244 file_line {"logger-${log_name}-name":
246 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
247 line => "log4j2.logger.${underscored_version}.name = ${log_name}",
248 match => "log4j2.logger.${underscored_version}.name = .*$"
252 # set logging mechanism
253 if $opendaylight::log_mechanism == 'console' {
254 file_line { 'consoleappender':
256 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
257 line => 'karaf.log.console=INFO',
258 after => 'log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter',
259 match => '^karaf.log.console.*$'
261 file_line { 'direct':
263 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
264 line => 'log4j2.appender.console.direct = true',
265 after => 'karaf.log.console=INFO',
266 match => '^log4j2.appender.console.direct.*$'
270 # Set maximum ODL log file size
271 file_line { 'logmaxsize':
273 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
274 line => "log4j2.appender.rolling.policies.size.size = ${::opendaylight::log_max_size}",
275 match => '^log4j2.appender.rolling.policies.size.size.*$'
278 file_line { 'rolloverstrategy':
280 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
281 line => 'log4j2.appender.rolling.strategy.type = DefaultRolloverStrategy'
284 # Set maximum number of ODL log file rollovers to preserve
285 -> file_line { 'logmaxrollover':
287 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
288 line => "log4j2.appender.rolling.strategy.max = ${::opendaylight::log_max_rollover}",
289 match => '^log4j2.appender.rolling.strategy.max.*$'
292 # Set file index to min for rollover strategy
293 -> file_line { 'logrolloverfileindex':
295 path => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg',
296 line => "log4j2.appender.rolling.strategy.fileIndex = ${::opendaylight::log_rollover_fileindex}",
297 match => '^log4j2.appender.rolling.strategy.fileIndex.*$'
301 # Configure ODL HA if enabled
302 if $::opendaylight::enable_ha {
303 # Configure ODL OSVDB Clustering
307 path => "${initial_config_dir}/akka.conf",
310 content => template('opendaylight/akka.conf.erb'),
311 require => File[$initial_config_dir]
314 file {'modules.conf':
316 path => "${initial_config_dir}/modules.conf",
319 content => template('opendaylight/modules.conf.erb'),
320 require => File[$initial_config_dir]
323 file {'module-shards.conf':
325 path => "${initial_config_dir}/module-shards.conf",
328 content => template('opendaylight/module-shards.conf.erb'),
329 require => File[$initial_config_dir]
334 '/opt/opendaylight/etc/opendaylight',
335 '/opt/opendaylight/etc/opendaylight/karaf',
336 '/opt/opendaylight/etc/opendaylight/datastore',
337 '/opt/opendaylight/etc/opendaylight/datastore/initial',
338 '/opt/opendaylight/etc/opendaylight/datastore/initial/config',
339 '/opt/opendaylight/configuration/ssl'
349 if ('odl-netvirt-openstack' in $opendaylight::features or 'odl-netvirt-sfc' in $opendaylight::features) {
352 file { 'netvirt-natservice-config.xml':
354 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml',
357 content => template('opendaylight/netvirt-natservice-config.xml.erb'),
358 require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
362 # Config file for SFC and DSCP features
363 file { 'genius-itm-config.xml':
365 path => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-itm-config.xml',
368 content => template('opendaylight/genius-itm-config.xml.erb'),
369 require => File['/opt/opendaylight/etc/opendaylight/datastore/initial/config'],
372 #configure VPP routing node
373 if ! empty($::opendaylight::vpp_routing_node) {
374 file { 'org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg':
376 path => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg',
380 file_line { 'routing-node':
381 path => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg',
382 line => "routing-node=${::opendaylight::vpp_routing_node}",
383 match => '^routing-node=.*$',
387 # Configure username/password
388 odl_user { $::opendaylight::username:
389 password => $::opendaylight::password,
390 before => Service['opendaylight'],
393 # Configure OpenFlow entities' statistics polling
394 file { 'openflowplugin.cfg':
396 path => '/opt/opendaylight/etc/org.opendaylight.openflowplugin.cfg',
397 # Set user:group owners
401 file_line { 'stats-polling':
403 path => '/opt/opendaylight/etc/org.opendaylight.openflowplugin.cfg',
404 line => "is-statistics-polling-on=${::opendaylight::stats_polling_enabled}",
405 match => '^is-statistics-polling-on=.*$',