Commit 0dde8a15 by cloud Committed by Czémán Arnold

vmdriver, storagedriver, manager: add and fix configurations, open necessary…

vmdriver, storagedriver, manager: add and fix configurations,  open necessary ports for multinode deployment mode.
pillar: add deployment_mode property, potential values: standalone, multinode
parent 6f9c3e6a
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
#timezone: Europe/Budapest #timezone: Europe/Budapest
#deployment_type: local #deployment_type: local
#deployment_mode: standalone
#admin_user: admin #admin_user: admin
#admin_pass: 4j23oihreehfd #admin_pass: 4j23oihreehfd
...@@ -39,10 +40,10 @@ ...@@ -39,10 +40,10 @@
# directory: /datastore # directory: /datastore
#storagedriver: #storagedriver:
# queue_name: cloud-6605 # queue_name: cloud-6801
#fwdriver: #fwdriver:
# queue_name: cloud-6605 # queue_name: cloud-6801
# gateway: 10.0.255.254 # gateway: 10.0.255.254
# external_net: 10.0.0.115/16 # external_net: 10.0.0.115/16
# external_if: eth0 # external_if: eth0
......
...@@ -30,3 +30,17 @@ virtual_host: ...@@ -30,3 +30,17 @@ virtual_host:
- read: .* - read: .*
- require: - require:
- service: rabbitmq-server - service: rabbitmq-server
{% if pillar["deployment_mode"] == "multinode" %}
open_amqp_port:
cmd.run:
{% if grains['os_family'] == 'RedHat' %}
- name: >
firewall-cmd --complete-reload ;
firewall-cmd --permanent --zone=public --add-port=5672/tcp ;
firewall-cmd --reload
{% else %}
- name: ufw allow 5672/tcp
{% endif %}
{% endif %}
#
# Note: For new values to take effect the nfs-config service
# has to be restarted with the following command:
# systemctl restart nfs-config
#
# Optional arguments passed to in-kernel lockd
#LOCKDARG=
# TCP port rpc.lockd should listen on.
#LOCKD_TCPPORT=32803
# UDP port rpc.lockd should listen on.
#LOCKD_UDPPORT=32769
#
# Optional arguments passed to rpc.nfsd. See rpc.nfsd(8)
RPCNFSDARGS=""
# Number of nfs server processes to be started.
# The default is 8.
#RPCNFSDCOUNT=16
#
# Set V4 grace period in seconds
#NFSD_V4_GRACE=90
#
# Set V4 lease period in seconds
#NFSD_V4_LEASE=90
#
# Optional arguments passed to rpc.mountd. See rpc.mountd(8)
RPCMOUNTDOPTS=""
#
# Optional arguments passed to rpc.statd. See rpc.statd(8)
STATDARG=""
#
# Optional arguments passed to sm-notify. See sm-notify(8)
SMNOTIFYARGS=""
#
# Optional arguments passed to rpc.idmapd. See rpc.idmapd(8)
RPCIDMAPDARGS=""
#
# Optional arguments passed to rpc.gssd. See rpc.gssd(8)
RPCGSSDARGS=""
#
# Enable usage of gssproxy. See gssproxy-mech(8).
GSS_USE_PROXY="yes"
#
# Optional arguments passed to rpc.svcgssd. See rpc.svcgssd(8)
RPCSVCGSSDARGS=""
#
# Optional arguments passed to blkmapd. See blkmapd(8)
BLKMAPDARGS=""
MOUNTD_PORT=20048
STATD_PORT=33100
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
#!/bin/bash
# Opens nfs ports
{% if grains['os_family'] == 'RedHat' %}
firewall-cmd --complete-reload
# NFS
firewall-cmd --permanent --zone=public --add-port=2049/tcp
firewall-cmd --permanent --zone=public --add-port=2049/udp
# rpcbind/sunrpc
firewall-cmd --permanent --zone=public --add-port=111/tcp
firewall-cmd --permanent --zone=public --add-port=111/udp
# MOUNTD_PORT
firewall-cmd --permanent --zone=public --add-port=20048/tcp
firewall-cmd --permanent --zone=public --add-port=20048/udp
# STATD_PORT
firewall-cmd --permanent --zone=public --add-port=33100/tcp
firewall-cmd --permanent --zone=public --add-port=33100/udp
# LOCKD_TCPPORT
firewall-cmd --permanent --zone=public --add-port=32803/tcp
# LOCKD_UDPPORT
firewall-cmd --permanent --zone=public --add-port=32769/udp
firewall-cmd --reload
{% else %}
# NFS
ufw allow 2049
# rpcbind/sunrpc
ufw allow 111
# MOUNTD_PORT
uf allow 20048
# STATD_PORT
ufw allow 33100
# LOCKD_TCPPORT
ufw allow 32803/tcp
# LOCKD_UDPPORT
ufw allow 32769/udp
{% endif %}
...@@ -32,4 +32,19 @@ nfs-server: ...@@ -32,4 +32,19 @@ nfs-server:
- salt://storagedriver/files/exports.tmpl - salt://storagedriver/files/exports.tmpl
- require: - require:
- pkg: nfs-server - pkg: nfs-server
{% if grains['os_family'] == 'RedHat' %}
/etc/sysconfig/nfs:
{% else %}
/etc/default/nfs-common
{% endif %}
file.managed:
- source: salt://storagedriver/files/nfsconfig
{% if pillar["deployment_mode"] == "multinode" %}
salt://storagedriver/files/openports.sh:
cmd.script:
- template: jinja
{% endif %}
{% endif %} {% endif %}
...@@ -23,8 +23,11 @@ libvirt-bin: ...@@ -23,8 +23,11 @@ libvirt-bin:
service: service:
- running - running
- watch: - watch:
- file: /etc/default/libvirt-bin - file: /etc/default/libvirt-bin
- augeas: libvirtconf - augeas: libvirtconf
{% if grains['os_family'] == 'RedHat' %}
- file: /etc/sysconfig/libvirtd
{% endif %}
{% if grains['os_family'] == 'RedHat' %} {% if grains['os_family'] == 'RedHat' %}
/usr/bin/kvm: /usr/bin/kvm:
...@@ -98,3 +101,28 @@ apparmor: ...@@ -98,3 +101,28 @@ apparmor:
{% endif %} {% endif %}
- group: kvm - group: kvm
- mode: 755 - mode: 755
{% if pillar["deployment_mode"] == "multinode" %}
open_libvirt_ports:
cmd.run:
{% if grains['os_family'] == 'RedHat' %}
- name: >
firewall-cmd --complete-reload ;
firewall-cmd --permanent --zone=public --add-port=49152-49215/tcp ;
firewall-cmd --permanent --zone=public --add-port=16509/tcp ;
firewall-cmd --reload
{% else %}
- name: >
ufw allow 49152:49215/tcp
ufw allow 16509/tcp
{% endif %}
{% endif %}
{% if grains['os_family'] == 'RedHat' %}
/etc/sysconfig/libvirtd:
file.append:
- text: LIBVIRTD_ARGS="--listen"
{% endif %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment