Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- node 'vsim' {
- # SVM creation
- netapp_vserver { 'openstack_svm' :
- ensure => present,
- allowedprotos => ["nfs", "cifs", "iscsi"],
- rootvol => "vsim_root",
- language => "c.UTF-8",
- rootvolsecstyle => "unix",
- rootvolaggr => "aggr1_1",
- aggregatelist => ["aggr1_1"]
- }
- #Create an NFS/CIFS lif
- netapp_lif { 'openstack_svm_lif':
- ensure => present,
- vserver => "openstack_svm",
- role => "data",
- administrativestatus => "up",
- dataprotocols => ["nfs","cifs"],
- address => "172.32.0.183",
- homenode => "vsim-01",
- homeport => "e0c",
- netmask => "255.255.255.0"
- }
- # Security role creation
- #Cinder sections
- #All installs
- netapp_security_login_role {'vserver:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'system node:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'security:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'security login role:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'statistics:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'statistics catalog counter:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'statistics catalog instance:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'statistics catalog:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'storage disk:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'storage aggregate:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'network interface:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'volume efficiency:cinder_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'qos policy-group:cinder_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'version:cinder_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'event:cinder_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'volume file clone:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'volume file clone split:cinder_cli:vsim':
- ensure => present,
- access_level => readonly,
- }
- netapp_security_login_role {'volume snapshot:cinder_cli:vsim':
- ensure => present,
- }
- #With NFS
- netapp_security_login_role {'volume file:cinder_cli:vsim':
- ensure => present,
- }
- #With iscsi or fc
- # netapp_security_login_role {'lun:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'lun mapping:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'lun igroup:cinder_cli:vsim':
- # ensure => present,
- # }
- #With iscsi
- # netapp_security_login_role {'vserver iscsi interface:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'vserver iscsi security:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'vserver iscsi:cinder_cli:vsim':
- # ensure => present,
- # access_level => readonly,
- # }
- #With FC
- # netapp_security_login_role {'vserver fcp portname:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'vserver fcp interface:cinder_cli:vsim':
- # ensure => present,
- # access_level => readonly,
- # }
- # netapp_security_login_role {'vserver fcp:cinder_cli:vsim':
- # ensure => present,
- # access_level => readonly,
- # }
- #With replication
- # netapp_security_login_role {'snapmirror:cinder_cli:vsim':
- # ensure => present,
- # access_level => readonly,
- # }
- # netapp_security_login_role {'volume:cinder_cli:vsim':
- # ensure => present,
- # access_level => readonly,
- # }
- #With Cheesecake
- # netapp_security_login_role {'cluster peer:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'cluster peer policy:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'vserver peer:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'snapmirror:cinder_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'volume:cinder_cli:vsim':
- # ensure => present,
- # }
- #Creating the user
- netapp_security_login {'ontapi:password:cinder_cli:vsim':
- ensure => present,
- role_name => "cinder_cli",
- password => "MyP@$\$w0rd",
- }
- #If iSCSI
- netapp_security_login {'ssh:password:cinder_cli:vsim':
- ensure => present,
- role_name => "cinder_cli",
- password => "MyP@$\$w0rd",
- }
- #Manila sections
- #All configurations (Requires Cluster-level admin account)
- netapp_security_login_role {'vserver cifs share:manila_cli:vsim':
- ensure => present,
- access_level => all,
- }
- netapp_security_login_role {'event:manila_cli:vsim':
- ensure => present,
- access_level => all,
- }
- netapp_security_login_role {'network interface:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'vserver export-policy:manila_cli:vsim':
- ensure => present,
- access_level => all,
- }
- netapp_security_login_role {'volume snapshot:manila_cli:vsim':
- ensure => present,
- access_level => all,
- }
- netapp_security_login_role {'version:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'system node:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'volume:manila_cli:vsim':
- ensure => present,
- access_level => all,
- }
- netapp_security_login_role {'vserver:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'security:manila_cli:vsim':
- ensure => present,
- }
- #With share server management (Requires Cluster-level admin account)
- # netapp_security_login_role {'cifs create:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'cifs delete:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'kerberos-config:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'kerberos-realm:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'ldap client:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'ldap create:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'license:manila_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'dns create:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'network interface:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'network port:manila_cli:vsim':
- # ensure => present,
- # }
- # netapp_security_login_role {'network port vlan:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'vserver:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- # netapp_security_login_role {'qos policy-group:manila_cli:vsim':
- # ensure => present,
- # access_level => all,
- # }
- #Without share server management (requires cluster-wide admin account)
- netapp_security_login_role {'license:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'storage aggregate:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'storage disk:manila_cli:vsim':
- ensure => present,
- }
- netapp_security_login_role {'qos policy-group:manila_cli:vsim':
- ensure => present,
- access_level => all,
- }
- #Creating the user
- netapp_security_login {'ontapi:password:manila_cli:vsim':
- ensure => present,
- role_name => "manila_cli",
- password => "MyP@$\$w0rd",
- }
- }
- node 'openstack_svm.vsim' {
- #Export policy and rule creation
- #Create export policy OpenStack
- netapp_export_policy { 'exp_openstack':
- ensure => present,
- }
- #Create rule(s) for OpenStack nodes (Repeat for every node in cluster, or set subnet for client match. i.e. 172.32.0.0/24)
- netapp_export_rule {'exp_openstack:1':
- ensure => present,
- clientmatch => "172.32.0.155",
- rorule => ["any"],
- rwrule => ["any"],
- superusersecurity => ["any"],
- }
- #Volume creation
- #Volume for Cinder
- netapp_volume { 'cinder_vol' :
- ensure => present,
- aggregate => "aggr1_1",
- initsize => "100g",
- state => "online",
- exportpolicy => "exp_openstack",
- spaceres => 'none',
- snapreserve => "0"
- }
- #Volume for Glance
- netapp_volume { 'glance_vol' :
- ensure => present,
- aggregate => "aggr1_1",
- initsize => "50g",
- state => "online",
- exportpolicy => "exp_openstack",
- spaceres => 'none',
- snapreserve => "0"
- }
- #Volume for Cinder
- netapp_volume { 'nova_vol' :
- ensure => present,
- aggregate => "aggr1_1",
- initsize => "50g",
- state => "online",
- exportpolicy => "exp_openstack",
- spaceres => 'none',
- snapreserve => "0"
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement