summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPradeep Kilambi <pkilambi@redhat.com>2016-11-10 18:34:40 -0500
committerPradeep Kilambi <pkilambi@redhat.com>2016-11-17 13:39:34 -0500
commita2e0aa4d1c22737511b485b5112d25c84d29d6df (patch)
tree6d9b8c6bbf051a9e46cc20cd7d0aa649803f2871
parent9b4a981f955ea4a187c92e24c980f45c42f9a02a (diff)
Add panko api support to service templates
This integrates panko service api into tripleo heat templates. By default, we will disable this service, an environment service file is included to enable if needed. Depends-On: I35f283bdf8dd0ed979c65633724f0464695130a4 Change-Id: I07da3030c6dc69cce7327b54091da15a0c58798e
-rw-r--r--environments/services/panko.yaml2
-rw-r--r--environments/tls-endpoints-public-dns.yaml3
-rw-r--r--environments/tls-endpoints-public-ip.yaml3
-rw-r--r--environments/tls-everywhere-endpoints-dns.yaml3
-rw-r--r--network/endpoints/endpoint_data.yaml9
-rw-r--r--network/endpoints/endpoint_map.yaml246
-rw-r--r--network/service_net_map.j2.yaml1
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml1
-rw-r--r--puppet/services/ceilometer-base.yaml7
-rw-r--r--puppet/services/panko-api.yaml84
-rw-r--r--puppet/services/panko-base.yaml74
-rw-r--r--roles_data.yaml1
12 files changed, 434 insertions, 0 deletions
diff --git a/environments/services/panko.yaml b/environments/services/panko.yaml
new file mode 100644
index 00000000..28bf99f6
--- /dev/null
+++ b/environments/services/panko.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 79c7599f..70a0d31f 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -53,6 +53,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
+ PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
+ PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
+ PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index a49ca343..21f8876a 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -53,6 +53,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
+ PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
+ PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
+ PankoPublic: {protocol: 'https', port: '13779', host: 'IP_ADDRESS'}
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index c3fbaf49..da7bb974 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -50,6 +50,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
+ PankoAdmin: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
+ PankoInternal: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
+ PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
SaharaAdmin: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
SaharaInternal: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index 1df3b665..aeda0a9f 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -37,6 +37,15 @@ Gnocchi:
net_param: GnocchiApi
port: 8041
+Panko:
+ Internal:
+ net_param: PankoApi
+ Public:
+ net_param: Public
+ Admin:
+ net_param: PankoApi
+ port: 8779
+
Cinder:
Internal:
net_param: CinderApi
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 43fb20cc..5e582d41 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -70,6 +70,9 @@ parameters:
NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS}
+ PankoAdmin: {protocol: http, port: '8779', host: IP_ADDRESS}
+ PankoInternal: {protocol: http, port: '8779', host: IP_ADDRESS}
+ PankoPublic: {protocol: http, port: '8779', host: IP_ADDRESS}
SaharaAdmin: {protocol: http, port: '8386', host: IP_ADDRESS}
SaharaInternal: {protocol: http, port: '8386', host: IP_ADDRESS}
SaharaPublic: {protocol: http, port: '8386', host: IP_ADDRESS}
@@ -5311,6 +5314,249 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, NovaVNCProxyPublic, port]
+ PankoAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, PankoAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PankoApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, PankoAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ port:
+ get_param: [EndpointMap, PankoAdmin, port]
+ protocol:
+ get_param: [EndpointMap, PankoAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, PankoAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, PankoAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PankoApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, PankoAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, PankoAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, PankoAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PankoApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, PankoAdmin, port]
+ PankoInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, PankoInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PankoApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, PankoInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ port:
+ get_param: [EndpointMap, PankoInternal, port]
+ protocol:
+ get_param: [EndpointMap, PankoInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, PankoInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, PankoInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PankoApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, PankoInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, PankoInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, PankoInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PankoApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PankoApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, PankoInternal, port]
+ PankoPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, PankoPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, PankoPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, PankoPublic, port]
+ protocol:
+ get_param: [EndpointMap, PankoPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, PankoPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, PankoPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, PankoPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, PankoPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, PankoPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, PankoPublic, port]
SaharaAdmin:
host:
str_replace:
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index 61c97f13..0cb6571f 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -25,6 +25,7 @@ parameters:
NeutronTenantNetwork: tenant
CeilometerApiNetwork: internal_api
AodhApiNetwork: internal_api
+ PankoApiNetwork: internal_api
BarbicanApiNetwork: internal_api
GnocchiApiNetwork: internal_api
MongodbNetwork: internal_api
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index d6f1ff7d..bb0d0cc2 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -197,6 +197,7 @@ resource_registry:
OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml
OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml
OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml
+ OS::TripleO::Services::PankoApi: OS::Heat::None
OS::TripleO::Services::MistralEngine: OS::Heat::None
OS::TripleO::Services::MistralApi: OS::Heat::None
OS::TripleO::Services::MistralExecutor: OS::Heat::None
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 4ace7526..ded1bc03 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -36,6 +36,12 @@ parameters:
type: string
constraints:
- allowed_values: ['gnocchi', 'database']
+ CeilometerEventDispatcher:
+ default: ['gnocchi']
+ description: Comma-separated list of Dispatchers to process events data
+ type: comma_delimited_list
+ constraints:
+ - allowed_values: ['panko', 'gnocchi', 'database']
CeilometerWorkers:
default: 0
description: Number of workers for Ceilometer service.
@@ -102,6 +108,7 @@ outputs:
ceilometer::agent::auth::auth_tenant_name: 'service'
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
ceilometer::collector::meter_dispatcher: {get_param: CeilometerMeterDispatcher}
+ ceilometer::collector::event_dispatcher: {get_param: CeilometerEventDispatcher}
ceilometer::dispatcher::gnocchi::url: {get_param: [EndpointMap, GnocchiInternal, uri]}
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
new file mode 100644
index 00000000..63f631a0
--- /dev/null
+++ b/puppet/services/panko-api.yaml
@@ -0,0 +1,84 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Panko API service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ MonitoringSubscriptionPankoApi:
+ default: 'overcloud-ceilometer-panko-api'
+ type: string
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+resources:
+ PankoBase:
+ type: ./panko-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
+
+outputs:
+ role_data:
+ description: Role data for the Panko API service.
+ value:
+ service_name: panko_api
+ monitoring_subscription: {get_param: MonitoringSubscriptionPankoApi}
+ config_settings:
+ map_merge:
+ - get_attr: [PankoBase, role_data, config_settings]
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
+ - panko::wsgi::apache::ssl: {get_param: EnableInternalTLS}
+ panko::wsgi::apache::servername:
+ str_replace:
+ template:
+ '"%{::fqdn_$NETWORK}"'
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
+ panko::api::service_name: 'httpd'
+ panko::api::enable_proxy_headers_parsing: true
+ tripleo.panko_api.firewall_rules:
+ '140 panko-api':
+ dport:
+ - 8779
+ - 13779
+ panko::api::host:
+ str_replace:
+ template:
+ '"%{::fqdn_$NETWORK}"'
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
+ # NOTE: bind IP is found in Heat replacing the network name with the
+ # local node IP for the given network; replacement examples
+ # (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ panko::wsgi::apache::bind_host: {get_param: [ServiceNetMap, PankoApiNetwork]}
+ service_config_settings:
+ get_attr: [PankoBase, role_data, service_config_settings]
+ step_config: |
+ include tripleo::profile::base::panko::api
diff --git a/puppet/services/panko-base.yaml b/puppet/services/panko-base.yaml
new file mode 100644
index 00000000..32754a55
--- /dev/null
+++ b/puppet/services/panko-base.yaml
@@ -0,0 +1,74 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Panko service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ PankoPassword:
+ description: The password for the panko services.
+ type: string
+ hidden: true
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+
+outputs:
+ role_data:
+ description: Role data for the Panko role.
+ value:
+ service_name: panko_base
+ config_settings:
+ panko_redis_password: {get_param: RedisPassword}
+ panko::db::database_connection:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://panko:'
+ - {get_param: PankoPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/panko'
+ panko::debug: {get_param: Debug}
+ panko::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ panko::keystone::authtoken::project_name: 'service'
+ panko::keystone::authtoken::password: {get_param: PankoPassword}
+ panko::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ panko::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ panko::auth::auth_password: {get_param: PankoPassword}
+ panko::auth::auth_region: 'regionOne'
+ panko::auth::auth_tenant_name: 'service'
+ service_config_settings:
+ keystone:
+ panko::keystone::auth::public_url: {get_param: [EndpointMap, PankoPublic, uri]}
+ panko::keystone::auth::internal_url: {get_param: [EndpointMap, PankoInternal, uri]}
+ panko::keystone::auth::admin_url: {get_param: [EndpointMap, PankoAdmin, uri]}
+ panko::keystone::auth::password: {get_param: PankoPassword}
+ panko::keystone::auth::region: {get_param: KeystoneRegion}
+ panko::keystone::auth::tenant: 'service'
+ mysql:
+ panko::db::mysql::user: panko
+ panko::db::mysql::password: {get_param: PankoPassword}
+ panko::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ panko::db::mysql::dbname: panko
+ panko::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
diff --git a/roles_data.yaml b/roles_data.yaml
index cc9ee14d..5a8ab868 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -96,6 +96,7 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::VipHosts
- OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::PankoApi
- name: Compute
CountDefault: 1