diff options
author | Dan Prince <dprince@redhat.com> | 2015-01-14 14:58:35 -0500 |
---|---|---|
committer | Dan Prince <dprince@redhat.com> | 2015-01-27 09:04:37 -0500 |
commit | 7f09f73a314ac0412a4410582a143899acf0528c (patch) | |
tree | 07755f7322cb5f905b1ccd60a7181a8afca9d279 /controller.yaml | |
parent | c0328095f17796fb1b87a1da355f40dda10c06fe (diff) |
Controller: consolidated nested stack
In I228216a0b55ff2d384b281d9ad2a61b93d58dab9 we split
out just the Controller software config in an effort
to provide hooks for alternate implementations (puppet).
This sort of worked but caused quirky ordering issues
with signal handling. It also causes problems for Tuskar
which would prefer to think of these nested stacks and
not have us split out just the software configs like this.
This patch moves all the controller related stuff for
our two implementations:
controller.yaml: is used by os-apply-config (uses the
tripleo-image-elements)
controller-puppet.yaml: uses stackforge puppet-* modules for
configuration
By duplicating the entire controller in this manner we make
it much easier to create dependencies and implement proper
signal handling. The only (temporary) downside is the duplication
of parameters most of which will eventually go away when we move towards
using the global parameters via Heat environment files instead.
Change-Id: Iaf3c889d7c8815f862308cd8e15ce1010059f5c6
Diffstat (limited to 'controller.yaml')
-rw-r--r-- | controller.yaml | 231 |
1 files changed, 224 insertions, 7 deletions
diff --git a/controller.yaml b/controller.yaml index 9b7e3e0c..4ab62d5d 100644 --- a/controller.yaml +++ b/controller.yaml @@ -401,12 +401,6 @@ resources: bridge_name: br-ex interface_name: {get_param: NeutronPublicInterface} - ControllerConfig: - type: OS::TripleO::Controller::SoftwareConfig - properties: - # allow configs to create sub-resources attached to the controller - controller_id: {get_resource: Controller} - ControllerPassthroughConfig: type: OS::Heat::StructuredConfig properties: @@ -419,11 +413,233 @@ resources: group: os-apply-config config: {get_input: passthrough_config_specific} + ControllerConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + admin-password: {get_input: admin_password} + admin-token: {get_input: admin_token} + bootstack: + public_interface_ip: {get_input: neutron_public_interface_ip} + bootstrap_host: + nodeid: {get_input: bootstack_nodeid} + cinder: + db: {get_input: cinder_dsn} + debug: {get_input: debug} + volume_size_mb: {get_input: cinder_lvm_loop_device_size} + service-password: {get_input: cinder_password} + iscsi-helper: {get_input: CinderISCSIHelper} + controller-address: {get_input: controller_host} + corosync: + bindnetaddr: {get_input: controller_host} + mcastport: 5577 + pacemaker: + stonith_enabled : false + recheck_interval : 5 + quorum_policy : ignore + db-password: unset + glance: + registry: + host: {get_input: controller_virtual_ip} + backend: swift + db: {get_input: glance_dsn} + debug: {get_input: debug} + host: {get_input: controller_virtual_ip} + port: {get_input: glance_port} + protocol: {get_input: glance_protocol} + service-password: {get_input: glance_password} + swift-store-user: service:glance + swift-store-key: {get_input: glance_password} + notifier-strategy: {get_input: glance_notifier_strategy} + log-file: {get_input: glance_log_file} + heat: + admin_password: {get_input: heat_password} + admin_tenant_name: service + admin_user: heat + auth_encryption_key: unset___________ + db: {get_input: heat_dsn} + debug: {get_input: debug} + stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} + watch_server_url: {get_input: heat.watch_server_url} + metadata_server_url: {get_input: heat.metadata_server_url} + waitcondition_server_url: {get_input: heat.waitcondition_server_url} + keystone: + db: {get_input: keystone_dsn} + debug: {get_input: debug} + host: {get_input: controller_virtual_ip} + ca_certificate: {get_input: keystone_ca_certificate} + signing_key: {get_input: keystone_signing_key} + signing_certificate: {get_input: keystone_signing_certificate} + ssl: + certificate: {get_input: keystone_ssl_certificate} + certificate_key: {get_input: keystone_ssl_certificate_key} + mysql: + innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} + local_bind: true + root-password: {get_input: mysql_root_password} + cluster_name: {get_input: mysql_cluster_name} + neutron: + debug: {get_input: debug} + flat-networks: {get_input: neutron_flat_networks} + host: {get_input: controller_virtual_ip} + metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} + agent_mode: {get_input: neutron_agent_mode} + router_distributed: {get_input: neutron_router_distributed} + mechanism_drivers: {get_input: neutron_mechanism_drivers} + allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} + l3_ha: {get_input: neutron_l3_ha} + ovs: + enable_tunneling: {get_input: neutron_enable_tunneling} + local_ip: {get_input: controller_host} + network_vlan_ranges: {get_input: neutron_network_vlan_ranges} + bridge_mappings: {get_input: neutron_bridge_mappings} + public_interface: {get_input: neutron_public_interface} + public_interface_raw_device: {get_input: neutron_public_interface_raw_device} + public_interface_route: {get_input: neutron_public_interface_default_route} + public_interface_tag: {get_input: neutron_public_interface_tag} + physical_bridge: br-ex + tenant_network_type: {get_input: neutron_tenant_network_type} + tunnel_types: {get_input: neutron_tunnel_types} + ovs_db: {get_input: neutron_dsn} + service-password: {get_input: neutron_password} + dnsmasq-options: {get_input: neutron_dnsmasq_options} + ceilometer: + db: {get_input: ceilometer_dsn} + debug: {get_input: debug} + metering_secret: {get_input: ceilometer_metering_secret} + service-password: {get_input: ceilometer_password} + snmpd: + export_MIB: UCD-SNMP-MIB + readonly_user_name: {get_input: snmpd_readonly_user_name} + readonly_user_password: {get_input: snmpd_readonly_user_password} + nova: + compute_driver: libvirt.LibvirtDriver + db: {get_input: nova_dsn} + default_floating_pool: + ext-net + host: {get_input: controller_virtual_ip} + metadata-proxy: true + service-password: {get_input: nova_password} + rabbit: + host: {get_input: controller_virtual_ip} + username: {get_input: rabbit_username} + password: {get_input: rabbit_password} + cookie: {get_input: rabbit_cookie} + rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl} + rabbit_port: {get_input: rabbit_client_port} + ntp: + servers: + - {server: {get_input: ntp_server}} + virtual_interfaces: + instances: + - vrrp_instance_name: VI_CONTROL + virtual_router_id: 51 + keepalive_interface: {get_input: control_virtual_interface} + priority: 101 + virtual_ips: + - ip: {get_input: controller_virtual_ip} + interface: {get_input: control_virtual_interface} + - vrrp_instance_name: VI_PUBLIC + virtual_router_id: 52 + keepalive_interface: {get_input: public_virtual_interface} + priority: 101 + virtual_ips: + - ip: {get_input: public_virtual_ip} + interface: {get_input: public_virtual_interface} + vrrp_sync_groups: + - name: VG1 + members: + - VI_CONTROL + - VI_PUBLIC + keepalived: + keepalive_interface: {get_input: public_virtual_interface} + priority: 101 + virtual_ips: + - + ip: {get_input: controller_virtual_ip} + interface: {get_input: control_virtual_interface} + - + ip: {get_input: public_virtual_ip} + interface: {get_input: public_virtual_interface} + haproxy: + net_binds: + - ip: {get_input: controller_virtual_ip} + options: + - option httpchk GET / + services: + - name: keystone_admin + port: 35357 + net_binds: &public_binds + - ip: {get_input: controller_virtual_ip} + - ip: {get_input: public_virtual_ip} + - name: keystone_public + port: 5000 + net_binds: *public_binds + - name: horizon + port: 80 + net_binds: *public_binds + - name: neutron + port: 9696 + net_binds: *public_binds + - name: cinder + port: 8776 + net_binds: *public_binds + - name: glance_api + port: 9292 + net_binds: *public_binds + - name: glance_registry + port: 9191 + net_binds: *public_binds + options: # overwrite options as glace_reg needs auth for http req + - name: heat_api + port: 8004 + net_binds: *public_binds + - name: heat_cloudwatch + port: 8003 + net_binds: *public_binds + - name: heat_cfn + port: 8000 + net_binds: *public_binds + - name: mysql + port: 3306 + extra_server_params: + - backup + options: + - timeout client 0 + - timeout server 0 + - name: nova_ec2 + port: 8773 + - name: nova_osapi + port: 8774 + net_binds: *public_binds + - name: nova_metadata + port: 8775 + net_binds: *public_binds + - name: nova_novncproxy + port: 6080 + net_binds: *public_binds + - name: ceilometer + port: 8777 + net_binds: *public_binds + options: # overwrite options as ceil needs auth for http req + - name: swift_proxy_server + port: 8080 + net_binds: *public_binds + options: + - option httpchk GET /info + - name: rabbitmq + port: 5672 + options: + - timeout client 0 + - timeout server 0 + - maxconn 1500 + ControllerDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [ControllerConfig, config_id]} + config: {get_resource: ControllerConfig} server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} @@ -504,6 +720,7 @@ resources: neutron_router_distributed: {get_param: NeutronDVR} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} + neutron_l3_ha: {get_param: NeutronL3HA} neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} neutron_bridge_mappings: {get_param: NeutronBridgeMappings} neutron_public_interface: {get_param: NeutronPublicInterface} |