diff options
-rw-r--r-- | docker/services/ironic-api.yaml | 99 | ||||
-rw-r--r-- | docker/services/ironic-conductor.yaml | 111 | ||||
-rw-r--r-- | docker/services/ironic-pxe.yaml | 131 | ||||
-rw-r--r-- | docker/services/memcached.yaml | 69 | ||||
-rw-r--r-- | docker/services/neutron-api.yaml | 102 | ||||
-rw-r--r-- | docker/services/neutron-dhcp.yaml | 93 | ||||
-rw-r--r-- | docker/services/neutron-plugin-ml2.yaml | 58 | ||||
-rw-r--r-- | environments/deployed-server-pacemaker-environment.yaml | 4 | ||||
-rw-r--r-- | environments/docker.yaml | 30 | ||||
-rw-r--r-- | environments/low-memory-usage.yaml | 4 | ||||
-rw-r--r-- | overcloud-resource-registry-puppet.j2.yaml | 8 | ||||
-rw-r--r-- | puppet/puppet-steps.j2 | 18 | ||||
-rw-r--r-- | puppet/services/README.rst | 17 | ||||
-rw-r--r-- | puppet/services/congress.yaml | 8 | ||||
-rw-r--r-- | puppet/services/heat-api-cfn.yaml | 2 | ||||
-rw-r--r-- | puppet/services/heat-api-cloudwatch.yaml | 2 | ||||
-rw-r--r-- | puppet/services/heat-api.yaml | 2 | ||||
-rw-r--r-- | puppet/services/heat-engine.yaml | 2 | ||||
-rw-r--r-- | puppet/services/nova-api.yaml | 6 | ||||
-rw-r--r-- | puppet/services/tacker.yaml | 7 | ||||
-rw-r--r-- | roles_data.yaml | 4 |
21 files changed, 752 insertions, 25 deletions
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml new file mode 100644 index 00000000..80120568 --- /dev/null +++ b/docker/services/ironic-api.yaml @@ -0,0 +1,99 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Ironic API service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerIronicApiImage: + description: image + default: 'centos-binary-ironic-api:latest' + type: string + DockerIronicConfigImage: + description: image + default: 'centos-binary-ironic-pxe:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + IronicApiBase: + type: ../../puppet/services/ironic-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Ironic API role. + value: + service_name: {get_attr: [IronicApiBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [IronicApiBase, role_data, config_settings] + step_config: {get_attr: [IronicApiBase, role_data, step_config]} + service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + docker_image: &ironic_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIronicApiImage} ] + puppet_tags: ironic_config + config_volume: ironic + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/ironic_api.json: + command: /usr/bin/ironic-api + config_files: + - dest: /etc/ironic/ironic.conf + owner: ironic + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/ironic/ironic.conf + docker_config: + step_3: + ironic_db_sync: + image: *ironic_image + net: host + privileged: false + detach: false + volumes: + - /var/lib/config-data/ironic/etc/:/etc/:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + command: ['ironic-dbsync', '--config-file', '/etc/ironic/ironic.conf'] + step_4: + ironic_api: + start_order: 10 + image: *ironic_image + net: host + privileged: false + restart: always + volumes: + - /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/ironic/:/var/lib/kolla/config_files/src:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml new file mode 100644 index 00000000..945ef3fc --- /dev/null +++ b/docker/services/ironic-conductor.yaml @@ -0,0 +1,111 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Ironic Conductor service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerIronicConductorImage: + description: image + default: 'centos-binary-ironic-conductor:latest' + type: string + DockerIronicConfigImage: + description: image + default: 'centos-binary-ironic-pxe:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + IronicConductorBase: + type: ../../puppet/services/ironic-conductor.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Ironic Conductor role. + value: + service_name: {get_attr: [IronicConductorBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [IronicConductorBase, role_data, config_settings] + # to avoid hard linking errors we store these on the same + # volume/device as the ironic master_path + - ironic::drivers::pxe::tftp_root: /var/lib/ironic/tftpboot + - ironic::drivers::pxe::tftp_master_path: /var/lib/ironic/tftpboot/master_images + - ironic::pxe::tftp_root: /var/lib/ironic/tftpboot + - ironic::pxe::http_root: /var/lib/ironic/httpboot + - ironic::conductor::http_root: /var/lib/ironic/httpboot + step_config: {get_attr: [IronicConductorBase, role_data, step_config]} + service_config_settings: {get_attr: [IronicConductorBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + docker_image: &ironic_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIronicConductorImage} ] + puppet_tags: ironic_config + config_volume: ironic + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/ironic_conductor.json: + command: /usr/bin/ironic-conductor + config_files: + - dest: /etc/ironic/ironic.conf + owner: ironic + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/ironic/ironic.conf + permissions: + - path: /var/lib/ironic/httpboot + owner: ironic:ironic + recurse: true + - path: /var/lib/ironic/tftpboot + owner: ironic:ironic + recurse: true + docker_config: + step_4: + ironic-init-dirs: + image: *ironic_image + user: root + command: ['/bin/bash', '-c', 'mkdir /var/lib/ironic/httpboot && mkdir /var/lib/ironic/tftpboot'] + volumes: + - ironic:/var/lib/ironic + ironic_conductor: + start_order: 80 + image: *ironic_image + net: host + privileged: true + restart: always + volumes: + - /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/ironic/:/var/lib/kolla/config_files/src:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - /lib/modules:/lib/modules:ro + - /sys:/sys + - /dev:/dev + - /run:/run #shared? + - ironic:/var/lib/ironic + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml new file mode 100644 index 00000000..bc7b4677 --- /dev/null +++ b/docker/services/ironic-pxe.yaml @@ -0,0 +1,131 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Ironic PXE service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerIronicPxeImage: + description: image + default: 'centos-binary-ironic-pxe:latest' + type: string + DockerIronicConfigImage: + description: image + default: 'centos-binary-ironic-pxe:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +outputs: + role_data: + description: Role data for the Ironic PXE role. + value: + service_name: ironic_pxe + config_settings: {} + step_config: '' + service_config_settings: {} + # BEGIN DOCKER SETTINGS + docker_image: &ironic_pxe_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIronicPxeImage} ] + puppet_tags: ironic_config + config_volume: ironic + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/ironic_pxe_http.json: + command: /usr/sbin/httpd -DFOREGROUND + config_files: + - dest: /etc/ironic/ironic.conf + owner: ironic + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/ironic/ironic.conf + - dest: /etc/httpd/conf.d/10-ipxe_vhost.conf + owner: root + perm: '0644' + source: /var/lib/kolla/config_files/src/etc/httpd/conf.d/10-ipxe_vhost.conf + - dest: /etc/httpd/conf/httpd.conf + owner: root + perm: '0644' + source: /var/lib/kolla/config_files/src/etc/httpd/conf/httpd.conf + - dest: /etc/httpd/conf/ports.conf + owner: root + perm: '0644' + source: /var/lib/kolla/config_files/src/etc/httpd/conf/ports.conf + /var/lib/kolla/config_files/ironic_pxe_tftp.json: + command: /usr/sbin/in.tftpd --foreground --user root --address 0.0.0.0:69 --map-file /var/lib/ironic/tftpboot/map-file /var/lib/ironic/tftpboot + config_files: + - dest: /etc/ironic/ironic.conf + owner: ironic + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/ironic/ironic.conf + - dest: /var/lib/ironic/tftpboot/chain.c32 + owner: ironic + perm: '0744' + source: /var/lib/kolla/config_files/src/var/lib/ironic/tftpboot/chain.c32 + - dest: /var/lib/ironic/tftpboot/pxelinux.0 + owner: ironic + perm: '0744' + source: /var/lib/kolla/config_files/src/var/lib/ironic/tftpboot/pxelinux.0 + - dest: /var/lib/ironic/tftpboot/ipxe.efi + owner: ironic + perm: '0744' + source: /var/lib/kolla/config_files/src/var/lib/ironic/tftpboot/ipxe.efi + - dest: /var/lib/ironic/tftpboot/undionly.kpxe + owner: ironic + perm: '0744' + source: /var/lib/kolla/config_files/src/var/lib/ironic/tftpboot/undionly.kpxe + - dest: /var/lib/ironic/tftpboot/map-file + owner: root + perm: '0644' + source: /var/lib/kolla/config_files/src/var/lib/ironic/tftpboot/map-file + docker_config: + step_4: + ironic_pxe_tftp: + start_order: 90 + image: *ironic_pxe_image + net: host + privileged: false + restart: always + volumes: + - /var/lib/kolla/config_files/ironic_pxe_tftp.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/ironic/:/var/lib/kolla/config_files/src:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - /dev/log:/dev/log + - ironic:/var/lib/ironic/ + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + ironic_pxe_http: + start_order: 91 + image: *ironic_pxe_image + net: host + privileged: false + restart: always + volumes: + - /var/lib/kolla/config_files/ironic_pxe_http.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/ironic/:/var/lib/kolla/config_files/src:ro + - /var/lib/config-data/ironic/etc/httpd/conf.modules.d:/etc/httpd/conf.modules.d:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - ironic:/var/lib/ironic/ + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml new file mode 100644 index 00000000..d459c825 --- /dev/null +++ b/docker/services/memcached.yaml @@ -0,0 +1,69 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Memcached services + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerMemcachedImage: + description: image + default: 'centos-binary-memcached:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + MemcachedBase: + type: ../../puppet/services/memcached.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Memcached API role. + value: + service_name: {get_attr: [MemcachedBase, role_data, service_name]} + config_settings: {get_attr: [MemcachedBase, role_data, config_settings]} + step_config: {get_attr: [MemcachedBase, role_data, step_config]} + service_config_settings: {get_attr: [MemcachedBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + docker_image: &memcached_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerMemcachedImage} ] + puppet_tags: 'file' + config_volume: 'memcached' + config_image: *memcached_image + kolla_config: {} + docker_config: + step_1: + memcached: + image: *memcached_image + net: host + privileged: false + restart: always + volumes: + - /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; /usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS'] + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml new file mode 100644 index 00000000..e444f391 --- /dev/null +++ b/docker/services/neutron-api.yaml @@ -0,0 +1,102 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Neutron API service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerNeutronApiImage: + description: image + default: 'centos-binary-neutron-server:latest' + type: string + # we configure all neutron services in the same neutron + DockerNeutronConfigImage: + description: image + default: 'centos-binary-neutron-openvswitch-agent:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + NeutronBase: + type: ../../puppet/services/neutron-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Neutron API role. + value: + service_name: {get_attr: [NeutronBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + step_config: {get_attr: [NeutronBase, role_data, step_config]} + service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + docker_image: &neutron_api_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNeutronApiImage} ] + puppet_tags: neutron_config,neutron_api_config + config_volume: neutron + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/neutron_api.json: + command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini + config_files: + - dest: /etc/neutron/neutron.conf + owner: neutron + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/neutron/neutron.conf + - dest: /etc/neutron/plugin.ini + owner: neutron + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/neutron/plugins/ml2/ml2_conf.ini + docker_config: + step_3: + neutron_db_sync: + image: *neutron_api_image + net: host + privileged: false + detach: false + volumes: + - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro + - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + command: ['neutron-db-manage', 'upgrade', 'heads'] + step_4: + neutron_api: + image: *neutron_api_image + net: host + privileged: false + restart: always + volumes: + - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/neutron/:/var/lib/kolla/config_files/src:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml new file mode 100644 index 00000000..fc13b3d1 --- /dev/null +++ b/docker/services/neutron-dhcp.yaml @@ -0,0 +1,93 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Neutron DHCP service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerNeutronApiImage: + description: image + default: 'centos-binary-neutron-dhcp-agent:latest' + type: string + # we configure all neutron services in the same neutron + DockerNeutronConfigImage: + description: image + default: 'centos-binary-neutron-openvswitch-agent:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + NeutronBase: + type: ../../puppet/services/neutron-dhcp.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Neutron DHCP role. + value: + service_name: {get_attr: [NeutronBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + step_config: {get_attr: [NeutronBase, role_data, step_config]} + service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + docker_image: &neutron_dhcp_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNeutronApiImage} ] + puppet_tags: neutron_config,neutron_dhcp_agent_config + config_volume: neutron + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/neutron_dhcp.json: + command: /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file /var/log/neutron/dhcp-agent.log + config_files: + - dest: /etc/neutron/neutron.conf + owner: neutron + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/neutron/neutron.conf + - dest: /etc/neutron/dhcp_agent.ini + owner: neutron + perm: '0640' + source: /var/lib/kolla/config_files/src/etc/neutron/dhcp_agent.ini + docker_config: + step_4: + neutron_dhcp: + image: *neutron_dhcp_image + net: host + pid: host + privileged: true + restart: always + volumes: + - /var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/neutron/:/var/lib/kolla/config_files/src:ro + - /etc/localtime:/etc/localtime:ro + - /etc/hosts:/etc/hosts:ro + - /lib/modules:/lib/modules:ro + - /run/:/run + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/neutron-plugin-ml2.yaml b/docker/services/neutron-plugin-ml2.yaml new file mode 100644 index 00000000..37ab8db2 --- /dev/null +++ b/docker/services/neutron-plugin-ml2.yaml @@ -0,0 +1,58 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Neutron ML2 Plugin configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerNeutronConfigImage: + description: image + default: 'centos-binary-neutron-openvswitch-agent:latest' + type: string + DefaultPasswords: + default: {} + type: json + +resources: + + NeutronBase: + type: ../../puppet/services/neutron-plugin-ml2.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Neutron ML2 Plugin role. + value: + service_name: {get_attr: [NeutronBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + step_config: {get_attr: [NeutronBase, role_data, step_config]} + service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + docker_image: &docker_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ] + puppet_tags: '' + config_volume: 'neutron' + config_image: *docker_image + kolla_config: {} + docker_config: {} diff --git a/environments/deployed-server-pacemaker-environment.yaml b/environments/deployed-server-pacemaker-environment.yaml new file mode 100644 index 00000000..85fa7d2f --- /dev/null +++ b/environments/deployed-server-pacemaker-environment.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Tasks::ControllerDeployedServerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerDeployedServerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerDeployedServerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml diff --git a/environments/docker.yaml b/environments/docker.yaml index 37612b07..ca3715b4 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -5,6 +5,36 @@ resource_registry: OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml OS::TripleO::Services::ComputeNeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml OS::TripleO::Services::NovaCompute: ../docker/services/nova-compute.yaml + OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml + OS::TripleO::Services::GlanceApi: ../docker/services/glance-api.yaml + OS::TripleO::Services::HeatApi: ../docker/services/heat-api.yaml + OS::TripleO::Services::HeatApiCfn: ../docker/services/heat-api-cfn.yaml + OS::TripleO::Services::HeatEngine: ../docker/services/heat-engine.yaml + OS::TripleO::Services::NovaApi: ../docker/services/nova-api.yaml + OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml + OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml + OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml + # FIXME: these need to go into a environments/services-docker dir? + OS::TripleO::Services::NovaIronic: ../docker/services/nova-ironic.yaml + OS::TripleO::Services::IronicApi: ../docker/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: ../docker/services/ironic-conductor.yaml + OS::TripleO::Services::IronicPxe: ../docker/services/ironic-pxe.yaml + OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml + OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml + OS::TripleO::Services::NeutronCorePlugin: ../docker/services/neutron-plugin-ml2.yaml + OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml + OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml + OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml + OS::TripleO::Services::MistralApi: ../docker/services/mistral-api.yaml + OS::TripleO::Services::MistralEngine: ../docker/services/mistral-engine.yaml + OS::TripleO::Services::MistralExecutor: ../docker/services/mistral-executor.yaml + OS::TripleO::Services::Zaqar: ../docker/services/zaqar.yaml + OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml + OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml + OS::TripleO::Services::Memcached: ../docker/services/memcached.yaml + OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml + OS::TripleO::Services::SwiftStorage: ../docker/services/swift-storage.yaml + OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml OS::TripleO::PostDeploySteps: ../docker/post.yaml OS::TripleO::Services: ../docker/services/services.yaml diff --git a/environments/low-memory-usage.yaml b/environments/low-memory-usage.yaml index 47b2003d..3a606336 100644 --- a/environments/low-memory-usage.yaml +++ b/environments/low-memory-usage.yaml @@ -11,8 +11,8 @@ parameter_defaults: SwiftWorkers: 1 GnocchiMetricdWorkers: 1 - ApacheMaxRequestWorkers: 32 - ApacheServerLimit: 32 + ApacheMaxRequestWorkers: 100 + ApacheServerLimit: 100 ControllerExtraConfig: 'nova::network::neutron::neutron_url_timeout': '60' diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index df94a3fe..1360d0be 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -69,8 +69,10 @@ resource_registry: OS::TripleO::NodeExtraConfig: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml - OS::TripleO::Tasks::ControllerPrePuppet: OS::Heat::None - OS::TripleO::Tasks::ControllerPostPuppet: OS::Heat::None +{% for role in roles %} + OS::TripleO::Tasks::{{role.name}}PrePuppet: OS::Heat::None + OS::TripleO::Tasks::{{role.name}}PostPuppet: OS::Heat::None +{% endfor %} # "AllNodes" Extra cluster config, runs on all nodes prior to the post_deploy # phase, e.g when puppet is applied, but after the pre_deploy phase. Useful when @@ -221,7 +223,7 @@ resource_registry: OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml - OS::TripleO::Services::PankoApi: OS::Heat::None + OS::TripleO::Services::PankoApi: puppet/services/panko-api.yaml OS::TripleO::Services::MistralEngine: OS::Heat::None OS::TripleO::Services::MistralApi: OS::Heat::None OS::TripleO::Services::MistralExecutor: OS::Heat::None diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2 index b517db6e..581c4f0d 100644 --- a/puppet/puppet-steps.j2 +++ b/puppet/puppet-steps.j2 @@ -23,14 +23,12 @@ properties: StepConfig: {list_join: ["\n", {get_param: [role_data, {{role.name}}, step_config]}]} - {% if role.name == 'Controller' %} - ControllerPrePuppet: - type: OS::TripleO::Tasks::ControllerPrePuppet + {{role.name}}PrePuppet: + type: OS::TripleO::Tasks::{{role.name}}PrePuppet properties: - servers: {get_param: [servers, Controller]} + servers: {get_param: [servers, {{role.name}}]} input_values: update_identifier: {get_param: DeployIdentifier} - {% endif %} {% if role.name in ['Controller', 'ObjectStorage'] %} {{role.name}}SwiftRingDeploy: @@ -82,16 +80,14 @@ properties: servers: {get_param: [servers, {{role.name}}]} - {% if role.name == 'Controller' %} - ControllerPostPuppet: + {{role.name}}PostPuppet: depends_on: - - ControllerExtraConfigPost - type: OS::TripleO::Tasks::ControllerPostPuppet + - {{role.name}}ExtraConfigPost + type: OS::TripleO::Tasks::{{role.name}}PostPuppet properties: - servers: {get_param: [servers, Controller]} + servers: {get_param: [servers, {{role.name}}]} input_values: update_identifier: {get_param: DeployIdentifier} - {% endif %} {% if role.name in ['Controller', 'ObjectStorage'] %} {{role.name}}SwiftRingUpdate: diff --git a/puppet/services/README.rst b/puppet/services/README.rst index 9c2d8c5c..e5c11535 100644 --- a/puppet/services/README.rst +++ b/puppet/services/README.rst @@ -19,8 +19,21 @@ environment to set per service parameters. Config Settings --------------- -Each service may define a config_settings output variable which returns -Hiera settings to be configured. +Each service may define three ways in which to output variables to configure Hiera +settings on the nodes. + + * config_settings: the hiera keys will be pushed on all roles of which the service + is a part of. + + * global_config_settings: the hiera keys will be distributed to all roles + + * service_config_settings: Takes an extra key to wire in values that are + defined for a service that need to be consumed by some other service. + For example: + service_config_settings: + haproxy: + foo: bar + This will set the hiera key 'foo' on all roles where haproxy is included. Deployment Steps ---------------- diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml index aa8d9a9a..6855a838 100644 --- a/puppet/services/congress.yaml +++ b/puppet/services/congress.yaml @@ -87,3 +87,11 @@ outputs: step_config: | include ::tripleo::profile::base::congress + + upgrade_tasks: + - name: "PreUpgrade step0,validation: Check service openstack-congress-server is running" + shell: /usr/bin/systemctl show 'openstack-congress-server' --property ActiveState | grep '\bactive\b' + tags: step0,validation + - name: Stop congress service + tags: step2 + service: name=openstack-congress-server state=stopped diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index 7bd2fcf1..3ae4cc70 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -86,7 +86,7 @@ outputs: heat::keystone::auth_cfn::region: {get_param: KeystoneRegion} upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-heat-api-cfn is running" - shell: echo o/ #TODO uncomment when /#/c/423302/ : /usr/bin/systemctl show 'openstack-heat-api-cfn' --property ActiveState | grep '\bactive\b' + shell: /usr/bin/systemctl show 'openstack-heat-api-cfn' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_api_cfn service tags: step2 diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index 0954ad19..56183535 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -68,7 +68,7 @@ outputs: include ::tripleo::profile::base::heat::api_cloudwatch upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-heat-api-cloudwatch is running" - shell: echo o/ #TODO uncomment when /#/c/423302/ : /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b' + shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_api_cloudwatch service tags: step2 diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index ae656b1e..38c5b479 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -86,7 +86,7 @@ outputs: heat::keystone::auth::region: {get_param: KeystoneRegion} upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-heat-api is running" - shell: echo o/ #TODO uncomment when /#/c/423302/ : /usr/bin/systemctl show 'openstack-heat-api' --property ActiveState | grep '\bactive\b' + shell: /usr/bin/systemctl show 'openstack-heat-api' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_api service tags: step2 diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index f7ec9a41..7787d0a7 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -138,7 +138,7 @@ outputs: tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword} upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-heat-engine is running" - shell: echo o/ #TODO uncomment when /#/c/423302/ : /usr/bin/systemctl show 'openstack-heat-engine' --property ActiveState | grep '\bactive\b' + shell: /usr/bin/systemctl show 'openstack-heat-engine' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_engine service tags: step2 diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index d18b5b48..0adefecd 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -194,12 +194,12 @@ outputs: tags: step0,pre-upgrade when: is_bootstrap_node command: nova-manage db online_data_migrations - - name: update nova api - tags: step2 - yum: name=openstack-nova-api state=latest - name: Stop and disable nova_api service (pre-upgrade not under httpd) tags: step2 service: name=openstack-nova-api state=stopped enabled=no + - name: update nova api + tags: step2 + yum: name=openstack-nova-api state=latest - name: Create puppet manifest to set transport_url in nova.conf tags: step5 when: is_bootstrap_node diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml index 1ac165d4..6ceb9f19 100644 --- a/puppet/services/tacker.yaml +++ b/puppet/services/tacker.yaml @@ -88,3 +88,10 @@ outputs: step_config: | include ::tripleo::profile::base::tacker + upgrade_tasks: + - name: "PreUpgrade step0,validation: Check service openstack-tacker-server is running" + shell: /usr/bin/systemctl show 'openstack-tacker-server' --property ActiveState | grep '\bactive\b' + tags: step0,validation + - name: Stop tacker service + tags: step2 + service: name=openstack-tacker-server state=stopped diff --git a/roles_data.yaml b/roles_data.yaml index 70193cf1..9e3b0a18 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -17,6 +17,10 @@ # disable_constraints: (boolean) optional, whether to disable Nova and Glance # constraints for each role specified in the templates. # +# disable_upgrade_deployment: (boolean) optional, whether to run the +# ansible upgrade steps for all services that are deployed on the role. If set +# to True, the operator will drive the upgrade for this role's nodes. +# # upgrade_batch_size: (number): batch size for upgrades where tasks are # specified by services to run in batches vs all nodes at once. # This defaults to 1, but larger batches may be specified here. |