summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--capabilities-map.yaml4
-rw-r--r--docker/compute-post.yaml44
-rw-r--r--docker/firstboot/start_docker_agents.sh19
-rw-r--r--environments/docker-network-isolation.yaml6
-rw-r--r--environments/docker.yaml2
-rw-r--r--environments/enable-tls.yaml9
-rw-r--r--environments/external-loadbalancer-vip-v6.yaml38
-rw-r--r--environments/external-loadbalancer-vip.yaml7
-rw-r--r--environments/ips-from-pool-all.yaml75
-rw-r--r--environments/major-upgrade-pacemaker-init.yaml (renamed from environments/major-upgrade-script-delivery.yaml)2
-rw-r--r--environments/network-isolation-v6.yaml6
-rw-r--r--environments/puppet-ceph-devel.yaml3
-rw-r--r--extraconfig/tasks/major_upgrade_block_storage.sh8
-rw-r--r--extraconfig/tasks/major_upgrade_ceph_storage.sh35
-rw-r--r--extraconfig/tasks/major_upgrade_object_storage.sh7
-rw-r--r--extraconfig/tasks/major_upgrade_pacemaker.yaml16
-rw-r--r--extraconfig/tasks/major_upgrade_pacemaker_init.yaml128
-rw-r--r--extraconfig/tasks/major_upgrade_script_delivery.yaml65
-rwxr-xr-xextraconfig/tasks/pacemaker_common_functions.sh21
-rw-r--r--net-config-bond.yaml6
-rw-r--r--network/endpoints/endpoint_data.yaml9
-rw-r--r--network/endpoints/endpoint_map.yaml118
-rw-r--r--network/management.yaml2
-rw-r--r--network/ports/external_from_pool.yaml2
-rw-r--r--network/ports/external_from_pool_v6.yaml54
-rw-r--r--network/ports/from_service.yaml8
-rw-r--r--network/ports/from_service_v6.yaml42
-rw-r--r--network/ports/internal_api_from_pool.yaml2
-rw-r--r--network/ports/internal_api_from_pool_v6.yaml54
-rw-r--r--network/ports/net_vip_map_external_v6.yaml95
-rw-r--r--network/ports/storage_from_pool.yaml2
-rw-r--r--network/ports/storage_from_pool_v6.yaml54
-rw-r--r--network/ports/storage_mgmt_from_pool.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool_v6.yaml54
-rw-r--r--network/ports/tenant_from_pool.yaml2
-rw-r--r--network/ports/tenant_from_pool_v6.yaml53
-rw-r--r--overcloud.yaml27
-rw-r--r--puppet/ceph-cluster-config.yaml15
-rw-r--r--puppet/ceph-storage.yaml18
-rw-r--r--puppet/cinder-storage.yaml21
-rw-r--r--puppet/compute.yaml34
-rw-r--r--puppet/controller.yaml68
-rw-r--r--puppet/extraconfig/ceph/ceph-external-config.yaml8
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml2
-rw-r--r--puppet/extraconfig/tls/ca-inject.yaml2
-rw-r--r--puppet/extraconfig/tls/tls-cert-inject.yaml4
-rw-r--r--puppet/hieradata/compute.yaml1
-rw-r--r--puppet/hieradata/controller.yaml8
-rw-r--r--puppet/manifests/overcloud_cephstorage.pp8
-rw-r--r--puppet/manifests/overcloud_compute.pp38
-rw-r--r--puppet/manifests/overcloud_controller.pp82
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp73
-rw-r--r--puppet/manifests/overcloud_object.pp2
-rw-r--r--puppet/manifests/overcloud_volume.pp2
-rw-r--r--puppet/swift-storage.yaml28
-rwxr-xr-xtools/yaml-validate.py11
57 files changed, 1175 insertions, 333 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml
index f47eb9ad..c7816b7e 100644
--- a/capabilities-map.yaml
+++ b/capabilities-map.yaml
@@ -5,7 +5,7 @@
# root_template: identifies repository's root template
# root_environment: identifies root_environment, this one is special in terms of
# order in which the environments are merged before deploying. This one serves as
-# a base and it's parameters/resource_registry gets overriden by other environments
+# a base and it's parameters/resource_registry gets overridden by other environments
# if used.
# topics:
@@ -21,7 +21,7 @@
# Attributes:
# title: (optional)
# description: (optional)
-# tags: a list of tags to provide aditional information for e.g. filtering (optional)
+# tags: a list of tags to provide additional information for e.g. filtering (optional)
# environments: (required)
# environments:
diff --git a/docker/compute-post.yaml b/docker/compute-post.yaml
index 8f9e9627..4532549f 100644
--- a/docker/compute-post.yaml
+++ b/docker/compute-post.yaml
@@ -17,8 +17,6 @@ parameters:
type: string
DockerLibvirtImage:
type: string
- DockerNeutronAgentImage:
- type: string
DockerOpenvswitchImage:
type: string
DockerOvsVswitchdImage:
@@ -33,17 +31,12 @@ parameters:
default: "/etc/nova/nova.conf"
NeutronOpenvswitchAgentConfig:
type: string
- default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/ml2/ml2_conf.ini"
- NeutronAgentConfig:
- type: string
default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini"
- NeutronAgentPluginVolume:
+ NeutronOpenvswitchAgentPluginVolume:
type: string
- description: The neutron agent plugin to mount into the neutron-agents container
default: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/ovs_neutron_plugin.ini:ro"
- NeutronAgentOvsVolume:
+ NeutronOpenvswitchAgentOvsVolume:
type: string
- description: The neutron agent ovs agents to mount into the neutron-agents container
default: " "
resources:
@@ -99,7 +92,6 @@ resources:
- name: libvirt_config
- name: nova_config
- name: neutron_openvswitch_agent_config
- - name: neutron_agent_config
config: |
#!/bin/python
import json
@@ -112,13 +104,11 @@ resources:
libvirt_config = os.getenv('libvirt_config').split(',')
nova_config = os.getenv('nova_config').split(',')
neutron_openvswitch_agent_config = os.getenv('neutron_openvswitch_agent_config').split(',')
- neutron_agent_config = os.getenv('neutron_agent_config').split(',')
# Command, Config_files, Owner, Perms
services = {'nova-libvirt': ['/usr/sbin/libvirtd', libvirt_config, 'root', libvirt_perms],
'nova-compute': ['/usr/bin/nova-compute', nova_config, 'nova', file_perms],
'neutron-openvswitch-agent': ['/usr/bin/neutron-openvswitch-agent', neutron_openvswitch_agent_config, 'neutron', file_perms],
- 'neutron-agent': ['/usr/bin/neutron-openvswitch-agent', neutron_agent_config, 'neutron', file_perms],
'ovs-vswitchd': ['/usr/sbin/ovs-vswitchd unix:/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --log-file=/var/log/openvswitch/ovs-vswitchd.log'],
'ovsdb-server': ['/usr/sbin/ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/run/openvswitch/db.sock --log-file=/var/log/openvswitch/ovsdb-server.log']
}
@@ -171,7 +161,6 @@ resources:
libvirt_config: {get_param: LibvirtConfig}
nova_config: {get_param: NovaConfig}
neutron_openvswitch_agent_config: {get_param: NeutronOpenvswitchAgentConfig}
- neutron_agent_config: {get_param: NeutronAgentConfig}
NovaComputeContainersDeploymentOVS:
type: OS::Heat::StructuredDeployments
@@ -291,27 +280,7 @@ resources:
properties:
group: docker-compose
config:
- openvswitch:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ]
- net: host
- privileged: true
- restart: always
- volumes:
- - /run:/run
- - /lib/modules:/lib/modules:ro
- - /var/lib/etc-data/json-config/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json
- - /var/lib/etc-data/neutron/neutron.conf:/etc/kolla/neutron-openvswitch-agent/:ro
- - /var/lib/etc-data/neutron/plugins/ml2/ml2_conf.ini:/var/lib/kolla/config_files/ml2_conf.ini:ro
- - /var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- volumes_from:
- - computedata
-
- neutronagent:
+ neutronovsagent:
image:
list_join:
- '/'
@@ -326,10 +295,11 @@ resources:
- list_join:
- ","
- [ "/run:/run", "/lib/modules:/lib/modules:ro",
- "/var/lib/etc-data/json-config/neutron-agent.json:/var/lib/kolla/config_files/config.json",
+ "/var/lib/etc-data/json-config/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json",
"/var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro",
- {get_param: NeutronAgentPluginVolume},
- {get_param: NeutronAgentOvsVolume} ]
+ "/var/lib/etc-data/neutron/plugins/ml2/ml2_conf.ini:/var/lib/kolla/config_files/ml2_conf.ini:ro",
+ {get_param: NeutronOpenvswitchAgentPluginVolume},
+ {get_param: NeutronOpenvswitchAgentOvsVolume} ]
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
volumes_from:
diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh
index 963c7eee..bb458a68 100644
--- a/docker/firstboot/start_docker_agents.sh
+++ b/docker/firstboot/start_docker_agents.sh
@@ -73,3 +73,22 @@ chmod 0640 /etc/systemd/system/heat-docker-agents.service
# Disable NetworkManager and let the ifup/down scripts work properly.
/usr/bin/systemctl disable NetworkManager
/usr/bin/systemctl stop NetworkManager
+
+# Atomic's root partition & logical volume defaults to 3G. In order to launch
+# larger VMs, we need to enlarge the root logical volume and scale down the
+# docker_pool logical volume. We are allocating 80% of the disk space for
+# vm data and the remaining 20% for docker images.
+ATOMIC_ROOT='/dev/mapper/atomicos-root'
+ROOT_DEVICE=`pvs -o vg_name,pv_name --no-headings | grep atomicos | awk '{ print $2}'`
+
+growpart $( echo "${ROOT_DEVICE}" | sed -r 's/([^0-9]*)([0-9]+)/\1 \2/' )
+pvresize "${ROOT_DEVICE}"
+lvresize -l +80%FREE "${ATOMIC_ROOT}"
+xfs_growfs "${ATOMIC_ROOT}"
+
+cat <<EOF > /etc/sysconfig/docker-storage-setup
+GROWPART=true
+AUTO_EXTEND_POOL=yes
+POOL_AUTOEXTEND_PERCENT=30
+POOL_AUTOEXTEND_THRESHOLD=70
+EOF
diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml
index 257d03dc..87c81d0b 100644
--- a/environments/docker-network-isolation.yaml
+++ b/environments/docker-network-isolation.yaml
@@ -1,4 +1,4 @@
parameter_defaults:
- NeutronAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini"
- NeutronAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro"
- NeutronAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro"
+ NeutronOpenvswitchAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini"
+ NeutronOpenvswitchAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro"
+ NeutronOpenvswitchAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro"
diff --git a/environments/docker.yaml b/environments/docker.yaml
index 7c6dc407..be21d842 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -14,9 +14,9 @@ parameter_defaults:
DockerNamespaceIsRegistry: false
# Compute Node Images
DockerComputeImage: centos-binary-nova-compute:latest
+ DockerAgentImage: heat-docker-agents:latest
DockerComputeDataImage: centos-binary-data:latest
DockerLibvirtImage: centos-binary-nova-libvirt:latest
- DockerNeutronAgentImage: centos-binary-neutron-agents:latest
DockerOpenvswitchImage: centos-binary-neutron-openvswitch-agent:latest
DockerOvsVswitchdImage: centos-binary-openvswitch-vswitchd:latest
DockerOpenvswitchDBImage: centos-binary-openvswitch-db-server:latest
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml
index b895f86a..70181278 100644
--- a/environments/enable-tls.yaml
+++ b/environments/enable-tls.yaml
@@ -17,9 +17,6 @@ parameter_defaults:
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
- GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'}
- GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'}
- GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet.
HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'}
@@ -27,6 +24,9 @@ parameter_defaults:
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
+ KeystoneV3Admin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
+ KeystoneV3Internal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
+ KeystoneV3Public: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
@@ -39,6 +39,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
+ SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
+ SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
+ SaharaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'}
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
diff --git a/environments/external-loadbalancer-vip-v6.yaml b/environments/external-loadbalancer-vip-v6.yaml
new file mode 100644
index 00000000..5a2ef505
--- /dev/null
+++ b/environments/external-loadbalancer-vip-v6.yaml
@@ -0,0 +1,38 @@
+resource_registry:
+ OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external_v6.yaml
+ OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service_v6.yaml
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml
+ OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml
+ OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml
+ OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml
+ # OVS doesn't support IPv6 endpoints for tunneling yet, so this remains IPv4 for now.
+ OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
+
+parameter_defaults:
+ # When using an external loadbalancer set the following in parameter_defaults
+ # to control your VIPs (currently one per network)
+ # NOTE: we will eventually move to one VIP per service
+ #
+ ControlPlaneIP: 192.0.2.251
+ ExternalNetworkVip: 2001:db8:fd00:1000:0000:0000:0000:0005
+ InternalApiNetworkVip: fd00:fd00:fd00:2000:0000:0000:0000:0005
+ StorageNetworkVip: fd00:fd00:fd00:3000:0000:0000:0000:0005
+ StorageMgmtNetworkVip: fd00:fd00:fd00:4000:0000:0000:0000:0005
+ ServiceVips:
+ redis: fd00:fd00:fd00:2000:0000:0000:0000:0006
+ ControllerIPs:
+ external:
+ - 2001:db8:fd00:1000:0000:0000:0000:0007
+ internal_api:
+ - fd00:fd00:fd00:2000:0000:0000:0000:0007
+ storage:
+ - fd00:fd00:fd00:3000:0000:0000:0000:0007
+ storage_mgmt:
+ - fd00:fd00:fd00:4000:0000:0000:0000:0007
+ tenant:
+ - 172.16.0.253
+ EnableLoadBalancer: false
diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml
index 198892cd..8656ba1a 100644
--- a/environments/external-loadbalancer-vip.yaml
+++ b/environments/external-loadbalancer-vip.yaml
@@ -10,7 +10,8 @@ resource_registry:
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
- OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml
+ # Management network is optional and disabled by default
+ #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml
parameter_defaults:
# When using an external loadbalancer set the following in parameter_defaults
@@ -35,6 +36,6 @@ parameter_defaults:
- 172.16.3.253
tenant:
- 172.16.0.253
- management:
- - 172.16.4.253
+ #management:
+ #- 172.16.4.253
EnableLoadBalancer: false
diff --git a/environments/ips-from-pool-all.yaml b/environments/ips-from-pool-all.yaml
new file mode 100644
index 00000000..f660d501
--- /dev/null
+++ b/environments/ips-from-pool-all.yaml
@@ -0,0 +1,75 @@
+# Environment file demonstrating how to pre-assign IPs to all node types
+resource_registry:
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml
+ OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
+ OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
+ OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
+
+ OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
+ OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml
+ OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
+
+ OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml
+ OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
+ OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml
+
+ OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
+ OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
+ OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml
+
+ OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
+ OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
+ OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml
+
+parameter_defaults:
+ ControllerIPs:
+ # Each controller will get an IP from the lists below, first controller, first IP
+ external:
+ - 10.0.0.251
+ internal_api:
+ - 172.16.2.251
+ storage:
+ - 172.16.1.251
+ storage_mgmt:
+ - 172.16.3.251
+ tenant:
+ - 172.16.0.251
+ NovaComputeIPs:
+ # Each compute will get an IP from the lists below, first compute, first IP
+ internal_api:
+ - 172.16.2.252
+ storage:
+ - 172.16.1.252
+ tenant:
+ - 172.16.0.252
+ CephStorageIPs:
+ # Each ceph node will get an IP from the lists below, first node, first IP
+ storage:
+ - 172.16.1.253
+ storage_mgmt:
+ - 172.16.3.253
+ SwiftStorageIPs:
+ # Each swift node will get an IP from the lists below, first node, first IP
+ internal_api:
+ - 172.16.2.254
+ storage:
+ - 172.16.1.254
+ storage_mgmt:
+ - 172.16.3.254
+ BlockStorageIPs:
+ # Each cinder node will get an IP from the lists below, first node, first IP
+ internal_api:
+ - 172.16.2.250
+ storage:
+ - 172.16.1.250
+ storage_mgmt:
+ - 172.16.3.250
diff --git a/environments/major-upgrade-script-delivery.yaml b/environments/major-upgrade-pacemaker-init.yaml
index ba128d84..d98a9cdd 100644
--- a/environments/major-upgrade-script-delivery.yaml
+++ b/environments/major-upgrade-pacemaker-init.yaml
@@ -2,7 +2,7 @@ parameter_defaults:
UpgradeLevelNovaCompute: liberty
resource_registry:
- OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_script_delivery.yaml
+ OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_pacemaker_init.yaml
OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml
OS::TripleO::ControllerPostDeployment: OS::Heat::None
OS::TripleO::ComputePostDeployment: OS::Heat::None
diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml
index d1d0818e..11ca5b31 100644
--- a/environments/network-isolation-v6.yaml
+++ b/environments/network-isolation-v6.yaml
@@ -43,9 +43,15 @@ resource_registry:
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml
parameter_defaults:
+ # Enable IPv6 for Ceph.
+ CephIPv6: True
# Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster.
CorosyncIPv6: True
# Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP.
MongoDbIPv6: True
# Enable various IPv6 features in Nova.
NovaIPv6: True
+ # Enable IPv6 environment for RabbitMQ.
+ RabbitIPv6: true
+ # Enable IPv6 environment for Memcached.
+ MemcachedIPv6: true
diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml
index d782e8d8..fc4b8c7d 100644
--- a/environments/puppet-ceph-devel.yaml
+++ b/environments/puppet-ceph-devel.yaml
@@ -1,8 +1,7 @@
# A Heat environment file which can be used to enable a Ceph
-# storage cluster using the controller and 2 ceph nodes.
+# storage cluster using the controller and ceph nodes.
# Rbd backends are enabled for Cinder, Glance, and Nova.
parameters:
- CephStorageCount: 2
#NOTE: These ID's and keys should be regenerated for
# a production deployment. What is here is suitable for
# developer and CI testing only.
diff --git a/extraconfig/tasks/major_upgrade_block_storage.sh b/extraconfig/tasks/major_upgrade_block_storage.sh
new file mode 100644
index 00000000..07666245
--- /dev/null
+++ b/extraconfig/tasks/major_upgrade_block_storage.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# This runs an upgrade of Cinder Block Storage nodes.
+#
+set -eu
+
+yum -y install python-zaqarclient # needed for os-collect-config
+yum -y -q update
diff --git a/extraconfig/tasks/major_upgrade_ceph_storage.sh b/extraconfig/tasks/major_upgrade_ceph_storage.sh
new file mode 100644
index 00000000..de42b16d
--- /dev/null
+++ b/extraconfig/tasks/major_upgrade_ceph_storage.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+#
+# This delivers the ceph-storage upgrade script to be invoked as part of the tripleo
+# major upgrade workflow.
+#
+set -eu
+
+UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
+
+cat > $UPGRADE_SCRIPT << ENDOFCAT
+### DO NOT MODIFY THIS FILE
+### This file is automatically delivered to the ceph-storage nodes as part of the
+### tripleo upgrades workflow
+
+
+function systemctl_ceph {
+ action=\$1
+ systemctl \$action ceph
+}
+
+# "so that mirrors aren't rebalanced as if the OSD died" - gfidente
+ceph osd set noout
+
+systemctl_ceph stop
+yum -y install python-zaqarclient # needed for os-collect-config
+yum -y update
+systemctl_ceph start
+
+ceph osd unset noout
+
+ENDOFCAT
+
+# ensure the permissions are OK
+chmod 0755 $UPGRADE_SCRIPT
+
diff --git a/extraconfig/tasks/major_upgrade_object_storage.sh b/extraconfig/tasks/major_upgrade_object_storage.sh
index 0f6d091e..931f4f42 100644
--- a/extraconfig/tasks/major_upgrade_object_storage.sh
+++ b/extraconfig/tasks/major_upgrade_object_storage.sh
@@ -14,17 +14,18 @@ cat > $UPGRADE_SCRIPT << ENDOFCAT
function systemctl_swift {
- action=$1
+ action=\$1
for S in openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator openstack-swift-account \
openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater openstack-swift-container \
- openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object openstack-swift-proxy; do
- systemctl $action $S
+ openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object; do
+ systemctl \$action \$S
done
}
systemctl_swift stop
+yum -y install python-zaqarclient # needed for os-collect-config
yum -y update
systemctl_swift start
diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml
index b867d107..4af3186c 100644
--- a/extraconfig/tasks/major_upgrade_pacemaker.yaml
+++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml
@@ -50,6 +50,20 @@ resources:
config: {get_resource: ControllerPacemakerUpgradeConfig_Step1}
input_values: {get_param: input_values}
+ BlockStorageUpgradeConfig:
+ type: OS::Heat::SoftwareConfig
+ depends_on: ControllerPacemakerUpgradeDeployment_Step1
+ properties:
+ group: script
+ config: {get_file: major_upgrade_block_storage.sh}
+
+ BlockStorageUpgradeDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: blockstorage_servers}
+ config: {get_resource: BlockStorageUpgradeConfig}
+ input_values: {get_param: input_values}
+
ControllerPacemakerUpgradeConfig_Step2:
type: OS::Heat::SoftwareConfig
properties:
@@ -63,7 +77,7 @@ resources:
ControllerPacemakerUpgradeDeployment_Step2:
type: OS::Heat::SoftwareDeploymentGroup
- depends_on: ControllerPacemakerUpgradeDeployment_Step1
+ depends_on: BlockStorageUpgradeDeployment
properties:
servers: {get_param: controller_servers}
config: {get_resource: ControllerPacemakerUpgradeConfig_Step2}
diff --git a/extraconfig/tasks/major_upgrade_pacemaker_init.yaml b/extraconfig/tasks/major_upgrade_pacemaker_init.yaml
new file mode 100644
index 00000000..f662bc3d
--- /dev/null
+++ b/extraconfig/tasks/major_upgrade_pacemaker_init.yaml
@@ -0,0 +1,128 @@
+heat_template_version: 2014-10-16
+description: 'Upgrade for Pacemaker deployments'
+
+parameters:
+
+ controller_servers:
+ type: json
+ compute_servers:
+ type: json
+ blockstorage_servers:
+ type: json
+ objectstorage_servers:
+ type: json
+ cephstorage_servers:
+ type: json
+ input_values:
+ type: json
+ description: input values for the software deployments
+
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
+ UpgradeLevelNovaCompute:
+ type: string
+ description: Nova Compute upgrade level
+ default: ''
+
+resources:
+
+ UpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - get_param: UpgradeInitCommand
+
+ UpgradeInitControllerDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: controller_servers}
+ config: {get_resource: UpgradeInitConfig}
+ input_values: {get_param: input_values}
+
+ UpgradeInitComputeDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: compute_servers}
+ config: {get_resource: UpgradeInitConfig}
+ input_values: {get_param: input_values}
+
+ UpgradeInitBlockStorageDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: blockstorage_servers}
+ config: {get_resource: UpgradeInitConfig}
+ input_values: {get_param: input_values}
+
+ UpgradeInitObjectStorageDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: objectstorage_servers}
+ config: {get_resource: UpgradeInitConfig}
+ input_values: {get_param: input_values}
+
+ UpgradeInitCephStorageDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: cephstorage_servers}
+ config: {get_resource: UpgradeInitConfig}
+ input_values: {get_param: input_values}
+
+ # TODO(jistr): for Mitaka->Newton upgrades and further we can use
+ # map_merge with input_values instead of feeding params into scripts
+ # via str_replace on bash snippets
+
+ ComputeDeliverUpgradeScriptConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - str_replace:
+ template: |
+ #!/bin/bash
+ upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE'
+ params:
+ UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute}
+ - get_file: major_upgrade_compute.sh
+
+ ComputeDeliverUpgradeScriptDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: compute_servers}
+ config: {get_resource: ComputeDeliverUpgradeScriptConfig}
+ input_values: {get_param: input_values}
+
+ ObjectStorageDeliverUpgradeScriptConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: major_upgrade_object_storage.sh}
+
+ ObjectStorageDeliverUpgradeScriptDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: objectstorage_servers}
+ config: {get_resource: ObjectStorageDeliverUpgradeScriptConfig}
+ input_values: {get_param: input_values}
+
+ CephStorageDeliverUpgradeScriptConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: major_upgrade_ceph_storage.sh}
+
+ CephStorageDeliverUpgradeScriptDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ servers: {get_param: cephstorage_servers}
+ config: {get_resource: CephStorageDeliverUpgradeScriptConfig}
+ input_values: {get_param: input_values}
diff --git a/extraconfig/tasks/major_upgrade_script_delivery.yaml b/extraconfig/tasks/major_upgrade_script_delivery.yaml
deleted file mode 100644
index f7faa7fc..00000000
--- a/extraconfig/tasks/major_upgrade_script_delivery.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: 2014-10-16
-description: 'Upgrade for Pacemaker deployments'
-
-parameters:
-
- controller_servers:
- type: json
- compute_servers:
- type: json
- blockstorage_servers:
- type: json
- objectstorage_servers:
- type: json
- cephstorage_servers:
- type: json
- input_values:
- type: json
- description: input values for the software deployments
-
- UpgradeLevelNovaCompute:
- type: string
- description: Nova Compute upgrade level
- default: ''
-
-resources:
- # TODO(jistr): for Mitaka->Newton upgrades and further we can use
- # map_merge with input_values instead of feeding params into scripts
- # via str_replace on bash snippets
-
- ComputeDeliverUpgradeScriptConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - str_replace:
- template: |
- #!/bin/bash
- upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE'
- params:
- UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute}
- - get_file: major_upgrade_compute.sh
-
- ComputeDeliverUpgradeScriptDeployment:
- type: OS::Heat::SoftwareDeploymentGroup
- properties:
- servers: {get_param: compute_servers}
- config: {get_resource: ComputeDeliverUpgradeScriptConfig}
- input_values: {get_param: input_values}
-
-
- ObjectStoreDeliverUpgradeScriptConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config: {get_file: major_upgrade_object_storage.sh}
-
- ObjectStoreDeliverUpgradeScriptDeployment:
- type: OS::Heat::SoftwareDeploymentGroup
- properties:
- servers: {get_param: objectstorage_servers}
- config: {get_resource: ObjectStoreDeliverUpgradeScriptConfig}
- input_values: {get_param: input_values}
-
diff --git a/extraconfig/tasks/pacemaker_common_functions.sh b/extraconfig/tasks/pacemaker_common_functions.sh
index ee3216e4..0808763e 100755
--- a/extraconfig/tasks/pacemaker_common_functions.sh
+++ b/extraconfig/tasks/pacemaker_common_functions.sh
@@ -39,10 +39,23 @@ function echo_error {
}
function systemctl_swift {
+ services=( openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator openstack-swift-account \
+ openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater openstack-swift-container \
+ openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object openstack-swift-proxy )
action=$1
- for S in openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator openstack-swift-account \
- openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater openstack-swift-container \
- openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object openstack-swift-proxy; do
- systemctl $action $S
+ case $action in
+ stop)
+ services=$(systemctl | grep swift | grep running | awk '{print $1}')
+ ;;
+ start)
+ enable_swift_storage=$(hiera -c /etc/puppet/hiera.yaml 'enable_swift_storage')
+ if [[ $enable_swift_storage != "true" ]]; then
+ services=( openstack-swift-proxy )
+ fi
+ ;;
+ *) services=() ;; # for safetly, should never happen
+ esac
+ for S in ${services[@]}; do
+ systemctl $action $S
done
}
diff --git a/net-config-bond.yaml b/net-config-bond.yaml
index b624563f..0a162e77 100644
--- a/net-config-bond.yaml
+++ b/net-config-bond.yaml
@@ -4,6 +4,11 @@ description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge.
parameters:
+ BondInterfaceOvsOptions:
+ default: ''
+ description: The ovs_options string for the bond interface. Set things like
+ lacp=active and/or bond_mode=balance-slb using this option.
+ type: string
ControlPlaneIp:
default: ''
description: IP address/subnet on the ctlplane network
@@ -58,6 +63,7 @@ resources:
type: ovs_bond
name: bond1
use_dhcp: true
+ ovs_options: {get_param: BondInterfaceOvsOptions}
members:
# os-net-config translates nic1 => em1 (for example)
-
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index 84fea0ef..a74d75da 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -46,15 +46,6 @@ Glance:
vip_param: GlanceApi
port: 9292
-GlanceRegistry:
- Internal:
- vip_param: GlanceRegistry
- Public:
- vip_param: Public
- Admin:
- vip_param: GlanceRegistry
- port: 9191
-
Mysql:
'':
vip_param: Mysql
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 0382533a..956fb0ba 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -12,7 +12,6 @@ parameters:
CeilometerApiVirtualIP: {type: string, default: ''}
CinderApiVirtualIP: {type: string, default: ''}
GlanceApiVirtualIP: {type: string, default: ''}
- GlanceRegistryVirtualIP: {type: string, default: ''}
HeatApiVirtualIP: {type: string, default: ''}
KeystoneAdminApiVirtualIP: {type: string, default: ''}
KeystonePublicApiVirtualIP: {type: string, default: ''}
@@ -37,9 +36,6 @@ parameters:
GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS}
GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS}
GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS}
- GlanceRegistryAdmin: {protocol: http, port: '9191', host: IP_ADDRESS}
- GlanceRegistryInternal: {protocol: http, port: '9191', host: IP_ADDRESS}
- GlanceRegistryPublic: {protocol: http, port: '9191', host: IP_ADDRESS}
HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS}
HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS}
HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS}
@@ -651,120 +647,6 @@ outputs:
IP_ADDRESS: {get_param: PublicVirtualIP}
- ':'
- get_param: [EndpointMap, GlancePublic, port]
- GlanceRegistryAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryAdmin, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: GlanceRegistryVirtualIP}
- port:
- get_param: [EndpointMap, GlanceRegistryAdmin, port]
- protocol:
- get_param: [EndpointMap, GlanceRegistryAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryAdmin, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: GlanceRegistryVirtualIP}
- - ':'
- - get_param: [EndpointMap, GlanceRegistryAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryAdmin, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: GlanceRegistryVirtualIP}
- - ':'
- - get_param: [EndpointMap, GlanceRegistryAdmin, port]
- GlanceRegistryInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: GlanceRegistryVirtualIP}
- port:
- get_param: [EndpointMap, GlanceRegistryInternal, port]
- protocol:
- get_param: [EndpointMap, GlanceRegistryInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: GlanceRegistryVirtualIP}
- - ':'
- - get_param: [EndpointMap, GlanceRegistryInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: GlanceRegistryVirtualIP}
- - ':'
- - get_param: [EndpointMap, GlanceRegistryInternal, port]
- GlanceRegistryPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryPublic, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: PublicVirtualIP}
- port:
- get_param: [EndpointMap, GlanceRegistryPublic, port]
- protocol:
- get_param: [EndpointMap, GlanceRegistryPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryPublic, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: PublicVirtualIP}
- - ':'
- - get_param: [EndpointMap, GlanceRegistryPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryPublic, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: PublicVirtualIP}
- - ':'
- - get_param: [EndpointMap, GlanceRegistryPublic, port]
HeatAdmin:
host:
str_replace:
diff --git a/network/management.yaml b/network/management.yaml
index 9bfaafa2..1800b57a 100644
--- a/network/management.yaml
+++ b/network/management.yaml
@@ -16,7 +16,7 @@ parameters:
type: string
ManagementNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ManagementNetEnableDHCP:
default: false
diff --git a/network/ports/external_from_pool.yaml b/network/ports/external_from_pool.yaml
index 98f2aa35..867176e3 100644
--- a/network/ports/external_from_pool.yaml
+++ b/network/ports/external_from_pool.yaml
@@ -12,7 +12,7 @@ parameters:
description: Name of the port
default: ''
type: string
- ControlPlaneIP: # Here for compatability with noop.yaml
+ ControlPlaneIP: # Here for compatibility with noop.yaml
description: IP address on the control plane
default: ''
type: string
diff --git a/network/ports/external_from_pool_v6.yaml b/network/ports/external_from_pool_v6.yaml
new file mode 100644
index 00000000..bf0c036d
--- /dev/null
+++ b/network/ports/external_from_pool_v6.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Returns an IP from a network mapped list of IPs. This version is for IPv6
+ addresses. The ip_address_uri output will have brackets for use in URLs.
+
+parameters:
+ ExternalNetName:
+ description: Name of the external network
+ default: external
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ IPPool:
+ default: {}
+ description: A network mapped list of IPs
+ type: json
+ NodeIndex:
+ default: 0
+ description: Index of the IP to get from Pool
+ type: number
+ ExternalNetCidr:
+ default: '2001:db8:fd00:1000::/64'
+ description: Cidr for the external network.
+ type: string
+
+outputs:
+ ip_address:
+ description: external network IP
+ value: {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+ description: external network IP (for compatibility with IPv6)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]}
+ - ']'
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the external network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {get_param: [ExternalNetCidr, -2]}
+ - {get_param: [ExternalNetCidr, -1]}
diff --git a/network/ports/from_service.yaml b/network/ports/from_service.yaml
index 359d77a7..3d61910e 100644
--- a/network/ports/from_service.yaml
+++ b/network/ports/from_service.yaml
@@ -8,19 +8,19 @@ parameters:
description: Name of the service to lookup
default: ''
type: string
- NetworkName: # Here for compatability with ctlplane_vip.yaml
+ NetworkName: # Here for compatibility with ctlplane_vip.yaml
description: Name of the network where the VIP will be created
default: ctlplane
type: string
- PortName: # Here for compatability with ctlplane_vip.yaml
+ PortName: # Here for compatibility with ctlplane_vip.yaml
description: Name of the port
default: ''
type: string
- ControlPlaneIP: # Here for compatability with ctlplane_vip.yaml
+ ControlPlaneIP: # Here for compatibility with ctlplane_vip.yaml
description: IP address on the control plane
default: ''
type: string
- ControlPlaneNetwork: # Here for compatability with ctlplane_vip.yaml
+ ControlPlaneNetwork: # Here for compatibility with ctlplane_vip.yaml
description: The name of the undercloud Neutron control plane
default: ctlplane
type: string
diff --git a/network/ports/from_service_v6.yaml b/network/ports/from_service_v6.yaml
new file mode 100644
index 00000000..2dd0a0ee
--- /dev/null
+++ b/network/ports/from_service_v6.yaml
@@ -0,0 +1,42 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Returns an IP from a service mapped list of IPv6 IPs
+
+parameters:
+ ServiceName:
+ description: Name of the service to lookup
+ default: ''
+ type: string
+ NetworkName: # Here for compatability with ctlplane_vip.yaml
+ description: Name of the network where the VIP will be created
+ default: ctlplane
+ type: string
+ PortName: # Here for compatability with ctlplane_vip.yaml
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with ctlplane_vip.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ ControlPlaneNetwork: # Here for compatability with ctlplane_vip.yaml
+ description: The name of the undercloud Neutron control plane
+ default: ctlplane
+ type: string
+ ServiceVips:
+ default: {}
+ type: json
+
+outputs:
+ ip_address:
+ description: network IP
+ value: {get_param: [ServiceVips, {get_param: ServiceName}]}
+ ip_address_uri:
+ description: network IP (with brackets for use in URLs)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [ServiceVips, {get_param: ServiceName}]}
+ - ']'
diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml
index c7b04847..d7b67e26 100644
--- a/network/ports/internal_api_from_pool.yaml
+++ b/network/ports/internal_api_from_pool.yaml
@@ -12,7 +12,7 @@ parameters:
description: Name of the port
default: ''
type: string
- ControlPlaneIP: # Here for compatability with noop.yaml
+ ControlPlaneIP: # Here for compatibility with noop.yaml
description: IP address on the control plane
default: ''
type: string
diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml
new file mode 100644
index 00000000..34c17ab2
--- /dev/null
+++ b/network/ports/internal_api_from_pool_v6.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Returns an IP from a network mapped list of IPs. This version is for IPv6
+ addresses. The ip_address_uri output will have brackets for use in URLs.
+
+parameters:
+ InternalApiNetName:
+ description: Name of the internal API network
+ default: internal_api
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ IPPool:
+ default: {}
+ description: A network mapped list of IPs
+ type: json
+ NodeIndex:
+ default: 0
+ description: Index of the IP to get from Pool
+ type: number
+ InternalApiNetCidr:
+ default: 'fd00:fd00:fd00:2000::/64'
+ description: Cidr for the internal API network.
+ type: string
+
+outputs:
+ ip_address:
+ description: internal API network IP
+ value: {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+ description: internal API network IP (for compatibility with internal_api_v6.yaml)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]}
+ - ']'
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the internal API network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {get_param: [InternalApiNetCidr, -2]}
+ - {get_param: [InternalApiNetCidr, -1]}
diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml
new file mode 100644
index 00000000..f6d67fe8
--- /dev/null
+++ b/network/ports/net_vip_map_external_v6.yaml
@@ -0,0 +1,95 @@
+heat_template_version: 2015-04-30
+
+parameters:
+ # Set these via parameter defaults to configure external VIPs
+ ControlPlaneIP:
+ default: ''
+ type: string
+ ExternalNetworkVip:
+ default: ''
+ type: string
+ InternalApiNetworkVip:
+ default: ''
+ type: string
+ StorageNetworkVip:
+ default: ''
+ type: string
+ StorageMgmtNetworkVip:
+ default: ''
+ type: string
+ # The following are unused in this template
+ ControlPlaneIp:
+ default: ''
+ type: string
+ ExternalIp:
+ default: ''
+ type: string
+ ExternalIpUri:
+ default: ''
+ type: string
+ InternalApiIp:
+ default: ''
+ type: string
+ InternalApiIpUri:
+ default: ''
+ type: string
+ StorageIp:
+ default: ''
+ type: string
+ StorageIpUri:
+ default: ''
+ type: string
+ StorageMgmtIp:
+ default: ''
+ type: string
+ StorageMgmtIpUri:
+ default: ''
+ type: string
+ TenantIp:
+ default: ''
+ type: string
+ TenantIpUri:
+ default: ''
+ type: string
+
+outputs:
+ net_ip_map:
+ description: >
+ A Hash containing a mapping of network names to assigned IPs
+ for a specific machine.
+ value:
+ ctlplane: {get_param: ControlPlaneIP}
+ external: {get_param: ExternalNetworkVip}
+ internal_api: {get_param: InternalApiNetworkVip}
+ storage: {get_param: StorageNetworkVip}
+ storage_mgmt: {get_param: StorageMgmtNetworkVip}
+ net_ip_uri_map:
+ description: >
+ A Hash containing a mapping of netowrk names to assigned IPs for a
+ specific machine with brackets around IPv6 addresses for use in URLs.
+ value:
+ ctlplane: {get_param: ControlPlaneIP}
+ external:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: ExternalNetworkVip}
+ - ']'
+ internal_api:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: InternalApiNetworkVip}
+ - ']'
+ storage:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: StorageNetworkVip}
+ - ']'
+ storage_mgmt:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: StorageMgmtNetworkVip}
+ - ']'
diff --git a/network/ports/storage_from_pool.yaml b/network/ports/storage_from_pool.yaml
index dfc9e752..0a3d394c 100644
--- a/network/ports/storage_from_pool.yaml
+++ b/network/ports/storage_from_pool.yaml
@@ -12,7 +12,7 @@ parameters:
description: Name of the port
default: ''
type: string
- ControlPlaneIP: # Here for compatability with noop.yaml
+ ControlPlaneIP: # Here for compatibility with noop.yaml
description: IP address on the control plane
default: ''
type: string
diff --git a/network/ports/storage_from_pool_v6.yaml b/network/ports/storage_from_pool_v6.yaml
new file mode 100644
index 00000000..966d96ae
--- /dev/null
+++ b/network/ports/storage_from_pool_v6.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Returns an IP from a network mapped list of IPs. This version is for IPv6
+ addresses. The ip_address_uri output will have brackets for use in URLs.
+
+parameters:
+ StorageNetName:
+ description: Name of the storage network
+ default: storage
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ IPPool:
+ default: {}
+ description: A network mapped list of IPs
+ type: json
+ NodeIndex:
+ default: 0
+ description: Index of the IP to get from Pool
+ type: number
+ StorageNetCidr:
+ default: 'fd00:fd00:fd00:3000::/64'
+ description: Cidr for the storage network.
+ type: string
+
+outputs:
+ ip_address:
+ description: storage network IP
+ value: {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+ description: storage network IP (for compatibility with storage_v6.yaml)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]}
+ - ']'
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the storage network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {get_param: [StorageNetCidr, -2]}
+ - {get_param: [StorageNetCidr, -1]}
diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml
index 9c757a6e..c3f0f4e2 100644
--- a/network/ports/storage_mgmt_from_pool.yaml
+++ b/network/ports/storage_mgmt_from_pool.yaml
@@ -12,7 +12,7 @@ parameters:
description: Name of the port
default: ''
type: string
- ControlPlaneIP: # Here for compatability with noop.yaml
+ ControlPlaneIP: # Here for compatibility with noop.yaml
description: IP address on the control plane
default: ''
type: string
diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml
new file mode 100644
index 00000000..890da75c
--- /dev/null
+++ b/network/ports/storage_mgmt_from_pool_v6.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Returns an IP from a network mapped list of IPs This version is for IPv6
+ addresses. The ip_address_uri output will have brackets for use in URLs.
+
+parameters:
+ StorageMgmtNetName:
+ description: Name of the storage MGMT network
+ default: storage_mgmt
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ IPPool:
+ default: {}
+ description: A network mapped list of IPs
+ type: json
+ NodeIndex:
+ default: 0
+ description: Index of the IP to get from Pool
+ type: number
+ StorageMgmtNetCidr:
+ default: 'fd00:fd00:fd00:4000::/64'
+ description: Cidr for the storage MGMT network.
+ type: string
+
+outputs:
+ ip_address:
+ description: storage MGMT network IP
+ value: {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+ description: storage MGMT network IP (for compatibility with storage_mgmt_v6.yaml)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]}
+ - ']'
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the storage MGMT network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {get_param: [StorageMgmtNetCidr, -2]}
+ - {get_param: [StorageMgmtNetCidr, -1]}
diff --git a/network/ports/tenant_from_pool.yaml b/network/ports/tenant_from_pool.yaml
index d5f3156e..d5fd7080 100644
--- a/network/ports/tenant_from_pool.yaml
+++ b/network/ports/tenant_from_pool.yaml
@@ -12,7 +12,7 @@ parameters:
description: Name of the port
default: ''
type: string
- ControlPlaneIP: # Here for compatability with noop.yaml
+ ControlPlaneIP: # Here for compatibility with noop.yaml
description: IP address on the control plane
default: ''
type: string
diff --git a/network/ports/tenant_from_pool_v6.yaml b/network/ports/tenant_from_pool_v6.yaml
new file mode 100644
index 00000000..b2bcd426
--- /dev/null
+++ b/network/ports/tenant_from_pool_v6.yaml
@@ -0,0 +1,53 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Returns an IP from a network mapped list of IPs
+
+parameters:
+ TenantNetName:
+ description: Name of the tenant network
+ default: tenant
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ IPPool:
+ default: {}
+ description: A network mapped list of IPs
+ type: json
+ NodeIndex:
+ default: 0
+ description: Index of the IP to get from Pool
+ type: number
+ TenantNetCidr:
+ default: 'fd00:fd00:fd00:5000::/64'
+ description: Cidr for the tenant network.
+ type: string
+
+outputs:
+ ip_address:
+ description: tenant network IP
+ value: {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+ description: tenant network IP (for compatibility with tenant_v6.yaml)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]}
+ - ']'
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the tenant network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {get_param: [TenantNetCidr, -2]}
+ - {get_param: [TenantNetCidr, -1]}
diff --git a/overcloud.yaml b/overcloud.yaml
index 35a0db1c..cdd7af66 100644
--- a/overcloud.yaml
+++ b/overcloud.yaml
@@ -109,6 +109,10 @@ parameters:
type: string
constraints:
- custom_constraint: nova.keypair
+ MemcachedIPv6:
+ default: false
+ description: Enable IPv6 features in Memcached.
+ type: boolean
NeutronExternalNetworkBridge:
description: Name of bridge used for external network traffic.
type: string
@@ -283,13 +287,11 @@ parameters:
type: string
default: unset
description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
- # FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
RabbitPassword:
- default: guest
description: The password for RabbitMQ
type: string
hidden: true
@@ -308,6 +310,14 @@ parameters:
default: 16384
description: Configures RabbitMQ FD limit
type: string
+ RabbitIPv6:
+ default: false
+ description: Enable IPv6 in RabbitMQ
+ type: boolean
+ RedisPassword:
+ description: The password for Redis
+ type: string
+ hidden: true
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
@@ -371,7 +381,7 @@ parameters:
type: string
hidden: true
CinderISCSIHelper:
- default: tgtadm
+ default: lioadm
description: The iSCSI helper to use with cinder.
type: string
ControllerCount:
@@ -483,7 +493,7 @@ parameters:
type: string
hidden: true
HeatStackDomainAdminPassword:
- description: Password for heat_domain_admin user.
+ description: Password for heat_stack_domain_admin user.
type: string
hidden: true
InstanceNameTemplate:
@@ -873,7 +883,6 @@ resources:
AodhApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
CinderApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
@@ -942,6 +951,7 @@ resources:
KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver}
KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat}
+ MemcachedIPv6: {get_param: MemcachedIPv6}
MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
MysqlMaxConnections: {get_param: MysqlMaxConnections}
@@ -991,6 +1001,8 @@ resources:
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
RabbitFDLimit: {get_param: RabbitFDLimit}
+ RabbitIPv6: {get_param: RabbitIPv6}
+ RedisPassword: {get_param: RedisPassword}
SaharaPassword: {get_param: SaharaPassword}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
@@ -1087,6 +1099,7 @@ resources:
NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver}
NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend}
+ NovaIPv6: {get_param: NovaIPv6}
NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]}
NovaPassword: {get_param: NovaPassword}
NovaOVSBridge: {get_param: NovaOVSBridge}
@@ -1111,6 +1124,7 @@ resources:
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: NovaComputeSchedulerHints}
+ NodeIndex: '%index%'
BlockStorage:
type: OS::Heat::ResourceGroup
@@ -1152,6 +1166,7 @@ resources:
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: BlockStorageSchedulerHints}
+ NodeIndex: '%index%'
ObjectStorage:
type: OS::Heat::ResourceGroup
@@ -1184,6 +1199,7 @@ resources:
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: ObjectStorageSchedulerHints}
+ NodeIndex: '%index%'
CephStorage:
type: OS::Heat::ResourceGroup
@@ -1211,6 +1227,7 @@ resources:
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: CephStorageSchedulerHints}
+ NodeIndex: '%index%'
ControllerIpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml
index 96198c3f..dc2f98ed 100644
--- a/puppet/ceph-cluster-config.yaml
+++ b/puppet/ceph-cluster-config.yaml
@@ -39,6 +39,9 @@ parameters:
CephClientUserName:
default: openstack
type: string
+ CephIPv6:
+ default: False
+ type: boolean
resources:
CephClusterConfigImpl:
@@ -50,15 +53,25 @@ resources:
datafiles:
ceph_cluster:
mapped_data:
+ ceph_ipv6: {get_param: CephIPv6}
ceph_storage_count: {get_param: ceph_storage_count}
ceph_mon_initial_members:
list_join:
- ','
- {get_param: ceph_mon_names}
- ceph::profile::params::mon_host:
+ ceph_mon_host:
list_join:
- ','
- {get_param: ceph_mon_ips}
+ ceph_mon_host_v6:
+ str_replace:
+ template: "'[IPS_LIST]'"
+ params:
+ IPS_LIST:
+ list_join:
+ - '],['
+ - {get_param: ceph_mon_ips}
+ ceph::profile::params::ms_bind_ipv6: {get_param: CephIPv6}
ceph::profile::params::fsid: {get_param: ceph_fsid}
ceph::profile::params::mon_key: {get_param: ceph_mon_key}
# We should use a separated key for the non-admin clients
diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml
index 88120b9c..d2988926 100644
--- a/puppet/ceph-storage.yaml
+++ b/puppet/ceph-storage.yaml
@@ -62,6 +62,9 @@ parameters:
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
+ CephStorageIPs:
+ default: {}
+ type: json
NetworkDeploymentActions:
type: comma_delimited_list
description: >
@@ -90,6 +93,9 @@ parameters:
type: json
description: Optional scheduler hints to pass to nova
default: {}
+ NodeIndex:
+ type: number
+ default: 0
resources:
CephStorage:
@@ -135,31 +141,43 @@ resources:
type: OS::TripleO::CephStorage::Ports::ExternalPort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: CephStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
InternalApiPort:
type: OS::TripleO::CephStorage::Ports::InternalApiPort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: CephStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
StoragePort:
type: OS::TripleO::CephStorage::Ports::StoragePort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: CephStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
StorageMgmtPort:
type: OS::TripleO::CephStorage::Ports::StorageMgmtPort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: CephStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
TenantPort:
type: OS::TripleO::CephStorage::Ports::TenantPort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: CephStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
ManagementPort:
type: OS::TripleO::CephStorage::Ports::ManagementPort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: CephStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
NetworkConfig:
type: OS::TripleO::CephStorage::Net::SoftwareConfig
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml
index 09c4d3e3..878b31c2 100644
--- a/puppet/cinder-storage.yaml
+++ b/puppet/cinder-storage.yaml
@@ -9,7 +9,7 @@ parameters:
description: Whether to enable or not the Iscsi backend for Cinder
type: boolean
CinderISCSIHelper:
- default: tgtadm
+ default: lioadm
description: The iSCSI helper to use with cinder.
type: string
CinderLVMLoopDeviceSize:
@@ -38,6 +38,9 @@ parameters:
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
+ BlockStorageIPs:
+ default: {}
+ type: json
Flavor:
description: Flavor for block storage nodes to request when deploying.
type: string
@@ -48,7 +51,6 @@ parameters:
description: Name of an existing Nova key pair to enable SSH access to the instances
type: string
RabbitPassword:
- default: 'guest'
type: string
hidden: true
RabbitUserName:
@@ -141,6 +143,9 @@ parameters:
type: json
description: Optional scheduler hints to pass to nova
default: {}
+ NodeIndex:
+ type: number
+ default: 0
resources:
@@ -187,31 +192,43 @@ resources:
type: OS::TripleO::BlockStorage::Ports::ExternalPort
properties:
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: BlockStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
InternalApiPort:
type: OS::TripleO::BlockStorage::Ports::InternalApiPort
properties:
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: BlockStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
StoragePort:
type: OS::TripleO::BlockStorage::Ports::StoragePort
properties:
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: BlockStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
StorageMgmtPort:
type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort
properties:
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: BlockStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
TenantPort:
type: OS::TripleO::BlockStorage::Ports::TenantPort
properties:
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: BlockStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
ManagementPort:
type: OS::TripleO::BlockStorage::Ports::ManagementPort
properties:
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: BlockStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
NetworkConfig:
type: OS::TripleO::BlockStorage::Net::SoftwareConfig
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
index 58ca71e7..f5c848c8 100644
--- a/puppet/compute.yaml
+++ b/puppet/compute.yaml
@@ -195,6 +195,9 @@ parameters:
default: 'dvr_snat'
description: Agent mode for the neutron-l3-agent on the controller hosts
type: string
+ NodeIndex:
+ type: number
+ default: 0
NovaApiHost:
type: string
default: '' # Has to be here because of the ignored empty value bug
@@ -207,6 +210,9 @@ parameters:
NovaCompute specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
+ NovaComputeIPs:
+ default: {}
+ type: json
NovaComputeLibvirtType:
type: string
default: kvm
@@ -218,6 +224,10 @@ parameters:
default: false
description: Whether to enable or not the Rbd backend for Nova
type: boolean
+ NovaIPv6:
+ default: false
+ description: Enable IPv6 features in Nova
+ type: boolean
NovaPassword:
description: The password for the nova service account, used by nova-api.
type: string
@@ -241,7 +251,6 @@ parameters:
type: string
default: '' # Has to be here because of the ignored empty value bug
RabbitPassword:
- default: guest
description: The password for RabbitMQ
type: string
hidden: true
@@ -378,31 +387,43 @@ resources:
type: OS::TripleO::Compute::Ports::ExternalPort
properties:
ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ IPPool: {get_param: NovaComputeIPs}
+ NodeIndex: {get_param: NodeIndex}
InternalApiPort:
type: OS::TripleO::Compute::Ports::InternalApiPort
properties:
ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ IPPool: {get_param: NovaComputeIPs}
+ NodeIndex: {get_param: NodeIndex}
StoragePort:
type: OS::TripleO::Compute::Ports::StoragePort
properties:
ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ IPPool: {get_param: NovaComputeIPs}
+ NodeIndex: {get_param: NodeIndex}
StorageMgmtPort:
type: OS::TripleO::Compute::Ports::StorageMgmtPort
properties:
ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ IPPool: {get_param: NovaComputeIPs}
+ NodeIndex: {get_param: NodeIndex}
TenantPort:
type: OS::TripleO::Compute::Ports::TenantPort
properties:
ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ IPPool: {get_param: NovaComputeIPs}
+ NodeIndex: {get_param: NodeIndex}
ManagementPort:
type: OS::TripleO::Compute::Ports::ManagementPort
properties:
ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ IPPool: {get_param: NovaComputeIPs}
+ NodeIndex: {get_param: NodeIndex}
NetIpMap:
type: OS::TripleO::Network::Ports::NetIpMap
@@ -478,6 +499,7 @@ resources:
raw_data: {get_file: hieradata/compute.yaml}
mapped_data:
cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
+ nova::use_ipv6: {get_input: nova_ipv6}
nova::debug: {get_input: debug}
nova::rabbit_userid: {get_input: rabbit_username}
nova::rabbit_password: {get_input: rabbit_password}
@@ -567,10 +589,18 @@ resources:
nova_api_host: {get_param: NovaApiHost}
nova_password: {get_param: NovaPassword}
nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
+ nova_ipv6: {get_param: NovaIPv6}
cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
- nova_vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
+ # Remove brackets that may come if the IP address is IPv6.
+ # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
+ nova_vncproxy_host:
+ str_replace:
+ template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
+ params:
+ '[': ''
+ ']': ''
nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
nova_ovs_bridge: {get_param: NovaOVSBridge}
nova_security_group_api: {get_param: NovaSecurityGroupAPI}
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 879bde55..4086fe4e 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -69,7 +69,7 @@ parameters:
description: Whether to enable or not the Rbd backend for Cinder
type: boolean
CinderISCSIHelper:
- default: tgtadm
+ default: lioadm
description: The iSCSI helper to use with cinder.
type: string
CinderLVMLoopDeviceSize:
@@ -233,6 +233,13 @@ parameters:
Mount options for Pacemaker mount used as Glance storage.
Effective when GlanceFilePcmkManage is true.
type: string
+ HAProxyStatsPassword:
+ description: Password for HAProxy stats endpoint
+ type: string
+ HAProxyStatsUser:
+ description: User for HAProxy stats endpoint
+ default: admin
+ type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
@@ -246,7 +253,7 @@ parameters:
type: string
hidden: true
HeatStackDomainAdminPassword:
- description: Password for heat_domain_admin user.
+ description: Password for heat_stack_domain_admin user.
type: string
hidden: true
HeatAuthEncryptionKey:
@@ -334,6 +341,10 @@ parameters:
default: false
description: Whether to manage IPtables rules.
type: boolean
+ MemcachedIPv6:
+ default: false
+ description: Enable IPv6 features in Memcached.
+ type: boolean
PurgeFirewallRules:
default: false
description: Whether IPtables rules should be purged before setting up the new ones.
@@ -603,7 +614,6 @@ parameters:
default: '' # Has to be here because of the ignored empty value bug
hidden: true
RabbitPassword:
- default: guest
description: The password for RabbitMQ
type: string
hidden: true
@@ -625,6 +635,14 @@ parameters:
default: 16384
description: Configures RabbitMQ FD limit
type: string
+ RabbitIPv6:
+ default: false
+ description: Enable IPv6 in RabbitMQ
+ type: boolean
+ RedisPassword:
+ type: string
+ description: The password to access the Redis service
+ hidden: true
RedisVirtualIP:
type: string
default: '' # Has to be here because of the ignored empty value bug
@@ -657,6 +675,10 @@ parameters:
default: 10
description: Partition Power to use when building Swift rings
type: number
+ SwiftRingBuild:
+ default: true
+ description: Whether to manage Swift rings or not
+ type: boolean
SwiftPassword:
description: The password for the swift service account, used by the swift proxy
services.
@@ -940,6 +962,8 @@ resources:
neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
haproxy_log_address: {get_param: HAProxySyslogAddress}
+ haproxy_stats_password: {get_param: HAProxyStatsPassword}
+ haproxy_stats_user: {get_param: HAProxyStatsUser}
heat.watch_server_url:
list_join:
- ''
@@ -1152,9 +1176,11 @@ resources:
ceilometer_coordination_url:
list_join:
- ''
- - - 'redis://'
+ - - 'redis://:'
+ - {get_param: RedisPassword}
+ - '@'
- {get_param: RedisVirtualIPUri}
- - ':6379'
+ - ':6379/'
ceilometer_dsn:
list_join:
- ''
@@ -1168,6 +1194,7 @@ resources:
nova_enable_db_purge: {get_param: NovaEnableDBPurge}
nova_ipv6: {get_param: NovaIPv6}
corosync_ipv6: {get_param: CorosyncIPv6}
+ memcached_ipv6: {get_param: MemcachedIPv6}
nova_password: {get_param: NovaPassword}
nova_dsn:
list_join:
@@ -1194,16 +1221,10 @@ resources:
rabbit_cookie: {get_param: RabbitCookie}
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
rabbit_client_port: {get_param: RabbitClientPort}
+ rabbit_ipv6: {get_param: RabbitIPv6}
+ rabbit_fd_limit: {get_param: RabbitFDLimit}
mongodb_no_journal: {get_param: MongoDbNoJournal}
mongodb_ipv6: {get_param: MongoDbIPv6}
- # We need to force this into quotes or hiera will return integer causing
- # the puppet module validation regexp to fail.
- # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
- rabbit_fd_limit:
- str_replace:
- template: "'LIMIT'"
- params:
- LIMIT: {get_param: RabbitFDLimit}
ntp_servers: {get_param: NtpServer}
timezone: {get_param: TimeZone}
control_virtual_interface: {get_param: ControlVirtualInterface}
@@ -1211,6 +1232,7 @@ resources:
swift_hash_suffix: {get_param: SwiftHashSuffix}
swift_password: {get_param: SwiftPassword}
swift_part_power: {get_param: SwiftPartPower}
+ swift_ring_build: {get_param: SwiftRingBuild}
swift_replicas: {get_param: SwiftReplicas}
swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_mount_check: {get_param: SwiftMountCheck}
@@ -1227,7 +1249,7 @@ resources:
- '/sahara'
swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
- cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
+ cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
@@ -1247,6 +1269,7 @@ resources:
horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ redis_password: {get_param: RedisPassword}
redis_vip: {get_param: RedisVirtualIP}
sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
@@ -1300,7 +1323,7 @@ resources:
mapped_data:
ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
ceph::profile::params::public_network: {get_input: ceph_public_network}
- ceph::mon::public_addr: {get_input: ceph_public_ip}
+ ceph::profile::params::public_addr: {get_input: ceph_public_ip}
database:
raw_data: {get_file: hieradata/database.yaml}
object:
@@ -1325,15 +1348,12 @@ resources:
swift::swift_hash_suffix: {get_input: swift_hash_suffix}
swift::proxy::authtoken::admin_password: {get_input: swift_password}
swift::proxy::workers: {get_input: swift_workers}
+ tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
tripleo::ringbuilder::part_power: {get_input: swift_part_power}
tripleo::ringbuilder::replicas: {get_input: swift_replicas}
tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
swift_mount_check: {get_input: swift_mount_check}
- # NOTE(dprince): build_ring support is currently not wired in.
- # See: https://review.openstack.org/#/c/109225/
- tripleo::ringbuilder::build_ring: True
-
# Cinder
cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
@@ -1415,9 +1435,11 @@ resources:
heat::debug: {get_input: debug}
heat::db::mysql::password: {get_input: heat_password}
heat_enable_db_purge: {get_input: heat_enable_db_purge}
+ heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
# Keystone
keystone::admin_token: {get_input: admin_token}
+ keystone::roles::admin::password: {get_input: admin_password}
keystone_ca_certificate: {get_input: keystone_ca_certificate}
keystone_signing_key: {get_input: keystone_signing_key}
keystone_signing_certificate: {get_input: keystone_signing_certificate}
@@ -1631,13 +1653,18 @@ resources:
rabbitmq::file_limit: {get_input: rabbit_fd_limit}
rabbitmq::default_user: {get_input: rabbit_username}
rabbitmq::default_pass: {get_input: rabbit_password}
+ rabbit_ipv6: {get_input: rabbit_ipv6}
# Redis
redis::bind: {get_input: redis_network}
+ redis::requirepass: {get_input: redis_password}
+ redis::masterauth: {get_input: redis_password}
+ redis::sentinel_auth_pass: {get_input: redis_password}
redis_vip: {get_input: redis_vip}
# Firewall
tripleo::firewall::manage_firewall: {get_input: manage_firewall}
tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
# Misc
+ memcached_ipv6: {get_input: memcached_ipv6}
memcached::listen_ip: {get_input: memcached_network}
neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
ntp::servers: {get_input: ntp_servers}
@@ -1648,6 +1675,9 @@ resources:
tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
+ tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
+ tripleo::loadbalancer::redis_password: {get_input: redis_password}
tripleo::packages::enable_install: {get_input: enable_package_install}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml
index ebd6c251..312d49a0 100644
--- a/puppet/extraconfig/ceph/ceph-external-config.yaml
+++ b/puppet/extraconfig/ceph/ceph-external-config.yaml
@@ -41,6 +41,9 @@ parameters:
CephClientUserName:
default: openstack
type: string
+ CephIPv6:
+ default: False
+ type: boolean
resources:
CephClusterConfigImpl:
@@ -54,7 +57,9 @@ resources:
mapped_data:
ceph_storage_count: {get_param: ceph_storage_count}
enable_external_ceph: true
- ceph::profile::params::mon_host: {get_param: ceph_external_mon_ips}
+ ceph_ipv6: {get_param: CephIPv6}
+ ceph_mon_host: {get_param: ceph_external_mon_ips}
+ ceph_mon_host_v6: {get_param: ceph_external_mon_ips}
ceph::profile::params::fsid: {get_param: ceph_fsid}
ceph::profile::params::client_keys:
str_replace:
@@ -72,6 +77,7 @@ resources:
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
GLANCE_POOL: {get_param: GlanceRbdPoolName}
+ ceph::profile::params::ms_bind_ipv6: {get_param: CephIPv6}
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
index 905f196d..9b6981bb 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-11-12
+heat_template_version: 2015-10-15
description: Configure hieradata for Cinder Dell Storage Center configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
index c73608f1..36db334e 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-11-06
+heat_template_version: 2015-10-15
description: Configure hieradata for Cinder Eqlx configuration
diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml
index aab42849..f955034d 100644
--- a/puppet/extraconfig/tls/ca-inject.yaml
+++ b/puppet/extraconfig/tls/ca-inject.yaml
@@ -4,7 +4,7 @@ description: >
This is a template which will inject the trusted anchor.
parameters:
- # Can be overriden via parameter_defaults in the environment
+ # Can be overridden via parameter_defaults in the environment
SSLRootCertificate:
description: >
The content of a CA's SSL certificate file in PEM format.
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index 20bb3737..77b11378 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -5,7 +5,7 @@ description: >
for the load balancer using the given parameters.
parameters:
- # Can be overriden via parameter_defaults in the environment
+ # Can be overridden via parameter_defaults in the environment
SSLCertificate:
description: >
The content of the SSL certificate (without Key) in PEM format.
@@ -21,7 +21,7 @@ parameters:
type: string
hidden: true
- # Can be overriden by parameter_defaults if the user wants to try deploying
+ # Can be overridden by parameter_defaults if the user wants to try deploying
# this in a distro that doesn't support this path.
DeployedSSLCertificatePath:
default: '/etc/pki/tls/private/overcloud_endpoint.pem'
diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml
index 572eef9f..865210c9 100644
--- a/puppet/hieradata/compute.yaml
+++ b/puppet/hieradata/compute.yaml
@@ -7,7 +7,6 @@ nova::compute::instance_usage_audit: true
nova::compute::instance_usage_audit_period: 'hour'
nova::compute::vnc_enabled: true
-nova::compute::libvirt::vncserver_listen: '0.0.0.0'
nova::compute::libvirt::migration_support: true
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 3c60e905..3e523f1b 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -1,4 +1,5 @@
# Hiera data here applies to all controller nodes
+
nova::api::enabled: true
nova::conductor::enabled: true
nova::consoleauth::enabled: true
@@ -29,6 +30,9 @@ redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
+# keystone
+keystone::roles::admin::email: 'root@localhost'
+
# service tenant
glance::api::keystone_tenant: 'service'
aodh::api::keystone_tenant: 'service'
@@ -77,7 +81,6 @@ glance::api::pipeline: 'keystone'
glance::api::show_image_direct_url: true
glance::registry::pipeline: 'keystone'
glance::backend::swift::swift_store_create_container_on_put: true
-glance::backend::rbd::rbd_store_user: 'openstack'
glance_file_pcmk_directory: '/var/lib/glance/images'
# neutron
@@ -111,6 +114,9 @@ heat::cron::purge_deleted::age: 30
heat::cron::purge_deleted::age_type: 'days'
heat::cron::purge_deleted::maxdelay: 3600
heat::cron::purge_deleted::destination: '/dev/null'
+heat::keystone::domain::domain_name: 'heat_stack'
+heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
+heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
# pacemaker
pacemaker::corosync::cluster_name: 'tripleo_cluster'
diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp
index 0db5b45a..fd7faff1 100644
--- a/puppet/manifests/overcloud_cephstorage.pp
+++ b/puppet/manifests/overcloud_cephstorage.pp
@@ -40,6 +40,14 @@ if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
} -> Class['ceph::profile::osd']
}
+if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+} else {
+ $mon_host = hiera('ceph_mon_host')
+}
+class { '::ceph::profile::params':
+ mon_host => $mon_host,
+}
include ::ceph::conf
include ::ceph::profile::client
include ::ceph::profile::osd
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index dcf63740..13ae31c5 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -53,15 +53,17 @@ include ::nova
include ::nova::config
include ::nova::compute
-nova_config {
- 'DEFAULT/my_ip': value => $ipaddress;
- 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
- 'DEFAULT/host': value => $fqdn;
-}
-
$rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
$rbd_persistent_storage = hiera('rbd_persistent_storage', false)
if $rbd_ephemeral_storage or $rbd_persistent_storage {
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
+ class { '::ceph::profile::params':
+ mon_host => $mon_host,
+ }
include ::ceph::conf
include ::ceph::profile::client
@@ -83,7 +85,27 @@ if hiera('cinder_enable_nfs_backend', false) {
package {'nfs-utils': } -> Service['nova-compute']
}
-include ::nova::compute::libvirt
+if str2bool(hiera('nova::use_ipv6', false)) {
+ $vncserver_listen = '::0'
+} else {
+ $vncserver_listen = '0.0.0.0'
+}
+class { '::nova::compute::libvirt' :
+ vncserver_listen => $vncserver_listen,
+}
+
+nova_config {
+ 'DEFAULT/my_ip': value => $ipaddress;
+ 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
+ 'DEFAULT/host': value => $fqdn;
+ # TUNNELLED mode provides a security enhancement when using shared storage but is not
+ # supported when not using shared storage.
+ # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
+ # In future versions of QEMU (2.6, mostly), Dan's native encryption
+ # work will obsolete the need to use TUNNELLED transport mode.
+ 'libvirt/live_migration_tunnelled': value => $rbd_ephemeral_storage;
+}
+
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
file {'/etc/libvirt/qemu.conf':
ensure => present,
@@ -163,7 +185,7 @@ snmp::snmpv3_user { $snmpd_user:
}
class { '::snmp':
agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
}
hiera_include('compute_classes')
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index b78648fb..5b3e8f77 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -46,16 +46,26 @@ if hiera('step') >= 2 {
# MongoDB
if downcase(hiera('ceilometer_backend')) == 'mongodb' {
include ::mongodb::globals
-
+ include ::mongodb::client
include ::mongodb::server
- $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
+ # NOTE(gfidente): We need to pass the list of IPv6 addresses *with* port and
+ # without the brackets as 'members' argument for the 'mongodb_replset'
+ # resource.
+ if str2bool(hiera('mongodb::server::ipv6', false)) {
+ $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
+ $mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
+ $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
+ } else {
+ $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
+ $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
+ }
$mongo_node_string = join($mongo_node_ips_with_port, ',')
$mongodb_replset = hiera('mongodb::server::replset')
$ceilometer_mongodb_conn_string = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
if downcase(hiera('bootstrap_nodeid')) == $::hostname {
mongodb_replset { $mongodb_replset :
- members => $mongo_node_ips_with_port,
+ members => $mongo_node_ips_with_port_nobr,
}
}
}
@@ -118,13 +128,23 @@ if hiera('step') >= 2 {
$rabbit_nodes = hiera('rabbit_node_ips')
if count($rabbit_nodes) > 1 {
+
+ $rabbit_ipv6 = str2bool(hiera('rabbit_ipv6', false))
+ if $rabbit_ipv6 {
+ $rabbit_env = merge(hiera('rabbitmq_environment'), {
+ 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"'
+ })
+ } else {
+ $rabbit_env = hiera('rabbitmq_environment')
+ }
+
class { '::rabbitmq':
config_cluster => true,
cluster_nodes => $rabbit_nodes,
tcp_keepalive => false,
config_kernel_variables => hiera('rabbitmq_kernel_variables'),
config_variables => hiera('rabbitmq_config_variables'),
- environment_variables => hiera('rabbitmq_environment'),
+ environment_variables => $rabbit_env,
}
rabbitmq_policy { 'ha-all@/':
pattern => '^(?!amq\.).*',
@@ -142,8 +162,15 @@ if hiera('step') >= 2 {
$enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
if $enable_ceph {
+ $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
class { '::ceph::profile::params':
- mon_initial_members => downcase(hiera('ceph_mon_initial_members')),
+ mon_initial_members => $mon_initial_members,
+ mon_host => $mon_host,
}
include ::ceph::conf
include ::ceph::profile::mon
@@ -169,6 +196,14 @@ if hiera('step') >= 2 {
}
if str2bool(hiera('enable_external_ceph', false)) {
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
+ class { '::ceph::profile::params':
+ mon_host => $mon_host,
+ }
include ::ceph::conf
include ::ceph::profile::client
}
@@ -233,8 +268,15 @@ if hiera('step') >= 3 {
include ::glance::notify::rabbitmq
include join(['::glance::backend::', $glance_backend])
+ $nova_ipv6 = hiera('nova::use_ipv6', false)
+ if $nova_ipv6 {
+ $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211')
+ } else {
+ $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211')
+ }
+
class { '::nova' :
- memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'),
+ memcached_servers => $memcached_servers
}
include ::nova::config
include ::nova::api
@@ -607,8 +649,15 @@ if hiera('step') >= 3 {
}
$neutron_options = {'profile_support' => $_profile_support }
+ $memcached_ipv6 = hiera('memcached_ipv6', false)
+ if $memcached_ipv6 {
+ $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
+ } else {
+ $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
+ }
+
class { '::horizon':
- cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'),
+ cache_server_ip => $horizon_memcached_servers,
neutron_options => $neutron_options,
}
@@ -619,7 +668,7 @@ if hiera('step') >= 3 {
}
class { '::snmp':
agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
}
hiera_include('controller_classes')
@@ -644,6 +693,23 @@ if hiera('step') >= 4 {
if $heat_enable_db_purge {
include ::heat::cron::purge_deleted
}
+
+ if downcase(hiera('bootstrap_nodeid')) == $::hostname {
+ include ::keystone::roles::admin
+ # Class ::heat::keystone::domain has to run on bootstrap node
+ # because it creates DB entities via API calls.
+ include ::heat::keystone::domain
+
+ Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+ } else {
+ # On non-bootstrap node we don't need to create Keystone resources again
+ class { '::heat::keystone::domain':
+ manage_domain => false,
+ manage_user => false,
+ manage_role => false,
+ }
+ }
+
} #END STEP 4
$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')])
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index c91e179e..7c5fd6bd 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -34,7 +34,7 @@ $enable_load_balancer = hiera('enable_load_balancer', true)
# When to start and enable services which haven't been Pacemakerized
# FIXME: remove when we start all OpenStack services using Pacemaker
-# (occurences of this variable will be gradually replaced with false)
+# (occurrences of this variable will be gradually replaced with false)
$non_pcmk_start = hiera('step') >= 4
if hiera('step') >= 1 {
@@ -68,9 +68,6 @@ if hiera('step') >= 1 {
} else {
$cluster_setup_extras = {}
}
- user { 'hacluster':
- ensure => present,
- } ->
class { '::pacemaker':
hacluster_pwd => hiera('hacluster_pwd'),
} ->
@@ -100,12 +97,21 @@ if hiera('step') >= 1 {
# avoid races where non-master nodes attempt to start without
# config (eg. binding on 0.0.0.0)
# The module ignores erlang_cookie if cluster_config is false
+ $rabbit_ipv6 = str2bool(hiera('rabbit_ipv6', false))
+ if $rabbit_ipv6 {
+ $rabbit_env = merge(hiera('rabbitmq_environment'), {
+ 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"'
+ })
+ } else {
+ $rabbit_env = hiera('rabbitmq_environment')
+ }
+
class { '::rabbitmq':
service_manage => false,
tcp_keepalive => false,
config_kernel_variables => hiera('rabbitmq_kernel_variables'),
config_variables => hiera('rabbitmq_config_variables'),
- environment_variables => hiera('rabbitmq_environment'),
+ environment_variables => $rabbit_env,
} ->
file { '/var/lib/rabbitmq/.erlang.cookie':
ensure => file,
@@ -118,6 +124,7 @@ if hiera('step') >= 1 {
if downcase(hiera('ceilometer_backend')) == 'mongodb' {
include ::mongodb::globals
+ include ::mongodb::client
class { '::mongodb::server' :
service_manage => false,
}
@@ -192,8 +199,19 @@ if hiera('step') >= 1 {
if hiera('step') >= 2 {
# NOTE(gfidente): the following vars are needed on all nodes so they
- # need to stay out of pacemaker_master conditional
- $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
+ # need to stay out of pacemaker_master conditional.
+ # The addresses mangling will hopefully go away when we'll be able to
+ # configure the connection string via hostnames, until then, we need to pass
+ # the list of IPv6 addresses *with* port and without the brackets as 'members'
+ # argument for the 'mongodb_replset' resource.
+ if str2bool(hiera('mongodb::server::ipv6', false)) {
+ $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
+ $mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
+ $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
+ } else {
+ $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
+ $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
+ }
$mongodb_replset = hiera('mongodb::server::replset')
if $pacemaker_master {
@@ -422,7 +440,7 @@ if hiera('step') >= 2 {
before => Mongodb_replset[$mongodb_replset],
}
mongodb_replset { $mongodb_replset :
- members => $mongo_node_ips_with_port,
+ members => $mongo_node_ips_with_port_nobr,
}
}
@@ -517,8 +535,15 @@ MYSQL_HOST=localhost\n",
$enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
if $enable_ceph {
+ $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
class { '::ceph::profile::params':
- mon_initial_members => downcase(hiera('ceph_mon_initial_members')),
+ mon_initial_members => $mon_initial_members,
+ mon_host => $mon_host,
}
include ::ceph::conf
include ::ceph::profile::mon
@@ -544,6 +569,14 @@ MYSQL_HOST=localhost\n",
}
if str2bool(hiera('enable_external_ceph', false)) {
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
+ class { '::ceph::profile::params':
+ mon_host => $mon_host,
+ }
include ::ceph::conf
include ::ceph::profile::client
}
@@ -1085,8 +1118,16 @@ if hiera('step') >= 3 {
$_profile_support = 'None'
}
$neutron_options = {'profile_support' => $_profile_support }
+
+ $memcached_ipv6 = hiera('memcached_ipv6', false)
+ if $memcached_ipv6 {
+ $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
+ } else {
+ $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
+ }
+
class { '::horizon':
- cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'),
+ cache_server_ip => $horizon_memcached_servers,
neutron_options => $neutron_options,
}
@@ -1123,7 +1164,7 @@ if hiera('step') >= 3 {
}
class { '::snmp':
agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
}
hiera_include('controller_classes')
@@ -1903,6 +1944,16 @@ if hiera('step') >= 5 {
class {'::keystone::endpoint' :
require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
+ include ::heat::keystone::domain
+ Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+
+ } else {
+ # On non-master controller we don't need to create Keystone resources again
+ class { '::heat::keystone::domain':
+ manage_domain => false,
+ manage_user => false,
+ manage_role => false,
+ }
}
} #END STEP 5
diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp
index 1ac66904..ae074589 100644
--- a/puppet/manifests/overcloud_object.pp
+++ b/puppet/manifests/overcloud_object.pp
@@ -50,7 +50,7 @@ snmp::snmpv3_user { $snmpd_user:
}
class { '::snmp':
agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
}
hiera_include('object_classes')
diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp
index 66722f57..134dc43b 100644
--- a/puppet/manifests/overcloud_volume.pp
+++ b/puppet/manifests/overcloud_volume.pp
@@ -54,7 +54,7 @@ snmp::snmpv3_user { $snmpd_user:
}
class { '::snmp':
agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
}
hiera_include('volume_classes')
diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml
index 3b04be83..8a4ea21f 100644
--- a/puppet/swift-storage.yaml
+++ b/puppet/swift-storage.yaml
@@ -30,6 +30,10 @@ parameters:
default: 10
description: Partition Power to use when building Swift rings
type: number
+ RingBuild:
+ default: true
+ description: Whether to manage Swift rings or not
+ type: boolean
Replicas:
type: number
default: 3
@@ -83,6 +87,9 @@ parameters:
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
+ SwiftStorageIPs:
+ default: {}
+ type: json
NetworkDeploymentActions:
type: comma_delimited_list
description: >
@@ -111,6 +118,9 @@ parameters:
type: json
description: Optional scheduler hints to pass to nova
default: {}
+ NodeIndex:
+ type: number
+ default: 0
resources:
@@ -156,31 +166,43 @@ resources:
type: OS::TripleO::SwiftStorage::Ports::ExternalPort
properties:
ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: SwiftStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
InternalApiPort:
type: OS::TripleO::SwiftStorage::Ports::InternalApiPort
properties:
ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: SwiftStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
StoragePort:
type: OS::TripleO::SwiftStorage::Ports::StoragePort
properties:
ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: SwiftStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
StorageMgmtPort:
type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort
properties:
ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: SwiftStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
TenantPort:
type: OS::TripleO::SwiftStorage::Ports::TenantPort
properties:
ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: SwiftStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
ManagementPort:
type: OS::TripleO::SwiftStorage::Ports::ManagementPort
properties:
ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IPPool: {get_param: SwiftStorageIPs}
+ NodeIndex: {get_param: NodeIndex}
NetworkConfig:
type: OS::TripleO::ObjectStorage::Net::SoftwareConfig
@@ -245,17 +267,14 @@ resources:
raw_data: {get_file: hieradata/object.yaml}
mapped_data: # data supplied directly to this deployment configuration, etc
swift::swift_hash_suffix: { get_input: swift_hash_suffix }
+ tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
tripleo::ringbuilder::part_power: { get_input: swift_part_power }
tripleo::ringbuilder::replicas: {get_input: swift_replicas }
- # Swift
swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
swift_mount_check: {get_input: swift_mount_check }
tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours }
ntp::servers: {get_input: ntp_servers}
timezone::timezone: {get_input: timezone}
- # NOTE(dprince): build_ring support is currently not wired in.
- # See: https://review.openstack.org/#/c/109225/
- tripleo::ringbuilder::build_ring: True
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
tripleo::packages::enable_install: {get_input: enable_package_install}
@@ -276,6 +295,7 @@ resources:
swift_hash_suffix: {get_param: HashSuffix}
swift_mount_check: {get_param: MountCheck}
swift_min_part_hours: {get_param: MinPartHours}
+ swift_ring_build: {get_param: RingBuild}
swift_part_power: {get_param: PartPower}
swift_replicas: { get_param: Replicas}
ntp_servers: {get_param: NtpServer}
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py
index fe690d8c..2da873d0 100755
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@@ -24,10 +24,19 @@ def exit_usage():
def validate(filename):
print('Validating %s' % filename)
try:
- yaml.load(open(filename).read())
+ tpl = yaml.load(open(filename).read())
except Exception:
print(traceback.format_exc())
return 1
+ # yaml is OK, now walk the parameters and output a warning for unused ones
+ for p in tpl.get('parameters', {}):
+ str_p = '\'%s\'' % p
+ in_resources = str_p in str(tpl.get('resources', {}))
+ in_outputs = str_p in str(tpl.get('outputs', {}))
+ if not in_resources and not in_outputs:
+ print('Warning: parameter %s in template %s appears to be unused'
+ % (p, filename))
+
return 0
if len(sys.argv) < 2: