summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.rst2
-rw-r--r--ci/environments/scenario002-multinode.yaml2
-rw-r--r--environments/services/ec2-api.yaml3
-rw-r--r--environments/tls-endpoints-public-dns.yaml3
-rw-r--r--environments/tls-endpoints-public-ip.yaml3
-rw-r--r--environments/tls-everywhere-endpoints-dns.yaml3
-rw-r--r--network/endpoints/endpoint_data.yaml9
-rw-r--r--network/endpoints/endpoint_map.yaml246
-rw-r--r--network/service_net_map.j2.yaml2
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml1
-rw-r--r--puppet/services/ec2-api.yaml118
-rw-r--r--roles_data.yaml1
12 files changed, 393 insertions, 0 deletions
diff --git a/README.rst b/README.rst
index 0884267a..a9d8b382 100644
--- a/README.rst
+++ b/README.rst
@@ -116,5 +116,7 @@ and should be executed according to the following table:
+----------------+-------------+-------------+-------------+-------------+-----------------+
| zaqar | | X | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+
+| ec2api | | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
| cephrgw | | X | | X | |
+----------------+-------------+-------------+-------------+-------------+-----------------+
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml
index 636b3a26..0dfa78d3 100644
--- a/ci/environments/scenario002-multinode.yaml
+++ b/ci/environments/scenario002-multinode.yaml
@@ -3,6 +3,7 @@ resource_registry:
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
+ OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml
parameter_defaults:
ControllerServices:
@@ -45,6 +46,7 @@ parameter_defaults:
- OS::TripleO::Services::BarbicanApi
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::Ec2Api
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/environments/services/ec2-api.yaml b/environments/services/ec2-api.yaml
new file mode 100644
index 00000000..d751ba23
--- /dev/null
+++ b/environments/services/ec2-api.yaml
@@ -0,0 +1,3 @@
+# A Heat environment file which can be used to enable EC2-API service.
+resource_registry:
+ OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 74c9f61d..32c999b7 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -17,6 +17,9 @@ parameter_defaults:
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
+ Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
+ Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
+ Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 17ff2feb..833e447f 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -17,6 +17,9 @@ parameter_defaults:
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'}
+ Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
+ Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
+ Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index 0aa2be08..d56f87d4 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -17,6 +17,9 @@ parameter_defaults:
CinderAdmin: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
CinderInternal: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
+ Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
+ Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
+ Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
GlanceAdmin: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
GlanceInternal: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index 5a7bdda9..d9f125c0 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -28,6 +28,15 @@ Ceilometer:
net_param: CeilometerApi
port: 8777
+Ec2Api:
+ Internal:
+ net_param: Ec2Api
+ Public:
+ net_param: Public
+ Admin:
+ net_param: Ec2Api
+ port: 8788
+
Gnocchi:
Internal:
net_param: GnocchiApi
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 8ce62484..83c69ec6 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -34,6 +34,9 @@ parameters:
CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS}
CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS}
CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS}
+ Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
+ Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
+ Ec2ApiPublic: {protocol: http, port: '8788', host: IP_ADDRESS}
GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS}
GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS}
GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS}
@@ -1810,6 +1813,249 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, CinderPublic, port]
+ Ec2ApiAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, Ec2ApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ port:
+ get_param: [EndpointMap, Ec2ApiAdmin, port]
+ protocol:
+ get_param: [EndpointMap, Ec2ApiAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, Ec2ApiAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, Ec2ApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, Ec2ApiAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, Ec2ApiAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, Ec2ApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, Ec2ApiAdmin, port]
+ Ec2ApiInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, Ec2ApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ port:
+ get_param: [EndpointMap, Ec2ApiInternal, port]
+ protocol:
+ get_param: [EndpointMap, Ec2ApiInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, Ec2ApiInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, Ec2ApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, Ec2ApiInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, Ec2ApiInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, Ec2ApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, Ec2ApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, Ec2ApiInternal, port]
+ Ec2ApiPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, Ec2ApiPublic, port]
+ protocol:
+ get_param: [EndpointMap, Ec2ApiPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, Ec2ApiPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, Ec2ApiPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, Ec2ApiPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, Ec2ApiPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, Ec2ApiPublic, port]
GlanceAdmin:
host:
str_replace:
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index cb4f464a..e07f8552 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -48,6 +48,8 @@ parameters:
NovaPlacementNetwork: internal_api
NovaMetadataNetwork: internal_api
NovaVncProxyNetwork: internal_api
+ Ec2ApiNetwork: internal_api
+ Ec2ApiMetadataNetwork: internal_api
SwiftStorageNetwork: storage_mgmt
SwiftProxyNetwork: storage
SaharaApiNetwork: internal_api
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 0612b186..371a696d 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -237,6 +237,7 @@ resource_registry:
OS::TripleO::Services::NeutronML2FujitsuFossw: OS::Heat::None
OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
OS::TripleO::Services::Etcd: OS::Heat::None
+ OS::TripleO::Services::Ec2Api: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false
diff --git a/puppet/services/ec2-api.yaml b/puppet/services/ec2-api.yaml
new file mode 100644
index 00000000..7049d773
--- /dev/null
+++ b/puppet/services/ec2-api.yaml
@@ -0,0 +1,118 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack EC2-API service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ Ec2ApiWorkers:
+ default: 0
+ description: Number of workers for EC2-API service.
+ type: number
+ Ec2ApiPassword:
+ description: The password for the nova service and db account, used by nova-api.
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+ MonitoringSubscriptionEc2Api:
+ default: 'overcloud-ec2-api'
+ type: string
+ Ec2ApiLoggingSource:
+ type: json
+ default:
+ tag: openstack.ec2.api
+ path: /var/log/ec2api/ec2api.log
+ EnablePackageInstall:
+ default: 'false'
+ description: Set to true to enable package installation via Puppet
+ type: boolean
+
+
+conditions:
+ nova_workers_zero: {equals : [{get_param: Ec2ApiWorkers}, 0]}
+
+outputs:
+ role_data:
+ description: Role data for the EC2-API service.
+ value:
+ service_name: ec2_api
+ monitoring_subscription: {get_param: MonitoringSubscriptionEc2Api}
+ logging_source: {get_param: Ec2ApiLoggingSource}
+ logging_groups:
+ - nova
+ config_settings:
+ map_merge:
+ - tripleo.ec2_api.firewall_rules:
+ '113 ec2_api':
+ dport:
+ - 8788
+ - 13788
+ ec2api::keystone::authtoken::project_name: 'service'
+ ec2api::keystone::authtoken::password: {get_param: Ec2ApiPassword}
+ ec2api::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ ec2api::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ ec2api::api::enabled: true
+ ec2api::package_manage: {get_param: EnablePackageInstall}
+ ec2api::api::ec2api_listen:
+ str_replace:
+ template:
+ '"%{::fqdn_$NETWORK}"'
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, Ec2ApiNetwork]}
+ ec2api::metadata::metadata_listen:
+ str_replace:
+ template:
+ '"%{::fqdn_$NETWORK}"'
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, Ec2ApiMetadataNetwork]}
+ ec2api::db::database_connection:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://ec2_api:'
+ - {get_param: Ec2ApiPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/ec2_api'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+ -
+ if:
+ - nova_workers_zero
+ - {}
+ - ec2api::api::ec2api_workers: {get_param: Ec2ApiWorkers}
+ ec2api::metadata::metadata_workers: {get_param: Ec2ApiWorkers}
+ step_config: |
+ include tripleo::profile::base::nova::ec2api
+ service_config_settings:
+ keystone:
+ ec2api::keystone::auth::tenant: 'service'
+ ec2api::keystone::auth::public_url: {get_param: [EndpointMap, Ec2ApiPublic, uri]}
+ ec2api::keystone::auth::internal_url: {get_param: [EndpointMap, Ec2ApiInternal, uri]}
+ ec2api::keystone::auth::admin_url: {get_param: [EndpointMap, Ec2ApiAdmin, uri]}
+ ec2api::keystone::auth::password: {get_param: Ec2ApiPassword}
+ ec2api::keystone::auth::region: {get_param: KeystoneRegion}
+ mysql:
+ ec2api::db::mysql::password: {get_param: Ec2ApiPassword}
+ ec2api::db::mysql::user: ec2_api
+ ec2api::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ ec2api::db::mysql::dbname: ec2_api
+ ec2api::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
diff --git a/roles_data.yaml b/roles_data.yaml
index 39cb56f9..90250aa8 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -64,6 +64,7 @@
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaConsoleauth
- OS::TripleO::Services::NovaVncProxy
+ - OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftStorage