summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--capabilities-map.yaml18
-rw-r--r--ci/environments/multinode-3nodes.yaml1
-rw-r--r--ci/environments/multinode.yaml9
-rw-r--r--ci/environments/multinode_major_upgrade.yaml11
-rw-r--r--ci/environments/scenario001-multinode.yaml25
-rw-r--r--ci/environments/scenario002-multinode.yaml10
-rw-r--r--ci/environments/scenario003-multinode.yaml8
-rwxr-xr-xdocker/docker-puppet.py21
-rwxr-xr-xdocker/docker-toool189
-rw-r--r--docker/post.j2.yaml29
-rw-r--r--docker/services/database/mongodb.yaml24
-rw-r--r--docker/services/database/mysql.yaml26
-rw-r--r--docker/services/glance-api.yaml11
-rw-r--r--docker/services/heat-api-cfn.yaml17
-rw-r--r--docker/services/heat-api.yaml17
-rw-r--r--docker/services/heat-engine.yaml11
-rw-r--r--docker/services/ironic-api.yaml17
-rw-r--r--docker/services/ironic-conductor.yaml17
-rw-r--r--docker/services/ironic-pxe.yaml16
-rw-r--r--docker/services/keystone.yaml21
-rw-r--r--docker/services/memcached.yaml11
-rw-r--r--docker/services/mistral-api.yaml17
-rw-r--r--docker/services/mistral-engine.yaml17
-rw-r--r--docker/services/mistral-executor.yaml17
-rw-r--r--docker/services/neutron-api.yaml20
-rw-r--r--docker/services/neutron-dhcp.yaml17
-rw-r--r--docker/services/neutron-l3.yaml88
-rw-r--r--docker/services/neutron-ovs-agent.yaml11
-rw-r--r--docker/services/neutron-plugin-ml2.yaml11
-rw-r--r--docker/services/nova-api.yaml27
-rw-r--r--docker/services/nova-compute.yaml11
-rw-r--r--docker/services/nova-conductor.yaml17
-rw-r--r--docker/services/nova-ironic.yaml17
-rw-r--r--docker/services/nova-libvirt.yaml17
-rw-r--r--docker/services/nova-metadata.yaml11
-rw-r--r--docker/services/nova-placement.yaml17
-rw-r--r--docker/services/nova-scheduler.yaml7
-rw-r--r--docker/services/rabbitmq.yaml11
-rw-r--r--docker/services/services.yaml4
-rw-r--r--docker/services/swift-proxy.yaml11
-rw-r--r--docker/services/swift-ringbuilder.yaml11
-rw-r--r--docker/services/swift-storage.yaml11
-rw-r--r--docker/services/zaqar.yaml11
-rw-r--r--environments/docker.yaml3
-rw-r--r--environments/hyperconverged-ceph.yaml5
-rw-r--r--environments/major-upgrade-composable-steps.yaml2
-rw-r--r--environments/services/vpp.yaml9
-rw-r--r--environments/undercloud.yaml1
-rw-r--r--extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml4
-rw-r--r--extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml16
-rw-r--r--extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration82
-rwxr-xr-xextraconfig/tasks/major_upgrade_controller_pacemaker_2.sh1
-rw-r--r--extraconfig/tasks/major_upgrade_pacemaker.yaml4
-rwxr-xr-xextraconfig/tasks/yum_update.sh5
-rw-r--r--network/ports/net_ip_list_map.yaml65
-rw-r--r--network/ports/net_ip_map.yaml155
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml1
-rw-r--r--overcloud.j2.yaml10
-rw-r--r--plan-environment.yaml5
-rw-r--r--puppet/all-nodes-config.yaml44
-rw-r--r--puppet/blockstorage-role.yaml1
-rw-r--r--puppet/cephstorage-role.yaml1
-rw-r--r--puppet/compute-role.yaml1
-rw-r--r--puppet/controller-role.yaml1
-rw-r--r--puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml65
-rw-r--r--puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml47
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml13
-rw-r--r--puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml29
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml55
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml23
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml81
-rw-r--r--puppet/objectstorage-role.yaml1
-rw-r--r--puppet/role.role.j2.yaml1
-rw-r--r--puppet/services/README.rst25
-rw-r--r--puppet/services/aodh-api.yaml2
-rw-r--r--puppet/services/aodh-evaluator.yaml9
-rw-r--r--puppet/services/aodh-listener.yaml9
-rw-r--r--puppet/services/aodh-notifier.yaml9
-rw-r--r--puppet/services/apache-internal-tls-certmonger.yaml6
-rw-r--r--puppet/services/apache.yaml6
-rw-r--r--puppet/services/auditd.yaml16
-rw-r--r--puppet/services/barbican-api.yaml10
-rw-r--r--puppet/services/ceilometer-agent-central.yaml12
-rw-r--r--puppet/services/ceilometer-agent-compute.yaml12
-rw-r--r--puppet/services/ceilometer-agent-notification.yaml9
-rw-r--r--puppet/services/ceilometer-api.yaml2
-rw-r--r--puppet/services/ceilometer-collector.yaml9
-rw-r--r--puppet/services/ceph-mon.yaml43
-rw-r--r--puppet/services/ceph-osd.yaml50
-rw-r--r--puppet/services/ceph-rgw.yaml13
-rw-r--r--puppet/services/cinder-api.yaml16
-rw-r--r--puppet/services/cinder-scheduler.yaml9
-rw-r--r--puppet/services/cinder-volume.yaml9
-rw-r--r--puppet/services/congress.yaml27
-rw-r--r--puppet/services/database/mysql-client.yaml6
-rw-r--r--puppet/services/disabled/glance-registry.yaml2
-rw-r--r--puppet/services/ec2-api.yaml25
-rw-r--r--puppet/services/etcd.yaml17
-rw-r--r--puppet/services/glance-api.yaml18
-rw-r--r--puppet/services/gnocchi-api.yaml2
-rw-r--r--puppet/services/gnocchi-metricd.yaml9
-rw-r--r--puppet/services/gnocchi-statsd.yaml9
-rw-r--r--puppet/services/haproxy.yaml10
-rw-r--r--puppet/services/heat-api-cfn.yaml9
-rw-r--r--puppet/services/heat-api-cloudwatch.yaml9
-rw-r--r--puppet/services/heat-api.yaml9
-rw-r--r--puppet/services/heat-base.yaml5
-rw-r--r--puppet/services/heat-engine.yaml9
-rw-r--r--puppet/services/horizon.yaml17
-rw-r--r--puppet/services/ironic-api.yaml2
-rw-r--r--puppet/services/ironic-conductor.yaml2
-rw-r--r--puppet/services/keystone.yaml3
-rw-r--r--puppet/services/logging/fluentd-client.yaml13
-rw-r--r--puppet/services/metrics/collectd.yaml13
-rw-r--r--puppet/services/mistral-api.yaml19
-rw-r--r--puppet/services/mistral-engine.yaml19
-rw-r--r--puppet/services/mistral-executor.yaml19
-rw-r--r--puppet/services/monitoring/sensu-client.yaml13
-rw-r--r--puppet/services/neutron-api.yaml9
-rw-r--r--puppet/services/neutron-dhcp.yaml9
-rw-r--r--puppet/services/neutron-l3.yaml9
-rw-r--r--puppet/services/neutron-metadata.yaml9
-rw-r--r--puppet/services/neutron-ovs-agent.yaml9
-rw-r--r--puppet/services/nova-api.yaml3
-rw-r--r--puppet/services/nova-compute.yaml2
-rw-r--r--puppet/services/nova-conductor.yaml7
-rw-r--r--puppet/services/nova-consoleauth.yaml2
-rw-r--r--puppet/services/nova-placement.yaml2
-rw-r--r--puppet/services/nova-scheduler.yaml5
-rw-r--r--puppet/services/nova-vnc-proxy.yaml2
-rw-r--r--puppet/services/opendaylight-api.yaml5
-rw-r--r--puppet/services/pacemaker.yaml2
-rw-r--r--puppet/services/pacemaker/rabbitmq.yaml29
-rw-r--r--puppet/services/panko-api.yaml19
-rw-r--r--puppet/services/sahara-api.yaml2
-rw-r--r--puppet/services/sahara-engine.yaml2
-rw-r--r--puppet/services/snmp.yaml2
-rw-r--r--puppet/services/swift-proxy.yaml2
-rw-r--r--puppet/services/swift-storage.yaml2
-rw-r--r--puppet/services/tacker.yaml27
-rw-r--r--puppet/services/vpp.yaml47
-rw-r--r--puppet/services/zaqar.yaml20
-rw-r--r--releasenotes/notes/6.0.0-b52a14a71fc62788.yaml2
-rw-r--r--releasenotes/notes/vpp-84d35e51ff62a58c.yaml6
-rw-r--r--roles_data.yaml6
-rw-r--r--roles_data_undercloud.yaml1
-rwxr-xr-xtools/yaml-validate.py18
147 files changed, 1900 insertions, 543 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml
index cc22ff92..26ed7f2a 100644
--- a/capabilities-map.yaml
+++ b/capabilities-map.yaml
@@ -335,21 +335,11 @@ topics:
description: Enables Neutron Nuage backend on the controller
requires:
- overcloud-resource-registry-puppet.yaml
- - file: environments/neutron-opencontrail.yaml
- title: OpenContrail Extensions
- description: Enables OpenContrail extensions
- requires:
- - overcloud-resource-registry-puppet.yaml
- file: environments/neutron-opendaylight.yaml
title: OpenDaylight
description: Enables OpenDaylight
requires:
- overcloud-resource-registry-puppet.yaml
- - file: environments/neutron-opendaylight-l3.yaml
- title: OpenDaylight with L3 DVR
- description: Enables OpenDaylight with L3 DVR
- requires:
- - overcloud-resource-registry-puppet.yaml
- file: environments/neutron-ovs-dpdk.yaml
title: DPDK with OVS
description: Deploy DPDK with OVS
@@ -544,14 +534,6 @@ topics:
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Manage Firewall
- description:
- environments:
- - file: environments/manage-firewall.yaml
- title: Manage Firewall
- description:
- requires:
- - overcloud-resource-registry-puppet.yaml
- title: Operational Tools
description:
diff --git a/ci/environments/multinode-3nodes.yaml b/ci/environments/multinode-3nodes.yaml
index 03065c6a..d6e2376a 100644
--- a/ci/environments/multinode-3nodes.yaml
+++ b/ci/environments/multinode-3nodes.yaml
@@ -55,6 +55,7 @@
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::MySQLClient
- name: Controller
CountDefault: 1
diff --git a/ci/environments/multinode.yaml b/ci/environments/multinode.yaml
index d89a4942..c946ec8a 100644
--- a/ci/environments/multinode.yaml
+++ b/ci/environments/multinode.yaml
@@ -1,6 +1,15 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
parameter_defaults:
ControllerServices:
diff --git a/ci/environments/multinode_major_upgrade.yaml b/ci/environments/multinode_major_upgrade.yaml
index af409835..2251cc0c 100644
--- a/ci/environments/multinode_major_upgrade.yaml
+++ b/ci/environments/multinode_major_upgrade.yaml
@@ -1,6 +1,15 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
parameter_defaults:
ControllerServices:
@@ -44,6 +53,8 @@ parameter_defaults:
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::Horizon
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml
index e09ca705..a6f35711 100644
--- a/ci/environments/scenario001-multinode.yaml
+++ b/ci/environments/scenario001-multinode.yaml
@@ -1,13 +1,24 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml
- OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml
- OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml
- OS::TripleO::Services::PankoApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/panko-api.yaml
- OS::TripleO::Services::Collectd: /usr/share/openstack-tripleo-heat-templates/puppet/services/metrics/collectd.yaml
- OS::TripleO::Services::Tacker: /usr/share/openstack-tripleo-heat-templates/puppet/services/tacker.yaml
- OS::TripleO::Services::Congress: /usr/share/openstack-tripleo-heat-templates/puppet/services/congress.yaml
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
+ OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml
+ OS::TripleO::Services::Collectd: ../../puppet/services/metrics/collectd.yaml
+ OS::TripleO::Services::Tacker: ../../puppet/services/tacker.yaml
+ OS::TripleO::Services::Congress: ../../puppet/services/congress.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::Redis: ../../puppet/services/pacemaker/database/redis.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
parameter_defaults:
ControllerServices:
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml
index 3207d133..cbcfa9b3 100644
--- a/ci/environments/scenario002-multinode.yaml
+++ b/ci/environments/scenario002-multinode.yaml
@@ -4,6 +4,16 @@ resource_registry:
OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
parameter_defaults:
ControllerServices:
diff --git a/ci/environments/scenario003-multinode.yaml b/ci/environments/scenario003-multinode.yaml
index 1dc8b13d..6e926f74 100644
--- a/ci/environments/scenario003-multinode.yaml
+++ b/ci/environments/scenario003-multinode.yaml
@@ -6,6 +6,14 @@ resource_registry:
OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml
OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml
OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
parameter_defaults:
ControllerServices:
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index 1bb8bc2b..157bf63f 100755
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -46,6 +46,15 @@ def pull_image(name):
def rm_container(name):
+ if os.environ.get('SHOW_DIFF', None):
+ print('Diffing container: %s' % name)
+ subproc = subprocess.Popen(['/usr/bin/docker', 'diff', name],
+ stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE)
+ cmd_stdout, cmd_stderr = subproc.communicate()
+ print(cmd_stdout)
+ print(cmd_stderr)
+
print('Removing container: %s' % name)
subproc = subprocess.Popen(['/usr/bin/docker', 'rm', name],
stdout=subprocess.PIPE,
@@ -78,12 +87,24 @@ configs = {}
for service in (json_data or []):
if service is None:
continue
+ if isinstance(service, dict):
+ service = [
+ service.get('config_volume'),
+ service.get('puppet_tags'),
+ service.get('step_config'),
+ service.get('config_image'),
+ service.get('volumes', []),
+ ]
+
config_volume = service[0] or ''
puppet_tags = service[1] or ''
manifest = service[2] or ''
config_image = service[3] or ''
volumes = service[4] if len(service) > 4 else []
+ if not manifest or not config_image:
+ continue
+
print('---------')
print('config_volume %s' % config_volume)
print('puppet_tags %s' % puppet_tags)
diff --git a/docker/docker-toool b/docker/docker-toool
new file mode 100755
index 00000000..36aba4a7
--- /dev/null
+++ b/docker/docker-toool
@@ -0,0 +1,189 @@
+#!/usr/bin/env python
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import argparse
+import os
+import shutil
+import sys
+import json
+
+docker_cmd = '/bin/docker'
+
+# Tool to start docker containers as configured via
+# tripleo-heat-templates.
+#
+# This tool reads data from a json file generated from heat when the
+# TripleO stack is run. All the configuration data used to start the
+# containerized services is in this file.
+#
+# By default this tool lists all the containers that are started and
+# their start order.
+#
+# If you wish to see the command line used to start a given container,
+# specify it by name using the --container argument. --run can then be
+# used with this to actually execute docker to run the container.\n
+#
+# Other options listed allow you to modify this command line for
+# debugging purposes. For example:
+#
+# docker-toool -c swift-proxy -r -e /bin/bash -u root -i -n test
+#
+# will run the swift proxy container as user root, executing /bin/bash,
+#
+# named 'test', and will run interactively (eg -ti).
+
+
+def parse_opts(argv):
+ parser = argparse.ArgumentParser("Tool to start docker containers via "
+ "TripleO configurations")
+ parser.add_argument('-f', '--config',
+ help="""File to use as docker startup configuration data.""",
+ default='/var/lib/docker-container-startup-configs.json')
+ parser.add_argument('-r', '--run',
+ action='store_true',
+ help="""Run the container as specified with --container.""",
+ default=False)
+ parser.add_argument('-e', '--command',
+ help="""Override the command used to run the container.""",
+ default='')
+ parser.add_argument('-c', '--container',
+ help="""Specify a container to run or show the command for.""",
+ default='')
+ parser.add_argument('-u', '--user',
+ help="""User to run container as.""",
+ default='')
+ parser.add_argument('-n', '--name',
+ help="""Name of container.""",
+ default='')
+ parser.add_argument('-i', '--interactive',
+ action='store_true',
+ help="""Start docker container interactively (-ti).""",
+ default=False)
+ opts = parser.parse_args(argv[1:])
+
+ return opts
+
+def docker_arg_map(key, value):
+ value = str(value).encode('ascii', 'ignore')
+ return {
+ 'environment': "--env=%s" % value,
+ # 'image': value,
+ 'net': "--net=%s" % value,
+ 'pid': "--pid=%s" % value,
+ 'privileged': "--privileged=%s" % value.lower(),
+ #'restart': "--restart=%s" % "false",
+ 'user': "--user=%s" % value,
+ 'volumes': "--volume=%s" % value,
+ 'volumes_from': "--volumes-from=%s" % value,
+ }.get(key, None)
+
+def run_docker_container(opts, container_name):
+ container_found = False
+
+ with open(opts.config) as f:
+ json_data = json.load(f)
+
+ for step in (json_data or []):
+ if step is None:
+ continue
+ for container in (json_data[step] or []):
+ if container == container_name:
+ print('container found: %s' % container)
+ container_found = True
+ # A few positional arguments:
+ command = ''
+ image = ''
+
+ cmd = [
+ docker_cmd,
+ 'run',
+ '--name',
+ opts.name or container
+ ]
+ for container_data in (json_data[step][container] or []):
+ if container_data == "environment":
+ for env in (json_data[step][container][container_data] or []):
+ arg = docker_arg_map("environment", env)
+ if arg:
+ cmd.append(arg)
+ elif container_data == "volumes":
+ for volume in (json_data[step][container][container_data] or []):
+ arg = docker_arg_map("volumes", volume)
+ if arg:
+ cmd.append(arg)
+ elif container_data == "volumes_from":
+ for volume in (json_data[step][container][container_data] or []):
+ arg = docker_arg_map("volumes_from", volume)
+ if arg:
+ cmd.append(arg)
+ elif container_data == 'command':
+ command = json_data[step][container][container_data]
+ elif container_data == 'image':
+ image = json_data[step][container][container_data]
+ else:
+ # Only add a restart if we're not interactive
+ if container_data == 'restart':
+ if opts.interactive:
+ continue
+ if container_data == 'user':
+ if opts.user:
+ continue
+ arg = docker_arg_map(container_data,
+ json_data[step][container][container_data])
+ if arg:
+ cmd.append(arg)
+
+ if opts.user:
+ cmd.append('--user')
+ cmd.append(opts.user)
+ if opts.interactive:
+ cmd.append('-ti')
+ # May as well remove it when we're done too
+ cmd.append('--rm')
+ cmd.append(image)
+ if opts.command:
+ cmd.append(opts.command)
+ elif command:
+ cmd.extend(command)
+
+ print ' '.join(cmd)
+
+ if opts.run:
+ os.execl(docker_cmd, *cmd)
+
+ if not container_found:
+ print("Container '%s' not found!" % container_name)
+
+def list_docker_containers(opts):
+ print opts
+ with open(opts.config) as f:
+ json_data = json.load(f)
+
+ for step in (json_data or []):
+ if step is None:
+ continue
+ print step
+ for container in (json_data[step] or []):
+ print('\tcontainer: %s' % container)
+ for container_data in (json_data[step][container] or []):
+ #print('\t\tcontainer_data: %s' % container_data)
+ if container_data == "start_order":
+ print('\t\tstart_order: %s' % json_data[step][container][container_data])
+
+opts = parse_opts(sys.argv)
+
+if opts.container:
+ run_docker_container(opts, opts.container)
+else:
+ list_docker_containers(opts)
+
diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml
index e1154a62..76232d14 100644
--- a/docker/post.j2.yaml
+++ b/docker/post.j2.yaml
@@ -130,16 +130,7 @@ resources:
group: json-file
config:
/var/lib/docker-puppet/docker-puppet.json:
- yaql:
- # select only services that have a non-null config_image with
- # a step_config as well
- expression:
- $.data.config_volume.zip($.data.puppet_tags, $.data.step_config, $.data.config_image).where($[3] != null and $[1] != null)
- data:
- config_volume: {get_param: [role_data, {{role.name}}, config_volume]}
- step_config: {get_param: [role_data, {{role.name}}, step_config]}
- puppet_tags: {get_param: [role_data, {{role.name}}, puppet_tags]}
- config_image: {get_param: [role_data, {{role.name}}, config_image]}
+ {get_param: [role_data, {{role.name}}, puppet_config]}
{{role.name}}GenPuppetDeployment:
type: OS::Heat::SoftwareDeploymentGroup
@@ -189,6 +180,24 @@ resources:
docker_config: {get_param: [role_data, {{role.name}}, docker_config]}
docker_image: {get_param: [role_data, {{role.name}}, docker_image]}
+ # Here we are dumping all the docker container startup configuration data
+ # so that we can have access to how they are started outside of heat
+ # and docker-cmd. This lets us create command line tools to start and
+ # test these containers.
+ {{role.name}}DockerConfigJsonStartupData:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: json-file
+ config:
+ /var/lib/docker-container-startup-configs.json:
+ {get_attr: [{{role.name}}DockerConfig, value]}
+
+ {{role.name}}DockerConfigJsonStartupDataDeployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ config: {get_resource: {{role.name}}DockerConfigJsonStartupData}
+ servers: {get_param: [servers, {{role.name}}]}
+
{{role.name}}KollaJsonConfig:
type: OS::Heat::StructuredConfig
properties:
diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml
index cc28846a..3c4146fd 100644
--- a/docker/services/database/mongodb.yaml
+++ b/docker/services/database/mongodb.yaml
@@ -45,7 +45,7 @@ outputs:
map_merge:
- get_attr: [MongodbPuppetBase, role_data, config_settings]
- mongodb::server::fork: false
- step_config:
+ step_config: &step_config
list_join:
- "\n"
- - "['Mongodb_database', 'Mongodb_user', 'Mongodb_replset'].each |String $val| { noop_resource($val) }"
@@ -56,9 +56,11 @@ outputs:
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMongodbImage} ]
- puppet_tags: file # set this even though file is the default
- config_volume: mongodb
- config_image: *mongodb_image
+ puppet_config:
+ config_volume: mongodb
+ puppet_tags: file # set this even though file is the default
+ step_config: *step_config
+ config_image: *mongodb_image
kolla_config:
/var/lib/kolla/config_files/mongodb.json:
command: /usr/bin/mongod --unixSocketPrefix=/var/run/mongodb --config /etc/mongod.conf run
@@ -88,11 +90,13 @@ outputs:
docker_puppet_tasks:
# MySQL database initialization occurs only on single node
step_2:
- - 'mongodb_init_tasks'
- - 'mongodb_database,mongodb_user,mongodb_replset'
- - 'include ::tripleo::profile::base::database::mongodb'
- - list_join:
+ config_volume: 'mongodb_init_tasks'
+ puppet_tags: 'mongodb_database,mongodb_user,mongodb_replset'
+ step_config: 'include ::tripleo::profile::base::database::mongodb'
+ config_image:
+ list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMongodbImage} ]
- - - "mongodb:/var/lib/mongodb"
- - "logs:/var/log/kolla:ro"
+ volumes:
+ - "mongodb:/var/lib/mongodb/"
+ - "logs:/var/log/kolla:ro"
diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml
index 2ef068d2..fd92e99c 100644
--- a/docker/services/database/mysql.yaml
+++ b/docker/services/database/mysql.yaml
@@ -54,7 +54,7 @@ outputs:
pid-file: /var/lib/mysql/mariadb.pid
mysqld_safe:
pid-file: /var/lib/mysql/mariadb.pid
- step_config:
+ step_config: &step_config
list_join:
- "\n"
- - "['Mysql_datadir', 'Mysql_user', 'Mysql_database', 'Mysql_grant', 'Mysql_plugin'].each |String $val| { noop_resource($val) }"
@@ -65,9 +65,11 @@ outputs:
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMysqlImage} ]
- puppet_tags: file # set this even though file is the default
- config_volume: mysql
- config_image: *mysql_image
+ puppet_config:
+ config_volume: mysql
+ puppet_tags: file # set this even though file is the default
+ step_config: *step_config
+ config_image: *mysql_image
kolla_config:
/var/lib/kolla/config_files/mysql.json:
command: /usr/bin/mysqld_safe
@@ -120,11 +122,13 @@ outputs:
docker_puppet_tasks:
# MySQL database initialization occurs only on single node
step_2:
- - 'mysql_init_tasks'
- - 'mysql_database,mysql_grant,mysql_user'
- - 'include ::tripleo::profile::base::database::mysql'
- - list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMysqlImage} ]
- - - "mariadb:/var/lib/mysql/:ro"
+ config_volume: 'mysql_init_tasks'
+ puppet_tags: 'mysql_database,mysql_grant,mysql_user'
+ step_config: 'include ::tripleo::profile::base::database::mysql'
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerMysqlImage} ]
+ volumes:
+ - "mariadb:/var/lib/mysql/:ro"
- "/var/lib/config-data/mysql/root:/root:ro" #provides .my.cnf
diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml
index b8ab9622..ab62f7e3 100644
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@@ -45,16 +45,19 @@ outputs:
map_merge:
- get_attr: [GlanceApiPuppetBase, role_data, config_settings]
- glance::api::sync_db: false
- step_config: {get_attr: [GlanceApiPuppetBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [GlanceApiPuppetBase, role_data, step_config]
service_config_settings: {get_attr: [GlanceApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
docker_image: &glance_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerGlanceApiImage} ]
- puppet_tags: glance_api_config,glance_api_paste_ini,glance_swift_config,glance_cache_config
- config_volume: glance_api
- config_image: *glance_image
+ puppet_config:
+ config_volume: glance_api
+ puppet_tags: glance_api_config,glance_api_paste_ini,glance_swift_config,glance_cache_config
+ step_config: *step_config
+ config_image: *glance_image
kolla_config:
/var/lib/kolla/config_files/glance-api.json:
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml
index 93632166..fbaacbe6 100644
--- a/docker/services/heat-api-cfn.yaml
+++ b/docker/services/heat-api-cfn.yaml
@@ -51,19 +51,22 @@ outputs:
map_merge:
- get_attr: [HeatBase, role_data, config_settings]
- apache::default_vhost: false
- step_config: {get_attr: [HeatBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [HeatBase, role_data, step_config]
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &heat_api_cfn_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerHeatApiCfnImage} ]
- puppet_tags: heat_config,file,concat,file_line
- config_volume: heat
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
+ puppet_config:
+ config_volume: heat
+ puppet_tags: heat_config,file,concat,file_line
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
kolla_config:
/var/lib/kolla/config_files/heat_api_cfn.json:
command: /usr/bin/heat-api-cfn --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index 2efabb61..df9160f4 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -51,19 +51,22 @@ outputs:
map_merge:
- get_attr: [HeatBase, role_data, config_settings]
- apache::default_vhost: false
- step_config: {get_attr: [HeatBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [HeatBase, role_data, step_config]
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &heat_api_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerHeatApiImage} ]
- puppet_tags: heat_config,file,concat,file_line
- config_volume: heat
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
+ puppet_config:
+ config_volume: heat
+ puppet_tags: heat_config,file,concat,file_line
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
kolla_config:
/var/lib/kolla/config_files/heat_api.json:
command: /usr/bin/heat-api --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index db8c2be5..c8259f93 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -46,16 +46,19 @@ outputs:
map_merge:
- get_attr: [HeatBase, role_data, config_settings]
- apache::default_vhost: false
- step_config: {get_attr: [HeatBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [HeatBase, role_data, step_config]
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &heat_engine_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
- puppet_tags: heat_config,file,concat,file_line
- config_volume: heat
- config_image: *heat_engine_image
+ puppet_config:
+ config_volume: heat
+ puppet_tags: heat_config,file,concat,file_line
+ step_config: *step_config
+ config_image: *heat_engine_image
kolla_config:
/var/lib/kolla/config_files/heat_engine.json:
command: /usr/bin/heat-engine --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index 80120568..97ba9706 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -48,19 +48,22 @@ outputs:
config_settings:
map_merge:
- get_attr: [IronicApiBase, role_data, config_settings]
- step_config: {get_attr: [IronicApiBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [IronicApiBase, role_data, step_config]
service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &ironic_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerIronicApiImage} ]
- puppet_tags: ironic_config
- config_volume: ironic
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ puppet_config:
+ config_volume: ironic
+ puppet_tags: ironic_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/ironic_api.json:
command: /usr/bin/ironic-api
diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml
index 945ef3fc..2cc29054 100644
--- a/docker/services/ironic-conductor.yaml
+++ b/docker/services/ironic-conductor.yaml
@@ -55,19 +55,22 @@ outputs:
- ironic::pxe::tftp_root: /var/lib/ironic/tftpboot
- ironic::pxe::http_root: /var/lib/ironic/httpboot
- ironic::conductor::http_root: /var/lib/ironic/httpboot
- step_config: {get_attr: [IronicConductorBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [IronicConductorBase, role_data, step_config]
service_config_settings: {get_attr: [IronicConductorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &ironic_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerIronicConductorImage} ]
- puppet_tags: ironic_config
- config_volume: ironic
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ puppet_config:
+ config_volume: ironic
+ puppet_tags: ironic_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/ironic_conductor.json:
command: /usr/bin/ironic-conductor
diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml
index bc7b4677..25505192 100644
--- a/docker/services/ironic-pxe.yaml
+++ b/docker/services/ironic-pxe.yaml
@@ -37,19 +37,21 @@ outputs:
value:
service_name: ironic_pxe
config_settings: {}
- step_config: ''
+ step_config: &step_config ''
service_config_settings: {}
# BEGIN DOCKER SETTINGS
docker_image: &ironic_pxe_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerIronicPxeImage} ]
- puppet_tags: ironic_config
- config_volume: ironic
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ puppet_config:
+ config_volume: ironic
+ puppet_tags: ironic_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/ironic_pxe_http.json:
command: /usr/sbin/httpd -DFOREGROUND
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index 2bf8fa09..f9b94a74 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -49,7 +49,7 @@ outputs:
map_merge:
- get_attr: [KeystoneBase, role_data, config_settings]
- apache::default_vhost: false
- step_config:
+ step_config: &step_config
list_join:
- "\n"
- - "['Keystone_user', 'Keystone_endpoint', 'Keystone_domain', 'Keystone_tenant', 'Keystone_user_role', 'Keystone_role', 'Keystone_service'].each |String $val| { noop_resource($val) }"
@@ -60,9 +60,11 @@ outputs:
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerKeystoneImage} ]
- puppet_tags: keystone_config
- config_volume: keystone
- config_image: *keystone_image
+ puppet_config:
+ config_volume: keystone
+ puppet_tags: keystone_config
+ step_config: *step_config
+ config_image: *keystone_image
kolla_config:
/var/lib/kolla/config_files/keystone.json:
command: /usr/sbin/httpd -DFOREGROUND
@@ -109,7 +111,7 @@ outputs:
start_order: 0
image: *keystone_image
user: root
- command: ['/bin/bash', '-c', 'mkdir /var/log/httpd && mkdir /var/log/keystone && chown keystone:keystone /var/log/keystone']
+ command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && mkdir -p /var/log/keystone && chown keystone:keystone /var/log/keystone']
volumes:
- logs:/var/log
keystone_db_sync:
@@ -145,9 +147,10 @@ outputs:
docker_puppet_tasks:
# Keystone endpoint creation occurs only on single node
step_3:
- - 'keystone_init_tasks'
- - 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain'
- - 'include ::tripleo::profile::base::keystone'
- - list_join:
+ config_volume: 'keystone_init_tasks'
+ puppet_tags: 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain'
+ step_config: 'include ::tripleo::profile::base::keystone'
+ config_image:
+ list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerKeystoneImage} ]
diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml
index d459c825..3e51f5b4 100644
--- a/docker/services/memcached.yaml
+++ b/docker/services/memcached.yaml
@@ -42,16 +42,19 @@ outputs:
value:
service_name: {get_attr: [MemcachedBase, role_data, service_name]}
config_settings: {get_attr: [MemcachedBase, role_data, config_settings]}
- step_config: {get_attr: [MemcachedBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [MemcachedBase, role_data, step_config]
service_config_settings: {get_attr: [MemcachedBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &memcached_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMemcachedImage} ]
- puppet_tags: 'file'
- config_volume: 'memcached'
- config_image: *memcached_image
+ puppet_config:
+ config_volume: 'memcached'
+ puppet_tags: 'file'
+ step_config: *step_config
+ config_image: *memcached_image
kolla_config: {}
docker_config:
step_1:
diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml
index e535a817..843d5b23 100644
--- a/docker/services/mistral-api.yaml
+++ b/docker/services/mistral-api.yaml
@@ -48,19 +48,22 @@ outputs:
config_settings:
map_merge:
- get_attr: [MistralApiBase, role_data, config_settings]
- step_config: {get_attr: [MistralApiBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [MistralApiBase, role_data, step_config]
service_config_settings: {get_attr: [MistralApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &mistral_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMistralApiImage} ]
- puppet_tags: mistral_config
- config_volume: mistral
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
+ puppet_config:
+ config_volume: mistral
+ puppet_tags: mistral_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/mistral_api.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/api.log --server=api
diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml
index be4c8af7..e50fc0a6 100644
--- a/docker/services/mistral-engine.yaml
+++ b/docker/services/mistral-engine.yaml
@@ -49,19 +49,22 @@ outputs:
config_settings:
map_merge:
- get_attr: [MistralBase, role_data, config_settings]
- step_config: {get_attr: [MistralBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [MistralBase, role_data, step_config]
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &mistral_engine_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMistralEngineImage} ]
- puppet_tags: mistral_config
- config_volume: mistral
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
+ puppet_config:
+ config_volume: mistral
+ puppet_tags: mistral_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/mistral_engine.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/engine.log --server=engine
diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml
index 33608a42..8833154e 100644
--- a/docker/services/mistral-executor.yaml
+++ b/docker/services/mistral-executor.yaml
@@ -49,19 +49,22 @@ outputs:
config_settings:
map_merge:
- get_attr: [MistralBase, role_data, config_settings]
- step_config: {get_attr: [MistralBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [MistralBase, role_data, step_config]
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &mistral_executor_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMistralExecutorImage} ]
- puppet_tags: mistral_config
- config_volume: mistral
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
+ puppet_config:
+ config_volume: mistral
+ puppet_tags: mistral_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/mistral_executor.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/executor.log --server=executor
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index e444f391..bf19586c 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -49,19 +49,22 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- step_config: {get_attr: [NeutronBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NeutronBase, role_data, step_config]
service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &neutron_api_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNeutronApiImage} ]
- puppet_tags: neutron_config,neutron_api_config
- config_volume: neutron
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ puppet_config:
+ config_volume: neutron
+ puppet_tags: neutron_config,neutron_api_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/neutron_api.json:
command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini
@@ -81,6 +84,9 @@ outputs:
net: host
privileged: false
detach: false
+ # FIXME: we should make config file permissions right
+ # and run as neutron user
+ user: root
volumes:
- /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
- /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml
index fc13b3d1..15f3055e 100644
--- a/docker/services/neutron-dhcp.yaml
+++ b/docker/services/neutron-dhcp.yaml
@@ -49,19 +49,22 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- step_config: {get_attr: [NeutronBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NeutronBase, role_data, step_config]
service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &neutron_dhcp_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNeutronApiImage} ]
- puppet_tags: neutron_config,neutron_dhcp_agent_config
- config_volume: neutron
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ puppet_config:
+ config_volume: neutron
+ puppet_tags: neutron_config,neutron_dhcp_agent_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/neutron_dhcp.json:
command: /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file /var/log/neutron/dhcp-agent.log
diff --git a/docker/services/neutron-l3.yaml b/docker/services/neutron-l3.yaml
new file mode 100644
index 00000000..c74ab4fe
--- /dev/null
+++ b/docker/services/neutron-l3.yaml
@@ -0,0 +1,88 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Neutron L3 agent
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerNeutronL3AgentImage:
+ description: image
+ default: 'centos-binary-neutron-l3-agent:latest'
+ type: string
+ # we configure all neutron services in the same neutron
+ DockerNeutronConfigImage:
+ description: image
+ default: 'centos-binary-neutron-openvswitch-agent:latest'
+ type: string
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+resources:
+
+ NeutronL3Base:
+ type: ../../puppet/services/neutron-l3.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for Neutron L3 agent
+ value:
+ service_name: {get_attr: [NeutronL3Base, role_data, service_name]}
+ config_settings: {get_attr: [NeutronL3Base, role_data, config_settings]}
+ step_config: {get_attr: [NeutronL3Base, role_data, step_config]}
+ docker_image: &neutron_l3_agent_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNeutronL3AgentImage} ]
+ puppet_tags: neutron_config,neutron_l3_agent_config
+ config_volume: neutron
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/neutron-l3-agent.json:
+ command: /usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
+ config_files:
+ - dest: /etc/neutron/neutron.conf
+ owner: neutron
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/neutron/neutron.conf
+ - dest: /etc/neutron/l3_agent.ini
+ owner: root
+ perm: '0644'
+ source: /var/lib/kolla/config_files/src/etc/neutron/l3_agent.ini
+ docker_config:
+ step_4:
+ neutronl3agent:
+ image: *neutron_l3_agent_image
+ net: host
+ pid: host
+ privileged: true
+ restart: always
+ volumes:
+ - /var/lib/kolla/config_files/neutron-l3-agent.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron:/var/lib/kolla/config_files/src:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /lib/modules:/lib/modules:ro
+ - /run:/run
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml
index ab99da5e..f6b29292 100644
--- a/docker/services/neutron-ovs-agent.yaml
+++ b/docker/services/neutron-ovs-agent.yaml
@@ -42,14 +42,17 @@ outputs:
value:
service_name: {get_attr: [NeutronOvsAgentBase, role_data, service_name]}
config_settings: {get_attr: [NeutronOvsAgentBase, role_data, config_settings]}
- step_config: {get_attr: [NeutronOvsAgentBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NeutronOvsAgentBase, role_data, step_config]
docker_image: &neutron_ovs_agent_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ]
- puppet_tags: neutron_config,neutron_agent_ovs,neutron_plugin_ml2
- config_volume: neutron
- config_image: *neutron_ovs_agent_image
+ puppet_config:
+ config_volume: neutron
+ puppet_tags: neutron_config,neutron_agent_ovs,neutron_plugin_ml2
+ step_config: *step_config
+ config_image: *neutron_ovs_agent_image
kolla_config:
/var/lib/kolla/config_files/neutron-openvswitch-agent.json:
command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
diff --git a/docker/services/neutron-plugin-ml2.yaml b/docker/services/neutron-plugin-ml2.yaml
index 37ab8db2..5d1a348a 100644
--- a/docker/services/neutron-plugin-ml2.yaml
+++ b/docker/services/neutron-plugin-ml2.yaml
@@ -44,15 +44,18 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- step_config: {get_attr: [NeutronBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NeutronBase, role_data, step_config]
service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &docker_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
- puppet_tags: ''
- config_volume: 'neutron'
- config_image: *docker_image
+ puppet_config:
+ config_volume: 'neutron'
+ puppet_tags: ''
+ step_config: *step_config
+ config_image: *docker_image
kolla_config: {}
docker_config: {}
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 26ae514a..28b3a9d0 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -49,19 +49,22 @@ outputs:
map_merge:
- get_attr: [NovaApiBase, role_data, config_settings]
- apache::default_vhost: false
- step_config: {get_attr: [NovaApiBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NovaApiBase, role_data, step_config]
service_config_settings: {get_attr: [NovaApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &nova_api_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaApiImage} ]
- puppet_tags: nova_config
- config_volume: nova
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ puppet_config:
+ config_volume: nova
+ puppet_tags: nova_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
kolla_config:
/var/lib/kolla/config_files/nova_api.json:
command: /usr/bin/nova-api
@@ -132,3 +135,13 @@ outputs:
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ nova_api_discover_hosts:
+ start_order: 3
+ image: *nova_api_image
+ net: host
+ detach: false
+ volumes: *nova_api_volumes
+ command:
+ - '/usr/bin/nova-manage'
+ - 'cell_v2'
+ - 'discover_hosts'
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index 570df95f..9f4e353a 100644
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -43,14 +43,17 @@ outputs:
value:
service_name: {get_attr: [NovaComputeBase, role_data, service_name]}
config_settings: {get_attr: [NovaComputeBase, role_data, config_settings]}
- step_config: {get_attr: [NovaComputeBase, role_data, step_config]}
- puppet_tags: nova_config,nova_paste_api_ini
+ step_config: &step_config
+ get_attr: [NovaComputeBase, role_data, step_config]
docker_image: &nova_compute_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ]
- config_volume: nova_libvirt
- config_image: *nova_compute_image
+ puppet_config:
+ config_volume: nova_libvirt
+ puppet_tags: nova_config,nova_paste_api_ini
+ step_config: *step_config
+ config_image: *nova_compute_image
kolla_config:
/var/lib/kolla/config_files/nova-compute.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
diff --git a/docker/services/nova-conductor.yaml b/docker/services/nova-conductor.yaml
index aa009b4f..73acd0ac 100644
--- a/docker/services/nova-conductor.yaml
+++ b/docker/services/nova-conductor.yaml
@@ -47,19 +47,22 @@ outputs:
value:
service_name: {get_attr: [NovaConductorBase, role_data, service_name]}
config_settings: {get_attr: [NovaConductorBase, role_data, config_settings]}
- step_config: {get_attr: [NovaConductorBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NovaConductorBase, role_data, step_config]
service_config_settings: {get_attr: [NovaConductorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &nova_conductor_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaConductorImage} ]
- puppet_tags: nova_config
- config_volume: nova
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ puppet_config:
+ config_volume: nova
+ puppet_tags: nova_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
kolla_config:
/var/lib/kolla/config_files/nova_conductor.json:
command: /usr/bin/nova-conductor
diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml
index c1858ded..5b46010f 100644
--- a/docker/services/nova-ironic.yaml
+++ b/docker/services/nova-ironic.yaml
@@ -45,17 +45,20 @@ outputs:
value:
service_name: {get_attr: [NovaIronicBase, role_data, service_name]}
config_settings: {get_attr: [NovaIronicBase, role_data, config_settings]}
- step_config: {get_attr: [NovaIronicBase, role_data, step_config]}
- puppet_tags: nova_config,nova_paste_api_ini
+ step_config: &step_config
+ get_attr: [NovaIronicBase, role_data, step_config]
docker_image: &nova_ironic_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ]
- config_volume: nova
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ puppet_config:
+ config_volume: nova
+ puppet_tags: nova_config,nova_paste_api_ini
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
kolla_config:
/var/lib/kolla/config_files/nova_ironic.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index d6e7dc76..ed54f3d9 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -48,17 +48,20 @@ outputs:
value:
service_name: {get_attr: [NovaLibvirtBase, role_data, service_name]}
config_settings: {get_attr: [NovaLibvirtBase, role_data, config_settings]}
- step_config: {get_attr: [NovaLibvirtBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NovaLibvirtBase, role_data, step_config]
docker_image: &libvirt_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ]
- puppet_tags: nova_config
- config_volume: nova_libvirt
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ]
+ puppet_config:
+ config_volume: nova_libvirt
+ puppet_tags: nova_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ]
kolla_config:
/var/lib/kolla/config_files/nova-libvirt.json:
command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
diff --git a/docker/services/nova-metadata.yaml b/docker/services/nova-metadata.yaml
index a4baaa27..90c4c1c9 100644
--- a/docker/services/nova-metadata.yaml
+++ b/docker/services/nova-metadata.yaml
@@ -37,12 +37,15 @@ outputs:
config_settings:
map_merge:
- get_attr: [NovaMetadataBase, role_data, config_settings]
- step_config: {get_attr: [NovaMetadataBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NovaMetadataBase, role_data, step_config]
service_config_settings: {get_attr: [NovaMetadataBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: ''
- puppet_tags: ''
- config_volume: ''
- config_image: ''
+ puppet_config:
+ config_volume: ''
+ puppet_tags: ''
+ step_config: *step_config
+ config_image: ''
kolla_config: {}
docker_config: {}
diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index f0f7d724..54469795 100644
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -45,19 +45,22 @@ outputs:
map_merge:
- get_attr: [NovaPlacementBase, role_data, config_settings]
- apache::default_vhost: false
- step_config: {get_attr: [NovaPlacementBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NovaPlacementBase, role_data, step_config]
service_config_settings: {get_attr: [NovaPlacementBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &nova_placement_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementImage} ]
- puppet_tags: nova_config
- config_volume: nova_placement
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementImage} ]
+ puppet_config:
+ config_volume: nova_placement
+ puppet_tags: nova_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementImage} ]
kolla_config:
/var/lib/kolla/config_files/nova_placement.json:
command: /usr/sbin/httpd -DFOREGROUND
diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml
index a1a98b48..e3955a2b 100644
--- a/docker/services/nova-scheduler.yaml
+++ b/docker/services/nova-scheduler.yaml
@@ -46,15 +46,18 @@ outputs:
value:
service_name: {get_attr: [NovaSchedulerBase, role_data, service_name]}
config_settings: {get_attr: [NovaSchedulerBase, role_data, config_settings]}
- step_config: {get_attr: [NovaSchedulerBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [NovaSchedulerBase, role_data, step_config]
service_config_settings: {get_attr: [NovaSchedulerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &nova_scheduler_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaSchedulerImage} ]
- puppet_tags: nova_config
+ puppet_config:
config_volume: nova
+ puppet_tags: nova_config
+ step_config: *step_config
config_image:
list_join:
- '/'
diff --git a/docker/services/rabbitmq.yaml b/docker/services/rabbitmq.yaml
index cea3d8a7..aa604439 100644
--- a/docker/services/rabbitmq.yaml
+++ b/docker/services/rabbitmq.yaml
@@ -46,16 +46,19 @@ outputs:
value:
service_name: {get_attr: [RabbitmqBase, role_data, service_name]}
config_settings: {get_attr: [RabbitmqBase, role_data, config_settings]}
- step_config: {get_attr: [RabbitmqBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [RabbitmqBase, role_data, step_config]
service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &rabbitmq_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerRabbitmqImage} ]
- puppet_tags: file
- config_volume: rabbitmq
- config_image: *rabbitmq_image
+ puppet_config:
+ config_volume: rabbitmq
+ puppet_tags: file
+ step_config: *step_config
+ config_image: *rabbitmq_image
kolla_config:
/var/lib/kolla/config_files/rabbitmq.json:
command: /usr/lib/rabbitmq/bin/rabbitmq-server
diff --git a/docker/services/services.yaml b/docker/services/services.yaml
index cd9f4cb5..125c4468 100644
--- a/docker/services/services.yaml
+++ b/docker/services/services.yaml
@@ -68,9 +68,7 @@ outputs:
step_config:
{get_attr: [ServiceChain, role_data, step_config]}
docker_image: {get_attr: [ServiceChain, role_data, docker_image]}
- puppet_tags: {get_attr: [ServiceChain, role_data, puppet_tags]}
- config_volume: {get_attr: [ServiceChain, role_data, config_volume]}
- config_image: {get_attr: [ServiceChain, role_data, config_image]}
+ puppet_config: {get_attr: [ServiceChain, role_data, puppet_config]}
kolla_config:
map_merge: {get_attr: [ServiceChain, role_data, kolla_config]}
docker_config:
diff --git a/docker/services/swift-proxy.yaml b/docker/services/swift-proxy.yaml
index 09553319..cdfefe2f 100644
--- a/docker/services/swift-proxy.yaml
+++ b/docker/services/swift-proxy.yaml
@@ -42,16 +42,19 @@ outputs:
value:
service_name: {get_attr: [SwiftProxyBase, role_data, service_name]}
config_settings: {get_attr: [SwiftProxyBase, role_data, config_settings]}
- step_config: {get_attr: [SwiftProxyBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [SwiftProxyBase, role_data, step_config]
service_config_settings: {get_attr: [SwiftProxyBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &swift_proxy_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerSwiftProxyImage} ]
- puppet_tags: swift_proxy_config
- config_volume: swift
- config_image: *swift_proxy_image
+ puppet_config:
+ config_volume: swift
+ puppet_tags: swift_proxy_config
+ step_config: *step_config
+ config_image: *swift_proxy_image
kolla_config:
/var/lib/kolla/config_files/swift_proxy.json:
command: /usr/bin/swift-proxy-server /etc/swift/proxy-server.conf
diff --git a/docker/services/swift-ringbuilder.yaml b/docker/services/swift-ringbuilder.yaml
index de91e7cf..027a6956 100644
--- a/docker/services/swift-ringbuilder.yaml
+++ b/docker/services/swift-ringbuilder.yaml
@@ -66,15 +66,18 @@ outputs:
value:
service_name: {get_attr: [SwiftRingbuilderBase, role_data, service_name]}
config_settings: {get_attr: [SwiftRingbuilderBase, role_data, config_settings]}
- step_config: {get_attr: [SwiftRingbuilderBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [SwiftRingbuilderBase, role_data, step_config]
service_config_settings: {get_attr: [SwiftRingbuilderBase, role_data, service_config_settings]}
- puppet_tags: exec,ring_object_device,swift::ringbuilder::create,tripleo::profile::base::swift::add_devices,swift::ringbuilder::rebalance
# BEGIN DOCKER SETTINGS
docker_image: &docker_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerSwiftProxyImage} ]
- config_volume: 'swift'
- config_image: *docker_image
+ puppet_config:
+ config_volume: 'swift'
+ puppet_tags: exec,ring_object_device,swift::ringbuilder::create,tripleo::profile::base::swift::add_devices,swift::ringbuilder::rebalance
+ step_config: *step_config
+ config_image: *docker_image
kolla_config: {}
docker_config: {}
diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml
index 5b2ec6e6..ab9946f3 100644
--- a/docker/services/swift-storage.yaml
+++ b/docker/services/swift-storage.yaml
@@ -54,16 +54,19 @@ outputs:
value:
service_name: {get_attr: [SwiftStorageBase, role_data, service_name]}
config_settings: {get_attr: [SwiftStorageBase, role_data, config_settings]}
- step_config: {get_attr: [SwiftStorageBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [SwiftStorageBase, role_data, step_config]
service_config_settings: {get_attr: [SwiftStorageBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &swift_proxy_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerSwiftProxyImage} ]
- puppet_tags: swift_config,swift_container_config,swift_container_sync_realms_config,swift_account_config,swift_object_config,swift_object_expirer_config
- config_volume: swift
- config_image: *swift_proxy_image
+ puppet_config:
+ config_volume: swift
+ puppet_tags: swift_config,swift_container_config,swift_container_sync_realms_config,swift_account_config,swift_object_config,swift_object_expirer_config
+ step_config: *step_config
+ config_image: *swift_proxy_image
kolla_config:
/var/lib/kolla/config_files/swift_account_auditor.json:
command: /usr/bin/swift-account-auditor /etc/swift/account-server.conf
diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml
index 9f248ce1..1704278e 100644
--- a/docker/services/zaqar.yaml
+++ b/docker/services/zaqar.yaml
@@ -42,16 +42,19 @@ outputs:
value:
service_name: {get_attr: [ZaqarBase, role_data, service_name]}
config_settings: {get_attr: [ZaqarBase, role_data, config_settings]}
- step_config: {get_attr: [ZaqarBase, role_data, step_config]}
+ step_config: &step_config
+ get_attr: [ZaqarBase, role_data, step_config]
service_config_settings: {get_attr: [ZaqarBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
docker_image: &zaqar_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerZaqarImage} ]
- puppet_tags: zaqar_config
- config_volume: zaqar
- config_image: *zaqar_image
+ puppet_config:
+ config_volume: zaqar
+ puppet_tags: zaqar_config
+ step_config: *step_config
+ config_image: *zaqar_image
kolla_config:
/var/lib/kolla/config_files/zaqar.json:
command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf
diff --git a/environments/docker.yaml b/environments/docker.yaml
index ca3715b4..cb13c5c3 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -1,5 +1,5 @@
resource_registry:
- OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
+ OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
#NOTE (dprince) add roles to be docker enabled as we support them
OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml
@@ -24,6 +24,7 @@ resource_registry:
OS::TripleO::Services::NeutronCorePlugin: ../docker/services/neutron-plugin-ml2.yaml
OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
+ OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml
OS::TripleO::Services::MistralApi: ../docker/services/mistral-api.yaml
OS::TripleO::Services::MistralEngine: ../docker/services/mistral-engine.yaml
diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml
index 77fa5a49..f59b0414 100644
--- a/environments/hyperconverged-ceph.yaml
+++ b/environments/hyperconverged-ceph.yaml
@@ -11,6 +11,7 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::Kernel
@@ -25,4 +26,8 @@ parameter_defaults:
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::Collectd
- OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::MySQLClient
diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml
index 9e3cddba..9ecc2251 100644
--- a/environments/major-upgrade-composable-steps.yaml
+++ b/environments/major-upgrade-composable-steps.yaml
@@ -7,9 +7,9 @@ parameter_defaults:
# Newton to Ocata, we need to remove old hiera hook data and
# install ansible heat agents and ansible-pacemaker
set -eu
+ yum install -y openstack-heat-agents
yum install -y python-heat-agent-*
yum install -y ansible-pacemaker
rm -f /usr/libexec/os-apply-config/templates/etc/puppet/hiera.yaml
rm -f /usr/libexec/os-refresh-config/configure.d/40-hiera-datafiles
rm -f /etc/puppet/hieradata/*.yaml
-
diff --git a/environments/services/vpp.yaml b/environments/services/vpp.yaml
new file mode 100644
index 00000000..9bad70f8
--- /dev/null
+++ b/environments/services/vpp.yaml
@@ -0,0 +1,9 @@
+resource_registry:
+ OS::TripleO::Services::Vpp: ../../puppet/services/vpp.yaml
+
+#parameter_defaults:
+ #VPP main thread core pinning
+ #VppCpuMainCore: '1'
+
+ #List of cores for VPP worker thread pinning
+ #VppCpuCorelistWorkers: ['3','4']
diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml
index 0fd01920..2540fbe5 100644
--- a/environments/undercloud.yaml
+++ b/environments/undercloud.yaml
@@ -16,3 +16,4 @@ parameter_defaults:
NeutronDhcpAgentsPerNetwork: 2
HeatConvergenceEngine: false
HeatMaxResourcesPerStack: -1
+ HeatMaxJsonBodySize: 2097152
diff --git a/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml
index c388358a..24557517 100644
--- a/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml
@@ -21,3 +21,7 @@ parameter_defaults:
rhel_reg_type: ""
rhel_reg_method: ""
rhel_reg_sat_repo: "rhel-7-server-satellite-tools-6.1-rpms"
+ rhel_reg_http_proxy_host: ""
+ rhel_reg_http_proxy_port: ""
+ rhel_reg_http_proxy_username: ""
+ rhel_reg_http_proxy_password: ""
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
index fdf2e957..e8316c53 100644
--- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
@@ -45,6 +45,14 @@ parameters:
type: string
rhel_reg_sat_repo:
type: string
+ rhel_reg_http_proxy_host:
+ type: string
+ rhel_reg_http_proxy_port:
+ type: string
+ rhel_reg_http_proxy_username:
+ type: string
+ rhel_reg_http_proxy_password:
+ type: string
resources:
@@ -71,6 +79,10 @@ resources:
- name: REG_TYPE
- name: REG_METHOD
- name: REG_SAT_REPO
+ - name: REG_HTTP_PROXY_HOST
+ - name: REG_HTTP_PROXY_PORT
+ - name: REG_HTTP_PROXY_USERNAME
+ - name: REG_HTTP_PROXY_PASSWORD
config: {get_file: scripts/rhel-registration}
RHELRegistrationDeployment:
@@ -99,6 +111,10 @@ resources:
REG_TYPE: {get_param: rhel_reg_type}
REG_METHOD: {get_param: rhel_reg_method}
REG_SAT_REPO: {get_param: rhel_reg_sat_repo}
+ REG_HTTP_PROXY_HOST: {get_param: rhel_reg_http_proxy_host}
+ REG_HTTP_PROXY_PORT: {get_param: rhel_reg_http_proxy_port}
+ REG_HTTP_PROXY_USERNAME: {get_param: rhel_reg_http_proxy_username}
+ REG_HTTP_PROXY_PASSWORD: {get_param: rhel_reg_http_proxy_password}
RHELUnregistration:
type: OS::Heat::SoftwareConfig
diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
index 2650a967..6f83cc4b 100644
--- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
+++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
@@ -13,10 +13,18 @@ fi
retryCount=0
opts=
+config_opts=
attach_opts=
sat5_opts=
repos="repos --enable rhel-7-server-rpms"
satellite_repo=${REG_SAT_REPO}
+proxy_host=
+proxy_port=
+proxy_url=
+proxy_username=
+proxy_password=
+
+# process variables..
if [ -n "${REG_AUTO_ATTACH:-}" ]; then
opts="$opts --auto-attach"
@@ -97,6 +105,57 @@ if [ -n "${REG_TYPE:-}" ]; then
opts="$opts --type=$REG_TYPE"
fi
+# Proxy settings (host and port)
+if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then
+ proxy_host="${REG_HTTP_PROXY_HOST}"
+fi
+
+if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then
+ proxy_port="${REG_HTTP_PROXY_PORT}"
+fi
+
+# Proxy settings (user and password)
+if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then
+ proxy_username="${REG_HTTP_PROXY_USERNAME}"
+fi
+
+if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then
+ proxy_password="${REG_HTTP_PROXY_PASSWORD}"
+fi
+
+# Sanity Checks for proxy host/port/user/password
+if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then
+ if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then
+ # Good both values are not empty
+ proxy_url="http://${proxy_host}:${proxy_port}"
+ config_opts="--server.proxy_hostname=${proxy_host} --server.proxy_port=${proxy_port}"
+ sat5_opts="${sat5_opts} --proxy_hostname=${proxy_url}"
+ echo "RHSM Proxy set to: ${proxy_url}"
+ if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then
+ if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then
+ config_opts="${config_opts} --server.proxy_user=${proxy_username} --server.proxy_password=${proxy_password}"
+ sat5_opts="${sat5_opts} --proxyUser=${proxy_username} --proxyPassword=${proxy_password}"
+ else
+ echo "Warning: REG_HTTP_PROXY_PASSWORD cannot be null with non-empty REG_HTTP_PROXY_USERNAME! Skipping..."
+ proxy_username= ; proxy_password=
+ fi
+ else
+ if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then
+ echo "Warning: REG_HTTP_PROXY_USERNAME cannot be null with non-empty REG_HTTP_PROXY_PASSWORD! Skipping..."
+ proxy_username= ; proxy_password=
+ fi
+ fi
+ else
+ echo "Warning: REG_HTTP_PROXY_PORT cannot be null with non-empty REG_HTTP_PROXY_HOST! Skipping..."
+ proxy_host= ; proxy_port= ; proxy_url= ; proxy_username= ; proxy_password=
+ fi
+else
+ if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then
+ echo "Warning: REG_HTTP_PROXY_HOST cannot be null with non-empty REG_HTTP_PROXY_PORT! Skipping..."
+ proxy_host= ; proxy_port= ; proxy_url= ; proxy_username= ; proxy_password=
+ fi
+fi
+
function retry() {
if [[ $retryCount < 3 ]]; then
$@
@@ -127,13 +186,34 @@ function detect_satellite_version {
fi
}
+if [ "x${proxy_url}" != "x" ];then
+ # Config subscription-manager for proxy
+ subscription-manager config ${config_opts}
+
+ # Config yum for proxy..
+ sed -i -e '/^proxy=/d' /etc/yum.conf
+ echo "proxy=${proxy_url}" >> /etc/yum.conf
+
+ # Handle optional username/password
+ if [ -n "${proxy_username}" ]; then
+ sed -i -e '/^proxy_username=/d' /etc/yum.conf
+ echo "proxy_username=${proxy_username}" >> /etc/yum.conf
+ fi
+
+ if [ -n "${proxy_password}" ]; then
+ sed -i -e '/^proxy_password=/d' /etc/yum.conf
+ echo "proxy_password=${proxy_password}" >> /etc/yum.conf
+ fi
+
+fi
+
case "${REG_METHOD:-}" in
portal)
retry subscription-manager register $opts
if [ -z "${REG_AUTO_ATTACH:-}" -a -z "${REG_ACTIVATION_KEY:-}" ]; then
retry subscription-manager attach $attach_opts
fi
- retry subscription-manager repos --disable '*'
+ retry subscription-manager repos --disable='*'
retry subscription-manager $repos
;;
satellite)
diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh
index 6bfe1239..8b900842 100755
--- a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh
+++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh
@@ -50,6 +50,7 @@ mysql_need_update
if [[ -n $(is_bootstrap_node) ]]; then
if [ $DO_MYSQL_UPGRADE -eq 1 ]; then
+ backup_flags="--defaults-extra-file=/root/.my.cnf -u root --flush-privileges --all-databases --single-transaction"
mysqldump $backup_flags > "$MYSQL_BACKUP_DIR/openstack_database.sql"
cp -rdp /etc/my.cnf* "$MYSQL_BACKUP_DIR"
fi
diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml
index 8c91027d..74d3be71 100644
--- a/extraconfig/tasks/major_upgrade_pacemaker.yaml
+++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml
@@ -18,10 +18,6 @@ parameters:
constraints:
- allowed_values: ['auto', 'yes', 'no']
default: 'auto'
- IgnoreCephUpgradeWarnings:
- type: boolean
- default: false
- description: If enabled, Ceph upgrade will be forced even though cluster or PGs status is not clean
KeepSaharaServicesOnUpgrade:
type: boolean
default: true
diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh
index c66dd01f..6bf415b2 100755
--- a/extraconfig/tasks/yum_update.sh
+++ b/extraconfig/tasks/yum_update.sh
@@ -47,7 +47,10 @@ if [[ "$list_updates" == "" ]]; then
exit 0
fi
-pacemaker_status=$(systemctl is-active pacemaker || :)
+pacemaker_status=""
+if hiera -c /etc/puppet/hiera.yaml service_names | grep -q pacemaker; then
+ pacemaker_status=$(systemctl is-active pacemaker)
+fi
# Fix the redis/rabbit resource start/stop timeouts. See https://bugs.launchpad.net/tripleo/+bug/1633455
# and https://bugs.launchpad.net/tripleo/+bug/1634851
diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml
index 5782bbe9..83d875e8 100644
--- a/network/ports/net_ip_list_map.yaml
+++ b/network/ports/net_ip_list_map.yaml
@@ -35,6 +35,32 @@ parameters:
default: []
type: json
+ InternalApiNetName:
+ default: internal_api
+ description: The name of the internal API network.
+ type: string
+ ExternalNetName:
+ default: external
+ description: The name of the external network.
+ type: string
+ ManagementNetName:
+ default: management
+ description: The name of the management network.
+ type: string
+ StorageNetName:
+ default: storage
+ description: The name of the storage network.
+ type: string
+ StorageMgmtNetName:
+ default: storage_mgmt
+ description: The name of the Storage management network.
+ type: string
+ TenantNetName:
+ default: tenant
+ description: The name of the tenant network.
+ type: string
+
+
resources:
# This adds the extra "services" on for keystone
# so that keystone_admin_api_network and
@@ -58,19 +84,33 @@ resources:
- keystone_admin_api
- keystone_public_api
+ NetIpMapValue:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_replace:
+ - ctlplane: {get_param: ControlPlaneIpList}
+ external: {get_param: ExternalIpList}
+ internal_api: {get_param: InternalApiIpList}
+ storage: {get_param: StorageIpList}
+ storage_mgmt: {get_param: StorageMgmtIpList}
+ tenant: {get_param: TenantIpList}
+ management: {get_param: ManagementIpList}
+ - keys:
+ external: {get_param: ExternalNetName}
+ internal_api: {get_param: InternalApiNetName}
+ storage: {get_param: StorageNetName}
+ storage_mgmt: {get_param: StorageMgmtNetName}
+ tenant: {get_param: TenantNetName}
+ management: {get_param: ManagementNetName}
+
outputs:
net_ip_map:
description: >
A Hash containing a mapping of network names to assigned lists
of IP addresses.
- value:
- ctlplane: {get_param: ControlPlaneIpList}
- external: {get_param: ExternalIpList}
- internal_api: {get_param: InternalApiIpList}
- storage: {get_param: StorageIpList}
- storage_mgmt: {get_param: StorageMgmtIpList}
- tenant: {get_param: TenantIpList}
- management: {get_param: ManagementIpList}
+ value: {get_attr: [NetIpMapValue, value]}
service_ips:
description: >
Map of enabled services to a list of their IP addresses
@@ -92,14 +132,7 @@ outputs:
for_each:
SERVICE: {get_attr: [EnabledServicesValue, value]}
- values: {get_param: ServiceNetMap}
- - values:
- ctlplane: {get_param: ControlPlaneIpList}
- external: {get_param: ExternalIpList}
- internal_api: {get_param: InternalApiIpList}
- storage: {get_param: StorageIpList}
- storage_mgmt: {get_param: StorageMgmtIpList}
- tenant: {get_param: TenantIpList}
- management: {get_param: ManagementIpList}
+ - values: {get_attr: [NetIpMapValue, value]}
service_hostnames:
description: >
Map of enabled services to a list of hostnames where they're running
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index c8cf733f..c974d72e 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -69,35 +69,136 @@ parameters:
type: string
description: IP address with brackets in case of IPv6
+ InternalApiNetName:
+ default: internal_api
+ description: The name of the internal API network.
+ type: string
+ ExternalNetName:
+ default: external
+ description: The name of the external network.
+ type: string
+ ManagementNetName:
+ default: management
+ description: The name of the management network.
+ type: string
+ StorageNetName:
+ default: storage
+ description: The name of the storage network.
+ type: string
+ StorageMgmtNetName:
+ default: storage_mgmt
+ description: The name of the Storage management network.
+ type: string
+ TenantNetName:
+ default: tenant
+ description: The name of the tenant network.
+ type: string
+
+resources:
+
+ NetIpMapValue:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_replace:
+ - ctlplane: {get_param: ControlPlaneIp}
+ external: {get_param: ExternalIp}
+ internal_api: {get_param: InternalApiIp}
+ storage: {get_param: StorageIp}
+ storage_mgmt: {get_param: StorageMgmtIp}
+ tenant: {get_param: TenantIp}
+ management: {get_param: ManagementIp}
+ ctlplane_subnet:
+ list_join:
+ - ''
+ - - {get_param: ControlPlaneIp}
+ - '/'
+ - {get_param: ControlPlaneSubnetCidr}
+ external_subnet: {get_param: ExternalIpSubnet}
+ internal_api_subnet: {get_param: InternalApiIpSubnet}
+ storage_subnet: {get_param: StorageIpSubnet}
+ storage_mgmt_subnet: {get_param: StorageMgmtIpSubnet}
+ tenant_subnet: {get_param: TenantIpSubnet}
+ management_subnet: {get_param: ManagementIpSubnet}
+ ctlplane_uri: {get_param: ControlPlaneIp}
+ external_uri: {get_param: ExternalIpUri}
+ internal_api_uri: {get_param: InternalApiIpUri}
+ storage_uri: {get_param: StorageIpUri}
+ storage_mgmt_uri: {get_param: StorageMgmtIpUri}
+ tenant_uri: {get_param: TenantIpUri}
+ management_uri: {get_param: ManagementIpUri}
+ - keys:
+ external: {get_param: ExternalNetName}
+ internal_api: {get_param: InternalApiNetName}
+ storage: {get_param: StorageNetName}
+ storage_mgmt: {get_param: StorageMgmtNetName}
+ tenant: {get_param: TenantNetName}
+ management: {get_param: ManagementNetName}
+ external_subnet:
+ str_replace:
+ template: NAME_subnet
+ params:
+ NAME: {get_param: ExternalNetName}
+ internal_api_subnet:
+ str_replace:
+ template: NAME_subnet
+ params:
+ NAME: {get_param: InternalApiNetName}
+ storage_subnet:
+ str_replace:
+ template: NAME_subnet
+ params:
+ NAME: {get_param: StorageNetName}
+ storage_mgmt_subnet:
+ str_replace:
+ template: NAME_subnet
+ params:
+ NAME: {get_param: StorageMgmtNetName}
+ tenant_subnet:
+ str_replace:
+ template: NAME_subnet
+ params:
+ NAME: {get_param: TenantNetName}
+ management_subnet:
+ str_replace:
+ template: NAME_subnet
+ params:
+ NAME: {get_param: ManagementNetName}
+ external_uri:
+ str_replace:
+ template: NAME_uri
+ params:
+ NAME: {get_param: ExternalNetName}
+ internal_api_uri:
+ str_replace:
+ template: NAME_uri
+ params:
+ NAME: {get_param: InternalApiNetName}
+ storage_uri:
+ str_replace:
+ template: NAME_uri
+ params:
+ NAME: {get_param: StorageNetName}
+ storage_mgmt_uri:
+ str_replace:
+ template: NAME_uri
+ params:
+ NAME: {get_param: StorageMgmtNetName}
+ tenant_uri:
+ str_replace:
+ template: NAME_uri
+ params:
+ NAME: {get_param: TenantNetName}
+ management_uri:
+ str_replace:
+ template: NAME_uri
+ params:
+ NAME: {get_param: ManagementNetName}
+
outputs:
net_ip_map:
description: >
A Hash containing a mapping of network names to assigned IPs
for a specific machine.
- value:
- ctlplane: {get_param: ControlPlaneIp}
- external: {get_param: ExternalIp}
- internal_api: {get_param: InternalApiIp}
- storage: {get_param: StorageIp}
- storage_mgmt: {get_param: StorageMgmtIp}
- tenant: {get_param: TenantIp}
- management: {get_param: ManagementIp}
- ctlplane_subnet:
- list_join:
- - ''
- - - {get_param: ControlPlaneIp}
- - '/'
- - {get_param: ControlPlaneSubnetCidr}
- external_subnet: {get_param: ExternalIpSubnet}
- internal_api_subnet: {get_param: InternalApiIpSubnet}
- storage_subnet: {get_param: StorageIpSubnet}
- storage_mgmt_subnet: {get_param: StorageMgmtIpSubnet}
- tenant_subnet: {get_param: TenantIpSubnet}
- management_subnet: {get_param: ManagementIpSubnet}
- ctlplane_uri: {get_param: ControlPlaneIp}
- external_uri: {get_param: ExternalIpUri}
- internal_api_uri: {get_param: InternalApiIpUri}
- storage_uri: {get_param: StorageIpUri}
- storage_mgmt_uri: {get_param: StorageMgmtIpUri}
- tenant_uri: {get_param: TenantIpUri}
- management_uri: {get_param: ManagementIpUri}
+ value: {get_attr: [NetIpMapValue, value]}
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 1360d0be..b811a5a3 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -248,6 +248,7 @@ resource_registry:
OS::TripleO::Services::OctaviaHousekeeping: OS::Heat::None
OS::TripleO::Services::OctaviaWorker: OS::Heat::None
OS::TripleO::Services::MySQLClient: puppet/services/database/mysql-client.yaml
+ OS::TripleO::Services::Vpp: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index e9447b94..e99f770f 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -243,6 +243,12 @@ resources:
NetIpMap: {get_attr: [VipMap, net_ip_map]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
+ EndpointMapData:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value: {get_attr: [EndpointMap, endpoint_map]}
+
# Jinja loop for Role in roles_data.yaml
{% for role in roles %}
# Resources generated for {{role.name}} Role
@@ -634,7 +640,7 @@ outputs:
value: true
KeystoneURL:
description: URL for the Overcloud Keystone service
- value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
+ value: {get_attr: [EndpointMapData, value, KeystonePublic, uri]}
KeystoneAdminVip:
description: Keystone Admin VIP endpoint
value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
@@ -643,7 +649,7 @@ outputs:
Mapping of the resources with the needed info for their endpoints.
This includes the protocol used, the IP, port and also a full
representation of the URI.
- value: {get_attr: [EndpointMap, endpoint_map]}
+ value: {get_attr: [EndpointMapData, value]}
HostsEntry:
description: |
The content that should be appended to your /etc/hosts if you want to get
diff --git a/plan-environment.yaml b/plan-environment.yaml
new file mode 100644
index 00000000..f629eff3
--- /dev/null
+++ b/plan-environment.yaml
@@ -0,0 +1,5 @@
+version: 1.0
+
+template: overcloud.yaml
+environments:
+- path: overcloud-resource-registry-puppet.yaml
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index ee43c3a5..7edf17af 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -68,6 +68,32 @@ parameters:
type: boolean
default: false
+ InternalApiNetName:
+ default: internal_api
+ description: The name of the internal API network.
+ type: string
+ ExternalNetName:
+ default: external
+ description: The name of the external network.
+ type: string
+ ManagementNetName:
+ default: management
+ description: The name of the management network.
+ type: string
+ StorageNetName:
+ default: storage
+ description: The name of the storage network.
+ type: string
+ StorageMgmtNetName:
+ default: storage_mgmt
+ description: The name of the Storage management network.
+ type: string
+ TenantNetName:
+ default: tenant
+ description: The name of the tenant network.
+ type: string
+
+
resources:
allNodesConfigImpl:
@@ -175,21 +201,21 @@ resources:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
keystone_public_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
- public_virtual_ip: {get_param: [NetVipMap, external]}
+ public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
- internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
- storage_virtual_ip: {get_param: [NetVipMap, storage]}
- storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
+ internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
+ storage_virtual_ip: {get_param: [NetVipMap, {get_param: StorageNetName}]}
+ storage_mgmt_virtual_ip: {get_param: [NetVipMap, {get_param: StorageMgmtNetName}]}
redis_vip: {get_param: RedisVirtualIP}
# public_virtual_ip and controller_virtual_ip are needed in
# both HAproxy & keepalived.
- tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
+ tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
- tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
+ tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
- tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
- tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
- tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
+ tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
+ tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, {get_param: StorageNetName}]}
+ tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, {get_param: StorageMgmtNetName}]}
tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
cloud_name_external: {get_param: cloud_name_external}
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index a5218dbe..51f9abac 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -448,6 +448,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 0867e17f..d7d7f478 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -460,6 +460,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: CephStorage}
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 1a0294af..ebdd762d 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -483,6 +483,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index 825006ba..2f4f583c 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -523,6 +523,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
diff --git a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
index 3daf3fd3..b6d1239a 100644
--- a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
@@ -53,41 +53,40 @@ resources:
NetworkMidoNetConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- midonet_data:
- mapped_data:
- enable_zookeeper_on_controller: {get_param: EnableZookeeperOnController}
- enable_cassandra_on_controller: {get_param: EnableCassandraOnController}
- midonet_tunnelzone_name: {get_param: TunnelZoneName}
- midonet_tunnelzone_type: {get_param: TunnelZoneType}
- midonet_libvirt_qemu_data: |
- user = "root"
- group = "root"
- cgroup_device_acl = [
- "/dev/null", "/dev/full", "/dev/zero",
- "/dev/random", "/dev/urandom",
- "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
- "/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
- "/dev/net/tun"
- ]
- tripleo::cluster::cassandra::storage_port: {get_param: CassandraStoragePort}
- tripleo::cluster::cassandra::ssl_storage_port: {get_param: CassandraSslStoragePort}
- tripleo::cluster::cassandra::client_port: {get_param: CassandraClientPort}
- tripleo::cluster::cassandra::client_port_thrift: {get_param: CassandraClientPortThrift}
- tripleo::haproxy::midonet_api: true
- # Missed Neutron Puppet data
- neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.MidonetInterfaceDriver'
- neutron::agents::dhcp::dhcp_driver: 'midonet.neutron.agent.midonet_driver.DhcpNoOpDriver'
- neutron::plugins::midonet::midonet_api_port: 8081
- neutron::params::midonet_server_package: 'python-networking-midonet'
+ datafiles:
+ midonet_data:
+ mapped_data:
+ enable_zookeeper_on_controller: {get_param: EnableZookeeperOnController}
+ enable_cassandra_on_controller: {get_param: EnableCassandraOnController}
+ midonet_tunnelzone_name: {get_param: TunnelZoneName}
+ midonet_tunnelzone_type: {get_param: TunnelZoneType}
+ midonet_libvirt_qemu_data: |
+ user = "root"
+ group = "root"
+ cgroup_device_acl = [
+ "/dev/null", "/dev/full", "/dev/zero",
+ "/dev/random", "/dev/urandom",
+ "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
+ "/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
+ "/dev/net/tun"
+ ]
+ tripleo::cluster::cassandra::storage_port: {get_param: CassandraStoragePort}
+ tripleo::cluster::cassandra::ssl_storage_port: {get_param: CassandraSslStoragePort}
+ tripleo::cluster::cassandra::client_port: {get_param: CassandraClientPort}
+ tripleo::cluster::cassandra::client_port_thrift: {get_param: CassandraClientPortThrift}
+ tripleo::haproxy::midonet_api: true
+ # Missed Neutron Puppet data
+ neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.MidonetInterfaceDriver'
+ neutron::agents::dhcp::dhcp_driver: 'midonet.neutron.agent.midonet_driver.DhcpNoOpDriver'
+ neutron::plugins::midonet::midonet_api_port: 8081
+ neutron::params::midonet_server_package: 'python-networking-midonet'
- # Make sure the l3 agent does not run
- l3_agent_service: false
- neutron::agents::l3::manage_service: false
- neutron::agents::l3::enabled: false
+ # Make sure the l3 agent does not run
+ l3_agent_service: false
+ neutron::agents::l3::manage_service: false
+ neutron::agents::l3::enabled: false
NetworkMidonetDeploymentControllers:
diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
index 9b900bc4..b05fa636 100644
--- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
@@ -101,31 +101,30 @@ resources:
NetworkCiscoConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- neutron_cisco_data:
- mapped_data:
- neutron::plugins::ml2::cisco::ucsm::ucsm_ip: {get_input: UCSM_ip}
- neutron::plugins::ml2::cisco::ucsm::ucsm_username: {get_input: UCSM_username}
- neutron::plugins::ml2::cisco::ucsm::ucsm_password: {get_input: UCSM_password}
- neutron::plugins::ml2::cisco::ucsm::ucsm_host_list: {get_input: UCSM_host_list}
- neutron::plugins::ml2::cisco::ucsm::supported_pci_devs: {get_input: UCSMSupportedPciDevs}
- neutron::plugins::ml2::cisco::nexus::nexus_config: {get_input: NexusConfig}
- neutron::plugins::ml2::cisco::nexus::managed_physical_network: {get_input: NexusManagedPhysicalNetwork}
- neutron::plugins::ml2::cisco::nexus::vlan_name_prefix: {get_input: NexusVlanNamePrefix}
- neutron::plugins::ml2::cisco::nexus::svi_round_robin: {get_input: NexusSviRoundRobin}
- neutron::plugins::ml2::cisco::nexus::provider_vlan_name_prefix: {get_input: NexusProviderVlanNamePrefix}
- neutron::plugins::ml2::cisco::nexus::persistent_switch_config: {get_input: NexusPersistentSwitchConfig}
- neutron::plugins::ml2::cisco::nexus::switch_heartbeat_time: {get_input: NexusSwitchHeartbeatTime}
- neutron::plugins::ml2::cisco::nexus::switch_replay_count: {get_input: NexusSwitchReplayCount}
- neutron::plugins::ml2::cisco::nexus::provider_vlan_auto_create: {get_input: NexusProviderVlanAutoCreate}
- neutron::plugins::ml2::cisco::nexus::provider_vlan_auto_trunk: {get_input: NexusProviderVlanAutoTrunk}
- neutron::plugins::ml2::cisco::nexus::vxlan_global_config: {get_input: NexusVxlanGlobalConfig}
- neutron::plugins::ml2::cisco::nexus::host_key_checks: {get_input: NexusHostKeyChecks}
- neutron::plugins::ml2::cisco::type_nexus_vxlan::vni_ranges: {get_input: NexusVxlanVniRanges}
- neutron::plugins::ml2::cisco::type_nexus_vxlan::mcast_ranges: {get_input: NexusVxlanMcastRanges}
+ datafiles:
+ neutron_cisco_data:
+ mapped_data:
+ neutron::plugins::ml2::cisco::ucsm::ucsm_ip: {get_input: UCSM_ip}
+ neutron::plugins::ml2::cisco::ucsm::ucsm_username: {get_input: UCSM_username}
+ neutron::plugins::ml2::cisco::ucsm::ucsm_password: {get_input: UCSM_password}
+ neutron::plugins::ml2::cisco::ucsm::ucsm_host_list: {get_input: UCSM_host_list}
+ neutron::plugins::ml2::cisco::ucsm::supported_pci_devs: {get_input: UCSMSupportedPciDevs}
+ neutron::plugins::ml2::cisco::nexus::nexus_config: {get_input: NexusConfig}
+ neutron::plugins::ml2::cisco::nexus::managed_physical_network: {get_input: NexusManagedPhysicalNetwork}
+ neutron::plugins::ml2::cisco::nexus::vlan_name_prefix: {get_input: NexusVlanNamePrefix}
+ neutron::plugins::ml2::cisco::nexus::svi_round_robin: {get_input: NexusSviRoundRobin}
+ neutron::plugins::ml2::cisco::nexus::provider_vlan_name_prefix: {get_input: NexusProviderVlanNamePrefix}
+ neutron::plugins::ml2::cisco::nexus::persistent_switch_config: {get_input: NexusPersistentSwitchConfig}
+ neutron::plugins::ml2::cisco::nexus::switch_heartbeat_time: {get_input: NexusSwitchHeartbeatTime}
+ neutron::plugins::ml2::cisco::nexus::switch_replay_count: {get_input: NexusSwitchReplayCount}
+ neutron::plugins::ml2::cisco::nexus::provider_vlan_auto_create: {get_input: NexusProviderVlanAutoCreate}
+ neutron::plugins::ml2::cisco::nexus::provider_vlan_auto_trunk: {get_input: NexusProviderVlanAutoTrunk}
+ neutron::plugins::ml2::cisco::nexus::vxlan_global_config: {get_input: NexusVxlanGlobalConfig}
+ neutron::plugins::ml2::cisco::nexus::host_key_checks: {get_input: NexusHostKeyChecks}
+ neutron::plugins::ml2::cisco::type_nexus_vxlan::vni_ranges: {get_input: NexusVxlanVniRanges}
+ neutron::plugins::ml2::cisco::type_nexus_vxlan::mcast_ranges: {get_input: NexusVxlanMcastRanges}
NetworkCiscoDeployment:
type: OS::Heat::StructuredDeployments
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
index 7fe2a842..533c0ee9 100644
--- a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
@@ -20,14 +20,13 @@ resources:
NeutronBigswitchConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- neutron_bigswitch_data:
- mapped_data:
- neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent}
- neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp}
+ datafiles:
+ neutron_bigswitch_data:
+ mapped_data:
+ neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent}
+ neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp}
NeutronBigswitchDeployment:
type: OS::Heat::StructuredDeployment
diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
index 47c782c7..1d16e909 100644
--- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
@@ -50,22 +50,21 @@ resources:
NovaNuageConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- nova_nuage_data:
- mapped_data:
- nuage::vrs::active_controller: {get_input: ActiveController}
- nuage::vrs::standby_controller: {get_input: StandbyController}
- nuage::metadataagent::metadata_port: {get_input: MetadataPort}
- nuage::metadataagent::nova_metadata_port: {get_input: NovaMetadataPort}
- nuage::metadataagent::metadata_secret: {get_input: SharedSecret}
- nuage::metadataagent::nova_client_version: {get_input: NovaClientVersion}
- nuage::metadataagent::nova_os_username: {get_input: NovaOsUsername}
- nuage::metadataagent::metadata_agent_start_with_ovs: {get_input: MetadataAgentStartWithOvs}
- nuage::metadataagent::nova_api_endpoint_type: {get_input: NovaApiEndpointType}
- nuage::metadataagent::nova_region_name: {get_input: NovaRegionName}
+ datafiles:
+ nova_nuage_data:
+ mapped_data:
+ nuage::vrs::active_controller: {get_input: ActiveController}
+ nuage::vrs::standby_controller: {get_input: StandbyController}
+ nuage::metadataagent::metadata_port: {get_input: MetadataPort}
+ nuage::metadataagent::nova_metadata_port: {get_input: NovaMetadataPort}
+ nuage::metadataagent::metadata_secret: {get_input: SharedSecret}
+ nuage::metadataagent::nova_client_version: {get_input: NovaClientVersion}
+ nuage::metadataagent::nova_os_username: {get_input: NovaOsUsername}
+ nuage::metadataagent::metadata_agent_start_with_ovs: {get_input: MetadataAgentStartWithOvs}
+ nuage::metadataagent::nova_api_endpoint_type: {get_input: NovaApiEndpointType}
+ nuage::metadataagent::nova_region_name: {get_input: NovaRegionName}
NovaNuageDeployment:
type: OS::Heat::StructuredDeployment
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
index 763ae39a..378f7f98 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
@@ -91,35 +91,34 @@ resources:
CinderNetappConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- cinder_netapp_data:
- mapped_data:
- tripleo::profile::base::cinder::volume::cinder_enable_netapp_backend: {get_input: EnableNetappBackend}
- cinder::backend::netapp::title: {get_input: NetappBackendName}
- cinder::backend::netapp::netapp_login: {get_input: NetappLogin}
- cinder::backend::netapp::netapp_password: {get_input: NetappPassword}
- cinder::backend::netapp::netapp_server_hostname: {get_input: NetappServerHostname}
- cinder::backend::netapp::netapp_server_port: {get_input: NetappServerPort}
- cinder::backend::netapp::netapp_size_multiplier: {get_input: NetappSizeMultiplier}
- cinder::backend::netapp::netapp_storage_family: {get_input: NetappStorageFamily}
- cinder::backend::netapp::netapp_storage_protocol: {get_input: NetappStorageProtocol}
- cinder::backend::netapp::netapp_transport_type: {get_input: NetappTransportType}
- cinder::backend::netapp::netapp_vfiler: {get_input: NetappVfiler}
- cinder::backend::netapp::netapp_volume_list: {get_input: NetappVolumeList}
- cinder::backend::netapp::netapp_vserver: {get_input: NetappVserver}
- cinder::backend::netapp::netapp_partner_backend_name: {get_input: NetappPartnerBackendName}
- cinder::backend::netapp::nfs_shares: {get_input: NetappNfsShares}
- cinder::backend::netapp::nfs_shares_config: {get_input: NetappNfsSharesConfig}
- cinder::backend::netapp::nfs_mount_options: {get_input: NetappNfsMountOptions}
- cinder::backend::netapp::netapp_copyoffload_tool_path: {get_input: NetappCopyOffloadToolPath}
- cinder::backend::netapp::netapp_controller_ips: {get_input: NetappControllerIps}
- cinder::backend::netapp::netapp_sa_password: {get_input: NetappSaPassword}
- cinder::backend::netapp::netapp_storage_pools: {get_input: NetappStoragePools}
- cinder::backend::netapp::netapp_host_type: {get_input: NetappHostType}
- cinder::backend::netapp::netapp_webservice_path: {get_input: NetappWebservicePath}
+ datafiles:
+ cinder_netapp_data:
+ mapped_data:
+ tripleo::profile::base::cinder::volume::cinder_enable_netapp_backend: {get_input: EnableNetappBackend}
+ cinder::backend::netapp::title: {get_input: NetappBackendName}
+ cinder::backend::netapp::netapp_login: {get_input: NetappLogin}
+ cinder::backend::netapp::netapp_password: {get_input: NetappPassword}
+ cinder::backend::netapp::netapp_server_hostname: {get_input: NetappServerHostname}
+ cinder::backend::netapp::netapp_server_port: {get_input: NetappServerPort}
+ cinder::backend::netapp::netapp_size_multiplier: {get_input: NetappSizeMultiplier}
+ cinder::backend::netapp::netapp_storage_family: {get_input: NetappStorageFamily}
+ cinder::backend::netapp::netapp_storage_protocol: {get_input: NetappStorageProtocol}
+ cinder::backend::netapp::netapp_transport_type: {get_input: NetappTransportType}
+ cinder::backend::netapp::netapp_vfiler: {get_input: NetappVfiler}
+ cinder::backend::netapp::netapp_volume_list: {get_input: NetappVolumeList}
+ cinder::backend::netapp::netapp_vserver: {get_input: NetappVserver}
+ cinder::backend::netapp::netapp_partner_backend_name: {get_input: NetappPartnerBackendName}
+ cinder::backend::netapp::nfs_shares: {get_input: NetappNfsShares}
+ cinder::backend::netapp::nfs_shares_config: {get_input: NetappNfsSharesConfig}
+ cinder::backend::netapp::nfs_mount_options: {get_input: NetappNfsMountOptions}
+ cinder::backend::netapp::netapp_copyoffload_tool_path: {get_input: NetappCopyOffloadToolPath}
+ cinder::backend::netapp::netapp_controller_ips: {get_input: NetappControllerIps}
+ cinder::backend::netapp::netapp_sa_password: {get_input: NetappSaPassword}
+ cinder::backend::netapp::netapp_storage_pools: {get_input: NetappStoragePools}
+ cinder::backend::netapp::netapp_host_type: {get_input: NetappHostType}
+ cinder::backend::netapp::netapp_webservice_path: {get_input: NetappWebservicePath}
CinderNetappDeployment:
type: OS::Heat::StructuredDeployment
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
index 0f4806db..1456337f 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
@@ -38,19 +38,18 @@ resources:
NeutronBigswitchConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- neutron_bigswitch_data:
- mapped_data:
- neutron::plugins::ml2::bigswitch::restproxy::servers: {get_input: restproxy_servers}
- neutron::plugins::ml2::bigswitch::restproxy::server_auth: {get_input: restproxy_server_auth}
- neutron::plugins::ml2::bigswitch::restproxy::auto_sync_on_failure: {get_input: restproxy_auto_sync_on_failure}
- neutron::plugins::ml2::bigswitch::restproxy::consistency_interval: {get_input: restproxy_consistency_interval}
- neutron::plugins::ml2::bigswitch::restproxy::neutron_id: {get_input: restproxy_neutron_id}
- neutron::plugins::ml2::bigswitch::restproxy::server_ssl: {get_input: restproxy_server_ssl}
- neutron::plugins::ml2::bigswitch::restproxy::ssl_cert_directory: {get_input: restproxy_ssl_cert_directory}
+ datafiles:
+ neutron_bigswitch_data:
+ mapped_data:
+ neutron::plugins::ml2::bigswitch::restproxy::servers: {get_input: restproxy_servers}
+ neutron::plugins::ml2::bigswitch::restproxy::server_auth: {get_input: restproxy_server_auth}
+ neutron::plugins::ml2::bigswitch::restproxy::auto_sync_on_failure: {get_input: restproxy_auto_sync_on_failure}
+ neutron::plugins::ml2::bigswitch::restproxy::consistency_interval: {get_input: restproxy_consistency_interval}
+ neutron::plugins::ml2::bigswitch::restproxy::neutron_id: {get_input: restproxy_neutron_id}
+ neutron::plugins::ml2::bigswitch::restproxy::server_ssl: {get_input: restproxy_server_ssl}
+ neutron::plugins::ml2::bigswitch::restproxy::ssl_cert_directory: {get_input: restproxy_ssl_cert_directory}
NeutronBigswitchDeployment:
type: OS::Heat::StructuredDeployment
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
index 6eae812f..bca6010a 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
@@ -96,48 +96,47 @@ resources:
CiscoN1kvConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: hiera
config:
- hiera:
- datafiles:
- cisco_n1kv_data:
- mapped_data:
- #enable_cisco_n1kv: {get_input: EnableCiscoN1kv}
- # VEM Parameters
- n1kv_vem_source: {get_input: n1kv_vem_source}
- n1kv_vem_version: {get_input: n1kv_vem_version}
- neutron::agents::n1kv_vem::n1kv_vsm_ip: {get_input: n1kv_vsm_ip}
- neutron::agents::n1kv_vem::n1kv_vsm_domain_id: {get_input: n1kv_vsm_domain_id}
- neutron::agents::n1kv_vem::n1kv_vsm_ip_v6: {get_input: n1kv_vsm_ip_v6}
- neutron::agents::n1kv_vem::host_mgmt_intf: {get_input: n1kv_vem_host_mgmt_intf}
- neutron::agents::n1kv_vem::uplink_profile: {get_input: n1kv_vem_uplink_profile}
- neutron::agents::n1kv_vem::vtep_config: {get_input: n1kv_vem_vtep_config}
- neutron::agents::n1kv_vem::portdb: {get_input: n1kv_vem_portdb}
- neutron::agents::n1kv_vem::vteps_in_same_subnet: {get_input: n1kv_vem_vteps_in_same_subnet}
- neutron::agents::n1kv_vem::fastpath_flood: {get_input: n1kv_vem_fastpath_flood}
- #VSM Parameter
- n1kv_vsm_source: {get_input: n1kv_vsm_source}
- n1kv_vsm_version: {get_input: n1kv_vsm_version}
- n1k_vsm::phy_if_bridge: {get_input: n1kv_vsm_host_mgmt_intf}
- n1k_vsm::vsm_role: {get_input: n1kv_vsm_role}
- n1k_vsm::pacemaker_control: {get_input: n1kv_vsm_pacemaker_ctrl}
- n1k_vsm::existing_bridge: {get_input: n1kv_vsm_existing_br}
- n1k_vsm::vsm_admin_passwd: {get_input: n1kv_vsm_password}
- n1k_vsm::vsm_domain_id: {get_input: n1kv_vsm_domain_id}
- n1k_vsm::vsm_mgmt_ip: {get_input: n1kv_vsm_ip}
- n1k_vsm::vsm_mgmt_netmask: {get_input: n1kv_vsm_mgmt_netmask}
- n1k_vsm::vsm_mgmt_gateway: {get_input: n1kv_vsm_gateway_ip}
- n1k_vsm::phy_gateway: {get_input: n1kv_vsm_gateway_ip}
- n1k_vsm::phy_bridge_vlan: {get_input: n1kv_phy_brige_vlan}
- # Cisco N1KV driver Parameters
- neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_ip: {get_input: n1kv_vsm_ip}
- neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_username: {get_input: n1kv_vsm_username}
- neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_password: {get_input: n1kv_vsm_password}
- neutron::plugins::ml2::cisco::nexus1000v::poll_duration: {get_input: n1kv_vsm_poll_duration}
- neutron::plugins::ml2::cisco::nexus1000v::http_pool_size: {get_input: n1kv_vsm_http_pool_size}
- neutron::plugins::ml2::cisco::nexus1000v::http_timeout: {get_input: n1kv_vsm_http_timeout}
- neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_sync_interval: {get_input: n1kv_vsm_sync_interval}
- neutron::plugins::ml2::cisco::nexus1000v::max_vsm_retries: {get_input: n1kv_max_vsm_retries}
+ datafiles:
+ cisco_n1kv_data:
+ mapped_data:
+ #enable_cisco_n1kv: {get_input: EnableCiscoN1kv}
+ # VEM Parameters
+ n1kv_vem_source: {get_input: n1kv_vem_source}
+ n1kv_vem_version: {get_input: n1kv_vem_version}
+ neutron::agents::n1kv_vem::n1kv_vsm_ip: {get_input: n1kv_vsm_ip}
+ neutron::agents::n1kv_vem::n1kv_vsm_domain_id: {get_input: n1kv_vsm_domain_id}
+ neutron::agents::n1kv_vem::n1kv_vsm_ip_v6: {get_input: n1kv_vsm_ip_v6}
+ neutron::agents::n1kv_vem::host_mgmt_intf: {get_input: n1kv_vem_host_mgmt_intf}
+ neutron::agents::n1kv_vem::uplink_profile: {get_input: n1kv_vem_uplink_profile}
+ neutron::agents::n1kv_vem::vtep_config: {get_input: n1kv_vem_vtep_config}
+ neutron::agents::n1kv_vem::portdb: {get_input: n1kv_vem_portdb}
+ neutron::agents::n1kv_vem::vteps_in_same_subnet: {get_input: n1kv_vem_vteps_in_same_subnet}
+ neutron::agents::n1kv_vem::fastpath_flood: {get_input: n1kv_vem_fastpath_flood}
+ #VSM Parameter
+ n1kv_vsm_source: {get_input: n1kv_vsm_source}
+ n1kv_vsm_version: {get_input: n1kv_vsm_version}
+ n1k_vsm::phy_if_bridge: {get_input: n1kv_vsm_host_mgmt_intf}
+ n1k_vsm::vsm_role: {get_input: n1kv_vsm_role}
+ n1k_vsm::pacemaker_control: {get_input: n1kv_vsm_pacemaker_ctrl}
+ n1k_vsm::existing_bridge: {get_input: n1kv_vsm_existing_br}
+ n1k_vsm::vsm_admin_passwd: {get_input: n1kv_vsm_password}
+ n1k_vsm::vsm_domain_id: {get_input: n1kv_vsm_domain_id}
+ n1k_vsm::vsm_mgmt_ip: {get_input: n1kv_vsm_ip}
+ n1k_vsm::vsm_mgmt_netmask: {get_input: n1kv_vsm_mgmt_netmask}
+ n1k_vsm::vsm_mgmt_gateway: {get_input: n1kv_vsm_gateway_ip}
+ n1k_vsm::phy_gateway: {get_input: n1kv_vsm_gateway_ip}
+ n1k_vsm::phy_bridge_vlan: {get_input: n1kv_phy_brige_vlan}
+ # Cisco N1KV driver Parameters
+ neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_ip: {get_input: n1kv_vsm_ip}
+ neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_username: {get_input: n1kv_vsm_username}
+ neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_password: {get_input: n1kv_vsm_password}
+ neutron::plugins::ml2::cisco::nexus1000v::poll_duration: {get_input: n1kv_vsm_poll_duration}
+ neutron::plugins::ml2::cisco::nexus1000v::http_pool_size: {get_input: n1kv_vsm_http_pool_size}
+ neutron::plugins::ml2::cisco::nexus1000v::http_timeout: {get_input: n1kv_vsm_http_timeout}
+ neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_sync_interval: {get_input: n1kv_vsm_sync_interval}
+ neutron::plugins::ml2::cisco::nexus1000v::max_vsm_retries: {get_input: n1kv_max_vsm_retries}
CiscoN1kvDeployment:
type: OS::Heat::StructuredDeployment
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index 172484dc..6ee06d78 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -447,6 +447,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: SwiftStorage}
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index 2e1bd6f1..1f68f41f 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -481,6 +481,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: {{role}}}
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index e5c11535..f19b6cca 100644
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -100,11 +100,26 @@ step, "step2" for the second, etc.
Steps/tages correlate to the following:
- 1) Quiesce the control-plane, e.g disable LoadBalancer, stop pacemaker cluster
-
- 2) Stop all control-plane services, ready for upgrade
-
- 3) Perform a package update, (either specific packages or the whole system)
+ 1) Stop all control-plane services.
+
+ 2) Quiesce the control-plane, e.g disable LoadBalancer, stop
+ pacemaker cluster: this will stop the following resource:
+ - ocata:
+ - galera
+ - rabbit
+ - redis
+ - haproxy
+ - vips
+ - cinder-volumes
+ - cinder-backup
+ - manilla-share
+ - rbd-mirror
+
+ The exact order is controlled by the cluster constraints.
+
+ 3) Perform a package update and install new packages: A general
+ upgrade is done, and only new package should go into service
+ ansible tasks.
4) Start services needed for migration tasks (e.g DB)
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index 4bd9fc47..d7c87b61 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -87,5 +87,5 @@ outputs:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Stop aodh_api service (running under httpd)
- tags: step2
+ tags: step1
service: name=httpd state=stopped
diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml
index 56dbb558..b8be4a91 100644
--- a/puppet/services/aodh-evaluator.yaml
+++ b/puppet/services/aodh-evaluator.yaml
@@ -41,9 +41,16 @@ outputs:
step_config: |
include tripleo::profile::base::aodh::evaluator
upgrade_tasks:
+ - name: Check if aodh_evaluator is deployed
+ command: systemctl is-enabled openstack-aodh-evaluator
+ tags: common
+ ignore_errors: True
+ register: aodh_evaluator_enabled
- name: "PreUpgrade step0,validation: Check service openstack-aodh-evaluator is running"
shell: /usr/bin/systemctl show 'openstack-aodh-evaluator' --property ActiveState | grep '\bactive\b'
+ when: aodh_evaluator_enabled.rc == 0
tags: step0,validation
- name: Stop aodh_evaluator service
- tags: step2
+ tags: step1
+ when: aodh_evaluator_enabled.rc == 0
service: name=openstack-aodh-evaluator state=stopped
diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml
index 76db0ca8..f5c9330d 100644
--- a/puppet/services/aodh-listener.yaml
+++ b/puppet/services/aodh-listener.yaml
@@ -41,9 +41,16 @@ outputs:
step_config: |
include tripleo::profile::base::aodh::listener
upgrade_tasks:
+ - name: Check if aodh_listener is deployed
+ command: systemctl is-enabled openstack-aodh-listener
+ tags: common
+ ignore_errors: True
+ register: aodh_listener_enabled
- name: "PreUpgrade step0,validation: Check service openstack-aodh-listener is running"
shell: /usr/bin/systemctl show 'openstack-aodh-listener' --property ActiveState | grep '\bactive\b'
+ when: aodh_listener_enabled.rc == 0
tags: step0,validation
- name: Stop aodh_listener service
- tags: step2
+ tags: step1
+ when: aodh_listener_enabled.rc == 0
service: name=openstack-aodh-listener state=stopped
diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml
index 30c67635..84c50dd6 100644
--- a/puppet/services/aodh-notifier.yaml
+++ b/puppet/services/aodh-notifier.yaml
@@ -41,9 +41,16 @@ outputs:
step_config: |
include tripleo::profile::base::aodh::notifier
upgrade_tasks:
+ - name: Check if aodh_notifier is deployed
+ command: systemctl is-enabled openstack-aodh-notifier
+ tags: common
+ ignore_errors: True
+ register: aodh_notifier_enabled
- name: "PreUpgrade step0,validation: Check service openstack-aodh-notifier is running"
shell: /usr/bin/systemctl show 'openstack-aodh-notifier' --property ActiveState | grep '\bactive\b'
+ when: aodh_notifier_enabled.rc == 0
tags: step0,validation
- name: Stop aodh_notifier service
- tags: step2
+ tags: step1
+ when: aodh_notifier_enabled.rc == 0
service: name=openstack-aodh-notifier state=stopped
diff --git a/puppet/services/apache-internal-tls-certmonger.yaml b/puppet/services/apache-internal-tls-certmonger.yaml
index 4c21e02a..4c94f440 100644
--- a/puppet/services/apache-internal-tls-certmonger.yaml
+++ b/puppet/services/apache-internal-tls-certmonger.yaml
@@ -64,6 +64,12 @@ outputs:
for_each:
$NETWORK: {get_attr: [ApacheNetworks, value]}
upgrade_tasks:
+ - name: Check if httpd is deployed
+ command: systemctl is-enabled httpd
+ tags: common
+ ignore_errors: True
+ register: httpd_enabled
- name: "PreUpgrade step0,validation: Check service httpd is running"
shell: /usr/bin/systemctl show 'httpd' --property ActiveState | grep '\bactive\b'
+ when: httpd_enabled.rc == 0
tags: step0,validation
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index 74ddbde8..2d950151 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -67,6 +67,12 @@ outputs:
metadata_settings:
get_attr: [ApacheTLS, role_data, metadata_settings]
upgrade_tasks:
+ - name: Check if httpd is deployed
+ command: systemctl is-enabled httpd
+ tags: common
+ ignore_errors: True
+ register: httpd_enabled
- name: "PreUpgrade step0,validation: Check service httpd is running"
shell: /usr/bin/systemctl show 'httpd' --property ActiveState | grep '\bactive\b'
+ when: httpd_enabled.rc == 0
tags: step0,validation
diff --git a/puppet/services/auditd.yaml b/puppet/services/auditd.yaml
index 639631e1..8085ac8b 100644
--- a/puppet/services/auditd.yaml
+++ b/puppet/services/auditd.yaml
@@ -32,3 +32,19 @@ outputs:
auditd::rules: {get_param: AuditdRules}
step_config: |
include ::tripleo::profile::base::auditd
+ upgrade_tasks:
+ - name: Check if auditd is deployed
+ command: systemctl is-enabled auditd
+ tags: common
+ ignore_errors: True
+ register: auditd_enabled
+ - name: "PreUpgrade step0,validation: Check if auditd is running"
+ shell: >
+ /usr/bin/systemctl show 'auditd' --property ActiveState |
+ grep '\bactive\b'
+ when: auditd_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop auditd service
+ tags: step2
+ when: auditd_enabled.rc == 0
+ service: name=auditd state=stopped
diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index ffc4c83a..cba92415 100644
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -146,6 +146,16 @@ outputs:
metadata_settings:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
+ - name: Check if barbican_api is deployed
+ command: systemctl is-enabled openstack-barbican-api
+ tags: common
+ ignore_errors: True
+ register: barbican_api_enabled
- name: "PreUpgrade step0,validation: Check service openstack-barbican-api is running"
shell: /usr/bin/systemctl show 'openstack-barbican-api' --property ActiveState | grep '\bactive\b'
+ when: barbican_api_enabled.rc == 0
tags: step0,validation
+ - name: Install openstack-barbican-api package if it was disabled
+ tags: step3
+ yum: name=openstack-barbican-api state=latest
+ when: barbican_api_enabled.rc != 0
diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml
index cf8a8a8e..80823526 100644
--- a/puppet/services/ceilometer-agent-central.yaml
+++ b/puppet/services/ceilometer-agent-central.yaml
@@ -52,12 +52,20 @@ outputs:
map_merge:
- get_attr: [CeilometerServiceBase, role_data, config_settings]
- ceilometer_redis_password: {get_param: RedisPassword}
+ central_namespace: true
step_config: |
- include ::tripleo::profile::base::ceilometer::agent::central
+ include ::tripleo::profile::base::ceilometer::agent::polling
upgrade_tasks:
+ - name: Check if ceilometer_agent_central is deployed
+ command: systemctl is-enabled openstack-ceilometer-central
+ tags: common
+ ignore_errors: True
+ register: ceilometer_agent_central_enabled
- name: "PreUpgrade step0,validation: Check service openstack-ceilometer-central is running"
shell: /usr/bin/systemctl show 'openstack-ceilometer-central' --property ActiveState | grep '\bactive\b'
+ when: ceilometer_agent_central_enabled.rc == 0
tags: step0,validation
- name: Stop ceilometer_agent_central service
- tags: step2
+ tags: step1
+ when: ceilometer_agent_central_enabled.rc == 0
service: name=openstack-ceilometer-central state=stopped
diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml
index 00042914..546bcd98 100644
--- a/puppet/services/ceilometer-agent-compute.yaml
+++ b/puppet/services/ceilometer-agent-compute.yaml
@@ -46,12 +46,20 @@ outputs:
map_merge:
- get_attr: [CeilometerServiceBase, role_data, config_settings]
- ceilometer::agent::compute::instance_discovery_method: {get_param: InstanceDiscoveryMethod}
+ compute_namespace: true
step_config: |
- include ::tripleo::profile::base::ceilometer::agent::compute
+ include ::tripleo::profile::base::ceilometer::agent::polling
upgrade_tasks:
+ - name: Check if ceilometer_agent_compute is deployed
+ command: systemctl is-enabled openstack-ceilometer-compute
+ tags: common
+ ignore_errors: True
+ register: ceilometer_agent_compute_enabled
- name: "PreUpgrade step0,validation: Check service openstack-ceilometer-compute is running"
shell: /usr/bin/systemctl show 'openstack-ceilometer-compute' --property ActiveState | grep '\bactive\b'
+ when: ceilometer_agent_compute_enabled.rc == 0
tags: step0,validation
- name: Stop ceilometer_agent_compute service
- tags: step2
+ tags: step1
+ when: ceilometer_agent_compute_enabled.rc == 0
service: name=openstack-ceilometer-compute state=stopped
diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml
index 760acd65..4ee43f49 100644
--- a/puppet/services/ceilometer-agent-notification.yaml
+++ b/puppet/services/ceilometer-agent-notification.yaml
@@ -50,9 +50,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::ceilometer::agent::notification
upgrade_tasks:
+ - name: Check if ceilometer_agent_notification is deployed
+ command: systemctl is-enabled openstack-ceilometer-notification
+ tags: common
+ ignore_errors: True
+ register: ceilometer_agent_notification_enabled
- name: "PreUpgrade step0,validation: Check service openstack-ceilometer-notification is running"
shell: /usr/bin/systemctl show 'openstack-ceilometer-notification' --property ActiveState | grep '\bactive\b'
+ when: ceilometer_agent_notification_enabled.rc == 0
tags: step0,validation
- name: Stop ceilometer_agent_notification service
- tags: step2
+ tags: step1
+ when: ceilometer_agent_notification_enabled.rc == 0
service: name=openstack-ceilometer-notification state=stopped
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 741f8da1..f5ee9d40 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -94,5 +94,5 @@ outputs:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Stop ceilometer_api service (running under httpd)
- tags: step2
+ tags: step1
service: name=httpd state=stopped
diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml
index a219f9eb..b0ec971f 100644
--- a/puppet/services/ceilometer-collector.yaml
+++ b/puppet/services/ceilometer-collector.yaml
@@ -60,9 +60,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::ceilometer::collector
upgrade_tasks:
+ - name: Check if ceilometer_collector is deployed
+ command: systemctl is-enabled openstack-ceilometer-collector
+ tags: common
+ ignore_errors: True
+ register: ceilometer_collector_enabled
- name: "PreUpgrade step0,validation: Check service openstack-ceilometer-collector is running"
shell: /usr/bin/systemctl show 'openstack-ceilometer-collector' --property ActiveState | grep '\bactive\b'
+ when: ceilometer_collector_enabled.rc == 0
tags: step0,validation
- name: Stop ceilometer_collector service
- tags: step2
+ tags: step1
+ when: ceilometer_collector_enabled.rc == 0
service: name=openstack-ceilometer-collector state=stopped
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 1ce58335..d589ef89 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -59,6 +59,14 @@ parameters:
}
default: {}
type: json
+ CephValidationRetries:
+ type: number
+ default: 5
+ description: Number of retry attempts for Ceph validation
+ CephValidationDelay:
+ type: number
+ default: 10
+ description: Interval (in seconds) in between validation checks
MonitoringSubscriptionCephMon:
default: 'overcloud-ceph-mon'
type: string
@@ -119,21 +127,32 @@ outputs:
# rolling upgrade of all osd nodes in step1
- name: Check status
tags: step0,validation
- shell: ceph health | grep -qv HEALTH_ERR
- # FIXME(shardy) I suspect we can use heat or ansible facts here instead?
- - name: Get hostname
+ shell: ceph health | egrep -sq "HEALTH_OK|HEALTH_WARN"
+ - name: Stop CephMon
tags: step0
- shell: hostname -s
- register: mon_id
- - name: Stop Ceph Mon
+ service:
+ name: ceph-mon@{{ ansible_hostname }}
+ state: stopped
+ - name: Update Ceph packages
tags: step0
- service: name=ceph-mon@{{mon_id.stdout}} pattern=ceph-mon state=stopped
- - name: Update ceph packages
+ yum:
+ name: ceph-mon
+ state: latest
+ - name: Start CephMon
tags: step0
- yum: name=ceph-mon state=latest
- - name: Start ceph-mon service
- tags: step0
- service: name=ceph-mon@{{mon_id.stdout}} state=started
+ service:
+ name: ceph-mon@{{ ansible_hostname }}
+ state: started
+ # ceph-ansible
+ # https://github.com/ceph/ceph-ansible/blob/master/infrastructure-playbooks/rolling_update.yml#L149-L157
+ - name: Wait for the monitor to join the quorum...
+ tags: step0,ceph_quorum_validation
+ shell: |
+ ceph -s | grep monmap | sed 's/.*quorum//' | egrep -sq {{ ansible_hostname }}
+ register: ceph_quorum_nodecheck
+ until: ceph_quorum_nodecheck.rc == 0
+ retries: {get_param: CephValidationRetries}
+ delay: {get_param: CephValidationDelay}
- name: ceph osd crush tunables default
tags: step0
shell: ceph osd crush tunables default
diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml
index 9bd83aab..a97fa116 100644
--- a/puppet/services/ceph-osd.yaml
+++ b/puppet/services/ceph-osd.yaml
@@ -21,6 +21,24 @@ parameters:
MonitoringSubscriptionCephOsd:
default: 'overcloud-ceph-osd'
type: string
+ CephValidationRetries:
+ type: number
+ default: 40
+ description: Number of retry attempts for Ceph validation
+ CephValidationDelay:
+ type: number
+ default: 30
+ description: Interval (in seconds) in between validation checks
+ IgnoreCephUpgradeWarnings:
+ type: boolean
+ default: false
+ description: If enabled, Ceph upgrade will be forced even though cluster or PGs status is not clean
+
+parameter_groups:
+- label: deprecated
+ description: Do not use deprecated params, they will be removed.
+ parameters:
+ - IgnoreCephUpgradeWarnings
resources:
CephBase:
@@ -66,17 +84,37 @@ outputs:
- name: ceph osd set noscrub
tags: step1
command: ceph osd set noscrub
- - name: Stop Ceph OSD
+ - name: Stop CephOSD
tags: step1
- service: name=ceph-osd@{{ item }} state=stopped
+ service:
+ name: ceph-osd@{{ item }}
+ state: stopped
with_items: "{{osd_ids.stdout.strip().split()}}"
- - name: Update ceph OSD packages
+ - name: Update Ceph packages
tags: step1
- yum: name=ceph-osd state=latest
- - name: Start ceph-osd service
+ yum:
+ name: ceph-osd
+ state: latest
+ - name: Start CephOSD
tags: step1
- service: name=ceph-osd@{{ item }} state=started
+ service:
+ name: ceph-osd@{{ item }}
+ state: started
with_items: "{{osd_ids.stdout.strip().split()}}"
+ # with awk we are meant to check if $2 and $4 are *the same* but it returns 1 when
+ # they are, so the check is inverted to produce an useful exit code
+ - name: Wait for clean pgs...
+ tags: step1,ceph_pgs_clean_validation
+ vars:
+ ignore_warnings: {get_param: IgnoreCephUpgradeWarnings}
+ shell: |
+ ceph pg stat | awk '{exit($2!=$4)}' && ceph health | egrep -sq "HEALTH_OK|HEALTH_WARN"
+ register: ceph_pgs_healthcheck
+ until: ceph_pgs_healthcheck.rc == 0
+ retries: {get_param: CephValidationRetries}
+ delay: {get_param: CephValidationDelay}
+ when:
+ - not ignore_warnings
- name: ceph osd unset noout
tags: step1
command: ceph osd unset noout
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index d7014e54..01531971 100644
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -79,12 +79,21 @@ outputs:
ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}
upgrade_tasks:
- name: Gather RGW instance ID
- tags: step0
+ tags: common
shell: hiera -c /etc/puppet/hiera.yaml ceph::profile::params::rgw_name radosgw.gateway
register: rgw_id
+ - name: Check if ceph_rgw is deployed
+ command: systemctl is-enabled ceph-radosgw@{{rgw_id.stdout}}
+ tags: common
+ ignore_errors: True
+ register: ceph_rgw_enabled
- name: Check status
shell: /usr/bin/systemctl show ceph-radosgw@{{rgw_id.stdout}} --property ActiveState | grep '\bactive\b'
+ when: ceph_rgw_enabled.rc == 0
tags: step0,validation
- name: Stop RGW instance
tags: step1
- service: name=ceph-radosgw@{{rgw_id.stdout}} state=stopped
+ when: ceph_rgw_enabled.rc == 0
+ service:
+ name: ceph-radosgw@{{rgw_id.stdout}}
+ state: stopped
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 8c5a07ac..c0ea7aaa 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -86,7 +86,8 @@ outputs:
cinder::keystone::authtoken::project_name: 'service'
cinder::api::enable_proxy_headers_parsing: true
- cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL'
+ cinder::api::nova_catalog_info: 'compute:nova:internalURL'
+ cinder::api::nova_catalog_admin_info: 'compute:nova:adminURL'
# TODO(emilien) move it to puppet-cinder
cinder::config:
DEFAULT/swift_catalog_info:
@@ -149,18 +150,25 @@ outputs:
metadata_settings:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
+ - name: Check if cinder_api is deployed
+ command: systemctl is-enabled openstack-cinder-api
+ tags: common
+ ignore_errors: True
+ register: cinder_api_enabled
- name: "PreUpgrade step0,validation: Check service openstack-cinder-api is running"
shell: /usr/bin/systemctl show 'openstack-cinder-api' --property ActiveState | grep '\bactive\b'
+ when: cinder_api_enabled.rc == 0
tags: step0,validation
- name: check for cinder running under apache (post upgrade)
- tags: step2
+ tags: step1
shell: "apachectl -t -D DUMP_VHOSTS | grep -q cinder"
register: cinder_apache
ignore_errors: true
- name: Stop cinder_api service (running under httpd)
- tags: step2
+ tags: step1
service: name=httpd state=stopped
when: "cinder_apache.rc == 0"
- name: Stop and disable cinder_api service (pre-upgrade not under httpd)
- tags: step2
+ tags: step1
+ when: cinder_api_enabled.rc == 0
service: name=openstack-cinder-api state=stopped enabled=no
diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml
index f102810e..f8361f6f 100644
--- a/puppet/services/cinder-scheduler.yaml
+++ b/puppet/services/cinder-scheduler.yaml
@@ -52,9 +52,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::cinder::scheduler
upgrade_tasks:
+ - name: Check if cinder_scheduler is deployed
+ command: systemctl is-enabled openstack-cinder-scheduler
+ tags: common
+ ignore_errors: True
+ register: cinder_scheduler_enabled
- name: "PreUpgrade step0,validation: Check service openstack-cinder-scheduler is running"
shell: /usr/bin/systemctl show 'openstack-cinder-scheduler' --property ActiveState | grep '\bactive\b'
+ when: cinder_scheduler_enabled.rc == 0
tags: step0,validation
- name: Stop cinder_scheduler service
- tags: step2
+ tags: step1
+ when: cinder_scheduler_enabled.rc == 0
service: name=openstack-cinder-scheduler state=stopped
diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml
index 3a06afb8..b52955ef 100644
--- a/puppet/services/cinder-volume.yaml
+++ b/puppet/services/cinder-volume.yaml
@@ -116,9 +116,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::cinder::volume
upgrade_tasks:
+ - name: Check if cinder_volume is deployed
+ command: systemctl is-enabled openstack-cinder-volume
+ tags: common
+ ignore_errors: True
+ register: cinder_volume_enabled
- name: "PreUpgrade step0,validation: Check service openstack-cinder-volume is running"
shell: /usr/bin/systemctl show 'openstack-cinder-volume' --property ActiveState | grep '\bactive\b'
+ when: cinder_volume_enabled.rc == 0
tags: step0,validation
- name: Stop cinder_volume service
- tags: step2
+ tags: step1
+ when: cinder_volume_enabled.rc == 0
service: name=openstack-cinder-volume state=stopped
diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml
index 6855a838..8bc9f2e3 100644
--- a/puppet/services/congress.yaml
+++ b/puppet/services/congress.yaml
@@ -65,9 +65,6 @@ outputs:
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/congress'
- '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
- congress::keystone::auth::tenant: 'service'
- congress::keystone::auth::password: {get_param: CongressPassword}
- congress::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
congress::debug: {get_param: Debug}
congress::rpc_backend: rabbit
congress::rabbit_userid: {get_param: RabbitUserName}
@@ -76,6 +73,10 @@ outputs:
congress::rabbit_port: {get_param: RabbitClientPort}
congress::server::bind_host: {get_param: [ServiceNetMap, CongressApiNetwork]}
+ congress::keystone::authtoken::project_name: 'service'
+ congress::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ congress::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+
congress::db::mysql::password: {get_param: CongressPassword}
congress::db::mysql::user: congress
congress::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
@@ -84,14 +85,32 @@ outputs:
- '%'
- {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ service_config_settings:
+ keystone:
+ congress::keystone::auth::tenant: 'service'
+ congress::keystone::auth::password: {get_param: CongressPassword}
+ congress::keystone::auth::public_url: {get_param: [EndpointMap, CongressPublic, uri]}
+ congress::keystone::auth::internal_url: {get_param: [EndpointMap, CongressInternal, uri]}
+ congress::keystone::auth::admin_url: {get_param: [EndpointMap, CongressAdmin, uri]}
step_config: |
include ::tripleo::profile::base::congress
upgrade_tasks:
+ - name: Check if congress is deployed
+ command: systemctl is-enabled openstack-congress-server
+ tags: common
+ ignore_errors: True
+ register: congress_enabled
- name: "PreUpgrade step0,validation: Check service openstack-congress-server is running"
shell: /usr/bin/systemctl show 'openstack-congress-server' --property ActiveState | grep '\bactive\b'
+ when: congress_enabled.rc == 0
tags: step0,validation
- name: Stop congress service
- tags: step2
+ tags: step1
+ when: congress_enabled.rc == 0
service: name=openstack-congress-server state=stopped
+ - name: Install openstack-congress package if it was disabled
+ tags: step3
+ yum: name=openstack-congress state=latest
+ when: congress_enabled.rc != 0
diff --git a/puppet/services/database/mysql-client.yaml b/puppet/services/database/mysql-client.yaml
index 1415391c..78456e28 100644
--- a/puppet/services/database/mysql-client.yaml
+++ b/puppet/services/database/mysql-client.yaml
@@ -18,6 +18,9 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
outputs:
role_data:
@@ -25,6 +28,7 @@ outputs:
value:
service_name: mysql_client
config_settings:
- tripleo::profile::base:database::mysql::client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]}
+ tripleo::profile::base::database::mysql::client::mysql_client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]}
+ tripleo::profile::base::database::mysql::client::enable_ssl: {get_param: EnableInternalTLS}
step_config: |
include ::tripleo::profile::base::database::mysql::client
diff --git a/puppet/services/disabled/glance-registry.yaml b/puppet/services/disabled/glance-registry.yaml
index 4d22bddc..7bf4a1fd 100644
--- a/puppet/services/disabled/glance-registry.yaml
+++ b/puppet/services/disabled/glance-registry.yaml
@@ -26,5 +26,5 @@ outputs:
service_name: glance_registry
upgrade_tasks:
- name: Stop and disable glance_registry service on upgrade
- tags: step2
+ tags: step1
service: name=openstack-glance-registry state=stopped enabled=no
diff --git a/puppet/services/ec2-api.yaml b/puppet/services/ec2-api.yaml
index bb10140e..10f6d311 100644
--- a/puppet/services/ec2-api.yaml
+++ b/puppet/services/ec2-api.yaml
@@ -72,13 +72,13 @@ outputs:
ec2api::api::ec2api_listen:
str_replace:
template:
- '"%{::fqdn_$NETWORK}"'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, Ec2ApiNetwork]}
ec2api::metadata::metadata_listen:
str_replace:
template:
- '"%{::fqdn_$NETWORK}"'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, Ec2ApiMetadataNetwork]}
ec2api::db::database_connection:
@@ -115,3 +115,24 @@ outputs:
ec2api::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ upgrade_tasks:
+ - name: Check if ec2-api is deployed
+ command: systemctl is-enabled openstack-ec2-api
+ tags: common
+ ignore_errors: True
+ register: ec2_api_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-ec2-api is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-ec2-api' --property ActiveState |
+ grep '\bactive\b'
+ when: ec2_api_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop openstack-ec2-api service
+ tags: step1
+ when: ec2_api_enabled.rc == 0
+ service: name=openstack-ec2-api state=stopped
+ - name: Install openstack-ec2-api package if it was disabled
+ tags: step3
+ yum: name=openstack-ec2-api state=latest
+ when: ec2_api_enabled.rc != 0
+
diff --git a/puppet/services/etcd.yaml b/puppet/services/etcd.yaml
index f96fa723..7cdd8451 100644
--- a/puppet/services/etcd.yaml
+++ b/puppet/services/etcd.yaml
@@ -36,7 +36,7 @@ outputs:
etcd::etcd_name:
str_replace:
template:
- '"%{::fqdn_$NETWORK}"'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
@@ -56,3 +56,18 @@ outputs:
- 2380
step_config: |
include ::tripleo::profile::base::etcd
+ upgrade_tasks:
+ - name: Check if etcd is deployed
+ command: systemctl is-enabled etcd
+ tags: step0,validation
+ ignore_errors: True
+ register: etcd_enabled
+ - name: "PreUpgrade step0,validation: Check if etcd is running"
+ shell: >
+ /usr/bin/systemctl show 'etcd' --property ActiveState |
+ grep '\bactive\b'
+ when: etcd_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop etcd service
+ tags: step2
+ service: name=etcd state=stopped
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index d26d96aa..ce389dc1 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -137,12 +137,26 @@ outputs:
service_config_settings:
get_attr: [GlanceBase, role_data, service_config_settings]
upgrade_tasks:
+ - name: Check if glance_api is deployed
+ command: systemctl is-enabled openstack-glance-api
+ tags: common
+ ignore_errors: True
+ register: glance_api_enabled
+ #(TODO) Remove all glance-registry bits in Pike.
+ - name: Check if glance_registry is deployed
+ command: systemctl is-enabled openstack-glance-registry
+ tags: common
+ ignore_errors: True
+ register: glance_registry_enabled
- name: "PreUpgrade step0,validation: Check service openstack-glance-api is running"
shell: /usr/bin/systemctl show 'openstack-glance-api' --property ActiveState | grep '\bactive\b'
tags: step0,validation
+ when: glance_api_enabled.rc == 0
- name: Stop glance_api service
- tags: step2
+ tags: step1
+ when: glance_api_enabled.rc == 0
service: name=openstack-glance-api state=stopped
- name: Stop and disable glance registry (removed for Ocata)
- tags: step2
+ tags: step1
+ when: glance_registry_enabled.rc == 0
service: name=openstack-glance-registry state=stopped enabled=no
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index 22c0967e..08a939a6 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -129,5 +129,5 @@ outputs:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Stop gnocchi_api service (running under httpd)
- tags: step2
+ tags: step1
service: name=httpd state=stopped
diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml
index 1337b0cb..9d76c2e7 100644
--- a/puppet/services/gnocchi-metricd.yaml
+++ b/puppet/services/gnocchi-metricd.yaml
@@ -47,9 +47,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::gnocchi::metricd
upgrade_tasks:
+ - name: Check if gnocchi_metricd is deployed
+ command: systemctl is-enabled openstack-gnocchi-metricd
+ tags: common
+ ignore_errors: True
+ register: gnocchi_metricd_enabled
- name: "PreUpgrade step0,validation: Check service openstack-gnocchi-metricd is running"
shell: /usr/bin/systemctl show 'openstack-gnocchi-metricd' --property ActiveState | grep '\bactive\b'
+ when: gnocchi_metricd_enabled.rc == 0
tags: step0,validation
- name: Stop gnocchi_metricd service
- tags: step2
+ tags: step1
+ when: gnocchi_metricd_enabled.rc == 0
service: name=openstack-gnocchi-metricd state=stopped
diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml
index 41222a79..bb8d3bce 100644
--- a/puppet/services/gnocchi-statsd.yaml
+++ b/puppet/services/gnocchi-statsd.yaml
@@ -46,9 +46,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::gnocchi::statsd
upgrade_tasks:
+ - name: Check if gnocchi_statsd is deployed
+ command: systemctl is-enabled openstack-gnocchi-statsd
+ tags: common
+ ignore_errors: True
+ register: gnocchi_statsd_enabled
- name: "PreUpgrade step0,validation: Check service openstack-gnocchi-statsd is running"
shell: /usr/bin/systemctl show 'openstack-gnocchi-statsd' --property ActiveState | grep '\bactive\b'
+ when: gnocchi_statsd_enabled.rc == 0
tags: step0,validation
- name: Stop gnocchi_statsd service
- tags: step2
+ tags: step1
+ when: gnocchi_statsd_enabled.rc == 0
service: name=openstack-gnocchi-statsd state=stopped
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 358698dd..bd5b9ef6 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -78,14 +78,22 @@ outputs:
step_config: |
include ::tripleo::profile::base::haproxy
upgrade_tasks:
+ - name: Check if haproxy is deployed
+ command: systemctl is-enabled haproxy
+ tags: common
+ ignore_errors: True
+ register: haproxy_enabled
- name: "PreUpgrade step0,validation: Check service haproxy is running"
shell: /usr/bin/systemctl show 'haproxy' --property ActiveState | grep '\bactive\b'
+ when: haproxy_enabled.rc == 0
tags: step0,validation
- name: Stop haproxy service
- tags: step1
+ tags: step2
+ when: haproxy_enabled.rc == 0
service: name=haproxy state=stopped
- name: Start haproxy service
tags: step4 # Needed at step 4 for mysql
+ when: haproxy_enabled.rc == 0
service: name=haproxy state=started
metadata_settings:
yaql:
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index 3ae4cc70..483f0a45 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -85,9 +85,16 @@ outputs:
heat::keystone::auth_cfn::password: {get_param: HeatPassword}
heat::keystone::auth_cfn::region: {get_param: KeystoneRegion}
upgrade_tasks:
+ - name: Check if heat_api_cfn is deployed
+ command: systemctl is-enabled openstack-heat-api-cfn
+ tags: common
+ ignore_errors: True
+ register: heat_api_cfn_enabled
- name: "PreUpgrade step0,validation: Check service openstack-heat-api-cfn is running"
shell: /usr/bin/systemctl show 'openstack-heat-api-cfn' --property ActiveState | grep '\bactive\b'
+ when: heat_api_cfn_enabled.rc == 0
tags: step0,validation
- name: Stop heat_api_cfn service
- tags: step2
+ tags: step1
+ when: heat_api_cfn_enabled.rc == 0
service: name=openstack-heat-api-cfn state=stopped
diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml
index 56183535..8879bcb2 100644
--- a/puppet/services/heat-api-cloudwatch.yaml
+++ b/puppet/services/heat-api-cloudwatch.yaml
@@ -67,9 +67,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::heat::api_cloudwatch
upgrade_tasks:
+ - name: Check if heat_api_cloudwatch is deployed
+ command: systemctl is-enabled openstack-heat-api-cloudwatch
+ tags: common
+ ignore_errors: True
+ register: heat_api_cloudwatch_enabled
- name: "PreUpgrade step0,validation: Check service openstack-heat-api-cloudwatch is running"
shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b'
+ when: heat_api_cloudwatch_enabled.rc == 0
tags: step0,validation
- name: Stop heat_api_cloudwatch service
- tags: step2
+ tags: step1
+ when: heat_api_cloudwatch_enabled.rc == 0
service: name=openstack-heat-api-cloudwatch state=stopped
diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml
index 38c5b479..2464011b 100644
--- a/puppet/services/heat-api.yaml
+++ b/puppet/services/heat-api.yaml
@@ -85,9 +85,16 @@ outputs:
heat::keystone::auth::password: {get_param: HeatPassword}
heat::keystone::auth::region: {get_param: KeystoneRegion}
upgrade_tasks:
+ - name: Check is heat_api is deployed
+ command: systemctl is-enabled openstack-heat-api
+ tags: common
+ ignore_errors: True
+ register: heat_api_enabled
- name: "PreUpgrade step0,validation: Check service openstack-heat-api is running"
shell: /usr/bin/systemctl show 'openstack-heat-api' --property ActiveState | grep '\bactive\b'
+ when: heat_api_enabled.rc == 0
tags: step0,validation
- name: Stop heat_api service
- tags: step2
+ tags: step1
+ when: heat_api_enabled.rc == 0
service: name=openstack-heat-api state=stopped
diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml
index b4d314f4..e83a9edd 100644
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@@ -99,6 +99,10 @@ parameters:
description: >
Cron to purge db entries marked as deleted and older than $age - Log destination
default: '/dev/null'
+ HeatMaxJsonBodySize:
+ default: 1048576
+ description: Maximum raw byte size of the Heat API JSON request body.
+ type: number
outputs:
role_data:
@@ -142,6 +146,7 @@ outputs:
heat::cron::purge_deleted::age: {get_param: HeatCronPurgeDeletedAge}
heat::cron::purge_deleted::age_type: {get_param: HeatCronPurgeDeletedAgeType}
heat::cron::purge_deleted::destination: {get_param: HeatCronPurgeDeletedDestination}
+ heat::max_json_body_size: {get_param: HeatMaxJsonBodySize}
service_config_settings:
keystone:
tripleo::profile::base::keystone::heat_admin_domain: 'heat_stack'
diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml
index 7787d0a7..a166f3a7 100644
--- a/puppet/services/heat-engine.yaml
+++ b/puppet/services/heat-engine.yaml
@@ -137,9 +137,16 @@ outputs:
# This is needed because the keystone profile handles creating the domain
tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword}
upgrade_tasks:
+ - name: Check if heat_engine is deployed
+ command: systemctl is-enabled openstack-heat-engine
+ tags: common
+ ignore_errors: True
+ register: heat_engine_enabled
- name: "PreUpgrade step0,validation: Check service openstack-heat-engine is running"
shell: /usr/bin/systemctl show 'openstack-heat-engine' --property ActiveState | grep '\bactive\b'
+ when: heat_engine_enabled.rc == 0
tags: step0,validation
- name: Stop heat_engine service
- tags: step2
+ tags: step1
+ when: heat_engine_enabled.rc == 0
service: name=openstack-heat-engine state=stopped
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index 2111021b..60b009a8 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -96,3 +96,20 @@ outputs:
- horizon::django_debug: {get_param: Debug}
step_config: |
include ::tripleo::profile::base::horizon
+ # Ansible tasks to handle upgrade
+ upgrade_tasks:
+ - name: Check if httpd is deployed
+ command: systemctl is-enabled httpd
+ tags: common
+ ignore_errors: True
+ register: httpd_enabled
+ - name: "PreUpgrade step0,validation: Check if httpd is running"
+ shell: >
+ /usr/bin/systemctl show 'httpd' --property ActiveState |
+ grep '\bactive\b'
+ when: httpd_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop Horizon (under httpd)
+ tags: step1
+ when: httpd_enabled.rc == 0
+ service: name=httpd state=stopped
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
index a84df538..7aab6f8d 100644
--- a/puppet/services/ironic-api.yaml
+++ b/puppet/services/ironic-api.yaml
@@ -88,5 +88,5 @@ outputs:
- "%{hiera('mysql_bind_host')}"
upgrade_tasks:
- name: Stop ironic_api service
- tags: step2
+ tags: step1
service: name=openstack-ironic-api state=stopped
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
index 739db13c..f9547bef 100644
--- a/puppet/services/ironic-conductor.yaml
+++ b/puppet/services/ironic-conductor.yaml
@@ -109,5 +109,5 @@ outputs:
include ::tripleo::profile::base::ironic::conductor
upgrade_tasks:
- name: Stop ironic_conductor service
- tags: step2
+ tags: step1
service: name=openstack-ironic-conductor state=stopped
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index 9c4cc60f..f40c8d99 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -226,6 +226,7 @@ outputs:
keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
keystone::endpoint::region: {get_param: KeystoneRegion}
+ keystone::endpoint::version: ''
keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
keystone::rabbit_heartbeat_timeout_threshold: 60
keystone::cron::token_flush::maxdelay: 3600
@@ -307,7 +308,7 @@ outputs:
# Ansible tasks to handle upgrade
upgrade_tasks:
- name: Stop keystone service (running under httpd)
- tags: step2
+ tags: step1
service: name=httpd state=stopped
metadata_settings:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
diff --git a/puppet/services/logging/fluentd-client.yaml b/puppet/services/logging/fluentd-client.yaml
index 94c63d33..57595b82 100644
--- a/puppet/services/logging/fluentd-client.yaml
+++ b/puppet/services/logging/fluentd-client.yaml
@@ -63,11 +63,22 @@ outputs:
step_config: |
include ::tripleo::profile::base::logging::fluentd
upgrade_tasks:
+ - name: Check if fluentd_client is deployed
+ command: systemctl is-enabled fluentd
+ tags: common
+ ignore_errors: True
+ register: fluentd_client_enabled
- name: Check status of fluentd service
shell: >
/usr/bin/systemctl show fluentd --property ActiveState |
grep '\bactive\b'
+ when: fluentd_client_enabled.rc == 0
tags: step0,validation
- name: Stop fluentd service
- tags: step2
+ tags: step1
+ when: fluentd_client_enabled.rc == 0
service: name=fluentd state=stopped
+ - name: Install fluentd package if it was disabled
+ tags: step3
+ yum: name=fluentd state=latest
+ when: fluentd_client_enabled.rc != 0
diff --git a/puppet/services/metrics/collectd.yaml b/puppet/services/metrics/collectd.yaml
index a3e3b842..49b2d4c2 100644
--- a/puppet/services/metrics/collectd.yaml
+++ b/puppet/services/metrics/collectd.yaml
@@ -110,11 +110,22 @@ outputs:
step_config: |
include ::tripleo::profile::base::metrics::collectd
upgrade_tasks:
+ - name: Check if collectd is deployed
+ command: systemctl is-enabled collectd
+ tags: common
+ ignore_errors: True
+ register: collectd_enabled
- name: Check status of collectd service
shell: >
/usr/bin/systemctl show collectd --property ActiveState |
grep '\bactive\b'
+ when: collectd_enabled.rc == 0
tags: step0,validation
- name: Stop collectd service
- tags: step2
+ tags: step1
+ when: collectd_enabled.rc == 0
service: name=collectd state=stopped
+ - name: Install collectd package if it was disabled
+ tags: step3
+ yum: name=collectd state=latest
+ when: collectd_enabled.rc != 0
diff --git a/puppet/services/mistral-api.yaml b/puppet/services/mistral-api.yaml
index daa1dc7c..1c7d6bd3 100644
--- a/puppet/services/mistral-api.yaml
+++ b/puppet/services/mistral-api.yaml
@@ -50,3 +50,22 @@ outputs:
get_attr: [MistralBase, role_data, service_config_settings]
step_config: |
include ::tripleo::profile::base::mistral::api
+ upgrade_tasks:
+ - name: Check if mistral api is deployed
+ command: systemctl is-enabled openstack-mistral-api
+ tags: common
+ ignore_errors: True
+ register: mistral_api_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-mistral-api is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-mistral-api' --property ActiveState |
+ grep '\bactive\b'
+ when: mistral_api_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop mistral_api service
+ tags: step1
+ service: name=openstack-mistral-api state=stopped
+ - name: Install openstack-mistral-api package if it was disabled
+ tags: step3
+ yum: name=openstack-mistral-api state=latest
+ when: mistral_api_enabled.rc != 0
diff --git a/puppet/services/mistral-engine.yaml b/puppet/services/mistral-engine.yaml
index 4a92b863..03a2a55c 100644
--- a/puppet/services/mistral-engine.yaml
+++ b/puppet/services/mistral-engine.yaml
@@ -36,3 +36,22 @@ outputs:
get_attr: [MistralBase, role_data, config_settings]
step_config: |
include ::tripleo::profile::base::mistral::engine
+ upgrade_tasks:
+ - name: Check if mistral engine is deployed
+ command: systemctl is-enabled openstack-mistral-engine
+ tags: common
+ ignore_errors: True
+ register: mistral_engine_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-mistral-engine is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-mistral-engine' --property ActiveState |
+ grep '\bactive\b'
+ when: mistral_engine_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop mistral_engine service
+ tags: step1
+ service: name=openstack-mistral-engine state=stopped
+ - name: Install openstack-mistral-engine package if it was disabled
+ tags: step3
+ yum: name=openstack-mistral-engine state=latest
+ when: mistral_engine_enabled.rc != 0
diff --git a/puppet/services/mistral-executor.yaml b/puppet/services/mistral-executor.yaml
index 6e273b92..0f6adb07 100644
--- a/puppet/services/mistral-executor.yaml
+++ b/puppet/services/mistral-executor.yaml
@@ -36,3 +36,22 @@ outputs:
get_attr: [MistralBase, role_data, config_settings]
step_config: |
include ::tripleo::profile::base::mistral::executor
+ upgrade_tasks:
+ - name: Check if mistral executor is deployed
+ command: systemctl is-enabled openstack-mistral-executor
+ tags: common
+ ignore_errors: True
+ register: mistral_executor_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-mistral-executor is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-mistral-executor' --property ActiveState |
+ grep '\bactive\b'
+ when: mistral_executor_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop mistral_executor service
+ tags: step1
+ service: name=openstack-mistral-executor state=stopped
+ - name: Install openstack-mistral-executor package if it was disabled
+ tags: step3
+ yum: name=openstack-mistral-executor state=latest
+ when: mistral_executor_enabled.rc != 0
diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml
index d74a68a2..aba2b1ed 100644
--- a/puppet/services/monitoring/sensu-client.yaml
+++ b/puppet/services/monitoring/sensu-client.yaml
@@ -63,11 +63,22 @@ outputs:
step_config: |
include ::tripleo::profile::base::monitoring::sensu
upgrade_tasks:
+ - name: Check if sensu_client is deployed
+ command: systemctl is-enabled sensu-client
+ tags: common
+ ignore_errors: True
+ register: sensu_client_enabled
- name: Check status of sensu-client service
shell: >
/usr/bin/systemctl show sensu-client --property ActiveState |
grep '\bactive\b'
+ when: sensu_client_enabled.rc == 0
tags: step0,validation
- name: Stop sensu-client service
- tags: step2
+ tags: step1
+ when: sensu_client_enabled.rc == 0
service: name=sensu-client state=stopped
+ - name: Install sensu package if it was disabled
+ tags: step3
+ yum: name=sensu state=latest
+ when: sensu_client.rc != 0
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 4d671e15..bb191ff0 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -189,9 +189,16 @@ outputs:
- '%'
- "%{hiera('mysql_bind_host')}"
upgrade_tasks:
+ - name: Check if neutron_server is deployed
+ command: systemctl is-enabled neutron-server
+ tags: common
+ ignore_errors: True
+ register: neutron_server_enabled
- name: "PreUpgrade step0,validation: Check service neutron-server is running"
shell: /usr/bin/systemctl show 'neutron-server' --property ActiveState | grep '\bactive\b'
+ when: neutron_server_enabled.rc == 0
tags: step0,validation
- name: Stop neutron_api service
- tags: step2
+ tags: step1
+ when: neutron_server_enabled.rc == 0
service: name=neutron-server state=stopped
diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index 062edaa4..fe7f9f31 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -80,9 +80,16 @@ outputs:
step_config: |
include tripleo::profile::base::neutron::dhcp
upgrade_tasks:
+ - name: Check if neutron_dhcp_agent is deployed
+ command: systemctl is-enabled neutron-dhcp-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_dhcp_agent_enabled
- name: "PreUpgrade step0,validation: Check service neutron-dhcp-agent is running"
shell: /usr/bin/systemctl show 'neutron-dhcp-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_dhcp_agent_enabled.rc == 0
tags: step0,validation
- name: Stop neutron_dhcp service
- tags: step2
+ tags: step1
+ when: neutron_dhcp_agent_enabled.rc == 0
service: name=neutron-dhcp-agent state=stopped
diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml
index 4fa49275..cd9870bd 100644
--- a/puppet/services/neutron-l3.yaml
+++ b/puppet/services/neutron-l3.yaml
@@ -85,9 +85,16 @@ outputs:
step_config: |
include tripleo::profile::base::neutron::l3
upgrade_tasks:
+ - name: Check if neutron_l3_agent is deployed
+ command: systemctl is-enabled neutron-l3-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_l3_agent_enabled
- name: "PreUpgrade step0,validation: Check service neutron-l3-agent is running"
shell: /usr/bin/systemctl show 'neutron-l3-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_l3_agent_enabled.rc == 0
tags: step0,validation
- name: Stop neutron_l3 service
- tags: step2
+ tags: step1
+ when: neutron_l3_agent_enabled.rc == 0
service: name=neutron-l3-agent state=stopped
diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml
index 6f5debdd..32ef567c 100644
--- a/puppet/services/neutron-metadata.yaml
+++ b/puppet/services/neutron-metadata.yaml
@@ -76,9 +76,16 @@ outputs:
step_config: |
include tripleo::profile::base::neutron::metadata
upgrade_tasks:
+ - name: Check if neutron_metadata_agent is deployed
+ command: systemctl is-enabled neutron-metadata-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_metadata_agent_enabled
- name: "PreUpgrade step0,validation: Check service neutron-metadata-agent is running"
shell: /usr/bin/systemctl show 'neutron-metadata-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_metadata_agent_enabled.rc == 0
tags: step0,validation
- name: Stop neutron_metadata service
- tags: step2
+ tags: step1
+ when: neutron_metadata_agent_enabled.rc == 0
service: name=neutron-metadata-agent state=stopped
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index c27bb909..01471ba2 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -121,9 +121,16 @@ outputs:
step_config: |
include ::tripleo::profile::base::neutron::ovs
upgrade_tasks:
+ - name: Check if neutron_ovs_agent is deployed
+ command: systemctl is-enabled neutron-openvswitch-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_ovs_agent_enabled
- name: "PreUpgrade step0,validation: Check service neutron-openvswitch-agent is running"
shell: /usr/bin/systemctl show 'neutron-openvswitch-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_ovs_agent_enabled.rc == 0
tags: step0,validation
- name: Stop neutron_ovs_agent service
- tags: step2
+ tags: step1
+ when: neutron_ovs_agent_enabled.rc == 0
service: name=neutron-openvswitch-agent state=stopped
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index 0adefecd..f27b53f2 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -197,9 +197,6 @@ outputs:
- name: Stop and disable nova_api service (pre-upgrade not under httpd)
tags: step2
service: name=openstack-nova-api state=stopped enabled=no
- - name: update nova api
- tags: step2
- yum: name=openstack-nova-api state=latest
- name: Create puppet manifest to set transport_url in nova.conf
tags: step5
when: is_bootstrap_node
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 9923e833..d208bede 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -152,7 +152,7 @@ outputs:
collectd::plugins::virt::connection: "qemu:///system"
upgrade_tasks:
- name: Stop nova-compute service
- tags: step2
+ tags: step1
service: name=openstack-nova-compute state=stopped
# If not already set by puppet (e.g a pre-ocata version), set the
# upgrade_level for compute to "auto"
diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml
index 7b086536..4574cae8 100644
--- a/puppet/services/nova-conductor.yaml
+++ b/puppet/services/nova-conductor.yaml
@@ -67,15 +67,12 @@ outputs:
include tripleo::profile::base::nova::conductor
upgrade_tasks:
- name: Stop nova_conductor service
- tags: step2
+ tags: step1
service: name=openstack-nova-conductor state=stopped
- - name: update nova conductor
- tags: step2
- yum: name=openstack-nova-conductor state=latest
# If not already set by puppet (e.g a pre-ocata version), set the
# upgrade_level for compute to "auto"
- name: Set compute upgrade level to auto
- tags: step3
+ tags: step1
ini_file:
str_replace:
template: "dest=/etc/nova/nova.conf section=upgrade_levels option=compute value=LEVEL"
diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml
index b5a1312a..82f329bc 100644
--- a/puppet/services/nova-consoleauth.yaml
+++ b/puppet/services/nova-consoleauth.yaml
@@ -50,5 +50,5 @@ outputs:
include tripleo::profile::base::nova::consoleauth
upgrade_tasks:
- name: Stop nova_consoleauth service
- tags: step2
+ tags: step1
service: name=openstack-nova-consoleauth state=stopped
diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml
index 3ae19a67..b59e2fc6 100644
--- a/puppet/services/nova-placement.yaml
+++ b/puppet/services/nova-placement.yaml
@@ -124,7 +124,7 @@ outputs:
- "%{hiera('mysql_bind_host')}"
upgrade_tasks:
- name: Stop nova_placement service (running under httpd)
- tags: step2
+ tags: step1
service: name=httpd state=stopped
# The nova placement API isn't installed in newton images, so install
# it on upgrade
diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml
index 0e0b9d1e..e4b6bb43 100644
--- a/puppet/services/nova-scheduler.yaml
+++ b/puppet/services/nova-scheduler.yaml
@@ -65,8 +65,5 @@ outputs:
include tripleo::profile::base::nova::scheduler
upgrade_tasks:
- name: Stop nova_scheduler service
- tags: step2
+ tags: step1
service: name=openstack-nova-scheduler state=stopped
- - name: update nova scheduler
- tags: step2
- yum: name=openstack-nova-scheduler state=latest
diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml
index f6cf9649..42335ade 100644
--- a/puppet/services/nova-vnc-proxy.yaml
+++ b/puppet/services/nova-vnc-proxy.yaml
@@ -66,5 +66,5 @@ outputs:
include tripleo::profile::base::nova::vncproxy
upgrade_tasks:
- name: Stop nova_vnc_proxy service
- tags: step2
+ tags: step1
service: name=openstack-nova-consoleauth state=stopped
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index 0ed9d206..1e7aa479 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -17,6 +17,10 @@ parameters:
type: string
description: The password for the opendaylight server.
hidden: true
+ OpenDaylightConnectionProtocol:
+ description: L7 protocol used for REST access
+ type: string
+ default: 'http'
OpenDaylightEnableDHCP:
description: Knob to enable/disable ODL DHCP Server
type: boolean
@@ -55,6 +59,7 @@ outputs:
opendaylight::extra_features: {get_param: OpenDaylightFeatures}
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
+ opendaylight::nb_connection_protocol: {get_param: OpenDayLightConnectionProtocol}
tripleo.opendaylight_api.firewall_rules:
'137 opendaylight api':
dport:
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index 9398d6b5..5be58c18 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -136,7 +136,7 @@ outputs:
tags: step0,validation
pacemaker_cluster: state=online check_and_fail=true
- name: Stop pacemaker cluster
- tags: step1
+ tags: step2
pacemaker_cluster: state=offline
- name: Start pacemaker cluster
tags: step4
diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml
index 03c2c83f..b018df35 100644
--- a/puppet/services/pacemaker/rabbitmq.yaml
+++ b/puppet/services/pacemaker/rabbitmq.yaml
@@ -39,3 +39,32 @@ outputs:
- rabbitmq::service_manage: false
step_config: |
include ::tripleo::profile::pacemaker::rabbitmq
+ upgrade_tasks:
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout == ansible_hostname}}
+ - name: get rabbitmq policy
+ tags: common
+ shell: pcs resource show rabbitmq | grep -q -E "Attributes:.*\"ha-mode\":\"all\""
+ register: rabbit_ha_mode
+ when: is_bootstrap_node
+ ignore_errors: true
+ - name: set migrate_rabbit_ha_mode fact
+ tags: common
+ set_fact: migrate_rabbit_ha_mode={{rabbit_ha_mode.rc == 0}}
+ when: is_bootstrap_node
+ - name: Fixup for rabbitmq ha-queues LP#1668600
+ tags: step0,pre-upgrade
+ shell: |
+ nr_controllers=$(($(hiera controller_node_names | grep -o "," |wc -l) + 1))
+ nr_queues=$(($nr_controllers / 2 + ($nr_controllers % 2)))
+ if ! [ $nr_queues -gt 0 -a $nr_queues -le $nr_controllers ]; then
+ echo "ERROR: The nr. of HA queues during the rabbit upgrade is out of range: $nr_queues"
+ exit 1
+ fi
+ pcs resource update rabbitmq set_policy='ha-all ^(?!amq\\.).* {"ha-mode":"exactly","ha-params":'"$nr_queues}" --wait=600
+ when: is_bootstrap_node and migrate_rabbit_ha_mode
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
index 4b74ad45..eed98257 100644
--- a/puppet/services/panko-api.yaml
+++ b/puppet/services/panko-api.yaml
@@ -84,3 +84,22 @@ outputs:
include tripleo::profile::base::panko::api
metadata_settings:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
+ upgrade_tasks:
+ - name: Check if httpd is deployed
+ command: systemctl is-enabled httpd
+ tags: common
+ ignore_errors: True
+ register: httpd_enabled
+ - name: "PreUpgrade step0,validation: Check if httpd is running"
+ shell: >
+ /usr/bin/systemctl show 'httpd' --property ActiveState |
+ grep '\bactive\b'
+ when: httpd_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop panko-api service (running under httpd)
+ tags: step1
+ service: name=httpd state=stopped
+ when: httpd_enabled.rc == 0
+ - name: Install openstack-panko-api package if it was not installed
+ tags: step3
+ yum: name=openstack-panko-api state=latest
diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml
index 8573ea81..96b3d6e3 100644
--- a/puppet/services/sahara-api.yaml
+++ b/puppet/services/sahara-api.yaml
@@ -92,5 +92,5 @@ outputs:
- "%{hiera('mysql_bind_host')}"
upgrade_tasks:
- name: Stop sahara_api service
- tags: step2
+ tags: step1
service: name=openstack-sahara-api state=stopped
diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml
index 176514ec..c0b6b3e6 100644
--- a/puppet/services/sahara-engine.yaml
+++ b/puppet/services/sahara-engine.yaml
@@ -51,5 +51,5 @@ outputs:
include ::tripleo::profile::base::sahara::engine
upgrade_tasks:
- name: Stop sahara_engine service
- tags: step2
+ tags: step1
service: name=openstack-sahara-engine state=stopped
diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml
index fd6ed818..80c29f95 100644
--- a/puppet/services/snmp.yaml
+++ b/puppet/services/snmp.yaml
@@ -45,5 +45,5 @@ outputs:
include ::tripleo::profile::base::snmp
upgrade_tasks:
- name: Stop snmp service
- tags: step2
+ tags: step1
service: name=snmpd state=stopped
diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml
index c941b598..9b0d2de1 100644
--- a/puppet/services/swift-proxy.yaml
+++ b/puppet/services/swift-proxy.yaml
@@ -167,5 +167,5 @@ outputs:
- ResellerAdmin
upgrade_tasks:
- name: Stop swift_proxy service
- tags: step2
+ tags: step1
service: name=openstack-swift-proxy state=stopped
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index 247b23ff..261aadeb 100644
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -103,7 +103,7 @@ outputs:
include ::tripleo::profile::base::swift::storage
upgrade_tasks:
- name: Stop swift storage services
- tags: step2
+ tags: step1
service: name={{ item }} state=stopped
with_items:
- openstack-swift-account-auditor
diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml
index 6ceb9f19..6f92066e 100644
--- a/puppet/services/tacker.yaml
+++ b/puppet/services/tacker.yaml
@@ -66,9 +66,6 @@ outputs:
- '/tacker'
- '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
- tacker::keystone::auth::tenant: 'service'
- tacker::keystone::auth::password: {get_param: TackerPassword}
- tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
tacker::debug: {get_param: Debug}
tacker::rpc_backend: rabbit
tacker::rabbit_userid: {get_param: RabbitUserName}
@@ -77,6 +74,10 @@ outputs:
tacker::rabbit_port: {get_param: RabbitClientPort}
tacker::server::bind_host: {get_param: [ServiceNetMap, TackerApiNetwork]}
+ tacker::keystone::authtoken::project_name: 'service'
+ tacker::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+
tacker::db::mysql::password: {get_param: TackerPassword}
tacker::db::mysql::user: tacker
tacker::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
@@ -85,13 +86,31 @@ outputs:
- '%'
- {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ service_config_settings:
+ keystone:
+ tacker::keystone::auth::tenant: 'service'
+ tacker::keystone::auth::password: {get_param: TackerPassword}
+ tacker::keystone::auth::public_url: {get_param: [EndpointMap, TackerPublic, uri]}
+ tacker::keystone::auth::internal_url: {get_param: [EndpointMap, TackerInternal, uri]}
+ tacker::keystone::auth::admin_url: {get_param: [EndpointMap, TackerAdmin, uri]}
step_config: |
include ::tripleo::profile::base::tacker
upgrade_tasks:
+ - name: Check if tacker is deployed
+ command: systemctl is-enabled openstack-tacker-server
+ tags: common
+ ignore_errors: True
+ register: tacker_enabled
- name: "PreUpgrade step0,validation: Check service openstack-tacker-server is running"
shell: /usr/bin/systemctl show 'openstack-tacker-server' --property ActiveState | grep '\bactive\b'
+ when: tacker_enabled.rc == 0
tags: step0,validation
- name: Stop tacker service
- tags: step2
+ tags: step1
+ when: tacker_enabled.rc == 0
service: name=openstack-tacker-server state=stopped
+ - name: Install openstack-tacker package if it was disabled
+ tags: step3
+ yum: name=openstack-tacker state=latest
+ when: tacker_enabled.rc != 0
diff --git a/puppet/services/vpp.yaml b/puppet/services/vpp.yaml
new file mode 100644
index 00000000..59866d39
--- /dev/null
+++ b/puppet/services/vpp.yaml
@@ -0,0 +1,47 @@
+heat_template_version: ocata
+
+description: >
+ Vpp service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ VppCpuMainCore:
+ default: ''
+ description: VPP main thread core pinning.
+ type: string
+ VppCpuCorelistWorkers:
+ default: ''
+ description: List of cores for VPP worker thread pinning
+ type: string
+ MonitoringSubscriptionVpp:
+ default: 'overcloud-vpp'
+ type: string
+
+outputs:
+ role_data:
+ description: Role data for the Vpp role.
+ value:
+ service_name: vpp
+ monitoring_subscription: {get_param: MonitoringSubscriptionVpp}
+ config_settings:
+ fdio::vpp_cpu_main_core: {get_param: VppCpuMainCore}
+ fdio::vpp_cpu_corelist_workers: {get_param: VppCpuCorelistWorkers}
+ step_config: |
+ include ::tripleo::profile::base::vpp
+ upgrade_tasks:
+ - name: Stop vpp service
+ tags: step2
+ service: name=vpp state=stopped
diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
index cb860fa8..a320f694 100644
--- a/puppet/services/zaqar.yaml
+++ b/puppet/services/zaqar.yaml
@@ -64,3 +64,23 @@ outputs:
step_config: |
include ::tripleo::profile::base::zaqar
+ upgrade_tasks:
+ - name: Check if zaqar is deployed
+ command: systemctl is-enabled openstack-zaqar
+ tags: common
+ ignore_errors: True
+ register: zaqar_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState |
+ grep '\bactive\b'
+ when: zaqar_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop zaqar service
+ tags: step1
+ when: zaqar_enabled.rc == 0
+ service: name=openstack-zaqar state=stopped
+ - name: Install openstack-zaqar package if it was disabled
+ tags: step3
+ yum: name=openstack-zaqar state=latest
+ when: zaqar_enabled.rc != 0
diff --git a/releasenotes/notes/6.0.0-b52a14a71fc62788.yaml b/releasenotes/notes/6.0.0-b52a14a71fc62788.yaml
index f9afb18d..9343d99e 100644
--- a/releasenotes/notes/6.0.0-b52a14a71fc62788.yaml
+++ b/releasenotes/notes/6.0.0-b52a14a71fc62788.yaml
@@ -64,6 +64,8 @@ features:
- Support for Octavia composable services for LBaaS with Neutron.
- Support for Collectd composable services for performance monitoring.
- Support for Tacker composable service for VNF management.
+ - Add the plan-environment.yaml file which will facilitate deployment plan
+ import and export.
upgrade:
- Update OpenDaylight deployment to use networking-odl v2 as a mechanism
driver.
diff --git a/releasenotes/notes/vpp-84d35e51ff62a58c.yaml b/releasenotes/notes/vpp-84d35e51ff62a58c.yaml
new file mode 100644
index 00000000..b78df17d
--- /dev/null
+++ b/releasenotes/notes/vpp-84d35e51ff62a58c.yaml
@@ -0,0 +1,6 @@
+---
+features:
+ - Add the ability to deploy VPP. Vector Packet Processing (VPP) is a high
+ performance packet processing stack that runs in user space in Linux.
+ VPP is used as an alternative to kernel networking stack for
+ accelerated network data path.
diff --git a/roles_data.yaml b/roles_data.yaml
index 9e3b0a18..95b25d98 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -125,6 +125,7 @@
- OS::TripleO::Services::OctaviaHealthManager
- OS::TripleO::Services::OctaviaHousekeeping
- OS::TripleO::Services::OctaviaWorker
+ - OS::TripleO::Services::Vpp
- name: Compute
CountDefault: 1
@@ -154,6 +155,8 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::AuditD
- OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::MySQLClient
- name: BlockStorage
ServicesDefault:
@@ -170,6 +173,7 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::AuditD
- OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::MySQLClient
- name: ObjectStorage
disable_upgrade_deployment: True
@@ -188,6 +192,7 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::AuditD
- OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::MySQLClient
- name: CephStorage
ServicesDefault:
@@ -204,3 +209,4 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::AuditD
- OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::MySQLClient
diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml
index 2759429c..5070ef38 100644
--- a/roles_data_undercloud.yaml
+++ b/roles_data_undercloud.yaml
@@ -26,6 +26,7 @@
- OS::TripleO::Services::MistralExecutor
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::NovaIronic
- OS::TripleO::Services::Zaqar
- OS::TripleO::Services::NeutronServer
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py
index 1d0dba02..32987cb2 100755
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@@ -54,6 +54,21 @@ def validate_endpoint_map(base_map, env_map):
return sorted(base_map.keys()) == sorted(env_map.keys())
+def validate_hci_compute_services_default(env_filename, env_tpl):
+ env_services_list = env_tpl['parameter_defaults']['ComputeServices']
+ env_services_list.remove('OS::TripleO::Services::CephOSD')
+ roles_filename = os.path.join(os.path.dirname(env_filename),
+ '../roles_data.yaml')
+ roles_tpl = yaml.load(open(roles_filename).read())
+ for role in roles_tpl:
+ if role['name'] == 'Compute':
+ roles_services_list = role['ServicesDefault']
+ if sorted(env_services_list) != sorted(roles_services_list):
+ print('ERROR: ComputeServices in %s is different '
+ 'from ServicesDefault in roles_data.yaml' % env_filename)
+ return 1
+ return 0
+
def validate_mysql_connection(settings):
no_op = lambda *args: False
error_status = [0]
@@ -143,6 +158,9 @@ def validate(filename):
filename != './puppet/services/services.yaml'):
retval = validate_service(filename, tpl)
+ if filename.endswith('hyperconverged-ceph.yaml'):
+ retval = validate_hci_compute_services_default(filename, tpl)
+
except Exception:
print(traceback.format_exc())
return 1