diff options
35 files changed, 403 insertions, 163 deletions
diff --git a/environments/neutron-ml2-ovn.yaml b/environments/neutron-ml2-ovn.yaml new file mode 100644 index 00000000..821ad0c2 --- /dev/null +++ b/environments/neutron-ml2-ovn.yaml @@ -0,0 +1,18 @@ +# A Heat environment file which can be used to enable OVN +# extensions, configured via puppet +resource_registry: + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN + OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml + +parameter_defaults: + NeutronMechanismDrivers: ovn + OVNDbHost: '0.0.0.0' + OVNSouthboundServerPort: 6642 + OVNNorthboundServerPort: 6641 + OVNDbConnectionTimeout: 60 + OVNVifType: ovs + OVNNeutronSyncMode: log + OVNQosDriver: ovn-qos + OVNTunnelEncapType: geneve diff --git a/environments/neutron-opencontrail.yaml b/environments/neutron-opencontrail.yaml index f2209ce2..51575b86 100644 --- a/environments/neutron-opencontrail.yaml +++ b/environments/neutron-opencontrail.yaml @@ -13,7 +13,7 @@ resource_registry: parameter_defaults: NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 - NeutronServicePlugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin + NeutronServicePlugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2 NeutronTunnelTypes: '' # required params: diff --git a/environments/neutron-ovs-dvr.yaml b/environments/neutron-ovs-dvr.yaml index f60edb01..b658d3a5 100644 --- a/environments/neutron-ovs-dvr.yaml +++ b/environments/neutron-ovs-dvr.yaml @@ -9,6 +9,13 @@ resource_registry: # connected to a physical network. OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml + # DVR requires a port on the external network for each compute node. + # This will usually match the one currently in use for + # OS::TripleO::Controller::Ports::ExternalPort. + # Please review your network configuration before deploying to ensure that + # this is appropriate. + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml + parameter_defaults: # DVR requires that the L2 population feature is enabled diff --git a/environments/neutron-sriov.yaml b/environments/neutron-sriov.yaml new file mode 100755 index 00000000..9b7e51f9 --- /dev/null +++ b/environments/neutron-sriov.yaml @@ -0,0 +1,22 @@ +## A Heat environment that can be used to deploy SR-IOV +resource_registry: + OS::TripleO::Services::NeutronSriovAgent: ../puppet/services/neutron-sriov-agent.yaml + +parameter_defaults: + NeutronMechanismDrivers: ['openvswitch','sriovnicswitch'] + + # Add PciPassthroughFilter to the scheduler default filters + #NovaSchedulerDefaultFilters: ['RetryFilter','AvailabilityZoneFilter','RamFilter','ComputeFilter','ComputeCapabilitiesFilter','ImagePropertiesFilter','ServerGroupAntiAffinityFilter','ServerGroupAffinityFilter','PciPassthroughFilter'] + #NovaSchedulerAvailableFilters: ["nova.scheduler.filters.all_filters","nova.scheduler.filters.pci_passthrough_filter.PciPassthroughFilter"] + + # Provide the vendorid:productid of the VFs + #NeutronSupportedPCIVendorDevs: ['8086:154c','8086:10ca','8086:1520'] + + #NeutronPhysicalDevMappings: "datacentre:ens20f2" + + # Number of VFs that needs to be configured for a physical interface + #NeutronSriovNumVFs: "ens20f2:5" + + #NovaPCIPassthrough: + # - devname: "ens20f2" + # physical_network: "datacentre" diff --git a/environments/use-dns-for-vips.yaml b/environments/use-dns-for-vips.yaml new file mode 100644 index 00000000..daf07bc7 --- /dev/null +++ b/environments/use-dns-for-vips.yaml @@ -0,0 +1,5 @@ +# A Heat environment file which can be used to disable the writing of the VIPs +# to the /etc/hosts file in the overcloud. Use this in case you have a working +# DNS server that you will provide for the overcloud. +resource_registry: + OS::TripleO::Services::VipHosts: OS::Heat::None diff --git a/extraconfig/tasks/major_upgrade_ceph_mon.sh b/extraconfig/tasks/major_upgrade_ceph_mon.sh index 38befbbf..b76dd7c3 100755 --- a/extraconfig/tasks/major_upgrade_ceph_mon.sh +++ b/extraconfig/tasks/major_upgrade_ceph_mon.sh @@ -17,6 +17,21 @@ if ! [[ "$INSTALLED_VERSION" =~ ^0\.94.* ]]; then exit 0 fi +CEPH_STATUS=$(ceph health | awk '{print $1}') +if [ ${CEPH_STATUS} = HEALTH_ERR ]; do + echo ERROR: Ceph cluster status is HEALTH_ERR, cannot be upgraded + exit 1 +fi + +# Useful when upgrading with OSDs num < replica size +if [ $ignore_ceph_upgrade_warnings != "true" ]; then + timeout 300 bash -c "while [ ${CEPH_STATUS} != HEALTH_OK ]; do + echo WARNING: Waiting for Ceph cluster status to go HEALTH_OK; + sleep 30; + CEPH_STATUS=$(ceph health | awk '{print $1}') + done" +fi + MON_PID=$(pidof ceph-mon) MON_ID=$(hostname -s) @@ -37,8 +52,6 @@ if [[ "$UPDATED_VERSION" =~ ^0\.94.* ]]; then echo WARNING: Ceph was not upgraded, restarting daemons service ceph start mon.${MON_ID} elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then - echo INFO: Ceph was upgraded to Jewel - # RPM could own some of these but we can't take risks on the pre-existing files for d in /var/lib/ceph/mon /var/log/ceph /var/run/ceph /etc/ceph; do chown -R ceph:ceph $d @@ -54,9 +67,11 @@ elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then # Wait for daemon to be back in the quorum timeout 300 bash -c "until (ceph quorum_status | jq .quorum_names | grep -sq ${MON_ID}); do - echo Waiting for mon.${MON_ID} to re-join quorum; + echo WARNING: Waiting for mon.${MON_ID} to re-join quorum; sleep 10; done" + + echo INFO: Ceph was upgraded to Jewel else echo ERROR: Ceph was upgraded to an unknown release, daemon is stopped, need manual intervention exit 1 diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml index c2e14880..598d22d0 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker.yaml +++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml @@ -26,6 +26,10 @@ parameters: constraints: - allowed_values: ['auto', 'yes', 'no'] default: 'auto' + IgnoreCephUpgradeWarnings: + type: boolean + default: false + description: If enabled, Ceph upgrade will be forced even though cluster or PGs status is not clean resources: # TODO(jistr): for Mitaka->Newton upgrades and further we can use @@ -36,7 +40,16 @@ resources: type: OS::Heat::SoftwareConfig properties: group: script - config: {get_file: major_upgrade_ceph_mon.sh} + config: + list_join: + - '' + - - str_replace: + template: | + #!/bin/bash + ignore_ceph_upgrade_warnings='IGNORE_CEPH_UPGRADE_WARNINGS' + params: + IGNORE_CEPH_UPGRADE_WARNINGS: {get_param: IgnoreCephUpgradeWarnings} + - get_file: major_upgrade_ceph_mon.sh CephMonUpgradeDeployment: type: OS::Heat::SoftwareDeploymentGroup diff --git a/net-config-bond.yaml b/net-config-bond.yaml index 0a162e77..ec881bdc 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: > Software Config to drive os-net-config with 2 bonded nics on a bridge. @@ -6,9 +6,15 @@ description: > parameters: BondInterfaceOvsOptions: default: '' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. + description: | + The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ControlPlaneIp: default: '' description: IP address/subnet on the ctlplane network diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index b414747f..9f537c02 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -38,6 +38,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index 5ee9ff09..b4d71fa3 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -38,6 +38,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 19c011eb..b2cfb0a2 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -38,6 +38,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml index 6242e2f8..4c3e59fa 100644 --- a/network/config/bond-with-vlans/controller-no-external.yaml +++ b/network/config/bond-with-vlans/controller-no-external.yaml @@ -38,6 +38,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml index 71b7e1b1..1361d969 100644 --- a/network/config/bond-with-vlans/controller-v6.yaml +++ b/network/config/bond-with-vlans/controller-v6.yaml @@ -40,6 +40,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index 9917f073..677c90c5 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -38,6 +38,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index 4dd6628f..e16d6b6e 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -38,6 +38,11 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + constraints: + - allowed_pattern: "^((?!balance.tcp).)*$" + description: | + The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions. ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml index 4cfff402..5d3f087d 100644 --- a/network/service_net_map.yaml +++ b/network/service_net_map.yaml @@ -33,7 +33,7 @@ parameters: NovaApiNetwork: internal_api NovaMetadataNetwork: internal_api NovaVncProxyNetwork: internal_api - SwiftMgmtNetwork: storage_mgmt + SwiftStorageNetwork: storage_mgmt SwiftProxyNetwork: storage SaharaApiNetwork: internal_api HorizonNetwork: internal_api @@ -61,6 +61,7 @@ parameters: MongoDbNetwork: MongodbNetwork RabbitMqNetwork: RabbitmqNetwork CephPublicNetwork: CephMonNetwork + SwiftMgmtNetwork: SwiftStorageNetwork description: Mapping older deprecated service names, intended for internal use only, this will be removed in future. type: json diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index b0a9c10c..b0723dd7 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -17,7 +17,6 @@ resource_registry: OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml - OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml OS::TripleO::DefaultPasswords: default_passwords.yaml @@ -161,6 +160,7 @@ resource_registry: # things where VMs run OS::TripleO::Services::ComputeNeutronCorePlugin: puppet/services/neutron-plugin-ml2.yaml # Neutron Core Plugin Vendors (these typically override NeutronCorePlugin) + OS::TripleO::Services::NeutronCorePluginML2OVN: puppet/services/neutron-plugin-ml2-ovn.yaml OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml OS::TripleO::Services::NeutronCorePluginOpencontrail: puppet/services/neutron-plugin-opencontrail.yaml @@ -201,6 +201,7 @@ resource_registry: OS::TripleO::Services::GnocchiApi: puppet/services/gnocchi-api.yaml OS::TripleO::Services::GnocchiMetricd: puppet/services/gnocchi-metricd.yaml OS::TripleO::Services::GnocchiStatsd: puppet/services/gnocchi-statsd.yaml + OS::TripleO::Services::VipHosts: puppet/services/vip-hosts.yaml # Services that are disabled by default (use relevant environment files): OS::Tripleo::Services::ManilaApi: OS::Heat::None OS::Tripleo::Services::ManilaScheduler: OS::Heat::None diff --git a/overcloud.yaml b/overcloud.yaml index 6e039178..f2c4b631 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -200,6 +200,7 @@ parameters: - OS::TripleO::Services::TripleoFirewall - OS::TripleO::Services::OpenDaylight - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -226,6 +227,7 @@ parameters: - OS::TripleO::Services::NeutronSriovAgent - OS::TripleO::Services::OpenDaylightOvs - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -252,6 +254,7 @@ parameters: - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the BlockStorage nodes. @@ -279,6 +282,7 @@ parameters: - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the ObjectStorage nodes. @@ -306,6 +310,7 @@ parameters: - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the CephStorage nodes. @@ -440,7 +445,6 @@ resources: properties: CloudDomain: {get_param: CloudDomain} controllerExtraConfig: {get_param: controllerExtraConfig} - RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} Hostname: @@ -657,6 +661,11 @@ resources: allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig properties: + cloud_name_external: {get_param: CloudName} + cloud_name_internal_api: {get_param: CloudNameInternal} + cloud_name_storage: {get_param: CloudNameStorage} + cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement} + cloud_name_management: {get_param: CloudNameManagement} hosts: - list_join: - '\n' @@ -712,6 +721,7 @@ resources: keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} NetVipMap: {get_attr: [VipMap, net_ip_map]} + RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -808,26 +818,6 @@ resources: StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} # No tenant or management VIP required - ControllerSwiftDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ControllerSwiftDeployment - config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ObjectStorageSwiftDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ObjectStorageSwiftDeployment - config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - - SwiftDevicesAndProxyConfig: - type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig - properties: - controller_swift_devices: {get_attr: [Controller, swift_device]} - object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]} - ControllerAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: @@ -965,7 +955,7 @@ resources: # Nested stack deployment runs after all other controller deployments ControllerNodesPostDeployment: type: OS::TripleO::ControllerPostDeployment - depends_on: [ControllerAllNodesDeployment, ControllerSwiftDeployment] + depends_on: [ControllerAllNodesDeployment] properties: servers: {get_attr: [Controller, attributes, nova_server_resource]} RoleData: {get_attr: [ControllerServiceChain, role_data]} @@ -979,7 +969,7 @@ resources: ObjectStorageNodesPostDeployment: type: OS::TripleO::ObjectStoragePostDeployment - depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment] + depends_on: [ObjectStorageAllNodesDeployment] properties: servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} RoleData: {get_attr: [ObjectStorageServiceChain, role_data]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index f499739a..2ef30005 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -2,6 +2,16 @@ heat_template_version: 2016-10-14 description: 'All Nodes Config for Puppet' parameters: + cloud_name_external: + type: string + cloud_name_internal_api: + type: string + cloud_name_storage: + type: string + cloud_name_storage_mgmt: + type: string + cloud_name_management: + type: string hosts: type: comma_delimited_list # FIXME(shardy) this can be comma_delimited_list when @@ -24,6 +34,9 @@ parameters: type: comma_delimited_list NetVipMap: type: json + RedisVirtualIP: + type: string + default: '' ServiceNetMap: type: json DeployIdentifier: @@ -175,6 +188,7 @@ resources: internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]} storage_virtual_ip: {get_param: [NetVipMap, storage]} storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]} + redis_vip: {get_param: RedisVirtualIP} # public_virtual_ip and controller_virtual_ip are needed in # both HAproxy & keepalived. tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]} @@ -184,7 +198,13 @@ resources: tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]} tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]} tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]} + tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP} tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]} + cloud_name_external: {get_param: cloud_name_external} + cloud_name_internal_api: {get_param: cloud_name_internal_api} + cloud_name_storage: {get_param: cloud_name_storage} + cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt} + cloud_name_management: {get_param: cloud_name_management} outputs: config_id: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index fe2a916f..5ba2c298 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -248,7 +248,9 @@ resources: - extraconfig - service_names - service_configs + - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig + - vip_data # provided by allNodesConfig - '"%{::osfamily}"' merge_behavior: deeper datafiles: diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index bc26df75..699a0969 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -244,7 +244,9 @@ resources: - service_names - service_configs - volume + - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig + - vip_data # provided by allNodesConfig - '"%{::osfamily}"' merge_behavior: deeper datafiles: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 0f9e0313..e74d1a54 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -261,7 +261,9 @@ resources: - service_names - service_configs - compute + - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig + - vip_data # provided by allNodesConfig - '"%{::osfamily}"' - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre diff --git a/puppet/controller.yaml b/puppet/controller.yaml index c85546fa..a18d00d7 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -62,13 +62,6 @@ parameters: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - RedisVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - SwiftRawDisks: - default: {} - description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' - type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -300,7 +293,6 @@ resources: bootstack_nodeid: {get_attr: [Controller, name]} enable_load_balancer: {get_param: EnableLoadBalancer} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - redis_vip: {get_param: RedisVirtualIP} # Map heat metadata into hiera datafiles ControllerConfig: @@ -317,7 +309,6 @@ resources: - service_configs - service_names - controller - - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig @@ -355,8 +346,6 @@ resources: # Pacemaker enable_load_balancer: {get_input: enable_load_balancer} - # Redis - redis_vip: {get_input: redis_vip} # Misc tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -471,27 +460,6 @@ outputs: description: Heat resource handle for the Nova compute server value: {get_resource: Controller} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: - list_join: - - ',' - - ['r1z1-IP:%PORT%/d1'] - - repeat: - template: 'r1z1-IP:%PORT%/DEVICE' - for_each: - DEVICE: {get_param: SwiftRawDisks} - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 15f81953..187345ad 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -77,7 +77,7 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/aodh' aodh::debug: {get_param: Debug} - aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri] } + aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } aodh::rabbit_userid: {get_param: RabbitUserName} aodh::rabbit_password: {get_param: RabbitPassword} aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index df23e6e1..974928c5 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -58,28 +58,6 @@ outputs: tripleo.haproxy.firewall_rules: '107 haproxy stats': dport: 1993 - # TODO(emilien) make it composable to find which services are actually running - tripleo::haproxy::keystone_admin: '"%{hiera(\"keystone_enabled\")}"' - tripleo::haproxy::keystone_public: '"%{hiera(\"keystone_enabled\")}"' - tripleo::haproxy::neutron: '"%{hiera(\"neutron_api_enabled\")}"' - tripleo::haproxy::cinder: '"%{hiera(\"cinder_api_enabled\")}"' - tripleo::haproxy::glance_api: '"%{hiera(\"glance_api_enabled\")}"' - tripleo::haproxy::glance_registry: '"%{hiera(\"glance_registry_enabled\")}"' - tripleo::haproxy::nova_osapi: '"%{hiera(\"nova_api_enabled\")}"' - tripleo::haproxy::nova_metadata: '"%{hiera(\"nova_api_enabled\")}"' - tripleo::haproxy::nova_novncproxy: '"%{hiera(\"nova_vncproxy_enabled\")}"' - tripleo::haproxy::mysql: true - tripleo::haproxy::redis: '"%{hiera(\"redis_enabled\")}"' - tripleo::haproxy::sahara: '"%{hiera(\"sahara_api_enabled\")}"' - tripleo::haproxy::swift_proxy_server: '"%{hiera(\"swift_proxy_enabled\")}"' - tripleo::haproxy::ceilometer: '"%{hiera(\"ceilometer_api_enabled\")}"' - tripleo::haproxy::aodh: '"%{hiera(\"aodh_api_enabled\")}"' - tripleo::haproxy::gnocchi: '"%{hiera(\"gnocchi_api_enabled\")}"' - tripleo::haproxy::heat_api: '"%{hiera(\"heat_api_enabled\")}"' - tripleo::haproxy::heat_cloudwatch: '"%{hiera(\"heat_api_cloudwatch_enabled\")}"' - tripleo::haproxy::heat_cfn: '"%{hiera(\"heat_api_cfn_enabled\")}"' - tripleo::haproxy::horizon: '"%{hiera(\"horizon_enabled\")}"' - tripleo::haproxy::ironic: '"%{hiera(\"ironic_api_enabled\")}"' tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index da4ec26b..72ae7d9c 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -19,9 +19,16 @@ parameters: via parameter_defaults in the resource registry. type: json NeutronWorkers: - default: 0 - description: Number of workers for Neutron service. - type: number + default: '' + description: | + Sets the number of API and RPC workers for the Neutron service. The + default value results in the configuration being left unset and a + system-dependent default will be chosen (usually the number of + processors). Please note that this can result in a large number of + processes and memory consumption on systems with a large core count. On + such systems it is recommended that a non-default value be selected that + matches the load requirements. + type: string NeutronPassword: description: The password for the neutron service and db account, used by neutron agents. type: string @@ -86,6 +93,7 @@ outputs: neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} neutron::server::api_workers: {get_param: NeutronWorkers} + neutron::server::rpc_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {get_param: NeutronL3HA} neutron::keystone::authtoken::password: {get_param: NeutronPassword} diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/neutron-compute-plugin-ovn.yaml new file mode 100644 index 00000000..95e05dd4 --- /dev/null +++ b/puppet/services/neutron-compute-plugin-ovn.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron Compute OVN agent + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + DefaultPasswords: + default: {} + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + OVNDbHost: + description: IP address on which the OVN DB servers are listening + type: string + OVNSouthboundServerPort: + description: Port of the Southbound DB Server + type: number + default: 6642 + OVNTunnelEncapType: + description: Tunnel encapsulation type + type: string + default: geneve + + +outputs: + role_data: + description: Role data for the Neutron Compute OVN agent + value: + service_name: neutron_compute_plugin_ovn + config_settings: + tripleo::profile::base::neutron::agents::ovn::ovn_db_host: {get_param: OVNDbHost} + ovn::southbound::port: {get_param: OVNSouthboundServerPort} + ovn::southbound::encap_type: {get_param: OVNTunnelEncapType} + ovn::controller::ovn_encap_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]} + step_config: | + include ::tripleo::profile::base::neutron::agents::ovn diff --git a/puppet/services/neutron-plugin-ml2-ovn.yaml b/puppet/services/neutron-plugin-ml2-ovn.yaml new file mode 100644 index 00000000..e98ed497 --- /dev/null +++ b/puppet/services/neutron-plugin-ml2-ovn.yaml @@ -0,0 +1,79 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron ML2/OVN plugin configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + OVNDbHost: + description: IP address on which the OVN DB servers are listening + type: string + OVNNorthboundServerPort: + description: Port of the OVN Northbound DB server + type: number + default: 6641 + OVNDbConnectionTimeout: + description: Timeout in seconds for the OVSDB connection transaction + type: number + default: 60 + OVNVifType: + description: Type of VIF to be used for ports + type: string + default: ovs + constraints: + - allowed_values: + - ovs + - vhostuser + OVNNeutronSyncMode: + description: The synchronization mode of OVN with Neutron DB + type: string + default: log + constraints: + - allowed_values: + - log + - off + - repair + OVNQosDriver: + description: OVN notification driver for Neutron QOS service plugin + type: string + default: NULL + +resources: + + NeutronMl2Base: + type: ./neutron-plugin-ml2.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Neutron ML2/OVN plugin. + value: + service_name: neutron_plugin_ml2_ovn + config_settings: + map_merge: + - get_attr: [NeutronMl2Base, role_data, config_settings] + - ovn::northbound::port: {get_param: OVNNorthboundServerPort} + tripleo::profile::base::neutron::plugins::ml2::ovn::ovn_db_host: {get_param: OVNDbHost} + neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout} + neutron::plugins::ovn::neutron_sync_mode: {get_param: OVNNeutronSyncMode} + neutron::plugins::ovn::ovn_l3_mode: true + neutron::plugins::ovn::vif_type: {get_param: OVNVifType} + neutron::server::qos_notification_drivers: {get_param: OVNQosDriver} + step_config: | + include ::tripleo::profile::base::neutron::plugins::ml2 diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml index b9a93394..44f7f242 100644 --- a/puppet/services/neutron-sriov-agent.yaml +++ b/puppet/services/neutron-sriov-agent.yaml @@ -14,6 +14,11 @@ parameters: DefaultPasswords: default: {} type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json NeutronPhysicalDevMappings: description: > List of <physical_network>:<physical device> @@ -39,11 +44,15 @@ parameters: Example "eth1:4096","eth2:128" type: comma_delimited_list default: "" - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json + +resources: + + NeutronBase: + type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -51,8 +60,10 @@ outputs: value: service_name: neutron_sriov_agent config_settings: - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} - neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} - tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} + neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} + tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} step_config: | include ::tripleo::profile::base::neutron::sriov diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml index 64dd7663..d2ee036e 100644 --- a/puppet/services/opendaylight-api.yaml +++ b/puppet/services/opendaylight-api.yaml @@ -75,7 +75,6 @@ outputs: opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP} opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpenDaylightApiNetwork]} - tripleo::haproxy::opendaylight: true step_config: | include tripleo::profile::base::neutron::opendaylight include tripleo::profile::base::neutron::plugins::ovs::opendaylight diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index f41228e7..e151d185 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack Swift Ringbuilder @@ -34,6 +34,11 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json + outputs: role_data: @@ -43,6 +48,17 @@ outputs: config_settings: tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild} tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas} + tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-' + tripleo::profile::base::swift::ringbuilder::raw_disks: + yaql: + expression: $.data.raw_disk_lists.flatten() + data: + raw_disk_lists: + - [':%PORT%/d1'] + - repeat: + template: ':%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} swift::ringbuilder::part_power: {get_param: SwiftPartPower} swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours} step_config: | diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 91d52569..7fbb8d90 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -87,6 +87,6 @@ outputs: - healthcheck - account-server swift::storage::disks: {get_param: SwiftRawDisks} - swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} + swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftStorageNetwork]} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/vip-hosts.yaml b/puppet/services/vip-hosts.yaml new file mode 100644 index 00000000..445a276c --- /dev/null +++ b/puppet/services/vip-hosts.yaml @@ -0,0 +1,56 @@ +heat_template_version: 2016-04-08 + +description: > + If the deployer doesn't have a DNS server for the overcloud nodes. This will + populate the node-names and IPs for the VIPs of the overcloud. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: role data for the VIP hosts role + value: + service_name: vip_hosts + config_settings: + tripleo::vip_hosts::hosts_spec: + external: + name: "%{hiera('cloud_name_external')}" + ip: "%{hiera('public_virtual_ip')}" + ensure: present + comment: FQDN of the external VIP + internal_api: + name: "%{hiera('cloud_name_internal_api')}" + ip: "%{hiera('internal_api_virtual_ip')}" + ensure: present + comment: FQDN of the internal api VIP + storage: + name: "%{hiera('cloud_name_storage')}" + ip: "%{hiera('storage_virtual_ip')}" + ensure: present + comment: FQDN of the storage VIP + storage_mgmt: + name: "%{hiera('cloud_name_storage_mgmt')}" + ip: "%{hiera('storage_mgmt_virtual_ip')}" + ensure: present + comment: FQDN of the storage mgmt VIP + management: + name: "%{hiera('cloud_name_management')}" + ip: "%{hiera('controller_virtual_ip')}" + ensure: present + comment: FQDN of the management VIP + step_config: | + include ::tripleo::vip_hosts diff --git a/puppet/swift-devices-and-proxy-config.yaml b/puppet/swift-devices-and-proxy-config.yaml deleted file mode 100644 index afee4dac..00000000 --- a/puppet/swift-devices-and-proxy-config.yaml +++ /dev/null @@ -1,35 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Swift Devices and Proxy Config for Puppet' - -parameters: - controller_swift_devices: - type: comma_delimited_list - object_store_swift_devices: - type: comma_delimited_list - -resources: - - SwiftDevicesAndProxyConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - swift_devices_and_proxy: - mapped_data: - tripleo::profile::base::swift::ringbuilder::devices: - list_join: - - ", " - - - list_join: - - ", " - - {get_param: controller_swift_devices} - - list_join: - - ", " - - {get_param: object_store_swift_devices} - -outputs: - config_id: - description: The ID of the SwiftDevicesAndProxyConfigImpl resource. - value: - {get_resource: SwiftDevicesAndProxyConfigImpl} diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index a5bb1403..c414d8e9 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -91,10 +91,6 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 - SwiftRawDisks: - default: {} - description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' - type: json resources: @@ -237,8 +233,9 @@ resources: - service_names - service_configs - object - - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig + - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig + - vip_data # provided by allNodesConfig - '"%{::osfamily}"' merge_behavior: deeper datafiles: @@ -359,27 +356,6 @@ outputs: description: Heat resource handle for the swift storage server value: {get_resource: SwiftStorage} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: - list_join: - - ',' - - ['r1z1-IP:%PORT%/d1'] - - repeat: - template: 'r1z1-IP:%PORT%/DEVICE' - for_each: - DEVICE: {get_param: SwiftRawDisks} - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} external_ip_address: description: IP address of the server in the external network value: {get_attr: [ExternalPort, ip_address]} |