diff options
72 files changed, 3874 insertions, 324 deletions
diff --git a/all-nodes-config.yaml b/all-nodes-config.yaml index 9687dafc..3f0bd61c 100644 --- a/all-nodes-config.yaml +++ b/all-nodes-config.yaml @@ -16,6 +16,40 @@ parameters: type: comma_delimited_list controller_names: type: comma_delimited_list + rabbit_node_ips: + type: comma_delimited_list + mongo_node_ips: + type: comma_delimited_list + redis_node_ips: + type: comma_delimited_list + memcache_node_ips: + type: comma_delimited_list + mysql_node_ips: + type: comma_delimited_list + horizon_node_ips: + type: comma_delimited_list + heat_api_node_ips: + type: comma_delimited_list + swift_proxy_node_ips: + type: comma_delimited_list + ceilometer_api_node_ips: + type: comma_delimited_list + nova_api_node_ips: + type: comma_delimited_list + nova_metadata_node_ips: + type: comma_delimited_list + glance_api_node_ips: + type: comma_delimited_list + glance_registry_node_ips: + type: comma_delimited_list + cinder_api_node_ips: + type: comma_delimited_list + neutron_api_node_ips: + type: comma_delimited_list + keystone_public_api_node_ips: + type: comma_delimited_list + keystone_admin_api_node_ips: + type: comma_delimited_list resources: diff --git a/ceph-storage.yaml b/ceph-storage.yaml index ecb47f26..138e6ea5 100644 --- a/ceph-storage.yaml +++ b/ceph-storage.yaml @@ -28,6 +28,17 @@ parameters: default: '' description: The list of ip/names to use as Ceph monitors type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: CephStorage: @@ -45,13 +56,26 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + StoragePort: + type: OS::TripleO::CephStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::CephStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig + properties: + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: CephStorage} CephStorageDeployment: @@ -118,3 +142,9 @@ outputs: params: IP: {get_attr: [CephStorage, networks, ctlplane, 0]} HOST: {get_attr: [CephStorage, name]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/cinder-storage.yaml b/cinder-storage.yaml index dfbd520e..9541ed1c 100644 --- a/cinder-storage.yaml +++ b/cinder-storage.yaml @@ -16,6 +16,11 @@ parameters: default: 5000 description: The size of the loopback file used by the cinder LVM driver. type: number + CinderPassword: + default: unset + description: The password for the cinder service and db account, used by cinder-api. + type: string + hidden: true VirtualIP: default: '' type: string @@ -95,6 +100,13 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + resources: BlockStorage: type: OS::Nova::Server @@ -111,13 +123,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::BlockStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::BlockStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: BlockStorage} BlockStorageDeployment: @@ -127,7 +158,7 @@ resources: config: {get_resource: BlockStorageConfig} input_values: controller_virtual_ip: {get_param: VirtualIP} - cinder_dsn: {list_join: ['', ['mysql://cinder:unset@', {get_param: VirtualIP} , '/cinder']]} + cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: VirtualIP} , '/cinder']]} snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} signal_transport: NO_SIGNAL @@ -163,3 +194,12 @@ outputs: params: IP: {get_attr: [BlockStorage, networks, ctlplane, 0]} HOST: {get_attr: [BlockStorage, name]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/compute.yaml b/compute.yaml index 81d275cc..abd59103 100644 --- a/compute.yaml +++ b/compute.yaml @@ -132,7 +132,7 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NeutronPassword: default: unset description: The password for the neutron service account, used by neutron agents. @@ -243,7 +243,17 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: @@ -264,14 +274,33 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::Compute::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Compute::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Compute::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: NovaCompute} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -419,6 +448,15 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [NovaCompute, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} diff --git a/controller.yaml b/controller.yaml index 19570734..33010db1 100644 --- a/controller.yaml +++ b/controller.yaml @@ -11,7 +11,7 @@ parameters: hidden: true AdminToken: default: unset - description: The keystone auth secret. + description: The keystone auth secret and db password. type: string hidden: true CeilometerBackend: @@ -25,7 +25,7 @@ parameters: hidden: true CeilometerPassword: default: unset - description: The password for the ceilometer service account. + description: The password for the ceilometer service and db account. type: string hidden: true CinderEnableIscsiBackend: @@ -46,7 +46,7 @@ parameters: type: number CinderPassword: default: unset - description: The password for the cinder service account, used by cinder-api. + description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true CloudName: @@ -132,7 +132,7 @@ parameters: default: '' GlancePassword: default: unset - description: The password for the glance service account, used by the glance services. + description: The password for the glance service and db account, used by the glance services. type: string hidden: true GlancePort: @@ -152,7 +152,7 @@ parameters: - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset - description: The password for the Heat service account, used by the Heat services. + description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: @@ -278,10 +278,10 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NeutronPassword: default: unset - description: The password for the neutron service account, used by neutron agents. + description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true NeutronPublicInterface: @@ -318,7 +318,7 @@ parameters: type: string NovaPassword: default: unset - description: The password for the nova service account, used by nova-api. + description: The password for the nova service and db account, used by nova-api. type: string hidden: true NtpServer: @@ -359,6 +359,9 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RedisVirtualIP: + type: string + default: '' # Has to be here because of the ignored empty value bug SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -413,7 +416,32 @@ parameters: VirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug - + HeatApiVirtualIP: + type: string + default: '' + GlanceApiVirtualIP: + type: string + default: '' + MysqlVirtualIP: + type: string + default: '' + KeystonePublicApiVirtualIP: + type: string + default: '' + NeutronApiVirtualIP: + type: string + default: '' + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: @@ -432,14 +460,45 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::Controller::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + InternalApiPort: + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Controller::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig + properties: + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: Controller} input_values: bridge_name: br-ex @@ -718,7 +777,9 @@ resources: cinder_dsn: list_join: - '' - - - 'mysql://cinder:unset@' + - - 'mysql://cinder:' + - {get_param: CinderPassword} + - '@' - {get_param: VirtualIP} - '/cinder' glance_port: {get_param: GlancePort} @@ -729,7 +790,9 @@ resources: glance_dsn: list_join: - '' - - - 'mysql://glance:unset@' + - - 'mysql://glance:' + - {get_param: GlancePassword} + - '@' - {get_param: VirtualIP} - '/glance' heat_password: {get_param: HeatPassword} @@ -738,7 +801,9 @@ resources: heat_dsn: list_join: - '' - - - 'mysql://heat:unset@' + - - 'mysql://heat:' + - {get_param: HeatPassword} + - '@' - {get_param: VirtualIP} - '/heat' keystone_ca_certificate: {get_param: KeystoneCACertificate} @@ -749,7 +814,9 @@ resources: keystone_dsn: list_join: - '' - - - 'mysql://keystone:unset@' + - - 'mysql://keystone:' + - {get_param: AdminToken} + - '@' - {get_param: VirtualIP} - '/keystone' mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} @@ -779,7 +846,9 @@ resources: neutron_dsn: list_join: - '' - - - 'mysql://neutron:unset@' + - - 'mysql://neutron:' + - {get_param: NeutronPassword} + - '@' - {get_param: VirtualIP} - '/ovs_neutron?charset=utf8' ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} @@ -787,7 +856,9 @@ resources: ceilometer_dsn: list_join: - '' - - - 'mysql://ceilometer:unset@' + - - 'mysql://ceilometer:' + - {get_param: CeilometerPassword} + - '@' - {get_param: VirtualIP} - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} @@ -796,7 +867,9 @@ resources: nova_dsn: list_join: - '' - - - 'mysql://nova:unset@' + - - 'mysql://nova:' + - {get_param: NovaPassword} + - '@' - {get_param: VirtualIP} - '/nova' rabbit_username: {get_param: RabbitUserName} @@ -916,6 +989,21 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [Controller, networks, ctlplane, 0]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} diff --git a/environments/cinder-netapp-config.yaml b/environments/cinder-netapp-config.yaml new file mode 100644 index 00000000..4dd9eed7 --- /dev/null +++ b/environments/cinder-netapp-config.yaml @@ -0,0 +1,30 @@ +# A Heat environment file which can be used to enable a +# a Cinder NetApp backend. +resource_registry: + OS::TripleO::Controller::CinderBackend: extraconfig/controller/cinder-netapp.yaml + +parameter_defaults: + CinderBackendConfig: + CinderEnableNetappBackend: false + CinderNetappBackendName: 'tripleo_netapp' + CinderNetappLogin: '' + CinderNetappPassword: '' + CinderNetappServerHostname: '' + CinderNetappServerPort: '80' + CinderNetappSizeMultiplier: '1.2' + CinderNetappStorageFamily: 'ontap_cluster' + CinderNetappStorageProtocol: 'nfs' + CinderNetappTransportType: 'http' + CinderNetappVfiler: '' + CinderNetappVolumeList: '' + CinderNetappVserver: '' + CinderNetappPartnerBackendName: '' + CinderNetappNfsShares: '' + CinderNetappNfsSharesConfig: '/etc/cinder/shares.conf' + CinderNetappNfsMountOptions: '' + CinderNetappCopyOffloadToolPath: '' + CinderNetappControllerIps: '' + CinderNetappSaPassword: '' + CinderNetappStoragePools: '' + CinderNetappEseriesHostType: 'linux_dm_mp' + CinderNetappWebservicePath: '/devmgr/v2' diff --git a/environments/net-bond-with-vlans.yaml b/environments/net-bond-with-vlans.yaml new file mode 100644 index 00000000..38c31cac --- /dev/null +++ b/environments/net-bond-with-vlans.yaml @@ -0,0 +1,13 @@ +# This template configures each role to use a pair of bonded nics (nic2 and +# nic3) and configures an IP address on each relevant isolated network +# for each role. This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/bond-with-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml diff --git a/environments/net-single-nic-with-vlans.yaml b/environments/net-single-nic-with-vlans.yaml new file mode 100644 index 00000000..b087b3e4 --- /dev/null +++ b/environments/net-single-nic-with-vlans.yaml @@ -0,0 +1,13 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml new file mode 100644 index 00000000..5eb2b2da --- /dev/null +++ b/environments/network-isolation.yaml @@ -0,0 +1,35 @@ +# Enable the creation of Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +resource_registry: + OS::TripleO::Network::External: ../network/external.yaml + OS::TripleO::Network::InternalApi: ../network/internal_api.yaml + OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml + OS::TripleO::Network::Storage: ../network/storage.yaml + OS::TripleO::Network::Tenant: ../network/tenant.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml diff --git a/environments/overcloud-steps.yaml b/environments/overcloud-steps.yaml new file mode 100644 index 00000000..99f73688 --- /dev/null +++ b/environments/overcloud-steps.yaml @@ -0,0 +1,10 @@ +# Specifies hooks/breakpoints where overcloud deployment should stop +# Allows operator validation between steps, and/or more granular control. +# Note: the wildcards relate to naming convention for some resource suffixes, +# e.g see puppet/*-post-puppet.yaml, enabling this will mean we wait for +# a user signal on every *Deployment_StepN resource defined in those files. +resource_registry: + resources: + "*NodesPostDeployment": + "*Deployment_Step*": + hooks: [pre-create, pre-update] diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index f235cf8f..70e1b3ed 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -2,3 +2,6 @@ # Overcloud controller with Pacemaker. resource_registry: OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml + +parameter_defaults: + RedisVirtualIP: 192.0.2.142 diff --git a/environments/puppet-tenant-vlan.yaml b/environments/puppet-tenant-vlan.yaml new file mode 100644 index 00000000..0df63caf --- /dev/null +++ b/environments/puppet-tenant-vlan.yaml @@ -0,0 +1,4 @@ +parameters: + NeutronNetworkType: vlan + NeutronEnableTunnelling: false + NeutronNetworkVLANRanges: datacentre:1:1000
\ No newline at end of file diff --git a/extraconfig/controller/cinder-netapp.yaml b/extraconfig/controller/cinder-netapp.yaml new file mode 100644 index 00000000..223ceacd --- /dev/null +++ b/extraconfig/controller/cinder-netapp.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + Configure hieradata for Cinder Netapp configuration + +resources: + CinderNetappConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + cinder_netapp_data: + mapped_data: + cinder_enable_netapp_backend: {get_param: CinderEnableNetappBackend} + cinder::backend::netapp::title: {get_param: CinderNetappBackendName} + cinder::backend::netapp::netapp_login: {get_param: CinderNetappLogin} + cinder::backend::netapp::netapp_password: {get_param: CinderNetappPassword} + cinder::backend::netapp::netapp_hostname: {get_param: CinderNetappServerHostname} + cinder::backend::netapp::netapp_server_port: {get_param: CinderNetappServerPort} + cinder::backend::netapp::netapp_size_multiplier: {get_param: CinderNetappSizeMultiplier} + cinder::backend::netapp::netapp_storage_family: {get_param: CinderNetappStorageFamily} + cinder::backend::netapp::netapp_storage_protocol: {get_param: CinderNetappStorageProtocol} + cinder::backend::netapp::netapp_transport_type: {get_param: CinderNetappTransportType} + cinder::backend::netapp::netapp_vfiler: {get_param: CinderNetappVfiler} + cinder::backend::netapp::netapp_volume_list: {get_param: CinderNetappVolumeList} + cinder::backend::netapp::netapp_vserver: {get_param: CinderNetappVserver} + cinder::backend::netapp::netapp_partner_backend_name: {get_param: CinderNetappPartnerBackendName} + cinder::backend::netapp::nfs_shares: {get_param: CinderNetappNfsShares} + cinder::backend::netapp::nfs_shares_config: {get_param: CinderNetappNfsSharesConfig} + cinder::backend::netapp::nfs_mount_options: {get_param: CinderNetappNfsMountOptions} + cinder::backend::netapp::netapp_copyoffload_tool_path: {get_param: CinderNetappCopyOffloadToolPath} + cinder::backend::netapp::netapp_controller_ips: {get_param: CinderNetappControllerIps} + cinder::backend::netapp::netapp_sa_password: {get_param: CinderNetappSaPassword} + cinder::backend::netapp::netapp_storage_pools: {get_param: CinderNetappStoragePools} + cinder::backend::netapp::netapp_eseries_host_type: {get_param: CinderNetappEseriesHostType} + cinder::backend::netapp::netapp_webservice_path: {get_param: CinderNetappWebservicePath} diff --git a/extraconfig/controller/noop.yaml b/extraconfig/controller/noop.yaml new file mode 100644 index 00000000..2eb35763 --- /dev/null +++ b/extraconfig/controller/noop.yaml @@ -0,0 +1,3 @@ +heat_template_version: 2015-04-30 + +description: A stack which doesn't configure anything. diff --git a/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml new file mode 100644 index 00000000..70437a8a --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml @@ -0,0 +1,22 @@ +# Note this can be specified either in the call +# to heat stack-create via an additional -e option +# or via the global environment on the seed in +# /etc/heat/environment.d/default.yaml +parameter_defaults: + rhel_reg_activation_key: "" + rhel_reg_auto_attach: "" + rhel_reg_base_url: "" + rhel_reg_environment: "" + rhel_reg_force: "" + rhel_reg_machine_name: "" + rhel_reg_org: "" + rhel_reg_password: "" + rhel_reg_pool_id: "" + rhel_reg_release: "" + rhel_reg_repos: "" + rhel_reg_sat_url: "" + rhel_reg_server_url: "" + rhel_reg_service_level: "" + rhel_reg_user: "" + rhel_reg_type: "" + rhel_reg_method: "" diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml new file mode 100644 index 00000000..7b48392d --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::NodeExtraConfigPost: rhel-registration.yaml diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml new file mode 100644 index 00000000..cbf8f8b5 --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml @@ -0,0 +1,113 @@ +heat_template_version: 2014-10-16 + +description: > + RHEL Registration and unregistration software deployments. + +# Note extra parameters can be defined, then passed data via the +# environment parameter_defaults, without modifying the parent template +parameters: + servers: + type: json + # To be defined via a local or global environment in parameter_defaults + rhel_reg_activation_key: + type: string + rhel_reg_auto_attach: + type: string + rhel_reg_base_url: + type: string + rhel_reg_environment: + type: string + rhel_reg_force: + type: string + rhel_reg_machine_name: + type: string + rhel_reg_org: + type: string + rhel_reg_password: + type: string + rhel_reg_pool_id: + type: string + rhel_reg_release: + type: string + rhel_reg_repos: + type: string + rhel_reg_sat_url: + type: string + rhel_reg_server_url: + type: string + rhel_reg_service_level: + type: string + rhel_reg_user: + type: string + rhel_reg_type: + type: string + rhel_reg_method: + type: string + +resources: + + RHELRegistration: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: REG_ACTIVATION_KEY + - name: REG_AUTO_ATTACH + - name: REG_BASE_URL + - name: REG_ENVIRONMENT + - name: REG_FORCE + - name: REG_MACHINE_NAME + - name: REG_ORG + - name: REG_PASSWORD + - name: REG_POOL_ID + - name: REG_RELEASE + - name: REG_REPOS + - name: REG_SAT_URL + - name: REG_SERVER_URL + - name: REG_SERVICE_LEVEL + - name: REG_USER + - name: REG_TYPE + - name: REG_METHOD + config: {get_file: scripts/rhel-registration} + + RHELRegistrationDeployment: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: RHELRegistration} + actions: ['CREATE'] # Only do this on CREATE + input_values: + REG_ACTIVATION_KEY: {get_param: rhel_reg_activation_key} + REG_AUTO_ATTACH: {get_param: rhel_reg_auto_attach} + REG_BASE_URL: {get_param: rhel_reg_base_url} + REG_ENVIRONMENT: {get_param: rhel_reg_environment} + REG_FORCE: {get_param: rhel_reg_force} + REG_MACHINE_NAME: {get_param: rhel_reg_machine_name} + REG_ORG: {get_param: rhel_reg_org} + REG_PASSWORD: {get_param: rhel_reg_password} + REG_POOL_ID: {get_param: rhel_reg_pool_id} + REG_RELEASE: {get_param: rhel_reg_release} + REG_REPOS: {get_param: rhel_reg_repos} + REG_SAT_URL: {get_param: rhel_reg_sat_url} + REG_SERVER_URL: {get_param: rhel_reg_server_url} + REG_SERVICE_LEVEL: {get_param: rhel_reg_service_level} + REG_USER: {get_param: rhel_reg_user} + REG_TYPE: {get_param: rhel_reg_type} + REG_METHOD: {get_param: rhel_reg_method} + + RHELUnregistration: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: scripts/rhel-unregistration} + inputs: + - name: REG_METHOD + + RHELUnregistrationDeployment: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: RHELUnregistration} + actions: ['DELETE'] # Only do this on DELETE + input_values: + REG_METHOD: {get_param: rhel_reg_method} diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration new file mode 100644 index 00000000..c2bf1894 --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration @@ -0,0 +1,120 @@ +#!/bin/bash + +# dib-lint: disable=setu sete setpipefail dibdebugtrace + +set -eu +set -o pipefail + +OK=/mnt/state/var/lib/rhsm/rhsm.ok + +if [ -e $OK ] ; then + exit 0 +fi + +opts= +attach_opts= +repos="repos --enable rhel-7-server-rpms" +satellite_repo="rhel-7-server-rh-common-rpms" +if [ -n "${REG_AUTO_ATTACH:-}" ]; then + opts="$opts --auto-attach" + + if [ -n "${REG_SERVICE_LEVEL:-}" ]; then + opts="$opts --servicelevel $REG_SERVICE_LEVEL" + fi + + if [ -n "${REG_RELEASE:-}" ]; then + opts="$opts --release=$REG_RELEASE" + fi +else + if [ -n "${REG_SERVICE_LEVEL:-}" ]; then + echo "WARNING: REG_SERVICE_LEVEL set without REG_AUTO_ATTACH." + fi + + if [ -n "${REG_RELEASE:-}" ]; then + echo "WARNING: REG_RELEASE set without REG_AUTO_ATTACH." + fi + + if [ -n "${REG_POOL_ID:-}" ]; then + attach_opts="$attach_opts --pool=$REG_POOL_ID" + fi +fi + +if [ -n "${REG_BASE_URL:-}" ]; then + opts="$opts --baseurl=$REG_BASE_URL" +fi + +if [ -n "${REG_ENVIRONMENT:-}" ]; then + opts="$opts --env=$REG_ENVIRONMENT" +fi + +if [ -n "${REG_FORCE:-}" ]; then + opts="$opts --force" +fi + +if [ -n "${REG_SERVER_URL:-}" ]; then + opts="$opts --serverurl=$REG_SERVER_URL" +fi + +if [ -n "${REG_ACTIVATION_KEY:-}" ]; then + opts="$opts --activationkey=$REG_ACTIVATION_KEY" + + if [ -z "${REG_ORG:-}" ]; then + echo "WARNING: REG_ACTIVATION_KEY set without REG_ORG." + fi +else + echo "WARNING: Support for registering with a username and password is deprecated." + echo "Please use activation keys instead. See the README for more information." + if [ -n "${REG_PASSWORD:-}" ]; then + opts="$opts --password $REG_PASSWORD" + fi + + if [ -n "${REG_USER:-}" ]; then + opts="$opts --username $REG_USER" + fi +fi + +if [ -n "${REG_MACHINE_NAME:-}" ]; then + opts="$opts --name $REG_MACHINE_NAME" +fi + +if [ -n "${REG_ORG:-}" ]; then + opts="$opts --org=$REG_ORG" +fi + +if [ -n "${REG_REPOS:-}" ]; then + for repo in $(echo $REG_REPOS | tr ',' '\n'); do + repos="$repos --enable $repo" + done +fi + +if [ -n "${REG_TYPE:-}" ]; then + opts="$opts --type=$REG_TYPE" +fi + +case "${REG_METHOD:-}" in + portal) + subscription-manager register $opts + if [ -z "${REG_AUTO_ATTACH:-}" ]; then + subscription-manager attach $attach_opts + fi + subscription-manager $repos + ;; + satellite) + repos="$repos --enable ${satellite_repo}" + rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true + subscription-manager register $opts + subscription-manager $repos + yum install -y katello-agent || true # needed for errata reporting to satellite6 + katello-package-upload + subscription-manager repos --disable ${satellite_repo} + ;; + disable) + echo "Disabling RHEL registration" + ;; + *) + echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD." + exit 0 +esac + +mkdir -p $(dirname $OK) +touch $OK diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration new file mode 100644 index 00000000..1e72e0a6 --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration @@ -0,0 +1,19 @@ +#!/bin/bash + +set -eux +set -o pipefail + +case "${REG_METHOD:-}" in + portal|satellite) + # Allow unregistration to fail. + # We don't want to fail stack deletes if unregistration fails. + subscription-manager unregister || true + subscription-manager clean || true + ;; + disable) + echo "Disabling RHEL unregistration" + ;; + *) + echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD." + exit 0 +esac diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh new file mode 100755 index 00000000..3d4c772b --- /dev/null +++ b/extraconfig/tasks/yum_update.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +# A heat-config-script which runs yum update during a stack-update. +# Inputs: +# deploy_action - yum will only be run if this is UPDATE +# update_identifier - yum will only run for previously unused values of update_identifier +# command - yum sub-command to run, defaults to "update" +# command_arguments - yum command arguments, defaults to "" + +echo "Started yum_update.sh on server $deploy_server_id at `date`" + +if [[ -z "$update_identifier" ]]; then + echo "Not running due to unset update_identifier" + exit 0 +fi + +timestamp_dir=/var/lib/overcloud-yum-update +mkdir -p $timestamp_dir + +# sanitise to remove unusual characters +update_identifier=${update_identifier//[^a-zA-Z0-9-_]/} + +timestamp_file="$timestamp_dir/$update_identifier" +if [[ -a "$timestamp_file" ]]; then + echo "Not running for already-run timestamp \"$update_identifier\"" + exit 0 +fi +touch "$timestamp_file" + +command=${command:-update} +full_command="yum -y $command $command_arguments" +echo "Running: $full_command" + +result=$($full_command) +return_code=$? +echo "$result" +echo "yum return code: $return_code" + +echo "Finished yum_update.sh on server $deploy_server_id at `date`" + +exit $return_code diff --git a/extraconfig/tasks/yum_update.yaml b/extraconfig/tasks/yum_update.yaml new file mode 100644 index 00000000..e918149e --- /dev/null +++ b/extraconfig/tasks/yum_update.yaml @@ -0,0 +1,26 @@ +heat_template_version: 2014-10-16 + +description: > + Software-config for performing package updates using yum + +resources: + + config: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: yum_update.sh} + inputs: + - name: update_identifier + description: yum will only run for previously unused values of update_identifier + default: '' + - name: command + description: yum sub-command to run, defaults to "update" + default: update + - name: command_arguments + description: yum command arguments, defaults to "" + default: '' + +outputs: + OS::stack_id: + value: {get_resource: config}
\ No newline at end of file diff --git a/firstboot/userdata_dev_rsync.yaml b/firstboot/userdata_dev_rsync.yaml new file mode 100644 index 00000000..7dc7bd4d --- /dev/null +++ b/firstboot/userdata_dev_rsync.yaml @@ -0,0 +1,49 @@ +heat_template_version: 2014-10-16 + +description: > + This is first boot configuration for development purposes. It allows + overriding contents of the deployed images via rsync before + configuration (e.g. Puppet) starts, speeding up the feedback loop + between making a change and seeing it applied. + + To prepare the host, put something like this to /etc/rsyncd.conf: + + [overcloudsync] + path = /root/overcloudsync + comment = overcloud pre-puppet customizations + + Then run `rsync --daemon`. + +parameters: + dev_rsync_host: + type: string + default: 192.168.122.1 + description: Host to sync contents from via rsync + dev_rsync_module: + type: string + default: overcloudsync + description: Name of the module defined in rsyncd.conf on rsync_host + +resources: + userdata: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: rsync_config} + subtype: 'x-shellscript' + + rsync_config: + type: OS::Heat::SoftwareConfig + properties: + config: + str_replace: + template: | + #!/bin/bash + rsync -avr rsync://RSYNC_HOST/RSYNC_MODULE / + params: + RSYNC_HOST: {get_param: dev_rsync_host} + RSYNC_MODULE: {get_param: dev_rsync_module} + +outputs: + OS::stack_id: + value: {get_resource: userdata} diff --git a/net-config-bond.yaml b/net-config-bond.yaml index dc4683f1..d74fc0bc 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -3,6 +3,28 @@ heat_template_version: 2015-04-30 description: > Software Config to drive os-net-config with 2 bonded nics on a bridge. +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig @@ -38,7 +60,6 @@ resources: name: nic2 outputs: - config_id: - description: The ID of the OsNetConfigImpl resource. - value: - {get_resource: OsNetConfigImpl} + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml index 61090022..c3416e02 100644 --- a/net-config-bridge.yaml +++ b/net-config-bridge.yaml @@ -3,6 +3,28 @@ heat_template_version: 2015-04-30 description: > Software Config to drive os-net-config for a simple bridge. +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig @@ -31,7 +53,6 @@ resources: primary: true outputs: - config_id: - description: The ID of the OsNetConfigImpl resource. - value: - {get_resource: OsNetConfigImpl} + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/net-config-noop.yaml b/net-config-noop.yaml index 35cfecc4..3d88dd9c 100644 --- a/net-config-noop.yaml +++ b/net-config-noop.yaml @@ -4,6 +4,28 @@ description: > Software Config to no-op for os-net-config. Using this will allow you to use the parameter driven (init-neutron-ovs) configuration instead. +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig @@ -12,7 +34,6 @@ resources: config: outputs: - config_id: - description: The ID of the OsNetConfigImpl resource. - value: - {get_resource: OsNetConfigImpl} + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/README.md b/network/config/bond-with-vlans/README.md new file mode 100644 index 00000000..1679df3c --- /dev/null +++ b/network/config/bond-with-vlans/README.md @@ -0,0 +1,15 @@ +This directory contains Heat templates to help configure +Vlans on a bonded pair of NICs for each Overcloud role. + +Configuration +------------- + +To make use of these templates create a Heat environment that looks +something like this: + + resource\_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: network/config/bond-with-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/bond-with-vlans/ceph-storage.yaml diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml new file mode 100644 index 00000000..3216018c --- /dev/null +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -0,0 +1,95 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the ceph storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: br-storage + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml new file mode 100644 index 00000000..ef871549 --- /dev/null +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -0,0 +1,105 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the cinder storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: br-storage + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml new file mode 100644 index 00000000..25bb91cb --- /dev/null +++ b/network/config/bond-with-vlans/compute.yaml @@ -0,0 +1,105 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the compute role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml new file mode 100644 index 00000000..a28201d1 --- /dev/null +++ b/network/config/bond-with-vlans/controller.yaml @@ -0,0 +1,127 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the controller role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: ExternalNetworkVlanID} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml new file mode 100644 index 00000000..b6cacc7e --- /dev/null +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -0,0 +1,105 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the swift storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: br-storage + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/README.md b/network/config/single-nic-vlans/README.md new file mode 100644 index 00000000..e3e16574 --- /dev/null +++ b/network/config/single-nic-vlans/README.md @@ -0,0 +1,19 @@ +This directory contains Heat templates to help configure +Vlans on a single NICs for each Overcloud role. + +Configuration +------------- + +To make use of these templates create a Heat environment that looks +something like this: + + resource\_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/single-nic-vlans/ceph-storage.yaml + +Or use this Heat environment file: + + environments/net-single-nic-with-vlans.yaml diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml new file mode 100644 index 00000000..4a25f763 --- /dev/null +++ b/network/config/single-nic-vlans/ceph-storage.yaml @@ -0,0 +1,71 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + ceph storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: br-storage + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml new file mode 100644 index 00000000..397b1ecd --- /dev/null +++ b/network/config/single-nic-vlans/cinder-storage.yaml @@ -0,0 +1,81 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + cinder storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: br-storage + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml new file mode 100644 index 00000000..c73aed5e --- /dev/null +++ b/network/config/single-nic-vlans/compute.yaml @@ -0,0 +1,81 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + compute role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml new file mode 100644 index 00000000..ca0cbcad --- /dev/null +++ b/network/config/single-nic-vlans/controller.yaml @@ -0,0 +1,101 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + controller role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml new file mode 100644 index 00000000..f033ced7 --- /dev/null +++ b/network/config/single-nic-vlans/swift-storage.yaml @@ -0,0 +1,81 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + swift storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: br-storage + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/external.yaml b/network/external.yaml index e9aa5b32..e015dd88 100644 --- a/network/external.yaml +++ b/network/external.yaml @@ -33,7 +33,10 @@ parameters: default: external_subnet description: The name of the external subnet in Neutron. type: string - + ExternalAllocationPools: + default: [{'start': '10.0.0.4', 'end': '10.0.0.250'}] + description: Ip allocation pool range for the external network. + type: json resources: ExternalNetwork: @@ -51,6 +54,7 @@ resources: enable_dhcp: {get_param: ExternalNetEnableDHCP} name: {get_param: ExternalSubnetName} network: {get_resource: ExternalNetwork} + allocation_pools: {get_resource: ExternalAllocationPools} outputs: OS::stack_id: diff --git a/network/internal_api.yaml b/network/internal_api.yaml index 5abfb117..c7e822e9 100644 --- a/network/internal_api.yaml +++ b/network/internal_api.yaml @@ -33,6 +33,10 @@ parameters: default: internal_api_subnet description: The name of the internal API subnet in Neutron. type: string + InternalApiAllocationPools: + default: [{'start': '172.16.2.4', 'end': '172.16.2.250'}] + description: Ip allocation pool range for the internal API network. + type: json resources: InternalApiNetwork: @@ -50,6 +54,7 @@ resources: enable_dhcp: {get_param: InternalApiNetEnableDHCP} name: {get_param: InternalApiSubnetName} network: {get_resource: InternalApiNetwork} + allocation_pools: {get_param: InternalApiAllocationPools} outputs: OS::stack_id: diff --git a/network/ports/external.yaml b/network/ports/external.yaml new file mode 100644 index 00000000..b5c1e5c9 --- /dev/null +++ b/network/ports/external.yaml @@ -0,0 +1,41 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the external network. + +parameters: + ExternalNetName: + description: Name of the external neutron network + default: external + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + ExternalPort: + type: OS::Neutron::Port + properties: + network: {get_param: ExternalNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: external network IP + value: {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the external network IP + value: + list_join: + - '' + - - {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [ExternalPort, subnets, 0, cidr, -2]} + - {get_attr: [ExternalPort, subnets, 0, cidr, -1]} diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml new file mode 100644 index 00000000..da1b1856 --- /dev/null +++ b/network/ports/internal_api.yaml @@ -0,0 +1,41 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the internal_api network. + +parameters: + InternalApiNetName: + description: Name of the internal API neutron network + default: internal_api + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + InternalApiPort: + type: OS::Neutron::Port + properties: + network: {get_param: InternalApiNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: internal API network IP + value: {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the internal API network IP + value: + list_join: + - '' + - - {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [InternalApiPort, subnets, 0, cidr, -2]} + - {get_attr: [InternalApiPort, subnets, 0, cidr, -1]} diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml new file mode 100644 index 00000000..54614ead --- /dev/null +++ b/network/ports/net_ip_list_map.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2015-04-30 + +parameters: + ExternalIpList: + default: [] + type: comma_delimited_list + InternalApiIpList: + default: [] + type: comma_delimited_list + StorageIpList: + default: [] + type: comma_delimited_list + StorageMgmtIpList: + default: [] + type: comma_delimited_list + TenantIpList: + default: [] + type: comma_delimited_list + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned lists + of IP addresses. + value: + external: {get_param: ExternalIpList} + internal_api: {get_param: InternalApiIpList} + storage: {get_param: StorageIpList} + storage_mgmt: {get_param: StorageMgmtIpList} + tenant: {get_param: TenantIpList} diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml new file mode 100644 index 00000000..edc4060f --- /dev/null +++ b/network/ports/net_ip_map.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2015-04-30 + +parameters: + ExternalIp: + default: '' + type: string + InternalApiIp: + default: '' + type: string + StorageIp: + default: '' + type: string + StorageMgmtIp: + default: '' + type: string + TenantIp: + default: '' + type: string + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + external: {get_param: ExternalIp} + internal_api: {get_param: InternalApiIp} + storage: {get_param: StorageIp} + storage_mgmt: {get_param: StorageMgmtIp} + tenant: {get_param: TenantIp} diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml new file mode 100644 index 00000000..80eccf6e --- /dev/null +++ b/network/ports/noop.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2015-04-30 + +description: > + Returns the control plane port (provisioning network) as the ip_address. + +parameters: + ControlPlaneIP: + description: IP address on the control plane + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + +outputs: + ip_address: + description: pass thru network IP + value: {get_param: ControlPlaneIP} + ip_subnet: + description: IP/Subnet CIDR for the pass thru network IP + value: + list_join: + - '' + - - {get_param: ControlPlaneIP} + - '/' + - {get_param: ControlPlaneSubnetCidr} diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml new file mode 100644 index 00000000..ecb20b8f --- /dev/null +++ b/network/ports/storage.yaml @@ -0,0 +1,42 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the storage network. + +parameters: + StorageNetName: + description: Name of the storage neutron network + default: storage + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + StoragePort: + type: OS::Neutron::Port + properties: + network: {get_param: StorageNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: storage network IP + value: {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage network IP + value: + list_join: + - '' + - - {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [StoragePort, subnets, 0, cidr, -2]} + - {get_attr: [StoragePort, subnets, 0, cidr, -1]} + diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml new file mode 100644 index 00000000..2ab39f21 --- /dev/null +++ b/network/ports/storage_mgmt.yaml @@ -0,0 +1,41 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the storage_mgmt API network. + +parameters: + StorageMgmtNetName: + description: Name of the storage_mgmt API neutron network + default: storage_mgmt + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + StorageMgmtPort: + type: OS::Neutron::Port + properties: + network: {get_param: StorageMgmtNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: storage_mgmt network IP + value: {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage_mgmt network IP + value: + list_join: + - '' + - - {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -2]} + - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -1]} diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml new file mode 100644 index 00000000..aae12d46 --- /dev/null +++ b/network/ports/tenant.yaml @@ -0,0 +1,41 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the tenant network. + +parameters: + TenantNetName: + description: Name of the tenant neutron network + default: tenant + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + TenantPort: + type: OS::Neutron::Port + properties: + network: {get_param: TenantNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: tenant network IP + value: {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the tenant network IP + value: + list_join: + - '' + - - {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [TenantPort, subnets, 0, cidr, -2]} + - {get_attr: [TenantPort, subnets, 0, cidr, -1]} diff --git a/network/storage.yaml b/network/storage.yaml index 1f60adf4..d403f9e5 100644 --- a/network/storage.yaml +++ b/network/storage.yaml @@ -33,6 +33,10 @@ parameters: default: storage_subnet description: The name of the storage subnet in Neutron. type: string + StorageAllocationPools: + default: [{'start': '172.16.1.4', 'end': '172.16.1.250'}] + description: Ip allocation pool range for the storage network. + type: json resources: StorageNetwork: @@ -50,6 +54,7 @@ resources: enable_dhcp: {get_param: StorageNetEnableDHCP} name: {get_param: StorageSubnetName} network: {get_resource: StorageNetwork} + allocation_pools: {get_param: StorageAllocationPools} outputs: OS::stack_id: diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml index e97d4364..d0c919b5 100644 --- a/network/storage_mgmt.yaml +++ b/network/storage_mgmt.yaml @@ -33,6 +33,10 @@ parameters: default: storage_mgmt_subnet description: The name of the Storage management subnet in Neutron. type: string + StorageMgmtAllocationPools: + default: [{'start': '172.16.3.4', 'end': '172.16.3.250'}] + description: Ip allocation pool range for the storage mgmt network. + type: json resources: StorageMgmtNetwork: @@ -50,6 +54,7 @@ resources: enable_dhcp: {get_param: StorageMgmtNetEnableDHCP} name: {get_param: StorageMgmtSubnetName} network: {get_resource: StorageMgmtNetwork} + allocation_pools: {get_param: StorageMgmtAllocationPools} outputs: OS::stack_id: diff --git a/network/tenant.yaml b/network/tenant.yaml index db7f99f3..055b87b8 100644 --- a/network/tenant.yaml +++ b/network/tenant.yaml @@ -33,6 +33,10 @@ parameters: default: tenant_subnet description: The name of the tenant subnet in Neutron. type: string + TenantAllocationPools: + default: [{'start': '172.16.0.4', 'end': '172.16.0.250'}] + description: Ip allocation pool range for the tenant network. + type: json resources: TenantNetwork: @@ -50,6 +54,7 @@ resources: enable_dhcp: {get_param: TenantNetEnableDHCP} name: {get_param: TenantSubnetName} network: {get_resource: TenantNetwork} + allocation_pools: {get_param: TenantAllocationPools} outputs: OS::stack_id: diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 744e115f..a0773d6d 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -2,7 +2,7 @@ resource_registry: OS::TripleO::BlockStorage: puppet/cinder-storage-puppet.yaml OS::TripleO::BlockStorage::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::Compute: puppet/compute-puppet.yaml - OS::TripleO::Compute::Net::SoftwareConfig: net-config-bridge.yaml + OS::TripleO::Compute::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment OS::TripleO::Controller: puppet/controller-puppet.yaml OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml @@ -23,6 +23,50 @@ resource_registry: OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml OS::TripleO::NodeUserData: firstboot/userdata_default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml + OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml + + # TripleO overcloud networks + OS::TripleO::Network: network/networks.yaml + OS::TripleO::VipConfig: puppet/vip-config.yaml + + + OS::TripleO::Network::External: network/noop.yaml + OS::TripleO::Network::InternalApi: network/noop.yaml + OS::TripleO::Network::StorageMgmt: network/noop.yaml + OS::TripleO::Network::Storage: network/noop.yaml + OS::TripleO::Network::Tenant: network/noop.yaml + + OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml + OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Cinder backend config for the controller role + OS::TripleO::Controller::CinderBackend: extraconfig/controller/noop.yaml parameter_defaults: EnablePackageInstall: false diff --git a/overcloud-resource-registry.yaml b/overcloud-resource-registry.yaml index 69266405..7be199da 100644 --- a/overcloud-resource-registry.yaml +++ b/overcloud-resource-registry.yaml @@ -21,3 +21,43 @@ resource_registry: OS::TripleO::BootstrapNode::SoftwareConfig: bootstrap-config.yaml OS::TripleO::NodeUserData: firstboot/userdata_default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml + OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml + + # TripleO overcloud networks + OS::TripleO::Network: network/networks.yaml + OS::TripleO::VipConfig: vip-config.yaml + + OS::TripleO::Network::External: network/noop.yaml + OS::TripleO::Network::InternalApi: network/noop.yaml + OS::TripleO::Network::StorageMgmt: network/noop.yaml + OS::TripleO::Network::Storage: network/noop.yaml + OS::TripleO::Network::Tenant: network/noop.yaml + + OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml + OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index f01f41a7..79d95be0 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -394,6 +394,9 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string + RedisVirtualIP: + type: string + default: '' # Has to be here because of the ignored empty value bug SSLCertificate: default: '' description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints. @@ -462,7 +465,7 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NovaComputeDriver: type: string default: libvirt.LibvirtDriver @@ -489,6 +492,34 @@ parameters: type: string constraints: - custom_constraint: nova.flavor + ServiceNetMap: + default: + NeutronLocalIp: tenant + CeilometerApiNetwork: internal_api + MongoDbNetwork: internal_api + CinderApiNetwork: internal_api + CinderIscsiNetwork: storage + GlanceApiNetwork: storage + GlanceRegistryNetwork: internal_api + KeystoneAdminApiNetwork: internal_api + KeystonePublicApiNetwork: internal_api + NeutronApiNetwork: internal_api + HeatApiNetwork: internal_api + NovaApiNetwork: internal_api + NovaMetadataNetwork: internal_api + NovaVncProxyNetwork: internal_api + SwiftMgmtNetwork: storage_mgmt + SwiftProxyNetwork: storage + HorizonNetwork: internal_api + MemcachedNetwork: internal_api + RabbitMqNetwork: internal_api + RedisNetwork: internal_api + MysqlNetwork: internal_api + CephClusterNetwork: storage_mgmt + CephPublicNetwork: storage + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json # Block storage specific parameters BlockStorageCount: @@ -530,6 +561,14 @@ parameters: constraints: - custom_constraint: nova.flavor +# Identifiers to trigger tasks on nodes + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + resources: HeatAuthEncryptionKey: @@ -547,6 +586,7 @@ resources: Controller: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: ControllerCount} resource_def: @@ -595,6 +635,7 @@ resources: NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP} NeutronFlatNetworks: {get_param: NeutronFlatNetworks} NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges} NeutronPublicInterface: {get_param: NeutronPublicInterface} NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute} @@ -620,6 +661,7 @@ resources: RabbitClientPort: {get_param: RabbitClientPort} SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} + RedisVirtualIP: {get_param: RedisVirtualIP} SSLCertificate: {get_param: SSLCertificate} SSLKey: {get_param: SSLKey} SSLCACertificate: {get_param: SSLCACertificate} @@ -629,11 +671,19 @@ resources: SwiftPartPower: {get_param: SwiftPartPower} SwiftPassword: {get_param: SwiftPassword} SwiftReplicas: { get_param: SwiftReplicas} - VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} + VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now. + PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now. + ServiceNetMap: {get_param: ServiceNetMap} + HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + UpdateIdentifier: {get_param: UpdateIdentifier} Compute: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: ComputeCount} resource_def: @@ -646,17 +696,17 @@ resources: Debug: {get_param: Debug} ExtraConfig: {get_param: ExtraConfig} Flavor: {get_param: OvercloudComputeFlavor} - GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} GlancePort: {get_param: GlancePort} GlanceProtocol: {get_param: GlanceProtocol} Image: {get_param: NovaImage} ImageUpdatePolicy: {get_param: ImageUpdatePolicy} KeyName: {get_param: KeyName} - KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + KeystoneHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} NeutronBridgeMappings: {get_param: NeutronBridgeMappings} NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} NeutronFlatNetworks: {get_param: NeutronFlatNetworks} - NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} NeutronNetworkType: {get_param: NeutronNetworkType} NeutronTunnelTypes: {get_param: NeutronTunnelTypes} NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges} @@ -671,7 +721,7 @@ resources: # L3 HA and Failover is not relevant for Computes, should be removed NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} - NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} NovaComputeDriver: {get_param: NovaComputeDriver} NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig} NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType} @@ -679,16 +729,19 @@ resources: NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} NovaPassword: {get_param: NovaPassword} NtpServer: {get_param: NtpServer} - RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} RabbitPassword: {get_param: RabbitPassword} RabbitUserName: {get_param: RabbitUserName} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} + ServiceNetMap: {get_param: ServiceNetMap} + UpdateIdentifier: {get_param: UpdateIdentifier} BlockStorage: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: BlockStorageCount} resource_def: @@ -700,6 +753,7 @@ resources: CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} # Purpose of the dedicated BlockStorage nodes should be to use their local LVM CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} + CinderPassword: {get_param: CinderPassword} VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudBlockStorageFlavor} @@ -708,9 +762,11 @@ resources: RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} NtpServer: {get_param: NtpServer} + UpdateIdentifier: {get_param: UpdateIdentifier} ObjectStorage: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: ObjectStorageCount} resource_def: @@ -725,9 +781,12 @@ resources: Image: {get_param: SwiftStorageImage} Replicas: { get_param: SwiftReplicas} NtpServer: {get_param: NtpServer} + UpdateIdentifier: {get_param: UpdateIdentifier} + ServiceNetMap: {get_param: ServiceNetMap} CephStorage: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: CephStorageCount} resource_def: @@ -737,6 +796,17 @@ resources: KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudCephStorageFlavor} NtpServer: {get_param: NtpServer} + ServiceNetMap: {get_param: ServiceNetMap} + UpdateIdentifier: {get_param: UpdateIdentifier} + + ControllerIpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ExternalIpList: {get_attr: [Controller, external_ip_address]} + InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]} + StorageIpList: {get_attr: [Controller, storage_ip_address]} + StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [Controller, tenant_ip_address]} allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig @@ -748,6 +818,23 @@ resources: object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]} ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]} controller_names: {get_attr: [Controller, hostname]} + rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} + redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} + memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} + glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} MysqlRootPassword: type: OS::Heat::RandomString @@ -765,22 +852,91 @@ resources: length: 20 salt: {get_param: RabbitCookieSalt} + # creates the network architecture + Networks: + type: OS::TripleO::Network + ControlVirtualIP: type: OS::Neutron::Port + depends_on: Networks properties: name: control_virtual_ip network_id: {get_param: NeutronControlPlaneID} fixed_ips: {get_param: ControlFixedIPs} replacement_policy: AUTO + # same as external PublicVirtualIP: type: OS::Neutron::Port + depends_on: Networks properties: name: public_virtual_ip network: {get_param: PublicVirtualNetwork} fixed_ips: {get_param: PublicVirtualFixedIPs} replacement_policy: AUTO + InternalApiVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: internal_api_virtual_ip + + StorageVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: storage_virtual_ip + + StorageMgmtVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: storage_management_virtual_ip + + VipMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + ExternalIp: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} + InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} + StorageIp: {get_attr: [StorageVirtualIP, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} + # No tenant VIP required + + VipConfig: + type: OS::TripleO::VipConfig + + VipDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_resource: VipConfig} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + input_values: + # service VIP mappings + keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} + ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + redis_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} + mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + # direct configuration of Virtual IPs for each network + control_virtual_ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + public_virtual_ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} + internal_api_virtual_ip: {get_attr: [InternalApiVirtualIP, ip_address]} + storage_virtual_ip: {get_attr: [StorageVirtualIP, ip_address]} + storage_mgmt_virtual_ip: {get_attr: [StorageMgmtVirtualIP, ip_address]} + ControllerBootstrapNodeConfig: type: OS::TripleO::BootstrapNode::SoftwareConfig properties: @@ -840,7 +996,7 @@ resources: ceph_mon_key: {get_param: CephMonKey} ceph_admin_key: {get_param: CephAdminKey} ceph_mon_names: {get_attr: [Controller, hostname]} - ceph_mon_ips: {get_attr: [Controller, ip_address]} + ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ControllerClusterConfig: type: OS::Heat::StructuredConfig @@ -932,5 +1088,5 @@ outputs: list_join: - '' - - http:// - - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + - {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} - :5000/v2.0/ diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 963835e9..c50d6820 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -16,6 +16,40 @@ parameters: type: comma_delimited_list controller_names: type: comma_delimited_list + rabbit_node_ips: + type: comma_delimited_list + mongo_node_ips: + type: comma_delimited_list + redis_node_ips: + type: comma_delimited_list + memcache_node_ips: + type: comma_delimited_list + mysql_node_ips: + type: comma_delimited_list + horizon_node_ips: + type: comma_delimited_list + heat_api_node_ips: + type: comma_delimited_list + swift_proxy_node_ips: + type: comma_delimited_list + ceilometer_api_node_ips: + type: comma_delimited_list + nova_api_node_ips: + type: comma_delimited_list + nova_metadata_node_ips: + type: comma_delimited_list + glance_api_node_ips: + type: comma_delimited_list + glance_registry_node_ips: + type: comma_delimited_list + cinder_api_node_ips: + type: comma_delimited_list + neutron_api_node_ips: + type: comma_delimited_list + keystone_public_api_node_ips: + type: comma_delimited_list + keystone_admin_api_node_ips: + type: comma_delimited_list resources: @@ -65,19 +99,136 @@ resources: SERVERS_LIST: list_join: - "','" - - {get_param: controller_ips} + - {get_param: rabbit_node_ips} mongo_node_ips: - list_join: - - ',' - - {get_param: controller_ips} + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: mongo_node_ips} redis_node_ips: - list_join: - - ',' - - {get_param: controller_ips} + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: redis_node_ips} memcache_node_ips: - list_join: - - ',' - - {get_param: controller_ips} + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: memcache_node_ips} + mysql_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: mysql_node_ips} + horizon_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: horizon_node_ips} + heat_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: heat_api_node_ips} + swift_proxy_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: swift_proxy_node_ips} + ceilometer_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: ceilometer_api_node_ips} + nova_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: nova_api_node_ips} + nova_metadata_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: nova_metadata_node_ips} + glance_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: glance_api_node_ips} + glance_registry_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: glance_registry_node_ips} + cinder_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: cinder_api_node_ips} + neutron_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: neutron_api_node_ips} + keystone_public_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_public_api_node_ips} + keystone_admin_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_admin_api_node_ips} + # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string ceilometer::rabbit_hosts: *rabbit_nodes_array diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage-puppet.yaml index e3d623fd..1ab381af 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage-puppet.yaml @@ -28,6 +28,17 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: CephStorage: @@ -45,13 +56,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + StoragePort: + type: OS::TripleO::CephStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::CephStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig + properties: + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + + NetIpSubnetMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + StorageIp: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: CephStorage} CephStorageDeployment: @@ -66,6 +96,8 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} + ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} CephStorageConfig: type: OS::Heat::StructuredConfig @@ -75,7 +107,6 @@ resources: hiera: hierarchy: - heat_config_%{::deploy_config_name} - - cephstorage - ceph_cluster # provided by CephClusterConfig - ceph - '"%{::osfamily}"' @@ -85,10 +116,23 @@ resources: raw_data: {get_file: hieradata/common.yaml} ceph: raw_data: {get_file: hieradata/ceph.yaml} - cephstorage: mapped_data: ntp::servers: {get_input: ntp_servers} enable_package_install: {get_input: enable_package_install} + ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} + ceph::profile::params::public_network: {get_input: ceph_public_network} + + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: CephStorage} + input_values: + update_identifier: + get_param: UpdateIdentifier outputs: hosts_entry: @@ -102,3 +146,9 @@ outputs: description: Heat resource handle for the ceph storage server value: {get_resource: CephStorage} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml index e373c928..74df116a 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage-puppet.yaml @@ -16,6 +16,11 @@ parameters: default: 5000 description: The size of the loopback file used by the cinder LVM driver. type: number + CinderPassword: + default: unset + description: The password for the cinder service and db account, used by cinder-api. + type: string + hidden: true Debug: default: '' description: Set to True to enable debugging on all services. @@ -106,6 +111,12 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: BlockStorage: @@ -123,13 +134,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::BlockStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::BlockStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: BlockStorage} BlockStorageDeployment: @@ -139,7 +169,7 @@ resources: config: {get_resource: BlockStorageConfig} input_values: debug: {get_param: Debug} - cinder_dsn: {list_join: ['', ['mysql://cinder:unset@', {get_param: VirtualIP} , '/cinder']]} + cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: VirtualIP} , '/cinder']]} snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} cinder_lvm_loop_device_size: @@ -197,6 +227,18 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: BlockStorage} + input_values: + update_identifier: + get_param: UpdateIdentifier + outputs: hosts_entry: value: @@ -209,3 +251,12 @@ outputs: description: Heat resource handle for the block storage server value: {get_resource: BlockStorage} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml index b9106e60..9e17b890 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute-puppet.yaml @@ -132,7 +132,7 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NeutronPassword: default: unset description: The password for the neutron service account, used by neutron agents. @@ -247,6 +247,17 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: @@ -267,14 +278,40 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::Compute::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Compute::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Compute::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: NovaCompute} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -301,8 +338,6 @@ resources: raw_data: {get_file: hieradata/ceph.yaml} compute: raw_data: {get_file: hieradata/compute.yaml} - oac_data: - nova::compute::vncserver_proxyclient_address: local-ipv4 mapped_data: nova::debug: {get_input: debug} nova::rabbit_userid: {get_input: rabbit_username} @@ -315,6 +350,7 @@ resources: nova::compute::vncproxy_host: {get_input: nova_public_ip} nova_enable_rbd_backend: {get_input: nova_enable_rbd_backend} nova_password: {get_input: nova_password} + nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} ceilometer::debug: {get_input: debug} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} @@ -335,9 +371,10 @@ resources: neutron_flat_networks: {get_input: neutron_flat_networks} neutron_host: {get_input: neutron_host} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} + neutron_tenant_network_type: {get_input: neutron_tenant_network_type} neutron_tunnel_types: {get_input: neutron_tunnel_types} - neutron::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} + neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron_bridge_mappings: {get_input: neutron_bridge_mappings} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} neutron_physical_bridge: {get_input: neutron_physical_bridge} @@ -368,6 +405,7 @@ resources: nova_api_host: {get_param: NovaApiHost} nova_password: {get_param: NovaPassword} nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend} + nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_compute_agent: {get_param: CeilometerComputeAgent} @@ -389,10 +427,17 @@ resources: - {get_param: GlancePort} neutron_flat_networks: {get_param: NeutronFlatNetworks} neutron_host: {get_param: NeutronHost} - neutron_local_ip: {get_attr: [NovaCompute, networks, ctlplane, 0]} + neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]} neutron_tenant_network_type: {get_param: NeutronNetworkType} neutron_tunnel_types: {get_param: NeutronTunnelTypes} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} + neutron_network_vlan_ranges: + str_replace: + template: "['RANGES']" + params: + RANGES: + list_join: + - "','" + - {get_param: NeutronNetworkVLANRanges} neutron_bridge_mappings: {get_param: NeutronBridgeMappings} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} neutron_physical_bridge: {get_param: NeutronPhysicalBridge} @@ -427,10 +472,31 @@ resources: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: NovaCompute} + input_values: + update_identifier: + get_param: UpdateIdentifier + outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [NovaCompute, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index b0046457..97b59883 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -11,7 +11,7 @@ parameters: hidden: true AdminToken: default: unset - description: The keystone auth secret. + description: The keystone auth secret and db password. type: string hidden: true CeilometerBackend: @@ -25,7 +25,7 @@ parameters: hidden: true CeilometerPassword: default: unset - description: The password for the ceilometer service account. + description: The password for the ceilometer service and db account. type: string hidden: true CinderEnableIscsiBackend: @@ -46,9 +46,14 @@ parameters: type: number CinderPassword: default: unset - description: The password for the cinder service account, used by cinder-api. + description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true + CinderBackendConfig: + default: {} + description: Contains parameters to configure Cinder backends. Typically + set via parameter_defaults in the resource registry. + type: json CloudName: default: '' description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -132,7 +137,7 @@ parameters: default: '' GlancePassword: default: unset - description: The password for the glance service account, used by the glance services. + description: The password for the glance service and db account, used by the glance services. type: string hidden: true GlancePort: @@ -152,7 +157,7 @@ parameters: - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset - description: The password for the Heat service account, used by the Heat services. + description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: @@ -239,7 +244,7 @@ parameters: default: 'dvr_snat' description: Agent mode for the neutron-l3-agent on the controller hosts type: string - NeutronL3HA: #FIXME this isn't wired in + NeutronL3HA: default: 'False' description: Whether to enable l3-agent HA type: string @@ -282,10 +287,10 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NeutronPassword: default: unset - description: The password for the neutron service account, used by neutron agents. + description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true NeutronPublicInterface: @@ -322,7 +327,7 @@ parameters: type: string NovaPassword: default: unset - description: The password for the nova service account, used by nova-api. + description: The password for the nova service and db account, used by nova-api. type: string hidden: true NtpServer: @@ -337,7 +342,7 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string - PublicVirtualIP: + PublicVirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug RabbitCookie: @@ -363,6 +368,9 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RedisVirtualIP: + type: string + default: '' # Has to be here because of the ignored empty value bug SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -414,13 +422,39 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. - VirtualIP: + VirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug + HeatApiVirtualIP: + type: string + default: '' + GlanceApiVirtualIP: + type: string + default: '' + MysqlVirtualIP: + type: string + default: '' + KeystonePublicApiVirtualIP: + type: string + default: '' + NeutronApiVirtualIP: + type: string + default: '' EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: @@ -439,14 +473,63 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::Controller::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + InternalApiPort: + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Controller::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + ExternalIp: {get_attr: [ExternalPort, ip_address]} + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + + NetIpSubnetMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + ExternalIp: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]} + StorageIp: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIp: {get_attr: [TenantPort, ip_subnet]} + NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig + properties: + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: Controller} input_values: bridge_name: br-ex @@ -460,26 +543,24 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - controller_host: {get_attr: [Controller, networks, ctlplane, 0]} - controller_virtual_ip: {get_param: VirtualIP} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} heat.watch_server_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: HeatApiVirtualIP} - ':8003' heat.metadata_server_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: HeatApiVirtualIP} - ':8000' heat.waitcondition_server_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: HeatApiVirtualIP} - ':8000/v1/waitcondition' heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} horizon_secret: {get_param: HorizonSecret} @@ -492,33 +573,39 @@ resources: cinder_password: {get_param: CinderPassword} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} + cinder_backend_config: {get_param: CinderBackendConfig} cinder_dsn: list_join: - '' - - - 'mysql://cinder:unset@' - - {get_param: VirtualIP} + - - 'mysql://cinder:' + - {get_param: CinderPassword} + - '@' + - {get_param: MysqlVirtualIP} - '/cinder' glance_port: {get_param: GlancePort} - glance_protocol: {get_param: GlanceProtocol} glance_password: {get_param: GlancePassword} glance_backend: {get_param: GlanceBackend} - glance_swift_store_auth_address: {list_join: ['', ['http://', {get_param: VirtualIP} , ':5000/v2.0']]} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} glance_log_file: {get_param: GlanceLogFile} glance_dsn: list_join: - '' - - - 'mysql://glance:unset@' - - {get_param: VirtualIP} + - - 'mysql://glance:' + - {get_param: GlancePassword} + - '@' + - {get_param: MysqlVirtualIP} - '/glance' heat_password: {get_param: HeatPassword} heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} heat_dsn: list_join: - '' - - - 'mysql://heat:unset@' - - {get_param: VirtualIP} + - - 'mysql://heat:' + - {get_param: HeatPassword} + - '@' + - {get_param: MysqlVirtualIP} - '/heat' + keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]} keystone_ca_certificate: {get_param: KeystoneCACertificate} keystone_signing_key: {get_param: KeystoneSigningKey} keystone_signing_certificate: {get_param: KeystoneSigningCertificate} @@ -527,20 +614,22 @@ resources: keystone_dsn: list_join: - '' - - - 'mysql://keystone:unset@' - - {get_param: VirtualIP} + - - 'mysql://keystone:' + - {get_param: AdminToken} + - '@' + - {get_param: MysqlVirtualIP} - '/keystone' keystone_identity_uri: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: KeystonePublicApiVirtualIP} - ':35357/' keystone_auth_uri: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: KeystonePublicApiVirtualIP} - ':5000/v2.0/' enable_galera: {get_param: EnableGalera} enable_ceph_storage: {get_param: EnableCephStorage} @@ -559,7 +648,14 @@ resources: neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} + neutron_network_vlan_ranges: + str_replace: + template: "['RANGES']" + params: + RANGES: + list_join: + - "','" + - {get_param: NeutronNetworkVLANRanges} neutron_bridge_mappings: {get_param: NeutronBridgeMappings} neutron_public_interface: {get_param: NeutronPublicInterface} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} @@ -572,20 +668,22 @@ resources: neutron_dsn: list_join: - '' - - - 'mysql://neutron:unset@' - - {get_param: VirtualIP} + - - 'mysql://neutron:' + - {get_param: NeutronPassword} + - '@' + - {get_param: MysqlVirtualIP} - '/ovs_neutron?charset=utf8' neutron_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: NeutronApiVirtualIP} - ':9696' neutron_admin_auth_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: KeystonePublicApiVirtualIP} - ':35357/v2.0' ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} @@ -594,7 +692,7 @@ resources: list_join: - '' - - 'mysql://ceilometer:unset@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} @@ -602,8 +700,10 @@ resources: nova_dsn: list_join: - '' - - - 'mysql://nova:unset@' - - {get_param: VirtualIP} + - - 'mysql://nova:' + - {get_param: NovaPassword} + - '@' + - {get_param: MysqlVirtualIP} - '/nova' pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} @@ -618,7 +718,6 @@ resources: server: {get_param: NtpServer} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} - public_virtual_ip: {get_param: PublicVirtualIP} swift_hash_suffix: {get_param: SwiftHashSuffix} swift_password: {get_param: SwiftPassword} swift_part_power: {get_param: SwiftPartPower} @@ -626,6 +725,38 @@ resources: swift_min_part_hours: {get_param: SwiftMinPartHours} swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} + swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + glance_api_servers: + list_join: + - '' + - - {get_param: GlanceProtocol} + - '://' + - {get_param: GlanceApiVirtualIP} + - ':' + - {get_param: GlancePort} + heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} + neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]} + ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} + horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} + redis_vip: {get_param: RedisVirtualIP} + memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} + ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} # Map heat metadata into hiera datafiles ControllerConfig: @@ -643,6 +774,7 @@ resources: - ceph - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig + - vip_data # provided by vip-config - '"%{::osfamily}"' - common datafiles: @@ -650,22 +782,25 @@ resources: raw_data: {get_file: hieradata/common.yaml} ceph: raw_data: {get_file: hieradata/ceph.yaml} + mapped_data: + ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} + ceph::profile::params::public_network: {get_input: ceph_public_network} + ceph::mon::public_addr: {get_input: ceph_public_ip} object: raw_data: {get_file: hieradata/object.yaml} controller: raw_data: {get_file: hieradata/controller.yaml} mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} - controller_host: {get_input: controller_host} #local-ipv4 # Pacemaker hacluster_pwd: {get_input: pcsd_password} # Swift - swift::proxy::proxy_local_net_ip: {get_input: controller_host} + swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri} swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri} - swift::storage::all::storage_local_net_ip: {get_input: controller_host} + swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift::swift_hash_suffix: {get_input: swift_hash_suffix} swift::proxy::authtoken::admin_password: {get_input: swift_password} tripleo::ringbuilder::part_power: {get_input: swift_part_power} @@ -681,41 +816,40 @@ resources: cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size} cinder_iscsi_helper: {get_input: cinder_iscsi_helper} - cinder_iscsi_ip_address: {get_input: controller_host} + cinder_iscsi_ip_address: {get_input: cinder_iscsi_network} cinder::database_connection: {get_input: cinder_dsn} cinder::api::keystone_password: {get_input: cinder_password} cinder::api::auth_uri: {get_input: keystone_auth_uri} cinder::api::identity_uri: {get_input: keystone_identity_uri} - cinder::api::bind_host: {get_input: controller_host} + cinder::api::bind_host: {get_input: cinder_api_network} cinder::rabbit_userid: {get_input: rabbit_username} cinder::rabbit_password: {get_input: rabbit_password} cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} cinder::rabbit_port: {get_input: rabbit_client_port} cinder::debug: {get_input: debug} cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} + cinder::glance::glance_api_servers: {get_input: glance_api_servers} + cinder_backend_config: {get_input: CinderBackendConfig} # Glance glance::api::bind_port: {get_input: glance_port} - glance::api::bind_host: {get_input: controller_host} + glance::api::bind_host: {get_input: glance_api_network} glance::api::auth_uri: {get_input: keystone_auth_uri} glance::api::identity_uri: {get_input: keystone_identity_uri} - glance::api::registry_host: {get_input: controller_host} + glance::api::registry_host: {get_input: glance_registry_network} glance::api::keystone_password: {get_input: glance_password} glance::api::debug: {get_input: debug} - # used to construct glance_api_servers - glance_port: {get_input: glance_port} - glance_protocol: {get_input: glance_protocol} glance_notifier_strategy: {get_input: glance_notifier_strategy} glance_log_file: {get_input: glance_log_file} glance_log_file: {get_input: glance_log_file} glance::api::database_connection: {get_input: glance_dsn} glance::registry::keystone_password: {get_input: glance_password} glance::registry::database_connection: {get_input: glance_dsn} - glance::registry::bind_host: {get_input: controller_host} + glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} - glance::backend::swift::swift_store_auth_address: {get_input: glance_swift_store_auth_address} + glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address} glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} glance_backend: {get_input: glance_backend} @@ -733,9 +867,9 @@ resources: heat::auth_uri: {get_input: keystone_auth_uri} heat::identity_uri: {get_input: keystone_identity_uri} heat::keystone_password: {get_input: heat_password} - heat::api::bind_host: {get_input: controller_host} - heat::api_cloudwatch::bind_host: {get_input: controller_host} - heat::api_cfn::bind_host: {get_input: controller_host} + heat::api::bind_host: {get_input: heat_api_network} + heat::api_cloudwatch::bind_host: {get_input: heat_api_network} + heat::api_cfn::bind_host: {get_input: heat_api_network} heat::database_connection: {get_input: heat_dsn} heat::instance_user: heat-admin heat::debug: {get_input: debug} @@ -748,11 +882,11 @@ resources: keystone_ssl_certificate: {get_input: keystone_ssl_certificate} keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key} keystone::database_connection: {get_input: keystone_dsn} - keystone::public_bind_host: {get_input: controller_host} - keystone::admin_bind_host: {get_input: controller_host} + keystone::public_bind_host: {get_input: keystone_public_api_network} + keystone::admin_bind_host: {get_input: keystone_admin_api_network} keystone::debug: {get_input: debug} # MongoDB - mongodb::server::bind_ip: {get_input: controller_host} + mongodb::server::bind_ip: {get_input: mongo_db_network} # MySQL admin_password: {get_input: admin_password} enable_galera: {get_input: enable_galera} @@ -761,9 +895,10 @@ resources: mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} mysql::server::root_password: {get_input: mysql_root_password} mysql_cluster_name: {get_input: mysql_cluster_name} + mysql_bind_host: {get_input: mysql_network} # Neutron - neutron::bind_host: {get_input: controller_host} + neutron::bind_host: {get_input: neutron_api_network} neutron::rabbit_password: {get_input: rabbit_password} neutron::rabbit_user: {get_input: rabbit_user} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -773,14 +908,14 @@ resources: neutron::server::identity_uri: {get_input: keystone_identity_uri} neutron::server::database_connection: {get_input: neutron_dsn} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} - neutron::agents::ml2::ovs::local_ip: {get_input: controller_host} + neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron_flat_networks: {get_input: neutron_flat_networks} neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret} - neutron::agents::metadata::metadata_ip: {get_input: controller_virtual_ip} + neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_router_distributed: {get_input: neutron_router_distributed} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} - neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover} + neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron_bridge_mappings: {get_input: neutron_bridge_mappings} @@ -794,6 +929,7 @@ resources: neutron::agents::metadata::auth_password: {get_input: neutron_password} neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options} neutron_dsn: {get_input: neutron_dsn} + neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri} # Ceilometer ceilometer_backend: {get_input: ceilometer_backend} @@ -804,11 +940,12 @@ resources: ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} ceilometer::rabbit_port: {get_input: rabbit_client_port} ceilometer::debug: {get_input: debug} - ceilometer::api::host: {get_input: controller_host} + ceilometer::api::host: {get_input: ceilometer_api_network} ceilometer::api::keystone_password: {get_input: ceilometer_password} ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} + ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} @@ -820,10 +957,11 @@ resources: nova::debug: {get_input: debug} nova::api::auth_uri: {get_input: keystone_auth_uri} nova::api::identity_uri: {get_input: keystone_identity_uri} - nova::api::api_bind_address: {get_input: controller_host} - nova::api::metadata_listen: {get_input: controller_host} + nova::api::api_bind_address: {get_input: nova_api_network} + nova::api::metadata_listen: {get_input: nova_metadata_network} nova::api::admin_password: {get_input: nova_password} nova::database_connection: {get_input: nova_dsn} + nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::network::neutron::neutron_admin_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_url} @@ -832,32 +970,56 @@ resources: # Horizon horizon::django_debug: {get_input: debug} horizon::secret_key: {get_input: horizon_secret} - horizon::bind_address: {get_input: controller_host} + horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} # Rabbit - rabbitmq::node_ip_address: {get_input: controller_host} + rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} # Redis - redis::bind: {get_input: controller_host} + redis::bind: {get_input: redis_network} + redis_vip: {get_input: redis_vip} # Misc - memcached::listen_ip: {get_input: controller_host} + memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} control_virtual_interface: {get_input: control_virtual_interface} - controller_virtual_ip: {get_input: controller_virtual_ip} public_virtual_interface: {get_input: public_virtual_interface} - public_virtual_ip: {get_input: public_virtual_ip} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::loadbalancer::controller_virtual_ip: {get_input: controller_virtual_ip} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip} enable_package_install: {get_input: enable_package_install} + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: Controller} + input_values: + update_identifier: + get_param: UpdateIdentifier + outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [Controller, networks, ctlplane, 0]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} @@ -888,11 +1050,11 @@ outputs: str_replace: template: 'r1z1-IP:%PORT%/d1' params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} + IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} swift_proxy_memcache: description: Swift proxy-memcache value value: str_replace: template: "IP:11211" params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} + IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index c15d43ea..40c44aef 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -13,6 +13,16 @@ nova::network::neutron::vif_plugging_is_fatal: false nova::network::neutron::vif_plugging_timeout: 30 nova::network::neutron::dhcp_domain: '' +neutron::plugins::ml2::tunnel_id_ranges: + - '1:1000' +neutron::plugins::ml2::vni_ranges: + - '1:1000' +neutron::plugins::ml2::type_drivers: + - flat + - gre + - vxlan + - vlan + sysctl_settings: net.ipv4.tcp_keepalive_intvl: value: 1 diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index a72c4850..4915d3c8 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -15,6 +15,4 @@ nova::compute::rbd::rbd_keyring: 'client.openstack' nova::compute::rbd::libvirt_images_rbd_pool: 'vms' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" -neutron::plugins::ml2::tunnel_id_ranges: ['1:1000'] - ceilometer::agent::auth::auth_tenant_name: 'service' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 4f46c7fb..4a506239 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -67,8 +67,6 @@ neutron::core_plugin: 'ml2' neutron::service_plugins: - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' neutron::dhcp_agents_per_network: 2 -neutron::plugins::ml2::tunnel_id_ranges: - - '1:1000' neutron::server::sync_db: true neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index caca89a8..00bab7f6 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -68,7 +68,6 @@ include ::neutron class { 'neutron::plugins::ml2': flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - type_drivers => [hiera('neutron_tenant_network_type')], } class { 'neutron::agents::ml2::ovs': diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 27272643..19ed97fb 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -48,8 +48,7 @@ if hiera('step') >= 2 { include ::mongodb::globals include ::mongodb::server - $mongo_node_ips = split(hiera('mongo_node_ips'), ',') - $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') + $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017') $mongo_node_string = join($mongo_node_ips_with_port, ',') $mongodb_replset = hiera('mongodb::server::replset') @@ -62,7 +61,7 @@ if hiera('step') >= 2 { } # Redis - $redis_node_ips = split(hiera('redis_node_ips'), ',') + $redis_node_ips = hiera('redis_node_ips') $redis_master_hostname = downcase(hiera('bootstrap_nodeid')) if $redis_master_hostname == $::hostname { @@ -77,9 +76,7 @@ if hiera('step') >= 2 { if count($redis_node_ips) > 1 { Class['::tripleo::redis_notification'] -> Service['redis-sentinel'] include ::redis::sentinel - class {'::tripleo::redis_notification' : - haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'), - } + include ::tripleo::redis_notification } if str2bool(hiera('enable_galera', 'true')) { @@ -92,7 +89,7 @@ if hiera('step') >= 2 { config_file => $mysql_config_file, override_options => { 'mysqld' => { - 'bind-address' => hiera('controller_host'), + 'bind-address' => hiera('mysql_bind_host'), 'max_connections' => '1024', 'open_files_limit' => '-1', }, @@ -102,7 +99,7 @@ if hiera('step') >= 2 { # FIXME: this should only occur on the bootstrap host (ditto for db syncs) # Create all the database schemas # Example DSN format: mysql://user:password@host/dbname - $allowed_hosts = ['%',hiera('controller_host')] + $allowed_hosts = ['%',hiera('mysql_bind_host')] $keystone_dsn = split(hiera('keystone::database_connection'), '[@:/?]') class { 'keystone::db::mysql': user => $keystone_dsn[3], @@ -254,10 +251,7 @@ if hiera('step') >= 3 { include ::glance::registry include join(['::glance::backend::', $glance_backend]) - class { 'nova': - glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), - } - + include ::nova include ::nova::api include ::nova::cert include ::nova::conductor @@ -268,8 +262,9 @@ if hiera('step') >= 3 { include ::neutron include ::neutron::server - include ::neutron::agents::dhcp include ::neutron::agents::l3 + include ::neutron::agents::dhcp + include ::neutron::agents::metadata file { '/etc/neutron/dnsmasq-neutron.conf': content => hiera('neutron_dnsmasq_options'), @@ -280,18 +275,12 @@ if hiera('step') >= 3 { } class { 'neutron::plugins::ml2': - flat_networks => split(hiera('neutron_flat_networks'), ','), + flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - type_drivers => [hiera('neutron_tenant_network_type')], } - class { 'neutron::agents::ml2::ovs': - bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), - tunnel_types => split(hiera('neutron_tunnel_types'), ','), - } - - class { 'neutron::agents::metadata': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']), + bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), + tunnel_types => split(hiera('neutron_tunnel_types'), ','), } Service['neutron-server'] -> Service['neutron-dhcp-service'] @@ -345,7 +334,23 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend]) + if hiera('cinder_enable_netapp_backend', false) { + $cinder_netapp_backend = hiera('cinder::backend::netapp::title') + + cinder_config { + "${cinder_netapp_backend}/host": value => 'hostgroup'; + } + + if hiera('cinder_netapp_nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',') + } + + cinder::backend::netapp { $cinder_netapp_backend : + nfs_shares => $cinder_netapp_nfs_shares, + } + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -401,12 +406,10 @@ if hiera('step') >= 3 { include ::ceilometer::alarm::evaluator include ::ceilometer::expirer include ::ceilometer::collector + include ceilometer::agent::auth class { '::ceilometer::db' : database_connection => $ceilometer_database_connection, } - class { 'ceilometer::agent::auth': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']), - } Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } @@ -420,7 +423,7 @@ if hiera('step') >= 3 { # Horizon $vhost_params = { add_listen => false } class { 'horizon': - cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','), + cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), vhost_extra_params => $vhost_params, } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 99344532..ae5001ad 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -55,6 +55,7 @@ if hiera('step') >= 1 { class { '::tripleo::loadbalancer' : controller_hosts => $controller_node_ips, controller_hosts_names => $controller_node_names, + redis => false, manage_vip => false, haproxy_service_manage => false, } @@ -94,14 +95,23 @@ if hiera('step') >= 1 { replace => true, } - # MongoDB - include ::mongodb::globals + if downcase(hiera('ceilometer_backend')) == 'mongodb' { + include ::mongodb::globals + class { '::mongodb::server' : + service_manage => false, + } + } - # FIXME: replace with service_manage => false on ::mongodb::server - # when this is merged: https://github.com/puppetlabs/pupp etlabs-mongodb/pull/198 - class { '::mongodb::server' : - service_ensure => undef, - service_enable => false, + # Memcached + class {'::memcached' : + service_manage => false, + } + + # Redis + class { '::redis' : + bind => '0.0.0.0', + service_manage => false, + notify_service => false, } # Galera @@ -122,7 +132,7 @@ if hiera('step') >= 1 { 'innodb_locks_unsafe_for_binlog'=> '1', 'query_cache_size' => '0', 'query_cache_type' => '0', - 'bind-address' => hiera('controller_host'), + 'bind-address' => hiera('mysql_bind_host'), 'max_connections' => '1024', 'open_files_limit' => '-1', 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so', @@ -155,6 +165,11 @@ if hiera('step') >= 1 { if hiera('step') >= 2 { if $pacemaker_master { + + # FIXME: we should not have to access tripleo::loadbalancer class + # parameters here to configure pacemaker VIPs. The configuration + # of pacemaker VIPs could move into puppet-tripleo or we should + # make use of less specific hiera parameters here for the settings. $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip') pacemaker::resource::ip { 'control_vip': ip_address => $control_vip, @@ -163,9 +178,35 @@ if hiera('step') >= 2 { pacemaker::resource::ip { 'public_vip': ip_address => $public_vip, } + + $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip') + if $internal_api_vip and $internal_api_vip != $control_vip { + pacemaker::resource::ip { 'internal_api_vip': + ip_address => $internal_api_vip, + } + } + + $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip') + if $storage_vip and $storage_vip != $control_vip { + pacemaker::resource::ip { 'storage_vip': + ip_address => $storage_vip, + } + } + + $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip') + if $storage_mgmt_vip and $storage_mgmt_vip != $control_vip { + pacemaker::resource::ip { 'storage_mgmt_vip': + ip_address => $storage_mgmt_vip, + } + } + pacemaker::resource::service { 'haproxy': clone_params => true, } + pacemaker::resource::service { $::memcached::params::service_name : + clone_params => true, + require => Class['::memcached'], + } pacemaker::resource::ocf { 'rabbitmq': ocf_agent_name => 'heartbeat:rabbitmq-cluster', @@ -179,60 +220,61 @@ if hiera('step') >= 2 { op_params => 'start timeout=120s', clone_params => true, require => Class['::mongodb::server'], - before => Exec['mongodb-ready'], } # NOTE (spredzy) : The replset can only be run # once all the nodes have joined the cluster. - $mongo_node_ips = split(hiera('mongo_node_ips'), ',') + $mongo_node_ips = hiera('mongo_node_ips') $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') $mongo_node_string = join($mongo_node_ips_with_port, ',') + $mongodb_pacemaker_resource = Pacemaker::Resource::Service[$::mongodb::params::service_name] $mongodb_replset = hiera('mongodb::server::replset') - $mongodb_cluster_ready_command = join(suffix(prefix($mongo_node_ips, '/bin/nc -w1 '), ' 27017 < /dev/null'), ' && ') - exec { 'mongodb-ready' : - command => $mongodb_cluster_ready_command, - timeout => 30, - tries => 180, - try_sleep => 10, + mongodb_conn_validator { $mongo_node_ips_with_port : + require => Pacemaker::Resource::Service[$::mongodb::params::service_name], + before => Mongodb_replset[$mongodb_replset], } mongodb_replset { $mongodb_replset : members => $mongo_node_ips_with_port, - require => Exec['mongodb-ready'], } } pacemaker::resource::ocf { 'galera' : ocf_agent_name => 'heartbeat:galera', - op_params => 'promote timeout=300s on-fail=block --master', + op_params => 'promote timeout=300s on-fail=block', + master_params => '', meta_params => "master-max=${galera_nodes_count} ordered=true", resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'", require => Class['::mysql::server'], before => Exec['galera-ready'], } - mysql_user { 'clustercheckuser@localhost' : - password_hash => mysql_password($clustercheck_password), - require => Exec['galera-ready'], - } - } - # Redis - $redis_node_ips = split(hiera('redis_node_ips'), ',') - $redis_master_hostname = downcase(hiera('bootstrap_nodeid')) - - if $redis_master_hostname == $::hostname { - $slaveof = undef - } else { - $slaveof = "${redis_master_hostname} 6379" - } - class {'::redis' : - slaveof => $slaveof, - } - - if count($redis_node_ips) > 1 { - Class['::tripleo::redis_notification'] -> Service['redis-sentinel'] - include ::redis::sentinel - class {'::tripleo::redis_notification' : - haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'), + pacemaker::resource::ocf { 'redis': + ocf_agent_name => 'heartbeat:redis', + master_params => '', + meta_params => 'notify=true ordered=true interleave=true', + resource_params => 'wait_last_known_master=true', + require => Class['::redis'], + } + $redis_vip = hiera('redis_vip') + pacemaker::resource::ip { 'vip-redis': + ip_address => $redis_vip, + } + pacemaker::constraint::base { 'redis-master-then-vip-redis': + constraint_type => 'order', + first_resource => 'redis-master', + second_resource => "ip-${redis_vip}", + first_action => 'promote', + second_action => 'start', + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Ip['vip-redis']], } + pacemaker::constraint::colocation { 'vip-redis-with-redis-master': + source => "ip-${redis_vip}", + target => 'redis-master', + score => 'INFINITY', + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Ip['vip-redis']], + } + } exec { 'galera-ready' : @@ -267,7 +309,7 @@ MYSQL_HOST=localhost\n", # Create all the database schemas # Example DSN format: mysql://user:password@host/dbname if $sync_db { - $allowed_hosts = ['%',hiera('controller_host')] + $allowed_hosts = ['%',hiera('mysql_bind_host')] $keystone_dsn = split(hiera('keystone::database_connection'), '[@:/?]') class { 'keystone::db::mysql': user => $keystone_dsn[3], @@ -354,8 +396,6 @@ MYSQL_HOST=localhost\n", include ::ceph::profile::osd } - # Memcached - include ::memcached } #END STEP 2 @@ -363,8 +403,8 @@ if hiera('step') >= 3 { class { '::keystone': sync_db => $sync_db, - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } #TODO: need a cleanup-keystone-tokens.sh solution here @@ -421,52 +461,54 @@ if hiera('step') >= 3 { } include join(['::glance::backend::', $glance_backend]) - class { 'nova': - glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), - } + include ::nova class { '::nova::api' : sync_db => $sync_db, - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::nova::cert' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::nova::conductor' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::nova::consoleauth' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::nova::vncproxy' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::nova::scheduler' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } include ::nova::network::neutron + # Neutron class definitions include ::neutron class { '::neutron::server' : sync_db => $sync_db, - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::neutron::agents::dhcp' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::neutron::agents::l3' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, + } + class { 'neutron::agents::metadata': + manage_service => false, + enabled => false, } - file { '/etc/neutron/dnsmasq-neutron.conf': content => hiera('neutron_dnsmasq_options'), owner => 'neutron', @@ -474,31 +516,17 @@ if hiera('step') >= 3 { notify => Service['neutron-dhcp-service'], require => Package['neutron'], } - class { 'neutron::plugins::ml2': - flat_networks => split(hiera('neutron_flat_networks'), ','), + flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - type_drivers => [hiera('neutron_tenant_network_type')], } - class { 'neutron::agents::ml2::ovs': - # manage_service => $non_pcmk_start, -- not implemented - enabled => $non_pcmk_start, + # manage_service => false # not implemented + enabled => false, bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), tunnel_types => split(hiera('neutron_tunnel_types'), ','), } - class { 'neutron::agents::metadata': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']), - } - - Service['neutron-server'] -> Service['neutron-dhcp-service'] - Service['neutron-server'] -> Service['neutron-l3'] - Service['neutron-server'] -> Service['neutron-ovs-agent-service'] - Service['neutron-server'] -> Service['neutron-metadata'] - include ::cinder class { '::cinder::api': sync_db => $sync_db, @@ -555,7 +583,23 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend]) + if hiera('cinder_enable_netapp_backend', false) { + $cinder_netapp_backend = hiera('cinder::backend::netapp::title') + + cinder_config { + "${cinder_netapp_backend}/host": value => 'hostgroup'; + } + + if hiera('cinder_netapp_nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',') + } + + cinder::backend::netapp { $cinder_netapp_backend : + nfs_shares => $cinder_netapp_nfs_shares, + } + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -619,37 +663,36 @@ if hiera('step') >= 3 { } include ::ceilometer class { '::ceilometer::api' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::ceilometer::agent::notification' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::ceilometer::agent::central' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, + coordination_url => "redis://${redis_vip}:6379", } class { '::ceilometer::alarm::notifier' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::ceilometer::alarm::evaluator' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::ceilometer::collector' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } include ::ceilometer::expirer class { '::ceilometer::db' : database_connection => $ceilometer_database_connection, sync_db => $sync_db, } - class { 'ceilometer::agent::auth': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']), - } + include ceilometer::agent::auth Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } @@ -658,26 +701,26 @@ if hiera('step') >= 3 { sync_db => $sync_db, } class { '::heat::api' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::heat::api_cfn' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::heat::api_cloudwatch' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } class { '::heat::engine' : - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + manage_service => false, + enabled => false, } # Horizon $vhost_params = { add_listen => false } class { 'horizon': - cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','), + cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), vhost_extra_params => $vhost_params, } @@ -696,15 +739,30 @@ if hiera('step') >= 3 { if hiera('step') >= 4 { if $pacemaker_master { + # Keystone + pacemaker::resource::service { $::keystone::params::service_name : + clone_params => "interleave=true", + } + # Cinder pacemaker::resource::service { $::cinder::params::api_service : clone_params => "interleave=true", + require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::cinder::params::scheduler_service : clone_params => "interleave=true", } pacemaker::resource::service { $::cinder::params::volume_service : } + pacemaker::constraint::base { 'keystone-then-cinder-api-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::cinder::params::api_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::cinder::params::api_service], + Pacemaker::Resource::Service[$::keystone::params::service_name]], + } pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': constraint_type => "order", first_resource => "${::cinder::params::api_service}-clone", @@ -738,31 +796,502 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::cinder::params::volume_service]], } - } + # Glance + pacemaker::resource::service { $::glance::params::registry_service_name : + clone_params => "interleave=true", + require => Pacemaker::Resource::Service[$::keystone::params::service_name], + } + pacemaker::resource::service { $::glance::params::api_service_name : + clone_params => "interleave=true", + } - # Glance - pacemaker::resource::service { $::glance::params::registry_service_name : - clone_params => "interleave=true", - } - pacemaker::resource::service { $::glance::params::api_service_name : - clone_params => "interleave=true", - } + pacemaker::constraint::base { 'keystone-then-glance-registry-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::glance::params::registry_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], + Pacemaker::Resource::Service[$::keystone::params::service_name]], + } + pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint': + constraint_type => "order", + first_resource => "${::glance::params::registry_service_name}-clone", + second_resource => "${::glance::params::api_service_name}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], + Pacemaker::Resource::Service[$::glance::params::api_service_name]], + } + pacemaker::constraint::colocation { 'glance-api-with-glance-registry-colocation': + source => "${::glance::params::api_service_name}-clone", + target => "${::glance::params::registry_service_name}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], + Pacemaker::Resource::Service[$::glance::params::api_service_name]], + } + + # Neutron + pacemaker::resource::service { $::neutron::params::server_service: + op_params => "start timeout=90", + clone_params => "interleave=true", + require => Pacemaker::Resource::Service[$::keystone::params::service_name] + } + pacemaker::resource::service { $::neutron::params::l3_agent_service: + clone_params => "interleave=true", + } + pacemaker::resource::service { $::neutron::params::dhcp_agent_service: + clone_params => "interleave=true", + } + pacemaker::resource::service { $::neutron::params::ovs_agent_service: + clone_params => "interleave=true", + } + pacemaker::resource::service { $::neutron::params::metadata_agent_service: + clone_params => "interleave=true", + } + pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service: + ocf_agent_name => "neutron:OVSCleanup", + clone_params => "interleave=true", + } + pacemaker::resource::ocf { 'neutron-netns-cleanup': + ocf_agent_name => "neutron:NetnsCleanup", + clone_params => "interleave=true", + } + pacemaker::resource::ocf { 'neutron-scale': + ocf_agent_name => "neutron:NeutronScale", + clone_params => "globally-unique=true clone-max=3 interleave=true", + } + pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': + constraint_type => "order", + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::neutron::params::server_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::keystone::params::service_name], + Pacemaker::Resource::Service[$::neutron::params::server_service]], + } + pacemaker::constraint::base { 'neutron-server-to-neutron-scale-constraint': + constraint_type => "order", + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "neutron-scale-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Ocf['neutron-scale']], + } + pacemaker::constraint::base { 'neutron-scale-to-ovs-cleanup-constraint': + constraint_type => "order", + first_resource => "neutron-scale-clone", + second_resource => "${::neutron::params::ovs_cleanup_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Ocf['neutron-scale'], + Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"]], + } + pacemaker::constraint::colocation { 'neutron-scale-to-ovs-cleanup-colocation': + source => "${::neutron::params::ovs_cleanup_service}-clone", + target => "neutron-scale-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Ocf['neutron-scale'], + Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"]], + } + pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint': + constraint_type => "order", + first_resource => "${::neutron::params::ovs_cleanup_service}-clone", + second_resource => "neutron-netns-cleanup-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"], + Pacemaker::Resource::Ocf['neutron-netns-cleanup']], + } + pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation': + source => "neutron-netns-cleanup-clone", + target => "${::neutron::params::ovs_cleanup_service}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"], + Pacemaker::Resource::Ocf['neutron-netns-cleanup']], + } + pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint': + constraint_type => "order", + first_resource => "neutron-netns-cleanup-clone", + second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"], + Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]], + } + pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation': + source => "${::neutron::params::ovs_agent_service}-clone", + target => "neutron-netns-cleanup-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"], + Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]], + } + pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': + constraint_type => "order", + first_resource => "${::neutron::params::ovs_agent_service}-clone", + second_resource => "${::neutron::params::dhcp_agent_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"], + Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]], + + } + pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation': + source => "${::neutron::params::dhcp_agent_service}-clone", + target => "${::neutron::params::ovs_agent_service}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"], + Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]], + } + pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint': + constraint_type => "order", + first_resource => "${::neutron::params::dhcp_agent_service}-clone", + second_resource => "${::neutron::params::l3_agent_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"], + Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]] + } + pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation': + source => "${::neutron::params::l3_agent_service}-clone", + target => "${::neutron::params::dhcp_agent_service}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"], + Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]] + } + pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint': + constraint_type => "order", + first_resource => "${::neutron::params::l3_agent_service}-clone", + second_resource => "${::neutron::params::metadata_agent_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"], + Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]] + } + pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation': + source => "${::neutron::params::metadata_agent_service}-clone", + target => "${::neutron::params::l3_agent_service}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"], + Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]] + } + + # Nova + pacemaker::resource::service { $::nova::params::api_service_name : + clone_params => "interleave=true", + op_params => "monitor start-delay=10s", + } + pacemaker::resource::service { $::nova::params::conductor_service_name : + clone_params => "interleave=true", + op_params => "monitor start-delay=10s", + } + pacemaker::resource::service { $::nova::params::consoleauth_service_name : + clone_params => "interleave=true", + op_params => "monitor start-delay=10s", + require => Pacemaker::Resource::Service[$::keystone::params::service_name], + } + pacemaker::resource::service { $::nova::params::vncproxy_service_name : + clone_params => "interleave=true", + op_params => "monitor start-delay=10s", + } + pacemaker::resource::service { $::nova::params::scheduler_service_name : + clone_params => "interleave=true", + op_params => "monitor start-delay=10s", + } + + pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::nova::params::consoleauth_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], + Pacemaker::Resource::Service[$::keystone::params::service_name]], + } + pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint': + constraint_type => "order", + first_resource => "${::nova::params::consoleauth_service_name}-clone", + second_resource => "${::nova::params::vncproxy_service_name}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], + Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]], + } + pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation': + source => "${::nova::params::vncproxy_service_name}-clone", + target => "${::nova::params::consoleauth_service_name}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], + Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]], + } + # FIXME(gfidente): novncproxy will not start unless websockify is updated to 0.6 + # which is not the case for f20 nor f21; ucomment when it becomes available + #pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint': + # constraint_type => "order", + # first_resource => "${::nova::params::vncproxy_service_name}-clone", + # second_resource => "${::nova::params::api_service_name}-clone", + # first_action => "start", + # second_action => "start", + # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], + # Pacemaker::Resource::Service[$::nova::params::api_service_name]], + #} + #pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation': + # source => "${::nova::params::api_service_name}-clone", + # target => "${::nova::params::vncproxy_service_name}-clone", + # score => "INFINITY", + # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], + # Pacemaker::Resource::Service[$::nova::params::api_service_name]], + #} + pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint': + constraint_type => "order", + first_resource => "${::nova::params::api_service_name}-clone", + second_resource => "${::nova::params::scheduler_service_name}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::nova::params::api_service_name], + Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]], + } + pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation': + source => "${::nova::params::scheduler_service_name}-clone", + target => "${::nova::params::api_service_name}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::nova::params::api_service_name], + Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]], + } + pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint': + constraint_type => "order", + first_resource => "${::nova::params::scheduler_service_name}-clone", + second_resource => "${::nova::params::conductor_service_name}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name], + Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], + } + pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation': + source => "${::nova::params::conductor_service_name}-clone", + target => "${::nova::params::scheduler_service_name}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name], + Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], + } + + # Ceilometer + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : + clone_params => 'interleave=true', + require => [Pacemaker::Resource::Service[$::keystone::params::service_name], + $mongodb_pacemaker_resource], + } + pacemaker::resource::service { $::ceilometer::params::collector_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::ceilometer::params::api_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::ceilometer::params::alarm_evaluator_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::ceilometer::params::alarm_notifier_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::ocf { 'delay' : + ocf_agent_name => 'heartbeat:Delay', + clone_params => 'interleave=true', + resource_params => 'startdelay=10', + } + pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::agent_central_service_name}-clone", + second_resource => "${::ceilometer::params::collector_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]], + } + pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::collector_service_name}-clone", + second_resource => "${::ceilometer::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]], + } + pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation': + source => "${::ceilometer::params::api_service_name}-clone", + target => "${::ceilometer::params::collector_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]], + } + pacemaker::constraint::base { 'ceilometer-api-then-ceilometer-delay-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::api_service_name}-clone", + second_resource => 'delay-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation': + source => 'delay-clone', + target => "${::ceilometer::params::api_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::base { 'ceilometer-delay-then-ceilometer-alarm-evaluator-constraint': + constraint_type => 'order', + first_resource => 'delay-clone', + second_resource => "${::ceilometer::params::alarm_evaluator_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::colocation { 'ceilometer-alarm-evaluator-with-ceilometer-delay-colocation': + source => "${::ceilometer::params::alarm_evaluator_service_name}-clone", + target => 'delay-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::base { 'ceilometer-alarm-evaluator-then-ceilometer-alarm-notifier-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::alarm_evaluator_service_name}-clone", + second_resource => "${::ceilometer::params::alarm_notifier_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]], + } + pacemaker::constraint::colocation { 'ceilometer-alarm-notifier-with-ceilometer-alarm-evaluator-colocation': + source => "${::ceilometer::params::alarm_notifier_service_name}-clone", + target => "${::ceilometer::params::alarm_evaluator_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]], + } + pacemaker::constraint::base { 'ceilometer-alarm-notifier-then-ceilometer-notification-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::alarm_notifier_service_name}-clone", + second_resource => "${::ceilometer::params::agent_notification_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]], + } + pacemaker::constraint::colocation { 'ceilometer-notification-with-ceilometer-alarm-notifier-colocation': + source => "${::ceilometer::params::agent_notification_service_name}-clone", + target => "${::ceilometer::params::alarm_notifier_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]], + } + if downcase(hiera('ceilometer_backend')) == 'mongodb' { + pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => "${::mongodb::params::service_name}-clone", + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Service[$::mongodb::params::service_name]], + } + } + pacemaker::constraint::base { 'vip-redis-then-ceilometer-central': + constraint_type => 'order', + first_resource => "ip-${redis_vip}", + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Ip['vip-redis']], + } + pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Service[$::keystone::params::service_name]], + } + + # Heat + pacemaker::resource::service { $::heat::params::api_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::heat::params::api_cfn_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::heat::params::engine_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint': + constraint_type => 'order', + first_resource => "${::heat::params::api_service_name}-clone", + second_resource => "${::heat::params::api_cfn_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], + Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], + } + pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation': + source => "${::heat::params::api_cfn_service_name}-clone", + target => "${::heat::params::api_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name], + Pacemaker::Resource::Service[$::heat::params::api_service_name]], + } + pacemaker::constraint::base { 'heat-api-cfn-then-heat-api-cloudwatch-constraint': + constraint_type => 'order', + first_resource => "${::heat::params::api_cfn_service_name}-clone", + second_resource => "${::heat::params::api_cloudwatch_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], + Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], + } + pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation': + source => "${::heat::params::api_cloudwatch_service_name}-clone", + target => "${::heat::params::api_cfn_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name], + Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name]], + } + pacemaker::constraint::base { 'heat-api-cloudwatch-then-heat-engine-constraint': + constraint_type => 'order', + first_resource => "${::heat::params::api_cloudwatch_service_name}-clone", + second_resource => "${::heat::params::engine_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], + Pacemaker::Resource::Service[$::heat::params::engine_service_name]], + } + pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation': + source => "${::heat::params::engine_service_name}-clone", + target => "${::heat::params::api_cloudwatch_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], + Pacemaker::Resource::Service[$::heat::params::engine_service_name]], + } + pacemaker::constraint::base { 'ceilometer-notification-then-heat-api-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::agent_notification_service_name}-clone", + second_resource => "${::heat::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]], + } - pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint': - constraint_type => "order", - first_resource => "${::glance::params::registry_service_name}-clone", - second_resource => "${::glance::params::api_service_name}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], - Pacemaker::Resource::Service[$::glance::params::api_service_name]], - } - pacemaker::constraint::colocation { 'glance-registry-with-glance-api-colocation': - source => "${::glance::params::registry_service_name}-clone", - target => "${::glance::params::api_service_name}-clone", - score => "INFINITY", - require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], - Pacemaker::Resource::Service[$::glance::params::api_service_name]], } } #END STEP 4 diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage-puppet.yaml index b1c4f238..e7ac6135 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage-puppet.yaml @@ -51,6 +51,17 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json resources: @@ -68,13 +79,39 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::SwiftStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::SwiftStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: SwiftStorage} SwiftStorageHieraConfig: @@ -86,6 +123,8 @@ resources: hierarchy: - heat_config_%{::deploy_config_name} - object + - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig + - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - common datafiles: @@ -93,20 +132,20 @@ resources: raw_data: {get_file: hieradata/common.yaml} object: raw_data: {get_file: hieradata/object.yaml} - oac_data: # data we map in from other OAC configurations - tripleo::ringbuilder::devices: swift.devices mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_suffix: { get_input: swift_hash_suffix } tripleo::ringbuilder::part_power: { get_input: swift_part_power } tripleo::ringbuilder::replicas: {get_input: swift_replicas } # Swift - swift::storage::all::storage_local_net_ip: {get_input: local_ip} + swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } ntp::servers: {get_input: ntp_servers} # NOTE(dprince): build_ring support is currently not wired in. # See: https://review.openstack.org/#/c/109225/ tripleo::ringbuilder::build_ring: True + snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} + snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} enable_package_install: {get_input: enable_package_install} @@ -131,6 +170,19 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: SwiftStorage} + input_values: + update_identifier: + get_param: UpdateIdentifier outputs: hosts_entry: @@ -150,4 +202,13 @@ outputs: str_replace: template: 'r1z1-IP:%PORT%/d1' params: - IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml new file mode 100644 index 00000000..c083821e --- /dev/null +++ b/puppet/vip-config.yaml @@ -0,0 +1,42 @@ +heat_template_version: 2015-04-30 + +description: > + Configure hieradata for service -> virtual IP mappings. + +resources: + VipConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + vip_data: + mapped_data: + keystone_admin_api_vip: {get_input: keystone_admin_api_vip} + keystone_public_api_vip: {get_input: keystone_public_api_vip} + neutron_api_vip: {get_input: neutron_api_vip} + cinder_api_vip: {get_input: cinder_api_vip} + glance_api_vip: {get_input: glance_api_vip} + glance_registry_vip: {get_input: glance_registry_vip} + swift_proxy_vip: {get_input: swift_proxy_vip} + nova_api_vip: {get_input: nova_api_vip} + nova_metadata_vip: {get_input: nova_metadata_vip} + ceilometer_api_vip: {get_input: ceilometer_api_vip} + heat_api_vip: {get_input: heat_api_vip} + horizon_vip: {get_input: horizon_vip} + redis_vip: {get_input: redis_vip} + mysql_vip: {get_input: mysql_vip} + mysql_vip: {get_input: mysql_vip} + tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip} + tripleo::loadbalancer::controller_virtual_ip: {get_input: control_virtual_ip} + tripleo::loadbalancer::internal_api_virtual_ip: {get_input: internal_api_virtual_ip} + tripleo::loadbalancer::storage_virtual_ip: {get_input: storage_virtual_ip} + tripleo::loadbalancer::storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} + tripleo::redis_notification::haproxy_monitor_ip: {get_input: control_virtual_ip} + + +outputs: + OS::stack_id: + description: The VipConfigImpl resource. + value: {get_resource: VipConfigImpl} diff --git a/swift-storage.yaml b/swift-storage.yaml index ea288649..c2819349 100644 --- a/swift-storage.yaml +++ b/swift-storage.yaml @@ -82,6 +82,12 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes resources: SwiftConfig: @@ -116,13 +122,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::SwiftStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::SwiftStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: SwiftStorage} SwiftStorageDeploy: @@ -160,3 +185,12 @@ outputs: template: 'r1z1-IP:%PORT%/d1' params: IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/undercloud-bm-nova-config.yaml b/undercloud-bm-nova-config.yaml index e70c9099..306dc0a1 100644 --- a/undercloud-bm-nova-config.yaml +++ b/undercloud-bm-nova-config.yaml @@ -8,7 +8,7 @@ resources: compute_driver: {get_param: NovaComputeDriver} compute_manager: {get_param: NovaComputeManager} scheduler_host_manager: {get_param: NovaSchedulerHostManager} - db: mysql://nova:unset@localhost/nova + db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]} default_ephemeral_format: ext4 host: 127.0.0.1 metadata-proxy: false @@ -17,7 +17,7 @@ resources: reserved_host_memory_mb: 0 baremetal: arch: {get_input: nova_arch} - db: mysql://nova:unset@localhost/nova_bm + db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova_bm']]} power_manager: {get_input: power_manager} pxe_deploy_timeout: {get_input: pxe_deploy_timeout} service-password: {get_input: nova_service_password} diff --git a/undercloud-source.yaml b/undercloud-source.yaml index ce5b7e8d..6fe2066d 100644 --- a/undercloud-source.yaml +++ b/undercloud-source.yaml @@ -260,7 +260,7 @@ resources: recheck_interval : 5 quorum_policy : ignore ceilometer: - db: mysql://ceilometer:unset@localhost/ceilometer + db: {list_join: ['', ['mysql://ceilometer:', {get_param: CeilometerPassword}, '@localhost/ceilometer']]} debug: {get_param: Debug} metering_secret: {get_param: CeilometerMeteringSecret} snmpd_readonly_user_name: @@ -272,7 +272,7 @@ resources: db-password: unset glance: backend: file - db: mysql://glance:unset@localhost/glance + db: {list_join: ['', ['mysql://glance:', {get_param: GlancePassword}, '@localhost/glance']]} debug: {get_param: Debug} host: 127.0.0.1 port: @@ -291,14 +291,14 @@ resources: admin_tenant_name: service admin_user: heat auth_encryption_key: unset___________ - db: mysql://heat:unset@localhost/heat + db: {list_join: ['', ['mysql://heat:', {get_param: HeatPassword}, '@localhost/heat']]} debug: {get_param: Debug} stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} watch_server_url: {get_input: heat.watch_server_url} metadata_server_url: {get_input: heat.metadata_server_url} waitcondition_server_url: {get_input: heat.waitcondition_server_url} keystone: - db: mysql://keystone:unset@localhost/keystone + db: {list_join: ['', ['mysql://keystone:', {get_param: AdminToken}, '@localhost/keystone']]} debug: {get_param: Debug} host: 127.0.0.1 ca_certificate: {get_param: KeystoneCACertificate} @@ -314,7 +314,7 @@ resources: neutron: debug: {get_param: Debug} host: 127.0.0.1 - ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 + ovs_db: {list_join: ['', ['mysql://neutron:', {get_param: NeutronPassword}, '@localhost/ovs_neutron?charset=utf8']]} ovs: local_ip: get_input: controller_host diff --git a/undercloud-vm-ironic-config.yaml b/undercloud-vm-ironic-config.yaml index f5aa4981..cc0dafb6 100644 --- a/undercloud-vm-ironic-config.yaml +++ b/undercloud-vm-ironic-config.yaml @@ -8,7 +8,7 @@ resources: compute_driver: {get_param: NovaComputeDriver} compute_manager: {get_param: NovaComputeManager} scheduler_host_manager: {get_param: NovaSchedulerHostManager} - db: mysql://nova:unset@localhost/nova + db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]} debug: {get_param: Debug} default_ephemeral_format: ext4 host: 127.0.0.1 @@ -22,6 +22,6 @@ resources: properties: config: ironic: - db: mysql://ironic:unset@localhost/ironic + db: {list_join: ['', ['mysql://ironic:', {get_param: IronicPassword}, '@localhost/ironic']]} service-password: {get_input: ironic_service_password} virtual_power_ssh_key: {get_input: virtual_power_ssh_key} diff --git a/undercloud-vm-nova-config.yaml b/undercloud-vm-nova-config.yaml index 9dbb8c22..1fb8abb3 100644 --- a/undercloud-vm-nova-config.yaml +++ b/undercloud-vm-nova-config.yaml @@ -8,7 +8,7 @@ resources: compute_driver: {get_param: NovaComputeDriver} compute_manager: {get_param: NovaComputeManager} scheduler_host_manager: {get_param: NovaSchedulerHostManager} - db: mysql://nova:unset@localhost/nova + db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]} default_ephemeral_format: ext4 host: 127.0.0.1 metadata-proxy: false @@ -17,7 +17,7 @@ resources: reserved_host_memory_mb: 0 baremetal: arch: {get_input: nova_arch} - db: mysql://nova:unset@localhost/nova_bm + db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova_bm']]} power_manager: {get_input: power_manager} pxe_deploy_timeout: {get_input: pxe_deploy_timeout} virtual_power: diff --git a/vip-config.yaml b/vip-config.yaml new file mode 100644 index 00000000..8f984ab7 --- /dev/null +++ b/vip-config.yaml @@ -0,0 +1,16 @@ +heat_template_version: 2015-04-30 + +description: > + Configure hieradata for service -> virtual IP mappings. + +resources: + VipConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + # by default does nothing + +outputs: + OS::stack_id: + description: The VipConfigImpl resource. + value: {get_resource: VipConfigImpl} |