summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore3
-rw-r--r--README.rst65
-rw-r--r--all-nodes-validation.yaml2
-rw-r--r--bootstrap-config.yaml2
-rw-r--r--capabilities-map.yaml12
-rw-r--r--ci/common/net-config-multinode.yaml2
-rw-r--r--ci/environments/scenario001-multinode.yaml35
-rw-r--r--ci/environments/scenario002-multinode.yaml8
-rw-r--r--ci/environments/scenario003-multinode.yaml4
-rw-r--r--ci/environments/scenario004-multinode.yaml63
-rw-r--r--ci/pingtests/scenario001-multinode.yaml14
-rw-r--r--ci/pingtests/scenario002-multinode.yaml7
-rw-r--r--ci/pingtests/scenario003-multinode.yaml2
-rw-r--r--ci/pingtests/scenario004-multinode.yaml127
-rw-r--r--ci/scripts/freeipa_setup.sh96
-rw-r--r--default_passwords.yaml2
-rw-r--r--deployed-server/README.rst13
-rw-r--r--deployed-server/ctlplane-port.yaml17
-rw-r--r--deployed-server/deployed-neutron-port.yaml67
-rw-r--r--deployed-server/deployed-server-bootstrap-centos.sh16
-rw-r--r--deployed-server/deployed-server-bootstrap-centos.yaml22
-rw-r--r--deployed-server/deployed-server-config.yaml22
-rw-r--r--deployed-server/deployed-server-roles-data.yaml172
-rw-r--r--deployed-server/deployed-server.yaml80
-rwxr-xr-xdeployed-server/scripts/get-occ-config.sh44
-rw-r--r--docker/firstboot/install_docker_agents.yaml2
-rwxr-xr-x[-rw-r--r--]docker/firstboot/start_docker_agents.sh97
-rw-r--r--docker/post.j2.yaml83
-rw-r--r--docker/services/neutron-ovs-agent.yaml11
-rw-r--r--docker/services/nova-compute.yaml2
-rw-r--r--docker/services/nova-libvirt.yaml7
-rw-r--r--docker/services/services.yaml2
-rw-r--r--environments/cinder-hpelefthand-config.yaml13
-rw-r--r--environments/deployed-server-bootstrap-environment-centos.yaml7
-rw-r--r--environments/deployed-server-environment.yaml4
-rw-r--r--environments/deployed-server-noop-ctlplane.yaml3
-rw-r--r--environments/docker-network-isolation.yaml4
-rw-r--r--environments/docker.yaml5
-rw-r--r--environments/enable-internal-tls.yaml1
-rw-r--r--environments/enable-swap-partition.yaml3
-rw-r--r--environments/enable-swap.yaml3
-rw-r--r--environments/external-loadbalancer-vip-v6.yaml21
-rw-r--r--environments/external-loadbalancer-vip.yaml19
-rw-r--r--environments/host-config-pre-network.j2.yaml16
-rw-r--r--environments/major-upgrade-all-in-one.yaml8
-rw-r--r--environments/network-isolation-no-tunneling.yaml30
-rw-r--r--environments/network-isolation.yaml3
-rw-r--r--environments/neutron-ml2-fujitsu-cfab.yaml21
-rw-r--r--environments/neutron-ml2-ovn.yaml3
-rw-r--r--environments/neutron-opendaylight-l3.yaml4
-rw-r--r--environments/neutron-opendaylight.yaml6
-rw-r--r--environments/puppet-ceph-external.yaml3
-rw-r--r--environments/puppet-pacemaker.yaml1
-rw-r--r--environments/services/ceph-mds.yaml2
-rw-r--r--environments/services/zaqar.yaml2
-rw-r--r--environments/tls-endpoints-public-dns.yaml10
-rw-r--r--environments/tls-endpoints-public-ip.yaml10
-rw-r--r--environments/tls-everywhere-endpoints-dns.yaml10
-rw-r--r--environments/undercloud.yaml18
-rw-r--r--environments/updates/README.md3
-rw-r--r--environments/updates/update-from-deployed-server-newton.yaml2
-rw-r--r--environments/updates/update-from-keystone-admin-internal-api.yaml29
-rw-r--r--extraconfig/all_nodes/mac_hostname.j2.yaml2
-rw-r--r--extraconfig/all_nodes/random_string.j2.yaml2
-rw-r--r--extraconfig/all_nodes/swap-partition.j2.yaml19
-rw-r--r--extraconfig/all_nodes/swap.j2.yaml10
-rw-r--r--extraconfig/post_deploy/default.yaml2
-rw-r--r--extraconfig/post_deploy/example.yaml2
-rw-r--r--extraconfig/post_deploy/example_run_on_update.yaml2
-rwxr-xr-xextraconfig/post_deploy/undercloud_post.sh126
-rw-r--r--extraconfig/post_deploy/undercloud_post.yaml93
-rw-r--r--extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml2
-rw-r--r--extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration43
-rw-r--r--extraconfig/pre_network/ansible_host_config.ansible58
-rw-r--r--extraconfig/pre_network/config_then_reboot.yaml48
-rw-r--r--extraconfig/pre_network/host_config_and_reboot.role.j2.yaml100
-rw-r--r--extraconfig/tasks/major_upgrade_block_storage.sh13
-rw-r--r--extraconfig/tasks/major_upgrade_ceilometer_wsgi_mitaka_newton.yaml2
-rw-r--r--extraconfig/tasks/major_upgrade_ceph_storage.sh20
-rw-r--r--extraconfig/tasks/major_upgrade_compute.sh15
-rwxr-xr-xextraconfig/tasks/major_upgrade_controller_pacemaker_2.sh13
-rwxr-xr-xextraconfig/tasks/major_upgrade_controller_pacemaker_3.sh2
-rw-r--r--extraconfig/tasks/major_upgrade_object_storage.sh15
-rw-r--r--extraconfig/tasks/major_upgrade_pacemaker.yaml8
-rw-r--r--extraconfig/tasks/major_upgrade_pacemaker_init.j2.yaml15
-rw-r--r--extraconfig/tasks/major_upgrade_pacemaker_migrations.sh1
-rw-r--r--extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml2
-rwxr-xr-xextraconfig/tasks/pacemaker_common_functions.sh24
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker.yaml2
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker_restart.yaml2
-rw-r--r--extraconfig/tasks/pre_puppet_pacemaker.yaml2
-rwxr-xr-xextraconfig/tasks/yum_update.sh13
-rw-r--r--extraconfig/tasks/yum_update.yaml9
-rw-r--r--extraconfig/tasks/yum_update_noop.yaml2
-rw-r--r--firstboot/os-net-config-mappings.yaml6
-rw-r--r--firstboot/userdata_default.yaml2
-rw-r--r--firstboot/userdata_dev_rsync.yaml2
-rw-r--r--firstboot/userdata_example.yaml2
-rw-r--r--firstboot/userdata_heat_admin.yaml2
-rw-r--r--firstboot/userdata_root_password.yaml38
-rw-r--r--hosts-config.yaml2
-rw-r--r--net-config-bond.yaml2
-rw-r--r--net-config-bridge.yaml2
-rw-r--r--net-config-linux-bridge.yaml2
-rw-r--r--net-config-noop.yaml6
-rw-r--r--net-config-static-bridge-with-external-dhcp.yaml2
-rw-r--r--net-config-static-bridge.yaml2
-rw-r--r--net-config-static.yaml2
-rw-r--r--net-config-undercloud.yaml77
-rw-r--r--network/config/bond-with-vlans/ceph-storage.yaml2
-rw-r--r--network/config/bond-with-vlans/cinder-storage.yaml2
-rw-r--r--network/config/bond-with-vlans/compute-dpdk.yaml2
-rw-r--r--network/config/bond-with-vlans/compute.yaml2
-rw-r--r--network/config/bond-with-vlans/controller-no-external.yaml2
-rw-r--r--network/config/bond-with-vlans/controller-v6.yaml2
-rw-r--r--network/config/bond-with-vlans/controller.yaml2
-rw-r--r--network/config/bond-with-vlans/swift-storage.yaml2
-rw-r--r--network/config/multiple-nics/ceph-storage.yaml2
-rw-r--r--network/config/multiple-nics/cinder-storage.yaml2
-rw-r--r--network/config/multiple-nics/compute-dvr.yaml162
-rw-r--r--network/config/multiple-nics/compute.yaml2
-rw-r--r--network/config/multiple-nics/controller-v6.yaml2
-rw-r--r--network/config/multiple-nics/controller.yaml2
-rw-r--r--network/config/multiple-nics/swift-storage.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/compute.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/controller-v6.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/controller.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/swift-storage.yaml2
-rw-r--r--network/config/single-nic-vlans/ceph-storage.yaml2
-rw-r--r--network/config/single-nic-vlans/cinder-storage.yaml2
-rw-r--r--network/config/single-nic-vlans/compute.yaml2
-rw-r--r--network/config/single-nic-vlans/controller-no-external.yaml2
-rw-r--r--network/config/single-nic-vlans/controller-v6.yaml2
-rw-r--r--network/config/single-nic-vlans/controller.yaml2
-rw-r--r--network/config/single-nic-vlans/swift-storage.yaml2
-rwxr-xr-xnetwork/endpoints/build_endpoint_map.py2
-rw-r--r--network/endpoints/endpoint_data.yaml39
-rw-r--r--network/endpoints/endpoint_map.yaml828
-rw-r--r--network/external.yaml2
-rw-r--r--network/external_v6.yaml2
-rw-r--r--network/internal_api.yaml2
-rw-r--r--network/internal_api_v6.yaml2
-rw-r--r--network/management.yaml2
-rw-r--r--network/management_v6.yaml2
-rw-r--r--network/networks.yaml2
-rw-r--r--network/ports/ctlplane_vip.yaml2
-rw-r--r--network/ports/external.yaml2
-rw-r--r--network/ports/external_from_pool.yaml2
-rw-r--r--network/ports/external_from_pool_v6.yaml2
-rw-r--r--network/ports/external_v6.yaml2
-rw-r--r--network/ports/from_service.yaml2
-rw-r--r--network/ports/from_service_v6.yaml2
-rw-r--r--network/ports/internal_api.yaml2
-rw-r--r--network/ports/internal_api_from_pool.yaml2
-rw-r--r--network/ports/internal_api_from_pool_v6.yaml2
-rw-r--r--network/ports/internal_api_v6.yaml2
-rw-r--r--network/ports/management.yaml2
-rw-r--r--network/ports/management_from_pool.yaml2
-rw-r--r--network/ports/management_from_pool_v6.yaml2
-rw-r--r--network/ports/management_v6.yaml2
-rw-r--r--network/ports/net_ip_list_map.yaml19
-rw-r--r--network/ports/net_ip_map.yaml2
-rw-r--r--network/ports/net_vip_map_external.yaml2
-rw-r--r--network/ports/net_vip_map_external_v6.yaml2
-rw-r--r--network/ports/noop.yaml2
-rw-r--r--network/ports/storage.yaml2
-rw-r--r--network/ports/storage_from_pool.yaml2
-rw-r--r--network/ports/storage_from_pool_v6.yaml2
-rw-r--r--network/ports/storage_mgmt.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool_v6.yaml2
-rw-r--r--network/ports/storage_mgmt_v6.yaml2
-rw-r--r--network/ports/storage_v6.yaml2
-rw-r--r--network/ports/tenant.yaml2
-rw-r--r--network/ports/tenant_from_pool.yaml2
-rw-r--r--network/ports/tenant_from_pool_v6.yaml2
-rw-r--r--network/ports/tenant_v6.yaml2
-rw-r--r--network/ports/vip.yaml2
-rw-r--r--network/ports/vip_v6.yaml2
-rwxr-xr-xnetwork/scripts/run-os-net-config.sh20
-rw-r--r--network/service_net_map.j2.yaml5
-rw-r--r--network/storage.yaml2
-rw-r--r--network/storage_mgmt.yaml2
-rw-r--r--network/storage_mgmt_v6.yaml2
-rw-r--r--network/storage_v6.yaml2
-rw-r--r--network/tenant.yaml2
-rw-r--r--network/tenant_v6.yaml2
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml17
-rw-r--r--overcloud.j2.yaml50
-rw-r--r--puppet/all-nodes-config.yaml5
-rw-r--r--puppet/blockstorage-role.yaml287
-rw-r--r--puppet/cephstorage-role.yaml287
-rw-r--r--puppet/compute-role.yaml287
-rw-r--r--puppet/config.role.j2.yaml2
-rw-r--r--puppet/controller-config-pacemaker.yaml41
-rw-r--r--puppet/controller-role.yaml286
-rw-r--r--puppet/deploy-artifacts.sh2
-rw-r--r--puppet/deploy-artifacts.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/multiple.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/default.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/per_node.yaml2
-rw-r--r--puppet/extraconfig/tls/ca-inject.yaml2
-rw-r--r--puppet/extraconfig/tls/freeipa-enroll.yaml83
-rw-r--r--puppet/extraconfig/tls/tls-cert-inject.yaml2
-rw-r--r--puppet/major_upgrade_steps.j2.yaml38
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp21
-rw-r--r--puppet/manifests/overcloud_role.pp4
-rw-r--r--puppet/objectstorage-role.yaml288
-rw-r--r--puppet/post.j2.yaml2
-rw-r--r--puppet/role.role.j2.yaml295
-rw-r--r--puppet/services/README.rst14
-rw-r--r--puppet/services/aodh-api.yaml7
-rw-r--r--puppet/services/aodh-base.yaml4
-rw-r--r--puppet/services/aodh-evaluator.yaml2
-rw-r--r--puppet/services/aodh-listener.yaml2
-rw-r--r--puppet/services/aodh-notifier.yaml2
-rw-r--r--puppet/services/apache-internal-tls-certmonger.yaml6
-rw-r--r--puppet/services/apache.yaml2
-rw-r--r--puppet/services/barbican-api.yaml6
-rw-r--r--puppet/services/ca-certs.yaml2
-rw-r--r--puppet/services/ceilometer-agent-central.yaml2
-rw-r--r--puppet/services/ceilometer-agent-compute.yaml2
-rw-r--r--puppet/services/ceilometer-agent-notification.yaml2
-rw-r--r--puppet/services/ceilometer-api.yaml6
-rw-r--r--puppet/services/ceilometer-base.yaml20
-rw-r--r--puppet/services/ceilometer-collector.yaml2
-rw-r--r--puppet/services/ceilometer-expirer.yaml2
-rw-r--r--puppet/services/ceph-base.yaml2
-rw-r--r--puppet/services/ceph-client.yaml2
-rw-r--r--puppet/services/ceph-external.yaml9
-rw-r--r--puppet/services/ceph-mds.yaml (renamed from puppet/services/pacemaker/gnocchi-api.yaml)30
-rw-r--r--puppet/services/ceph-mon.yaml2
-rw-r--r--puppet/services/ceph-osd.yaml2
-rw-r--r--puppet/services/ceph-rgw.yaml2
-rw-r--r--puppet/services/cinder-api.yaml22
-rw-r--r--puppet/services/cinder-backup.yaml2
-rw-r--r--puppet/services/cinder-base.yaml4
-rw-r--r--puppet/services/cinder-hpelefthand-iscsi.yaml56
-rw-r--r--puppet/services/cinder-scheduler.yaml9
-rw-r--r--puppet/services/cinder-volume.yaml13
-rw-r--r--puppet/services/database/mongodb-base.yaml2
-rw-r--r--puppet/services/database/mongodb.yaml2
-rw-r--r--puppet/services/database/mysql-internal-tls-certmonger.yaml2
-rw-r--r--puppet/services/database/mysql.yaml9
-rw-r--r--puppet/services/database/redis-base.yaml2
-rw-r--r--puppet/services/database/redis.yaml2
-rw-r--r--puppet/services/glance-api.yaml22
-rw-r--r--puppet/services/glance-base.yaml4
-rw-r--r--puppet/services/glance-registry.yaml100
-rw-r--r--puppet/services/gnocchi-api.yaml7
-rw-r--r--puppet/services/gnocchi-base.yaml4
-rw-r--r--puppet/services/gnocchi-metricd.yaml2
-rw-r--r--puppet/services/gnocchi-statsd.yaml2
-rw-r--r--puppet/services/haproxy-internal-tls-certmonger.yaml2
-rw-r--r--puppet/services/haproxy-public-tls-certmonger.yaml2
-rw-r--r--puppet/services/haproxy.yaml2
-rw-r--r--puppet/services/heat-api-cfn.yaml10
-rw-r--r--puppet/services/heat-api-cloudwatch.yaml9
-rw-r--r--puppet/services/heat-api.yaml9
-rw-r--r--puppet/services/heat-base.yaml5
-rw-r--r--puppet/services/heat-engine.yaml43
-rw-r--r--puppet/services/horizon.yaml4
-rw-r--r--puppet/services/ironic-api.yaml2
-rw-r--r--puppet/services/ironic-base.yaml4
-rw-r--r--puppet/services/ironic-conductor.yaml2
-rw-r--r--puppet/services/keepalived.yaml2
-rw-r--r--puppet/services/kernel.yaml2
-rw-r--r--puppet/services/keystone.yaml12
-rw-r--r--puppet/services/logging/fluentd-base.yaml2
-rw-r--r--puppet/services/logging/fluentd-client.yaml2
-rw-r--r--puppet/services/logging/fluentd-config.yaml2
-rw-r--r--puppet/services/manila-api.yaml2
-rw-r--r--puppet/services/manila-backend-cephfs.yaml2
-rw-r--r--puppet/services/manila-backend-generic.yaml2
-rw-r--r--puppet/services/manila-backend-netapp.yaml2
-rw-r--r--puppet/services/manila-base.yaml4
-rw-r--r--puppet/services/manila-scheduler.yaml2
-rw-r--r--puppet/services/manila-share.yaml2
-rw-r--r--puppet/services/memcached.yaml2
-rw-r--r--puppet/services/mistral-api.yaml2
-rw-r--r--puppet/services/mistral-base.yaml4
-rw-r--r--puppet/services/mistral-engine.yaml2
-rw-r--r--puppet/services/mistral-executor.yaml2
-rw-r--r--puppet/services/monitoring/sensu-base.yaml2
-rw-r--r--puppet/services/monitoring/sensu-client.yaml2
-rw-r--r--puppet/services/network/contrail-analytics.yaml2
-rw-r--r--puppet/services/network/contrail-base.yaml2
-rw-r--r--puppet/services/network/contrail-config.yaml2
-rw-r--r--puppet/services/network/contrail-control.yaml2
-rw-r--r--puppet/services/network/contrail-database.yaml2
-rw-r--r--puppet/services/network/contrail-webui.yaml2
-rw-r--r--puppet/services/neutron-api.yaml15
-rw-r--r--puppet/services/neutron-base.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-midonet.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-opencontrail.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-ovn.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-plumgrid.yaml2
-rw-r--r--puppet/services/neutron-dhcp.yaml9
-rw-r--r--puppet/services/neutron-l3-compute-dvr.yaml2
-rw-r--r--puppet/services/neutron-l3.yaml14
-rw-r--r--puppet/services/neutron-metadata.yaml9
-rw-r--r--puppet/services/neutron-midonet.yaml2
-rw-r--r--puppet/services/neutron-ovs-agent.yaml19
-rw-r--r--puppet/services/neutron-ovs-dpdk-agent.yaml2
-rw-r--r--puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml73
-rw-r--r--puppet/services/neutron-plugin-ml2-ovn.yaml13
-rw-r--r--puppet/services/neutron-plugin-ml2.yaml2
-rw-r--r--puppet/services/neutron-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-plugin-opencontrail.yaml2
-rw-r--r--puppet/services/neutron-plugin-plumgrid.yaml4
-rw-r--r--puppet/services/neutron-sriov-agent.yaml7
-rw-r--r--puppet/services/nova-api.yaml46
-rw-r--r--puppet/services/nova-base.yaml23
-rw-r--r--puppet/services/nova-compute.yaml2
-rw-r--r--puppet/services/nova-conductor.yaml2
-rw-r--r--puppet/services/nova-consoleauth.yaml2
-rw-r--r--puppet/services/nova-ironic.yaml2
-rw-r--r--puppet/services/nova-libvirt.yaml14
-rw-r--r--puppet/services/nova-metadata.yaml2
-rw-r--r--puppet/services/nova-placement.yaml124
-rw-r--r--puppet/services/nova-scheduler.yaml2
-rw-r--r--puppet/services/nova-vnc-proxy.yaml2
-rw-r--r--puppet/services/opendaylight-api.yaml13
-rw-r--r--puppet/services/opendaylight-ovs.yaml13
-rw-r--r--puppet/services/ovn-dbs.yaml40
-rw-r--r--puppet/services/pacemaker.yaml2
-rw-r--r--puppet/services/pacemaker/ceilometer-agent-central.yaml45
-rw-r--r--puppet/services/pacemaker/ceilometer-agent-notification.yaml45
-rw-r--r--puppet/services/pacemaker/ceilometer-api.yaml45
-rw-r--r--puppet/services/pacemaker/ceilometer-collector.yaml45
-rw-r--r--puppet/services/pacemaker/cinder-api.yaml45
-rw-r--r--puppet/services/pacemaker/cinder-backup.yaml2
-rw-r--r--puppet/services/pacemaker/cinder-scheduler.yaml45
-rw-r--r--puppet/services/pacemaker/cinder-volume.yaml2
-rw-r--r--puppet/services/pacemaker/core.yaml29
-rw-r--r--puppet/services/pacemaker/database/mongodb.yaml42
-rw-r--r--puppet/services/pacemaker/database/mysql.yaml8
-rw-r--r--puppet/services/pacemaker/database/redis.yaml2
-rw-r--r--puppet/services/pacemaker/glance-api.yaml74
-rw-r--r--puppet/services/pacemaker/glance-registry.yaml47
-rw-r--r--puppet/services/pacemaker/gnocchi-metricd.yaml47
-rw-r--r--puppet/services/pacemaker/gnocchi-statsd.yaml46
-rw-r--r--puppet/services/pacemaker/haproxy.yaml2
-rw-r--r--puppet/services/pacemaker/heat-api-cfn.yaml44
-rw-r--r--puppet/services/pacemaker/heat-api-cloudwatch.yaml44
-rw-r--r--puppet/services/pacemaker/heat-api.yaml44
-rw-r--r--puppet/services/pacemaker/heat-engine.yaml45
-rw-r--r--puppet/services/pacemaker/horizon.yaml41
-rw-r--r--puppet/services/pacemaker/keystone.yaml45
-rw-r--r--puppet/services/pacemaker/manila-share.yaml2
-rw-r--r--puppet/services/pacemaker/memcached.yaml42
-rw-r--r--puppet/services/pacemaker/neutron-dhcp.yaml46
-rw-r--r--puppet/services/pacemaker/neutron-l3.yaml46
-rw-r--r--puppet/services/pacemaker/neutron-metadata.yaml44
-rw-r--r--puppet/services/pacemaker/neutron-midonet.yaml41
-rw-r--r--puppet/services/pacemaker/neutron-ovs-agent.yaml42
-rw-r--r--puppet/services/pacemaker/neutron-plugin-ml2.yaml42
-rw-r--r--puppet/services/pacemaker/neutron-plugin-nuage.yaml40
-rw-r--r--puppet/services/pacemaker/neutron-plugin-opencontrail.yaml40
-rw-r--r--puppet/services/pacemaker/neutron-plugin-plumgrid.yaml40
-rw-r--r--puppet/services/pacemaker/neutron-server.yaml48
-rw-r--r--puppet/services/pacemaker/nova-api.yaml45
-rw-r--r--puppet/services/pacemaker/nova-conductor.yaml45
-rw-r--r--puppet/services/pacemaker/nova-consoleauth.yaml45
-rw-r--r--puppet/services/pacemaker/nova-scheduler.yaml45
-rw-r--r--puppet/services/pacemaker/nova-vnc-proxy.yaml45
-rw-r--r--puppet/services/pacemaker/rabbitmq.yaml2
-rw-r--r--puppet/services/pacemaker/sahara-api.yaml45
-rw-r--r--puppet/services/pacemaker/sahara-engine.yaml45
-rw-r--r--puppet/services/panko-api.yaml6
-rw-r--r--puppet/services/panko-base.yaml5
-rw-r--r--puppet/services/rabbitmq.yaml9
-rw-r--r--puppet/services/sahara-api.yaml2
-rw-r--r--puppet/services/sahara-base.yaml4
-rw-r--r--puppet/services/sahara-engine.yaml2
-rw-r--r--puppet/services/services.yaml8
-rw-r--r--puppet/services/snmp.yaml2
-rw-r--r--puppet/services/swift-base.yaml2
-rw-r--r--puppet/services/swift-proxy.yaml64
-rw-r--r--puppet/services/swift-ringbuilder.yaml2
-rw-r--r--puppet/services/swift-storage.yaml2
-rw-r--r--puppet/services/time/ntp.yaml2
-rw-r--r--puppet/services/time/timezone.yaml2
-rw-r--r--puppet/services/tripleo-firewall.yaml2
-rw-r--r--puppet/services/tripleo-packages.yaml10
-rw-r--r--puppet/services/zaqar.yaml66
-rw-r--r--puppet/upgrade_config.yaml3
-rw-r--r--releasenotes/source/_static/.placeholder0
-rw-r--r--releasenotes/source/conf.py264
-rw-r--r--releasenotes/source/index.rst18
-rw-r--r--releasenotes/source/unreleased.rst5
-rw-r--r--requirements.txt8
-rw-r--r--roles_data.yaml13
-rw-r--r--roles_data_undercloud.yaml35
-rwxr-xr-xscripts/hosts-config.sh14
-rw-r--r--setup.py11
-rw-r--r--test-requirements.txt10
-rwxr-xr-xtools/process-templates.py1
-rwxr-xr-xtools/releasenotes_tox.sh28
-rwxr-xr-xtools/tox_install.sh30
-rwxr-xr-xtools/yaml-validate.py107
-rw-r--r--tox.ini3
415 files changed, 5369 insertions, 3460 deletions
diff --git a/.gitignore b/.gitignore
index 0925145c..cea6064d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -59,3 +59,6 @@ puppet/compute-config.yaml
puppet/controller-config.yaml
puppet/objectstorage-config.yaml
puppet/post.yaml
+
+# Files created by releasenotes build
+releasenotes/build
diff --git a/README.rst b/README.rst
index 288112fc..0884267a 100644
--- a/README.rst
+++ b/README.rst
@@ -53,3 +53,68 @@ A description of the directory layout in TripleO Heat Templates.
* validation-scripts: validation scripts useful to all deployment
configurations
+
+
+Service testing matrix
+----------------------
+
+The configuration for the CI scenarios will be defined in `tripleo-heat-templates/ci/`
+and should be executed according to the following table:
+
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha |
++================+=============+=============+=============+=============+=================+
+| keystone | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| glance | file | swift | file | file | swift |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| cinder | rbd | iscsi | | | iscsi |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| heat | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| mysql | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| neutron | ovs | ovs | ovs | ovs | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| rabbitmq | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| mongodb | X | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| redis | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| haproxy | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| keepalived | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| memcached | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| pacemaker | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| nova | qemu | qemu | qemu | qemu | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| ntp | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| snmp | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| timezone | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| sahara | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| mistral | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| swift | | X | | | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| aodh | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| ceilometer | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| gnocchi | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| panko | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| barbican | | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| zaqar | | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| cephrgw | | X | | X | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
diff --git a/all-nodes-validation.yaml b/all-nodes-validation.yaml
index a7383375..65d01d0f 100644
--- a/all-nodes-validation.yaml
+++ b/all-nodes-validation.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to drive validations that occur on all nodes.
diff --git a/bootstrap-config.yaml b/bootstrap-config.yaml
index c87670e3..a3fdee96 100644
--- a/bootstrap-config.yaml
+++ b/bootstrap-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: 'Bootstrap Config'
parameters:
diff --git a/capabilities-map.yaml b/capabilities-map.yaml
index ae747621..4aecd570 100644
--- a/capabilities-map.yaml
+++ b/capabilities-map.yaml
@@ -355,6 +355,11 @@ topics:
description: Enables PLUMgrid extensions
requires:
- overcloud-resource-registry-puppet.yaml
+ - file: environments/neutron-ml2-fujitsu-cfab.yaml
+ title: Fujitsu Neutron plugin for C-Fabric
+ description: Enable C-Fabric in the overcloud
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- title: Nova Extensions
description:
@@ -399,6 +404,13 @@ topics:
via puppet
requires:
- overcloud-resource-registry-puppet.yaml
+ - file: environments/cinder-hpelefthand-config.yaml
+ title: Cinder HPELeftHandISCSI backend
+ description: >
+ Enables a Cinder HPELeftHandISCSI backend, configured
+ via puppet
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- file: environments/cinder-eqlx-config.yaml
title: Cinder EQLX backend
description: >
diff --git a/ci/common/net-config-multinode.yaml b/ci/common/net-config-multinode.yaml
index 49a06881..bf947d3e 100644
--- a/ci/common/net-config-multinode.yaml
+++ b/ci/common/net-config-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge configured
diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml
index 1a5242a9..db6967e0 100644
--- a/ci/environments/scenario001-multinode.yaml
+++ b/ci/environments/scenario001-multinode.yaml
@@ -1,13 +1,16 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml
+ OS::TripleO::Services::PankoApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/panko-api.yaml
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- - OS::TripleO::Services::GlanceRegistry
- OS::TripleO::Services::HeatApi
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
@@ -26,6 +29,7 @@ parameter_defaults:
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::NovaConductor
- OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
- OS::TripleO::Services::NovaMetadata
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::Ntp
@@ -47,10 +51,33 @@ parameter_defaults:
- OS::TripleO::Services::GnocchiApi
- OS::TripleO::Services::GnocchiMetricd
- OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::PankoApi
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderBackup
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
Debug: true
- # we don't deploy Swift so we switch to file backend.
- GlanceBackend: 'file'
- GnocchiBackend: 'file'
+ #NOTE(gfidente): not great but we need this to deploy on ext4
+ #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
+ ExtraConfig:
+ ceph::profile::params::osd_max_object_name_len: 256
+ ceph::profile::params::osd_max_object_namespace_len: 64
+ #NOTE: These ID's and keys should be regenerated for
+ # a production deployment. What is here is suitable for
+ # developer and CI testing only.
+ CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
+ CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
+ CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
+ CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ NovaEnableRbdBackend: true
+ CinderEnableRbdBackend: true
+ CinderBackupBackend: ceph
+ GlanceBackend: rbd
+ GnocchiBackend: rbd
+ CinderEnableIscsiBackend: false
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml
index b8bc5762..636b3a26 100644
--- a/ci/environments/scenario002-multinode.yaml
+++ b/ci/environments/scenario002-multinode.yaml
@@ -1,14 +1,14 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- OS::TripleO::Services::BarbicanApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/barbican-api.yaml
+ OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
+ OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- - OS::TripleO::Services::GlanceRegistry
- OS::TripleO::Services::HeatApi
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
@@ -27,6 +27,7 @@ parameter_defaults:
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::NovaConductor
- OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
- OS::TripleO::Services::NovaMetadata
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::Ntp
@@ -42,7 +43,10 @@ parameter_defaults:
- OS::TripleO::Services::SwiftStorage
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Zaqar
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
Debug: true
+ SwiftCeilometerPipelineEnabled: false
diff --git a/ci/environments/scenario003-multinode.yaml b/ci/environments/scenario003-multinode.yaml
index 25fe1697..08e4d19f 100644
--- a/ci/environments/scenario003-multinode.yaml
+++ b/ci/environments/scenario003-multinode.yaml
@@ -12,7 +12,6 @@ parameter_defaults:
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- - OS::TripleO::Services::GlanceRegistry
- OS::TripleO::Services::HeatApi
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
@@ -31,6 +30,7 @@ parameter_defaults:
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::NovaConductor
- OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
- OS::TripleO::Services::NovaMetadata
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::Ntp
@@ -49,3 +49,5 @@ parameter_defaults:
Debug: true
# we don't deploy Swift so we switch to file backend.
GlanceBackend: 'file'
+ KeystoneTokenProvider: 'fernet'
+ SwiftCeilometerPipelineEnabled: false
diff --git a/ci/environments/scenario004-multinode.yaml b/ci/environments/scenario004-multinode.yaml
new file mode 100644
index 00000000..e97113b0
--- /dev/null
+++ b/ci/environments/scenario004-multinode.yaml
@@ -0,0 +1,63 @@
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml
+ OS::TripleO::Services::CephRgw: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-rgw.yaml
+ OS::TripleO::Services::SwiftProxy: OS::Heat::None
+ OS::TripleO::Services::SwiftStorage: OS::Heat::None
+ OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephRgw
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ Debug: true
+ #NOTE(gfidente): not great but we need this to deploy on ext4
+ #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
+ ExtraConfig:
+ ceph::profile::params::osd_max_object_name_len: 256
+ ceph::profile::params::osd_max_object_namespace_len: 64
+ #NOTE: These ID's and keys should be regenerated for
+ # a production deployment. What is here is suitable for
+ # developer and CI testing only.
+ CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
+ CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
+ CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
+ CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ SwiftCeilometerPipelineEnabled: false
diff --git a/ci/pingtests/scenario001-multinode.yaml b/ci/pingtests/scenario001-multinode.yaml
index 7374846f..2651c0d0 100644
--- a/ci/pingtests/scenario001-multinode.yaml
+++ b/ci/pingtests/scenario001-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario001.
@@ -72,12 +72,22 @@ resources:
router_id: { get_resource: router }
subnet_id: { get_resource: private_subnet }
+ volume1:
+ type: OS::Cinder::Volume
+ properties:
+ name: Volume1
+ image: { get_param: image }
+ size: 1
+
server1:
type: OS::Nova::Server
+ depends_on: volume1
properties:
name: Server1
+ block_device_mapping:
+ - device_name: vda
+ volume_id: { get_resource: volume1 }
flavor: { get_resource: test_flavor }
- image: { get_param: image }
key_name: { get_resource: key_pair }
networks:
- port: { get_resource: server1_port }
diff --git a/ci/pingtests/scenario002-multinode.yaml b/ci/pingtests/scenario002-multinode.yaml
index d7a30fd9..7af1ba0c 100644
--- a/ci/pingtests/scenario002-multinode.yaml
+++ b/ci/pingtests/scenario002-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario002.
@@ -144,6 +144,11 @@ resources:
ram: 512
vcpus: 1
+ zaqar_queue:
+ type: OS::Zaqar::Queue
+ properties:
+ name: pingtest-queue
+
outputs:
server1_private_ip:
description: IP address of server1 in private network
diff --git a/ci/pingtests/scenario003-multinode.yaml b/ci/pingtests/scenario003-multinode.yaml
index 445c47af..c3ceadaf 100644
--- a/ci/pingtests/scenario003-multinode.yaml
+++ b/ci/pingtests/scenario003-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario003.
diff --git a/ci/pingtests/scenario004-multinode.yaml b/ci/pingtests/scenario004-multinode.yaml
new file mode 100644
index 00000000..a188fd1c
--- /dev/null
+++ b/ci/pingtests/scenario004-multinode.yaml
@@ -0,0 +1,127 @@
+heat_template_version: ocata
+
+description: >
+ HOT template to created resources deployed by scenario004.
+parameters:
+ key_name:
+ type: string
+ description: Name of keypair to assign to servers
+ default: 'pingtest_key'
+ image:
+ type: string
+ description: Name of image to use for servers
+ default: 'pingtest_image'
+ public_net_name:
+ type: string
+ default: 'nova'
+ description: >
+ ID or name of public network for which floating IP addresses will be allocated
+ private_net_name:
+ type: string
+ description: Name of private network to be created
+ default: 'default-net'
+ private_net_cidr:
+ type: string
+ description: Private network address (CIDR notation)
+ default: '192.168.2.0/24'
+ private_net_gateway:
+ type: string
+ description: Private network gateway address
+ default: '192.168.2.1'
+ private_net_pool_start:
+ type: string
+ description: Start of private network IP address allocation pool
+ default: '192.168.2.100'
+ private_net_pool_end:
+ type: string
+ default: '192.168.2.200'
+ description: End of private network IP address allocation pool
+
+resources:
+
+ key_pair:
+ type: OS::Nova::KeyPair
+ properties:
+ save_private_key: true
+ name: {get_param: key_name }
+
+ private_net:
+ type: OS::Neutron::Net
+ properties:
+ name: { get_param: private_net_name }
+
+ private_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network_id: { get_resource: private_net }
+ cidr: { get_param: private_net_cidr }
+ gateway_ip: { get_param: private_net_gateway }
+ allocation_pools:
+ - start: { get_param: private_net_pool_start }
+ end: { get_param: private_net_pool_end }
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ external_gateway_info:
+ network: { get_param: public_net_name }
+
+ router_interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: private_subnet }
+
+ server1:
+ type: OS::Nova::Server
+ properties:
+ name: Server1
+ flavor: { get_resource: test_flavor }
+ image: { get_param: image }
+ key_name: { get_resource: key_pair }
+ networks:
+ - port: { get_resource: server1_port }
+
+ server1_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_resource: private_net }
+ fixed_ips:
+ - subnet_id: { get_resource: private_subnet }
+ security_groups: [{ get_resource: server_security_group }]
+
+ server1_floating_ip:
+ type: OS::Neutron::FloatingIP
+ # TODO: investigate why we need this depends_on and if we could
+ # replace it by router_id with get_resource: router_interface
+ depends_on: router_interface
+ properties:
+ floating_network: { get_param: public_net_name }
+ port_id: { get_resource: server1_port }
+
+ server_security_group:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ description: Add security group rules for server
+ name: pingtest-security-group
+ rules:
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: icmp
+
+ test_flavor:
+ type: OS::Nova::Flavor
+ properties:
+ ram: 512
+ vcpus: 1
+
+outputs:
+ server1_private_ip:
+ description: IP address of server1 in private network
+ value: { get_attr: [ server1, first_address ] }
+ server1_public_ip:
+ description: Floating IP address of server1 in public network
+ value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
diff --git a/ci/scripts/freeipa_setup.sh b/ci/scripts/freeipa_setup.sh
new file mode 100644
index 00000000..6906a2dd
--- /dev/null
+++ b/ci/scripts/freeipa_setup.sh
@@ -0,0 +1,96 @@
+#!/bin/bash
+#
+# Used environment variables:
+#
+# - Hostname
+# - FreeIPAIP
+# - DirectoryManagerPassword
+# - AdminPassword
+# - UndercloudFQDN
+# - HostsSecret
+#
+set -eux
+
+if [ -f "~/freeipa-setup.env" ]; then
+ source ~/freeipa-setup.env
+elif [ -f "/tmp/freeipa-setup.env" ]; then
+ source /tmp/freeipa-setup.env
+fi
+
+# Set DNS servers
+echo "nameserver 8.8.8.8" >> /etc/resolv.conf
+echo "nameserver 8.8.4.4" >> /etc/resolv.conf
+
+yum -q -y remove openstack-dashboard
+
+# Install the needed packages
+yum -q install -y ipa-server ipa-server-dns epel-release rng-tools mod_nss git
+yum -q install -y haveged
+
+# Prepare hostname
+hostnamectl set-hostname --static $Hostname
+
+echo $FreeIPAIP `hostname` | tee -a /etc/hosts
+
+# Set iptables rules
+cat << EOF > freeipa-iptables-rules.txt
+# Firewall configuration written by system-config-firewall
+# Manual customization of this file is not recommended.
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
+#TCP ports for FreeIPA
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 464 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
+#UDP ports for FreeIPA
+-A INPUT -m state --state NEW -m udp -p udp --dport 88 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 464 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
+-A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -j REJECT --reject-with icmp-host-prohibited
+COMMIT
+EOF
+
+iptables-restore < freeipa-iptables-rules.txt
+
+# Entropy generation; otherwise, ipa-server-install will lag.
+chkconfig haveged on
+systemctl start haveged
+
+# Remove conflicting httpd configuration
+rm -f /etc/httpd/conf.d/ssl.conf
+
+# Set up FreeIPA
+ipa-server-install -U -r `hostname -d|tr "[a-z]" "[A-Z]"` \
+ -p $DirectoryManagerPassword -a $AdminPassword \
+ --hostname `hostname -f`
+
+# Authenticate
+echo $AdminPassword | kinit admin
+
+# Verify we have TGT
+klist
+
+if [ "$?" = '1' ]; then
+ exit 1
+fi
+
+# Create undercloud host
+ipa host-add $UndercloudFQDN --password=$HostsSecret --force
+
+# Create overcloud nodes and services
+git clone https://github.com/JAORMX/freeipa-tripleo-incubator.git
+cd freeipa-tripleo-incubator
+python create_ipa_tripleo_host_setup.py -w $HostsSecret -d $(hostname -d) \
+ --controller-count 1 --compute-count 1
diff --git a/default_passwords.yaml b/default_passwords.yaml
index 7a47f443..c85881e5 100644
--- a/default_passwords.yaml
+++ b/default_passwords.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Passwords we manage at the top level
diff --git a/deployed-server/README.rst b/deployed-server/README.rst
index ce74e77b..f269b6a4 100644
--- a/deployed-server/README.rst
+++ b/deployed-server/README.rst
@@ -119,10 +119,15 @@ from the deployment command, the script should be ready to run:
[NovaCompute]: CREATE_IN_PROGRESS state changed
The user running the script must be able to ssh as root to each server. Define
-the hostnames of the deployed servers you intend to use for each role type::
-
- export controller_hosts="controller0 controller1 controller2"
- export compute_hosts="compute0"
+the the names of your custom roles (if applicable) and hostnames of the deployed
+servers you intend to use for each role type. For each role name, a
+corresponding <role-name>_hosts variable should also be defined, e.g.::
+
+ export ROLES="Controller NewtorkNode StorageNode Compute"
+ export Controller_hosts="10.0.0.1 10.0.0.2 10.0.0.3"
+ export NetworkNode_hosts="10.0.0.4 10.0.0.5 10.0.0.6"
+ export StorageNode_hosts="10.0.0.7 10.0.08"
+ export Compute_hosts="10.0.0.9 10.0.0.10 10.0.0.11"
Then run the script on the undercloud with a stackrc file sourced, and
the script will copy the needed os-collect-config.conf configuration to each
diff --git a/deployed-server/ctlplane-port.yaml b/deployed-server/ctlplane-port.yaml
index eb10fba0..7b5cdf11 100644
--- a/deployed-server/ctlplane-port.yaml
+++ b/deployed-server/ctlplane-port.yaml
@@ -1,8 +1,14 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
parameters:
- Hostname:
+ network:
type: string
+ default: ctlplane
+ name:
+ type: string
+ replacement_policy:
+ type: string
+ default: AUTO
resources:
@@ -13,11 +19,10 @@ resources:
name:
list_join:
- '-'
- - - {get_param: Hostname}
- - ctlplane
+ - - {get_param: name}
- port
replacement_policy: AUTO
outputs:
- ip_address:
- value: {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]}
+ fixed_ips:
+ value: {get_attr: [ControlPlanePort, fixed_ips]}
diff --git a/deployed-server/deployed-neutron-port.yaml b/deployed-server/deployed-neutron-port.yaml
new file mode 100644
index 00000000..bddf8bc1
--- /dev/null
+++ b/deployed-server/deployed-neutron-port.yaml
@@ -0,0 +1,67 @@
+heat_template_version: ocata
+
+description: "
+ A fake OS::Neutron::Port stack which outputs fixed_ips and subnets based on
+ the input from the DeployedServerPortMap (set via parameter_defaults). This
+ lookup requires the use of port naming conventions. In order for this to work
+ with deployed-server the keys should be <hostname>-<network>.
+ Example:
+ parameter_defaults:
+ DeployedServerPortMap:
+ gatsby-ctlplane:
+ fixed_ips:
+ - ip_address: 127.0.0.1
+ subnets:
+ - cidr: 24"
+
+parameters:
+ name:
+ default: ''
+ type: string
+ network:
+ default: ''
+ type: string
+ fixed_ips:
+ default: ''
+ type: comma_delimited_list
+ replacement_policy:
+ default: ''
+ type: string
+ DeployedServerPortMap:
+ default: {}
+ type: json
+
+
+outputs:
+ fixed_ips:
+ value:
+ {get_param: [DeployedServerPortMap, {get_param: name}, fixed_ips]}
+ subnets:
+ value:
+ {get_param: [DeployedServerPortMap, {get_param: name}, subnets]}
+ name:
+ value: {get_param: name}
+ status:
+ value: DOWN
+ allowed_address_pairs:
+ value: {}
+ device_id:
+ value: ''
+ device_owner:
+ value: {get_param: network}
+ dns_assignment:
+ value: ''
+ port_security_enabled:
+ value: False
+ admin_state_up:
+ value: False
+ security_groups:
+ value: {}
+ network_id:
+ value: ''
+ tenant_id:
+ value: ''
+ qos_policy_id:
+ value: ''
+ mac_address:
+ value: ''
diff --git a/deployed-server/deployed-server-bootstrap-centos.sh b/deployed-server/deployed-server-bootstrap-centos.sh
new file mode 100644
index 00000000..7266ca57
--- /dev/null
+++ b/deployed-server/deployed-server-bootstrap-centos.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -eux
+
+yum install -y \
+ jq \
+ python-ipaddr \
+ openstack-puppet-modules \
+ os-net-config \
+ openvswitch \
+ python-heat-agent*
+
+ln -s -f /usr/share/openstack-puppet/modules/* /etc/puppet/modules
+
+setenforce 0
+sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
diff --git a/deployed-server/deployed-server-bootstrap-centos.yaml b/deployed-server/deployed-server-bootstrap-centos.yaml
new file mode 100644
index 00000000..ac537386
--- /dev/null
+++ b/deployed-server/deployed-server-bootstrap-centos.yaml
@@ -0,0 +1,22 @@
+heat_template_version: 2014-10-16
+
+description: 'Deployed Server Bootstrap Config'
+
+parameters:
+
+ server:
+ type: string
+
+resources:
+
+ DeployedServerBootstrapConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: deployed-server-bootstrap-centos.sh}
+
+ DeployedServerBootstrapDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: DeployedServerBootstrapConfig}
+ server: {get_param: server}
diff --git a/deployed-server/deployed-server-config.yaml b/deployed-server/deployed-server-config.yaml
deleted file mode 100644
index 8c59dc72..00000000
--- a/deployed-server/deployed-server-config.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-heat_template_version: 2014-10-16
-parameters:
- user_data_format:
- type: string
- default: SOFTWARE_CONFIG
-
-resources:
- # We just need something which returns a unique ID, but we can't
- # use RandomString because RefId returns the value, not the physical
- # resource ID, SoftwareConfig should work as it returns a UUID
- deployed-server-config:
- type: OS::Heat::SoftwareConfig
-
-outputs:
- # FIXME(shardy) this is needed because TemplateResource returns an
- # ARN not a UUID, which overflows the Deployment server_id column..
- user_data_format:
- value: SOFTWARE_CONFIG
- OS::stack_id:
- value: {get_resource: deployed-server-config}
-
-
diff --git a/deployed-server/deployed-server-roles-data.yaml b/deployed-server/deployed-server-roles-data.yaml
new file mode 100644
index 00000000..9795a00f
--- /dev/null
+++ b/deployed-server/deployed-server-roles-data.yaml
@@ -0,0 +1,172 @@
+# Specifies which roles (groups of nodes) will be deployed
+# Note this is used as an input to the various *.j2.yaml
+# jinja2 templates, so that they are converted into *.yaml
+# during the plan creation (via a mistral action/workflow).
+#
+# The format is a list, with the following format:
+#
+# * name: (string) mandatory, name of the role, must be unique
+#
+# CountDefault: (number) optional, default number of nodes, defaults to 0
+# sets the default for the {{role.name}}Count parameter in overcloud.yaml
+#
+# HostnameFormatDefault: (string) optional default format string for hostname
+# defaults to '%stackname%-{{role.name.lower()}}-%index%'
+# sets the default for {{role.name}}HostnameFormat parameter in overcloud.yaml
+#
+# disable_constraints: (boolean) optional, whether to disable Nova and Glance
+# constraints for each role specified in the templates.
+#
+# ServicesDefault: (list) optional default list of services to be deployed
+# on the role, defaults to an empty list. Sets the default for the
+# {{role.name}}Services parameter in overcloud.yaml
+
+- name: ControllerDeployedServer
+ CountDefault: 1
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::CephRgw
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderBackup
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronApi
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::NovaConsoleauth
+ - OS::TripleO::Services::NovaVncProxy
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::CeilometerApi
+ - OS::TripleO::Services::CeilometerCollector
+ - OS::TripleO::Services::CeilometerExpirer
+ - OS::TripleO::Services::CeilometerAgentCentral
+ - OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::Horizon
+ - OS::TripleO::Services::GnocchiApi
+ - OS::TripleO::Services::GnocchiMetricd
+ - OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::ManilaApi
+ - OS::TripleO::Services::ManilaScheduler
+ - OS::TripleO::Services::ManilaBackendGeneric
+ - OS::TripleO::Services::ManilaBackendNetapp
+ - OS::TripleO::Services::ManilaBackendCephFs
+ - OS::TripleO::Services::ManilaShare
+ - OS::TripleO::Services::AodhApi
+ - OS::TripleO::Services::AodhEvaluator
+ - OS::TripleO::Services::AodhNotifier
+ - OS::TripleO::Services::AodhListener
+ - OS::TripleO::Services::SaharaApi
+ - OS::TripleO::Services::SaharaEngine
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::OpenDaylightApi
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::PankoApi
+ - OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::OVNDBs
+
+- name: ComputeDeployedServer
+ CountDefault: 1
+ HostnameFormatDefault: '%stackname%-novacompute-%index%'
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::ComputeCeilometerAgent
+ - OS::TripleO::Services::ComputeNeutronL3Agent
+ - OS::TripleO::Services::ComputeNeutronMetadataAgent
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::NeutronSriovAgent
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+
+- name: BlockStorageDeployedServer
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::BlockStorageCinderVolume
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+
+- name: ObjectStorageDeployedServer
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+
+- name: CephStorageDeployedServer
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
diff --git a/deployed-server/deployed-server.yaml b/deployed-server/deployed-server.yaml
index da5698e5..1e8afb25 100644
--- a/deployed-server/deployed-server.yaml
+++ b/deployed-server/deployed-server.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
parameters:
image:
type: string
@@ -21,7 +21,7 @@ parameters:
default: ''
name:
type: string
- default: ''
+ default: 'deployed-server'
image_update_policy:
type: string
default: ''
@@ -38,28 +38,52 @@ parameters:
type: json
description: Optional scheduler hints to pass to nova
default: {}
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
- # We just need something which returns a unique ID, but we can't
- # use RandomString because RefId returns the value, not the physical
- # resource ID, SoftwareConfig should work as it returns a UUID
deployed-server:
- type: OS::TripleO::DeployedServerConfig
+ type: OS::Heat::DeployedServer
+ properties:
+ name: {get_param: name}
+ software_config_transport: {get_param: software_config_transport}
+
+ UpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ UpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
properties:
- user_data_format: SOFTWARE_CONFIG
+ name: UpgradeInitDeployment
+ server: {get_resource: deployed-server}
+ config: {get_resource: UpgradeInitConfig}
+
InstanceIdConfig:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
+ group: apply-config
config:
- instance-id: {get_attr: [deployed-server, "OS::stack_id"]}
+ instance-id: {get_resource: deployed-server}
InstanceIdDeployment:
type: OS::Heat::StructuredDeployment
properties:
config: {get_resource: InstanceIdConfig}
server: {get_resource: deployed-server}
+ depends_on: UpgradeInitDeployment
HostsEntryConfig:
type: OS::Heat::SoftwareConfig
@@ -69,21 +93,10 @@ resources:
#!/bin/bash
set -eux
mkdir -p $heat_outputs_path
- host=$(hostnamectl --static)
- echo -n "$host " > $heat_outputs_path.hosts_entry
- host_ip=$(python -c "import socket; print socket.gethostbyname(\"$host\")")
- echo -n "$host_ip " >> $heat_outputs_path.hosts_entry
- echo >> $heat_outputs_path.hosts_entry
- cat $heat_outputs_path.hosts_entry
- echo -n $host_ip > $heat_outputs_path.ip_address
- cat $heat_outputs_path.ip_address
+ host=$(hostname -s)
echo -n $host > $heat_outputs_path.hostname
cat $heat_outputs_path.hostname
outputs:
- - name: hosts_entry
- description: hosts_entry
- - name: ip_address
- description: ip_address
- name: hostname
description: hostname
@@ -93,23 +106,28 @@ resources:
config: {get_resource: HostsEntryConfig}
server: {get_resource: deployed-server}
+ DeployedServerBootstrapConfig:
+ type: OS::TripleO::DeployedServer::Bootstrap
+ properties:
+ server: {get_resource: deployed-server}
+
ControlPlanePort:
type: OS::TripleO::DeployedServer::ControlPlanePort
properties:
- Hostname: {get_attr: [HostsEntryDeployment, hostname]}
+ network: ctlplane
+ name:
+ list_join:
+ - '-'
+ - - {get_attr: [HostsEntryDeployment, hostname]}
+ - ctlplane
+ replacement_policy: AUTO
outputs:
- # FIXME(shardy) this is needed because TemplateResource returns an
- # ARN not a UUID, which overflows the Deployment server_id column..
OS::stack_id:
- value: {get_attr: [deployed-server, "OS::stack_id"]}
+ value: {get_resource: deployed-server}
networks:
value:
ctlplane:
- - {get_attr: [ControlPlanePort, ip_address]}
+ - {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]}
name:
- value: {get_attr: [HostsEntryDeployment, hostname]}
- hosts_entry:
- value: {get_attr: [HostsEntryDeployment, hosts_entry]}
- ip_address:
- value: {get_attr: [HostsEntryDeployment, ip_address]}
+ value: {get_attr: [HostsEntryDeployment, hostname]}
diff --git a/deployed-server/scripts/get-occ-config.sh b/deployed-server/scripts/get-occ-config.sh
index d6219e85..6c196f97 100755
--- a/deployed-server/scripts/get-occ-config.sh
+++ b/deployed-server/scripts/get-occ-config.sh
@@ -11,14 +11,22 @@ OBJECTSTORAGE_HOSTS=${OBJECTSTORAGE_HOSTS:-""}
CEPHSTORAGE_HOSTS=${CEPHSTORAGE_HOSTS:-""}
SUBNODES_SSH_KEY=${SUBNODES_SSH_KEY:-"~/.ssh/id_rsa"}
SSH_OPTIONS="-tt -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=Verbose -o PasswordAuthentication=no -o ConnectionAttempts=32"
+OVERCLOUD_ROLES=${OVERCLOUD_ROLES:-"Controller Compute BlockStorage ObjectStorage CephStorage"}
+
+# Set the _hosts vars for the default roles based on the old var names that
+# were all caps for backwards compatibility.
+Controller_hosts=${Controller_hosts:-"$CONTROLLER_HOSTS"}
+Compute_hosts=${Compute_hosts:-"$COMPUTE_HOSTS"}
+BlockStorage_hosts=${BlockStorage_hosts:-"$BLOCKSTORAGE_HOSTS"}
+ObjectStorage_hosts=${ObjectStorage_hosts:-"$OBJECTSTORAGE_HOSTS"}
+CephStorage_hosts=${CephStorage_hosts:-"$CEPHSTORAGE_HOSTS"}
+
+# Set the _hosts_a vars for each role defined
+for role in $OVERCLOUD_ROLES; do
+ eval hosts=\${${role}_hosts}
+ read -a ${role}_hosts_a <<< $hosts
+done
-read -a Controller_hosts_a <<< $CONTROLLER_HOSTS
-read -a Compute_hosts_a <<< $COMPUTE_HOSTS
-read -a BlockStorage_hosts_a <<< $BLOCKSTORAGE_HOSTS
-read -a ObjectStorage_hosts_a <<< $OBJECTSTORAGE_HOSTS
-read -a CephStorage_hosts_a <<< $CEPHSTORAGE_HOSTS
-
-roles=${OVERCLOUD_ROLES:-"Controller Compute BlockStorage ObjectStorage CephStorage"}
admin_user_id=$(openstack user show admin -c id -f value)
admin_project_id=$(openstack project show admin -c id -f value)
@@ -44,7 +52,7 @@ function check_stack {
}
-for role in $roles; do
+for role in $OVERCLOUD_ROLES; do
while ! check_stack overcloud; do
sleep $SLEEP_TIME
done
@@ -71,24 +79,26 @@ for role in $roles; do
server_stack=$(openstack stack resource show $stack $server_resource_name -c physical_resource_id -f value)
done
- deployed_server_stack=$(openstack stack resource show $server_stack deployed-server -c physical_resource_id -f value)
+ while true; do
+ deployed_server_metadata_url=$(openstack stack resource metadata $server_stack deployed-server | jq -r '.["os-collect-config"].request.metadata_url')
+ if [ "$deployed_server_metadata_url" = "null" ]; then
+ continue
+ else
+ break
+ fi
+ done
echo "======================"
echo "$role$i os-collect-config.conf configuration:"
config="
[DEFAULT]
-collectors=heat
+collectors=request
command=os-refresh-config
polling_interval=30
-[heat]
-user_id=$admin_user_id
-password=$OS_PASSWORD
-auth_url=$OS_AUTH_URL
-project_id=$admin_project_id
-stack_id=$deployed_server_stack
-resource_name=deployed-server-config"
+[request]
+metadata_url=$deployed_server_metadata_url"
echo "$config"
echo "======================"
diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml
index f6d61e2d..41a87406 100644
--- a/docker/firstboot/install_docker_agents.yaml
+++ b/docker/firstboot/install_docker_agents.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
parameters:
DockerAgentImage:
diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh
index acb44ce5..1c5cc18d 100644..100755
--- a/docker/firstboot/start_docker_agents.sh
+++ b/docker/firstboot/start_docker_agents.sh
@@ -1,72 +1,56 @@
#!/bin/bash
set -eux
-/sbin/setenforce 0
-/sbin/modprobe ebtables
-
-# CentOS sets ptmx to 000. Withoutit being 666, we can't use Cinder volumes
-chmod 666 /dev/pts/ptmx
-
-# We need hostname -f to return in a centos container for the puppet hook
-HOSTNAME=$(hostname)
-echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts
-
-# update docker for local insecure registry(optional)
-# Note: This is different for different docker versions
-# For older docker versions < 1.4.x use commented line
-#echo "OPTIONS='--insecure-registry $docker_registry'" >> /etc/sysconfig/docker
-#echo "ADD_REGISTRY='--registry-mirror $docker_registry'" >> /etc/sysconfig/docker
+# TODO remove this when built image includes docker
+if [ ! -f "/usr/bin/docker" ]; then
+ yum -y install docker
+fi
# Local docker registry 1.8
# NOTE(mandre) $docker_namespace_is_registry is not a bash variable but is
# a place holder for text replacement done via heat
-if [ "$docker_namespace_is_registry" = True ]; then
+if [ "$docker_namespace_is_registry" = "True" ]; then
/usr/bin/systemctl stop docker.service
# if namespace is used with local registry, trim all namespacing
trim_var=$docker_registry
registry_host="${trim_var%%/*}"
/bin/sed -i -r "s/^[# ]*INSECURE_REGISTRY *=.+$/INSECURE_REGISTRY='--insecure-registry $registry_host'/" /etc/sysconfig/docker
- /usr/bin/systemctl start --no-block docker.service
fi
-/usr/bin/docker pull $agent_image &
-DOCKER_PULL_PID=$!
-
mkdir -p /var/lib/etc-data/json-config #FIXME: this should be a docker data container
# NOTE(flaper87): Heat Agent required mounts
-AGENT_COMMAND_MOUNTS="-v /var/lib/etc-data:/var/lib/etc-data \
- -v /run:/run \
- -v /etc:/host/etc \
- -v /usr/bin/atomic:/usr/bin/atomic \
- -v /var/lib/dhclient:/var/lib/dhclient \
- -v /var/lib/cloud:/var/lib/cloud \
- -v /var/lib/heat-cfntools:/var/lib/heat-cfntools \
- -v /etc/sysconfig/docker:/etc/sysconfig/docker \
- -v /usr/lib64/libseccomp.so.2:/usr/lib64/libseccomp.so.2"
-
-
-# NOTE(flaper87): Some of these commands may not be present depending on the
-# atomic version.
-for docker_cmd in docker docker-current docker-latest; do
- if [ -f "/usr/bin/$docker_cmd" ]; then
- AGENT_COMMAND_MOUNTS+=" -v /usr/bin/$docker_cmd:/usr/bin/$docker_cmd"
- fi
-done
+AGENT_COMMAND_MOUNTS="\
+-v /var/lib/etc-data:/var/lib/etc-data \
+-v /run:/run \
+-v /etc/hosts:/etc/hosts \
+-v /etc:/host/etc \
+-v /var/lib/dhclient:/var/lib/dhclient \
+-v /var/lib/cloud:/var/lib/cloud \
+-v /var/lib/heat-cfntools:/var/lib/heat-cfntools \
+-v /var/lib/os-collect-config:/var/lib/os-collect-config \
+-v /var/lib/os-apply-config-deployments:/var/lib/os-apply-config-deployments \
+-v /var/lib/heat-config:/var/lib/heat-config \
+-v /etc/sysconfig/docker:/etc/sysconfig/docker \
+-v /etc/sysconfig/network-scripts:/etc/sysconfig/network-scripts \
+-v /usr/lib64/libseccomp.so.2:/usr/lib64/libseccomp.so.2 \
+-v /usr/bin/docker:/usr/bin/docker \
+-v /usr/bin/docker-current:/usr/bin/docker-current \
+-v /var/lib/os-collect-config:/var/lib/os-collect-config"
# heat-docker-agents service
cat <<EOF > /etc/systemd/system/heat-docker-agents.service
-
[Unit]
Description=Heat Docker Agent Container
After=docker.service
Requires=docker.service
+Before=os-collect-config.service
+Conflicts=os-collect-config.service
[Service]
User=root
-Restart=on-failure
-ExecStartPre=-/usr/bin/docker kill heat-agents
-ExecStartPre=-/usr/bin/docker rm heat-agents
+Restart=always
+ExecStartPre=-/usr/bin/docker rm -f heat-agents
ExecStart=/usr/bin/docker run --name heat-agents --privileged --net=host \
$AGENT_COMMAND_MOUNTS \
--entrypoint=/usr/bin/os-collect-config $agent_image
@@ -74,35 +58,12 @@ ExecStop=/usr/bin/docker stop heat-agents
[Install]
WantedBy=multi-user.target
-
EOF
# enable and start heat-docker-agents
-chmod 0640 /etc/systemd/system/heat-docker-agents.service
/usr/bin/systemctl enable heat-docker-agents.service
/usr/bin/systemctl start --no-block heat-docker-agents.service
-# Disable NetworkManager and let the ifup/down scripts work properly.
-/usr/bin/systemctl disable NetworkManager
-/usr/bin/systemctl stop NetworkManager
-
-# Atomic's root partition & logical volume defaults to 3G. In order to launch
-# larger VMs, we need to enlarge the root logical volume and scale down the
-# docker_pool logical volume. We are allocating 80% of the disk space for
-# vm data and the remaining 20% for docker images.
-ATOMIC_ROOT='/dev/mapper/atomicos-root'
-ROOT_DEVICE=`pvs -o vg_name,pv_name --no-headings | grep atomicos | awk '{ print $2}'`
-
-growpart $( echo "${ROOT_DEVICE}" | sed -r 's/([^0-9]*)([0-9]+)/\1 \2/' )
-pvresize "${ROOT_DEVICE}"
-lvresize -l +80%FREE "${ATOMIC_ROOT}"
-xfs_growfs "${ATOMIC_ROOT}"
-
-cat <<EOF > /etc/sysconfig/docker-storage-setup
-GROWPART=true
-AUTO_EXTEND_POOL=yes
-POOL_AUTOEXTEND_PERCENT=30
-POOL_AUTOEXTEND_THRESHOLD=70
-EOF
-
-wait $DOCKER_PULL_PID
+# Disable libvirtd
+/usr/bin/systemctl disable libvirtd.service
+/usr/bin/systemctl stop libvirtd.service
diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml
index de17cffe..1ba96e27 100644
--- a/docker/post.j2.yaml
+++ b/docker/post.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Post-deploy configuration steps via puppet for all roles,
@@ -25,16 +25,6 @@ parameters:
default: 'tripleoupstream'
type: string
- DockerOpenvswitchDBImage:
- description: image
- default: 'centos-binary-openvswitch-db-server'
- type: string
-
- DockerOvsVswitchdImage:
- description: image
- default: 'centos-binary-openvswitch-vswitchd'
- type: string
-
LibvirtConfig:
type: string
default: "/etc/libvirt/libvirtd.conf"
@@ -45,7 +35,7 @@ parameters:
NeutronOpenvswitchAgentConfig:
type: string
- default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini"
+ default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/ml2/openvswitch_agent.ini"
resources:
@@ -206,73 +196,6 @@ resources:
nova_config: {get_param: NovaConfig}
neutron_openvswitch_agent_config: {get_param: NeutronOpenvswitchAgentConfig}
- NovaComputeContainersDeploymentOVS:
- type: OS::Heat::StructuredDeploymentGroup
- depends_on: CopyJsonDeployment
- properties:
- name: NovaComputeContainersDeploymentOVS
- config: {get_resource: NovaComputeContainersConfigOVS}
- servers: {get_param: [servers, {{role.name}}]}
-
- NovaComputeContainersConfigOVS:
- type: OS::Heat::StructuredConfig
- properties:
- group: docker-cmd
- config:
- openvswitchdb:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchDBImage} ]
- net: host
- restart: always
- volumes:
- - /var/lib/etc-data/json-config/ovsdb-server.json:/var/lib/kolla/config_files/config.json
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - logs:/var/log/kolla/
- - openvswitch_db:/var/lib/openvswitch/
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
-
- ovsvswitchd:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOvsVswitchdImage} ]
- net: host
- privileged: true
- restart: always
- volumes:
- - /var/lib/etc-data/json-config/ovs-vswitchd.json:/var/lib/kolla/config_files/config.json
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /run:/run
- - logs:/var/log/kolla/
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
-
- NovaComputeContainersDeploymentNetconfig:
- type: OS::Heat::SoftwareDeploymentGroup
- depends_on: NovaComputeContainersDeploymentOVS
- properties:
- name: NovaComputeContainersDeploymentNetconfig
- config: {get_resource: NovaComputeContainersConfigNetconfig}
- servers: {get_param: [servers, {{role.name}}]}
-
- # We run os-net-config here because we depend on the ovs containers to be up
- # and running before we configure the network. This allows explicit timing
- # of the network configuration.
- NovaComputeContainersConfigNetconfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- outputs:
- - name: result
- config: |
- #!/bin/bash
- /usr/local/bin/run-os-net-config
-
{{role.name}}ContainersConfig_Step1:
type: OS::Heat::StructuredConfig
depends_on: CopyJsonDeployment
@@ -291,7 +214,7 @@ resources:
{{role.name}}ContainersDeployment_Step1:
type: OS::Heat::StructuredDeploymentGroup
- depends_on: [{{role.name}}PreConfig, {{role.name}}ArtifactsDeploy, NovaComputeContainersDeploymentNetconfig]
+ depends_on: [{{role.name}}PreConfig, {{role.name}}ArtifactsDeploy]
properties:
name: {{role.name}}ContainersDeployment_Step1
servers: {get_param: [servers, {{role.name}}]}
diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml
index 8d092a34..1c9e60db 100644
--- a/docker/services/neutron-ovs-agent.yaml
+++ b/docker/services/neutron-ovs-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
OpenStack Neutron openvswitch service
@@ -12,12 +12,6 @@ parameters:
description: image
default: 'centos-binary-neutron-openvswitch-agent'
type: string
- NeutronOpenvswitchAgentPluginVolume:
- type: string
- default: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/ovs_neutron_plugin.ini:ro"
- NeutronOpenvswitchAgentOvsVolume:
- type: string
- default: " "
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -64,8 +58,7 @@ outputs:
- /var/lib/etc-data/json-config/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json
- /var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro
- /var/lib/etc-data/neutron/plugins/ml2/ml2_conf.ini:/var/lib/kolla/config_files/ml2_conf.ini:ro
- - {get_param: NeutronOpenvswitchAgentPluginVolume}
- - {get_param: NeutronOpenvswitchAgentOvsVolume}
+ - /var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro
- /etc/localtime:/etc/localtime:ro
- /lib/modules:/lib/modules:ro
- /run:/run
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index 5c56aeee..c695c94d 100644
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
OpenStack containerized Nova Compute service
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 36511557..a40a21fd 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
OpenStack Libvirt Service
@@ -55,6 +55,11 @@ outputs:
volumes:
- /var/lib/etc-data/json-config/nova-libvirt.json:/var/lib/kolla/config_files/config.json
- /var/lib/etc-data/libvirt/libvirtd.conf:/var/lib/kolla/config_files/libvirtd.conf
+ # NOTE(mandre) Ideally the qemu.conf file is mounted in
+ # /var/lib/kolla/config_files and copied to the right place but
+ # copy-json.py doesn't allow us to do that without appending the
+ # file as an additional config on the CLI
+ - /var/lib/etc-data/libvirt/qemu.conf:/etc/libvirt/qemu.conf:ro
- /etc/localtime:/etc/localtime:ro
- /lib/modules:/lib/modules:ro
- /run:/run
diff --git a/docker/services/services.yaml b/docker/services/services.yaml
index 37e7b655..3d51eb19 100644
--- a/docker/services/services.yaml
+++ b/docker/services/services.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Utility stack to convert an array of services into a set of combined
diff --git a/environments/cinder-hpelefthand-config.yaml b/environments/cinder-hpelefthand-config.yaml
new file mode 100644
index 00000000..90d0261e
--- /dev/null
+++ b/environments/cinder-hpelefthand-config.yaml
@@ -0,0 +1,13 @@
+# A Heat environment file which can be used to enable a
+# a Cinder HPELeftHandISCSI backend, configured via puppet
+resource_registry:
+ OS::TripleO::Services::CinderHPELeftHandISCSI: ../puppet/services/cinder-hpelefthand-iscsi.yaml
+
+parameter_defaults:
+ CinderHPELeftHandISCSIApiUrl: ''
+ CinderHPELeftHandISCSIUserName: ''
+ CinderHPELeftHandISCSIPassword: ''
+ CinderHPELeftHandISCSIBackendName: 'tripleo_hpelefthand'
+ CinderHPELeftHandISCSIChapEnabled: false
+ CinderHPELeftHandClusterName: ''
+ CinderHPELeftHandDebug: false
diff --git a/environments/deployed-server-bootstrap-environment-centos.yaml b/environments/deployed-server-bootstrap-environment-centos.yaml
new file mode 100644
index 00000000..ebcdfc2b
--- /dev/null
+++ b/environments/deployed-server-bootstrap-environment-centos.yaml
@@ -0,0 +1,7 @@
+# An environment that can be used with the deployed-server.yaml template to do
+# initial bootstrapping of the deployed servers.
+resource_registry:
+ OS::TripleO::DeployedServer::Bootstrap: ../deployed-server/deployed-server-bootstrap-centos.yaml
+
+parameter_defaults:
+ EnablePackageInstall: True
diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml
index c63d399a..7bc1bd9b 100644
--- a/environments/deployed-server-environment.yaml
+++ b/environments/deployed-server-environment.yaml
@@ -1,4 +1,4 @@
resource_registry:
OS::TripleO::Server: ../deployed-server/deployed-server.yaml
- OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml
- OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/ctlplane-port.yaml
+ OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port
+ OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None
diff --git a/environments/deployed-server-noop-ctlplane.yaml b/environments/deployed-server-noop-ctlplane.yaml
index cfda314d..54f5e41d 100644
--- a/environments/deployed-server-noop-ctlplane.yaml
+++ b/environments/deployed-server-noop-ctlplane.yaml
@@ -1,4 +1,3 @@
resource_registry:
OS::TripleO::Server: ../deployed-server/deployed-server.yaml
- OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml
- OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None
+ OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/deployed-neutron-port.yaml
diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml
deleted file mode 100644
index 87c81d0b..00000000
--- a/environments/docker-network-isolation.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-parameter_defaults:
- NeutronOpenvswitchAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini"
- NeutronOpenvswitchAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro"
- NeutronOpenvswitchAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro"
diff --git a/environments/docker.yaml b/environments/docker.yaml
index 0755c61f..4f5b36b4 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -1,6 +1,6 @@
resource_registry:
# Docker container with heat agents for containerized compute node.
- OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml
+ OS::TripleO::Compute::NodeUserData: ../docker/firstboot/install_docker_agents.yaml
OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml
OS::TripleO::Services::ComputeNeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NovaCompute: ../docker/services/nova-compute.yaml
@@ -13,7 +13,6 @@ resource_registry:
OS::TripleO::Services: ../docker/services/services.yaml
parameter_defaults:
- NovaImage: atomic-image
# Defaults to 'tripleoupstream'. Specify a local docker registry
# Example: 192.0.2.1:8787/tripleoupstream
DockerNamespace: tripleoupstream
@@ -24,8 +23,6 @@ parameter_defaults:
DockerNovaComputeImage: centos-binary-nova-compute:newton
DockerLibvirtImage: centos-binary-nova-libvirt:newton
DockerOpenvswitchImage: centos-binary-neutron-openvswitch-agent:newton
- DockerOvsVswitchdImage: centos-binary-openvswitch-vswitchd:newton
- DockerOpenvswitchDBImage: centos-binary-openvswitch-db-server:newton
ComputeServices:
- OS::TripleO::Services::NovaCompute
diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml
index c01b4888..6e912faa 100644
--- a/environments/enable-internal-tls.yaml
+++ b/environments/enable-internal-tls.yaml
@@ -3,5 +3,6 @@
parameter_defaults:
EnableInternalTLS: true
resource_registry:
+ OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml
OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml
diff --git a/environments/enable-swap-partition.yaml b/environments/enable-swap-partition.yaml
new file mode 100644
index 00000000..71b70ec9
--- /dev/null
+++ b/environments/enable-swap-partition.yaml
@@ -0,0 +1,3 @@
+# Use this environment to create a swap partition in all Overcloud nodes
+resource_registry:
+ OS::TripleO::AllNodesExtraConfig: ../extraconfig/all_nodes/swap-partition.yaml
diff --git a/environments/enable-swap.yaml b/environments/enable-swap.yaml
new file mode 100644
index 00000000..9ba08642
--- /dev/null
+++ b/environments/enable-swap.yaml
@@ -0,0 +1,3 @@
+# Use this environment to create a swap file in all Overcloud nodes
+resource_registry:
+ OS::TripleO::AllNodesExtraConfig: ../extraconfig/all_nodes/swap.yaml
diff --git a/environments/external-loadbalancer-vip-v6.yaml b/environments/external-loadbalancer-vip-v6.yaml
index 5a2ef505..fbd1fb98 100644
--- a/environments/external-loadbalancer-vip-v6.yaml
+++ b/environments/external-loadbalancer-vip-v6.yaml
@@ -1,29 +1,24 @@
resource_registry:
- OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external_v6.yaml
- OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service_v6.yaml
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml
# OVS doesn't support IPv6 endpoints for tunneling yet, so this remains IPv4 for now.
OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
+ # Management network is optional and disabled by default
+ #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool_v6.yaml
parameter_defaults:
# When using an external loadbalancer set the following in parameter_defaults
# to control your VIPs (currently one per network)
# NOTE: we will eventually move to one VIP per service
#
- ControlPlaneIP: 192.0.2.251
- ExternalNetworkVip: 2001:db8:fd00:1000:0000:0000:0000:0005
- InternalApiNetworkVip: fd00:fd00:fd00:2000:0000:0000:0000:0005
- StorageNetworkVip: fd00:fd00:fd00:3000:0000:0000:0000:0005
- StorageMgmtNetworkVip: fd00:fd00:fd00:4000:0000:0000:0000:0005
- ServiceVips:
- redis: fd00:fd00:fd00:2000:0000:0000:0000:0006
+ ControlFixedIPs: [{'ip_address':'192.0.2.251'}]
+ PublicVirtualFixedIPs: [{'ip_address':'2001:db8:fd00:1000:0000:0000:0000:0005'}]
+ InternalApiVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0005'}]
+ StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:0005'}]
+ StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}]
+ RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}]
ControllerIPs:
external:
- 2001:db8:fd00:1000:0000:0000:0000:0007
diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml
index 8656ba1a..1759c04c 100644
--- a/environments/external-loadbalancer-vip.yaml
+++ b/environments/external-loadbalancer-vip.yaml
@@ -1,10 +1,4 @@
resource_registry:
- OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml
- OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
@@ -18,13 +12,12 @@ parameter_defaults:
# to control your VIPs (currently one per network)
# NOTE: we will eventually move to one VIP per service
#
- ControlPlaneIP: 192.0.2.251
- ExternalNetworkVip: 10.0.0.251
- InternalApiNetworkVip: 172.16.2.251
- StorageNetworkVip: 172.16.1.251
- StorageMgmtNetworkVip: 172.16.3.251
- ServiceVips:
- redis: 172.16.2.252
+ ControlFixedIPs: [{'ip_address':'192.0.2.251'}]
+ PublicVirtualFixedIPs: [{'ip_address':'10.0.0.251'}]
+ InternalApiVirtualFixedIPs: [{'ip_address':'172.16.2.251'}]
+ StorageVirtualFixedIPs: [{'ip_address':'172.16.1.251'}]
+ StorageMgmtVirtualFixedIPs: [{'ip_address':'172.16.3.251'}]
+ RedisVirtualFixedIPs: [{'ip_address':'172.16.2.252'}]
ControllerIPs:
external:
- 10.0.0.253
diff --git a/environments/host-config-pre-network.j2.yaml b/environments/host-config-pre-network.j2.yaml
new file mode 100644
index 00000000..fe1302b5
--- /dev/null
+++ b/environments/host-config-pre-network.j2.yaml
@@ -0,0 +1,16 @@
+resource_registry:
+# Create the registry only for roles with the word "Compute" in it. Like ComputeOvsDpdk, ComputeSriov, etc.,
+{% for role in roles %}
+{% if "Compute" in role.name %}
+ OS::TripleO::{{role.name}}::PreNetworkConfig: ../extraconfig/pre_network/{{role.name.lower()}}-host_config_and_reboot.yaml
+{% endif %}
+{% endfor %}
+
+parameter_defaults:
+ # Sample parameters for Compute and ComputeOvsDpdk roles
+ #ComputeKernelArgs: ""
+ #ComputeTunedProfileName: ""
+ #ComputeHostCpuList: ""
+ #ComputeOvsDpdkKernelArgs: ""
+ #ComputeOvsDpdkTunedProfileName: ""
+ #ComputeOvsDpdkHostCpuList: ""
diff --git a/environments/major-upgrade-all-in-one.yaml b/environments/major-upgrade-all-in-one.yaml
new file mode 100644
index 00000000..69d72edd
--- /dev/null
+++ b/environments/major-upgrade-all-in-one.yaml
@@ -0,0 +1,8 @@
+# We run the upgrade steps without disabling the OS::TripleO::PostDeploySteps
+# this means you can do a major upgrade in one pass, which may be useful
+# e.g for all-in-one deployments where we can upgrade the compute services
+# at the same time as the controlplane
+# Note that it will be necessary to pass a mapping of OS::Heat::None again for
+# any subsequent updates, or the upgrade steps will run again.
+resource_registry:
+ OS::TripleO::UpgradeSteps: ../puppet/major_upgrade_steps.yaml
diff --git a/environments/network-isolation-no-tunneling.yaml b/environments/network-isolation-no-tunneling.yaml
index 5d2a915b..ff1d7887 100644
--- a/environments/network-isolation-no-tunneling.yaml
+++ b/environments/network-isolation-no-tunneling.yaml
@@ -8,30 +8,54 @@ resource_registry:
OS::TripleO::Network::InternalApi: ../network/internal_api.yaml
OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml
OS::TripleO::Network::Storage: ../network/storage.yaml
+ OS::TripleO::Network::Tenant: ../network/noop.yaml
+ # Management network is optional and disabled by default.
+ # To enable it, include environments/network-management.yaml
+ #OS::TripleO::Network::Management: ../network/management.yaml
+
+ # Port assignments for the VIPs
+ OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml
+ OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml
+ OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml
+ OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::Controller::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the compute role
+ OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml
+ OS::TripleO::Compute::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the ceph storage role
+ OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml
OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the swift storage role
+ OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the block storage role
+ OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
-
- # Port assignments for service virtual IPs for the controller role
- OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml
+ OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml
index 737d7d36..a6b4b8ae 100644
--- a/environments/network-isolation.yaml
+++ b/environments/network-isolation.yaml
@@ -18,8 +18,6 @@ resource_registry:
OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
- # Port assignments for service virtual IPs for the controller role
- OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml
@@ -59,4 +57,3 @@ resource_registry:
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml
#OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
-
diff --git a/environments/neutron-ml2-fujitsu-cfab.yaml b/environments/neutron-ml2-fujitsu-cfab.yaml
new file mode 100644
index 00000000..f14f7ee2
--- /dev/null
+++ b/environments/neutron-ml2-fujitsu-cfab.yaml
@@ -0,0 +1,21 @@
+# A Heat environment file which can be used to enable Fujitsu C-Fabric
+# plugin, configured via puppet
+resource_registry:
+ OS::TripleO::Services::NeutronML2FujitsuCfab: ../puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
+
+parameter_defaults:
+ # Fixed
+ NeutronMechanismDrivers: ['openvswitch','fujitsu_cfab']
+ NeutronTypeDrivers: 'vlan'
+ NeutronNetworkType: 'vlan'
+
+ # Required
+ NeutronFujitsuCfabAddress: '192.168.0.1'
+ NeutronFujitsuCfabUserName: 'admin'
+ NeutronFujitsuCfabPassword:
+
+ # Optional
+ #NeutronFujitsuCfabPhysicalNetworks:
+ #NeutronFujitsuCfabSharePprofile:
+ #NeutronFujitsuCfabPprofilePrefix:
+ #NeutronFujitsuCfabSaveConfig:
diff --git a/environments/neutron-ml2-ovn.yaml b/environments/neutron-ml2-ovn.yaml
index bafb2a73..3da560c8 100644
--- a/environments/neutron-ml2-ovn.yaml
+++ b/environments/neutron-ml2-ovn.yaml
@@ -8,10 +8,10 @@ resource_registry:
# Disabling Neutron services that overlap with OVN
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
parameter_defaults:
NeutronMechanismDrivers: ovn
- OVNDbHost: '0.0.0.0'
OVNSouthboundServerPort: 6642
OVNNorthboundServerPort: 6641
OVNDbConnectionTimeout: 60
@@ -19,3 +19,4 @@ parameter_defaults:
OVNNeutronSyncMode: log
OVNQosDriver: ovn-qos
OVNTunnelEncapType: geneve
+ NeutronEnableDHCPAgent: false
diff --git a/environments/neutron-opendaylight-l3.yaml b/environments/neutron-opendaylight-l3.yaml
index 00be3048..6d5c7404 100644
--- a/environments/neutron-opendaylight-l3.yaml
+++ b/environments/neutron-opendaylight-l3.yaml
@@ -9,6 +9,6 @@ resource_registry:
parameter_defaults:
NeutronEnableForceMetadata: true
- NeutronMechanismDrivers: 'opendaylight'
- NeutronServicePlugins: "networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin"
+ NeutronMechanismDrivers: 'opendaylight_v2'
+ NeutronServicePlugins: 'odl-router_v2'
OpenDaylightEnableL3: "'yes'"
diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml
index 35c90aab..e08b2b27 100644
--- a/environments/neutron-opendaylight.yaml
+++ b/environments/neutron-opendaylight.yaml
@@ -1,11 +1,13 @@
-# A Heat environment that can be used to deploy OpenDaylight
+# A Heat environment that can be used to deploy OpenDaylight with L3 DVR
resource_registry:
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml
OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
parameter_defaults:
NeutronEnableForceMetadata: true
- NeutronMechanismDrivers: 'opendaylight'
+ NeutronMechanismDrivers: 'opendaylight_v2'
+ NeutronServicePlugins: 'odl-router_v2'
diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml
index 06e4f7aa..5f8b02ad 100644
--- a/environments/puppet-ceph-external.yaml
+++ b/environments/puppet-ceph-external.yaml
@@ -30,5 +30,8 @@ parameter_defaults:
# finally we disable the Cinder LVM backend
CinderEnableIscsiBackend: false
+ # Uncomment if connecting to a pre-Jewel or RHCS1.3 Ceph Cluster
+ # RbdDefaultFeatures: 1
+
# Backward compatibility setting, will be removed in the future
CephAdminKey: ''
diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml
index b8e93f20..0b71dbd9 100644
--- a/environments/puppet-pacemaker.yaml
+++ b/environments/puppet-pacemaker.yaml
@@ -1,7 +1,6 @@
# An environment which enables configuration of an
# Overcloud controller with Pacemaker.
resource_registry:
- OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml
OS::TripleO::Tasks::ControllerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
diff --git a/environments/services/ceph-mds.yaml b/environments/services/ceph-mds.yaml
new file mode 100644
index 00000000..2b51374c
--- /dev/null
+++ b/environments/services/ceph-mds.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::Services::CephMds: ../../puppet/services/ceph-mds.yaml \ No newline at end of file
diff --git a/environments/services/zaqar.yaml b/environments/services/zaqar.yaml
new file mode 100644
index 00000000..ee137925
--- /dev/null
+++ b/environments/services/zaqar.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 70a0d31f..74c9f61d 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -20,7 +20,6 @@ parameter_defaults:
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
- GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'}
GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'}
@@ -50,6 +49,9 @@ parameter_defaults:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
+ NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
+ NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
+ NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
@@ -62,3 +64,9 @@ parameter_defaults:
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
+ ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
+ ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 21f8876a..17ff2feb 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -20,7 +20,6 @@ parameter_defaults:
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'}
- GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'}
GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'}
@@ -50,6 +49,9 @@ parameter_defaults:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
+ NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
+ NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
+ NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
@@ -62,3 +64,9 @@ parameter_defaults:
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
+ ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'}
+ ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index 6afb3a63..0aa2be08 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -20,7 +20,6 @@ parameter_defaults:
GlanceAdmin: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
GlanceInternal: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
- GlanceRegistryInternal: {protocol: 'https', port: '9191', host: 'CLOUDNAME'}
GnocchiAdmin: {protocol: 'https', port: '8041', host: 'CLOUDNAME'}
GnocchiInternal: {protocol: 'https', port: '8041', host: 'CLOUDNAME'}
GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'}
@@ -50,6 +49,9 @@ parameter_defaults:
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
+ NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
+ NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
+ NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
@@ -62,3 +64,9 @@ parameter_defaults:
SwiftAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
SwiftInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
+ ZaqarAdmin: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
+ ZaqarInternal: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
+ ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
+ ZaqarWebSocketAdmin: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketInternal: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml
new file mode 100644
index 00000000..0fd01920
--- /dev/null
+++ b/environments/undercloud.yaml
@@ -0,0 +1,18 @@
+resource_registry:
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
+ OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml
+ OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml
+
+parameter_defaults:
+ StackAction: CREATE
+ SoftwareConfigTransport: POLL_SERVER_HEAT
+ NeutronTunnelTypes: []
+ NeutronBridgeMappings: ctlplane:br-ctlplane
+ NeutronAgentExtensions: []
+ NeutronFlatNetworks: '*'
+ NovaSchedulerAvailableFilters: 'tripleo_common.filters.list.tripleo_filters'
+ NovaSchedulerDefaultFilters: ['RetryFilter', 'TripleOCapabilitiesFilter', 'ComputeCapabilitiesFilter', 'AvailabilityZoneFilter', 'RamFilter', 'DiskFilter', 'ComputeFilter', 'ImagePropertiesFilter', 'ServerGroupAntiAffinityFilter', 'ServerGroupAffinityFilter']
+ NeutronDhcpAgentsPerNetwork: 2
+ HeatConvergenceEngine: false
+ HeatMaxResourcesPerStack: -1
diff --git a/environments/updates/README.md b/environments/updates/README.md
index 426d7329..93714ed8 100644
--- a/environments/updates/README.md
+++ b/environments/updates/README.md
@@ -10,3 +10,6 @@ Contents
**update-from-publicvip-on-ctlplane.yaml**
To be used if the PublicVirtualIP resource was deployed as an additional VIP on the 'ctlplane'.
+
+**update-from-deloyed-server-newton.yaml**
+ To be used when updating from the deployed-server template from Newton.
diff --git a/environments/updates/update-from-deployed-server-newton.yaml b/environments/updates/update-from-deployed-server-newton.yaml
new file mode 100644
index 00000000..6fe3a4cb
--- /dev/null
+++ b/environments/updates/update-from-deployed-server-newton.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::DeployedServer::ControlPlanePort: ../../deployed-server/ctlplane-port.yaml
diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml
index a5075300..97687c6a 100644
--- a/environments/updates/update-from-keystone-admin-internal-api.yaml
+++ b/environments/updates/update-from-keystone-admin-internal-api.yaml
@@ -2,32 +2,5 @@
# Keystone Admin API service is running on the Internal API network
parameter_defaults:
- ServiceNetMapDefaults:
- NeutronTenantNetwork: tenant
- CeilometerApiNetwork: internal_api
- MongodbNetwork: internal_api
- CinderApiNetwork: internal_api
- CinderIscsiNetwork: storage
- GlanceApiNetwork: storage
- GlanceRegistryNetwork: internal_api
+ ServiceNetMap:
KeystoneAdminApiNetwork: internal_api
- KeystonePublicApiNetwork: internal_api
- NeutronApiNetwork: internal_api
- HeatApiNetwork: internal_api
- NovaApiNetwork: internal_api
- NovaMetadataNetwork: internal_api
- NovaVncProxyNetwork: internal_api
- SwiftMgmtNetwork: storage_mgmt
- SwiftProxyNetwork: storage
- HorizonNetwork: internal_api
- MemcachedNetwork: internal_api
- RabbitmqNetwork: internal_api
- RedisNetwork: internal_api
- MysqlNetwork: internal_api
- CephClusterNetwork: storage_mgmt
- CephPublicNetwork: storage
- ControllerHostnameResolveNetwork: internal_api
- ComputeHostnameResolveNetwork: internal_api
- BlockStorageHostnameResolveNetwork: internal_api
- ObjectStorageHostnameResolveNetwork: internal_api
- CephStorageHostnameResolveNetwork: storage
diff --git a/extraconfig/all_nodes/mac_hostname.j2.yaml b/extraconfig/all_nodes/mac_hostname.j2.yaml
index 75ffc9e6..fcf022ae 100644
--- a/extraconfig/all_nodes/mac_hostname.j2.yaml
+++ b/extraconfig/all_nodes/mac_hostname.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for cluster config
diff --git a/extraconfig/all_nodes/random_string.j2.yaml b/extraconfig/all_nodes/random_string.j2.yaml
index 9ce2ca8a..77d4b381 100644
--- a/extraconfig/all_nodes/random_string.j2.yaml
+++ b/extraconfig/all_nodes/random_string.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for cluster config
diff --git a/extraconfig/all_nodes/swap-partition.j2.yaml b/extraconfig/all_nodes/swap-partition.j2.yaml
index 36076b0c..b6fef79f 100644
--- a/extraconfig/all_nodes/swap-partition.j2.yaml
+++ b/extraconfig/all_nodes/swap-partition.j2.yaml
@@ -1,11 +1,7 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
-description: >
- Extra config to add swap space to nodes.
+description: Template file to add a swap partition to a node.
-# Parameters passed from the parent template - note if you maintain
-# out-of-tree templates they may require additional parameters if the
-# in-tree templates add a new role.
parameters:
servers:
type: json
@@ -14,9 +10,7 @@ parameters:
description: Swap partition label
default: 'swap1'
-
resources:
-
SwapConfig:
type: OS::Heat::SoftwareConfig
properties:
@@ -25,8 +19,13 @@ resources:
#!/bin/bash
set -eux
swap_partition=$(realpath /dev/disk/by-label/$swap_partition_label)
- swapon $swap_partition
- echo "$swap_partition swap swap defaults 0 0" >> /etc/fstab
+ if [ -f "$swap_partition" ]; then
+ swapon $swap_partition
+ echo "$swap_partition swap swap defaults 0 0" >> /etc/fstab
+ else
+ echo "$swap_partition needs to be a valid path"
+ echo "Check that $swap_partition_label is a valid partition label"
+ fi
inputs:
- name: swap_partition_label
description: Swap partition label
diff --git a/extraconfig/all_nodes/swap.j2.yaml b/extraconfig/all_nodes/swap.j2.yaml
index ce65dacb..044f817c 100644
--- a/extraconfig/all_nodes/swap.j2.yaml
+++ b/extraconfig/all_nodes/swap.j2.yaml
@@ -1,11 +1,7 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
-description: >
- Extra config to add swap space to nodes.
+description: Template file to add a swap file to a node.
-# Parameters passed from the parent template - note if you maintain
-# out-of-tree templates they may require additional parameters if the
-# in-tree templates add a new role.
parameters:
servers:
type: json
@@ -18,9 +14,7 @@ parameters:
description: Full path to location of swap file
default: '/swap'
-
resources:
-
SwapConfig:
type: OS::Heat::SoftwareConfig
properties:
diff --git a/extraconfig/post_deploy/default.yaml b/extraconfig/post_deploy/default.yaml
index ddfe0243..4da54ead 100644
--- a/extraconfig/post_deploy/default.yaml
+++ b/extraconfig/post_deploy/default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Extra Post Deployment Config'
parameters:
servers:
diff --git a/extraconfig/post_deploy/example.yaml b/extraconfig/post_deploy/example.yaml
index f83dff76..8ac7eb73 100644
--- a/extraconfig/post_deploy/example.yaml
+++ b/extraconfig/post_deploy/example.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for post-deployment
diff --git a/extraconfig/post_deploy/example_run_on_update.yaml b/extraconfig/post_deploy/example_run_on_update.yaml
index 234488af..738e263b 100644
--- a/extraconfig/post_deploy/example_run_on_update.yaml
+++ b/extraconfig/post_deploy/example_run_on_update.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for post-deployment, this re-runs every update
diff --git a/extraconfig/post_deploy/undercloud_post.sh b/extraconfig/post_deploy/undercloud_post.sh
new file mode 100755
index 00000000..8bcae1d3
--- /dev/null
+++ b/extraconfig/post_deploy/undercloud_post.sh
@@ -0,0 +1,126 @@
+#!/bin/bash
+set -eux
+
+ln -sf /etc/puppet/hiera.yaml /etc/hiera.yaml
+
+
+# WRITE OUT STACKRC
+if [ ! -e /root/stackrc ]; then
+ touch /root/stackrc
+ chmod 0600 /root/stackrc
+
+cat >> /root/stackrc <<-EOF_CAT
+export OS_PASSWORD=$admin_password
+export OS_AUTH_URL=$auth_url
+export OS_USERNAME=admin
+export OS_TENANT_NAME=admin
+export COMPUTE_API_VERSION=1.1
+export NOVA_VERSION=1.1
+export OS_BAREMETAL_API_VERSION=1.15
+export OS_NO_CACHE=True
+export OS_CLOUDNAME=undercloud
+EOF_CAT
+
+ if [ -n "$ssl_certificate" ]; then
+cat >> /root/stackrc <<-EOF_CAT
+export PYTHONWARNINGS="ignore:Certificate has no, ignore:A true SSLContext object is not available"
+EOF_CAT
+ fi
+fi
+
+source /root/stackrc
+
+if [ ! -f /root/.ssh/authorized_keys ]; then
+ sudo mkdir -p /root/.ssh
+ sudo chmod 7000 /root/.ssh/
+ sudo touch /root/.ssh/authorized_keys
+ sudo chmod 600 /root/.ssh/authorized_keys
+fi
+
+if [ ! -f /root/.ssh/id_rsa ]; then
+ ssh-keygen -b 1024 -N '' -f /root/.ssh/id_rsa
+fi
+
+if ! grep "$(cat /root/.ssh/id_rsa.pub)" /root/.ssh/authorized_keys; then
+ cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
+fi
+
+PHYSICAL_NETWORK=ctlplane
+
+ctlplane_id=$(openstack network list -f csv -c ID -c Name --quote none | tail -n +2 | grep ctlplane | cut -d, -f1)
+subnet_ids=$(openstack subnet list -f csv -c ID --quote none | tail -n +2)
+subnet_id=
+
+for subnet_id in $subnet_ids; do
+ network_id=$(openstack subnet show -f value -c network_id $subnet_id)
+ if [ "$network_id" = "$ctlplane_id" ]; then
+ break
+ fi
+done
+
+net_create=1
+if [ -n "$subnet_id" ]; then
+ cidr=$(openstack subnet show $subnet_id -f value -c cidr)
+ if [ "$cidr" = "$undercloud_network_cidr" ]; then
+ net_create=0
+ else
+ echo "New cidr $undercloud_network_cidr does not equal old cidr $cidr"
+ echo "Will attempt to delete and recreate subnet $subnet_id"
+ fi
+fi
+
+if [ "$net_create" -eq "1" ]; then
+ # Delete the subnet and network to make sure it doesn't already exist
+ if openstack subnet list | grep start; then
+ openstack subnet delete $(openstack subnet list | grep start | awk '{print $4}')
+ fi
+ if openstack network show ctlplane; then
+ openstack network delete ctlplane
+ fi
+
+
+ NETWORK_ID=$(openstack network create --provider-network-type=flat --provider-physical-network=ctlplane ctlplane | grep " id " | awk '{print $4}')
+
+ NAMESERVER_ARG=""
+ if [ -n "${undercloud_nameserver:-}" ]; then
+ NAMESERVER_ARG="--dns-nameserver $undercloud_nameserver"
+ fi
+
+ openstack subnet create --network=$NETWORK_ID \
+ --gateway=$undercloud_network_gateway \
+ --subnet-range=$undercloud_network_cidr \
+ --allocation-pool start=$undercloud_dhcp_start,end=$undercloud_dhcp_end \
+ --host-route destination=169.254.169.254/32,gateway=$local_ip \
+ $NAMESERVER_ARG ctlplane
+fi
+
+# Disable nova quotas
+openstack quota set --cores -1 --instances -1 --ram -1 $(openstack project show admin | awk '$2=="id" {print $4}')
+
+# MISTRAL WORKFLOW CONFIGURATION
+if [ "$(hiera mistral_api_enabled)" = "true" ]; then
+ # load workflows
+ for workbook in $(openstack workbook list | grep tripleo | cut -f 2 -d ' '); do
+ openstack workbook delete $workbook
+ done
+ for workflow in $(openstack workflow list | grep tripleo | cut -f 2 -d ' '); do
+ openstack workflow delete $workflow
+ done
+ for workbook in $(ls /usr/share/openstack-tripleo-common/workbooks/*); do
+ openstack workbook create $workbook
+ done
+
+ # Store the SNMP password in a mistral environment
+ if ! openstack workflow env show tripleo.undercloud-config &>/dev/null; then
+ TMP_MISTRAL_ENV=$(mktemp)
+ echo "{\"name\": \"tripleo.undercloud-config\", \"variables\": {\"undercloud_ceilometer_snmpd_password\": \"$snmp_readonly_user_password\"}}" > $TMP_MISTRAL_ENV
+ openstack workflow env create $TMP_MISTRAL_ENV
+ fi
+
+fi
+
+# IP forwarding is needed to allow the overcloud nodes access to the outside
+# internet in cases where they are on an isolated network.
+sysctl -w net.ipv4.ip_forward=1
+# Make it persistent
+echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/ip-forward.conf
diff --git a/extraconfig/post_deploy/undercloud_post.yaml b/extraconfig/post_deploy/undercloud_post.yaml
new file mode 100644
index 00000000..38a9181e
--- /dev/null
+++ b/extraconfig/post_deploy/undercloud_post.yaml
@@ -0,0 +1,93 @@
+heat_template_version: ocata
+
+description: >
+ Post-deployment for the TripleO undercloud
+
+parameters:
+ servers:
+ type: json
+ DeployedServerPortMap:
+ default: {}
+ type: json
+ UndercloudDhcpRangeStart:
+ type: string
+ default: '192.168.24.5'
+ UndercloudDhcpRangeEnd:
+ type: string
+ default: '192.168.24.24'
+ UndercloudNetworkCidr:
+ type: string
+ default: '192.168.24.0/24'
+ UndercloudNetworkGateway:
+ type: string
+ default: '192.168.24.1'
+ UndercloudNameserver:
+ type: string
+ default: ''
+ AdminPassword: #supplied by tripleo-undercloud-passwords.yaml
+ type: string
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
+ hidden: True
+ SSLCertificate:
+ description: >
+ The content of the SSL certificate (without Key) in PEM format.
+ type: string
+ default: ""
+ hidden: True
+ SnmpdReadonlyUserPassword:
+ description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ hidden: true
+
+conditions:
+
+ ssl_disabled: {equals : [{get_param: SSLCertificate}, ""]}
+
+resources:
+
+ UndercloudPostConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: deploy_identifier
+ - name: local_ip
+ - name: undercloud_dhcp_start
+ - name: undercloud_dhcp_end
+ - name: undercloud_network_cidr
+ - name: undercloud_network_gateway
+ - name: undercloud_nameserver
+ - name: admin_password
+ - name: auth_url
+ - name: snmp_readonly_user_password
+ config: {get_file: ./undercloud_post.sh}
+
+ UndercloudPostDeployment:
+ type: OS::Heat::SoftwareDeployments
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: UndercloudPostConfig}
+ input_values:
+ local_ip: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
+ undercloud_dhcp_start: {get_param: UndercloudDhcpRangeStart}
+ undercloud_dhcp_end: {get_param: UndercloudDhcpRangeEnd}
+ undercloud_network_cidr: {get_param: UndercloudNetworkCidr}
+ undercloud_network_gateway: {get_param: UndercloudNetworkGateway}
+ undercloud_nameserver: {get_param: UndercloudNameserver}
+ ssl_certificate: {get_param: SSLCertificate}
+ admin_password: {get_param: AdminPassword}
+ snmp_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ # if SSL is enabled we use the public virtual ip as the stackrc endpoint
+ auth_url:
+ if:
+ - ssl_disabled
+ - list_join:
+ - ''
+ - - 'http://'
+ - {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
+ - ':5000/v2.0'
+ - list_join:
+ - ''
+ - - 'https://'
+ - {get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]}
+ - ':13000/v2.0'
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
index 7c65bd8b..fdf2e957 100644
--- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
RHEL Registration and unregistration software deployments.
diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
index 71ab0767..2650a967 100644
--- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
+++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
@@ -11,6 +11,7 @@ if [ -e $OK ] ; then
exit 0
fi
+retryCount=0
opts=
attach_opts=
sat5_opts=
@@ -96,12 +97,28 @@ if [ -n "${REG_TYPE:-}" ]; then
opts="$opts --type=$REG_TYPE"
fi
+function retry() {
+ if [[ $retryCount < 3 ]]; then
+ $@
+ if ! [[ $? == 0 ]]; then
+ retryCount=$(echo $retryCount + 1 | bc)
+ echo "WARN: Failed to connect when running '$@', retrying..."
+ retry $@
+ else
+ retryCount=0
+ fi
+ else
+ echo "ERROR: Failed to connect after 3 attempts when running '$@'"
+ exit 1
+ fi
+}
+
function detect_satellite_version {
ping_api=$REG_SAT_URL/katello/api/ping
- if curl -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then
+ if curl --retry 3 --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then
echo Satellite 6 detected at $REG_SAT_URL
satellite_version=6
- elif curl -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then
+ elif curl --retry 3 --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then
echo Satellite 5 detected at $REG_SAT_URL
satellite_version=5
else
@@ -112,29 +129,29 @@ function detect_satellite_version {
case "${REG_METHOD:-}" in
portal)
- subscription-manager register $opts
+ retry subscription-manager register $opts
if [ -z "${REG_AUTO_ATTACH:-}" -a -z "${REG_ACTIVATION_KEY:-}" ]; then
- subscription-manager attach $attach_opts
+ retry subscription-manager attach $attach_opts
fi
- subscription-manager repos --disable '*'
- subscription-manager $repos
+ retry subscription-manager repos --disable '*'
+ retry subscription-manager $repos
;;
satellite)
detect_satellite_version
if [ "$satellite_version" = "6" ]; then
repos="$repos --enable ${satellite_repo}"
- curl -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm"
+ curl --retry 3 --retry-delay 10 --max-time 30 -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm"
rpm -Uvh katello-ca-consumer-latest.noarch.rpm || true
- subscription-manager register $opts
- subscription-manager $repos
- yum install -y katello-agent || true # needed for errata reporting to satellite6
+ retry subscription-manager register $opts
+ retry subscription-manager $repos
+ retry yum install -y katello-agent || true # needed for errata reporting to satellite6
katello-package-upload
- subscription-manager repos --disable ${satellite_repo}
+ retry subscription-manager repos --disable ${satellite_repo}
else
pushd /usr/share/rhn/
- curl -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT
+ curl --retry 3 --retry-delay 10 --max-time 30 -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT
popd
- rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts
+ retry rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts
fi
;;
disable)
diff --git a/extraconfig/pre_network/ansible_host_config.ansible b/extraconfig/pre_network/ansible_host_config.ansible
new file mode 100644
index 00000000..c126c1a1
--- /dev/null
+++ b/extraconfig/pre_network/ansible_host_config.ansible
@@ -0,0 +1,58 @@
+---
+- name: Configuration to be applied before rebooting the node
+ connection: local
+ hosts: localhost
+
+ tasks:
+ # Kernel Args Configuration
+ - block:
+ - name: Ensure the kernel args ( {{ _KERNEL_ARGS_ }} ) is present as TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS
+ lineinfile:
+ dest: /etc/default/grub
+ regexp: '^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*'
+ insertafter: '^GRUB_CMDLINE_LINUX.*'
+ line: 'TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS=" {{ _KERNEL_ARGS_ }} "'
+ - name: Add TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS to the GRUB_CMDLINE_LINUX parameter
+ lineinfile:
+ dest: /etc/default/grub
+ line: 'GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX:+$GRUB_CMDLINE_LINUX }${TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS}"'
+ insertafter: '^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*'
+ - name: Generate grub config file
+ command: grub2-mkconfig -o /boot/grub2/grub.cfg
+ become: true
+ when: _KERNEL_ARGS_|default("") != ""
+
+ # Tune-d Configuration
+ - block:
+ - name: Tune-d Configuration
+ lineinfile:
+ dest: /etc/tuned/cpu-partitioning-variables.conf
+ regexp: '^isolated_cores=.*'
+ line: 'isolated_cores={{ _HOST_CPUS_LIST_ }}'
+ when: _HOST_CPUS_LIST_|default("") != ""
+
+ - name: Tune-d provile activation
+ shell: tuned-adm profile {{ _TUNED_PROFILE_NAME_ }}
+ become: true
+ when: _TUNED_PROFILE_NAME_|default("") != ""
+
+ # Provisioning Network workaround
+ # The script will be executed before os-net-config, in which case, only Provisioning network will have IP
+ # BOOTPROTO of all interface config files (except provisioning), will be set to "none" to avoid reboot failing to acquire IP on other networks
+ - block:
+ - find:
+ paths: /etc/sysconfig/network-scripts/
+ patterns: ifcfg-*
+ register: ifcfg_files
+
+ - replace:
+ dest: "{{ item.path }}"
+ regexp: '^BOOTPROTO=.*'
+ replace: 'BOOTPROTO=none'
+ when:
+ - item.path | regex_replace('(^.*ifcfg-)(.*)', '\\2') != "lo"
+ # This condition will list all the interfaces except the one with valid IP (which is Provisioning network at this stage)
+ # Simpler Version - hostvars[inventory_hostname]['ansible_' + iface_name ]['ipv4']['address'] is undefined
+ - hostvars[inventory_hostname]['ansible_' + item.path | regex_replace('(^.*ifcfg-)(.*)', '\\2') ]['ipv4']['address'] is undefined
+ with_items:
+ - "{{ ifcfg_files.files }}"
diff --git a/extraconfig/pre_network/config_then_reboot.yaml b/extraconfig/pre_network/config_then_reboot.yaml
new file mode 100644
index 00000000..ec4d2761
--- /dev/null
+++ b/extraconfig/pre_network/config_then_reboot.yaml
@@ -0,0 +1,48 @@
+heat_template_version: 2014-10-16
+
+description: >
+ Do some configuration, then reboot - sometimes needed for early-boot
+ changes such as modifying kernel configuration
+
+parameters:
+ server:
+ type: string
+
+resources:
+
+ SomeConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ echo "did some config before reboot" > /root/pre-reboot-config
+
+ SomeDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: SomeDeployment
+ server: {get_param: server}
+ config: {get_resource: SomeConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ RebootConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ # Stop os-collect-config to avoid any race collecting another
+ # deployment before reboot happens
+ systemctl stop os-collect-config.service
+ /sbin/reboot
+
+ RebootDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: SomeDeployment
+ properties:
+ name: RebootDeployment
+ server: {get_param: server}
+ config: {get_resource: RebootConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+ signal_transport: NO_SIGNAL
diff --git a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
new file mode 100644
index 00000000..bba16a66
--- /dev/null
+++ b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
@@ -0,0 +1,100 @@
+heat_template_version: 2016-10-14
+
+description: >
+ Do some configuration, then reboot - sometimes needed for early-boot
+ changes such as modifying kernel configuration
+
+parameters:
+ server:
+ type: string
+ {{role}}KernelArgs:
+ type: string
+ default: ""
+ {{role}}TunedProfileName:
+ type: string
+ default: ""
+ {{role}}HostCpusList:
+ type: string
+ default: ""
+
+conditions:
+ param_exists:
+ or:
+ - not:
+ equals:
+ - get_param: {{role}}KernelArgs
+ - ""
+ - not:
+ equals:
+ - get_param: {{role}}TunedProfileName
+ - ""
+
+resources:
+
+ HostParametersConfig:
+ type: OS::Heat::SoftwareConfig
+ condition: param_exists
+ properties:
+ group: ansible
+ inputs:
+ - name: _KERNEL_ARGS_
+ - name: _TUNED_PROFILE_NAME_
+ - name: _HOST_CPUS_LIST_
+ outputs:
+ - name: result
+ config:
+ get_file: ansible_host_config.ansible
+
+ HostParametersDeployment:
+ type: OS::Heat::SoftwareDeployment
+ condition: param_exists
+ properties:
+ name: HostParametersDeployment
+ server: {get_param: server}
+ config: {get_resource: HostParametersConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+ input_values:
+ _KERNEL_ARGS_: {get_param: {{role}}KernelArgs}
+ _TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName}
+ _HOST_CPUS_LIST_: {get_param: {{role}}HostCpusList}
+
+ RebootConfig:
+ type: OS::Heat::SoftwareConfig
+ condition: param_exists
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ # Stop os-collect-config to avoid any race collecting another
+ # deployment before reboot happens
+ systemctl stop os-collect-config.service
+ /sbin/reboot
+
+ RebootDeployment:
+ type: OS::Heat::SoftwareDeployment
+ condition: param_exists
+ depends_on: HostParametersDeployment
+ properties:
+ name: RebootDeployment
+ server: {get_param: server}
+ config: {get_resource: RebootConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+ signal_transport: NO_SIGNAL
+
+outputs:
+ result:
+ value:
+ get_attr: [HostParametersDeployment, result]
+ condition: param_exists
+ stdout:
+ value:
+ get_attr: [HostParametersDeployment, deploy_stdout]
+ condition: param_exists
+ stderr:
+ value:
+ get_attr: [HostParametersDeployment, deploy_stderr]
+ condition: param_exists
+ status_code:
+ value:
+ get_attr: [HostParametersDeployment, deploy_status_code]
+ condition: param_exists
diff --git a/extraconfig/tasks/major_upgrade_block_storage.sh b/extraconfig/tasks/major_upgrade_block_storage.sh
index 39861826..64c4457e 100644
--- a/extraconfig/tasks/major_upgrade_block_storage.sh
+++ b/extraconfig/tasks/major_upgrade_block_storage.sh
@@ -5,18 +5,7 @@
set -eu
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y -q update
diff --git a/extraconfig/tasks/major_upgrade_ceilometer_wsgi_mitaka_newton.yaml b/extraconfig/tasks/major_upgrade_ceilometer_wsgi_mitaka_newton.yaml
index c87e6824..cf5d7a84 100644
--- a/extraconfig/tasks/major_upgrade_ceilometer_wsgi_mitaka_newton.yaml
+++ b/extraconfig/tasks/major_upgrade_ceilometer_wsgi_mitaka_newton.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Software-config for ceilometer configuration under httpd during upgrades
diff --git a/extraconfig/tasks/major_upgrade_ceph_storage.sh b/extraconfig/tasks/major_upgrade_ceph_storage.sh
index d84cad45..a745e723 100644
--- a/extraconfig/tasks/major_upgrade_ceph_storage.sh
+++ b/extraconfig/tasks/major_upgrade_ceph_storage.sh
@@ -8,7 +8,9 @@ set -o pipefail
UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
-cat > $UPGRADE_SCRIPT << 'ENDOFCAT'
+declare -f special_case_ovs_upgrade_if_needed > $UPGRADE_SCRIPT
+# use >> here so we don't lose the declaration we added above
+cat >> $UPGRADE_SCRIPT << 'ENDOFCAT'
#!/bin/bash
### DO NOT MODIFY THIS FILE
### This file is automatically delivered to the ceph-storage nodes as part of the
@@ -49,19 +51,7 @@ timeout 60 bash -c "while kill -0 ${OSD_PIDS} 2> /dev/null; do
sleep 2;
done"
-# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
# Update (Ceph to Jewel)
yum -y install python-zaqarclient # needed for os-collect-config
@@ -86,7 +76,7 @@ elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then
# If on ext4, we need to enforce lower values for name and namespace len
# or ceph-osd will refuse to start, see: http://tracker.ceph.com/issues/16187
for OSD_ID in $OSD_IDS; do
- OSD_FS=$(findmnt -n -o FSTYPE -T /var/lib/ceph/osd/ceph-${OSD_ID})
+ OSD_FS=$(df -l --output=fstype /var/lib/ceph/osd/ceph-${OSD_ID} | tail -n +2)
if [ ${OSD_FS} = ext4 ]; then
crudini --set /etc/ceph/ceph.conf global osd_max_object_name_len 256
crudini --set /etc/ceph/ceph.conf global osd_max_object_namespace_len 64
diff --git a/extraconfig/tasks/major_upgrade_compute.sh b/extraconfig/tasks/major_upgrade_compute.sh
index b0d42806..7a3e1073 100644
--- a/extraconfig/tasks/major_upgrade_compute.sh
+++ b/extraconfig/tasks/major_upgrade_compute.sh
@@ -18,19 +18,8 @@ set -eu
crudini --set /etc/nova/nova.conf upgrade_levels compute $upgrade_level_nova_compute
-# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n \$(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+$(declare -f special_case_ovs_upgrade_if_needed)
+special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y update
diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh
index 7cc6735f..6bfe1239 100755
--- a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh
+++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh
@@ -100,18 +100,7 @@ if [ $DO_MYSQL_UPGRADE -eq 1 ]; then
fi
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y -q update
diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_3.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_3.sh
index 6748f891..a3ce393f 100755
--- a/extraconfig/tasks/major_upgrade_controller_pacemaker_3.sh
+++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_3.sh
@@ -57,7 +57,7 @@ if [[ -n $(is_bootstrap_node) ]]; then
# TODO: check if this can be triggered in puppet and removed from here
ceilometer-upgrade --config-file=/etc/ceilometer/ceilometer.conf --skip-gnocchi-resource-types
cinder-manage db sync
- glance-manage --config-file=/etc/glance/glance-registry.conf db_sync
+ glance-manage db_sync
heat-manage --config-file /etc/heat/heat.conf db_sync
keystone-manage db_sync
neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head
diff --git a/extraconfig/tasks/major_upgrade_object_storage.sh b/extraconfig/tasks/major_upgrade_object_storage.sh
index 2667bb16..d9d1b4d5 100644
--- a/extraconfig/tasks/major_upgrade_object_storage.sh
+++ b/extraconfig/tasks/major_upgrade_object_storage.sh
@@ -23,19 +23,8 @@ function systemctl_swift {
done
}
-# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n \$(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+$(declare -f special_case_ovs_upgrade_if_needed)
+special_case_ovs_upgrade_if_needed
systemctl_swift stop
diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml
index b0418a56..b63aafbd 100644
--- a/extraconfig/tasks/major_upgrade_pacemaker.yaml
+++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade for Pacemaker deployments'
parameters:
@@ -97,7 +97,11 @@ resources:
depends_on: ControllerPacemakerUpgradeDeployment_Step1
properties:
group: script
- config: {get_file: major_upgrade_block_storage.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: major_upgrade_block_storage.sh
BlockStorageUpgradeDeployment:
type: OS::Heat::SoftwareDeploymentGroup
diff --git a/extraconfig/tasks/major_upgrade_pacemaker_init.j2.yaml b/extraconfig/tasks/major_upgrade_pacemaker_init.j2.yaml
index f6aa3066..c308720b 100644
--- a/extraconfig/tasks/major_upgrade_pacemaker_init.j2.yaml
+++ b/extraconfig/tasks/major_upgrade_pacemaker_init.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Upgrade for Pacemaker deployments'
parameters:
@@ -54,19 +54,28 @@ resources:
upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE'
params:
UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute}
+ - get_file: pacemaker_common_functions.sh
- get_file: major_upgrade_compute.sh
ObjectStorageDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: {get_file: major_upgrade_object_storage.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: major_upgrade_object_storage.sh
CephStorageDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: {get_file: major_upgrade_ceph_storage.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: major_upgrade_ceph_storage.sh
{% for role in roles %}
UpgradeInit{{role.name}}Deployment:
diff --git a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh
index 6d02acc8..ae22a1e7 100644
--- a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh
+++ b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh
@@ -83,7 +83,6 @@ function services_to_migrate {
openstack-cinder-api-clone
openstack-cinder-scheduler-clone
openstack-glance-api-clone
- openstack-glance-registry-clone
openstack-gnocchi-metricd-clone
openstack-gnocchi-statsd-clone
openstack-heat-api-cfn-clone
diff --git a/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml b/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml
index b9a87d33..45933fb7 100644
--- a/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml
+++ b/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Software-config for performing aodh data migration
diff --git a/extraconfig/tasks/pacemaker_common_functions.sh b/extraconfig/tasks/pacemaker_common_functions.sh
index 2c7dfc35..aae4a2de 100755
--- a/extraconfig/tasks/pacemaker_common_functions.sh
+++ b/extraconfig/tasks/pacemaker_common_functions.sh
@@ -297,3 +297,27 @@ function systemctl_swift {
manage_systemd_service $action $service
done
}
+
+# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
+function special_case_ovs_upgrade_if_needed {
+ if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
+ echo "Manual upgrade of openvswitch - restart in postun detected"
+ rm -rf OVS_UPGRADE
+ mkdir OVS_UPGRADE && pushd OVS_UPGRADE
+ echo "Attempting to downloading latest openvswitch with yumdownloader"
+ yumdownloader --resolve openvswitch
+ for pkg in $(ls -1 *.rpm); do
+ if rpm -U --test $pkg 2>&1 | grep "already installed" ; then
+ echo "Looks like newer version of $pkg is already installed, skipping"
+ else
+ echo "Updating $pkg with nopostun option"
+ rpm -U --replacepkgs --nopostun $pkg
+ fi
+ done
+ popd
+ else
+ echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
+ fi
+
+}
+
diff --git a/extraconfig/tasks/post_puppet_pacemaker.yaml b/extraconfig/tasks/post_puppet_pacemaker.yaml
index b62502f8..a63868c9 100644
--- a/extraconfig/tasks/post_puppet_pacemaker.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Post-Puppet Config for Pacemaker deployments'
parameters:
diff --git a/extraconfig/tasks/post_puppet_pacemaker_restart.yaml b/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
index 52760c87..475a6688 100644
--- a/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Post-Puppet restart config for Pacemaker deployments'
parameters:
diff --git a/extraconfig/tasks/pre_puppet_pacemaker.yaml b/extraconfig/tasks/pre_puppet_pacemaker.yaml
index 82546588..aa7514f9 100644
--- a/extraconfig/tasks/pre_puppet_pacemaker.yaml
+++ b/extraconfig/tasks/pre_puppet_pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Pre-Puppet Config for Pacemaker deployments'
parameters:
diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh
index 8a88ee64..74af7b02 100755
--- a/extraconfig/tasks/yum_update.sh
+++ b/extraconfig/tasks/yum_update.sh
@@ -63,18 +63,7 @@ if [[ "$pacemaker_status" == "active" && \
fi
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
if [[ "$pacemaker_status" == "active" ]] ; then
echo "Pacemaker running, stopping cluster node and doing full package update"
diff --git a/extraconfig/tasks/yum_update.yaml b/extraconfig/tasks/yum_update.yaml
index d313ca9f..8cff838e 100644
--- a/extraconfig/tasks/yum_update.yaml
+++ b/extraconfig/tasks/yum_update.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Software-config for performing package updates using yum
@@ -9,7 +9,12 @@ resources:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: {get_file: yum_update.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: yum_update.sh
+
inputs:
- name: update_identifier
description: yum will only run for previously unused values of update_identifier
diff --git a/extraconfig/tasks/yum_update_noop.yaml b/extraconfig/tasks/yum_update_noop.yaml
index b759d9c5..9400c1d2 100644
--- a/extraconfig/tasks/yum_update_noop.yaml
+++ b/extraconfig/tasks/yum_update_noop.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'No-op yum update task'
resources:
diff --git a/firstboot/os-net-config-mappings.yaml b/firstboot/os-net-config-mappings.yaml
index 833c3bc2..d7e0c524 100644
--- a/firstboot/os-net-config-mappings.yaml
+++ b/firstboot/os-net-config-mappings.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Configure os-net-config mappings for specific nodes
@@ -38,7 +38,7 @@ resources:
str_replace:
template: |
#!/bin/sh
- eth_addr=$(/sbin/ifconfig eth0 | grep ether | awk '{print $2}')
+ eth_addr=$(cat /sys/class/net/*/address | tr '\n' ',')
mkdir -p /etc/os-net-config
# Create an os-net-config mapping file, note this defaults to
@@ -51,7 +51,7 @@ resources:
input = sys.stdin.readline() or '{}'
data = json.loads(input)
for node in data:
- if '${eth_addr}' in data[node].values():
+ if any(x in '$eth_addr'.split(',') for x in data[node].values()):
interface_mapping = {'interface_mapping': data[node]}
with open('/etc/os-net-config/mapping.yaml', 'w') as f:
yaml.safe_dump(interface_mapping, f, default_flow_style=False)
diff --git a/firstboot/userdata_default.yaml b/firstboot/userdata_default.yaml
index 140d2bf8..bc379f4c 100644
--- a/firstboot/userdata_default.yaml
+++ b/firstboot/userdata_default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
This is a default no-op template which provides empty user-data
diff --git a/firstboot/userdata_dev_rsync.yaml b/firstboot/userdata_dev_rsync.yaml
index 7dc7bd4d..d412b93a 100644
--- a/firstboot/userdata_dev_rsync.yaml
+++ b/firstboot/userdata_dev_rsync.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
This is first boot configuration for development purposes. It allows
diff --git a/firstboot/userdata_example.yaml b/firstboot/userdata_example.yaml
index a0d8c7ac..a352093f 100644
--- a/firstboot/userdata_example.yaml
+++ b/firstboot/userdata_example.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
# NOTE: You don't need to pass the parameter explicitly from the
# parent template, it can be specified via the parameter_defaults
diff --git a/firstboot/userdata_heat_admin.yaml b/firstboot/userdata_heat_admin.yaml
index 63d5bbf8..ed8302dc 100644
--- a/firstboot/userdata_heat_admin.yaml
+++ b/firstboot/userdata_heat_admin.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
parameters:
# Can be overridden via parameter_defaults in the environment
diff --git a/firstboot/userdata_root_password.yaml b/firstboot/userdata_root_password.yaml
new file mode 100644
index 00000000..63dd5a9c
--- /dev/null
+++ b/firstboot/userdata_root_password.yaml
@@ -0,0 +1,38 @@
+heat_template_version: ocata
+
+description: >
+ Uses cloud-init to enable root logins and set the root password.
+ Note this is less secure than the default configuration and may not be
+ appropriate for production environments, it's intended for illustration
+ and development/debugging only.
+
+parameters:
+ NodeRootPassword:
+ description: Root password for the nodes
+ hidden: true
+ type: string
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: root_config}
+
+ root_config:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ ssh_pwauth: true
+ disable_root: false
+ chpasswd:
+ list:
+ str_replace:
+ template: "root:PASSWORD"
+ params:
+ PASSWORD: {get_param: NodeRootPassword}
+ expire: False
+
+outputs:
+ OS::stack_id:
+ value: {get_resource: userdata}
diff --git a/hosts-config.yaml b/hosts-config.yaml
index a24b9bb4..5a211716 100644
--- a/hosts-config.yaml
+++ b/hosts-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'All Hosts Config'
parameters:
diff --git a/net-config-bond.yaml b/net-config-bond.yaml
index db6ff2c7..3ae09c98 100644
--- a/net-config-bond.yaml
+++ b/net-config-bond.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge.
parameters:
diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml
index e7b96695..10d53880 100644
--- a/net-config-bridge.yaml
+++ b/net-config-bridge.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
diff --git a/net-config-linux-bridge.yaml b/net-config-linux-bridge.yaml
index d8274f3c..04664818 100644
--- a/net-config-linux-bridge.yaml
+++ b/net-config-linux-bridge.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
diff --git a/net-config-noop.yaml b/net-config-noop.yaml
index 94c492c6..be05cc11 100644
--- a/net-config-noop.yaml
+++ b/net-config-noop.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to no-op for os-net-config. Using this will allow you
@@ -38,8 +38,8 @@ resources:
OsNetConfigImpl:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
- config:
+ group: apply-config
+ config: {}
outputs:
OS::stack_id:
diff --git a/net-config-static-bridge-with-external-dhcp.yaml b/net-config-static-bridge-with-external-dhcp.yaml
index a1d86728..12374a28 100644
--- a/net-config-static-bridge-with-external-dhcp.yaml
+++ b/net-config-static-bridge-with-external-dhcp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
diff --git a/net-config-static-bridge.yaml b/net-config-static-bridge.yaml
index 1e1498b3..50e541be 100644
--- a/net-config-static-bridge.yaml
+++ b/net-config-static-bridge.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
diff --git a/net-config-static.yaml b/net-config-static.yaml
index c67b4e99..a52e22ba 100644
--- a/net-config-static.yaml
+++ b/net-config-static.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
diff --git a/net-config-undercloud.yaml b/net-config-undercloud.yaml
new file mode 100644
index 00000000..9be51c0f
--- /dev/null
+++ b/net-config-undercloud.yaml
@@ -0,0 +1,77 @@
+heat_template_version: ocata
+description: >
+ Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet:
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: disable_configure_safe_defaults
+ default: true
+ config:
+ str_replace:
+ template:
+ get_file: network/scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: ovs_bridge
+ name: br-ctlplane
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ members:
+ - type: interface
+ name: eth1
+ # force the MAC address of the bridge to this interface
+ primary: true
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml
index 2f92f4b5..703fea08 100644
--- a/network/config/bond-with-vlans/ceph-storage.yaml
+++ b/network/config/bond-with-vlans/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the ceph storage role.
parameters:
diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml
index 0e53e202..df15cd63 100644
--- a/network/config/bond-with-vlans/cinder-storage.yaml
+++ b/network/config/bond-with-vlans/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the cinder storage role.
parameters:
diff --git a/network/config/bond-with-vlans/compute-dpdk.yaml b/network/config/bond-with-vlans/compute-dpdk.yaml
index a9b314a4..4677241b 100644
--- a/network/config/bond-with-vlans/compute-dpdk.yaml
+++ b/network/config/bond-with-vlans/compute-dpdk.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
parameters:
diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml
index 4cac448b..f9c926d3 100644
--- a/network/config/bond-with-vlans/compute.yaml
+++ b/network/config/bond-with-vlans/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
parameters:
diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml
index 46090974..ce1e8654 100644
--- a/network/config/bond-with-vlans/controller-no-external.yaml
+++ b/network/config/bond-with-vlans/controller-no-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role.
parameters:
diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml
index d07a26ff..bb4ac274 100644
--- a/network/config/bond-with-vlans/controller-v6.yaml
+++ b/network/config/bond-with-vlans/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role with IPv6
on the External network. The IPv6 default route is on the External network, and the IPv4 default route is on the Control
diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml
index e2973a72..91515385 100644
--- a/network/config/bond-with-vlans/controller.yaml
+++ b/network/config/bond-with-vlans/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role.
parameters:
diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml
index 5bdba802..6d4e3681 100644
--- a/network/config/bond-with-vlans/swift-storage.yaml
+++ b/network/config/bond-with-vlans/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the swift storage role.
parameters:
diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml
index e9c34213..6a788063 100644
--- a/network/config/multiple-nics/ceph-storage.yaml
+++ b/network/config/multiple-nics/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the ceph storage role.
parameters:
diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml
index f58f1168..d2384445 100644
--- a/network/config/multiple-nics/cinder-storage.yaml
+++ b/network/config/multiple-nics/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the cinder storage role.
parameters:
diff --git a/network/config/multiple-nics/compute-dvr.yaml b/network/config/multiple-nics/compute-dvr.yaml
new file mode 100644
index 00000000..abfd323f
--- /dev/null
+++ b/network/config/multiple-nics/compute-dvr.yaml
@@ -0,0 +1,162 @@
+heat_template_version: ocata
+description: >
+ Software Config to drive os-net-config to configure multiple interfaces for the
+ compute role with external bridge for DVR.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute: # Not used by default in this template
+ default: 10.0.0.1
+ description: The default route of the external network.
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - default: true
+ next_hop:
+ get_param: ControlPlaneDefaultRoute
+ - type: interface
+ name: nic2
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: StorageIpSubnet
+ - type: interface
+ name: nic4
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: ovs_bridge
+ name: br-tenant
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ members:
+ - type: interface
+ name: nic5
+ use_dhcp: false
+ primary: true
+ # External bridge for DVR (no IP address required)
+ - type: ovs_bridge
+ name: bridge_name
+ dns_servers:
+ get_param: DnsServers
+ use_dhcp: false
+ members:
+ - type: interface
+ name: nic6
+ primary: true
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the Control Plane.
+ #-
+ # type: interface
+ # name: nic7
+ # use_dhcp: false
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml
index 9b0c8c02..101a08d3 100644
--- a/network/config/multiple-nics/compute.yaml
+++ b/network/config/multiple-nics/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the compute role.
parameters:
diff --git a/network/config/multiple-nics/controller-v6.yaml b/network/config/multiple-nics/controller-v6.yaml
index a0ed9f78..4fae435a 100644
--- a/network/config/multiple-nics/controller-v6.yaml
+++ b/network/config/multiple-nics/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the controller role with IPv6 on the External
network. The IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml
index e38c545c..ba9f8fd4 100644
--- a/network/config/multiple-nics/controller.yaml
+++ b/network/config/multiple-nics/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the controller role.
parameters:
diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml
index 1ad503a7..4019012a 100644
--- a/network/config/multiple-nics/swift-storage.yaml
+++ b/network/config/multiple-nics/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the swift storage role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
index 0a6faa79..448df69c 100644
--- a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the ceph storage role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
index 5abaea66..465555d3 100644
--- a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the cinder storage role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml
index aa63dd3a..a21bc8f9 100644
--- a/network/config/single-nic-linux-bridge-vlans/compute.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the compute role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml
index 28cf6ced..bb8bb9c2 100644
--- a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role with IPv6 on the External network. The
IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml
index 566f1feb..a9689ce9 100644
--- a/network/config/single-nic-linux-bridge-vlans/controller.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
index fe948ad1..c8e4db29 100644
--- a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the swift storage role.
parameters:
diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml
index 6e0a97da..0b5eb0c9 100644
--- a/network/config/single-nic-vlans/ceph-storage.yaml
+++ b/network/config/single-nic-vlans/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the ceph storage role.
parameters:
diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml
index f58665f7..882d6ebc 100644
--- a/network/config/single-nic-vlans/cinder-storage.yaml
+++ b/network/config/single-nic-vlans/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the cinder storage role.
parameters:
diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml
index 40264284..42cfd781 100644
--- a/network/config/single-nic-vlans/compute.yaml
+++ b/network/config/single-nic-vlans/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the compute role.
parameters:
diff --git a/network/config/single-nic-vlans/controller-no-external.yaml b/network/config/single-nic-vlans/controller-no-external.yaml
index b9aec1ea..9e0680ea 100644
--- a/network/config/single-nic-vlans/controller-no-external.yaml
+++ b/network/config/single-nic-vlans/controller-no-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role. No external IP is configured.
parameters:
diff --git a/network/config/single-nic-vlans/controller-v6.yaml b/network/config/single-nic-vlans/controller-v6.yaml
index 4f065d1e..1f9a67d6 100644
--- a/network/config/single-nic-vlans/controller-v6.yaml
+++ b/network/config/single-nic-vlans/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role with IPv6 on the External network. The
IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml
index 4a615d91..4ac18315 100644
--- a/network/config/single-nic-vlans/controller.yaml
+++ b/network/config/single-nic-vlans/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role.
parameters:
diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml
index 88f69b4d..605b8ee4 100644
--- a/network/config/single-nic-vlans/swift-storage.yaml
+++ b/network/config/single-nic-vlans/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the swift storage role.
parameters:
diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py
index 964f58f7..7e8088be 100755
--- a/network/endpoints/build_endpoint_map.py
+++ b/network/endpoints/build_endpoint_map.py
@@ -191,7 +191,7 @@ def template_endpoint_items(config):
def generate_endpoint_map_template(config):
return collections.OrderedDict([
- ('heat_template_version', '2015-04-30'),
+ ('heat_template_version', 'ocata'),
('description', 'A map of OpenStack endpoints. Since the endpoints '
'are URLs, we need to have brackets around IPv6 IP addresses. The '
'inputs to these parameters come from net_ip_uri_map, which will '
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index aeda0a9f..23c1ce1e 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -76,11 +76,6 @@ Glance:
net_param: GlanceApi
port: 9292
-GlanceRegistry:
- Internal:
- net_param: GlanceRegistry
- port: 9191
-
Mysql:
Internal:
net_param: Mysql
@@ -205,6 +200,21 @@ Nova:
'': /v2.1
port: 8774
+NovaPlacement:
+ Internal:
+ net_param: NovaApi
+ uri_suffixes:
+ '': /placement
+ Public:
+ net_param: Public
+ uri_suffixes:
+ '': /placement
+ Admin:
+ net_param: NovaApi
+ uri_suffixes:
+ '': /placement
+ port: 8778
+
NovaVNCProxy:
Internal:
net_param: NovaApi
@@ -276,3 +286,22 @@ Ironic:
uri_suffixes:
'': /v1
port: 6385
+
+Zaqar:
+ Internal:
+ net_param: ZaqarApi
+ Public:
+ net_param: Public
+ Admin:
+ net_param: ZaqarApi
+ port: 8888
+
+ZaqarWebSocket:
+ Internal:
+ net_param: ZaqarApi
+ Public:
+ net_param: Public
+ Admin:
+ net_param: ZaqarApi
+ port: 9000
+ protocol: ws
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 5e582d41..a17f1c96 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -2,7 +2,7 @@
### This file is automatically generated from endpoint_data.yaml
### by the script build_endpoint_map.py
-heat_template_version: '2015-04-30'
+heat_template_version: ocata
description: A map of OpenStack endpoints. Since the endpoints are URLs,
we need to have brackets around IPv6 IP addresses. The inputs to these
parameters come from net_ip_uri_map, which will include these brackets
@@ -37,7 +37,6 @@ parameters:
GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS}
GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS}
GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS}
- GlanceRegistryInternal: {protocol: http, port: '9191', host: IP_ADDRESS}
GnocchiAdmin: {protocol: http, port: '8041', host: IP_ADDRESS}
GnocchiInternal: {protocol: http, port: '8041', host: IP_ADDRESS}
GnocchiPublic: {protocol: http, port: '8041', host: IP_ADDRESS}
@@ -67,6 +66,9 @@ parameters:
NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS}
+ NovaPlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS}
+ NovaPlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS}
+ NovaPlacementPublic: {protocol: http, port: '8778', host: IP_ADDRESS}
NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS}
@@ -79,6 +81,12 @@ parameters:
SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
+ ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS}
+ ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS}
+ ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS}
+ ZaqarWebSocketAdmin: {protocol: ws, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketInternal: {protocol: ws, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: IP_ADDRESS}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
CloudEndpoints:
@@ -2045,87 +2053,6 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, GlancePublic, port]
- GlanceRegistryInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, GlanceRegistryNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, GlanceRegistryNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, GlanceRegistryNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, GlanceRegistryNetwork]
- port:
- get_param: [EndpointMap, GlanceRegistryInternal, port]
- protocol:
- get_param: [EndpointMap, GlanceRegistryInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, GlanceRegistryNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, GlanceRegistryNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, GlanceRegistryInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, GlanceRegistryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, GlanceRegistryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, GlanceRegistryNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, GlanceRegistryNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, GlanceRegistryInternal, port]
GnocchiAdmin:
host:
str_replace:
@@ -5071,6 +4998,255 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, NovaPublic, port]
+ NovaPlacementAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, NovaApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ port:
+ get_param: [EndpointMap, NovaPlacementAdmin, port]
+ protocol:
+ get_param: [EndpointMap, NovaPlacementAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, NovaPlacementAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, NovaApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, NovaPlacementAdmin, port]
+ - /placement
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, NovaPlacementAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, NovaApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, NovaPlacementAdmin, port]
+ - /placement
+ NovaPlacementInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, NovaApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ port:
+ get_param: [EndpointMap, NovaPlacementInternal, port]
+ protocol:
+ get_param: [EndpointMap, NovaPlacementInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, NovaPlacementInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, NovaApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, NovaPlacementInternal, port]
+ - /placement
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, NovaPlacementInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, NovaApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, NovaApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, NovaPlacementInternal, port]
+ - /placement
+ NovaPlacementPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, NovaPlacementPublic, port]
+ protocol:
+ get_param: [EndpointMap, NovaPlacementPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, NovaPlacementPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, NovaPlacementPublic, port]
+ - /placement
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, NovaPlacementPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, NovaPlacementPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, NovaPlacementPublic, port]
+ - /placement
NovaVNCProxyAdmin:
host:
str_replace:
@@ -6291,3 +6467,489 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, SwiftPublic, port]
+ ZaqarAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarAdmin, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarAdmin, port]
+ ZaqarInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarInternal, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarInternal, port]
+ ZaqarPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarPublic, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarPublic, port]
+ ZaqarWebSocketAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketAdmin, port]
+ ZaqarWebSocketInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketInternal, port]
+ ZaqarWebSocketPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketPublic, port]
diff --git a/network/external.yaml b/network/external.yaml
index 4dfbc77e..21260d3f 100644
--- a/network/external.yaml
+++ b/network/external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
diff --git a/network/external_v6.yaml b/network/external_v6.yaml
index e0736ab7..51000bb7 100644
--- a/network/external_v6.yaml
+++ b/network/external_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
diff --git a/network/internal_api.yaml b/network/internal_api.yaml
index 090e38f7..793535c6 100644
--- a/network/internal_api.yaml
+++ b/network/internal_api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Internal API network. Used for most APIs, Database, RPC.
diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml
index 19d64b0a..53950656 100644
--- a/network/internal_api_v6.yaml
+++ b/network/internal_api_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Internal API network. Used for most APIs, Database, RPC.
diff --git a/network/management.yaml b/network/management.yaml
index 6798e11e..77fcd4ea 100644
--- a/network/management.yaml
+++ b/network/management.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
diff --git a/network/management_v6.yaml b/network/management_v6.yaml
index a5e70667..e1391ad2 100644
--- a/network/management_v6.yaml
+++ b/network/management_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
diff --git a/network/networks.yaml b/network/networks.yaml
index d3ae482b..26033ee2 100644
--- a/network/networks.yaml
+++ b/network/networks.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Create networks to split out Overcloud traffic
diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml
index 5ac7d344..0f21e3e8 100644
--- a/network/ports/ctlplane_vip.yaml
+++ b/network/ports/ctlplane_vip.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port for a VIP on the undercloud ctlplane network.
diff --git a/network/ports/external.yaml b/network/ports/external.yaml
index c4f815fb..c33643e7 100644
--- a/network/ports/external.yaml
+++ b/network/ports/external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the external network. The IP address will be chosen
diff --git a/network/ports/external_from_pool.yaml b/network/ports/external_from_pool.yaml
index 867176e3..893b26d9 100644
--- a/network/ports/external_from_pool.yaml
+++ b/network/ports/external_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/external_from_pool_v6.yaml b/network/ports/external_from_pool_v6.yaml
index e541049d..c67789af 100644
--- a/network/ports/external_from_pool_v6.yaml
+++ b/network/ports/external_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/external_v6.yaml b/network/ports/external_v6.yaml
index bfe2686f..905974f5 100644
--- a/network/ports/external_v6.yaml
+++ b/network/ports/external_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the external network. The IP address will be chosen
diff --git a/network/ports/from_service.yaml b/network/ports/from_service.yaml
index 782b6b07..69a887ea 100644
--- a/network/ports/from_service.yaml
+++ b/network/ports/from_service.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Returns an IP from a service mapped list of IPs
diff --git a/network/ports/from_service_v6.yaml b/network/ports/from_service_v6.yaml
index 80060b57..c9673dd7 100644
--- a/network/ports/from_service_v6.yaml
+++ b/network/ports/from_service_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Returns an IP from a service mapped list of IPv6 IPs
diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml
index 1d521a8d..1f96e3f2 100644
--- a/network/ports/internal_api.yaml
+++ b/network/ports/internal_api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the internal_api network.
diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml
index d7b67e26..3f16f30c 100644
--- a/network/ports/internal_api_from_pool.yaml
+++ b/network/ports/internal_api_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml
index afb144ba..b36ef235 100644
--- a/network/ports/internal_api_from_pool_v6.yaml
+++ b/network/ports/internal_api_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml
index 14738b33..e236156d 100644
--- a/network/ports/internal_api_v6.yaml
+++ b/network/ports/internal_api_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the internal_api network.
diff --git a/network/ports/management.yaml b/network/ports/management.yaml
index 967b66e1..b626bc20 100644
--- a/network/ports/management.yaml
+++ b/network/ports/management.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the management network. The IP address will be chosen
diff --git a/network/ports/management_from_pool.yaml b/network/ports/management_from_pool.yaml
index 451677b2..05fedb90 100644
--- a/network/ports/management_from_pool.yaml
+++ b/network/ports/management_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/management_from_pool_v6.yaml b/network/ports/management_from_pool_v6.yaml
index 4c1cc216..64758bf9 100644
--- a/network/ports/management_from_pool_v6.yaml
+++ b/network/ports/management_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/management_v6.yaml b/network/ports/management_v6.yaml
index a94ebc7b..9e6a35b8 100644
--- a/network/ports/management_v6.yaml
+++ b/network/ports/management_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the management network. The IP address will be chosen
diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml
index d7863e02..5782bbe9 100644
--- a/network/ports/net_ip_list_map.yaml
+++ b/network/ports/net_ip_list_map.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
parameters:
ControlPlaneIpList:
@@ -138,3 +138,20 @@ outputs:
SERVICE_short_node_names: {get_param: ServiceHostnameList}
for_each:
SERVICE: {get_attr: [EnabledServicesValue, value]}
+ short_service_bootstrap_hostnames:
+ description: >
+ Map of enabled services to a list of hostnames where they're running regardless of the network
+ Used for bootstrap purposes
+ value:
+ yaql:
+ # If ServiceHostnameList is empty the role is deployed with zero nodes
+ # therefore we don't want to add any *_node_names to the map
+ expression: dict($.data.map.items().where(len($[1]) > 0))
+ data:
+ map:
+ map_merge:
+ repeat:
+ template:
+ SERVICE_short_bootstrap_node_name: {get_param: ServiceHostnameList}
+ for_each:
+ SERVICE: {get_attr: [EnabledServicesValue, value]}
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index fcf2eeee..c8cf733f 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
parameters:
ControlPlaneIp:
diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml
index 71e6e811..58f96e65 100644
--- a/network/ports/net_vip_map_external.yaml
+++ b/network/ports/net_vip_map_external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
parameters:
# Set these via parameter defaults to configure external VIPs
diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml
index 8d054349..12db8d2d 100644
--- a/network/ports/net_vip_map_external_v6.yaml
+++ b/network/ports/net_vip_map_external_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
parameters:
# Set these via parameter defaults to configure external VIPs
diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml
index 96c461e0..e2004cb0 100644
--- a/network/ports/noop.yaml
+++ b/network/ports/noop.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Returns the control plane port (provisioning network) as the ip_address.
diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml
index 1ed5cca1..80400412 100644
--- a/network/ports/storage.yaml
+++ b/network/ports/storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage network.
diff --git a/network/ports/storage_from_pool.yaml b/network/ports/storage_from_pool.yaml
index 0a3d394c..dfab49ae 100644
--- a/network/ports/storage_from_pool.yaml
+++ b/network/ports/storage_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/storage_from_pool_v6.yaml b/network/ports/storage_from_pool_v6.yaml
index 18faf1bd..a6cde5fc 100644
--- a/network/ports/storage_from_pool_v6.yaml
+++ b/network/ports/storage_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml
index 548d226a..b96fbd0e 100644
--- a/network/ports/storage_mgmt.yaml
+++ b/network/ports/storage_mgmt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage_mgmt API network.
diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml
index c3f0f4e2..6ec3dbae 100644
--- a/network/ports/storage_mgmt_from_pool.yaml
+++ b/network/ports/storage_mgmt_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml
index e1145a31..2f3ea196 100644
--- a/network/ports/storage_mgmt_from_pool_v6.yaml
+++ b/network/ports/storage_mgmt_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs This version is for IPv6
diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml
index 9db66964..01e4c31a 100644
--- a/network/ports/storage_mgmt_v6.yaml
+++ b/network/ports/storage_mgmt_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage_mgmt API network.
diff --git a/network/ports/storage_v6.yaml b/network/ports/storage_v6.yaml
index adf3595a..1dd76199 100644
--- a/network/ports/storage_v6.yaml
+++ b/network/ports/storage_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage network.
diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml
index d8f78c49..f6929b81 100644
--- a/network/ports/tenant.yaml
+++ b/network/ports/tenant.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the tenant network.
diff --git a/network/ports/tenant_from_pool.yaml b/network/ports/tenant_from_pool.yaml
index d5fd7080..c72b2278 100644
--- a/network/ports/tenant_from_pool.yaml
+++ b/network/ports/tenant_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/tenant_from_pool_v6.yaml b/network/ports/tenant_from_pool_v6.yaml
index d4f0d29c..bc056fa6 100644
--- a/network/ports/tenant_from_pool_v6.yaml
+++ b/network/ports/tenant_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/tenant_v6.yaml b/network/ports/tenant_v6.yaml
index 21ba1efa..84101828 100644
--- a/network/ports/tenant_v6.yaml
+++ b/network/ports/tenant_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the tenant network.
diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml
index 38322907..d996d03d 100644
--- a/network/ports/vip.yaml
+++ b/network/ports/vip.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port for a VIP on the isolated network NetworkName.
diff --git a/network/ports/vip_v6.yaml b/network/ports/vip_v6.yaml
index 498e5d69..7a45756c 100644
--- a/network/ports/vip_v6.yaml
+++ b/network/ports/vip_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port for a VIP on the isolated network NetworkName.
diff --git a/network/scripts/run-os-net-config.sh b/network/scripts/run-os-net-config.sh
index fc1e6d54..a7dbedc7 100755
--- a/network/scripts/run-os-net-config.sh
+++ b/network/scripts/run-os-net-config.sh
@@ -1,7 +1,7 @@
#!/bin/bash
-# Note this script expects the following environment variables to be set
-# normally these are provided by the calling SoftwareConfig resource, but
-# they may also be set manually for testing
+# The following environment variables may be set to substitute in a
+# custom bridge or interface name. Normally these are provided by the calling
+# SoftwareConfig resource, but they may also be set manually for testing.
# $bridge_name : The bridge device name to apply
# $interface_name : The interface name to apply
#
@@ -108,16 +108,24 @@ EOF_CAT
}
if [ -n '$network_config' ]; then
- trap configure_safe_defaults EXIT
+ if [ -z "${disable_configure_safe_defaults:-''}" ]; then
+ trap configure_safe_defaults EXIT
+ fi
mkdir -p /etc/os-net-config
# Note these variables come from the calling heat SoftwareConfig
echo '$network_config' > /etc/os-net-config/config.json
- sed -i "s/bridge_name/$bridge_name/" /etc/os-net-config/config.json
- sed -i "s/interface_name/$interface_name/" /etc/os-net-config/config.json
+
+ if [ "$(type -t network_config_hook)" = "function" ]; then
+ network_config_hook
+ fi
+
+ sed -i "s/bridge_name/${bridge_name:-''}/" /etc/os-net-config/config.json
+ sed -i "s/interface_name/${interface_name:-''}/" /etc/os-net-config/config.json
os-net-config -c /etc/os-net-config/config.json -v --detailed-exit-codes
RETVAL=$?
+
if [[ $RETVAL == 2 ]]; then
ping_metadata_ip
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index 0cb6571f..8f1c4b45 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Mapping of service_name_network -> network name
@@ -32,7 +32,6 @@ parameters:
CinderApiNetwork: internal_api
CinderIscsiNetwork: storage
GlanceApiNetwork: storage
- GlanceRegistryNetwork: internal_api
IronicApiNetwork: ctlplane
IronicNetwork: ctlplane
KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
@@ -58,7 +57,9 @@ parameters:
CephRgwNetwork: storage
PublicNetwork: external
OpendaylightApiNetwork: internal_api
+ OvnDbsNetwork: internal_api
MistralApiNetwork: internal_api
+ ZaqarApiNetwork: internal_api
# We special-case the default ResolveNetwork for the CephStorage role
# for backwards compatibility, all other roles default to internal_api
CephStorageHostnameResolveNetwork: storage
diff --git a/network/storage.yaml b/network/storage.yaml
index 35dae17a..0a704ea3 100644
--- a/network/storage.yaml
+++ b/network/storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage network.
diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml
index 03cfd139..c7117165 100644
--- a/network/storage_mgmt.yaml
+++ b/network/storage_mgmt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage management network. Storage replication, etc.
diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml
index 39c456db..2b065195 100644
--- a/network/storage_mgmt_v6.yaml
+++ b/network/storage_mgmt_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage management network. Storage replication, etc.
diff --git a/network/storage_v6.yaml b/network/storage_v6.yaml
index 5c8af9e5..777e6167 100644
--- a/network/storage_v6.yaml
+++ b/network/storage_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage network.
diff --git a/network/tenant.yaml b/network/tenant.yaml
index 1045b81b..33055fe8 100644
--- a/network/tenant.yaml
+++ b/network/tenant.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Tenant network.
diff --git a/network/tenant_v6.yaml b/network/tenant_v6.yaml
index bf758a50..0bf5d2f0 100644
--- a/network/tenant_v6.yaml
+++ b/network/tenant_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Tenant IPv6 network.
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 21013bdc..7e0ecf04 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -11,6 +11,7 @@ resource_registry:
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
{% for role in roles %}
+ OS::TripleO::{{role.name}}::PreNetworkConfig: OS::Heat::None
OS::TripleO::{{role.name}}PostDeploySteps: puppet/post.yaml
OS::TripleO::{{role.name}}: puppet/{{role.name.lower()}}-role.yaml
OS::TripleO::{{role.name}}Config: puppet/{{role.name.lower()}}-config.yaml
@@ -41,6 +42,8 @@ resource_registry:
# in the jinja loop
OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml
+ OS::TripleO::ServiceServerMetadataHook: OS::Heat::None
+
OS::TripleO::Server: OS::Nova::Server
# This creates the "heat-admin" user for all OS images by default
@@ -49,10 +52,14 @@ resource_registry:
# Hooks for operator extra config
# NodeUserData == Cloud-init additional user-data, e.g cloud-config
+ # role::NodeUserData == Role specific cloud-init additional user-data
# ControllerExtraConfigPre == Controller configuration pre service deployment
# NodeExtraConfig == All nodes configuration pre service deployment
# NodeExtraConfigPost == All nodes configuration post service deployment
OS::TripleO::NodeUserData: firstboot/userdata_default.yaml
+{% for role in roles %}
+ OS::TripleO::{{role.name}}::NodeUserData: firstboot/userdata_default.yaml
+{% endfor %}
OS::TripleO::NodeTLSCAData: OS::Heat::None
OS::TripleO::NodeTLSData: OS::Heat::None
OS::TripleO::NodeExtraConfig: puppet/extraconfig/pre_deploy/default.yaml
@@ -90,6 +97,7 @@ resource_registry:
OS::TripleO::Network::Ports::StorageVipPort: network/ports/noop.yaml
OS::TripleO::Network::Ports::StorageMgmtVipPort: network/ports/noop.yaml
OS::TripleO::Network::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: OS::Neutron::Port
# Service to network Mappings
OS::TripleO::ServiceNetMap: network/service_net_map.yaml
@@ -109,6 +117,7 @@ resource_registry:
OS::TripleO::Services::Apache: puppet/services/apache.yaml
OS::TripleO::Services::ApacheTLS: OS::Heat::None
OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml
+ OS::TripleO::Services::CephMds: OS::Heat::None
OS::TripleO::Services::CephMon: OS::Heat::None
OS::TripleO::Services::CephRgw: OS::Heat::None
OS::TripleO::Services::CephOSD: OS::Heat::None
@@ -119,10 +128,8 @@ resource_registry:
OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml
OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml
OS::TripleO::Services::BlockStorageCinderVolume: puppet/services/cinder-volume.yaml
- OS::TripleO::Services::Core: OS::Heat::None
OS::TripleO::Services::Keystone: puppet/services/keystone.yaml
OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml
- OS::TripleO::Services::GlanceRegistry: puppet/services/glance-registry.yaml
OS::TripleO::Services::HeatApi: puppet/services/heat-api.yaml
OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml
OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml
@@ -146,6 +153,8 @@ resource_registry:
OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml
OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
OS::TripleO::Services::NeutronCorePluginOpencontrail: puppet/services/neutron-plugin-opencontrail.yaml
+ OS::TripleO::Services::OVNDBs: OS::Heat::None
+
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
@@ -163,6 +172,7 @@ resource_registry:
OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml
OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml
OS::TripleO::Services::NovaApi: puppet/services/nova-api.yaml
+ OS::TripleO::Services::NovaPlacement: puppet/services/nova-placement.yaml
OS::TripleO::Services::NovaMetadata: puppet/services/nova-metadata.yaml
OS::TripleO::Services::NovaScheduler: puppet/services/nova-scheduler.yaml
OS::TripleO::Services::NovaConsoleauth: puppet/services/nova-consoleauth.yaml
@@ -219,6 +229,9 @@ resource_registry:
OS::TripleO::Services::ContrailControl: puppet/services/network/contrail-control.yaml
OS::TripleO::Services::ContrailDatabase: puppet/services/network/contrail-database.yaml
OS::TripleO::Services::ContrailWebui: puppet/services/network/contrail-webui.yaml
+ OS::TripleO::Services::Zaqar: OS::Heat::None
+ OS::TripleO::Services::NeutronML2FujitsuCfab: OS::Heat::None
+ OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index 39a092b1..f93c19a3 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -1,4 +1,5 @@
-heat_template_version: 2016-10-14
+{% set primary_role_name = roles[0].name -%}
+heat_template_version: ocata
description: >
Deploy an OpenStack environment, consisting of several node types (roles),
@@ -363,6 +364,7 @@ resources:
services: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
ServiceNames: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]}
+ ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChain, role_data, service_metadata_settings]}
{% endfor %}
hostsConfig:
@@ -414,8 +416,8 @@ resources:
{% for role in roles %}
- {get_attr: [{{role.name}}ServiceChain, role_data, logging_sources]}
{% endfor %}
- controller_ips: {get_attr: [Controller, ip_address]}
- controller_names: {get_attr: [Controller, hostname]}
+ controller_ips: {get_attr: [{{primary_role_name}}, ip_address]}
+ controller_names: {get_attr: [{{primary_role_name}}, hostname]}
service_ips:
# Note (shardy) this somewhat complex yaql may be replaced
# with a map_deep_merge function in ocata. It merges the
@@ -444,8 +446,16 @@ resources:
{% for role in roles %}
- {get_attr: [{{role.name}}IpListMap, short_service_hostnames]}
{% endfor %}
+ short_service_bootstrap_node:
+ yaql:
+ expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten().first()]))
+ data:
+ l:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}IpListMap, short_service_bootstrap_hostnames]}
+{% endfor %}
# FIXME(shardy): These require further work to move into service_ips
- memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
+ memcache_node_ips: {get_attr: [{{primary_role_name}}IpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
NetVipMap: {get_attr: [VipMap, net_ip_map]}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
@@ -477,7 +487,7 @@ resources:
type: OS::TripleO::Network
ControlVirtualIP:
- type: OS::Neutron::Port
+ type: OS::TripleO::Network::Ports::ControlPlaneVipPort
depends_on: Networks
properties:
name: control_virtual_ip
@@ -551,12 +561,12 @@ resources:
PingTestIps:
list_join:
- ' '
- - - {get_attr: [Controller, resource.0.external_ip_address]}
- - {get_attr: [Controller, resource.0.internal_api_ip_address]}
- - {get_attr: [Controller, resource.0.storage_ip_address]}
- - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
- - {get_attr: [Controller, resource.0.tenant_ip_address]}
- - {get_attr: [Controller, resource.0.management_ip_address]}
+ - - {get_attr: [{{primary_role_name}}, resource.0.external_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.internal_api_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.storage_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.storage_mgmt_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.tenant_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.management_ip_address]}
UpdateWorkflow:
type: OS::TripleO::Tasks::UpdateWorkflow
@@ -583,13 +593,14 @@ resources:
- {{role.name}}AllNodesValidationDeployment
{% endfor %}
properties:
+ servers:
{% for role in roles %}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{% endfor %}
- # Post deployment steps for all roles
- AllNodesDeploySteps:
- type: OS::TripleO::PostDeploySteps
+ # Upgrade steps for all roles
+ AllNodesUpgradeSteps:
+ type: OS::TripleO::UpgradeSteps
depends_on:
{% for role in roles %}
- {{role.name}}AllNodesDeployment
@@ -604,10 +615,10 @@ resources:
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
{% endfor %}
- # Upgrade steps for all roles
- AllNodesUpgradeSteps:
- type: OS::TripleO::UpgradeSteps
- depends_on: AllNodesDeploySteps
+ # Post deployment steps for all roles
+ AllNodesDeploySteps:
+ type: OS::TripleO::PostDeploySteps
+ depends_on: AllNodesUpgradeSteps
properties:
servers:
{% for role in roles %}
@@ -618,7 +629,6 @@ resources:
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
{% endfor %}
-
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 0a8bec6e..ee43c3a5 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'All Nodes Config for Puppet'
parameters:
@@ -28,6 +28,8 @@ parameters:
type: json
short_service_node_names:
type: json
+ short_service_bootstrap_node:
+ type: json
controller_names:
type: comma_delimited_list
memcache_node_ips:
@@ -125,6 +127,7 @@ resources:
- {get_param: service_ips}
- {get_param: service_node_names}
- {get_param: short_service_node_names}
+ - {get_param: short_service_bootstrap_node}
- controller_node_ips:
list_join:
- ','
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index c9bf894f..e92de45f 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack cinder storage configured by Puppet'
parameters:
BlockStorageImage:
@@ -71,11 +71,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ BlockStorageServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
BlockStorageSchedulerHints:
type: json
@@ -93,10 +102,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
BlockStorage:
@@ -118,7 +136,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: BlockStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: BlockStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -130,6 +152,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -141,6 +165,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::BlockStorage::NodeUserData
+
ExternalPort:
type: OS::TripleO::BlockStorage::Ports::ExternalPort
properties:
@@ -217,17 +246,134 @@ resources:
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - ctlplane
+
+ PreNetworkConfig:
+ type: OS::TripleO::BlockStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: BlockStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: BlockStorage}
actions: {get_param: NetworkDeploymentActions}
+ BlockStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ BlockStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: BlockStorageUpgradeInitDeployment
+ server: {get_resource: BlockStorage}
+ config: {get_resource: BlockStorageUpgradeInitConfig}
+
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: BlockStorageUpgradeInitDeployment
properties:
name: BlockStorageDeployment
server: {get_resource: BlockStorage}
@@ -266,42 +412,12 @@ resources:
extraconfig: {get_param: ExtraConfig}
volume:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- fqdn_storage:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storage
- - {get_param: CloudDomain}
- fqdn_storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- fqdn_tenant:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- fqdn_management:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - management
- - {get_param: CloudDomain}
- fqdn_ctlplane:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
@@ -341,48 +457,13 @@ outputs:
hostname_map:
description: Mapping of network names to hostnames
value:
- external:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - external
- - {get_param: CloudDomain}
- internal_api:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- storage:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storage
- - {get_param: CloudDomain}
- storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- tenant:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- management:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - management
- - {get_param: CloudDomain}
- ctlplane:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
value:
str_replace:
@@ -400,47 +481,19 @@ outputs:
DOMAIN: {get_param: CloudDomain}
PRIMARYHOST: {get_attr: [BlockStorage, name]}
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - external
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - internalapi
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storage
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storagemgmt
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - tenant
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - management
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- CTLPLANEHOST:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - ctlplane
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
nova_server_resource:
description: Heat resource handle for the block storage server
value:
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 18787a21..892f91ef 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack ceph storage node configured by Puppet'
parameters:
OvercloudCephStorageFlavor:
@@ -77,11 +77,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ CephStorageServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
CephStorageSchedulerHints:
type: json
@@ -99,10 +108,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
CephStorage:
@@ -124,7 +142,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: CephStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: CephStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -136,6 +158,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -147,6 +171,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::CephStorage::NodeUserData
+
ExternalPort:
type: OS::TripleO::CephStorage::Ports::ExternalPort
properties:
@@ -223,17 +252,134 @@ resources:
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - ctlplane
+
+ PreNetworkConfig:
+ type: OS::TripleO::CephStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: CephStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: CephStorage}
actions: {get_param: NetworkDeploymentActions}
+ CephStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ CephStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: CephStorageUpgradeInitDeployment
+ server: {get_resource: CephStorage}
+ config: {get_resource: CephStorageUpgradeInitConfig}
+
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: CephStorageUpgradeInitDeployment
properties:
name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
@@ -271,42 +417,12 @@ resources:
extraconfig: {get_param: ExtraConfig}
ceph:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- fqdn_storage:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storage
- - {get_param: CloudDomain}
- fqdn_storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- fqdn_tenant:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- fqdn_management:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - management
- - {get_param: CloudDomain}
- fqdn_ctlplane:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
@@ -352,48 +468,13 @@ outputs:
hostname_map:
description: Mapping of network names to hostnames
value:
- external:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - external
- - {get_param: CloudDomain}
- internal_api:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- storage:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storage
- - {get_param: CloudDomain}
- storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- tenant:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- management:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - management
- - {get_param: CloudDomain}
- ctlplane:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
value:
str_replace:
@@ -411,47 +492,19 @@ outputs:
DOMAIN: {get_param: CloudDomain}
PRIMARYHOST: {get_attr: [CephStorage, name]}
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - external
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - internalapi
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storage
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storagemgmt
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - tenant
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - management
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- CTLPLANEHOST:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - ctlplane
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
nova_server_resource:
description: Heat resource handle for the ceph storage server
value:
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index f359bf70..62adcd33 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack hypervisor node configured via Puppet.
@@ -92,11 +92,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ NovaComputeServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
NovaComputeSchedulerHints:
type: json
@@ -111,10 +120,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
@@ -138,7 +156,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: NovaComputeServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: NovaComputeSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -150,6 +172,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -161,6 +185,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::Compute::NodeUserData
+
ExternalPort:
type: OS::TripleO::Compute::Ports::ExternalPort
properties:
@@ -226,6 +255,101 @@ resources:
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - ctlplane
+
+ PreNetworkConfig:
+ type: OS::TripleO::Compute::PreNetworkConfig
+ properties:
+ server: {get_resource: NovaCompute}
+
NetworkConfig:
type: OS::TripleO::Compute::Net::SoftwareConfig
properties:
@@ -239,6 +363,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -248,6 +373,27 @@ resources:
bridge_name: {get_param: NeutronPhysicalBridge}
interface_name: {get_param: NeutronPublicInterface}
+ NovaComputeUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ NovaComputeUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: NovaComputeUpgradeInitDeployment
+ server: {get_resource: NovaCompute}
+ config: {get_resource: NovaComputeUpgradeInitConfig}
+
NovaComputeConfig:
type: OS::Heat::StructuredConfig
properties:
@@ -284,46 +430,16 @@ resources:
extraconfig: {get_param: ExtraConfig}
compute:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - internalapi
- - {get_param: CloudDomain}
- fqdn_storage:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storage
- - {get_param: CloudDomain}
- fqdn_storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- fqdn_tenant:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - tenant
- - {get_param: CloudDomain}
- fqdn_management:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - management
- - {get_param: CloudDomain}
- fqdn_ctlplane:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
- depends_on: NetworkDeployment
+ depends_on: NovaComputeUpgradeInitDeployment
properties:
name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
@@ -394,48 +510,13 @@ outputs:
hostname_map:
description: Mapping of network names to hostnames
value:
- external:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - external
- - {get_param: CloudDomain}
- internal_api:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - internalapi
- - {get_param: CloudDomain}
- storage:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storage
- - {get_param: CloudDomain}
- storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- tenant:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - tenant
- - {get_param: CloudDomain}
- management:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - management
- - {get_param: CloudDomain}
- ctlplane:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
description: >
Server's IP address and hostname in the /etc/hosts format
@@ -455,47 +536,19 @@ outputs:
DOMAIN: {get_param: CloudDomain}
PRIMARYHOST: {get_attr: [NovaCompute, name]}
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - external
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - internalapi
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storage
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storagemgmt
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - tenant
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - management
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- CTLPLANEHOST:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - ctlplane
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
nova_server_resource:
description: Heat resource handle for the Nova compute server
value:
diff --git a/puppet/config.role.j2.yaml b/puppet/config.role.j2.yaml
index 552c59b2..7337d062 100644
--- a/puppet/config.role.j2.yaml
+++ b/puppet/config.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
A software config which runs puppet on the {{role}} role
diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml
deleted file mode 100644
index 24f31dc8..00000000
--- a/puppet/controller-config-pacemaker.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
- A software config which runs manifests/overcloud_controller_pacemaker.pp
-
-parameters:
- ConfigDebug:
- default: false
- description: Whether to run config management (e.g. Puppet) in debug mode.
- type: boolean
- StepConfig:
- type: string
- description: Config manifests that will be used to step through the deployment.
- default: ''
-
-resources:
-
- ControllerPuppetConfigImpl:
- type: OS::Heat::SoftwareConfig
- properties:
- group: puppet
- options:
- enable_debug: {get_param: ConfigDebug}
- enable_hiera: True
- enable_facter: False
- modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
- outputs:
- - name: result
- inputs:
- - name: step
- type: Number
- config:
- list_join:
- - ''
- - - get_file: manifests/overcloud_controller_pacemaker.pp
- - {get_param: StepConfig}
-
-outputs:
- OS::stack_id:
- description: The software config which runs overcloud_controller_pacemaker.pp
- value: {get_resource: ControllerPuppetConfigImpl}
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index 77b54ff3..9e35af5f 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack controller node configured by Puppet.
@@ -106,11 +106,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ControllerServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
ControllerSchedulerHints:
type: json
@@ -125,10 +134,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
parameter_groups:
- label: deprecated
@@ -157,7 +175,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: ControllerServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: ControllerSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -169,6 +191,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -180,6 +204,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::Controller::NodeUserData
+
ExternalPort:
type: OS::TripleO::Controller::Ports::ExternalPort
properties:
@@ -245,6 +274,101 @@ resources:
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - ctlplane
+
+ PreNetworkConfig:
+ type: OS::TripleO::Controller::PreNetworkConfig
+ properties:
+ server: {get_resource: Controller}
+
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
properties:
@@ -258,6 +382,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -282,10 +407,30 @@ resources:
server: {get_resource: Controller}
NodeIndex: {get_param: NodeIndex}
+ ControllerUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ ControllerUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: ControllerUpgradeInitDeployment
+ server: {get_resource: Controller}
+ config: {get_resource: ControllerUpgradeInitConfig}
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
- depends_on: NetworkDeployment
+ depends_on: ControllerUpgradeInitDeployment
properties:
name: ControllerDeployment
config: {get_resource: ControllerConfig}
@@ -344,42 +489,12 @@ resources:
# Misc
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - internalapi
- - {get_param: CloudDomain}
- fqdn_storage:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storage
- - {get_param: CloudDomain}
- fqdn_storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- fqdn_tenant:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - tenant
- - {get_param: CloudDomain}
- fqdn_management:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - management
- - {get_param: CloudDomain}
- fqdn_ctlplane:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
ControllerExtraConfigPre:
@@ -437,48 +552,13 @@ outputs:
hostname_map:
description: Mapping of network names to hostnames
value:
- external:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - external
- - {get_param: CloudDomain}
- internal_api:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - internalapi
- - {get_param: CloudDomain}
- storage:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storage
- - {get_param: CloudDomain}
- storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- tenant:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - tenant
- - {get_param: CloudDomain}
- management:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - management
- - {get_param: CloudDomain}
- ctlplane:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
description: >
Server's IP address and hostname in the /etc/hosts format
@@ -498,47 +578,19 @@ outputs:
DOMAIN: {get_param: CloudDomain}
PRIMARYHOST: {get_attr: [Controller, name]}
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - external
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - internalapi
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storage
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storagemgmt
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - tenant
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - management
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
- CTLPLANEHOST:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - ctlplane
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
nova_server_resource:
description: Heat resource handle for the Nova compute server
value:
diff --git a/puppet/deploy-artifacts.sh b/puppet/deploy-artifacts.sh
index 8bcbbf4c..4e1ad89f 100644
--- a/puppet/deploy-artifacts.sh
+++ b/puppet/deploy-artifacts.sh
@@ -8,7 +8,7 @@ trap cleanup EXIT
if [ -n "$artifact_urls" ]; then
for URL in $(echo $artifact_urls | sed -e "s| |\n|g" | sort -u); do
- curl --globoff -o $TMP_DATA/file_data "$artifact_urls"
+ curl --globoff -o $TMP_DATA/file_data "$URL"
if file -b $TMP_DATA/file_data | grep RPM &>/dev/null; then
yum install -y $TMP_DATA/file_data
elif file -b $TMP_DATA/file_data | grep 'gzip compressed data' &>/dev/null; then
diff --git a/puppet/deploy-artifacts.yaml b/puppet/deploy-artifacts.yaml
index 17f84163..5e89405b 100644
--- a/puppet/deploy-artifacts.yaml
+++ b/puppet/deploy-artifacts.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to install deployment artifacts (tarball's and/or
diff --git a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
index 6a2ea4d5..3daf3fd3 100644
--- a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for all MidoNet nodes
diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
index 7bda0cd5..cb8d498c 100644
--- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Network Cisco configuration
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
index 49c77190..7fe2a842 100644
--- a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Big Switch agents on compute node
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
index f5b1f0e6..66252f1f 100644
--- a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Compute node hieradata for Neutron OpenContrail configuration
diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
index 5561c74a..47c782c7 100644
--- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Nuage configuration on the Compute
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
index 9423208e..7d639883 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for Cinder Dell Storage Center configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
index c7af6f22..30509044 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for Cinder Eqlx configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
index 48446e5a..763ae39a 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Cinder Netapp configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/multiple.yaml b/puppet/extraconfig/pre_deploy/controller/multiple.yaml
index f949a397..d3d546dd 100644
--- a/puppet/extraconfig/pre_deploy/controller/multiple.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/multiple.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Extra Pre-Deployment Config, multiple'
parameters:
server:
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
index 467f57cc..0f4806db 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Neutron Big Switch configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
index cec885cd..6eae812f 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Cisco N1KV configuration
diff --git a/puppet/extraconfig/pre_deploy/default.yaml b/puppet/extraconfig/pre_deploy/default.yaml
index dcbc6811..5da07f87 100644
--- a/puppet/extraconfig/pre_deploy/default.yaml
+++ b/puppet/extraconfig/pre_deploy/default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Noop Extra Pre-Deployment Config'
parameters:
server:
diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml
index e236e336..65113f6a 100644
--- a/puppet/extraconfig/pre_deploy/per_node.yaml
+++ b/puppet/extraconfig/pre_deploy/per_node.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata overrides for specific nodes
diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml
index f955034d..04b5ccf6 100644
--- a/puppet/extraconfig/tls/ca-inject.yaml
+++ b/puppet/extraconfig/tls/ca-inject.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
This is a template which will inject the trusted anchor.
diff --git a/puppet/extraconfig/tls/freeipa-enroll.yaml b/puppet/extraconfig/tls/freeipa-enroll.yaml
new file mode 100644
index 00000000..7ce15069
--- /dev/null
+++ b/puppet/extraconfig/tls/freeipa-enroll.yaml
@@ -0,0 +1,83 @@
+heat_template_version: ocata
+
+description: Enroll nodes to FreeIPA
+
+parameters:
+ server:
+ description: ID of the controller node to apply this config to
+ type: string
+
+ CloudDomain:
+ description: >
+ The configured cloud domain; this will also be used as the kerberos realm
+ type: string
+
+ FreeIPAOTP:
+ default: ''
+ description: 'OTP that will be used for FreeIPA enrollment'
+ type: string
+ hidden: true
+ FreeIPAServer:
+ default: ''
+ description: 'FreeIPA server DNS name'
+ type: string
+ FreeIPAIPAddress:
+ default: ''
+ description: 'FreeIPA server IP Address'
+ type: string
+
+resources:
+ FreeIPAEnrollmentConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: otp
+ - name: ipa_server
+ - name: ipa_domain
+ - name: ipa_ip
+ config: |
+ #!/bin/sh
+ # If no IPA server was given as a parameter, it will be assumed from
+ # DNS.
+ if [ -n "${ipa_server}" ]; then
+ sed -i "/${ipa_server}/d" /etc/hosts
+ # Optionally add the FreeIPA server IP to /etc/hosts
+ if [ -n "${ipa_ip}" ]; then
+ echo "${ipa_ip} ${ipa_server}" >> /etc/hosts
+ fi
+ fi
+ # Set the node's domain if needed
+ if [ ! $(hostname -f | grep "${ipa_domain}$") ]; then
+ hostnamectl set-hostname "$(hostname).${ipa_domain}"
+ fi
+ yum install -y ipa-client
+ # Enroll. If there is already keytab, we have already done this. If
+ # this node hasn't enrolled and the OTP is missing, fail.
+ if [ ! -f /etc/krb5.keytab ]; then
+ if [ -z "${otp}" ]; then
+ echo "OTP is missing"
+ exit 1
+ fi
+ ipa-client-install --server ${ipa_server} -w ${otp} \
+ --domain=${ipa_domain} -U
+ fi
+ # Get a TGT
+ kinit -k -t /etc/krb5.keytab
+
+ FreeIPAControllerEnrollmentDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: FreeIPAEnrollmentDeployment
+ config: {get_resource: FreeIPAEnrollmentConfig}
+ server: {get_param: server}
+ input_values:
+ otp: {get_param: FreeIPAOTP}
+ ipa_server: {get_param: FreeIPAServer}
+ ipa_domain: {get_param: CloudDomain}
+ ipa_ip: {get_param: FreeIPAIPAddress}
+
+outputs:
+ deploy_stdout:
+ description: Output of the FreeIPA enrollment deployment
+ value: {get_attr: [FreeIPAControllerEnrollmentDeployment, deploy_stdout]}
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index 49d84574..2a61afc0 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
This is a template which will build the TLS Certificates necessary
diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml
index f8dad433..9430a704 100644
--- a/puppet/major_upgrade_steps.j2.yaml
+++ b/puppet/major_upgrade_steps.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade steps for all roles'
parameters:
@@ -15,39 +15,11 @@ parameters:
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
-
resources:
- # For the UpgradeInit also rename /etc/resolv.conf.save for +bug/1567004
- UpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
-
-{% for role in roles %}
- {{role.name}}Upgrade_Init:
- type: OS::Heat::StructuredDeploymentGroup
- properties:
- name: {{role.name}}Upgrade_Init
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: UpgradeInitConfig}
-{% endfor %}
-
# Upgrade Steps for all roles
# FIXME(shardy): would be nice to make the number of steps configurable
-{% for step in range(1, 8) %}
+{% for step in range(0, 8) %}
{% for role in roles %}
# Step {{step}} resources
{{role.name}}UpgradeConfig_Step{{step}}:
@@ -56,10 +28,8 @@ resources:
# serialization, but the event output is easier to follow if we
# do, and there should be minimal performance hit (creating the
# config is cheap compared to the time to apply the deployment).
+ {% if step > 0 %}
depends_on:
- {% if step == 1 %}
- - {{role.name}}Upgrade_Init
- {% else %}
{% for dep in roles %}
- {{dep.name}}Upgrade_Step{{step -1}}
{% endfor %}
@@ -70,7 +40,7 @@ resources:
{{role.name}}Upgrade_Step{{step}}:
type: OS::Heat::StructuredDeploymentGroup
- {% if step > 1 %}
+ {% if step > 0 %}
depends_on:
{% for dep in roles %}
- {{dep.name}}Upgrade_Step{{step -1}}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
deleted file mode 100644
index d329d5fc..00000000
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright 2015 Red Hat, Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-if hiera('step') >= 4 {
- hiera_include('controller_classes', [])
-}
-
-$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
-package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/overcloud_role.pp b/puppet/manifests/overcloud_role.pp
index 1a59620c..e2bf5146 100644
--- a/puppet/manifests/overcloud_role.pp
+++ b/puppet/manifests/overcloud_role.pp
@@ -24,3 +24,7 @@ if hiera('step') >= 4 {
$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud___ROLE__', hiera('step')])
package_manifest{$package_manifest_name: ensure => present}
+
+# NOTE(gfidente): ensure deprecated package manifest is absent, can be removed after Pike
+$absent_package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
+package_manifest{$absent_package_manifest_name: ensure => absent}
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index 60c12c3b..1633134d 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack swift storage node configured by Puppet'
parameters:
OvercloudSwiftStorageFlavor:
@@ -71,11 +71,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ SwiftStorageServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
ObjectStorageSchedulerHints:
type: json
@@ -93,10 +102,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
@@ -118,7 +136,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: SwiftStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: ObjectStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -130,6 +152,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -141,6 +165,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::ObjectStorage::NodeUserData
+
ExternalPort:
type: OS::TripleO::SwiftStorage::Ports::ExternalPort
properties:
@@ -217,14 +246,131 @@ resources:
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - ctlplane
+
+ PreNetworkConfig:
+ type: OS::TripleO::ObjectStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: SwiftStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: SwiftStorage}
actions: {get_param: NetworkDeploymentActions}
+ SwiftStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ SwiftStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: SwiftStorageUpgradeInitDeployment
+ server: {get_resource: SwiftStorage}
+ config: {get_resource: SwiftStorageUpgradeInitConfig}
+
SwiftStorageHieraConfig:
type: OS::Heat::StructuredConfig
properties:
@@ -255,47 +401,16 @@ resources:
extraconfig: {get_param: ExtraConfig}
object:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- fqdn_storage:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storage
- - {get_param: CloudDomain}
- fqdn_storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- fqdn_tenant:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- fqdn_management:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - management
- - {get_param: CloudDomain}
- fqdn_ctlplane:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
-
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: SwiftStorageUpgradeInitDeployment
properties:
name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
@@ -340,48 +455,13 @@ outputs:
hostname_map:
description: Mapping of network names to hostnames
value:
- external:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - external
- - {get_param: CloudDomain}
- internal_api:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- storage:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storage
- - {get_param: CloudDomain}
- storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- tenant:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- management:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - management
- - {get_param: CloudDomain}
- ctlplane:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
value:
str_replace:
@@ -399,47 +479,19 @@ outputs:
DOMAIN: {get_param: CloudDomain}
PRIMARYHOST: {get_attr: [SwiftStorage, name]}
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - external
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - internalapi
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storage
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storagemgmt
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - tenant
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - management
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- CTLPLANEHOST:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - ctlplane
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
nova_server_resource:
description: Heat resource handle for the swift storage server
value:
diff --git a/puppet/post.j2.yaml b/puppet/post.j2.yaml
index 582eb28d..2a02ea19 100644
--- a/puppet/post.j2.yaml
+++ b/puppet/post.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Post-deploy configuration steps via puppet for all roles,
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index 587ff58d..2f070da2 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack {{role}} node configured by Puppet'
parameters:
Overcloud{{role}}Flavor:
@@ -28,6 +28,10 @@ parameters:
constraints:
- custom_constraint: nova.keypair
{% endif %}
+ NeutronPublicInterface:
+ default: nic1
+ description: What interface to bridge onto br-ex for network nodes.
+ type: string
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -83,11 +87,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ {{role}}ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
{{role}}SchedulerHints:
type: json
@@ -105,6 +118,9 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
@@ -115,6 +131,13 @@ parameters:
LoggingGroups:
type: comma_delimited_list
default: []
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
+
resources:
{{role}}:
@@ -136,7 +159,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: {{role}}ServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: {{role}}SchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -148,6 +175,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -159,6 +188,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::{{role}}::NodeUserData
+
ExternalPort:
type: OS::TripleO::{{role}}::Ports::ExternalPort
properties:
@@ -235,17 +269,137 @@ resources:
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - ctlplane
+
+ PreNetworkConfig:
+ type: OS::TripleO::{{role}}::PreNetworkConfig
+ properties:
+ server: {get_resource: {{role}}}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: {{role}}}
actions: {get_param: NetworkDeploymentActions}
+ input_values:
+ bridge_name: br-ex
+ interface_name: {get_param: NeutronPublicInterface}
+
+ {{role}}UpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ {{role}}UpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: {{role}}UpgradeInitDeployment
+ server: {get_resource: {{role}}}
+ config: {get_resource: {{role}}UpgradeInitConfig}
{{role}}Deployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: {{role}}UpgradeInitDeployment
properties:
name: {{role}}Deployment
config: {get_resource: {{role}}Config}
@@ -285,42 +439,12 @@ resources:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
- fqdn_internal_api:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - internalapi
- - {get_param: CloudDomain}
- fqdn_storage:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - storage
- - {get_param: CloudDomain}
- fqdn_storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- fqdn_tenant:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - tenant
- - {get_param: CloudDomain}
- fqdn_management:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - management
- - {get_param: CloudDomain}
- fqdn_ctlplane:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
@@ -366,48 +490,13 @@ outputs:
hostname_map:
description: Mapping of network names to hostnames
value:
- external:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - external
- - {get_param: CloudDomain}
- internal_api:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - internalapi
- - {get_param: CloudDomain}
- storage:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - storage
- - {get_param: CloudDomain}
- storage_mgmt:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- tenant:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - tenant
- - {get_param: CloudDomain}
- management:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - management
- - {get_param: CloudDomain}
- ctlplane:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - ctlplane
- - {get_param: CloudDomain}
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
value:
str_replace:
@@ -425,47 +514,19 @@ outputs:
DOMAIN: {get_param: CloudDomain}
PRIMARYHOST: {get_attr: [{{role}}, name]}
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - external
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - internalapi
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - storage
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - storagemgmt
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - tenant
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - management
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- CTLPLANEHOST:
- list_join:
- - '.'
- - - {get_attr: [{{role}}, name]}
- - ctlplane
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
nova_server_resource:
description: Heat resource handle for {{role}} server
value:
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index 856b306e..6e4e9c1d 100644
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -74,3 +74,17 @@ step, "step2" for the second, etc.
6) Start control-plane services
7) Any additional online migration tasks (e.g data migrations)
+
+Nova Server Metadata Settings
+-----------------------------
+
+One can use the hook of type `OS::TripleO::ServiceServerMetadataHook` to pass
+entries to the nova instances' metadata. It is, however, disabled by default.
+In order to overwrite it one needs to define it in the resource registry. An
+implementation of this hook needs to conform to the following:
+
+* It needs to define an input called `RoleData` of json type. This gets as
+ input the contents of the `role_data` for each role's ServiceChain.
+
+* This needs to define an output called `metadata` which will be given to the
+ Nova Server resource as the instance's metadata.
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index 347a8c13..4e735b45 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh API service configured with Puppet
@@ -55,9 +55,10 @@ outputs:
aodh::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
+ aodh::wsgi::apache::wsgi_process_display_name: 'aodh_wsgi'
aodh::api::service_name: 'httpd'
aodh::api::enable_proxy_headers_parsing: true
tripleo.aodh_api.firewall_rules:
@@ -68,7 +69,7 @@ outputs:
aodh::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml
index 0e2410f7..8648a971 100644
--- a/puppet/services/aodh-base.yaml
+++ b/puppet/services/aodh-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh service configured with Puppet
@@ -69,6 +69,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/aodh'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
aodh::debug: {get_param: Debug}
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
aodh::rabbit_userid: {get_param: RabbitUserName}
diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml
index 405c500e..61f8c23f 100644
--- a/puppet/services/aodh-evaluator.yaml
+++ b/puppet/services/aodh-evaluator.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Evaluator service configured with Puppet
diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml
index fc4e8b39..715165b3 100644
--- a/puppet/services/aodh-listener.yaml
+++ b/puppet/services/aodh-listener.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Listener service configured with Puppet
diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml
index 2e51c639..da85581b 100644
--- a/puppet/services/aodh-notifier.yaml
+++ b/puppet/services/aodh-notifier.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Notifier service configured with Puppet
diff --git a/puppet/services/apache-internal-tls-certmonger.yaml b/puppet/services/apache-internal-tls-certmonger.yaml
index 87e53f13..07ec1b3c 100644
--- a/puppet/services/apache-internal-tls-certmonger.yaml
+++ b/puppet/services/apache-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service TLS configurations.
@@ -35,8 +35,8 @@ outputs:
httpd-NETWORK:
service_certificate: '/etc/pki/tls/certs/httpd-NETWORK.crt'
service_key: '/etc/pki/tls/private/httpd-NETWORK.key'
- hostname: "%{::fqdn_NETWORK}"
- principal: "HTTP/%{::fqdn_NETWORK}"
+ hostname: "%{hiera('fqdn_NETWORK')}"
+ principal: "HTTP/%{hiera('fqdn_NETWORK')}"
for_each:
NETWORK:
# NOTE(jaosorior) Get unique network names to create
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index 382e0ff9..2e95dcb0 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service configured with Puppet. Note this is typically included
diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index 1a5e9134..000a744c 100644
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Barbican API service configured with Puppet
@@ -93,7 +93,7 @@ outputs:
barbican::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
barbican::db::database_connection:
@@ -105,6 +105,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/barbican'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
tripleo.barbican_api.firewall_rules:
'117 barbican':
dport:
diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml
index 1a534156..735e6dde 100644
--- a/puppet/services/ca-certs.yaml
+++ b/puppet/services/ca-certs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
HAproxy service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml
index c4abc307..b9d8966c 100644
--- a/puppet/services/ceilometer-agent-central.yaml
+++ b/puppet/services/ceilometer-agent-central.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Central Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml
index 5457539c..b1d36c94 100644
--- a/puppet/services/ceilometer-agent-compute.yaml
+++ b/puppet/services/ceilometer-agent-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Compute Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml
index ea403aa1..9c9a3bd9 100644
--- a/puppet/services/ceilometer-agent-notification.yaml
+++ b/puppet/services/ceilometer-agent-notification.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Notification Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 2f34f248..63e02d4f 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer API service configured with Puppet
@@ -75,7 +75,7 @@ outputs:
ceilometer::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
@@ -83,7 +83,7 @@ outputs:
ceilometer::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
service_config_settings:
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index ded1bc03..0528368e 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer service configured with Puppet
@@ -31,9 +31,9 @@ parameters:
type: string
hidden: true
CeilometerMeterDispatcher:
- default: 'gnocchi'
- description: Dispatcher to process meter data
- type: string
+ default: ['gnocchi']
+ description: Comma-seperated list of Dispatcher to process meter data
+ type: comma_delimited_list
constraints:
- allowed_values: ['gnocchi', 'database']
CeilometerEventDispatcher:
@@ -50,6 +50,14 @@ parameters:
default: false
description: Whether to store events in ceilometer.
type: boolean
+ EnableLegacyCeilometerApi:
+ default: false
+ description: Enable legacy ceilometer Api service if needed.
+ type: boolean
+ EventPipelinePublishers:
+ default: ['notifier://?topic=alarm.all']
+ description: A list of publishers to put in event_pipeline.yaml.
+ type: comma_delimited_list
Debug:
default: ''
description: Set to True to enable debugging on all services.
@@ -93,6 +101,9 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ceilometer'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+ enable_legacy_ceilometer_api: {get_param: EnableLegacyCeilometerApi}
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer::metering_secret: {get_param: CeilometerMeteringSecret}
# we include db_sync class in puppet-tripleo
@@ -104,6 +115,7 @@ outputs:
ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword}
ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents}
+ ceilometer::agent::notification::event_pipeline_publishers: {get_param: EventPipelinePublishers}
ceilometer::agent::auth::auth_region: {get_param: KeystoneRegion}
ceilometer::agent::auth::auth_tenant_name: 'service'
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml
index e3f1ef4e..88e7d781 100644
--- a/puppet/services/ceilometer-collector.yaml
+++ b/puppet/services/ceilometer-collector.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Collector service configured with Puppet
diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml
index 3b811c4d..714434b1 100644
--- a/puppet/services/ceilometer-expirer.yaml
+++ b/puppet/services/ceilometer-expirer.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Expirer service configured with Puppet
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index 8faf5640..033d3f77 100644
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Ceph base service. Shared by all Ceph services.
diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml
index b482dd2e..f972e21b 100644
--- a/puppet/services/ceph-client.yaml
+++ b/puppet/services/ceph-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph Client service.
diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml
index b708665f..aaa9b039 100644
--- a/puppet/services/ceph-external.yaml
+++ b/puppet/services/ceph-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Ceph External service.
@@ -61,6 +61,12 @@ parameters:
MonitoringSubscriptionCephExternal:
default: 'overcloud-ceph-external'
type: string
+ RbdDefaultFeatures:
+ default: ''
+ description: The default features enabled when creating a block device
+ image. Only applies to format 2 images. Set to '1' for Jewel
+ clients using older Ceph servers.
+ type: string
conditions:
glance_multiple_locations:
@@ -81,6 +87,7 @@ outputs:
config_settings:
tripleo::profile::base::ceph::ceph_mon_host: {get_param: CephExternalMonHost}
ceph::profile::params::fsid: {get_param: CephClusterFSID}
+ ceph::profile::params::rbd_default_features: {get_param: RbdDefaultFeatures}
ceph::profile::params::client_keys:
str_replace:
template: "{
diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/ceph-mds.yaml
index 6a9161fa..b68567fb 100644
--- a/puppet/services/pacemaker/gnocchi-api.yaml
+++ b/puppet/services/ceph-mds.yaml
@@ -1,7 +1,7 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
- Gnocchi service configured with Puppet
+ Ceph MDS service.
parameters:
ServiceNetMap:
@@ -18,13 +18,15 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- MonitoringSubscriptionGnocchiApi:
- default: 'overcloud-gnocchi-api'
+ CephMdsKey:
+ description: The cephx key for the MDS service. Can be created
+ with ceph-authtool --gen-print-key.
type: string
+ hidden: true
resources:
- GnocchiServiceBase:
- type: ../gnocchi-api.yaml
+ CephBase:
+ type: ./ceph-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
@@ -32,14 +34,16 @@ resources:
outputs:
role_data:
- description: Role data for the Gnocchi role.
+ description: Role data for the Ceph MDS service.
value:
- service_name: gnocchi_api
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiApi}
+ service_name: ceph_mds
config_settings:
map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
- gnocchi::metricd::enabled: false
+ - get_attr: [CephBase, role_data, config_settings]
+ - ceph::profile::params::mds_key: {get_param: CephMdsKey}
+ tripleo.ceph_mds.firewall_rules:
+ '112 ceph_mds':
+ dport:
+ - '6800-7300'
step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::api
+ include ::tripleo::profile::base::ceph::mds
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 79f5432d..68ad69b7 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph Monitor service.
diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml
index f6378720..df0ee6c3 100644
--- a/puppet/services/ceph-osd.yaml
+++ b/puppet/services/ceph-osd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph OSD service.
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index 4b85d28f..6448387c 100644
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph RadosGW service.
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 8d57418e..7d197831 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Cinder API service configured with Puppet
@@ -101,7 +101,7 @@ outputs:
cinder::api::bind_host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
@@ -115,7 +115,7 @@ outputs:
cinder::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
-
@@ -147,3 +147,19 @@ outputs:
cinder::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ upgrade_tasks:
+ - name: check for cinder running under apache (post upgrade)
+ tags: step2
+ shell: "apachectl -t -D DUMP_VHOSTS | grep -q cinder"
+ register: cinder_apache
+ ignore_errors: true
+ - name: Stop cinder_api service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: "cinder_apache.rc == 0"
+ - name: Stop and disable cinder_api service (pre-upgrade not under httpd)
+ tags: step2
+ service: name=openstack-cinder-api state=stopped enabled=no
+ - name: Start cinder_api service (running under httpd)
+ tags: step6
+ service: name=httpd state=started
diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml
index 80795457..14be07af 100644
--- a/puppet/services/cinder-backup.yaml
+++ b/puppet/services/cinder-backup.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Backup service configured with Puppet
diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml
index 59c9b844..be4b4af2 100644
--- a/puppet/services/cinder-base.yaml
+++ b/puppet/services/cinder-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder base service. Shared by all Cinder services.
@@ -60,6 +60,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/cinder'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
cinder::debug: {get_param: Debug}
cinder::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
cinder::rabbit_userid: {get_param: RabbitUserName}
diff --git a/puppet/services/cinder-hpelefthand-iscsi.yaml b/puppet/services/cinder-hpelefthand-iscsi.yaml
new file mode 100644
index 00000000..f22a3aeb
--- /dev/null
+++ b/puppet/services/cinder-hpelefthand-iscsi.yaml
@@ -0,0 +1,56 @@
+heat_template_version: 2017-02-24
+
+description: >
+ Configure Cinder HPELeftHandISCSIDriver
+
+parameters:
+ # Config specific parameters, to be provided via parameter_defaults
+ CinderHPELeftHandISCSIApiUrl:
+ type: string
+ CinderHPELeftHandISCSIUserName:
+ type: string
+ CinderHPELeftHandISCSIPassword:
+ type: string
+ hidden: true
+ CinderHPELeftHandISCSIBackendName:
+ type: string
+ default: 'tripleo_hpelefthand'
+ CinderHPELeftHandISCSIChapEnabled:
+ type: boolean
+ default: false
+ CinderHPELeftHandClusterName:
+ type: string
+ CinderHPELeftHandDebug:
+ type: boolean
+ default: false
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+outputs:
+ role_data:
+ description: Role data for Cinder HPELeftHandISCSIDriver
+ value:
+ service_name: cinder_hpelefthand_iscsi
+ config_settings:
+ tripleo::profile::base::cinder::volume::cinder_enable_hpelefthand_backend: true
+ cinder::backend::hpelefthand_iscsi::hpelefthand_api_url: {get_param: CinderHPELeftHandISCSIApiUrl}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_username: {get_param: CinderHPELeftHandISCSIUserName}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_password: {get_param: CinderHPELeftHandISCSIPassword}
+ cinder::backend::hpelefthand_iscsi::volume_backend_name: {get_param: CinderHPELeftHandISCSIBackendName}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_iscsi_chap_enabled: {get_param: CinderHPELeftHandISCSIChapEnabled}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_clustername: {get_param: CinderHPELeftHandClusterName}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_debug: {get_param: CinderHPELeftHandDebug}
+ step_config: |
+ include ::tripleo::profile::base::cinder::volume
diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml
index 94c263ea..e12af631 100644
--- a/puppet/services/cinder-scheduler.yaml
+++ b/puppet/services/cinder-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Scheduler service configured with Puppet
@@ -51,3 +51,10 @@ outputs:
- cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
step_config: |
include ::tripleo::profile::base::cinder::scheduler
+ upgrade_tasks:
+ - name: Stop cinder_scheduler service
+ tags: step2
+ service: name=openstack-cinder-scheduler state=stopped
+ - name: Start cinder_scheduler service
+ tags: step6
+ service: name=openstack-cinder-scheduler state=started
diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml
index 82e16f39..cc06d87b 100644
--- a/puppet/services/cinder-volume.yaml
+++ b/puppet/services/cinder-volume.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Volume service configured with Puppet
@@ -110,3 +110,14 @@ outputs:
tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_param: [ServiceNetMap, CinderIscsiNetwork]}
step_config: |
include ::tripleo::profile::base::cinder::volume
+ upgrade_tasks:
+ - name: Stop cinder_volume service
+ tags: step2
+ service: name=openstack-cinder-volume state=stopped
+ - name: Sync cinder_volume DB
+ tags: step5
+ command: cinder-manage db sync
+ - name: Start cinder_volume service
+ tags: step6
+ service: name=openstack-cinder-volume state=started
+
diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml
index 3f4f106d..c27fcb7f 100644
--- a/puppet/services/database/mongodb-base.yaml
+++ b/puppet/services/database/mongodb-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Configuration details for MongoDB service using composable roles
diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml
index 01daeafe..8290cae7 100644
--- a/puppet/services/database/mongodb.yaml
+++ b/puppet/services/database/mongodb.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
MongoDb service deployment using puppet
diff --git a/puppet/services/database/mysql-internal-tls-certmonger.yaml b/puppet/services/database/mysql-internal-tls-certmonger.yaml
index 3ba51fb6..56d037e7 100644
--- a/puppet/services/database/mysql-internal-tls-certmonger.yaml
+++ b/puppet/services/database/mysql-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
MySQL configurations for using TLS via certmonger.
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index cacf6db0..7e12894f 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
MySQL service deployment using puppet
@@ -87,12 +87,17 @@ outputs:
tripleo::profile::base::database::mysql::bind_address:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
+ tripleo::profile::base::database::mysql::client_bind_address:
+ {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: |
include ::tripleo::profile::base::database::mysql
upgrade_tasks:
+ - name: Check for galera root password
+ tags: step0
+ file: path=/root/.my.cnf state=file
- name: Stop service
tags: step2
service: name=mariadb state=stopped
diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml
index 2fab0eb6..2b7dd430 100644
--- a/puppet/services/database/redis-base.yaml
+++ b/puppet/services/database/redis-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/database/redis.yaml b/puppet/services/database/redis.yaml
index 1c333b97..5ea25ca8 100644
--- a/puppet/services/database/redis.yaml
+++ b/puppet/services/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 33abdbf9..6d01bd48 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Glance API service configured with Puppet
@@ -75,15 +75,13 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
- glance::api::registry_host:
- str_replace:
- template: "'REGISTRY_HOST'"
- params:
- REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]}
- glance::api::registry_client_protocol: {get_param: [EndpointMap, GlanceRegistryInternal, protocol] }
+ glance::api::enable_v1_api: false
+ glance::api::enable_v2_api: true
glance::api::authtoken::password: {get_param: GlancePassword}
glance::api::enable_proxy_headers_parsing: true
glance::api::debug: {get_param: Debug}
@@ -107,3 +105,13 @@ outputs:
include ::tripleo::profile::base::glance::api
service_config_settings:
get_attr: [GlanceBase, role_data, service_config_settings]
+ upgrade_tasks:
+ - name: Stop glance_api service
+ tags: step2
+ service: name=openstack-glance-api state=stopped
+ - name: Sync glance_api DB
+ tags: step5
+ command: glance-manage --config-file=/etc/glance/glance-api.conf db_sync
+ - name: Start glance_api service
+ tags: step6
+ service: name=openstack-glance-api state=started
diff --git a/puppet/services/glance-base.yaml b/puppet/services/glance-base.yaml
index cc979af9..f5548982 100644
--- a/puppet/services/glance-base.yaml
+++ b/puppet/services/glance-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Glance Common settings with Puppet
@@ -105,8 +105,6 @@ outputs:
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
glance::notify::rabbitmq::notification_driver: messagingv2
- glance::registry::db::database_db_max_retries: -1
- glance::registry::db::database_max_retries: -1
tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled}
tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare}
tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions}
diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml
deleted file mode 100644
index c45582d4..00000000
--- a/puppet/services/glance-registry.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance Registry service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
- GlancePassword:
- description: The password for the glance service and db account, used by the glance services.
- type: string
- hidden: true
- GlanceWorkers:
- default: ''
- description: |
- Number of worker processes for glance registry. If left unset (empty
- string), the default value will result in the configuration being left
- unset and a system-dependent default value will be chosen (e.g.: number of
- processors). Please note that this will create a large number of processes
- on systems with a large number of CPUs resulting in excess memory
- consumption. It is recommended that a suitable non-default value be
- selected on such systems.
- type: string
- MonitoringSubscriptionGlanceRegistry:
- default: 'overcloud-glance-registry'
- type: string
- GlanceRegistryLoggingSource:
- type: json
- default:
- tag: openstack.glance.registry
- path: /var/log/glance/registry.log
-
-resources:
- GlanceBase:
- type: ./glance-base.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance Registry role.
- value:
- service_name: glance_registry
- monitoring_subscription: {get_param: MonitoringSubscriptionGlanceRegistry}
- logging_source: {get_param: GlanceRegistryLoggingSource}
- logging_groups:
- - glance
- config_settings:
- map_merge:
- - get_attr: [GlanceBase, role_data, config_settings]
-
- - glance::registry::database_connection:
- list_join:
- - ''
- - - {get_param: [EndpointMap, MysqlInternal, protocol]}
- - '://glance:'
- - {get_param: GlancePassword}
- - '@'
- - {get_param: [EndpointMap, MysqlInternal, host]}
- - '/glance'
- glance::registry::authtoken::password: {get_param: GlancePassword}
- glance::registry::authtoken::project_name: 'service'
- glance::registry::pipeline: 'keystone'
- glance::registry::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- glance::registry::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
- glance::registry::debug: {get_param: Debug}
- glance::registry::workers: {get_param: GlanceWorkers}
- tripleo.glance_registry.firewall_rules:
- '112 glance_registry':
- dport:
- - 9191
- # NOTE: bind IP is found in Heat replacing the network name with the
- # local node IP for the given network; replacement examples
- # (eg. for internal_api):
- # internal_api -> IP
- # internal_api_uri -> [IP]
- # internal_api_subnet - > IP/CIDR
- glance::registry::bind_host: {get_param: [ServiceNetMap, GlanceRegistryNetwork]}
- step_config: |
- include ::tripleo::profile::base::glance::registry
- service_config_settings:
- get_attr: [GlanceBase, role_data, config_settings]
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index d5f8e62d..3929e005 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
@@ -91,7 +91,7 @@ outputs:
gnocchi::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
@@ -102,10 +102,11 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
+ gnocchi::wsgi::apache::wsgi_process_display_name: 'gnocchi_wsgi'
gnocchi::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml
index 556baae0..d92b1766 100644
--- a/puppet/services/gnocchi-base.yaml
+++ b/puppet/services/gnocchi-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
@@ -67,6 +67,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/gnocchi'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types'
gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 2
diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml
index 1400bc98..e5f9a8e7 100644
--- a/puppet/services/gnocchi-metricd.yaml
+++ b/puppet/services/gnocchi-metricd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml
index 983d6c91..df438b37 100644
--- a/puppet/services/gnocchi-statsd.yaml
+++ b/puppet/services/gnocchi-statsd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/haproxy-internal-tls-certmonger.yaml b/puppet/services/haproxy-internal-tls-certmonger.yaml
index c6d53542..77457593 100644
--- a/puppet/services/haproxy-internal-tls-certmonger.yaml
+++ b/puppet/services/haproxy-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAProxy deployment with TLS enabled, powered by certmonger
diff --git a/puppet/services/haproxy-public-tls-certmonger.yaml b/puppet/services/haproxy-public-tls-certmonger.yaml
index 1551d16a..227697b9 100644
--- a/puppet/services/haproxy-public-tls-certmonger.yaml
+++ b/puppet/services/haproxy-public-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAProxy deployment with TLS enabled, powered by certmonger
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 675a79ec..9049c901 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAproxy service configured with Puppet
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index 12d4a6a1..f4d3cad3 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat CloudFormation API service configured with Puppet
@@ -84,3 +84,11 @@ outputs:
heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]}
heat::keystone::auth_cfn::password: {get_param: HeatPassword}
heat::keystone::auth_cfn::region: {get_param: KeystoneRegion}
+ upgrade_tasks:
+ - name: Stop heat_api_cfn service
+ tags: step2
+ service: name=openstack-heat-api-cfn state=stopped
+ - name: Start heat_api_cfn service
+ tags: step6
+ service: name=openstack-heat-api-cfn state=started
+
diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml
index 6dfeaaf3..ba4a287a 100644
--- a/puppet/services/heat-api-cloudwatch.yaml
+++ b/puppet/services/heat-api-cloudwatch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat CloudWatch API service configured with Puppet
@@ -66,3 +66,10 @@ outputs:
heat::api_cloudwatch::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]}
step_config: |
include ::tripleo::profile::base::heat::api_cloudwatch
+ upgrade_tasks:
+ - name: Stop heat_api_cloudwatch service
+ tags: step2
+ service: name=openstack-heat-api-cloudwatch state=stopped
+ - name: Start heat_api_cloudwatch service
+ tags: step6
+ service: name=openstack-heat-api state=started
diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml
index b0cd16dd..7ec9d6d4 100644
--- a/puppet/services/heat-api.yaml
+++ b/puppet/services/heat-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat API service configured with Puppet
@@ -84,3 +84,10 @@ outputs:
heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
heat::keystone::auth::password: {get_param: HeatPassword}
heat::keystone::auth::region: {get_param: KeystoneRegion}
+ upgrade_tasks:
+ - name: Stop heat_api service
+ tags: step2
+ service: name=openstack-heat-api state=stopped
+ - name: Start heat_api service
+ tags: step6
+ service: name=openstack-heat-api state=started
diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml
index a2a65d7d..a933a94b 100644
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat base service. Shared for all Heat services.
@@ -57,6 +57,7 @@ outputs:
heat::rabbit_port: {get_param: RabbitClientPort}
heat::debug: {get_param: Debug}
heat::enable_proxy_headers_parsing: true
+ heat::rpc_response_timeout: 600
# We need this because the default heat policy.json no longer works on TripleO
# https://git.openstack.org/cgit/openstack/heat/commit/?id=ac86702172ddf01f5bdc3f3cd99d2e32ad9b7024
heat::policy::policies:
@@ -77,6 +78,8 @@ outputs:
heat::cron::purge_deleted::destination: '/dev/null'
heat::db::database_db_max_retries: -1
heat::db::database_max_retries: -1
+ heat::yaql_memory_quota: 100000
+ heat::yaql_limit_iterators: 1000
service_config_settings:
keystone:
tripleo::profile::base::keystone::heat_admin_domain: 'heat_stack'
diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml
index 3f0e4105..6efb0653 100644
--- a/puppet/services/heat-engine.yaml
+++ b/puppet/services/heat-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Openstack Heat Engine service configured with Puppet
@@ -48,6 +48,15 @@ parameters:
default:
tag: openstack.heat.engine
path: /var/log/heat/heat-engine.log
+ HeatConvergenceEngine:
+ type: boolean
+ default: true
+ description: Enables the heat engine with the convergence architecture.
+ HeatMaxResourcesPerStack:
+ type: number
+ default: 1000
+ description: Maximum resources allowed per top-level stack. -1 stands for unlimited.
+
resources:
HeatBase:
@@ -72,6 +81,26 @@ outputs:
- heat::engine::num_engine_workers: {get_param: HeatWorkers}
heat::engine::configure_delegated_roles: false
heat::engine::trusts_delegated_roles: []
+ heat::engine::max_nested_stack_depth: 6
+ heat::engine::max_resources_per_stack: {get_param: HeatMaxResourcesPerStack}
+ heat::engine::heat_metadata_server_url:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
+ - '://'
+ - {get_param: [EndpointMap, HeatCfnPublic, host]}
+ - ':'
+ - {get_param: [EndpointMap, HeatCfnPublic, port]}
+ heat::engine::heat_waitcondition_server_url:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
+ - '://'
+ - {get_param: [EndpointMap, HeatCfnPublic, host]}
+ - ':'
+ - {get_param: [EndpointMap, HeatCfnPublic, port]}
+ - '/v1/waitcondition'
+ heat::engine::convergence_engine: {get_param: HeatConvergenceEngine}
tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge}
heat::database_connection:
list_join:
@@ -82,6 +111,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/heat'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]}
heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
heat::engine::auth_encryption_key:
@@ -106,3 +137,13 @@ outputs:
keystone:
# This is needed because the keystone profile handles creating the domain
tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword}
+ upgrade_tasks:
+ - name: Stop heat_engine service
+ tags: step2
+ service: name=openstack-heat-engine state=stopped
+ - name: Sync heat_engine DB
+ tags: step5
+ command: heat-manage --config-file /etc/heat/heat.conf db_sync
+ - name: Start heat_engine service
+ tags: step6
+ service: name=openstack-heat-engine state=started
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index 8eaf4044..cf35d202 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Horizon service configured with Puppet
@@ -58,8 +58,10 @@ outputs:
dport:
- 80
- 443
+ horizon::enable_secure_proxy_ssl_header: true
horizon::disable_password_reveal: true
horizon::enforce_password_check: true
+ horizon::disallow_iframe_embed: true
horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
horizon::vhost_extra_params:
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
index c8a2e833..aebb37b2 100644
--- a/puppet/services/ironic-api.yaml
+++ b/puppet/services/ironic-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic API configured with Puppet
diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml
index 0ff393c6..ad7ef6ea 100644
--- a/puppet/services/ironic-base.yaml
+++ b/puppet/services/ironic-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic services configured with Puppet
@@ -60,6 +60,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ironic'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
ironic::debug: {get_param: Debug}
ironic::rabbit_userid: {get_param: RabbitUserName}
ironic::rabbit_password: {get_param: RabbitPassword}
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
index f173aa63..194afec7 100644
--- a/puppet/services/ironic-conductor.yaml
+++ b/puppet/services/ironic-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic conductor configured with Puppet
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index b4f1a100..38f9f3be 100644
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Keepalived service configured with Puppet
diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml
index 69898718..29157959 100644
--- a/puppet/services/kernel.yaml
+++ b/puppet/services/kernel.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Load kernel modules with kmod and configure kernel options with sysctl.
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index f021e18b..f69e20b4 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Keystone service configured with Puppet
@@ -148,6 +148,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/keystone'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
keystone::admin_token: {get_param: AdminToken}
keystone::admin_password: {get_param: AdminPassword}
keystone::roles::admin::password: {get_param: AdminPassword}
@@ -195,13 +197,13 @@ outputs:
keystone::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
keystone::wsgi::apache::servername_admin:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
@@ -219,13 +221,13 @@ outputs:
keystone::admin_bind_host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::public_bind_host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/logging/fluentd-base.yaml b/puppet/services/logging/fluentd-base.yaml
index c8f67556..65ad80ed 100644
--- a/puppet/services/logging/fluentd-base.yaml
+++ b/puppet/services/logging/fluentd-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Fluentd base service
diff --git a/puppet/services/logging/fluentd-client.yaml b/puppet/services/logging/fluentd-client.yaml
index 3ae7110f..769ab68f 100644
--- a/puppet/services/logging/fluentd-client.yaml
+++ b/puppet/services/logging/fluentd-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Fluentd client configured with Puppet
diff --git a/puppet/services/logging/fluentd-config.yaml b/puppet/services/logging/fluentd-config.yaml
index 58b423fd..68f98aff 100644
--- a/puppet/services/logging/fluentd-config.yaml
+++ b/puppet/services/logging/fluentd-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Fluentd logging configuration
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml
index b4b3d480..b7c64823 100644
--- a/puppet/services/manila-api.yaml
+++ b/puppet/services/manila-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-api service configured with Puppet
diff --git a/puppet/services/manila-backend-cephfs.yaml b/puppet/services/manila-backend-cephfs.yaml
index 1066700a..36ef1ea9 100644
--- a/puppet/services/manila-backend-cephfs.yaml
+++ b/puppet/services/manila-backend-cephfs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila Cephfs backend
diff --git a/puppet/services/manila-backend-generic.yaml b/puppet/services/manila-backend-generic.yaml
index c527666e..23831a6a 100644
--- a/puppet/services/manila-backend-generic.yaml
+++ b/puppet/services/manila-backend-generic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila generic backend.
diff --git a/puppet/services/manila-backend-netapp.yaml b/puppet/services/manila-backend-netapp.yaml
index e6d2f250..1f6fcf4f 100644
--- a/puppet/services/manila-backend-netapp.yaml
+++ b/puppet/services/manila-backend-netapp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila netapp backend.
diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml
index 844bd3a3..2a9745a2 100644
--- a/puppet/services/manila-base.yaml
+++ b/puppet/services/manila-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila base service. Shared by manila-api/scheduler/share services
@@ -67,6 +67,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/manila'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
service_config_settings:
mysql:
manila::db::mysql::password: {get_param: ManilaPassword}
diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml
index d96b677b..c8114f2b 100644
--- a/puppet/services/manila-scheduler.yaml
+++ b/puppet/services/manila-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-scheduler service configured with Puppet
diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml
index 49c69fc1..e38fe675 100644
--- a/puppet/services/manila-share.yaml
+++ b/puppet/services/manila-share.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-share service configured with Puppet
diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml
index 9e3f6375..ffa969e0 100644
--- a/puppet/services/memcached.yaml
+++ b/puppet/services/memcached.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Memcached service configured with Puppet
diff --git a/puppet/services/mistral-api.yaml b/puppet/services/mistral-api.yaml
index 44d30358..daa1dc7c 100644
--- a/puppet/services/mistral-api.yaml
+++ b/puppet/services/mistral-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral API service configured with Puppet
diff --git a/puppet/services/mistral-base.yaml b/puppet/services/mistral-base.yaml
index a11624c0..e678b14f 100644
--- a/puppet/services/mistral-base.yaml
+++ b/puppet/services/mistral-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral base service. Shared for all Mistral services.
@@ -65,6 +65,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/mistral'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
mistral::rabbit_userid: {get_param: RabbitUserName}
mistral::rabbit_password: {get_param: RabbitPassword}
mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/mistral-engine.yaml b/puppet/services/mistral-engine.yaml
index 10af670d..4a92b863 100644
--- a/puppet/services/mistral-engine.yaml
+++ b/puppet/services/mistral-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral Engine service configured with Puppet
diff --git a/puppet/services/mistral-executor.yaml b/puppet/services/mistral-executor.yaml
index 7afaf0db..6e273b92 100644
--- a/puppet/services/mistral-executor.yaml
+++ b/puppet/services/mistral-executor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral API service configured with Puppet
diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml
index ea23b8b6..a8303a59 100644
--- a/puppet/services/monitoring/sensu-base.yaml
+++ b/puppet/services/monitoring/sensu-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Sensu base service
diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml
index a26c7458..76ba59c1 100644
--- a/puppet/services/monitoring/sensu-client.yaml
+++ b/puppet/services/monitoring/sensu-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Sensu client configured with Puppet
diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml
index 1c2331fa..ad14d315 100644
--- a/puppet/services/network/contrail-analytics.yaml
+++ b/puppet/services/network/contrail-analytics.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Analytics service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index 03dbea5b..b49b2add 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Base parameters for all Contrail Services.
diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml
index 0987fc75..03774480 100644
--- a/puppet/services/network/contrail-config.yaml
+++ b/puppet/services/network/contrail-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Config service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml
index 9356e9e9..7c28d283 100644
--- a/puppet/services/network/contrail-control.yaml
+++ b/puppet/services/network/contrail-control.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Control service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml
index e5712618..c56b90a2 100644
--- a/puppet/services/network/contrail-database.yaml
+++ b/puppet/services/network/contrail-database.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Database service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml
index 72b9e1c0..72cc6fa5 100644
--- a/puppet/services/network/contrail-webui.yaml
+++ b/puppet/services/network/contrail-webui.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail WebUI service deployment using puppet, this YAML file
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 5fd9d7a2..bbb79bba 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron Server configured with Puppet
@@ -112,6 +112,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
neutron::server::api_workers: {get_param: NeutronWorkers}
@@ -158,3 +160,14 @@ outputs:
neutron::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ upgrade_tasks:
+ - name: Stop neutron_api service
+ tags: step2
+ service: name=neutron-server state=stopped
+ - name: Sync neutron_api DB
+ tags: step5
+ command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head
+ - name: Start neutron_api service
+ tags: step6
+ service: name=neutron-server state=started
+
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 3d03c313..43657bd9 100644
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron base service. Shared for all Neutron agents.
diff --git a/puppet/services/neutron-compute-plugin-midonet.yaml b/puppet/services/neutron-compute-plugin-midonet.yaml
index 26b6fa6b..5b6fcca6 100644
--- a/puppet/services/neutron-compute-plugin-midonet.yaml
+++ b/puppet/services/neutron-compute-plugin-midonet.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Midonet plugin
diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml
index c4f8ad12..04431e28 100644
--- a/puppet/services/neutron-compute-plugin-nuage.yaml
+++ b/puppet/services/neutron-compute-plugin-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Nuage plugin
diff --git a/puppet/services/neutron-compute-plugin-opencontrail.yaml b/puppet/services/neutron-compute-plugin-opencontrail.yaml
index 9f2fd13c..bbe4a051 100644
--- a/puppet/services/neutron-compute-plugin-opencontrail.yaml
+++ b/puppet/services/neutron-compute-plugin-opencontrail.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute OpenContrail plugin
diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/neutron-compute-plugin-ovn.yaml
index 95e05dd4..ce28b5c3 100644
--- a/puppet/services/neutron-compute-plugin-ovn.yaml
+++ b/puppet/services/neutron-compute-plugin-ovn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute OVN agent
diff --git a/puppet/services/neutron-compute-plugin-plumgrid.yaml b/puppet/services/neutron-compute-plugin-plumgrid.yaml
index 31a0a08b..09aa6191 100644
--- a/puppet/services/neutron-compute-plugin-plumgrid.yaml
+++ b/puppet/services/neutron-compute-plugin-plumgrid.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Plumgrid plugin
diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index 2cd08f98..c7965a64 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron DHCP agent configured with Puppet
@@ -74,3 +74,10 @@ outputs:
dport: 68
step_config: |
include tripleo::profile::base::neutron::dhcp
+ upgrade_tasks:
+ - name: Stop neutron_dhcp service
+ tags: step2
+ service: name=neutron-dhcp-agent state=stopped
+ - name: Start neutron_dhcp service
+ tags: step6
+ service: name=neutron-dhcp-agent state=started
diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml
index b6c29116..06927fe0 100644
--- a/puppet/services/neutron-l3-compute-dvr.yaml
+++ b/puppet/services/neutron-l3-compute-dvr.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron L3 agent for DVR enabled compute nodes
diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml
index a2157555..b3d7b3bf 100644
--- a/puppet/services/neutron-l3.yaml
+++ b/puppet/services/neutron-l3.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron L3 agent configured with Puppet
@@ -68,15 +68,21 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- - neutron::agents::l3::router_delete_namespaces: True
- neutron::agents::l3::agent_mode: {get_param: NeutronL3AgentMode}
+ - neutron::agents::l3::agent_mode: {get_param: NeutronL3AgentMode}
tripleo.neutron_l3.firewall_rules:
'106 neutron_l3 vrrp':
proto: vrrp
- -
+ -
if:
- external_network_bridge_empty
- {}
- neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge}
step_config: |
include tripleo::profile::base::neutron::l3
+ upgrade_tasks:
+ - name: Stop neutron_l3 service
+ tags: step2
+ service: name=neutron-l3-agent state=stopped
+ - name: Start neutron_l3 service
+ tags: step6
+ service: name=neutron-l3-agent state=started
diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml
index c87de285..68d7110a 100644
--- a/puppet/services/neutron-metadata.yaml
+++ b/puppet/services/neutron-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Metadata agent configured with Puppet
@@ -75,3 +75,10 @@ outputs:
neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
step_config: |
include tripleo::profile::base::neutron::metadata
+ upgrade_tasks:
+ - name: Stop neutron_metadata service
+ tags: step2
+ service: name=neutron-metadata-agent state=stopped
+ - name: Start neutron_metadata service
+ tags: step6
+ service: name=neutron-metadata-agent state=started
diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml
index 0de256c0..9198f352 100644
--- a/puppet/services/neutron-midonet.yaml
+++ b/puppet/services/neutron-midonet.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Midonet plugin and services
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index e2b90b7b..e24fae7c 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron OVS agent configured with Puppet
@@ -70,6 +70,9 @@ parameters:
tag: openstack.neutron.agent.openvswitch
path: /var/log/neutron/openvswitch-agent.log
+conditions:
+ no_firewall_driver: {equals : [{get_param: NeutronOVSFirewallDriver}, '']}
+
resources:
NeutronBase:
@@ -104,12 +107,24 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
- neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
tripleo.neutron_ovs_agent.firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
dport: 4789
'136 neutron gre networks':
proto: 'gre'
+ -
+ if:
+ - no_firewall_driver
+ - {}
+ - neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
step_config: |
include ::tripleo::profile::base::neutron::ovs
+ upgrade_tasks:
+ - name: Stop neutron_ovs_agent service
+ tags: step2
+ service: name=neutron-openvswitch-agent state=stopped
+ - name: Start neutron_ovs_agent service
+ tags: step6
+ service: name=neutron-openvswitch-agent state=started
+
diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml
index fdfa1c03..5c77e35d 100644
--- a/puppet/services/neutron-ovs-dpdk-agent.yaml
+++ b/puppet/services/neutron-ovs-dpdk-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron OVS DPDK configured with Puppet for Compute Role
diff --git a/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
new file mode 100644
index 00000000..afb8cf44
--- /dev/null
+++ b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
@@ -0,0 +1,73 @@
+heat_template_version: 2017-02-24
+
+description: >
+ Configure hieradata for Fujitsu C-Fabric plugin configuration
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronFujitsuCfabAddress:
+ description: 'The address of the C-Fabric to telnet to.'
+ type: string
+ NeutronFujitsuCfabUserName:
+ description: 'The C-Fabric username to use.'
+ type: string
+ NeutronFujitsuCfabPassword:
+ description: 'The C-Fabric password to use.'
+ type: string
+ hidden: true
+ NeutronFujitsuCfabPhysicalNetworks:
+ description: 'List of <physical_network>:<vfab_id> tuples specifying physical_network names and corresponding vfab ids.'
+ type: comma_delimited_list
+ default: ''
+ NeutronFujitsuCfabSharePprofile:
+ description: '"Whether to share a C-Fabric pprofile among Neutron ports using the same VLAN ID.'
+ type: boolean
+ default: false
+ NeutronFujitsuCfabPprofilePrefix:
+ description: 'The prefix string for pprofile name.'
+ type: string
+ default: ''
+ NeutronFujitsuCfabSaveConfig:
+ description: 'Whether to save configuration.'
+ type: boolean
+ default: true
+
+resources:
+
+ NeutronMl2Base:
+ type: ./neutron-plugin-ml2.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for Fujitsu Cfab ML2 Driver
+ value:
+ service_name: neutron_plugin_ml2_fujitsu_cfab
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronMl2Base, role_data, config_settings]
+ - neutron::plugins::ml2::fujitsu::cfab::address: {get_param: NeutronFujitsuCfabAddress}
+ neutron::plugins::ml2::fujitsu::cfab::username: {get_param: NeutronFujitsuCfabUserName}
+ neutron::plugins::ml2::fujitsu::cfab::password: {get_param: NeutronFujitsuCfabPassword}
+ neutron::plugins::ml2::fujitsu::cfab::physical_networks: {get_param: NeutronFujitsuCfabPhysicalNetworks}
+ neutron::plugins::ml2::fujitsu::cfab::share_pprofile: {get_param: NeutronFujitsuCfabSharePprofile}
+ neutron::plugins::ml2::fujitsu::cfab::pprofile_prefix: {get_param: NeutronFujitsuCfabPprofilePrefix}
+ neutron::plugins::ml2::fujitsu::cfab::save_config: {get_param: NeutronFujitsuCfabSaveConfig}
+ step_config: |
+ include ::tripleo::profile::base::neutron::plugins::ml2
diff --git a/puppet/services/neutron-plugin-ml2-ovn.yaml b/puppet/services/neutron-plugin-ml2-ovn.yaml
index e98ed497..59346edc 100644
--- a/puppet/services/neutron-plugin-ml2-ovn.yaml
+++ b/puppet/services/neutron-plugin-ml2-ovn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron ML2/OVN plugin configured with Puppet
@@ -18,13 +18,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- OVNDbHost:
- description: IP address on which the OVN DB servers are listening
- type: string
- OVNNorthboundServerPort:
- description: Port of the OVN Northbound DB server
- type: number
- default: 6641
OVNDbConnectionTimeout:
description: Timeout in seconds for the OVSDB connection transaction
type: number
@@ -68,9 +61,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronMl2Base, role_data, config_settings]
- - ovn::northbound::port: {get_param: OVNNorthboundServerPort}
- tripleo::profile::base::neutron::plugins::ml2::ovn::ovn_db_host: {get_param: OVNDbHost}
- neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
+ - neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
neutron::plugins::ovn::neutron_sync_mode: {get_param: OVNNeutronSyncMode}
neutron::plugins::ovn::ovn_l3_mode: true
neutron::plugins::ovn::vif_type: {get_param: OVNVifType}
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index 88b5064c..407ce6ba 100644
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron ML2 Plugin configured with Puppet
diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml
index 838ec5ea..e09cd704 100644
--- a/puppet/services/neutron-plugin-nuage.yaml
+++ b/puppet/services/neutron-plugin-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Nuage plugin
diff --git a/puppet/services/neutron-plugin-opencontrail.yaml b/puppet/services/neutron-plugin-opencontrail.yaml
index 098c9d05..976e5f19 100644
--- a/puppet/services/neutron-plugin-opencontrail.yaml
+++ b/puppet/services/neutron-plugin-opencontrail.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Opencontrail plugin
diff --git a/puppet/services/neutron-plugin-plumgrid.yaml b/puppet/services/neutron-plugin-plumgrid.yaml
index 30af8a3f..bd078074 100644
--- a/puppet/services/neutron-plugin-plumgrid.yaml
+++ b/puppet/services/neutron-plugin-plumgrid.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Plumgrid plugin
@@ -100,6 +100,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
neutron::plugins::plumgrid::controller_priv_host: {get_param: [EndpointMap, KeystoneAdmin, host]}
neutron::plugins::plumgrid::admin_password: {get_param: AdminPassword}
neutron::plugins::plumgrid::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml
index 44f7f242..d3c82d88 100644
--- a/puppet/services/neutron-sriov-agent.yaml
+++ b/puppet/services/neutron-sriov-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron SR-IOV nic agent configured with Puppet
@@ -25,6 +25,7 @@ parameters:
All physical networks listed in network_vlan_ranges
on the server should have mappings to appropriate
interfaces on each agent.
+ Example "tenant0:ens2f0,tenant1:ens2f1"
type: comma_delimited_list
default: ""
NeutronExcludeDevices:
@@ -40,8 +41,8 @@ parameters:
NeutronSriovNumVFs:
description: >
Provide the list of VFs to be reserved for each SR-IOV interface.
- Format "<interface_name1>:<numvfs1>","<interface_name2>:<numvfs2>"
- Example "eth1:4096","eth2:128"
+ Format "<interface_name1>:<numvfs1>,<interface_name2>:<numvfs2>"
+ Example "eth1:4096,eth2:128"
type: comma_delimited_list
default: ""
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index c4d5c6bb..d2ca841f 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova API service configured with Puppet
@@ -108,21 +108,21 @@ outputs:
nova::api::api_bind_address:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd'
- nova::wsgi::apache::ssl: {get_param: EnableInternalTLS}
+ nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
- nova::wsgi::apache::servername:
+ nova::wsgi::apache_api::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache_api::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
@@ -133,10 +133,27 @@ outputs:
- nova_workers_zero
- {}
- nova::api::osapi_compute_workers: {get_param: NovaWorkers}
- nova::wsgi::apache::workers: {get_param: NovaWorkers}
+ nova::wsgi::apache_api::workers: {get_param: NovaWorkers}
step_config: |
include tripleo::profile::base::nova::api
service_config_settings:
+ mysql:
+ map_merge:
+ - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
+ - nova::db::mysql::password: {get_param: NovaPassword}
+ nova::db::mysql::user: nova
+ nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql::dbname: nova
+ nova::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+ nova::db::mysql_api::password: {get_param: NovaPassword}
+ nova::db::mysql_api::user: nova_api
+ nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql_api::dbname: nova_api
+ nova::db::mysql_api::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
keystone:
nova::keystone::auth::tenant: 'service'
nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]}
@@ -144,18 +161,3 @@ outputs:
nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
nova::keystone::auth::password: {get_param: NovaPassword}
nova::keystone::auth::region: {get_param: KeystoneRegion}
- mysql:
- nova::db::mysql::password: {get_param: NovaPassword}
- nova::db::mysql::user: nova
- nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- nova::db::mysql::dbname: nova
- nova::db::mysql::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
- nova::db::mysql_api::password: {get_param: NovaPassword}
- nova::db::mysql_api::user: nova_api
- nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- nova::db::mysql_api::dbname: nova_api
- nova::db::mysql_api::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index 20bf2e42..d70e66a0 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova base service. Shared for all Nova services.
@@ -90,6 +90,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
nova::api_database_connection:
list_join:
- ''
@@ -99,6 +101,19 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova_api'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+ nova::placement_database_connection:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://nova_placement:'
+ - {get_param: NovaPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/nova_placement'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
nova::debug: {get_param: Debug}
nova::purge_config: {get_param: EnableConfigPurge}
nova::network::neutron::neutron_project_name: 'service'
@@ -123,3 +138,9 @@ outputs:
- compute_upgrade_level_empty
- {}
- nova::upgrade_level_compute: {get_param: UpgradeLevelNovaCompute}
+ service_config_settings:
+ mysql:
+ nova::rabbit_password: {get_param: RabbitPassword}
+ nova::rabbit_userid: {get_param: RabbitUserName}
+ nova::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ nova::rabbit_port: {get_param: RabbitClientPort}
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 908b676e..2312b635 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Compute service configured with Puppet
diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml
index a10d9560..b96bf6e6 100644
--- a/puppet/services/nova-conductor.yaml
+++ b/puppet/services/nova-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova Conductor service configured with Puppet
diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml
index 85e60420..79969ded 100644
--- a/puppet/services/nova-consoleauth.yaml
+++ b/puppet/services/nova-consoleauth.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Consoleauth service configured with Puppet
diff --git a/puppet/services/nova-ironic.yaml b/puppet/services/nova-ironic.yaml
index bf7639dd..306c6b6f 100644
--- a/puppet/services/nova-ironic.yaml
+++ b/puppet/services/nova-ironic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Compute service configured with Puppet and using Ironic
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index 70774bac..a9b2b3f9 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Libvirt service configured with Puppet
@@ -21,6 +21,14 @@ parameters:
NovaComputeLibvirtType:
type: string
default: kvm
+ LibvirtEnabledPerfEvents:
+ type: comma_delimited_list
+ default: []
+ description: This is a performance event list which could be used as monitor.
+ For example - ``enabled_perf_events = cmt, mbml, mbmt``
+ The supported events list can be found in
+ https://libvirt.org/html/libvirt-libvirt-domain.html ,
+ which you may need to search key words ``VIR_PERF_PARAM_*``
MonitoringSubscriptionNovaLibvirt:
default: 'overcloud-nova-libvirt'
type: string
@@ -50,6 +58,10 @@ outputs:
tripleo::profile::base::nova::libvirt_enabled: true
nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
+ nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents}
+ nova::compute::libvirt::qemu::configure_qemu: true
+ nova::compute::libvirt::qemu::max_files: 32768
+ nova::compute::libvirt::qemu::max_processes: 131072
tripleo.nova_libvirt.firewall_rules:
'200 nova_libvirt':
dport:
diff --git a/puppet/services/nova-metadata.yaml b/puppet/services/nova-metadata.yaml
index 40931da6..376f95b1 100644
--- a/puppet/services/nova-metadata.yaml
+++ b/puppet/services/nova-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova API service configured with Puppet
diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml
new file mode 100644
index 00000000..9b7120d8
--- /dev/null
+++ b/puppet/services/nova-placement.yaml
@@ -0,0 +1,124 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack Nova Placement API service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NovaWorkers:
+ default: 0
+ description: Number of workers for Nova Placement API service.
+ type: number
+ NovaPassword:
+ description: The password for the nova service and db account, used by nova-placement.
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+ MonitoringSubscriptionNovaPlacement:
+ default: 'overcloud-nova-placement'
+ type: string
+ NovaPlacementLoggingSource:
+ type: json
+ default:
+ tag: openstack.nova.placement
+ path: /var/log/httpd/nova_placement_wsgi_error_ssl.log
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+ nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
+
+resources:
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
+
+ NovaBase:
+ type: ./nova-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Placement API service.
+ value:
+ service_name: nova_placement
+ monitoring_subscription: {get_param: MonitoringSubscriptionNovaPlacement}
+ logging_source: {get_param: NovaPlacementLoggingSource}
+ logging_groups:
+ - nova
+ config_settings:
+ map_merge:
+ - get_attr: [NovaBase, role_data, config_settings]
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
+ - tripleo.nova_placement.firewall_rules:
+ '138 nova_placement':
+ dport:
+ - 8778
+ - 13778
+ nova::placement::project_name: 'service'
+ nova::placement::password: {get_param: NovaPassword}
+ nova::placement::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ nova::placement::os_region_name: {get_param: KeystoneRegion}
+ nova::wsgi::apache_placement::api_port: '8778'
+ nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS}
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ nova::wsgi::apache_placement::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache_placement::servername:
+ str_replace:
+ template:
+ "%{hiera('fqdn_$NETWORK')}"
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ -
+ if:
+ - nova_workers_zero
+ - {}
+ - nova::wsgi::apache_placement::workers: {get_param: NovaWorkers}
+ step_config: |
+ include tripleo::profile::base::nova::placement
+ service_config_settings:
+ keystone:
+ nova::keystone::auth_placement::tenant: 'service'
+ nova::keystone::auth_placement::public_url: {get_param: [EndpointMap, NovaPlacementPublic, uri]}
+ nova::keystone::auth_placement::internal_url: {get_param: [EndpointMap, NovaPlacementInternal, uri]}
+ nova::keystone::auth_placement::admin_url: {get_param: [EndpointMap, NovaPlacementAdmin, uri]}
+ nova::keystone::auth_placement::password: {get_param: NovaPassword}
+ nova::keystone::auth_placement::region: {get_param: KeystoneRegion}
+ mysql:
+ map_merge:
+ - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
+ - nova::db::mysql_placement::password: {get_param: NovaPassword}
+ nova::db::mysql_placement::user: nova_placement
+ nova::db::mysql_placement::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql_placement::dbname: nova_placement
+ nova::db::mysql_placement::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml
index d4e5fff6..353a75ac 100644
--- a/puppet/services/nova-scheduler.yaml
+++ b/puppet/services/nova-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Scheduler service configured with Puppet
diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml
index e6b0703f..bf244943 100644
--- a/puppet/services/nova-vnc-proxy.yaml
+++ b/puppet/services/nova-vnc-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Vncproxy service configured with Puppet
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index 253d63ef..0ed9d206 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenDaylight SDN Controller.
@@ -17,10 +17,6 @@ parameters:
type: string
description: The password for the opendaylight server.
hidden: true
- OpenDaylightEnableL3:
- description: Knob to enable/disable ODL L3
- type: string
- default: 'no'
OpenDaylightEnableDHCP:
description: Knob to enable/disable ODL DHCP Server
type: boolean
@@ -56,9 +52,14 @@ outputs:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
opendaylight::username: {get_param: OpenDaylightUsername}
opendaylight::password: {get_param: OpenDaylightPassword}
- opendaylight::enable_l3: {get_param: OpenDaylightEnableL3}
opendaylight::extra_features: {get_param: OpenDaylightFeatures}
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
+ tripleo.opendaylight_api.firewall_rules:
+ '137 opendaylight api':
+ dport:
+ - {get_param: OpenDaylightPort}
+ - 6640
+ - 6653
step_config: |
include tripleo::profile::base::neutron::opendaylight
diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml
index 907ecddc..cfec3c48 100644
--- a/puppet/services/opendaylight-ovs.yaml
+++ b/puppet/services/opendaylight-ovs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenDaylight OVS Configuration.
@@ -8,6 +8,15 @@ parameters:
default: 8081
description: Set opendaylight service port
type: number
+ OpenDaylightUsername:
+ default: 'admin'
+ description: The username for the opendaylight server.
+ type: string
+ OpenDaylightPassword:
+ default: 'admin'
+ type: string
+ description: The password for the opendaylight server.
+ hidden: true
OpenDaylightConnectionProtocol:
description: L7 protocol used for REST access
type: string
@@ -46,6 +55,8 @@ outputs:
service_name: opendaylight_ovs
config_settings:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
+ opendaylight::username: {get_param: OpenDaylightUsername}
+ opendaylight::password: {get_param: OpenDaylightPassword}
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml
new file mode 100644
index 00000000..302628d4
--- /dev/null
+++ b/puppet/services/ovn-dbs.yaml
@@ -0,0 +1,40 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OVN databases configured with puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ OVNNorthboundServerPort:
+ description: Port of the OVN Northbound DB server
+ type: number
+ default: 6641
+ OVNSouthboundServerPort:
+ description: Port of the OVN Southbound DB server
+ type: number
+ default: 6642
+
+outputs:
+ role_data:
+ description: Role data for the OVN northd service
+ value:
+ service_name: ovn_dbs
+ config_settings:
+ ovn::northbound::port: {get_param: OVNNorthboundServerPort}
+ ovn::southbound::port: {get_param: OVNSouthboundServerPort}
+ ovn::northd::dbs_listen_ip: {get_param: [ServiceNetMap, OvnDbsNetwork]}
+ step_config: |
+ include ::tripleo::profile::base::neutron::ovn_northd
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index abfb9c80..9adf1bdb 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Pacemaker service configured with Puppet
diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml
deleted file mode 100644
index 5dcb62ca..00000000
--- a/puppet/services/pacemaker/ceilometer-agent-central.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Central Agent service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerCentral:
- default: 'overcloud-ceilometer-agent-central'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-agent-central.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Central Agent pacemaker role.
- value:
- service_name: ceilometer_agent_central
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCentral}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::agent::central::manage_service: false
- ceilometer::agent::central::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::agent::central
diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml
deleted file mode 100644
index dbe14499..00000000
--- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Notification Agent service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerNotification:
- default: 'overcloud-ceilometer-agent-notification'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-agent-notification.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Notification Agent pacemaker role.
- value:
- service_name: ceilometer_agent_notification
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerNotification}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::agent::notification::manage_service: false
- ceilometer::agent::notification::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::agent::notification
diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml
deleted file mode 100644
index 4b6c18f6..00000000
--- a/puppet/services/pacemaker/ceilometer-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer API service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerApi:
- default: 'overcloud-ceilometer-api'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer API pacemaker role.
- value:
- service_name: ceilometer_api
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerApi}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::api::manage_service: false
- ceilometer::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::api
diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml
deleted file mode 100644
index 4c919515..00000000
--- a/puppet/services/pacemaker/ceilometer-collector.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Collector service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerCollector:
- default: 'overcloud-ceilometer-collector'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-collector.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Collector pacemaker role.
- value:
- service_name: ceilometer_collector
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCollector}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::collector::manage_service: false
- ceilometer::collector::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::collector
diff --git a/puppet/services/pacemaker/cinder-api.yaml b/puppet/services/pacemaker/cinder-api.yaml
deleted file mode 100644
index 6823789e..00000000
--- a/puppet/services/pacemaker/cinder-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Cinder API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- CinderApiBase:
- type: ../cinder-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Cinder API role.
- value:
- service_name: cinder_api
- monitoring_subscription: {get_attr: [CinderApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [CinderApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [CinderApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [CinderApiBase, role_data, config_settings]
- - cinder::api::manage_service: false
- cinder::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::cinder::api
diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml
index 2ebc7680..e75ac973 100644
--- a/puppet/services/pacemaker/cinder-backup.yaml
+++ b/puppet/services/pacemaker/cinder-backup.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Backup service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/cinder-scheduler.yaml b/puppet/services/pacemaker/cinder-scheduler.yaml
deleted file mode 100644
index 15e44be2..00000000
--- a/puppet/services/pacemaker/cinder-scheduler.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Cinder Scheduler service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- CinderSchedulerBase:
- type: ../cinder-scheduler.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Cinder Scheduler role.
- value:
- service_name: cinder_scheduler
- monitoring_subscription: {get_attr: [CinderSchedulerBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [CinderSchedulerBase, role_data, logging_source]}
- logging_groups: {get_attr: [CinderSchedulerBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [CinderSchedulerBase, role_data, config_settings]
- - cinder::scheduler::manage_service: false
- cinder::scheduler::enabled: false
- step_config:
- include ::tripleo::profile::pacemaker::cinder::scheduler
diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml
index d91a0181..bef47a57 100644
--- a/puppet/services/pacemaker/cinder-volume.yaml
+++ b/puppet/services/pacemaker/cinder-volume.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Volume service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/core.yaml b/puppet/services/pacemaker/core.yaml
deleted file mode 100644
index 9eca1de3..00000000
--- a/puppet/services/pacemaker/core.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Core (fake) service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-outputs:
- role_data:
- description: Role data for the Core role.
- value:
- service_name: core
- config_settings: {}
- step_config: |
- include ::tripleo::profile::pacemaker::core \ No newline at end of file
diff --git a/puppet/services/pacemaker/database/mongodb.yaml b/puppet/services/pacemaker/database/mongodb.yaml
deleted file mode 100644
index 982b6064..00000000
--- a/puppet/services/pacemaker/database/mongodb.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- MongoDb service deployment using puppet
-
-parameters:
- #Parameters not used EndpointMap
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- MongoDbBase:
- type: ../../database/mongodb.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Service mongodb using composable services.
- value:
- service_name: mongodb
- config_settings:
- map_merge:
- - get_attr: [MongoDbBase, role_data, config_settings]
- - tripleo::profile::pacemaker::database::mongodb::mongodb_replset: {get_attr: [MongoDbBase, aux_parameters, rplset_name]}
- mongodb::server::service_manage: False
- step_config: |
- include ::tripleo::profile::pacemaker::database::mongodb
diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml
index ea3d8abd..511a01ab 100644
--- a/puppet/services/pacemaker/database/mysql.yaml
+++ b/puppet/services/pacemaker/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
MySQL with Pacemaker service deployment using puppet
@@ -40,7 +40,7 @@ outputs:
- tripleo::profile::pacemaker::database::mysql::bind_address:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
@@ -53,3 +53,7 @@ outputs:
get_param: [ServiceNetMap, MysqlNetwork]
step_config: |
include ::tripleo::profile::pacemaker::database::mysql
+ upgrade_tasks:
+ - name: Check for galera root password
+ tags: step0
+ file: path=/root/.my.cnf state=file
diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml
index 196754eb..e702d28b 100644
--- a/puppet/services/pacemaker/database/redis.yaml
+++ b/puppet/services/pacemaker/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/pacemaker/glance-api.yaml b/puppet/services/pacemaker/glance-api.yaml
deleted file mode 100644
index 20a439f6..00000000
--- a/puppet/services/pacemaker/glance-api.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- GlanceFilePcmkDevice:
- default: ''
- description: >
- An exported storage device that should be mounted by Pacemaker
- as Glance storage. Effective when GlanceFilePcmkManage is true.
- type: string
- GlanceFilePcmkFstype:
- default: 'nfs'
- description: >
- Filesystem type for Pacemaker mount used as Glance storage.
- Effective when GlanceFilePcmkManage is true.
- type: string
- GlanceFilePcmkManage:
- default: false
- description: >
- Whether to make Glance file backend a mount managed by Pacemaker.
- Effective when GlanceBackend is 'file'.
- type: boolean
- GlanceFilePcmkOptions:
- default: ''
- description: >
- Mount options for Pacemaker mount used as Glance storage.
- Effective when GlanceFilePcmkManage is true.
- type: string
-
-resources:
-
- GlanceApiBase:
- type: ../glance-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance role.
- value:
- service_name: glance_api
- monitoring_subscription: {get_attr: [GlanceApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [GlanceApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [GlanceApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [GlanceApiBase, role_data, config_settings]
- - glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
- glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
- glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
- glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
- glance_file_pcmk_directory: '/var/lib/glance/images'
- glance::api::manage_service: false
- glance::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::glance
diff --git a/puppet/services/pacemaker/glance-registry.yaml b/puppet/services/pacemaker/glance-registry.yaml
deleted file mode 100644
index 41f89fdd..00000000
--- a/puppet/services/pacemaker/glance-registry.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance Registry service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- GlanceRegistryBase:
- type: ../glance-registry.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance role.
- value:
- service_name: glance_registry
- monitoring_subscription: {get_attr: [GlanceRegistryBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [GlanceRegistryBase, role_data, logging_source]}
- logging_groups: {get_attr: [GlanceRegistryBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [GlanceRegistryBase, role_data, config_settings]
- - glance::registry::manage_service: false
- glance::registry::enabled: false
- # No puppet manifests since glance-registry is included in
- # ::tripleo::profile::pacemaker::glance which is maintained alongside of
- # pacemaker/glance-api.yaml.
- step_config:
diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml
deleted file mode 100644
index 0f36b5d5..00000000
--- a/puppet/services/pacemaker/gnocchi-metricd.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Gnocchi service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionGnocchiMetricd:
- default: 'overcloud-gnocchi-metricd'
- type: string
-
-resources:
- GnocchiServiceBase:
- type: ../gnocchi-metricd.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Gnocchi role.
- value:
- service_name: gnocchi_metricd
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiMetricd}
- config_settings:
- map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
- gnocchi::metricd::enabled: false
- tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
-
- step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::metricd
diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml
deleted file mode 100644
index b9afc590..00000000
--- a/puppet/services/pacemaker/gnocchi-statsd.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Gnocchi service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionGnocchiStatsd:
- default: 'overcloud-gnocchi-statsd'
- type: string
-
-resources:
- GnocchiServiceBase:
- type: ../gnocchi-statsd.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Gnocchi role.
- value:
- service_name: gnocchi_statsd
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiStatsd}
- config_settings:
- map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::statsd::manage_service: false
- gnocchi::statsd::enabled: false
- tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
- step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::statsd
diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml
index e4115d64..50da4119 100644
--- a/puppet/services/pacemaker/haproxy.yaml
+++ b/puppet/services/pacemaker/haproxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
HAproxy service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml
deleted file mode 100644
index dd25905b..00000000
--- a/puppet/services/pacemaker/heat-api-cfn.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat CloudFormation API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiCfnBase:
- type: ../heat-api-cfn.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat CloudFormation API role.
- value:
- service_name: heat_api_cfn
- monitoring_subscription: {get_attr: [HeatApiCfnBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiCfnBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiCfnBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiCfnBase, role_data, config_settings]
- - heat::api_cfn::manage_service: false
- heat::api_cfn::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api_cfn
diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml
deleted file mode 100644
index 18d2a0d5..00000000
--- a/puppet/services/pacemaker/heat-api-cloudwatch.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat CloudWatch API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiCloudwatchBase:
- type: ../heat-api-cloudwatch.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat Cloudwatch API role.
- value:
- service_name: heat_api_cloudwatch
- monitoring_subscription: {get_attr: [HeatApiCloudwatchBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiCloudwatchBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiCloudwatchBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiCloudwatchBase, role_data, config_settings]
- - heat::api_cloudwatch::manage_service: false
- heat::api_cloudwatch::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api_cloudwatch
diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml
deleted file mode 100644
index 43122cb0..00000000
--- a/puppet/services/pacemaker/heat-api.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiBase:
- type: ../heat-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat API role.
- value:
- service_name: heat_api
- monitoring_subscription: {get_attr: [HeatApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiBase, role_data, config_settings]
- - heat::api::manage_service: false
- heat::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api
diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml
deleted file mode 100644
index 54bfdad2..00000000
--- a/puppet/services/pacemaker/heat-engine.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat Engine service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatEngineBase:
- type: ../heat-engine.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-
-outputs:
- role_data:
- description: Role data for the Heat engine role.
- value:
- service_name: heat_engine
- monitoring_subscription: {get_attr: [HeatEngineBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatEngineBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatEngineBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatEngineBase, role_data, config_settings]
- - heat::engine::manage_service: false
- heat::engine::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::engine
diff --git a/puppet/services/pacemaker/horizon.yaml b/puppet/services/pacemaker/horizon.yaml
deleted file mode 100644
index 18de23ae..00000000
--- a/puppet/services/pacemaker/horizon.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Horizon service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- HorizonBase:
- type: ../horizon.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Horizon role.
- value:
- service_name: horizon
- monitoring_subscription: {get_attr: [HorizonBase, role_data, monitoring_subscription]}
- config_settings:
- get_attr: [HorizonBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::base::horizon
- include ::tripleo::profile::pacemaker::apache
diff --git a/puppet/services/pacemaker/keystone.yaml b/puppet/services/pacemaker/keystone.yaml
deleted file mode 100644
index 908b9bbd..00000000
--- a/puppet/services/pacemaker/keystone.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Keystone service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- KeystoneServiceBase:
- type: ../keystone.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Keystone pacemaker role.
- value:
- service_name: keystone
- monitoring_subscription: {get_attr: [KeystoneServiceBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [KeystoneServiceBase, role_data, logging_source]}
- logging_groups: {get_attr: [KeystoneServiceBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [KeystoneServiceBase, role_data, config_settings]
- - keystone::manage_service: false
- keystone::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::keystone
diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml
index cabc31a0..ddc13df3 100644
--- a/puppet/services/pacemaker/manila-share.yaml
+++ b/puppet/services/pacemaker/manila-share.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
The manila-share service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/memcached.yaml b/puppet/services/pacemaker/memcached.yaml
deleted file mode 100644
index 04b895b6..00000000
--- a/puppet/services/pacemaker/memcached.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Mecached service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- MemcachedServiceBase:
- type: ../memcached.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Memcached pacemaker role.
- value:
- service_name: memcached
- monitoring_subscription: {get_attr: [MemcachedServiceBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [MemcachedServiceBase, role_data, config_settings]
- - memcached::service_manage: false
- step_config: |
- include ::tripleo::profile::pacemaker::memcached
diff --git a/puppet/services/pacemaker/neutron-dhcp.yaml b/puppet/services/pacemaker/neutron-dhcp.yaml
deleted file mode 100644
index 7fca73d6..00000000
--- a/puppet/services/pacemaker/neutron-dhcp.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron DHCP service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronDhcpBase:
- type: ../neutron-dhcp.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron DHCP role.
- value:
- service_name: neutron_dhcp
- monitoring_subscription: {get_attr: [NeutronDhcpBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronDhcpBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronDhcpBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronDhcpBase, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_dhcp: True
- neutron::agents::dhcp::enabled: false
- neutron::agents::dhcp::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::dhcp
diff --git a/puppet/services/pacemaker/neutron-l3.yaml b/puppet/services/pacemaker/neutron-l3.yaml
deleted file mode 100644
index cdb87f50..00000000
--- a/puppet/services/pacemaker/neutron-l3.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron L3 service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronL3Base:
- type: ../neutron-l3.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron L3 role.
- value:
- service_name: neutron_l3
- monitoring_subscription: {get_attr: [NeutronL3Base, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronL3Base, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronL3Base, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronL3Base, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_l3: True
- neutron::agents::l3::enabled: false
- neutron::agents::l3::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::l3
diff --git a/puppet/services/pacemaker/neutron-metadata.yaml b/puppet/services/pacemaker/neutron-metadata.yaml
deleted file mode 100644
index 49a31eb5..00000000
--- a/puppet/services/pacemaker/neutron-metadata.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Metadata service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMetadataBase:
- type: ../neutron-metadata.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Metadata role.
- value:
- service_name: neutron_metadata
- monitoring_subscription: {get_attr: [NeutronMetadataBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronMetadataBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronMetadataBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronMetadataBase, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_metadata: True
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::metadata
diff --git a/puppet/services/pacemaker/neutron-midonet.yaml b/puppet/services/pacemaker/neutron-midonet.yaml
deleted file mode 100644
index fdd5dafb..00000000
--- a/puppet/services/pacemaker/neutron-midonet.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Midonet with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMidonetBase:
- type: ../neutron-midonet.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Midonet plugin.
- value:
- service_name: neutron_midonet
- monitoring_subscription: {get_attr: [NeutronMidonetBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [NeutronMidonetBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::midonet
diff --git a/puppet/services/pacemaker/neutron-ovs-agent.yaml b/puppet/services/pacemaker/neutron-ovs-agent.yaml
deleted file mode 100644
index a2bd7c83..00000000
--- a/puppet/services/pacemaker/neutron-ovs-agent.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron OVS agent with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronOvsBase:
- type: ../neutron-ovs-agent.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron OVS agent service.
- value:
- service_name: neutron_ovs_agent
- monitoring_subscription: {get_attr: [NeutronOvsBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronOvsBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronOvsBase, role_data, logging_groups]}
- config_settings:
- get_attr: [NeutronOvsBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::ovs
diff --git a/puppet/services/pacemaker/neutron-plugin-ml2.yaml b/puppet/services/pacemaker/neutron-plugin-ml2.yaml
deleted file mode 100644
index 234f116e..00000000
--- a/puppet/services/pacemaker/neutron-plugin-ml2.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron ML2 Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMl2Base:
- type: ../neutron-plugin-ml2.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron ML2 plugin.
- value:
- service_name: neutron_plugin_ml2
- config_settings:
- map_merge:
- - get_attr: [NeutronMl2Base, role_data, config_settings]
- - neutron::agents::ml2::ovs::enabled: false
- neutron::agents::ml2::ovs::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::ml2
diff --git a/puppet/services/pacemaker/neutron-plugin-nuage.yaml b/puppet/services/pacemaker/neutron-plugin-nuage.yaml
deleted file mode 100644
index 9fca2cc3..00000000
--- a/puppet/services/pacemaker/neutron-plugin-nuage.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginNuageBase:
- type: ../neutron-plugin-nuage.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Nuage plugin.
- value:
- service_name: neutron_plugin_nuage
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginNuageBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::nuage
diff --git a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml
deleted file mode 100644
index 80d6ed92..00000000
--- a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginOpenContrail:
- type: ../neutron-plugin-nuage.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron OpenContrail plugin.
- value:
- service_name: neutron_plugin_opencontrail
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginOpenContrail, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::opencontrail
diff --git a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml
deleted file mode 100644
index 5dd4e588..00000000
--- a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginPlumgridBase:
- type: ../neutron-plugin-ml2.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron PLUMgrid plugin.
- value:
- service_name: neutron_plugin_plumgrid
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginPlumgridBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::plumgrid
diff --git a/puppet/services/pacemaker/neutron-server.yaml b/puppet/services/pacemaker/neutron-server.yaml
deleted file mode 100644
index 33bc2d99..00000000
--- a/puppet/services/pacemaker/neutron-server.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Server with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- NeutronL3HA:
- default: true
- description: Whether to enable HA for virtual routers
- type: boolean
-
-resources:
-
- NeutronServerBase:
- type: ../neutron-server.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Server.
- value:
- service_name: neutron_server
- monitoring_subscription: {get_attr: [NeutronServerBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [NeutronServerBase, role_data, config_settings]
- - neutron::server::enabled: false
- neutron::server::manage_service: false
- neutron::server::l3_ha: {get_param: NeutronL3HA}
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::server
diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml
deleted file mode 100644
index b86e438a..00000000
--- a/puppet/services/pacemaker/nova-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaApiBase:
- type: ../nova-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova API role.
- value:
- service_name: nova_api
- monitoring_subscription: {get_attr: [NovaApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaApiBase, role_data, config_settings]
- - nova::api::manage_service: false
- nova::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::api
diff --git a/puppet/services/pacemaker/nova-conductor.yaml b/puppet/services/pacemaker/nova-conductor.yaml
deleted file mode 100644
index a0a766ec..00000000
--- a/puppet/services/pacemaker/nova-conductor.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Conductor service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaConductorBase:
- type: ../nova-conductor.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Conductor role.
- value:
- service_name: nova_conductor
- monitoring_subscription: {get_attr: [NovaConductorBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaConductorBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaConductorBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaConductorBase, role_data, config_settings]
- - nova::conductor::manage_service: false
- nova::conductor::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::conductor
diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml
deleted file mode 100644
index 5d51eb47..00000000
--- a/puppet/services/pacemaker/nova-consoleauth.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Consoleauth service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaConsoleauthBase:
- type: ../nova-consoleauth.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Consoleauth role.
- value:
- service_name: nova_consoleauth
- monitoring_subscription: {get_attr: [NovaConsoleauthBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaConsoleauthBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaConsoleauthBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaConsoleauthBase, role_data, config_settings]
- - nova::consoleauth::manage_service: false
- nova::consoleauth::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::consoleauth
diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml
deleted file mode 100644
index 8828ee11..00000000
--- a/puppet/services/pacemaker/nova-scheduler.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Scheduler service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaSchedulerBase:
- type: ../nova-scheduler.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Scheduler role.
- value:
- service_name: nova_scheduler
- monitoring_subscription: {get_attr: [NovaSchedulerBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaSchedulerBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaSchedulerBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaSchedulerBase, role_data, config_settings]
- - nova::scheduler::manage_service: false
- nova::scheduler::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::scheduler
diff --git a/puppet/services/pacemaker/nova-vnc-proxy.yaml b/puppet/services/pacemaker/nova-vnc-proxy.yaml
deleted file mode 100644
index ebe84a03..00000000
--- a/puppet/services/pacemaker/nova-vnc-proxy.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Vncproxy service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaVncproxyBase:
- type: ../nova-vnc-proxy.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Vncproxy role.
- value:
- service_name: nova_vnc_proxy
- monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaVncproxyBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaVncproxyBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaVncproxyBase, role_data, config_settings]
- - nova::vncproxy::manage_service: false
- nova::vncproxy::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::vncproxy
diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml
index f3fa2d28..03c2c83f 100644
--- a/puppet/services/pacemaker/rabbitmq.yaml
+++ b/puppet/services/pacemaker/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
RabbitMQ service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml
deleted file mode 100644
index 3dfb7d94..00000000
--- a/puppet/services/pacemaker/sahara-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Sahara API service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- SaharaApiBase:
- type: ../sahara-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Sahara API role.
- value:
- service_name: sahara_api
- monitoring_subscription: {get_attr: [SaharaApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [SaharaApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [SaharaApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [SaharaApiBase, role_data, config_settings]
- - sahara::service::api::manage_service: false
- sahara::service::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::sahara::api
diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml
deleted file mode 100644
index a06d11b3..00000000
--- a/puppet/services/pacemaker/sahara-engine.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Sahara Engine service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- SaharaEngineBase:
- type: ../sahara-engine.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Sahara Engine role.
- value:
- service_name: sahara_engine
- monitoring_subscription: {get_attr: [SaharaEngineBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [SaharaEngineBase, role_data, logging_source]}
- logging_groups: {get_attr: [SaharaEngineBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [SaharaEngineBase, role_data, config_settings]
- - sahara::service::engine::manage_service: false
- sahara::service::engine::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::sahara::engine
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
index 700edc7f..06284fb2 100644
--- a/puppet/services/panko-api.yaml
+++ b/puppet/services/panko-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Panko API service configured with Puppet
@@ -55,7 +55,7 @@ outputs:
panko::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
panko::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
panko::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/panko-base.yaml b/puppet/services/panko-base.yaml
index 32754a55..6e25d796 100644
--- a/puppet/services/panko-base.yaml
+++ b/puppet/services/panko-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Panko service configured with Puppet
@@ -37,7 +37,6 @@ outputs:
value:
service_name: panko_base
config_settings:
- panko_redis_password: {get_param: RedisPassword}
panko::db::database_connection:
list_join:
- ''
@@ -47,6 +46,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/panko'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
panko::debug: {get_param: Debug}
panko::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
panko::keystone::authtoken::project_name: 'service'
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index b77e0a91..ab9dad46 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
RabbitMQ service configured with Puppet
@@ -69,10 +69,13 @@ outputs:
rabbitmq::delete_guest_user: false
rabbitmq::wipe_db_on_cookie_change: true
rabbitmq::port: '5672'
+ rabbitmq::package_provider: yum
rabbitmq::package_source: undef
rabbitmq::repos_ensure: false
rabbitmq::tcp_keepalive: true
rabbitmq_environment:
+ NODE_PORT: ''
+ NODE_IP_ADDRESS: ''
RABBITMQ_NODENAME: "rabbit@%{::hostname}"
RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
rabbitmq_kernel_variables:
@@ -95,7 +98,7 @@ outputs:
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+ rabbitmq::interface: {get_param: [ServiceNetMap, RabbitmqNetwork]}
rabbitmq::nr_ha_queues: {get_param: RabbitHAQueues}
step_config: |
include ::tripleo::profile::base::rabbitmq
@@ -104,6 +107,6 @@ outputs:
tags: step2
service: name=rabbitmq-server state=stopped
- name: Start rabbitmq service
- tags: step6
+ tags: step4
service: name=rabbitmq-server state=started
diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml
index 54e63df4..9e494385 100644
--- a/puppet/services/sahara-api.yaml
+++ b/puppet/services/sahara-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara API service configured with Puppet
diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml
index 4072a150..b4307053 100644
--- a/puppet/services/sahara-base.yaml
+++ b/puppet/services/sahara-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara base service. Shared for all Sahara services.
@@ -64,6 +64,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/sahara'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
sahara::rabbit_password: {get_param: RabbitPassword}
sahara::rabbit_user: {get_param: RabbitUserName}
sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml
index 287c1c05..a1521c28 100644
--- a/puppet/services/sahara-engine.yaml
+++ b/puppet/services/sahara-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara Engine service configured with Puppet
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index 13df5bbe..90268c78 100644
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Utility stack to convert an array of services into a set of combined
@@ -42,6 +42,11 @@ resources:
LoggingConfiguration:
type: OS::TripleO::LoggingConfiguration
+ ServiceServerMetadataHook:
+ type: OS::TripleO::ServiceServerMetadataHook
+ properties:
+ RoleData: {get_attr: [ServiceChain, role_data]}
+
outputs:
role_data:
description: Combined Role data for this set of services.
@@ -113,3 +118,4 @@ outputs:
# Note we use distinct() here to filter any identical tasks, e.g yum update for all services
expression: $.data.where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
+ service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml
index 4d01632d..be9d143e 100644
--- a/puppet/services/snmp.yaml
+++ b/puppet/services/snmp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
SNMP client configured with Puppet, to facilitate Ceilometer Hardware
diff --git a/puppet/services/swift-base.yaml b/puppet/services/swift-base.yaml
index 741adb4d..6046d5e8 100644
--- a/puppet/services/swift-base.yaml
+++ b/puppet/services/swift-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Proxy service configured with Puppet
diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml
index ba184ab0..6ccfe7a2 100644
--- a/puppet/services/swift-proxy.yaml
+++ b/puppet/services/swift-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Proxy service configured with Puppet
@@ -49,6 +49,18 @@ parameters:
default: guest
description: The username for RabbitMQ
type: string
+ SwiftCeilometerPipelineEnabled:
+ description: Set to False to disable the swift proxy ceilometer pipeline.
+ default: True
+ type: boolean
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+
+conditions:
+
+ ceilometer_pipeline_enabled: {equals : [{get_param: SwiftCeilometerPipelineEnabled}, True]}
resources:
SwiftBase:
@@ -78,6 +90,8 @@ outputs:
swift::proxy::ceilometer::rabbit_password: {get_param: RabbitPassword}
swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
swift::proxy::ceilometer::nonblocking_notify: true
+ tripleo::profile::base::swift::proxy::rabbit_port: {get_param: RabbitClientPort}
+ tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
tripleo.swift_proxy.firewall_rules:
'122 swift proxy':
dport:
@@ -89,26 +103,34 @@ outputs:
- ResellerAdmin
swift::proxy::versioned_writes::allow_versioned_writes: true
swift::proxy::pipeline:
- - 'catch_errors'
- - 'healthcheck'
- - 'proxy-logging'
- - 'cache'
- - 'ratelimit'
- - 'bulk'
- - 'tempurl'
- - 'formpost'
- - 'authtoken'
- - 'keystone'
- - 'staticweb'
- - 'copy'
- - 'container-quotas'
- - 'account-quotas'
- - 'slo'
- - 'dlo'
- - 'versioned_writes'
- - 'ceilometer'
- - 'proxy-logging'
- - 'proxy-server'
+ yaql:
+ expression: $.data.pipeline.where($ != '')
+ data:
+ pipeline:
+ - 'catch_errors'
+ - 'healthcheck'
+ - 'proxy-logging'
+ - 'cache'
+ - 'ratelimit'
+ - 'bulk'
+ - 'tempurl'
+ - 'formpost'
+ - 'authtoken'
+ - 'keystone'
+ - 'staticweb'
+ - 'copy'
+ - 'container-quotas'
+ - 'account-quotas'
+ - 'slo'
+ - 'dlo'
+ - 'versioned_writes'
+ -
+ if:
+ - ceilometer_pipeline_enabled
+ - 'ceilometer'
+ - ''
+ - 'proxy-logging'
+ - 'proxy-server'
swift::proxy::account_autocreate: true
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml
index 5c70b6ab..a7ba7bad 100644
--- a/puppet/services/swift-ringbuilder.yaml
+++ b/puppet/services/swift-ringbuilder.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Swift Ringbuilder
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index cffe78f5..00ae9c35 100644
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Storage service configured with Puppet
diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml
index eb5237fe..7c3a19a9 100644
--- a/puppet/services/time/ntp.yaml
+++ b/puppet/services/time/ntp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
NTP service deployment using puppet, this YAML file
diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml
index 384b5191..5d0eeae3 100644
--- a/puppet/services/time/timezone.yaml
+++ b/puppet/services/time/timezone.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Composable Timezone service
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
index 7eb39905..67e14d9c 100644
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
TripleO Firewall settings
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index 69912fa5..737be829 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
TripleO Package installation settings
@@ -33,6 +33,14 @@ outputs:
step_config: |
include ::tripleo::packages
upgrade_tasks:
+ - name: Check yum for rpm-python present
+ tags: step0
+ yum: "name=rpm-python state=present"
+ register: rpm_python_check
+ - name: Fail when rpm-python wasn't present
+ fail: msg="rpm-python package was not present before this run! Check environment before re-running"
+ when: rpm_python_check.changed != false
+ tags: step0
- name: Update all packages
tags: step3
yum: name=* state=latest
diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
new file mode 100644
index 00000000..0224ac13
--- /dev/null
+++ b/puppet/services/zaqar.yaml
@@ -0,0 +1,66 @@
+heat_template_version: ocata
+
+description: >
+ Openstack Zaqar service. Shared for all Heat services.
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ ZaqarPassword:
+ description: The password for Zaqar
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+
+
+outputs:
+ role_data:
+ description: Shared role data for the Heat services.
+ value:
+ service_name: zaqar
+ config_settings:
+ zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
+ zaqar::keystone::authtoken::project_name: 'service'
+ zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ zaqar::debug: {get_param: Debug}
+ zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
+ zaqar::transport::wsgi::bind: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
+ zaqar::message_pipeline: 'zaqar.notification.notifier'
+ zaqar::unreliable: true
+ service_config_settings:
+ keystone:
+ zaqar::keystone::auth::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
+ zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
+ zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
+ zaqar::keystone::auth::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth::tenant: 'service'
+ zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
+ zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
+ zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
+ zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth_websocket::tenant: 'service'
+
+ step_config: |
+ include ::tripleo::profile::base::zaqar
diff --git a/puppet/upgrade_config.yaml b/puppet/upgrade_config.yaml
index c67e10b3..e892d813 100644
--- a/puppet/upgrade_config.yaml
+++ b/puppet/upgrade_config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade for via ansible by applying a step related tag'
parameters:
@@ -35,6 +35,7 @@ resources:
template: "stepSTEP"
params:
STEP: {get_param: step}
+ modulepath: /usr/share/ansible-modules
inputs:
- name: role
config: {get_attr: [AnsibleConfig, value]}
diff --git a/releasenotes/source/_static/.placeholder b/releasenotes/source/_static/.placeholder
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/releasenotes/source/_static/.placeholder
diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py
new file mode 100644
index 00000000..8da995b0
--- /dev/null
+++ b/releasenotes/source/conf.py
@@ -0,0 +1,264 @@
+# -*- coding: utf-8 -*-
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#sys.path.insert(0, os.path.abspath('.'))
+
+# -- General configuration ------------------------------------------------
+
+# If your documentation needs a minimal Sphinx version, state it here.
+#needs_sphinx = '1.0'
+
+# Add any Sphinx extension module names here, as strings. They can be
+# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
+# ones.
+extensions = [
+ 'oslosphinx',
+ 'reno.sphinxext',
+]
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ['_templates']
+
+# The suffix of source filenames.
+source_suffix = '.rst'
+
+# The encoding of source files.
+#source_encoding = 'utf-8-sig'
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u'tripleo-heat-templates Release Notes'
+copyright = u'2017, TripleO Developers'
+
+# The version info for the project you're documenting, acts as replacement for
+# |version| and |release|, also used in various other places throughout the
+# built documents.
+#
+# The full version, including alpha/beta/rc tags.
+release = '6.0.0.0b3'
+# The short X.Y version.
+version = '6.0.0'
+
+# The full version, including alpha/beta/rc tags.
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#language = None
+
+# There are two options for replacing |today|: either, you set today to some
+# non-false value, then it is used:
+#today = ''
+# Else, today_fmt is used as the format for a strftime call.
+#today_fmt = '%B %d, %Y'
+
+# List of patterns, relative to source directory, that match files and
+# directories to ignore when looking for source files.
+exclude_patterns = []
+
+# The reST default role (used for this markup: `text`) to use for all
+# documents.
+#default_role = None
+
+# If true, '()' will be appended to :func: etc. cross-reference text.
+#add_function_parentheses = True
+
+# If true, the current module name will be prepended to all description
+# unit titles (such as .. function::).
+#add_module_names = True
+
+# If true, sectionauthor and moduleauthor directives will be shown in the
+# output. They are ignored by default.
+#show_authors = False
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# A list of ignored prefixes for module index sorting.
+#modindex_common_prefix = []
+
+# If true, keep warnings as "system message" paragraphs in the built documents.
+#keep_warnings = False
+
+
+# -- Options for HTML output ----------------------------------------------
+
+# The theme to use for HTML and HTML Help pages. See the documentation for
+# a list of builtin themes.
+html_theme = 'default'
+
+# Theme options are theme-specific and customize the look and feel of a theme
+# further. For a list of options available for each theme, see the
+# documentation.
+#html_theme_options = {}
+
+# Add any paths that contain custom themes here, relative to this directory.
+#html_theme_path = []
+
+# The name for this set of Sphinx documents. If None, it defaults to
+# "<project> v<release> documentation".
+#html_title = None
+
+# A shorter title for the navigation bar. Default is the same as html_title.
+#html_short_title = None
+
+# The name of an image file (relative to this directory) to place at the top
+# of the sidebar.
+#html_logo = None
+
+# The name of an image file (within the static path) to use as favicon of the
+# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
+# pixels large.
+#html_favicon = None
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = ['_static']
+
+# Add any extra paths that contain custom files (such as robots.txt or
+# .htaccess) here, relative to this directory. These files are copied
+# directly to the root of the documentation.
+#html_extra_path = []
+
+# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
+# using the given strftime format.
+#html_last_updated_fmt = '%b %d, %Y'
+
+# If true, SmartyPants will be used to convert quotes and dashes to
+# typographically correct entities.
+#html_use_smartypants = True
+
+# Custom sidebar templates, maps document names to template names.
+#html_sidebars = {}
+
+# Additional templates that should be rendered to pages, maps page names to
+# template names.
+#html_additional_pages = {}
+
+# If false, no module index is generated.
+#html_domain_indices = True
+
+# If false, no index is generated.
+#html_use_index = True
+
+# If true, the index is split into individual pages for each letter.
+#html_split_index = False
+
+# If true, links to the reST sources are added to the pages.
+#html_show_sourcelink = True
+
+# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
+#html_show_sphinx = True
+
+# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
+#html_show_copyright = True
+
+# If true, an OpenSearch description file will be output, and all pages will
+# contain a <link> tag referring to it. The value of this option must be the
+# base URL from which the finished HTML is served.
+#html_use_opensearch = ''
+
+# This is the file name suffix for HTML files (e.g. ".xhtml").
+#html_file_suffix = None
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'tripleo-heat-templatesReleaseNotesdoc'
+
+
+# -- Options for LaTeX output ---------------------------------------------
+
+latex_elements = {
+# The paper size ('letterpaper' or 'a4paper').
+#'papersize': 'letterpaper',
+
+# The font size ('10pt', '11pt' or '12pt').
+#'pointsize': '10pt',
+
+# Additional stuff for the LaTeX preamble.
+#'preamble': '',
+}
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title,
+# author, documentclass [howto, manual, or own class]).
+latex_documents = [
+ ('index', 'tripleo-heat-templatesReleaseNotes.tex', u'tripleo-heat-templates Release Notes Documentation',
+ u'2016, TripleO Developers', 'manual'),
+]
+
+# The name of an image file (relative to this directory) to place at the top of
+# the title page.
+#latex_logo = None
+
+# For "manual" documents, if this is true, then toplevel headings are parts,
+# not chapters.
+#latex_use_parts = False
+
+# If true, show page references after internal links.
+#latex_show_pagerefs = False
+
+# If true, show URL addresses after external links.
+#latex_show_urls = False
+
+# Documents to append as an appendix to all manuals.
+#latex_appendices = []
+
+# If false, no module index is generated.
+#latex_domain_indices = True
+
+
+# -- Options for manual page output ---------------------------------------
+
+# One entry per manual page. List of tuples
+# (source start file, name, description, authors, manual section).
+man_pages = [
+ ('index', 'tripleo-heat-templatesreleasenotes', u'tripleo-heat-templates Release Notes Documentation',
+ [u'2016, TripleO Developers'], 1)
+]
+
+# If true, show URL addresses after external links.
+#man_show_urls = False
+
+
+# -- Options for Texinfo output -------------------------------------------
+
+# Grouping the document tree into Texinfo files. List of tuples
+# (source start file, target name, title, author,
+# dir menu entry, description, category)
+texinfo_documents = [
+ ('index', 'tripleo-heat-templatesReleaseNotes', u'tripleo-heat-templates Release Notes Documentation',
+ u'2016, TripleO Developers', 'tripleo-heat-templatesReleaseNotes', 'One line description of project.',
+ 'Miscellaneous'),
+]
+
+# Documents to append as an appendix to all manuals.
+#texinfo_appendices = []
+
+# If false, no module index is generated.
+#texinfo_domain_indices = True
+
+# How to display URL addresses: 'footnote', 'no', or 'inline'.
+#texinfo_show_urls = 'footnote'
+
+# If true, do not generate a @detailmenu in the "Top" node's menu.
+#texinfo_no_detailmenu = False
+
+# -- Options for Internationalization output ------------------------------
+locale_dirs = ['locale/']
diff --git a/releasenotes/source/index.rst b/releasenotes/source/index.rst
new file mode 100644
index 00000000..9767dad2
--- /dev/null
+++ b/releasenotes/source/index.rst
@@ -0,0 +1,18 @@
+================================================
+Welcome to tripleo-heat-templates Release Notes!
+================================================
+
+Contents
+========
+
+.. toctree::
+ :maxdepth: 2
+
+ unreleased
+
+
+Indices and tables
+==================
+
+* :ref:`genindex`
+* :ref:`search`
diff --git a/releasenotes/source/unreleased.rst b/releasenotes/source/unreleased.rst
new file mode 100644
index 00000000..2334dd5c
--- /dev/null
+++ b/releasenotes/source/unreleased.rst
@@ -0,0 +1,5 @@
+==============================
+ Current Series Release Notes
+==============================
+
+ .. release-notes::
diff --git a/requirements.txt b/requirements.txt
index 9c4a708a..057aa287 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,6 @@
-pbr>=0.5.21,<1.0
-Jinja2>=2.8 # BSD License (3 clause)
+# The order of packages is significant, because pip processes them in the order
+# of appearance. Changing the order has an impact on the overall integration
+# process, which may cause wedges in the gate later.
+pbr>=1.8 # Apache-2.0
+Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
+six>=1.9.0 # MIT
diff --git a/roles_data.yaml b/roles_data.yaml
index d7ed80c5..bbb1ab7a 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -14,14 +14,18 @@
# defaults to '%stackname%-{{role.name.lower()}}-%index%'
# sets the default for {{role.name}}HostnameFormat parameter in overcloud.yaml
#
+# disable_constraints: (boolean) optional, whether to disable Nova and Glance
+# constraints for each role specified in the templates.
+#
# ServicesDefault: (list) optional default list of services to be deployed
# on the role, defaults to an empty list. Sets the default for the
# {{role.name}}Services parameter in overcloud.yaml
-- name: Controller
+- name: Controller # the 'primary' role goes first
CountDefault: 1
ServicesDefault:
- OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephMds
- OS::TripleO::Services::CephMon
- OS::TripleO::Services::CephExternal
- OS::TripleO::Services::CephRgw
@@ -29,11 +33,9 @@
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
- - OS::TripleO::Services::Core
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- - OS::TripleO::Services::GlanceRegistry
- OS::TripleO::Services::HeatApi
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
@@ -54,6 +56,7 @@
- OS::TripleO::Services::NovaConductor
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
- OS::TripleO::Services::NovaMetadata
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaConsoleauth
@@ -96,6 +99,10 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::BarbicanApi
- OS::TripleO::Services::PankoApi
+ - OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::NeutronML2FujitsuCfab
+ - OS::TripleO::Services::CinderHPELeftHandISCSI
- name: Compute
CountDefault: 1
diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml
new file mode 100644
index 00000000..2759429c
--- /dev/null
+++ b/roles_data_undercloud.yaml
@@ -0,0 +1,35 @@
+- name: Undercloud # the 'primary' role goes first
+ CountDefault: 1
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::Apache
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::MistralEngine
+ - OS::TripleO::Services::MistralApi
+ - OS::TripleO::Services::MistralExecutor
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronApi
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::NeutronDhcpAgent
diff --git a/scripts/hosts-config.sh b/scripts/hosts-config.sh
index 4826d615..f456b316 100755
--- a/scripts/hosts-config.sh
+++ b/scripts/hosts-config.sh
@@ -30,17 +30,9 @@ write_entries() {
}
if [ ! -z "$hosts" ]; then
- # cloud-init files are /etc/cloud/templates/hosts.OSNAME.tmpl
- DIST=$(lsb_release -is | tr -s [A-Z] [a-z])
- case $DIST in
- fedora|redhatenterpriseserver)
- name="redhat"
- ;;
- *)
- name="$DIST"
- ;;
- esac
- write_entries "/etc/cloud/templates/hosts.${name}.tmpl" "$hosts"
+ for tmpl in /etc/cloud/templates/hosts.*.tmpl ; do
+ write_entries "$tmpl" "$hosts"
+ done
write_entries "/etc/hosts" "$hosts"
else
echo "No hosts in Heat, nothing written."
diff --git a/setup.py b/setup.py
index 70c2b3f3..782bb21f 100644
--- a/setup.py
+++ b/setup.py
@@ -1,4 +1,3 @@
-#!/usr/bin/env python
# Copyright (c) 2013 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,6 +16,14 @@
# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT
import setuptools
+# In python < 2.7.4, a lazy loading of package `pbr` will break
+# setuptools if some other modules registered functions in `atexit`.
+# solution from: http://bugs.python.org/issue15881#msg170215
+try:
+ import multiprocessing # noqa
+except ImportError:
+ pass
+
setuptools.setup(
- setup_requires=['pbr'],
+ setup_requires=['pbr>=1.8'],
pbr=True)
diff --git a/test-requirements.txt b/test-requirements.txt
index c3726e8b..06bce5a2 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1 +1,9 @@
-pyyaml
+# The order of packages is significant, because pip processes them in the order
+# of appearance. Changing the order has an impact on the overall integration
+# process, which may cause wedges in the gate later.
+PyYAML>=3.10.0 # MIT
+Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
+six>=1.9.0 # MIT
+sphinx!=1.3b1,<1.4,>=1.2.1 # BSD
+oslosphinx>=4.7.0 # Apache-2.0
+reno>=1.8.0 # Apache-2.0
diff --git a/tools/process-templates.py b/tools/process-templates.py
index a15b00e2..9a06812b 100755
--- a/tools/process-templates.py
+++ b/tools/process-templates.py
@@ -14,6 +14,7 @@
import argparse
import jinja2
import os
+import six
import sys
import yaml
diff --git a/tools/releasenotes_tox.sh b/tools/releasenotes_tox.sh
new file mode 100755
index 00000000..4fecfd92
--- /dev/null
+++ b/tools/releasenotes_tox.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+rm -rf releasenotes/build
+
+sphinx-build -a -E -W \
+ -d releasenotes/build/doctrees \
+ -b html \
+ releasenotes/source releasenotes/build/html
+BUILD_RESULT=$?
+
+UNCOMMITTED_NOTES=$(git status --porcelain | \
+ awk '$1 == "M" && $2 ~ /releasenotes\/notes/ {print $2}')
+
+if [ "${UNCOMMITTED_NOTES}" ]
+then
+ cat <<EOF
+
+REMINDER: The following changes to release notes have not been committed:
+
+${UNCOMMITTED_NOTES}
+
+While that may be intentional, keep in mind that release notes are built from
+committed changes, not the working directory.
+
+EOF
+fi
+
+exit ${BUILD_RESULT}
diff --git a/tools/tox_install.sh b/tools/tox_install.sh
new file mode 100755
index 00000000..e61b63a8
--- /dev/null
+++ b/tools/tox_install.sh
@@ -0,0 +1,30 @@
+#!/usr/bin/env bash
+
+# Client constraint file contains this client version pin that is in conflict
+# with installing the client from source. We should remove the version pin in
+# the constraints file before applying it for from-source installation.
+
+CONSTRAINTS_FILE="$1"
+shift 1
+
+set -e
+
+# NOTE(tonyb): Place this in the tox enviroment's log dir so it will get
+# published to logs.openstack.org for easy debugging.
+localfile="$VIRTUAL_ENV/log/upper-constraints.txt"
+
+if [[ "$CONSTRAINTS_FILE" != http* ]]; then
+ CONSTRAINTS_FILE="file://$CONSTRAINTS_FILE"
+fi
+# NOTE(tonyb): need to add curl to bindep.txt if the project supports bindep
+curl "$CONSTRAINTS_FILE" --insecure --progress-bar --output "$localfile"
+
+pip install -c"$localfile" openstack-requirements
+
+# This is the main purpose of the script: Allow local installation of
+# the current repo. It is listed in constraints file and thus any
+# install will be constrained and we need to unconstrain it.
+edit-constraints "$localfile" -- "$CLIENT_NAME"
+
+pip install -c"$localfile" -U "$@"
+exit $?
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py
index 95c7d025..f2359af6 100755
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@@ -19,11 +19,80 @@ import yaml
required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords']
+envs_containing_endpoint_map = ['tls-endpoints-public-dns.yaml',
+ 'tls-endpoints-public-ip.yaml',
+ 'tls-everywhere-endpoints-dns.yaml']
+ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
+
def exit_usage():
print('Usage %s <yaml file or directory>' % sys.argv[0])
sys.exit(1)
+def get_base_endpoint_map(filename):
+ try:
+ tpl = yaml.load(open(filename).read())
+ return tpl['parameters']['EndpointMap']['default']
+ except Exception:
+ print(traceback.format_exc())
+ return None
+
+
+def get_endpoint_map_from_env(filename):
+ try:
+ tpl = yaml.load(open(filename).read())
+ return {
+ 'file': filename,
+ 'map': tpl['parameter_defaults']['EndpointMap']
+ }
+ except Exception:
+ print(traceback.format_exc())
+ return None
+
+
+def validate_endpoint_map(base_map, env_map):
+ return sorted(base_map.keys()) == sorted(env_map.keys())
+
+
+def validate_mysql_connection(settings):
+ no_op = lambda *args: False
+ error_status = [0]
+
+ def mysql_protocol(items):
+ return items == ['EndpointMap', 'MysqlInternal', 'protocol']
+
+ def client_bind_address(item):
+ return 'bind_address' in item
+
+ def validate_mysql_uri(key, items):
+ # Only consider a connection if it targets mysql
+ if key.endswith('connection') and \
+ search(items, mysql_protocol, no_op):
+ # Assume the "bind_address" option is one of
+ # the token that made up the uri
+ if not search(items, client_bind_address, no_op):
+ error_status[0] = 1
+ return False
+
+ def search(item, check_item, check_key):
+ if check_item(item):
+ return True
+ elif isinstance(item, list):
+ for i in item:
+ if search(i, check_item, check_key):
+ return True
+ elif isinstance(item, dict):
+ for k in item.keys():
+ if check_key(k, item[k]):
+ return True
+ elif search(item[k], check_item, check_key):
+ return True
+ return False
+
+ search(settings, no_op, validate_mysql_uri)
+ return error_status[0]
+
+
def validate_service(filename, tpl):
if 'outputs' in tpl and 'role_data' in tpl['outputs']:
if 'value' not in tpl['outputs']['role_data']:
@@ -41,6 +110,12 @@ def validate_service(filename, tpl):
print('ERROR: service_name should match file name for service: %s.'
% filename)
return 1
+ # if service connects to mysql, the uri should use option
+ # bind_address to avoid issues with VIP failover
+ if 'config_settings' in role_data and \
+ validate_mysql_connection(role_data['config_settings']):
+ print('ERROR: mysql connection uri should use option bind_address')
+ return 1
if 'parameters' in tpl:
for param in required_params:
if param not in tpl['parameters']:
@@ -83,6 +158,8 @@ if len(sys.argv) < 2:
path_args = sys.argv[1:]
exit_val = 0
failed_files = []
+base_endpoint_map = None
+env_endpoint_maps = list()
for base_path in path_args:
if os.path.isdir(base_path):
@@ -94,6 +171,12 @@ for base_path in path_args:
if failed:
failed_files.append(file_path)
exit_val |= failed
+ if f == ENDPOINT_MAP_FILE:
+ base_endpoint_map = get_base_endpoint_map(file_path)
+ if f in envs_containing_endpoint_map:
+ env_endpoint_map = get_endpoint_map_from_env(file_path)
+ if env_endpoint_map:
+ env_endpoint_maps.append(env_endpoint_map)
elif os.path.isfile(base_path) and base_path.endswith('.yaml'):
failed = validate(base_path)
if failed:
@@ -103,6 +186,30 @@ for base_path in path_args:
print('Unexpected argument %s' % base_path)
exit_usage()
+if base_endpoint_map and \
+ len(env_endpoint_maps) == len(envs_containing_endpoint_map):
+ for env_endpoint_map in env_endpoint_maps:
+ matches = validate_endpoint_map(base_endpoint_map,
+ env_endpoint_map['map'])
+ if not matches:
+ print("ERROR: %s doesn't match base endpoint map" %
+ env_endpoint_map['file'])
+ failed_files.append(env_endpoint_map['file'])
+ exit_val |= 1
+ else:
+ print("%s matches base endpoint map" % env_endpoint_map['file'])
+else:
+ print("ERROR: Can't validate endpoint maps since a file is missing. "
+ "If you meant to delete one of these files you should update this "
+ "tool as well.")
+ if not base_endpoint_map:
+ failed_files.append(ENDPOINT_MAP_FILE)
+ if len(env_endpoint_maps) != len(envs_containing_endpoint_map):
+ matched_files = set(os.path.basename(matched_env_file['file'])
+ for matched_env_file in env_endpoint_maps)
+ failed_files.extend(set(envs_containing_endpoint_map) - matched_files)
+ exit_val |= 1
+
if failed_files:
print('Validation failed on:')
for f in failed_files:
diff --git a/tox.ini b/tox.ini
index c8a912b8..969f21d4 100644
--- a/tox.ini
+++ b/tox.ini
@@ -17,3 +17,6 @@ commands =
[testenv:templates]
commands = python ./tools/process-templates.py
+
+[testenv:releasenotes]
+commands = bash -c tools/releasenotes_tox.sh