diff options
149 files changed, 7814 insertions, 910 deletions
diff --git a/capabilities_map.yaml b/capabilities-map.yaml index 30ee211e..f47eb9ad 100644 --- a/capabilities_map.yaml +++ b/capabilities-map.yaml @@ -66,7 +66,7 @@ topics: description: > Docker container with heat agents for containerized compute node environments: - - file: environments/docker-rdo.yaml + - file: environments/docker.yaml title: Docker RDO description: requires: diff --git a/docker/compute-post.yaml b/docker/compute-post.yaml index 8f786f72..8f9e9627 100644 --- a/docker/compute-post.yaml +++ b/docker/compute-post.yaml @@ -68,6 +68,7 @@ resources: ComputePuppetDeployment: type: OS::Heat::SoftwareDeployments properties: + name: ComputePuppetDeployment servers: {get_param: servers} config: {get_resource: ComputePuppetConfig} input_values: @@ -86,6 +87,7 @@ resources: type: OS::Heat::SoftwareDeployments depends_on: ComputePuppetDeployment properties: + name: CopyEtcDeployment config: {get_resource: CopyEtcConfig} servers: {get_param: servers} @@ -162,6 +164,7 @@ resources: type: OS::Heat::SoftwareDeployments depends_on: CopyEtcDeployment properties: + name: CopyJsonDeployment config: {get_resource: CopyJsonConfig} servers: {get_param: servers} input_values: @@ -174,6 +177,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: CopyJsonDeployment properties: + name: NovaComputeContainersDeploymentOVS config: {get_resource: NovaComputeContainersConfigOVS} servers: {get_param: servers} @@ -187,7 +191,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOvsVswitchdImage} ] - container_name: ovs-vswitchd net: host privileged: true restart: always @@ -203,7 +206,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchDBImage} ] - container_name: ovsdb-server net: host restart: always volumes: @@ -216,6 +218,7 @@ resources: type: OS::Heat::SoftwareDeployments depends_on: NovaComputeContainersDeploymentOVS properties: + name: NovaComputeContainersDeploymentNetconfig config: {get_resource: NovaComputeContainersConfigNetconfig} servers: {get_param: servers} @@ -236,6 +239,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: [CopyJsonDeployment, CopyEtcDeployment, ComputePuppetDeployment, NovaComputeContainersDeploymentNetconfig] properties: + name: LibvirtContainersDeployment config: {get_resource: LibvirtContainersConfig} servers: {get_param: servers} @@ -259,7 +263,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ] - container_name: libvirt net: host pid: host privileged: true @@ -279,6 +282,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: [CopyJsonDeployment, CopyEtcDeployment, ComputePuppetDeployment, NovaComputeContainersDeploymentNetconfig, LibvirtContainersDeployment] properties: + name: NovaComputeContainersDeployment config: {get_resource: NovaComputeContainersConfig} servers: {get_param: servers} @@ -292,7 +296,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ] - container_name: openvswitch net: host privileged: true restart: always @@ -313,7 +316,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ] - container_name: neutronagent net: host pid: host privileged: true @@ -338,7 +340,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerComputeImage} ] - container_name: novacompute net: host privileged: true restart: always diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml index 22a8ff92..2858552f 100644 --- a/docker/firstboot/install_docker_agents.yaml +++ b/docker/firstboot/install_docker_agents.yaml @@ -3,7 +3,7 @@ heat_template_version: 2014-10-16 parameters: DockerAgentImage: type: string - default: dprince/heat-docker-agents-centos + default: heat-docker-agents DockerNamespace: type: string default: kollaglue @@ -26,7 +26,10 @@ resources: config: str_replace: params: - $agent_image: {get_param: DockerAgentImage} + $agent_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerAgentImage} ] $docker_registry: {get_param: DockerNamespace} $docker_namespace_is_registry: {get_param: DockerNamespaceIsRegistry} template: {get_file: ./start_docker_agents.sh} diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh index a0e95d11..963c7eee 100644 --- a/docker/firstboot/start_docker_agents.sh +++ b/docker/firstboot/start_docker_agents.sh @@ -39,14 +39,15 @@ EOF # Local docker registry 1.8 if [ $docker_namespace_is_registry ]; then - /bin/sed -i "s/# INSECURE_REGISTRY='--insecure-registry '/INSECURE_REGISTRY='--insecure-registry $docker_registry'/g" /etc/sysconfig/docker + # if namespace is used with local registry, trim all namespacing + trim_var=$docker_registry + registry_host="${trim_var%%/*}" + /bin/sed -i "s/# INSECURE_REGISTRY='--insecure-registry'/INSECURE_REGISTRY='--insecure-registry $registry_host'/g" /etc/sysconfig/docker fi /sbin/setenforce 0 /sbin/modprobe ebtables -echo nameserver 8.8.8.8 > /etc/resolv.conf - # We need hostname -f to return in a centos container for the puppet hook HOSTNAME=$(hostname) echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts diff --git a/environments/cinder-dellsc-config.yaml b/environments/cinder-dellsc-config.yaml new file mode 100644 index 00000000..92e257d4 --- /dev/null +++ b/environments/cinder-dellsc-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Cinder Dell Storage Center ISCSI backend, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml + +parameter_defaults: + CinderEnableDellScBackend: true + CinderDellScBackendName: 'tripleo_dellsc' + CinderDellScSanIp: '' + CinderDellScSanLogin: 'Admin' + CinderDellScSanPassword: '' + CinderDellScSsn: '64702' + CinderDellScIscsiIpAddress: '' + CinderDellScIscsiPort: '3260' + CinderDellScApiPort: '3033' + CinderDellScServerFolder: 'dellsc_server' + CinderDellScVolumeFolder: 'dellsc_volume' diff --git a/environments/cinder-eqlx-config.yaml b/environments/cinder-eqlx-config.yaml new file mode 100644 index 00000000..ca2c5e5a --- /dev/null +++ b/environments/cinder-eqlx-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Cinder eqlx backen, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml + +parameter_defaults: + CinderEnableEqlxBackend: true + CinderEqlxBackendName: 'tripleo_eqlx' + CinderEqlxSanIp: '' + CinderEqlxSanLogin: '' + CinderEqlxSanPassword: '' + CinderEqlxSanThinProvision: true + CinderEqlxGroupname: 'group-0' + CinderEqlxPool: 'default' + CinderEqlxChapLogin: '' + CinderEqlxChapPassword: '' + CinderEqlxUseChap: false diff --git a/environments/docker.yaml b/environments/docker.yaml index 6376b749..7c6dc407 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -8,7 +8,7 @@ parameters: parameter_defaults: # Defaults to 'tripleoupstream'. Specify a local docker registry - # Example: 192.168.122.131:8787 + # Example: 192.0.2.1:8787/tripleoupstream DockerNamespace: tripleoupstream # Enable local Docker registry DockerNamespaceIsRegistry: false diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index bc4d1bef..d6328c06 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -24,6 +24,9 @@ parameter_defaults: KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + KeystoneV3Admin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneV3Internal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystoneV3Public: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} @@ -33,6 +36,12 @@ parameter_defaults: NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} diff --git a/environments/external-loadbalancer-vip-v6.yaml b/environments/external-loadbalancer-vip-v6.yaml new file mode 100644 index 00000000..5a2ef505 --- /dev/null +++ b/environments/external-loadbalancer-vip-v6.yaml @@ -0,0 +1,38 @@ +resource_registry: + OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external_v6.yaml + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service_v6.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml + # OVS doesn't support IPv6 endpoints for tunneling yet, so this remains IPv4 for now. + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + # When using an external loadbalancer set the following in parameter_defaults + # to control your VIPs (currently one per network) + # NOTE: we will eventually move to one VIP per service + # + ControlPlaneIP: 192.0.2.251 + ExternalNetworkVip: 2001:db8:fd00:1000:0000:0000:0000:0005 + InternalApiNetworkVip: fd00:fd00:fd00:2000:0000:0000:0000:0005 + StorageNetworkVip: fd00:fd00:fd00:3000:0000:0000:0000:0005 + StorageMgmtNetworkVip: fd00:fd00:fd00:4000:0000:0000:0000:0005 + ServiceVips: + redis: fd00:fd00:fd00:2000:0000:0000:0000:0006 + ControllerIPs: + external: + - 2001:db8:fd00:1000:0000:0000:0000:0007 + internal_api: + - fd00:fd00:fd00:2000:0000:0000:0000:0007 + storage: + - fd00:fd00:fd00:3000:0000:0000:0000:0007 + storage_mgmt: + - fd00:fd00:fd00:4000:0000:0000:0000:0007 + tenant: + - 172.16.0.253 + EnableLoadBalancer: false diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml index 1cf59825..198892cd 100644 --- a/environments/external-loadbalancer-vip.yaml +++ b/environments/external-loadbalancer-vip.yaml @@ -10,6 +10,7 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml parameter_defaults: # When using an external loadbalancer set the following in parameter_defaults @@ -34,4 +35,6 @@ parameter_defaults: - 172.16.3.253 tenant: - 172.16.0.253 + management: + - 172.16.4.253 EnableLoadBalancer: false diff --git a/environments/major-upgrade-pacemaker-converge.yaml b/environments/major-upgrade-pacemaker-converge.yaml new file mode 100644 index 00000000..f023cb32 --- /dev/null +++ b/environments/major-upgrade-pacemaker-converge.yaml @@ -0,0 +1,2 @@ +parameter_defaults: + UpgradeLevelNovaCompute: '' diff --git a/environments/major-upgrade-pacemaker.yaml b/environments/major-upgrade-pacemaker.yaml new file mode 100644 index 00000000..61186bb0 --- /dev/null +++ b/environments/major-upgrade-pacemaker.yaml @@ -0,0 +1,11 @@ +parameter_defaults: + UpgradeLevelNovaCompute: liberty + +resource_registry: + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_pacemaker.yaml + OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml + OS::TripleO::ControllerPostDeployment: OS::Heat::None + OS::TripleO::ComputePostDeployment: OS::Heat::None + OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None + OS::TripleO::BlockStoragePostDeployment: OS::Heat::None + OS::TripleO::CephStoragePostDeployment: OS::Heat::None diff --git a/environments/major-upgrade-script-delivery.yaml b/environments/major-upgrade-script-delivery.yaml new file mode 100644 index 00000000..ba128d84 --- /dev/null +++ b/environments/major-upgrade-script-delivery.yaml @@ -0,0 +1,11 @@ +parameter_defaults: + UpgradeLevelNovaCompute: liberty + +resource_registry: + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_script_delivery.yaml + OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml + OS::TripleO::ControllerPostDeployment: OS::Heat::None + OS::TripleO::ComputePostDeployment: OS::Heat::None + OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None + OS::TripleO::BlockStoragePostDeployment: OS::Heat::None + OS::TripleO::CephStoragePostDeployment: OS::Heat::None diff --git a/environments/net-bond-with-vlans-v6.yaml b/environments/net-bond-with-vlans-v6.yaml new file mode 100644 index 00000000..73dda3d9 --- /dev/null +++ b/environments/net-bond-with-vlans-v6.yaml @@ -0,0 +1,20 @@ +# This template configures each role to use a pair of bonded nics (nic2 and +# nic3) and configures an IP address on each relevant isolated network +# for each role, with IPv6 on the External network. This template assumes +# use of network-isolation-v6.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation-v6.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/bond-with-vlans/controller-v6.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml + +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/net-bond-with-vlans.yaml b/environments/net-bond-with-vlans.yaml index 9600fc7e..de8f8f74 100644 --- a/environments/net-bond-with-vlans.yaml +++ b/environments/net-bond-with-vlans.yaml @@ -12,10 +12,6 @@ resource_registry: OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml -# We use parameter_defaults instead of parameters here because Tuskar munges -# the names of top level and role level parameters with the role name and a -# version. Using parameter_defaults makes it such that if the parameter name is -# not defined in the template, we don't get an error. parameter_defaults: # This sets 'external_network_bridge' in l3_agent.ini to an empty string # so that external networks act like provider bridge networks (they diff --git a/environments/net-multiple-nics-v6.yaml b/environments/net-multiple-nics-v6.yaml new file mode 100644 index 00000000..a2bb0bba --- /dev/null +++ b/environments/net-multiple-nics-v6.yaml @@ -0,0 +1,13 @@ +# This template configures each role to use a separate NIC for +# each isolated network with IPv6 on the External network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation-v6.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/multiple-nics/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/multiple-nics/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/multiple-nics/controller-v6.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/multiple-nics/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/multiple-nics/ceph-storage.yaml diff --git a/environments/net-single-nic-linux-bridge-with-vlans.yaml b/environments/net-single-nic-linux-bridge-with-vlans.yaml new file mode 100644 index 00000000..fd80bb9b --- /dev/null +++ b/environments/net-single-nic-linux-bridge-with-vlans.yaml @@ -0,0 +1,19 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml + +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/net-single-nic-with-vlans-v6.yaml b/environments/net-single-nic-with-vlans-v6.yaml new file mode 100644 index 00000000..8210bad3 --- /dev/null +++ b/environments/net-single-nic-with-vlans-v6.yaml @@ -0,0 +1,19 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network with IPv6 on the External network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation-v6.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller-v6.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml + +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/net-single-nic-with-vlans.yaml b/environments/net-single-nic-with-vlans.yaml index bdfeadd3..a61bc6e1 100644 --- a/environments/net-single-nic-with-vlans.yaml +++ b/environments/net-single-nic-with-vlans.yaml @@ -12,10 +12,6 @@ resource_registry: OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml -# We use parameter_defaults instead of parameters here because Tuskar munges -# the names of top level and role level parameters with the role name and a -# version. Using parameter_defaults makes it such that if the parameter name is -# not defined in the template, we don't get an error. parameter_defaults: # This sets 'external_network_bridge' in l3_agent.ini to an empty string # so that external networks act like provider bridge networks (they diff --git a/environments/network-environment.yaml b/environments/network-environment.yaml new file mode 100644 index 00000000..005310c7 --- /dev/null +++ b/environments/network-environment.yaml @@ -0,0 +1,50 @@ +#This file is an example of an environment file for defining the isolated +#networks and related parameters. +resource_registry: + # Network Interface templates to use (these files must exist) + OS::TripleO::BlockStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: + ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: + ../network/config/single-nic-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/ceph-storage.yaml + +parameter_defaults: + # This section is where deployment-specific configuration is done + # Customize the IP subnets to match the local environment + InternalApiNetCidr: 172.17.0.0/24 + StorageNetCidr: 172.18.0.0/24 + StorageMgmtNetCidr: 172.19.0.0/24 + TenantNetCidr: 172.16.0.0/24 + ExternalNetCidr: 10.0.0.0/24 + # CIDR subnet mask length for provisioning network + ControlPlaneSubnetCidr: 24 + # Customize the IP ranges on each network to use for static IPs and VIPs + InternalApiAllocationPools: [{'start': '172.17.0.10', 'end': '172.17.0.200'}] + StorageAllocationPools: [{'start': '172.18.0.10', 'end': '172.18.0.200'}] + StorageMgmtAllocationPools: [{'start': '172.19.0.10', 'end': '172.19.0.200'}] + TenantAllocationPools: [{'start': '172.16.0.10', 'end': '172.16.0.200'}] + # Leave room if the external network is also used for floating IPs + ExternalAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.50'}] + # Gateway router for the external network + ExternalInterfaceDefaultRoute: 10.0.0.1 + # Gateway router for the provisioning network (or Undercloud IP) + ControlPlaneDefaultRoute: 192.0.2.254 + # Generally the IP of the Undercloud + EC2MetadataIp: 192.0.2.1 + # Define the DNS servers (maximum 2) for the overcloud nodes + DnsServers: ["8.8.8.8","8.8.4.4"] + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 10 + StorageNetworkVlanID: 20 + StorageMgmtNetworkVlanID: 30 + TenantNetworkVlanID: 40 + ExternalNetworkVlanID: 50 + # Set to empty string to enable multiple external networks or VLANs + NeutronExternalNetworkBridge: "''" + # Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100" + BondInterfaceOvsOptions: "mode=active-backup" diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml new file mode 100644 index 00000000..d1d0818e --- /dev/null +++ b/environments/network-isolation-v6.yaml @@ -0,0 +1,51 @@ +# Enable the creation of IPv6 Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +resource_registry: + OS::TripleO::Network::External: ../network/external_v6.yaml + OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml + OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml + OS::TripleO::Network::Storage: ../network/storage_v6.yaml + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::Network::Tenant: ../network/tenant.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + +parameter_defaults: + # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster. + CorosyncIPv6: True + # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. + MongoDbIPv6: True + # Enable various IPv6 features in Nova. + NovaIPv6: True diff --git a/environments/neutron-ml2-bigswitch.yaml b/environments/neutron-ml2-bigswitch.yaml index 69c91326..750d3c4e 100644 --- a/environments/neutron-ml2-bigswitch.yaml +++ b/environments/neutron-ml2-bigswitch.yaml @@ -2,11 +2,13 @@ # extensions, configured via puppet resource_registry: OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml + OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml parameter_defaults: # Required to fill in: NeutronBigswitchRestproxyServers: NeutronBigswitchRestproxyServerAuth: + NeutronMechanismDrivers: bsn_ml2 # Optional: # NeutronBigswitchRestproxyAutoSyncOnFailure: @@ -14,4 +16,6 @@ parameter_defaults: # NeutronBigswitchRestproxyNeutronId: # NeutronBigswitchRestproxyServerSsl: # NeutronBigswitchRestproxySslCertDirectory: + # NeutronBigswitchAgentEnabled: + # NeutronBigswitchLLDPEnabled: diff --git a/environments/neutron-ml2-cisco-nexus-ucsm.yaml b/environments/neutron-ml2-cisco-nexus-ucsm.yaml index 5a1a32a3..ad111757 100644 --- a/environments/neutron-ml2-cisco-nexus-ucsm.yaml +++ b/environments/neutron-ml2-cisco-nexus-ucsm.yaml @@ -19,7 +19,7 @@ parameter_defaults: NetworkNexusSwitchReplayCount: 3 NetworkNexusProviderVlanAutoCreate: 'true' NetworkNexusProviderVlanAutoTrunk: 'true' - NetworkNexusVxlanGlobalConfig: 'true' + NetworkNexusVxlanGlobalConfig: 'false' NetworkNexusHostKeyChecks: 'false' NetworkNexusVxlanVniRanges: '0:0' NetworkNexusVxlanMcastRanges: '0.0.0.0:0.0.0.0' diff --git a/environments/neutron-opencontrail.yaml b/environments/neutron-opencontrail.yaml new file mode 100644 index 00000000..4704dbc8 --- /dev/null +++ b/environments/neutron-opencontrail.yaml @@ -0,0 +1,22 @@ +# A Heat environment file which can be used to enable OpenContrail +# extensions, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml + OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml + +parameter_defaults: + NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 + NeutronServicePlugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin + NeutronEnableDHCPAgent: false + NeutronEnableL3Agent: false + NeutronEnableMetadataAgent: false + NeutronEnableOVSAgent: false + NeutronEnableTunnelling: false + + # required params: + #ContrailApiServerIp: + #ContrailExtensions: '' + + # optional params + # ContrailApiServerPort: 8082 + # ContrailMultiTenancy: false diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 5ccfa58e..bd320bd9 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -43,9 +43,10 @@ parameter_defaults: ## OSDs are deployed on dedicated ceph-storage nodes only. # ControllerEnableCephStorage: false - ## When deploying Ceph through the oscplugin CLI, the following + ## When deploying Ceph Nodes through the oscplugin CLI, the following ## parameters are set automatically by the CLI. When deploying via - ## heat stack-create, they need to be provided manually. + ## heat stack-create or ceph on the controller nodes only, + ## they need to be provided manually. ## Number of Ceph storage nodes to deploy # CephStorageCount: 0 diff --git a/environments/updates/README.md b/environments/updates/README.md index 8c03411d..426d7329 100644 --- a/environments/updates/README.md +++ b/environments/updates/README.md @@ -7,3 +7,6 @@ Contents **update-from-keystone-admin-internal-api.yaml** To be used if the Keystone Admin API was originally deployed on the Internal API network. + +**update-from-publicvip-on-ctlplane.yaml** + To be used if the PublicVirtualIP resource was deployed as an additional VIP on the 'ctlplane'. diff --git a/environments/updates/update-from-publicvip-on-ctlplane.yaml b/environments/updates/update-from-publicvip-on-ctlplane.yaml new file mode 100644 index 00000000..c62428b4 --- /dev/null +++ b/environments/updates/update-from-publicvip-on-ctlplane.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Network::Ports::ExternalVipPort: ../../network/ports/ctlplane_vip.yaml
\ No newline at end of file diff --git a/extraconfig/all_nodes/mac_hostname.yaml b/extraconfig/all_nodes/mac_hostname.yaml index 739cbf0a..5883e06a 100644 --- a/extraconfig/all_nodes/mac_hostname.yaml +++ b/extraconfig/all_nodes/mac_hostname.yaml @@ -40,6 +40,7 @@ resources: CollectMacDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsController servers: {get_param: controller_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -47,6 +48,7 @@ resources: CollectMacDeploymentsCompute: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCompute servers: {get_param: compute_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -54,6 +56,7 @@ resources: CollectMacDeploymentsBlockStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsBlockStorage servers: {get_param: blockstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -61,6 +64,7 @@ resources: CollectMacDeploymentsObjectStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsObjectStorage servers: {get_param: objectstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -68,6 +72,7 @@ resources: CollectMacDeploymentsCephStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCephStorage servers: {get_param: cephstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -95,6 +100,7 @@ resources: DistributeMacDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: DistributeMacDeploymentsController servers: {get_param: controller_servers} config: {get_resource: DistributeMacConfig} input_values: diff --git a/extraconfig/all_nodes/random_string.yaml b/extraconfig/all_nodes/random_string.yaml index b4b30274..49d2d8b6 100644 --- a/extraconfig/all_nodes/random_string.yaml +++ b/extraconfig/all_nodes/random_string.yaml @@ -41,6 +41,7 @@ resources: RandomDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: RandomDeploymentsController servers: {get_param: controller_servers} config: {get_resource: RandomConfig} actions: ['CREATE'] # Only do this on CREATE @@ -50,6 +51,7 @@ resources: RandomDeploymentsCompute: type: OS::Heat::SoftwareDeployments properties: + name: RandomDeploymentsCompute servers: {get_param: compute_servers} config: {get_resource: RandomConfig} actions: ['CREATE'] # Only do this on CREATE diff --git a/extraconfig/all_nodes/swap-partition.yaml b/extraconfig/all_nodes/swap-partition.yaml new file mode 100644 index 00000000..89a2adb0 --- /dev/null +++ b/extraconfig/all_nodes/swap-partition.yaml @@ -0,0 +1,90 @@ +heat_template_version: 2014-10-16 + +description: > + Extra config to add swap space to nodes. + +# Parameters passed from the parent template - note if you maintain +# out-of-tree templates they may require additional parameters if the +# in-tree templates add a new role. +parameters: + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + swap_partition_label: + type: string + description: Swap partition label + default: 'swap1' + + +resources: + + SwapConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: | + #!/bin/bash + set -eux + swap_partition=$(realpath /dev/disk/by-label/$swap_partition_label) + swapon $swap_partition + echo "$swap_partition swap swap defaults 0 0" >> /etc/fstab + inputs: + - name: swap_partition_label + description: Swap partition label + default: 'swap1' + + ControllerSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: controller_servers} + input_values: + swap_partition_label: {get_param: swap_partition_label} + actions: ["CREATE"] + + ComputeSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: compute_servers} + input_values: + swap_partition_label: {get_param: swap_partition_label} + actions: ["CREATE"] + + BlockStorageSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: blockstorage_servers} + input_values: + swap_partition_label: {get_param: swap_partition_label} + actions: ["CREATE"] + + ObjectStorageSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: objectstorage_servers} + input_values: + swap_partition_label: {get_param: swap_partition_label} + actions: ["CREATE"] + + CephStorageSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: cephstorage_servers} + input_values: + swap_partition_label: {get_param: swap_partition_label} + actions: ["CREATE"] + +outputs: + config_identifier: + value: none diff --git a/extraconfig/all_nodes/swap.yaml b/extraconfig/all_nodes/swap.yaml new file mode 100644 index 00000000..374b1e5d --- /dev/null +++ b/extraconfig/all_nodes/swap.yaml @@ -0,0 +1,108 @@ +heat_template_version: 2014-10-16 + +description: > + Extra config to add swap space to nodes. + +# Parameters passed from the parent template - note if you maintain +# out-of-tree templates they may require additional parameters if the +# in-tree templates add a new role. +parameters: + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + swap_size_megabytes: + type: string + description: Amount of swap space to allocate in megabytes + default: '4096' + swap_path: + type: string + description: Full path to location of swap file + default: '/swap' + + +resources: + + SwapConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: | + #!/bin/bash + set -eux + if [ ! -f $swap_path ]; then + dd if=/dev/zero of=$swap_path count=$swap_size_megabytes bs=1M + chmod 0600 $swap_path + mkswap $swap_path + swapon $swap_path + else + echo "$swap_path already exists" + fi + echo "$swap_path swap swap defaults 0 0" >> /etc/fstab + inputs: + - name: swap_size_megabytes + description: Amount of swap space to allocate in megabytes + default: '4096' + - name: swap_path + description: Full path to location of swap file + default: '/swap' + + ControllerSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: controller_servers} + input_values: + swap_size_megabytes: {get_param: swap_size_megabytes} + swap_path: {get_param: swap_path} + actions: ["CREATE"] + + ComputeSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: compute_servers} + input_values: + swap_size_megabytes: {get_param: swap_size_megabytes} + swap_path: {get_param: swap_path} + actions: ["CREATE"] + + BlockStorageSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: blockstorage_servers} + input_values: + swap_size_megabytes: {get_param: swap_size_megabytes} + swap_path: {get_param: swap_path} + actions: ["CREATE"] + + ObjectStorageSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: objectstorage_servers} + input_values: + swap_size_megabytes: {get_param: swap_size_megabytes} + swap_path: {get_param: swap_path} + actions: ["CREATE"] + + CephStorageSwapDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: SwapConfig} + servers: {get_param: cephstorage_servers} + input_values: + swap_size_megabytes: {get_param: swap_size_megabytes} + swap_path: {get_param: swap_path} + actions: ["CREATE"] + +outputs: + config_identifier: + value: none diff --git a/extraconfig/post_deploy/example.yaml b/extraconfig/post_deploy/example.yaml index 1d3dca25..f83dff76 100644 --- a/extraconfig/post_deploy/example.yaml +++ b/extraconfig/post_deploy/example.yaml @@ -22,6 +22,7 @@ resources: ExtraDeployments: type: OS::Heat::SoftwareDeployments properties: + name: ExtraDeployments servers: {get_param: servers} config: {get_resource: ExtraConfig} actions: ['CREATE'] # Only do this on CREATE diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index d5160915..a884bdae 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -73,6 +73,7 @@ resources: RHELRegistrationDeployment: type: OS::Heat::SoftwareDeployment properties: + name: RHELRegistrationDeployment server: {get_param: server} config: {get_resource: RHELRegistration} actions: ['CREATE'] # Only do this on CREATE @@ -106,6 +107,7 @@ resources: RHELUnregistrationDeployment: type: OS::Heat::SoftwareDeployment properties: + name: RHELUnregistrationDeployment server: {get_param: server} config: {get_resource: RHELUnregistration} actions: ['DELETE'] # Only do this on DELETE diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index cbbd6a1d..76fa63b4 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -13,6 +13,7 @@ fi opts= attach_opts= +sat5_opts= repos="repos --enable rhel-7-server-rpms" satellite_repo="rhel-7-server-rh-common-rpms" if [ -n "${REG_AUTO_ATTACH:-}" ]; then @@ -49,6 +50,7 @@ fi if [ -n "${REG_FORCE:-}" ]; then opts="$opts --force" + sat5_opts="$sat5_opts --force" fi if [ -n "${REG_SERVER_URL:-}" ]; then @@ -57,6 +59,7 @@ fi if [ -n "${REG_ACTIVATION_KEY:-}" ]; then opts="$opts --activationkey=$REG_ACTIVATION_KEY" + sat5_opts="$sat5_opts --activationkey=$REG_ACTIVATION_KEY" if [ -z "${REG_ORG:-}" ]; then echo "WARNING: REG_ACTIVATION_KEY set without REG_ORG." @@ -75,10 +78,12 @@ fi if [ -n "${REG_MACHINE_NAME:-}" ]; then opts="$opts --name $REG_MACHINE_NAME" + sat5_opts="$sat5_opts --profilename=$REG_MACHINE_NAME" fi if [ -n "${REG_ORG:-}" ]; then opts="$opts --org=$REG_ORG" + sat5_opts="$sat5_opts --systemorgid=$REG_ORG" fi if [ -n "${REG_REPOS:-}" ]; then @@ -91,6 +96,20 @@ if [ -n "${REG_TYPE:-}" ]; then opts="$opts --type=$REG_TYPE" fi +function detect_satellite_version { + ping_api=$REG_SAT_URL/katello/api/ping + if curl -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then + echo Satellite 6 detected at $REG_SAT_URL + satellite_version=6 + elif curl -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then + echo Satellite 5 detected at $REG_SAT_URL + satellite_version=5 + else + echo No Satellite detected at $REG_SAT_URL + exit 1 + fi +} + case "${REG_METHOD:-}" in portal) subscription-manager register $opts @@ -100,13 +119,21 @@ case "${REG_METHOD:-}" in subscription-manager $repos ;; satellite) - repos="$repos --enable ${satellite_repo}" - rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true - subscription-manager register $opts - subscription-manager $repos - yum install -y katello-agent || true # needed for errata reporting to satellite6 - katello-package-upload - subscription-manager repos --disable ${satellite_repo} + detect_satellite_version + if [ "satellite_version" = "6" ]; then + repos="$repos --enable ${satellite_repo}" + rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true + subscription-manager register $opts + subscription-manager $repos + yum install -y katello-agent || true # needed for errata reporting to satellite6 + katello-package-upload + subscription-manager repos --disable ${satellite_repo} + else + pushd /usr/share/rhn/ + curl -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT + popd + rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts + fi ;; disable) echo "Disabling RHEL registration" diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-unregistration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-unregistration index 1e72e0a6..916f97e3 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-unregistration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-unregistration @@ -7,6 +7,8 @@ case "${REG_METHOD:-}" in portal|satellite) # Allow unregistration to fail. # We don't want to fail stack deletes if unregistration fails. + # Note that this will be a no-op on satellite 5, which doesn't support + # unregistering from the cli. subscription-manager unregister || true subscription-manager clean || true ;; diff --git a/extraconfig/tasks/major_upgrade_compute.sh b/extraconfig/tasks/major_upgrade_compute.sh new file mode 100644 index 00000000..78628c8c --- /dev/null +++ b/extraconfig/tasks/major_upgrade_compute.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# +# This delivers the compute upgrade script to be invoked as part of the tripleo +# major upgrade workflow. +# +set -eu + +UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh + +cat > $UPGRADE_SCRIPT << ENDOFCAT +### DO NOT MODIFY THIS FILE +### This file is automatically delivered to the compute nodes as part of the +### tripleo upgrades workflow + +# pin nova to kilo (messaging +-1) for the nova-compute service + +crudini --set /etc/nova/nova.conf upgrade_levels compute $upgrade_level_nova_compute + +yum -y install python-zaqarclient # needed for os-collect-config +yum -y update + +ENDOFCAT + +# ensure the permissions are OK +chmod 0755 $UPGRADE_SCRIPT + diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh new file mode 100755 index 00000000..bf2ee330 --- /dev/null +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +set -eu + +cluster_sync_timeout=600 + +if pcs status 2>&1 | grep -E '(cluster is not currently running)|(OFFLINE:)'; then + echo_error "ERROR: upgrade cannot start with some cluster nodes being offline" + exit 1 +fi + +if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname)" ]; then + pcs resource disable httpd + check_resource httpd stopped 1800 + if pcs status | grep openstack-keystone; then + pcs resource disable openstack-keystone + check_resource openstack-keystone stopped 1800 + fi + pcs resource disable redis + check_resource redis stopped 600 + pcs resource disable mongod + check_resource mongod stopped 600 + pcs resource disable rabbitmq + check_resource rabbitmq stopped 600 + pcs resource disable memcached + check_resource memcached stopped 600 + pcs resource disable galera + check_resource galera stopped 600 + pcs cluster stop --all +fi + +# Swift isn't controled by pacemaker +systemctl_swift stop + +tstart=$(date +%s) +while systemctl is-active pacemaker; do + sleep 5 + tnow=$(date +%s) + if (( tnow-tstart > cluster_sync_timeout )) ; then + echo_error "ERROR: cluster shutdown timed out" + exit 1 + fi +done + +yum -y install python-zaqarclient # needed for os-collect-config +yum -y -q update + +# Pin messages sent to compute nodes to kilo, these will be upgraded later +crudini --set /etc/nova/nova.conf upgrade_levels compute "$upgrade_level_nova_compute" +# https://bugzilla.redhat.com/show_bug.cgi?id=1284047 +# Change-Id: Ib3f6c12ff5471e1f017f28b16b1e6496a4a4b435 +crudini --set /etc/ceilometer/ceilometer.conf DEFAULT rpc_backend rabbit +# https://bugzilla.redhat.com/show_bug.cgi?id=1284058 +# Ifd1861e3df46fad0e44ff9b5cbd58711bbc87c97 Swift Ceilometer middleware no longer exists +crudini --set /etc/swift/proxy-server.conf pipeline:main pipeline "catch_errors healthcheck cache ratelimit tempurl formpost authtoken keystone staticweb proxy-logging proxy-server" diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh new file mode 100755 index 00000000..10bea573 --- /dev/null +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh @@ -0,0 +1,67 @@ +#!/bin/bash + +set -eu + +cluster_form_timeout=600 +cluster_settle_timeout=600 +galera_sync_timeout=600 + +if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname)" ]; then + pcs cluster start --all + + tstart=$(date +%s) + while pcs status 2>&1 | grep -E '(cluster is not currently running)|(OFFLINE:)'; do + sleep 5 + tnow=$(date +%s) + if (( tnow-tstart > cluster_form_timeout )) ; then + echo_error "ERROR: timed out forming the cluster" + exit 1 + fi + done + + if ! timeout -k 10 $cluster_settle_timeout crm_resource --wait; then + echo_error "ERROR: timed out waiting for cluster to finish transition" + exit 1 + fi + + pcs resource enable galera + check_resource galera started 600 + pcs resource enable mongod + check_resource mongod started 600 + + tstart=$(date +%s) + while ! clustercheck; do + sleep 5 + tnow=$(date +%s) + if (( tnow-tstart > galera_sync_timeout )) ; then + echo_error "ERROR galera sync timed out" + exit 1 + fi + done + + # Run all the db syncs + # TODO: check if this can be triggered in puppet and removed from here + ceilometer-dbsync --config-file=/etc/ceilometer/ceilometer.conf + cinder-manage db sync + glance-manage --config-file=/etc/glance/glance-registry.conf db_sync + heat-manage --config-file /etc/heat/heat.conf db_sync + keystone-manage db_sync + neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head + nova-manage db sync + + pcs resource enable memcached + check_resource memcached started 600 + pcs resource enable rabbitmq + check_resource rabbitmq started 600 + pcs resource enable redis + check_resource redis started 600 + if pcs status | grep openstack-keystone; then + pcs resource enable openstack-keystone + check_resource openstack-keystone started 1800 + fi + pcs resource enable httpd + check_resource httpd started 1800 +fi + +# Swift isn't controled by heat +systemctl_swift start diff --git a/extraconfig/tasks/major_upgrade_object_storage.sh b/extraconfig/tasks/major_upgrade_object_storage.sh new file mode 100644 index 00000000..0f6d091e --- /dev/null +++ b/extraconfig/tasks/major_upgrade_object_storage.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# +# This delivers the swift-storage upgrade script to be invoked as part of the tripleo +# major upgrade workflow. +# +set -eu + +UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh + +cat > $UPGRADE_SCRIPT << ENDOFCAT +### DO NOT MODIFY THIS FILE +### This file is automatically delivered to the swift-storage nodes as part of the +### tripleo upgrades workflow + + +function systemctl_swift { + action=$1 + for S in openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator openstack-swift-account \ + openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater openstack-swift-container \ + openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object openstack-swift-proxy; do + systemctl $action $S + done +} + + +systemctl_swift stop + +yum -y update + +systemctl_swift start + + + +ENDOFCAT + +# ensure the permissions are OK +chmod 0755 $UPGRADE_SCRIPT + diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml new file mode 100644 index 00000000..b867d107 --- /dev/null +++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml @@ -0,0 +1,71 @@ +heat_template_version: 2014-10-16 +description: 'Upgrade for Pacemaker deployments' + +parameters: + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + input_values: + type: json + description: input values for the software deployments + + UpgradeLevelNovaCompute: + type: string + description: Nova Compute upgrade level + default: '' + +resources: + # TODO(jistr): for Mitaka->Newton upgrades and further we can use + # map_merge with input_values instead of feeding params into scripts + # via str_replace on bash snippets + + ControllerPacemakerUpgradeConfig_Step1: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + list_join: + - '' + - - str_replace: + template: | + #!/bin/bash + upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE' + params: + UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute} + - get_file: pacemaker_common_functions.sh + - get_file: major_upgrade_pacemaker_migrations.sh + - get_file: major_upgrade_controller_pacemaker_1.sh + + ControllerPacemakerUpgradeDeployment_Step1: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: controller_servers} + config: {get_resource: ControllerPacemakerUpgradeConfig_Step1} + input_values: {get_param: input_values} + + ControllerPacemakerUpgradeConfig_Step2: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + list_join: + - '' + - - get_file: pacemaker_common_functions.sh + - get_file: major_upgrade_pacemaker_migrations.sh + - get_file: major_upgrade_controller_pacemaker_2.sh + + ControllerPacemakerUpgradeDeployment_Step2: + type: OS::Heat::SoftwareDeploymentGroup + depends_on: ControllerPacemakerUpgradeDeployment_Step1 + properties: + servers: {get_param: controller_servers} + config: {get_resource: ControllerPacemakerUpgradeConfig_Step2} + input_values: {get_param: input_values} + diff --git a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh new file mode 100644 index 00000000..7fd26945 --- /dev/null +++ b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# Special pieces of upgrade migration logic go into this +# file. E.g. Pacemaker cluster transitions for existing deployments, +# matching changes to overcloud_controller_pacemaker.pp (Puppet +# handles deployment, this file handles migrations). +# +# This file shouldn't execute any action on its own, all logic should +# be wrapped into bash functions. Upgrade scripts will source this +# file and call the functions defined in this file where appropriate. +# +# The migration functions should be idempotent. If the migration has +# been already applied, it should be possible to call the function +# again without damaging the deployment or failing the upgrade. diff --git a/extraconfig/tasks/major_upgrade_script_delivery.yaml b/extraconfig/tasks/major_upgrade_script_delivery.yaml new file mode 100644 index 00000000..f7faa7fc --- /dev/null +++ b/extraconfig/tasks/major_upgrade_script_delivery.yaml @@ -0,0 +1,65 @@ +heat_template_version: 2014-10-16 +description: 'Upgrade for Pacemaker deployments' + +parameters: + + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + input_values: + type: json + description: input values for the software deployments + + UpgradeLevelNovaCompute: + type: string + description: Nova Compute upgrade level + default: '' + +resources: + # TODO(jistr): for Mitaka->Newton upgrades and further we can use + # map_merge with input_values instead of feeding params into scripts + # via str_replace on bash snippets + + ComputeDeliverUpgradeScriptConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + list_join: + - '' + - - str_replace: + template: | + #!/bin/bash + upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE' + params: + UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute} + - get_file: major_upgrade_compute.sh + + ComputeDeliverUpgradeScriptDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: compute_servers} + config: {get_resource: ComputeDeliverUpgradeScriptConfig} + input_values: {get_param: input_values} + + + ObjectStoreDeliverUpgradeScriptConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: major_upgrade_object_storage.sh} + + ObjectStoreDeliverUpgradeScriptDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: objectstorage_servers} + config: {get_resource: ObjectStoreDeliverUpgradeScriptConfig} + input_values: {get_param: input_values} + diff --git a/extraconfig/tasks/noop.yaml b/extraconfig/tasks/noop.yaml index 0cff7469..dbb863be 100644 --- a/extraconfig/tasks/noop.yaml +++ b/extraconfig/tasks/noop.yaml @@ -4,6 +4,22 @@ description: 'No-op task' parameters: servers: type: json + default: [] + controller_servers: + type: json + default: [] + compute_servers: + type: json + default: [] + blockstorage_servers: + type: json + default: [] + objectstorage_servers: + type: json + default: [] + cephstorage_servers: + type: json + default: [] input_values: type: json default: {} diff --git a/extraconfig/tasks/pacemaker_common_functions.sh b/extraconfig/tasks/pacemaker_common_functions.sh new file mode 100755 index 00000000..ee3216e4 --- /dev/null +++ b/extraconfig/tasks/pacemaker_common_functions.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +set -eu + +function check_resource { + + if [ "$#" -ne 3 ]; then + echo_error "ERROR: check_resource function expects 3 parameters, $# given" + exit 1 + fi + + service=$1 + state=$2 + timeout=$3 + + if [ "$state" = "stopped" ]; then + match_for_incomplete='Started' + else # started + match_for_incomplete='Stopped' + fi + + if timeout -k 10 $timeout crm_resource --wait; then + node_states=$(pcs status --full | grep "$service" | grep -v Clone) + if echo "$node_states" | grep -q "$match_for_incomplete"; then + echo_error "ERROR: cluster finished transition but $service was not in $state state, exiting." + exit 1 + else + echo "$service has $state" + fi + else + echo_error "ERROR: cluster remained unstable for more than $timeout seconds, exiting." + exit 1 + fi + +} + +function echo_error { + echo "$@" | tee /dev/fd2 +} + +function systemctl_swift { + action=$1 + for S in openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator openstack-swift-account \ + openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater openstack-swift-container \ + openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object openstack-swift-proxy; do + systemctl $action $S + done +} diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh index 4e8b20fd..b2bdc55a 100755 --- a/extraconfig/tasks/pacemaker_resource_restart.sh +++ b/extraconfig/tasks/pacemaker_resource_restart.sh @@ -3,37 +3,6 @@ set -eux pacemaker_status=$(systemctl is-active pacemaker) -check_interval=3 - -function check_resource { - - service=$1 - state=$2 - timeout=$3 - tstart=$(date +%s) - tend=$(( $tstart + $timeout )) - - if [ "$state" = "stopped" ]; then - match_for_incomplete='Started' - else # started - match_for_incomplete='Stopped' - fi - - while (( $(date +%s) < $tend )); do - node_states=$(pcs status --full | grep "$service" | grep -v Clone) - if echo "$node_states" | grep -q "$match_for_incomplete"; then - echo "$service not yet $state, sleeping $check_interval seconds." - sleep $check_interval - else - echo "$service has $state" - return - fi - done - - echo "$service never $state after $timeout seconds" | tee /dev/fd/2 - exit 1 - -} # Run if pacemaker is running, we're the bootstrap node, # and we're updating the deployment (not creating). @@ -50,7 +19,7 @@ if [ "$pacemaker_status" = "active" -a \ pcs resource disable httpd check_resource httpd stopped 300 pcs resource disable openstack-keystone - check_resource openstack-keystone stopped 1200 + check_resource openstack-keystone stopped 1800 if pcs status | grep haproxy-clone; then pcs resource restart haproxy-clone @@ -62,7 +31,7 @@ if [ "$pacemaker_status" = "active" -a \ pcs resource restart galera-master pcs resource enable openstack-keystone - check_resource openstack-keystone started 300 + check_resource openstack-keystone started 1800 pcs resource enable httpd check_resource httpd started 800 diff --git a/extraconfig/tasks/post_puppet_pacemaker.yaml b/extraconfig/tasks/post_puppet_pacemaker.yaml index 7de41d94..fbed9ce5 100644 --- a/extraconfig/tasks/post_puppet_pacemaker.yaml +++ b/extraconfig/tasks/post_puppet_pacemaker.yaml @@ -33,7 +33,11 @@ resources: type: OS::Heat::SoftwareConfig properties: group: script - config: {get_file: pacemaker_resource_restart.sh} + config: + list_join: + - '' + - - get_file: pacemaker_common_functions.sh + - get_file: pacemaker_resource_restart.sh ControllerPostPuppetRestartDeployment: type: OS::Heat::SoftwareDeployments diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index 2d6b8cc2..59e4be45 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -123,10 +123,13 @@ openstack-nova-scheduler" echo "Setting resource start/stop timeouts" for service in $SERVICES; do - pcs -f $pacemaker_dumpfile resource update $service op start timeout=100s op stop timeout=100s + pcs -f $pacemaker_dumpfile resource update $service op start timeout=200s op stop timeout=200s done # mongod start timeout is higher, setting only stop timeout - pcs -f $pacemaker_dumpfile resource update mongod op stop timeout=100s + pcs -f $pacemaker_dumpfile resource update mongod op start timeout=370s op stop timeout=200s + + echo "Making sure rabbitmq has the notify=true meta parameter" + pcs -f $pacemaker_dumpfile resource update rabbitmq meta notify=true echo "Applying new Pacemaker config" if ! pcs cluster cib-push $pacemaker_dumpfile; then @@ -150,15 +153,15 @@ openstack-nova-scheduler" kill $(ps ax | grep -e "keepalived.*\.pid-vrrp" | awk '{print $1}') 2>/dev/null || : kill $(ps ax | grep -e "radvd.*\.pid\.radvd" | awk '{print $1}') 2>/dev/null || : else - echo "Excluding upgrading packages that are handled by config management tooling" - command_arguments="$command_arguments --skip-broken" - for exclude in $(cat /var/lib/tripleo/installed-packages/* | sort -u); do - command_arguments="$command_arguments --exclude $exclude" - done + echo "Upgrading openstack-puppet-modules" + yum -q -y update openstack-puppet-modules + echo "Upgrading other packages is handled by config management tooling" + echo -n "true" > $heat_outputs_path.update_managed_packages + exit 0 fi command=${command:-update} -full_command="yum -y $command $command_arguments" +full_command="yum -q -y $command $command_arguments" echo "Running: $full_command" result=$($full_command) @@ -199,9 +202,6 @@ if [[ "$pacemaker_status" == "active" ]] ; then fi pcs status - -else - echo -n "true" > $heat_outputs_path.update_managed_packages fi echo "Finished yum_update.sh on server $deploy_server_id at `date`" diff --git a/extraconfig/tasks/yum_update_noop.yaml b/extraconfig/tasks/yum_update_noop.yaml new file mode 100644 index 00000000..b759d9c5 --- /dev/null +++ b/extraconfig/tasks/yum_update_noop.yaml @@ -0,0 +1,29 @@ +heat_template_version: 2014-10-16 +description: 'No-op yum update task' + +resources: + + config: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: | + #!/bin/bash + echo -n "false" > $heat_outputs_path.update_managed_packages + inputs: + - name: update_identifier + description: yum will only run for previously unused values of update_identifier + default: '' + - name: command + description: yum sub-command to run, defaults to "update" + default: update + - name: command_arguments + description: yum command arguments, defaults to "" + default: '' + outputs: + - name: update_managed_packages + description: boolean value indicating whether to upgrade managed packages + +outputs: + OS::stack_id: + value: {get_resource: config} diff --git a/net-config-linux-bridge.yaml b/net-config-linux-bridge.yaml index 0646ffab..0980803e 100644 --- a/net-config-linux-bridge.yaml +++ b/net-config-linux-bridge.yaml @@ -28,6 +28,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml new file mode 100644 index 00000000..7869ebfc --- /dev/null +++ b/network/config/bond-with-vlans/controller-v6.yaml @@ -0,0 +1,180 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with VLANs attached for the controller role with IPv6 on the External + network. The IPv6 default route is on the External network, and the + IPv4 default route is on the Control Plane. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + BondInterfaceOvsOptions: + default: 'bond_mode=active-backup' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - + type: ovs_bridge + name: {get_input: bridge_name} + dns_servers: {get_param: DnsServers} + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: ExternalNetworkVlanID} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml index a2a6b40d..84cb0f12 100644 --- a/network/config/multiple-nics/ceph-storage.yaml +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml index 06b4b83f..0b0218c5 100644 --- a/network/config/multiple-nics/cinder-storage.yaml +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/multiple-nics/controller-v6.yaml b/network/config/multiple-nics/controller-v6.yaml new file mode 100644 index 00000000..b69879fb --- /dev/null +++ b/network/config/multiple-nics/controller-v6.yaml @@ -0,0 +1,174 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the controller role with IPv6 on the External network. The IPv6 + default route is on the External network, and the IPv4 default route + is on the Control Plane. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - + type: interface + name: nic2 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: interface + name: nic3 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: interface + name: nic4 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + # Create a bridge which can also be used for VLAN-mode bridge mapping + type: ovs_bridge + name: br-tenant + use_dhcp: false + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + members: + - + type: interface + name: nic5 + use_dhcp: false + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: {get_input: bridge_name} + dns_servers: {get_param: DnsServers} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + members: + - + type: interface + name: nic6 + # force the MAC address of the bridge to this interface + primary: true + # Uncomment when including environments/network-management.yaml + #- + # type: interface + # name: nic7 + # use_dhcp: false + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml index 32851cfb..377fd116 100644 --- a/network/config/multiple-nics/controller.yaml +++ b/network/config/multiple-nics/controller.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml index 4d5a7b99..b75bbd6e 100644 --- a/network/config/multiple-nics/swift-storage.yaml +++ b/network/config/multiple-nics/swift-storage.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/single-nic-linux-bridge-vlans/README.md b/network/config/single-nic-linux-bridge-vlans/README.md new file mode 100644 index 00000000..b7ded049 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/README.md @@ -0,0 +1,19 @@ +This directory contains Heat templates to help configure +Vlans on a single NICs for each Overcloud role. + +Configuration +------------- + +To make use of these templates create a Heat environment that looks +something like this: + + resource\_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml + +Or use this Heat environment file: + + environments/net-single-nic-linux-bridge-with-vlans.yaml diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml new file mode 100644 index 00000000..a46d7e20 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml @@ -0,0 +1,106 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + ceph storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: br-storage + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml new file mode 100644 index 00000000..08613a3b --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml @@ -0,0 +1,117 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + cinder storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: br-storage + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml new file mode 100644 index 00000000..b6522c67 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml @@ -0,0 +1,118 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + compute role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + ip_netmask: 0.0.0.0/0 + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml new file mode 100644 index 00000000..72105481 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml @@ -0,0 +1,149 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + controller role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + ip_netmask: 0.0.0.0/0 + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + ip_netmask: 0.0.0.0/0 + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml new file mode 100644 index 00000000..962b9890 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml @@ -0,0 +1,117 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + swift storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: br-storage + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/controller-v6.yaml b/network/config/single-nic-vlans/controller-v6.yaml new file mode 100644 index 00000000..472e539d --- /dev/null +++ b/network/config/single-nic-vlans/controller-v6.yaml @@ -0,0 +1,158 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + controller role with IPv6 on the External network. The IPv6 default + route is on the External network, and the IPv4 default route is on + the Control Plane. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + #- # Uncomment when including environments/network-management.yaml + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index 3b22b36b..a5a0745d 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -111,7 +111,7 @@ resources: ip_netmask: {get_param: ExternalIpSubnet} routes: - - ip_netmask: 0.0.0.0/0 + default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} - type: vlan diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py new file mode 100755 index 00000000..d8cdee3d --- /dev/null +++ b/network/endpoints/build_endpoint_map.py @@ -0,0 +1,277 @@ +#!/usr/bin/env python + +""" +Generate the endpoint_map.yaml template from data in the endpoint_data.yaml +file. + +By default the files in the same directory as this script are operated on, but +different files can be optionally specified on the command line. + +The --check option verifies that the current output file is up-to-date with the +latest data in the input file. The script exits with status code 2 if a +mismatch is detected. +""" + +from __future__ import print_function + + +__all__ = ['load_endpoint_data', 'generate_endpoint_map_template', + 'write_template', 'build_endpoint_map', 'check_up_to_date'] + + +import collections +import copy +import itertools +import os +import sys +import yaml + + +(IN_FILE, OUT_FILE) = ('endpoint_data.yaml', 'endpoint_map.yaml') + +SUBST = (SUBST_IP_ADDRESS, SUBST_CLOUDNAME) = ('IP_ADDRESS', 'CLOUDNAME') +PARAMS = (PARAM_CLOUDNAME, PARAM_ENDPOINTMAP) = ('CloudName', 'EndpointMap') +FIELDS = (F_PORT, F_PROTOCOL, F_HOST) = ('port', 'protocol', 'host') + +ENDPOINT_TYPES = frozenset(['Internal', 'Public', 'Admin']) + + +def get_file(default_fn, override=None, writable=False): + if override == '-': + if writable: + return sys.stdout + else: + return sys.stdin + + if override is not None: + filename = override + else: + filename = os.path.join(os.path.dirname(__file__), default_fn) + + return open(filename, 'w' if writable else 'r') + + +def load_endpoint_data(infile=None): + with get_file(IN_FILE, infile) as f: + return yaml.safe_load(f) + + +def vip_param_name(endpoint_type_defn): + return endpoint_type_defn['vip_param'] + 'VirtualIP' + + +def vip_param_names(config): + def ep_types(svc): + return (v for k, v in svc.items() if k in ENDPOINT_TYPES or not k) + + return set(vip_param_name(defn) + for svc in config.values() for defn in ep_types(svc)) + + +def endpoint_map_default(config): + def map_item(ep_name, ep_type, svc): + values = collections.OrderedDict([ + (F_PROTOCOL, svc.get(F_PROTOCOL, 'http')), + (F_PORT, str(svc[ep_type].get(F_PORT, svc[F_PORT]))), + (F_HOST, SUBST_IP_ADDRESS), + ]) + return ep_name + ep_type, values + + return collections.OrderedDict(map_item(ep_name, ep_type, svc) + for ep_name, svc in sorted(config.items()) + for ep_type in sorted(set(svc) & + ENDPOINT_TYPES)) + + +def make_parameter(ptype, default, description=None): + param = collections.OrderedDict([('type', ptype), ('default', default)]) + if description is not None: + param['description'] = description + return param + + +def template_parameters(config): + params = collections.OrderedDict((n, make_parameter('string', '')) + for n in sorted(vip_param_names(config))) + + params[PARAM_ENDPOINTMAP] = make_parameter('json', + endpoint_map_default(config), + 'Mapping of service endpoint ' + '-> protocol. Typically set ' + 'via parameter_defaults in the ' + 'resource registry.') + + params[PARAM_CLOUDNAME] = make_parameter('string', + 'overcloud', + 'The DNS name of this cloud. ' + 'e.g. ci-overcloud.tripleo.org') + return params + + +def template_output_definition(endpoint_name, + endpoint_variant, + endpoint_type, + vip_param, + uri_suffix=None, + name_override=None): + def extract_field(field): + assert field in FIELDS + return {'get_param': ['EndpointMap', + endpoint_name + endpoint_type, + copy.copy(field)]} + + port = extract_field(F_PORT) + protocol = extract_field(F_PROTOCOL) + host = { + 'str_replace': collections.OrderedDict([ + ('template', extract_field(F_HOST)), + ('params', { + SUBST_IP_ADDRESS: {'get_param': vip_param}, + SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, + }) + ]) + } + uri_fields = [protocol, '://', copy.deepcopy(host), ':', port] + uri_fields_suffix = (copy.deepcopy(uri_fields) + + ([uri_suffix] if uri_suffix is not None else [])) + + name = name_override if name_override is not None else (endpoint_name + + endpoint_variant + + endpoint_type) + + return name, { + 'host': host, + 'port': extract_field('port'), + 'protocol': extract_field('protocol'), + 'uri': { + 'list_join': ['', uri_fields_suffix] + }, + 'uri_no_suffix': { + 'list_join': ['', uri_fields] + }, + } + + +def template_endpoint_items(config): + def get_svc_endpoints(ep_name, svc): + for ep_type in set(svc) & ENDPOINT_TYPES: + defn = svc[ep_type] + for variant, suffix in defn.get('uri_suffixes', + {'': None}).items(): + name_override = defn.get('names', {}).get(variant) + yield template_output_definition(ep_name, variant, ep_type, + vip_param_name(defn), + suffix, + name_override) + + return itertools.chain.from_iterable(sorted(get_svc_endpoints(ep_name, + svc)) + for (ep_name, + svc) in sorted(config.items())) + + +def generate_endpoint_map_template(config): + return collections.OrderedDict([ + ('heat_template_version', '2015-04-30'), + ('description', 'A map of OpenStack endpoints. Since the endpoints ' + 'are URLs, we need to have brackets around IPv6 IP addresses. The ' + 'inputs to these parameters come from net_ip_uri_map, which will ' + 'include these brackets in IPv6 addresses.'), + ('parameters', template_parameters(config)), + ('outputs', { + 'endpoint_map': { + 'value': + collections.OrderedDict(template_endpoint_items(config)) + } + }), + ]) + + +autogen_warning = """### DO NOT MODIFY THIS FILE +### This file is automatically generated from endpoint_data.yaml +### by the script build_endpoint_map.py + +""" + + +class TemplateDumper(yaml.SafeDumper): + def represent_ordered_dict(self, data): + return self.represent_dict(data.items()) + + +TemplateDumper.add_representer(collections.OrderedDict, + TemplateDumper.represent_ordered_dict) + + +def write_template(template, filename=None): + with get_file(OUT_FILE, filename, writable=True) as f: + f.write(autogen_warning) + yaml.dump(template, f, TemplateDumper, width=68) + + +def read_template(template, filename=None): + with get_file(OUT_FILE, filename) as f: + return yaml.safe_load(f) + + +def build_endpoint_map(output_filename=None, input_filename=None): + if output_filename is not None and output_filename == input_filename: + raise Exception('Cannot read from and write to the same file') + config = load_endpoint_data(input_filename) + template = generate_endpoint_map_template(config) + write_template(template, output_filename) + + +def check_up_to_date(output_filename=None, input_filename=None): + if output_filename is not None and output_filename == input_filename: + raise Exception('Input and output filenames must be different') + config = load_endpoint_data(input_filename) + template = generate_endpoint_map_template(config) + existing_template = read_template(output_filename) + return existing_template == template + + +def get_options(): + from optparse import OptionParser + + parser = OptionParser('usage: %prog' + ' [-i INPUT_FILE] [-o OUTPUT_FILE] [--check]', + description=__doc__) + parser.add_option('-i', '--input', dest='input_file', action='store', + default=None, + help='Specify a different endpoint data file') + parser.add_option('-o', '--output', dest='output_file', action='store', + default=None, + help='Specify a different endpoint map template file') + parser.add_option('-c', '--check', dest='check', action='store_true', + default=False, help='Check that the output file is ' + 'up to date with the data') + parser.add_option('-d', '--debug', dest='debug', action='store_true', + default=False, help='Print stack traces on error') + + return parser.parse_args() + + +def main(): + options, args = get_options() + if args: + print('Warning: ignoring positional args: %s' % ' '.join(args), + file=sys.stderr) + + try: + if options.check: + if not check_up_to_date(options.output_file, options.input_file): + print('EndpointMap template does not match input data', + file=sys.stderr) + sys.exit(2) + else: + build_endpoint_map(options.output_file, options.input_file) + except Exception as exc: + if options.debug: + raise + print('%s: %s' % (type(exc).__name__, str(exc)), file=sys.stderr) + sys.exit(1) + + +if __name__ == '__main__': + main() diff --git a/network/endpoints/endpoint.yaml b/network/endpoints/endpoint.yaml deleted file mode 100644 index 6246cfdd..00000000 --- a/network/endpoints/endpoint.yaml +++ /dev/null @@ -1,60 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack Endpoint - -parameters: - EndpointName: - type: string - description: The name of the Endpoint being evaluated - EndpointMap: - type: json - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - IP: - type: string - description: The IP address of the Neutron Port that the endpoint is attached to - UriSuffix: - type: string - default: '' - description: A suffix attached to the URL - CloudName: - type: string - default: '' - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - -outputs: - endpoint: - description: > - A Hash containing a mapping of service endpoints to ports, protocols, uris - assigned IPs, and hostnames for a specific endpoint - value: - port: {get_param: [EndpointMap, {get_param: EndpointName }, port] } - protocol: {get_param: [EndpointMap, {get_param: EndpointName }, protocol] } - ip: {get_param: IP} - host: - str_replace: - template: {get_param: [EndpointMap, {get_param: EndpointName }, host]} - params: {IP_ADDRESS: {get_param: IP}, CLOUDNAME: {get_param: CloudName}} - uri: - list_join: - - '' - - - {get_param: [EndpointMap, {get_param: EndpointName }, protocol] } - - '://' - - str_replace: - template: {get_param: [EndpointMap, {get_param: EndpointName }, host]} - params: {IP_ADDRESS: {get_param: IP}, CLOUDNAME: {get_param: CloudName }} - - ':' - - {get_param: [EndpointMap, {get_param: EndpointName }, port] } - - {get_param: UriSuffix } - uri_no_suffix: - list_join: - - '' - - - {get_param: [EndpointMap, {get_param: EndpointName }, protocol] } - - '://' - - str_replace: - template: {get_param: [EndpointMap, {get_param: EndpointName }, host]} - params: {IP_ADDRESS: {get_param: IP}, CLOUDNAME: {get_param: CloudName} } - - ':' - - {get_param: [EndpointMap, {get_param: EndpointName }, port] } diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml new file mode 100644 index 00000000..7a0bbf4a --- /dev/null +++ b/network/endpoints/endpoint_data.yaml @@ -0,0 +1,194 @@ +# Data in this file is used to generate the endpoint_map.yaml template. +# Run the script build_endpoint_map.py to regenerate the file. + +Ceilometer: + Internal: + vip_param: CeilometerApi + Public: + vip_param: Public + Admin: + vip_param: CeilometerApi + port: 8777 + +Cinder: + Internal: + vip_param: CinderApi + uri_suffixes: + '': /v1/%(tenant_id)s + V2: /v2/%(tenant_id)s + Public: + vip_param: Public + uri_suffixes: + '': /v1/%(tenant_id)s + V2: /v2/%(tenant_id)s + Admin: + vip_param: CinderApi + uri_suffixes: + '': /v1/%(tenant_id)s + V2: /v2/%(tenant_id)s + port: 8776 + +Glance: + Internal: + vip_param: GlanceApi + Public: + vip_param: Public + Admin: + vip_param: GlanceApi + port: 9292 + +GlanceRegistry: + Internal: + vip_param: GlanceRegistry + Public: + vip_param: Public + Admin: + vip_param: GlanceRegistry + port: 9191 + +Mysql: + '': + vip_param: Mysql + +Heat: + Internal: + vip_param: HeatApi + uri_suffixes: + '': /v1/%(tenant_id)s + Public: + vip_param: Public + uri_suffixes: + '': /v1/%(tenant_id)s + Admin: + vip_param: HeatApi + uri_suffixes: + '': /v1/%(tenant_id)s + port: 8004 + +Horizon: + Public: + vip_param: Public + uri_suffixes: + '': /dashboard + port: 80 + +Keystone: + Internal: + vip_param: KeystonePublicApi + uri_suffixes: + '': /v2.0 + EC2: /v2.0/ec2tokens + names: + EC2: KeystoneEC2 + Public: + vip_param: Public + uri_suffixes: + '': /v2.0 + Admin: + vip_param: KeystoneAdminApi + uri_suffixes: + '': /v2.0 + port: 35357 + port: 5000 + +# TODO(ayoung): V3 is a temporary fix. Endpoints should be versionless. +# Required for https://bugs.launchpad.net/puppet-nova/+bug/1542486 +KeystoneV3: + Internal: + vip_param: KeystonePublicApi + uri_suffixes: + '': /v3 + Public: + vip_param: Public + uri_suffixes: + '': /v3 + Admin: + vip_param: KeystoneAdminApi + uri_suffixes: + '': /v3 + port: 35357 + port: 5000 + +Neutron: + Internal: + vip_param: NeutronApi + Public: + vip_param: Public + Admin: + vip_param: NeutronApi + port: 9696 + +Nova: + Internal: + vip_param: NovaApi + uri_suffixes: + '': /v2.1/%(tenant_id)s + V3: /v3 + Public: + vip_param: Public + uri_suffixes: + '': /v2.1/%(tenant_id)s + V3: /v3 + Admin: + vip_param: NovaApi + uri_suffixes: + '': /v2.1/%(tenant_id)s + V3: /v3 + port: 8774 + +NovaEC2: + Internal: + vip_param: NovaApi + uri_suffixes: + '': /services/Cloud + Public: + vip_param: Public + uri_suffixes: + '': /services/Cloud + Admin: + vip_param: NovaApi + uri_suffixes: + '': /services/Admin + port: 8773 + +NovaVNCProxy: + Internal: + vip_param: NovaApi + Public: + vip_param: Public + Admin: + vip_param: NovaApi + port: 6080 + +Swift: + Internal: + vip_param: SwiftProxy + uri_suffixes: + '': /v1/AUTH_%(tenant_id)s + S3: + Public: + vip_param: Public + uri_suffixes: + '': /v1/AUTH_%(tenant_id)s + S3: + Admin: + vip_param: SwiftProxy + uri_suffixes: + '': + S3: + port: 8080 + +Sahara: + Internal: + vip_param: SaharaApi + uri_suffixes: + '': /v1.1/%(tenant_id)s + Public: + vip_param: SaharaApi + uri_suffixes: + '': /v1.1/%(tenant_id)s + Admin: + vip_param: SaharaApi + uri_suffixes: + '': /v1.1/%(tenant_id)s + port: 8386 diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index 05214011..a31094a1 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -1,450 +1,2004 @@ -heat_template_version: 2015-04-30 - -description: > - A Map of OpenStack Endpoints +### DO NOT MODIFY THIS FILE +### This file is automatically generated from endpoint_data.yaml +### by the script build_endpoint_map.py +heat_template_version: '2015-04-30' +description: A map of OpenStack endpoints. Since the endpoints are URLs, + we need to have brackets around IPv6 IP addresses. The inputs to these + parameters come from net_ip_uri_map, which will include these brackets + in IPv6 addresses. parameters: - CeilometerApiVirtualIP: - type: string - default: '' - CinderApiVirtualIP: - type: string - default: '' - GlanceApiVirtualIP: - type: string - default: '' - GlanceRegistryVirtualIP: - type: string - default: '' - HeatApiVirtualIP: - type: string - default: '' - KeystoneAdminApiVirtualIP: - type: string - default: '' - KeystonePublicApiVirtualIP: - type: string - default: '' - MysqlVirtualIP: - type: string - default: '' - NeutronApiVirtualIP: - type: string - default: '' - NovaApiVirtualIP: - type: string - default: '' - PublicVirtualIP: - type: string - default: '' - SwiftProxyVirtualIP: - type: string - default: '' + CeilometerApiVirtualIP: {type: string, default: ''} + CinderApiVirtualIP: {type: string, default: ''} + GlanceApiVirtualIP: {type: string, default: ''} + GlanceRegistryVirtualIP: {type: string, default: ''} + HeatApiVirtualIP: {type: string, default: ''} + KeystoneAdminApiVirtualIP: {type: string, default: ''} + KeystonePublicApiVirtualIP: {type: string, default: ''} + MysqlVirtualIP: {type: string, default: ''} + NeutronApiVirtualIP: {type: string, default: ''} + NovaApiVirtualIP: {type: string, default: ''} + PublicVirtualIP: {type: string, default: ''} + SaharaApiVirtualIP: {type: string, default: ''} + SwiftProxyVirtualIP: {type: string, default: ''} EndpointMap: type: json default: - CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerPublic: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderPublic: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlancePublic: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GlanceRegistryPublic: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatPublic: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HorizonPublic: {protocol: 'http', port: '80', host: 'IP_ADDRESS'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} - KeystonePublic: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronPublic: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaPublic: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} - NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} - NovaEC2Public: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + CeilometerAdmin: {protocol: http, port: '8777', host: IP_ADDRESS} + CeilometerInternal: {protocol: http, port: '8777', host: IP_ADDRESS} + CeilometerPublic: {protocol: http, port: '8777', host: IP_ADDRESS} + CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS} + CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS} + CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS} + GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS} + GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS} + GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS} + GlanceRegistryAdmin: {protocol: http, port: '9191', host: IP_ADDRESS} + GlanceRegistryInternal: {protocol: http, port: '9191', host: IP_ADDRESS} + GlanceRegistryPublic: {protocol: http, port: '9191', host: IP_ADDRESS} + HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS} + HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS} + HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS} + HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS} + KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS} + KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS} + KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS} + KeystoneV3Admin: {protocol: http, port: '35357', host: IP_ADDRESS} + KeystoneV3Internal: {protocol: http, port: '5000', host: IP_ADDRESS} + KeystoneV3Public: {protocol: http, port: '5000', host: IP_ADDRESS} + NeutronAdmin: {protocol: http, port: '9696', host: IP_ADDRESS} + NeutronInternal: {protocol: http, port: '9696', host: IP_ADDRESS} + NeutronPublic: {protocol: http, port: '9696', host: IP_ADDRESS} + NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS} + NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS} + NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS} + NovaEC2Admin: {protocol: http, port: '8773', host: IP_ADDRESS} + NovaEC2Internal: {protocol: http, port: '8773', host: IP_ADDRESS} + NovaEC2Public: {protocol: http, port: '8773', host: IP_ADDRESS} + NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS} + NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS} + NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS} + SaharaAdmin: {protocol: http, port: '8386', host: IP_ADDRESS} + SaharaInternal: {protocol: http, port: '8386', host: IP_ADDRESS} + SaharaPublic: {protocol: http, port: '8386', host: IP_ADDRESS} + SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} + SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS} + SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS} description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - CloudName: - type: string - default: '' - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - -resources: - - CeilometerInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: CeilometerInternal - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: CeilometerApiVirtualIP} - CeilometerPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: CeilometerPublic - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: PublicVirtualIP} - CeilometerAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: CeilometerAdmin - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: CeilometerApiVirtualIP} - - CinderInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: CinderInternal - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: CinderApiVirtualIP} - UriSuffix: '/v1/%(tenant_id)s' - CinderPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: CinderPublic - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: PublicVirtualIP} - UriSuffix: '/v1/%(tenant_id)s' - CinderAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: CinderAdmin - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: CinderApiVirtualIP} - UriSuffix: '/v1/%(tenant_id)s' - - CinderV2Internal: - type: OS::TripleO::Endpoint - properties: - EndpointName: CinderInternal - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: CinderApiVirtualIP} - UriSuffix: '/v2/%(tenant_id)s' - CinderV2Public: - type: OS::TripleO::Endpoint - properties: - EndpointName: CinderPublic - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: PublicVirtualIP} - UriSuffix: '/v2/%(tenant_id)s' - CinderV2Admin: - type: OS::TripleO::Endpoint - properties: - EndpointName: CinderAdmin - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: CinderApiVirtualIP} - UriSuffix: '/v2/%(tenant_id)s' - - GlanceInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: GlanceInternal - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: GlanceApiVirtualIP} - GlancePublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: GlancePublic - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: PublicVirtualIP} - GlanceAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: GlanceAdmin - EndpointMap: { get_param: EndpointMap } - CloudName: {get_param: CloudName} - IP: {get_param: GlanceApiVirtualIP} - GlanceRegistryInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: GlanceInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: GlanceRegistryVirtualIP} - GlanceRegistryPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: GlancePublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - GlanceRegistryAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: GlanceAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: GlanceRegistryVirtualIP} - - HeatInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: HeatInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: HeatApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v1/%(tenant_id)s' - HeatPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: HeatPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v1/%(tenant_id)s' - HeatAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: HeatAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: HeatApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v1/%(tenant_id)s' - - HorizonPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: HeatPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/dashboard' - - KeystoneInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: KeystoneInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: KeystonePublicApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2.0' - KeystonePublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: KeystonePublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2.0' - KeystoneAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: KeystoneAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: KeystoneAdminApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2.0' - KeystoneEC2: - type: OS::TripleO::Endpoint - properties: - EndpointName: KeystoneInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: KeystonePublicApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2.0/ec2tokens' - - NeutronInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: NeutronInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NeutronApiVirtualIP} - CloudName: {get_param: CloudName} - NeutronPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: NeutronPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - NeutronAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: NeutronAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NeutronApiVirtualIP} - CloudName: {get_param: CloudName} - - NovaInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NovaApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2/%(tenant_id)s' - NovaPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2/%(tenant_id)s' - NovaAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NovaApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v2/%(tenant_id)s' - NovaV3Internal: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NovaApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v3' - NovaV3Public: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v3' - NovaV3Admin: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NovaApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v3' - - NovaEC2Internal: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaEC2Internal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NovaApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/services/Cloud' - NovaEC2Public: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaEC2Public - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/services/Cloud' - NovaEC2Admin: - type: OS::TripleO::Endpoint - properties: - EndpointName: NovaEC2Admin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: NovaApiVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/services/Admin' - - SwiftInternal: - type: OS::TripleO::Endpoint - properties: - EndpointName: SwiftInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: SwiftProxyVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v1/AUTH_%(tenant_id)s' - SwiftPublic: - type: OS::TripleO::Endpoint - properties: - EndpointName: SwiftPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - UriSuffix: '/v1/AUTH_%(tenant_id)s' - SwiftAdmin: - type: OS::TripleO::Endpoint - properties: - EndpointName: SwiftAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: SwiftProxyVirtualIP} - CloudName: {get_param: CloudName} - # No Suffix for the Admin interface - SwiftS3Internal: - type: OS::TripleO::Endpoint - properties: - EndpointName: SwiftInternal - EndpointMap: { get_param: EndpointMap } - IP: {get_param: SwiftProxyVirtualIP} - CloudName: {get_param: CloudName} - SwiftS3Public: - type: OS::TripleO::Endpoint - properties: - EndpointName: SwiftPublic - EndpointMap: { get_param: EndpointMap } - IP: {get_param: PublicVirtualIP} - CloudName: {get_param: CloudName} - SwiftS3Admin: - type: OS::TripleO::Endpoint - properties: - EndpointName: SwiftAdmin - EndpointMap: { get_param: EndpointMap } - IP: {get_param: SwiftProxyVirtualIP} - CloudName: {get_param: CloudName} - + via parameter_defaults in the resource registry. + CloudName: {type: string, default: overcloud, description: The DNS name + of this cloud. e.g. ci-overcloud.tripleo.org} outputs: endpoint_map: value: - CeilometerInternal: {get_attr: [ CeilometerInternal, endpoint] } - CeilometerPublic: {get_attr: [ CeilometerPublic, endpoint] } - CeilometerAdmin: {get_attr: [ CeilometerAdmin, endpoint] } - CinderInternal: {get_attr: [ CinderInternal, endpoint] } - CinderPublic: {get_attr: [ CinderPublic, endpoint] } - CinderAdmin: {get_attr: [ CinderAdmin, endpoint] } - CinderV2Internal: {get_attr: [ CinderV2Internal, endpoint] } - CinderV2Public: {get_attr: [ CinderV2Public, endpoint] } - CinderV2Admin: {get_attr: [ CinderV2Admin, endpoint] } - GlanceInternal: {get_attr: [ GlanceInternal, endpoint] } - GlancePublic: {get_attr: [ GlancePublic, endpoint] } - GlanceAdmin: {get_attr: [ GlanceAdmin, endpoint] } - GlanceRegistryInternal: {get_attr: [ GlanceRegistryInternal, endpoint] } - GlanceRegistryPublic: {get_attr: [ GlanceRegistryPublic, endpoint] } - GlanceRegistryAdmin: {get_attr: [ GlanceRegistryAdmin, endpoint] } - HeatInternal: {get_attr: [ HeatInternal, endpoint] } - HeatPublic: {get_attr: [ HeatPublic, endpoint] } - HeatAdmin: {get_attr: [ HeatAdmin, endpoint] } - HorizonPublic: {get_attr: [ HorizonPublic, endpoint] } - KeystoneInternal: {get_attr: [ KeystoneInternal, endpoint] } - KeystonePublic: {get_attr: [ KeystonePublic, endpoint] } - KeystoneAdmin: {get_attr: [ KeystoneAdmin, endpoint] } - KeystoneEC2: {get_attr: [ KeystoneEC2, endpoint] } - NeutronInternal: {get_attr: [ NeutronInternal, endpoint] } - NeutronPublic: {get_attr: [ NeutronPublic, endpoint] } - NeutronAdmin: {get_attr: [ NeutronAdmin, endpoint] } - NovaInternal: {get_attr: [ NovaInternal, endpoint] } - NovaPublic: {get_attr: [ NovaPublic, endpoint] } - NovaAdmin: {get_attr: [ NovaAdmin, endpoint] } - NovaV3Internal: {get_attr: [ NovaV3Internal, endpoint] } - NovaV3Public: {get_attr: [ NovaV3Public, endpoint] } - NovaV3Admin: {get_attr: [ NovaV3Admin, endpoint] } - NovaEC2Internal: {get_attr: [ NovaEC2Internal, endpoint] } - NovaEC2Public: {get_attr: [ NovaEC2Public, endpoint] } - NovaEC2Admin: {get_attr: [ NovaEC2Admin, endpoint] } - SwiftInternal: {get_attr: [ SwiftInternal, endpoint] } - SwiftPublic: {get_attr: [ SwiftPublic, endpoint] } - SwiftAdmin: {get_attr: [ SwiftAdmin, endpoint] } - SwiftS3Internal: {get_attr: [ SwiftS3Internal, endpoint] } - SwiftS3Public: {get_attr: [ SwiftS3Public, endpoint] } - SwiftS3Admin: {get_attr: [ SwiftS3Admin, endpoint] } + CeilometerAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, CeilometerAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + port: + get_param: [EndpointMap, CeilometerAdmin, port] + protocol: + get_param: [EndpointMap, CeilometerAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CeilometerAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CeilometerAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + - ':' + - get_param: [EndpointMap, CeilometerAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CeilometerAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CeilometerAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + - ':' + - get_param: [EndpointMap, CeilometerAdmin, port] + CeilometerInternal: + host: + str_replace: + template: + get_param: [EndpointMap, CeilometerInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + port: + get_param: [EndpointMap, CeilometerInternal, port] + protocol: + get_param: [EndpointMap, CeilometerInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CeilometerInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CeilometerInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + - ':' + - get_param: [EndpointMap, CeilometerInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CeilometerInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CeilometerInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + - ':' + - get_param: [EndpointMap, CeilometerInternal, port] + CeilometerPublic: + host: + str_replace: + template: + get_param: [EndpointMap, CeilometerPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, CeilometerPublic, port] + protocol: + get_param: [EndpointMap, CeilometerPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CeilometerPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CeilometerPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CeilometerPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CeilometerPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CeilometerPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CeilometerPublic, port] + CinderAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + port: + get_param: [EndpointMap, CinderAdmin, port] + protocol: + get_param: [EndpointMap, CinderAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + CinderInternal: + host: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + port: + get_param: [EndpointMap, CinderInternal, port] + protocol: + get_param: [EndpointMap, CinderInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderInternal, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderInternal, port] + CinderPublic: + host: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, CinderPublic, port] + protocol: + get_param: [EndpointMap, CinderPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CinderPublic, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CinderPublic, port] + CinderV2Admin: + host: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + port: + get_param: [EndpointMap, CinderAdmin, port] + protocol: + get_param: [EndpointMap, CinderAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + - /v2/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + CinderV2Internal: + host: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + port: + get_param: [EndpointMap, CinderInternal, port] + protocol: + get_param: [EndpointMap, CinderInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderInternal, port] + - /v2/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderInternal, port] + CinderV2Public: + host: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, CinderPublic, port] + protocol: + get_param: [EndpointMap, CinderPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CinderPublic, port] + - /v2/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CinderPublic, port] + GlanceAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, GlanceAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceApiVirtualIP} + port: + get_param: [EndpointMap, GlanceAdmin, port] + protocol: + get_param: [EndpointMap, GlanceAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, GlanceAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceApiVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, GlanceAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceApiVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceAdmin, port] + GlanceInternal: + host: + str_replace: + template: + get_param: [EndpointMap, GlanceInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceApiVirtualIP} + port: + get_param: [EndpointMap, GlanceInternal, port] + protocol: + get_param: [EndpointMap, GlanceInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, GlanceInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceApiVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, GlanceInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceApiVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceInternal, port] + GlancePublic: + host: + str_replace: + template: + get_param: [EndpointMap, GlancePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, GlancePublic, port] + protocol: + get_param: [EndpointMap, GlancePublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, GlancePublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlancePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, GlancePublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, GlancePublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlancePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, GlancePublic, port] + GlanceRegistryAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, GlanceRegistryAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + port: + get_param: [EndpointMap, GlanceRegistryAdmin, port] + protocol: + get_param: [EndpointMap, GlanceRegistryAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, GlanceRegistryAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceRegistryAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceRegistryAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, GlanceRegistryAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceRegistryAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceRegistryAdmin, port] + GlanceRegistryInternal: + host: + str_replace: + template: + get_param: [EndpointMap, GlanceRegistryInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + port: + get_param: [EndpointMap, GlanceRegistryInternal, port] + protocol: + get_param: [EndpointMap, GlanceRegistryInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, GlanceRegistryInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceRegistryInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceRegistryInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, GlanceRegistryInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceRegistryInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceRegistryInternal, port] + GlanceRegistryPublic: + host: + str_replace: + template: + get_param: [EndpointMap, GlanceRegistryPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, GlanceRegistryPublic, port] + protocol: + get_param: [EndpointMap, GlanceRegistryPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, GlanceRegistryPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceRegistryPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceRegistryPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, GlanceRegistryPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, GlanceRegistryPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, GlanceRegistryPublic, port] + HeatAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, HeatAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: HeatApiVirtualIP} + port: + get_param: [EndpointMap, HeatAdmin, port] + protocol: + get_param: [EndpointMap, HeatAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, HeatAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HeatAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: HeatApiVirtualIP} + - ':' + - get_param: [EndpointMap, HeatAdmin, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, HeatAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HeatAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: HeatApiVirtualIP} + - ':' + - get_param: [EndpointMap, HeatAdmin, port] + HeatInternal: + host: + str_replace: + template: + get_param: [EndpointMap, HeatInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: HeatApiVirtualIP} + port: + get_param: [EndpointMap, HeatInternal, port] + protocol: + get_param: [EndpointMap, HeatInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, HeatInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HeatInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: HeatApiVirtualIP} + - ':' + - get_param: [EndpointMap, HeatInternal, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, HeatInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HeatInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: HeatApiVirtualIP} + - ':' + - get_param: [EndpointMap, HeatInternal, port] + HeatPublic: + host: + str_replace: + template: + get_param: [EndpointMap, HeatPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, HeatPublic, port] + protocol: + get_param: [EndpointMap, HeatPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, HeatPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HeatPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, HeatPublic, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, HeatPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HeatPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, HeatPublic, port] + HorizonPublic: + host: + str_replace: + template: + get_param: [EndpointMap, HorizonPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, HorizonPublic, port] + protocol: + get_param: [EndpointMap, HorizonPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, HorizonPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HorizonPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, HorizonPublic, port] + - /dashboard + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, HorizonPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, HorizonPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, HorizonPublic, port] + KeystoneAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, KeystoneAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + port: + get_param: [EndpointMap, KeystoneAdmin, port] + protocol: + get_param: [EndpointMap, KeystoneAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneAdmin, port] + - /v2.0 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneAdmin, port] + KeystoneEC2: + host: + str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + port: + get_param: [EndpointMap, KeystoneInternal, port] + protocol: + get_param: [EndpointMap, KeystoneInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneInternal, port] + - /v2.0/ec2tokens + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneInternal, port] + KeystoneInternal: + host: + str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + port: + get_param: [EndpointMap, KeystoneInternal, port] + protocol: + get_param: [EndpointMap, KeystoneInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneInternal, port] + - /v2.0 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneInternal, port] + KeystonePublic: + host: + str_replace: + template: + get_param: [EndpointMap, KeystonePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, KeystonePublic, port] + protocol: + get_param: [EndpointMap, KeystonePublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystonePublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystonePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, KeystonePublic, port] + - /v2.0 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystonePublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystonePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, KeystonePublic, port] + KeystoneV3Admin: + host: + str_replace: + template: + get_param: [EndpointMap, KeystoneV3Admin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + port: + get_param: [EndpointMap, KeystoneV3Admin, port] + protocol: + get_param: [EndpointMap, KeystoneV3Admin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneV3Admin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneV3Admin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneV3Admin, port] + - /v3 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneV3Admin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneV3Admin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneV3Admin, port] + KeystoneV3Internal: + host: + str_replace: + template: + get_param: [EndpointMap, KeystoneV3Internal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + port: + get_param: [EndpointMap, KeystoneV3Internal, port] + protocol: + get_param: [EndpointMap, KeystoneV3Internal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneV3Internal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneV3Internal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneV3Internal, port] + - /v3 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneV3Internal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneV3Internal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneV3Internal, port] + KeystoneV3Public: + host: + str_replace: + template: + get_param: [EndpointMap, KeystoneV3Public, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, KeystoneV3Public, port] + protocol: + get_param: [EndpointMap, KeystoneV3Public, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneV3Public, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneV3Public, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneV3Public, port] + - /v3 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, KeystoneV3Public, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, KeystoneV3Public, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, KeystoneV3Public, port] + NeutronAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, NeutronAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NeutronApiVirtualIP} + port: + get_param: [EndpointMap, NeutronAdmin, port] + protocol: + get_param: [EndpointMap, NeutronAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NeutronAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NeutronAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NeutronApiVirtualIP} + - ':' + - get_param: [EndpointMap, NeutronAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NeutronAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NeutronAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NeutronApiVirtualIP} + - ':' + - get_param: [EndpointMap, NeutronAdmin, port] + NeutronInternal: + host: + str_replace: + template: + get_param: [EndpointMap, NeutronInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NeutronApiVirtualIP} + port: + get_param: [EndpointMap, NeutronInternal, port] + protocol: + get_param: [EndpointMap, NeutronInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NeutronInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NeutronInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NeutronApiVirtualIP} + - ':' + - get_param: [EndpointMap, NeutronInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NeutronInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NeutronInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NeutronApiVirtualIP} + - ':' + - get_param: [EndpointMap, NeutronInternal, port] + NeutronPublic: + host: + str_replace: + template: + get_param: [EndpointMap, NeutronPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, NeutronPublic, port] + protocol: + get_param: [EndpointMap, NeutronPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NeutronPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NeutronPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NeutronPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NeutronPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NeutronPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NeutronPublic, port] + NovaAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaAdmin, port] + protocol: + get_param: [EndpointMap, NovaAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaAdmin, port] + - /v2.1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaAdmin, port] + NovaInternal: + host: + str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaInternal, port] + protocol: + get_param: [EndpointMap, NovaInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaInternal, port] + - /v2.1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaInternal, port] + NovaPublic: + host: + str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, NovaPublic, port] + protocol: + get_param: [EndpointMap, NovaPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaPublic, port] + - /v2.1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaPublic, port] + NovaV3Admin: + host: + str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaAdmin, port] + protocol: + get_param: [EndpointMap, NovaAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaAdmin, port] + - /v3 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaAdmin, port] + NovaV3Internal: + host: + str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaInternal, port] + protocol: + get_param: [EndpointMap, NovaInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaInternal, port] + - /v3 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaInternal, port] + NovaV3Public: + host: + str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, NovaPublic, port] + protocol: + get_param: [EndpointMap, NovaPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaPublic, port] + - /v3 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaPublic, port] + NovaEC2Admin: + host: + str_replace: + template: + get_param: [EndpointMap, NovaEC2Admin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaEC2Admin, port] + protocol: + get_param: [EndpointMap, NovaEC2Admin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaEC2Admin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaEC2Admin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaEC2Admin, port] + - /services/Admin + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaEC2Admin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaEC2Admin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaEC2Admin, port] + NovaEC2Internal: + host: + str_replace: + template: + get_param: [EndpointMap, NovaEC2Internal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaEC2Internal, port] + protocol: + get_param: [EndpointMap, NovaEC2Internal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaEC2Internal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaEC2Internal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaEC2Internal, port] + - /services/Cloud + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaEC2Internal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaEC2Internal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaEC2Internal, port] + NovaEC2Public: + host: + str_replace: + template: + get_param: [EndpointMap, NovaEC2Public, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, NovaEC2Public, port] + protocol: + get_param: [EndpointMap, NovaEC2Public, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaEC2Public, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaEC2Public, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaEC2Public, port] + - /services/Cloud + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaEC2Public, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaEC2Public, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaEC2Public, port] + NovaVNCProxyAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaVNCProxyAdmin, port] + protocol: + get_param: [EndpointMap, NovaVNCProxyAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaVNCProxyAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaVNCProxyAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaVNCProxyAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaVNCProxyAdmin, port] + NovaVNCProxyInternal: + host: + str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + port: + get_param: [EndpointMap, NovaVNCProxyInternal, port] + protocol: + get_param: [EndpointMap, NovaVNCProxyInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaVNCProxyInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaVNCProxyInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaVNCProxyInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: NovaApiVirtualIP} + - ':' + - get_param: [EndpointMap, NovaVNCProxyInternal, port] + NovaVNCProxyPublic: + host: + str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, NovaVNCProxyPublic, port] + protocol: + get_param: [EndpointMap, NovaVNCProxyPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, NovaVNCProxyPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaVNCProxyPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, NovaVNCProxyPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, NovaVNCProxyPublic, port] + SaharaAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, SaharaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + port: + get_param: [EndpointMap, SaharaAdmin, port] + protocol: + get_param: [EndpointMap, SaharaAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SaharaAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SaharaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + - ':' + - get_param: [EndpointMap, SaharaAdmin, port] + - /v1.1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SaharaAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SaharaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + - ':' + - get_param: [EndpointMap, SaharaAdmin, port] + SaharaInternal: + host: + str_replace: + template: + get_param: [EndpointMap, SaharaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + port: + get_param: [EndpointMap, SaharaInternal, port] + protocol: + get_param: [EndpointMap, SaharaInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SaharaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SaharaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + - ':' + - get_param: [EndpointMap, SaharaInternal, port] + - /v1.1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SaharaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SaharaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + - ':' + - get_param: [EndpointMap, SaharaInternal, port] + SaharaPublic: + host: + str_replace: + template: + get_param: [EndpointMap, SaharaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + port: + get_param: [EndpointMap, SaharaPublic, port] + protocol: + get_param: [EndpointMap, SaharaPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SaharaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SaharaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + - ':' + - get_param: [EndpointMap, SaharaPublic, port] + - /v1.1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SaharaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SaharaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SaharaApiVirtualIP} + - ':' + - get_param: [EndpointMap, SaharaPublic, port] + SwiftAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + port: + get_param: [EndpointMap, SwiftAdmin, port] + protocol: + get_param: [EndpointMap, SwiftAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SwiftAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SwiftAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftAdmin, port] + SwiftInternal: + host: + str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + port: + get_param: [EndpointMap, SwiftInternal, port] + protocol: + get_param: [EndpointMap, SwiftInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SwiftInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftInternal, port] + - /v1/AUTH_%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SwiftInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftInternal, port] + SwiftPublic: + host: + str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, SwiftPublic, port] + protocol: + get_param: [EndpointMap, SwiftPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SwiftPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftPublic, port] + - /v1/AUTH_%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SwiftPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftPublic, port] + SwiftS3Admin: + host: + str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + port: + get_param: [EndpointMap, SwiftAdmin, port] + protocol: + get_param: [EndpointMap, SwiftAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SwiftAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SwiftAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftAdmin, port] + SwiftS3Internal: + host: + str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + port: + get_param: [EndpointMap, SwiftInternal, port] + protocol: + get_param: [EndpointMap, SwiftInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SwiftInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SwiftInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftInternal, port] + SwiftS3Public: + host: + str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, SwiftPublic, port] + protocol: + get_param: [EndpointMap, SwiftPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, SwiftPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, SwiftPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, SwiftPublic, port] diff --git a/network/external_v6.yaml b/network/external_v6.yaml new file mode 100644 index 00000000..3e120f24 --- /dev/null +++ b/network/external_v6.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +description: > + External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + ExternalNetCidr: + # OpenStack uses the EUI-64 address format, which requires a /64 prefix + default: '2001:db8:fd00:1000::/64' + description: Cidr for the external network. + type: string + ExternalNetValueSpecs: + default: {'provider:physical_network': 'external', 'provider:network_type': 'flat'} + description: Value specs for the external network. + type: json + ExternalNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + ExternalNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + ExternalNetName: + default: external + description: The name of the external network. + type: string + ExternalSubnetName: + default: external_subnet + description: The name of the external subnet in Neutron. + type: string + ExternalAllocationPools: + default: [{'start': '2001:db8:fd00:1000::10', 'end': '2001:db8:fd00:1000:ffff:ffff:ffff:fffe'}] + description: Ip allocation pool range for the external network. + type: json + IPv6AddressMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 address mode + type: string + IPv6RAMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 router advertisement mode + type: string + +resources: + ExternalNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: ExternalNetAdminStateUp} + name: {get_param: ExternalNetName} + shared: {get_param: ExternalNetShared} + value_specs: {get_param: ExternalNetValueSpecs} + + ExternalSubnet: + type: OS::Neutron::Subnet + properties: + ip_version: 6 + ipv6_address_mode: {get_param: IPv6AddressMode} + ipv6_ra_mode: {get_param: IPv6RAMode} + cidr: {get_param: ExternalNetCidr} + name: {get_param: ExternalSubnetName} + network: {get_resource: ExternalNetwork} + allocation_pools: {get_param: ExternalAllocationPools} + +outputs: + OS::stack_id: + description: Neutron external network + value: {get_resource: ExternalNetwork} diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml new file mode 100644 index 00000000..68c14fbe --- /dev/null +++ b/network/internal_api_v6.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +description: > + Internal API network. Used for most APIs, Database, RPC. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + InternalApiNetCidr: + # OpenStack uses the EUI-64 address format, which requires a /64 prefix + default: 'fd00:fd00:fd00:2000::/64' + description: Cidr for the internal API network. + type: string + InternalApiNetValueSpecs: + default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'} + description: Value specs for the internal API network. + type: json + InternalApiNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + InternalApiNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + InternalApiNetName: + default: internal_api + description: The name of the internal API network. + type: string + InternalApiSubnetName: + default: internal_api_subnet + description: The name of the internal API subnet in Neutron. + type: string + InternalApiAllocationPools: + default: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}] + description: Ip allocation pool range for the internal API network. + type: json + IPv6AddressMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 address mode + type: string + IPv6RAMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 router advertisement mode + type: string + +resources: + InternalApiNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: InternalApiNetAdminStateUp} + name: {get_param: InternalApiNetName} + shared: {get_param: InternalApiNetShared} + value_specs: {get_param: InternalApiNetValueSpecs} + + InternalApiSubnet: + type: OS::Neutron::Subnet + properties: + ip_version: 6 + ipv6_address_mode: {get_param: IPv6AddressMode} + ipv6_ra_mode: {get_param: IPv6RAMode} + cidr: {get_param: InternalApiNetCidr} + name: {get_param: InternalApiSubnetName} + network: {get_resource: InternalApiNetwork} + allocation_pools: {get_param: InternalApiAllocationPools} + +outputs: + OS::stack_id: + description: Neutron internal network + value: {get_resource: InternalApiNetwork} diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml index 7a7043bd..5ac7d344 100644 --- a/network/ports/ctlplane_vip.yaml +++ b/network/ports/ctlplane_vip.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port for a VIP on the undercloud ctlplane network. @@ -45,13 +45,14 @@ outputs: ip_address: description: Virtual IP network IP value: {get_attr: [VipPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: Virtual IP network IP (for compatibility with vip_v6.yaml) + value: {get_attr: [VipPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the ctlplane network. value: list_join: - '' - - {get_attr: [VipPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [VipPort, subnets, 0, cidr, -2]} - - {get_attr: [VipPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [VipPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/external.yaml b/network/ports/external.yaml index 7624eb9f..c4f815fb 100644 --- a/network/ports/external.yaml +++ b/network/ports/external.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port on the external network. The IP address will be chosen @@ -48,13 +48,14 @@ outputs: ip_address: description: external network IP value: {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: external network IP (for compatibility with external_v6.yaml) + value: {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the external network IP value: list_join: - '' - - {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [ExternalPort, subnets, 0, cidr, -2]} - - {get_attr: [ExternalPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [ExternalPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/external_from_pool.yaml b/network/ports/external_from_pool.yaml index 8e9dc7c2..98f2aa35 100644 --- a/network/ports/external_from_pool.yaml +++ b/network/ports/external_from_pool.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Returns an IP from a network mapped list of IPs @@ -33,13 +33,14 @@ outputs: ip_address: description: external network IP value: {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: external network IP (for compatibility with IPv6) + value: {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the external network IP value: list_join: - '' - - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} - '/' - - {get_param: [ExternalNetCidr, -2]} - - {get_param: [ExternalNetCidr, -1]} + - {str_split: ['/', {get_param: ExternalNetCidr}, 1]} diff --git a/network/ports/external_from_pool_v6.yaml b/network/ports/external_from_pool_v6.yaml new file mode 100644 index 00000000..bf0c036d --- /dev/null +++ b/network/ports/external_from_pool_v6.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs. This version is for IPv6 + addresses. The ip_address_uri output will have brackets for use in URLs. + +parameters: + ExternalNetName: + description: Name of the external network + default: external + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + ExternalNetCidr: + default: '2001:db8:fd00:1000::/64' + description: Cidr for the external network. + type: string + +outputs: + ip_address: + description: external network IP + value: {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: external network IP (for compatibility with IPv6) + value: + list_join: + - '' + - - '[' + - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the external network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [ExternalNetCidr, -2]} + - {get_param: [ExternalNetCidr, -1]} diff --git a/network/ports/external_v6.yaml b/network/ports/external_v6.yaml new file mode 100644 index 00000000..522caaa0 --- /dev/null +++ b/network/ports/external_v6.yaml @@ -0,0 +1,68 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the external network. The IP address will be chosen + automatically if FixedIPs is empty. + +parameters: + ExternalNetName: + description: Name of the external neutron network + default: external + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + ControlPlaneNetwork: # Here for compatibility with ctlplane_vip.yaml + description: The name of the undercloud Neutron control plane + default: ctlplane + type: string + FixedIPs: + description: > + Control the IP allocation for the VIP port. E.g. + [{'ip_address':'1.2.3.4'}] + default: [] + type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number + +resources: + + ExternalPort: + type: OS::Neutron::Port + properties: + network: {get_param: ExternalNetName} + name: {get_param: PortName} + fixed_ips: {get_param: FixedIPs} + replacement_policy: AUTO + +outputs: + ip_address: + description: external network IP + value: {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: external network IP with brackets suitable for a URL + value: + list_join: + - '' + - - '[' + - {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the external network IP + value: + list_join: + - '' + - - {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [ExternalPort, subnets, 0, cidr, -2]} + - {get_attr: [ExternalPort, subnets, 0, cidr, -1]} diff --git a/network/ports/from_service.yaml b/network/ports/from_service.yaml index 6b669f41..359d77a7 100644 --- a/network/ports/from_service.yaml +++ b/network/ports/from_service.yaml @@ -32,3 +32,6 @@ outputs: ip_address: description: network IP value: {get_param: [ServiceVips, {get_param: ServiceName}]} + ip_address_uri: + description: network IP (for compatibility with IPv6) + value: {get_param: [ServiceVips, {get_param: ServiceName}]} diff --git a/network/ports/from_service_v6.yaml b/network/ports/from_service_v6.yaml new file mode 100644 index 00000000..2dd0a0ee --- /dev/null +++ b/network/ports/from_service_v6.yaml @@ -0,0 +1,42 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a service mapped list of IPv6 IPs + +parameters: + ServiceName: + description: Name of the service to lookup + default: '' + type: string + NetworkName: # Here for compatability with ctlplane_vip.yaml + description: Name of the network where the VIP will be created + default: ctlplane + type: string + PortName: # Here for compatability with ctlplane_vip.yaml + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with ctlplane_vip.yaml + description: IP address on the control plane + default: '' + type: string + ControlPlaneNetwork: # Here for compatability with ctlplane_vip.yaml + description: The name of the undercloud Neutron control plane + default: ctlplane + type: string + ServiceVips: + default: {} + type: json + +outputs: + ip_address: + description: network IP + value: {get_param: [ServiceVips, {get_param: ServiceName}]} + ip_address_uri: + description: network IP (with brackets for use in URLs) + value: + list_join: + - '' + - - '[' + - {get_param: [ServiceVips, {get_param: ServiceName}]} + - ']' diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml index f84e8f71..1d521a8d 100644 --- a/network/ports/internal_api.yaml +++ b/network/ports/internal_api.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port on the internal_api network. @@ -43,13 +43,15 @@ outputs: ip_address: description: internal API network IP value: {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: | + internal API network IP (for compatibility with internal_api_v6.yaml) + value: {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the internal API network IP value: list_join: - '' - - {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [InternalApiPort, subnets, 0, cidr, -2]} - - {get_attr: [InternalApiPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [InternalApiPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml index b98e1fb1..c7b04847 100644 --- a/network/ports/internal_api_from_pool.yaml +++ b/network/ports/internal_api_from_pool.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Returns an IP from a network mapped list of IPs @@ -33,13 +33,14 @@ outputs: ip_address: description: internal API network IP value: {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: internal API network IP (for compatibility with internal_api_v6.yaml) + value: {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the internal API network IP value: list_join: - '' - - {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} - '/' - - {get_param: [InternalApiNetCidr, -2]} - - {get_param: [InternalApiNetCidr, -1]} + - {str_split: ['/', {get_param: InternalApiNetCidr}, 1]} diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml new file mode 100644 index 00000000..34c17ab2 --- /dev/null +++ b/network/ports/internal_api_from_pool_v6.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs. This version is for IPv6 + addresses. The ip_address_uri output will have brackets for use in URLs. + +parameters: + InternalApiNetName: + description: Name of the internal API network + default: internal_api + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + InternalApiNetCidr: + default: 'fd00:fd00:fd00:2000::/64' + description: Cidr for the internal API network. + type: string + +outputs: + ip_address: + description: internal API network IP + value: {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: internal API network IP (for compatibility with internal_api_v6.yaml) + value: + list_join: + - '' + - - '[' + - {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the internal API network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [InternalApiNetCidr, -2]} + - {get_param: [InternalApiNetCidr, -1]} diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml new file mode 100644 index 00000000..279e6bd0 --- /dev/null +++ b/network/ports/internal_api_v6.yaml @@ -0,0 +1,63 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the internal_api network. + +parameters: + InternalApiNetName: + description: Name of the internal API neutron network + default: internal_api + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + FixedIPs: + description: > + Control the IP allocation for the VIP port. E.g. + [{'ip_address':'1.2.3.4'}] + default: [] + type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number + +resources: + + InternalApiPort: + type: OS::Neutron::Port + properties: + network: {get_param: InternalApiNetName} + name: {get_param: PortName} + fixed_ips: {get_param: FixedIPs} + replacement_policy: AUTO + +outputs: + ip_address: + description: internal API network IP + value: {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: internal api network IP with brackets suitable for a URL + value: + list_join: + - '' + - - '[' + - {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the internal API network IP + value: + list_join: + - '' + - - {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [InternalApiPort, subnets, 0, cidr, -2]} + - {get_attr: [InternalApiPort, subnets, 0, cidr, -1]} diff --git a/network/ports/management.yaml b/network/ports/management.yaml index 1d15ca60..967b66e1 100644 --- a/network/ports/management.yaml +++ b/network/ports/management.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port on the management network. The IP address will be chosen @@ -16,6 +16,12 @@ parameters: ControlPlaneIP: # Here for compatibility with noop.yaml description: IP address on the control plane type: string + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number resources: @@ -30,13 +36,14 @@ outputs: ip_address: description: management network IP value: {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: management network IP (for compatibility with management_v6.yaml) + value: {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the management network IP value: list_join: - '' - - {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [ManagementPort, subnets, 0, cidr, -2]} - - {get_attr: [ManagementPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [ManagementPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/management_from_pool.yaml b/network/ports/management_from_pool.yaml new file mode 100644 index 00000000..fc87e39a --- /dev/null +++ b/network/ports/management_from_pool.yaml @@ -0,0 +1,46 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + ManagementNetName: + description: Name of the management network + default: management + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + ManagementNetCidr: + default: '172.16.4.0/24' + description: Cidr for the management network. + type: string + +outputs: + ip_address: + description: management network IP + value: {get_param: [IPPool, {get_param: ManagementNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: management network IP (for compatibility with management_v6.yaml) + value: {get_param: [IPPool, {get_param: ManagementNetName}, {get_param: NodeIndex}]} + ip_subnet: + description: IP/Subnet CIDR for the management network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: ManagementNetName}, {get_param: NodeIndex}]} + - '/' + - {str_split: ['/', {get_param: ManagementNetCidr}, 1]} diff --git a/network/ports/management_v6.yaml b/network/ports/management_v6.yaml new file mode 100644 index 00000000..a94ebc7b --- /dev/null +++ b/network/ports/management_v6.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2015-10-15 + +description: > + Creates a port on the management network. The IP address will be chosen + automatically if FixedIPs is empty. + +parameters: + ManagementNetName: + description: Name of the management neutron network + default: management + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatibility with noop.yaml + description: IP address on the control plane + type: string + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number + +resources: + + ManagementPort: + type: OS::Neutron::Port + properties: + network: {get_param: ManagementNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: management network IP + value: {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: management network IP with brackets suitable for a URL + value: + list_join: + - '' + - - '[' + - {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + description: IP/Subnet CIDR for the management network IP + value: + list_join: + - '' + - - {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} + - '/' + - {str_split: ['/', {get_attr: [ManagementPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index c6386025..6bb4557b 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -7,21 +7,45 @@ parameters: ExternalIp: default: '' type: string + ExternalIpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 InternalApiIp: default: '' type: string + InternalApiIpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 StorageIp: default: '' type: string + StorageIpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 StorageMgmtIp: default: '' type: string + StorageMgmtIpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 TenantIp: default: '' type: string + TenantIpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 ManagementIp: default: '' type: string + ManagementIpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 outputs: net_ip_map: @@ -36,3 +60,15 @@ outputs: storage_mgmt: {get_param: StorageMgmtIp} tenant: {get_param: TenantIp} management: {get_param: ManagementIp} + net_ip_uri_map: + description: > + A Hash containing a mapping of netowrk names to assigned IPs for a + specific machine with brackets around IPv6 addresses for use in URLs. + value: + ctlplane: {get_param: ControlPlaneIp} + external: {get_param: ExternalIpUri} + internal_api: {get_param: InternalApiIpUri} + storage: {get_param: StorageIpUri} + storage_mgmt: {get_param: StorageMgmtIpUri} + tenant: {get_param: TenantIpUri} + management: {get_param: ManagementIpUri} diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml index 23e1f992..a40a0bfc 100644 --- a/network/ports/net_vip_map_external.yaml +++ b/network/ports/net_vip_map_external.yaml @@ -24,18 +24,33 @@ parameters: ExternalIp: default: '' type: string + ExternalIpUri: + default: '' + type: string InternalApiIp: default: '' type: string + InternalApiIpUri: + default: '' + type: string StorageIp: default: '' type: string + StorageIpUri: + default: '' + type: string StorageMgmtIp: default: '' type: string + StorageMgmtIpUri: + default: '' + type: string TenantIp: default: '' type: string + TenantIpUri: + default: '' + type: string outputs: net_ip_map: @@ -48,3 +63,13 @@ outputs: internal_api: {get_param: InternalApiNetworkVip} storage: {get_param: StorageNetworkVip} storage_mgmt: {get_param: StorageMgmtNetworkVip} + net_ip_uri_map: + description: > + A Hash containing a mapping of netowrk names to assigned IPs for a + specific machine with brackets around IPv6 addresses for use in URLs. + value: + ctlplane: {get_param: ControlPlaneIP} + external: {get_param: ExternalNetworkVip} + internal_api: {get_param: InternalApiNetworkVip} + storage: {get_param: StorageNetworkVip} + storage_mgmt: {get_param: StorageMgmtNetworkVip} diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml new file mode 100644 index 00000000..f6d67fe8 --- /dev/null +++ b/network/ports/net_vip_map_external_v6.yaml @@ -0,0 +1,95 @@ +heat_template_version: 2015-04-30 + +parameters: + # Set these via parameter defaults to configure external VIPs + ControlPlaneIP: + default: '' + type: string + ExternalNetworkVip: + default: '' + type: string + InternalApiNetworkVip: + default: '' + type: string + StorageNetworkVip: + default: '' + type: string + StorageMgmtNetworkVip: + default: '' + type: string + # The following are unused in this template + ControlPlaneIp: + default: '' + type: string + ExternalIp: + default: '' + type: string + ExternalIpUri: + default: '' + type: string + InternalApiIp: + default: '' + type: string + InternalApiIpUri: + default: '' + type: string + StorageIp: + default: '' + type: string + StorageIpUri: + default: '' + type: string + StorageMgmtIp: + default: '' + type: string + StorageMgmtIpUri: + default: '' + type: string + TenantIp: + default: '' + type: string + TenantIpUri: + default: '' + type: string + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + ctlplane: {get_param: ControlPlaneIP} + external: {get_param: ExternalNetworkVip} + internal_api: {get_param: InternalApiNetworkVip} + storage: {get_param: StorageNetworkVip} + storage_mgmt: {get_param: StorageMgmtNetworkVip} + net_ip_uri_map: + description: > + A Hash containing a mapping of netowrk names to assigned IPs for a + specific machine with brackets around IPv6 addresses for use in URLs. + value: + ctlplane: {get_param: ControlPlaneIP} + external: + list_join: + - '' + - - '[' + - {get_param: ExternalNetworkVip} + - ']' + internal_api: + list_join: + - '' + - - '[' + - {get_param: InternalApiNetworkVip} + - ']' + storage: + list_join: + - '' + - - '[' + - {get_param: StorageNetworkVip} + - ']' + storage_mgmt: + list_join: + - '' + - - '[' + - {get_param: StorageMgmtNetworkVip} + - ']' diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml index ac946cd9..96c461e0 100644 --- a/network/ports/noop.yaml +++ b/network/ports/noop.yaml @@ -44,6 +44,9 @@ outputs: ip_address: description: pass thru network IP value: {get_param: ControlPlaneIP} + ip_address_uri: + description: pass thru network IP (for compatibility with vip_v6.yaml) + value: {get_param: ControlPlaneIP} ip_subnet: description: IP/Subnet CIDR for the pass thru network IP value: diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml index a07e5a4f..1ed5cca1 100644 --- a/network/ports/storage.yaml +++ b/network/ports/storage.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port on the storage network. @@ -43,13 +43,14 @@ outputs: ip_address: description: storage network IP value: {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: storage network IP (for compatibility with storage_v6.yaml) + value: {get_attr: [StoragePort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the storage network IP value: list_join: - '' - - {get_attr: [StoragePort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [StoragePort, subnets, 0, cidr, -2]} - - {get_attr: [StoragePort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [StoragePort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/storage_from_pool.yaml b/network/ports/storage_from_pool.yaml index 668bc6f6..dfc9e752 100644 --- a/network/ports/storage_from_pool.yaml +++ b/network/ports/storage_from_pool.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Returns an IP from a network mapped list of IPs @@ -33,13 +33,14 @@ outputs: ip_address: description: storage network IP value: {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: storage network IP (for compatibility with storage_v6.yaml) + value: {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the storage network IP value: list_join: - '' - - {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} - '/' - - {get_param: [StorageNetCidr, -2]} - - {get_param: [StorageNetCidr, -1]} + - {str_split: ['/', {get_param: StorageNetCidr}, 1]} diff --git a/network/ports/storage_from_pool_v6.yaml b/network/ports/storage_from_pool_v6.yaml new file mode 100644 index 00000000..966d96ae --- /dev/null +++ b/network/ports/storage_from_pool_v6.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs. This version is for IPv6 + addresses. The ip_address_uri output will have brackets for use in URLs. + +parameters: + StorageNetName: + description: Name of the storage network + default: storage + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + StorageNetCidr: + default: 'fd00:fd00:fd00:3000::/64' + description: Cidr for the storage network. + type: string + +outputs: + ip_address: + description: storage network IP + value: {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: storage network IP (for compatibility with storage_v6.yaml) + value: + list_join: + - '' + - - '[' + - {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [StorageNetCidr, -2]} + - {get_param: [StorageNetCidr, -1]} diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml index 4890bf5a..548d226a 100644 --- a/network/ports/storage_mgmt.yaml +++ b/network/ports/storage_mgmt.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port on the storage_mgmt API network. @@ -43,13 +43,15 @@ outputs: ip_address: description: storage_mgmt network IP value: {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: | + storage_mgmt network IP (for compatibility with storage_mgmt_v6.yaml) + value: {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the storage_mgmt network IP value: list_join: - '' - - {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -2]} - - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [StorageMgmtPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml index bea87105..9c757a6e 100644 --- a/network/ports/storage_mgmt_from_pool.yaml +++ b/network/ports/storage_mgmt_from_pool.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Returns an IP from a network mapped list of IPs @@ -33,13 +33,14 @@ outputs: ip_address: description: storage MGMT network IP value: {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: storage MGMT network IP (for compatibility with storage_mgmt_v6.yaml) + value: {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the storage MGMT network IP value: list_join: - '' - - {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} - '/' - - {get_param: [StorageMgmtNetCidr, -2]} - - {get_param: [StorageMgmtNetCidr, -1]} + - {str_split: ['/', {get_param: StorageMgmtNetCidr}, 1]} diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml new file mode 100644 index 00000000..890da75c --- /dev/null +++ b/network/ports/storage_mgmt_from_pool_v6.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs This version is for IPv6 + addresses. The ip_address_uri output will have brackets for use in URLs. + +parameters: + StorageMgmtNetName: + description: Name of the storage MGMT network + default: storage_mgmt + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + StorageMgmtNetCidr: + default: 'fd00:fd00:fd00:4000::/64' + description: Cidr for the storage MGMT network. + type: string + +outputs: + ip_address: + description: storage MGMT network IP + value: {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: storage MGMT network IP (for compatibility with storage_mgmt_v6.yaml) + value: + list_join: + - '' + - - '[' + - {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage MGMT network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [StorageMgmtNetCidr, -2]} + - {get_param: [StorageMgmtNetCidr, -1]} diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml new file mode 100644 index 00000000..61956be2 --- /dev/null +++ b/network/ports/storage_mgmt_v6.yaml @@ -0,0 +1,63 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the storage_mgmt API network. + +parameters: + StorageMgmtNetName: + description: Name of the storage_mgmt API neutron network + default: storage_mgmt + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + FixedIPs: + description: > + Control the IP allocation for the VIP port. E.g. + [{'ip_address':'1.2.3.4'}] + default: [] + type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number + +resources: + + StorageMgmtPort: + type: OS::Neutron::Port + properties: + network: {get_param: StorageMgmtNetName} + name: {get_param: PortName} + fixed_ips: {get_param: FixedIPs} + replacement_policy: AUTO + +outputs: + ip_address: + description: storage_mgmt network IP + value: {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: storage_mgmt network IP with brackets suitable for a URI + value: + list_join: + - '' + - - '[' + - {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage_mgmt network IP + value: + list_join: + - '' + - - {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -2]} + - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -1]} diff --git a/network/ports/storage_v6.yaml b/network/ports/storage_v6.yaml new file mode 100644 index 00000000..13b62276 --- /dev/null +++ b/network/ports/storage_v6.yaml @@ -0,0 +1,63 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the storage network. + +parameters: + StorageNetName: + description: Name of the storage neutron network + default: storage + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + FixedIPs: + description: > + Control the IP allocation for the VIP port. E.g. + [{'ip_address':'1.2.3.4'}] + default: [] + type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number + +resources: + + StoragePort: + type: OS::Neutron::Port + properties: + network: {get_param: StorageNetName} + name: {get_param: PortName} + fixed_ips: {get_param: FixedIPs} + replacement_policy: AUTO + +outputs: + ip_address: + description: storage network IP + value: {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: storage network IP with brackets suitable for a URL + value: + list_join: + - '' + - - '[' + - {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage network IP + value: + list_join: + - '' + - - {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [StoragePort, subnets, 0, cidr, -2]} + - {get_attr: [StoragePort, subnets, 0, cidr, -1]} diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml index 86c58f2f..d8f78c49 100644 --- a/network/ports/tenant.yaml +++ b/network/ports/tenant.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port on the tenant network. @@ -43,13 +43,14 @@ outputs: ip_address: description: tenant network IP value: {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: tenant network IP (for compatibility with tenant_v6.yaml) + value: {get_attr: [TenantPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the tenant network IP value: list_join: - '' - - {get_attr: [TenantPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [TenantPort, subnets, 0, cidr, -2]} - - {get_attr: [TenantPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [TenantPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/tenant_from_pool.yaml b/network/ports/tenant_from_pool.yaml index 29303bb6..d5f3156e 100644 --- a/network/ports/tenant_from_pool.yaml +++ b/network/ports/tenant_from_pool.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Returns an IP from a network mapped list of IPs @@ -33,13 +33,14 @@ outputs: ip_address: description: tenant network IP value: {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: tenant network IP (for compatibility with tenant_v6.yaml) + value: {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the tenant network IP value: list_join: - '' - - {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} - '/' - - {get_param: [TenantNetCidr, -2]} - - {get_param: [TenantNetCidr, -1]} + - {str_split: ['/', {get_param: TenantNetCidr}, 1]} diff --git a/network/ports/tenant_from_pool_v6.yaml b/network/ports/tenant_from_pool_v6.yaml new file mode 100644 index 00000000..b2bcd426 --- /dev/null +++ b/network/ports/tenant_from_pool_v6.yaml @@ -0,0 +1,53 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + TenantNetName: + description: Name of the tenant network + default: tenant + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + TenantNetCidr: + default: 'fd00:fd00:fd00:5000::/64' + description: Cidr for the tenant network. + type: string + +outputs: + ip_address: + description: tenant network IP + value: {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: tenant network IP (for compatibility with tenant_v6.yaml) + value: + list_join: + - '' + - - '[' + - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the tenant network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [TenantNetCidr, -2]} + - {get_param: [TenantNetCidr, -1]} diff --git a/network/ports/tenant_v6.yaml b/network/ports/tenant_v6.yaml new file mode 100644 index 00000000..6ca37549 --- /dev/null +++ b/network/ports/tenant_v6.yaml @@ -0,0 +1,63 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the tenant network. + +parameters: + TenantNetName: + description: Name of the tenant neutron network + default: tenant + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + FixedIPs: + description: > + Control the IP allocation for the VIP port. E.g. + [{'ip_address':'1.2.3.4'}] + default: [] + type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number + +resources: + + TenantPort: + type: OS::Neutron::Port + properties: + network: {get_param: TenantNetName} + name: {get_param: PortName} + fixed_ips: {get_param: FixedIPs} + replacement_policy: AUTO + +outputs: + ip_address: + description: tenant network IP + value: {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: tenant network IP with brackets suitable for a URL + value: + list_join: + - '' + - - '[' + - {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the tenant network IP + value: + list_join: + - '' + - - {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [TenantPort, subnets, 0, cidr, -2]} + - {get_attr: [TenantPort, subnets, 0, cidr, -1]} diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml index 9bb6cde2..38322907 100644 --- a/network/ports/vip.yaml +++ b/network/ports/vip.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2015-10-15 description: > Creates a port for a VIP on the isolated network NetworkName. @@ -45,13 +45,14 @@ outputs: ip_address: description: Virtual IP network IP value: {get_attr: [VipPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: Virtual IP network IP (for compatibility with vip.yaml) + value: {get_attr: [VipPort, fixed_ips, 0, ip_address]} ip_subnet: - # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) description: IP/Subnet CIDR for the network associated with this IP value: list_join: - '' - - {get_attr: [VipPort, fixed_ips, 0, ip_address]} - '/' - - {get_attr: [VipPort, subnets, 0, cidr, -2]} - - {get_attr: [VipPort, subnets, 0, cidr, -1]} + - {str_split: ['/', {get_attr: [VipPort, subnets, 0, cidr]}, 1]} diff --git a/network/ports/vip_v6.yaml b/network/ports/vip_v6.yaml new file mode 100644 index 00000000..de927094 --- /dev/null +++ b/network/ports/vip_v6.yaml @@ -0,0 +1,65 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port for a VIP on the isolated network NetworkName. + The IP address will be chosen automatically if FixedIPs is empty. + +parameters: + ServiceName: # Here for compatibility with from_service.yaml + description: Name of the service to lookup + default: '' + type: string + NetworkName: + description: Name of the network where the VIP will be created + default: internal_api + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + ControlPlaneNetwork: + description: The name of the undercloud Neutron control plane + default: ctlplane + type: string + FixedIPs: + description: > + Control the IP allocation for the VIP port. E.g. + [{'ip_address':'1.2.3.4'}] + default: [] + type: json + +resources: + VipPort: + type: OS::Neutron::Port + properties: + network: {get_param: NetworkName} + name: {get_param: PortName} + fixed_ips: {get_param: FixedIPs} + replacement_policy: AUTO + +outputs: + ip_address: + description: Virtual IP network IP + value: {get_attr: [VipPort, fixed_ips, 0, ip_address]} + ip_address_uri: + description: Virtual IP with brackets suitable for a URL + value: + list_join: + - '' + - - '[' + - {get_attr: [VipPort, fixed_ips, 0, ip_address]} + - ']' + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the network associated with this IP + value: + list_join: + - '' + - - {get_attr: [VipPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [VipPort, subnets, 0, cidr, -2]} + - {get_attr: [VipPort, subnets, 0, cidr, -1]} diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml new file mode 100644 index 00000000..f05644ef --- /dev/null +++ b/network/storage_mgmt_v6.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +description: > + Storage management network. Storage replication, etc. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + StorageMgmtNetCidr: + # OpenStack uses the EUI-64 address format, which requires a /64 prefix + default: 'fd00:fd00:fd00:4000::/64' + description: Cidr for the storage management network. + type: string + StorageMgmtNetValueSpecs: + default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'} + description: Value specs for the storage_mgmt network. + type: json + StorageMgmtNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + StorageMgmtNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + StorageMgmtNetName: + default: storage_mgmt + description: The name of the Storage management network. + type: string + StorageMgmtSubnetName: + default: storage_mgmt_subnet + description: The name of the Storage management subnet in Neutron. + type: string + StorageMgmtAllocationPools: + default: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}] + description: Ip allocation pool range for the storage mgmt network. + type: json + IPv6AddressMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 address mode + type: string + IPv6RAMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 router advertisement mode + type: string + +resources: + StorageMgmtNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: StorageMgmtNetAdminStateUp} + name: {get_param: StorageMgmtNetName} + shared: {get_param: StorageMgmtNetShared} + value_specs: {get_param: StorageMgmtNetValueSpecs} + + StorageMgmtSubnet: + type: OS::Neutron::Subnet + properties: + ip_version: 6 + ipv6_address_mode: {get_param: IPv6AddressMode} + ipv6_ra_mode: {get_param: IPv6RAMode} + cidr: {get_param: StorageMgmtNetCidr} + name: {get_param: StorageMgmtSubnetName} + network: {get_resource: StorageMgmtNetwork} + allocation_pools: {get_param: StorageMgmtAllocationPools} + +outputs: + OS::stack_id: + description: Neutron storage management network + value: {get_resource: StorageMgmtNetwork} diff --git a/network/storage_v6.yaml b/network/storage_v6.yaml new file mode 100644 index 00000000..36a6fae8 --- /dev/null +++ b/network/storage_v6.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +description: > + Storage network. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + StorageNetCidr: + # OpenStack uses the EUI-64 address format, which requires a /64 prefix + default: 'fd00:fd00:fd00:3000::/64' + description: Cidr for the storage network. + type: string + StorageNetValueSpecs: + default: {'provider:physical_network': 'storage', 'provider:network_type': 'flat'} + description: Value specs for the storage network. + type: json + StorageNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + StorageNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + StorageNetName: + default: storage + description: The name of the storage network. + type: string + StorageSubnetName: + default: storage_subnet + description: The name of the storage subnet in Neutron. + type: string + StorageAllocationPools: + default: [{'start': 'fd00:fd00:fd00:3000::10', 'end': 'fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe'}] + description: Ip allocation pool range for the storage network. + type: json + IPv6AddressMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 address mode + type: string + IPv6RAMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 router advertisement mode + type: string + +resources: + StorageNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: StorageNetAdminStateUp} + name: {get_param: StorageNetName} + shared: {get_param: StorageNetShared} + value_specs: {get_param: StorageNetValueSpecs} + + StorageSubnet: + type: OS::Neutron::Subnet + properties: + ip_version: 6 + ipv6_address_mode: {get_param: IPv6AddressMode} + ipv6_ra_mode: {get_param: IPv6RAMode} + cidr: {get_param: StorageNetCidr} + name: {get_param: StorageSubnetName} + network: {get_resource: StorageNetwork} + allocation_pools: {get_param: StorageAllocationPools} + +outputs: + OS::stack_id: + description: Neutron storage network + value: {get_resource: StorageNetwork} diff --git a/network/tenant_v6.yaml b/network/tenant_v6.yaml new file mode 100644 index 00000000..b653eaf7 --- /dev/null +++ b/network/tenant_v6.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +description: > + Tenant IPv6 network. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + TenantNetCidr: + # OpenStack uses the EUI-64 address format, which requires a /64 prefix + default: 'fd00:fd00:fd00:5000::/64' + description: Cidr for the tenant network. + type: string + TenantNetValueSpecs: + default: {'provider:physical_network': 'tenant', 'provider:network_type': 'flat'} + description: Value specs for the tenant network. + type: json + TenantNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + TenantNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + TenantNetName: + default: tenant + description: The name of the tenant network. + type: string + TenantSubnetName: + default: tenant_subnet + description: The name of the tenant subnet in Neutron. + type: string + TenantAllocationPools: + default: [{'start': 'fd00:fd00:fd00:5000::10', 'end': 'fd00:fd00:fd00:5000:ffff:ffff:ffff:fffe'}] + description: Ip allocation pool range for the tenant network. + type: json + IPv6AddressMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 address mode + type: string + IPv6RAMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 router advertisement mode + type: string + +resources: + TenantNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: TenantNetAdminStateUp} + name: {get_param: TenantNetName} + shared: {get_param: TenantNetShared} + value_specs: {get_param: TenantNetValueSpecs} + + TenantSubnet: + type: OS::Neutron::Subnet + properties: + ip_version: 6 + ipv6_address_mode: {get_param: IPv6AddressMode} + ipv6_ra_mode: {get_param: IPv6RAMode} + cidr: {get_param: TenantNetCidr} + name: {get_param: TenantSubnetName} + network: {get_resource: TenantNetwork} + allocation_pools: {get_param: TenantAllocationPools} + +outputs: + OS::stack_id: + description: Neutron tenant network + value: {get_resource: TenantNetwork} diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 888a3c89..54074d12 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -23,6 +23,7 @@ resource_registry: OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml # Tasks (for internal TripleO usage) + OS::TripleO::Tasks::UpdateWorkflow: extraconfig/tasks/noop.yaml OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml OS::TripleO::Tasks::ControllerPrePuppet: extraconfig/tasks/noop.yaml OS::TripleO::Tasks::ControllerPostPuppet: extraconfig/tasks/noop.yaml @@ -116,7 +117,6 @@ resource_registry: OS::TripleO::BlockStorage::Ports::ManagementPort: network/ports/noop.yaml # Service Endpoint Mappings - OS::TripleO::Endpoint: network/endpoints/endpoint.yaml OS::TripleO::EndpointMap: network/endpoints/endpoint_map.yaml # validation resources @@ -124,3 +124,4 @@ resource_registry: parameter_defaults: EnablePackageInstall: false + SoftwareConfigTransport: POLL_TEMP_URL diff --git a/overcloud.yaml b/overcloud.yaml index fe82bfd5..106bce95 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -65,13 +65,17 @@ parameters: description: Whether to enable or not the Rbd backend for Cinder type: boolean CloudName: - default: '' + default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string ControlFixedIPs: default: [] description: Should be used for arbitrary ips. type: json + CorosyncIPv6: + default: false + description: Enable IPv6 in Corosync + type: boolean Debug: default: '' description: Set to True to enable debugging on all services. @@ -88,6 +92,12 @@ parameters: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. type: string + InternalApiVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the InternalApiVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json KeyName: default: default description: Name of an existing Nova key pair to enable SSH access to the instances @@ -168,6 +178,15 @@ parameters: description: Shared secret to prevent spoofing type: string hidden: true + NeutronTenantMtu: + description: > + The default MTU for tenant networks. For VXLAN/GRE tunneling, this should + be at least 50 bytes smaller than the MTU on the physical network. This + value will be used to set the MTU on the virtual Ethernet device. + This value will be used to construct the NeutronDnsmasqOptions, since that + will determine the MTU that is assigned to the VM host through DHCP. + default: "1400" + type: string NeutronTunnelTypes: default: 'vxlan' description: | @@ -177,13 +196,13 @@ parameters: description: | Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronVniRanges: description: | Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronCorePlugin: default: 'ml2' @@ -192,7 +211,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -207,6 +226,16 @@ parameters: description: | The mechanism drivers for the Neutron tenant network. type: comma_delimited_list + NeutronPluginExtensions: + default: "qos,port_security" + description: | + Comma-separated list of extensions enabled for the Neutron plugin. + type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. + type: comma_delimited_list NeutronAllowL3AgentFailover: default: 'False' description: Allow automatic l3-agent failover @@ -219,6 +248,10 @@ parameters: type: number default: 1 description: The number of neutron dhcp agents to schedule per network + NovaIPv6: + default: false + description: Enable IPv6 features in Nova + type: boolean NovaPassword: description: The password for the nova service account, used by nova-api. type: string @@ -231,6 +264,10 @@ parameters: default: false description: Should MongoDb journaling be disabled type: boolean + MongoDbIPv6: + default: false + description: Enable IPv6 if MongoDB VIP is IPv6 + type: boolean PublicVirtualFixedIPs: default: [] description: > @@ -274,6 +311,22 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + StorageVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the StorageVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + StorageMgmtVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on nodes. + type: string CloudDomain: default: 'localdomain' type: string @@ -293,7 +346,7 @@ parameters: type: string hidden: true CinderLVMLoopDeviceSize: - default: 5000 + default: 10280 description: The size of the loopback file used by the cinder LVM driver. type: number CinderNfsMountOptions: @@ -313,7 +366,7 @@ parameters: type: string hidden: true CinderISCSIHelper: - default: tgtadm + default: lioadm description: The iSCSI helper to use with cinder. type: string ControllerCount: @@ -329,11 +382,12 @@ parameters: type: json controllerImage: type: string - default: overcloud-control + default: overcloud-full constraints: - custom_constraint: glance.image OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -483,8 +537,11 @@ parameters: type: number default: 4096 NeutronDnsmasqOptions: - default: 'dhcp-option-force=26,1400' - description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead. + default: 'dhcp-option-force=26,%MTU%' + description: > + Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU + to be set to the value of NeutronTenantMtu, which should be set to account + for tunnel overhead. type: string NeutronPublicInterfaceDefaultRoute: default: '' @@ -528,6 +585,10 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. + SaharaPassword: + description: The password for the sahara service account. + type: string + hidden: true # Compute-specific params CeilometerComputeAgent: @@ -551,7 +612,7 @@ parameters: description: What interface to add to the HypervisorNeutronPhysicalBridge. type: string NeutronNetworkVLANRanges: - default: 'datacentre' + default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any @@ -567,7 +628,7 @@ parameters: structure as ExtraConfig. type: json NovaComputeLibvirtType: - default: '' + default: kvm type: string NovaComputeLibvirtVifDriver: default: '' @@ -583,7 +644,7 @@ parameters: type: boolean NovaImage: type: string - default: overcloud-compute + default: overcloud-full constraints: - custom_constraint: glance.image NovaOVSBridge: @@ -596,6 +657,7 @@ parameters: type: string OvercloudComputeFlavor: description: Use this flavor + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -617,6 +679,7 @@ parameters: NovaVncProxyNetwork: internal_api SwiftMgmtNetwork: storage_mgmt SwiftProxyNetwork: storage + SaharaApiNetwork: internal_api HorizonNetwork: internal_api MemcachedNetwork: internal_api RabbitMqNetwork: internal_api @@ -638,10 +701,11 @@ parameters: type: number default: 0 BlockStorageImage: - default: overcloud-cinder-volume + default: overcloud-full type: string OvercloudBlockStorageFlavor: description: Flavor for block storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -663,11 +727,12 @@ parameters: default: 0 OvercloudSwiftStorageFlavor: description: Flavor for Swift storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor SwiftStorageImage: - default: overcloud-swift-storage + default: overcloud-full type: string ObjectStorageExtraConfig: default: {} @@ -685,7 +750,7 @@ parameters: type: number default: 0 CephStorageImage: - default: overcloud-ceph-storage + default: overcloud-full type: string OvercloudCephStorageFlavor: default: baremetal @@ -798,18 +863,19 @@ resources: type: OS::TripleO::EndpointMap properties: CloudName: {get_param: CloudName} - CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} + CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + CinderApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + MysqlVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + NovaApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} + SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + PublicVirtualIP: {get_attr: [VipMap, net_ip_uri_map, external]} Controller: type: OS::Heat::ResourceGroup @@ -833,10 +899,10 @@ resources: CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} - CloudName: {get_param: CloudName} CloudDomain: {get_param: CloudDomain} ControlVirtualInterface: {get_param: ControlVirtualInterface} ControllerExtraConfig: {get_param: controllerExtraConfig} + CorosyncIPv6: {get_param: CorosyncIPv6} Debug: {get_param: Debug} EnableFencing: {get_param: EnableFencing} ManageFirewall: {get_param: ManageFirewall} @@ -875,6 +941,7 @@ resources: NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP} NeutronFlatNetworks: {get_param: NeutronFlatNetworks} NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronTenantMtu: {get_param: NeutronTenantMtu} NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge} NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata} NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} @@ -884,7 +951,11 @@ resources: NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute} NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} NeutronPassword: {get_param: NeutronPassword} - NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions} + NeutronDnsmasqOptions: + str_replace: + template: {get_param: NeutronDnsmasqOptions} + params: + '%MTU%': {get_param: NeutronTenantMtu} NeutronDVR: {get_param: NeutronDVR} NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NeutronAgentMode: {get_param: NeutronAgentMode} @@ -892,14 +963,18 @@ resources: NeutronServicePlugins: {get_param: NeutronServicePlugins} NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} + NeutronPluginExtensions: {get_param: NeutronPluginExtensions} + NeutronAgentExtensions: {get_param: NeutronAgentExtensions} NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork} NeutronNetworkType: {get_param: NeutronNetworkType} NeutronTunnelTypes: {get_param: NeutronTunnelTypes} + NovaIPv6: {get_param: NovaIPv6} NovaPassword: {get_param: NovaPassword} NtpServer: {get_param: NtpServer} MongoDbNoJournal: {get_param: MongoDbNoJournal} + MongoDbIPv6: {get_param: MongoDbIPv6} PcsdPassword: {get_resource: PcsdPassword} PublicVirtualInterface: {get_param: PublicVirtualInterface} RabbitPassword: {get_param: RabbitPassword} @@ -908,15 +983,18 @@ resources: RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} RabbitFDLimit: {get_param: RabbitFDLimit} + SaharaPassword: {get_param: SaharaPassword} SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} + RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} SwiftHashSuffix: {get_param: SwiftHashSuffix} SwiftMountCheck: {get_param: SwiftMountCheck} SwiftMinPartHours: {get_param: SwiftMinPartHours} SwiftPartPower: {get_param: SwiftPartPower} SwiftPassword: {get_param: SwiftPassword} SwiftReplicas: { get_param: SwiftReplicas} + TimeZone: {get_param: TimeZone} VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now. PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} ServiceNetMap: {get_param: ServiceNetMap} @@ -924,15 +1002,18 @@ resources: CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + HeatApiVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + MysqlVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -968,6 +1049,7 @@ resources: KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronTenantMtu: {get_param: NeutronTenantMtu} NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop} NeutronFlatNetworks: {get_param: NeutronFlatNetworks} @@ -986,6 +1068,7 @@ resources: NeutronServicePlugins: {get_param: NeutronServicePlugins} NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} + NeutronAgentExtensions: {get_param: NeutronAgentExtensions} # L3 HA and Failover is not relevant for Computes, should be removed NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} @@ -1008,6 +1091,7 @@ resources: SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} ServiceNetMap: {get_param: ServiceNetMap} + TimeZone: {get_param: TimeZone} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: @@ -1043,6 +1127,7 @@ resources: RabbitUserName: {get_param: RabbitUserName} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} + TimeZone: {get_param: TimeZone} NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: @@ -1052,7 +1137,7 @@ resources: '%stackname%': {get_param: 'OS::stack_name'} ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + MysqlVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} ExtraConfig: {get_param: ExtraConfig} BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} CloudDomain: {get_param: CloudDomain} @@ -1076,6 +1161,7 @@ resources: PartPower: {get_param: SwiftPartPower} Image: {get_param: SwiftStorageImage} Replicas: { get_param: SwiftReplicas} + TimeZone: {get_param: TimeZone} NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_param: ServiceNetMap} @@ -1104,6 +1190,7 @@ resources: Flavor: {get_param: OvercloudCephStorageFlavor} NtpServer: {get_param: NtpServer} ServiceNetMap: {get_param: ServiceNetMap} + TimeZone: {get_param: TimeZone} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -1154,6 +1241,7 @@ resources: neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -1212,6 +1300,7 @@ resources: properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: internal_api_virtual_ip + FixedIPs: {get_param: InternalApiVirtualFixedIPs} StorageVirtualIP: depends_on: Networks @@ -1219,6 +1308,7 @@ resources: properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: storage_virtual_ip + FixedIPs: {get_param: StorageVirtualFixedIPs} StorageMgmtVirtualIP: depends_on: Networks @@ -1226,15 +1316,20 @@ resources: properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: storage_management_virtual_ip + FixedIPs: {get_param: StorageMgmtVirtualFixedIPs} VipMap: type: OS::TripleO::Network::Ports::NetVipMap properties: ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} + ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]} StorageIp: {get_attr: [StorageVirtualIP, ip_address]} + StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} # No tenant or management VIP required VipConfig: @@ -1243,6 +1338,7 @@ resources: VipDeployment: type: OS::Heat::StructuredDeployments properties: + name: VipDeployment config: {get_resource: VipConfig} servers: {get_attr: [Controller, attributes, nova_server_resource]} input_values: @@ -1266,6 +1362,7 @@ resources: control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]} public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} + sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} @@ -1278,18 +1375,21 @@ resources: ControllerBootstrapNodeDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerBootstrapNodeDeployment config: {get_attr: [ControllerBootstrapNodeConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} ControllerSwiftDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerSwiftDeployment config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} ObjectStorageSwiftDeployment: type: OS::Heat::StructuredDeployments properties: + name: ObjectStorageSwiftDeployment config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} @@ -1303,18 +1403,21 @@ resources: ComputeCephDeployment: type: OS::Heat::StructuredDeployments properties: + name: ComputeCephDeployment config: {get_attr: [CephClusterConfig, config_id]} servers: {get_attr: [Compute, attributes, nova_server_resource]} ControllerCephDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerCephDeployment config: {get_attr: [CephClusterConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} CephStorageCephDeployment: type: OS::Heat::StructuredDeployments properties: + name: CephStorageCephDeployment config: {get_attr: [CephClusterConfig, config_id]} servers: {get_attr: [CephStorage, attributes, nova_server_resource]} @@ -1349,36 +1452,42 @@ resources: ControllerClusterDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerClusterDeployment config: {get_resource: ControllerClusterConfig} servers: {get_attr: [Controller, attributes, nova_server_resource]} ControllerAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} ComputeAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: ComputeAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [Compute, attributes, nova_server_resource]} BlockStorageAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: BlockStorageAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} ObjectStorageAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: ObjectStorageAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} CephStorageAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: CephStorageAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [CephStorage, attributes, nova_server_resource]} @@ -1399,6 +1508,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerAllNodesDeployment properties: + name: ControllerAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [Controller, attributes, nova_server_resource]} @@ -1406,6 +1516,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ComputeAllNodesDeployment properties: + name: ComputeAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [Compute, attributes, nova_server_resource]} @@ -1413,6 +1524,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: BlockStorageAllNodesDeployment properties: + name: BlockStorageAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} @@ -1420,6 +1532,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ObjectStorageAllNodesDeployment properties: + name: ObjectStorageAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} @@ -1427,13 +1540,33 @@ resources: type: OS::Heat::StructuredDeployments depends_on: CephStorageAllNodesDeployment properties: + name: CephStorageAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + UpdateWorkflow: + type: OS::TripleO::Tasks::UpdateWorkflow + properties: + controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} + compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} + blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + input_values: + deploy_identifier: {get_param: DeployIdentifier} + update_identifier: {get_param: UpdateIdentifier} + # Optional ExtraConfig for all nodes - all roles are passed in here, but # the nested template may configure each role differently (or not at all) AllNodesExtraConfig: type: OS::TripleO::AllNodesExtraConfig + depends_on: + - UpdateWorkflow + - ComputeAllNodesValidationDeployment + - BlockStorageAllNodesValidationDeployment + - ObjectStorageAllNodesValidationDeployment + - CephStorageAllNodesValidationDeployment + - ControllerAllNodesValidationDeployment properties: controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} @@ -1523,6 +1656,9 @@ outputs: NovaInternalVip: description: VIP for Nova API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SaharaInternalVip: + description: VIP for Sahara API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} SwiftInternalVip: description: VIP for Swift Proxy internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 9dd43680..2f2a1e9d 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -50,6 +50,8 @@ parameters: type: comma_delimited_list keystone_admin_api_node_ips: type: comma_delimited_list + sahara_api_node_ips: + type: comma_delimited_list DeployIdentifier: type: string @@ -67,8 +69,8 @@ resources: allNodesConfigImpl: type: OS::Heat::StructuredConfig properties: + group: os-apply-config config: - completion-signal: {get_input: deploy_signal_id} hosts: list_join: - "\n" @@ -137,6 +139,14 @@ resources: list_join: - "','" - {get_param: memcache_node_ips} + memcache_node_ips_v6: + str_replace: + template: "['inet6:[SERVERS_LIST]']" + params: + SERVERS_LIST: + list_join: + - "]','inet6:[" + - {get_param: memcache_node_ips} mysql_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -225,6 +235,15 @@ resources: list_join: - "','" - {get_param: neutron_api_node_ips} + # TODO: pass a `midonet_api_node_ips` var + midonet_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: neutron_api_node_ips} keystone_public_api_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -241,15 +260,25 @@ resources: list_join: - "','" - {get_param: keystone_admin_api_node_ips} + sahara_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: sahara_api_node_ips} # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string ceilometer::rabbit_hosts: *rabbit_nodes_array cinder::rabbit_hosts: *rabbit_nodes_array + glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array heat::rabbit_hosts: *rabbit_nodes_array neutron::rabbit_hosts: *rabbit_nodes_array nova::rabbit_hosts: *rabbit_nodes_array keystone::rabbit_hosts: *rabbit_nodes_array + sahara::rabbit_hosts: *rabbit_nodes_array deploy_identifier: {get_param: DeployIdentifier} update_identifier: {get_param: UpdateIdentifier} diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index 0f7dd36f..e90710c7 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -14,8 +14,19 @@ parameters: type: json description: Value which changes if the node configuration may need to be re-applied - resources: + + CephStorageArtifactsConfig: + type: deploy-artifacts.yaml + + CephStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: CephStorageArtifactsConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + CephStoragePuppetConfig: type: OS::Heat::SoftwareConfig properties: @@ -29,7 +40,9 @@ resources: CephStorageDeployment_Step1: type: OS::Heat::StructuredDeployments + depends_on: CephStorageArtifactsDeploy properties: + name: CephStorageDeployment_Step1 servers: {get_param: servers} config: {get_resource: CephStoragePuppetConfig} input_values: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index ede1263b..88120b9c 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -34,6 +34,10 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on Ceph nodes. + type: string UpdateIdentifier: default: '' type: string @@ -43,6 +47,10 @@ parameters: Hostname: type: string default: '' # Defaults to Heat created hostname + HostnameMap: + type: json + default: {} + description: Optional mapping to override hostnames ExtraConfig: default: {} description: | @@ -95,7 +103,10 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} - name: {get_param: Hostname} + name: + str_replace: + template: {get_param: Hostname} + params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -166,11 +177,17 @@ resources: properties: ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} + ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} TenantIp: {get_attr: [TenantPort, ip_address]} + TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} ManagementIp: {get_attr: [ManagementPort, ip_address]} + ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} NetIpSubnetMap: type: OS::TripleO::Network::Ports::NetIpSubnetMap @@ -186,6 +203,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: CephStorage} actions: {get_param: NetworkDeploymentActions} @@ -194,10 +212,12 @@ resources: type: OS::Heat::StructuredDeployment depends_on: NetworkDeployment properties: + name: CephStorageDeployment config: {get_resource: CephStorageConfig} server: {get_resource: CephStorage} input_values: ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} @@ -229,6 +249,7 @@ resources: raw_data: {get_file: hieradata/ceph.yaml} mapped_data: ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} @@ -272,11 +293,54 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST.DOMAIN HOST" + template: | + PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST + EXTERNALIP EXTERNALHOST + INTERNAL_APIIP INTERNAL_APIHOST + STORAGEIP STORAGEHOST + STORAGE_MGMTIP STORAGE_MGMTHOST + TENANTIP TENANTHOST + MANAGEMENTIP MANAGEMENTHOST params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - HOST: {get_attr: [CephStorage, name]} + PRIMARYHOST: {get_attr: [CephStorage, name]} + EXTERNALIP: {get_attr: [ExternalPort, ip_address]} + EXTERNALHOST: + list_join: + - '-' + - - {get_attr: [CephStorage, name]} + - external + INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} + INTERNAL_APIHOST: + list_join: + - '-' + - - {get_attr: [CephStorage, name]} + - internalapi + STORAGEIP: {get_attr: [StoragePort, ip_address]} + STORAGEHOST: + list_join: + - '-' + - - {get_attr: [CephStorage, name]} + - storage + STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} + STORAGE_MGMTHOST: + list_join: + - '-' + - - {get_attr: [CephStorage, name]} + - storagemgmt + TENANTIP: {get_attr: [TenantPort, ip_address]} + TENANTHOST: + list_join: + - '-' + - - {get_attr: [CephStorage, name]} + - tenant + MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} + MANAGEMENTHOST: + list_join: + - '-' + - - {get_attr: [CephStorage, name]} + - management nova_server_resource: description: Heat resource handle for the ceph storage server value: diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index c97cfcf9..f470203f 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -14,8 +14,20 @@ parameters: resources: + VolumeArtifactsConfig: + type: deploy-artifacts.yaml + + VolumeArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: VolumeArtifactsConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + VolumePuppetConfig: type: OS::Heat::SoftwareConfig + depends_on: VolumeArtifactsDeploy properties: group: puppet options: @@ -28,5 +40,14 @@ resources: VolumeDeployment_Step1: type: OS::Heat::StructuredDeployments properties: + name: VolumeDeployment_Step1 servers: {get_param: servers} config: {get_resource: VolumePuppetConfig} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + depends_on: VolumeDeployment_Step1 + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 9fdd0123..0c22b575 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -9,11 +9,11 @@ parameters: description: Whether to enable or not the Iscsi backend for Cinder type: boolean CinderISCSIHelper: - default: tgtadm + default: lioadm description: The iSCSI helper to use with cinder. type: string CinderLVMLoopDeviceSize: - default: 5000 + default: 10280 description: The size of the loopback file used by the cinder LVM driver. type: number CinderPassword: @@ -89,6 +89,10 @@ parameters: Hostname: type: string default: '' # Defaults to Heat created hostname + HostnameMap: + type: json + default: {} + description: Optional mapping to override hostnames ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -99,10 +103,14 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on Cinder nodes. + type: string GlanceApiVirtualIP: type: string default: '' - MysqlVirtualIP: + MysqlVirtualIPUri: type: string default: '' NetworkDeploymentActions: @@ -147,7 +155,10 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} - name: {get_param: Hostname} + name: + str_replace: + template: {get_param: Hostname} + params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -218,15 +229,22 @@ resources: properties: ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} + ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} TenantIp: {get_attr: [TenantPort, ip_address]} + TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} ManagementIp: {get_attr: [ManagementPort, ip_address]} + ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: BlockStorage} actions: {get_param: NetworkDeploymentActions} @@ -235,11 +253,12 @@ resources: type: OS::Heat::StructuredDeployment depends_on: NetworkDeployment properties: + name: BlockStorageDeployment server: {get_resource: BlockStorage} config: {get_resource: BlockStorageConfig} input_values: debug: {get_param: Debug} - cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: MysqlVirtualIP} , '/cinder']]} + cinder_dsn: {list_join: ['', ['mysql+pymysql://cinder:', {get_param: CinderPassword}, '@', {get_param: MysqlVirtualIPUri} , '/cinder']]} snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} cinder_lvm_loop_device_size: @@ -256,6 +275,7 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -298,6 +318,7 @@ resources: cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} cinder::glance::glance_api_servers: {get_input: glance_api_servers} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} @@ -324,6 +345,7 @@ resources: UpdateDeployment: type: OS::Heat::SoftwareDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: BlockStorage} input_values: @@ -334,11 +356,54 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST.DOMAIN HOST" + template: | + PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST + EXTERNALIP EXTERNALHOST + INTERNAL_APIIP INTERNAL_APIHOST + STORAGEIP STORAGEHOST + STORAGE_MGMTIP STORAGE_MGMTHOST + TENANTIP TENANTHOST + MANAGEMENTIP MANAGEMENTHOST params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - HOST: {get_attr: [BlockStorage, name]} + PRIMARYHOST: {get_attr: [BlockStorage, name]} + EXTERNALIP: {get_attr: [ExternalPort, ip_address]} + EXTERNALHOST: + list_join: + - '-' + - - {get_attr: [BlockStorage, name]} + - external + INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} + INTERNAL_APIHOST: + list_join: + - '-' + - - {get_attr: [BlockStorage, name]} + - internalapi + STORAGEIP: {get_attr: [StoragePort, ip_address]} + STORAGEHOST: + list_join: + - '-' + - - {get_attr: [BlockStorage, name]} + - storage + STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} + STORAGE_MGMTHOST: + list_join: + - '-' + - - {get_attr: [BlockStorage, name]} + - storagemgmt + TENANTIP: {get_attr: [TenantPort, ip_address]} + TENANTHOST: + list_join: + - '-' + - - {get_attr: [BlockStorage, name]} + - tenant + MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} + MANAGEMENTHOST: + list_join: + - '-' + - - {get_attr: [BlockStorage, name]} + - management nova_server_resource: description: Heat resource handle for the block storage server value: diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index b63b06b4..a122df0e 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -17,6 +17,17 @@ parameters: resources: + ComputeArtifactsConfig: + type: deploy-artifacts.yaml + + ComputeArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: ComputeArtifactsConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + ComputePuppetConfig: type: OS::Heat::SoftwareConfig properties: @@ -30,7 +41,9 @@ resources: ComputePuppetDeployment: type: OS::Heat::StructuredDeployments + depends_on: ComputeArtifactsDeploy properties: + name: ComputePuppetDeployment servers: {get_param: servers} config: {get_resource: ComputePuppetConfig} input_values: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 0d3e0754..58ca71e7 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -100,7 +100,7 @@ parameters: description: The tenant network type for Neutron. default: 'vxlan' NeutronNetworkVLANRanges: - default: 'datacentre' + default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any @@ -118,6 +118,15 @@ parameters: default: nic1 description: A port to add to the NeutronPhysicalBridge. type: string + NeutronTenantMtu: + description: > + The default MTU for tenant networks. For VXLAN/GRE tunneling, this should + be at least 50 bytes smaller than the MTU on the physical network. This + value will be used to set the MTU on the virtual Ethernet device. + This number is related to the value of NeutronDnsmasqOptions, since that + will determine the MTU that is assigned to the VM host through DHCP. + default: 1400 + type: number NeutronTunnelTypes: type: comma_delimited_list description: | @@ -127,13 +136,13 @@ parameters: description: | Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronVniRanges: description: | Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronPublicInterfaceRawDevice: default: '' @@ -152,7 +161,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -167,6 +176,11 @@ parameters: description: | The mechanism drivers for the Neutron tenant network. type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. + type: comma_delimited_list # Not relevant for Computes, should be removed NeutronAllowL3AgentFailover: default: 'True' @@ -195,7 +209,7 @@ parameters: type: json NovaComputeLibvirtType: type: string - default: '' + default: kvm NovaComputeLibvirtVifDriver: default: '' description: Libvirt VIF driver configuration for the network @@ -253,6 +267,10 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + UpgradeLevelNovaCompute: + type: string + description: Nova Compute upgrade level + default: '' EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -267,6 +285,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on compute nodes. + type: string UpdateIdentifier: default: '' type: string @@ -276,6 +298,10 @@ parameters: Hostname: type: string default: '' # Defaults to Heat created hostname + HostnameMap: + type: json + default: {} + description: Optional mapping to override hostnames NetworkDeploymentActions: type: comma_delimited_list description: > @@ -320,7 +346,10 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} - name: {get_param: Hostname} + name: + str_replace: + template: {get_param: Hostname} + params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -380,11 +409,17 @@ resources: properties: ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} + ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} TenantIp: {get_attr: [TenantPort, ip_address]} + TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} ManagementIp: {get_attr: [ManagementPort, ip_address]} + ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig @@ -400,6 +435,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: NovaCompute} actions: {get_param: NetworkDeploymentActions} @@ -424,9 +460,11 @@ resources: - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - common + - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - nova_nuage_data # Optionally provided by ComputeExtraConfigPre - midonet_data # Optionally provided by AllNodesExtraConfig + - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre datafiles: compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} @@ -445,6 +483,7 @@ resources: nova::rabbit_password: {get_input: rabbit_password} nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} nova::rabbit_port: {get_input: rabbit_client_port} + nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova_compute_driver: {get_input: nova_compute_driver} nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type} nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver} @@ -453,7 +492,11 @@ resources: nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend} rbd_persistent_storage: {get_input: cinder_enable_rbd_backend} nova_password: {get_input: nova_password} + nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} + nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol} + nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host} + nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port} nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge} nova::network::neutron::security_group_api: {get_input: nova_security_group_api} ceilometer::debug: {get_input: debug} @@ -477,8 +520,10 @@ resources: neutron_host: {get_input: neutron_host} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} + neutron::network_device_mtu: {get_input: neutron_tenant_mtu} neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} - neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges} @@ -487,9 +532,9 @@ resources: neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop} neutron_physical_bridge: {get_input: neutron_physical_bridge} neutron_public_interface: {get_input: neutron_public_interface} - nova::network::neutron::neutron_admin_password: {get_input: neutron_password} + nova::network::neutron::neutron_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} + nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} neutron_router_distributed: {get_input: neutron_router_distributed} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} @@ -501,6 +546,7 @@ resources: keystone_public_api_virtual_ip: {get_input: keystone_vip} admin_password: {get_input: admin_password} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -508,6 +554,7 @@ resources: type: OS::TripleO::SoftwareDeployment depends_on: NetworkDeployment properties: + name: NovaComputeDeployment config: {get_resource: NovaComputeConfig} server: {get_resource: NovaCompute} input_values: @@ -522,8 +569,12 @@ resources: nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend} cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} + nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} + nova_vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} + nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} nova_ovs_bridge: {get_param: NovaOVSBridge} nova_security_group_api: {get_param: NovaSecurityGroupAPI} + upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_compute_agent: {get_param: CeilometerComputeAgent} @@ -568,6 +619,7 @@ resources: template: MAPPINGS params: MAPPINGS: {get_param: NeutronBridgeMappings} + neutron_tenant_mtu: {get_param: NeutronTenantMtu} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} neutron_physical_bridge: {get_param: NeutronPhysicalBridge} @@ -592,9 +644,14 @@ resources: template: MECHANISMS params: MECHANISMS: {get_param: NeutronMechanismDrivers} + neutron_agent_extensions: + str_replace: + template: AGENT_EXTENSIONS + params: + AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]} - neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]} + neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]} keystone_vip: {get_param: KeystonePublicApiVirtualIP} admin_password: {get_param: AdminPassword} rabbit_username: {get_param: RabbitUserName} @@ -602,6 +659,7 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -633,6 +691,7 @@ resources: UpdateDeployment: type: OS::Heat::SoftwareDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: NovaCompute} input_values: @@ -669,11 +728,54 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: "IP HOST.DOMAIN HOST" + template: | + PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST + EXTERNALIP EXTERNALHOST + INTERNAL_APIIP INTERNAL_APIHOST + STORAGEIP STORAGEHOST + STORAGE_MGMTIP STORAGE_MGMTHOST + TENANTIP TENANTHOST + MANAGEMENTIP MANAGEMENTHOST params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - HOST: {get_attr: [NovaCompute, name]} + PRIMARYHOST: {get_attr: [NovaCompute, name]} + EXTERNALIP: {get_attr: [ExternalPort, ip_address]} + EXTERNALHOST: + list_join: + - '-' + - - {get_attr: [NovaCompute, name]} + - external + INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} + INTERNAL_APIHOST: + list_join: + - '-' + - - {get_attr: [NovaCompute, name]} + - internalapi + STORAGEIP: {get_attr: [StoragePort, ip_address]} + STORAGEHOST: + list_join: + - '-' + - - {get_attr: [NovaCompute, name]} + - storage + STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} + STORAGE_MGMTHOST: + list_join: + - '-' + - - {get_attr: [NovaCompute, name]} + - storagemgmt + TENANTIP: {get_attr: [TenantPort, ip_address]} + TENANTHOST: + list_join: + - '-' + - - {get_attr: [NovaCompute, name]} + - tenant + MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} + MANAGEMENTHOST: + list_join: + - '-' + - - {get_attr: [NovaCompute, name]} + - management nova_server_resource: description: Heat resource handle for the Nova compute server value: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index ed8129e7..713ad706 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -17,6 +17,15 @@ parameters: resources: + ControllerArtifactsConfig: + type: deploy-artifacts.yaml + + ControllerArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: ControllerArtifactsConfig} + ControllerPrePuppet: type: OS::TripleO::Tasks::ControllerPrePuppet properties: @@ -33,8 +42,9 @@ resources: # e.g all Deployment resources should have a *Deployment_StepN suffix ControllerLoadBalancerDeployment_Step1: type: OS::Heat::StructuredDeployments - depends_on: ControllerPrePuppet + depends_on: [ControllerPrePuppet, ControllerArtifactsDeploy] properties: + name: ControllerLoadBalancerDeployment_Step1 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -46,6 +56,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerLoadBalancerDeployment_Step1 properties: + name: ControllerServicesBaseDeployment_Step2 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -71,6 +82,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerServicesBaseDeployment_Step2 properties: + name: ControllerRingbuilderDeployment_Step3 servers: {get_param: servers} config: {get_resource: ControllerRingbuilderPuppetConfig} input_values: @@ -80,6 +92,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerRingbuilderDeployment_Step3 properties: + name: ControllerOvercloudServicesDeployment_Step4 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -90,6 +103,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerOvercloudServicesDeployment_Step4 properties: + name: ControllerOvercloudServicesDeployment_Step5 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -100,6 +114,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerOvercloudServicesDeployment_Step5 properties: + name: ControllerOvercloudServicesDeployment_Step6 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 8e013400..370d6e63 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -32,6 +32,10 @@ parameters: description: The password for the ceilometer service and db account. type: string hidden: true + CeilometerStoreEvents: + default: false + description: Whether to store events in ceilometer. + type: boolean CinderApiVirtualIP: type: string default: '' @@ -39,6 +43,11 @@ parameters: default: 0 description: Number of workers for Ceilometer service. type: number + CinderEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Cinder database. + type: boolean CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -52,11 +61,11 @@ parameters: description: Whether to enable or not the Rbd backend for Cinder type: boolean CinderISCSIHelper: - default: tgtadm + default: lioadm description: The iSCSI helper to use with cinder. type: string CinderLVMLoopDeviceSize: - default: 5000 + default: 10280 description: The size of the loopback file used by the cinder LVM driver. type: number CinderNfsMountOptions: @@ -84,10 +93,6 @@ parameters: default: 0 description: Number of workers for Cinder service. type: number - CloudName: - default: '' - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - type: string ControllerExtraConfig: default: {} description: | @@ -106,6 +111,10 @@ parameters: default: 'br-ex' description: Interface where virtual ip will be assigned. type: string + CorosyncIPv6: + default: false + description: Enable IPv6 in Corosync + type: boolean Debug: default: '' description: Set to True to enable debugging on all services. @@ -244,6 +253,11 @@ parameters: default: 0 description: Number of workers for Heat service. type: number + HeatEnableDBPurge: + type: boolean + default: true + description: | + Whether to create cron job for purging soft deleted rows in the Heat database. HorizonSecret: description: Secret key for Django type: string @@ -271,6 +285,11 @@ parameters: default: '' description: Keystone self-signed certificate authority certificate. type: string + KeystoneEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Keystone database. + type: boolean KeystoneSigningCertificate: default: '' description: Keystone certificate for verifying token validity. @@ -315,6 +334,14 @@ parameters: default: 0 description: Number of workers for Keystone service. type: number + SaharaApiVirtualIP: + type: string + default: '' + SaharaPassword: + default: unset + description: The password for the sahara service account, used by sahara-api. + type: string + hidden: true MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -398,7 +425,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -442,7 +469,7 @@ parameters: description: The tenant network type for Neutron. type: comma_delimited_list NeutronNetworkVLANRanges: - default: 'datacentre' + default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any @@ -478,6 +505,15 @@ parameters: default: '' description: If set, the public interface is a vlan with this device as the raw device. type: string + NeutronTenantMtu: + description: > + The default MTU for tenant networks. For VXLAN/GRE tunneling, this should + be at least 50 bytes smaller than the MTU on the physical network. This + value will be used to set the MTU on the virtual Ethernet device. + This number is related to the value of NeutronDnsmasqOptions, since that + will determine the MTU that is assigned to the VM host through DHCP. + default: 1400 + type: number NeutronTunnelTypes: default: 'vxlan' description: | @@ -487,13 +523,23 @@ parameters: description: | Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronVniRanges: description: | Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] + type: comma_delimited_list + NeutronPluginExtensions: + default: "qos,port_security" + description: | + Comma-separated list of extensions enabled for the Neutron plugin. + type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. type: comma_delimited_list NovaApiVirtualIP: type: string @@ -507,6 +553,10 @@ parameters: description: | Whether to create cron job for purging soft deleted rows in Nova database. type: boolean + NovaIPv6: + default: false + description: Enable IPv6 features in Nova + type: boolean NovaPassword: description: The password for the nova service and db account, used by nova-api. type: string @@ -519,6 +569,10 @@ parameters: default: false description: Should MongoDb journaling be disabled type: boolean + MongoDbIPv6: + default: false + description: Enable IPv6 if Mongo DB VIP is IPv6 + type: boolean NtpServer: default: '' description: Comma-separated list of ntp servers @@ -566,6 +620,10 @@ parameters: RedisVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug + RedisVirtualIPUri: + type: string + default: '' # Has to be here because of the ignored empty value bug + description: An IP address which is wrapped in brackets in case of IPv6 SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -607,12 +665,23 @@ parameters: default: 0 description: Number of workers for Swift service. type: number + TimeZone: + default: 'UTC' + description: The timezone to be set on controller nodes. + type: string + UpgradeLevelNovaCompute: + type: string + description: Nova Compute upgrade level + default: '' VirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug HeatApiVirtualIP: type: string default: '' + HeatApiVirtualIPUri: + type: string + default: '' GlanceApiVirtualIP: type: string default: '' @@ -622,6 +691,9 @@ parameters: MysqlVirtualIP: type: string default: '' + MysqlVirtualIPUri: + type: string + default: '' KeystoneAdminApiVirtualIP: type: string default: '' @@ -654,6 +726,10 @@ parameters: Hostname: type: string default: '' # Defaults to Heat created hostname + HostnameMap: + type: json + default: {} + description: Optional mapping to override hostnames NetworkDeploymentActions: type: comma_delimited_list description: > @@ -699,7 +775,10 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} - name: {get_param: Hostname} + name: + str_replace: + template: {get_param: Hostname} + params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -762,6 +841,8 @@ resources: ManagementPort: type: OS::TripleO::Controller::Ports::ManagementPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} NetIpMap: @@ -769,11 +850,17 @@ resources: properties: ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} + ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} TenantIp: {get_attr: [TenantPort, ip_address]} + TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} ManagementIp: {get_attr: [ManagementPort, ip_address]} + ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} NetIpSubnetMap: type: OS::TripleO::Network::Ports::NetIpSubnetMap @@ -800,6 +887,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: Controller} actions: {get_param: NetworkDeploymentActions} @@ -822,10 +910,12 @@ resources: server: {get_resource: Controller} NodeIndex: {get_param: NodeIndex} + ControllerDeployment: type: OS::TripleO::SoftwareDeployment depends_on: NetworkDeployment properties: + name: ControllerDeployment config: {get_resource: ControllerConfig} server: {get_resource: Controller} input_values: @@ -846,21 +936,22 @@ resources: list_join: - '' - - 'http://' - - {get_param: HeatApiVirtualIP} + - {get_param: HeatApiVirtualIPUri} - ':8003' heat.metadata_server_url: list_join: - '' - - 'http://' - - {get_param: HeatApiVirtualIP} + - {get_param: HeatApiVirtualIPUri} - ':8000' heat.waitcondition_server_url: list_join: - '' - - 'http://' - - {get_param: HeatApiVirtualIP} + - {get_param: HeatApiVirtualIPUri} - ':8000/v1/waitcondition' heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} + heat_enable_db_purge: {get_param: HeatEnableDBPurge} horizon_allowed_hosts: {get_param: HorizonAllowedHosts} horizon_secret: {get_param: HorizonSecret} admin_email: {get_param: AdminEmail} @@ -868,6 +959,7 @@ resources: admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} debug: {get_param: Debug} + cinder_enable_db_purge: {get_param: CinderEnableDBPurge} cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} cinder_nfs_mount_options: {get_param: CinderNfsMountOptions} @@ -884,10 +976,10 @@ resources: cinder_dsn: list_join: - '' - - - 'mysql://cinder:' + - - 'mysql+pymysql://cinder:' - {get_param: CinderPassword} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/cinder' glance_port: {get_param: [EndpointMap, GlanceInternal, port]} glance_password: {get_param: GlancePassword} @@ -901,20 +993,20 @@ resources: glance_dsn: list_join: - '' - - - 'mysql://glance:' + - - 'mysql+pymysql://glance:' - {get_param: GlancePassword} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/glance' heat_password: {get_param: HeatPassword} heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} heat_dsn: list_join: - '' - - - 'mysql://heat:' + - - 'mysql+pymysql://heat:' - {get_param: HeatPassword} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/heat' keystone_ca_certificate: {get_param: KeystoneCACertificate} keystone_signing_key: {get_param: KeystoneSigningKey} @@ -923,13 +1015,14 @@ resources: keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} keystone_notification_driver: {get_param: KeystoneNotificationDriver} keystone_notification_format: {get_param: KeystoneNotificationFormat} + keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone_dsn: list_join: - '' - - - 'mysql://keystone:' + - - 'mysql+pymysql://keystone:' - {get_param: AdminToken} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/keystone' keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } @@ -1017,50 +1110,73 @@ resources: template: TYPES params: TYPES: {get_param: NeutronTunnelTypes} + neutron_plugin_extensions: + str_replace: + template: PLUGIN_EXTENSIONS + params: + PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions} + neutron_agent_extensions: + str_replace: + template: AGENT_EXTENSIONS + params: + AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_password: {get_param: NeutronPassword} + neutron_tenant_mtu: {get_param: NeutronTenantMtu} neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions} neutron_dsn: list_join: - '' - - - 'mysql://neutron:' + - - 'mysql+pymysql://neutron:' - {get_param: NeutronPassword} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/ovs_neutron?charset=utf8' neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } - neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] } + neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] } ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} + ceilometer_store_events: {get_param: CeilometerStoreEvents} ceilometer_coordination_url: list_join: - '' - - 'redis://' - - {get_param: RedisVirtualIP} + - {get_param: RedisVirtualIPUri} - ':6379' ceilometer_dsn: list_join: - '' - - - 'mysql://ceilometer:' + - - 'mysql+pymysql://ceilometer:' - {get_param: CeilometerPassword} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} nova_enable_db_purge: {get_param: NovaEnableDBPurge} + nova_ipv6: {get_param: NovaIPv6} + corosync_ipv6: {get_param: CorosyncIPv6} nova_password: {get_param: NovaPassword} nova_dsn: list_join: - '' - - - 'mysql://nova:' + - - 'mysql+pymysql://nova:' - {get_param: NovaPassword} - '@' - - {get_param: MysqlVirtualIP} + - {get_param: MysqlVirtualIPUri} - '/nova' + nova_api_dsn: + list_join: + - '' + - - 'mysql+pymysql://nova_api:' + - {get_param: NovaPassword} + - '@' + - {get_param: MysqlVirtualIPUri} + - '/nova_api' + upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} instance_name_template: {get_param: InstanceNameTemplate} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} @@ -1070,6 +1186,7 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} mongodb_no_journal: {get_param: MongoDbNoJournal} + mongodb_ipv6: {get_param: MongoDbIPv6} # We need to force this into quotes or hiera will return integer causing # the puppet module validation regexp to fail. # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401 @@ -1079,6 +1196,7 @@ resources: params: LIMIT: {get_param: RabbitFDLimit} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} @@ -1089,6 +1207,15 @@ resources: swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} + sahara_password: {get_param: SaharaPassword} + sahara_dsn: + list_join: + - '' + - - 'mysql://sahara:' + - {get_param: SaharaPassword} + - '@' + - {get_param: MysqlVirtualIPUri} + - '/sahara' swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} @@ -1111,6 +1238,7 @@ resources: rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} + sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} mysql_virtual_ip: {get_param: MysqlVirtualIP} @@ -1141,12 +1269,15 @@ resources: - vip_data # provided by vip-config - '"%{::osfamily}"' - common + - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre + - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig + - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre datafiles: controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} @@ -1173,6 +1304,7 @@ resources: enable_fencing: {get_input: enable_fencing} enable_load_balancer: {get_input: enable_load_balancer} hacluster_pwd: {get_input: pcsd_password} + corosync_ipv6: {get_input: corosync_ipv6} tripleo::fencing::config: {get_input: fencing_config} # Swift @@ -1193,6 +1325,7 @@ resources: tripleo::ringbuilder::build_ring: True # Cinder + cinder_enable_db_purge: {get_input: cinder_enable_db_purge} cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options} @@ -1244,6 +1377,9 @@ resources: glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype} glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage} glance_file_pcmk_options: {get_input: glance_file_pcmk_options} + glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username} + glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password} + glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} # Heat heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} @@ -1268,6 +1404,7 @@ resources: heat::database_connection: {get_input: heat_dsn} heat::debug: {get_input: debug} heat::db::mysql::password: {get_input: heat_password} + heat_enable_db_purge: {get_input: heat_enable_db_purge} # Keystone keystone::admin_token: {get_input: admin_token} @@ -1277,8 +1414,10 @@ resources: keystone_ssl_certificate: {get_input: keystone_ssl_certificate} keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key} keystone::database_connection: {get_input: keystone_dsn} - keystone::public_bind_host: {get_input: keystone_public_api_network} keystone::admin_bind_host: {get_input: keystone_admin_api_network} + keystone::public_bind_host: {get_input: keystone_public_api_network} + keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network} + keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network} keystone::debug: {get_input: debug} keystone::db::mysql::password: {get_input: admin_token} keystone::rabbit_userid: {get_input: rabbit_username} @@ -1295,10 +1434,12 @@ resources: keystone::endpoint::region: {get_input: keystone_region} keystone::admin_workers: {get_input: keystone_workers} keystone::public_workers: {get_input: keystone_workers} - + keystone_enable_db_purge: {get_input: keystone_enable_db_purge} + keystone::public_endpoint: {get_input: keystone_public_url} # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} mongodb::server::nojournal: {get_input: mongodb_no_journal} + mongodb::server::ipv6: {get_input: mongodb_ipv6} # MySQL admin_password: {get_input: admin_password} enable_galera: {get_input: enable_galera} @@ -1323,6 +1464,7 @@ resources: neutron::server::database_connection: {get_input: neutron_dsn} neutron::server::api_workers: {get_input: neutron_workers} neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge} + neutron::network_device_mtu: {get_input: neutron_tenant_mtu} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop} neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata} @@ -1341,19 +1483,21 @@ resources: neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent} neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers} + neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions} neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network} neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges} - neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings} + neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings} neutron_public_interface: {get_input: neutron_public_interface} neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route} neutron_public_interface_tag: {get_input: neutron_public_interface_tag} neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} neutron::server::auth_password: {get_input: neutron_password} neutron::agents::metadata::auth_password: {get_input: neutron_password} neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options} @@ -1366,8 +1510,9 @@ resources: neutron::keystone::auth::password: {get_input: neutron_password } neutron::keystone::auth::region: {get_input: keystone_region} neutron::server::notifications::nova_url: {get_input: nova_internal_url} - neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url} + neutron::server::notifications::auth_url: {get_input: neutron_auth_url} neutron::server::notifications::tenant_name: 'service' + neutron::server::notifications::project_name: 'service' neutron::server::notifications::password: {get_input: nova_password} # Ceilometer @@ -1386,6 +1531,7 @@ resources: ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri} ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url} + ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events} ceilometer::db::mysql::password: {get_input: ceilometer_password} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} @@ -1395,7 +1541,9 @@ resources: nova::rabbit_password: {get_input: rabbit_password} nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} nova::rabbit_port: {get_input: rabbit_client_port} + nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova::debug: {get_input: debug} + nova::use_ipv6: {get_input: nova_ipv6} nova::api::auth_uri: {get_input: keystone_auth_uri} nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: nova_api_network} @@ -1404,15 +1552,18 @@ resources: nova::api::osapi_compute_workers: {get_input: nova_workers} nova::api::ec2_workers: {get_input: nova_workers} nova::api::metadata_workers: {get_input: nova_workers} + nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} nova::database_connection: {get_input: nova_dsn} + nova::api_database_connection: {get_input: nova_api_dsn} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} - nova::network::neutron::neutron_admin_password: {get_input: neutron_password} + nova::network::neutron::neutron_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} + nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova::db::mysql::password: {get_input: nova_password} + nova::db::mysql_api::password: {get_input: nova_password} nova_enable_db_purge: {get_input: nova_enable_db_purge} # Horizon @@ -1423,6 +1574,29 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} + # Sahara + sahara::host: {get_input: sahara_api_network} + sahara::plugins: + - cdh + - hdp + - mapr + - vanilla + - spark + - storm + sahara::admin_password: {get_input: sahara_password} + sahara::auth_uri: {get_input: keystone_auth_uri} + sahara::admin_user: sahara + sahara::identity_uri: {get_input: keystone_identity_uri} + sahara::use_neutron: true + sahara::database_connection: {get_input: sahara_dsn} + sahara::debug: {get_input: debug} + sahara::rpc_backend: rabbit + sahara::rabbit_userid: {get_input: rabbit_username} + sahara::rabbit_password: {get_input: rabbit_password} + sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + sahara::rabbit_port: {get_input: rabbit_client_port} + sahara::db::mysql::password: {get_input: sahara_password} + # Rabbit rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} @@ -1439,6 +1613,7 @@ resources: memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} control_virtual_interface: {get_input: control_virtual_interface} public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} @@ -1469,6 +1644,7 @@ resources: UpdateDeployment: type: OS::Heat::SoftwareDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: Controller} input_values: @@ -1512,12 +1688,54 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: IP HOST.DOMAIN HOST CLOUDNAME + template: | + PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST + EXTERNALIP EXTERNALHOST + INTERNAL_APIIP INTERNAL_APIHOST + STORAGEIP STORAGEHOST + STORAGE_MGMTIP STORAGE_MGMTHOST + TENANTIP TENANTHOST + MANAGEMENTIP MANAGEMENTHOST params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - HOST: {get_attr: [Controller, name]} - CLOUDNAME: {get_param: CloudName} + PRIMARYHOST: {get_attr: [Controller, name]} + EXTERNALIP: {get_attr: [ExternalPort, ip_address]} + EXTERNALHOST: + list_join: + - '-' + - - {get_attr: [Controller, name]} + - external + INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} + INTERNAL_APIHOST: + list_join: + - '-' + - - {get_attr: [Controller, name]} + - internalapi + STORAGEIP: {get_attr: [StoragePort, ip_address]} + STORAGEHOST: + list_join: + - '-' + - - {get_attr: [Controller, name]} + - storage + STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} + STORAGE_MGMTHOST: + list_join: + - '-' + - - {get_attr: [Controller, name]} + - storagemgmt + TENANTIP: {get_attr: [TenantPort, ip_address]} + TENANTHOST: + list_join: + - '-' + - - {get_attr: [Controller, name]} + - tenant + MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} + MANAGEMENTHOST: + list_join: + - '-' + - - {get_attr: [Controller, name]} + - management nova_server_resource: description: Heat resource handle for the Nova compute server value: @@ -1528,14 +1746,14 @@ outputs: str_replace: template: 'r1z1-IP:%PORT%/d1' params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} swift_proxy_memcache: description: Swift proxy-memcache value value: str_replace: template: "IP:11211" params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} config_identifier: description: identifier which changes if the controller configuration may need re-applying value: diff --git a/puppet/deploy-artifacts.sh b/puppet/deploy-artifacts.sh new file mode 100644 index 00000000..22fde9a7 --- /dev/null +++ b/puppet/deploy-artifacts.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +TMP_DATA=$(mktemp -d) +function cleanup { + rm -Rf "$TMP_DATA" +} +trap cleanup EXIT + +if [ -n "$artifact_urls" ]; then + for URL in $(echo $artifact_urls | sed -e "s| |\n|g" | sort -u); do + curl -o $TMP_DATA/file_data "$artifact_urls" + if file -b $TMP_DATA/file_data | grep RPM &>/dev/null; then + yum install -y $TMP_DATA/file_data + elif file -b $TMP_DATA/file_data | grep 'gzip compressed data' &>/dev/null; then + pushd / + tar xvzf $TMP_DATA/file_data + popd + else + echo "ERROR: Unsupported file format." + exit 1 + fi + rm $TMP_DATA/file_data + done +else + echo "No artifact_urls was set. Skipping..." +fi diff --git a/puppet/deploy-artifacts.yaml b/puppet/deploy-artifacts.yaml new file mode 100644 index 00000000..17f84163 --- /dev/null +++ b/puppet/deploy-artifacts.yaml @@ -0,0 +1,32 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to install deployment artifacts (tarball's and/or + distribution packages) via HTTP URLs. The contents of the URL's can + be tarballs or distribution packages (RPMs). If a tarball URL is supplied + it is extracted onto the target node during deployment. If a package is + deployed it is installed from the supplied URL. Note, you need the + heat-config-script element built into your images, due to the script group + below. + +parameters: + DeployArtifactURLs: + default: [] + description: A list of HTTP URLs containing deployment artifacts. + Currently supports tarballs and RPM packages. + type: comma_delimited_list + +resources: + DeployArtifacts: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: artifact_urls + default: {list_join: [' ', {get_param: DeployArtifactURLs}]} + config: {get_file: ./deploy-artifacts.sh} + +outputs: + OS::stack_id: + description: The ID of the DeployArtifacts resource. + value: {get_resource: DeployArtifacts} diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml index 2413f5a4..71445800 100644 --- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml +++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml @@ -65,11 +65,18 @@ parameters: default: false NetworkNexusSwitchHeartbeatTime: type: number - description: Time interval to check the state of the Nexus device + description: > + Time interval to check the state of the Nexus device. The units of this + object are seconds. Setting this object to a value of 0 disables the + replay feature. default: 0 NetworkNexusSwitchReplayCount: type: number - description: Number of times to attempt config replay + description: > + This configuration item is OBSOLETE. The Nexus driver replay behavior + is to continue to attempt to connect to the down Nexus device with a + period equal to the heartbeat time interval. This was previously the + Number of times to attempt config replay. default: 3 NetworkNexusProviderVlanAutoCreate: type: boolean @@ -131,6 +138,7 @@ resources: NetworkCiscoDeployment: type: OS::Heat::StructuredDeployments properties: + name: NetworkCiscoDeployment config: {get_resource: NetworkCiscoConfig} servers: {get_param: controller_servers} input_values: @@ -178,6 +186,7 @@ resources: CollectMacDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsController servers: {get_param: controller_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -185,6 +194,7 @@ resources: CollectMacDeploymentsCompute: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCompute servers: {get_param: compute_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -192,6 +202,7 @@ resources: CollectMacDeploymentsBlockStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsBlockStorage servers: {get_param: blockstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -199,6 +210,7 @@ resources: CollectMacDeploymentsObjectStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsObjectStorage servers: {get_param: objectstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -206,6 +218,7 @@ resources: CollectMacDeploymentsCephStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCephStorage servers: {get_param: cephstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -280,6 +293,7 @@ resources: MappingToNexusDeploymentsController: type: OS::Heat::SoftwareDeployment properties: + name: MappingToNexusDeploymentsController server: {get_param: [controller_servers, '0']} config: {get_resource: MappingToNexusConfig} input_values: @@ -323,6 +337,7 @@ resources: type: OS::Heat::SoftwareDeployment depends_on: MappingToNexusDeploymentsController properties: + name: MappingToUCSMDeploymentsController server: {get_param: [controller_servers, '0']} config: {get_resource: MappingToUCSMConfig} input_values: diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml index 7cefc24b..ebd6c251 100644 --- a/puppet/extraconfig/ceph/ceph-external-config.yaml +++ b/puppet/extraconfig/ceph/ceph-external-config.yaml @@ -76,7 +76,7 @@ resources: cinder_rbd_pool_name: {get_param: CinderRbdPoolName} glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} - glance::backend::rbd::rbd_store_pool: {get_param: CephClientUserName} + glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} nova::compute::rbd::rbd_keyring: list_join: - '.' diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml new file mode 100644 index 00000000..49c77190 --- /dev/null +++ b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2015-04-30 + +description: Configure hieradata for Big Switch agents on compute node + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + NeutronBigswitchAgentEnabled: + description: The state of the neutron-bsn-agent service. + type: boolean + default: false + NeutronBigswitchLLDPEnabled: + description: The state of the neutron-bsn-lldp service. + type: boolean + default: true + + +resources: + NeutronBigswitchConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + neutron_bigswitch_data: + mapped_data: + neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent} + neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp} + + NeutronBigswitchDeployment: + type: OS::Heat::StructuredDeployment + properties: + name: NeutronBigswitchDeployment + config: {get_resource: NeutronBigswitchConfig} + server: {get_param: server} + input_values: + neutron_enable_bigswitch_agent: {get_param: NeutronBigswitchAgentEnabled} + neutron_enable_bigswitch_lldp: {get_param: NeutronBigswitchLLDPEnabled} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [NeutronBigswitchDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml new file mode 100644 index 00000000..e496553a --- /dev/null +++ b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml @@ -0,0 +1,47 @@ +heat_template_version: 2015-04-30 + +description: Compute node hieradata for Neutron OpenContrail configuration + +parameters: + server: + description: ID of the compute node to apply this config to + type: string + ContrailApiServerIp: + description: IP address of the OpenContrail API server + type: string + ContrailApiServerPort: + description: Port of the OpenContrail API + type: string + default: 8082 + +resources: + ComputeContrailConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + neutron_opencontrail_data: + mapped_data: + nova::network::neutron::network_api_class: nova.network.neutronv2.api.API + + contrail::vrouter::provision_vrouter::api_address: {get_input: contrail_api_server_ip} + contrail::vrouter::provision_vrouter::api_port: {get_input: contrail_api_server_port} + contrail::vrouter::provision_vrouter::keystone_admin_user: admin + contrail::vrouter::provision_vrouter::keystone_admin_tenant_name: admin + contrail::vrouter::provision_vrouter::keystone_admin_password: '"%{::admin_password}"' + + ComputeContrailDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: ComputeContrailConfig} + server: {get_param: server} + input_values: + contrail_api_server_ip: {get_param: ContrailApiServerIp} + contrail_api_server_port: {get_param: ContrailApiServerPort} + +outputs: + deploy_stdout: + description: Output of the extra hiera data deployment + value: {get_attr: [ComputeContrailDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml index 96368e37..5561c74a 100644 --- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml +++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml @@ -70,6 +70,7 @@ resources: NovaNuageDeployment: type: OS::Heat::StructuredDeployment properties: + name: NovaNuageDeployment config: {get_resource: NovaNuageConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml new file mode 100644 index 00000000..905f196d --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml @@ -0,0 +1,87 @@ +heat_template_version: 2015-11-12 + +description: Configure hieradata for Cinder Dell Storage Center configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + CinderEnableDellScBackend: + type: boolean + default: true + CinderDellScBackendName: + type: string + default: 'tripleo_dellsc' + CinderDellScSanIp: + type: string + CinderDellScSanLogin: + type: string + default: 'Admin' + CinderDellScSanPassword: + type: string + hidden: true + CinderDellScSsn: + type: string + default: '64702' + CinderDellScIscsiIpAddress: + type: string + default: '' + CinderDellScIscsiPort: + type: string + default: '3260' + CinderDellScApiPort: + type: string + default: '3033' + CinderDellScServerFolder: + type: string + default: 'dellsc_server' + CinderDellScVolumeFolder: + type: string + default: 'dellsc_volume' + +resources: + CinderDellScConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + cinder_dellsc_data: + mapped_data: + cinder_enable_dellsc_backend: {get_input: EnableDellScBackend} + cinder::backend::dellsc_iscsi::volume_backend_name: {get_input: DellScBackendName} + cinder::backend::dellsc_iscsi::san_ip: {get_input: DellScSanIp} + cinder::backend::dellsc_iscsi::san_login: {get_input: DellScSanLogin} + cinder::backend::dellsc_iscsi::san_password: {get_input: DellScSanPassword} + cinder::backend::dellsc_iscsi::dell_sc_ssn: {get_input: DellScSsn} + cinder::backend::dellsc_iscsi::iscsi_ip_address: {get_input: DellScIscsiIpAddress} + cinder::backend::dellsc_iscsi::iscsi_port: {get_input: DellScIscsiPort} + cinder::backend::dellsc_iscsi::dell_sc_api_port: {get_input: DellScApiPort} + cinder::backend::dellsc_iscsi::dell_sc_server_folder: {get_input: DellScServerFolder} + cinder::backend::dellsc_iscsi::dell_sc_volume_folder: {get_input: DellScVolumeFolder} + + CinderDellScDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: CinderDellScConfig} + server: {get_param: server} + input_values: + EnableDellScBackend: {get_param: CinderEnableDellScBackend} + DellScBackendName: {get_param: CinderDellScBackendName} + DellScSanIp: {get_param: CinderDellScSanIp} + DellScSanLogin: {get_param: CinderDellScSanLogin} + DellScSanPassword: {get_param: CinderDellScSanPassword} + DellScSsn: {get_param: CinderDellScSsn} + DellScIscsiIpAddress: {get_param: CinderDellScIscsiIpAddress} + DellScIscsiPort: {get_param: CinderDellScIscsiPort} + DellScApiPort: {get_param: CinderDellScApiPort} + DellScServerFolder: {get_param: CinderDellScServerFolder} + DellScVolumeFolder: {get_param: CinderDellScVolumeFolder} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [CinderDellScDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml new file mode 100644 index 00000000..c73608f1 --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml @@ -0,0 +1,86 @@ +heat_template_version: 2015-11-06 + +description: Configure hieradata for Cinder Eqlx configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + CinderEnableEqlxBackend: + type: boolean + default: true + CinderEqlxBackendName: + type: string + default: 'tripleo_eqlx' + CinderEqlxSanIp: + type: string + CinderEqlxSanLogin: + type: string + CinderEqlxSanPassword: + type: string + hidden: true + CinderEqlxSanThinProvision: + type: boolean + default: true + CinderEqlxGroupname: + type: string + default: 'group-0' + CinderEqlxPool: + type: string + default: 'default' + CinderEqlxChapLogin: + type: string + default: '' + CinderEqlxChapPassword: + type: string + default: '' + CinderEqlxUseChap: + type: boolean + default: false + +resources: + CinderEqlxConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + cinder_eqlx_data: + mapped_data: + cinder_enable_eqlx_backend: {get_input: EnableEqlxBackend} + cinder::backend::eqlx::volume_backend_name: {get_input: EqlxBackendName} + cinder::backend::eqlx::san_ip: {get_input: EqlxSanIp} + cinder::backend::eqlx::san_login: {get_input: EqlxSanLogin} + cinder::backend::eqlx::san_password: {get_input: EqlxSanPassword} + cinder::backend::eqlx::san_thin_provision: {get_input: EqlxSanThinProvision} + cinder::backend::eqlx::eqlx_group_name: {get_input: EqlxGroupname} + cinder::backend::eqlx::eqlx_pool: {get_input: EqlxPool} + cinder::backend::eqlx::eqlx_use_chap: {get_input: EqlxUseChap} + cinder::backend::eqlx::eqlx_chap_login: {get_input: EqlxChapLogin} + cinder::backend::eqlx::eqlx_chap_password: {get_input: EqlxChapPassword} + + CinderEqlxDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: CinderEqlxConfig} + server: {get_param: server} + input_values: + EnableEqlxBackend: {get_param: CinderEnableEqlxBackend} + EqlxBackendName: {get_param: CinderEqlxBackendName} + EqlxSanIp: {get_param: CinderEqlxSanIp} + EqlxSanLogin: {get_param: CinderEqlxSanLogin} + EqlxSanPassword: {get_param: CinderEqlxSanPassword} + EqlxSanThinProvision: {get_param: CinderEqlxSanThinProvision} + EqlxGroupname: {get_param: CinderEqlxGroupname} + EqlxPool: {get_param: CinderEqlxPool} + EqlxUseChap: {get_param: CinderEqlxUseChap} + EqlxChapLogin: {get_param: CinderEqlxChapLogin} + EqlxChapPassword: {get_param: CinderEqlxChapPassword} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [CinderEqlxDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml index 7ec2190f..ab442f2b 100644 --- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml +++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml @@ -114,6 +114,7 @@ resources: CinderNetappDeployment: type: OS::Heat::StructuredDeployment properties: + name: CinderNetappDeployment config: {get_resource: CinderNetappConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml index bf06d25d..467f57cc 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml @@ -44,7 +44,6 @@ resources: datafiles: neutron_bigswitch_data: mapped_data: - neutron_enable_bigswitch_ml2: true neutron::plugins::ml2::bigswitch::restproxy::servers: {get_input: restproxy_servers} neutron::plugins::ml2::bigswitch::restproxy::server_auth: {get_input: restproxy_server_auth} neutron::plugins::ml2::bigswitch::restproxy::auto_sync_on_failure: {get_input: restproxy_auto_sync_on_failure} @@ -56,6 +55,7 @@ resources: NeutronBigswitchDeployment: type: OS::Heat::StructuredDeployment properties: + name: NeutronBigswitchDeployment config: {get_resource: NeutronBigswitchConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml index 6730ddf1..cec885cd 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml @@ -142,6 +142,7 @@ resources: CiscoN1kvDeployment: type: OS::Heat::StructuredDeployment properties: + name: CiscoN1kvDeployment config: {get_resource: CiscoN1kvConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml index 8378d2fc..a4cfea07 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml @@ -71,6 +71,7 @@ resources: NeutronNuageDeployment: type: OS::Heat::StructuredDeployment properties: + name: NeutronNuageDeployment config: {get_resource: NeutronNuageConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml new file mode 100644 index 00000000..5c686fe7 --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml @@ -0,0 +1,62 @@ +heat_template_version: 2015-04-30 + +description: Controller hieradata for Neutron OpenContrail configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + ContrailApiServerIp: + description: IP address of the OpenContrail API server + type: string + ContrailApiServerPort: + description: Port of the OpenContrail API + type: string + default: 8082 + ContrailMultiTenancy: + description: Whether to enable multi tenancy + type: boolean + default: false + ContrailExtensions: + description: List of OpenContrail extensions to be enabled + type: comma_delimited_list + default: '' + +resources: + ControllerContrailConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + neutron_opencontrail_data: + mapped_data: + neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions + + neutron::plugins::opencontrail::api_server_ip: {get_input: contrail_api_server_ip} + neutron::plugins::opencontrail::api_server_port: {get_input: contrail_api_server_port} + neutron::plugins::opencontrail::multi_tenancy: {get_input: contrail_multi_tenancy} + neutron::plugins::opencontrail::contrail_extensions: {get_input: contrail_extensions} + neutron::plugins::opencontrail::keystone_auth_url: '"%{hiera(''keystone_auth_uri'')}"' + neutron::plugins::opencontrail::keystone_admin_user: admin + neutron::plugins::opencontrail::keystone_admin_tenant_name: admin + neutron::plugins::opencontrail::keystone_admin_password: '"%{hiera(''admin_password'')}"' + neutron::plugins::opencontrail::keystone_admin_token: '"%{hiera(''keystone::admin_token'')}"' + + ControllerContrailDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: ControllerContrailConfig} + server: {get_param: server} + input_values: + contrail_api_server_ip: {get_param: ContrailApiServerIp} + contrail_api_server_port: {get_param: ContrailApiServerPort} + contrail_multi_tenancy: {get_param: ContrailMultiTenancy} + contrail_extensions: {get_param: ContrailExtensions} + + +outputs: + deploy_stdout: + description: Output of the extra hiera data deployment + value: {get_attr: [ControllerContrailDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml index 80c8ad6e..e236e336 100644 --- a/puppet/extraconfig/pre_deploy/per_node.yaml +++ b/puppet/extraconfig/pre_deploy/per_node.yaml @@ -45,6 +45,7 @@ resources: NodeSpecificDeployment: type: OS::Heat::SoftwareDeployment properties: + name: NodeSpecificDeployment config: {get_resource: NodeSpecificConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml index 7e34f071..aab42849 100644 --- a/puppet/extraconfig/tls/ca-inject.yaml +++ b/puppet/extraconfig/tls/ca-inject.yaml @@ -45,7 +45,7 @@ resources: cat > ${cacert_path} << EOF ${cacert_content} EOF - chmod 0440 ${cacert_path} + chmod 0444 ${cacert_path} chown root:root ${cacert_path} ${update_anchor_command} md5sum ${cacert_path} > ${heat_outputs_path}.root_cert_md5sum @@ -53,6 +53,7 @@ resources: CADeployment: type: OS::Heat::SoftwareDeployment properties: + name: CADeployment config: {get_resource: CAConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml index ce524ba9..20bb3737 100644 --- a/puppet/extraconfig/tls/tls-cert-inject.yaml +++ b/puppet/extraconfig/tls/tls-cert-inject.yaml @@ -67,6 +67,7 @@ resources: ControllerTLSDeployment: type: OS::Heat::SoftwareDeployment properties: + name: ControllerTLSDeployment config: {get_resource: ControllerTLSConfig} server: {get_param: server} input_values: diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index b4b51abf..98cec364 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -3,17 +3,18 @@ ssh::server::storeconfigs_enabled: false # ceilometer settings used by compute and controller ceilo auth settings ceilometer::agent::auth::auth_region: 'regionOne' -# FIXME: Might be better to use 'service' tenant here but this requires -# changes in the tripleo-incubator keystone role setup -ceilometer::agent::auth::auth_tenant_name: 'admin' +ceilometer::agent::auth::auth_tenant_name: 'service' nova::api::admin_tenant_name: 'service' -nova::network::neutron::neutron_admin_tenant_name: 'service' -nova::network::neutron::neutron_admin_username: 'neutron' +nova::network::neutron::neutron_project_name: 'service' +nova::network::neutron::neutron_username: 'neutron' nova::network::neutron::dhcp_domain: '' neutron::allow_overlapping_ips: true +kernel_modules: + nf_conntrack: {} + sysctl_settings: net.ipv4.tcp_keepalive_intvl: value: 1 @@ -21,6 +22,17 @@ sysctl_settings: value: 5 net.ipv4.tcp_keepalive_time: value: 5 + net.nf_conntrack_max: + value: 500000 + net.netfilter.nf_conntrack_max: + value: 500000 + # prevent neutron bridges from autoconfiguring ipv6 addresses + net.ipv6.conf.default.accept_ra: + value: 0 + net.ipv6.conf.default.autoconf: + value: 0 + net.core.netdev_max_backlog: + value: 10000 nova::rabbit_heartbeat_timeout_threshold: 60 neutron::rabbit_heartbeat_timeout_threshold: 60 diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index fa8dcc81..572eef9f 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -1,7 +1,7 @@ # Hiera data here applies to all compute nodes nova::notify_on_state_change: 'vm_and_task_state' - +nova::notification_driver: messagingv2 nova::compute::enabled: true nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index c9f3a417..e80bee07 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -34,15 +34,26 @@ glance::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service' +neutron::agents::l3::router_delete_namespaces: True +neutron::agents::dhcp::dhcp_delete_namespaces: True cinder::api::keystone_tenant: 'service' swift::proxy::authtoken::admin_tenant_name: 'service' ceilometer::api::keystone_tenant: 'service' heat::keystone_tenant: 'service' +sahara::admin_tenant_name: 'service' # keystone keystone::cron::token_flush::maxdelay: 3600 keystone::roles::admin::service_tenant: 'service' keystone::roles::admin::admin_tenant: 'admin' +keystone::cron::token_flush::destination: '/dev/null' +keystone::config::keystone_config: + DEFAULT/secure_proxy_ssl_header: + value: 'HTTP_X_FORWARDED_PROTO' + ec2/driver: + value: 'keystone.contrib.ec2.backends.sql.Ec2' +keystone::service_name: 'httpd' +keystone::wsgi::apache::ssl: false #swift swift::proxy::pipeline: @@ -76,20 +87,29 @@ neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' nova::api::osapi_v3: true +nova::api::sync_db_api: true nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::cron::archive_deleted_rows::hour: '*/12' nova::cron::archive_deleted_rows::destination: '/dev/null' +nova::notification_driver: messaging # ceilometer ceilometer::agent::auth::auth_endpoint_type: 'internalURL' # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler +cinder::cron::db_purge::destination: '/dev/null' +cinder::host: hostgroup +cinder_user_enabled_backends: [] # heat heat::engine::configure_delegated_roles: false heat::engine::trusts_delegated_roles: [] heat::instance_user: '' +heat::cron::purge_deleted::age: 30 +heat::cron::purge_deleted::age_type: 'days' +heat::cron::purge_deleted::maxdelay: 3600 +heat::cron::purge_deleted::destination: '/dev/null' # pacemaker pacemaker::corosync::cluster_name: 'tripleo_cluster' @@ -120,6 +140,7 @@ tripleo::loadbalancer::nova_metadata: true tripleo::loadbalancer::nova_novncproxy: true tripleo::loadbalancer::mysql: true tripleo::loadbalancer::redis: true +tripleo::loadbalancer::sahara: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true tripleo::loadbalancer::heat_api: true diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml index 7e925d90..61714691 100644 --- a/puppet/hieradata/database.yaml +++ b/puppet/hieradata/database.yaml @@ -6,6 +6,13 @@ nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" +nova::db::mysql_api::user: nova_api +nova::db::mysql_api::host: "%{hiera('mysql_virtual_ip')}" +nova::db::mysql_api::dbname: nova_api +nova::db::mysql_api::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + # Glance glance::db::mysql::user: glance glance::db::mysql::host: "%{hiera('mysql_virtual_ip')}" @@ -53,3 +60,10 @@ ceilometer::db::mysql::dbname: ceilometer ceilometer::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + +sahara::db::mysql::user: sahara +sahara::db::mysql::host: "%{hiera('mysql_virtual_ip')}" +sahara::db::mysql::dbname: sahara +sahara::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" diff --git a/puppet/hieradata/volume.yaml b/puppet/hieradata/volume.yaml index f4cd78a9..8640c0a7 100644 --- a/puppet/hieradata/volume.yaml +++ b/puppet/hieradata/volume.yaml @@ -9,4 +9,6 @@ cinder::config::cinder_config: DEFAULT/swift_catalog_info: value: 'object-store:swift:internalURL' +cinder_user_enabled_backends: [] + volume_classes: []
\ No newline at end of file diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 7f8970cc..0db5b45a 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -16,12 +16,16 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + if str2bool(hiera('ceph_osd_selinux_permissive', true)) { exec { 'set selinux to permissive on boot': command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", @@ -36,6 +40,7 @@ if str2bool(hiera('ceph_osd_selinux_permissive', true)) { } -> Class['ceph::profile::osd'] } +include ::ceph::conf include ::ceph::profile::client include ::ceph::profile::osd diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index e41dce66..99220ffd 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -16,12 +16,16 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + file { ['/etc/libvirt/qemu/networks/autostart/default.xml', '/etc/libvirt/qemu/networks/default.xml']: ensure => absent, @@ -35,6 +39,16 @@ exec { 'libvirt-default-net-destroy': before => Service['libvirt'], } +# When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique +exec { 'reset-iscsi-initiator-name': + command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi', + onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset', +}-> + +file { '/etc/iscsi/.initiator_reset': + ensure => present, +} + include ::nova include ::nova::config include ::nova::compute @@ -42,11 +56,13 @@ include ::nova::compute nova_config { 'DEFAULT/my_ip': value => $ipaddress; 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; + 'DEFAULT/host': value => $fqdn; } $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false) $rbd_persistent_storage = hiera('rbd_persistent_storage', false) if $rbd_ephemeral_storage or $rbd_persistent_storage { + include ::ceph::conf include ::ceph::profile::client $client_keys = hiera('ceph::profile::params::client_keys') @@ -76,6 +92,7 @@ if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' } include ::nova::network::neutron include ::neutron +include ::neutron::config # If the value of core plugin is set to 'nuage', # include nuage agent, @@ -104,6 +121,15 @@ elsif hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV cassandra_seeds => $cassandra_node_ips } } +elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' { + + include ::contrail::vrouter + # NOTE: it's not possible to use this class without a functional + # contrail controller up and running + #class {'::contrail::vrouter::provision_vrouter': + # require => Class['contrail::vrouter'], + #} +} else { include ::neutron::plugins::ml2 @@ -115,8 +141,15 @@ else { n1kv_version => hiera('n1kv_vem_version', undef), } } + + if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::agents::bigswitch + } } +neutron_config { + 'DEFAULT/host': value => $fqdn; +} include ::ceilometer include ::ceilometer::config diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index a3e2a233..1d1dc5c5 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -20,7 +20,9 @@ $enable_load_balancer = hiera('enable_load_balancer', true) if hiera('step') >= 1 { + create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> $controller_node_ips = split(hiera('controller_node_ips'), ',') @@ -39,6 +41,8 @@ if hiera('step') >= 2 { include ::ntp } + include ::timezone + # MongoDB if downcase(hiera('ceilometer_backend')) == 'mongodb' { include ::mongodb::globals @@ -81,11 +85,15 @@ if hiera('step') >= 2 { $mysql_config_file = '/etc/my.cnf.d/server.cnf' } # TODO Galara + # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we + # set bind-address to a hostname instead of an ip address; to move Mysql + # from internal_api on another network we'll have to customize both + # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap class { '::mysql::server': config_file => $mysql_config_file, override_options => { 'mysqld' => { - 'bind-address' => hiera('mysql_bind_host'), + 'bind-address' => $::hostname, 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', }, @@ -98,9 +106,11 @@ if hiera('step') >= 2 { include ::keystone::db::mysql include ::glance::db::mysql include ::nova::db::mysql + include ::nova::db::mysql_api include ::neutron::db::mysql include ::cinder::db::mysql include ::heat::db::mysql + include ::sahara::db::mysql if downcase(hiera('ceilometer_backend')) == 'mysql' { include ::ceilometer::db::mysql } @@ -128,12 +138,13 @@ if hiera('step') >= 2 { # pre-install swift here so we can build rings include ::swift - $enable_ceph = hiera('ceph_storage_count', 0) > 0 + $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) if $enable_ceph { class { '::ceph::profile::params': mon_initial_members => downcase(hiera('ceph_mon_initial_members')), } + include ::ceph::conf include ::ceph::profile::mon } @@ -152,10 +163,12 @@ if hiera('step') >= 2 { } -> Class['ceph::profile::osd'] } + include ::ceph::conf include ::ceph::profile::osd } if str2bool(hiera('enable_external_ceph', false)) { + include ::ceph::conf include ::ceph::profile::client } @@ -164,13 +177,13 @@ if hiera('step') >= 2 { if hiera('step') >= 3 { include ::keystone + include ::keystone::config include ::keystone::roles::admin include ::keystone::endpoint + include ::keystone::wsgi::apache #TODO: need a cleanup-keystone-tokens.sh solution here - keystone_config { - 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2'; - } + file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: ensure => 'directory', owner => 'keystone', @@ -209,12 +222,14 @@ if hiera('step') >= 3 { $http_store = ['glance.store.http.Store'] $glance_store = concat($http_store, $backend_store) - # TODO: notifications, scrubber, etc. + # TODO: scrubber and other additional optional features include ::glance + include ::glance::config class { '::glance::api': known_stores => $glance_store, } include ::glance::registry + include ::glance::notify::rabbitmq include join(['::glance::backend::', $glance_backend]) class { '::nova' : @@ -240,7 +255,8 @@ if hiera('step') >= 3 { if hiera('enable_zookeeper_on_controller') { class {'::tripleo::cluster::zookeeper': zookeeper_server_ips => $zookeeper_node_ips, - zookeeper_client_ip => $ipaddress, + # TODO: create a 'bind' hiera key for zookeeper + zookeeper_client_ip => hiera('neutron::bind_host'), zookeeper_hostnames => hiera('controller_node_names') } } @@ -249,7 +265,8 @@ if hiera('step') >= 3 { if hiera('enable_cassandra_on_controller') { class {'::tripleo::cluster::cassandra': cassandra_servers => $cassandra_node_ips, - cassandra_ip => $ipaddress + # TODO: create a 'bind' hiera key for cassandra + cassandra_ip => hiera('neutron::bind_host'), } } @@ -260,10 +277,11 @@ if hiera('step') >= 3 { class {'::tripleo::network::midonet::api': zookeeper_servers => $zookeeper_node_ips, - vip => $ipaddress, - keystone_ip => $ipaddress, + vip => hiera('tripleo::loadbalancer::public_virtual_ip'), + keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_admin_token => hiera('keystone::admin_token'), - bind_address => $ipaddress, + # TODO: create a 'bind' hiera key for api + bind_address => hiera('neutron::bind_host'), admin_password => hiera('admin_password') } @@ -279,14 +297,17 @@ if hiera('step') >= 3 { include ::neutron } + include ::neutron::config include ::neutron::server include ::neutron::server::notifications - # If the value of core plugin is set to 'nuage', - # include nuage core plugin, and it does not + # If the value of core plugin is set to 'nuage' or 'opencontrail', + # include nuage or opencontrail core plugins, and it does not # need the l3, dhcp and metadata agents if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage + } elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' { + include ::neutron::plugins::opencontrail } else { include ::neutron::agents::l3 include ::neutron::agents::dhcp @@ -305,7 +326,7 @@ if hiera('step') >= 3 { if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { class {'::neutron::plugins::midonet': - midonet_api_ip => $ipaddress, + midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_tenant => hiera('neutron::server::auth_tenant'), keystone_password => hiera('neutron::server::auth_password') } @@ -337,8 +358,9 @@ if hiera('step') >= 3 { include ::neutron::plugins::ml2::cisco::type_nexus_vxlan } - if hiera('neutron_enable_bigswitch_ml2', false) { + if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') { include ::neutron::plugins::ml2::bigswitch::restproxy + include ::neutron::agents::bigswitch } neutron_l3_agent_config { 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); @@ -355,10 +377,13 @@ if hiera('step') >= 3 { } include ::cinder + include ::cinder::config + include ::tripleo::ssl::cinder_config include ::cinder::api include ::cinder::glance include ::cinder::scheduler include ::cinder::volume + include ::cinder::ceilometer class { '::cinder::setup_test_volume': size => join([hiera('cinder_lvm_loop_device_size'), 'M']), } @@ -399,12 +424,42 @@ if hiera('step') >= 3 { } } - if hiera('cinder_enable_netapp_backend', false) { - $cinder_netapp_backend = hiera('cinder::backend::netapp::title') + if hiera('cinder_enable_eqlx_backend', false) { + $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name') + + cinder::backend::eqlx { $cinder_eqlx_backend : + volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef), + san_ip => hiera('cinder::backend::eqlx::san_ip', undef), + san_login => hiera('cinder::backend::eqlx::san_login', undef), + san_password => hiera('cinder::backend::eqlx::san_password', undef), + san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), + eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef), + eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), + eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), + eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), + } + } - cinder_config { - "${cinder_netapp_backend}/host": value => 'hostgroup'; + if hiera('cinder_enable_dellsc_backend', false) { + $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name') + + cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend : + volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef), + san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), + san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef), + san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef), + dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), + iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), + iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), + dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef), + dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), + dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), } + } + + if hiera('cinder_enable_netapp_backend', false) { + $cinder_netapp_backend = hiera('cinder::backend::netapp::title') if hiera('cinder::backend::netapp::nfs_shares', undef) { $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') @@ -452,9 +507,9 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend]) + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend]) class { '::cinder::backends' : - enabled_backends => $cinder_enabled_backends, + enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), } # swift proxy @@ -514,12 +569,20 @@ if hiera('step') >= 3 { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } # Heat - include ::heat + class { '::heat' : + notification_driver => 'messaging', + } + include ::heat::config include ::heat::api include ::heat::api_cfn include ::heat::api_cloudwatch include ::heat::engine + # Sahara + include ::sahara + include ::sahara::service::api + include ::sahara::service::engine + # Horizon if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { $_profile_support = 'cisco' @@ -548,12 +611,23 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) + $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) + $heat_enable_db_purge = hiera('heat_enable_db_purge', true) - include ::keystone::cron::token_flush + if $keystone_enable_db_purge { + include ::keystone::cron::token_flush + } if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows } + if $cinder_enable_db_purge { + include ::cinder::cron::db_purge + } + if $heat_enable_db_purge { + include ::heat::cron::purge_deleted + } } #END STEP 4 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 3e470491..fb04c45f 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -39,7 +39,11 @@ $non_pcmk_start = hiera('step') >= 4 if hiera('step') >= 1 { + create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> + + include ::timezone if count(hiera('ntp::servers')) > 0 { include ::ntp @@ -58,6 +62,12 @@ if hiera('step') >= 1 { } $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G')) + $corosync_ipv6 = str2bool(hiera('corosync_ipv6', false)) + if $corosync_ipv6 { + $cluster_setup_extras = { '--ipv6' => '' } + } else { + $cluster_setup_extras = {} + } user { 'hacluster': ensure => present, } -> @@ -65,8 +75,9 @@ if hiera('step') >= 1 { hacluster_pwd => hiera('hacluster_pwd'), } -> class { '::pacemaker::corosync': - cluster_members => $pacemaker_cluster_members, - setup_cluster => $pacemaker_master, + cluster_members => $pacemaker_cluster_members, + setup_cluster => $pacemaker_master, + cluster_setup_extras => $cluster_setup_extras, } class { '::pacemaker::stonith': disable => !$enable_fencing, @@ -78,11 +89,11 @@ if hiera('step') >= 1 { Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } - # FIXME(gfidente): sets 100secs as default start timeout op + # FIXME(gfidente): sets 200secs as default start timeout op # param; until we can use pcmk global defaults we'll still # need to add it to every resource which redefines op params Pacemaker::Resource::Service { - op_params => 'start timeout=100s stop timeout=100s', + op_params => 'start timeout=200s stop timeout=200s', } # Only configure RabbitMQ in this step, don't start it yet to @@ -132,6 +143,11 @@ if hiera('step') >= 1 { $galera_nodes = downcase(hiera('galera_node_names', $::hostname)) $galera_nodes_count = count(split($galera_nodes, ',')) + # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we + # set bind-address to a hostname instead of an ip address; to move Mysql + # from internal_api on another network we'll have to customize both + # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap + $mysql_bind_host = hiera('mysql_bind_host') $mysqld_options = { 'mysqld' => { 'skip-name-resolve' => '1', @@ -141,7 +157,7 @@ if hiera('step') >= 1 { 'innodb_locks_unsafe_for_binlog'=> '1', 'query_cache_size' => '0', 'query_cache_type' => '0', - 'bind-address' => hiera('mysql_bind_host'), + 'bind-address' => $::hostname, 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so', @@ -156,8 +172,8 @@ if hiera('step') >= 1 { 'wsrep_auto_increment_control' => '1', 'wsrep_drupal_282555_workaround'=> '0', 'wsrep_causal_reads' => '0', - 'wsrep_notify_cmd' => '', 'wsrep_sst_method' => 'rsync', + 'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;", }, } @@ -186,6 +202,11 @@ if hiera('step') >= 2 { include ::pacemaker::resource_defaults + # Create an openstack-core dummy resource. See RHBZ 1290121 + pacemaker::resource::ocf { 'openstack-core': + ocf_agent_name => 'heartbeat:Dummy', + clone_params => true, + } # FIXME: we should not have to access tripleo::loadbalancer class # parameters here to configure pacemaker VIPs. The configuration # of pacemaker VIPs could move into puppet-tripleo or we should @@ -195,8 +216,14 @@ if hiera('step') >= 2 { } $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip') + if is_ipv6_address($control_vip) { + $control_vip_netmask = '64' + } else { + $control_vip_netmask = '32' + } pacemaker::resource::ip { 'control_vip': - ip_address => $control_vip, + ip_address => $control_vip, + cidr_netmask => $control_vip_netmask, } pacemaker::constraint::base { 'control_vip-then-haproxy': constraint_type => 'order', @@ -217,9 +244,15 @@ if hiera('step') >= 2 { } $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip') + if is_ipv6_address($public_vip) { + $public_vip_netmask = '64' + } else { + $public_vip_netmask = '32' + } if $public_vip and $public_vip != $control_vip { pacemaker::resource::ip { 'public_vip': - ip_address => $public_vip, + ip_address => $public_vip, + cidr_netmask => $public_vip_netmask, } pacemaker::constraint::base { 'public_vip-then-haproxy': constraint_type => 'order', @@ -241,9 +274,15 @@ if hiera('step') >= 2 { } $redis_vip = hiera('redis_vip') + if is_ipv6_address($redis_vip) { + $redis_vip_netmask = '64' + } else { + $redis_vip_netmask = '32' + } if $redis_vip and $redis_vip != $control_vip { pacemaker::resource::ip { 'redis_vip': - ip_address => $redis_vip, + ip_address => $redis_vip, + cidr_netmask => $redis_vip_netmask, } pacemaker::constraint::base { 'redis_vip-then-haproxy': constraint_type => 'order', @@ -265,9 +304,15 @@ if hiera('step') >= 2 { } $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip') + if is_ipv6_address($internal_api_vip) { + $internal_api_vip_netmask = '64' + } else { + $internal_api_vip_netmask = '32' + } if $internal_api_vip and $internal_api_vip != $control_vip { pacemaker::resource::ip { 'internal_api_vip': - ip_address => $internal_api_vip, + ip_address => $internal_api_vip, + cidr_netmask => $internal_api_vip_netmask, } pacemaker::constraint::base { 'internal_api_vip-then-haproxy': constraint_type => 'order', @@ -289,9 +334,15 @@ if hiera('step') >= 2 { } $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip') + if is_ipv6_address($storage_vip) { + $storage_vip_netmask = '64' + } else { + $storage_vip_netmask = '32' + } if $storage_vip and $storage_vip != $control_vip { pacemaker::resource::ip { 'storage_vip': - ip_address => $storage_vip, + ip_address => $storage_vip, + cidr_netmask => $storage_vip_netmask, } pacemaker::constraint::base { 'storage_vip-then-haproxy': constraint_type => 'order', @@ -313,9 +364,15 @@ if hiera('step') >= 2 { } $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip') + if is_ipv6_address($storage_mgmt_vip) { + $storage_mgmt_vip_netmask = '64' + } else { + $storage_mgmt_vip_netmask = '32' + } if $storage_mgmt_vip and $storage_mgmt_vip != $control_vip { pacemaker::resource::ip { 'storage_mgmt_vip': - ip_address => $storage_mgmt_vip, + ip_address => $storage_mgmt_vip, + cidr_netmask => $storage_mgmt_vip_netmask, } pacemaker::constraint::base { 'storage_mgmt_vip-then-haproxy': constraint_type => 'order', @@ -347,12 +404,13 @@ if hiera('step') >= 2 { ocf_agent_name => 'heartbeat:rabbitmq-cluster', resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'', clone_params => 'ordered=true interleave=true', + meta_params => 'notify=true', require => Class['::rabbitmq'], } if downcase(hiera('ceilometer_backend')) == 'mongodb' { pacemaker::resource::service { $::mongodb::params::service_name : - op_params => 'start timeout=120s stop timeout=100s', + op_params => 'start timeout=370s stop timeout=200s', clone_params => true, require => Class['::mongodb::server'], } @@ -428,6 +486,9 @@ MYSQL_HOST=localhost\n", class { '::nova::db::mysql': require => Exec['galera-ready'], } + class { '::nova::db::mysql_api': + require => Exec['galera-ready'], + } class { '::neutron::db::mysql': require => Exec['galera-ready'], } @@ -443,18 +504,23 @@ MYSQL_HOST=localhost\n", require => Exec['galera-ready'], } } + + class { '::sahara::db::mysql': + require => Exec['galera-ready'], + } } # pre-install swift here so we can build rings include ::swift # Ceph - $enable_ceph = hiera('ceph_storage_count', 0) > 0 + $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) if $enable_ceph { class { '::ceph::profile::params': mon_initial_members => downcase(hiera('ceph_mon_initial_members')), } + include ::ceph::conf include ::ceph::profile::mon } @@ -473,10 +539,12 @@ MYSQL_HOST=localhost\n", } -> Class['ceph::profile::osd'] } + include ::ceph::conf include ::ceph::profile::osd } if str2bool(hiera('enable_external_ceph', false)) { + include ::ceph::conf include ::ceph::profile::client } @@ -486,15 +554,15 @@ MYSQL_HOST=localhost\n", if hiera('step') >= 3 { class { '::keystone': - sync_db => $sync_db, - manage_service => false, - enabled => false, + sync_db => $sync_db, + manage_service => false, + enabled => false, + enable_bootstrap => $pacemaker_master, } + include ::keystone::config #TODO: need a cleanup-keystone-tokens.sh solution here - keystone_config { - 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2'; - } + file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: ensure => 'directory', owner => 'keystone', @@ -546,6 +614,7 @@ if hiera('step') >= 3 { # TODO: notifications, scrubber, etc. include ::glance + include ::glance::config class { '::glance::api': known_stores => $glance_store, manage_service => false, @@ -556,16 +625,25 @@ if hiera('step') >= 3 { manage_service => false, enabled => false, } + include ::glance::notify::rabbitmq include join(['::glance::backend::', $glance_backend]) + $nova_ipv6 = hiera('nova::use_ipv6', false) + if $nova_ipv6 { + $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211') + } else { + $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211') + } + class { '::nova' : - memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'), + memcached_servers => $memcached_servers } include ::nova::config class { '::nova::api' : sync_db => $sync_db, + sync_db_api => $sync_db, manage_service => false, enabled => false, } @@ -602,8 +680,9 @@ if hiera('step') >= 3 { if hiera('enable_zookeeper_on_controller') { class {'::tripleo::cluster::zookeeper': zookeeper_server_ips => $zookeeper_node_ips, - zookeeper_client_ip => $ipaddress, - zookeeper_hostnames => hiera('controller_node_names') + # TODO: create a 'bind' hiera key for zookeeper + zookeeper_client_ip => hiera('neutron::bind_host'), + zookeeper_hostnames => split(hiera('controller_node_names'), ',') } } @@ -611,7 +690,8 @@ if hiera('step') >= 3 { if hiera('enable_cassandra_on_controller') { class {'::tripleo::cluster::cassandra': cassandra_servers => $cassandra_node_ips, - cassandra_ip => $ipaddress + # TODO: create a 'bind' hiera key for cassandra + cassandra_ip => hiera('neutron::bind_host'), } } @@ -621,11 +701,12 @@ if hiera('step') >= 3 { } class {'::tripleo::network::midonet::api': - zookeeper_servers => hiera('neutron_api_node_ips'), - vip => $public_vip, - keystone_ip => $public_vip, + zookeeper_servers => $zookeeper_node_ips, + vip => hiera('tripleo::loadbalancer::public_virtual_ip'), + keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_admin_token => hiera('keystone::admin_token'), - bind_address => $ipaddress, + # TODO: create a 'bind' hiera key for api + bind_address => hiera('neutron::bind_host'), admin_password => hiera('admin_password') } @@ -640,6 +721,7 @@ if hiera('step') >= 3 { include ::neutron } + include ::neutron::config class { '::neutron::server' : sync_db => $sync_db, manage_service => false, @@ -649,9 +731,12 @@ if hiera('step') >= 3 { if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage } + if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' { + include ::neutron::plugins::opencontrail + } if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { class {'::neutron::plugins::midonet': - midonet_api_ip => $public_vip, + midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_tenant => hiera('neutron::server::auth_tenant'), keystone_password => hiera('neutron::server::auth_password') } @@ -708,8 +793,9 @@ if hiera('step') >= 3 { } } - if hiera('neutron_enable_bigswitch_ml2', false) { + if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') { include ::neutron::plugins::ml2::bigswitch::restproxy + include ::neutron::agents::bigswitch } neutron_l3_agent_config { 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); @@ -717,8 +803,13 @@ if hiera('step') >= 3 { neutron_dhcp_agent_config { 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); } + neutron_config { + 'DEFAULT/notification_driver': value => 'messaging'; + } include ::cinder + include ::cinder::config + include ::tripleo::ssl::cinder_config class { '::cinder::api': sync_db => $sync_db, manage_service => false, @@ -733,6 +824,7 @@ if hiera('step') >= 3 { enabled => false, } include ::cinder::glance + include ::cinder::ceilometer class { '::cinder::setup_test_volume': size => join([hiera('cinder_lvm_loop_device_size'), 'M']), } @@ -773,12 +865,42 @@ if hiera('step') >= 3 { } } - if hiera('cinder_enable_netapp_backend', false) { - $cinder_netapp_backend = hiera('cinder::backend::netapp::title') + if hiera('cinder_enable_eqlx_backend', false) { + $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name') + + cinder::backend::eqlx { $cinder_eqlx_backend : + volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef), + san_ip => hiera('cinder::backend::eqlx::san_ip', undef), + san_login => hiera('cinder::backend::eqlx::san_login', undef), + san_password => hiera('cinder::backend::eqlx::san_password', undef), + san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), + eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef), + eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), + eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), + eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), + } + } + + if hiera('cinder_enable_dellsc_backend', false) { + $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name') - cinder_config { - "${cinder_netapp_backend}/host": value => 'hostgroup'; + cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend : + volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef), + san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), + san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef), + san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef), + dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), + iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), + iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), + dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef), + dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), + dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), } + } + + if hiera('cinder_enable_netapp_backend', false) { + $cinder_netapp_backend = hiera('cinder::backend::netapp::title') if hiera('cinder::backend::netapp::nfs_shares', undef) { $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') @@ -826,9 +948,21 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend]) + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend]) class { '::cinder::backends' : - enabled_backends => $cinder_enabled_backends, + enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), + } + + class { '::sahara': + sync_db => $sync_db, + } + class { '::sahara::service::api': + manage_service => false, + enabled => false, + } + class { '::sahara::service::engine': + manage_service => false, + enabled => false, } # swift proxy @@ -915,8 +1049,10 @@ if hiera('step') >= 3 { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } # Heat + include ::heat::config class { '::heat' : - sync_db => $sync_db, + sync_db => $sync_db, + notification_driver => 'messaging', } class { '::heat::api' : manage_service => false, @@ -941,6 +1077,7 @@ if hiera('step') >= 3 { service_enable => false, # service_manage => false, # <-- not supported with horizon&apache mod_wsgi? } + include ::keystone::wsgi::apache include ::apache::mod::status if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { $_profile_support = 'cisco' @@ -968,66 +1105,79 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { - $nova_enable_db_purge = hiera('nova_enable_db_purge', true) + $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) + $nova_enable_db_purge = hiera('nova_enable_db_purge', true) + $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) + $heat_enable_db_purge = hiera('heat_enable_db_purge', true) + if $keystone_enable_db_purge { include ::keystone::cron::token_flush - if $nova_enable_db_purge { - include ::nova::cron::archive_deleted_rows - } + } + if $nova_enable_db_purge { + include ::nova::cron::archive_deleted_rows + } + if $cinder_enable_db_purge { + include ::cinder::cron::db_purge + } + if $heat_enable_db_purge { + include ::heat::cron::purge_deleted + } if $pacemaker_master { - # Keystone - pacemaker::resource::service { $::keystone::params::service_name : - clone_params => 'interleave=true', - verify_on_create => true, - require => [File['/etc/keystone/ssl/certs/ca.pem'], - File['/etc/keystone/ssl/private/signing_key.pem'], - File['/etc/keystone/ssl/certs/signing_cert.pem']], - } if $enable_load_balancer { pacemaker::constraint::base { 'haproxy-then-keystone-constraint': constraint_type => 'order', first_resource => 'haproxy-clone', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => 'openstack-core-clone', first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } } + + pacemaker::constraint::base { 'openstack-core-then-httpd-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::apache::params::service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::apache::params::service_name], + Pacemaker::Resource::Ocf['openstack-core']], + } pacemaker::constraint::base { 'rabbitmq-then-keystone-constraint': constraint_type => 'order', first_resource => 'rabbitmq-clone', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => 'openstack-core-clone', first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Ocf['rabbitmq'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } - pacemaker::constraint::base { 'memcached-then-keystone-constraint': + pacemaker::constraint::base { 'memcached-then-openstack-core-constraint': constraint_type => 'order', first_resource => 'memcached-clone', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => 'openstack-core-clone', first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service['memcached'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } - pacemaker::constraint::base { 'galera-then-keystone-constraint': + pacemaker::constraint::base { 'galera-then-openstack-core-constraint': constraint_type => 'order', first_resource => 'galera-master', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => 'openstack-core-clone', first_action => 'promote', second_action => 'start', require => [Pacemaker::Resource::Ocf['galera'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } # Cinder pacemaker::resource::service { $::cinder::params::api_service : clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Ocf['openstack-core'], } pacemaker::resource::service { $::cinder::params::scheduler_service : clone_params => 'interleave=true', @@ -1036,12 +1186,12 @@ if hiera('step') >= 4 { pacemaker::constraint::base { 'keystone-then-cinder-api-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => 'openstack-core-clone', second_resource => "${::cinder::params::api_service}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::cinder::params::api_service], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + require => [Pacemaker::Resource::Ocf['openstack-core'], + Pacemaker::Resource::Service[$::cinder::params::api_service]], } pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': constraint_type => 'order', @@ -1076,10 +1226,28 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::cinder::params::volume_service]], } + # Sahara + pacemaker::resource::service { $::sahara::params::api_service_name : + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'], + } + pacemaker::resource::service { $::sahara::params::engine_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'keystone-then-sahara-api-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::sahara::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name], + Pacemaker::Resource::Ocf['openstack-core']], + } + # Glance pacemaker::resource::service { $::glance::params::registry_service_name : clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Ocf['openstack-core'], } pacemaker::resource::service { $::glance::params::api_service_name : clone_params => 'interleave=true', @@ -1087,12 +1255,12 @@ if hiera('step') >= 4 { pacemaker::constraint::base { 'keystone-then-glance-registry-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => 'openstack-core-clone', second_resource => "${::glance::params::registry_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint': constraint_type => 'order', @@ -1130,12 +1298,12 @@ if hiera('step') >= 4 { } -> pacemaker::resource::service { $::neutron::params::server_service: clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name] + require => Pacemaker::Resource::Ocf['openstack-core'] } } else { pacemaker::resource::service { $::neutron::params::server_service: clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name] + require => Pacemaker::Resource::Ocf['openstack-core'] } } if hiera('neutron::enable_l3_agent', true) { @@ -1207,38 +1375,37 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], } } - pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => 'openstack-core-clone', second_resource => "${::neutron::params::server_service}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], + require => [Pacemaker::Resource::Ocf['openstack-core'], Pacemaker::Resource::Service[$::neutron::params::server_service]], } if hiera('neutron::enable_ovs_agent',true) { - pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': + pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': constraint_type => 'order', - first_resource => "${::neutron::params::server_service}-clone", - second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_resource => "${::neutron::params::ovs_agent_service}-clone", + second_resource => "${::neutron::params::dhcp_agent_service}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::neutron::params::server_service], - Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], } } if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) { - pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': + pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': constraint_type => 'order', - first_resource => "${::neutron::params::ovs_agent_service}-clone", - second_resource => "${::neutron::params::dhcp_agent_service}-clone", + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::ovs_agent_service}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], - Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } - } pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation': source => "${::neutron::params::dhcp_agent_service}-clone", target => "${::neutron::params::ovs_agent_service}-clone", @@ -1324,34 +1491,29 @@ if hiera('step') >= 4 { # Nova pacemaker::resource::service { $::nova::params::api_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::conductor_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::consoleauth_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Ocf['openstack-core'], } pacemaker::resource::service { $::nova::params::vncproxy_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::scheduler_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', } pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => 'openstack-core-clone', second_resource => "${::nova::params::consoleauth_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint': constraint_type => 'order', @@ -1421,16 +1583,16 @@ if hiera('step') >= 4 { # Ceilometer case downcase(hiera('ceilometer_backend')) { /mysql/: { - pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Ocf['openstack-core'], } } default: { - pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: clone_params => 'interleave=true', - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], - Pacemaker::Resource::Service[$::mongodb::params::service_name]], + require => [Pacemaker::Resource::Ocf['openstack-core'], + Pacemaker::Resource::Service[$::mongodb::params::service_name]], } } } @@ -1466,12 +1628,12 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => 'openstack-core-clone', second_resource => "${::ceilometer::params::agent_central_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint': constraint_type => 'order', @@ -1541,12 +1703,12 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'keystone-then-heat-api-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => 'openstack-core-clone', second_resource => "${::heat::params::api_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Ocf['openstack-core']], } pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint': constraint_type => 'order', @@ -1606,9 +1768,13 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]], } - # Horizon - pacemaker::resource::service { $::horizon::params::http_service: - clone_params => 'interleave=true', + # Horizon and Keystone + pacemaker::resource::service { $::apache::params::service_name: + clone_params => 'interleave=true', + verify_on_create => true, + require => [File['/etc/keystone/ssl/certs/ca.pem'], + File['/etc/keystone/ssl/private/signing_key.pem'], + File['/etc/keystone/ssl/certs/signing_cert.pem']], } #VSM @@ -1645,12 +1811,11 @@ if hiera('step') >= 5 { if $pacemaker_master { class {'::keystone::roles::admin' : - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } -> class {'::keystone::endpoint' : - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } - } } #END STEP 5 diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index eb4e9680..ae074589 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -16,12 +16,16 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + include ::swift class { '::swift::storage::all': mount_check => str2bool(hiera('swift_mount_check')), diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 7a0136a7..134dc43b 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -16,12 +16,16 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + include ::cinder include ::cinder::config include ::cinder::glance @@ -40,7 +44,7 @@ if $cinder_enable_iscsi { $cinder_enabled_backends = any2array($cinder_iscsi_backend) class { '::cinder::backends' : - enabled_backends => $cinder_enabled_backends, + enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), } $snmpd_user = hiera('snmpd_readonly_user_name') diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index d22f5386..eb06b241 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -12,9 +12,19 @@ parameters: type: json description: Value which changes if the node configuration may need to be re-applied - resources: + StorageArtifactsConfig: + type: deploy-artifacts.yaml + + StorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: StorageArtifactsConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + StoragePuppetConfig: type: OS::Heat::SoftwareConfig properties: @@ -28,7 +38,9 @@ resources: StorageDeployment_Step1: type: OS::Heat::StructuredDeployments + depends_on: StorageArtifactsDeploy properties: + name: StorageDeployment_Step1 servers: {get_param: servers} config: {get_resource: StoragePuppetConfig} input_values: @@ -49,6 +61,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: StorageDeployment_Step1 properties: + name: StorageRingbuilderDeployment_Step2 servers: {get_param: servers} config: {get_resource: StorageRingbuilderPuppetConfig} input_values: diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index b60664a1..3b04be83 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -61,9 +61,17 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on Ceph nodes. + type: string Hostname: type: string default: '' # Defaults to Heat created hostname + HostnameMap: + type: json + default: {} + description: Optional mapping to override hostnames ExtraConfig: default: {} description: | @@ -116,7 +124,10 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} - name: {get_param: Hostname} + name: + str_replace: + template: {get_param: Hostname} + params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -187,15 +198,22 @@ resources: properties: ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} + ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} TenantIp: {get_attr: [TenantPort, ip_address]} + TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} ManagementIp: {get_attr: [ManagementPort, ip_address]} + ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: SwiftStorage} actions: {get_param: NetworkDeploymentActions} @@ -234,6 +252,7 @@ resources: swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} # NOTE(dprince): build_ring support is currently not wired in. # See: https://review.openstack.org/#/c/109225/ tripleo::ringbuilder::build_ring: True @@ -247,6 +266,7 @@ resources: type: OS::Heat::StructuredDeployment depends_on: NetworkDeployment properties: + name: SwiftStorageHieraDeploy server: {get_resource: SwiftStorage} config: {get_resource: SwiftStorageHieraConfig} input_values: @@ -259,6 +279,7 @@ resources: swift_part_power: {get_param: PartPower} swift_replicas: { get_param: Replicas} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} @@ -294,11 +315,54 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST.DOMAIN HOST" + template: | + PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST + EXTERNALIP EXTERNALHOST + INTERNAL_APIIP INTERNAL_APIHOST + STORAGEIP STORAGEHOST + STORAGE_MGMTIP STORAGE_MGMTHOST + TENANTIP TENANTHOST + MANAGEMENTIP MANAGEMENTHOST params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - HOST: {get_attr: [SwiftStorage, name]} + PRIMARYHOST: {get_attr: [SwiftStorage, name]} + EXTERNALIP: {get_attr: [ExternalPort, ip_address]} + EXTERNALHOST: + list_join: + - '-' + - - {get_attr: [SwiftStorage, name]} + - external + INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} + INTERNAL_APIHOST: + list_join: + - '-' + - - {get_attr: [SwiftStorage, name]} + - internalapi + STORAGEIP: {get_attr: [StoragePort, ip_address]} + STORAGEHOST: + list_join: + - '-' + - - {get_attr: [SwiftStorage, name]} + - storage + STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} + STORAGE_MGMTHOST: + list_join: + - '-' + - - {get_attr: [SwiftStorage, name]} + - storagemgmt + TENANTIP: {get_attr: [TenantPort, ip_address]} + TENANTHOST: + list_join: + - '-' + - - {get_attr: [SwiftStorage, name]} + - tenant + MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} + MANAGEMENTHOST: + list_join: + - '-' + - - {get_attr: [SwiftStorage, name]} + - management nova_server_resource: description: Heat resource handle for the swift storage server value: @@ -309,7 +373,7 @@ outputs: str_replace: template: 'r1z1-IP:%PORT%/d1' params: - IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} external_ip_address: description: IP address of the server in the external network value: {get_attr: [ExternalPort, ip_address]} diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 1dec489c..5e2f698f 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -16,9 +16,12 @@ resources: keystone_admin_api_vip: {get_input: keystone_admin_api_vip} keystone_public_api_vip: {get_input: keystone_public_api_vip} neutron_api_vip: {get_input: neutron_api_vip} + # TODO: pass a `midonet_api_vip` var + midonet_api_vip: {get_input: neutron_api_vip} cinder_api_vip: {get_input: cinder_api_vip} glance_api_vip: {get_input: glance_api_vip} glance_registry_vip: {get_input: glance_registry_vip} + sahara_api_vip: {get_input: sahara_api_vip} swift_proxy_vip: {get_input: swift_proxy_vip} nova_api_vip: {get_input: nova_api_vip} nova_metadata_vip: {get_input: nova_metadata_vip} diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index cb5669a7..fe690d8c 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -16,11 +16,13 @@ import sys import traceback import yaml -base_path = sys.argv[1] -exit_val = 0 -failed_files = [] + +def exit_usage(): + print('Usage %s <yaml file or directory>' % sys.argv[0]) + sys.exit(1) def validate(filename): + print('Validating %s' % filename) try: yaml.load(open(filename).read()) except Exception: @@ -28,14 +30,31 @@ def validate(filename): return 1 return 0 -for subdir, dirs, files in os.walk(base_path): - for f in files: - if f.endswith('.yaml'): - file_path = os.path.join(subdir, f) - failed = validate(file_path) - if failed: - failed_files.append(file_path) - exit_val |= failed +if len(sys.argv) < 2: + exit_usage() + +path_args = sys.argv[1:] +exit_val = 0 +failed_files = [] + +for base_path in path_args: + if os.path.isdir(base_path): + for subdir, dirs, files in os.walk(base_path): + for f in files: + if f.endswith('.yaml'): + file_path = os.path.join(subdir, f) + failed = validate(file_path) + if failed: + failed_files.append(file_path) + exit_val |= failed + elif os.path.isfile(base_path) and base_path.endswith('.yaml'): + failed = validate(base_path) + if failed: + failed_files.append(base_path) + exit_val |= failed + else: + print('Unexpected argument %s' % base_path) + exit_usage() if failed_files: print('Validation failed on:') @@ -10,5 +10,5 @@ deps = -r{toxinidir}/requirements.txt [testenv:venv] commands = {posargs} -[testenv:validate] -commands = python ./tools/yaml-validate.py .
\ No newline at end of file +[testenv:pep8] +commands = python ./tools/yaml-validate.py . diff --git a/validation-scripts/all-nodes.sh b/validation-scripts/all-nodes.sh index 8057f201..31b4d6bf 100644 --- a/validation-scripts/all-nodes.sh +++ b/validation-scripts/all-nodes.sh @@ -1,27 +1,32 @@ #!/bin/bash +set -e # For each unique remote IP (specified via Heat) we check to # see if one of the locally configured networks matches and if so we # attempt a ping test the remote network IP. function ping_controller_ips() { local REMOTE_IPS=$1 - for REMOTE_IP in $(echo $REMOTE_IPS | sed -e "s| |\n|g" | sort -u); do - - for LOCAL_NETWORK in $(ip r | grep -v default | cut -d " " -f 1); do - local LOCAL_CIDR=$(echo $LOCAL_NETWORK | cut -d "/" -f 2) - local LOCAL_NETMASK=$(ipcalc -m $LOCAL_NETWORK | grep NETMASK | cut -d "=" -f 2) - local REMOTE_NETWORK=$(ipcalc -np $REMOTE_IP $LOCAL_NETMASK | grep NETWORK | cut -d "=" -f 2) - - if [ $REMOTE_NETWORK/$LOCAL_CIDR == $LOCAL_NETWORK ]; then - echo -n "Trying to ping $REMOTE_IP for local network $LOCAL_NETWORK..." - if ! ping -W 300 -c 1 $REMOTE_IP &> /dev/null; then - echo "FAILURE" - echo "$REMOTE_IP is not pingable. Local Network: $LOCAL_NETWORK" >&2 - exit 1 - fi - echo "SUCCESS" - fi + if [[ $REMOTE_IP =~ ":" ]]; then + networks=$(ip -6 r | grep -v default | cut -d " " -f 1 | grep -v "unreachable") + ping=ping6 + else + networks=$(ip r | grep -v default | cut -d " " -f 1) + ping=ping + fi + for LOCAL_NETWORK in $networks; do + in_network=$(python -c "import ipaddr; net=ipaddr.IPNetwork('$LOCAL_NETWORK'); addr=ipaddr.IPAddress('$REMOTE_IP'); print(addr in net)") + if [[ $in_network == "True" ]]; then + echo -n "Trying to ping $REMOTE_IP for local network $LOCAL_NETWORK..." + set +e + if ! $ping -W 300 -c 1 $REMOTE_IP &> /dev/null; then + echo "FAILURE" + echo "$REMOTE_IP is not pingable. Local Network: $LOCAL_NETWORK" >&2 + exit 1 + fi + set -e + echo "SUCCESS" + fi done done } @@ -32,6 +37,7 @@ function ping_controller_ips() { # multiple gateways. function ping_default_gateways() { DEFAULT_GW=$(ip r | grep ^default | cut -d " " -f 3) + set +e for GW in $DEFAULT_GW; do echo -n "Trying to ping default gateway ${GW}..." if ! ping -c 1 $GW &> /dev/null; then @@ -40,6 +46,7 @@ function ping_default_gateways() { exit 1 fi done + set -e echo "SUCCESS" } |