diff options
| -rw-r--r-- | docker/firstboot/start_docker_agents.sh | 16 | ||||
| -rwxr-xr-x | extraconfig/tasks/pacemaker_maintenance_mode.sh | 19 | ||||
| -rw-r--r-- | extraconfig/tasks/pre_puppet_pacemaker.yaml | 9 | ||||
| -rw-r--r-- | network/endpoints/endpoint_data.yaml | 3 | ||||
| -rw-r--r-- | network/endpoints/endpoint_map.yaml | 117 | ||||
| -rw-r--r-- | overcloud-resource-registry-puppet.yaml | 3 | ||||
| -rw-r--r-- | overcloud.yaml | 18 | ||||
| -rw-r--r-- | puppet/controller-config-pacemaker.yaml | 5 | ||||
| -rw-r--r-- | puppet/controller-config.yaml | 5 | ||||
| -rw-r--r-- | puppet/controller-post.yaml | 7 | ||||
| -rw-r--r-- | puppet/controller.yaml | 6 | ||||
| -rw-r--r-- | puppet/hieradata/controller.yaml | 1 | ||||
| -rw-r--r-- | puppet/services/README.rst | 50 | ||||
| -rw-r--r-- | puppet/services/services.yaml | 40 |
14 files changed, 156 insertions, 143 deletions
diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh index bb458a68..027aed40 100644 --- a/docker/firstboot/start_docker_agents.sh +++ b/docker/firstboot/start_docker_agents.sh @@ -48,23 +48,13 @@ fi /sbin/setenforce 0 /sbin/modprobe ebtables +# CentOS sets ptmx to 000. Withoutit being 666, we can't use Cinder volumes +chmod 666 /dev/pts/ptmx + # We need hostname -f to return in a centos container for the puppet hook HOSTNAME=$(hostname) echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts -# Another hack.. we need a different docker version -# (should obviously be dropped once the atomic image contains docker 1.8.2) -/usr/bin/systemctl stop docker.service -/bin/curl -o /tmp/docker https://get.docker.com/builds/Linux/x86_64/docker-1.8.2 -/bin/mount -o remount,rw /usr -/bin/rm /bin/docker -/bin/cp /tmp/docker /bin/docker -/bin/chmod 755 /bin/docker - -# enable and start docker -/usr/bin/systemctl enable docker.service -/usr/bin/systemctl restart --no-block docker.service - # enable and start heat-docker-agents chmod 0640 /etc/systemd/system/heat-docker-agents.service /usr/bin/systemctl enable heat-docker-agents.service diff --git a/extraconfig/tasks/pacemaker_maintenance_mode.sh b/extraconfig/tasks/pacemaker_maintenance_mode.sh new file mode 100755 index 00000000..ddc84ad2 --- /dev/null +++ b/extraconfig/tasks/pacemaker_maintenance_mode.sh @@ -0,0 +1,19 @@ +#!/bin/bash +set -x + +# On initial deployment, the pacemaker service is disabled and is-active exits +# 3 in that case, so allow this to fail gracefully. +pacemaker_status=$(systemctl is-active pacemaker || :) + +if [ "$pacemaker_status" = "active" ]; then + pcs property set maintenance-mode=true +fi + +# We need to reload haproxy in case the certificate changed because +# puppet doesn't know the contents of the cert file. We shouldn't +# reload it if it wasn't already active (such as if using external +# loadbalancer or on initial deployment). +haproxy_status=$(systemctl is-active haproxy || :) +if [ "$haproxy_status" = "active" ]; then + systemctl reload haproxy +fi diff --git a/extraconfig/tasks/pre_puppet_pacemaker.yaml b/extraconfig/tasks/pre_puppet_pacemaker.yaml index 2cfe92a7..82546588 100644 --- a/extraconfig/tasks/pre_puppet_pacemaker.yaml +++ b/extraconfig/tasks/pre_puppet_pacemaker.yaml @@ -14,13 +14,8 @@ resources: type: OS::Heat::SoftwareConfig properties: group: script - config: | - #!/bin/bash - pacemaker_status=$(systemctl is-active pacemaker) - - if [ "$pacemaker_status" = "active" ]; then - pcs property set maintenance-mode=true - fi + config: + get_file: pacemaker_maintenance_mode.sh ControllerPrePuppetMaintenanceModeDeployment: type: OS::Heat::SoftwareDeployments diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index a74d75da..edcfaca1 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -123,17 +123,14 @@ Nova: vip_param: NovaApi uri_suffixes: '': /v2.1/%(tenant_id)s - V3: /v3 Public: vip_param: Public uri_suffixes: '': /v2.1/%(tenant_id)s - V3: /v3 Admin: vip_param: NovaApi uri_suffixes: '': /v2.1/%(tenant_id)s - V3: /v3 port: 8774 NovaEC2: diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index 956fb0ba..07266f98 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -1307,123 +1307,6 @@ outputs: IP_ADDRESS: {get_param: PublicVirtualIP} - ':' - get_param: [EndpointMap, NovaPublic, port] - NovaV3Admin: - host: - str_replace: - template: - get_param: [EndpointMap, NovaAdmin, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} - port: - get_param: [EndpointMap, NovaAdmin, port] - protocol: - get_param: [EndpointMap, NovaAdmin, protocol] - uri: - list_join: - - '' - - - get_param: [EndpointMap, NovaAdmin, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, NovaAdmin, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} - - ':' - - get_param: [EndpointMap, NovaAdmin, port] - - /v3 - uri_no_suffix: - list_join: - - '' - - - get_param: [EndpointMap, NovaAdmin, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, NovaAdmin, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} - - ':' - - get_param: [EndpointMap, NovaAdmin, port] - NovaV3Internal: - host: - str_replace: - template: - get_param: [EndpointMap, NovaInternal, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} - port: - get_param: [EndpointMap, NovaInternal, port] - protocol: - get_param: [EndpointMap, NovaInternal, protocol] - uri: - list_join: - - '' - - - get_param: [EndpointMap, NovaInternal, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, NovaInternal, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} - - ':' - - get_param: [EndpointMap, NovaInternal, port] - - /v3 - uri_no_suffix: - list_join: - - '' - - - get_param: [EndpointMap, NovaInternal, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, NovaInternal, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} - - ':' - - get_param: [EndpointMap, NovaInternal, port] - NovaV3Public: - host: - str_replace: - template: - get_param: [EndpointMap, NovaPublic, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} - port: - get_param: [EndpointMap, NovaPublic, port] - protocol: - get_param: [EndpointMap, NovaPublic, protocol] - uri: - list_join: - - '' - - - get_param: [EndpointMap, NovaPublic, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, NovaPublic, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} - - ':' - - get_param: [EndpointMap, NovaPublic, port] - - /v3 - uri_no_suffix: - list_join: - - '' - - - get_param: [EndpointMap, NovaPublic, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, NovaPublic, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} - - ':' - - get_param: [EndpointMap, NovaPublic, port] NovaEC2Admin: host: str_replace: diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 54074d12..bc3b7241 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -122,6 +122,9 @@ resource_registry: # validation resources OS::TripleO::AllNodes::Validation: all-nodes-validation.yaml + # services + OS::TripleO::Services: puppet/services/services.yaml + parameter_defaults: EnablePackageInstall: false SoftwareConfigTransport: POLL_TEMP_URL diff --git a/overcloud.yaml b/overcloud.yaml index 19e847a5..cd724b3e 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-04-08 description: > Deploy an OpenStack environment, consisting of several node types (roles), @@ -711,6 +711,13 @@ parameters: via parameter_defaults in the resource registry. type: json + ControllerServices: + default: [] + description: A list of service resources (configured in the Heat + resource_registry) which represent nested stacks + for each service that should get installed on the Controllers. + type: comma_delimited_list + # Block storage specific parameters BlockStorageCount: type: number @@ -892,6 +899,13 @@ resources: SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} PublicVirtualIP: {get_attr: [VipMap, net_ip_uri_map, external]} + ControllerServiceChain: + type: OS::TripleO::Services + properties: + Services: {get_param: ControllerServices} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + MysqlVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + Controller: type: OS::Heat::ResourceGroup depends_on: Networks @@ -1043,6 +1057,7 @@ resources: NodeIndex: '%index%' ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: ControllerSchedulerHints} + ServiceConfigSettings: {get_attr: [ControllerServiceChain, config_settings]} Compute: type: OS::Heat::ResourceGroup @@ -1611,6 +1626,7 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} controller_config: {get_attr: [Controller, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} + StepConfig: {get_attr: [ControllerServiceChain, step_config]} ComputeNodesPostDeployment: type: OS::TripleO::ComputePostDeployment diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index 21db825a..dfebcf82 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -8,6 +8,10 @@ parameters: default: false description: Whether to run config management (e.g. Puppet) in debug mode. type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' resources: @@ -26,6 +30,7 @@ resources: - '' - - get_file: manifests/overcloud_controller_pacemaker.pp - get_file: manifests/ringbuilder.pp + - {get_param: StepConfig} outputs: OS::stack_id: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index f7a6a56d..458aff32 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -8,6 +8,10 @@ parameters: default: false description: Whether to run config management (e.g. Puppet) in debug mode. type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' resources: @@ -26,6 +30,7 @@ resources: - '' - - get_file: manifests/overcloud_controller.pp - get_file: manifests/ringbuilder.pp + - {get_param: StepConfig} outputs: OS::stack_id: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 04f20b61..80b08a06 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -13,7 +13,10 @@ parameters: NodeConfigIdentifiers: type: json description: Value which changes if the node configuration may need to be re-applied - + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' resources: @@ -35,6 +38,8 @@ resources: ControllerPuppetConfig: type: OS::TripleO::ControllerConfig + properties: + StepConfig: {get_param: StepConfig} # Step through a series of Puppet runs using the same manifest. # NOTE: To enable stepping through the deployments via heat hooks, diff --git a/puppet/controller.yaml b/puppet/controller.yaml index efdf08bb..d966700f 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -790,6 +790,9 @@ parameters: type: json description: Optional scheduler hints to pass to nova default: {} + ServiceConfigSettings: + type: json + default: {} resources: @@ -1294,6 +1297,7 @@ resources: - heat_config_%{::deploy_config_name} - controller_extraconfig - extraconfig + - service_configs - controller - database - object @@ -1316,6 +1320,8 @@ resources: - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre datafiles: + service_configs: + mapped_data: {get_param: ServiceConfigSettings} controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} extraconfig: diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 3e523f1b..5e87793a 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -90,7 +90,6 @@ neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf # nova nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' -nova::api::osapi_v3: true nova::api::sync_db_api: true nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::cron::archive_deleted_rows::hour: '*/12' diff --git a/puppet/services/README.rst b/puppet/services/README.rst new file mode 100644 index 00000000..38d2ac64 --- /dev/null +++ b/puppet/services/README.rst @@ -0,0 +1,50 @@ +======== +services +======== + +A TripleO nested stack Heat template that encapsulates generic configuration +data to configure a specific service. This generally includes everything +needed to configure the service excluding the local bind ports which +are still managed in the per-node role templates directly (controller.yaml, +compute.yaml, etc.). All other (global) service settings go into +the puppet/service templates. + +Input Parameters +---------------- + +Each service may define its own input parameters and defaults. +Operators will use the parameter_defaults section of any Heat +environment to set per service parameters. + +Config Settings +--------------- + +Each service may define a config_settings output variable which returns +Hiera settings to be configured. + +Steps +----- + +Each service may define an output variable which returns a puppet manifest +snippet that will run at each of the following steps. Earlier manifests +are re-asserted when applying latter ones. + + * config_settings: Custom hiera settings for this service. + + * step_config: A puppet manifest that is used to step through the deployment + sequence. Each sequence is given a "step" (via hiera('step') that provides + information for when puppet classes should activate themselves. + + Steps correlate to the following: + + 1) Load Balancer configuration + + 2) Core Services (Database/Rabbit/NTP/etc.) + + 3) Early Openstack Service setup (Ringbuilder, etc.) + + 4) General OpenStack Services + + 5) Service activation (Pacemaker) + + 6) Fencing (Pacemaker) diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml new file mode 100644 index 00000000..f9681634 --- /dev/null +++ b/puppet/services/services.yaml @@ -0,0 +1,40 @@ +heat_template_version: 2016-04-08 + +description: > + Utility stack to convert an array of services into a set of combined + role configs. + +parameters: + Services: + default: [] + description: | + List nested stack service templates. + type: comma_delimited_list + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + default: '' + type: string + description: The URI virtual IP for the MySQL service. + +resources: + + ServiceChain: + type: OS::Heat::ResourceChain + properties: + resources: {get_param: Services} + concurrent: true + resource_properties: + EndpointMap: {get_param: EndpointMap} + MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri} + +outputs: + config_settings: + description: Configuration settings. + value: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} + step_config: + description: Step configuration. + value: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]} |