summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--capabilities_map.yaml226
-rw-r--r--environments/puppet-pacemaker.yaml2
-rw-r--r--extraconfig/tasks/noop.yaml10
-rwxr-xr-xextraconfig/tasks/pacemaker_resource_restart.sh63
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker.yaml44
-rw-r--r--extraconfig/tasks/pre_puppet_pacemaker.yaml30
-rw-r--r--overcloud-resource-registry-puppet.yaml4
-rw-r--r--overcloud.yaml2
-rw-r--r--puppet/all-nodes-config.yaml14
-rw-r--r--puppet/controller-post.yaml18
10 files changed, 412 insertions, 1 deletions
diff --git a/capabilities_map.yaml b/capabilities_map.yaml
new file mode 100644
index 00000000..30ee211e
--- /dev/null
+++ b/capabilities_map.yaml
@@ -0,0 +1,226 @@
+# This file holds metadata about the capabilities of the tripleo-heat-templates
+# repository for deployment using puppet. It groups configuration by topic,
+# describes possible combinations of environments and resource capabilities.
+
+# root_template: identifies repository's root template
+# root_environment: identifies root_environment, this one is special in terms of
+# order in which the environments are merged before deploying. This one serves as
+# a base and it's parameters/resource_registry gets overriden by other environments
+# if used.
+
+# topics:
+# High Level grouping by purpose of environments
+# Attributes:
+# title: (required)
+# description: (optional)
+# environment_groups: (required)
+
+# environment_groups:
+# Identifies an environment choice. If group includes multiple environments it
+# indicates that environments in group are mutually exclusive.
+# Attributes:
+# title: (optional)
+# description: (optional)
+# tags: a list of tags to provide aditional information for e.g. filtering (optional)
+# environments: (required)
+
+# environments:
+# List of environments in environment group
+# Attributes:
+# file: a file name including path within repository (required)
+# title: (required)
+# description: (optional)
+# requires: an array of environments which are required by this environment (optional)
+# resource_registry: [tbd] (optional)
+
+# resource_registry:
+# [tbd] Each environment can provide options on resource_registry level applicable
+# only when that given environment is used. (resource_type of that environment can
+# be implemented using multiple templates).
+
+root_template: overcloud.yaml
+root_environment: overcloud-resource-registry-puppet.yaml
+topics:
+ - title: Basic Configuration
+ description:
+ environment_groups:
+ - title:
+ description: Enable basic configuration required for OpenStack Deployment
+ environments:
+ - file: overcloud-resource-registry-puppet.yaml
+ title: Default Configuration
+ description:
+
+ - title: Deployment options
+ description:
+ environment_groups:
+ - title: High Availability
+ description: Enables configuration of an Overcloud controller with Pacemaker
+ environments:
+ - file: environments/puppet-pacemaker.yaml
+ title: Pacemaker
+ description: Enable configuration of an Overcloud controller with Pacemaker
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Docker RDO
+ description: >
+ Docker container with heat agents for containerized compute node
+ environments:
+ - file: environments/docker-rdo.yaml
+ title: Docker RDO
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+
+ # - title: Network Interface Configuration
+ # description:
+ # environment_groups:
+
+ - title: Overlay network Configuration
+ description:
+ environment_groups:
+ - title: Network Isolation
+ description: >
+ Enable the creation of Neutron networks for
+ isolated Overcloud traffic and configure each role to assign ports
+ (related to that role) on these networks.
+ environments:
+ - file: environments/network-isolation.yaml
+ title: Network Isolation
+ description: Enable Network Isolation
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Single nic or Bonding
+ description: >
+ Configure roles to use pair of bonded nics or to use Vlans on a
+ single nic. This option assumes use of Network Isolation.
+ environments:
+ - file: environments/net-bond-with-vlans.yaml
+ title: Bond with Vlans
+ description: >
+ Configure each role to use a pair of bonded nics (nic2 and
+ nic3) and configures an IP address on each relevant isolated network
+ for each role. This option assumes use of Network Isolation.
+ requires:
+ - environments/network-isolation.yaml
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/net-single-nic-with-vlans.yaml
+ title: Single nic with Vlans
+ description: >
+ Configure each role to use Vlans on a single nic for
+ each isolated network. This option assumes use of Network Isolation.
+ requires:
+ - environments/network-isolation.yaml
+ - overcloud-resource-registry-puppet.yaml
+
+ - title: Neutron Plugin Configuration
+ description:
+ environment_groups:
+ - title: BigSwitch extensions or Cisco N1KV backend
+ description:
+ environments:
+ - file: environments/neutron-ml2-bigswitch.yaml
+ title: BigSwitch extensions
+ description: >
+ Enable Big Switch extensions, configured via puppet
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/neutron-ml2-cisco-n1kv.yaml
+ title: Cisco N1KV backend
+ description: >
+ Enable a Cisco N1KV backend, configured via puppet
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Cisco Neutron plugin
+ description: >
+ Enable a Cisco Neutron plugin
+ environments:
+ - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
+ title: Cisco Neutron plugin
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+
+ - title: Storage
+ description:
+ environment_groups:
+ - title: Cinder NetApp backend
+ description: >
+ Enable a Cinder NetApp backend, configured via puppet
+ environments:
+ - file: environments/cinder-netapp-config.yaml
+ title: Cinder NetApp backend
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Externally managed Ceph
+ description: >
+ Enable the use of an externally managed Ceph cluster
+ environments:
+ - file: environments/puppet-ceph-external.yaml
+ title: Externally managed Ceph
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Ceph Devel
+ description: >
+ Enable a Ceph storage cluster using the controller and 2 ceph nodes.
+ Rbd backends are enabled for Cinder, Glance, and Nova.
+ environments:
+ - file: environments/puppet-ceph-devel.yaml
+ title: Ceph Devel
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Storage Environment
+ description: >
+ Can be used to set up storage backends. Defaults to Ceph used as a
+ backend for Cinder, Glance and Nova ephemeral storage. It configures
+ for example which services will use Ceph, or if any of the services
+ will use NFS. And more. Usually requires to be edited by user first.
+ tags:
+ - no-gui
+ environments:
+ - file: environments/storage-environment.yaml
+ title: Storage Environment
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+
+ - title: Utilities
+ description:
+ environment_groups:
+ - title: Config Debug
+ description: Enable config management (e.g. Puppet) debugging
+ environments:
+ - file: environments/config-debug.yaml
+ title: Config Debug
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Disable journal in MongoDb
+ description: >
+ Since, when journaling is enabled, MongoDb will create big journal
+ file it can take time. In a CI environment for example journaling is
+ not necessary.
+ environments:
+ - file: environments/mongodb-nojournal.yaml
+ title: Disable journal in MongoDb
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: Overcloud Steps
+ description: >
+ Specifies hooks/breakpoints where overcloud deployment should stop
+ Allows operator validation between steps, and/or more granular control.
+ Note: the wildcards relate to naming convention for some resource suffixes,
+ e.g see puppet/*-post.yaml, enabling this will mean we wait for
+ a user signal on every *Deployment_StepN resource defined in those files.
+ tags:
+ - no-gui
+ environments:
+ - file: environments/overcloud-steps.yaml
+ title: Overcloud Steps
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml
index f235cf8f..8986e35f 100644
--- a/environments/puppet-pacemaker.yaml
+++ b/environments/puppet-pacemaker.yaml
@@ -2,3 +2,5 @@
# Overcloud controller with Pacemaker.
resource_registry:
OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml
diff --git a/extraconfig/tasks/noop.yaml b/extraconfig/tasks/noop.yaml
new file mode 100644
index 00000000..0cff7469
--- /dev/null
+++ b/extraconfig/tasks/noop.yaml
@@ -0,0 +1,10 @@
+heat_template_version: 2014-10-16
+description: 'No-op task'
+
+parameters:
+ servers:
+ type: json
+ input_values:
+ type: json
+ default: {}
+ description: input values for the software deployments
diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh
new file mode 100755
index 00000000..ad3c3701
--- /dev/null
+++ b/extraconfig/tasks/pacemaker_resource_restart.sh
@@ -0,0 +1,63 @@
+#!/bin/bash
+
+set -eux
+
+pacemaker_status=$(systemctl is-active pacemaker)
+check_interval=3
+
+function check_resource {
+
+ service=$1
+ state=$2
+ timeout=$3
+ tstart=$(date +%s)
+ tend=$(( $tstart + $timeout ))
+
+ if [ "$state" = "stopped" ]; then
+ match_for_incomplete='Started'
+ else # started
+ match_for_incomplete='Stopped'
+ fi
+
+ while (( $(date +%s) < $tend )); do
+ node_states=$(pcs status --full | grep "$service" | grep -v Clone)
+ if echo "$node_states" | grep -q "$match_for_incomplete"; then
+ echo "$service not yet $state, sleeping $check_interval seconds."
+ sleep $check_interval
+ else
+ echo "$service has $state"
+ return
+ fi
+ done
+
+ echo "$service never $state after $timeout seconds" | tee /dev/fd/2
+ exit 1
+
+}
+
+# Run if pacemaker is running, we're the bootstrap node,
+# and we're updating the deployment (not creating).
+if [ "$pacemaker_status" = "active" -a \
+ "$(hiera bootstrap_nodeid)" = "$(facter hostname)" -a \
+ "$(hiera update_identifier)" != "nil" ]; then
+
+ pcs resource disable httpd
+ check_resource httpd stopped 300
+ pcs resource disable openstack-keystone
+ check_resource openstack-keystone stopped 1200
+
+ if pcs status | grep haproxy-clone; then
+ pcs resource restart haproxy-clone
+ fi
+ pcs resource restart redis-master
+ pcs resource restart mongod-clone
+ pcs resource restart rabbitmq-clone
+ pcs resource restart memcached-clone
+ pcs resource restart galera-master
+
+ pcs resource enable openstack-keystone
+ check_resource openstack-keystone started 300
+ pcs resource enable httpd
+ check_resource httpd started 800
+
+fi
diff --git a/extraconfig/tasks/post_puppet_pacemaker.yaml b/extraconfig/tasks/post_puppet_pacemaker.yaml
new file mode 100644
index 00000000..7de41d94
--- /dev/null
+++ b/extraconfig/tasks/post_puppet_pacemaker.yaml
@@ -0,0 +1,44 @@
+heat_template_version: 2014-10-16
+description: 'Post-Puppet Config for Pacemaker deployments'
+
+parameters:
+ servers:
+ type: json
+ input_values:
+ type: json
+ description: input values for the software deployments
+
+resources:
+
+ ControllerPostPuppetMaintenanceModeConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ pacemaker_status=$(systemctl is-active pacemaker)
+
+ if [ "$pacemaker_status" = "active" ]; then
+ pcs property set maintenance-mode=false
+ fi
+
+ ControllerPostPuppetMaintenanceModeDeployment:
+ type: OS::Heat::SoftwareDeployments
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: ControllerPostPuppetMaintenanceModeConfig}
+ input_values: {get_param: input_values}
+
+ ControllerPostPuppetRestartConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: pacemaker_resource_restart.sh}
+
+ ControllerPostPuppetRestartDeployment:
+ type: OS::Heat::SoftwareDeployments
+ depends_on: ControllerPostPuppetMaintenanceModeDeployment
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: ControllerPostPuppetRestartConfig}
+ input_values: {get_param: input_values}
diff --git a/extraconfig/tasks/pre_puppet_pacemaker.yaml b/extraconfig/tasks/pre_puppet_pacemaker.yaml
new file mode 100644
index 00000000..2cfe92a7
--- /dev/null
+++ b/extraconfig/tasks/pre_puppet_pacemaker.yaml
@@ -0,0 +1,30 @@
+heat_template_version: 2014-10-16
+description: 'Pre-Puppet Config for Pacemaker deployments'
+
+parameters:
+ servers:
+ type: json
+ input_values:
+ type: json
+ description: input values for the software deployments
+
+resources:
+
+ ControllerPrePuppetMaintenanceModeConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ pacemaker_status=$(systemctl is-active pacemaker)
+
+ if [ "$pacemaker_status" = "active" ]; then
+ pcs property set maintenance-mode=true
+ fi
+
+ ControllerPrePuppetMaintenanceModeDeployment:
+ type: OS::Heat::SoftwareDeployments
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: ControllerPrePuppetMaintenanceModeConfig}
+ input_values: {get_param: input_values}
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index c072c292..77368d0a 100644
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -21,7 +21,11 @@ resource_registry:
OS::TripleO::CephClusterConfig::SoftwareConfig: puppet/ceph-cluster-config.yaml
OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml
+
+ # Tasks (for internal TripleO usage)
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
+ OS::TripleO::Tasks::ControllerPrePuppet: extraconfig/tasks/noop.yaml
+ OS::TripleO::Tasks::ControllerPostPuppet: extraconfig/tasks/noop.yaml
# This creates the "heat-admin" user for all OS images by default
# To disable, replace with firstboot/userdata_default.yaml
diff --git a/overcloud.yaml b/overcloud.yaml
index d7de28f9..1a571120 100644
--- a/overcloud.yaml
+++ b/overcloud.yaml
@@ -1167,6 +1167,8 @@ resources:
neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ DeployIdentifier: {get_param: DeployIdentifier}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
MysqlRootPassword:
type: OS::Heat::RandomString
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 3908afee..895ddc3d 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -51,6 +51,17 @@ parameters:
keystone_admin_api_node_ips:
type: comma_delimited_list
+ DeployIdentifier:
+ type: string
+ description: >
+ Setting this to a unique value will re-run any deployment tasks which
+ perform configuration on a Heat stack-update.
+ UpdateIdentifier:
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+
resources:
allNodesConfigImpl:
@@ -240,6 +251,9 @@ resources:
nova::rabbit_hosts: *rabbit_nodes_array
keystone::rabbit_hosts: *rabbit_nodes_array
+ deploy_identifier: {get_param: DeployIdentifier}
+ update_identifier: {get_param: UpdateIdentifier}
+
outputs:
config_id:
description: The ID of the allNodesConfigImpl resource.
diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml
index 941e1ac5..ed8129e7 100644
--- a/puppet/controller-post.yaml
+++ b/puppet/controller-post.yaml
@@ -17,6 +17,13 @@ parameters:
resources:
+ ControllerPrePuppet:
+ type: OS::TripleO::Tasks::ControllerPrePuppet
+ properties:
+ servers: {get_param: servers}
+ input_values:
+ update_identifier: {get_param: NodeConfigIdentifiers}
+
ControllerPuppetConfig:
type: OS::TripleO::ControllerConfig
@@ -26,6 +33,7 @@ resources:
# e.g all Deployment resources should have a *Deployment_StepN suffix
ControllerLoadBalancerDeployment_Step1:
type: OS::Heat::StructuredDeployments
+ depends_on: ControllerPrePuppet
properties:
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
@@ -98,10 +106,18 @@ resources:
step: 5
update_identifier: {get_param: NodeConfigIdentifiers}
+ ControllerPostPuppet:
+ type: OS::TripleO::Tasks::ControllerPostPuppet
+ depends_on: ControllerOvercloudServicesDeployment_Step6
+ properties:
+ servers: {get_param: servers}
+ input_values:
+ update_identifier: {get_param: NodeConfigIdentifiers}
+
# Note, this should come last, so use depends_on to ensure
# this is created after any other resources.
ExtraConfig:
- depends_on: ControllerOvercloudServicesDeployment_Step5
+ depends_on: ControllerPostPuppet
type: OS::TripleO::NodeExtraConfigPost
properties:
servers: {get_param: servers}