diff options
-rw-r--r-- | capabilities_map.yaml | 226 | ||||
-rw-r--r-- | environments/puppet-pacemaker.yaml | 2 | ||||
-rw-r--r-- | extraconfig/tasks/noop.yaml | 10 | ||||
-rwxr-xr-x | extraconfig/tasks/pacemaker_resource_restart.sh | 63 | ||||
-rw-r--r-- | extraconfig/tasks/post_puppet_pacemaker.yaml | 44 | ||||
-rw-r--r-- | extraconfig/tasks/pre_puppet_pacemaker.yaml | 30 | ||||
-rw-r--r-- | overcloud-resource-registry-puppet.yaml | 4 | ||||
-rw-r--r-- | overcloud.yaml | 2 | ||||
-rw-r--r-- | puppet/all-nodes-config.yaml | 14 | ||||
-rw-r--r-- | puppet/controller-post.yaml | 18 |
10 files changed, 412 insertions, 1 deletions
diff --git a/capabilities_map.yaml b/capabilities_map.yaml new file mode 100644 index 00000000..30ee211e --- /dev/null +++ b/capabilities_map.yaml @@ -0,0 +1,226 @@ +# This file holds metadata about the capabilities of the tripleo-heat-templates +# repository for deployment using puppet. It groups configuration by topic, +# describes possible combinations of environments and resource capabilities. + +# root_template: identifies repository's root template +# root_environment: identifies root_environment, this one is special in terms of +# order in which the environments are merged before deploying. This one serves as +# a base and it's parameters/resource_registry gets overriden by other environments +# if used. + +# topics: +# High Level grouping by purpose of environments +# Attributes: +# title: (required) +# description: (optional) +# environment_groups: (required) + +# environment_groups: +# Identifies an environment choice. If group includes multiple environments it +# indicates that environments in group are mutually exclusive. +# Attributes: +# title: (optional) +# description: (optional) +# tags: a list of tags to provide aditional information for e.g. filtering (optional) +# environments: (required) + +# environments: +# List of environments in environment group +# Attributes: +# file: a file name including path within repository (required) +# title: (required) +# description: (optional) +# requires: an array of environments which are required by this environment (optional) +# resource_registry: [tbd] (optional) + +# resource_registry: +# [tbd] Each environment can provide options on resource_registry level applicable +# only when that given environment is used. (resource_type of that environment can +# be implemented using multiple templates). + +root_template: overcloud.yaml +root_environment: overcloud-resource-registry-puppet.yaml +topics: + - title: Basic Configuration + description: + environment_groups: + - title: + description: Enable basic configuration required for OpenStack Deployment + environments: + - file: overcloud-resource-registry-puppet.yaml + title: Default Configuration + description: + + - title: Deployment options + description: + environment_groups: + - title: High Availability + description: Enables configuration of an Overcloud controller with Pacemaker + environments: + - file: environments/puppet-pacemaker.yaml + title: Pacemaker + description: Enable configuration of an Overcloud controller with Pacemaker + requires: + - overcloud-resource-registry-puppet.yaml + - title: Docker RDO + description: > + Docker container with heat agents for containerized compute node + environments: + - file: environments/docker-rdo.yaml + title: Docker RDO + description: + requires: + - overcloud-resource-registry-puppet.yaml + + # - title: Network Interface Configuration + # description: + # environment_groups: + + - title: Overlay network Configuration + description: + environment_groups: + - title: Network Isolation + description: > + Enable the creation of Neutron networks for + isolated Overcloud traffic and configure each role to assign ports + (related to that role) on these networks. + environments: + - file: environments/network-isolation.yaml + title: Network Isolation + description: Enable Network Isolation + requires: + - overcloud-resource-registry-puppet.yaml + - title: Single nic or Bonding + description: > + Configure roles to use pair of bonded nics or to use Vlans on a + single nic. This option assumes use of Network Isolation. + environments: + - file: environments/net-bond-with-vlans.yaml + title: Bond with Vlans + description: > + Configure each role to use a pair of bonded nics (nic2 and + nic3) and configures an IP address on each relevant isolated network + for each role. This option assumes use of Network Isolation. + requires: + - environments/network-isolation.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/net-single-nic-with-vlans.yaml + title: Single nic with Vlans + description: > + Configure each role to use Vlans on a single nic for + each isolated network. This option assumes use of Network Isolation. + requires: + - environments/network-isolation.yaml + - overcloud-resource-registry-puppet.yaml + + - title: Neutron Plugin Configuration + description: + environment_groups: + - title: BigSwitch extensions or Cisco N1KV backend + description: + environments: + - file: environments/neutron-ml2-bigswitch.yaml + title: BigSwitch extensions + description: > + Enable Big Switch extensions, configured via puppet + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-ml2-cisco-n1kv.yaml + title: Cisco N1KV backend + description: > + Enable a Cisco N1KV backend, configured via puppet + requires: + - overcloud-resource-registry-puppet.yaml + - title: Cisco Neutron plugin + description: > + Enable a Cisco Neutron plugin + environments: + - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml + title: Cisco Neutron plugin + description: + requires: + - overcloud-resource-registry-puppet.yaml + + - title: Storage + description: + environment_groups: + - title: Cinder NetApp backend + description: > + Enable a Cinder NetApp backend, configured via puppet + environments: + - file: environments/cinder-netapp-config.yaml + title: Cinder NetApp backend + description: + requires: + - overcloud-resource-registry-puppet.yaml + - title: Externally managed Ceph + description: > + Enable the use of an externally managed Ceph cluster + environments: + - file: environments/puppet-ceph-external.yaml + title: Externally managed Ceph + description: + requires: + - overcloud-resource-registry-puppet.yaml + - title: Ceph Devel + description: > + Enable a Ceph storage cluster using the controller and 2 ceph nodes. + Rbd backends are enabled for Cinder, Glance, and Nova. + environments: + - file: environments/puppet-ceph-devel.yaml + title: Ceph Devel + description: + requires: + - overcloud-resource-registry-puppet.yaml + - title: Storage Environment + description: > + Can be used to set up storage backends. Defaults to Ceph used as a + backend for Cinder, Glance and Nova ephemeral storage. It configures + for example which services will use Ceph, or if any of the services + will use NFS. And more. Usually requires to be edited by user first. + tags: + - no-gui + environments: + - file: environments/storage-environment.yaml + title: Storage Environment + description: + requires: + - overcloud-resource-registry-puppet.yaml + + - title: Utilities + description: + environment_groups: + - title: Config Debug + description: Enable config management (e.g. Puppet) debugging + environments: + - file: environments/config-debug.yaml + title: Config Debug + description: + requires: + - overcloud-resource-registry-puppet.yaml + - title: Disable journal in MongoDb + description: > + Since, when journaling is enabled, MongoDb will create big journal + file it can take time. In a CI environment for example journaling is + not necessary. + environments: + - file: environments/mongodb-nojournal.yaml + title: Disable journal in MongoDb + description: + requires: + - overcloud-resource-registry-puppet.yaml + - title: Overcloud Steps + description: > + Specifies hooks/breakpoints where overcloud deployment should stop + Allows operator validation between steps, and/or more granular control. + Note: the wildcards relate to naming convention for some resource suffixes, + e.g see puppet/*-post.yaml, enabling this will mean we wait for + a user signal on every *Deployment_StepN resource defined in those files. + tags: + - no-gui + environments: + - file: environments/overcloud-steps.yaml + title: Overcloud Steps + description: + requires: + - overcloud-resource-registry-puppet.yaml diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index f235cf8f..8986e35f 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -2,3 +2,5 @@ # Overcloud controller with Pacemaker. resource_registry: OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml + OS::TripleO::Tasks::ControllerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml diff --git a/extraconfig/tasks/noop.yaml b/extraconfig/tasks/noop.yaml new file mode 100644 index 00000000..0cff7469 --- /dev/null +++ b/extraconfig/tasks/noop.yaml @@ -0,0 +1,10 @@ +heat_template_version: 2014-10-16 +description: 'No-op task' + +parameters: + servers: + type: json + input_values: + type: json + default: {} + description: input values for the software deployments diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh new file mode 100755 index 00000000..ad3c3701 --- /dev/null +++ b/extraconfig/tasks/pacemaker_resource_restart.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +set -eux + +pacemaker_status=$(systemctl is-active pacemaker) +check_interval=3 + +function check_resource { + + service=$1 + state=$2 + timeout=$3 + tstart=$(date +%s) + tend=$(( $tstart + $timeout )) + + if [ "$state" = "stopped" ]; then + match_for_incomplete='Started' + else # started + match_for_incomplete='Stopped' + fi + + while (( $(date +%s) < $tend )); do + node_states=$(pcs status --full | grep "$service" | grep -v Clone) + if echo "$node_states" | grep -q "$match_for_incomplete"; then + echo "$service not yet $state, sleeping $check_interval seconds." + sleep $check_interval + else + echo "$service has $state" + return + fi + done + + echo "$service never $state after $timeout seconds" | tee /dev/fd/2 + exit 1 + +} + +# Run if pacemaker is running, we're the bootstrap node, +# and we're updating the deployment (not creating). +if [ "$pacemaker_status" = "active" -a \ + "$(hiera bootstrap_nodeid)" = "$(facter hostname)" -a \ + "$(hiera update_identifier)" != "nil" ]; then + + pcs resource disable httpd + check_resource httpd stopped 300 + pcs resource disable openstack-keystone + check_resource openstack-keystone stopped 1200 + + if pcs status | grep haproxy-clone; then + pcs resource restart haproxy-clone + fi + pcs resource restart redis-master + pcs resource restart mongod-clone + pcs resource restart rabbitmq-clone + pcs resource restart memcached-clone + pcs resource restart galera-master + + pcs resource enable openstack-keystone + check_resource openstack-keystone started 300 + pcs resource enable httpd + check_resource httpd started 800 + +fi diff --git a/extraconfig/tasks/post_puppet_pacemaker.yaml b/extraconfig/tasks/post_puppet_pacemaker.yaml new file mode 100644 index 00000000..7de41d94 --- /dev/null +++ b/extraconfig/tasks/post_puppet_pacemaker.yaml @@ -0,0 +1,44 @@ +heat_template_version: 2014-10-16 +description: 'Post-Puppet Config for Pacemaker deployments' + +parameters: + servers: + type: json + input_values: + type: json + description: input values for the software deployments + +resources: + + ControllerPostPuppetMaintenanceModeConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: | + #!/bin/bash + pacemaker_status=$(systemctl is-active pacemaker) + + if [ "$pacemaker_status" = "active" ]; then + pcs property set maintenance-mode=false + fi + + ControllerPostPuppetMaintenanceModeDeployment: + type: OS::Heat::SoftwareDeployments + properties: + servers: {get_param: servers} + config: {get_resource: ControllerPostPuppetMaintenanceModeConfig} + input_values: {get_param: input_values} + + ControllerPostPuppetRestartConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: pacemaker_resource_restart.sh} + + ControllerPostPuppetRestartDeployment: + type: OS::Heat::SoftwareDeployments + depends_on: ControllerPostPuppetMaintenanceModeDeployment + properties: + servers: {get_param: servers} + config: {get_resource: ControllerPostPuppetRestartConfig} + input_values: {get_param: input_values} diff --git a/extraconfig/tasks/pre_puppet_pacemaker.yaml b/extraconfig/tasks/pre_puppet_pacemaker.yaml new file mode 100644 index 00000000..2cfe92a7 --- /dev/null +++ b/extraconfig/tasks/pre_puppet_pacemaker.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2014-10-16 +description: 'Pre-Puppet Config for Pacemaker deployments' + +parameters: + servers: + type: json + input_values: + type: json + description: input values for the software deployments + +resources: + + ControllerPrePuppetMaintenanceModeConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: | + #!/bin/bash + pacemaker_status=$(systemctl is-active pacemaker) + + if [ "$pacemaker_status" = "active" ]; then + pcs property set maintenance-mode=true + fi + + ControllerPrePuppetMaintenanceModeDeployment: + type: OS::Heat::SoftwareDeployments + properties: + servers: {get_param: servers} + config: {get_resource: ControllerPrePuppetMaintenanceModeConfig} + input_values: {get_param: input_values} diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index c072c292..77368d0a 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -21,7 +21,11 @@ resource_registry: OS::TripleO::CephClusterConfig::SoftwareConfig: puppet/ceph-cluster-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml + + # Tasks (for internal TripleO usage) OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml + OS::TripleO::Tasks::ControllerPrePuppet: extraconfig/tasks/noop.yaml + OS::TripleO::Tasks::ControllerPostPuppet: extraconfig/tasks/noop.yaml # This creates the "heat-admin" user for all OS images by default # To disable, replace with firstboot/userdata_default.yaml diff --git a/overcloud.yaml b/overcloud.yaml index d7de28f9..1a571120 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -1167,6 +1167,8 @@ resources: neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + DeployIdentifier: {get_param: DeployIdentifier} + UpdateIdentifier: {get_param: UpdateIdentifier} MysqlRootPassword: type: OS::Heat::RandomString diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 3908afee..895ddc3d 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -51,6 +51,17 @@ parameters: keystone_admin_api_node_ips: type: comma_delimited_list + DeployIdentifier: + type: string + description: > + Setting this to a unique value will re-run any deployment tasks which + perform configuration on a Heat stack-update. + UpdateIdentifier: + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + resources: allNodesConfigImpl: @@ -240,6 +251,9 @@ resources: nova::rabbit_hosts: *rabbit_nodes_array keystone::rabbit_hosts: *rabbit_nodes_array + deploy_identifier: {get_param: DeployIdentifier} + update_identifier: {get_param: UpdateIdentifier} + outputs: config_id: description: The ID of the allNodesConfigImpl resource. diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 941e1ac5..ed8129e7 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -17,6 +17,13 @@ parameters: resources: + ControllerPrePuppet: + type: OS::TripleO::Tasks::ControllerPrePuppet + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + ControllerPuppetConfig: type: OS::TripleO::ControllerConfig @@ -26,6 +33,7 @@ resources: # e.g all Deployment resources should have a *Deployment_StepN suffix ControllerLoadBalancerDeployment_Step1: type: OS::Heat::StructuredDeployments + depends_on: ControllerPrePuppet properties: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} @@ -98,10 +106,18 @@ resources: step: 5 update_identifier: {get_param: NodeConfigIdentifiers} + ControllerPostPuppet: + type: OS::TripleO::Tasks::ControllerPostPuppet + depends_on: ControllerOvercloudServicesDeployment_Step6 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + # Note, this should come last, so use depends_on to ensure # this is created after any other resources. ExtraConfig: - depends_on: ControllerOvercloudServicesDeployment_Step5 + depends_on: ControllerPostPuppet type: OS::TripleO::NodeExtraConfigPost properties: servers: {get_param: servers} |