diff options
-rw-r--r-- | README.md | 10 | ||||
-rw-r--r-- | README.rst | 55 | ||||
-rw-r--r-- | overcloud-resource-registry-puppet.yaml | 2 | ||||
-rw-r--r-- | overcloud-without-mergepy.yaml | 1 | ||||
-rw-r--r-- | puppet/ceph-storage.yaml | 8 | ||||
-rw-r--r-- | puppet/cinder-storage.yaml | 8 | ||||
-rw-r--r-- | puppet/compute.yaml | 8 | ||||
-rw-r--r-- | puppet/controller.yaml | 16 | ||||
-rw-r--r-- | puppet/hieradata/controller.yaml | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 3 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 53 | ||||
-rw-r--r-- | puppet/swift-storage.yaml | 8 | ||||
-rw-r--r-- | setup.cfg | 2 |
13 files changed, 136 insertions, 39 deletions
diff --git a/README.md b/README.md deleted file mode 100644 index 97cc384e..00000000 --- a/README.md +++ /dev/null @@ -1,10 +0,0 @@ -templates -========= - -Generic templates to describe multi-host infrastructure, consumable by OpenStack Heat, Crowbar, others. - - -merge.py -======== - -The Makefile contains several targets for generated templates, see its contents for all of them. To run functional tests for merge.py, run 'make test'. diff --git a/README.rst b/README.rst new file mode 100644 index 00000000..148a741f --- /dev/null +++ b/README.rst @@ -0,0 +1,55 @@ +====================== +tripleo-heat-templates +====================== + +Heat templates to deploy OpenStack using OpenStack. + +* Free software: Apache license +* Documentation: http://docs.openstack.org/developer/tripleo-docs +* Source: http://git.openstack.org/cgit/openstack/tripleo-heat-templates +* Bugs: http://bugs.launchpad.net/tripleo + +Features +-------- + +The ability to deploy a multi-node, role based OpenStack deployment using +OpenStack Heat. Notable features include: + + * Choice of deployment/configuration tooling: puppet, os-apply-config, and + (soon) docker + + * Role based deployment: roles for the controller, compute, ceph, swift, + and cinder storage + + * physical network configuration: support for isolated networks, bonding, + and standard ctlplane networking + +Directories +----------- + +A description of the directory layout in TripleO Heat Templates. + + * deprecated: contains templates that have been deprecated + + * environments: contains heat environment files that can be used with -e + on the command like to enable features, etc. + + * extraconfig: templates used to enable 'extra' functionality. Includes + functionality for distro specific registration and upgrades. + + * firstboot: example first_boot scripts that can be used when initially + creating instances. + + * network: heat templates to help create isolated networks and ports + + * puppet: templates mostly driven by configuration with puppet. To use these + templates you can use the overcloud-resource-registry-puppet.yaml. + + * os-apply-config: templates mostly driven by configuration w/ + os-collect-config and bash based + elements (which use the Heat os-apply-config group). + These will soon be deprecated and are no longer part + of the upstream CI testing efforts. + + * validation-scripts: validation scripts useful to all deployment + configurations diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index b527c10f..7e65d4b1 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -30,11 +30,13 @@ resource_registry: # Hooks for operator extra config # NodeUserData == Cloud-init additional user-data, e.g cloud-config # ControllerExtraConfigPre == Controller configuration pre service deployment + # NodeExtraConfig == All nodes configuration pre service deployment # NodeExtraConfigPost == All nodes configuration post service deployment OS::TripleO::NodeUserData: firstboot/userdata_default.yaml OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::ComputeExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::CephStorageExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml + OS::TripleO::NodeExtraConfig: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml # "AllNodes" Extra cluster config, runs on all nodes prior to the post_deploy diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index 4b065dd8..7fdba562 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -845,6 +845,7 @@ resources: ServiceNetMap: {get_param: ServiceNetMap} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 1213d3df..75294599 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -181,6 +181,14 @@ resources: properties: server: {get_resource: CephStorage} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: CephStorageExtraConfigPre + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: CephStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 5779c097..972523ae 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -263,6 +263,14 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: BlockStorageDeployment + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: BlockStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 9ddc89c7..bdee93dd 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -555,6 +555,14 @@ resources: properties: server: {get_resource: NovaCompute} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: ComputeExtraConfigPre + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: NovaCompute} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 48f3acee..3b7ec7e7 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -505,6 +505,9 @@ parameters: GlanceApiVirtualIP: type: string default: '' + GlanceRegistryVirtualIP: + type: string + default: '' MysqlVirtualIP: type: string default: '' @@ -903,6 +906,7 @@ resources: - {get_param: GlanceApiVirtualIP} - ':' - {get_param: GlancePort} + glance_registry_host: {get_param: GlanceRegistryVirtualIP} heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} @@ -1021,7 +1025,7 @@ resources: glance::api::bind_host: {get_input: glance_api_network} glance::api::auth_uri: {get_input: keystone_auth_uri} glance::api::identity_uri: {get_input: keystone_identity_uri} - glance::api::registry_host: {get_input: glance_registry_network} + glance::api::registry_host: {get_input: glance_registry_host} glance::api::keystone_password: {get_input: glance_password} glance::api::debug: {get_input: debug} glance_notifier_strategy: {get_input: glance_notifier_strategy} @@ -1030,7 +1034,7 @@ resources: glance::api::database_connection: {get_input: glance_dsn} glance::registry::keystone_password: {get_input: glance_password} glance::registry::database_connection: {get_input: glance_dsn} - glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + glance::registry::bind_host: {get_input: glance_registry_network} glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} @@ -1207,6 +1211,14 @@ resources: properties: server: {get_resource: Controller} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: ControllerExtraConfigPre + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: Controller} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index a66c1eaa..a4e2766b 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -95,7 +95,6 @@ horizon::django_session_engine: 'django.contrib.sessions.backends.cache' # mysql mysql::server::manage_config_file: true -mysql::server::remove_default_accounts: true tripleo::loadbalancer::keystone_admin: true diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index c857c5c5..c3302362 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -84,7 +84,8 @@ if hiera('step') >= 2 { 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', }, - } + }, + remove_default_accounts => true, } # FIXME: this should only occur on the bootstrap host (ditto for db syncs) diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 5c220dc5..f5a89582 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -158,12 +158,13 @@ if hiera('step') >= 1 { } class { '::mysql::server': - create_root_user => false, - create_root_my_cnf => false, - config_file => $mysql_config_file, - override_options => $mysqld_options, - service_manage => false, - service_enabled => false, + create_root_user => false, + create_root_my_cnf => false, + config_file => $mysql_config_file, + override_options => $mysqld_options, + remove_default_accounts => $pacemaker_master, + service_manage => false, + service_enabled => false, } } @@ -1069,24 +1070,8 @@ if hiera('step') >= 4 { ocf_agent_name => "neutron:NetnsCleanup", clone_params => "interleave=true", } - pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': - constraint_type => "order", - first_resource => "${::keystone::params::service_name}-clone", - second_resource => "${::neutron::params::server_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], - Pacemaker::Resource::Service[$::neutron::params::server_service]], - } - pacemaker::constraint::base { 'neutron-server-to-neutron-ovs-cleanup-constraint': - constraint_type => "order", - first_resource => "${::neutron::params::server_service}-clone", - second_resource => "${::neutron::params::ovs_cleanup_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::neutron::params::server_service], - Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"]], - } + + # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint': constraint_type => "order", first_resource => "${::neutron::params::ovs_cleanup_service}-clone", @@ -1119,6 +1104,26 @@ if hiera('step') >= 4 { require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"], Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]], } + + #another chain keystone-->neutron-server-->ovs-agent-->dhcp-->l3 + pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': + constraint_type => "order", + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::neutron::params::server_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::keystone::params::service_name], + Pacemaker::Resource::Service[$::neutron::params::server_service]], + } + pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': + constraint_type => "order", + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': constraint_type => "order", first_resource => "${::neutron::params::ovs_agent_service}-clone", diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index f6623be6..22ec6096 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -216,6 +216,14 @@ resources: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: SwiftStorageHieraDeploy + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: SwiftStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -2,7 +2,7 @@ name = tripleo-heat-templates summary = Heat templates for deploying OpenStack with OpenStack. description-file = - README.md + README.rst author = OpenStack author_email = openstack-dev@lists.openstack.org license = Apache License (2.0) |