diff options
55 files changed, 1130 insertions, 840 deletions
diff --git a/environments/ips-from-pool-all.yaml b/environments/ips-from-pool-all.yaml index f660d501..87563753 100644 --- a/environments/ips-from-pool-all.yaml +++ b/environments/ips-from-pool-all.yaml @@ -5,30 +5,36 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + # Management network is optional and disabled by default + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management_from_pool.yaml parameter_defaults: ControllerIPs: @@ -43,6 +49,8 @@ parameter_defaults: - 172.16.3.251 tenant: - 172.16.0.251 + #management: + #- 172.16.4.251 NovaComputeIPs: # Each compute will get an IP from the lists below, first compute, first IP internal_api: @@ -51,12 +59,16 @@ parameter_defaults: - 172.16.1.252 tenant: - 172.16.0.252 + #management: + #- 172.16.4.252 CephStorageIPs: # Each ceph node will get an IP from the lists below, first node, first IP storage: - 172.16.1.253 storage_mgmt: - 172.16.3.253 + #management: + #- 172.16.4.253 SwiftStorageIPs: # Each swift node will get an IP from the lists below, first node, first IP internal_api: @@ -65,6 +77,8 @@ parameter_defaults: - 172.16.1.254 storage_mgmt: - 172.16.3.254 + #management: + #- 172.16.4.254 BlockStorageIPs: # Each cinder node will get an IP from the lists below, first node, first IP internal_api: @@ -73,3 +87,5 @@ parameter_defaults: - 172.16.1.250 storage_mgmt: - 172.16.3.250 + #management: + #- 172.16.4.250 diff --git a/environments/network-management-v6.yaml b/environments/network-management-v6.yaml new file mode 100644 index 00000000..812e84f3 --- /dev/null +++ b/environments/network-management-v6.yaml @@ -0,0 +1,25 @@ +# Enable the creation of an IPv6 system management network. This +# creates a Neutron network for isolated Overcloud +# system management traffic and configures each role to +# assign a port (related to that role) on that network. +# Note that the basic sample NIC configuration templates +# do not include the management network, see the +# comments in the sample network config templates in +# network/config/ for an example. +resource_registry: + OS::TripleO::Network::Management: ../network/management_v6.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_v6.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management_v6.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management_v6.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management_v6.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management_v6.yaml diff --git a/environments/network-management.yaml b/environments/network-management.yaml index 2f0cff8b..041617be 100644 --- a/environments/network-management.yaml +++ b/environments/network-management.yaml @@ -4,7 +4,8 @@ # assign a port (related to that role) on that network. # Note that the basic sample NIC configuration templates # do not include the management network, see the -# single-nic-vlans-mgmt templates for an example. +# comments in the sample network config templates in +# network/config/ for an example. resource_registry: OS::TripleO::Network::Management: ../network/management.yaml diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml index bf5036bf..28056b35 100644 --- a/environments/neutron-nuage-config.yaml +++ b/environments/neutron-nuage-config.yaml @@ -1,10 +1,11 @@ # A Heat environment file which can be used to enable a # a Neutron Nuage backend on the controller, configured via puppet resource_registry: - OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + # Override the NeutronCorePlugin to use Nuage + OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginNuage parameter_defaults: NeutronNuageOSControllerIp: '0.0.0.0' diff --git a/environments/neutron-opencontrail.yaml b/environments/neutron-opencontrail.yaml index b17c9c0a..340bac78 100644 --- a/environments/neutron-opencontrail.yaml +++ b/environments/neutron-opencontrail.yaml @@ -1,12 +1,13 @@ # A Heat environment file which can be used to enable OpenContrail # extensions, configured via puppet resource_registry: - OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + # Override the NeutronCorePlugin to use Nuage + OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginOpencontrail parameter_defaults: NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 diff --git a/environments/neutron-plumgrid.yaml b/environments/neutron-plumgrid.yaml index 23c088b2..08ace103 100755 --- a/environments/neutron-plumgrid.yaml +++ b/environments/neutron-plumgrid.yaml @@ -1,12 +1,13 @@ # A Heat environment file which can be used to enable PLUMgrid # extensions, configured via puppet resource_registry: - OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml # PLUMgrid doesn't require dhcp, l3, metadata, and ovs agents OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + # Override the Neutron core plugin to use PLUMgrid + OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginPlumgrid parameter_defaults: NeutronCorePlugin: networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2 diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index 00e14fd0..d1df6c41 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -24,6 +24,10 @@ resource_registry: OS::TripleO::Services::NeutronMetadataAgent: ../puppet/services/pacemaker/neutron-metadata.yaml OS::TripleO::Services::NeutronServer: ../puppet/services/pacemaker/neutron-server.yaml OS::TripleO::Services::NeutronCorePlugin: ../puppet/services/pacemaker/neutron-plugin-ml2.yaml + # Neutron Core Plugin Vendors (these typically override NeutronCorePlugin) + OS::TripleO::Services::NeutronCorePluginPlumgrid: ../puppet/services/pacemaker/neutron-plugin-plumgrid.yaml + OS::TripleO::Services::NeutronCorePluginNuage: ../puppet/services/pacemaker/neutron-plugin-nuage.yaml + OS::TripleO::Services::NeutronCorePluginOpencontrail: ../puppet/services/pacemaker/neutron-plugin-opencontrail.yaml OS::TripleO::Services::NeutronOvsAgent: ../puppet/services/pacemaker/neutron-ovs-agent.yaml OS::TripleO::Services::RabbitMQ: ../puppet/services/pacemaker/rabbitmq.yaml OS::TripleO::Services::HAproxy: ../puppet/services/pacemaker/haproxy.yaml @@ -31,3 +35,7 @@ resource_registry: OS::TripleO::Services::Redis: ../puppet/services/pacemaker/database/redis.yaml OS::TripleO::Services::NovaConductor: ../puppet/services/pacemaker/nova-conductor.yaml OS::TripleO::Services::MongoDb: ../puppet/services/pacemaker/database/mongodb.yaml + OS::TripleO::Services::NovaApi: ../puppet/services/pacemaker/nova-api.yaml + OS::TripleO::Services::NovaScheduler: ../puppet/services/pacemaker/nova-scheduler.yaml + OS::TripleO::Services::NovaConsoleauth: ../puppet/services/pacemaker/nova-consoleauth.yaml + OS::TripleO::Services::NovaVncproxy: ../puppet/services/pacemaker/nova-vncproxy.yaml diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh index f5399222..2aaa84c6 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -2,13 +2,21 @@ set -eu -cluster_sync_timeout=600 +cluster_sync_timeout=1800 if pcs status 2>&1 | grep -E '(cluster is not currently running)|(OFFLINE:)'; then echo_error "ERROR: upgrade cannot start with some cluster nodes being offline" exit 1 fi + +# We want to disable fencing during the cluster --stop as it might fence +# nodes where a service fails to stop, which could be fatal during an upgrade +# procedure. So we remember the stonith state. If it was enabled we reenable it +# at the end of this script +STONITH_STATE=$(pcs property show stonith-enabled | grep "stonith-enabled" | awk '{ print $2 }') +pcs property set stonith-enabled=false + if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname)" ]; then pcs resource disable httpd check_resource httpd stopped 1800 @@ -49,6 +57,12 @@ done yum -y install python-zaqarclient # needed for os-collect-config yum -y -q update + +# Let's reset the stonith back to true if it was true, before starting the cluster +if [ $STONITH_STATE == "true" ]; then + pcs -f /var/lib/pacemaker/cib/cib.xml property set stonith-enabled=true +fi + # Pin messages sent to compute nodes to kilo, these will be upgraded later crudini --set /etc/nova/nova.conf upgrade_levels compute "$upgrade_level_nova_compute" # https://bugzilla.redhat.com/show_bug.cgi?id=1284047 diff --git a/network/management_v6.yaml b/network/management_v6.yaml new file mode 100644 index 00000000..a5e70667 --- /dev/null +++ b/network/management_v6.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +description: > + Management network. System administration, SSH, DNS, NTP, etc. This network + would usually be the default gateway for the non-controller nodes. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + ManagementNetCidr: + default: 'fd00:fd00:fd00:6000::/64' + description: Cidr for the management network. + type: string + ManagementNetValueSpecs: + default: {'provider:physical_network': 'management', 'provider:network_type': 'flat'} + description: Value specs for the management network. + type: json + ManagementNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + ManagementNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + ManagementNetName: + default: management + description: The name of the management network. + type: string + ManagementSubnetName: + default: management_subnet + description: The name of the management subnet in Neutron. + type: string + ManagementAllocationPools: + default: [{'start': 'fd00:fd00:fd00:6000::10', 'end': 'fd00:fd00:fd00:6000:ffff:ffff:ffff:fffe'}] + description: Ip allocation pool range for the management network. + type: json + IPv6AddressMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 address mode + type: string + IPv6RAMode: + default: dhcpv6-stateful + description: Neutron subnet IPv6 router advertisement mode + type: string + +resources: + ManagementNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: ManagementNetAdminStateUp} + name: {get_param: ManagementNetName} + shared: {get_param: ManagementNetShared} + value_specs: {get_param: ManagementNetValueSpecs} + + ManagementSubnet: + type: OS::Neutron::Subnet + properties: + ip_version: 6 + ipv6_address_mode: {get_param: IPv6AddressMode} + ipv6_ra_mode: {get_param: IPv6RAMode} + cidr: {get_param: ManagementNetCidr} + name: {get_param: ManagementSubnetName} + network: {get_resource: ManagementNetwork} + allocation_pools: {get_param: ManagementAllocationPools} + +outputs: + OS::stack_id: + description: Neutron management network + value: {get_resource: ManagementNetwork} diff --git a/network/networks.yaml b/network/networks.yaml index ab50ae11..d3ae482b 100644 --- a/network/networks.yaml +++ b/network/networks.yaml @@ -21,3 +21,6 @@ resources: ManagementNetwork: type: OS::TripleO::Network::Management + + NetworkExtraConfig: + type: OS::TripleO::Network::ExtraConfig diff --git a/network/ports/management_from_pool_v6.yaml b/network/ports/management_from_pool_v6.yaml new file mode 100644 index 00000000..d9ac6046 --- /dev/null +++ b/network/ports/management_from_pool_v6.yaml @@ -0,0 +1,52 @@ +heat_template_version: 2015-10-15 + +description: > + Returns an IP from a network mapped list of IPs. This version is for IPv6 + addresses. The ip_address_uri output will have brackets for use in URLs. + +parameters: + ManagementNetName: + description: Name of the management network + default: management + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + ManagementNetCidr: + default: 'fd00:fd00:fd00:6000::/64' + description: Cidr for the management network. + type: string + +outputs: + ip_address: + description: management network IP + value: {get_param: [IPPool, {get_param: ManagementNetName}, {get_param: NodeIndex}]} + ip_address_uri: + description: management network IP (for compatibility with management_v6.yaml) + value: + list_join: + - '' + - - '[' + - {get_param: [IPPool, {get_param: ManagementNetName}, {get_param: NodeIndex}]} + - ']' + ip_subnet: + description: IP/Subnet CIDR for the management network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: ManagementNetName}, {get_param: NodeIndex}]} + - '/' + - {str_split: ['/', {get_attr: [ManagementPort, subnets, 0, cidr]}, 1]} diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 5e577291..0bfb9c26 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -63,6 +63,8 @@ resource_registry: OS::TripleO::Network::Tenant: OS::Heat::None OS::TripleO::Network::Management: OS::Heat::None + OS::TripleO::Network::ExtraConfig: OS::Heat::None + OS::TripleO::Network::Ports::NetVipMap: network/ports/net_ip_map.yaml OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml @@ -139,17 +141,29 @@ resource_registry: OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml OS::TripleO::Services::NeutronServer: puppet/services/neutron-server.yaml OS::TripleO::Services::NeutronCorePlugin: puppet/services/neutron-plugin-ml2.yaml + # Neutron Core Plugin Vendors (these typically override NeutronCorePlugin) + OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml + OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml + OS::TripleO::Services::NeutronCorePluginOpencontrail: puppet/services/neutron-plugin-opencontrail.yaml OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml OS::TripleO::Services::RabbitMQ: puppet/services/rabbitmq.yaml OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml OS::TripleO::Services::Memcached: puppet/services/memcached.yaml - OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml OS::TripleO::Services::SaharaApi: puppet/services/sahara-api.yaml OS::TripleO::Services::SaharaEngine: puppet/services/sahara-engine.yaml OS::TripleO::Services::Redis: puppet/services/database/redis.yaml OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml + OS::TripleO::Services::NovaApi: puppet/services/nova-api.yaml + OS::TripleO::Services::NovaScheduler: puppet/services/nova-scheduler.yaml + OS::TripleO::Services::NovaConsoleauth: puppet/services/nova-consoleauth.yaml + OS::TripleO::Services::NovaVncproxy: puppet/services/nova-vncproxy.yaml + OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml + OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml + OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml + OS::TripleO::Services::SwiftStorage: puppet/services/swift-storage.yaml + OS::TripleO::Services::Snmp: puppet/services/snmp.yaml parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.yaml b/overcloud.yaml index 62356268..bc29daef 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -66,10 +66,6 @@ parameters: default: '' type: string description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments. - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean CinderEnableRbdBackend: default: false description: Whether to enable or not the Rbd backend for Cinder @@ -221,6 +217,7 @@ parameters: description: The password for the nova service account, used by nova-api. type: string hidden: true + #TODO(ccamacho): Remove after landing Ntp in all roles NtpServer: default: '' description: Comma-separated list of ntp servers @@ -257,14 +254,6 @@ parameters: description: The password for Redis type: string hidden: true - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true StorageVirtualFixedIPs: default: [] description: > @@ -295,18 +284,6 @@ parameters: type: json # Controller-specific params - CinderLVMLoopDeviceSize: - default: 10280 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderPassword: - description: The password for the cinder service account, used by cinder-api. - type: string - hidden: true - CinderISCSIHelper: - default: lioadm - description: The iSCSI helper to use with cinder. - type: string ControllerCount: type: number default: 1 @@ -344,10 +321,6 @@ parameters: default: false description: Whether to deploy Ceph Storage (OSD) on the Controller type: boolean - ControllerEnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean ControllerSchedulerHints: type: json description: Optional scheduler hints to pass to nova @@ -411,7 +384,7 @@ parameters: description: Template string to be used to generate instance names type: string ManageFirewall: - default: false + default: true description: Whether to manage IPtables rules. type: boolean PurgeFirewallRules: @@ -439,10 +412,6 @@ parameters: description: A random string to be used as a salt when hashing to determine mappings in the ring. type: string hidden: true - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean SwiftMinPartHours: type: number default: 1 @@ -587,17 +556,27 @@ parameters: - OS::TripleO::Services::HAproxy - OS::TripleO::Services::Keepalived - OS::TripleO::Services::Memcached - - OS::TripleO::Services::SwiftProxy - OS::TripleO::Services::Redis - OS::TripleO::Services::NovaConductor - OS::TripleO::Services::MongoDb + - OS::TripleO::Services::NovaApi + - OS::TripleO::Services::NovaScheduler + - OS::TripleO::Services::NovaConsoleauth + - OS::TripleO::Services::NovaVncproxy + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::SwiftProxy + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::Snmp description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. type: comma_delimited_list ComputeServices: - default: [] + default: + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -626,7 +605,13 @@ parameters: type: json description: Optional scheduler hints to pass to nova default: {} - + BlockStorageServices: + default: + - OS::TripleO::Services::CinderVolume + description: A list of service resources (configured in the Heat + resource_registry) which represent nested stacks + for each service that should get installed on the BlockStorage nodes. + type: comma_delimited_list # Object storage specific parameters ObjectStorageCount: @@ -652,7 +637,10 @@ parameters: description: Optional scheduler hints to pass to nova default: {} ObjectStorageServices: - default: [] + default: + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::Snmp description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the ObjectStorage nodes. @@ -684,7 +672,8 @@ parameters: description: Optional scheduler hints to pass to nova default: {} CephStorageServices: - default: [] + default: + - OS::TripleO::Services::Ntp description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the CephStorage nodes. @@ -838,7 +827,6 @@ resources: PurgeFirewallRules: {get_param: PurgeFirewallRules} EnableGalera: {get_param: EnableGalera} EnableCephStorage: {get_param: ControllerEnableCephStorage} - EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} ExtraConfig: {get_param: ExtraConfig} FencingConfig: {get_param: FencingConfig} Flavor: {get_param: OvercloudControlFlavor} @@ -864,7 +852,6 @@ resources: NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NovaIPv6: {get_param: NovaIPv6} NovaPassword: {get_param: NovaPassword} - NtpServer: {get_param: NtpServer} PcsdPassword: {get_resource: PcsdPassword} PublicVirtualInterface: {get_param: PublicVirtualInterface} RabbitPassword: {get_param: RabbitPassword} @@ -873,32 +860,16 @@ resources: RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} RedisPassword: {get_param: RedisPassword} - SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} - SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} SwiftHashSuffix: {get_param: SwiftHashSuffix} - SwiftMountCheck: {get_param: SwiftMountCheck} SwiftMinPartHours: {get_param: SwiftMinPartHours} SwiftPartPower: {get_param: SwiftPartPower} SwiftReplicas: { get_param: SwiftReplicas} TimeZone: {get_param: TimeZone} - VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now. - PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - AodhApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} - CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - HeatApiVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -972,14 +943,11 @@ resources: NovaPassword: {get_param: NovaPassword} NovaOVSBridge: {get_param: NovaOVSBridge} NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI} - NtpServer: {get_param: NtpServer} RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} RabbitPassword: {get_param: RabbitPassword} RabbitUserName: {get_param: RabbitUserName} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} - SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} - SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} ServiceNetMap: {get_param: ServiceNetMap} TimeZone: {get_param: TimeZone} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} @@ -995,6 +963,11 @@ resources: NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ComputeServiceChain, config_settings]} + BlockStorageServiceChain: + type: OS::TripleO::Services + properties: + Services: {get_param: BlockStorageServices} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} BlockStorage: type: OS::Heat::ResourceGroup @@ -1005,21 +978,9 @@ resources: resource_def: type: OS::TripleO::BlockStorage properties: - Debug: {get_param: Debug} Image: {get_param: BlockStorageImage} - CinderISCSIHelper: {get_param: CinderISCSIHelper} - CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} - # Purpose of the dedicated BlockStorage nodes should be to use their local LVM - CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} - CinderPassword: {get_param: CinderPassword} KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudBlockStorageFlavor} - VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} TimeZone: {get_param: TimeZone} NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -1029,13 +990,13 @@ resources: params: '%stackname%': {get_param: 'OS::stack_name'} ServiceNetMap: {get_param: ServiceNetMap} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} ExtraConfig: {get_param: ExtraConfig} BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} CloudDomain: {get_param: CloudDomain} ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: BlockStorageSchedulerHints} NodeIndex: '%index%' + ServiceConfigSettings: {get_attr: [BlockStorageServiceChain, config_settings]} ObjectStorageServiceChain: type: OS::TripleO::Services @@ -1055,13 +1016,11 @@ resources: KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudSwiftStorageFlavor} HashSuffix: {get_param: SwiftHashSuffix} - MountCheck: {get_param: SwiftMountCheck} MinPartHours: {get_param: SwiftMinPartHours} PartPower: {get_param: SwiftPartPower} Image: {get_param: SwiftStorageImage} Replicas: { get_param: SwiftReplicas} TimeZone: {get_param: TimeZone} - NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_param: ServiceNetMap} Hostname: @@ -1095,7 +1054,6 @@ resources: Image: {get_param: CephStorageImage} KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudCephStorageFlavor} - NtpServer: {get_param: NtpServer} ServiceNetMap: {get_param: ServiceNetMap} TimeZone: {get_param: TimeZone} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -1509,6 +1467,8 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} + StepConfig: {get_attr: [BlockStorageServiceChain, step_config]} + CephStorageNodesPostDeployment: type: OS::TripleO::CephStoragePostDeployment diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml index 245710f2..6beb751f 100644 --- a/puppet/ceph-cluster-config.yaml +++ b/puppet/ceph-cluster-config.yaml @@ -33,6 +33,9 @@ parameters: CinderRbdPoolName: default: volumes type: string + CinderBackupRbdPoolName: + default: backups + type: string GlanceRbdPoolName: default: images type: string @@ -97,7 +100,7 @@ resources: secret: 'CLIENT_KEY', mode: '0644', cap_mon: 'allow r', - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' + cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' } }" params: @@ -106,6 +109,7 @@ resources: ADMIN_KEY: {get_param: ceph_admin_key} NOVA_POOL: {get_param: NovaRbdPoolName} CINDER_POOL: {get_param: CinderRbdPoolName} + CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} GLANCE_POOL: {get_param: GlanceRbdPoolName} GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} @@ -130,6 +134,7 @@ resources: tripleo::profile::base::cinder::volume::rbd::cinder_rbd_user_name: {get_param: CephClientUserName} ceph_pools: - {get_param: CinderRbdPoolName} + - {get_param: CinderBackupRbdPoolName} - {get_param: NovaRbdPoolName} - {get_param: GlanceRbdPoolName} - {get_param: GnocchiRbdPoolName} diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index eedb35e4..7a71ea80 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -21,10 +21,6 @@ parameters: default: default constraints: - custom_constraint: nova.keypair - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -232,7 +228,6 @@ resources: config: {get_resource: CephStorageConfig} server: {get_resource: CephStorage} input_values: - ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -274,7 +269,6 @@ resources: ceph: raw_data: {get_file: hieradata/ceph.yaml} mapped_data: - ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index f470203f..fa1516f1 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -11,6 +11,10 @@ parameters: NodeConfigIdentifiers: type: json description: Value which changes if the node configuration may need to be re-applied + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' resources: @@ -32,22 +36,55 @@ resources: group: puppet options: enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + inputs: + - name: step outputs: - name: result config: - get_file: manifests/overcloud_volume.pp + list_join: + - '' + - - get_file: manifests/overcloud_volume.pp + - {get_param: StepConfig} - VolumeDeployment_Step1: + VolumeDeployment_Step2: type: OS::Heat::StructuredDeployments + depends_on: VolumeArtifactsDeploy properties: - name: VolumeDeployment_Step1 + name: VolumeDeployment_Step2 servers: {get_param: servers} config: {get_resource: VolumePuppetConfig} + input_values: + step: 2 + update_identifier: {get_param: NodeConfigIdentifiers} + + VolumeDeployment_Step3: + type: OS::Heat::StructuredDeployments + depends_on: VolumeDeployment_Step2 + properties: + name: VolumeDeployment_Step3 + servers: {get_param: servers} + config: {get_resource: VolumePuppetConfig} + input_values: + step: 3 + update_identifier: {get_param: NodeConfigIdentifiers} + + VolumeDeployment_Step4: + type: OS::Heat::StructuredDeployments + depends_on: VolumeDeployment_Step3 + properties: + name: VolumeDeployment_Step4 + servers: {get_param: servers} + config: {get_resource: VolumePuppetConfig} + input_values: + step: 4 + update_identifier: {get_param: NodeConfigIdentifiers} # Note, this should come last, so use depends_on to ensure # this is created after any other resources. ExtraConfig: - depends_on: VolumeDeployment_Step1 + depends_on: VolumeDeployment_Step4 type: OS::TripleO::NodeExtraConfigPost properties: servers: {get_param: servers} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index d760de5e..7f45b830 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -4,29 +4,6 @@ parameters: Image: default: overcloud-cinder-volume type: string - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderISCSIHelper: - default: lioadm - description: The iSCSI helper to use with cinder. - type: string - CinderLVMLoopDeviceSize: - default: 10280 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderPassword: - description: The password for the cinder service and db account, used by cinder-api. - type: string - hidden: true - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - VirtualIP: # deprecated. Use per service VIPs instead. - default: '' - type: string ExtraConfig: default: {} description: | @@ -50,22 +27,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - RabbitPassword: - type: string - hidden: true - RabbitUserName: - default: 'guest' - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -100,18 +61,10 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json TimeZone: default: 'UTC' description: The timezone to be set on Cinder nodes. type: string - GlanceApiVirtualIP: - type: string - default: '' NetworkDeploymentActions: type: comma_delimited_list description: > @@ -143,7 +96,9 @@ parameters: NodeIndex: type: number default: 0 - + ServiceConfigSettings: + type: json + default: {} resources: BlockStorage: @@ -277,35 +232,13 @@ resources: server: {get_resource: BlockStorage} config: {get_resource: BlockStorageConfig} input_values: - debug: {get_param: Debug} - cinder_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://cinder:' - - {get_param: CinderPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/cinder' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - cinder_lvm_loop_device_size: - str_replace: - template: sizeM - params: - size: {get_param: CinderLVMLoopDeviceSize} - cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} - cinder_iscsi_helper: {get_param: CinderISCSIHelper} cinder_iscsi_ip_address: str_replace: template: "'IP'" params: IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} @@ -323,6 +256,7 @@ resources: - heat_config_%{::deploy_config_name} - volume_extraconfig - extraconfig + - service_configs - volume - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' @@ -330,6 +264,8 @@ resources: - network merge_behavior: deeper datafiles: + service_configs: + mapped_data: {get_param: ServiceConfigSettings} common: raw_data: {get_file: hieradata/common.yaml} network: @@ -345,17 +281,7 @@ resources: raw_data: {get_file: hieradata/volume.yaml} mapped_data: # Cinder - cinder::debug: {get_input: debug} - cinder::setup_test_volume::size: {get_input: cinder_lvm_loop_device_size} - cinder_iscsi_helper: {get_input: cinder_iscsi_helper} - cinder::database_connection: {get_input: cinder_dsn} - cinder::rabbit_userid: {get_input: rabbit_username} - cinder::rabbit_password: {get_input: rabbit_password} - cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - cinder::rabbit_port: {get_input: rabbit_client_port} - cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} - cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} - cinder::glance::glance_api_servers: {get_input: glance_api_servers} + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index d3b17784..1bc0e0f0 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -233,10 +233,6 @@ parameters: default: 'neutron' description: The full class name of the security API class type: string - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list RabbitHost: type: string default: '' # Has to be here because of the ignored empty value bug @@ -258,14 +254,6 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level @@ -545,8 +533,6 @@ resources: ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} ceilometer_compute_agent: {get_input: ceilometer_compute_agent} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} nova::glance_api_servers: {get_input: glance_api_servers} neutron::debug: {get_input: debug} neutron::rabbit_password: {get_input: rabbit_password} @@ -579,7 +565,6 @@ resources: neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers} keystone_public_api_virtual_ip: {get_input: keystone_vip} admin_password: {get_input: admin_password} - ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -621,8 +606,6 @@ resources: ceilometer_password: {get_param: CeilometerPassword} ceilometer_compute_agent: {get_param: CeilometerComputeAgent} ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} neutron_flat_networks: str_replace: @@ -697,7 +680,6 @@ resources: rabbit_password: {get_param: RabbitPassword} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} - ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 6e8df933..865b5c76 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -8,18 +8,12 @@ parameters: description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true - AodhApiVirtualIP: - type: string - default: '' AodhPassword: description: The password for the aodh services. type: string hidden: true #TODO(composable Redis): Remove the Redis password param #As is used by ceilometer - CeilometerApiVirtualIP: - type: string - default: '' CeilometerBackend: default: 'mongodb' description: The ceilometer backend type. @@ -42,9 +36,6 @@ parameters: type: string constraints: - allowed_values: ['gnocchi', 'database'] - CinderApiVirtualIP: - type: string - default: '' CeilometerWorkers: default: 0 description: Number of workers for Ceilometer service. @@ -96,10 +87,6 @@ parameters: default: false description: Whether to deploy Ceph Storage (OSD) on the Controller type: boolean - EnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean ExtraConfig: default: {} description: | @@ -154,9 +141,6 @@ parameters: default: 'mysql' description: The short name of the Gnocchi indexer backend to use. type: string - GnocchiApiVirtualIP: - type: string - default: '' GnocchiPassword: description: The password for the gnocchi service and db account. type: string @@ -219,9 +203,6 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean - SaharaApiVirtualIP: - type: string - default: '' MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -268,9 +249,6 @@ parameters: will determine the MTU that is assigned to the VM host through DHCP. default: 1400 type: number - NovaApiVirtualIP: - type: string - default: '' NovaEnableDBPurge: default: true description: | @@ -284,14 +262,6 @@ parameters: description: The password for the nova service and db account, used by nova-api. type: string hidden: true - NovaWorkers: - default: 0 - description: Number of workers for Nova service. - type: number - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list PcsdPassword: type: string description: The password for the 'pcsd' user. @@ -302,9 +272,6 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string - PublicVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug RabbitCookie: type: string default: '' # Has to be here because of the ignored empty value bug @@ -338,23 +305,11 @@ parameters: type: string default: '' # Has to be here because of the ignored empty value bug description: An IP address which is wrapped in brackets in case of IPv6 - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true SwiftHashSuffix: description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true type: string - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean SwiftMinPartHours: type: number default: 1 @@ -367,9 +322,6 @@ parameters: default: true description: Whether to manage Swift rings or not type: boolean - SwiftProxyVirtualIP: - type: string - default: '' SwiftReplicas: type: number default: 3 @@ -382,21 +334,9 @@ parameters: type: string description: Nova Compute upgrade level default: '' - VirtualIP: # DEPRECATED: use per service settings instead - type: string - default: '' # Has to be here because of the ignored empty value bug - HeatApiVirtualIP: - type: string - default: '' - HeatApiVirtualIPUri: - type: string - default: '' MysqlVirtualIP: type: string default: '' - NeutronApiVirtualIP: - type: string - default: '' EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -619,7 +559,6 @@ resources: input_values: bootstack_nodeid: {get_attr: [Controller, name]} ceilometer_workers: {get_param: CeilometerWorkers} - nova_workers: {get_param: NovaWorkers} haproxy_log_address: {get_param: HAProxySyslogAddress} haproxy_stats_password: {get_param: HAProxyStatsPassword} haproxy_stats_user: {get_param: HAProxyStatsUser} @@ -641,7 +580,6 @@ resources: enable_galera: {get_param: EnableGalera} enable_load_balancer: {get_param: EnableLoadBalancer} enable_ceph_storage: {get_param: EnableCephStorage} - enable_swift_storage: {get_param: EnableSwiftStorage} manage_firewall: {get_param: ManageFirewall} purge_firewall_rules: {get_param: PurgeFirewallRules} mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} @@ -699,14 +637,22 @@ resources: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/gnocchi' + aodh_dsn: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://aodh:' + - {get_param: AodhPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/aodh' gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]} ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]} ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} @@ -742,7 +688,6 @@ resources: rabbit_cookie: {get_param: RabbitCookie} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} - ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} @@ -751,7 +696,6 @@ resources: swift_ring_build: {get_param: SwiftRingBuild} swift_replicas: {get_param: SwiftReplicas} swift_min_part_hours: {get_param: SwiftMinPartHours} - swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} @@ -826,10 +770,7 @@ resources: - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig - - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre - - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre merge_behavior: deeper datafiles: service_configs: @@ -879,7 +820,6 @@ resources: tripleo::ringbuilder::part_power: {get_input: swift_part_power} tripleo::ringbuilder::replicas: {get_input: swift_replicas} tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} - swift_mount_check: {get_input: swift_mount_check} # Cinder tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} @@ -917,7 +857,6 @@ resources: admin_password: {get_input: admin_password} enable_galera: {get_input: enable_galera} enable_ceph_storage: {get_input: enable_ceph_storage} - enable_swift_storage: {get_input: enable_swift_storage} mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} mysql_max_connections: {get_input: mysql_max_connections} mysql::server::root_password: {get_input: mysql_root_password} @@ -951,7 +890,7 @@ resources: ceilometer::api::auth_uri: {get_input: keystone_auth_uri} ceilometer::api::identity_uri: {get_input: keystone_identity_uri} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} - ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri} + ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url} ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events} ceilometer::db::mysql::password: {get_input: ceilometer_password} @@ -969,6 +908,7 @@ resources: snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} # Aodh + aodh_mysql_conn_string: {get_input: aodh_dsn} aodh::rabbit_userid: {get_input: rabbit_username} aodh::rabbit_password: {get_input: rabbit_password} aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -981,6 +921,7 @@ resources: aodh::api::keystone_password: {get_input: aodh_password} aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri} aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri} + aodh::auth::auth_url: {get_input: keystone_auth_uri} aodh::auth::auth_password: {get_input: aodh_password} aodh::db::mysql::password: {get_input: aodh_password} # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination @@ -1020,8 +961,6 @@ resources: nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} nova::api::admin_password: {get_input: nova_password} - nova::api::osapi_compute_workers: {get_input: nova_workers} - nova::api::metadata_workers: {get_input: nova_workers} nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} nova::database_connection: {get_input: nova_dsn} nova::api_database_connection: {get_input: nova_api_dsn} @@ -1062,7 +1001,6 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} control_virtual_interface: {get_input: control_virtual_interface} public_virtual_interface: {get_input: public_virtual_interface} diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml index 7d4dc15b..7c05a5b9 100644 --- a/puppet/extraconfig/ceph/ceph-external-config.yaml +++ b/puppet/extraconfig/ceph/ceph-external-config.yaml @@ -35,6 +35,9 @@ parameters: CinderRbdPoolName: default: volumes type: string + CinderBackupRbdPoolName: + default: backups + type: string GlanceRbdPoolName: default: images type: string @@ -71,7 +74,7 @@ resources: secret: 'CLIENT_KEY', mode: '0644', cap_mon: 'allow r', - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' + cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' } }" params: @@ -79,6 +82,7 @@ resources: CLIENT_KEY: {get_param: ceph_client_key} NOVA_POOL: {get_param: NovaRbdPoolName} CINDER_POOL: {get_param: CinderRbdPoolName} + CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} GLANCE_POOL: {get_param: GlanceRbdPoolName} GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} ceph::profile::params::ms_bind_ipv6: {get_param: CephIPv6} @@ -104,6 +108,7 @@ resources: tripleo::profile::base::cinder::volume::rbd::cinder_rbd_user_name: {get_param: CephClientUserName} ceph_pools: - {get_param: CinderRbdPoolName} + - {get_param: CinderBackupRbdPoolName} - {get_param: NovaRbdPoolName} - {get_param: GlanceRbdPoolName} - {get_param: GnocchiRbdPoolName} diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml deleted file mode 100644 index a4cfea07..00000000 --- a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml +++ /dev/null @@ -1,91 +0,0 @@ -heat_template_version: 2015-04-30 - -description: Configure hieradata for Nuage configuration on the Controller - -parameters: - server: - description: ID of the controller node to apply this config to - type: string - - # Config specific parameters, to be provided via parameter_defaults - NeutronNuageOSControllerIp: - description: IP address of the OpenStack Controller - type: string - - NeutronNuageNetPartitionName: - description: Specifies the title that you will see on the VSD - type: string - default: 'default_name' - - NeutronNuageVSDIp: - description: IP address and port of the Virtual Services Directory - type: string - - NeutronNuageVSDUsername: - description: Username to be used to log into VSD - type: string - - NeutronNuageVSDPassword: - description: Password to be used to log into VSD - type: string - - NeutronNuageVSDOrganization: - description: Organization parameter required to log into VSD - type: string - default: 'organization' - - NeutronNuageBaseURIVersion: - description: URI version to be used based on the VSD release - type: string - default: 'default_uri_version' - - NeutronNuageCMSId: - description: Cloud Management System ID (CMS ID) to distinguish between OS instances on the same VSD - type: string - - UseForwardedFor: - description: Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. - type: boolean - default: false - -resources: - NeutronNuageConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - neutron_nuage_data: - mapped_data: - neutron::plugins::nuage::nuage_oscontroller_ip: {get_input: NuageOSControllerIp} - neutron::plugins::nuage::nuage_net_partition_name: {get_input: NuageNetPartitionName} - neutron::plugins::nuage::nuage_vsd_ip: {get_input: NuageVSDIp} - neutron::plugins::nuage::nuage_vsd_username: {get_input: NuageVSDUsername} - neutron::plugins::nuage::nuage_vsd_password: {get_input: NuageVSDPassword} - neutron::plugins::nuage::nuage_vsd_organization: {get_input: NuageVSDOrganization} - neutron::plugins::nuage::nuage_base_uri_version: {get_input: NuageBaseURIVersion} - neutron::plugins::nuage::nuage_cms_id: {get_input: NuageCMSId} - nova::api::use_forwarded_for: {get_input: NovaUseForwardedFor} - - NeutronNuageDeployment: - type: OS::Heat::StructuredDeployment - properties: - name: NeutronNuageDeployment - config: {get_resource: NeutronNuageConfig} - server: {get_param: server} - input_values: - NuageOSControllerIp: {get_param: NeutronNuageOSControllerIp} - NuageNetPartitionName: {get_param: NeutronNuageNetPartitionName} - NuageVSDIp: {get_param: NeutronNuageVSDIp} - NuageVSDUsername: {get_param: NeutronNuageVSDUsername} - NuageVSDPassword: {get_param: NeutronNuageVSDPassword} - NuageVSDOrganization: {get_param: NeutronNuageVSDOrganization} - NuageBaseURIVersion: {get_param: NeutronNuageBaseURIVersion} - NuageCMSId: {get_param: NeutronNuageCMSId} - NovaUseForwardedFor: {get_param: UseForwardedFor} - -outputs: - deploy_stdout: - description: Deployment reference, used to trigger puppet apply on changes - value: {get_attr: [NeutronNuageDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml deleted file mode 100644 index 5c686fe7..00000000 --- a/puppet/extraconfig/pre_deploy/controller/neutron-opencontrail.yaml +++ /dev/null @@ -1,62 +0,0 @@ -heat_template_version: 2015-04-30 - -description: Controller hieradata for Neutron OpenContrail configuration - -parameters: - server: - description: ID of the controller node to apply this config to - type: string - ContrailApiServerIp: - description: IP address of the OpenContrail API server - type: string - ContrailApiServerPort: - description: Port of the OpenContrail API - type: string - default: 8082 - ContrailMultiTenancy: - description: Whether to enable multi tenancy - type: boolean - default: false - ContrailExtensions: - description: List of OpenContrail extensions to be enabled - type: comma_delimited_list - default: '' - -resources: - ControllerContrailConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - neutron_opencontrail_data: - mapped_data: - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions - - neutron::plugins::opencontrail::api_server_ip: {get_input: contrail_api_server_ip} - neutron::plugins::opencontrail::api_server_port: {get_input: contrail_api_server_port} - neutron::plugins::opencontrail::multi_tenancy: {get_input: contrail_multi_tenancy} - neutron::plugins::opencontrail::contrail_extensions: {get_input: contrail_extensions} - neutron::plugins::opencontrail::keystone_auth_url: '"%{hiera(''keystone_auth_uri'')}"' - neutron::plugins::opencontrail::keystone_admin_user: admin - neutron::plugins::opencontrail::keystone_admin_tenant_name: admin - neutron::plugins::opencontrail::keystone_admin_password: '"%{hiera(''admin_password'')}"' - neutron::plugins::opencontrail::keystone_admin_token: '"%{hiera(''keystone::admin_token'')}"' - - ControllerContrailDeployment: - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: ControllerContrailConfig} - server: {get_param: server} - input_values: - contrail_api_server_ip: {get_param: ContrailApiServerIp} - contrail_api_server_port: {get_param: ContrailApiServerPort} - contrail_multi_tenancy: {get_param: ContrailMultiTenancy} - contrail_extensions: {get_param: ContrailExtensions} - - -outputs: - deploy_stdout: - description: Output of the extra hiera data deployment - value: {get_attr: [ControllerContrailDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml deleted file mode 100755 index 7c0a7ad2..00000000 --- a/puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml +++ /dev/null @@ -1,113 +0,0 @@ -heat_template_version: 2015-04-30 - -description: Controller hieradata for Neutron PLUMgrid configuration - -parameters: - server: - description: ID of the controller node to apply this config to - type: string - PLUMgridDirectorServer: - description: IP address of the PLUMgrid Director Server - type: string - default: 127.0.0.1 - PLUMgridDirectorServerPort: - description: Port of the PLUMgrid Director Server - type: string - default: 443 - PLUMgridUsername: - description: Username for PLUMgrid platform - type: string - PLUMgridPassword: - description: Password for PLUMgrid platform - type: string - hidden: true - PLUMgridServerTimeOut: - description: Request timeout duration (seconds) to PLUMgrid platform - type: string - default: 99 - PLUMgridNovaMetadataIP: - description: IP address of Nova Metadata - type: string - default: 169.254.169.254 - PLUMgridNovaMetadataPort: - description: Port of Nova Metadata - type: string - default: 8775 - PLUMgridL2GatewayVendor: - description: Vendor for L2 Gateway Switch - type: string - default: vendor - PLUMgridL2GatewayUsername: - description: Username for L2 Gateway Switch - type: string - default: username - PLUMgridL2GatewayPassword: - description: Password for L2 Gateway Switch - type: string - hidden: true - PLUMgridIdentityVersion: - description: Keystone Identity version - type: string - default: v2.0 - PLUMgridConnectorType: - description: Neutron Network Connector Type - type: string - default: distributed - PLUMgridNeutronPluginVersion: - description: PLUMgrid Neutron Plugin version - type: string - default: present - PLUMgridPlumlibVersion: - description: PLUMgrid Plumlib version - type: string - default: present - - -resources: - ControllerPLUMgridConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - neutron_plumgrid_data: - mapped_data: - neutron::plugins::plumgrid::director_server: {get_input: plumgrid_director_server} - neutron::plugins::plumgrid::director_server_port: {get_input: plumgrid_director_server_port} - neutron::plugins::plumgrid::username: {get_input: plumgrid_username} - neutron::plugins::plumgrid::password: {get_input: plumgrid_password} - neutron::plugins::plumgrid::nova_metadata_ip: {get_input: plumgrid_nova_metadata_ip} - neutron::plugins::plumgrid::nova_metadata_port: {get_input: plumgrid_nova_metadata_port} - neutron::plugins::plumgrid::l2gateway_vendor: {get_input: plumgrid_l2gateway_vendor} - neutron::plugins::plumgrid::l2gateway_sw_username: {get_input: plumgrid_l2gateway_sw_username} - neutron::plugins::plumgrid::l2gateway_sw_password: {get_input: plumgrid_l2gateway_sw_password} - neutron::plugins::plumgrid::connector_type: {get_input: plumgrid_connector_type} - neutron::plugins::plumgrid::identity_version: {get_input: plumgrid_identity_version} - neutron::plugins::plumgrid::package_ensure: {get_input: plumgrid_neutron_plugin_version} - neutron::plugins::plumgrid::plumlib_package_ensure: {get_input: plumgrid_plumlib_version} - - ControllerPLUMgridDeployment: - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: ControllerPLUMgridConfig} - server: {get_param: server} - input_values: - plumgrid_director_server: {get_param: PLUMgridDirectorServer} - plumgrid_director_server_port: {get_param: PLUMgridDirectorServerPort} - plumgrid_username: {get_param: PLUMgridUsername} - plumgrid_password: {get_param: PLUMgridPassword} - plumgrid_nova_metadata_ip: {get_param: PLUMgridNovaMetadataIP} - plumgrid_nova_metadata_port: {get_param: PLUMgridNovaMetadataPort} - plumgrid_l2gateway_vendor: {get_param: PLUMgridL2GatewayVendor} - plumgrid_l2gateway_sw_username: {get_param: PLUMgridL2GatewayUsername} - plumgrid_l2gateway_sw_password: {get_param: PLUMgridL2GatewayPassword} - plumgrid_identity_version: {get_param: PLUMgridIdentityVersion} - plumgrid_connector_type: {get_param: PLUMgridConnectorType} - plumgrid_neutron_plugin_version: {get_param: PLUMgridNeutronPluginVersion} - plumgrid_plumlib_version: {get_param: PLUMgridPlumlibVersion} - -outputs: - deploy_stdout: - description: Deployment reference, used to trigger puppet apply on changes - value: {get_attr: [ControllerPLUMgridDeployment, deploy_stdout]} diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index 5a46fc2b..2d928cbf 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -3,10 +3,8 @@ nova::host: "%{::fqdn}" nova::notify_on_state_change: 'vm_and_task_state' nova::notification_driver: messagingv2 -nova::compute::enabled: true nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' -nova::compute::vnc_enabled: true nova::compute::libvirt::migration_support: true diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 3ad0748e..7db2b5de 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -1,9 +1,7 @@ # Hiera data here applies to all controller nodes nova::api::enabled: true -nova::consoleauth::enabled: true nova::vncproxy::enabled: true -nova::scheduler::enabled: true # gnocchi gnocchi::db::sync::extra_opts: '--skip-storage' @@ -115,7 +113,6 @@ nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true nova::api::enable_proxy_headers_parsing: true -nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::cron::archive_deleted_rows::hour: '*/12' nova::cron::archive_deleted_rows::destination: '/dev/null' nova::notification_driver: messaging @@ -189,13 +186,13 @@ controller_classes: [] # firewall tripleo::firewall::firewall_rules: '101 mongodb_config': - port: 27019 + dport: 27019 '102 mongodb_sharding': - port: 27018 + dport: 27018 '103 mongod': - port: 27017 + dport: 27017 '104 mysql galera': - port: + dport: - 873 - 3306 - 4444 @@ -203,37 +200,37 @@ tripleo::firewall::firewall_rules: - 4568 - 9200 '105 ntp': - port: 123 + dport: 123 proto: udp '106 vrrp': proto: vrrp '107 haproxy stats': - port: 1993 + dport: 1993 '108 redis': - port: + dport: - 6379 - 26379 '109 rabbitmq': - port: + dport: - 5672 - 35672 '110 ceph': - port: + dport: - 6789 - '6800-6810' '111 keystone': - port: + dport: - 5000 - 13000 - 35357 - 13357 '112 glance': - port: + dport: - 9292 - 9191 - 13292 '113 nova': - port: + dport: - 6080 - 13080 - 8773 @@ -242,43 +239,43 @@ tripleo::firewall::firewall_rules: - 13774 - 8775 '114 neutron server': - port: + dport: - 9696 - 13696 '115 neutron dhcp input': proto: 'udp' - port: 67 + dport: 67 '116 neutron dhcp output': proto: 'udp' chain: 'OUTPUT' - port: 68 + dport: 68 '118 neutron vxlan networks': proto: 'udp' - port: 4789 + dport: 4789 '119 cinder': - port: + dport: - 8776 - 13776 '120 iscsi initiator': - port: 3260 + dport: 3260 '121 memcached': - port: 11211 + dport: 11211 '122 swift proxy': - port: + dport: - 8080 - 13808 '123 swift storage': - port: + dport: - 873 - 6000 - 6001 - 6002 '124 ceilometer': - port: + dport: - 8777 - 13777 '125 heat': - port: + dport: - 8000 - 13800 - 8003 @@ -286,17 +283,30 @@ tripleo::firewall::firewall_rules: - 8004 - 13004 '126 horizon': - port: + dport: - 80 - 443 '127 snmp': - port: 161 + dport: 161 proto: 'udp' '128 aodh': - port: + dport: - 8042 - 13042 '129 gnocchi-api': - port: + dport: - 8041 - 13041 + '130 pacemaker tcp': + proto: 'tcp' + dport: + - 2224 + - 3121 + - 21064 + '131 pacemaker udp': + proto: 'udp' + dport: 5405 + '132 sahara': + dport: + - 8386 + - 13386 diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml index 19f1bff7..9cbff586 100644 --- a/puppet/hieradata/database.yaml +++ b/puppet/hieradata/database.yaml @@ -77,6 +77,15 @@ gnocchi::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" +# Aodh +aodh::db::mysql::user: aodh +aodh::db::mysql::host: "%{hiera('mysql_virtual_ip')}" +aodh::db::mysql::dbname: aodh +aodh::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + + sahara::db::mysql::user: sahara sahara::db::mysql::host: "%{hiera('mysql_virtual_ip')}" sahara::db::mysql::dbname: sahara diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 4add2f02..31d14e7d 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -23,10 +23,7 @@ if hiera('step') >= 1 { Exec <| tag == 'kmod::load' |> -> Sysctl <| |> include ::timezone - - if count(hiera('ntp::servers')) > 0 { - include ::ntp - } + } if hiera('step') >= 3 { @@ -57,5 +54,7 @@ if hiera('step') >= 3 { include ::ceph::profile::osd hiera_include('ceph_classes') - package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present} } + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index 6a6f54e0..bb9af468 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -20,10 +20,6 @@ create_resources(kmod::load, hiera('kernel_modules'), { }) create_resources(sysctl::value, hiera('sysctl_settings'), { }) Exec <| tag == 'kmod::load' |> -> Sysctl <| |> -if count(hiera('ntp::servers')) > 0 { - include ::ntp -} - include ::timezone if hiera('step') >= 4 { @@ -51,10 +47,6 @@ if hiera('step') >= 4 { ensure => present, } - include ::nova - include ::nova::config - include ::nova::compute - $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false) $rbd_persistent_storage = hiera('rbd_persistent_storage', false) if $rbd_ephemeral_storage or $rbd_persistent_storage { @@ -202,17 +194,8 @@ if hiera('step') >= 4 { include ::ceilometer::agent::compute include ::ceilometer::agent::auth - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('compute_classes') - package_manifest{ '/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present } - } + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index c6a80661..b79eca4a 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -28,10 +28,6 @@ if hiera('step') >= 1 { if hiera('step') >= 2 { - if count(hiera('ntp::servers')) > 0 { - include ::ntp - } - include ::timezone # MongoDB @@ -77,15 +73,13 @@ if hiera('step') >= 2 { # FIXME: this should only occur on the bootstrap host (ditto for db syncs) # Create all the database schemas - include ::nova::db::mysql - include ::nova::db::mysql_api if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' { include ::gnocchi::db::mysql } if downcase(hiera('ceilometer_backend')) == 'mysql' { include ::ceilometer::db::mysql - include ::aodh::db::mysql } + include ::aodh::db::mysql $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) @@ -151,12 +145,6 @@ if hiera('step') >= 4 { memcached_servers => $memcached_servers } include ::nova::config - include ::nova::api - include ::nova::consoleauth - include ::nova::network::neutron - include ::nova::vncproxy - include ::nova::scheduler - include ::nova::scheduler::filter if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { @@ -207,36 +195,15 @@ if hiera('step') >= 4 { } - # If the value of core plugin is set to 'nuage' or'opencontrail' or 'plumgrid', - # include nuage or opencontrail or plumgrid core plugins - # else use the default value of 'ml2' - if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { - include ::neutron::plugins::nuage - } elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' { - include ::neutron::plugins::opencontrail - } - elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' { - class { '::neutron::plugins::plumgrid' : - connection => hiera('neutron::server::database_connection'), - controller_priv_host => hiera('keystone_admin_api_vip'), - admin_password => hiera('admin_password'), - metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'), - } - } else { - - # If the value of core plugin is set to 'midonet', - # skip all the ML2 configuration - if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + # If the value of core plugin is set to 'midonet', + # skip all the ML2 configuration + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { - class {'::neutron::plugins::midonet': - midonet_api_ip => hiera('public_virtual_ip'), - keystone_tenant => hiera('neutron::server::auth_tenant'), - keystone_password => hiera('neutron::server::password') - } + class {'::neutron::plugins::midonet': + midonet_api_ip => hiera('public_virtual_ip'), + keystone_tenant => hiera('neutron::server::auth_tenant'), + keystone_password => hiera('neutron::server::password') } - - Service['neutron-server'] -> Service['neutron-metadata'] - } if $enable_ceph { @@ -248,24 +215,6 @@ if hiera('step') >= 4 { } } - # swift storage - if str2bool(hiera('enable_swift_storage', true)) { - class { '::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')), - } - if(!defined(File['/srv/node'])) { - file { '/srv/node': - ensure => directory, - owner => 'swift', - group => 'swift', - require => Package['openstack-swift'], - } - } - $swift_components = ['account', 'container', 'object'] - swift::storage::filter::recon { $swift_components : } - swift::storage::filter::healthcheck { $swift_components : } - } - # Ceilometer $ceilometer_backend = downcase(hiera('ceilometer_backend')) case $ceilometer_backend { @@ -293,11 +242,9 @@ if hiera('step') >= 4 { # Aodh class { '::aodh' : - database_connection => $ceilometer_database_connection, + database_connection => hiera('aodh_mysql_conn_string'), } include ::aodh::db::sync - # To manage the upgrade: - Exec['ceilometer-dbsync'] -> Exec['aodh-db-sync'] include ::aodh::auth include ::aodh::api include ::aodh::wsgi::apache @@ -347,16 +294,6 @@ if hiera('step') >= 4 { default: { fail('Unrecognized gnocchi_backend parameter.') } } - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('controller_classes') } #END STEP 4 diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index d042bda9..e095c966 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -59,10 +59,6 @@ if hiera('step') >= 1 { include ::timezone - if count(hiera('ntp::servers')) > 0 { - include ::ntp - } - $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G')) $corosync_ipv6 = str2bool(hiera('corosync_ipv6', false)) if $corosync_ipv6 { @@ -251,13 +247,6 @@ if hiera('step') >= 2 { # Create all the database schemas if $sync_db { - class { '::nova::db::mysql': - require => Exec['galera-ready'], - } - class { '::nova::db::mysql_api': - require => Exec['galera-ready'], - } - if downcase(hiera('ceilometer_backend')) == 'mysql' { class { '::ceilometer::db::mysql': require => Exec['galera-ready'], @@ -269,6 +258,10 @@ if hiera('step') >= 2 { require => Exec['galera-ready'], } } + + class { '::aodh::db::mysql': + require => Exec['galera-ready'], + } } # Ceph @@ -350,27 +343,6 @@ MYSQL_HOST=localhost\n", include ::nova::config - class { '::nova::api' : - sync_db => $sync_db, - sync_db_api => $sync_db, - manage_service => false, - enabled => false, - } - class { '::nova::consoleauth' : - manage_service => false, - enabled => false, - } - class { '::nova::vncproxy' : - manage_service => false, - enabled => false, - } - include ::nova::scheduler::filter - class { '::nova::scheduler' : - manage_service => false, - enabled => false, - } - include ::nova::network::neutron - if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { # TODO(devvesa) provide non-controller ips for these services @@ -420,12 +392,6 @@ MYSQL_HOST=localhost\n", } - if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { - include ::neutron::plugins::nuage - } - if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' { - include ::neutron::plugins::opencontrail - } if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { class {'::neutron::plugins::midonet': midonet_api_ip => hiera('public_virtual_ip'), @@ -433,14 +399,6 @@ MYSQL_HOST=localhost\n", keystone_password => hiera('neutron::server::password') } } - if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' { - class { '::neutron::plugins::plumgrid' : - connection => hiera('neutron::server::database_connection'), - controller_priv_host => hiera('keystone_admin_api_vip'), - admin_password => hiera('admin_password'), - metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'), - } - } if $enable_ceph { $ceph_pools = hiera('ceph_pools') @@ -451,36 +409,6 @@ MYSQL_HOST=localhost\n", } } - # swift storage - if str2bool(hiera('enable_swift_storage', true)) { - class {'::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')), - } - class {'::swift::storage::account': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - } - class {'::swift::storage::container': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - } - class {'::swift::storage::object': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - } - if(!defined(File['/srv/node'])) { - file { '/srv/node': - ensure => directory, - owner => 'swift', - group => 'swift', - require => Package['openstack-swift'], - } - } - $swift_components = ['account', 'container', 'object'] - swift::storage::filter::recon { $swift_components : } - swift::storage::filter::healthcheck { $swift_components : } - } - # Ceilometer case downcase(hiera('ceilometer_backend')) { /mysql/: { @@ -548,7 +476,7 @@ MYSQL_HOST=localhost\n", # Aodh class { '::aodh' : - database_connection => $ceilometer_database_connection, + database_connection => hiera('aodh_mysql_conn_string'), } include ::aodh::config include ::aodh::auth @@ -606,16 +534,6 @@ MYSQL_HOST=localhost\n", enabled => false, } - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('controller_classes') } #END STEP 4 @@ -715,20 +633,6 @@ password=\"${mysql_root_password}\"", } # Nova - pacemaker::resource::service { $::nova::params::api_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::nova::params::consoleauth_service_name : - clone_params => 'interleave=true', - require => Pacemaker::Resource::Ocf['openstack-core'], - } - pacemaker::resource::service { $::nova::params::vncproxy_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::nova::params::scheduler_service_name : - clone_params => 'interleave=true', - } - pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': constraint_type => 'order', first_resource => 'openstack-core-clone', @@ -738,6 +642,13 @@ password=\"${mysql_root_password}\"", require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], Pacemaker::Resource::Ocf['openstack-core']], } + pacemaker::constraint::colocation { 'nova-consoleauth-with-openstack-core': + source => "${::nova::params::consoleauth_service_name}-clone", + target => 'openstack-core-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], + Pacemaker::Resource::Ocf['openstack-core']], + } pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint': constraint_type => 'order', first_resource => "${::nova::params::consoleauth_service_name}-clone", diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 3585c993..c6b3108b 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -23,39 +23,11 @@ if hiera('step') >= 1 { include ::timezone - if count(hiera('ntp::servers')) > 0 { - include ::ntp - } } if hiera('step') >= 4 { - class { '::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')), - } - if(!defined(File['/srv/node'])) { - file { '/srv/node': - ensure => directory, - owner => 'swift', - group => 'swift', - require => Package['openstack-swift'], - } - } - - $swift_components = ['account', 'container', 'object'] - swift::storage::filter::recon { $swift_components : } - swift::storage::filter::healthcheck { $swift_components : } - - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('object_classes') } -package_manifest{'/var/lib/tripleo/installed-packages/overcloud_object': ensure => present} +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 134dc43b..9a8fb6f8 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -16,46 +16,55 @@ include ::tripleo::packages include ::tripleo::firewall -create_resources(kmod::load, hiera('kernel_modules'), {}) -create_resources(sysctl::value, hiera('sysctl_settings'), {}) -Exec <| tag == 'kmod::load' |> -> Sysctl <| |> +if hiera('step') >= 1 { + + create_resources(kmod::load, hiera('kernel_modules'), {}) + create_resources(sysctl::value, hiera('sysctl_settings'), {}) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> + + include ::timezone + + if count(hiera('ntp::servers')) > 0 { + include ::ntp + } -if count(hiera('ntp::servers')) > 0 { - include ::ntp } -include ::timezone +if hiera('step') >= 4 { -include ::cinder -include ::cinder::config -include ::cinder::glance -include ::cinder::volume -include ::cinder::setup_test_volume + include ::cinder + include ::cinder::config + include ::cinder::glance + include ::cinder::volume + include ::cinder::setup_test_volume -$cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true) -if $cinder_enable_iscsi { - $cinder_iscsi_backend = 'tripleo_iscsi' + $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true) + if $cinder_enable_iscsi { + $cinder_iscsi_backend = 'tripleo_iscsi' - cinder::backend::iscsi { $cinder_iscsi_backend : - iscsi_ip_address => hiera('cinder_iscsi_ip_address'), - iscsi_helper => hiera('cinder_iscsi_helper'), + cinder::backend::iscsi { $cinder_iscsi_backend : + iscsi_ip_address => hiera('cinder_iscsi_ip_address'), + iscsi_helper => hiera('cinder_iscsi_helper'), + } } -} -$cinder_enabled_backends = any2array($cinder_iscsi_backend) -class { '::cinder::backends' : - enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), -} + $cinder_enabled_backends = any2array($cinder_iscsi_backend) + class { '::cinder::backends' : + enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), + } -$snmpd_user = hiera('snmpd_readonly_user_name') -snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), -} -class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + $snmpd_user = hiera('snmpd_readonly_user_name') + snmp::snmpv3_user { $snmpd_user: + authtype => 'MD5', + authpass => hiera('snmpd_readonly_user_password'), + } + class { '::snmp': + agentaddress => ['udp:161','udp6:[::1]:161'], + snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + } + + hiera_include('volume_classes') } -hiera_include('volume_classes') -package_manifest{'/var/lib/tripleo/installed-packages/overcloud_volume': ensure => present} +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 8617df27..88e27945 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -38,3 +38,9 @@ outputs: heat::rabbit_port: {get_param: RabbitClientPort} heat::debug: {get_param: Debug} heat::enable_proxy_headers_parsing: true + # We need this because the default heat policy.json no longer works on TripleO + # https://git.openstack.org/cgit/openstack/heat/commit/?id=ac86702172ddf01f5bdc3f3cd99d2e32ad9b7024 + heat::policy::policies: + context_is_admin: + key: 'context_is_admin' + value: 'role:admin' diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 435a6de0..ff13d5d8 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -106,4 +106,4 @@ outputs: TYPES: {get_param: NeutronNetworkType} step_config: | - include ::tripleo::profile::base::neutron::ml2 + include ::tripleo::profile::base::neutron::plugins::ml2 diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml new file mode 100644 index 00000000..3c3d8b63 --- /dev/null +++ b/puppet/services/neutron-plugin-nuage.yaml @@ -0,0 +1,75 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron Nuage plugin + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + # Config specific parameters, to be provided via parameter_defaults + NeutronNuageOSControllerIp: + description: IP address of the OpenStack Controller + type: string + + NeutronNuageNetPartitionName: + description: Specifies the title that you will see on the VSD + type: string + default: 'default_name' + + NeutronNuageVSDIp: + description: IP address and port of the Virtual Services Directory + type: string + + NeutronNuageVSDUsername: + description: Username to be used to log into VSD + type: string + + NeutronNuageVSDPassword: + description: Password to be used to log into VSD + type: string + + NeutronNuageVSDOrganization: + description: Organization parameter required to log into VSD + type: string + default: 'organization' + + NeutronNuageBaseURIVersion: + description: URI version to be used based on the VSD release + type: string + default: 'default_uri_version' + + NeutronNuageCMSId: + description: Cloud Management System ID (CMS ID) to distinguish between OS instances on the same VSD + type: string + + UseForwardedFor: + description: Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. + type: boolean + default: false + +resources: + + NeutronBase: + type: ./neutron-base.yaml + +outputs: + role_data: + description: Role data for the Neutron Nuage plugin + value: + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::plugins::nuage::nuage_oscontroller_ip: {get_param: NeutronNuageOSControllerIp} + neutron::plugins::nuage::nuage_net_partition_name: {get_param: NeutronNuageNetPartitionName} + neutron::plugins::nuage::nuage_vsd_ip: {get_param: NeutronNuageVSDIp} + neutron::plugins::nuage::nuage_vsd_username: {get_param: NeutronNuageVSDUsername} + neutron::plugins::nuage::nuage_vsd_password: {get_param: NeutronNuageVSDPassword} + neutron::plugins::nuage::nuage_vsd_organization: {get_param: NeutronNuageVSDOrganization} + neutron::plugins::nuage::nuage_base_uri_version: {get_param: NeutronNuageBaseURIVersion} + neutron::plugins::nuage::nuage_cms_id: {get_param: NeutronNuageCMSId} + nova::api::use_forwarded_for: {get_param: UseForwardedFor} + step_config: | + include tripleo::profile::base::neutron::plugins::nuage diff --git a/puppet/services/neutron-plugin-opencontrail.yaml b/puppet/services/neutron-plugin-opencontrail.yaml new file mode 100644 index 00000000..9c58c03c --- /dev/null +++ b/puppet/services/neutron-plugin-opencontrail.yaml @@ -0,0 +1,60 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron Opencontrail plugin + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + AdminPassword: + description: The password for the keystone admin account, used for monitoring, querying neutron etc. + type: string + hidden: true + AdminToken: + description: The keystone auth secret and db password. + type: string + hidden: true + ContrailApiServerIp: + description: IP address of the OpenContrail API server + type: string + ContrailApiServerPort: + description: Port of the OpenContrail API + type: string + default: 8082 + ContrailMultiTenancy: + description: Whether to enable multi tenancy + type: boolean + default: false + ContrailExtensions: + description: List of OpenContrail extensions to be enabled + type: comma_delimited_list + default: '' + +resources: + + NeutronBase: + type: ./neutron-base.yaml + +outputs: + role_data: + description: Role data for the Neutron Opencontrail plugin + value: + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions + + neutron::plugins::opencontrail::api_server_ip: {get_param: ContrailApiServerIp} + neutron::plugins::opencontrail::api_server_port: {get_param: ContrailApiServerPort} + neutron::plugins::opencontrail::multi_tenancy: {get_param: ContrailMultiTenancy} + neutron::plugins::opencontrail::contrail_extensions: {get_param: ContrailExtensions} + neutron::plugins::opencontrail::keystone_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri] } + neutron::plugins::opencontrail::keystone_admin_user: admin + neutron::plugins::opencontrail::keystone_admin_tenant_name: admin + neutron::plugins::opencontrail::keystone_admin_password: {get_param: AdminPassword} + neutron::plugins::opencontrail::keystone_admin_token: {get_param: AdminToken} + step_config: | + include tripleo::profile::base::neutron::plugins::opencontrail diff --git a/puppet/services/neutron-plugin-plumgrid.yaml b/puppet/services/neutron-plugin-plumgrid.yaml new file mode 100644 index 00000000..a0ac46ef --- /dev/null +++ b/puppet/services/neutron-plugin-plumgrid.yaml @@ -0,0 +1,111 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron Plumgrid plugin + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NeutronPassword: + description: The password for the neutron service and db account, used by neutron agents. + type: string + hidden: true + NeutronMetadataProxySharedSecret: + description: Shared secret to prevent spoofing + type: string + hidden: true + AdminPassword: + description: The password for the keystone admin account, used for monitoring, querying neutron etc. + type: string + hidden: true + + # PLUMgrid specific settings + PLUMgridDirectorServer: + description: IP address of the PLUMgrid Director Server + type: string + default: 127.0.0.1 + PLUMgridDirectorServerPort: + description: Port of the PLUMgrid Director Server + type: string + default: 443 + PLUMgridUsername: + description: Username for PLUMgrid platform + type: string + PLUMgridPassword: + description: Password for PLUMgrid platform + type: string + hidden: true + PLUMgridNovaMetadataIP: + description: IP address of Nova Metadata + type: string + default: 169.254.169.254 + PLUMgridNovaMetadataPort: + description: Port of Nova Metadata + type: string + default: 8775 + PLUMgridL2GatewayVendor: + description: Vendor for L2 Gateway Switch + type: string + default: vendor + PLUMgridL2GatewayUsername: + description: Username for L2 Gateway Switch + type: string + default: username + PLUMgridL2GatewayPassword: + description: Password for L2 Gateway Switch + type: string + hidden: true + PLUMgridIdentityVersion: + description: Keystone Identity version + type: string + default: v2.0 + PLUMgridConnectorType: + description: Neutron Network Connector Type + type: string + default: distributed + PLUMgridNeutronPluginVersion: + description: PLUMgrid Neutron Plugin version + type: string + default: present + PLUMgridPlumlibVersion: + description: PLUMgrid Plumlib version + type: string + default: present + + +outputs: + role_data: + description: Role data for the Neutron Plumgrid plugin + value: + config_settings: + neutron::plugins::plumgrid::connection: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://neutron:' + - {get_param: NeutronPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/ovs_neutron?charset=utf8' + neutron::plugins::plumgrid::controller_priv_host: {get_param: [EndpointMap, KeystoneAdmin, host]} + neutron::plugins::plumgrid::admin_password: {get_param: AdminPassword} + neutron::plugins::plumgrid::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + neutron::plugins::plumgrid::director_server: {get_param: PLUMgridDirectorServer} + neutron::plugins::plumgrid::director_server_port: {get_param: PLUMgridDirectorServerPort} + neutron::plugins::plumgrid::username: {get_param: PLUMgridUsername} + neutron::plugins::plumgrid::password: {get_param: PLUMgridPassword} + neutron::plugins::plumgrid::nova_metadata_ip: {get_param: PLUMgridNovaMetadataIP} + neutron::plugins::plumgrid::nova_metadata_port: {get_param: PLUMgridNovaMetadataPort} + neutron::plugins::plumgrid::l2gateway_vendor: {get_param: PLUMgridL2GatewayVendor} + neutron::plugins::plumgrid::l2gateway_sw_username: {get_param: PLUMgridL2GatewayUsername} + neutron::plugins::plumgrid::l2gateway_sw_password: {get_param: PLUMgridL2GatewayPassword} + neutron::plugins::plumgrid::connector_type: {get_param: PLUMgridConnectorType} + neutron::plugins::plumgrid::identity_version: {get_param: PLUMgridIdentityVersion} + neutron::plugins::plumgrid::package_ensure: {get_param: PLUMgridNeutronPluginVersion} + neutron::plugins::plumgrid::plumlib_package_ensure: {get_param: PLUMgridPlumlibVersion} + + step_config: | + include tripleo::profile::base::neutron::plugins::plumgrid diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml new file mode 100644 index 00000000..f31df371 --- /dev/null +++ b/puppet/services/nova-api.yaml @@ -0,0 +1,31 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NovaWorkers: + default: 0 + description: Number of workers for Nova API service. + type: number + +resources: + NovaBase: + type: ./nova-base.yaml + +outputs: + role_data: + description: Role data for the Nova API service. + value: + config_settings: + map_merge: + - get_attr: [NovaBase, role_data, config_settings] + - nova::api::osapi_compute_workers: {get_param: NovaWorkers} + - nova::api::metadata_workers: {get_param: NovaWorkers} + step_config: | + include tripleo::profile::base::nova::api diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml new file mode 100644 index 00000000..0844aa85 --- /dev/null +++ b/puppet/services/nova-compute.yaml @@ -0,0 +1,25 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Compute service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + NovaBase: + type: ./nova-base.yaml + +outputs: + role_data: + description: Role data for the Nova Conductor service. + value: + config_settings: + map_merge: + - get_attr: [NovaBase, role_data, config_settings] + step_config: | + include tripleo::profile::base::nova::compute diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml new file mode 100644 index 00000000..791c5449 --- /dev/null +++ b/puppet/services/nova-consoleauth.yaml @@ -0,0 +1,24 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Consoleauth service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + NovaBase: + type: ./nova-base.yaml + +outputs: + role_data: + description: Role data for the Nova Consoleauth service. + value: + config_settings: + get_attr: [NovaBase, role_data, config_settings] + step_config: | + include tripleo::profile::base::nova::consoleauth diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml new file mode 100644 index 00000000..65ed6643 --- /dev/null +++ b/puppet/services/nova-scheduler.yaml @@ -0,0 +1,26 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Scheduler service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + NovaBase: + type: ./nova-base.yaml + +outputs: + role_data: + description: Role data for the Nova Scheduler service. + value: + config_settings: + map_merge: + - get_attr: [NovaBase, role_data, config_settings] + - nova::scheduler::filter::ram_allocation_ratio: '1.0' + step_config: | + include tripleo::profile::base::nova::scheduler diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vncproxy.yaml new file mode 100644 index 00000000..93a25ab2 --- /dev/null +++ b/puppet/services/nova-vncproxy.yaml @@ -0,0 +1,24 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Vncproxy service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + NovaBase: + type: ./nova-base.yaml + +outputs: + role_data: + description: Role data for the Nova Vncproxy service. + value: + config_settings: + get_attr: [NovaBase, role_data, config_settings] + step_config: | + include tripleo::profile::base::nova::vncproxy diff --git a/puppet/services/pacemaker/neutron-plugin-ml2.yaml b/puppet/services/pacemaker/neutron-plugin-ml2.yaml index ac9d2402..9091b5b9 100644 --- a/puppet/services/pacemaker/neutron-plugin-ml2.yaml +++ b/puppet/services/pacemaker/neutron-plugin-ml2.yaml @@ -25,4 +25,4 @@ outputs: - neutron::agents::ml2::ovs::enabled: false neutron::agents::ml2::ovs::manage_service: false step_config: | - include ::tripleo::profile::pacemaker::neutron::ml2 + include ::tripleo::profile::pacemaker::neutron::plugins::ml2 diff --git a/puppet/services/pacemaker/neutron-plugin-nuage.yaml b/puppet/services/pacemaker/neutron-plugin-nuage.yaml new file mode 100644 index 00000000..704d922a --- /dev/null +++ b/puppet/services/pacemaker/neutron-plugin-nuage.yaml @@ -0,0 +1,28 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NeutronPluginNuageBase: + type: ../neutron-plugin-nuage.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Neutron Nuage plugin. + value: + config_settings: + map_merge: + - get_attr: [NeutronPluginNuageBase, role_data, config_settings] + step_config: | + include ::tripleo::profile::pacemaker::neutron::plugins::nuage diff --git a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml new file mode 100644 index 00000000..d8c75509 --- /dev/null +++ b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml @@ -0,0 +1,28 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NeutronPluginOpenContrail: + type: ../neutron-plugin-nuage.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Neutron OpenContrail plugin. + value: + config_settings: + map_merge: + - get_attr: [NeutronPluginOpenContrail, role_data, config_settings] + step_config: | + include ::tripleo::profile::pacemaker::neutron::plugins::opencontrail diff --git a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml new file mode 100644 index 00000000..c2e8eaac --- /dev/null +++ b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml @@ -0,0 +1,28 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NeutronPluginPlumgridBase: + type: ../neutron-plugin-ml2.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Neutron PLUMgrid plugin. + value: + config_settings: + map_merge: + - get_attr: [NeutronPluginPlumgridBase, role_data, config_settings] + step_config: | + include ::tripleo::profile::pacemaker::neutron::plugins::plumgrid diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml new file mode 100644 index 00000000..1b5011b6 --- /dev/null +++ b/puppet/services/pacemaker/nova-api.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova API service with Pacemaker configured with Puppet. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NovaApiBase: + type: ../nova-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova API role. + value: + config_settings: + map_merge: + - get_attr: [NovaApiBase, role_data, config_settings] + - nova::api::manage_service: false + nova::api::enabled: false + step_config: | + include ::tripleo::profile::pacemaker::nova::api diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml new file mode 100644 index 00000000..f9b6b058 --- /dev/null +++ b/puppet/services/pacemaker/nova-consoleauth.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Consoleauth service with Pacemaker configured with Puppet. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NovaConsoleauthBase: + type: ../nova-consoleauth.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova Consoleauth role. + value: + config_settings: + map_merge: + - get_attr: [NovaConsoleauthBase, role_data, config_settings] + - nova::consoleauth::manage_service: false + nova::consoleauth::enabled: false + step_config: | + include ::tripleo::profile::pacemaker::nova::consoleauth diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml new file mode 100644 index 00000000..0032cbe6 --- /dev/null +++ b/puppet/services/pacemaker/nova-scheduler.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Scheduler service with Pacemaker configured with Puppet. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NovaSchedulerBase: + type: ../nova-scheduler.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova Scheduler role. + value: + config_settings: + map_merge: + - get_attr: [NovaSchedulerBase, role_data, config_settings] + - nova::scheduler::manage_service: false + nova::scheduler::enabled: false + step_config: | + include ::tripleo::profile::pacemaker::nova::scheduler diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vncproxy.yaml new file mode 100644 index 00000000..52395240 --- /dev/null +++ b/puppet/services/pacemaker/nova-vncproxy.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Vncproxy service with Pacemaker configured with Puppet. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NovaVncproxyBase: + type: ../nova-vncproxy.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova Vncproxy role. + value: + config_settings: + map_merge: + - get_attr: [NovaVncproxyBase, role_data, config_settings] + - nova::vncproxy::manage_service: false + nova::vncproxy::enabled: false + step_config: | + include ::tripleo::profile::pacemaker::nova::vncproxy diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 581b4ba4..3688c4a8 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -18,7 +18,7 @@ parameters: type: string hidden: true RabbitFDLimit: - default: 16384 + default: 65536 description: Configures RabbitMQ FD limit type: string RabbitIPv6: diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml new file mode 100644 index 00000000..24ee2933 --- /dev/null +++ b/puppet/services/snmp.yaml @@ -0,0 +1,31 @@ +heat_template_version: 2016-04-08 + +description: > + SNMP client configured with Puppet, to facilitate Ceilometer Hardware + monitoring in the undercloud. This service is required to enable hardware + monitoring. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + SnmpdReadonlyUserName: + default: ro_snmp_user + description: The user name for SNMPd with readonly rights running on all Overcloud nodes + type: string + SnmpdReadonlyUserPassword: + description: The user password for SNMPd with readonly rights running on all Overcloud nodes + type: string + hidden: true + +outputs: + role_data: + description: Role data for the SNMP services + value: + config_settings: + snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} + snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + step_config: | + include ::tripleo::profile::base::snmp diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml new file mode 100644 index 00000000..980c95f5 --- /dev/null +++ b/puppet/services/swift-storage.yaml @@ -0,0 +1,44 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Swift Storage service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + SwiftMountCheck: + default: false + description: Value of mount_check in Swift account/container/object -server.conf + type: boolean + + # DEPRECATED options for compatibility with overcloud.yaml + # This should be removed and manipulation of the ControllerServices list + # used instead, but we need client support for that first + ControllerEnableSwiftStorage: + default: true + description: Whether to enable Swift Storage on the Controller + type: boolean + +parameter_groups: +- label: deprecated + description: Do not use deprecated params, they will be removed. + parameters: + - ControllerEnableSwiftStorage + +outputs: + role_data: + description: Role data for the Swift Proxy role. + value: + config_settings: + # Swift + swift::storage::all::mount_check: {get_param: SwiftMountCheck} + tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage} + step_config: | + include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml new file mode 100644 index 00000000..dbef6f91 --- /dev/null +++ b/puppet/services/time/ntp.yaml @@ -0,0 +1,27 @@ +heat_template_version: 2016-04-08 + +description: > + NTP service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configure NTP. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NtpServers: + default: [] + description: NTP servers + type: comma_delimited_list + +outputs: + role_data: + description: Role ntp using composable services. + value: + config_settings: + ntp::ntpservers: {get_param: NtpServers} + step_config: | + include ::ntp
\ No newline at end of file diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index ed52f928..dc3d2c54 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -18,10 +18,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - MountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean MinPartHours: type: number default: 1 @@ -46,10 +42,6 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -290,9 +282,7 @@ resources: tripleo::ringbuilder::part_power: { get_input: swift_part_power } tripleo::ringbuilder::replicas: {get_input: swift_replicas } swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } - ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} @@ -312,12 +302,10 @@ resources: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} swift_hash_suffix: {get_param: HashSuffix} - swift_mount_check: {get_param: MountCheck} swift_min_part_hours: {get_param: MinPartHours} swift_ring_build: {get_param: RingBuild} swift_part_power: {get_param: PartPower} swift_replicas: { get_param: Replicas} - ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} |