summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ci/environments/scenario006-multinode-containers.yaml60
-rw-r--r--deployed-server/deployed-server-environment-output.yaml65
-rwxr-xr-xdocker/docker-puppet.py6
-rw-r--r--docker/services/README.rst2
-rw-r--r--docker/services/ironic-api.yaml14
-rw-r--r--docker/services/iscsid.yaml2
-rw-r--r--docker/services/manila-share.yaml118
-rw-r--r--docker/services/nova-api.yaml12
-rw-r--r--docker/services/pacemaker/haproxy.yaml38
-rw-r--r--docker/services/swift-storage.yaml8
-rw-r--r--environments/disable-telemetry.yaml3
-rw-r--r--environments/docker-centos-tripleoupstream.yaml7
-rw-r--r--environments/docker-services-tls-everywhere.yaml15
-rw-r--r--environments/docker.yaml15
-rw-r--r--environments/neutron-ml2-bigswitch.yaml1
-rw-r--r--environments/overcloud-baremetal.j2.yaml1
-rw-r--r--environments/overcloud-services.yaml3
-rw-r--r--environments/services-docker/manila.yaml1
-rw-r--r--extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml25
-rw-r--r--extraconfig/pre_network/config_then_reboot.yaml24
-rw-r--r--extraconfig/pre_network/host_config_and_reboot.role.j2.yaml23
-rw-r--r--extraconfig/pre_network/host_config_and_reboot.yaml49
-rw-r--r--extraconfig/tasks/ssh/host_public_key.yaml8
-rw-r--r--network/external.yaml2
-rw-r--r--network/external_v6.yaml2
-rw-r--r--network/internal_api.yaml2
-rw-r--r--network/internal_api_v6.yaml2
-rw-r--r--network/management_v6.yaml2
-rw-r--r--network/ports/net_ip_map.yaml1
-rw-r--r--network/storage.yaml2
-rw-r--r--network/storage_mgmt.yaml2
-rw-r--r--network/storage_mgmt_v6.yaml2
-rw-r--r--network/storage_v6.yaml2
-rw-r--r--network/tenant.yaml2
-rw-r--r--network/tenant_v6.yaml2
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml4
-rw-r--r--overcloud.j2.yaml51
-rw-r--r--puppet/blockstorage-role.yaml53
-rw-r--r--puppet/cephstorage-role.yaml56
-rw-r--r--puppet/compute-role.yaml56
-rw-r--r--puppet/controller-role.yaml56
-rw-r--r--puppet/objectstorage-role.yaml53
-rw-r--r--puppet/role.role.j2.yaml56
-rw-r--r--puppet/services/aodh-base.yaml7
-rw-r--r--puppet/services/barbican-api.yaml7
-rw-r--r--puppet/services/ceilometer-base.yaml7
-rw-r--r--puppet/services/ceph-mon.yaml4
-rw-r--r--puppet/services/cinder-api.yaml7
-rw-r--r--puppet/services/congress.yaml7
-rw-r--r--puppet/services/disabled/ceilometer-api-disabled.yaml41
-rw-r--r--puppet/services/glance-api.yaml8
-rw-r--r--puppet/services/heat-base.yaml7
-rw-r--r--puppet/services/keystone.yaml9
-rw-r--r--puppet/services/manila-base.yaml7
-rw-r--r--puppet/services/mistral-base.yaml7
-rw-r--r--puppet/services/neutron-base.yaml7
-rw-r--r--puppet/services/neutron-ovs-agent.yaml3
-rw-r--r--puppet/services/nova-base.yaml8
-rw-r--r--puppet/services/octavia-base.yaml7
-rw-r--r--puppet/services/qdr.yaml6
-rw-r--r--puppet/services/sahara-base.yaml7
-rw-r--r--puppet/services/tacker.yaml7
-rw-r--r--releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml6
-rw-r--r--releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml10
-rw-r--r--releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml6
-rw-r--r--releasenotes/source/conf.py9
-rw-r--r--test-requirements.txt2
-rw-r--r--validation-scripts/all-nodes.sh3
68 files changed, 1011 insertions, 96 deletions
diff --git a/ci/environments/scenario006-multinode-containers.yaml b/ci/environments/scenario006-multinode-containers.yaml
new file mode 100644
index 00000000..97db897b
--- /dev/null
+++ b/ci/environments/scenario006-multinode-containers.yaml
@@ -0,0 +1,60 @@
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::NovaIronic: ../docker/services/nova-ironic.yaml
+ OS::TripleO::Services::IronicApi: ../docker/services/ironic-api.yaml
+ OS::TripleO::Services::IronicConductor: ../docker/services/ironic-conductor.yaml
+ OS::TripleO::Services::IronicPxe: ../docker/services/ironic-pxe.yaml
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicPxe
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+
+ Debug: true
+ BannerText: |
+ ******************************************************************
+ * This system is for the use of authorized users only. Usage of *
+ * this system may be monitored and recorded by system personnel. *
+ * Anyone using this system expressly consents to such monitoring *
+ * and is advised that if such monitoring reveals possible *
+ * evidence of criminal activity, system personnel may provide *
+ * the evidence from such monitoring to law enforcement officials.*
+ ******************************************************************
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ IronicCleaningDiskErase: 'metadata'
diff --git a/deployed-server/deployed-server-environment-output.yaml b/deployed-server/deployed-server-environment-output.yaml
new file mode 100644
index 00000000..eaf77459
--- /dev/null
+++ b/deployed-server/deployed-server-environment-output.yaml
@@ -0,0 +1,65 @@
+heat_template_version: pike
+
+parameters:
+ RoleCounts:
+ type: json
+ default: {}
+ VipMap:
+ type: json
+ default: {}
+ DeployedServerPortMap:
+ type: json
+ default: {}
+ DeployedServerDeploymentSwiftDataMap:
+ type: json
+ default: {}
+ DefaultRouteIp:
+ type: string
+ default: 192.168.24.1
+
+resources:
+
+ DeployedServerPortMapParameter:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ DeployedServerPortMap:
+ map_merge:
+ - {get_param: DeployedServerPortMap}
+ - control_virtual_ip:
+ fixed_ips:
+ - ip_address: {get_param: [VipMap, ctlplane]}
+ - redis_virtual_ip:
+ fixed_ips:
+ - ip_address: {get_param: [VipMap, redis]}
+
+ ResourceRegistry:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ OS::TripleO::DeployedServer::ControlPlanePort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml
+
+ DeployedServerEnvironment:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ resource_registry:
+ {get_attr: [ResourceRegistry, value]}
+ parameter_defaults:
+ map_merge:
+ - {get_attr: [DeployedServerPortMapParameter, value]}
+ - DeploymentSwiftDataMap: {get_param: DeployedServerDeploymentSwiftDataMap}
+ - EC2MetadataIp: {get_param: DefaultRouteIp}
+ - ControlPlaneDefaultRoute: {get_param: DefaultRouteIp}
+ - {get_param: RoleCounts}
+
+outputs:
+ deployed_server_environment:
+ description:
+ Environment data that can be used as input into the services stack when
+ using split-stack.
+ value: {get_attr: [DeployedServerEnvironment, value]}
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index 65d3bf38..01acde03 100755
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -205,7 +205,7 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
# Disables archiving
if [ -z "$NO_ARCHIVE" ]; then
- archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www")
+ archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron")
rsync_srcs=""
for d in "${archivedirs[@]}"; do
if [ -d "$d" ]; then
@@ -308,9 +308,9 @@ for config_volume in configs:
volumes = service[4] if len(service) > 4 else []
if puppet_tags:
- puppet_tags = "file,file_line,concat,augeas,%s" % puppet_tags
+ puppet_tags = "file,file_line,concat,augeas,cron,%s" % puppet_tags
else:
- puppet_tags = "file,file_line,concat,augeas"
+ puppet_tags = "file,file_line,concat,augeas,cron"
process_map.append([config_volume, puppet_tags, manifest, config_image, volumes])
diff --git a/docker/services/README.rst b/docker/services/README.rst
index 84ac842e..ce255ba8 100644
--- a/docker/services/README.rst
+++ b/docker/services/README.rst
@@ -74,7 +74,7 @@ are re-asserted when applying latter ones.
* puppet_tags: Puppet resource tag names that are used to generate config
files with puppet. Only the named config resources are used to generate
a config file. Any service that specifies tags will have the default
- tags of 'file,concat,file_line,augeas' appended to the setting.
+ tags of 'file,concat,file_line,augeas,cron' appended to the setting.
Example: keystone_config
* config_volume: The name of the volume (directory) where config files
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index 9583cd71..d18221db 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -12,9 +12,9 @@ parameters:
description: image
default: 'centos-binary-ironic-api:latest'
type: string
- DockerIronicConfigImage:
- description: The container image to use for the ironic config_volume
- default: 'centos-binary-ironic-pxe:latest'
+ DockerIronicApiConfigImage:
+ description: The container image to use for the ironic_api config_volume
+ default: 'centos-binary-ironic-api:latest'
type: string
EndpointMap:
default: {}
@@ -67,13 +67,13 @@ outputs:
service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- config_volume: ironic
+ config_volume: ironic_api
puppet_tags: ironic_config
step_config: *step_config
config_image:
list_join:
- '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ - [ {get_param: DockerNamespace}, {get_param: DockerIronicApiConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/ironic_api.json:
command: /usr/sbin/httpd -DFOREGROUND
@@ -111,7 +111,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro
+ - /var/lib/config-data/ironic_api/etc/ironic:/etc/ironic:ro
- /var/log/containers/ironic:/var/log/ironic
command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'"
step_4:
@@ -126,7 +126,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/ironic_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/iscsid.yaml b/docker/services/iscsid.yaml
index 86f2d3b4..c98a921d 100644
--- a/docker/services/iscsid.yaml
+++ b/docker/services/iscsid.yaml
@@ -100,6 +100,7 @@ outputs:
when: stat_iscsid_socket.stat.exists
upgrade_tasks:
- name: stat /lib/systemd/system/iscsid.service
+ tags: step2
stat: path=/lib/systemd/system/iscsid.service
register: stat_iscsid_service
- name: Stop and disable iscsid service
@@ -107,6 +108,7 @@ outputs:
service: name=iscsid state=stopped enabled=no
when: stat_iscsid_service.stat.exists
- name: stat /lib/systemd/system/iscsid.socket
+ tags: step2
stat: path=/lib/systemd/system/iscsid.socket
register: stat_iscsid_socket
- name: Stop and disable iscsid.socket service
diff --git a/docker/services/manila-share.yaml b/docker/services/manila-share.yaml
new file mode 100644
index 00000000..227f28fe
--- /dev/null
+++ b/docker/services/manila-share.yaml
@@ -0,0 +1,118 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Manila Share service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerManilaShareImage:
+ description: image
+ default: 'centos-binary-manila-share:latest'
+ type: string
+ DockerManilaConfigImage:
+ description: image
+ default: 'centos-binary-manila-base:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ ManilaBase:
+ type: ../../puppet/services/manila-share.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Manila Share role.
+ value:
+ service_name: {get_attr: [ManilaBase, role_data, service_name]}
+ config_settings: {get_attr: [ManilaBase, role_data, config_settings]}
+ step_config: &step_config
+ get_attr: [ManilaBase, role_data, step_config]
+ service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: manila
+ puppet_tags: manila_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/manila_share.json:
+ command: /usr/bin/manila-share --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ # NOTE(gfidente): ceph-ansible generated
+ - source: "/var/lib/kolla/config_files/src-ceph/*"
+ dest: "/etc/ceph"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/manila
+ owner: manila:manila
+ recurse: true
+ docker_config:
+ step_4:
+ manila_share:
+ image: &manila_share_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerManilaShareImage} ]
+ net: host
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/manila_share.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/manila:/var/log/manila
+ - /etc/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent directories
+ file:
+ path: /var/log/containers/manila
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable manila_share service
+ tags: step2
+ service: name=openstack-manila-share state=stopped enabled=no
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 93935cad..9282c934 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -158,7 +158,7 @@ outputs:
user: nova
privileged: true
restart: always
- volumes:
+ volumes: &nova_api_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
@@ -167,6 +167,16 @@ outputs:
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ nova_api_cron:
+ image: *nova_api_image
+ net: host
+ user: root
+ privileged: true
+ restart: always
+ volumes: *nova_api_volumes
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ command: "/usr/sbin/crond -n"
step_5:
nova_api_discover_hosts:
start_order: 1
diff --git a/docker/services/pacemaker/haproxy.yaml b/docker/services/pacemaker/haproxy.yaml
index bfc9ca50..1b104a23 100644
--- a/docker/services/pacemaker/haproxy.yaml
+++ b/docker/services/pacemaker/haproxy.yaml
@@ -30,6 +30,11 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ DeployedSSLCertificatePath:
+ default: '/etc/pki/tls/private/overcloud_endpoint.pem'
+ description: >
+ The filepath of the certificate as it will be stored in the controller.
+ type: string
RoleName:
default: ''
description: Role name on which the service is applied
@@ -81,6 +86,12 @@ outputs:
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ volumes: &deployed_cert_mount
+ - list_join:
+ - ':'
+ - - {get_param: DeployedSSLCertificatePath}
+ - {get_param: DeployedSSLCertificatePath}
+ - 'ro'
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
@@ -116,17 +127,20 @@ outputs:
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
image: *haproxy_image
volumes:
- # puppet saves iptables rules in /etc/sysconfig
- - /etc/sysconfig:/etc/sysconfig:rw
- # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
- # the necessary bit and prevent systemd to try to reload the service in the container
- - /usr/libexec/iptables:/usr/libexec/iptables:ro
- - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /etc/puppet:/tmp/puppet-etc:ro
- - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- - /dev/shm:/dev/shm:rw
+ list_concat:
+ - *deployed_cert_mount
+ -
+ # puppet saves iptables rules in /etc/sysconfig
+ - /etc/sysconfig:/etc/sysconfig:rw
+ # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+ # the necessary bit and prevent systemd to try to reload the service in the container
+ - /usr/libexec/iptables:/usr/libexec/iptables:ro
+ - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml
index d795818f..a07c92ae 100644
--- a/docker/services/swift-storage.yaml
+++ b/docker/services/swift-storage.yaml
@@ -188,8 +188,8 @@ outputs:
- path: /var/log/swift
owner: swift:swift
recurse: true
- /var/lib/kolla/config_files/swift_xinetd_rsync.json:
- command: /usr/sbin/xinetd -dontfork
+ /var/lib/kolla/config_files/swift_rsync.json:
+ command: /usr/bin/rsync --daemon --no-detach --config=/etc/rsyncd.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
@@ -428,7 +428,7 @@ outputs:
- /dev:/dev
- /var/log/containers/swift:/var/log/swift
environment: *kolla_env
- swift_xinetd_rsync:
+ swift_rsync:
image: *swift_object_image
net: host
user: root
@@ -438,7 +438,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/swift_xinetd_rsync.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/kolla/config_files/swift_rsync.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
diff --git a/environments/disable-telemetry.yaml b/environments/disable-telemetry.yaml
index 6249c286..52d0d27b 100644
--- a/environments/disable-telemetry.yaml
+++ b/environments/disable-telemetry.yaml
@@ -18,3 +18,6 @@ resource_registry:
OS::TripleO::Services::AodhNotifier: OS::Heat::None
OS::TripleO::Services::AodhListener: OS::Heat::None
OS::TripleO::Services::PankoApi: OS::Heat::None
+
+parameter_defaults:
+ NotificationDriver: 'noop'
diff --git a/environments/docker-centos-tripleoupstream.yaml b/environments/docker-centos-tripleoupstream.yaml
index 648c8c26..9eb45363 100644
--- a/environments/docker-centos-tripleoupstream.yaml
+++ b/environments/docker-centos-tripleoupstream.yaml
@@ -1,4 +1,11 @@
parameter_defaults:
+ # FIXME: Remove this when we uncomment at least one parameter in this file.
+ # It seems an environment file with empty parameter_defaults section has the
+ # potential to confuse Heat in a way that it doesn't deploy a single service
+ # on the overcloud in the multinode job.
+ # https://bugs.launchpad.net/tripleo/+bug/1703599
+ PlaceholderParameter: can be removed when we add a different param to this env file
+
#DockerAodhApiImage: 'tripleoupstream/centos-binary-aodh-api:latest'
#DockerAodhConfigImage: 'tripleoupstream/centos-binary-aodh-api:latest'
#DockerAodhEvaluatorImage: 'tripleoupstream/centos-binary-aodh-evaluator:latest'
diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml
index 3ca04697..8d304494 100644
--- a/environments/docker-services-tls-everywhere.yaml
+++ b/environments/docker-services-tls-everywhere.yaml
@@ -34,18 +34,3 @@ resource_registry:
OS::TripleO::PostDeploySteps: ../docker/post.yaml
OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
-
-parameter_defaults:
- # To specify a local docker registry, enable these
- # where 192.168.24.1 is the host running docker-distribution
- #DockerNamespace: 192.168.24.1:8787/tripleoupstream
- #DockerNamespaceIsRegistry: true
-
- ComputeServices:
- - OS::TripleO::Services::CACerts
- - OS::TripleO::Services::CertmongerUser
- - OS::TripleO::Services::NovaCompute
- - OS::TripleO::Services::NovaLibvirt
- - OS::TripleO::Services::ComputeNeutronOvsAgent
- - OS::TripleO::Services::Docker
- - OS::TripleO::Services::Sshd
diff --git a/environments/docker.yaml b/environments/docker.yaml
index c32001a7..52b2dc05 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -63,18 +63,3 @@ resource_registry:
OS::TripleO::PostDeploySteps: ../docker/post.yaml
OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
-
-parameter_defaults:
- # To specify a local docker registry, enable these
- # where 192.168.24.1 is the host running docker-distribution
- #DockerNamespace: 192.168.24.1:8787/tripleoupstream
- #DockerNamespaceIsRegistry: true
-
- ComputeServices:
- - OS::TripleO::Services::NovaCompute
- - OS::TripleO::Services::NovaLibvirt
- - OS::TripleO::Services::ComputeNeutronOvsAgent
- - OS::TripleO::Services::Docker
- - OS::TripleO::Services::CeilometerAgentCompute
- - OS::TripleO::Services::Sshd
- - OS::TripleO::Services::OpenDaylightOvs
diff --git a/environments/neutron-ml2-bigswitch.yaml b/environments/neutron-ml2-bigswitch.yaml
index 8a4a144c..c0ba906e 100644
--- a/environments/neutron-ml2-bigswitch.yaml
+++ b/environments/neutron-ml2-bigswitch.yaml
@@ -13,7 +13,6 @@ parameter_defaults:
NeutronBigswitchRestproxyServerAuth:
NeutronMechanismDrivers: openvswitch,bsn_ml2
NeutronServicePlugins: bsn_l3,bsn_service_plugin
- KeystoneNotificationDriver: messaging
# Optional:
# NeutronBigswitchRestproxyAutoSyncOnFailure:
diff --git a/environments/overcloud-baremetal.j2.yaml b/environments/overcloud-baremetal.j2.yaml
index 668e28de..8d7bc8d9 100644
--- a/environments/overcloud-baremetal.j2.yaml
+++ b/environments/overcloud-baremetal.j2.yaml
@@ -4,6 +4,7 @@ resource_registry:
OS::TripleO::DefaultPasswords: OS::Heat::None
OS::TripleO::RandomString: OS::Heat::None
OS::TripleO::AllNodesDeployment: OS::Heat::None
+ OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
parameter_defaults:
# Deploy no services
diff --git a/environments/overcloud-services.yaml b/environments/overcloud-services.yaml
index c409b899..1d01cb3c 100644
--- a/environments/overcloud-services.yaml
+++ b/environments/overcloud-services.yaml
@@ -1,3 +1,6 @@
+resource_registry:
+ OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
+
parameter_defaults:
# Consistent Hostname format
ControllerDeployedServerHostnameFormat: overcloud-controller-%index%
diff --git a/environments/services-docker/manila.yaml b/environments/services-docker/manila.yaml
index 795309f6..eacdb1a1 100644
--- a/environments/services-docker/manila.yaml
+++ b/environments/services-docker/manila.yaml
@@ -1,3 +1,4 @@
resource_registry:
OS::TripleO::Services::ManilaApi: ../../docker/services/manila-api.yaml
OS::TripleO::Services::ManilaScheduler: ../../docker/services/manila-scheduler.yaml
+ OS::TripleO::Services::ManilaShare: ../../docker/services/manila-share.yaml
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
index 96632bc2..fb0d1699 100644
--- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
@@ -59,6 +59,19 @@ parameters:
description: |
When enabled, the system will perform a yum update after performing the
RHEL Registration process.
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+
+conditions:
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
@@ -136,7 +149,11 @@ resources:
name: RHELUnregistrationDeployment
server: {get_param: server}
config: {get_resource: RHELUnregistration}
- actions: ['DELETE'] # Only do this on DELETE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['DELETE'] # Only do this on DELETE
input_values:
REG_METHOD: {get_param: rhel_reg_method}
@@ -169,7 +186,11 @@ resources:
name: UpdateDeploymentAfterRHELRegistration
config: {get_resource: YumUpdateConfigurationAfterRHELRegistration}
server: {get_param: server}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
outputs:
deploy_stdout:
diff --git a/extraconfig/pre_network/config_then_reboot.yaml b/extraconfig/pre_network/config_then_reboot.yaml
index 48ba5263..79cb7cbc 100644
--- a/extraconfig/pre_network/config_then_reboot.yaml
+++ b/extraconfig/pre_network/config_then_reboot.yaml
@@ -7,6 +7,19 @@ description: >
parameters:
server:
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+
+conditions:
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
@@ -24,6 +37,11 @@ resources:
name: SomeDeployment
server: {get_param: server}
config: {get_resource: SomeConfig}
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
actions: ['CREATE'] # Only do this on CREATE
RebootConfig:
@@ -44,5 +62,9 @@ resources:
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
diff --git a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
index 41d8f4f6..fe52ef7e 100644
--- a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
+++ b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
@@ -19,6 +19,13 @@ parameters:
{{role}}HostCpusList:
type: string
default: ""
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
parameter_group:
- label: deprecated
@@ -38,6 +45,10 @@ conditions:
equals:
- get_param: {{role}}TunedProfileName
- ""
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
@@ -62,7 +73,11 @@ resources:
name: HostParametersDeployment
server: {get_param: server}
config: {get_resource: HostParametersConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
input_values:
_KERNEL_ARGS_: {get_param: {{role}}KernelArgs}
_TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName}
@@ -88,7 +103,11 @@ resources:
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
outputs:
diff --git a/extraconfig/pre_network/host_config_and_reboot.yaml b/extraconfig/pre_network/host_config_and_reboot.yaml
index 009a0879..31d0c1e0 100644
--- a/extraconfig/pre_network/host_config_and_reboot.yaml
+++ b/extraconfig/pre_network/host_config_and_reboot.yaml
@@ -95,6 +95,13 @@ parameters:
default: "vfio-pci"
description: DPDK Driver type
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
conditions:
is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}}
@@ -117,6 +124,10 @@ conditions:
socket_mem_empty: {equals: [{get_param: OvsDpdkSocketMemory}, '']}
driver_not_set: {equals: [{get_param: OvsDpdkDriverType}, 'vfio-pci']}
isol_cpus_empty: {equals: [{get_param: IsolCpusList}, '0']}
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
RoleParametersValue:
@@ -162,7 +173,11 @@ resources:
name: HostParametersDeployment
server: {get_param: server}
config: {get_resource: HostParametersConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
input_values:
_KERNEL_ARGS_: {get_param: [RoleParameters, KernelArgs]}
_TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]}
@@ -178,6 +193,32 @@ resources:
template: |
#!/bin/bash
set -x
+
+ # OvS Permission issue temporary workaround
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1459436
+ # Actual solution from openvswitch - https://mail.openvswitch.org/pipermail/ovs-dev/2017-June/333423.html
+ ovs_service_path="/usr/lib/systemd/system/ovs-vswitchd.service"
+
+ if grep -q 'RuntimeDirectoryMode' $ovs_service_path; then
+ sed -i 's/RuntimeDirectoryMode=.*/RuntimeDirectoryMode=0775/' $ovs_service_path
+ else
+ echo "RuntimeDirectoryMode=0775" >> $ovs_service_path
+ fi
+
+ if ! grep -Fxq "Group=qemu" $ovs_service_path ; then
+ echo "Group=qemu" >> $ovs_service_path
+ fi
+
+ if ! grep -Fxq "UMask=0002" $ovs_service_path ; then
+ echo "UMask=0002" >> $ovs_service_path
+ fi
+
+ ovs_ctl_path='/usr/share/openvswitch/scripts/ovs-ctl'
+ if ! grep -q "umask 0002 \&\& start_daemon \"\$OVS_VSWITCHD_PRIORITY\"" $ovs_ctl_path ; then
+ sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
+ fi
+
+
# DO NOT use --detailed-exitcodes
puppet apply --logdest console \
--modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
@@ -224,7 +265,11 @@ resources:
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
outputs:
diff --git a/extraconfig/tasks/ssh/host_public_key.yaml b/extraconfig/tasks/ssh/host_public_key.yaml
index e4ba0cc4..02fdbf1c 100644
--- a/extraconfig/tasks/ssh/host_public_key.yaml
+++ b/extraconfig/tasks/ssh/host_public_key.yaml
@@ -7,6 +7,13 @@ parameters:
server:
description: ID of the node to apply this config to
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
resources:
SshHostPubKeyConfig:
@@ -28,6 +35,7 @@ resources:
properties:
config: {get_resource: SshHostPubKeyConfig}
server: {get_param: server}
+ actions: {get_param: deployment_actions}
outputs:
diff --git a/network/external.yaml b/network/external.yaml
index 277c7614..5b1023d7 100644
--- a/network/external.yaml
+++ b/network/external.yaml
@@ -15,7 +15,7 @@ parameters:
type: json
ExternalNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
ExternalNetEnableDHCP:
default: false
diff --git a/network/external_v6.yaml b/network/external_v6.yaml
index e577c1ca..29930bbb 100644
--- a/network/external_v6.yaml
+++ b/network/external_v6.yaml
@@ -16,7 +16,7 @@ parameters:
type: json
ExternalNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ExternalNetShared:
default: false
diff --git a/network/internal_api.yaml b/network/internal_api.yaml
index 563e6d41..554b900e 100644
--- a/network/internal_api.yaml
+++ b/network/internal_api.yaml
@@ -15,7 +15,7 @@ parameters:
type: json
InternalApiNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
InternalApiNetEnableDHCP:
default: false
diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml
index 05a740b3..a089aa79 100644
--- a/network/internal_api_v6.yaml
+++ b/network/internal_api_v6.yaml
@@ -16,7 +16,7 @@ parameters:
type: json
InternalApiNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
InternalApiNetShared:
default: false
diff --git a/network/management_v6.yaml b/network/management_v6.yaml
index a44d34d3..e2527c42 100644
--- a/network/management_v6.yaml
+++ b/network/management_v6.yaml
@@ -16,7 +16,7 @@ parameters:
type: json
ManagementNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ManagementNetShared:
default: false
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index 75818bf0..a6971b0f 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -64,6 +64,7 @@ parameters:
ManagementIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the management network
ManagementIpUri:
default: ''
type: string
diff --git a/network/storage.yaml b/network/storage.yaml
index 0fb9cc00..5c68c4c7 100644
--- a/network/storage.yaml
+++ b/network/storage.yaml
@@ -15,7 +15,7 @@ parameters:
type: json
StorageNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
StorageNetEnableDHCP:
default: false
diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml
index 9869f0da..23c5b4b7 100644
--- a/network/storage_mgmt.yaml
+++ b/network/storage_mgmt.yaml
@@ -15,7 +15,7 @@ parameters:
type: json
StorageMgmtNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
StorageMgmtNetEnableDHCP:
default: false
diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml
index d6b1652a..ea60b5e7 100644
--- a/network/storage_mgmt_v6.yaml
+++ b/network/storage_mgmt_v6.yaml
@@ -16,7 +16,7 @@ parameters:
type: json
StorageMgmtNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
StorageMgmtNetShared:
default: false
diff --git a/network/storage_v6.yaml b/network/storage_v6.yaml
index 0ec34add..52bd42a4 100644
--- a/network/storage_v6.yaml
+++ b/network/storage_v6.yaml
@@ -16,7 +16,7 @@ parameters:
type: json
StorageNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
StorageNetShared:
default: false
diff --git a/network/tenant.yaml b/network/tenant.yaml
index 4881308d..c50dca27 100644
--- a/network/tenant.yaml
+++ b/network/tenant.yaml
@@ -15,7 +15,7 @@ parameters:
type: json
TenantNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
TenantNetEnableDHCP:
default: false
diff --git a/network/tenant_v6.yaml b/network/tenant_v6.yaml
index bbc2b6bf..c77c2cbe 100644
--- a/network/tenant_v6.yaml
+++ b/network/tenant_v6.yaml
@@ -16,7 +16,7 @@ parameters:
type: json
TenantNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
TenantNetShared:
default: false
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index a579ee94..aaed2603 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -107,6 +107,8 @@ resource_registry:
# Upgrade resources
OS::TripleO::UpgradeConfig: puppet/upgrade_config.yaml
+ OS::TripleO::DeployedServerEnvironment: OS::Heat::None
+
# services
OS::TripleO::Services: services.yaml
OS::TripleO::Services::Apache: puppet/services/apache.yaml
@@ -192,7 +194,7 @@ resource_registry:
OS::TripleO::Services::Snmp: puppet/services/snmp.yaml
OS::TripleO::Services::Tacker: OS::Heat::None
OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml
- OS::TripleO::Services::CeilometerApi: puppet/services/ceilometer-api.yaml
+ OS::TripleO::Services::CeilometerApi: puppet/services/disabled/ceilometer-api-disabled.yaml
OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector-disabled.yaml
OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer-disabled.yaml
OS::TripleO::Services::CeilometerAgentCentral: puppet/services/ceilometer-agent-central.yaml
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index 56a10a52..ea5b2928 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -680,6 +680,10 @@ resources:
StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
# No tenant or management VIP required
+ # Because of nested get_attr functions in the KeystoneAdminVip output, we
+ # can't determine which attributes of VipMap are used until after
+ # ServiceNetMap's attribute values are available.
+ depends_on: ServiceNetMap
# All Nodes Validations
AllNodesValidationConfig:
@@ -778,6 +782,38 @@ resources:
{{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]}
{% endfor %}
+ DeployedServerEnvironment:
+ type: OS::TripleO::DeployedServerEnvironment
+ properties:
+ RoleCounts:
+{% for role in roles %}
+ {{role.name}}DeployedServerCount: {get_param: {{role.name}}Count}
+{% endfor %}
+ VipMap:
+ map_merge:
+ - {get_attr: [VipMap, net_ip_map]}
+ - redis: {get_attr: [RedisVirtualIP, ip_address]}
+ DeployedServerPortMap:
+ map_merge:
+ list_concat:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}, deployed_server_port_map]}
+{% endfor %}
+ DeployedServerDeploymentSwiftDataMap:
+ map_merge:
+ list_concat:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}, deployed_server_deployment_swift_data_map]}
+{% endfor %}
+ DefaultRouteIp:
+ str_split:
+ - ':'
+ - str_split:
+ - '/'
+ - {get_attr: [ServerOsCollectConfigData, value, {{primary_role_name}}, '0', request, metadata_url]}
+ - 2
+ - 0
+
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
@@ -787,6 +823,11 @@ outputs:
value: {get_attr: [EndpointMapData, value, KeystonePublic, uri]}
KeystoneAdminVip:
description: Keystone Admin VIP endpoint
+ # Note that these nested get_attr functions require a dependency
+ # relationship between VipMap and ServiceNetMap, since we can't determine
+ # which attributes of VipMap are used until after ServiceNetMap's attribute
+ # values are available. If this is ever reworked to not use nested
+ # get_attr, that dependency can be removed.
value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
EndpointMap:
description: |
@@ -830,10 +871,7 @@ outputs:
{% endfor %}
ServerOsCollectConfigData:
description: The os-collect-config configuration associated with each server resource
- value:
-{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]}
-{% endfor %}
+ value: {get_attr: [ServerOsCollectConfigData, value]}
VipMap:
description: Mapping of each network to VIP addresses. Also includes the Redis VIP.
value:
@@ -843,3 +881,8 @@ outputs:
ServerIdData:
description: Mapping of each role to a list of nova server IDs and the bootstrap ID
value: {get_attr: [ServerIdMap, value]}
+ DeployedServerEnvironment:
+ description:
+ Environment data that can be used as input into the services stack when
+ using split-stack.
+ value: {get_attr: [DeployedServerEnvironment, deployed_server_environment]}
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index f28f606f..7d58d1da 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -409,6 +409,7 @@ resources:
server: {get_resource: BlockStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
@@ -517,6 +518,9 @@ resources:
NodeExtraConfig:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: BlockStorage}
@@ -539,11 +543,21 @@ resources:
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: BlockStorageDeployment
properties:
server: {get_resource: BlockStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
@@ -646,6 +660,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [BlockStorage, os_collect_config]}
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 85b276d6..48e5b97a 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -415,6 +415,7 @@ resources:
server: {get_resource: CephStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
@@ -521,6 +522,9 @@ resources:
CephStorageExtraConfigPre:
depends_on: CephStorageDeployment
type: OS::TripleO::CephStorageExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: CephStorage}
@@ -529,6 +533,9 @@ resources:
NodeExtraConfig:
depends_on: [CephStorageExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: CephStorage}
@@ -550,11 +557,21 @@ resources:
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: CephStorageDeployment
properties:
server: {get_resource: CephStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
@@ -657,6 +674,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [CephStorage, os_collect_config]}
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 10d082cb..3ad6f745 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -418,6 +418,7 @@ resources:
server: {get_resource: NovaCompute}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkConfig:
type: OS::TripleO::Compute::Net::SoftwareConfig
@@ -544,6 +545,9 @@ resources:
ComputeExtraConfigPre:
depends_on: NovaComputeDeployment
type: OS::TripleO::ComputeExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: NovaCompute}
@@ -552,6 +556,9 @@ resources:
NodeExtraConfig:
depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: NovaCompute}
@@ -574,11 +581,21 @@ resources:
update_identifier:
get_param: UpdateIdentifier
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: NovaComputeDeployment
properties:
server: {get_resource: NovaCompute}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
@@ -602,6 +619,45 @@ outputs:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
hostname:
description: Hostname of the server
value: {get_attr: [NovaCompute, name]}
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index d6330b40..933b5e60 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -437,6 +437,7 @@ resources:
server: {get_resource: Controller}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
@@ -576,6 +577,9 @@ resources:
ControllerExtraConfigPre:
depends_on: ControllerDeployment
type: OS::TripleO::ControllerExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: Controller}
@@ -584,6 +588,9 @@ resources:
NodeExtraConfig:
depends_on: [ControllerExtraConfigPre, NodeTLSData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: Controller}
@@ -606,11 +613,21 @@ resources:
update_identifier:
get_param: UpdateIdentifier
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: ControllerDeployment
properties:
server: {get_resource: Controller}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
@@ -634,6 +651,45 @@ outputs:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description:
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [Controller, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [Controller, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [Controller, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
hostname:
description: Hostname of the server
value: {get_attr: [Controller, name]}
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index 4a1670f8..a03a9da5 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -409,6 +409,7 @@ resources:
server: {get_resource: SwiftStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
@@ -517,6 +518,9 @@ resources:
NodeExtraConfig:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: SwiftStorage}
@@ -538,11 +542,21 @@ resources:
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: SwiftStorageHieraDeploy
properties:
server: {get_resource: SwiftStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
@@ -645,6 +659,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [SwiftStorage, os_collect_config]}
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index 8617307b..039bd6ba 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -386,6 +386,7 @@ resources:
server: {get_resource: {{role.name}}}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
@@ -498,6 +499,9 @@ resources:
{{role.name}}ExtraConfigPre:
depends_on: {{role.name}}Deployment
type: OS::TripleO::{{role.name}}ExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: {{role.name}}}
@@ -506,6 +510,9 @@ resources:
NodeExtraConfig:
depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: {{role.name}}}
@@ -528,11 +535,21 @@ resources:
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: {{role.name}}Deployment
properties:
server: {get_resource: {{role.name}}}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
@@ -592,6 +609,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
value:
{get_resource: {{role.name}}}
condition: server_not_blacklisted
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [{{role.name}}, os_collect_config]}
diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml
index 0563d08b..c6a8f880 100644
--- a/puppet/services/aodh-base.yaml
+++ b/puppet/services/aodh-base.yaml
@@ -64,6 +64,12 @@ parameters:
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: AodhDebug}, '']}
@@ -91,6 +97,7 @@ outputs:
- {get_param: Debug }
- {get_param: AodhDebug }
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ aodh::notification_driver: {get_param: NotificationDriver}
aodh::rabbit_userid: {get_param: RabbitUserName}
aodh::rabbit_password: {get_param: RabbitPassword}
aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index 51331242..65c26d40 100644
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -73,6 +73,12 @@ parameters:
e.g. { barbican-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
resources:
@@ -109,6 +115,7 @@ outputs:
- service_debug_unset
- {get_param: Debug }
- {get_param: BarbicanDebug }
+ barbican::api::notification_driver: {get_param: NotificationDriver}
barbican::api::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
barbican::api::rabbit_userid: {get_param: RabbitUserName}
barbican::api::rabbit_password: {get_param: RabbitPassword}
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 1d86369b..0cd9a6dd 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -103,6 +103,12 @@ parameters:
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']}
@@ -139,6 +145,7 @@ outputs:
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'
ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
+ ceilometer::notification_driver: {get_param: NotificationDriver}
ceilometer::rabbit_userid: {get_param: RabbitUserName}
ceilometer::rabbit_password: {get_param: RabbitPassword}
ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 28552301..cbeef6c5 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -69,11 +69,11 @@ parameters:
type: json
CephValidationRetries:
type: number
- default: 5
+ default: 40
description: Number of retry attempts for Ceph validation
CephValidationDelay:
type: number
- default: 10
+ default: 30
description: Interval (in seconds) in between validation checks
MonitoringSubscriptionCephMon:
default: 'overcloud-ceph-mon'
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 036209f3..47715a7e 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -60,6 +60,12 @@ parameters:
e.g. { cinder-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
cinder_workers_zero: {equals : [{get_param: CinderWorkers}, 0]}
@@ -105,6 +111,7 @@ outputs:
cinder::keystone::authtoken::user_domain_name: 'Default'
cinder::keystone::authtoken::project_domain_name: 'Default'
cinder::policy::policies: {get_param: CinderApiPolicies}
+ cinder::ceilometer::notification_driver: {get_param: NotificationDriver}
cinder::api::enable_proxy_headers_parsing: true
cinder::api::nova_catalog_info: 'compute:nova:internalURL'
diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml
index 5bca94d7..f30f1139 100644
--- a/puppet/services/congress.yaml
+++ b/puppet/services/congress.yaml
@@ -65,6 +65,12 @@ parameters:
e.g. { congress-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: CongressDebug}, '']}
@@ -92,6 +98,7 @@ outputs:
- {get_param: Debug }
- {get_param: CongressDebug }
congress::rpc_backend: rabbit
+ congress::notification_driver: {get_param: NotificationDriver}
congress::rabbit_userid: {get_param: RabbitUserName}
congress::rabbit_password: {get_param: RabbitPassword}
congress::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/disabled/ceilometer-api-disabled.yaml b/puppet/services/disabled/ceilometer-api-disabled.yaml
new file mode 100644
index 00000000..6dce61e3
--- /dev/null
+++ b/puppet/services/disabled/ceilometer-api-disabled.yaml
@@ -0,0 +1,41 @@
+heat_template_version: pike
+
+description: >
+ OpenStack Ceilometer API service, disabled since pike
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for the disabled Ceilometer API role.
+ value:
+ service_name: ceilometer_api_disabled
+ upgrade_tasks:
+ - name: Purge Ceilometer apache config files
+ tags: step1
+ file: path=/etc/httpd/conf.d/10-ceilometer_wsgi.conf state=absent
+ - name: Clean up ceilometer port from ports.conf
+ tags: step1
+ lineinfile: dest=/etc/httpd/conf/ports.conf state=absent regexp="8777$"
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index a3d5a793..53cde963 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -128,6 +128,12 @@ parameters:
e.g. { glance-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
@@ -237,7 +243,7 @@ outputs:
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
- glance::notify::rabbitmq::notification_driver: messagingv2
+ glance::notify::rabbitmq::notification_driver: {get_param: NotificationDriver}
tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled}
tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare}
tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions}
diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml
index d89fe46a..d305edb5 100644
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@@ -115,6 +115,12 @@ parameters:
default: 1048576
description: Maximum raw byte size of the Heat API JSON request body.
type: number
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
@@ -125,6 +131,7 @@ outputs:
value:
service_name: heat_base
config_settings:
+ heat::notification_driver: {get_param: NotificationDriver}
heat::rabbit_userid: {get_param: RabbitUserName}
heat::rabbit_password: {get_param: RabbitPassword}
heat::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index 60d194bc..9535682a 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -203,6 +203,12 @@ parameters:
type: json
default: {}
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
parameter_groups:
- label: deprecated
@@ -214,6 +220,7 @@ parameter_groups:
parameters:
- KeystoneFernetKey0
- KeystoneFernetKey1
+ - KeystoneNotificationDriver
resources:
@@ -281,7 +288,7 @@ outputs:
keystone::rabbit_password: {get_param: RabbitPassword}
keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
keystone::rabbit_port: {get_param: RabbitClientPort}
- keystone::notification_driver: {get_param: KeystoneNotificationDriver}
+ keystone::notification_driver: {get_param: NotificationDriver}
keystone::notification_format: {get_param: KeystoneNotificationFormat}
keystone::roles::admin::email: {get_param: AdminEmail}
keystone::roles::admin::password: {get_param: AdminPassword}
diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml
index d0ee2125..54f416bb 100644
--- a/puppet/services/manila-base.yaml
+++ b/puppet/services/manila-base.yaml
@@ -56,6 +56,12 @@ parameters:
description: The password for the manila service account.
type: string
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: ManilaDebug}, '']}
@@ -66,6 +72,7 @@ outputs:
value:
service_name: manila_base
config_settings:
+ manila::notification_driver: {get_param: NotificationDriver}
manila::rabbit_userid: {get_param: RabbitUserName}
manila::rabbit_password: {get_param: RabbitPassword}
manila::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/mistral-base.yaml b/puppet/services/mistral-base.yaml
index 8b3655dd..a0d203ce 100644
--- a/puppet/services/mistral-base.yaml
+++ b/puppet/services/mistral-base.yaml
@@ -61,6 +61,12 @@ parameters:
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: MistralDebug}, '']}
@@ -81,6 +87,7 @@ outputs:
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
+ mistral::notification_driver: {get_param: NotificationDriver}
mistral::rabbit_userid: {get_param: RabbitUserName}
mistral::rabbit_password: {get_param: RabbitPassword}
mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 3c7518b3..da7ad199 100644
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -91,6 +91,12 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
dhcp_agents_zero: {equals : [{get_param: NeutronDhcpAgentsPerNetwork}, 0]}
@@ -107,6 +113,7 @@ outputs:
neutron::rabbit_user: {get_param: RabbitUserName}
neutron::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
neutron::rabbit_port: {get_param: RabbitClientPort}
+ neutron::notification_driver: {get_param: NotificationDriver}
neutron::core_plugin: {get_param: NeutronCorePlugin}
neutron::service_plugins: {get_param: NeutronServicePlugins}
neutron::debug:
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 4493721c..2c23cf55 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -53,8 +53,7 @@ parameters:
type: comma_delimited_list
NeutronEnableDVR:
default: False
- description: |
- Enable support for distributed routing in the OVS Agent.
+ description: Enable Neutron DVR.
type: boolean
NeutronEnableARPResponder:
default: false
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index ea584932..809d3ff5 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -30,6 +30,12 @@ parameters:
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
NovaPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
@@ -215,7 +221,7 @@ outputs:
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
nova::host: '%{::fqdn}'
nova::notify_on_state_change: 'vm_and_task_state'
- nova::notification_driver: messagingv2
+ nova::notification_driver: {get_param: NotificationDriver}
nova::network::neutron::neutron_auth_type: 'v3password'
nova::db::database_db_max_retries: -1
nova::db::database_max_retries: -1
diff --git a/puppet/services/octavia-base.yaml b/puppet/services/octavia-base.yaml
index 0809b3e4..1246813d 100644
--- a/puppet/services/octavia-base.yaml
+++ b/puppet/services/octavia-base.yaml
@@ -58,6 +58,12 @@ parameters:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
@@ -74,6 +80,7 @@ outputs:
- {get_param: Debug }
- {get_param: OctaviaDebug }
octavia::purge_config: {get_param: EnableConfigPurge}
+ octavia::notification_driver: {get_param: NotificationDriver}
octavia::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
octavia::rabbit_userid: {get_param: RabbitUserName}
octavia::rabbit_password: {get_param: RabbitPassword}
diff --git a/puppet/services/qdr.yaml b/puppet/services/qdr.yaml
index 0659a945..433556f3 100644
--- a/puppet/services/qdr.yaml
+++ b/puppet/services/qdr.yaml
@@ -28,14 +28,14 @@ parameters:
type: json
RabbitUserName:
default: guest
- description: The username for Qdr
+ description: The username for RabbitMQ
type: string
RabbitPassword:
- description: The password for Qdr
+ description: The password for RabbitMQ
type: string
hidden: true
RabbitClientPort:
- description: Listening port for Qdr
+ description: Set rabbit subscriber port, change this if using SSL
default: 5672
type: number
MonitoringSubscriptionQdr:
diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml
index c294e744..d5110617 100644
--- a/puppet/services/sahara-base.yaml
+++ b/puppet/services/sahara-base.yaml
@@ -60,6 +60,12 @@ parameters:
default: ["ambari","cdh","mapr","vanilla","spark","storm"]
description: Sahara enabled plugin list
type: comma_delimited_list
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: SaharaDebug}, '']}
@@ -80,6 +86,7 @@ outputs:
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
+ sahara::notify::notification_driver: {get_param: NotificationDriver}
sahara::rabbit_password: {get_param: RabbitPassword}
sahara::rabbit_user: {get_param: RabbitUserName}
sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml
index 5ced8c3c..44c638bf 100644
--- a/puppet/services/tacker.yaml
+++ b/puppet/services/tacker.yaml
@@ -65,6 +65,12 @@ parameters:
e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: TackerDebug}, '']}
@@ -93,6 +99,7 @@ outputs:
- {get_param: Debug }
- {get_param: TackerDebug }
tacker::rpc_backend: rabbit
+ tacker::notification_driver: {get_param: NotificationDriver}
tacker::rabbit_userid: {get_param: RabbitUserName}
tacker::rabbit_password: {get_param: RabbitPassword}
tacker::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml b/releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml
new file mode 100644
index 00000000..14a5a279
--- /dev/null
+++ b/releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml
@@ -0,0 +1,6 @@
+---
+features:
+ - Add a new output, DeployedServerEnvironment, that can be used as
+ the contents of an environment file. This environment file can then be used
+ as input into a services only stack when using split-stack. The parameter
+ simplifies the manual steps needed to deploy split-stack.
diff --git a/releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml b/releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml
new file mode 100644
index 00000000..b7090973
--- /dev/null
+++ b/releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml
@@ -0,0 +1,10 @@
+---
+features:
+ - |
+ Allow to configure the Message Queue notification driver.
+ By default, we'll configure 'messagingv2' but we can now
+ override NotificationDriver parameter and set 'noop' when
+ we don't want notifications, which is the case when
+ we disable Telemetry services.
+deprecations:
+ - KeystoneNotificationDriver is deprecated in favor of NotificationDriver.
diff --git a/releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml b/releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml
new file mode 100644
index 00000000..f8c06fd6
--- /dev/null
+++ b/releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - Fixed the openvswitch permission to allow ovs to access vhost
+ sockets created by qemu. This is a workaround until openvswitch
+ provides the actual solution.
+
diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py
index 72b89b10..7b41a9e2 100644
--- a/releasenotes/source/conf.py
+++ b/releasenotes/source/conf.py
@@ -27,7 +27,7 @@
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = [
- 'oslosphinx',
+ 'openstackdocstheme',
'reno.sphinxext',
]
@@ -101,7 +101,7 @@ pygments_style = 'sphinx'
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
-html_theme = 'default'
+html_theme = 'openstackdocs'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
@@ -262,3 +262,8 @@ texinfo_documents = [
# -- Options for Internationalization output ------------------------------
locale_dirs = ['locale/']
+
+# openstackdocstheme options
+repository_name = 'openstack/tripleo-heat-templates'
+bug_project = 'tripleo'
+bug_tag = 'documentation'
diff --git a/test-requirements.txt b/test-requirements.txt
index 6e0eea3c..9291450a 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,11 +1,11 @@
# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
+openstackdocstheme>=1.11.0 # Apache-2.0
PyYAML>=3.10.0 # MIT
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
sphinx>=1.6.2 # BSD
-oslosphinx>=4.7.0 # Apache-2.0
reno!=2.3.1,>=1.8.0 # Apache-2.0
coverage!=4.4,>=4.0 # Apache-2.0
fixtures>=3.0.0 # Apache-2.0/BSD
diff --git a/validation-scripts/all-nodes.sh b/validation-scripts/all-nodes.sh
index ed7fefb7..296dcd36 100644
--- a/validation-scripts/all-nodes.sh
+++ b/validation-scripts/all-nodes.sh
@@ -10,12 +10,13 @@ function ping_retry() {
PING_CMD=ping6
fi
until [ $COUNT -ge $TIMES ]; do
- if $PING_CMD -w 300 -c 1 $IP_ADDR &> /dev/null; then
+ if $PING_CMD -w 10 -c 1 $IP_ADDR &> /dev/null; then
echo "Ping to $IP_ADDR succeeded."
return 0
fi
echo "Ping to $IP_ADDR failed. Retrying..."
COUNT=$(($COUNT + 1))
+ sleep 60
done
return 1
}