diff options
50 files changed, 842 insertions, 82 deletions
diff --git a/ci/environments/scenario006-multinode-containers.yaml b/ci/environments/scenario006-multinode-containers.yaml new file mode 100644 index 00000000..97db897b --- /dev/null +++ b/ci/environments/scenario006-multinode-containers.yaml @@ -0,0 +1,60 @@ +resource_registry: + OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml + OS::TripleO::Services::NovaIronic: ../docker/services/nova-ironic.yaml + OS::TripleO::Services::IronicApi: ../docker/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: ../docker/services/ironic-conductor.yaml + OS::TripleO::Services::IronicPxe: ../docker/services/ironic-pxe.yaml + OS::TripleO::Services::Docker: OS::Heat::None + +parameter_defaults: + ControllerServices: + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Keystone + - OS::TripleO::Services::GlanceApi + - OS::TripleO::Services::IronicApi + - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::IronicPxe + - OS::TripleO::Services::MySQL + - OS::TripleO::Services::MySQLClient + - OS::TripleO::Services::NeutronDhcpAgent + - OS::TripleO::Services::NeutronL3Agent + - OS::TripleO::Services::NeutronMetadataAgent + - OS::TripleO::Services::NeutronServer + - OS::TripleO::Services::NeutronCorePlugin + - OS::TripleO::Services::NeutronOvsAgent + - OS::TripleO::Services::RabbitMQ + - OS::TripleO::Services::HAproxy + - OS::TripleO::Services::Keepalived + - OS::TripleO::Services::Memcached + - OS::TripleO::Services::Pacemaker + - OS::TripleO::Services::NovaConductor + - OS::TripleO::Services::NovaApi + - OS::TripleO::Services::NovaIronic + - OS::TripleO::Services::NovaPlacement + - OS::TripleO::Services::NovaMetadata + - OS::TripleO::Services::NovaScheduler + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::Securetty + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::MongoDb + - OS::TripleO::Services::Redis + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + + Debug: true + BannerText: | + ****************************************************************** + * This system is for the use of authorized users only. Usage of * + * this system may be monitored and recorded by system personnel. * + * Anyone using this system expressly consents to such monitoring * + * and is advised that if such monitoring reveals possible * + * evidence of criminal activity, system personnel may provide * + * the evidence from such monitoring to law enforcement officials.* + ****************************************************************** + # we don't deploy Swift so we switch to file backend. + GlanceBackend: 'file' + IronicCleaningDiskErase: 'metadata' diff --git a/deployed-server/deployed-server-environment-output.yaml b/deployed-server/deployed-server-environment-output.yaml new file mode 100644 index 00000000..eaf77459 --- /dev/null +++ b/deployed-server/deployed-server-environment-output.yaml @@ -0,0 +1,65 @@ +heat_template_version: pike + +parameters: + RoleCounts: + type: json + default: {} + VipMap: + type: json + default: {} + DeployedServerPortMap: + type: json + default: {} + DeployedServerDeploymentSwiftDataMap: + type: json + default: {} + DefaultRouteIp: + type: string + default: 192.168.24.1 + +resources: + + DeployedServerPortMapParameter: + type: OS::Heat::Value + properties: + type: json + value: + DeployedServerPortMap: + map_merge: + - {get_param: DeployedServerPortMap} + - control_virtual_ip: + fixed_ips: + - ip_address: {get_param: [VipMap, ctlplane]} + - redis_virtual_ip: + fixed_ips: + - ip_address: {get_param: [VipMap, redis]} + + ResourceRegistry: + type: OS::Heat::Value + properties: + type: json + value: + OS::TripleO::DeployedServer::ControlPlanePort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml + OS::TripleO::Network::Ports::ControlPlaneVipPort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml + + DeployedServerEnvironment: + type: OS::Heat::Value + properties: + type: json + value: + resource_registry: + {get_attr: [ResourceRegistry, value]} + parameter_defaults: + map_merge: + - {get_attr: [DeployedServerPortMapParameter, value]} + - DeploymentSwiftDataMap: {get_param: DeployedServerDeploymentSwiftDataMap} + - EC2MetadataIp: {get_param: DefaultRouteIp} + - ControlPlaneDefaultRoute: {get_param: DefaultRouteIp} + - {get_param: RoleCounts} + +outputs: + deployed_server_environment: + description: + Environment data that can be used as input into the services stack when + using split-stack. + value: {get_attr: [DeployedServerEnvironment, value]} diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py index 65d3bf38..01acde03 100755 --- a/docker/docker-puppet.py +++ b/docker/docker-puppet.py @@ -205,7 +205,7 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume # Disables archiving if [ -z "$NO_ARCHIVE" ]; then - archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www") + archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron") rsync_srcs="" for d in "${archivedirs[@]}"; do if [ -d "$d" ]; then @@ -308,9 +308,9 @@ for config_volume in configs: volumes = service[4] if len(service) > 4 else [] if puppet_tags: - puppet_tags = "file,file_line,concat,augeas,%s" % puppet_tags + puppet_tags = "file,file_line,concat,augeas,cron,%s" % puppet_tags else: - puppet_tags = "file,file_line,concat,augeas" + puppet_tags = "file,file_line,concat,augeas,cron" process_map.append([config_volume, puppet_tags, manifest, config_image, volumes]) diff --git a/docker/services/README.rst b/docker/services/README.rst index 84ac842e..ce255ba8 100644 --- a/docker/services/README.rst +++ b/docker/services/README.rst @@ -74,7 +74,7 @@ are re-asserted when applying latter ones. * puppet_tags: Puppet resource tag names that are used to generate config files with puppet. Only the named config resources are used to generate a config file. Any service that specifies tags will have the default - tags of 'file,concat,file_line,augeas' appended to the setting. + tags of 'file,concat,file_line,augeas,cron' appended to the setting. Example: keystone_config * config_volume: The name of the volume (directory) where config files diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml index 9583cd71..d18221db 100644 --- a/docker/services/ironic-api.yaml +++ b/docker/services/ironic-api.yaml @@ -12,9 +12,9 @@ parameters: description: image default: 'centos-binary-ironic-api:latest' type: string - DockerIronicConfigImage: - description: The container image to use for the ironic config_volume - default: 'centos-binary-ironic-pxe:latest' + DockerIronicApiConfigImage: + description: The container image to use for the ironic_api config_volume + default: 'centos-binary-ironic-api:latest' type: string EndpointMap: default: {} @@ -67,13 +67,13 @@ outputs: service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS puppet_config: - config_volume: ironic + config_volume: ironic_api puppet_tags: ironic_config step_config: *step_config config_image: list_join: - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ] + - [ {get_param: DockerNamespace}, {get_param: DockerIronicApiConfigImage} ] kolla_config: /var/lib/kolla/config_files/ironic_api.json: command: /usr/sbin/httpd -DFOREGROUND @@ -111,7 +111,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro + - /var/lib/config-data/ironic_api/etc/ironic:/etc/ironic:ro - /var/log/containers/ironic:/var/log/ironic command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'" step_4: @@ -126,7 +126,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro + - /var/lib/config-data/puppet-generated/ironic_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/ironic:/var/log/ironic environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/iscsid.yaml b/docker/services/iscsid.yaml index 86f2d3b4..c98a921d 100644 --- a/docker/services/iscsid.yaml +++ b/docker/services/iscsid.yaml @@ -100,6 +100,7 @@ outputs: when: stat_iscsid_socket.stat.exists upgrade_tasks: - name: stat /lib/systemd/system/iscsid.service + tags: step2 stat: path=/lib/systemd/system/iscsid.service register: stat_iscsid_service - name: Stop and disable iscsid service @@ -107,6 +108,7 @@ outputs: service: name=iscsid state=stopped enabled=no when: stat_iscsid_service.stat.exists - name: stat /lib/systemd/system/iscsid.socket + tags: step2 stat: path=/lib/systemd/system/iscsid.socket register: stat_iscsid_socket - name: Stop and disable iscsid.socket service diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index 93935cad..9282c934 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -158,7 +158,7 @@ outputs: user: nova privileged: true restart: always - volumes: + volumes: &nova_api_volumes list_concat: - {get_attr: [ContainersCommon, volumes]} - @@ -167,6 +167,16 @@ outputs: - /var/log/containers/nova:/var/log/nova environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + nova_api_cron: + image: *nova_api_image + net: host + user: root + privileged: true + restart: always + volumes: *nova_api_volumes + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + command: "/usr/sbin/crond -n" step_5: nova_api_discover_hosts: start_order: 1 diff --git a/docker/services/pacemaker/haproxy.yaml b/docker/services/pacemaker/haproxy.yaml index bfc9ca50..1b104a23 100644 --- a/docker/services/pacemaker/haproxy.yaml +++ b/docker/services/pacemaker/haproxy.yaml @@ -30,6 +30,11 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + DeployedSSLCertificatePath: + default: '/etc/pki/tls/private/overcloud_endpoint.pem' + description: > + The filepath of the certificate as it will be stored in the controller. + type: string RoleName: default: '' description: Role name on which the service is applied @@ -81,6 +86,12 @@ outputs: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ] + volumes: &deployed_cert_mount + - list_join: + - ':' + - - {get_param: DeployedSSLCertificatePath} + - {get_param: DeployedSSLCertificatePath} + - 'ro' kolla_config: /var/lib/kolla/config_files/haproxy.json: command: haproxy -f /etc/haproxy/haproxy.cfg @@ -116,17 +127,20 @@ outputs: - 'include ::tripleo::profile::pacemaker::haproxy_bundle' image: *haproxy_image volumes: - # puppet saves iptables rules in /etc/sysconfig - - /etc/sysconfig:/etc/sysconfig:rw - # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount - # the necessary bit and prevent systemd to try to reload the service in the container - - /usr/libexec/iptables:/usr/libexec/iptables:ro - - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro - - /etc/hosts:/etc/hosts:ro - - /etc/localtime:/etc/localtime:ro - - /etc/puppet:/tmp/puppet-etc:ro - - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro - - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro - - /dev/shm:/dev/shm:rw + list_concat: + - *deployed_cert_mount + - + # puppet saves iptables rules in /etc/sysconfig + - /etc/sysconfig:/etc/sysconfig:rw + # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount + # the necessary bit and prevent systemd to try to reload the service in the container + - /usr/libexec/iptables:/usr/libexec/iptables:ro + - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - /etc/puppet:/tmp/puppet-etc:ro + - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro + - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro + - /dev/shm:/dev/shm:rw metadata_settings: get_attr: [HAProxyBase, role_data, metadata_settings] diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml index d795818f..a07c92ae 100644 --- a/docker/services/swift-storage.yaml +++ b/docker/services/swift-storage.yaml @@ -188,8 +188,8 @@ outputs: - path: /var/log/swift owner: swift:swift recurse: true - /var/lib/kolla/config_files/swift_xinetd_rsync.json: - command: /usr/sbin/xinetd -dontfork + /var/lib/kolla/config_files/swift_rsync.json: + command: /usr/bin/rsync --daemon --no-detach --config=/etc/rsyncd.conf config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" @@ -428,7 +428,7 @@ outputs: - /dev:/dev - /var/log/containers/swift:/var/log/swift environment: *kolla_env - swift_xinetd_rsync: + swift_rsync: image: *swift_object_image net: host user: root @@ -438,7 +438,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/kolla/config_files/swift_xinetd_rsync.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/kolla/config_files/swift_rsync.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node diff --git a/environments/disable-telemetry.yaml b/environments/disable-telemetry.yaml index 6249c286..52d0d27b 100644 --- a/environments/disable-telemetry.yaml +++ b/environments/disable-telemetry.yaml @@ -18,3 +18,6 @@ resource_registry: OS::TripleO::Services::AodhNotifier: OS::Heat::None OS::TripleO::Services::AodhListener: OS::Heat::None OS::TripleO::Services::PankoApi: OS::Heat::None + +parameter_defaults: + NotificationDriver: 'noop' diff --git a/environments/docker-centos-tripleoupstream.yaml b/environments/docker-centos-tripleoupstream.yaml index 648c8c26..9eb45363 100644 --- a/environments/docker-centos-tripleoupstream.yaml +++ b/environments/docker-centos-tripleoupstream.yaml @@ -1,4 +1,11 @@ parameter_defaults: + # FIXME: Remove this when we uncomment at least one parameter in this file. + # It seems an environment file with empty parameter_defaults section has the + # potential to confuse Heat in a way that it doesn't deploy a single service + # on the overcloud in the multinode job. + # https://bugs.launchpad.net/tripleo/+bug/1703599 + PlaceholderParameter: can be removed when we add a different param to this env file + #DockerAodhApiImage: 'tripleoupstream/centos-binary-aodh-api:latest' #DockerAodhConfigImage: 'tripleoupstream/centos-binary-aodh-api:latest' #DockerAodhEvaluatorImage: 'tripleoupstream/centos-binary-aodh-evaluator:latest' diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml index 3ca04697..8d304494 100644 --- a/environments/docker-services-tls-everywhere.yaml +++ b/environments/docker-services-tls-everywhere.yaml @@ -34,18 +34,3 @@ resource_registry: OS::TripleO::PostDeploySteps: ../docker/post.yaml OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml - -parameter_defaults: - # To specify a local docker registry, enable these - # where 192.168.24.1 is the host running docker-distribution - #DockerNamespace: 192.168.24.1:8787/tripleoupstream - #DockerNamespaceIsRegistry: true - - ComputeServices: - - OS::TripleO::Services::CACerts - - OS::TripleO::Services::CertmongerUser - - OS::TripleO::Services::NovaCompute - - OS::TripleO::Services::NovaLibvirt - - OS::TripleO::Services::ComputeNeutronOvsAgent - - OS::TripleO::Services::Docker - - OS::TripleO::Services::Sshd diff --git a/environments/docker.yaml b/environments/docker.yaml index c32001a7..52b2dc05 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -63,18 +63,3 @@ resource_registry: OS::TripleO::PostDeploySteps: ../docker/post.yaml OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml - -parameter_defaults: - # To specify a local docker registry, enable these - # where 192.168.24.1 is the host running docker-distribution - #DockerNamespace: 192.168.24.1:8787/tripleoupstream - #DockerNamespaceIsRegistry: true - - ComputeServices: - - OS::TripleO::Services::NovaCompute - - OS::TripleO::Services::NovaLibvirt - - OS::TripleO::Services::ComputeNeutronOvsAgent - - OS::TripleO::Services::Docker - - OS::TripleO::Services::CeilometerAgentCompute - - OS::TripleO::Services::Sshd - - OS::TripleO::Services::OpenDaylightOvs diff --git a/environments/neutron-ml2-bigswitch.yaml b/environments/neutron-ml2-bigswitch.yaml index 8a4a144c..c0ba906e 100644 --- a/environments/neutron-ml2-bigswitch.yaml +++ b/environments/neutron-ml2-bigswitch.yaml @@ -13,7 +13,6 @@ parameter_defaults: NeutronBigswitchRestproxyServerAuth: NeutronMechanismDrivers: openvswitch,bsn_ml2 NeutronServicePlugins: bsn_l3,bsn_service_plugin - KeystoneNotificationDriver: messaging # Optional: # NeutronBigswitchRestproxyAutoSyncOnFailure: diff --git a/environments/overcloud-baremetal.j2.yaml b/environments/overcloud-baremetal.j2.yaml index 668e28de..8d7bc8d9 100644 --- a/environments/overcloud-baremetal.j2.yaml +++ b/environments/overcloud-baremetal.j2.yaml @@ -4,6 +4,7 @@ resource_registry: OS::TripleO::DefaultPasswords: OS::Heat::None OS::TripleO::RandomString: OS::Heat::None OS::TripleO::AllNodesDeployment: OS::Heat::None + OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml parameter_defaults: # Deploy no services diff --git a/environments/overcloud-services.yaml b/environments/overcloud-services.yaml index c409b899..1d01cb3c 100644 --- a/environments/overcloud-services.yaml +++ b/environments/overcloud-services.yaml @@ -1,3 +1,6 @@ +resource_registry: + OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml + parameter_defaults: # Consistent Hostname format ControllerDeployedServerHostnameFormat: overcloud-controller-%index% diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index 96632bc2..fb0d1699 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -59,6 +59,19 @@ parameters: description: | When enabled, the system will perform a yum update after performing the RHEL Registration process. + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. + +conditions: + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: @@ -136,7 +149,11 @@ resources: name: RHELUnregistrationDeployment server: {get_param: server} config: {get_resource: RHELUnregistration} - actions: ['DELETE'] # Only do this on DELETE + actions: + if: + - deployment_actions_empty + - [] + - ['DELETE'] # Only do this on DELETE input_values: REG_METHOD: {get_param: rhel_reg_method} @@ -169,7 +186,11 @@ resources: name: UpdateDeploymentAfterRHELRegistration config: {get_resource: YumUpdateConfigurationAfterRHELRegistration} server: {get_param: server} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE outputs: deploy_stdout: diff --git a/extraconfig/pre_network/config_then_reboot.yaml b/extraconfig/pre_network/config_then_reboot.yaml index 48ba5263..79cb7cbc 100644 --- a/extraconfig/pre_network/config_then_reboot.yaml +++ b/extraconfig/pre_network/config_then_reboot.yaml @@ -7,6 +7,19 @@ description: > parameters: server: type: string + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. + +conditions: + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: @@ -24,6 +37,11 @@ resources: name: SomeDeployment server: {get_param: server} config: {get_resource: SomeConfig} + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE actions: ['CREATE'] # Only do this on CREATE RebootConfig: @@ -44,5 +62,9 @@ resources: name: RebootDeployment server: {get_param: server} config: {get_resource: RebootConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE signal_transport: NO_SIGNAL diff --git a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml index 41d8f4f6..fe52ef7e 100644 --- a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml +++ b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml @@ -19,6 +19,13 @@ parameters: {{role}}HostCpusList: type: string default: "" + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. parameter_group: - label: deprecated @@ -38,6 +45,10 @@ conditions: equals: - get_param: {{role}}TunedProfileName - "" + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: @@ -62,7 +73,11 @@ resources: name: HostParametersDeployment server: {get_param: server} config: {get_resource: HostParametersConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE input_values: _KERNEL_ARGS_: {get_param: {{role}}KernelArgs} _TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName} @@ -88,7 +103,11 @@ resources: name: RebootDeployment server: {get_param: server} config: {get_resource: RebootConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE signal_transport: NO_SIGNAL outputs: diff --git a/extraconfig/pre_network/host_config_and_reboot.yaml b/extraconfig/pre_network/host_config_and_reboot.yaml index 009a0879..6c46133a 100644 --- a/extraconfig/pre_network/host_config_and_reboot.yaml +++ b/extraconfig/pre_network/host_config_and_reboot.yaml @@ -95,6 +95,13 @@ parameters: default: "vfio-pci" description: DPDK Driver type type: string + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. conditions: is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}} @@ -117,6 +124,10 @@ conditions: socket_mem_empty: {equals: [{get_param: OvsDpdkSocketMemory}, '']} driver_not_set: {equals: [{get_param: OvsDpdkDriverType}, 'vfio-pci']} isol_cpus_empty: {equals: [{get_param: IsolCpusList}, '0']} + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: RoleParametersValue: @@ -162,7 +173,11 @@ resources: name: HostParametersDeployment server: {get_param: server} config: {get_resource: HostParametersConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE input_values: _KERNEL_ARGS_: {get_param: [RoleParameters, KernelArgs]} _TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]} @@ -224,7 +239,11 @@ resources: name: RebootDeployment server: {get_param: server} config: {get_resource: RebootConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE signal_transport: NO_SIGNAL outputs: diff --git a/extraconfig/tasks/ssh/host_public_key.yaml b/extraconfig/tasks/ssh/host_public_key.yaml index e4ba0cc4..02fdbf1c 100644 --- a/extraconfig/tasks/ssh/host_public_key.yaml +++ b/extraconfig/tasks/ssh/host_public_key.yaml @@ -7,6 +7,13 @@ parameters: server: description: ID of the node to apply this config to type: string + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. resources: SshHostPubKeyConfig: @@ -28,6 +35,7 @@ resources: properties: config: {get_resource: SshHostPubKeyConfig} server: {get_param: server} + actions: {get_param: deployment_actions} outputs: diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index a579ee94..aaed2603 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -107,6 +107,8 @@ resource_registry: # Upgrade resources OS::TripleO::UpgradeConfig: puppet/upgrade_config.yaml + OS::TripleO::DeployedServerEnvironment: OS::Heat::None + # services OS::TripleO::Services: services.yaml OS::TripleO::Services::Apache: puppet/services/apache.yaml @@ -192,7 +194,7 @@ resource_registry: OS::TripleO::Services::Snmp: puppet/services/snmp.yaml OS::TripleO::Services::Tacker: OS::Heat::None OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml - OS::TripleO::Services::CeilometerApi: puppet/services/ceilometer-api.yaml + OS::TripleO::Services::CeilometerApi: puppet/services/disabled/ceilometer-api-disabled.yaml OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector-disabled.yaml OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer-disabled.yaml OS::TripleO::Services::CeilometerAgentCentral: puppet/services/ceilometer-agent-central.yaml diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index 56a10a52..ea5b2928 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -680,6 +680,10 @@ resources: StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} # No tenant or management VIP required + # Because of nested get_attr functions in the KeystoneAdminVip output, we + # can't determine which attributes of VipMap are used until after + # ServiceNetMap's attribute values are available. + depends_on: ServiceNetMap # All Nodes Validations AllNodesValidationConfig: @@ -778,6 +782,38 @@ resources: {{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]} {% endfor %} + DeployedServerEnvironment: + type: OS::TripleO::DeployedServerEnvironment + properties: + RoleCounts: +{% for role in roles %} + {{role.name}}DeployedServerCount: {get_param: {{role.name}}Count} +{% endfor %} + VipMap: + map_merge: + - {get_attr: [VipMap, net_ip_map]} + - redis: {get_attr: [RedisVirtualIP, ip_address]} + DeployedServerPortMap: + map_merge: + list_concat: +{% for role in roles %} + - {get_attr: [{{role.name}}, deployed_server_port_map]} +{% endfor %} + DeployedServerDeploymentSwiftDataMap: + map_merge: + list_concat: +{% for role in roles %} + - {get_attr: [{{role.name}}, deployed_server_deployment_swift_data_map]} +{% endfor %} + DefaultRouteIp: + str_split: + - ':' + - str_split: + - '/' + - {get_attr: [ServerOsCollectConfigData, value, {{primary_role_name}}, '0', request, metadata_url]} + - 2 + - 0 + outputs: ManagedEndpoints: description: Asserts that the keystone endpoints have been provisioned. @@ -787,6 +823,11 @@ outputs: value: {get_attr: [EndpointMapData, value, KeystonePublic, uri]} KeystoneAdminVip: description: Keystone Admin VIP endpoint + # Note that these nested get_attr functions require a dependency + # relationship between VipMap and ServiceNetMap, since we can't determine + # which attributes of VipMap are used until after ServiceNetMap's attribute + # values are available. If this is ever reworked to not use nested + # get_attr, that dependency can be removed. value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} EndpointMap: description: | @@ -830,10 +871,7 @@ outputs: {% endfor %} ServerOsCollectConfigData: description: The os-collect-config configuration associated with each server resource - value: -{% for role in roles %} - {{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]} -{% endfor %} + value: {get_attr: [ServerOsCollectConfigData, value]} VipMap: description: Mapping of each network to VIP addresses. Also includes the Redis VIP. value: @@ -843,3 +881,8 @@ outputs: ServerIdData: description: Mapping of each role to a list of nova server IDs and the bootstrap ID value: {get_attr: [ServerIdMap, value]} + DeployedServerEnvironment: + description: + Environment data that can be used as input into the services stack when + using split-stack. + value: {get_attr: [DeployedServerEnvironment, deployed_server_environment]} diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml index f28f606f..7d58d1da 100644 --- a/puppet/blockstorage-role.yaml +++ b/puppet/blockstorage-role.yaml @@ -409,6 +409,7 @@ resources: server: {get_resource: BlockStorage} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -517,6 +518,9 @@ resources: NodeExtraConfig: depends_on: NodeTLSCAData type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: BlockStorage} @@ -539,11 +543,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: BlockStorageDeployment properties: server: {get_resource: BlockStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -646,6 +660,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [BlockStorage, os_collect_config]} diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml index 85b276d6..48e5b97a 100644 --- a/puppet/cephstorage-role.yaml +++ b/puppet/cephstorage-role.yaml @@ -415,6 +415,7 @@ resources: server: {get_resource: CephStorage} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -521,6 +522,9 @@ resources: CephStorageExtraConfigPre: depends_on: CephStorageDeployment type: OS::TripleO::CephStorageExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: CephStorage} @@ -529,6 +533,9 @@ resources: NodeExtraConfig: depends_on: [CephStorageExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: CephStorage} @@ -550,11 +557,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: CephStorageDeployment properties: server: {get_resource: CephStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -657,6 +674,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [CephStorage, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [CephStorage, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [CephStorage, os_collect_config]} diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml index 10d082cb..3ad6f745 100644 --- a/puppet/compute-role.yaml +++ b/puppet/compute-role.yaml @@ -418,6 +418,7 @@ resources: server: {get_resource: NovaCompute} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig @@ -544,6 +545,9 @@ resources: ComputeExtraConfigPre: depends_on: NovaComputeDeployment type: OS::TripleO::ComputeExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: NovaCompute} @@ -552,6 +556,9 @@ resources: NodeExtraConfig: depends_on: [ComputeExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: NovaCompute} @@ -574,11 +581,21 @@ resources: update_identifier: get_param: UpdateIdentifier + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: NovaComputeDeployment properties: server: {get_resource: NovaCompute} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -602,6 +619,45 @@ outputs: management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml index ca08c65d..cdc2ec68 100644 --- a/puppet/controller-role.yaml +++ b/puppet/controller-role.yaml @@ -441,6 +441,7 @@ resources: server: {get_resource: Controller} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig @@ -524,7 +525,6 @@ resources: config: {get_resource: ControllerConfig} server: {get_resource: Controller} input_values: - bootstack_nodeid: {get_attr: [Controller, name]} enable_load_balancer: {get_param: EnableLoadBalancer} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -567,9 +567,6 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: {get_param: ExtraConfig} controller: - # data supplied directly to this deployment configuration, etc - bootstack_nodeid: {get_input: bootstack_nodeid} - # Pacemaker enable_load_balancer: {get_input: enable_load_balancer} # Misc @@ -587,6 +584,9 @@ resources: ControllerExtraConfigPre: depends_on: ControllerDeployment type: OS::TripleO::ControllerExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: Controller} @@ -595,6 +595,9 @@ resources: NodeExtraConfig: depends_on: [ControllerExtraConfigPre, NodeTLSData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: Controller} @@ -617,11 +620,21 @@ resources: update_identifier: get_param: UpdateIdentifier + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: ControllerDeployment properties: server: {get_resource: Controller} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -645,6 +658,45 @@ outputs: management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [Controller, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [Controller, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [Controller, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml index 4a1670f8..a03a9da5 100644 --- a/puppet/objectstorage-role.yaml +++ b/puppet/objectstorage-role.yaml @@ -409,6 +409,7 @@ resources: server: {get_resource: SwiftStorage} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -517,6 +518,9 @@ resources: NodeExtraConfig: depends_on: NodeTLSCAData type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: SwiftStorage} @@ -538,11 +542,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: SwiftStorageHieraDeploy properties: server: {get_resource: SwiftStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -645,6 +659,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [SwiftStorage, os_collect_config]} diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index 8617307b..039bd6ba 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -386,6 +386,7 @@ resources: server: {get_resource: {{role.name}}} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -498,6 +499,9 @@ resources: {{role.name}}ExtraConfigPre: depends_on: {{role.name}}Deployment type: OS::TripleO::{{role.name}}ExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: {{role.name}}} @@ -506,6 +510,9 @@ resources: NodeExtraConfig: depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: {{role.name}}} @@ -528,11 +535,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: {{role.name}}Deployment properties: server: {get_resource: {{role.name}}} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -592,6 +609,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" value: {get_resource: {{role.name}}} condition: server_not_blacklisted + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [{{role.name}}, os_collect_config]} diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 0563d08b..c6a8f880 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -64,6 +64,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: AodhDebug}, '']} @@ -91,6 +97,7 @@ outputs: - {get_param: Debug } - {get_param: AodhDebug } aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } + aodh::notification_driver: {get_param: NotificationDriver} aodh::rabbit_userid: {get_param: RabbitUserName} aodh::rabbit_password: {get_param: RabbitPassword} aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml index 51331242..65c26d40 100644 --- a/puppet/services/barbican-api.yaml +++ b/puppet/services/barbican-api.yaml @@ -73,6 +73,12 @@ parameters: e.g. { barbican-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] resources: @@ -109,6 +115,7 @@ outputs: - service_debug_unset - {get_param: Debug } - {get_param: BarbicanDebug } + barbican::api::notification_driver: {get_param: NotificationDriver} barbican::api::rabbit_use_ssl: {get_param: RabbitClientUseSSL} barbican::api::rabbit_userid: {get_param: RabbitUserName} barbican::api::rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 1d86369b..0cd9a6dd 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -103,6 +103,12 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']} @@ -139,6 +145,7 @@ outputs: ceilometer::dispatcher::gnocchi::filter_project: 'service' ceilometer::dispatcher::gnocchi::archive_policy: 'low' ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml' + ceilometer::notification_driver: {get_param: NotificationDriver} ceilometer::rabbit_userid: {get_param: RabbitUserName} ceilometer::rabbit_password: {get_param: RabbitPassword} ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 036209f3..47715a7e 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -60,6 +60,12 @@ parameters: e.g. { cinder-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: cinder_workers_zero: {equals : [{get_param: CinderWorkers}, 0]} @@ -105,6 +111,7 @@ outputs: cinder::keystone::authtoken::user_domain_name: 'Default' cinder::keystone::authtoken::project_domain_name: 'Default' cinder::policy::policies: {get_param: CinderApiPolicies} + cinder::ceilometer::notification_driver: {get_param: NotificationDriver} cinder::api::enable_proxy_headers_parsing: true cinder::api::nova_catalog_info: 'compute:nova:internalURL' diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml index 5bca94d7..f30f1139 100644 --- a/puppet/services/congress.yaml +++ b/puppet/services/congress.yaml @@ -65,6 +65,12 @@ parameters: e.g. { congress-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: CongressDebug}, '']} @@ -92,6 +98,7 @@ outputs: - {get_param: Debug } - {get_param: CongressDebug } congress::rpc_backend: rabbit + congress::notification_driver: {get_param: NotificationDriver} congress::rabbit_userid: {get_param: RabbitUserName} congress::rabbit_password: {get_param: RabbitPassword} congress::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/disabled/ceilometer-api-disabled.yaml b/puppet/services/disabled/ceilometer-api-disabled.yaml new file mode 100644 index 00000000..6dce61e3 --- /dev/null +++ b/puppet/services/disabled/ceilometer-api-disabled.yaml @@ -0,0 +1,41 @@ +heat_template_version: pike + +description: > + OpenStack Ceilometer API service, disabled since pike + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the disabled Ceilometer API role. + value: + service_name: ceilometer_api_disabled + upgrade_tasks: + - name: Purge Ceilometer apache config files + tags: step1 + file: path=/etc/httpd/conf.d/10-ceilometer_wsgi.conf state=absent + - name: Clean up ceilometer port from ports.conf + tags: step1 + lineinfile: dest=/etc/httpd/conf/ports.conf state=absent regexp="8777$" diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index a3d5a793..53cde963 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -128,6 +128,12 @@ parameters: e.g. { glance-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]} @@ -237,7 +243,7 @@ outputs: glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort} glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword} glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL} - glance::notify::rabbitmq::notification_driver: messagingv2 + glance::notify::rabbitmq::notification_driver: {get_param: NotificationDriver} tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled} tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare} tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions} diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index d89fe46a..d305edb5 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -115,6 +115,12 @@ parameters: default: 1048576 description: Maximum raw byte size of the Heat API JSON request body. type: number + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: HeatDebug}, '']} @@ -125,6 +131,7 @@ outputs: value: service_name: heat_base config_settings: + heat::notification_driver: {get_param: NotificationDriver} heat::rabbit_userid: {get_param: RabbitUserName} heat::rabbit_password: {get_param: RabbitPassword} heat::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 60d194bc..9535682a 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -203,6 +203,12 @@ parameters: type: json default: {} hidden: true + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] parameter_groups: - label: deprecated @@ -214,6 +220,7 @@ parameter_groups: parameters: - KeystoneFernetKey0 - KeystoneFernetKey1 + - KeystoneNotificationDriver resources: @@ -281,7 +288,7 @@ outputs: keystone::rabbit_password: {get_param: RabbitPassword} keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL} keystone::rabbit_port: {get_param: RabbitClientPort} - keystone::notification_driver: {get_param: KeystoneNotificationDriver} + keystone::notification_driver: {get_param: NotificationDriver} keystone::notification_format: {get_param: KeystoneNotificationFormat} keystone::roles::admin::email: {get_param: AdminEmail} keystone::roles::admin::password: {get_param: AdminPassword} diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml index d0ee2125..54f416bb 100644 --- a/puppet/services/manila-base.yaml +++ b/puppet/services/manila-base.yaml @@ -56,6 +56,12 @@ parameters: description: The password for the manila service account. type: string hidden: true + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: ManilaDebug}, '']} @@ -66,6 +72,7 @@ outputs: value: service_name: manila_base config_settings: + manila::notification_driver: {get_param: NotificationDriver} manila::rabbit_userid: {get_param: RabbitUserName} manila::rabbit_password: {get_param: RabbitPassword} manila::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/mistral-base.yaml b/puppet/services/mistral-base.yaml index 8b3655dd..a0d203ce 100644 --- a/puppet/services/mistral-base.yaml +++ b/puppet/services/mistral-base.yaml @@ -61,6 +61,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: MistralDebug}, '']} @@ -81,6 +87,7 @@ outputs: query: read_default_file: /etc/my.cnf.d/tripleo.cnf read_default_group: tripleo + mistral::notification_driver: {get_param: NotificationDriver} mistral::rabbit_userid: {get_param: RabbitUserName} mistral::rabbit_password: {get_param: RabbitPassword} mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 3c7518b3..da7ad199 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -91,6 +91,12 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: dhcp_agents_zero: {equals : [{get_param: NeutronDhcpAgentsPerNetwork}, 0]} @@ -107,6 +113,7 @@ outputs: neutron::rabbit_user: {get_param: RabbitUserName} neutron::rabbit_use_ssl: {get_param: RabbitClientUseSSL} neutron::rabbit_port: {get_param: RabbitClientPort} + neutron::notification_driver: {get_param: NotificationDriver} neutron::core_plugin: {get_param: NeutronCorePlugin} neutron::service_plugins: {get_param: NeutronServicePlugins} neutron::debug: diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index ea584932..809d3ff5 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -30,6 +30,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] NovaPassword: description: The password for the nova service and db account, used by nova-api. type: string @@ -215,7 +221,7 @@ outputs: nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' nova::host: '%{::fqdn}' nova::notify_on_state_change: 'vm_and_task_state' - nova::notification_driver: messagingv2 + nova::notification_driver: {get_param: NotificationDriver} nova::network::neutron::neutron_auth_type: 'v3password' nova::db::database_db_max_retries: -1 nova::db::database_max_retries: -1 diff --git a/puppet/services/octavia-base.yaml b/puppet/services/octavia-base.yaml index 0809b3e4..1246813d 100644 --- a/puppet/services/octavia-base.yaml +++ b/puppet/services/octavia-base.yaml @@ -58,6 +58,12 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']} @@ -74,6 +80,7 @@ outputs: - {get_param: Debug } - {get_param: OctaviaDebug } octavia::purge_config: {get_param: EnableConfigPurge} + octavia::notification_driver: {get_param: NotificationDriver} octavia::rabbit_use_ssl: {get_param: RabbitClientUseSSL} octavia::rabbit_userid: {get_param: RabbitUserName} octavia::rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml index c294e744..d5110617 100644 --- a/puppet/services/sahara-base.yaml +++ b/puppet/services/sahara-base.yaml @@ -60,6 +60,12 @@ parameters: default: ["ambari","cdh","mapr","vanilla","spark","storm"] description: Sahara enabled plugin list type: comma_delimited_list + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: SaharaDebug}, '']} @@ -80,6 +86,7 @@ outputs: query: read_default_file: /etc/my.cnf.d/tripleo.cnf read_default_group: tripleo + sahara::notify::notification_driver: {get_param: NotificationDriver} sahara::rabbit_password: {get_param: RabbitPassword} sahara::rabbit_user: {get_param: RabbitUserName} sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml index 5ced8c3c..44c638bf 100644 --- a/puppet/services/tacker.yaml +++ b/puppet/services/tacker.yaml @@ -65,6 +65,12 @@ parameters: e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: TackerDebug}, '']} @@ -93,6 +99,7 @@ outputs: - {get_param: Debug } - {get_param: TackerDebug } tacker::rpc_backend: rabbit + tacker::notification_driver: {get_param: NotificationDriver} tacker::rabbit_userid: {get_param: RabbitUserName} tacker::rabbit_password: {get_param: RabbitPassword} tacker::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml b/releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml new file mode 100644 index 00000000..14a5a279 --- /dev/null +++ b/releasenotes/notes/deployed-server-environment-output-d838c782f76823b7.yaml @@ -0,0 +1,6 @@ +--- +features: + - Add a new output, DeployedServerEnvironment, that can be used as + the contents of an environment file. This environment file can then be used + as input into a services only stack when using split-stack. The parameter + simplifies the manual steps needed to deploy split-stack. diff --git a/releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml b/releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml new file mode 100644 index 00000000..b7090973 --- /dev/null +++ b/releasenotes/notes/notification-driver-noop-e322ca6704a5bc50.yaml @@ -0,0 +1,10 @@ +--- +features: + - | + Allow to configure the Message Queue notification driver. + By default, we'll configure 'messagingv2' but we can now + override NotificationDriver parameter and set 'noop' when + we don't want notifications, which is the case when + we disable Telemetry services. +deprecations: + - KeystoneNotificationDriver is deprecated in favor of NotificationDriver. diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py index 72b89b10..7b41a9e2 100644 --- a/releasenotes/source/conf.py +++ b/releasenotes/source/conf.py @@ -27,7 +27,7 @@ # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. extensions = [ - 'oslosphinx', + 'openstackdocstheme', 'reno.sphinxext', ] @@ -101,7 +101,7 @@ pygments_style = 'sphinx' # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. -html_theme = 'default' +html_theme = 'openstackdocs' # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the @@ -262,3 +262,8 @@ texinfo_documents = [ # -- Options for Internationalization output ------------------------------ locale_dirs = ['locale/'] + +# openstackdocstheme options +repository_name = 'openstack/tripleo-heat-templates' +bug_project = 'tripleo' +bug_tag = 'documentation' diff --git a/test-requirements.txt b/test-requirements.txt index 6e0eea3c..9291450a 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,11 +1,11 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. +openstackdocstheme>=1.11.0 # Apache-2.0 PyYAML>=3.10.0 # MIT Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause) six>=1.9.0 # MIT sphinx>=1.6.2 # BSD -oslosphinx>=4.7.0 # Apache-2.0 reno!=2.3.1,>=1.8.0 # Apache-2.0 coverage!=4.4,>=4.0 # Apache-2.0 fixtures>=3.0.0 # Apache-2.0/BSD diff --git a/validation-scripts/all-nodes.sh b/validation-scripts/all-nodes.sh index ed7fefb7..296dcd36 100644 --- a/validation-scripts/all-nodes.sh +++ b/validation-scripts/all-nodes.sh @@ -10,12 +10,13 @@ function ping_retry() { PING_CMD=ping6 fi until [ $COUNT -ge $TIMES ]; do - if $PING_CMD -w 300 -c 1 $IP_ADDR &> /dev/null; then + if $PING_CMD -w 10 -c 1 $IP_ADDR &> /dev/null; then echo "Ping to $IP_ADDR succeeded." return 0 fi echo "Ping to $IP_ADDR failed. Retrying..." COUNT=$(($COUNT + 1)) + sleep 60 done return 1 } |