diff options
33 files changed, 1039 insertions, 227 deletions
diff --git a/docker/README-containers.md b/docker/README-containers.md index 17990b54..ff062a93 100644 --- a/docker/README-containers.md +++ b/docker/README-containers.md @@ -22,7 +22,12 @@ https://github.com/openstack/tripleo-common/blob/master/scripts/tripleo.sh Create the Overcloud: ``` -$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker-rdo.yaml --libvirt-type=qemu +$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network.yaml --libvirt-type=qemu +``` + +Using Network Isolation in the Overcloud: +``` +$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network-isolation.yaml --libvirt-type=qemu ``` Source the overcloudrc and then you can use the overcloud. diff --git a/docker/compute-post.yaml b/docker/compute-post.yaml index a6607fd9..8f786f72 100644 --- a/docker/compute-post.yaml +++ b/docker/compute-post.yaml @@ -1,5 +1,4 @@ -heat_template_version: 2015-04-30 - +heat_template_version: 2015-10-15 description: > OpenStack compute node post deployment for Docker. @@ -26,6 +25,26 @@ parameters: type: string DockerOpenvswitchDBImage: type: string + LibvirtConfig: + type: string + default: "/etc/libvirt/libvirtd.conf" + NovaConfig: + type: string + default: "/etc/nova/nova.conf" + NeutronOpenvswitchAgentConfig: + type: string + default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/ml2/ml2_conf.ini" + NeutronAgentConfig: + type: string + default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini" + NeutronAgentPluginVolume: + type: string + description: The neutron agent plugin to mount into the neutron-agents container + default: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/ovs_neutron_plugin.ini:ro" + NeutronAgentOvsVolume: + type: string + description: The neutron agent ovs agents to mount into the neutron-agents container + default: " " resources: @@ -74,9 +93,70 @@ resources: type: OS::Heat::SoftwareConfig properties: group: script - outputs: - - name: result - config: {get_file: ./generate_json_config.sh} + inputs: + - name: libvirt_config + - name: nova_config + - name: neutron_openvswitch_agent_config + - name: neutron_agent_config + config: | + #!/bin/python + import json + import os + + data = {} + file_perms = '600' + libvirt_perms = '644' + + libvirt_config = os.getenv('libvirt_config').split(',') + nova_config = os.getenv('nova_config').split(',') + neutron_openvswitch_agent_config = os.getenv('neutron_openvswitch_agent_config').split(',') + neutron_agent_config = os.getenv('neutron_agent_config').split(',') + + # Command, Config_files, Owner, Perms + services = {'nova-libvirt': ['/usr/sbin/libvirtd', libvirt_config, 'root', libvirt_perms], + 'nova-compute': ['/usr/bin/nova-compute', nova_config, 'nova', file_perms], + 'neutron-openvswitch-agent': ['/usr/bin/neutron-openvswitch-agent', neutron_openvswitch_agent_config, 'neutron', file_perms], + 'neutron-agent': ['/usr/bin/neutron-openvswitch-agent', neutron_agent_config, 'neutron', file_perms], + 'ovs-vswitchd': ['/usr/sbin/ovs-vswitchd unix:/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --log-file=/var/log/openvswitch/ovs-vswitchd.log'], + 'ovsdb-server': ['/usr/sbin/ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/run/openvswitch/db.sock --log-file=/var/log/openvswitch/ovsdb-server.log'] + } + + + def build_config_files(config, owner, perms): + config_source = '/var/lib/kolla/config_files/' + config_files_dict = {} + source = os.path.basename(config) + dest = config + config_files_dict.update({'source': config_source + source, + 'dest': dest, + 'owner': owner, + 'perm': perms}) + return config_files_dict + + + for service in services: + if service != 'ovs-vswitchd' and service != 'ovsdb-server': + command = services.get(service)[0] + config_files = services.get(service)[1] + owner = services.get(service)[2] + perms = services.get(service)[3] + config_files_list = [] + for config_file in config_files: + if service == 'nova-libvirt': + command = command + ' --config ' + config_file + else: + command = command + ' --config-file ' + config_file + data['command'] = command + config_files_dict = build_config_files(config_file, owner, perms) + config_files_list.append(config_files_dict) + data['config_files'] = config_files_list + else: + data['command'] = services.get(service)[0] + data['config_files'] = [] + + json_config_dir = '/var/lib/etc-data/json-config/' + with open(json_config_dir + service + '.json', 'w') as json_file: + json.dump(data, json_file, sort_keys=True, indent=4, separators=(',', ': ')) CopyJsonDeployment: type: OS::Heat::SoftwareDeployments @@ -84,6 +164,11 @@ resources: properties: config: {get_resource: CopyJsonConfig} servers: {get_param: servers} + input_values: + libvirt_config: {get_param: LibvirtConfig} + nova_config: {get_param: NovaConfig} + neutron_openvswitch_agent_config: {get_param: NeutronOpenvswitchAgentConfig} + neutron_agent_config: {get_param: NeutronAgentConfig} NovaComputeContainersDeploymentOVS: type: OS::Heat::StructuredDeployments @@ -118,12 +203,12 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchDBImage} ] - container_name: ovs-db-server + container_name: ovsdb-server net: host restart: always volumes: - /run:/run - - /var/lib/etc-data/json-config/ovs-dbserver.json:/var/lib/kolla/config_files/config.json + - /var/lib/etc-data/json-config/ovsdb-server.json:/var/lib/kolla/config_files/config.json environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS @@ -234,11 +319,15 @@ resources: privileged: true restart: always volumes: - - /run:/run - - /lib/modules:/lib/modules:ro - - /var/lib/etc-data/json-config/neutron-agent.json:/var/lib/kolla/config_files/config.json - - /var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/ovs_neutron_plugin.ini:ro - - /var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro + str_split: + - "," + - list_join: + - "," + - [ "/run:/run", "/lib/modules:/lib/modules:ro", + "/var/lib/etc-data/json-config/neutron-agent.json:/var/lib/kolla/config_files/config.json", + "/var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro", + {get_param: NeutronAgentPluginVolume}, + {get_param: NeutronAgentOvsVolume} ] environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS volumes_from: diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml index 22a8ff92..348c1755 100644 --- a/docker/firstboot/install_docker_agents.yaml +++ b/docker/firstboot/install_docker_agents.yaml @@ -3,7 +3,7 @@ heat_template_version: 2014-10-16 parameters: DockerAgentImage: type: string - default: dprince/heat-docker-agents-centos + default: tripleoupstream/heat-docker-agents DockerNamespace: type: string default: kollaglue diff --git a/docker/generate_json_config.sh b/docker/generate_json_config.sh deleted file mode 100644 index 5cf49226..00000000 --- a/docker/generate_json_config.sh +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash - -KOLLA_DEST=/var/lib/kolla/config_files -JSON_DEST=/var/lib/etc-data/json-config - -# For more config file generation, simply define a new SERVICE_DATA_ -# prefixed variable. The command string is quoted to include config-file -# arguments. Note that the variable name following SERVICE_DATA_ will be -# the filename the JSON config is written to. - -# [EXAMPLE]: SERVICE_DATA_<SERVICE_NAME>=(<command> <source> <dest> <owner> <perms>) - -SERVICE_DATA_NOVA_LIBVIRT=("/usr/sbin/libvirtd" libvirtd.conf /etc/libvirt/libvirtd.conf root 0644) -SERVICE_DATA_NOVA_COMPUTE=("/usr/bin/nova-compute" nova.conf /etc/nova/nova.conf nova 0600) -SERVICE_DATA_NEUTRON_OPENVSWITCH_AGENT=("/usr/bin/neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini" neutron.conf /etc/neutron/neutron.conf neutron 0600 ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini neutron 0600) -SERVICE_DATA_NEUTRON_AGENT=("/usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini" neutron.conf /etc/neutron/neutron.conf neutron 0600 ovs_neutron_plugin.ini /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini neutron 0600) -SERVICE_DATA_OVS_VSWITCHD=("/usr/sbin/ovs-vswitchd unix:/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --log-file=/var/log/openvswitch/ovs-vswitchd.log") -SERVICE_DATA_OVS_DBSERVER=("/usr/sbin/ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/run/openvswitch/db.sock --log-file=/var/log/openvswitch/ovsdb-server.log") - -function create_json_header() { - local command=$1 - - echo "\ -{ - \"command\": \"${command[@]}\"," - -} - -function create_config_file_header() { - echo " \"config_files\": [" -} - -function create_config_file_block() { - local source=$KOLLA_DEST/$1 - local dest=$2 - local owner=$3 - local perm=$4 - - printf "\ -\t{ -\t \"source\": \"$source\", -\t \"dest\": \"$dest\", -\t \"owner\": \"$owner\", -\t \"perm\": \"$perm\" -\t}" -} - -function add_trailing_comma() { - printf ", \n" -} - -function create_config_file_trailer() { - echo -e "\n ]" -} - -function create_json_trailer() { - echo "}" -} - -function create_json_data() { - local config_data=$1 - shift - - create_json_header "$config_data" - create_config_file_header - while [ "$1" ]; do - create_config_file_block "$@" - shift 4 - if [ "$1" ]; then - add_trailing_comma - fi - done - create_config_file_trailer - create_json_trailer -} - -function write_json_data() { - - local name=$1[@] - local service_data=("${!name}") - - local service_name=${1#SERVICE_DATA_} # chop SERVICE_DATA_ prefix - service_name=${service_name//_/-} # switch underscore to dash - service_name=${service_name,,} # change to lowercase - - echo "Creating JSON file ${service_name}" - create_json_data "${service_data[@]}" > "$JSON_DEST/$service_name.json" -} - -function process_configs() { - for service in ${!SERVICE_DATA_*}; do - write_json_data "${service}" - done -} - -process_configs diff --git a/environments/cinder-dellsc-config.yaml b/environments/cinder-dellsc-config.yaml new file mode 100644 index 00000000..92e257d4 --- /dev/null +++ b/environments/cinder-dellsc-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Cinder Dell Storage Center ISCSI backend, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml + +parameter_defaults: + CinderEnableDellScBackend: true + CinderDellScBackendName: 'tripleo_dellsc' + CinderDellScSanIp: '' + CinderDellScSanLogin: 'Admin' + CinderDellScSanPassword: '' + CinderDellScSsn: '64702' + CinderDellScIscsiIpAddress: '' + CinderDellScIscsiPort: '3260' + CinderDellScApiPort: '3033' + CinderDellScServerFolder: 'dellsc_server' + CinderDellScVolumeFolder: 'dellsc_volume' diff --git a/environments/cinder-eqlx-config.yaml b/environments/cinder-eqlx-config.yaml new file mode 100644 index 00000000..ca2c5e5a --- /dev/null +++ b/environments/cinder-eqlx-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Cinder eqlx backen, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml + +parameter_defaults: + CinderEnableEqlxBackend: true + CinderEqlxBackendName: 'tripleo_eqlx' + CinderEqlxSanIp: '' + CinderEqlxSanLogin: '' + CinderEqlxSanPassword: '' + CinderEqlxSanThinProvision: true + CinderEqlxGroupname: 'group-0' + CinderEqlxPool: 'default' + CinderEqlxChapLogin: '' + CinderEqlxChapPassword: '' + CinderEqlxUseChap: false diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml new file mode 100644 index 00000000..257d03dc --- /dev/null +++ b/environments/docker-network-isolation.yaml @@ -0,0 +1,4 @@ +parameter_defaults: + NeutronAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini" + NeutronAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro" + NeutronAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro" diff --git a/environments/docker-network.yaml b/environments/docker-network.yaml new file mode 100644 index 00000000..f10ec389 --- /dev/null +++ b/environments/docker-network.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml diff --git a/environments/docker-rdo.yaml b/environments/docker.yaml index 66824feb..6376b749 100644 --- a/environments/docker-rdo.yaml +++ b/environments/docker.yaml @@ -2,7 +2,6 @@ resource_registry: # Docker container with heat agents for containerized compute node. OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml - OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml parameters: NovaImage: atomic-image diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index 5c2506e9..bc4d1bef 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -4,6 +4,38 @@ parameter_defaults: SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here + EndpointMap: + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet. + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} resource_registry: OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/ips-from-pool.yaml b/environments/ips-from-pool.yaml new file mode 100644 index 00000000..8c27fe4e --- /dev/null +++ b/environments/ips-from-pool.yaml @@ -0,0 +1,20 @@ +resource_registry: + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + ControllerIPs: + # Each controller will get an IP from the lists below, first controller, first IP + external: + - 10.0.0.251 + internal_api: + - 172.16.2.251 + storage: + - 172.16.1.251 + storage_mgmt: + - 172.16.3.251 + tenant: + - 172.16.0.251 diff --git a/environments/neutron-midonet.yaml b/environments/neutron-midonet.yaml new file mode 100644 index 00000000..726852a0 --- /dev/null +++ b/environments/neutron-midonet.yaml @@ -0,0 +1,20 @@ +# A Heat environment that can be used to deploy MidoNet Services +resource_registry: + OS::TripleO::AllNodesExtraConfig: ../puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../net-config-linux-bridge.yaml # We have to avoid any ovs bridge. MidoNet is incompatible with its datapath + +parameter_defaults: + EnableZookeeperOnController: true + EnableCassandraOnController: true + NeutronCorePlugin: 'midonet.neutron.plugin_v1.MidonetPluginV2' # Overriding default core_plugin in Neutron. Don't touch it + NeutronEnableIsolatedMetadata: true # MidoNet 1.9 needs this one to work. Don't change it + NeutronEnableL3Agent: false + NeutronEnableOVSAgent: false + + # Other available options for MidoNet Services + # TunnelZoneName: 'tunnelname' + # TunnelZoneType: 'gre' + # CassandraStoragePort: 7000 + # CassandraSslStoragePort: 7009 + # CassandraClientPort: 9042 + # CassandraClientPortThrift: 9160 diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 5ccfa58e..bd320bd9 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -43,9 +43,10 @@ parameter_defaults: ## OSDs are deployed on dedicated ceph-storage nodes only. # ControllerEnableCephStorage: false - ## When deploying Ceph through the oscplugin CLI, the following + ## When deploying Ceph Nodes through the oscplugin CLI, the following ## parameters are set automatically by the CLI. When deploying via - ## heat stack-create, they need to be provided manually. + ## heat stack-create or ceph on the controller nodes only, + ## they need to be provided manually. ## Number of Ceph storage nodes to deploy # CephStorageCount: 0 diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh index 4e8b20fd..12201097 100755 --- a/extraconfig/tasks/pacemaker_resource_restart.sh +++ b/extraconfig/tasks/pacemaker_resource_restart.sh @@ -26,6 +26,7 @@ function check_resource { sleep $check_interval else echo "$service has $state" + timeout -k 10 $timeout crm_resource --wait return fi done @@ -50,7 +51,7 @@ if [ "$pacemaker_status" = "active" -a \ pcs resource disable httpd check_resource httpd stopped 300 pcs resource disable openstack-keystone - check_resource openstack-keystone stopped 1200 + check_resource openstack-keystone stopped 1800 if pcs status | grep haproxy-clone; then pcs resource restart haproxy-clone @@ -62,7 +63,7 @@ if [ "$pacemaker_status" = "active" -a \ pcs resource restart galera-master pcs resource enable openstack-keystone - check_resource openstack-keystone started 300 + check_resource openstack-keystone started 1800 pcs resource enable httpd check_resource httpd started 800 diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index e32369e1..c6313d9d 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -24,6 +24,7 @@ update_identifier=${update_identifier//[^a-zA-Z0-9-_]/} # seconds to wait for this node to rejoin the cluster after update cluster_start_timeout=600 galera_sync_timeout=360 +cluster_settle_timeout=1800 timestamp_file="$timestamp_dir/$update_identifier" if [[ -a "$timestamp_file" ]]; then @@ -122,13 +123,16 @@ openstack-nova-scheduler" echo "Setting resource start/stop timeouts" for service in $SERVICES; do - pcs -f $pacemaker_dumpfile resource update $service op start timeout=100s op stop timeout=100s + pcs -f $pacemaker_dumpfile resource update $service op start timeout=200s op stop timeout=200s done # mongod start timeout is higher, setting only stop timeout - pcs -f $pacemaker_dumpfile resource update mongod op stop timeout=100s + pcs -f $pacemaker_dumpfile resource update mongod op start timeout=370s op stop timeout=200s echo "Applying new Pacemaker config" - pcs cluster cib-push $pacemaker_dumpfile + if ! pcs cluster cib-push $pacemaker_dumpfile; then + echo "ERROR failed to apply new pacemaker config" + exit 1 + fi echo "Pacemaker running, stopping cluster node and doing full package update" node_count=$(pcs status xml | grep -o "<nodes_configured.*/>" | grep -o 'number="[0-9]*"' | grep -o "[0-9]*") @@ -188,6 +192,12 @@ if [[ "$pacemaker_status" == "active" ]] ; then fi done + echo "Waiting for pacemaker cluster to settle" + if ! timeout -k 10 $cluster_settle_timeout crm_resource --wait; then + echo "ERROR timed out while waiting for the cluster to settle" + exit 1 + fi + pcs status else diff --git a/net-config-linux-bridge.yaml b/net-config-linux-bridge.yaml index 0646ffab..0980803e 100644 --- a/net-config-linux-bridge.yaml +++ b/net-config-linux-bridge.yaml @@ -28,6 +28,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index 05214011..0ff0a8e5 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -78,7 +78,7 @@ parameters: via parameter_defaults in the resource registry. CloudName: type: string - default: '' + default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org resources: diff --git a/overcloud.yaml b/overcloud.yaml index 7292b49e..73655198 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -13,7 +13,6 @@ parameters: # Common parameters (not specific to a role) AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true @@ -22,12 +21,10 @@ parameters: description: The ceilometer backend type. type: string CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service account. type: string hidden: true @@ -68,7 +65,7 @@ parameters: description: Whether to enable or not the Rbd backend for Cinder type: boolean CloudName: - default: '' + default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string ControlFixedIPs: @@ -138,7 +135,6 @@ parameters: description: The tenant network type for Neutron. type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service account, used by neutron agents. type: string hidden: true @@ -169,7 +165,6 @@ parameters: description: Whether to configure Neutron Distributed Virtual Routers type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -197,7 +192,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -212,6 +207,16 @@ parameters: description: | The mechanism drivers for the Neutron tenant network. type: comma_delimited_list + NeutronPluginExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron plugin. + type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. + type: comma_delimited_list NeutronAllowL3AgentFailover: default: 'False' description: Allow automatic l3-agent failover @@ -225,7 +230,6 @@ parameters: default: 1 description: The number of neutron dhcp agents to schedule per network NovaPassword: - default: unset description: The password for the nova service account, used by nova-api. type: string hidden: true @@ -277,10 +281,13 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + TimeZone: + default: 'UTC' + description: The timezone to be set on nodes. + type: string CloudDomain: default: 'localdomain' type: string @@ -296,7 +303,6 @@ parameters: # Controller-specific params AdminToken: - default: unset description: The keystone auth secret. type: string hidden: true @@ -317,7 +323,6 @@ parameters: CinderEnableNfsBackend is true. type: comma_delimited_list CinderPassword: - default: unset description: The password for the cinder service account, used by cinder-api. type: string hidden: true @@ -338,11 +343,12 @@ parameters: type: json controllerImage: type: string - default: overcloud-control + default: overcloud-full constraints: - custom_constraint: glance.image OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -418,7 +424,6 @@ parameters: type: string default: noop GlancePassword: - default: unset description: The password for the glance service account, used by the glance services. type: string hidden: true @@ -430,14 +435,12 @@ parameters: constraints: - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: - default: unset description: The password for the Heat service account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_domain_admin user. type: string - default: '' hidden: true InstanceNameTemplate: default: 'instance-%08x' @@ -517,12 +520,10 @@ parameters: This should be int_public when a VLAN is being used. type: string SwiftHashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. type: string hidden: true SwiftPassword: - default: unset description: The password for the swift service account, used by the swift proxy services. type: string hidden: true @@ -565,7 +566,7 @@ parameters: description: What interface to add to the HypervisorNeutronPhysicalBridge. type: string NeutronNetworkVLANRanges: - default: 'datacentre' + default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any @@ -581,7 +582,7 @@ parameters: structure as ExtraConfig. type: json NovaComputeLibvirtType: - default: '' + default: kvm type: string NovaComputeLibvirtVifDriver: default: '' @@ -597,7 +598,7 @@ parameters: type: boolean NovaImage: type: string - default: overcloud-compute + default: overcloud-full constraints: - custom_constraint: glance.image NovaOVSBridge: @@ -610,6 +611,7 @@ parameters: type: string OvercloudComputeFlavor: description: Use this flavor + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -652,10 +654,11 @@ parameters: type: number default: 0 BlockStorageImage: - default: overcloud-cinder-volume + default: overcloud-full type: string OvercloudBlockStorageFlavor: description: Flavor for block storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -677,11 +680,12 @@ parameters: default: 0 OvercloudSwiftStorageFlavor: description: Flavor for Swift storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor SwiftStorageImage: - default: overcloud-swift-storage + default: overcloud-full type: string ObjectStorageExtraConfig: default: {} @@ -699,7 +703,7 @@ parameters: type: number default: 0 CephStorageImage: - default: overcloud-ceph-storage + default: overcloud-full type: string OvercloudCephStorageFlavor: default: baremetal @@ -906,6 +910,8 @@ resources: NeutronServicePlugins: {get_param: NeutronServicePlugins} NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} + NeutronPluginExtensions: {get_param: NeutronPluginExtensions} + NeutronAgentExtensions: {get_param: NeutronAgentExtensions} NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork} @@ -931,6 +937,7 @@ resources: SwiftPartPower: {get_param: SwiftPartPower} SwiftPassword: {get_param: SwiftPassword} SwiftReplicas: { get_param: SwiftReplicas} + TimeZone: {get_param: TimeZone} VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now. PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} ServiceNetMap: {get_param: ServiceNetMap} @@ -1000,6 +1007,7 @@ resources: NeutronServicePlugins: {get_param: NeutronServicePlugins} NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} + NeutronAgentExtensions: {get_param: NeutronAgentExtensions} # L3 HA and Failover is not relevant for Computes, should be removed NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} @@ -1022,6 +1030,7 @@ resources: SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} ServiceNetMap: {get_param: ServiceNetMap} + TimeZone: {get_param: TimeZone} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: @@ -1057,6 +1066,7 @@ resources: RabbitUserName: {get_param: RabbitUserName} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} + TimeZone: {get_param: TimeZone} NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: @@ -1090,6 +1100,7 @@ resources: PartPower: {get_param: SwiftPartPower} Image: {get_param: SwiftStorageImage} Replicas: { get_param: SwiftReplicas} + TimeZone: {get_param: TimeZone} NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_param: ServiceNetMap} @@ -1118,6 +1129,7 @@ resources: Flavor: {get_param: OvercloudCephStorageFlavor} NtpServer: {get_param: NtpServer} ServiceNetMap: {get_param: ServiceNetMap} + TimeZone: {get_param: TimeZone} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index db2a970b..3044d975 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -34,6 +34,10 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on Ceph nodes. + type: string UpdateIdentifier: default: '' type: string @@ -59,6 +63,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -89,6 +100,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -190,6 +202,7 @@ resources: server: {get_resource: CephStorage} input_values: ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} @@ -221,6 +234,7 @@ resources: raw_data: {get_file: hieradata/ceph.yaml} mapped_data: ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 07adfe03..82aa3a03 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -17,7 +17,6 @@ parameters: description: The size of the loopback file used by the cinder LVM driver. type: number CinderPassword: - default: unset description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true @@ -70,7 +69,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -101,6 +99,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on Cinder nodes. + type: string GlanceApiVirtualIP: type: string default: '' @@ -112,6 +114,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -143,6 +152,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -250,6 +260,7 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -292,6 +303,7 @@ resources: cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} cinder::glance::glance_api_servers: {get_input: glance_api_servers} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index be61f761..f4165756 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -5,7 +5,6 @@ description: > parameters: AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true @@ -16,12 +15,10 @@ parameters: constraints: - allowed_values: ['', Present] CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service account. type: string hidden: true @@ -103,14 +100,13 @@ parameters: description: The tenant network type for Neutron. default: 'vxlan' NeutronNetworkVLANRanges: - default: 'datacentre' + default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service account, used by neutron agents. type: string hidden: true @@ -146,7 +142,6 @@ parameters: default: 'False' type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -157,7 +152,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -172,6 +167,11 @@ parameters: description: | The mechanism drivers for the Neutron tenant network. type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. + type: comma_delimited_list # Not relevant for Computes, should be removed NeutronAllowL3AgentFailover: default: 'True' @@ -200,7 +200,7 @@ parameters: type: json NovaComputeLibvirtType: type: string - default: '' + default: kvm NovaComputeLibvirtVifDriver: default: '' description: Libvirt VIF driver configuration for the network @@ -210,7 +210,6 @@ parameters: description: Whether to enable or not the Rbd backend for Nova type: boolean NovaPassword: - default: unset description: The password for the nova service account, used by nova-api. type: string hidden: true @@ -256,7 +255,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -274,6 +272,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on compute nodes. + type: string UpdateIdentifier: default: '' type: string @@ -288,6 +290,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -321,6 +330,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -425,6 +435,7 @@ resources: - common - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - nova_nuage_data # Optionally provided by ComputeExtraConfigPre + - midonet_data # Optionally provided by AllNodesExtraConfig datafiles: compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} @@ -477,6 +488,7 @@ resources: neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges} @@ -499,6 +511,7 @@ resources: keystone_public_api_virtual_ip: {get_input: keystone_vip} admin_password: {get_input: admin_password} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -590,6 +603,11 @@ resources: template: MECHANISMS params: MECHANISMS: {get_param: NeutronMechanismDrivers} + neutron_agent_extensions: + str_replace: + template: AGENT_EXTENSIONS + params: + AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]} neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]} @@ -600,6 +618,7 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 74b92277..c18dc92c 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -10,12 +10,10 @@ parameters: type: string hidden: true AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true AdminToken: - default: unset description: The keystone auth secret and db password. type: string hidden: true @@ -27,12 +25,10 @@ parameters: description: The ceilometer backend type. type: string CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service and db account. type: string hidden: true @@ -43,6 +39,11 @@ parameters: default: 0 description: Number of workers for Ceilometer service. type: number + CinderEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Cinder database. + type: boolean CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -76,7 +77,6 @@ parameters: CinderEnableNfsBackend is true. type: comma_delimited_list CinderPassword: - default: unset description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true @@ -90,7 +90,7 @@ parameters: description: Number of workers for Cinder service. type: number CloudName: - default: '' + default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string ControllerExtraConfig: @@ -187,7 +187,6 @@ parameters: type: string default: '' GlancePassword: - default: unset description: The password for the glance service and db account, used by the glance services. type: string hidden: true @@ -231,14 +230,12 @@ parameters: description: Number of workers for Glance service. type: number HeatPassword: - default: unset description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_domain_admin user. type: string - default: '' hidden: true HeatAuthEncryptionKey: description: Auth encryption key for heat-engine @@ -396,7 +393,6 @@ parameters: description: Whether to configure Neutron Distributed Virtual Routers type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -407,7 +403,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -451,14 +447,13 @@ parameters: description: The tenant network type for Neutron. type: comma_delimited_list NeutronNetworkVLANRanges: - default: 'datacentre' + default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true @@ -505,6 +500,16 @@ parameters: of VXLAN VNI IDs that are available for tenant network allocation default: ["1:1000", ] type: comma_delimited_list + NeutronPluginExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron plugin. + type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. + type: comma_delimited_list NovaApiVirtualIP: type: string default: '' @@ -512,8 +517,12 @@ parameters: default: 0 description: Number of workers for Neutron service. type: number + NovaEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Nova database. + type: boolean NovaPassword: - default: unset description: The password for the nova service and db account, used by nova-api. type: string hidden: true @@ -577,12 +586,10 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true SwiftHashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true @@ -600,7 +607,6 @@ parameters: description: Partition Power to use when building Swift rings type: number SwiftPassword: - default: unset description: The password for the swift service account, used by the swift proxy services. hidden: true @@ -616,6 +622,10 @@ parameters: default: 0 description: Number of workers for Swift service. type: number + TimeZone: + default: 'UTC' + description: The timezone to be set on controller nodes. + type: string VirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug @@ -671,6 +681,13 @@ parameters: NodeIndex: type: number default: 0 + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -702,6 +719,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -869,6 +887,7 @@ resources: admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} debug: {get_param: Debug} + cinder_enable_db_purge: {get_param: CinderEnableDBPurge} cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} cinder_nfs_mount_options: {get_param: CinderNfsMountOptions} @@ -1018,6 +1037,16 @@ resources: template: TYPES params: TYPES: {get_param: NeutronTunnelTypes} + neutron_plugin_extensions: + str_replace: + template: PLUGIN_EXTENSIONS + params: + PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions} + neutron_agent_extensions: + str_replace: + template: AGENT_EXTENSIONS + params: + AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_password: {get_param: NeutronPassword} neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions} neutron_dsn: @@ -1052,6 +1081,7 @@ resources: - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_password: {get_param: NovaPassword} nova_dsn: list_join: @@ -1079,6 +1109,7 @@ resources: params: LIMIT: {get_param: RabbitFDLimit} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} @@ -1141,11 +1172,14 @@ resources: - vip_data # provided by vip-config - '"%{::osfamily}"' - common + - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre + - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre + - midonet_data #Optionally provided by AllNodesExtraConfig datafiles: controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} @@ -1192,6 +1226,7 @@ resources: tripleo::ringbuilder::build_ring: True # Cinder + cinder_enable_db_purge: {get_input: cinder_enable_db_purge} cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options} @@ -1340,6 +1375,7 @@ resources: neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent} neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers} + neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions} neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network} @@ -1353,6 +1389,7 @@ resources: neutron_public_interface_tag: {get_input: neutron_public_interface_tag} neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} neutron::server::auth_password: {get_input: neutron_password} neutron::agents::metadata::auth_password: {get_input: neutron_password} neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options} @@ -1412,6 +1449,7 @@ resources: nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova::db::mysql::password: {get_input: nova_password} + nova_enable_db_purge: {get_input: nova_enable_db_purge} # Horizon apache::ip: {get_input: horizon_network} @@ -1437,17 +1475,13 @@ resources: memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} control_virtual_interface: {get_input: control_virtual_interface} public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} - # NOTE(jaosorior): The service certificate configuration for - # HAProxy was left commented because to properly use this, we - # need to be able to set up the keystone endpoints. And - # currently that is not possible, but is being addressed by - # other commits. A subsequent commit will uncomment this. - #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml new file mode 100644 index 00000000..26ce7138 --- /dev/null +++ b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml @@ -0,0 +1,119 @@ +heat_template_version: 2015-10-15 + +description: Configure hieradata for all MidoNet nodes + +parameters: + # Parameters passed from the parent template + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + + EnableZookeeperOnController: + label: Enable Zookeeper On Controller + description: 'Whether enable Zookeeper cluster on Controller' + type: boolean + default: false + EnableCassandraOnController: + label: Enable Cassandra On Controller + description: 'Whether enable Cassandra cluster on Controller' + type: boolean + default: false + CassandraStoragePort: + label: Cassandra Storage Port + description: 'The Cassandra port for inter-node communication' + type: string + default: '7000' + CassandraSslStoragePort: + label: Cassandra SSL Storage Port + description: 'The SSL port for encrypted communication. Unused unless enabled in encryption_options' + type: string + default: '7001' + CassandraClientPort: + label: Cassandra Client Port + description: 'Native Transport Port' + type: string + default: '9042' + CassandraClientPortThrift: + label: Cassandra Client Thrift Port + description: 'The port for the Thrift RPC service, which is used for client connections' + type: string + default: '9160' + TunnelZoneName: + label: Name of the Tunnelzone + description: 'Name of the tunnel zone used to tunnel packages' + type: string + default: 'tunnelzone_tripleo' + TunnelZoneType: + label: Type of the Tunnel + description: 'Type of the tunnels on the overlay. Choose between `gre` and `vxlan`' + type: string + default: 'vxlan' + +resources: + + NetworkMidoNetConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + midonet_data: + mapped_data: + enable_zookeeper_on_controller: {get_param: EnableZookeeperOnController} + enable_cassandra_on_controller: {get_param: EnableCassandraOnController} + midonet_tunnelzone_name: {get_param: TunnelZoneName} + midonet_tunnelzone_type: {get_param: TunnelZoneType} + midonet_libvirt_qemu_data: | + user = "root" + group = "root" + cgroup_device_acl = [ + "/dev/null", "/dev/full", "/dev/zero", + "/dev/random", "/dev/urandom", + "/dev/ptmx", "/dev/kvm", "/dev/kqemu", + "/dev/rtc","/dev/hpet", "/dev/vfio/vfio", + "/dev/net/tun" + ] + tripleo::cluster::cassandra::storage_port: {get_param: CassandraStoragePort} + tripleo::cluster::cassandra::ssl_storage_port: {get_param: CassandraSslStoragePort} + tripleo::cluster::cassandra::client_port: {get_param: CassandraClientPort} + tripleo::cluster::cassandra::client_port_thrift: {get_param: CassandraClientPortThrift} + tripleo::loadbalancer::midonet_api: true + # Missed Neutron Puppet data + neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.MidonetInterfaceDriver' + neutron::agents::dhcp::dhcp_driver: 'midonet.neutron.agent.midonet_driver.DhcpNoOpDriver' + neutron::plugins::midonet::midonet_api_port: 8081 + neutron::params::midonet_server_package: 'python-networking-midonet' + + # Make sure the l3 agent does not run + l3_agent_service: false + neutron::agents::l3::manage_service: false + neutron::agents::l3::enabled: false + + + NetworkMidonetDeploymentControllers: + type: OS::Heat::StructuredDeploymentGroup + properties: + config: {get_resource: NetworkMidoNetConfig} + servers: {get_param: controller_servers} + + NetworkMidonetDeploymentComputes: + type: OS::Heat::StructuredDeploymentGroup + properties: + config: {get_resource: NetworkMidoNetConfig} + servers: {get_param: compute_servers} + +outputs: + config_identifier: + value: + list_join: + - ' ' + - - {get_attr: [NetworkMidonetDeploymentControllers, deploy_stdouts]} + - {get_attr: [NetworkMidonetDeploymentComputes, deploy_stdouts]} diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml new file mode 100644 index 00000000..905f196d --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml @@ -0,0 +1,87 @@ +heat_template_version: 2015-11-12 + +description: Configure hieradata for Cinder Dell Storage Center configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + CinderEnableDellScBackend: + type: boolean + default: true + CinderDellScBackendName: + type: string + default: 'tripleo_dellsc' + CinderDellScSanIp: + type: string + CinderDellScSanLogin: + type: string + default: 'Admin' + CinderDellScSanPassword: + type: string + hidden: true + CinderDellScSsn: + type: string + default: '64702' + CinderDellScIscsiIpAddress: + type: string + default: '' + CinderDellScIscsiPort: + type: string + default: '3260' + CinderDellScApiPort: + type: string + default: '3033' + CinderDellScServerFolder: + type: string + default: 'dellsc_server' + CinderDellScVolumeFolder: + type: string + default: 'dellsc_volume' + +resources: + CinderDellScConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + cinder_dellsc_data: + mapped_data: + cinder_enable_dellsc_backend: {get_input: EnableDellScBackend} + cinder::backend::dellsc_iscsi::volume_backend_name: {get_input: DellScBackendName} + cinder::backend::dellsc_iscsi::san_ip: {get_input: DellScSanIp} + cinder::backend::dellsc_iscsi::san_login: {get_input: DellScSanLogin} + cinder::backend::dellsc_iscsi::san_password: {get_input: DellScSanPassword} + cinder::backend::dellsc_iscsi::dell_sc_ssn: {get_input: DellScSsn} + cinder::backend::dellsc_iscsi::iscsi_ip_address: {get_input: DellScIscsiIpAddress} + cinder::backend::dellsc_iscsi::iscsi_port: {get_input: DellScIscsiPort} + cinder::backend::dellsc_iscsi::dell_sc_api_port: {get_input: DellScApiPort} + cinder::backend::dellsc_iscsi::dell_sc_server_folder: {get_input: DellScServerFolder} + cinder::backend::dellsc_iscsi::dell_sc_volume_folder: {get_input: DellScVolumeFolder} + + CinderDellScDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: CinderDellScConfig} + server: {get_param: server} + input_values: + EnableDellScBackend: {get_param: CinderEnableDellScBackend} + DellScBackendName: {get_param: CinderDellScBackendName} + DellScSanIp: {get_param: CinderDellScSanIp} + DellScSanLogin: {get_param: CinderDellScSanLogin} + DellScSanPassword: {get_param: CinderDellScSanPassword} + DellScSsn: {get_param: CinderDellScSsn} + DellScIscsiIpAddress: {get_param: CinderDellScIscsiIpAddress} + DellScIscsiPort: {get_param: CinderDellScIscsiPort} + DellScApiPort: {get_param: CinderDellScApiPort} + DellScServerFolder: {get_param: CinderDellScServerFolder} + DellScVolumeFolder: {get_param: CinderDellScVolumeFolder} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [CinderDellScDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml new file mode 100644 index 00000000..c73608f1 --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml @@ -0,0 +1,86 @@ +heat_template_version: 2015-11-06 + +description: Configure hieradata for Cinder Eqlx configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + CinderEnableEqlxBackend: + type: boolean + default: true + CinderEqlxBackendName: + type: string + default: 'tripleo_eqlx' + CinderEqlxSanIp: + type: string + CinderEqlxSanLogin: + type: string + CinderEqlxSanPassword: + type: string + hidden: true + CinderEqlxSanThinProvision: + type: boolean + default: true + CinderEqlxGroupname: + type: string + default: 'group-0' + CinderEqlxPool: + type: string + default: 'default' + CinderEqlxChapLogin: + type: string + default: '' + CinderEqlxChapPassword: + type: string + default: '' + CinderEqlxUseChap: + type: boolean + default: false + +resources: + CinderEqlxConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + cinder_eqlx_data: + mapped_data: + cinder_enable_eqlx_backend: {get_input: EnableEqlxBackend} + cinder::backend::eqlx::volume_backend_name: {get_input: EqlxBackendName} + cinder::backend::eqlx::san_ip: {get_input: EqlxSanIp} + cinder::backend::eqlx::san_login: {get_input: EqlxSanLogin} + cinder::backend::eqlx::san_password: {get_input: EqlxSanPassword} + cinder::backend::eqlx::san_thin_provision: {get_input: EqlxSanThinProvision} + cinder::backend::eqlx::eqlx_group_name: {get_input: EqlxGroupname} + cinder::backend::eqlx::eqlx_pool: {get_input: EqlxPool} + cinder::backend::eqlx::eqlx_use_chap: {get_input: EqlxUseChap} + cinder::backend::eqlx::eqlx_chap_login: {get_input: EqlxChapLogin} + cinder::backend::eqlx::eqlx_chap_password: {get_input: EqlxChapPassword} + + CinderEqlxDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: CinderEqlxConfig} + server: {get_param: server} + input_values: + EnableEqlxBackend: {get_param: CinderEnableEqlxBackend} + EqlxBackendName: {get_param: CinderEqlxBackendName} + EqlxSanIp: {get_param: CinderEqlxSanIp} + EqlxSanLogin: {get_param: CinderEqlxSanLogin} + EqlxSanPassword: {get_param: CinderEqlxSanPassword} + EqlxSanThinProvision: {get_param: CinderEqlxSanThinProvision} + EqlxGroupname: {get_param: CinderEqlxGroupname} + EqlxPool: {get_param: CinderEqlxPool} + EqlxUseChap: {get_param: CinderEqlxUseChap} + EqlxChapLogin: {get_param: CinderEqlxChapLogin} + EqlxChapPassword: {get_param: CinderEqlxChapPassword} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [CinderEqlxDeployment, deploy_stdout]} diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index b0e6ae96..1e7f9a6a 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -77,12 +77,15 @@ nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' nova::api::osapi_v3: true nova::scheduler::filter::ram_allocation_ratio: '1.0' +nova::cron::archive_deleted_rows::hour: '*/12' +nova::cron::archive_deleted_rows::destination: '/dev/null' # ceilometer ceilometer::agent::auth::auth_endpoint_type: 'internalURL' # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler +cinder::cron::db_purge::destination: '/dev/null' # heat heat::engine::configure_delegated_roles: false diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 7f8970cc..7444155c 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -22,6 +22,8 @@ if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + if str2bool(hiera('ceph_osd_selinux_permissive', true)) { exec { 'set selinux to permissive on boot': command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index e0566ac1..bb3575cf 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -22,6 +22,8 @@ if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + file { ['/etc/libvirt/qemu/networks/autostart/default.xml', '/etc/libvirt/qemu/networks/default.xml']: ensure => absent, @@ -68,11 +70,19 @@ if hiera('cinder_enable_nfs_backend', false) { } include ::nova::compute::libvirt +if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + file {'/etc/libvirt/qemu.conf': + ensure => present, + content => hiera('midonet_libvirt_qemu_data') + } +} include ::nova::network::neutron include ::neutron # If the value of core plugin is set to 'nuage', # include nuage agent, +# If the value of core plugin is set to 'midonet', +# include midonet agent, # else use the default value of 'ml2' if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::nuage::vrs @@ -84,7 +94,20 @@ if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { nova_metadata_ip => hiera('nova_metadata_node_ips'), nova_auth_ip => hiera('keystone_public_api_virtual_ip'), } -} else { +} +elsif hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + + # TODO(devvesa) provide non-controller ips for these services + $zookeeper_node_ips = hiera('neutron_api_node_ips') + $cassandra_node_ips = hiera('neutron_api_node_ips') + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $zookeeper_node_ips, + cassandra_seeds => $cassandra_node_ips + } +} +else { + include ::neutron::plugins::ml2 include ::neutron::agents::ml2::ovs diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 7d3012e5..96fdb4f6 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -39,6 +39,8 @@ if hiera('step') >= 2 { include ::ntp } + include ::timezone + # MongoDB if downcase(hiera('ceilometer_backend')) == 'mongodb' { include ::mongodb::globals @@ -128,7 +130,7 @@ if hiera('step') >= 2 { # pre-install swift here so we can build rings include ::swift - $enable_ceph = hiera('ceph_storage_count', 0) > 0 + $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) if $enable_ceph { class { '::ceph::profile::params': @@ -230,13 +232,61 @@ if hiera('step') >= 3 { include ::nova::scheduler include ::nova::scheduler::filter - include ::neutron + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + + # TODO(devvesa) provide non-controller ips for these services + $zookeeper_node_ips = hiera('neutron_api_node_ips') + $cassandra_node_ips = hiera('neutron_api_node_ips') + + # Run zookeeper in the controller if configured + if hiera('enable_zookeeper_on_controller') { + class {'::tripleo::cluster::zookeeper': + zookeeper_server_ips => $zookeeper_node_ips, + zookeeper_client_ip => $ipaddress, + zookeeper_hostnames => hiera('controller_node_names') + } + } + + # Run cassandra in the controller if configured + if hiera('enable_cassandra_on_controller') { + class {'::tripleo::cluster::cassandra': + cassandra_servers => $cassandra_node_ips, + cassandra_ip => $ipaddress + } + } + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $zookeeper_node_ips, + cassandra_seeds => $cassandra_node_ips + } + + class {'::tripleo::network::midonet::api': + zookeeper_servers => $zookeeper_node_ips, + vip => $ipaddress, + keystone_ip => $ipaddress, + keystone_admin_token => hiera('keystone::admin_token'), + bind_address => $ipaddress, + admin_password => hiera('admin_password') + } + + # TODO: find a way to get an empty list from hiera + class {'::neutron': + service_plugins => [] + } + + } + else { + + # ML2 plugin + include ::neutron + } + include ::neutron::server include ::neutron::server::notifications # If the value of core plugin is set to 'nuage', - # include nuage core plugin, - # else use the default value of 'ml2' + # include nuage core plugin, and it does not + # need the l3, dhcp and metadata agents if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage } else { @@ -252,45 +302,57 @@ if hiera('step') >= 3 { require => Package['neutron'], } - include ::neutron::plugins::ml2 - include ::neutron::agents::ml2::ovs + # If the value of core plugin is set to 'midonet', + # skip all the ML2 configuration + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { - if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { - include ::neutron::plugins::ml2::cisco::nexus1000v - - class { '::neutron::agents::n1kv_vem': - n1kv_source => hiera('n1kv_vem_source', undef), - n1kv_version => hiera('n1kv_vem_version', undef), + class {'::neutron::plugins::midonet': + midonet_api_ip => $ipaddress, + keystone_tenant => hiera('neutron::server::auth_tenant'), + keystone_password => hiera('neutron::server::auth_password') } + } else { + + include ::neutron::plugins::ml2 + include ::neutron::agents::ml2::ovs + + if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::nexus1000v - class { '::n1k_vsm': - n1kv_source => hiera('n1kv_vsm_source', undef), - n1kv_version => hiera('n1kv_vsm_version', undef), - pacemaker_control => false, + class { '::neutron::agents::n1kv_vem': + n1kv_source => hiera('n1kv_vem_source', undef), + n1kv_version => hiera('n1kv_vem_version', undef), + } + + class { '::n1k_vsm': + n1kv_source => hiera('n1kv_vsm_source', undef), + n1kv_version => hiera('n1kv_vsm_version', undef), + pacemaker_control => false, + } } - } - if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') { - include ::neutron::plugins::ml2::cisco::ucsm - } - if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') { - include ::neutron::plugins::ml2::cisco::nexus - include ::neutron::plugins::ml2::cisco::type_nexus_vxlan - } + if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::ucsm + } + if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::nexus + include ::neutron::plugins::ml2::cisco::type_nexus_vxlan + } - if hiera('neutron_enable_bigswitch_ml2', false) { - include ::neutron::plugins::ml2::bigswitch::restproxy - } - neutron_l3_agent_config { - 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); - } - neutron_dhcp_agent_config { - 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); + if hiera('neutron_enable_bigswitch_ml2', false) { + include ::neutron::plugins::ml2::bigswitch::restproxy + } + neutron_l3_agent_config { + 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); + } + neutron_dhcp_agent_config { + 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); + } + Service['neutron-server'] -> Service['neutron-ovs-agent-service'] } Service['neutron-server'] -> Service['neutron-dhcp-service'] Service['neutron-server'] -> Service['neutron-l3'] - Service['neutron-server'] -> Service['neutron-ovs-agent-service'] Service['neutron-server'] -> Service['neutron-metadata'] } @@ -339,6 +401,48 @@ if hiera('step') >= 3 { } } + if hiera('cinder_enable_eqlx_backend', false) { + $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name') + + cinder_config { + "${cinder_eqlx_backend}/host": value => 'hostgroup'; + } + + cinder::backend::eqlx { $cinder_eqlx_backend : + volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef), + san_ip => hiera('cinder::backend::eqlx::san_ip', undef), + san_login => hiera('cinder::backend::eqlx::san_login', undef), + san_password => hiera('cinder::backend::eqlx::san_password', undef), + san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), + eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_lpool', undef), + eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), + eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), + eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), + } + } + + if hiera('cinder_enable_dellsc_backend', false) { + $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name') + + cinder_config { + "${cinder_dellsc_backend}/host": value => 'hostgroup'; + } + + cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend : + volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef), + san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), + san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef), + san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef), + dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), + iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), + iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), + dell_sc_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_port', undef), + dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), + dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), + } + } + if hiera('cinder_enable_netapp_backend', false) { $cinder_netapp_backend = hiera('cinder::backend::netapp::title') @@ -392,7 +496,7 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend]) + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -488,7 +592,16 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $nova_enable_db_purge = hiera('nova_enable_db_purge', true) + $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) + include ::keystone::cron::token_flush + if $nova_enable_db_purge { + include ::nova::cron::archive_deleted_rows + } + if $cinder_enable_db_purge { + include ::cinder::cron::db_purge + } } #END STEP 4 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index ad356e33..73fc6faa 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -41,6 +41,8 @@ if hiera('step') >= 1 { create_resources(sysctl::value, hiera('sysctl_settings'), {}) + include ::timezone + if count(hiera('ntp::servers')) > 0 { include ::ntp } @@ -78,11 +80,11 @@ if hiera('step') >= 1 { Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } - # FIXME(gfidente): sets 100secs as default start timeout op + # FIXME(gfidente): sets 200secs as default start timeout op # param; until we can use pcmk global defaults we'll still # need to add it to every resource which redefines op params Pacemaker::Resource::Service { - op_params => 'start timeout=100s stop timeout=100s', + op_params => 'start timeout=200s stop timeout=200s', } # Only configure RabbitMQ in this step, don't start it yet to @@ -352,7 +354,7 @@ if hiera('step') >= 2 { if downcase(hiera('ceilometer_backend')) == 'mongodb' { pacemaker::resource::service { $::mongodb::params::service_name : - op_params => 'start timeout=120s stop timeout=100s', + op_params => 'start timeout=370s stop timeout=200s', clone_params => true, require => Class['::mongodb::server'], } @@ -449,7 +451,7 @@ MYSQL_HOST=localhost\n", include ::swift # Ceph - $enable_ceph = hiera('ceph_storage_count', 0) > 0 + $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) if $enable_ceph { class { '::ceph::profile::params': @@ -592,8 +594,54 @@ if hiera('step') >= 3 { } include ::nova::network::neutron - # Neutron class definitions - include ::neutron + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + + # TODO(devvesa) provide non-controller ips for these services + $zookeeper_node_ips = hiera('neutron_api_node_ips') + $cassandra_node_ips = hiera('neutron_api_node_ips') + + # Run zookeeper in the controller if configured + if hiera('enable_zookeeper_on_controller') { + class {'::tripleo::cluster::zookeeper': + zookeeper_server_ips => $zookeeper_node_ips, + zookeeper_client_ip => $ipaddress, + zookeeper_hostnames => hiera('controller_node_names') + } + } + + # Run cassandra in the controller if configured + if hiera('enable_cassandra_on_controller') { + class {'::tripleo::cluster::cassandra': + cassandra_servers => $cassandra_node_ips, + cassandra_ip => $ipaddress + } + } + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $zookeeper_node_ips, + cassandra_seeds => $cassandra_node_ips + } + + class {'::tripleo::network::midonet::api': + zookeeper_servers => hiera('neutron_api_node_ips'), + vip => $public_vip, + keystone_ip => $public_vip, + keystone_admin_token => hiera('keystone::admin_token'), + bind_address => $ipaddress, + admin_password => hiera('admin_password') + } + + # Configure Neutron + class {'::neutron': + service_plugins => [] + } + + } + else { + # Neutron class definitions + include ::neutron + } + class { '::neutron::server' : sync_db => $sync_db, manage_service => false, @@ -603,6 +651,13 @@ if hiera('step') >= 3 { if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage } + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + class {'::neutron::plugins::midonet': + midonet_api_ip => $public_vip, + keystone_tenant => hiera('neutron::server::auth_tenant'), + keystone_password => hiera('neutron::server::auth_password') + } + } if hiera('neutron::enable_dhcp_agent',true) { class { '::neutron::agents::dhcp' : manage_service => false, @@ -720,6 +775,48 @@ if hiera('step') >= 3 { } } + if hiera('cinder_enable_eqlx_backend', false) { + $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name') + + cinder_config { + "${cinder_eqlx_backend}/host": value => 'hostgroup'; + } + + cinder::backend::eqlx { $cinder_eqlx_backend : + volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef), + san_ip => hiera('cinder::backend::eqlx::san_ip', undef), + san_login => hiera('cinder::backend::eqlx::san_login', undef), + san_password => hiera('cinder::backend::eqlx::san_password', undef), + san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), + eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_lpool', undef), + eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), + eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), + eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), + } + } + + if hiera('cinder_enable_dellsc_backend', false) { + $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name') + + cinder_config { + "${cinder_dellsc_backend}/host": value => 'hostgroup'; + } + + cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend : + volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef), + san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), + san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef), + san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef), + dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), + iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), + iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), + dell_sc_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_port', undef), + dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), + dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), + } + } + if hiera('cinder_enable_netapp_backend', false) { $cinder_netapp_backend = hiera('cinder::backend::netapp::title') @@ -773,7 +870,7 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend]) + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -915,7 +1012,16 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $nova_enable_db_purge = hiera('nova_enable_db_purge', true) + $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) + include ::keystone::cron::token_flush + if $nova_enable_db_purge { + include ::nova::cron::archive_deleted_rows + } + if $cinder_enable_db_purge { + include ::cinder::cron::db_purge + } if $pacemaker_master { @@ -1095,6 +1201,11 @@ if hiera('step') >= 4 { clone_params => 'interleave=true', } } + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + pacemaker::resource::service {'tomcat': + clone_params => 'interleave=true', + } + } if hiera('neutron::enable_metadata_agent', true) { pacemaker::resource::service { $::neutron::params::metadata_agent_service: clone_params => 'interleave=true', @@ -1145,7 +1256,6 @@ if hiera('step') >= 4 { } } - #another chain keystone-->neutron-server-->ovs-agent-->dhcp-->l3 pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': constraint_type => 'order', first_resource => "${::keystone::params::service_name}-clone", @@ -1221,28 +1331,65 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]] } } + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat + pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::dhcp_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], + } + pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::dhcp_agent_service}-clone", + second_resource => "${::neutron::params::metadata_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], + } + pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::metadata_agent_service}-clone", + second_resource => 'tomcat-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service], + Pacemaker::Resource::Service['tomcat']], + } + pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation': + source => "${::neutron::params::metadata_agent_service}-clone", + target => "${::neutron::params::dhcp_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], + } + } # Nova pacemaker::resource::service { $::nova::params::api_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', + op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::conductor_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', + op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::consoleauth_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', + op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::nova::params::vncproxy_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', + op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::scheduler_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=100s stop timeout=100s monitor start-delay=10s', + op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 1eabddf1..63ac396e 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -22,6 +22,8 @@ if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + include ::swift class { '::swift::storage::all': mount_check => str2bool(hiera('swift_mount_check')), diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 2bdd8a9c..5a69725a 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -22,6 +22,8 @@ if count(hiera('ntp::servers')) > 0 { include ::ntp } +include ::timezone + include ::cinder include ::cinder::config include ::cinder::glance diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index af390b27..10c87493 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -7,7 +7,6 @@ parameters: constraints: - custom_constraint: nova.flavor HashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true @@ -40,7 +39,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -63,6 +61,10 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on Ceph nodes. + type: string Hostname: type: string default: '' # Defaults to Heat created hostname @@ -82,6 +84,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -112,6 +121,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -228,6 +238,7 @@ resources: swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} # NOTE(dprince): build_ring support is currently not wired in. # See: https://review.openstack.org/#/c/109225/ tripleo::ringbuilder::build_ring: True @@ -253,6 +264,7 @@ resources: swift_part_power: {get_param: PartPower} swift_replicas: { get_param: Replicas} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} |