diff options
-rw-r--r-- | README.rst | 2 | ||||
-rw-r--r-- | ci/environments/scenario001-multinode.yaml | 2 | ||||
-rw-r--r-- | ci/scripts/freeipa_setup.sh | 19 | ||||
-rw-r--r-- | environments/enable_congress.yaml | 2 | ||||
-rw-r--r-- | environments/tls-endpoints-public-dns.yaml | 3 | ||||
-rw-r--r-- | environments/tls-endpoints-public-ip.yaml | 3 | ||||
-rw-r--r-- | environments/tls-everywhere-endpoints-dns.yaml | 3 | ||||
-rw-r--r-- | network/endpoints/endpoint_data.yaml | 9 | ||||
-rw-r--r-- | network/endpoints/endpoint_map.yaml | 246 | ||||
-rw-r--r-- | network/service_net_map.j2.yaml | 1 | ||||
-rw-r--r-- | overcloud-resource-registry-puppet.j2.yaml | 1 | ||||
-rw-r--r-- | puppet/services/congress.yaml | 90 | ||||
-rw-r--r-- | puppet/services/neutron-api.yaml | 3 | ||||
-rw-r--r-- | puppet/services/nova-base.yaml | 1 | ||||
-rw-r--r-- | roles_data.yaml | 1 |
15 files changed, 376 insertions, 10 deletions
@@ -122,3 +122,5 @@ and should be executed according to the following table: +----------------+-------------+-------------+-------------+-------------+-----------------+ | tacker | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+ +| congress | X | | | | | ++----------------+-------------+-------------+-------------+-------------+-----------------+ diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml index 6ee5bad6..d4cd99c1 100644 --- a/ci/environments/scenario001-multinode.yaml +++ b/ci/environments/scenario001-multinode.yaml @@ -7,6 +7,7 @@ resource_registry: OS::TripleO::Services::PankoApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/panko-api.yaml OS::TripleO::Services::Collectd: /usr/share/openstack-tripleo-heat-templates/puppet/services/metrics/collectd.yaml OS::TripleO::Services::Tacker: /usr/share/openstack-tripleo-heat-templates/puppet/services/tacker.yaml + OS::TripleO::Services::Congress: /usr/share/openstack-tripleo-heat-templates/puppet/services/congress.yaml parameter_defaults: ControllerServices: @@ -64,6 +65,7 @@ parameter_defaults: - OS::TripleO::Services::CinderVolume - OS::TripleO::Services::Collectd - OS::TripleO::Services::Tacker + - OS::TripleO::Services::Congress ControllerExtraConfig: nova::compute::libvirt::services::libvirt_virt_type: qemu nova::compute::libvirt::libvirt_virt_type: qemu diff --git a/ci/scripts/freeipa_setup.sh b/ci/scripts/freeipa_setup.sh index a36493a1..c9a5cba2 100644 --- a/ci/scripts/freeipa_setup.sh +++ b/ci/scripts/freeipa_setup.sh @@ -10,6 +10,9 @@ # - HostsSecret # - ProvisioningCIDR: If set, it adds the given CIDR to the provisioning # interface (which is hardcoded to eth1) +# - UsingNovajoin: If unset, we pre-provision the service principals +# needed for the overcloud deploy. If set, we skip this, +# since novajoin will do it. # set -eux @@ -94,11 +97,13 @@ if [ "$?" = '1' ]; then exit 1 fi -# Create undercloud host -ipa host-add $UndercloudFQDN --password=$HostsSecret --force +if [ -z "$UsingNovajoin" ]; then + # Create undercloud host + ipa host-add $UndercloudFQDN --password=$HostsSecret --force -# Create overcloud nodes and services -git clone https://github.com/JAORMX/freeipa-tripleo-incubator.git -cd freeipa-tripleo-incubator -python create_ipa_tripleo_host_setup.py -w $HostsSecret -d $(hostname -d) \ - --controller-count 1 --compute-count 1 + # Create overcloud nodes and services + git clone https://github.com/JAORMX/freeipa-tripleo-incubator.git + cd freeipa-tripleo-incubator + python create_ipa_tripleo_host_setup.py -w $HostsSecret -d $(hostname -d) \ + --controller-count 1 --compute-count 1 +fi diff --git a/environments/enable_congress.yaml b/environments/enable_congress.yaml new file mode 100644 index 00000000..1eea7f5e --- /dev/null +++ b/environments/enable_congress.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::Congress: ../puppet/services/congress.yaml diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml index 26b2f31a..1b666c5b 100644 --- a/environments/tls-endpoints-public-dns.yaml +++ b/environments/tls-endpoints-public-dns.yaml @@ -17,6 +17,9 @@ parameter_defaults: CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'} + CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'} + CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'} ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml index 3b8774e8..7311a1f9 100644 --- a/environments/tls-endpoints-public-ip.yaml +++ b/environments/tls-endpoints-public-ip.yaml @@ -17,6 +17,9 @@ parameter_defaults: CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} + CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'} + CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'} + CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'} ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml index 1640dcfb..e6608b57 100644 --- a/environments/tls-everywhere-endpoints-dns.yaml +++ b/environments/tls-everywhere-endpoints-dns.yaml @@ -17,6 +17,9 @@ parameter_defaults: CinderAdmin: {protocol: 'https', port: '8776', host: 'CLOUDNAME'} CinderInternal: {protocol: 'https', port: '8776', host: 'CLOUDNAME'} CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'} + CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'} + CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'} ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'} diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index af537b0b..277bd676 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -157,6 +157,15 @@ Cinder: V3: /v3/%(tenant_id)s port: 8776 +Congress: + Internal: + net_param: CongressApi + Public: + net_param: Public + Admin: + net_param: CongressApi + port: 1789 + Glance: Internal: net_param: GlanceApi diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index bd14fc1c..fecac0af 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -34,6 +34,9 @@ parameters: CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS} CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS} CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS} + CongressAdmin: {protocol: http, port: '1789', host: IP_ADDRESS} + CongressInternal: {protocol: http, port: '1789', host: IP_ADDRESS} + CongressPublic: {protocol: http, port: '1789', host: IP_ADDRESS} ContrailAnalyticsApiAdmin: {protocol: http, port: '8081', host: IP_ADDRESS} ContrailAnalyticsApiInternal: {protocol: http, port: '8081', host: IP_ADDRESS} ContrailAnalyticsApiPublic: {protocol: http, port: '8081', host: IP_ADDRESS} @@ -1852,6 +1855,249 @@ outputs: template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderPublic, port] + CongressAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, CongressAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CongressApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CongressAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CongressApiNetwork] + port: + get_param: [EndpointMap, CongressAdmin, port] + protocol: + get_param: [EndpointMap, CongressAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CongressAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CongressAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CongressApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CongressAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CongressAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CongressAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CongressApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CongressAdmin, port] + CongressInternal: + host: + str_replace: + template: + get_param: [EndpointMap, CongressInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CongressApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CongressInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CongressApiNetwork] + port: + get_param: [EndpointMap, CongressInternal, port] + protocol: + get_param: [EndpointMap, CongressInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CongressInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CongressInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CongressApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CongressInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CongressInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CongressInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CongressApiNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CongressApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CongressInternal, port] + CongressPublic: + host: + str_replace: + template: + get_param: [EndpointMap, CongressPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CongressPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] + port: + get_param: [EndpointMap, CongressPublic, port] + protocol: + get_param: [EndpointMap, CongressPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CongressPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CongressPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CongressPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CongressPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CongressPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CongressPublic, port] ContrailAnalyticsApiAdmin: host: str_replace: diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml index d01c89ab..a1042ebb 100644 --- a/network/service_net_map.j2.yaml +++ b/network/service_net_map.j2.yaml @@ -41,6 +41,7 @@ parameters: MongodbNetwork: internal_api CinderApiNetwork: internal_api CinderIscsiNetwork: storage + CongressApiNetwork: internal_api GlanceApiNetwork: storage IronicApiNetwork: ctlplane IronicNetwork: ctlplane diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 1e518595..a6b32ddb 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -129,6 +129,7 @@ resource_registry: OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml OS::TripleO::Services::BlockStorageCinderVolume: puppet/services/cinder-volume.yaml + OS::TripleO::Services::Congress: OS::Heat::None OS::TripleO::Services::Keystone: puppet/services/keystone.yaml OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml OS::TripleO::Services::GlanceRegistry: puppet/services/disabled/glance-registry.yaml diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml new file mode 100644 index 00000000..1b82f55c --- /dev/null +++ b/puppet/services/congress.yaml @@ -0,0 +1,90 @@ +heat_template_version: ocata + +description: > + OpenStack Congress service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + CongressPassword: + description: The password for the congress service account. + type: string + hidden: true + Debug: + type: string + default: '' + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + RabbitPassword: + description: The password for RabbitMQ + type: string + hidden: true + RabbitUserName: + default: guest + description: The username for RabbitMQ + type: string + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number + +outputs: + role_data: + description: Role data for the Congress role. + value: + service_name: congress + config_settings: + congress_password: {get_param: CongressPassword} + congress::db::database_connection: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://congress:' + - {get_param: CongressPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/congress' + - '?bind_address=' + - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}" + congress::keystone::auth::tenant: 'service' + congress::keystone::auth::password: {get_param: CongressPassword} + congress::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + congress::debug: {get_param: Debug} + congress::rpc_backend: rabbit + congress::rabbit_userid: {get_param: RabbitUserName} + congress::rabbit_password: {get_param: RabbitPassword} + congress::rabbit_use_ssl: {get_param: RabbitClientUseSSL} + congress::rabbit_port: {get_param: RabbitClientPort} + congress::server::bind_host: {get_param: [ServiceNetMap, CongressApiNetwork]} + + congress::db::mysql::password: {get_param: CongressPassword} + congress::db::mysql::user: congress + congress::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + congress::db::mysql::dbname: congress + congress::db::mysql::allowed_hosts: + - '%' + - {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + + + step_config: | + include ::tripleo::profile::base::congress diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 65fa0d8f..e89509b2 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -198,6 +198,3 @@ outputs: - name: Stop neutron_api service tags: step2 service: name=neutron-server state=stopped - - name: Sync neutron_api DB - tags: step5 - command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index 49cba79c..d6190be8 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -167,6 +167,7 @@ outputs: nova::purge_config: {get_param: EnableConfigPurge} nova::network::neutron::neutron_project_name: 'service' nova::network::neutron::neutron_username: 'neutron' + nova::network::neutron::neutron_region_name: {get_param: KeystoneRegion} nova::network::neutron::dhcp_domain: '' nova::network::neutron::neutron_password: {get_param: NeutronPassword} nova::network::neutron::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} diff --git a/roles_data.yaml b/roles_data.yaml index 92c5ff19..31b12986 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -38,6 +38,7 @@ - OS::TripleO::Services::CinderBackup - OS::TripleO::Services::CinderScheduler - OS::TripleO::Services::CinderVolume + - OS::TripleO::Services::Congress - OS::TripleO::Services::Kernel - OS::TripleO::Services::Keystone - OS::TripleO::Services::GlanceApi |