diff options
53 files changed, 2505 insertions, 1704 deletions
diff --git a/environments/ceph-radosgw.yaml b/environments/ceph-radosgw.yaml new file mode 100644 index 00000000..a9221a2a --- /dev/null +++ b/environments/ceph-radosgw.yaml @@ -0,0 +1,5 @@ +resource_registry: + OS::TripleO::Services::CephRgw: ../puppet/services/ceph-rgw.yaml + OS::TripleO::Services::SwiftProxy: OS::Heat::None + OS::TripleO::Services::SwiftStorage: OS::Heat::None + OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml index 7c8e850c..0a0996d3 100644 --- a/environments/tls-endpoints-public-dns.yaml +++ b/environments/tls-endpoints-public-dns.yaml @@ -8,6 +8,9 @@ parameter_defaults: CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml index 80595c6c..5a2b8839 100644 --- a/environments/tls-endpoints-public-ip.yaml +++ b/environments/tls-endpoints-public-ip.yaml @@ -8,6 +8,9 @@ parameter_defaults: CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'} + CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} diff --git a/extraconfig/tasks/major_upgrade_ceph_mon.sh b/extraconfig/tasks/major_upgrade_ceph_mon.sh index 38befbbf..b76dd7c3 100755 --- a/extraconfig/tasks/major_upgrade_ceph_mon.sh +++ b/extraconfig/tasks/major_upgrade_ceph_mon.sh @@ -17,6 +17,21 @@ if ! [[ "$INSTALLED_VERSION" =~ ^0\.94.* ]]; then exit 0 fi +CEPH_STATUS=$(ceph health | awk '{print $1}') +if [ ${CEPH_STATUS} = HEALTH_ERR ]; do + echo ERROR: Ceph cluster status is HEALTH_ERR, cannot be upgraded + exit 1 +fi + +# Useful when upgrading with OSDs num < replica size +if [ $ignore_ceph_upgrade_warnings != "true" ]; then + timeout 300 bash -c "while [ ${CEPH_STATUS} != HEALTH_OK ]; do + echo WARNING: Waiting for Ceph cluster status to go HEALTH_OK; + sleep 30; + CEPH_STATUS=$(ceph health | awk '{print $1}') + done" +fi + MON_PID=$(pidof ceph-mon) MON_ID=$(hostname -s) @@ -37,8 +52,6 @@ if [[ "$UPDATED_VERSION" =~ ^0\.94.* ]]; then echo WARNING: Ceph was not upgraded, restarting daemons service ceph start mon.${MON_ID} elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then - echo INFO: Ceph was upgraded to Jewel - # RPM could own some of these but we can't take risks on the pre-existing files for d in /var/lib/ceph/mon /var/log/ceph /var/run/ceph /etc/ceph; do chown -R ceph:ceph $d @@ -54,9 +67,11 @@ elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then # Wait for daemon to be back in the quorum timeout 300 bash -c "until (ceph quorum_status | jq .quorum_names | grep -sq ${MON_ID}); do - echo Waiting for mon.${MON_ID} to re-join quorum; + echo WARNING: Waiting for mon.${MON_ID} to re-join quorum; sleep 10; done" + + echo INFO: Ceph was upgraded to Jewel else echo ERROR: Ceph was upgraded to an unknown release, daemon is stopped, need manual intervention exit 1 diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml index c2e14880..598d22d0 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker.yaml +++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml @@ -26,6 +26,10 @@ parameters: constraints: - allowed_values: ['auto', 'yes', 'no'] default: 'auto' + IgnoreCephUpgradeWarnings: + type: boolean + default: false + description: If enabled, Ceph upgrade will be forced even though cluster or PGs status is not clean resources: # TODO(jistr): for Mitaka->Newton upgrades and further we can use @@ -36,7 +40,16 @@ resources: type: OS::Heat::SoftwareConfig properties: group: script - config: {get_file: major_upgrade_ceph_mon.sh} + config: + list_join: + - '' + - - str_replace: + template: | + #!/bin/bash + ignore_ceph_upgrade_warnings='IGNORE_CEPH_UPGRADE_WARNINGS' + params: + IGNORE_CEPH_UPGRADE_WARNINGS: {get_param: IgnoreCephUpgradeWarnings} + - get_file: major_upgrade_ceph_mon.sh CephMonUpgradeDeployment: type: OS::Heat::SoftwareDeploymentGroup diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index 84b03c7e..fb01925b 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -199,6 +199,21 @@ Swift: S3: port: 8080 +CephRgw: + Internal: + net_param: CephRgw + uri_suffixes: + '': /swift/v1 + Public: + net_param: Public + uri_suffixes: + '': /swift/v1 + Admin: + net_param: CephRgw + uri_suffixes: + '': /swift/v1 + port: 8080 + Sahara: Internal: net_param: SaharaApi diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index dd29bcde..734b6431 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -25,6 +25,9 @@ parameters: CeilometerAdmin: {protocol: http, port: '8777', host: IP_ADDRESS} CeilometerInternal: {protocol: http, port: '8777', host: IP_ADDRESS} CeilometerPublic: {protocol: http, port: '8777', host: IP_ADDRESS} + CephRgwAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} + CephRgwInternal: {protocol: http, port: '8080', host: IP_ADDRESS} + CephRgwPublic: {protocol: http, port: '8080', host: IP_ADDRESS} CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS} CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS} CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS} @@ -563,6 +566,252 @@ outputs: template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerPublic, port] + CephRgwAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, CephRgwAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CephRgwNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CephRgwAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CephRgwNetwork] + port: + get_param: [EndpointMap, CephRgwAdmin, port] + protocol: + get_param: [EndpointMap, CephRgwAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CephRgwAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CephRgwAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CephRgwNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CephRgwAdmin, port] + - /swift/v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CephRgwAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CephRgwAdmin, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CephRgwNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CephRgwAdmin, port] + CephRgwInternal: + host: + str_replace: + template: + get_param: [EndpointMap, CephRgwInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CephRgwNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CephRgwInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CephRgwNetwork] + port: + get_param: [EndpointMap, CephRgwInternal, port] + protocol: + get_param: [EndpointMap, CephRgwInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CephRgwInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CephRgwInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CephRgwNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CephRgwInternal, port] + - /swift/v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CephRgwInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CephRgwInternal, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CephRgwNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CephRgwNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CephRgwInternal, port] + CephRgwPublic: + host: + str_replace: + template: + get_param: [EndpointMap, CephRgwPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CephRgwPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] + port: + get_param: [EndpointMap, CephRgwPublic, port] + protocol: + get_param: [EndpointMap, CephRgwPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CephRgwPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CephRgwPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CephRgwPublic, port] + - /swift/v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CephRgwPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CephRgwPublic, host] + params: + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CephRgwPublic, port] CinderAdmin: host: str_replace: diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml index 4cfff402..6e5c2449 100644 --- a/network/service_net_map.yaml +++ b/network/service_net_map.yaml @@ -30,10 +30,12 @@ parameters: ManilaApiNetwork: internal_api NeutronApiNetwork: internal_api HeatApiNetwork: internal_api + HeatApiCfnNetwork: internal_api + HeatApiCloudwatchNetwork: internal_api NovaApiNetwork: internal_api NovaMetadataNetwork: internal_api NovaVncProxyNetwork: internal_api - SwiftMgmtNetwork: storage_mgmt + SwiftStorageNetwork: storage_mgmt SwiftProxyNetwork: storage SaharaApiNetwork: internal_api HorizonNetwork: internal_api @@ -43,6 +45,7 @@ parameters: MysqlNetwork: internal_api CephClusterNetwork: storage_mgmt CephMonNetwork: storage + CephRgwNetwork: storage ControllerHostnameResolveNetwork: internal_api ComputeHostnameResolveNetwork: internal_api BlockStorageHostnameResolveNetwork: internal_api @@ -61,6 +64,7 @@ parameters: MongoDbNetwork: MongodbNetwork RabbitMqNetwork: RabbitmqNetwork CephPublicNetwork: CephMonNetwork + SwiftMgmtNetwork: SwiftStorageNetwork description: Mapping older deprecated service names, intended for internal use only, this will be removed in future. type: json diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 6126fb05..d5fdaa09 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -10,22 +10,29 @@ resource_registry: OS::TripleO::ObjectStorage::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::CephStorage: puppet/ceph-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::ControllerPostDeployment: puppet/controller-post.yaml # set to controller-config-pacemaker.yaml to enable pacemaker OS::TripleO::ControllerConfig: puppet/controller-config.yaml - OS::TripleO::ComputePostDeployment: puppet/compute-post.yaml - OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml - OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml - OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml - OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml + OS::TripleO::PostDeploySteps: puppet/post.yaml + OS::TripleO::ComputeConfig: puppet/compute-config.yaml + OS::TripleO::BlockStorageConfig: puppet/blockstorage-config.yaml + OS::TripleO::ObjectStorageConfig: puppet/objectstorage-config.yaml + OS::TripleO::CephStorageConfig: puppet/cephstorage-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml OS::TripleO::DefaultPasswords: default_passwords.yaml # Tasks (for internal TripleO usage) OS::TripleO::Tasks::UpdateWorkflow: OS::Heat::None OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml - OS::TripleO::Tasks::ControllerPrePuppet: OS::Heat::None - OS::TripleO::Tasks::ControllerPostPuppet: OS::Heat::None + OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None + OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None + OS::TripleO::Tasks::ComputePreConfig: OS::Heat::None + OS::TripleO::Tasks::ComputePostConfig: OS::Heat::None + OS::TripleO::Tasks::BlockStoragePreConfig: OS::Heat::None + OS::TripleO::Tasks::BlockStoragePostConfig: OS::Heat::None + OS::TripleO::Tasks::ObjectStoragePreConfig: OS::Heat::None + OS::TripleO::Tasks::ObjectStoragePostConfig: OS::Heat::None + OS::TripleO::Tasks::CephStoragePreConfig: OS::Heat::None + OS::TripleO::Tasks::CephStoragePostConfig: OS::Heat::None OS::TripleO::Server: OS::Nova::Server @@ -132,6 +139,7 @@ resource_registry: OS::TripleO::Services::Apache: puppet/services/apache.yaml OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml OS::TripleO::Services::CephMon: OS::Heat::None + OS::TripleO::Services::CephRgw: OS::Heat::None OS::TripleO::Services::CephOSD: OS::Heat::None OS::TripleO::Services::CephClient: OS::Heat::None OS::TripleO::Services::CephExternal: OS::Heat::None @@ -182,7 +190,7 @@ resource_registry: OS::TripleO::Services::NovaApi: puppet/services/nova-api.yaml OS::TripleO::Services::NovaScheduler: puppet/services/nova-scheduler.yaml OS::TripleO::Services::NovaConsoleauth: puppet/services/nova-consoleauth.yaml - OS::TripleO::Services::NovaVncproxy: puppet/services/nova-vncproxy.yaml + OS::TripleO::Services::NovaVncProxy: puppet/services/nova-vnc-proxy.yaml OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml OS::TripleO::Services::NovaLibvirt: puppet/services/nova-libvirt.yaml OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml new file mode 100644 index 00000000..fa160e4d --- /dev/null +++ b/overcloud.j2.yaml @@ -0,0 +1,552 @@ +heat_template_version: 2016-10-14 + +description: > + Deploy an OpenStack environment, consisting of several node types (roles), + Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage + roles enable independent scaling of the storage components, but the minimal + deployment is one Controller and one Compute node. + + +# TODO(shadower): we should probably use the parameter groups to put +# some order in here. +parameters: + + # Common parameters (not specific to a role) + CloudName: + default: overcloud.localdomain + description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org + type: string + CloudNameInternal: + default: overcloud.internalapi.localdomain + description: > + The DNS name of this cloud's internal API endpoint. E.g. + 'ci-overcloud.internalapi.tripleo.org'. + type: string + CloudNameStorage: + default: overcloud.storage.localdomain + description: > + The DNS name of this cloud's storage endpoint. E.g. + 'ci-overcloud.storage.tripleo.org'. + type: string + CloudNameStorageManagement: + default: overcloud.storagemgmt.localdomain + description: > + The DNS name of this cloud's storage management endpoint. E.g. + 'ci-overcloud.storagemgmt.tripleo.org'. + type: string + CloudNameCtlplane: + default: overcloud.ctlplane.localdomain + description: > + The DNS name of this cloud's storage management endpoint. E.g. + 'ci-overcloud.management.tripleo.org'. + type: string + ControlFixedIPs: + default: [] + description: Should be used for arbitrary ips. + type: json + InternalApiVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the InternalApiVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + NeutronControlPlaneID: + default: 'ctlplane' + type: string + description: Neutron ID or name for ctlplane network. + NeutronPublicInterface: + default: nic1 + description: What interface to bridge onto br-ex for network nodes. + type: string + PublicVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the PublicVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + RabbitCookieSalt: + type: string + default: unset + description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. + StorageVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the StorageVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + StorageMgmtVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + RedisVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the virtual IP used by Redis. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + CloudDomain: + default: 'localdomain' + type: string + description: > + The DNS domain used for the hosts. This should match the dhcp_domain + configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json + +# Compute-specific params +# FIXME(shardy) handle these deprecated names as they don't match compute.yaml + HypervisorNeutronPhysicalBridge: + default: 'br-ex' + description: > + An OVS bridge to create on each hypervisor. This defaults to br-ex the + same as the control plane nodes, as we have a uniform configuration of + the openvswitch agent. Typically should not need to be changed. + type: string + HypervisorNeutronPublicInterface: + default: nic1 + description: What interface to add to the HypervisorNeutronPhysicalBridge. + type: string + + # Jinja loop for Role in role_data.yaml +{% for role in roles %} + # Parameters generated for {{role.name}} Role + {{role.name}}Services: + description: A list of service resources (configured in the Heat + resource_registry) which represent nested stacks + for each service that should get installed on the {{role.name}} role. + type: comma_delimited_list + {% if role.ServicesDefault %} + default: {{role.ServicesDefault}} + {% endif %} + + {{role.name}}Count: + description: Number of {{role.name}} nodes to deploy + type: number + {% if role.CountDefault %} + default: {{role.CountDefault}} + {% endif %} + + {{role.name}}HostnameFormat: + type: string + description: > + Format for {{role.name}} node hostnames + Note %index% is translated into the index of the node, e.g 0/1/2 etc + and %stackname% is replaced with the stack name e.g overcloud + {% if role.HostnameFormatDefault %} + default: "{{role.HostnameFormatDefault}}" + {% endif %} + + {{role.name}}RemovalPolicies: + default: [] + type: json + description: > + List of resources to be removed from {{role.name}} ResourceGroup when + doing an update which requires removal of specific resources. + Example format ComputeRemovalPolicies: [{'resource_list': ['0']}] +{% endfor %} + + # Identifiers to trigger tasks on nodes + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + DeployIdentifier: + default: '' + type: string + description: > + Setting this to a unique value will re-run any deployment tasks which + perform configuration on a Heat stack-update. + +resources: + + HeatAuthEncryptionKey: + type: OS::Heat::RandomString + + PcsdPassword: + type: OS::Heat::RandomString + properties: + length: 16 + + HorizonSecret: + type: OS::Heat::RandomString + properties: + length: 10 + + ServiceNetMap: + type: OS::TripleO::ServiceNetMap + + EndpointMap: + type: OS::TripleO::EndpointMap + properties: + CloudEndpoints: + external: {get_param: CloudName} + internal_api: {get_param: CloudNameInternal} + storage: {get_param: CloudNameStorage} + storage_mgmt: {get_param: CloudNameStorageManagement} + ctlplane: {get_param: CloudNameCtlplane} + NetIpMap: {get_attr: [VipMap, net_ip_map]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} + + # Jinja loop for Role in roles_data.yaml +{% for role in roles %} + # Resources generated for {{role.name}} Role + {{role.name}}ServiceChain: + type: OS::TripleO::Services + properties: + Services: + get_param: {{role.name}}Services + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} + + {{role.name}}AllNodesDeployment: + type: OS::Heat::StructuredDeployments + properties: + name: {{role.name}}AllNodesDeployment + config: {get_attr: [allNodesConfig, config_id]} + servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]} + input_values: + bootstrap_nodeid: {get_attr: [{{role.name}}, resource.0.hostname]} + bootstrap_nodeid_ip: {get_attr: [{{role.name}}, resource.0.ip_address]} + + {{role.name}}AllNodesValidationDeployment: + type: OS::Heat::StructuredDeployments + depends_on: {{role.name}}AllNodesDeployment + properties: + name: {{role.name}}AllNodesValidationDeployment + config: {get_resource: AllNodesValidationConfig} + servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]} + + {{role.name}}IpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]} + ExternalIpList: {get_attr: [{{role.name}}, external_ip_address]} + InternalApiIpList: {get_attr: [{{role.name}}, internal_api_ip_address]} + StorageIpList: {get_attr: [{{role.name}}, storage_ip_address]} + StorageMgmtIpList: {get_attr: [{{role.name}}, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [{{role.name}}, tenant_ip_address]} + ManagementIpList: {get_attr: [{{role.name}}, management_ip_address]} + EnabledServices: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + ServiceHostnameList: {get_attr: [{{role.name}}, hostname]} + + {{role.name}}: + type: OS::Heat::ResourceGroup + depends_on: Networks + properties: + count: {get_param: {{role.name}}Count} + removal_policies: {get_param: {{role.name}}RemovalPolicies} + resource_def: + type: OS::TripleO::{{role.name}} + properties: + CloudDomain: {get_param: CloudDomain} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + Hostname: + str_replace: + template: {get_param: {{role.name}}HostnameFormat} + params: + '%stackname%': {get_param: 'OS::stack_name'} + NodeIndex: '%index%' + ServiceConfigSettings: + map_merge: + - get_attr: [{{role.name}}ServiceChain, role_data, config_settings] + {% for r in roles %} + - get_attr: [{{r.name}}ServiceChain, role_data, global_config_settings] + {% endfor %} + ServiceNames: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]} + MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]} +{% endfor %} + + allNodesConfig: + type: OS::TripleO::AllNodes::SoftwareConfig + properties: + cloud_name_external: {get_param: CloudName} + cloud_name_internal_api: {get_param: CloudNameInternal} + cloud_name_storage: {get_param: CloudNameStorage} + cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement} + cloud_name_ctlplane: {get_param: CloudNameCtlplane} + hosts: +{% for role in roles %} + - list_join: + - '\n' + - {get_attr: [{{role.name}}, hosts_entry]} +{% endfor %} + enabled_services: + list_join: + - ',' +{% for role in roles %} + - {get_attr: [{{role.name}}ServiceChain, role_data, service_names]} +{% endfor %} + controller_ips: {get_attr: [Controller, ip_address]} + controller_names: {get_attr: [Controller, hostname]} + service_ips: + # Note (shardy) this somewhat complex yaql may be replaced + # with a map_deep_merge function in ocata. It merges the + # list of maps, but appends to colliding lists when a service + # is deployed on more than one role + yaql: + expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()])) + data: + l: +{% for role in roles %} + - {get_attr: [{{role.name}}IpListMap, service_ips]} +{% endfor %} + service_node_names: + yaql: + expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()])) + data: + l: +{% for role in roles %} + - {get_attr: [{{role.name}}IpListMap, service_hostnames]} +{% endfor %} + # FIXME(shardy): These require further work to move into service_ips + memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} + keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} + keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} + NetVipMap: {get_attr: [VipMap, net_ip_map]} + RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + DeployIdentifier: {get_param: DeployIdentifier} + UpdateIdentifier: {get_param: UpdateIdentifier} + + MysqlRootPassword: + type: OS::Heat::RandomString + properties: + length: 10 + + RabbitCookie: + type: OS::Heat::RandomString + properties: + length: 20 + salt: {get_param: RabbitCookieSalt} + + DefaultPasswords: + type: OS::TripleO::DefaultPasswords + properties: + DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]} + DefaultRabbitCookie: {get_attr: [RabbitCookie, value]} + DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]} + DefaultPcsdPassword: {get_attr: [PcsdPassword, value]} + DefaultHorizonSecret: {get_attr: [HorizonSecret, value]} + + # creates the network architecture + Networks: + type: OS::TripleO::Network + + ControlVirtualIP: + type: OS::Neutron::Port + depends_on: Networks + properties: + name: control_virtual_ip + network: {get_param: NeutronControlPlaneID} + fixed_ips: {get_param: ControlFixedIPs} + replacement_policy: AUTO + + RedisVirtualIP: + depends_on: Networks + type: OS::TripleO::Network::Ports::RedisVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ControlPlaneNetwork: {get_param: NeutronControlPlaneID} + PortName: redis_virtual_ip + NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]} + ServiceName: redis + FixedIPs: {get_param: RedisVirtualFixedIPs} + + # The public VIP is on the External net, falls back to ctlplane + PublicVirtualIP: + depends_on: Networks + type: OS::TripleO::Network::Ports::ExternalVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ControlPlaneNetwork: {get_param: NeutronControlPlaneID} + PortName: public_virtual_ip + FixedIPs: {get_param: PublicVirtualFixedIPs} + + InternalApiVirtualIP: + depends_on: Networks + type: OS::TripleO::Network::Ports::InternalApiVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: internal_api_virtual_ip + FixedIPs: {get_param: InternalApiVirtualFixedIPs} + + StorageVirtualIP: + depends_on: Networks + type: OS::TripleO::Network::Ports::StorageVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: storage_virtual_ip + FixedIPs: {get_param: StorageVirtualFixedIPs} + + StorageMgmtVirtualIP: + depends_on: Networks + type: OS::TripleO::Network::Ports::StorageMgmtVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: storage_management_virtual_ip + FixedIPs: {get_param: StorageMgmtVirtualFixedIPs} + + VipMap: + type: OS::TripleO::Network::Ports::NetVipMap + properties: + ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} + ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]} + InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} + InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]} + StorageIp: {get_attr: [StorageVirtualIP, ip_address]} + StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]} + StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} + StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} + # No tenant or management VIP required + + # All Nodes Validations + AllNodesValidationConfig: + type: OS::TripleO::AllNodes::Validation + properties: + PingTestIps: + list_join: + - ' ' + - - {get_attr: [Controller, resource.0.external_ip_address]} + - {get_attr: [Controller, resource.0.internal_api_ip_address]} + - {get_attr: [Controller, resource.0.storage_ip_address]} + - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} + - {get_attr: [Controller, resource.0.tenant_ip_address]} + - {get_attr: [Controller, resource.0.management_ip_address]} + + UpdateWorkflow: + type: OS::TripleO::Tasks::UpdateWorkflow + properties: + controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} + compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} + blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + input_values: + deploy_identifier: {get_param: DeployIdentifier} + update_identifier: {get_param: UpdateIdentifier} + + # Optional ExtraConfig for all nodes - all roles are passed in here, but + # the nested template may configure each role differently (or not at all) + AllNodesExtraConfig: + type: OS::TripleO::AllNodesExtraConfig + depends_on: + - UpdateWorkflow + - ComputeAllNodesValidationDeployment + - BlockStorageAllNodesValidationDeployment + - ObjectStorageAllNodesValidationDeployment + - CephStorageAllNodesValidationDeployment + - ControllerAllNodesValidationDeployment + properties: + controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} + compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} + blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + + # Post deployment steps for all roles + AllNodesDeploySteps: + type: OS::TripleO::PostDeploySteps + properties: + servers: + Controller: {get_attr: [Controller, attributes, nova_server_resource]} + Compute: {get_attr: [Compute, attributes, nova_server_resource]} + BlockStorage: {get_attr: [BlockStorage, attributes, nova_server_resource]} + ObjectStorage: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + CephStorage: {get_attr: [CephStorage, attributes, nova_server_resource]} + role_data: + Controller: {get_attr: [ControllerServiceChain, role_data]} + Compute: {get_attr: [ComputeServiceChain, role_data]} + BlockStorage: {get_attr: [BlockStorageServiceChain, role_data]} + ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data]} + CephStorage: {get_attr: [CephStorageServiceChain, role_data]} + +outputs: + ManagedEndpoints: + description: Asserts that the keystone endpoints have been provisioned. + value: true + KeystoneURL: + description: URL for the Overcloud Keystone service + value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} + KeystoneAdminVip: + description: Keystone Admin VIP endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} + PublicVip: + description: Controller VIP for public API endpoints + value: {get_attr: [VipMap, net_ip_map, external]} + AodhInternalVip: + description: VIP for Aodh API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} + CeilometerInternalVip: + description: VIP for Ceilometer API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} + CephRgwInternalVip: + description: VIP for Ceph RGW internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephRgwNetwork]}]} + CinderInternalVip: + description: VIP for Cinder API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} + GlanceInternalVip: + description: VIP for Glance API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} + GnocchiInternalVip: + description: VIP for Gnocchi API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} + HeatInternalVip: + description: VIP for Heat API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} + IronicInternalVip: + description: VIP for Ironic API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} + KeystoneInternalVip: + description: VIP for Keystone API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} + ManilaInternalVip: + description: VIP for Manila API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} + NeutronInternalVip: + description: VIP for Neutron API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} + NovaInternalVip: + description: VIP for Nova API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} + OpenDaylightInternalVip: + description: VIP for OpenDaylight API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]} + SaharaInternalVip: + description: VIP for Sahara API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} + SwiftInternalVip: + description: VIP for Swift Proxy internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} + EndpointMap: + description: | + Mapping of the resources with the needed info for their endpoints. + This includes the protocol used, the IP, port and also a full + representation of the URI. + value: {get_attr: [EndpointMap, endpoint_map]} + HostsEntry: + description: | + The content that should be appended to your /etc/hosts if you want to get + hostname-based access to the deployed nodes (useful for testing without + setting up a DNS). + value: {get_attr: [allNodesConfig, hosts_entries]} + EnabledServices: + description: The services enabled on each role + value: + Controller: {get_attr: [ControllerServiceChain, role_data, service_names]} + Compute: {get_attr: [ComputeServiceChain, role_data, service_names]} + BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]} + ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]} diff --git a/overcloud.yaml b/overcloud.yaml deleted file mode 100644 index 2a02fda6..00000000 --- a/overcloud.yaml +++ /dev/null @@ -1,1086 +0,0 @@ -heat_template_version: 2016-10-14 - -description: > - Deploy an OpenStack environment, consisting of several node types (roles), - Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage - roles enable independent scaling of the storage components, but the minimal - deployment is one Controller and one Compute node. - - -# TODO(shadower): we should probably use the parameter groups to put -# some order in here. -parameters: - - # Common parameters (not specific to a role) - CloudName: - default: overcloud.localdomain - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - type: string - CloudNameInternal: - default: overcloud.internalapi.localdomain - description: > - The DNS name of this cloud's internal API endpoint. E.g. - 'ci-overcloud.internalapi.tripleo.org'. - type: string - CloudNameStorage: - default: overcloud.storage.localdomain - description: > - The DNS name of this cloud's storage endpoint. E.g. - 'ci-overcloud.storage.tripleo.org'. - type: string - CloudNameStorageManagement: - default: overcloud.storagemgmt.localdomain - description: > - The DNS name of this cloud's storage management endpoint. E.g. - 'ci-overcloud.storagemgmt.tripleo.org'. - type: string - CloudNameManagement: - default: overcloud.management.localdomain - description: > - The DNS name of this cloud's storage management endpoint. E.g. - 'ci-overcloud.management.tripleo.org'. - type: string - ControlFixedIPs: - default: [] - description: Should be used for arbitrary ips. - type: json - InternalApiVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the InternalApiVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json - NeutronControlPlaneID: - default: 'ctlplane' - type: string - description: Neutron ID or name for ctlplane network. - NeutronPublicInterface: - default: nic1 - description: What interface to bridge onto br-ex for network nodes. - type: string - PublicVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the PublicVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json - RabbitCookieSalt: - type: string - default: unset - description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - StorageVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the StorageVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json - StorageMgmtVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json - RedisVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the virtual IP used by Redis. E.g. - [{'ip_address':'1.2.3.4'}] - type: json - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This should match the dhcp_domain - configured in the Undercloud neutron. Defaults to localdomain. - ServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. - type: json - - # Controller-specific params - ControllerCount: - type: number - default: 1 - controllerExtraConfig: - default: {} - description: | - Deprecated. Use ControllerExtraConfig via parameter_defaults instead. - type: json - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The format required - may be implementation specific, e.g puppet hieradata. Any role specific - ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig. - type: json - -# Compute-specific params - ComputeCount: - type: number - default: 1 - HypervisorNeutronPhysicalBridge: - default: 'br-ex' - description: > - An OVS bridge to create on each hypervisor. This defaults to br-ex the - same as the control plane nodes, as we have a uniform configuration of - the openvswitch agent. Typically should not need to be changed. - type: string - HypervisorNeutronPublicInterface: - default: nic1 - description: What interface to add to the HypervisorNeutronPhysicalBridge. - type: string - - ControllerServices: - default: - - OS::TripleO::Services::CACerts - - OS::TripleO::Services::CephMon - - OS::TripleO::Services::CephExternal - - OS::TripleO::Services::CinderApi - - OS::TripleO::Services::CinderBackup - - OS::TripleO::Services::CinderScheduler - - OS::TripleO::Services::CinderVolume - - OS::TripleO::Services::Core - - OS::TripleO::Services::Kernel - - OS::TripleO::Services::Keystone - - OS::TripleO::Services::GlanceApi - - OS::TripleO::Services::GlanceRegistry - - OS::TripleO::Services::HeatApi - - OS::TripleO::Services::HeatApiCfn - - OS::TripleO::Services::HeatApiCloudwatch - - OS::TripleO::Services::HeatEngine - - OS::TripleO::Services::MySQL - - OS::TripleO::Services::NeutronDhcpAgent - - OS::TripleO::Services::NeutronL3Agent - - OS::TripleO::Services::NeutronMetadataAgent - - OS::TripleO::Services::NeutronApi - - OS::TripleO::Services::NeutronCorePlugin - - OS::TripleO::Services::NeutronOvsAgent - - OS::TripleO::Services::RabbitMQ - - OS::TripleO::Services::HAproxy - - OS::TripleO::Services::Keepalived - - OS::TripleO::Services::Memcached - - OS::TripleO::Services::Pacemaker - - OS::TripleO::Services::Redis - - OS::TripleO::Services::NovaConductor - - OS::TripleO::Services::MongoDb - - OS::TripleO::Services::NovaApi - - OS::TripleO::Services::NovaScheduler - - OS::TripleO::Services::NovaConsoleauth - - OS::TripleO::Services::NovaVncproxy - - OS::TripleO::Services::Ntp - - OS::TripleO::Services::SwiftProxy - - OS::TripleO::Services::SwiftStorage - - OS::TripleO::Services::SwiftRingBuilder - - OS::TripleO::Services::Snmp - - OS::TripleO::Services::Timezone - - OS::TripleO::Services::CeilometerApi - - OS::TripleO::Services::CeilometerCollector - - OS::TripleO::Services::CeilometerExpirer - - OS::TripleO::Services::CeilometerAgentCentral - - OS::TripleO::Services::CeilometerAgentNotification - - OS::TripleO::Services::Horizon - - OS::TripleO::Services::GnocchiApi - - OS::TripleO::Services::GnocchiMetricd - - OS::TripleO::Services::GnocchiStatsd - - OS::Tripleo::Services::ManilaApi - - OS::Tripleo::Services::ManilaScheduler - - OS::Tripleo::Services::ManilaShare - - OS::TripleO::Services::AodhApi - - OS::TripleO::Services::AodhEvaluator - - OS::TripleO::Services::AodhNotifier - - OS::TripleO::Services::AodhListener - - OS::TripleO::Services::SaharaApi - - OS::TripleO::Services::SaharaEngine - - OS::TripleO::Services::IronicApi - - OS::TripleO::Services::IronicConductor - - OS::TripleO::Services::NovaIronic - - OS::TripleO::Services::TripleoPackages - - OS::TripleO::Services::TripleoFirewall - - OS::TripleO::Services::OpenDaylight - - OS::TripleO::Services::SensuClient - - OS::TripleO::Services::VipHosts - description: A list of service resources (configured in the Heat - resource_registry) which represent nested stacks - for each service that should get installed on the Controllers. - type: comma_delimited_list - - ComputeServices: - default: - - OS::TripleO::Services::CACerts - - OS::TripleO::Services::CephClient - - OS::TripleO::Services::CephExternal - - OS::TripleO::Services::Timezone - - OS::TripleO::Services::Ntp - - OS::TripleO::Services::Snmp - - OS::TripleO::Services::NovaCompute - - OS::TripleO::Services::NovaLibvirt - - OS::TripleO::Services::Kernel - - OS::TripleO::Services::ComputeNeutronCorePlugin - - OS::TripleO::Services::ComputeNeutronOvsAgent - - OS::TripleO::Services::ComputeCeilometerAgent - - OS::TripleO::Services::ComputeNeutronL3Agent - - OS::TripleO::Services::ComputeNeutronMetadataAgent - - OS::TripleO::Services::TripleoPackages - - OS::TripleO::Services::TripleoFirewall - - OS::TripleO::Services::NeutronSriovAgent - - OS::TripleO::Services::OpenDaylightOvs - - OS::TripleO::Services::SensuClient - - OS::TripleO::Services::VipHosts - description: A list of service resources (configured in the Heat - resource_registry) which represent nested stacks - for each service that should get installed on the Compute Nodes. - type: comma_delimited_list - -# Block storage specific parameters - BlockStorageCount: - type: number - default: 0 - BlockStorageExtraConfig: - default: {} - description: | - BlockStorage specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - BlockStorageServices: - default: - - OS::TripleO::Services::CACerts - - OS::TripleO::Services::CinderVolume - - OS::TripleO::Services::Kernel - - OS::TripleO::Services::Ntp - - OS::TripleO::Services::Timezone - - OS::TripleO::Services::Snmp - - OS::TripleO::Services::TripleoPackages - - OS::TripleO::Services::TripleoFirewall - - OS::TripleO::Services::SensuClient - - OS::TripleO::Services::VipHosts - description: A list of service resources (configured in the Heat - resource_registry) which represent nested stacks - for each service that should get installed on the BlockStorage nodes. - type: comma_delimited_list - -# Object storage specific parameters - ObjectStorageCount: - type: number - default: 0 - ObjectStorageExtraConfig: - default: {} - description: | - ObjectStorage specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - ObjectStorageServices: - default: - - OS::TripleO::Services::CACerts - - OS::TripleO::Services::Kernel - - OS::TripleO::Services::Ntp - - OS::TripleO::Services::SwiftStorage - - OS::TripleO::Services::SwiftRingBuilder - - OS::TripleO::Services::Snmp - - OS::TripleO::Services::Timezone - - OS::TripleO::Services::TripleoPackages - - OS::TripleO::Services::TripleoFirewall - - OS::TripleO::Services::SensuClient - - OS::TripleO::Services::VipHosts - description: A list of service resources (configured in the Heat - resource_registry) which represent nested stacks - for each service that should get installed on the ObjectStorage nodes. - Note this role currently only supports steps 2, 3 and 4 configuration. - type: comma_delimited_list - - -# Ceph storage specific parameters - CephStorageCount: - type: number - default: 0 - CephStorageExtraConfig: - default: {} - description: | - CephStorage specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - CephStorageServices: - default: - - OS::TripleO::Services::CACerts - - OS::TripleO::Services::CephOSD - - OS::TripleO::Services::Kernel - - OS::TripleO::Services::Ntp - - OS::TripleO::Services::Timezone - - OS::TripleO::Services::TripleoPackages - - OS::TripleO::Services::TripleoFirewall - - OS::TripleO::Services::SensuClient - - OS::TripleO::Services::VipHosts - description: A list of service resources (configured in the Heat - resource_registry) which represent nested stacks - for each service that should get installed on the CephStorage nodes. - type: comma_delimited_list - - # Hostname format for each role - # Note %index% is translated into the index of the node, e.g 0/1/2 etc - # and %stackname% is replaced with OS::stack_name in the template below. - # If you want to use the heat generated names, pass '' (empty string). - ControllerHostnameFormat: - type: string - description: Format for Controller node hostnames - default: '%stackname%-controller-%index%' - ComputeHostnameFormat: - type: string - description: Format for Compute node hostnames - default: '%stackname%-novacompute-%index%' - BlockStorageHostnameFormat: - type: string - description: Format for BlockStorage node hostnames - default: '%stackname%-blockstorage-%index%' - ObjectStorageHostnameFormat: - type: string - description: Format for SwiftStorage node hostnames - default: '%stackname%-objectstorage-%index%' - CephStorageHostnameFormat: - type: string - description: Format for CephStorage node hostnames - default: '%stackname%-cephstorage-%index%' - - # Identifiers to trigger tasks on nodes - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - DeployIdentifier: - default: '' - type: string - description: > - Setting this to a unique value will re-run any deployment tasks which - perform configuration on a Heat stack-update. - - # If you want to remove a specific node from a resource group, you can pass - # the node name or id as a <Group>RemovalPolicies parameter, for example: - # ComputeRemovalPolicies: [{'resource_list': ['0']}] - ControllerRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from ControllerResourceGroup when - doing an update which requires removal of specific resources. - ComputeRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from ComputeResourceGroup when - doing an update which requires removal of specific resources. - BlockStorageRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from BlockStorageResourceGroup when - doing an update which requires removal of specific resources. - ObjectStorageRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from ObjectStorageResourceGroup when - doing an update which requires removal of specific resources. - CephStorageRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from CephStorageResourceGroup when - doing an update which requires removal of specific resources. - -parameter_groups: -- label: deprecated - description: Do not use deprecated params, they will be removed. - parameters: - - controllerExtraConfig - - -resources: - - HeatAuthEncryptionKey: - type: OS::Heat::RandomString - - PcsdPassword: - type: OS::Heat::RandomString - properties: - length: 16 - - HorizonSecret: - type: OS::Heat::RandomString - properties: - length: 10 - - ServiceNetMap: - type: OS::TripleO::ServiceNetMap - - EndpointMap: - type: OS::TripleO::EndpointMap - properties: - CloudEndpoints: - external: {get_param: CloudName} - internal_api: {get_param: CloudNameInternal} - storage: {get_param: CloudNameStorage} - storage_mgmt: {get_param: CloudNameStorageManagement} - management: {get_param: CloudNameManagement} - NetIpMap: {get_attr: [VipMap, net_ip_map]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - - ControllerServiceChain: - type: OS::TripleO::Services - properties: - Services: {get_param: ControllerServices} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} - - Controller: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: ControllerCount} - removal_policies: {get_param: ControllerRemovalPolicies} - resource_def: - type: OS::TripleO::Controller - properties: - CloudDomain: {get_param: CloudDomain} - controllerExtraConfig: {get_param: controllerExtraConfig} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - Hostname: - str_replace: - template: {get_param: ControllerHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [ControllerServiceChain, role_data, config_settings]} - ServiceNames: {get_attr: [ControllerServiceChain, role_data, service_names]} - MonitoringSubscriptions: {get_attr: [ControllerServiceChain, role_data, monitoring_subscriptions]} - - ComputeServiceChain: - type: OS::TripleO::Services - properties: - Services: {get_param: ComputeServices} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} - - Compute: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: ComputeCount} - removal_policies: {get_param: ComputeRemovalPolicies} - resource_def: - type: OS::TripleO::Compute - properties: - CloudDomain: {get_param: CloudDomain} - NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge} - NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - Hostname: - str_replace: - template: {get_param: ComputeHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [ComputeServiceChain, role_data, config_settings]} - ServiceNames: {get_attr: [ComputeServiceChain, role_data, service_names]} - MonitoringSubscriptions: {get_attr: [ComputeServiceChain, role_data, monitoring_subscriptions]} - - BlockStorageServiceChain: - type: OS::TripleO::Services - properties: - Services: {get_param: BlockStorageServices} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} - - BlockStorage: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: BlockStorageCount} - removal_policies: {get_param: BlockStorageRemovalPolicies} - resource_def: - type: OS::TripleO::BlockStorage - properties: - UpdateIdentifier: {get_param: UpdateIdentifier} - Hostname: - str_replace: - template: {get_param: BlockStorageHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - ExtraConfig: {get_param: ExtraConfig} - BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} - CloudDomain: {get_param: CloudDomain} - ServerMetadata: {get_param: ServerMetadata} - NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [BlockStorageServiceChain, role_data, config_settings]} - ServiceNames: {get_attr: [BlockStorageServiceChain, role_data, service_names]} - MonitoringSubscriptions: {get_attr: [BlockStorageServiceChain, role_data, monitoring_subscriptions]} - - ObjectStorageServiceChain: - type: OS::TripleO::Services - properties: - Services: {get_param: ObjectStorageServices} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} - - ObjectStorage: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: ObjectStorageCount} - removal_policies: {get_param: ObjectStorageRemovalPolicies} - resource_def: - type: OS::TripleO::ObjectStorage - properties: - UpdateIdentifier: {get_param: UpdateIdentifier} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - Hostname: - str_replace: - template: {get_param: ObjectStorageHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - ExtraConfig: {get_param: ExtraConfig} - ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig} - CloudDomain: {get_param: CloudDomain} - ServerMetadata: {get_param: ServerMetadata} - NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, role_data, config_settings]} - ServiceNames: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} - MonitoringSubscriptions: {get_attr: [ObjectStorageServiceChain, role_data, monitoring_subscriptions]} - - CephStorageServiceChain: - type: OS::TripleO::Services - properties: - Services: {get_param: CephStorageServices} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} - - CephStorage: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: CephStorageCount} - removal_policies: {get_param: CephStorageRemovalPolicies} - resource_def: - type: OS::TripleO::CephStorage - properties: - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} - UpdateIdentifier: {get_param: UpdateIdentifier} - Hostname: - str_replace: - template: {get_param: CephStorageHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - ExtraConfig: {get_param: ExtraConfig} - CephStorageExtraConfig: {get_param: CephStorageExtraConfig} - CloudDomain: {get_param: CloudDomain} - ServerMetadata: {get_param: ServerMetadata} - NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [CephStorageServiceChain, role_data, config_settings]} - ServiceNames: {get_attr: [CephStorageServiceChain, role_data, service_names]} - MonitoringSubscriptions: {get_attr: [CephStorageServiceChain, role_data, monitoring_subscriptions]} - - ControllerIpListMap: - type: OS::TripleO::Network::Ports::NetIpListMap - properties: - ControlPlaneIpList: {get_attr: [Controller, ip_address]} - ExternalIpList: {get_attr: [Controller, external_ip_address]} - InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]} - StorageIpList: {get_attr: [Controller, storage_ip_address]} - StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [Controller, tenant_ip_address]} - ManagementIpList: {get_attr: [Controller, management_ip_address]} - EnabledServices: {get_attr: [ControllerServiceChain, role_data, service_names]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} - ServiceHostnameList: {get_attr: [Controller, hostname]} - - ComputeIpListMap: - type: OS::TripleO::Network::Ports::NetIpListMap - properties: - ControlPlaneIpList: {get_attr: [Compute, ip_address]} - ExternalIpList: {get_attr: [Compute, external_ip_address]} - InternalApiIpList: {get_attr: [Compute, internal_api_ip_address]} - StorageIpList: {get_attr: [Compute, storage_ip_address]} - StorageMgmtIpList: {get_attr: [Compute, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [Compute, tenant_ip_address]} - ManagementIpList: {get_attr: [Compute, management_ip_address]} - EnabledServices: {get_attr: [ComputeServiceChain, role_data, service_names]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} - ServiceHostnameList: {get_attr: [Compute, hostname]} - - BlockStorageIpListMap: - type: OS::TripleO::Network::Ports::NetIpListMap - properties: - ControlPlaneIpList: {get_attr: [BlockStorage, ip_address]} - ExternalIpList: {get_attr: [BlockStorage, external_ip_address]} - InternalApiIpList: {get_attr: [BlockStorage, internal_api_ip_address]} - StorageIpList: {get_attr: [BlockStorage, storage_ip_address]} - StorageMgmtIpList: {get_attr: [BlockStorage, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [BlockStorage, tenant_ip_address]} - ManagementIpList: {get_attr: [BlockStorage, management_ip_address]} - EnabledServices: {get_attr: [BlockStorageServiceChain, role_data, service_names]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} - ServiceHostnameList: {get_attr: [BlockStorage, hostname]} - - ObjectStorageIpListMap: - type: OS::TripleO::Network::Ports::NetIpListMap - properties: - ControlPlaneIpList: {get_attr: [ObjectStorage, ip_address]} - ExternalIpList: {get_attr: [ObjectStorage, external_ip_address]} - InternalApiIpList: {get_attr: [ObjectStorage, internal_api_ip_address]} - StorageIpList: {get_attr: [ObjectStorage, storage_ip_address]} - StorageMgmtIpList: {get_attr: [ObjectStorage, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [ObjectStorage, tenant_ip_address]} - ManagementIpList: {get_attr: [ObjectStorage, management_ip_address]} - EnabledServices: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} - ServiceHostnameList: {get_attr: [ObjectStorage, hostname]} - - CephStorageIpListMap: - type: OS::TripleO::Network::Ports::NetIpListMap - properties: - ControlPlaneIpList: {get_attr: [CephStorage, ip_address]} - ExternalIpList: {get_attr: [CephStorage, external_ip_address]} - InternalApiIpList: {get_attr: [CephStorage, internal_api_ip_address]} - StorageIpList: {get_attr: [CephStorage, storage_ip_address]} - StorageMgmtIpList: {get_attr: [CephStorage, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [CephStorage, tenant_ip_address]} - ManagementIpList: {get_attr: [CephStorage, management_ip_address]} - EnabledServices: {get_attr: [CephStorageServiceChain, role_data, service_names]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} - ServiceHostnameList: {get_attr: [CephStorage, hostname]} - - allNodesConfig: - type: OS::TripleO::AllNodes::SoftwareConfig - properties: - cloud_name_external: {get_param: CloudName} - cloud_name_internal_api: {get_param: CloudNameInternal} - cloud_name_storage: {get_param: CloudNameStorage} - cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement} - cloud_name_management: {get_param: CloudNameManagement} - hosts: - - list_join: - - '\n' - - {get_attr: [Compute, hosts_entry]} - - list_join: - - '\n' - - {get_attr: [Controller, hosts_entry]} - - list_join: - - '\n' - - {get_attr: [BlockStorage, hosts_entry]} - - list_join: - - '\n' - - {get_attr: [ObjectStorage, hosts_entry]} - - list_join: - - '\n' - - {get_attr: [CephStorage, hosts_entry]} - enabled_services: - list_join: - - ',' - - {get_attr: [ControllerServiceChain, role_data, service_names]} - - {get_attr: [ComputeServiceChain, role_data, service_names]} - - {get_attr: [BlockStorageServiceChain, role_data, service_names]} - - {get_attr: [ObjectStorageServiceChain, role_data, service_names]} - - {get_attr: [CephStorageServiceChain, role_data, service_names]} - controller_ips: {get_attr: [Controller, ip_address]} - controller_names: {get_attr: [Controller, hostname]} - service_ips: - # Note (shardy) this somewhat complex yaql may be replaced - # with a map_deep_merge function in ocata. It merges the - # list of maps, but appends to colliding lists when a service - # is deployed on more than one role - yaql: - expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()])) - data: - l: - - {get_attr: [ControllerIpListMap, service_ips]} - - {get_attr: [ComputeIpListMap, service_ips]} - - {get_attr: [BlockStorageIpListMap, service_ips]} - - {get_attr: [ObjectStorageIpListMap, service_ips]} - - {get_attr: [CephStorageIpListMap, service_ips]} - service_node_names: - yaql: - expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()])) - data: - l: - - {get_attr: [ControllerIpListMap, service_hostnames]} - - {get_attr: [ComputeIpListMap, service_hostnames]} - - {get_attr: [BlockStorageIpListMap, service_hostnames]} - - {get_attr: [ObjectStorageIpListMap, service_hostnames]} - - {get_attr: [CephStorageIpListMap, service_hostnames]} - # FIXME(shardy): These require further work to move into service_ips - memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} - keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} - keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} - NetVipMap: {get_attr: [VipMap, net_ip_map]} - RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} - ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} - DeployIdentifier: {get_param: DeployIdentifier} - UpdateIdentifier: {get_param: UpdateIdentifier} - - MysqlRootPassword: - type: OS::Heat::RandomString - properties: - length: 10 - - RabbitCookie: - type: OS::Heat::RandomString - properties: - length: 20 - salt: {get_param: RabbitCookieSalt} - - DefaultPasswords: - type: OS::TripleO::DefaultPasswords - properties: - DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]} - DefaultRabbitCookie: {get_attr: [RabbitCookie, value]} - DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]} - DefaultPcsdPassword: {get_attr: [PcsdPassword, value]} - DefaultHorizonSecret: {get_attr: [HorizonSecret, value]} - - # creates the network architecture - Networks: - type: OS::TripleO::Network - - ControlVirtualIP: - type: OS::Neutron::Port - depends_on: Networks - properties: - name: control_virtual_ip - network: {get_param: NeutronControlPlaneID} - fixed_ips: {get_param: ControlFixedIPs} - replacement_policy: AUTO - - RedisVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::RedisVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - ControlPlaneNetwork: {get_param: NeutronControlPlaneID} - PortName: redis_virtual_ip - NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]} - ServiceName: redis - FixedIPs: {get_param: RedisVirtualFixedIPs} - - # The public VIP is on the External net, falls back to ctlplane - PublicVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::ExternalVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - ControlPlaneNetwork: {get_param: NeutronControlPlaneID} - PortName: public_virtual_ip - FixedIPs: {get_param: PublicVirtualFixedIPs} - - InternalApiVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::InternalApiVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: internal_api_virtual_ip - FixedIPs: {get_param: InternalApiVirtualFixedIPs} - - StorageVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::StorageVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_virtual_ip - FixedIPs: {get_param: StorageVirtualFixedIPs} - - StorageMgmtVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::StorageMgmtVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_management_virtual_ip - FixedIPs: {get_param: StorageMgmtVirtualFixedIPs} - - VipMap: - type: OS::TripleO::Network::Ports::NetVipMap - properties: - ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} - ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} - InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]} - StorageIp: {get_attr: [StorageVirtualIP, ip_address]} - StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} - StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} - # No tenant or management VIP required - - ControllerSwiftDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ControllerSwiftDeployment - config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ObjectStorageSwiftDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ObjectStorageSwiftDeployment - config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - - SwiftDevicesAndProxyConfig: - type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig - properties: - controller_swift_devices: {get_attr: [Controller, swift_device]} - object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]} - - ControllerAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ControllerAllNodesDeployment - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - input_values: - bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]} - bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]} - - ComputeAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ComputeAllNodesDeployment - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [Compute, attributes, nova_server_resource]} - input_values: - bootstrap_nodeid: {get_attr: [Compute, resource.0.hostname]} - bootstrap_nodeid_ip: {get_attr: [Compute, resource.0.ip_address]} - - BlockStorageAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: BlockStorageAllNodesDeployment - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - input_values: - bootstrap_nodeid: {get_attr: [BlockStorage, resource.0.hostname]} - bootstrap_nodeid_ip: {get_attr: [BlockStorage, resource.0.ip_address]} - - ObjectStorageAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: ObjectStorageAllNodesDeployment - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - input_values: - bootstrap_nodeid: {get_attr: [ObjectStorage, resource.0.hostname]} - bootstrap_nodeid_ip: {get_attr: [ObjectStorage, resource.0.ip_address]} - - CephStorageAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: CephStorageAllNodesDeployment - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - input_values: - bootstrap_nodeid: {get_attr: [CephStorage, resource.0.hostname]} - bootstrap_nodeid_ip: {get_attr: [CephStorage, resource.0.ip_address]} - - # All Nodes Validations - AllNodesValidationConfig: - type: OS::TripleO::AllNodes::Validation - properties: - PingTestIps: - list_join: - - ' ' - - - {get_attr: [Controller, resource.0.external_ip_address]} - - {get_attr: [Controller, resource.0.internal_api_ip_address]} - - {get_attr: [Controller, resource.0.storage_ip_address]} - - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} - - {get_attr: [Controller, resource.0.tenant_ip_address]} - - {get_attr: [Controller, resource.0.management_ip_address]} - - ControllerAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: ControllerAllNodesDeployment - properties: - name: ControllerAllNodesValidationDeployment - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ComputeAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: ComputeAllNodesDeployment - properties: - name: ComputeAllNodesValidationDeployment - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [Compute, attributes, nova_server_resource]} - - BlockStorageAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: BlockStorageAllNodesDeployment - properties: - name: BlockStorageAllNodesValidationDeployment - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - - ObjectStorageAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: ObjectStorageAllNodesDeployment - properties: - name: ObjectStorageAllNodesValidationDeployment - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - - CephStorageAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: CephStorageAllNodesDeployment - properties: - name: CephStorageAllNodesValidationDeployment - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - - UpdateWorkflow: - type: OS::TripleO::Tasks::UpdateWorkflow - properties: - controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} - compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} - blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - input_values: - deploy_identifier: {get_param: DeployIdentifier} - update_identifier: {get_param: UpdateIdentifier} - - # Optional ExtraConfig for all nodes - all roles are passed in here, but - # the nested template may configure each role differently (or not at all) - AllNodesExtraConfig: - type: OS::TripleO::AllNodesExtraConfig - depends_on: - - UpdateWorkflow - - ComputeAllNodesValidationDeployment - - BlockStorageAllNodesValidationDeployment - - ObjectStorageAllNodesValidationDeployment - - CephStorageAllNodesValidationDeployment - - ControllerAllNodesValidationDeployment - properties: - controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} - compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} - blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - - # Nested stack deployment runs after all other controller deployments - ControllerNodesPostDeployment: - type: OS::TripleO::ControllerPostDeployment - depends_on: [ControllerAllNodesDeployment, ControllerSwiftDeployment] - properties: - servers: {get_attr: [Controller, attributes, nova_server_resource]} - RoleData: {get_attr: [ControllerServiceChain, role_data]} - - ComputeNodesPostDeployment: - type: OS::TripleO::ComputePostDeployment - depends_on: [ComputeAllNodesDeployment] - properties: - servers: {get_attr: [Compute, attributes, nova_server_resource]} - RoleData: {get_attr: [ComputeServiceChain, role_data]} - - ObjectStorageNodesPostDeployment: - type: OS::TripleO::ObjectStoragePostDeployment - depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment] - properties: - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - RoleData: {get_attr: [ObjectStorageServiceChain, role_data]} - - BlockStorageNodesPostDeployment: - type: OS::TripleO::BlockStoragePostDeployment - depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment] - properties: - servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - RoleData: {get_attr: [BlockStorageServiceChain, role_data]} - - CephStorageNodesPostDeployment: - type: OS::TripleO::CephStoragePostDeployment - depends_on: [ControllerNodesPostDeployment, CephStorageAllNodesDeployment] - properties: - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - RoleData: {get_attr: [CephStorageServiceChain, role_data]} - - -outputs: - ManagedEndpoints: - description: Asserts that the keystone endpoints have been provisioned. - value: true - KeystoneURL: - description: URL for the Overcloud Keystone service - value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} - KeystoneAdminVip: - description: Keystone Admin VIP endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} - PublicVip: - description: Controller VIP for public API endpoints - value: {get_attr: [VipMap, net_ip_map, external]} - AodhInternalVip: - description: VIP for Aodh API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} - CeilometerInternalVip: - description: VIP for Ceilometer API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} - CinderInternalVip: - description: VIP for Cinder API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} - GlanceInternalVip: - description: VIP for Glance API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} - GnocchiInternalVip: - description: VIP for Gnocchi API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} - HeatInternalVip: - description: VIP for Heat API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} - IronicInternalVip: - description: VIP for Ironic API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} - KeystoneInternalVip: - description: VIP for Keystone API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} - ManilaInternalVip: - description: VIP for Manila API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} - NeutronInternalVip: - description: VIP for Neutron API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} - NovaInternalVip: - description: VIP for Nova API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} - OpenDaylightInternalVip: - description: VIP for OpenDaylight API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]} - SaharaInternalVip: - description: VIP for Sahara API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} - SwiftInternalVip: - description: VIP for Swift Proxy internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} - EndpointMap: - description: | - Mapping of the resources with the needed info for their endpoints. - This includes the protocol used, the IP, port and also a full - representation of the URI. - value: {get_attr: [EndpointMap, endpoint_map]} - HostsEntry: - description: | - The content that should be appended to your /etc/hosts if you want to get - hostname-based access to the deployed nodes (useful for testing without - setting up a DNS). - value: {get_attr: [allNodesConfig, hosts_entries]} - EnabledServices: - description: The services enabled on each role - value: - Controller: {get_attr: [ControllerServiceChain, role_data, service_names]} - Compute: {get_attr: [ComputeServiceChain, role_data, service_names]} - BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]} - ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} - CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 69bb1935..c764d4ef 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -10,7 +10,7 @@ parameters: type: string cloud_name_storage_mgmt: type: string - cloud_name_management: + cloud_name_ctlplane: type: string hosts: type: comma_delimited_list @@ -90,6 +90,33 @@ resources: for_each: SERVICE: str_split: [',', {get_param: enabled_services}] + # Dynamically generate per-service network data + # This works as follows (outer->inner functions) + # yaql - filters services where no mapping exists in ServiceNetMap + # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap + # map_merge/repeat: generate a per-service mapping + - yaql: + # This filters any entries where the value hasn't been substituted for + # a list, e.g it's still $service_network. This happens when there is + # no network defined for the service in the ServiceNetMap, which is OK + # as not all services have to be bound to a network, so we filter them + expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network"))) + data: + map: + map_replace: + - map_merge: + repeat: + template: + SERVICE_network: SERVICE_network + for_each: + SERVICE: + str_split: [',', {get_param: enabled_services}] + - values: {get_param: ServiceNetMap} + # Keystone doesn't provide separate entries for the public + # and admin endpoints, so we need to add them here manually + # like we do in the vip-config below + - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]} + keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]} # provides a mapping of service_name_ips to a list of IPs - {get_param: service_ips} - {get_param: service_node_names} @@ -182,7 +209,7 @@ resources: cloud_name_internal_api: {get_param: cloud_name_internal_api} cloud_name_storage: {get_param: cloud_name_storage} cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt} - cloud_name_management: {get_param: cloud_name_management} + cloud_name_ctlplane: {get_param: cloud_name_ctlplane} outputs: config_id: diff --git a/puppet/blockstorage-config.yaml b/puppet/blockstorage-config.yaml new file mode 100644 index 00000000..9b31b448 --- /dev/null +++ b/puppet/blockstorage-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_volume.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + BlockStoragePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_volume.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: BlockStoragePuppetConfigImpl} diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml deleted file mode 100644 index df6b7249..00000000 --- a/puppet/ceph-storage-post.yaml +++ /dev/null @@ -1,81 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack ceph storage node post deployment for Puppet - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - CephStorageArtifactsConfig: - type: deploy-artifacts.yaml - - CephStorageArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: CephStorageArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - CephStoragePuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_cephstorage.pp - - {get_param: [RoleData, step_config]} - - CephStorageDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: CephStorageArtifactsDeploy - properties: - name: CephStorageDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: CephStoragePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - CephStorageDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: CephStorageDeployment_Step2 - properties: - name: CephStorageDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: CephStoragePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: CephStorageDeployment_Step3 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 5ba2c298..62748f94 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -27,6 +27,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json UpdateIdentifier: default: '' type: string @@ -323,6 +328,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -363,6 +369,12 @@ outputs: - '.' - - {get_attr: [CephStorage, name]} - management + CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the ceph storage server value: diff --git a/puppet/cephstorage-config.yaml b/puppet/cephstorage-config.yaml new file mode 100644 index 00000000..4bad4a16 --- /dev/null +++ b/puppet/cephstorage-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_cephstorage.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + CephStoragePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_cephstorage.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: CephStoragePuppetConfigImpl} diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml deleted file mode 100644 index 0620bc6c..00000000 --- a/puppet/cinder-storage-post.yaml +++ /dev/null @@ -1,91 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'OpenStack cinder storage post deployment for Puppet' - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - RoleData: - type: json - default: {} - -resources: - - VolumeArtifactsConfig: - type: deploy-artifacts.yaml - - VolumeArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: VolumeArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - VolumePuppetConfig: - type: OS::Heat::SoftwareConfig - depends_on: VolumeArtifactsDeploy - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_volume.pp - - {get_param: [RoleData, step_config]} - - VolumeDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: VolumeArtifactsDeploy - properties: - name: VolumeDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: VolumePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - VolumeDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: VolumeDeployment_Step2 - properties: - name: VolumeDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: VolumePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - VolumeDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: VolumeDeployment_Step3 - properties: - name: VolumeDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: VolumePuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: VolumeDeployment_Step4 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 699a0969..f5118c2c 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -48,6 +48,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json NetworkDeploymentActions: type: comma_delimited_list description: > @@ -313,6 +318,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -353,6 +359,12 @@ outputs: - '.' - - {get_attr: [BlockStorage, name]} - management + CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the block storage server value: diff --git a/puppet/compute-config.yaml b/puppet/compute-config.yaml new file mode 100644 index 00000000..9e128d3a --- /dev/null +++ b/puppet/compute-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_compute.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + ComputePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_compute.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: ComputePuppetConfigImpl} diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml deleted file mode 100644 index 358ec5a8..00000000 --- a/puppet/compute-post.yaml +++ /dev/null @@ -1,93 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack compute node post deployment for Puppet. - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - ComputeArtifactsConfig: - type: deploy-artifacts.yaml - - ComputeArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: ComputeArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - ComputePuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_compute.pp - - {get_param: [RoleData, step_config]} - - ComputeServicesBaseDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: [ComputeArtifactsDeploy] - properties: - name: ComputeServicesBaseDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: ComputePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - ComputeOvercloudServicesDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: ComputeServicesBaseDeployment_Step2 - properties: - name: ComputeOvercloudServicesDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: ComputePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - ComputeOvercloudServicesDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: ComputeOvercloudServicesDeployment_Step3 - properties: - name: ComputeOvercloudServicesDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: ComputePuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: ComputeOvercloudServicesDeployment_Step4 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/puppet/compute.yaml b/puppet/compute.yaml index e74d1a54..05b8d065 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -373,6 +373,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -413,6 +414,12 @@ outputs: - '.' - - {get_attr: [NovaCompute, name]} - management + CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the Nova compute server value: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml deleted file mode 100644 index c97c3bc8..00000000 --- a/puppet/controller-post.yaml +++ /dev/null @@ -1,117 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack controller node post deployment for Puppet. - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - ControllerArtifactsConfig: - type: deploy-artifacts.yaml - - ControllerArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: ControllerArtifactsConfig} - - ControllerPrePuppet: - type: OS::TripleO::Tasks::ControllerPrePuppet - properties: - servers: {get_param: servers} - input_values: - update_identifier: {get_param: DeployIdentifier} - - ControllerPuppetConfig: - type: OS::TripleO::ControllerConfig - properties: - StepConfig: {get_param: [RoleData, step_config]} - - # Step through a series of Puppet runs using the same manifest. - # NOTE: To enable stepping through the deployments via heat hooks, - # you must observe the glob naming defined in overcloud-steps.yaml - # e.g all Deployment resources should have a *Deployment_StepN suffix - ControllerLoadBalancerDeployment_Step1: - type: OS::Heat::StructuredDeployments - depends_on: [ControllerPrePuppet, ControllerArtifactsDeploy] - properties: - name: ControllerLoadBalancerDeployment_Step1 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 1 - update_identifier: {get_param: DeployIdentifier} - - ControllerServicesBaseDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: ControllerLoadBalancerDeployment_Step1 - properties: - name: ControllerServicesBaseDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - ControllerOvercloudServicesDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: ControllerServicesBaseDeployment_Step2 - properties: - name: ControllerOvercloudServicesDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - ControllerOvercloudServicesDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: ControllerOvercloudServicesDeployment_Step3 - properties: - name: ControllerOvercloudServicesDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - ControllerOvercloudServicesDeployment_Step5: - type: OS::Heat::StructuredDeployments - depends_on: ControllerOvercloudServicesDeployment_Step4 - properties: - name: ControllerOvercloudServicesDeployment_Step5 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 5 - update_identifier: {get_param: DeployIdentifier} - - ControllerPostPuppet: - type: OS::TripleO::Tasks::ControllerPostPuppet - depends_on: ControllerOvercloudServicesDeployment_Step5 - properties: - servers: {get_param: servers} - input_values: - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: ControllerPostPuppet - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 1656aea7..33ed51c0 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -62,10 +62,6 @@ parameters: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - SwiftRawDisks: - default: {} - description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' - type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -313,8 +309,7 @@ resources: - service_configs - service_names - controller - - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - - bootstrap_node # provided by allNodesConfig + - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig - '"%{::osfamily}"' @@ -421,6 +416,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -461,31 +457,16 @@ outputs: - '.' - - {get_attr: [Controller, name]} - management + CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the Nova compute server value: {get_resource: Controller} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: - list_join: - - ',' - - ['r1z1-IP:%PORT%/d1'] - - repeat: - template: 'r1z1-IP:%PORT%/DEVICE' - for_each: - DEVICE: {get_param: SwiftRawDisks} - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} diff --git a/puppet/objectstorage-config.yaml b/puppet/objectstorage-config.yaml new file mode 100644 index 00000000..1dee8e60 --- /dev/null +++ b/puppet/objectstorage-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_object.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + ObjectStoragePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_object.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: ObjectStoragePuppetConfigImpl} diff --git a/puppet/post.yaml b/puppet/post.yaml new file mode 100644 index 00000000..8f57b34e --- /dev/null +++ b/puppet/post.yaml @@ -0,0 +1,644 @@ +heat_template_version: 2016-10-14 + +description: > + Post-deploy configuration steps via puppet for all roles, + Controller, Compute, BlockStorage, SwiftStorage and CephStorage. + +parameters: + servers: + type: json + description: Mapping of Role name e.g Controller to a list of servers + + role_data: + type: json + description: Mapping of Role name e.g Controller to the per-role data + + DeployIdentifier: + default: '' + type: string + description: > + Setting this to a unique value will re-run any deployment tasks which + perform configuration on a Heat stack-update. + +resources: + # Post deployment steps for all roles + # A single config is re-applied with an incrementing step number + # Controller Role steps + ControllerArtifactsConfig: + type: deploy-artifacts.yaml + + ControllerArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerArtifactsConfig} + + ControllerPreConfig: + type: OS::TripleO::Tasks::ControllerPreConfig + properties: + servers: {get_param: [servers, Controller]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + ControllerConfig: + type: OS::TripleO::ControllerConfig + properties: + StepConfig: {get_param: [role_data, Controller, step_config]} + + # Step through a series of configuration steps + ControllerDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [ControllerPreConfig, ControllerArtifactsDeploy] + properties: + name: ControllerDeployment_Step1 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: ControllerDeployment_Step2 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: ControllerDeployment_Step3 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: ControllerDeployment_Step4 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: ControllerDeployment_Step5 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + ControllerPostConfig: + type: OS::TripleO::Tasks::ControllerPostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ControllerExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, Controller]} + + # Compute Role steps + ComputeArtifactsConfig: + type: deploy-artifacts.yaml + + ComputeArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeArtifactsConfig} + + ComputePreConfig: + type: OS::TripleO::Tasks::ComputePreConfig + properties: + servers: {get_param: [servers, Compute]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + ComputeConfig: + type: OS::TripleO::ComputeConfig + properties: + StepConfig: {get_param: [role_data, Compute, step_config]} + + # Step through a series of configuration steps + ComputeDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [ComputePreConfig, ComputeArtifactsDeploy] + properties: + name: ComputeDeployment_Step1 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: ComputeDeployment_Step2 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: ComputeDeployment_Step3 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: ComputeDeployment_Step4 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: ComputeDeployment_Step5 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + ComputePostConfig: + type: OS::TripleO::Tasks::ComputePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ComputeExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, Compute]} + + # BlockStorage Role steps + BlockStorageArtifactsConfig: + type: deploy-artifacts.yaml + + BlockStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageArtifactsConfig} + + BlockStoragePreConfig: + type: OS::TripleO::Tasks::BlockStoragePreConfig + properties: + servers: {get_param: [servers, BlockStorage]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + BlockStorageConfig: + type: OS::TripleO::BlockStorageConfig + properties: + StepConfig: {get_param: [role_data, BlockStorage, step_config]} + + # Step through a series of configuration steps + BlockStorageDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [BlockStoragePreConfig, BlockStorageArtifactsDeploy] + properties: + name: BlockStorageDeployment_Step1 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: BlockStorageDeployment_Step2 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: BlockStorageDeployment_Step3 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: BlockStorageDeployment_Step4 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: BlockStorageDeployment_Step5 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + BlockStoragePostConfig: + type: OS::TripleO::Tasks::BlockStoragePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + BlockStorageExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, BlockStorage]} + + # ObjectStorage Role steps + ObjectStorageArtifactsConfig: + type: deploy-artifacts.yaml + + ObjectStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageArtifactsConfig} + + ObjectStoragePreConfig: + type: OS::TripleO::Tasks::ObjectStoragePreConfig + properties: + servers: {get_param: [servers, ObjectStorage]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageConfig: + type: OS::TripleO::ObjectStorageConfig + properties: + StepConfig: {get_param: [role_data, ObjectStorage, step_config]} + + # Step through a series of configuration steps + ObjectStorageDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [ObjectStoragePreConfig, ObjectStorageArtifactsDeploy] + properties: + name: ObjectStorageDeployment_Step1 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: ObjectStorageDeployment_Step2 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: ObjectStorageDeployment_Step3 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: ObjectStorageDeployment_Step4 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: ObjectStorageDeployment_Step5 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + ObjectStoragePostConfig: + type: OS::TripleO::Tasks::ObjectStoragePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ObjectStorageExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, ObjectStorage]} + + # CephStorage Role steps + CephStorageArtifactsConfig: + type: deploy-artifacts.yaml + + CephStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageArtifactsConfig} + + CephStoragePreConfig: + type: OS::TripleO::Tasks::CephStoragePreConfig + properties: + servers: {get_param: [servers, CephStorage]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + CephStorageConfig: + type: OS::TripleO::CephStorageConfig + properties: + StepConfig: {get_param: [role_data, CephStorage, step_config]} + + # Step through a series of configuration steps + CephStorageDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [CephStoragePreConfig, CephStorageArtifactsDeploy] + properties: + name: CephStorageDeployment_Step1 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: CephStorageDeployment_Step2 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: CephStorageDeployment_Step3 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: CephStorageDeployment_Step4 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: CephStorageDeployment_Step5 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + CephStoragePostConfig: + type: OS::TripleO::Tasks::CephStoragePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + CephStorageExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, CephStorage]} diff --git a/puppet/services/README.rst b/puppet/services/README.rst index 15c8c1f1..8fe51fa3 100644 --- a/puppet/services/README.rst +++ b/puppet/services/README.rst @@ -31,6 +31,8 @@ are re-asserted when applying latter ones. * config_settings: Custom hiera settings for this service. + * global_config_settings: Additional hiera settings distributed to all roles. + * step_config: A puppet manifest that is used to step through the deployment sequence. Each sequence is given a "step" (via hiera('step') that provides information for when puppet classes should activate themselves. diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml new file mode 100644 index 00000000..6bb4f6d1 --- /dev/null +++ b/puppet/services/ceph-rgw.yaml @@ -0,0 +1,77 @@ +heat_template_version: 2016-04-08 + +description: > + Ceph RadosGW service. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + AdminToken: + description: The keystone auth secret and db password. + type: string + hidden: true + CephRgwKey: + description: The cephx key for the radosgw client. Can be created + with ceph-authtool --gen-print-key. + type: string + hidden: true + SwiftPassword: + description: The password for the swift service account, used by the Ceph RGW services. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + +resources: + CephBase: + type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Ceph RadosGW service. + value: + service_name: ceph_rgw + config_settings: + map_merge: + - get_attr: [CephBase, role_data, config_settings] + - tripleo::profile::base::ceph::rgw::rgw_key: {get_param: CephRgwKey} + tripleo::profile::base::ceph::rgw::keystone_admin_token: {get_param: AdminToken} + tripleo::profile::base::ceph::rgw::keystone_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ceph::profile::params::frontend_type: 'civetweb' + ceph_rgw_civetweb_bind_address: {get_param: [ServiceNetMap, CephRgwNetwork]} + ceph::profile::params::rgw_frontends: + list_join: + - '' + - - 'civetweb port=' + - '%{hiera("ceph_rgw_civetweb_bind_address")}' + - ':' + - {get_param: [EndpointMap, CephRgwInternal, port]} + tripleo.ceph_rgw.firewall_rules: + '122 ceph rgw': + dport: {get_param: [EndpointMap, CephRgwInternal, port]} + ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]} + ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]} + ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]} + ceph::rgw::keystone::auth::password: {get_param: SwiftPassword} + ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion} + ceph::rgw::keystone::auth::tenant: 'service' + step_config: | + include ::tripleo::profile::base::ceph::rgw diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 79033047..b321ecbe 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -87,6 +87,12 @@ parameters: MonitoringSubscriptionKeystone: default: 'overcloud-kestone' type: string + KeystoneCredential0: + type: string + description: The first Keystone credential key. Must be a valid key. + KeystoneCredential1: + type: string + description: The second Keystone credential key. Must be a valid key. resources: @@ -121,6 +127,12 @@ outputs: keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} keystone::enable_proxy_headers_parsing: true + keystone::enable_credential_setup: true + keystone::credential_keys: + '/etc/keystone/credential-keys/0': + content: {get_param: KeystoneCredential0} + '/etc/keystone/credential-keys/1': + content: {get_param: KeystoneCredential1} keystone::debug: {get_param: Debug} keystone::db::mysql::password: {get_param: AdminToken} keystone::rabbit_userid: {get_param: RabbitUserName} diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 2e43730d..1513ab31 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -66,6 +66,7 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR manila::api::bind_host: {get_param: [ServiceNetMap, ManilaApiNetwork]} + manila::api::enable_proxy_headers_parsing: true step_config: | include ::tripleo::profile::base::manila::api diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml new file mode 100644 index 00000000..1c2331fa --- /dev/null +++ b/puppet/services/network/contrail-analytics.yaml @@ -0,0 +1,90 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Analytics service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Analytics. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailAnalyticsHostIP: + description: host IP address of Analytics + type: string + ContrailAnalyticsRedisServerIp: + description: Redis server ip address + type: string + ContrailAnalyticsCollectorServerHttpPort: + description: Collector http port + type: number + default: 8089 + ContrailAnalyticsCollectorSandeshPort: + description: Collector sandesh port + type: number + default: 8086 + ContrailAnalyticsHttpServerPort: + description: Analytics http port + type: number + default: 8090 + ContrailAnalyticsListenAddress: + default: '0.0.0.0' + description: IP address Config API is listening on + type: string + ContrailAnalyticsListenPort: + default: 8082 + description: Port Config API is listening on + type: number + ContrailAnalyticsRedisServerPort: + description: Redis server port + type: number + default: 6379 + ContrailAnalyticsRestApiIp: + description: IP address Analytics rest interface listens on + type: string + default: '0.0.0.0' + ContrailAnalyticsRestApiPort: + description: Analytics rest port + type: number + default: 8081 + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Analytics using composable services. + value: + service_name: contrail_analytics + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorServerHttpPort} + contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandeshPort} + contrail::analytics::host_ip: {get_param: ContrailAnalyticsHostIP} + contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttpServerPort} + contrail::analytics::listen_ip_address: {get_param: ContrailAnalyticsListenAddress} + contrail::analytics::listen_port: {get_param: ContrailAnalyticsListenPort} + contrail::analytics::redis_server: {get_param: ContrailAnalyticsRedisServerIp} + contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedisServerPort} + contrail::analytics::rest_api_ip: {get_param: ContrailAnalyticsRestApiIp} + contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsRestApiPort} + step_config: | + include ::tripleo::network::contrail::analytics diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml new file mode 100644 index 00000000..03dbea5b --- /dev/null +++ b/puppet/services/network/contrail-base.yaml @@ -0,0 +1,100 @@ +heat_template_version: 2016-04-08 + +description: > + Base parameters for all Contrail Services. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + AdminPassword: + description: Keystone admin user password + type: string + AdminTenantName: + description: Keystone admin tenant name + type: string + AdminToken: + description: Keystone admin token + type: string + AdminUser: + description: Keystone admin user name + type: string + AuthHost: + description: Keystone host IP address + type: string + AuthPort: + default: 35357 + description: Keystone port + type: number + AuthProtocol: + default: 'http' + description: Keystone authentication protocol + type: string + ContrailDiscoveryServerIp: + description: Discovery server ip address + type: string + ContrailKafkaBrokerList: + description: List of kafka servers + type: comma_delimited_list + ContrailAuth: + default: 'keystone' + description: Keystone authentication method + type: string + ContrailCassandraServerList: + default: [] + description: List of cassandra servers + type: comma_delimited_list + ContrailDiscoveryServerPort: + description: Discovery server port + type: number + default: 5998 + ContrailInsecure: + default: false + description: Keystone insecure mode + type: boolean + ContrailMemcachedServer: + default: '127.0.0.1:12111' + description: Memcached server + type: string + ContrailMultiTenancy: + default: true + description: Turn on/off multi-tenancy + type: boolean + ContrailZkServerIp: + default: [] + description: List of zookeeper servers + type: comma_delimited_list + +outputs: + role_data: + description: Shared role data for the Contrail services. + value: + service_name: contrail_base + config_settings: + contrail::admin_password: {get_param: AdminPassword} + contrail::admin_tenant_name: {get_param: AdminTenantName} + contrail::admin_token: {get_param: AdminToken} + contrail::admin_user: {get_param: AdminUser} + contrail::auth_host: {get_param: [EndpointMap, KeystoneInternal, host] } + contrail::auth_port: {get_param: [EndpointMap, KeystoneInternal, port] } + contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] } + contrail::disc_server_ip: {get_param: ContrailDiscoveryServerIp} + contrail::kafka_broker_list: {get_param: ContrailKafkaBrokerList} + contrail::auth: {get_param: ContrailAuth} + contrail::cassandra_server_list: {get_param: ContrailCassandraServerList} + contrail::disc_server_port: {get_param: ContrailDiscoveryServerPort} + contrail::insecure: {get_param: ContrailInsecure} + contrail::memcached_server: {get_param: ContrailMemcachedServer} + contrail::multi_tenancy: {get_param: ContrailMultiTenancy} + contrail::zk_server_ip: {get_param: ContrailZkServerIp} diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml new file mode 100644 index 00000000..0987fc75 --- /dev/null +++ b/puppet/services/network/contrail-config.yaml @@ -0,0 +1,72 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Config service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Config. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailConfigIfmapServerIp: + description: Ifmap server ip address + type: string + ContrailConfigIfmapUserName: + description: Ifmap user name + type: string + ContrailConfigIfmapUserPassword: + description: Ifmap user password + type: string + ContrailConfigRabbitServerIp: + description: RabbitMq server ip address + type: string + ContrailConfigRedisServerIp: + description: Redis server ip address + type: string + ContrailConfigListenAddress: + default: '0.0.0.0' + description: IP address Config API is listening on + type: string + ContrailConfigListenPort: + default: 8082 + description: Port Config API is listening on + type: number + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Config using composable services. + value: + service_name: contrail_config + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword} + contrail::config::ifmap_server_ip: {get_param: ContrailConfigIfmapServerIp} + contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName} + contrail::config::listen_ip_address: {get_param: ContrailConfigListenAddress} + contrail::config::listen_port: {get_param: ContrailConfigListenPort} + contrail::config::rabbit_server: {get_param: ContrailConfigRabbitServerIp} + contrail::config::redis_server: {get_param: ContrailConfigRedisServerIp} + step_config: | + include ::tripleo::network::contrail::config diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml new file mode 100644 index 00000000..9356e9e9 --- /dev/null +++ b/puppet/services/network/contrail-control.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Control service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Control. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailControlHostIP: + description: host IP address of Analytics + type: string + ContrailControlIfmapUserName: + description: Ifmap user name + type: string + ContrailControlIfmapUserPassword: + description: Ifmap user password + type: string + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Control using composable services. + value: + service_name: contrail_control + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::control::host_ip: {get_param: ContrailControlHostIP} + contrail::control::ifmap_username: {get_param: ContrailControlIfmapUserName} + contrail::control::ifmap_password: {get_param: ContrailControlIfmapUserPassword} + step_config: | + include ::tripleo::network::contrail::control diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml new file mode 100644 index 00000000..e5712618 --- /dev/null +++ b/puppet/services/network/contrail-database.yaml @@ -0,0 +1,51 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Database service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Database. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailDatabaseHostIP: + description: host IP address of Database node + type: string + ContrailDatabaseMinDisk: + description: Minimum disk size for database + type: number + default: 64 + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Database using composable services. + value: + service_name: contrail_database + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::database::host_ip: {get_param: ContrailDatabaseHostIP} + contrail::database::minimum_diskGB: {get_param: ContrailDatabaseMinDisk} + step_config: | + include ::tripleo::profile::contrail::database diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml new file mode 100644 index 00000000..72b9e1c0 --- /dev/null +++ b/puppet/services/network/contrail-webui.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail WebUI service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail WebUI. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailWebUiAnalyticsVip: + description: Contrail Analytics VIP + type: string + ContrailWebUiConfigVip: + description: Contrail Config VIP + type: string + ContrailWebUiNeutronVip: + description: Neutron VIP + type: string + ContrailWebuiHttpPort: + default: 8080 + description: HTTP Port of Webui + type: number + ContrailWebuiHttpsPort: + default: 8143 + description: HTTPS Port of Webui + type: number + ContrailWebUiRedisIp: + description: Redis IP + type: string + default: '127.0.0.1' + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail WebUI using composable services. + value: + service_name: contrail_webui + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::webui::contrail_analytics_vip: {get_param: ContrailWebUiAnalyticsVip} + contrail::webui::contrail_config_vip: {get_param: ContrailWebUiConfigVip} + contrail::webui::contrail_webui_http_port: {get_param: ContrailWebuiHttpPort} + contrail::webui::contrail_webui_https_port: {get_param: ContrailWebuiHttpsPort} + contrail::webui::neutron_vip: {get_param: ContrailWebUiNeutronVip} + contrail::webui::redis_ip: {get_param: ContrailWebUiRedisIp} + step_config: | + include ::tripleo::network::contrail::webui diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 72ae7d9c..e4ca489a 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -75,7 +75,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::server::database_connection: + - neutron::server::database_connection: list_join: - '' - - {get_param: [EndpointMap, MysqlInternal, protocol]} diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 4eb417c0..32d50d41 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -50,13 +50,16 @@ parameters: to false may result in configuration remnants after updates/upgrades. NeutronGlobalPhysnetMtu: type: number - default: 1500 + default: 1496 description: | MTU of the underlying physical network. Neutron uses this value to calculate MTU for all virtual network components. For flat and VLAN networks, neutron uses this value without modification. For overlay networks such as VXLAN, neutron automatically subtracts the overlay - protocol overhead from this value. + protocol overhead from this value. The default value of 1496 is + currently in effect to compensate for some additional overhead when + deploying with some network configurations (e.g. network isolation over + single network interfaces) ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 36b609fc..ade322ed 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -56,6 +56,14 @@ parameters: MonitoringSubscriptionNeutronOvs: default: 'overcloud-neutron-ovs-agent' type: string + NeutronOVSFirewallDriver: + default: '' + description: | + Configure the classname of the firewall driver to use for implementing + security groups. Possible values depend on system configuration. Some + examples are: noop, openvswitch, iptables_hybrid. The default value of an + empty string will result in a default supported configuration. + type: string resources: @@ -75,7 +83,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} + - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder} neutron::agents::ml2::ovs::bridge_mappings: @@ -100,5 +108,6 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]} + neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver} step_config: | include ::tripleo::profile::base::neutron::ovs diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml index 8ee98a3d..cc772c9d 100644 --- a/puppet/services/neutron-ovs-dpdk-agent.yaml +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -65,7 +65,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronOvsAgent, role_data, config_settings] - neutron::agents::ml2::ovs::enable_dpdk: true + - neutron::agents::ml2::ovs::enable_dpdk: true neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType} neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir} vswitch::dpdk::core_list: {get_param: NeutronDpdkCoreList} diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 5dbae3dc..17e8bca1 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -33,7 +33,7 @@ parameters: default: 'datacentre' description: If set, flat networks to configure in neutron plugins. NeutronPluginExtensions: - default: "qos,port_security" + default: "qos,port_security,trunk" description: | Comma-separated list of extensions enabled for the Neutron plugin. type: comma_delimited_list diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml index b9a93394..44f7f242 100644 --- a/puppet/services/neutron-sriov-agent.yaml +++ b/puppet/services/neutron-sriov-agent.yaml @@ -14,6 +14,11 @@ parameters: DefaultPasswords: default: {} type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json NeutronPhysicalDevMappings: description: > List of <physical_network>:<physical device> @@ -39,11 +44,15 @@ parameters: Example "eth1:4096","eth2:128" type: comma_delimited_list default: "" - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json + +resources: + + NeutronBase: + type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -51,8 +60,10 @@ outputs: value: service_name: neutron_sriov_agent config_settings: - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} - neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} - tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} + neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} + tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} step_config: | include ::tripleo::profile::base::neutron::sriov diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index ccdcb52f..d1d7ae60 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -128,7 +128,7 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR nova::compute::vncserver_proxyclient_address: {get_param: [ServiceNetMap, NovaVncProxyNetwork]} - nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host]} + nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host_nobrackets]} step_config: | # TODO(emilien): figure how to deal with libvirt profile. # We'll probably treat it like we do with Neutron plugins. diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vnc-proxy.yaml index ce15fccc..899fa353 100644 --- a/puppet/services/nova-vncproxy.yaml +++ b/puppet/services/nova-vnc-proxy.yaml @@ -34,21 +34,14 @@ outputs: role_data: description: Role data for the Nova Vncproxy service. value: - service_name: nova_vncproxy + service_name: nova_vnc_proxy monitoring_subscription: {get_param: MonitoringSubscriptionNovaVNCProxy} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::vncproxy::enabled: true nova::vncproxy::common::vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} - # Remove brackets that may come if the IP address is IPv6. - # For DNS names and IPv4, this will just get NovaVNCProxyPublic - nova::vncproxy::common::vncproxy_host: - str_replace: - template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} - params: - '[': '' - ']': '' + nova::vncproxy::common::vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host_nobrackets]} nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vnc-proxy.yaml index 0ec5de68..d0c4f1d0 100644 --- a/puppet/services/pacemaker/nova-vncproxy.yaml +++ b/puppet/services/pacemaker/nova-vnc-proxy.yaml @@ -22,7 +22,7 @@ parameters: resources: NovaVncproxyBase: - type: ../nova-vncproxy.yaml + type: ../nova-vnc-proxy.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,7 +32,7 @@ outputs: role_data: description: Role data for the Nova Vncproxy role. value: - service_name: nova_vncproxy + service_name: nova_vnc_proxy monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]} config_settings: map_merge: diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index 669e2872..b54a6d7a 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -54,4 +54,9 @@ outputs: expression: list($.data.subscriptions.where($ != null)) data: {subscriptions: {get_attr: [ServiceChain, role_data, monitoring_subscription]}} config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} + global_config_settings: + map_merge: + yaql: + expression: list($.data.configs.where($ != null)) + data: {configs: {get_attr: [ServiceChain, role_data, global_config_settings]}} step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]} diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index f41228e7..e151d185 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack Swift Ringbuilder @@ -34,6 +34,11 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json + outputs: role_data: @@ -43,6 +48,17 @@ outputs: config_settings: tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild} tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas} + tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-' + tripleo::profile::base::swift::ringbuilder::raw_disks: + yaql: + expression: $.data.raw_disk_lists.flatten() + data: + raw_disk_lists: + - [':%PORT%/d1'] + - repeat: + template: ':%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} swift::ringbuilder::part_power: {get_param: SwiftPartPower} swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours} step_config: | diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 91d52569..7fbb8d90 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -87,6 +87,6 @@ outputs: - healthcheck - account-server swift::storage::disks: {get_param: SwiftRawDisks} - swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} + swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftStorageNetwork]} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/vip-hosts.yaml b/puppet/services/vip-hosts.yaml index 445a276c..a9d757ee 100644 --- a/puppet/services/vip-hosts.yaml +++ b/puppet/services/vip-hosts.yaml @@ -47,10 +47,10 @@ outputs: ip: "%{hiera('storage_mgmt_virtual_ip')}" ensure: present comment: FQDN of the storage mgmt VIP - management: - name: "%{hiera('cloud_name_management')}" + ctlplane: + name: "%{hiera('cloud_name_ctlplane')}" ip: "%{hiera('controller_virtual_ip')}" ensure: present - comment: FQDN of the management VIP + comment: FQDN of the ctlplane VIP step_config: | include ::tripleo::vip_hosts diff --git a/puppet/swift-devices-and-proxy-config.yaml b/puppet/swift-devices-and-proxy-config.yaml deleted file mode 100644 index afee4dac..00000000 --- a/puppet/swift-devices-and-proxy-config.yaml +++ /dev/null @@ -1,35 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Swift Devices and Proxy Config for Puppet' - -parameters: - controller_swift_devices: - type: comma_delimited_list - object_store_swift_devices: - type: comma_delimited_list - -resources: - - SwiftDevicesAndProxyConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - swift_devices_and_proxy: - mapped_data: - tripleo::profile::base::swift::ringbuilder::devices: - list_join: - - ", " - - - list_join: - - ", " - - {get_param: controller_swift_devices} - - list_join: - - ", " - - {get_param: object_store_swift_devices} - -outputs: - config_id: - description: The ID of the SwiftDevicesAndProxyConfigImpl resource. - value: - {get_resource: SwiftDevicesAndProxyConfigImpl} diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml deleted file mode 100644 index ebc54ab0..00000000 --- a/puppet/swift-storage-post.yaml +++ /dev/null @@ -1,91 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'OpenStack swift storage node post deployment for Puppet' - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - StorageArtifactsConfig: - type: deploy-artifacts.yaml - - StorageArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: StorageArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - StoragePuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_object.pp - - {get_param: [RoleData, step_config]} - - StorageRingbuilderDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: StorageArtifactsDeploy - properties: - name: StorageRingbuilderDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: StoragePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - StorageRingbuilderDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: StorageRingbuilderDeployment_Step2 - properties: - name: StorageRingbuilderDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: StoragePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - StorageDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: StorageRingbuilderDeployment_Step3 - properties: - name: StorageDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: StoragePuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: StorageDeployment_Step4 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index d8e49cac..9eb66314 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -27,6 +27,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json Hostname: type: string default: '' # Defaults to Heat created hostname @@ -91,10 +96,6 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 - SwiftRawDisks: - default: {} - description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' - type: json resources: @@ -237,7 +238,6 @@ resources: - service_names - service_configs - object - - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig @@ -317,6 +317,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -357,31 +358,16 @@ outputs: - '.' - - {get_attr: [SwiftStorage, name]} - management + CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the swift storage server value: {get_resource: SwiftStorage} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: - list_join: - - ',' - - ['r1z1-IP:%PORT%/d1'] - - repeat: - template: 'r1z1-IP:%PORT%/DEVICE' - for_each: - DEVICE: {get_param: SwiftRawDisks} - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} external_ip_address: description: IP address of the server in the external network value: {get_attr: [ExternalPort, ip_address]} diff --git a/roles_data.yaml b/roles_data.yaml new file mode 100644 index 00000000..db0004c3 --- /dev/null +++ b/roles_data.yaml @@ -0,0 +1,141 @@ +- name: Controller + CountDefault: 1 + HostnameFormatDefault: '%stackname%-controller-%index%' + ServicesDefault: + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephMon + - OS::TripleO::Services::CephExternal + - OS::TripleO::Services::CinderApi + - OS::TripleO::Services::CinderBackup + - OS::TripleO::Services::CinderScheduler + - OS::TripleO::Services::CinderVolume + - OS::TripleO::Services::Core + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Keystone + - OS::TripleO::Services::GlanceApi + - OS::TripleO::Services::GlanceRegistry + - OS::TripleO::Services::HeatApi + - OS::TripleO::Services::HeatApiCfn + - OS::TripleO::Services::HeatApiCloudwatch + - OS::TripleO::Services::HeatEngine + - OS::TripleO::Services::MySQL + - OS::TripleO::Services::NeutronDhcpAgent + - OS::TripleO::Services::NeutronL3Agent + - OS::TripleO::Services::NeutronMetadataAgent + - OS::TripleO::Services::NeutronApi + - OS::TripleO::Services::NeutronCorePlugin + - OS::TripleO::Services::NeutronOvsAgent + - OS::TripleO::Services::RabbitMQ + - OS::TripleO::Services::HAproxy + - OS::TripleO::Services::Keepalived + - OS::TripleO::Services::Memcached + - OS::TripleO::Services::Pacemaker + - OS::TripleO::Services::Redis + - OS::TripleO::Services::NovaConductor + - OS::TripleO::Services::MongoDb + - OS::TripleO::Services::NovaApi + - OS::TripleO::Services::NovaScheduler + - OS::TripleO::Services::NovaConsoleauth + - OS::TripleO::Services::NovaVncProxy + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::SwiftProxy + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::SwiftRingBuilder + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::CeilometerApi + - OS::TripleO::Services::CeilometerCollector + - OS::TripleO::Services::CeilometerExpirer + - OS::TripleO::Services::CeilometerAgentCentral + - OS::TripleO::Services::CeilometerAgentNotification + - OS::TripleO::Services::Horizon + - OS::TripleO::Services::GnocchiApi + - OS::TripleO::Services::GnocchiMetricd + - OS::TripleO::Services::GnocchiStatsd + - OS::Tripleo::Services::ManilaApi + - OS::Tripleo::Services::ManilaScheduler + - OS::Tripleo::Services::ManilaShare + - OS::TripleO::Services::AodhApi + - OS::TripleO::Services::AodhEvaluator + - OS::TripleO::Services::AodhNotifier + - OS::TripleO::Services::AodhListener + - OS::TripleO::Services::SaharaApi + - OS::TripleO::Services::SaharaEngine + - OS::TripleO::Services::IronicApi + - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::NovaIronic + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::OpenDaylight + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts + +- name: Compute + CountDefault: 1 + HostnameFormatDefault: '%stackname%-novacompute-%index%' + ServicesDefault: + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephClient + - OS::TripleO::Services::CephExternal + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::NovaLibvirt + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::ComputeNeutronCorePlugin + - OS::TripleO::Services::ComputeNeutronOvsAgent + - OS::TripleO::Services::ComputeCeilometerAgent + - OS::TripleO::Services::ComputeNeutronL3Agent + - OS::TripleO::Services::ComputeNeutronMetadataAgent + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::NeutronSriovAgent + - OS::TripleO::Services::OpenDaylightOvs + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts + +- name: BlockStorage + CountDefault: 0 + HostnameFormatDefault: '%stackname%-blockstorage-%index%' + ServicesDefault: + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CinderVolume + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts + +- name: ObjectStorage + CountDefault: 0 + HostnameFormatDefault: '%stackname%-objectstorage-%index%' + ServicesDefault: + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::SwiftRingBuilder + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts + +- name: CephStorage + CountDefault: 0 + HostnameFormatDefault: '%stackname%-cephstorage-%index%' + ServicesDefault: + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephOSD + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::VipHosts diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index 7b3d3473..95c7d025 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -64,15 +64,16 @@ def validate(filename): print(traceback.format_exc()) return 1 # yaml is OK, now walk the parameters and output a warning for unused ones - for p in tpl.get('parameters', {}): - if p in required_params: - continue - str_p = '\'%s\'' % p - in_resources = str_p in str(tpl.get('resources', {})) - in_outputs = str_p in str(tpl.get('outputs', {})) - if not in_resources and not in_outputs: - print('Warning: parameter %s in template %s appears to be unused' - % (p, filename)) + if 'heat_template_version' in tpl: + for p in tpl.get('parameters', {}): + if p in required_params: + continue + str_p = '\'%s\'' % p + in_resources = str_p in str(tpl.get('resources', {})) + in_outputs = str_p in str(tpl.get('outputs', {})) + if not in_resources and not in_outputs: + print('Warning: parameter %s in template %s ' + 'appears to be unused' % (p, filename)) return retval @@ -87,7 +88,7 @@ for base_path in path_args: if os.path.isdir(base_path): for subdir, dirs, files in os.walk(base_path): for f in files: - if f.endswith('.yaml'): + if f.endswith('.yaml') and not f.endswith('.j2.yaml'): file_path = os.path.join(subdir, f) failed = validate(file_path) if failed: |