diff options
168 files changed, 2193 insertions, 437 deletions
diff --git a/default_passwords.yaml b/default_passwords.yaml new file mode 100644 index 00000000..7a47f443 --- /dev/null +++ b/default_passwords.yaml @@ -0,0 +1,25 @@ +heat_template_version: 2016-10-14 + +description: Passwords we manage at the top level + +parameters: + DefaultMysqlRootPassword: + type: string + DefaultRabbitCookie: + type: string + DefaultHeatAuthEncryptionKey: + type: string + DefaultPcsdPassword: + type: string + DefaultHorizonSecret: + type: string + +outputs: + passwords: + description: Password data + value: + mysql_root_password: {get_param: DefaultMysqlRootPassword} + rabbit_cookie: {get_param: DefaultRabbitCookie} + heat_auth_encryption_key: {get_param: DefaultHeatAuthEncryptionKey} + pcsd_password: {get_param: DefaultPcsdPassword} + horizon_secret: {get_param: DefaultHorizonSecret} diff --git a/environments/cinder-backup.yaml b/environments/cinder-backup.yaml new file mode 100644 index 00000000..f01fcbd9 --- /dev/null +++ b/environments/cinder-backup.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::CinderBackup: ../puppet/services/pacemaker/cinder-backup.yaml + # For non-pcmk managed implementation + # OS::TripleO::Services::CinderBackup: ../puppet/services/cinder-backup.yaml
\ No newline at end of file diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index 290d2011..a3f39ebe 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -1,58 +1,9 @@ +# Use this environment to pass in certificates for SSL deployments. +# For these values to take effect, one of the tls-endpoints-*.yaml environments +# must also be used. parameter_defaults: SSLCertificate: | The contents of your certificate go here SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here - EndpointMap: - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} - CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} - HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} - KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} - ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} - SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} - -resource_registry: - OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/major-upgrade-aodh-migration.yaml b/environments/major-upgrade-aodh-migration.yaml new file mode 100644 index 00000000..c1dbde42 --- /dev/null +++ b/environments/major-upgrade-aodh-migration.yaml @@ -0,0 +1,10 @@ +resource_registry: + # aodh data migration + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml + + # no-op the rest + OS::TripleO::ControllerPostDeployment: OS::Heat::None + OS::TripleO::ComputePostDeployment: OS::Heat::None + OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None + OS::TripleO::BlockStoragePostDeployment: OS::Heat::None + OS::TripleO::CephStoragePostDeployment: OS::Heat::None diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml index a9e459df..9c8abbb4 100644 --- a/environments/puppet-ceph-devel.yaml +++ b/environments/puppet-ceph-devel.yaml @@ -16,6 +16,7 @@ parameter_defaults: CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw==' NovaEnableRbdBackend: true CinderEnableRbdBackend: true + CinderBackupBackend: ceph GlanceBackend: rbd GnocchiBackend: rbd CinderEnableIscsiBackend: false diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index d5e0b1b5..19cca657 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -12,6 +12,7 @@ parameter_defaults: # the following parameters enable Ceph backends for Cinder, Glance, Gnocchi and Nova NovaEnableRbdBackend: true CinderEnableRbdBackend: true + CinderBackupBackend: ceph GlanceBackend: rbd GnocchiBackend: rbd # If the Ceph pools which host VMs, Volumes and Images do not match these diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index 74b91106..8cfbab6d 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -7,9 +7,8 @@ resource_registry: OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml # custom pacemaker services - # NOTE: For now we will need to specify overrides to all services - # which use pacemaker. In the future (with upcoming HA light work) this - # list will hopefully be much smaller however. + # NOTE: Please before adding any pacemaker-managed services, get in touch + # with bandini, Ng or beekhof OS::TripleO::Services::CinderVolume: ../puppet/services/pacemaker/cinder-volume.yaml OS::TripleO::Services::RabbitMQ: ../puppet/services/pacemaker/rabbitmq.yaml OS::TripleO::Services::HAproxy: ../puppet/services/pacemaker/haproxy.yaml @@ -17,6 +16,3 @@ resource_registry: OS::TripleO::Services::Redis: ../puppet/services/pacemaker/database/redis.yaml OS::TripleO::Services::MySQL: ../puppet/services/pacemaker/database/mysql.yaml # Services that are disabled by default (use relevant environment files): - OS::Tripleo::Services::ManilaShare: OS::Heat::None - OS::TripleO::Services::SaharaApi: ../puppet/services/pacemaker/sahara-api.yaml - OS::TripleO::Services::SaharaEngine: ../puppet/services/pacemaker/sahara-engine.yaml diff --git a/environments/services/ironic.yaml b/environments/services/ironic.yaml new file mode 100644 index 00000000..8359f4a7 --- /dev/null +++ b/environments/services/ironic.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml + OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml diff --git a/environments/services/sahara.yaml b/environments/services/sahara.yaml new file mode 100644 index 00000000..d4be3742 --- /dev/null +++ b/environments/services/sahara.yaml @@ -0,0 +1,3 @@ +resource_registry: + OS::TripleO::Services::SaharaApi: puppet/services/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: puppet/services/sahara-engine.yaml diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 0128cabd..8cf34622 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -14,6 +14,8 @@ parameter_defaults: CinderEnableIscsiBackend: false ## Whether to enable rbd (Ceph) backend for Cinder. CinderEnableRbdBackend: true + ## Cinder Backup backend can be either 'ceph' or 'swift'. + CinderBackupBackend: ceph ## Whether to enable NFS backend for Cinder. # CinderEnableNfsBackend: false ## Whether to enable rbd (Ceph) backend for Nova ephemeral storage. diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml new file mode 100644 index 00000000..3629672a --- /dev/null +++ b/environments/tls-endpoints-public-dns.yaml @@ -0,0 +1,55 @@ +# Use this environment when deploying an SSL-enabled overcloud where the public +# endpoint is a DNS name. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} + +resource_registry: + OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml new file mode 100644 index 00000000..d3f07cda --- /dev/null +++ b/environments/tls-endpoints-public-ip.yaml @@ -0,0 +1,55 @@ +# Use this environment when deploying an SSL-enabled overcloud where the public +# endpoint is an IP address. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'} + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'} + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'} + HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'} + HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'} + ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} + +resource_registry: + OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/extraconfig/tasks/aodh_data_migration.sh b/extraconfig/tasks/aodh_data_migration.sh new file mode 100644 index 00000000..d4c29673 --- /dev/null +++ b/extraconfig/tasks/aodh_data_migration.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# +# This delivers the aodh data migration script to be invoked as part of the tripleo +# major upgrade workflow to migrate all the alarm data from mongodb to mysql. +# This needs to run post controller node upgrades so new aodh mysql db configured and +# running. +# +set -eu + +#Get existing mongodb connection +MONGO_DB_CONNECTION="$(crudini --get /etc/ceilometer/ceilometer.conf database connection)" + +# Get the aodh database string from hiera data +MYSQL_DB_CONNECTION="$(crudini --get /etc/aodh/aodh.conf database connection)" + +#Run migration +/usr/bin/aodh-data-migration --nosql-conn $MONGO_DB_CONNECTION --sql-conn $MYSQL_DB_CONNECTION + + diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh index 36d85444..d67d5a1a 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -50,7 +50,7 @@ if [ "$mariadb_do_major_upgrade" = "auto" ]; then DO_MYSQL_UPGRADE=0 fi echo "mysql upgrade required: $DO_MYSQL_UPGRADE" -elif [ "$mariadb_do_major_upgrade" = 0 ]; then +elif [ "$mariadb_do_major_upgrade" = "no" ]; then DO_MYSQL_UPGRADE=0 else DO_MYSQL_UPGRADE=1 diff --git a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh index 164269dc..c36786a9 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh +++ b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh @@ -38,11 +38,11 @@ function is_mysql_upgrade_needed { fi local currentepoch=$(rpm -q --qf "%{epoch}" $name) - local currentversion=$(rpm -q --qf "%{version}" $name) + local currentversion=$(rpm -q --qf "%{version}" $name | cut -d. -f-2) local currentrelease=$(rpm -q --qf "%{release}" $name) local newoutput=$(repoquery -a --pkgnarrow=updates --qf "%{epoch} %{version} %{release}\n" $name) local newepoch=$(echo "$newoutput" | awk '{ print $1 }') - local newversion=$(echo "$newoutput" | awk '{ print $2 }') + local newversion=$(echo "$newoutput" | awk '{ print $2 }' | cut -d. -f-2) local newrelease=$(echo "$newoutput" | awk '{ print $3 }') # With this we trigger the dump restore/path if we change either epoch or diff --git a/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml b/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml new file mode 100644 index 00000000..9414ac19 --- /dev/null +++ b/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml @@ -0,0 +1,33 @@ +heat_template_version: 2014-10-16 + +description: > + Software-config for performing aodh data migration + +parameters: + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + input_values: + type: json + description: input values for the software deployments +resources: + + AodhMysqlMigrationScriptConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: aodh_data_migration.sh} + + AodhMysqlMigrationScriptDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: controller_servers} + config: {get_resource: AodhMysqlMigrationScriptConfig} + input_values: {get_param: input_values} diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index 1ed74528..fcf2eeee 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -101,34 +101,3 @@ outputs: storage_mgmt_uri: {get_param: StorageMgmtIpUri} tenant_uri: {get_param: TenantIpUri} management_uri: {get_param: ManagementIpUri} - # net_ip_subnet_map is deprecated, please use *subnet from net_ip_map - net_ip_subnet_map: - description: > - A Hash containing a mapping of network names to assigned IPs/CIDR - for a specific machine. - value: - ctlplane: - list_join: - - '' - - - {get_param: ControlPlaneIp} - - '/' - - {get_param: ControlPlaneSubnetCidr} - external: {get_param: ExternalIpSubnet} - internal_api: {get_param: InternalApiIpSubnet} - storage: {get_param: StorageIpSubnet} - storage_mgmt: {get_param: StorageMgmtIpSubnet} - tenant: {get_param: TenantIpSubnet} - management: {get_param: ManagementIpSubnet} - # net_ip_uri_map is deprecated, please use *uri from net_ip_map - net_ip_uri_map: - description: > - A Hash containing a mapping of network names to assigned IPs for a - specific machine with brackets around IPv6 addresses for use in URLs. - value: - ctlplane: {get_param: ControlPlaneIp} - external: {get_param: ExternalIpUri} - internal_api: {get_param: InternalApiIpUri} - storage: {get_param: StorageIpUri} - storage_mgmt: {get_param: StorageMgmtIpUri} - tenant: {get_param: TenantIpUri} - management: {get_param: ManagementIpUri} diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml index a40a0bfc..71e6e811 100644 --- a/network/ports/net_vip_map_external.yaml +++ b/network/ports/net_vip_map_external.yaml @@ -45,12 +45,6 @@ parameters: StorageMgmtIpUri: default: '' type: string - TenantIp: - default: '' - type: string - TenantIpUri: - default: '' - type: string outputs: net_ip_map: @@ -63,13 +57,8 @@ outputs: internal_api: {get_param: InternalApiNetworkVip} storage: {get_param: StorageNetworkVip} storage_mgmt: {get_param: StorageMgmtNetworkVip} - net_ip_uri_map: - description: > - A Hash containing a mapping of netowrk names to assigned IPs for a - specific machine with brackets around IPv6 addresses for use in URLs. - value: - ctlplane: {get_param: ControlPlaneIP} - external: {get_param: ExternalNetworkVip} - internal_api: {get_param: InternalApiNetworkVip} - storage: {get_param: StorageNetworkVip} - storage_mgmt: {get_param: StorageMgmtNetworkVip} + ctlplane_uri: {get_param: ControlPlaneIP} + external_uri: {get_param: ExternalNetworkVip} + internal_api_uri: {get_param: InternalApiNetworkVip} + storage_uri: {get_param: StorageNetworkVip} + storage_mgmt_uri: {get_param: StorageMgmtNetworkVip} diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml index f6d67fe8..8d054349 100644 --- a/network/ports/net_vip_map_external_v6.yaml +++ b/network/ports/net_vip_map_external_v6.yaml @@ -45,12 +45,6 @@ parameters: StorageMgmtIpUri: default: '' type: string - TenantIp: - default: '' - type: string - TenantIpUri: - default: '' - type: string outputs: net_ip_map: @@ -63,31 +57,26 @@ outputs: internal_api: {get_param: InternalApiNetworkVip} storage: {get_param: StorageNetworkVip} storage_mgmt: {get_param: StorageMgmtNetworkVip} - net_ip_uri_map: - description: > - A Hash containing a mapping of netowrk names to assigned IPs for a - specific machine with brackets around IPv6 addresses for use in URLs. - value: - ctlplane: {get_param: ControlPlaneIP} - external: + ctlplane_uri: {get_param: ControlPlaneIP} + external_uri: list_join: - '' - - '[' - {get_param: ExternalNetworkVip} - ']' - internal_api: + internal_api_uri: list_join: - '' - - '[' - {get_param: InternalApiNetworkVip} - ']' - storage: + storage_uri: list_join: - '' - - '[' - {get_param: StorageNetworkVip} - ']' - storage_mgmt: + storage_mgmt_uri: list_join: - '' - - '[' diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 0ff634d4..817ff2c8 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -19,6 +19,7 @@ resource_registry: OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml + OS::TripleO::DefaultPasswords: default_passwords.yaml # Tasks (for internal TripleO usage) OS::TripleO::Tasks::UpdateWorkflow: OS::Heat::None @@ -134,6 +135,7 @@ resource_registry: OS::TripleO::Services::CephClient: OS::Heat::None OS::TripleO::Services::CephExternal: OS::Heat::None OS::TripleO::Services::CinderApi: puppet/services/cinder-api.yaml + OS::TripleO::Services::CinderBackup: OS::Heat::None OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml OS::TripleO::Services::Core: OS::Heat::None @@ -144,14 +146,15 @@ resource_registry: OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml - OS::TripleO::Services::IronicApi: puppet/services/ironic-api.yaml - OS::TripleO::Services::IronicConductor: puppet/services/ironic-conductor.yaml OS::TripleO::Services::Kernel: puppet/services/kernel.yaml OS::TripleO::Services::MySQL: puppet/services/database/mysql.yaml OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml - OS::TripleO::Services::NeutronServer: puppet/services/neutron-server.yaml + # FIXME(shardy) the duplicate NeutronServer line can be removed when we've updated + # the multinode job ControllerServices after this patch merges + OS::TripleO::Services::NeutronServer: puppet/services/neutron-api.yaml + OS::TripleO::Services::NeutronApi: puppet/services/neutron-api.yaml OS::TripleO::Services::NeutronCorePlugin: puppet/services/neutron-plugin-ml2.yaml # can be the same as NeutronCorePlugin but some vendors install different # things where VMs run @@ -168,8 +171,8 @@ resource_registry: OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml OS::TripleO::Services::Memcached: puppet/services/memcached.yaml - OS::TripleO::Services::SaharaApi: puppet/services/sahara-api.yaml - OS::TripleO::Services::SaharaEngine: puppet/services/sahara-engine.yaml + OS::TripleO::Services::SaharaApi: OS::Heat::None + OS::TripleO::Services::SaharaEngine: OS::Heat::None OS::TripleO::Services::Redis: puppet/services/database/redis.yaml OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml @@ -209,6 +212,11 @@ resource_registry: OS::TripleO::Services::MistralEngine: OS::Heat::None OS::TripleO::Services::MistralApi: OS::Heat::None OS::TripleO::Services::MistralExecutor: OS::Heat::None + OS::TripleO::Services::IronicApi: OS::Heat::None + OS::TripleO::Services::IronicConductor: OS::Heat::None + OS::TripleO::Services::NovaIronic: OS::Heat::None + OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml + OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.yaml b/overcloud.yaml index dd857c89..b88d1dcd 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -112,6 +112,7 @@ parameters: - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephExternal - OS::TripleO::Services::CinderApi + - OS::TripleO::Services::CinderBackup - OS::TripleO::Services::CinderScheduler - OS::TripleO::Services::CinderVolume - OS::TripleO::Services::Core @@ -127,7 +128,7 @@ parameters: - OS::TripleO::Services::NeutronDhcpAgent - OS::TripleO::Services::NeutronL3Agent - OS::TripleO::Services::NeutronMetadataAgent - - OS::TripleO::Services::NeutronServer + - OS::TripleO::Services::NeutronApi - OS::TripleO::Services::NeutronCorePlugin - OS::TripleO::Services::NeutronOvsAgent - OS::TripleO::Services::RabbitMQ @@ -166,6 +167,11 @@ parameters: - OS::TripleO::Services::AodhListener - OS::TripleO::Services::SaharaApi - OS::TripleO::Services::SaharaEngine + - OS::TripleO::Services::IronicApi + - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::NovaIronic + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -186,6 +192,8 @@ parameters: - OS::TripleO::Services::ComputeCeilometerAgent - OS::TripleO::Services::ComputeNeutronL3Agent - OS::TripleO::Services::ComputeNeutronMetadataAgent + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -208,6 +216,8 @@ parameters: - OS::TripleO::Services::Ntp - OS::TripleO::Services::Timezone - OS::TripleO::Services::Snmp + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the BlockStorage nodes. @@ -231,6 +241,8 @@ parameters: - OS::TripleO::Services::SwiftRingBuilder - OS::TripleO::Services::Snmp - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the ObjectStorage nodes. @@ -254,6 +266,8 @@ parameters: - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the CephStorage nodes. @@ -368,7 +382,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: ControllerServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} Controller: type: OS::Heat::ResourceGroup @@ -383,15 +399,11 @@ resources: controllerExtraConfig: {get_param: controllerExtraConfig} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} HorizonSecret: {get_resource: HorizonSecret} - MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} - MysqlRootPassword: {get_attr: [MysqlRootPassword, value]} PcsdPassword: {get_resource: PcsdPassword} - RabbitCookie: {get_attr: [RabbitCookie, value]} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} Hostname: str_replace: template: {get_param: ControllerHostnameFormat} @@ -402,11 +414,12 @@ resources: ServiceNames: {get_attr: [ControllerServiceChain, role_data, service_names]} ComputeServiceChain: - type: OS::TripleO::Services properties: Services: {get_param: ComputeServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} Compute: type: OS::Heat::ResourceGroup @@ -438,7 +451,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: BlockStorageServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} BlockStorage: type: OS::Heat::ResourceGroup @@ -468,7 +483,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: ObjectStorageServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} ObjectStorage: type: OS::Heat::ResourceGroup @@ -499,7 +516,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: CephStorageServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} CephStorage: type: OS::Heat::ResourceGroup @@ -589,17 +608,21 @@ resources: properties: length: 10 - MysqlClusterUniquePart: - type: OS::Heat::RandomString - properties: - length: 10 - RabbitCookie: type: OS::Heat::RandomString properties: length: 20 salt: {get_param: RabbitCookieSalt} + DefaultPasswords: + type: OS::TripleO::DefaultPasswords + properties: + DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]} + DefaultRabbitCookie: {get_attr: [RabbitCookie, value]} + DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]} + DefaultPcsdPassword: {get_attr: [PcsdPassword, value]} + DefaultHorizonSecret: {get_attr: [HorizonSecret, value]} + # creates the network architecture Networks: type: OS::TripleO::Network @@ -792,6 +815,7 @@ resources: - {get_attr: [Controller, resource.0.storage_ip_address]} - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} - {get_attr: [Controller, resource.0.tenant_ip_address]} + - {get_attr: [Controller, resource.0.management_ip_address]} ControllerAllNodesValidationDeployment: type: OS::Heat::StructuredDeployments diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 6f13b74e..f1ce42b1 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -104,14 +104,6 @@ resources: list_join: - ',' - {get_param: controller_names} - rabbit_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: rabbit_node_ips} rabbitmq_node_ips: &rabbit_nodes_array str_replace: template: "['SERVERS_LIST']" @@ -128,14 +120,6 @@ resources: list_join: - "','" - {get_param: mongo_node_ips} - mongo_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: mongo_node_ips} redis_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -160,22 +144,6 @@ resources: list_join: - "]','inet6:[" - {get_param: memcache_node_ips} - memcache_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: memcache_node_ips} - memcache_node_ips_v6: - str_replace: - template: "['inet6:[SERVERS_LIST]']" - params: - SERVERS_LIST: - list_join: - - "]','inet6:[" - - {get_param: memcache_node_ips} mysql_node_ips: str_replace: template: "['SERVERS_LIST']" diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 08d66f5c..de5a9c39 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -22,10 +22,6 @@ parameters: default: default constraints: - custom_constraint: nova.keypair - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -234,10 +230,23 @@ resources: config: {get_resource: CephStorageConfig} server: {get_resource: CephStorage} input_values: - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} - ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ceph_cluster_network: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} + ceph_public_network: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} CephStorageConfig: type: OS::Heat::StructuredConfig @@ -256,7 +265,6 @@ resources: - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - network merge_behavior: deeper datafiles: service_names: @@ -267,18 +275,12 @@ resources: map_replace: - {get_param: ServiceConfigSettings} - values: {get_attr: [NetIpMap, net_ip_map]} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} ceph_extraconfig: mapped_data: {get_param: CephStorageExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} ceph: mapped_data: - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} ceph::profile::params::public_network: {get_input: ceph_public_network} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index ba84fb77..ef3f08ff 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -38,10 +38,6 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean UpdateIdentifier: default: '' type: string @@ -110,7 +106,7 @@ resources: properties: image: {get_param: BlockStorageImage} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudBlockStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -238,12 +234,6 @@ resources: input_values: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - cinder_iscsi_ip_address: - str_replace: - template: "'IP'" - params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles @@ -263,7 +253,6 @@ resources: - volume - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - network merge_behavior: deeper datafiles: service_names: @@ -274,20 +263,12 @@ resources: map_replace: - {get_param: ServiceConfigSettings} - values: {get_attr: [NetIpMap, net_ip_map]} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} volume_extraconfig: mapped_data: {get_param: BlockStorageExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} volume: mapped_data: - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index e257579d..c6dc94d6 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -57,10 +57,6 @@ parameters: NovaPublicIP: type: string default: '' # Has to be here because of the ignored empty value bug - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -271,7 +267,6 @@ resources: - ceph_cluster # provided by CephClusterConfig - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - network - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - nova_nuage_data # Optionally provided by ComputeExtraConfigPre @@ -291,11 +286,6 @@ resources: mapped_data: {get_param: NovaComputeExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} compute: mapped_data: nova_api_host: {get_input: nova_api_host} @@ -303,7 +293,6 @@ resources: nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} NovaComputeDeployment: @@ -318,7 +307,6 @@ resources: nova_api_host: {get_param: NovaApiHost} nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Resource for site-specific injection of root certificate diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 4591edf2..a9e0c18e 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -4,10 +4,6 @@ description: > OpenStack controller node configured by Puppet. parameters: - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true AodhPassword: description: The password for the aodh services. type: string @@ -31,10 +27,6 @@ parameters: ... } type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string CorosyncIPv6: default: false description: Enable IPv6 in Corosync @@ -47,10 +39,6 @@ parameters: default: false description: Whether to enable fencing in Pacemaker or not. type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean EnableLoadBalancer: default: true description: Whether to deploy a LoadBalancer on the Controller @@ -99,17 +87,6 @@ parameters: type: string constraints: - custom_constraint: nova.flavor - HAProxyStatsPassword: - description: Password for HAProxy stats endpoint - type: string - HAProxyStatsUser: - description: User for HAProxy stats endpoint - default: admin - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string @@ -149,31 +126,6 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean - MysqlClusterUniquePart: - description: A unique identifier of the MySQL cluster the controller is in. - type: string - default: 'unset' # Has to be here because of the ignored empty value bug - # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446 - # constraints: - # - length: {min: 4, max: 10} - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - MysqlClustercheckPassword: - type: string - hidden: true - MysqlRootPassword: - type: string - hidden: true - default: '' # Has to be here because of the ignored empty value bug NeutronMetadataProxySharedSecret: description: Shared secret to prevent spoofing type: string @@ -203,34 +155,6 @@ parameters: type: string description: The password for the 'pcsd' user. hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - RabbitCookie: - type: string - default: '' # Has to be here because of the ignored empty value bug - hidden: true - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number RedisPassword: description: The password for Redis type: string @@ -247,17 +171,14 @@ parameters: in the ring. hidden: true type: string + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level default: '' - MysqlVirtualIP: - type: string - default: '' - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -484,30 +405,16 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - haproxy_log_address: {get_param: HAProxySyslogAddress} - haproxy_stats_password: {get_param: HAProxyStatsPassword} - haproxy_stats_user: {get_param: HAProxyStatsUser} heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} horizon_secret: {get_param: HorizonSecret} - admin_password: {get_param: AdminPassword} debug: {get_param: Debug} keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } enable_fencing: {get_param: EnableFencing} - enable_galera: {get_param: EnableGalera} enable_load_balancer: {get_param: EnableLoadBalancer} manage_firewall: {get_param: ManageFirewall} purge_firewall_rules: {get_param: PurgeFirewallRules} - mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} - mysql_max_connections: {get_param: MysqlMaxConnections} - mysql_root_password: {get_param: MysqlRootPassword} - mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} - mysql_cluster_name: - str_replace: - template: tripleo-CLUSTER - params: - CLUSTER: {get_param: MysqlClusterUniquePart} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } @@ -529,24 +436,10 @@ resources: instance_name_template: {get_param: InstanceNameTemplate} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_cookie: {get_param: RabbitCookie} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: - str_replace: - template: "'IP'" - params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} @@ -567,16 +460,34 @@ resources: str_replace: template: "['SUBNET']" params: - SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitmqNetwork]}]} + SUBNET: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - mysql_virtual_ip: {get_param: MysqlVirtualIP} - ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} - ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ceph_cluster_network: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} + ceph_public_network: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} @@ -602,7 +513,6 @@ resources: - all_nodes # provided by allNodesConfig - vip_data # provided by vip-config - '"%{::osfamily}"' - - network - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre @@ -627,11 +537,6 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} ceph: mapped_data: ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} @@ -654,10 +559,6 @@ resources: swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift::swift_hash_path_suffix: {get_input: swift_hash_suffix} - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} - cinder::api::bind_host: {get_input: cinder_api_network} - # Glance glance::api::bind_host: {get_input: glance_api_network} glance::registry::bind_host: {get_input: glance_registry_network} @@ -680,17 +581,6 @@ resources: # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} - # MySQL - admin_password: {get_input: admin_password} - enable_galera: {get_input: enable_galera} - mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} - mysql_max_connections: {get_input: mysql_max_connections} - mysql::server::root_password: {get_input: mysql_root_password} - mysql_clustercheck_password: {get_input: mysql_clustercheck_password} - mysql_cluster_name: {get_input: mysql_cluster_name} - mysql_bind_host: {get_input: mysql_network} - mysql_virtual_ip: {get_input: mysql_virtual_ip} - # Neutron neutron::bind_host: {get_input: neutron_api_network} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} @@ -737,9 +627,6 @@ resources: # Sahara sahara::host: {get_input: sahara_api_network} - # RabbitMQ - rabbitmq::node_ip_address: {get_input: rabbitmq_network} - rabbitmq::erlang_cookie: {get_input: rabbit_cookie} # Redis redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} @@ -749,18 +636,7 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - control_virtual_interface: {get_input: control_virtual_interface} - public_virtual_interface: {get_input: public_virtual_interface} - tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} - tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user} - tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password} - tripleo::haproxy::redis_password: {get_input: redis_password} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata @@ -877,16 +753,37 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} swift_proxy_memcache: description: Swift proxy-memcache value value: str_replace: template: "IP:11211" params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index df83496f..2653badf 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -13,9 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { hiera_include('ceph_classes', []) } diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index 19ec575a..f96c193c 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -13,9 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { hiera_include('compute_classes', []) } diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 30e7c8d9..25bdbfb2 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -13,9 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { hiera_include('controller_classes', []) } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index a782207e..d329d5fc 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -13,9 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { hiera_include('controller_classes', []) } diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 18e90d1f..414a06ba 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -13,9 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { hiera_include('object_classes', []) } diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index f6787719..e1cdadd5 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -13,9 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { hiera_include('volume_classes', []) } diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml index ab51212c..b85cfe71 100644 --- a/puppet/services/aodh-api.yaml +++ b/puppet/services/aodh-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Aodh API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 6a9f5d75..603b2d82 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Aodh service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml index 103f691a..3988c940 100644 --- a/puppet/services/aodh-evaluator.yaml +++ b/puppet/services/aodh-evaluator.yaml @@ -4,6 +4,15 @@ description: > OpenStack Aodh Evaluator service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml index 01caf8b5..bc1ccde7 100644 --- a/puppet/services/aodh-listener.yaml +++ b/puppet/services/aodh-listener.yaml @@ -4,6 +4,15 @@ description: > OpenStack Aodh Listener service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml index de07f780..66e9f3e9 100644 --- a/puppet/services/aodh-notifier.yaml +++ b/puppet/services/aodh-notifier.yaml @@ -4,6 +4,15 @@ description: > OpenStack Aodh Notifier service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index a51ec2df..72bad632 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Central Agent service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml index 181c64d2..5bfecfed 100644 --- a/puppet/services/ceilometer-agent-compute.yaml +++ b/puppet/services/ceilometer-agent-compute.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Compute Agent service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml index 58e28a3d..7873706d 100644 --- a/puppet/services/ceilometer-agent-notification.yaml +++ b/puppet/services/ceilometer-agent-notification.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Notification Agent service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index c5c143b0..b9f021e3 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 59b4cc2a..1a65a595 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml index 7a7bc19d..ef7ffbd6 100644 --- a/puppet/services/ceilometer-collector.yaml +++ b/puppet/services/ceilometer-collector.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Collector service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml index c960e6dc..63a6d41d 100644 --- a/puppet/services/ceilometer-expirer.yaml +++ b/puppet/services/ceilometer-expirer.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Expirer service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 47028610..415b77b6 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -36,6 +36,20 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list # used instead, but we need client support for that first diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml index 33bbbe58..a9e4621a 100644 --- a/puppet/services/ceph-client.yaml +++ b/puppet/services/ceph-client.yaml @@ -4,6 +4,15 @@ description: > Ceph Client service. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: CephBase: type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml index f6fe26db..959cee26 100644 --- a/puppet/services/ceph-external.yaml +++ b/puppet/services/ceph-external.yaml @@ -33,6 +33,20 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index 074d941d..f634ce8a 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -4,6 +4,15 @@ description: > Ceph Monitor service. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -38,7 +47,7 @@ parameters: { "volumes": { "size": 5, - "pg_num: 128, + "pg_num": 128, "pgp_num": 128 } } @@ -48,6 +57,10 @@ parameters: resources: CephBase: type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml index 21cefb34..d18ccabf 100644 --- a/puppet/services/ceph-osd.yaml +++ b/puppet/services/ceph-osd.yaml @@ -4,6 +4,15 @@ description: > Ceph OSD service. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: CephBase: type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 3568cb06..5df0739f 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -13,6 +13,15 @@ parameters: description: The password for the cinder service account, used by cinder-api. type: string hidden: true + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -28,6 +37,8 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -67,5 +78,11 @@ outputs: dport: - 8776 - 13776 + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + cinder::api::bind_host: {get_param: [ServiceNetMap, CinderApiNetwork]} step_config: | include ::tripleo::profile::base::cinder::api diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml new file mode 100644 index 00000000..f92fdfdb --- /dev/null +++ b/puppet/services/cinder-backup.yaml @@ -0,0 +1,58 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Cinder Backup service configured with Puppet + +parameters: + CinderBackupBackend: + default: swift + description: The short name of the Cinder Backup backend to use. + type: string + constraints: + - allowed_values: ['swift', 'ceph'] + CinderBackupRbdPoolName: + default: backups + type: string + CephClientUserName: + default: openstack + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + CinderBase: + type: ./cinder-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Cinder Backup role. + value: + service_name: cinder_backup + config_settings: + map_merge: + - get_attr: [CinderBase, role_data, config_settings] + - cinder::backup::ceph::backup_ceph_user: {get_param: CephClientUserName} + cinder::backup::ceph::backup_ceph_pool: {get_param: CinderBackupRbdPoolName} + cinder::backup::swift::backup_swift_container: volumebackups + step_config: + str_replace: + template: "include ::tripleo::profile::base::cinder::backup::DRIVER" + params: + DRIVER: {get_param: CinderBackupBackend} diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index c554bf97..0db17189 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -12,6 +12,15 @@ parameters: default: '' description: Set to True to enable debugging on all services. type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml index e03090a2..129706b1 100644 --- a/puppet/services/cinder-scheduler.yaml +++ b/puppet/services/cinder-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder Scheduler service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml index 9f49bc06..de7e6bab 100644 --- a/puppet/services/cinder-volume.yaml +++ b/puppet/services/cinder-volume.yaml @@ -42,6 +42,15 @@ parameters: CephClientUserName: default: openstack type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -53,6 +62,8 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -79,5 +90,15 @@ outputs: tripleo.cinder_volume.firewall_rules: '120 iscsi initiator': dport: 3260 + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: + str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]} step_config: | include ::tripleo::profile::base::cinder::volume diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml index b8761320..3f4f106d 100644 --- a/puppet/services/database/mongodb-base.yaml +++ b/puppet/services/database/mongodb-base.yaml @@ -15,6 +15,20 @@ parameters: MongoDbReplset: type: string default: "tripleo" + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: aux_parameters: diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml index 6885cfd6..b6eb4803 100644 --- a/puppet/services/database/mongodb.yaml +++ b/puppet/services/database/mongodb.yaml @@ -5,6 +5,15 @@ description: > parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ parameters: resources: MongoDbBase: type: ./mongodb-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml index 6f8f91b5..b0eea481 100644 --- a/puppet/services/database/mysql.yaml +++ b/puppet/services/database/mysql.yaml @@ -1,15 +1,39 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > MySQL service deployment using puppet parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MysqlMaxConnections: + description: Configures MySQL max_connections config setting + type: number + default: 4096 + MysqlRootPassword: + type: string + hidden: true + default: '' + MysqlClustercheckPassword: + type: string + hidden: true + EnableGalera: + default: true + description: Whether to use Galera instead of regular MariaDB. + type: boolean outputs: role_data: @@ -33,5 +57,22 @@ outputs: - 4567 - 4568 - 9200 + mysql_max_connections: {get_param: MysqlMaxConnections} + mysql::server::root_password: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: MysqlRootPassword} + - {get_param: [DefaultPasswords, mysql_root_password]} + mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} + enable_galera: {get_param: EnableGalera} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]} step_config: | include ::tripleo::profile::base::database::mysql diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index fe8c0659..40711432 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -8,6 +8,20 @@ parameters: description: The password for Redis type: string hidden: true + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: @@ -22,4 +36,3 @@ outputs: redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' - tripleo::loadbalancer::redis_password: {get_param: RedisPassword} diff --git a/puppet/services/database/redis.yaml b/puppet/services/database/redis.yaml index ef005f77..1c333b97 100644 --- a/puppet/services/database/redis.yaml +++ b/puppet/services/database/redis.yaml @@ -4,6 +4,15 @@ description: > OpenStack Redis service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: RedisBase: type: ./redis-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index bb14546f..4954119f 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index ca10fd12..d8861f70 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance Registry service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index 265cb9f0..bc217743 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,13 @@ parameters: description: The password for the gnocchi service and db account. type: string hidden: true + GnocchiBackend: + default: file + description: The short name of the Gnocchi backend to use. Should be one + of swift, rbd, or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] KeystoneRegion: type: string default: 'regionOne' @@ -22,6 +38,8 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -37,12 +55,20 @@ outputs: dport: - 8041 - 13041 - gnocchi::api::keystone_tenant: 'service' - gnocchi::keystone::auth::tenant: 'service' - gnocchi::keystone::auth::region: {get_param: KeystoneRegion} + gnocchi::api::enabled: true + gnocchi::api::manage_service: false + gnocchi::api::service_name: 'httpd' + gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } + gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} gnocchi::keystone::auth::password: {get_param: GnocchiPassword} gnocchi::keystone::auth::public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } - gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} - gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } + gnocchi::keystone::auth::region: {get_param: KeystoneRegion} + gnocchi::keystone::auth::tenant: 'service' + gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword} + gnocchi::keystone::authtoken::project_name: 'service' + gnocchi::wsgi::apache::ssl: false + tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} step_config: | include ::tripleo::profile::base::gnocchi::api diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index a072e8ef..ac5a17ca 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -4,18 +4,20 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - GnocchiBackend: - default: file - description: The short name of the Gnocchi backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] GnocchiIndexerBackend: default: 'mysql' description: The short name of the Gnocchi indexer backend to use. @@ -62,13 +64,6 @@ outputs: - '/gnocchi' gnocchi::db::mysql::password: {get_param: GnocchiPassword} gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types' - #Gnocchi API - tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} - gnocchi::api::manage_service: false - gnocchi::api::enabled: true - gnocchi::api::service_name: 'httpd' - gnocchi::api::keystone_password: {get_param: GnocchiPassword} - gnocchi::wsgi::apache::ssl: false gnocchi::storage::coordination_url: list_join: - '' @@ -102,5 +97,3 @@ outputs: gnocchi::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" - gnocchi::auth::auth_region: {get_param: KeystoneRegion} - gnocchi::auth::auth_tenant_name: 'service' diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index 8041c6f4..df342ebd 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index 9c8e6897..b6e63bf3 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 902a1c3f..8ac669a9 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -4,11 +4,46 @@ description: > HAproxy service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + hidden: true + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + RedisPassword: + description: The password for Redis + type: string + hidden: true + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: @@ -40,5 +75,11 @@ outputs: tripleo::haproxy::heat_cloudwatch: true tripleo::haproxy::heat_cfn: true tripleo::haproxy::horizon: true + tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} + tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} + tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} + tripleo::haproxy::redis_password: {get_param: RedisPassword} + tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::haproxy diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index c3a3b7ae..4f8900aa 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudFormation API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -25,6 +34,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index b4669ac3..7a09aad0 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudWatch API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -17,6 +26,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index b4402a17..3a5d2a13 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -25,6 +34,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 091a4e9b..226d2a51 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -26,6 +26,20 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index 044ca880..fba80c5d 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -30,6 +39,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 64cf450a..c5d96819 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -4,6 +4,15 @@ description: > Horizon service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index 949cdf31..e185630e 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ironic API configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: IronicBase: type: ./ironic-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -35,9 +46,18 @@ outputs: # the VIP, but rather a real IP of the controller. - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} ironic::api::admin_password: {get_param: IronicPassword} - ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} - ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} + ironic::api::admin_tenant_name: 'service' + ironic::api::admin_user: 'ironic' + ironic::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ironic::api::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} + # This is used to build links in responses + ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]} + ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} + ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} + ironic::keystone::auth::auth_name: 'ironic' ironic::keystone::auth::password: {get_param: IronicPassword } + ironic::keystone::auth::tenant: 'service' step_config: | include ::tripleo::profile::base::ironic::api diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml index 508694ee..2f242da8 100644 --- a/puppet/services/ironic-base.yaml +++ b/puppet/services/ironic-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ironic services configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -51,7 +60,6 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ironic' - ironic::admin_tenant_name: 'service' ironic::debug: {get_param: Debug} ironic::rabbit_userid: {get_param: RabbitUserName} ironic::rabbit_password: {get_param: RabbitPassword} @@ -64,7 +72,5 @@ outputs: ironic::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" - - ironic::keystone::auth::tenant: 'service' step_config: | include ::tripleo::profile::base::ironic diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index a3bce305..9bc86a2c 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ironic conductor configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: IronicBase: type: ./ironic-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -28,7 +39,10 @@ outputs: config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] - - ironic::enabled_drivers: {get_param: IronicEnabledDrivers} + # FIXME: I have no idea why neutron_url is in "api" manifest + - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} + ironic::enabled_drivers: {get_param: IronicEnabledDrivers} # Prevent tftp_server from defaulting to my_ip setting, which is # controller VIP, not a real IP. ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index 95a401c6..b783345b 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -4,16 +4,38 @@ description: > Keepalived service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: description: Role data for the Keepalived role. value: service_name: keepalived + config_settings: + tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::keepalived diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml index 50ebe925..2f01578e 100644 --- a/puppet/services/kernel.yaml +++ b/puppet/services/kernel.yaml @@ -4,6 +4,15 @@ description: > Load kernel modules with kmod and configure kernel options with sysctl. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 988c80ce..0a5193df 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -32,6 +32,15 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 389fa2e3..8b456af5 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -4,6 +4,15 @@ description: > Manila-api service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -22,6 +31,8 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml index 663a9345..78bf1c63 100644 --- a/puppet/services/manila-base.yaml +++ b/puppet/services/manila-base.yaml @@ -4,6 +4,15 @@ description: > Openstack Manila base service. Shared by manila-api/scheduler/share services parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml index b1d55a05..a5122ba0 100644 --- a/puppet/services/manila-scheduler.yaml +++ b/puppet/services/manila-scheduler.yaml @@ -4,6 +4,15 @@ description: > Manila-scheduler service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,6 +35,8 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml index 20f36aa3..184f3694 100644 --- a/puppet/services/manila-share.yaml +++ b/puppet/services/manila-share.yaml @@ -4,6 +4,15 @@ description: > Manila-share service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml index ceb29b55..59c639e8 100644 --- a/puppet/services/memcached.yaml +++ b/puppet/services/memcached.yaml @@ -4,6 +4,15 @@ description: > Memcached service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-server.yaml b/puppet/services/neutron-api.yaml index c40b37b0..35ac32db 100644 --- a/puppet/services/neutron-server.yaml +++ b/puppet/services/neutron-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Server configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -42,12 +51,16 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Neutron Server agent service. value: - service_name: neutron_server + service_name: neutron_api config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index bc8dd8d1..39ffea24 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -48,6 +48,20 @@ parameters: description: > Remove configuration that is not generated by TripleO. Setting to false may result in configuration remnants after updates/upgrades. + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: diff --git a/puppet/services/neutron-compute-plugin-midonet.yaml b/puppet/services/neutron-compute-plugin-midonet.yaml index 200aaa1b..26b6fa6b 100644 --- a/puppet/services/neutron-compute-plugin-midonet.yaml +++ b/puppet/services/neutron-compute-plugin-midonet.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute Midonet plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml index 44aac571..c4f8ad12 100644 --- a/puppet/services/neutron-compute-plugin-nuage.yaml +++ b/puppet/services/neutron-compute-plugin-nuage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute Nuage plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-compute-plugin-opencontrail.yaml b/puppet/services/neutron-compute-plugin-opencontrail.yaml index fb6d640c..9f2fd13c 100644 --- a/puppet/services/neutron-compute-plugin-opencontrail.yaml +++ b/puppet/services/neutron-compute-plugin-opencontrail.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute OpenContrail plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-compute-plugin-plumgrid.yaml b/puppet/services/neutron-compute-plugin-plumgrid.yaml index ad1e3465..31a0a08b 100644 --- a/puppet/services/neutron-compute-plugin-plumgrid.yaml +++ b/puppet/services/neutron-compute-plugin-plumgrid.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute Plumgrid plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index 78c86cb9..513cb2d4 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron DHCP agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -27,6 +36,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml index f10b5922..0f3c2a70 100644 --- a/puppet/services/neutron-l3-compute-dvr.yaml +++ b/puppet/services/neutron-l3-compute-dvr.yaml @@ -5,6 +5,15 @@ description: > configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -22,6 +31,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml index ede41935..54beee6b 100644 --- a/puppet/services/neutron-l3.yaml +++ b/puppet/services/neutron-l3.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron L3 agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -30,6 +39,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml index 73d8c3da..b9ec277a 100644 --- a/puppet/services/neutron-metadata.yaml +++ b/puppet/services/neutron-metadata.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Metadata agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,6 +35,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml index ccc0b0dd..48830d81 100644 --- a/puppet/services/neutron-midonet.yaml +++ b/puppet/services/neutron-midonet.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Midonet plugin and services parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index d52b8a26..7520f6f6 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron OVS agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -44,6 +53,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 158122ed..165b9687 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron ML2 Plugin configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -56,6 +65,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml index 5f228f96..838ec5ea 100644 --- a/puppet/services/neutron-plugin-nuage.yaml +++ b/puppet/services/neutron-plugin-nuage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Nuage plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -54,6 +63,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-opencontrail.yaml b/puppet/services/neutron-plugin-opencontrail.yaml index ed6a2c04..4e294965 100644 --- a/puppet/services/neutron-plugin-opencontrail.yaml +++ b/puppet/services/neutron-plugin-opencontrail.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Opencontrail plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -37,6 +46,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-plumgrid.yaml b/puppet/services/neutron-plugin-plumgrid.yaml index 5488bed7..30af8a3f 100644 --- a/puppet/services/neutron-plugin-plumgrid.yaml +++ b/puppet/services/neutron-plugin-plumgrid.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Plumgrid plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index d560edb4..143c0619 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,6 +35,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index 9b1b0760..471ece34 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova base service. Shared for all Nova services. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 19f1f02a..1a473a4e 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Compute service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -36,6 +45,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml index 5964f883..0b6169da 100644 --- a/puppet/services/nova-conductor.yaml +++ b/puppet/services/nova-conductor.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Conductor service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml index 5fbce1b1..67ff2ec3 100644 --- a/puppet/services/nova-consoleauth.yaml +++ b/puppet/services/nova-consoleauth.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Consoleauth service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-ironic.yaml b/puppet/services/nova-ironic.yaml new file mode 100644 index 00000000..bf7639dd --- /dev/null +++ b/puppet/services/nova-ironic.yaml @@ -0,0 +1,53 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Compute service configured with Puppet and using Ironic + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + +resources: + NovaBase: + type: ./nova-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova Compute service with Ironic. + value: + service_name: nova_ironic + config_settings: + map_merge: + - get_attr: [NovaBase, role_data, config_settings] + - nova::compute::force_config_drive: true + nova::compute::reserved_host_memory: '0' + nova::compute::vnc_enabled: false + nova::ironic::common::admin_password: {get_param: IronicPassword} + nova::ironic::common::admin_tenant_name: 'service' + nova::ironic::common::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri]} + nova::ironic::common::admin_username: 'ironic' + nova::ironic::common::api_endpoint: {get_param: [EndpointMap, IronicInternal, uri]} + nova::network::neutron::dhcp_domain: '' + nova::scheduler::filter::scheduler_host_manager: 'ironic_host_manager' + step_config: | + include tripleo::profile::base::nova::compute::ironic diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index d283de4f..1ebec974 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -4,6 +4,15 @@ description: > Libvirt service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -17,6 +26,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index bd6e5116..78ff008b 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Scheduler service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vncproxy.yaml index a1517011..0a1785d8 100644 --- a/puppet/services/nova-vncproxy.yaml +++ b/puppet/services/nova-vncproxy.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Vncproxy service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml index b0ebb7d4..ac5b85c8 100644 --- a/puppet/services/pacemaker.yaml +++ b/puppet/services/pacemaker.yaml @@ -4,6 +4,15 @@ description: > Pacemaker service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml index 471b9f7a..ac4bdcf0 100644 --- a/puppet/services/pacemaker/ceilometer-agent-central.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-central.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Central Agent service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml index 2530848f..112dde1c 100644 --- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-notification.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Notification Agent service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml index f1885372..f50e4a15 100644 --- a/puppet/services/pacemaker/ceilometer-api.yaml +++ b/puppet/services/pacemaker/ceilometer-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer API service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml index 8d31e1aa..8d4348db 100644 --- a/puppet/services/pacemaker/ceilometer-collector.yaml +++ b/puppet/services/pacemaker/ceilometer-collector.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Collector service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/cinder-api.yaml b/puppet/services/pacemaker/cinder-api.yaml index 706a189b..7c83037d 100644 --- a/puppet/services/pacemaker/cinder-api.yaml +++ b/puppet/services/pacemaker/cinder-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder API service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderApiBase: type: ../cinder-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml new file mode 100644 index 00000000..7e940c7e --- /dev/null +++ b/puppet/services/pacemaker/cinder-backup.yaml @@ -0,0 +1,60 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Cinder Backup service with Pacemaker configured with Puppet + +parameters: + CinderBackupBackend: + default: swift + description: The short name of the Cinder Backup backend to use. + type: string + constraints: + - allowed_values: ['swift', 'ceph'] + CinderBackupRbdPoolName: + default: backups + type: string + CephClientUserName: + default: openstack + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + CinderBackupBase: + type: ../cinder-backup.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + CinderBackupBackend: {get_param: CinderBackupBackend} + CinderBackupRbdPoolName: {get_param: CinderBackupRbdPoolName} + CephClientUserName: {get_param: CephClientUserName} + +outputs: + role_data: + description: Role data for the Cinder Backup role. + value: + service_name: cinder_backup + config_settings: + map_merge: + - get_attr: [CinderBackupBase, role_data, config_settings] + - cinder::backup::manage_service: false + cinder::backup::enabled: false + step_config: + list_join: + - "\n" + - - get_attr: [CinderBackupBase, role_data, step_config] + - "include ::tripleo::profile::pacemaker::cinder::backup" diff --git a/puppet/services/pacemaker/cinder-scheduler.yaml b/puppet/services/pacemaker/cinder-scheduler.yaml index 350d7126..6f26b412 100644 --- a/puppet/services/pacemaker/cinder-scheduler.yaml +++ b/puppet/services/pacemaker/cinder-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder Scheduler service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderSchedulerBase: type: ../cinder-scheduler.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml index 7b6e9a77..ffcdb529 100644 --- a/puppet/services/pacemaker/cinder-volume.yaml +++ b/puppet/services/pacemaker/cinder-volume.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder Volume service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderVolumeBase: type: ../cinder-volume.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/core.yaml b/puppet/services/pacemaker/core.yaml index 1c0c043c..9eca1de3 100644 --- a/puppet/services/pacemaker/core.yaml +++ b/puppet/services/pacemaker/core.yaml @@ -4,6 +4,15 @@ description: > OpenStack Core (fake) service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/pacemaker/database/mongodb.yaml b/puppet/services/pacemaker/database/mongodb.yaml index c09f93a9..64ae2e91 100644 --- a/puppet/services/pacemaker/database/mongodb.yaml +++ b/puppet/services/pacemaker/database/mongodb.yaml @@ -5,6 +5,15 @@ description: > parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ parameters: resources: MongoDbBase: type: ../../database/mongodb-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml index cc9dc946..d555ed0a 100644 --- a/puppet/services/pacemaker/database/mysql.yaml +++ b/puppet/services/pacemaker/database/mysql.yaml @@ -5,17 +5,36 @@ description: > parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json +resources: + + MysqlBase: + type: ../../database/mysql.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Service MySQL with Pacemaker using composable services. value: service_name: mysql config_settings: + get_attr: [MysqlBase, role_data, config_settings] step_config: | include ::tripleo::profile::pacemaker::database::mysql diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml index 3cd8d168..d9156e67 100644 --- a/puppet/services/pacemaker/database/redis.yaml +++ b/puppet/services/pacemaker/database/redis.yaml @@ -4,6 +4,15 @@ description: > OpenStack Redis service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: RedisBase: type: ../../database/redis-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/glance-api.yaml b/puppet/services/pacemaker/glance-api.yaml index 0fc17b22..ef4ba79a 100644 --- a/puppet/services/pacemaker/glance-api.yaml +++ b/puppet/services/pacemaker/glance-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance API service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -39,6 +48,8 @@ resources: GlanceApiBase: type: ../glance-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/glance-registry.yaml b/puppet/services/pacemaker/glance-registry.yaml index ae7aa307..e417f09f 100644 --- a/puppet/services/pacemaker/glance-registry.yaml +++ b/puppet/services/pacemaker/glance-registry.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance Registry service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: GlanceRegistryBase: type: ../glance-registry.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml index bcd73e61..1f6ed461 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/pacemaker/gnocchi-api.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ../gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml index ec487e89..cea27e9a 100644 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ b/puppet/services/pacemaker/gnocchi-metricd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ../gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml index d1106524..2e1531fc 100644 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ b/puppet/services/pacemaker/gnocchi-statsd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ../gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml index c450530b..de028339 100644 --- a/puppet/services/pacemaker/haproxy.yaml +++ b/puppet/services/pacemaker/haproxy.yaml @@ -4,6 +4,15 @@ description: > HAproxy service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: LoadbalancerServiceBase: type: ../haproxy.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml index 8f2c561a..155a35ec 100644 --- a/puppet/services/pacemaker/heat-api-cfn.yaml +++ b/puppet/services/pacemaker/heat-api-cfn.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudFormation API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatApiCfnBase: type: ../heat-api-cfn.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml index a08e0262..85927650 100644 --- a/puppet/services/pacemaker/heat-api-cloudwatch.yaml +++ b/puppet/services/pacemaker/heat-api-cloudwatch.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudWatch API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatApiCloudwatchBase: type: ../heat-api-cloudwatch.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml index 5cf25516..d7220619 100644 --- a/puppet/services/pacemaker/heat-api.yaml +++ b/puppet/services/pacemaker/heat-api.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatApiBase: type: ../heat-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml index 4d41cbe4..579f5f10 100644 --- a/puppet/services/pacemaker/heat-engine.yaml +++ b/puppet/services/pacemaker/heat-engine.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatEngineBase: type: ../heat-engine.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/horizon.yaml b/puppet/services/pacemaker/horizon.yaml index f8b5ad0c..bd1ff046 100644 --- a/puppet/services/pacemaker/horizon.yaml +++ b/puppet/services/pacemaker/horizon.yaml @@ -4,6 +4,15 @@ description: > Horizon service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: HorizonBase: type: ../horizon.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/keystone.yaml b/puppet/services/pacemaker/keystone.yaml index f5f136d3..701f01f1 100644 --- a/puppet/services/pacemaker/keystone.yaml +++ b/puppet/services/pacemaker/keystone.yaml @@ -4,6 +4,15 @@ description: > OpenStack Keystone service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: KeystoneServiceBase: type: ../keystone.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml index 0f88e89c..7479eb08 100644 --- a/puppet/services/pacemaker/manila-share.yaml +++ b/puppet/services/pacemaker/manila-share.yaml @@ -4,6 +4,15 @@ description: > The manila-share service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: ManilaShareBase: type: ../manila-share.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/memcached.yaml b/puppet/services/pacemaker/memcached.yaml index 43cd528e..e612d775 100644 --- a/puppet/services/pacemaker/memcached.yaml +++ b/puppet/services/pacemaker/memcached.yaml @@ -4,6 +4,15 @@ description: > Mecached service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: MemcachedServiceBase: type: ../memcached.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/neutron-dhcp.yaml b/puppet/services/pacemaker/neutron-dhcp.yaml index 3a5ada47..f5f785e3 100644 --- a/puppet/services/pacemaker/neutron-dhcp.yaml +++ b/puppet/services/pacemaker/neutron-dhcp.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron DHCP service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronDhcpBase: type: ../neutron-dhcp.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-l3.yaml b/puppet/services/pacemaker/neutron-l3.yaml index a4f2c0e1..87176632 100644 --- a/puppet/services/pacemaker/neutron-l3.yaml +++ b/puppet/services/pacemaker/neutron-l3.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron L3 service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronL3Base: type: ../neutron-l3.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-metadata.yaml b/puppet/services/pacemaker/neutron-metadata.yaml index 9b322f22..e00c2424 100644 --- a/puppet/services/pacemaker/neutron-metadata.yaml +++ b/puppet/services/pacemaker/neutron-metadata.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Metadata service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronMetadataBase: type: ../neutron-metadata.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-midonet.yaml b/puppet/services/pacemaker/neutron-midonet.yaml index e93ed661..fb39ea44 100644 --- a/puppet/services/pacemaker/neutron-midonet.yaml +++ b/puppet/services/pacemaker/neutron-midonet.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Midonet with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronMidonetBase: type: ../neutron-midonet.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-ovs-agent.yaml b/puppet/services/pacemaker/neutron-ovs-agent.yaml index b2260de9..353c2958 100644 --- a/puppet/services/pacemaker/neutron-ovs-agent.yaml +++ b/puppet/services/pacemaker/neutron-ovs-agent.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron OVS agent with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: NeutronOvsBase: type: ../neutron-ovs-agent.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/neutron-plugin-ml2.yaml b/puppet/services/pacemaker/neutron-plugin-ml2.yaml index dc10d093..234f116e 100644 --- a/puppet/services/pacemaker/neutron-plugin-ml2.yaml +++ b/puppet/services/pacemaker/neutron-plugin-ml2.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron ML2 Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: NeutronMl2Base: type: ../neutron-plugin-ml2.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/neutron-plugin-nuage.yaml b/puppet/services/pacemaker/neutron-plugin-nuage.yaml index 414c046c..9fca2cc3 100644 --- a/puppet/services/pacemaker/neutron-plugin-nuage.yaml +++ b/puppet/services/pacemaker/neutron-plugin-nuage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronPluginNuageBase: type: ../neutron-plugin-nuage.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml index 1d385d83..80d6ed92 100644 --- a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml +++ b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronPluginOpenContrail: type: ../neutron-plugin-nuage.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml index 69f5fd27..5dd4e588 100644 --- a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml +++ b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronPluginPlumgridBase: type: ../neutron-plugin-ml2.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-server.yaml b/puppet/services/pacemaker/neutron-server.yaml index b0f739dc..fc04e5ee 100644 --- a/puppet/services/pacemaker/neutron-server.yaml +++ b/puppet/services/pacemaker/neutron-server.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Server with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -19,6 +28,8 @@ resources: NeutronServerBase: type: ../neutron-server.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml index 2d497ab5..709761e7 100644 --- a/puppet/services/pacemaker/nova-api.yaml +++ b/puppet/services/pacemaker/nova-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova API service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaApiBase: type: ../nova-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-conductor.yaml b/puppet/services/pacemaker/nova-conductor.yaml index 1f57cf08..7a2313c7 100644 --- a/puppet/services/pacemaker/nova-conductor.yaml +++ b/puppet/services/pacemaker/nova-conductor.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Conductor service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaConductorBase: type: ../nova-conductor.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml index bbab8bea..77550c80 100644 --- a/puppet/services/pacemaker/nova-consoleauth.yaml +++ b/puppet/services/pacemaker/nova-consoleauth.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Consoleauth service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaConsoleauthBase: type: ../nova-consoleauth.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml index bf2c62bc..2571ec43 100644 --- a/puppet/services/pacemaker/nova-scheduler.yaml +++ b/puppet/services/pacemaker/nova-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Scheduler service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaSchedulerBase: type: ../nova-scheduler.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vncproxy.yaml index 0353d924..e536826e 100644 --- a/puppet/services/pacemaker/nova-vncproxy.yaml +++ b/puppet/services/pacemaker/nova-vncproxy.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Vncproxy service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaVncproxyBase: type: ../nova-vncproxy.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml index b01caeea..3eb01398 100644 --- a/puppet/services/pacemaker/rabbitmq.yaml +++ b/puppet/services/pacemaker/rabbitmq.yaml @@ -4,6 +4,15 @@ description: > RabbitMQ service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: RabbitMQServiceBase: type: ../rabbitmq.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml index a06afb2d..e20b7a08 100644 --- a/puppet/services/pacemaker/sahara-api.yaml +++ b/puppet/services/pacemaker/sahara-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara API service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: SaharaApiBase: type: ../sahara-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml index a1191f87..07de74ca 100644 --- a/puppet/services/pacemaker/sahara-engine.yaml +++ b/puppet/services/pacemaker/sahara-engine.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara Engine service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: SaharaEngineBase: type: ../sahara-engine.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 4c02f359..06595b07 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -1,9 +1,18 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > RabbitMQ service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -25,6 +34,10 @@ parameters: default: false description: Enable IPv6 in RabbitMQ type: boolean + RabbitCookie: + type: string + default: '' + hidden: true outputs: role_data: @@ -57,5 +70,19 @@ outputs: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' loopback_users: '[]' + rabbitmq::erlang_cookie: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: RabbitCookie} + - {get_param: [DefaultPasswords, rabbit_cookie]} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]} step_config: | include ::tripleo::profile::base::rabbitmq diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 85324312..5715a8c3 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,6 +35,8 @@ resources: SaharaBase: type: ./sahara-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml index cac89e32..c1ab8e8b 100644 --- a/puppet/services/sahara-base.yaml +++ b/puppet/services/sahara-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara base service. Shared for all Sahara services. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml index de2ac7ef..fcf4d485 100644 --- a/puppet/services/sahara-engine.yaml +++ b/puppet/services/sahara-engine.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: SaharaBase: type: ./sahara-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index c9a952a5..bb40001a 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -10,11 +10,22 @@ parameters: description: | List nested stack service templates. type: comma_delimited_list + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + DefaultPasswords: + default: {} + description: Mapping of service -> default password. Used to help + pass top level passwords managed by Heat into services. + type: json resources: @@ -24,7 +35,9 @@ resources: resources: {get_param: Services} concurrent: true resource_properties: + ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_param: EndpointMap} + DefaultPasswords: {get_param: DefaultPasswords} outputs: role_data: diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml index 458f444b..e38ccf42 100644 --- a/puppet/services/snmp.yaml +++ b/puppet/services/snmp.yaml @@ -6,6 +6,15 @@ description: > monitoring. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index 99af7499..6c2bb44b 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -4,6 +4,15 @@ description: > OpenStack Swift Proxy service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index 0b17c73c..f41228e7 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -4,6 +4,15 @@ description: > OpenStack Swift Ringbuilder parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 74679231..664a701f 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Swift Storage service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -17,6 +26,10 @@ parameters: default: false description: Value of mount_check in Swift account/container/object -server.conf type: boolean + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list @@ -60,5 +73,6 @@ outputs: swift::storage::all::account_pipeline: - healthcheck - account-server + swift::storage::disks: {get_param: SwiftRawDisks} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml index 59d25dd2..7aa3706f 100644 --- a/puppet/services/time/ntp.yaml +++ b/puppet/services/time/ntp.yaml @@ -7,6 +7,15 @@ description: > and configure NTP. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml index 805c9050..384b5191 100644 --- a/puppet/services/time/timezone.yaml +++ b/puppet/services/time/timezone.yaml @@ -4,6 +4,15 @@ description: > Composable Timezone service parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml new file mode 100644 index 00000000..14965b4f --- /dev/null +++ b/puppet/services/tripleo-firewall.yaml @@ -0,0 +1,28 @@ +heat_template_version: 2016-04-08 + +description: > + TripleO Firewall settings + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the TripleO firewall settings + value: + service_name: tripleo_firewall + step_config: | + include ::tripleo::firewall diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml new file mode 100644 index 00000000..124f5fe8 --- /dev/null +++ b/puppet/services/tripleo-packages.yaml @@ -0,0 +1,34 @@ +heat_template_version: 2016-04-08 + +description: > + TripleO Package installation settings + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + EnablePackageInstall: + default: 'false' + description: Set to true to enable package installation via Puppet + type: boolean + +outputs: + role_data: + description: Role data for the TripleO package settings + value: + service_name: tripleo_packages + config_settings: + tripleo::packages::enable_install: {get_param: EnablePackageInstall} + step_config: | + include ::tripleo::packages diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 1d451ab2..1f3022b8 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -29,10 +29,6 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean UpdateIdentifier: default: '' type: string @@ -105,6 +101,10 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json resources: @@ -250,7 +250,6 @@ resources: - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - network merge_behavior: deeper datafiles: service_names: @@ -261,11 +260,6 @@ resources: map_replace: - {get_param: ServiceConfigSettings} - values: {get_attr: [NetIpMap, net_ip_map]} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} object_extraconfig: mapped_data: {get_param: ObjectStorageExtraConfig} extraconfig: @@ -276,7 +270,6 @@ resources: swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -292,7 +285,6 @@ resources: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} swift_hash_suffix: {get_param: HashSuffix} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} @@ -389,9 +381,23 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} external_ip_address: description: IP address of the server in the external network value: {get_attr: [ExternalPort, ip_address]} diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index c93c84bc..d75aeb4f 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -39,6 +39,13 @@ def validate_service(filename, tpl): print('ERROR: service_name should match file name for service: %s.' % filename) return 1 + if 'parameters' in tpl: + required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords'] + for param in required_params: + if param not in tpl['parameters']: + print('ERROR: parameter %s is required for %s.' + % (param, filename)) + return 1 return 0 |