summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--all-nodes-config.yaml34
-rw-r--r--bootstrap-config.yaml1
-rw-r--r--ceph-storage.yaml15
-rw-r--r--cinder-storage.yaml33
-rw-r--r--compute.yaml18
-rw-r--r--controller.yaml83
-rw-r--r--environments/cinder-netapp-config.yaml30
-rw-r--r--environments/net-single-nic-with-vlans.yaml13
-rw-r--r--environments/puppet-tenant-vlan.yaml4
-rw-r--r--extraconfig/controller/cinder-netapp.yaml38
-rw-r--r--extraconfig/controller/noop.yaml3
-rw-r--r--extraconfig/post_deploy/example.yaml2
-rw-r--r--extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml22
-rw-r--r--extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml2
-rw-r--r--extraconfig/post_deploy/rhel-registration/rhel-registration.yaml113
-rw-r--r--extraconfig/post_deploy/rhel-registration/scripts/rhel-registration120
-rw-r--r--extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration19
-rwxr-xr-xextraconfig/tasks/yum_update.sh41
-rw-r--r--extraconfig/tasks/yum_update.yaml26
-rw-r--r--network/config/bond-with-vlans/ceph-storage.yaml24
-rw-r--r--network/config/bond-with-vlans/cinder-storage.yaml29
-rw-r--r--network/config/bond-with-vlans/compute.yaml27
-rw-r--r--network/config/bond-with-vlans/controller.yaml39
-rw-r--r--network/config/bond-with-vlans/swift-storage.yaml29
-rw-r--r--network/config/single-nic-vlans/README.md19
-rw-r--r--network/config/single-nic-vlans/ceph-storage.yaml71
-rw-r--r--network/config/single-nic-vlans/cinder-storage.yaml81
-rw-r--r--network/config/single-nic-vlans/compute.yaml81
-rw-r--r--network/config/single-nic-vlans/controller.yaml101
-rw-r--r--network/config/single-nic-vlans/swift-storage.yaml81
-rw-r--r--network/external.yaml6
-rw-r--r--network/internal_api.yaml5
-rw-r--r--network/ports/ctlplane_vip.yaml46
-rw-r--r--network/ports/external.yaml5
-rw-r--r--network/ports/internal_api.yaml5
-rw-r--r--network/ports/net_ip_list_map.yaml30
-rw-r--r--network/ports/net_ip_map.yaml2
-rw-r--r--network/ports/noop.yaml12
-rw-r--r--network/ports/storage.yaml5
-rw-r--r--network/ports/storage_mgmt.yaml5
-rw-r--r--network/ports/tenant.yaml5
-rw-r--r--network/ports/vip.yaml41
-rw-r--r--network/storage.yaml5
-rw-r--r--network/storage_mgmt.yaml5
-rw-r--r--network/tenant.yaml5
-rw-r--r--overcloud-resource-registry-puppet.yaml19
-rw-r--r--overcloud-resource-registry.yaml6
-rw-r--r--overcloud-without-mergepy.yaml247
-rw-r--r--puppet/all-nodes-config.yaml171
-rw-r--r--puppet/bootstrap-config.yaml1
-rw-r--r--puppet/ceph-storage-puppet.yaml42
-rw-r--r--puppet/cinder-storage-puppet.yaml70
-rw-r--r--puppet/compute-puppet.yaml48
-rw-r--r--puppet/controller-puppet.yaml269
-rw-r--r--puppet/hieradata/common.yaml10
-rw-r--r--puppet/hieradata/compute.yaml2
-rw-r--r--puppet/hieradata/controller.yaml5
-rw-r--r--puppet/manifests/overcloud_compute.pp1
-rw-r--r--puppet/manifests/overcloud_controller.pp57
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp760
-rw-r--r--puppet/manifests/overcloud_volume.pp1
-rw-r--r--puppet/swift-storage-puppet.yaml49
-rw-r--r--puppet/vip-config.yaml41
-rw-r--r--swift-storage.yaml10
-rw-r--r--undercloud-bm-nova-config.yaml4
-rw-r--r--undercloud-source.yaml10
-rw-r--r--undercloud-vm-ironic-config.yaml4
-rw-r--r--undercloud-vm-nova-config.yaml4
-rw-r--r--vip-config.yaml16
69 files changed, 2870 insertions, 358 deletions
diff --git a/all-nodes-config.yaml b/all-nodes-config.yaml
index 9687dafc..3f0bd61c 100644
--- a/all-nodes-config.yaml
+++ b/all-nodes-config.yaml
@@ -16,6 +16,40 @@ parameters:
type: comma_delimited_list
controller_names:
type: comma_delimited_list
+ rabbit_node_ips:
+ type: comma_delimited_list
+ mongo_node_ips:
+ type: comma_delimited_list
+ redis_node_ips:
+ type: comma_delimited_list
+ memcache_node_ips:
+ type: comma_delimited_list
+ mysql_node_ips:
+ type: comma_delimited_list
+ horizon_node_ips:
+ type: comma_delimited_list
+ heat_api_node_ips:
+ type: comma_delimited_list
+ swift_proxy_node_ips:
+ type: comma_delimited_list
+ ceilometer_api_node_ips:
+ type: comma_delimited_list
+ nova_api_node_ips:
+ type: comma_delimited_list
+ nova_metadata_node_ips:
+ type: comma_delimited_list
+ glance_api_node_ips:
+ type: comma_delimited_list
+ glance_registry_node_ips:
+ type: comma_delimited_list
+ cinder_api_node_ips:
+ type: comma_delimited_list
+ neutron_api_node_ips:
+ type: comma_delimited_list
+ keystone_public_api_node_ips:
+ type: comma_delimited_list
+ keystone_admin_api_node_ips:
+ type: comma_delimited_list
resources:
diff --git a/bootstrap-config.yaml b/bootstrap-config.yaml
index 6082dbce..c87670e3 100644
--- a/bootstrap-config.yaml
+++ b/bootstrap-config.yaml
@@ -12,6 +12,7 @@ resources:
BootstrapNodeConfigImpl:
type: OS::Heat::StructuredConfig
properties:
+ group: os-apply-config
config:
bootstrap_host:
bootstrap_nodeid: {get_param: bootstrap_nodeid}
diff --git a/ceph-storage.yaml b/ceph-storage.yaml
index 74530147..2b44642b 100644
--- a/ceph-storage.yaml
+++ b/ceph-storage.yaml
@@ -28,6 +28,20 @@ parameters:
default: ''
description: The list of ip/names to use as Ceph monitors
type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
CephStorage:
@@ -41,6 +55,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
diff --git a/cinder-storage.yaml b/cinder-storage.yaml
index 30eae1d9..2b59607e 100644
--- a/cinder-storage.yaml
+++ b/cinder-storage.yaml
@@ -16,6 +16,11 @@ parameters:
default: 5000
description: The size of the loopback file used by the cinder LVM driver.
type: number
+ CinderPassword:
+ default: unset
+ description: The password for the cinder service and db account, used by cinder-api.
+ type: string
+ hidden: true
VirtualIP:
default: ''
type: string
@@ -66,6 +71,10 @@ parameters:
default: "9292"
description: Glance port.
type: string
+ GlanceProtocol:
+ default: http
+ description: Protocol to use when connecting to glance, set to https for SSL.
+ type: string
KeyName:
default: default
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
@@ -95,6 +104,27 @@ parameters:
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ GlanceApiVirtualIP:
+ type: string
+ default: ''
+ MysqlVirtualIP:
+ type: string
+ default: ''
+
resources:
BlockStorage:
type: OS::Nova::Server
@@ -107,6 +137,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -146,7 +177,7 @@ resources:
config: {get_resource: BlockStorageConfig}
input_values:
controller_virtual_ip: {get_param: VirtualIP}
- cinder_dsn: {list_join: ['', ['mysql://cinder:unset@', {get_param: VirtualIP} , '/cinder']]}
+ cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: VirtualIP} , '/cinder']]}
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
signal_transport: NO_SIGNAL
diff --git a/compute.yaml b/compute.yaml
index 8e5cdec7..408e0f31 100644
--- a/compute.yaml
+++ b/compute.yaml
@@ -132,7 +132,7 @@ parameters:
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: string
+ type: comma_delimited_list
NeutronPassword:
default: unset
description: The password for the neutron service account, used by neutron agents.
@@ -243,7 +243,20 @@ parameters:
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
-
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
@@ -260,6 +273,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
diff --git a/controller.yaml b/controller.yaml
index a2da3d39..36bd77bc 100644
--- a/controller.yaml
+++ b/controller.yaml
@@ -11,7 +11,7 @@ parameters:
hidden: true
AdminToken:
default: unset
- description: The keystone auth secret.
+ description: The keystone auth secret and db password.
type: string
hidden: true
CeilometerBackend:
@@ -25,7 +25,7 @@ parameters:
hidden: true
CeilometerPassword:
default: unset
- description: The password for the ceilometer service account.
+ description: The password for the ceilometer service and db account.
type: string
hidden: true
CinderEnableIscsiBackend:
@@ -46,7 +46,7 @@ parameters:
type: number
CinderPassword:
default: unset
- description: The password for the cinder service account, used by cinder-api.
+ description: The password for the cinder service and db account, used by cinder-api.
type: string
hidden: true
CloudName:
@@ -71,11 +71,6 @@ parameters:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
- EnablePacemaker:
- default: false
- description: If enabled services will be monitored by Pacemaker; it
- will manage VIPs as well, in place of Keepalived.
- type: boolean
EnableCephStorage:
default: false
description: Whether to deploy Ceph Storage (OSD) on the Controller
@@ -137,7 +132,7 @@ parameters:
default: ''
GlancePassword:
default: unset
- description: The password for the glance service account, used by the glance services.
+ description: The password for the glance service and db account, used by the glance services.
type: string
hidden: true
GlancePort:
@@ -157,7 +152,7 @@ parameters:
- allowed_values: ['swift', 'file', 'rbd']
HeatPassword:
default: unset
- description: The password for the Heat service account, used by the Heat services.
+ description: The password for the Heat service and db account, used by the Heat services.
type: string
hidden: true
HeatStackDomainAdminPassword:
@@ -283,10 +278,10 @@ parameters:
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: string
+ type: comma_delimited_list
NeutronPassword:
default: unset
- description: The password for the neutron service account, used by neutron agents.
+ description: The password for the neutron service and db account, used by neutron agents.
type: string
hidden: true
NeutronPublicInterface:
@@ -323,7 +318,7 @@ parameters:
type: string
NovaPassword:
default: unset
- description: The password for the nova service account, used by nova-api.
+ description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
NtpServer:
@@ -364,6 +359,9 @@ parameters:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ RedisVirtualIP:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
@@ -418,7 +416,35 @@ parameters:
VirtualIP:
type: string
default: '' # Has to be here because of the ignored empty value bug
-
+ HeatApiVirtualIP:
+ type: string
+ default: ''
+ GlanceApiVirtualIP:
+ type: string
+ default: ''
+ MysqlVirtualIP:
+ type: string
+ default: ''
+ KeystonePublicApiVirtualIP:
+ type: string
+ default: ''
+ NeutronApiVirtualIP:
+ type: string
+ default: ''
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
@@ -433,6 +459,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -754,7 +781,9 @@ resources:
cinder_dsn:
list_join:
- ''
- - - 'mysql://cinder:unset@'
+ - - 'mysql://cinder:'
+ - {get_param: CinderPassword}
+ - '@'
- {get_param: VirtualIP}
- '/cinder'
glance_port: {get_param: GlancePort}
@@ -765,7 +794,9 @@ resources:
glance_dsn:
list_join:
- ''
- - - 'mysql://glance:unset@'
+ - - 'mysql://glance:'
+ - {get_param: GlancePassword}
+ - '@'
- {get_param: VirtualIP}
- '/glance'
heat_password: {get_param: HeatPassword}
@@ -774,7 +805,9 @@ resources:
heat_dsn:
list_join:
- ''
- - - 'mysql://heat:unset@'
+ - - 'mysql://heat:'
+ - {get_param: HeatPassword}
+ - '@'
- {get_param: VirtualIP}
- '/heat'
keystone_ca_certificate: {get_param: KeystoneCACertificate}
@@ -785,7 +818,9 @@ resources:
keystone_dsn:
list_join:
- ''
- - - 'mysql://keystone:unset@'
+ - - 'mysql://keystone:'
+ - {get_param: AdminToken}
+ - '@'
- {get_param: VirtualIP}
- '/keystone'
mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
@@ -815,7 +850,9 @@ resources:
neutron_dsn:
list_join:
- ''
- - - 'mysql://neutron:unset@'
+ - - 'mysql://neutron:'
+ - {get_param: NeutronPassword}
+ - '@'
- {get_param: VirtualIP}
- '/ovs_neutron?charset=utf8'
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
@@ -823,7 +860,9 @@ resources:
ceilometer_dsn:
list_join:
- ''
- - - 'mysql://ceilometer:unset@'
+ - - 'mysql://ceilometer:'
+ - {get_param: CeilometerPassword}
+ - '@'
- {get_param: VirtualIP}
- '/ceilometer'
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
@@ -832,7 +871,9 @@ resources:
nova_dsn:
list_join:
- ''
- - - 'mysql://nova:unset@'
+ - - 'mysql://nova:'
+ - {get_param: NovaPassword}
+ - '@'
- {get_param: VirtualIP}
- '/nova'
rabbit_username: {get_param: RabbitUserName}
diff --git a/environments/cinder-netapp-config.yaml b/environments/cinder-netapp-config.yaml
new file mode 100644
index 00000000..4dd9eed7
--- /dev/null
+++ b/environments/cinder-netapp-config.yaml
@@ -0,0 +1,30 @@
+# A Heat environment file which can be used to enable a
+# a Cinder NetApp backend.
+resource_registry:
+ OS::TripleO::Controller::CinderBackend: extraconfig/controller/cinder-netapp.yaml
+
+parameter_defaults:
+ CinderBackendConfig:
+ CinderEnableNetappBackend: false
+ CinderNetappBackendName: 'tripleo_netapp'
+ CinderNetappLogin: ''
+ CinderNetappPassword: ''
+ CinderNetappServerHostname: ''
+ CinderNetappServerPort: '80'
+ CinderNetappSizeMultiplier: '1.2'
+ CinderNetappStorageFamily: 'ontap_cluster'
+ CinderNetappStorageProtocol: 'nfs'
+ CinderNetappTransportType: 'http'
+ CinderNetappVfiler: ''
+ CinderNetappVolumeList: ''
+ CinderNetappVserver: ''
+ CinderNetappPartnerBackendName: ''
+ CinderNetappNfsShares: ''
+ CinderNetappNfsSharesConfig: '/etc/cinder/shares.conf'
+ CinderNetappNfsMountOptions: ''
+ CinderNetappCopyOffloadToolPath: ''
+ CinderNetappControllerIps: ''
+ CinderNetappSaPassword: ''
+ CinderNetappStoragePools: ''
+ CinderNetappEseriesHostType: 'linux_dm_mp'
+ CinderNetappWebservicePath: '/devmgr/v2'
diff --git a/environments/net-single-nic-with-vlans.yaml b/environments/net-single-nic-with-vlans.yaml
new file mode 100644
index 00000000..b087b3e4
--- /dev/null
+++ b/environments/net-single-nic-with-vlans.yaml
@@ -0,0 +1,13 @@
+# This template configures each role to use Vlans on a single nic for
+# each isolated network.
+# This template assumes use of network-isolation.yaml.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml
diff --git a/environments/puppet-tenant-vlan.yaml b/environments/puppet-tenant-vlan.yaml
new file mode 100644
index 00000000..0df63caf
--- /dev/null
+++ b/environments/puppet-tenant-vlan.yaml
@@ -0,0 +1,4 @@
+parameters:
+ NeutronNetworkType: vlan
+ NeutronEnableTunnelling: false
+ NeutronNetworkVLANRanges: datacentre:1:1000 \ No newline at end of file
diff --git a/extraconfig/controller/cinder-netapp.yaml b/extraconfig/controller/cinder-netapp.yaml
new file mode 100644
index 00000000..223ceacd
--- /dev/null
+++ b/extraconfig/controller/cinder-netapp.yaml
@@ -0,0 +1,38 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Configure hieradata for Cinder Netapp configuration
+
+resources:
+ CinderNetappConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ hiera:
+ datafiles:
+ cinder_netapp_data:
+ mapped_data:
+ cinder_enable_netapp_backend: {get_param: CinderEnableNetappBackend}
+ cinder::backend::netapp::title: {get_param: CinderNetappBackendName}
+ cinder::backend::netapp::netapp_login: {get_param: CinderNetappLogin}
+ cinder::backend::netapp::netapp_password: {get_param: CinderNetappPassword}
+ cinder::backend::netapp::netapp_hostname: {get_param: CinderNetappServerHostname}
+ cinder::backend::netapp::netapp_server_port: {get_param: CinderNetappServerPort}
+ cinder::backend::netapp::netapp_size_multiplier: {get_param: CinderNetappSizeMultiplier}
+ cinder::backend::netapp::netapp_storage_family: {get_param: CinderNetappStorageFamily}
+ cinder::backend::netapp::netapp_storage_protocol: {get_param: CinderNetappStorageProtocol}
+ cinder::backend::netapp::netapp_transport_type: {get_param: CinderNetappTransportType}
+ cinder::backend::netapp::netapp_vfiler: {get_param: CinderNetappVfiler}
+ cinder::backend::netapp::netapp_volume_list: {get_param: CinderNetappVolumeList}
+ cinder::backend::netapp::netapp_vserver: {get_param: CinderNetappVserver}
+ cinder::backend::netapp::netapp_partner_backend_name: {get_param: CinderNetappPartnerBackendName}
+ cinder::backend::netapp::nfs_shares: {get_param: CinderNetappNfsShares}
+ cinder::backend::netapp::nfs_shares_config: {get_param: CinderNetappNfsSharesConfig}
+ cinder::backend::netapp::nfs_mount_options: {get_param: CinderNetappNfsMountOptions}
+ cinder::backend::netapp::netapp_copyoffload_tool_path: {get_param: CinderNetappCopyOffloadToolPath}
+ cinder::backend::netapp::netapp_controller_ips: {get_param: CinderNetappControllerIps}
+ cinder::backend::netapp::netapp_sa_password: {get_param: CinderNetappSaPassword}
+ cinder::backend::netapp::netapp_storage_pools: {get_param: CinderNetappStoragePools}
+ cinder::backend::netapp::netapp_eseries_host_type: {get_param: CinderNetappEseriesHostType}
+ cinder::backend::netapp::netapp_webservice_path: {get_param: CinderNetappWebservicePath}
diff --git a/extraconfig/controller/noop.yaml b/extraconfig/controller/noop.yaml
new file mode 100644
index 00000000..2eb35763
--- /dev/null
+++ b/extraconfig/controller/noop.yaml
@@ -0,0 +1,3 @@
+heat_template_version: 2015-04-30
+
+description: A stack which doesn't configure anything.
diff --git a/extraconfig/post_deploy/example.yaml b/extraconfig/post_deploy/example.yaml
index 6b816d40..1d3dca25 100644
--- a/extraconfig/post_deploy/example.yaml
+++ b/extraconfig/post_deploy/example.yaml
@@ -20,7 +20,7 @@ resources:
echo "extra" > /root/extra
ExtraDeployments:
- type: OS::Heat::StructuredDeployments
+ type: OS::Heat::SoftwareDeployments
properties:
servers: {get_param: servers}
config: {get_resource: ExtraConfig}
diff --git a/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml
new file mode 100644
index 00000000..70437a8a
--- /dev/null
+++ b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml
@@ -0,0 +1,22 @@
+# Note this can be specified either in the call
+# to heat stack-create via an additional -e option
+# or via the global environment on the seed in
+# /etc/heat/environment.d/default.yaml
+parameter_defaults:
+ rhel_reg_activation_key: ""
+ rhel_reg_auto_attach: ""
+ rhel_reg_base_url: ""
+ rhel_reg_environment: ""
+ rhel_reg_force: ""
+ rhel_reg_machine_name: ""
+ rhel_reg_org: ""
+ rhel_reg_password: ""
+ rhel_reg_pool_id: ""
+ rhel_reg_release: ""
+ rhel_reg_repos: ""
+ rhel_reg_sat_url: ""
+ rhel_reg_server_url: ""
+ rhel_reg_service_level: ""
+ rhel_reg_user: ""
+ rhel_reg_type: ""
+ rhel_reg_method: ""
diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml
new file mode 100644
index 00000000..7b48392d
--- /dev/null
+++ b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::NodeExtraConfigPost: rhel-registration.yaml
diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml
new file mode 100644
index 00000000..bf6c88cd
--- /dev/null
+++ b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml
@@ -0,0 +1,113 @@
+heat_template_version: 2014-10-16
+
+description: >
+ RHEL Registration and unregistration software deployments.
+
+# Note extra parameters can be defined, then passed data via the
+# environment parameter_defaults, without modifying the parent template
+parameters:
+ servers:
+ type: json
+ # To be defined via a local or global environment in parameter_defaults
+ rhel_reg_activation_key:
+ type: string
+ rhel_reg_auto_attach:
+ type: string
+ rhel_reg_base_url:
+ type: string
+ rhel_reg_environment:
+ type: string
+ rhel_reg_force:
+ type: string
+ rhel_reg_machine_name:
+ type: string
+ rhel_reg_org:
+ type: string
+ rhel_reg_password:
+ type: string
+ rhel_reg_pool_id:
+ type: string
+ rhel_reg_release:
+ type: string
+ rhel_reg_repos:
+ type: string
+ rhel_reg_sat_url:
+ type: string
+ rhel_reg_server_url:
+ type: string
+ rhel_reg_service_level:
+ type: string
+ rhel_reg_user:
+ type: string
+ rhel_reg_type:
+ type: string
+ rhel_reg_method:
+ type: string
+
+resources:
+
+ RHELRegistration:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: REG_ACTIVATION_KEY
+ - name: REG_AUTO_ATTACH
+ - name: REG_BASE_URL
+ - name: REG_ENVIRONMENT
+ - name: REG_FORCE
+ - name: REG_MACHINE_NAME
+ - name: REG_ORG
+ - name: REG_PASSWORD
+ - name: REG_POOL_ID
+ - name: REG_RELEASE
+ - name: REG_REPOS
+ - name: REG_SAT_URL
+ - name: REG_SERVER_URL
+ - name: REG_SERVICE_LEVEL
+ - name: REG_USER
+ - name: REG_TYPE
+ - name: REG_METHOD
+ config: {get_file: scripts/rhel-registration}
+
+ RHELRegistrationDeployment:
+ type: OS::Heat::SoftwareDeployments
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: RHELRegistration}
+ actions: ['CREATE'] # Only do this on CREATE
+ input_values:
+ REG_ACTIVATION_KEY: {get_param: rhel_reg_activation_key}
+ REG_AUTO_ATTACH: {get_param: rhel_reg_auto_attach}
+ REG_BASE_URL: {get_param: rhel_reg_base_url}
+ REG_ENVIRONMENT: {get_param: rhel_reg_environment}
+ REG_FORCE: {get_param: rhel_reg_force}
+ REG_MACHINE_NAME: {get_param: rhel_reg_machine_name}
+ REG_ORG: {get_param: rhel_reg_org}
+ REG_PASSWORD: {get_param: rhel_reg_password}
+ REG_POOL_ID: {get_param: rhel_reg_pool_id}
+ REG_RELEASE: {get_param: rhel_reg_release}
+ REG_REPOS: {get_param: rhel_reg_repos}
+ REG_SAT_URL: {get_param: rhel_reg_sat_url}
+ REG_SERVER_URL: {get_param: rhel_reg_server_url}
+ REG_SERVICE_LEVEL: {get_param: rhel_reg_service_level}
+ REG_USER: {get_param: rhel_reg_user}
+ REG_TYPE: {get_param: rhel_reg_type}
+ REG_METHOD: {get_param: rhel_reg_method}
+
+ RHELUnregistration:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: scripts/rhel-unregistration}
+ inputs:
+ - name: REG_METHOD
+
+ RHELUnregistrationDeployment:
+ type: OS::Heat::SoftwareDeployments
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: RHELUnregistration}
+ actions: ['DELETE'] # Only do this on DELETE
+ input_values:
+ REG_METHOD: {get_param: rhel_reg_method}
diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration
new file mode 100644
index 00000000..c2bf1894
--- /dev/null
+++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration
@@ -0,0 +1,120 @@
+#!/bin/bash
+
+# dib-lint: disable=setu sete setpipefail dibdebugtrace
+
+set -eu
+set -o pipefail
+
+OK=/mnt/state/var/lib/rhsm/rhsm.ok
+
+if [ -e $OK ] ; then
+ exit 0
+fi
+
+opts=
+attach_opts=
+repos="repos --enable rhel-7-server-rpms"
+satellite_repo="rhel-7-server-rh-common-rpms"
+if [ -n "${REG_AUTO_ATTACH:-}" ]; then
+ opts="$opts --auto-attach"
+
+ if [ -n "${REG_SERVICE_LEVEL:-}" ]; then
+ opts="$opts --servicelevel $REG_SERVICE_LEVEL"
+ fi
+
+ if [ -n "${REG_RELEASE:-}" ]; then
+ opts="$opts --release=$REG_RELEASE"
+ fi
+else
+ if [ -n "${REG_SERVICE_LEVEL:-}" ]; then
+ echo "WARNING: REG_SERVICE_LEVEL set without REG_AUTO_ATTACH."
+ fi
+
+ if [ -n "${REG_RELEASE:-}" ]; then
+ echo "WARNING: REG_RELEASE set without REG_AUTO_ATTACH."
+ fi
+
+ if [ -n "${REG_POOL_ID:-}" ]; then
+ attach_opts="$attach_opts --pool=$REG_POOL_ID"
+ fi
+fi
+
+if [ -n "${REG_BASE_URL:-}" ]; then
+ opts="$opts --baseurl=$REG_BASE_URL"
+fi
+
+if [ -n "${REG_ENVIRONMENT:-}" ]; then
+ opts="$opts --env=$REG_ENVIRONMENT"
+fi
+
+if [ -n "${REG_FORCE:-}" ]; then
+ opts="$opts --force"
+fi
+
+if [ -n "${REG_SERVER_URL:-}" ]; then
+ opts="$opts --serverurl=$REG_SERVER_URL"
+fi
+
+if [ -n "${REG_ACTIVATION_KEY:-}" ]; then
+ opts="$opts --activationkey=$REG_ACTIVATION_KEY"
+
+ if [ -z "${REG_ORG:-}" ]; then
+ echo "WARNING: REG_ACTIVATION_KEY set without REG_ORG."
+ fi
+else
+ echo "WARNING: Support for registering with a username and password is deprecated."
+ echo "Please use activation keys instead. See the README for more information."
+ if [ -n "${REG_PASSWORD:-}" ]; then
+ opts="$opts --password $REG_PASSWORD"
+ fi
+
+ if [ -n "${REG_USER:-}" ]; then
+ opts="$opts --username $REG_USER"
+ fi
+fi
+
+if [ -n "${REG_MACHINE_NAME:-}" ]; then
+ opts="$opts --name $REG_MACHINE_NAME"
+fi
+
+if [ -n "${REG_ORG:-}" ]; then
+ opts="$opts --org=$REG_ORG"
+fi
+
+if [ -n "${REG_REPOS:-}" ]; then
+ for repo in $(echo $REG_REPOS | tr ',' '\n'); do
+ repos="$repos --enable $repo"
+ done
+fi
+
+if [ -n "${REG_TYPE:-}" ]; then
+ opts="$opts --type=$REG_TYPE"
+fi
+
+case "${REG_METHOD:-}" in
+ portal)
+ subscription-manager register $opts
+ if [ -z "${REG_AUTO_ATTACH:-}" ]; then
+ subscription-manager attach $attach_opts
+ fi
+ subscription-manager $repos
+ ;;
+ satellite)
+ repos="$repos --enable ${satellite_repo}"
+ rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true
+ subscription-manager register $opts
+ subscription-manager $repos
+ yum install -y katello-agent || true # needed for errata reporting to satellite6
+ katello-package-upload
+ subscription-manager repos --disable ${satellite_repo}
+ ;;
+ disable)
+ echo "Disabling RHEL registration"
+ ;;
+ *)
+ echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD."
+ exit 0
+esac
+
+mkdir -p $(dirname $OK)
+touch $OK
diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration
new file mode 100644
index 00000000..1e72e0a6
--- /dev/null
+++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -eux
+set -o pipefail
+
+case "${REG_METHOD:-}" in
+ portal|satellite)
+ # Allow unregistration to fail.
+ # We don't want to fail stack deletes if unregistration fails.
+ subscription-manager unregister || true
+ subscription-manager clean || true
+ ;;
+ disable)
+ echo "Disabling RHEL unregistration"
+ ;;
+ *)
+ echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD."
+ exit 0
+esac
diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh
new file mode 100755
index 00000000..3d4c772b
--- /dev/null
+++ b/extraconfig/tasks/yum_update.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# A heat-config-script which runs yum update during a stack-update.
+# Inputs:
+# deploy_action - yum will only be run if this is UPDATE
+# update_identifier - yum will only run for previously unused values of update_identifier
+# command - yum sub-command to run, defaults to "update"
+# command_arguments - yum command arguments, defaults to ""
+
+echo "Started yum_update.sh on server $deploy_server_id at `date`"
+
+if [[ -z "$update_identifier" ]]; then
+ echo "Not running due to unset update_identifier"
+ exit 0
+fi
+
+timestamp_dir=/var/lib/overcloud-yum-update
+mkdir -p $timestamp_dir
+
+# sanitise to remove unusual characters
+update_identifier=${update_identifier//[^a-zA-Z0-9-_]/}
+
+timestamp_file="$timestamp_dir/$update_identifier"
+if [[ -a "$timestamp_file" ]]; then
+ echo "Not running for already-run timestamp \"$update_identifier\""
+ exit 0
+fi
+touch "$timestamp_file"
+
+command=${command:-update}
+full_command="yum -y $command $command_arguments"
+echo "Running: $full_command"
+
+result=$($full_command)
+return_code=$?
+echo "$result"
+echo "yum return code: $return_code"
+
+echo "Finished yum_update.sh on server $deploy_server_id at `date`"
+
+exit $return_code
diff --git a/extraconfig/tasks/yum_update.yaml b/extraconfig/tasks/yum_update.yaml
new file mode 100644
index 00000000..e918149e
--- /dev/null
+++ b/extraconfig/tasks/yum_update.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2014-10-16
+
+description: >
+ Software-config for performing package updates using yum
+
+resources:
+
+ config:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: yum_update.sh}
+ inputs:
+ - name: update_identifier
+ description: yum will only run for previously unused values of update_identifier
+ default: ''
+ - name: command
+ description: yum sub-command to run, defaults to "update"
+ default: update
+ - name: command_arguments
+ description: yum command arguments, defaults to ""
+ default: ''
+
+outputs:
+ OS::stack_id:
+ value: {get_resource: config} \ No newline at end of file
diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml
index 90617b30..ed9fff7a 100644
--- a/network/config/bond-with-vlans/ceph-storage.yaml
+++ b/network/config/bond-with-vlans/ceph-storage.yaml
@@ -2,7 +2,7 @@ heat_template_version: 2015-04-30
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge
- with a VLANs attached for the ceph storage role.
+ with VLANs attached for the ceph storage role.
parameters:
ExternalIpSubnet:
@@ -25,6 +25,20 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
+ BondInterfaceOvsOptions:
+ default: ''
+ description: The ovs_options string for the bond interface. Set things like
+ lacp=active and/or bond_mode=balance-slb using this option.
+ type: string
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+
resources:
OsNetConfigImpl:
@@ -36,7 +50,7 @@ resources:
network_config:
-
type: ovs_bridge
- name: {get_input: bridge_name}
+ name: br-storage
use_dhcp: true
members:
-
@@ -51,7 +65,7 @@ resources:
-
type: ovs_bond
name: bond1
- ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ ovs_options: {get_param: BondInterfaceOvsOptions}
members:
-
type: interface
@@ -63,14 +77,14 @@ resources:
-
type: vlan
device: bond1
- vlan_id: 30
+ vlan_id: {get_param: StorageNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 40
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml
index 95204d35..95733fca 100644
--- a/network/config/bond-with-vlans/cinder-storage.yaml
+++ b/network/config/bond-with-vlans/cinder-storage.yaml
@@ -2,7 +2,7 @@ heat_template_version: 2015-04-30
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge
- with a VLANs attached for the cinder storage role.
+ with VLANs attached for the cinder storage role.
parameters:
ExternalIpSubnet:
@@ -25,6 +25,23 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
+ BondInterfaceOvsOptions:
+ default: ''
+ description: The ovs_options string for the bond interface. Set things like
+ lacp=active and/or bond_mode=balance-slb using this option.
+ type: string
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
resources:
OsNetConfigImpl:
@@ -36,7 +53,7 @@ resources:
network_config:
-
type: ovs_bridge
- name: {get_input: bridge_name}
+ name: br-storage
use_dhcp: true
members:
-
@@ -51,7 +68,7 @@ resources:
-
type: ovs_bond
name: bond1
- ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ ovs_options: {get_param: BondInterfaceOvsOptions}
members:
-
type: interface
@@ -63,21 +80,21 @@ resources:
-
type: vlan
device: bond1
- vlan_id: 20
+ vlan_id: {get_param: InternalApiNetworkVlanID}
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 30
+ vlan_id: {get_param: StorageNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 40
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml
index d7113c8c..709b3b5b 100644
--- a/network/config/bond-with-vlans/compute.yaml
+++ b/network/config/bond-with-vlans/compute.yaml
@@ -2,7 +2,7 @@ heat_template_version: 2015-04-30
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge
- with a VLANs attached for the compute role.
+ with VLANs attached for the compute role.
parameters:
ExternalIpSubnet:
@@ -25,6 +25,23 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
+ BondInterfaceOvsOptions:
+ default: ''
+ description: The ovs_options string for the bond interface. Set things like
+ lacp=active and/or bond_mode=balance-slb using this option.
+ type: string
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
resources:
OsNetConfigImpl:
@@ -51,7 +68,7 @@ resources:
-
type: ovs_bond
name: bond1
- ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ ovs_options: {get_param: BondInterfaceOvsOptions}
members:
-
type: interface
@@ -63,21 +80,21 @@ resources:
-
type: vlan
device: bond1
- vlan_id: 20
+ vlan_id: {get_param: InternalApiNetworkVlanID}
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 30
+ vlan_id: {get_param: StorageNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 50
+ vlan_id: {get_param: TenantNetworkVlanID}
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml
index 478581c2..16a0dec2 100644
--- a/network/config/bond-with-vlans/controller.yaml
+++ b/network/config/bond-with-vlans/controller.yaml
@@ -2,7 +2,7 @@ heat_template_version: 2015-04-30
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge
- with a VLANs attached for the controller role.
+ with VLANs attached for the controller role.
parameters:
ExternalIpSubnet:
@@ -25,6 +25,31 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
+ BondInterfaceOvsOptions:
+ default: ''
+ description: The ovs_options string for the bond interface. Set things like
+ lacp=active and/or bond_mode=balance-slb using this option.
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
resources:
OsNetConfigImpl:
@@ -51,7 +76,7 @@ resources:
-
type: ovs_bond
name: bond1
- ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ ovs_options: {get_param: BondInterfaceOvsOptions}
members:
-
type: interface
@@ -63,35 +88,35 @@ resources:
-
type: vlan
device: bond1
- vlan_id: 10
+ vlan_id: {get_param: ExternalNetworkVlanID}
addresses:
-
ip_netmask: {get_param: ExternalIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 20
+ vlan_id: {get_param: InternalApiNetworkVlanID}
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 30
+ vlan_id: {get_param: StorageNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 40
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 50
+ vlan_id: {get_param: TenantNetworkVlanID}
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml
index 337fef5b..6549ce7a 100644
--- a/network/config/bond-with-vlans/swift-storage.yaml
+++ b/network/config/bond-with-vlans/swift-storage.yaml
@@ -2,7 +2,7 @@ heat_template_version: 2015-04-30
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge
- with a VLANs attached for the swift storage role.
+ with VLANs attached for the swift storage role.
parameters:
ExternalIpSubnet:
@@ -25,6 +25,23 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
+ BondInterfaceOvsOptions:
+ default: ''
+ description: The ovs_options string for the bond interface. Set things like
+ lacp=active and/or bond_mode=balance-slb using this option.
+ type: string
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
resources:
OsNetConfigImpl:
@@ -36,7 +53,7 @@ resources:
network_config:
-
type: ovs_bridge
- name: {get_input: bridge_name}
+ name: br-storage
use_dhcp: true
members:
-
@@ -51,7 +68,7 @@ resources:
-
type: ovs_bond
name: bond1
- ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ ovs_options: {get_param: BondInterfaceOvsOptions}
members:
-
type: interface
@@ -63,21 +80,21 @@ resources:
-
type: vlan
device: bond1
- vlan_id: 20
+ vlan_id: {get_param: InternalApiNetworkVlanID}
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 30
+ vlan_id: {get_param: StorageNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageIpSubnet}
-
type: vlan
device: bond1
- vlan_id: 40
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
diff --git a/network/config/single-nic-vlans/README.md b/network/config/single-nic-vlans/README.md
new file mode 100644
index 00000000..e3e16574
--- /dev/null
+++ b/network/config/single-nic-vlans/README.md
@@ -0,0 +1,19 @@
+This directory contains Heat templates to help configure
+Vlans on a single NICs for each Overcloud role.
+
+Configuration
+-------------
+
+To make use of these templates create a Heat environment that looks
+something like this:
+
+ resource\_registry:
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/single-nic-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: network/config/single-nic-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-vlans/controller.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/single-nic-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/single-nic-vlans/ceph-storage.yaml
+
+Or use this Heat environment file:
+
+ environments/net-single-nic-with-vlans.yaml
diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml
new file mode 100644
index 00000000..4a25f763
--- /dev/null
+++ b/network/config/single-nic-vlans/ceph-storage.yaml
@@ -0,0 +1,71 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ ceph storage role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: br-storage
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: {get_param: StorageNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml
new file mode 100644
index 00000000..397b1ecd
--- /dev/null
+++ b/network/config/single-nic-vlans/cinder-storage.yaml
@@ -0,0 +1,81 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ cinder storage role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: br-storage
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: {get_param: InternalApiNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml
new file mode 100644
index 00000000..c73aed5e
--- /dev/null
+++ b/network/config/single-nic-vlans/compute.yaml
@@ -0,0 +1,81 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ compute role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: {get_param: InternalApiNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: TenantNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: TenantIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml
new file mode 100644
index 00000000..ca0cbcad
--- /dev/null
+++ b/network/config/single-nic-vlans/controller.yaml
@@ -0,0 +1,101 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ controller role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: {get_param: ExternalNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: ExternalIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: InternalApiNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: TenantNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: TenantIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml
new file mode 100644
index 00000000..f033ced7
--- /dev/null
+++ b/network/config/single-nic-vlans/swift-storage.yaml
@@ -0,0 +1,81 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ swift storage role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: br-storage
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: {get_param: InternalApiNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/external.yaml b/network/external.yaml
index e9aa5b32..bf4bdfe7 100644
--- a/network/external.yaml
+++ b/network/external.yaml
@@ -33,7 +33,10 @@ parameters:
default: external_subnet
description: The name of the external subnet in Neutron.
type: string
-
+ ExternalAllocationPools:
+ default: [{'start': '10.0.0.4', 'end': '10.0.0.250'}]
+ description: Ip allocation pool range for the external network.
+ type: json
resources:
ExternalNetwork:
@@ -51,6 +54,7 @@ resources:
enable_dhcp: {get_param: ExternalNetEnableDHCP}
name: {get_param: ExternalSubnetName}
network: {get_resource: ExternalNetwork}
+ allocation_pools: {get_param: ExternalAllocationPools}
outputs:
OS::stack_id:
diff --git a/network/internal_api.yaml b/network/internal_api.yaml
index 5abfb117..c7e822e9 100644
--- a/network/internal_api.yaml
+++ b/network/internal_api.yaml
@@ -33,6 +33,10 @@ parameters:
default: internal_api_subnet
description: The name of the internal API subnet in Neutron.
type: string
+ InternalApiAllocationPools:
+ default: [{'start': '172.16.2.4', 'end': '172.16.2.250'}]
+ description: Ip allocation pool range for the internal API network.
+ type: json
resources:
InternalApiNetwork:
@@ -50,6 +54,7 @@ resources:
enable_dhcp: {get_param: InternalApiNetEnableDHCP}
name: {get_param: InternalApiSubnetName}
network: {get_resource: InternalApiNetwork}
+ allocation_pools: {get_param: InternalApiAllocationPools}
outputs:
OS::stack_id:
diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml
new file mode 100644
index 00000000..d5001e43
--- /dev/null
+++ b/network/ports/ctlplane_vip.yaml
@@ -0,0 +1,46 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Creates a port for a VIP on the undercloud ctlplane network.
+
+parameters:
+ NetworkName:
+ description: # Here for compatibility with isolated networks
+ default: ctlplane
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ type: string
+ ControlPlaneNetwork:
+ description: The name of the undercloud Neutron control plane
+ default: ctlplane
+ type: string
+
+
+resources:
+
+ VipPort:
+ type: OS::Neutron::Port
+ properties:
+ network: {get_param: ControlPlaneNetwork}
+ name: {get_param: PortName}
+ replacement_policy: AUTO
+
+outputs:
+ ip_address:
+ description: Virtual IP network IP
+ value: {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the internal API network IP
+ value:
+ list_join:
+ - ''
+ - - {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+ - '/'
+ - {get_attr: [VipPort, subnets, 0, cidr, -2]}
+ - {get_attr: [VipPort, subnets, 0, cidr, -1]}
diff --git a/network/ports/external.yaml b/network/ports/external.yaml
index db86b329..b5c1e5c9 100644
--- a/network/ports/external.yaml
+++ b/network/ports/external.yaml
@@ -8,6 +8,10 @@ parameters:
description: Name of the external neutron network
default: external
type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
ControlPlaneIP: # Here for compatability with noop.yaml
description: IP address on the control plane
type: string
@@ -18,6 +22,7 @@ resources:
type: OS::Neutron::Port
properties:
network: {get_param: ExternalNetName}
+ name: {get_param: PortName}
replacement_policy: AUTO
outputs:
diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml
index 59c0e0ad..da1b1856 100644
--- a/network/ports/internal_api.yaml
+++ b/network/ports/internal_api.yaml
@@ -8,6 +8,10 @@ parameters:
description: Name of the internal API neutron network
default: internal_api
type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
ControlPlaneIP: # Here for compatability with noop.yaml
description: IP address on the control plane
type: string
@@ -18,6 +22,7 @@ resources:
type: OS::Neutron::Port
properties:
network: {get_param: InternalApiNetName}
+ name: {get_param: PortName}
replacement_policy: AUTO
outputs:
diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml
new file mode 100644
index 00000000..54614ead
--- /dev/null
+++ b/network/ports/net_ip_list_map.yaml
@@ -0,0 +1,30 @@
+heat_template_version: 2015-04-30
+
+parameters:
+ ExternalIpList:
+ default: []
+ type: comma_delimited_list
+ InternalApiIpList:
+ default: []
+ type: comma_delimited_list
+ StorageIpList:
+ default: []
+ type: comma_delimited_list
+ StorageMgmtIpList:
+ default: []
+ type: comma_delimited_list
+ TenantIpList:
+ default: []
+ type: comma_delimited_list
+
+outputs:
+ net_ip_map:
+ description: >
+ A Hash containing a mapping of network names to assigned lists
+ of IP addresses.
+ value:
+ external: {get_param: ExternalIpList}
+ internal_api: {get_param: InternalApiIpList}
+ storage: {get_param: StorageIpList}
+ storage_mgmt: {get_param: StorageMgmtIpList}
+ tenant: {get_param: TenantIpList}
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index b7138b25..edc4060f 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: 2015-04-30
parameters:
ExternalIp:
diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml
index 6bbf23c9..9e1a1276 100644
--- a/network/ports/noop.yaml
+++ b/network/ports/noop.yaml
@@ -7,6 +7,18 @@ parameters:
ControlPlaneIP:
description: IP address on the control plane
type: string
+ ControlPlaneNetwork:
+ description: Name of the control plane network
+ default: ctlplane
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ NetworkName:
+ description: # Here for compatability with vip.yaml
+ default: ''
+ type: string
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml
index 27f60a0d..ecb20b8f 100644
--- a/network/ports/storage.yaml
+++ b/network/ports/storage.yaml
@@ -8,6 +8,10 @@ parameters:
description: Name of the storage neutron network
default: storage
type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
ControlPlaneIP: # Here for compatability with noop.yaml
description: IP address on the control plane
type: string
@@ -18,6 +22,7 @@ resources:
type: OS::Neutron::Port
properties:
network: {get_param: StorageNetName}
+ name: {get_param: PortName}
replacement_policy: AUTO
outputs:
diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml
index 03cc224e..2ab39f21 100644
--- a/network/ports/storage_mgmt.yaml
+++ b/network/ports/storage_mgmt.yaml
@@ -8,6 +8,10 @@ parameters:
description: Name of the storage_mgmt API neutron network
default: storage_mgmt
type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
ControlPlaneIP: # Here for compatability with noop.yaml
description: IP address on the control plane
type: string
@@ -18,6 +22,7 @@ resources:
type: OS::Neutron::Port
properties:
network: {get_param: StorageMgmtNetName}
+ name: {get_param: PortName}
replacement_policy: AUTO
outputs:
diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml
index 1957c41b..aae12d46 100644
--- a/network/ports/tenant.yaml
+++ b/network/ports/tenant.yaml
@@ -8,6 +8,10 @@ parameters:
description: Name of the tenant neutron network
default: tenant
type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
ControlPlaneIP: # Here for compatability with noop.yaml
description: IP address on the control plane
type: string
@@ -18,6 +22,7 @@ resources:
type: OS::Neutron::Port
properties:
network: {get_param: TenantNetName}
+ name: {get_param: PortName}
replacement_policy: AUTO
outputs:
diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml
new file mode 100644
index 00000000..b957e132
--- /dev/null
+++ b/network/ports/vip.yaml
@@ -0,0 +1,41 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Creates a port for a VIP on the isolated network NetworkName.
+
+parameters:
+ NetworkName:
+ description: Name of the network where the VIP will be created
+ default: internal_api
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatability with noop.yaml
+ description: IP address on the control plane
+ type: string
+
+resources:
+
+ VipPort:
+ type: OS::Neutron::Port
+ properties:
+ network: {get_param: NetworkName}
+ name: {get_param: PortName}
+ replacement_policy: AUTO
+
+outputs:
+ ip_address:
+ description: Virtual IP network IP
+ value: {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+ ip_subnet:
+ # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+ description: IP/Subnet CIDR for the internal API network IP
+ value:
+ list_join:
+ - ''
+ - - {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+ - '/'
+ - {get_attr: [VipPort, subnets, 0, cidr, -2]}
+ - {get_attr: [VipPort, subnets, 0, cidr, -1]}
diff --git a/network/storage.yaml b/network/storage.yaml
index 1f60adf4..d403f9e5 100644
--- a/network/storage.yaml
+++ b/network/storage.yaml
@@ -33,6 +33,10 @@ parameters:
default: storage_subnet
description: The name of the storage subnet in Neutron.
type: string
+ StorageAllocationPools:
+ default: [{'start': '172.16.1.4', 'end': '172.16.1.250'}]
+ description: Ip allocation pool range for the storage network.
+ type: json
resources:
StorageNetwork:
@@ -50,6 +54,7 @@ resources:
enable_dhcp: {get_param: StorageNetEnableDHCP}
name: {get_param: StorageSubnetName}
network: {get_resource: StorageNetwork}
+ allocation_pools: {get_param: StorageAllocationPools}
outputs:
OS::stack_id:
diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml
index e97d4364..d0c919b5 100644
--- a/network/storage_mgmt.yaml
+++ b/network/storage_mgmt.yaml
@@ -33,6 +33,10 @@ parameters:
default: storage_mgmt_subnet
description: The name of the Storage management subnet in Neutron.
type: string
+ StorageMgmtAllocationPools:
+ default: [{'start': '172.16.3.4', 'end': '172.16.3.250'}]
+ description: Ip allocation pool range for the storage mgmt network.
+ type: json
resources:
StorageMgmtNetwork:
@@ -50,6 +54,7 @@ resources:
enable_dhcp: {get_param: StorageMgmtNetEnableDHCP}
name: {get_param: StorageMgmtSubnetName}
network: {get_resource: StorageMgmtNetwork}
+ allocation_pools: {get_param: StorageMgmtAllocationPools}
outputs:
OS::stack_id:
diff --git a/network/tenant.yaml b/network/tenant.yaml
index db7f99f3..055b87b8 100644
--- a/network/tenant.yaml
+++ b/network/tenant.yaml
@@ -33,6 +33,10 @@ parameters:
default: tenant_subnet
description: The name of the tenant subnet in Neutron.
type: string
+ TenantAllocationPools:
+ default: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
+ description: Ip allocation pool range for the tenant network.
+ type: json
resources:
TenantNetwork:
@@ -50,6 +54,7 @@ resources:
enable_dhcp: {get_param: TenantNetEnableDHCP}
name: {get_param: TenantSubnetName}
network: {get_resource: TenantNetwork}
+ allocation_pools: {get_param: TenantAllocationPools}
outputs:
OS::stack_id:
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index b4c3b5a2..c9041c6b 100644
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -2,7 +2,7 @@ resource_registry:
OS::TripleO::BlockStorage: puppet/cinder-storage-puppet.yaml
OS::TripleO::BlockStorage::Net::SoftwareConfig: net-config-noop.yaml
OS::TripleO::Compute: puppet/compute-puppet.yaml
- OS::TripleO::Compute::Net::SoftwareConfig: net-config-bridge.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: net-config-noop.yaml
OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment
OS::TripleO::Controller: puppet/controller-puppet.yaml
OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml
@@ -23,9 +23,12 @@ resource_registry:
OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml
OS::TripleO::NodeUserData: firstboot/userdata_default.yaml
OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml
+ OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
# TripleO overcloud networks
OS::TripleO::Network: network/networks.yaml
+ OS::TripleO::VipConfig: puppet/vip-config.yaml
+
OS::TripleO::Network::External: network/noop.yaml
OS::TripleO::Network::InternalApi: network/noop.yaml
@@ -34,6 +37,7 @@ resource_registry:
OS::TripleO::Network::Tenant: network/noop.yaml
OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml
+ OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml
@@ -61,12 +65,11 @@ resource_registry:
OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
+ # Cinder backend config for the controller role
+ OS::TripleO::Controller::CinderBackend: extraconfig/controller/noop.yaml
+
+ # Port assignments for service virtual IPs for the controller role
+ OS::TripleO::Controller::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml
+
parameter_defaults:
EnablePackageInstall: false
- # Mapping of service_name -> network name.
- ServiceNetMap:
- NeutronLocalIp: tenant
- CeilometerApiNetwork: internal_api
- MongoDbNetwork: internal_api
- CinderApiNetwork: internal_api
- CinderIscsiNetwork: storage
diff --git a/overcloud-resource-registry.yaml b/overcloud-resource-registry.yaml
index df67bf13..78607b51 100644
--- a/overcloud-resource-registry.yaml
+++ b/overcloud-resource-registry.yaml
@@ -21,9 +21,11 @@ resource_registry:
OS::TripleO::BootstrapNode::SoftwareConfig: bootstrap-config.yaml
OS::TripleO::NodeUserData: firstboot/userdata_default.yaml
OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml
+ OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
# TripleO overcloud networks
OS::TripleO::Network: network/networks.yaml
+ OS::TripleO::VipConfig: vip-config.yaml
OS::TripleO::Network::External: network/noop.yaml
OS::TripleO::Network::InternalApi: network/noop.yaml
@@ -32,6 +34,7 @@ resource_registry:
OS::TripleO::Network::Tenant: network/noop.yaml
OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml
+ OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml
@@ -58,3 +61,6 @@ resource_registry:
OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
+
+ # Port assignments for service virtual IPs for the controller role
+ OS::TripleO::Controller::Ports::RedisVipPort: network/ports/noop.yaml
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index b7ef0869..e13b9acb 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -58,12 +58,6 @@ parameters:
default: ''
description: Set to True to enable debugging on all services.
type: string
- DefaultSignalTransport:
- default: CFN_SIGNAL
- description: Transport to use for software-config signals.
- type: string
- constraints:
- - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
GlancePort:
default: "9292"
description: Glance port.
@@ -267,11 +261,6 @@ parameters:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
- EnablePacemaker:
- default: false
- description: If enabled services will be monitored by Pacemaker; it
- will manage VIPs as well, in place of Keepalived.
- type: boolean
ControllerEnableCephStorage:
default: false
description: Whether to deploy Ceph Storage (OSD) on the Controller
@@ -467,7 +456,7 @@ parameters:
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: string
+ type: comma_delimited_list
NovaComputeDriver:
type: string
default: libvirt.LibvirtDriver
@@ -494,6 +483,34 @@ parameters:
type: string
constraints:
- custom_constraint: nova.flavor
+ ServiceNetMap:
+ default:
+ NeutronTenantNetwork: tenant
+ CeilometerApiNetwork: internal_api
+ MongoDbNetwork: internal_api
+ CinderApiNetwork: internal_api
+ CinderIscsiNetwork: storage
+ GlanceApiNetwork: storage
+ GlanceRegistryNetwork: internal_api
+ KeystoneAdminApiNetwork: internal_api
+ KeystonePublicApiNetwork: internal_api
+ NeutronApiNetwork: internal_api
+ HeatApiNetwork: internal_api
+ NovaApiNetwork: internal_api
+ NovaMetadataNetwork: internal_api
+ NovaVncProxyNetwork: internal_api
+ SwiftMgmtNetwork: storage_mgmt
+ SwiftProxyNetwork: storage
+ HorizonNetwork: internal_api
+ MemcachedNetwork: internal_api
+ RabbitMqNetwork: internal_api
+ RedisNetwork: internal_api
+ MysqlNetwork: internal_api
+ CephClusterNetwork: storage_mgmt
+ CephPublicNetwork: storage
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
# Block storage specific parameters
BlockStorageCount:
@@ -535,6 +552,41 @@ parameters:
constraints:
- custom_constraint: nova.flavor
+ # Hostname format for each role
+ # Note %index% is translated into the index of the node, e.g 0/1/2 etc
+ # and %stackname% is replaced with OS::stack_name in the template below.
+ # If you want to use the heat generated names, pass '' (empty string).
+ ControllerHostnameFormat:
+ type: string
+ description: Format for Controller node hostnames
+ default: '%stackname%-controller-%index%'
+ ComputeHostnameFormat:
+ type: string
+ description: Format for Compute node hostnames
+ default: '%stackname%-novacompute-%index%'
+ BlockStorageHostnameFormat:
+ type: string
+ description: Format for BlockStorage node hostnames
+ default: '%stackname%-blockstorage-%index%'
+ ObjectStorageHostnameFormat:
+ type: string
+ description: Format for SwiftStorage node hostnames
+ default: '%stackname%-objectstorage-%index%'
+ CephStorageHostnameFormat:
+ type: string
+ description: Format for CephStorage node hostnames
+ default: '%stackname%-cephstorage-%index%'
+
+ # Identifiers to trigger tasks on nodes
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+
+
+
resources:
HeatAuthEncryptionKey:
@@ -573,7 +625,6 @@ resources:
ControllerExtraConfig: {get_param: controllerExtraConfig}
Debug: {get_param: Debug}
EnableGalera: {get_param: EnableGalera}
- EnablePacemaker: {get_param: EnablePacemaker}
EnableCephStorage: {get_param: ControllerEnableCephStorage}
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
ExtraConfig: {get_param: ExtraConfig}
@@ -602,6 +653,7 @@ resources:
NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
+ NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPublicInterface: {get_param: NeutronPublicInterface}
NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
@@ -627,6 +679,7 @@ resources:
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+ RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
SSLCertificate: {get_param: SSLCertificate}
SSLKey: {get_param: SSLKey}
SSLCACertificate: {get_param: SSLCACertificate}
@@ -636,8 +689,20 @@ resources:
SwiftPartPower: {get_param: SwiftPartPower}
SwiftPassword: {get_param: SwiftPassword}
SwiftReplicas: { get_param: SwiftReplicas}
- VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+ VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
+ PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
+ ServiceNetMap: {get_param: ServiceNetMap}
+ HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: ControllerHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
Compute:
type: OS::Heat::ResourceGroup
@@ -654,17 +719,17 @@ resources:
Debug: {get_param: Debug}
ExtraConfig: {get_param: ExtraConfig}
Flavor: {get_param: OvercloudComputeFlavor}
- GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol}
Image: {get_param: NovaImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
- KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ KeystoneHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
- NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NeutronNetworkType: {get_param: NeutronNetworkType}
NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
@@ -679,7 +744,7 @@ resources:
# L3 HA and Failover is not relevant for Computes, should be removed
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
- NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
NovaComputeDriver: {get_param: NovaComputeDriver}
NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
@@ -687,13 +752,20 @@ resources:
NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
NovaPassword: {get_param: NovaPassword}
NtpServer: {get_param: NtpServer}
- RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: ComputeHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
BlockStorage:
type: OS::Heat::ResourceGroup
@@ -709,14 +781,26 @@ resources:
CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
# Purpose of the dedicated BlockStorage nodes should be to use their local LVM
CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
- VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ CinderPassword: {get_param: CinderPassword}
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudBlockStorageFlavor}
+ VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ GlancePort: {get_param: GlancePort}
+ GlanceProtocol: {get_param: GlanceProtocol}
+ GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
NtpServer: {get_param: NtpServer}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: BlockStorageHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
ObjectStorage:
type: OS::Heat::ResourceGroup
@@ -735,6 +819,13 @@ resources:
Image: {get_param: SwiftStorageImage}
Replicas: { get_param: SwiftReplicas}
NtpServer: {get_param: NtpServer}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ Hostname:
+ str_replace:
+ template: {get_param: ObjectStorageHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
CephStorage:
type: OS::Heat::ResourceGroup
@@ -748,6 +839,22 @@ resources:
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudCephStorageFlavor}
NtpServer: {get_param: NtpServer}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: CephStorageHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+
+ ControllerIpListMap:
+ type: OS::TripleO::Network::Ports::NetIpListMap
+ properties:
+ ExternalIpList: {get_attr: [Controller, external_ip_address]}
+ InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
+ StorageIpList: {get_attr: [Controller, storage_ip_address]}
+ StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
+ TenantIpList: {get_attr: [Controller, tenant_ip_address]}
allNodesConfig:
type: OS::TripleO::AllNodes::SoftwareConfig
@@ -759,6 +866,23 @@ resources:
object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
controller_names: {get_attr: [Controller, hostname]}
+ rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
+ redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+ mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
MysqlRootPassword:
type: OS::Heat::RandomString
@@ -789,6 +913,16 @@ resources:
fixed_ips: {get_param: ControlFixedIPs}
replacement_policy: AUTO
+ RedisVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::RedisVipPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+ PortName: redis_virtual_ip
+ NetworkName: {get_param: [ServiceNetMap, RedisNetwork]}
+
+ # same as external
PublicVirtualIP:
type: OS::Neutron::Port
depends_on: Networks
@@ -798,6 +932,68 @@ resources:
fixed_ips: {get_param: PublicVirtualFixedIPs}
replacement_policy: AUTO
+ InternalApiVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::InternalApiPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: internal_api_virtual_ip
+
+ StorageVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::StoragePort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: storage_virtual_ip
+
+ StorageMgmtVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::StorageMgmtPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: storage_management_virtual_ip
+
+ VipMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ ExternalIp: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+ InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
+ StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
+ StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+ # No tenant VIP required
+
+ VipConfig:
+ type: OS::TripleO::VipConfig
+
+ VipDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_resource: VipConfig}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+ input_values:
+ # service VIP mappings
+ keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ redis_vip: {get_attr: [RedisVirtualIP, ip_address]}
+ mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ # direct configuration of Virtual IPs for each network
+ control_virtual_ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ public_virtual_ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+ internal_api_virtual_ip: {get_attr: [InternalApiVirtualIP, ip_address]}
+ storage_virtual_ip: {get_attr: [StorageVirtualIP, ip_address]}
+ storage_mgmt_virtual_ip: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+
ControllerBootstrapNodeConfig:
type: OS::TripleO::BootstrapNode::SoftwareConfig
properties:
@@ -809,21 +1005,18 @@ resources:
properties:
config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
- signal_transport: NO_SIGNAL
ControllerSwiftDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
- signal_transport: NO_SIGNAL
ObjectStorageSwiftDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
- signal_transport: NO_SIGNAL
SwiftDevicesAndProxyConfig:
type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
@@ -857,11 +1050,12 @@ resources:
ceph_mon_key: {get_param: CephMonKey}
ceph_admin_key: {get_param: CephAdminKey}
ceph_mon_names: {get_attr: [Controller, hostname]}
- ceph_mon_ips: {get_attr: [Controller, ip_address]}
+ ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ControllerClusterConfig:
type: OS::Heat::StructuredConfig
properties:
+ group: os-apply-config
config:
corosync:
nodes: {get_attr: [Controller, corosync_node]}
@@ -879,7 +1073,6 @@ resources:
properties:
config: {get_resource: ControllerClusterConfig}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
- signal_transport: NO_SIGNAL
ControllerAllNodesDeployment:
type: OS::Heat::StructuredDeployments
@@ -949,5 +1142,5 @@ outputs:
list_join:
- ''
- - http://
- - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ - {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
- :5000/v2.0/
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 963835e9..c50d6820 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -16,6 +16,40 @@ parameters:
type: comma_delimited_list
controller_names:
type: comma_delimited_list
+ rabbit_node_ips:
+ type: comma_delimited_list
+ mongo_node_ips:
+ type: comma_delimited_list
+ redis_node_ips:
+ type: comma_delimited_list
+ memcache_node_ips:
+ type: comma_delimited_list
+ mysql_node_ips:
+ type: comma_delimited_list
+ horizon_node_ips:
+ type: comma_delimited_list
+ heat_api_node_ips:
+ type: comma_delimited_list
+ swift_proxy_node_ips:
+ type: comma_delimited_list
+ ceilometer_api_node_ips:
+ type: comma_delimited_list
+ nova_api_node_ips:
+ type: comma_delimited_list
+ nova_metadata_node_ips:
+ type: comma_delimited_list
+ glance_api_node_ips:
+ type: comma_delimited_list
+ glance_registry_node_ips:
+ type: comma_delimited_list
+ cinder_api_node_ips:
+ type: comma_delimited_list
+ neutron_api_node_ips:
+ type: comma_delimited_list
+ keystone_public_api_node_ips:
+ type: comma_delimited_list
+ keystone_admin_api_node_ips:
+ type: comma_delimited_list
resources:
@@ -65,19 +99,136 @@ resources:
SERVERS_LIST:
list_join:
- "','"
- - {get_param: controller_ips}
+ - {get_param: rabbit_node_ips}
mongo_node_ips:
- list_join:
- - ','
- - {get_param: controller_ips}
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: mongo_node_ips}
redis_node_ips:
- list_join:
- - ','
- - {get_param: controller_ips}
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: redis_node_ips}
memcache_node_ips:
- list_join:
- - ','
- - {get_param: controller_ips}
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: memcache_node_ips}
+ mysql_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: mysql_node_ips}
+ horizon_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: horizon_node_ips}
+ heat_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: heat_api_node_ips}
+ swift_proxy_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: swift_proxy_node_ips}
+ ceilometer_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: ceilometer_api_node_ips}
+ nova_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: nova_api_node_ips}
+ nova_metadata_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: nova_metadata_node_ips}
+ glance_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: glance_api_node_ips}
+ glance_registry_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: glance_registry_node_ips}
+ cinder_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: cinder_api_node_ips}
+ neutron_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: neutron_api_node_ips}
+ keystone_public_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: keystone_public_api_node_ips}
+ keystone_admin_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: keystone_admin_api_node_ips}
+
# NOTE(gfidente): interpolation with %{} in the
# hieradata file can't be used as it returns string
ceilometer::rabbit_hosts: *rabbit_nodes_array
diff --git a/puppet/bootstrap-config.yaml b/puppet/bootstrap-config.yaml
index c88ed408..d88eebdf 100644
--- a/puppet/bootstrap-config.yaml
+++ b/puppet/bootstrap-config.yaml
@@ -12,6 +12,7 @@ resources:
BootstrapNodeConfigImpl:
type: OS::Heat::StructuredConfig
properties:
+ group: os-apply-config
config:
hiera:
datafiles:
diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage-puppet.yaml
index 00dbca01..2250f429 100644
--- a/puppet/ceph-storage-puppet.yaml
+++ b/puppet/ceph-storage-puppet.yaml
@@ -28,6 +28,20 @@ parameters:
default: 'false'
description: Set to true to enable package installation via Puppet
type: boolean
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
CephStorage:
@@ -41,6 +55,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -61,6 +76,12 @@ resources:
StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
+ NetIpSubnetMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ StorageIp: {get_attr: [StoragePort, ip_subnet]}
+ StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
@@ -69,6 +90,7 @@ resources:
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
+ depends_on: NetworkDeployment
properties:
config: {get_resource: CephStorageConfig}
server: {get_resource: CephStorage}
@@ -79,6 +101,8 @@ resources:
params:
server: {get_param: NtpServer}
enable_package_install: {get_param: EnablePackageInstall}
+ ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
+ ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
CephStorageConfig:
type: OS::Heat::StructuredConfig
@@ -88,7 +112,6 @@ resources:
hiera:
hierarchy:
- heat_config_%{::deploy_config_name}
- - cephstorage
- ceph_cluster # provided by CephClusterConfig
- ceph
- '"%{::osfamily}"'
@@ -98,16 +121,29 @@ resources:
raw_data: {get_file: hieradata/common.yaml}
ceph:
raw_data: {get_file: hieradata/ceph.yaml}
- cephstorage:
mapped_data:
ntp::servers: {get_input: ntp_servers}
enable_package_install: {get_input: enable_package_install}
+ ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
+ ceph::profile::params::public_network: {get_input: ceph_public_network}
+
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: CephStorage}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
outputs:
hosts_entry:
value:
str_replace:
- template: "IP HOST"
+ template: "IP HOST.localdomain HOST"
params:
IP: {get_attr: [CephStorage, networks, ctlplane, 0]}
HOST: {get_attr: [CephStorage, name]}
diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml
index c69a0f3c..a368ffd1 100644
--- a/puppet/cinder-storage-puppet.yaml
+++ b/puppet/cinder-storage-puppet.yaml
@@ -16,11 +16,16 @@ parameters:
default: 5000
description: The size of the loopback file used by the cinder LVM driver.
type: number
+ CinderPassword:
+ default: unset
+ description: The password for the cinder service and db account, used by cinder-api.
+ type: string
+ hidden: true
Debug:
default: ''
description: Set to True to enable debugging on all services.
type: string
- VirtualIP:
+ VirtualIP: # deprecated. Use per service VIPs instead.
default: ''
type: string
ExtraConfig:
@@ -70,6 +75,10 @@ parameters:
default: "9292"
description: Glance port.
type: string
+ GlanceProtocol:
+ default: http
+ description: Protocol to use when connecting to glance, set to https for SSL.
+ type: string
KeyName:
default: default
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
@@ -106,6 +115,26 @@ parameters:
default: 'false'
description: Set to true to enable package installation via Puppet
type: boolean
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ GlanceApiVirtualIP:
+ type: string
+ default: ''
+ MysqlVirtualIP:
+ type: string
+ default: ''
resources:
BlockStorage:
@@ -119,6 +148,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -145,6 +175,13 @@ resources:
StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
+ NetIpMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
+ StorageIp: {get_attr: [StoragePort, ip_address]}
+ StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
@@ -153,12 +190,13 @@ resources:
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
+ depends_on: NetworkDeployment
properties:
server: {get_resource: BlockStorage}
config: {get_resource: BlockStorageConfig}
input_values:
debug: {get_param: Debug}
- cinder_dsn: {list_join: ['', ['mysql://cinder:unset@', {get_param: VirtualIP} , '/cinder']]}
+ cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: MysqlVirtualIP} , '/cinder']]}
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
cinder_lvm_loop_device_size:
@@ -168,6 +206,15 @@ resources:
size: {get_param: CinderLVMLoopDeviceSize}
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
cinder_iscsi_helper: {get_param: CinderISCSIHelper}
+ cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
+ glance_api_servers:
+ list_join:
+ - ''
+ - - {get_param: GlanceProtocol}
+ - '://'
+ - {get_param: GlanceApiVirtualIP}
+ - ':'
+ - {get_param: GlancePort}
rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword}
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
@@ -178,7 +225,6 @@ resources:
params:
server: {get_param: NtpServer}
enable_package_install: {get_param: EnablePackageInstall}
- signal_transport: NO_SIGNAL
# Map heat metadata into hiera datafiles
BlockStorageConfig:
@@ -198,8 +244,6 @@ resources:
raw_data: {get_file: hieradata/common.yaml}
volume:
raw_data: {get_file: hieradata/volume.yaml}
- oac_data:
- cinder_iscsi_ip_address: local-ipv4
mapped_data:
# Cinder
cinder::debug: {get_input: debug}
@@ -211,16 +255,30 @@ resources:
cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
cinder::rabbit_port: {get_input: rabbit_client_port}
cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
+ cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address}
+ cinder::glance::glance_api_servers: {get_input: glance_api_servers}
ntp::servers: {get_input: ntp_servers}
enable_package_install: {get_input: enable_package_install}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: BlockStorage}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
+
outputs:
hosts_entry:
value:
str_replace:
- template: "IP HOST"
+ template: "IP HOST.localdomain HOST"
params:
IP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
HOST: {get_attr: [BlockStorage, name]}
diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml
index 28a4e045..b34e7a6f 100644
--- a/puppet/compute-puppet.yaml
+++ b/puppet/compute-puppet.yaml
@@ -132,7 +132,7 @@ parameters:
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: string
+ type: comma_delimited_list
NeutronPassword:
default: unset
description: The password for the neutron service account, used by neutron agents.
@@ -252,6 +252,15 @@ parameters:
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
@@ -268,6 +277,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -304,7 +314,6 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
- signal_transport: NO_SIGNAL
config: {get_resource: NetworkConfig}
server: {get_resource: NovaCompute}
input_values:
@@ -332,8 +341,6 @@ resources:
raw_data: {get_file: hieradata/ceph.yaml}
compute:
raw_data: {get_file: hieradata/compute.yaml}
- oac_data:
- nova::compute::vncserver_proxyclient_address: local-ipv4
mapped_data:
nova::debug: {get_input: debug}
nova::rabbit_userid: {get_input: rabbit_username}
@@ -346,6 +353,7 @@ resources:
nova::compute::vncproxy_host: {get_input: nova_public_ip}
nova_enable_rbd_backend: {get_input: nova_enable_rbd_backend}
nova_password: {get_input: nova_password}
+ nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
ceilometer::debug: {get_input: debug}
ceilometer::rabbit_userid: {get_input: rabbit_username}
ceilometer::rabbit_password: {get_input: rabbit_password}
@@ -365,11 +373,11 @@ resources:
neutron::rabbit_port: {get_input: rabbit_client_port}
neutron_flat_networks: {get_input: neutron_flat_networks}
neutron_host: {get_input: neutron_host}
- neutron::agents::ml2::ovs::local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]}
+ neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
neutron_tunnel_types: {get_input: neutron_tunnel_types}
- neutron::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
+ neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
neutron_physical_bridge: {get_input: neutron_physical_bridge}
@@ -388,8 +396,8 @@ resources:
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
- signal_transport: NO_SIGNAL
config: {get_resource: NovaComputeConfig}
server: {get_resource: NovaCompute}
input_values:
@@ -400,6 +408,7 @@ resources:
nova_api_host: {get_param: NovaApiHost}
nova_password: {get_param: NovaPassword}
nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
+ nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
ceilometer_password: {get_param: CeilometerPassword}
ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
@@ -421,10 +430,17 @@ resources:
- {get_param: GlancePort}
neutron_flat_networks: {get_param: NeutronFlatNetworks}
neutron_host: {get_param: NeutronHost}
- neutron_local_ip: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
neutron_tenant_network_type: {get_param: NeutronNetworkType}
neutron_tunnel_types: {get_param: NeutronTunnelTypes}
- neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
+ neutron_network_vlan_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronNetworkVLANRanges}
neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
@@ -459,6 +475,18 @@ resources:
server: {get_param: NtpServer}
enable_package_install: {get_param: EnablePackageInstall}
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: NovaCompute}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
+
outputs:
ip_address:
description: IP address of the server in the ctlplane network
@@ -480,7 +508,7 @@ outputs:
Server's IP address and hostname in the /etc/hosts format
value:
str_replace:
- template: "IP HOST"
+ template: "IP HOST.localdomain HOST"
params:
IP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
HOST: {get_attr: [NovaCompute, name]}
diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml
index b012b4f4..3d7ecd58 100644
--- a/puppet/controller-puppet.yaml
+++ b/puppet/controller-puppet.yaml
@@ -11,7 +11,7 @@ parameters:
hidden: true
AdminToken:
default: unset
- description: The keystone auth secret.
+ description: The keystone auth secret and db password.
type: string
hidden: true
CeilometerBackend:
@@ -25,7 +25,7 @@ parameters:
hidden: true
CeilometerPassword:
default: unset
- description: The password for the ceilometer service account.
+ description: The password for the ceilometer service and db account.
type: string
hidden: true
CinderEnableIscsiBackend:
@@ -46,9 +46,14 @@ parameters:
type: number
CinderPassword:
default: unset
- description: The password for the cinder service account, used by cinder-api.
+ description: The password for the cinder service and db account, used by cinder-api.
type: string
hidden: true
+ CinderBackendConfig:
+ default: {}
+ description: Contains parameters to configure Cinder backends. Typically
+ set via parameter_defaults in the resource registry.
+ type: json
CloudName:
default: ''
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
@@ -71,11 +76,6 @@ parameters:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
- EnablePacemaker:
- default: false
- description: If enabled services will be monitored by Pacemaker; it
- will manage VIPs as well, in place of Keepalived.
- type: boolean
EnableCephStorage:
default: false
description: Whether to deploy Ceph Storage (OSD) on the Controller
@@ -137,7 +137,7 @@ parameters:
default: ''
GlancePassword:
default: unset
- description: The password for the glance service account, used by the glance services.
+ description: The password for the glance service and db account, used by the glance services.
type: string
hidden: true
GlancePort:
@@ -157,7 +157,7 @@ parameters:
- allowed_values: ['swift', 'file', 'rbd']
HeatPassword:
default: unset
- description: The password for the Heat service account, used by the Heat services.
+ description: The password for the Heat service and db account, used by the Heat services.
type: string
hidden: true
HeatStackDomainAdminPassword:
@@ -244,7 +244,7 @@ parameters:
default: 'dvr_snat'
description: Agent mode for the neutron-l3-agent on the controller hosts
type: string
- NeutronL3HA: #FIXME this isn't wired in
+ NeutronL3HA:
default: 'False'
description: Whether to enable l3-agent HA
type: string
@@ -287,10 +287,10 @@ parameters:
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: string
+ type: comma_delimited_list
NeutronPassword:
default: unset
- description: The password for the neutron service account, used by neutron agents.
+ description: The password for the neutron service and db account, used by neutron agents.
type: string
hidden: true
NeutronPublicInterface:
@@ -327,7 +327,7 @@ parameters:
type: string
NovaPassword:
default: unset
- description: The password for the nova service account, used by nova-api.
+ description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
NtpServer:
@@ -342,7 +342,7 @@ parameters:
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
- PublicVirtualIP:
+ PublicVirtualIP: # DEPRECATED: use per service settings instead
type: string
default: '' # Has to be here because of the ignored empty value bug
RabbitCookie:
@@ -368,6 +368,9 @@ parameters:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ RedisVirtualIP:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
@@ -419,9 +422,24 @@ parameters:
type: number
default: 3
description: How many replicas to use in the swift rings.
- VirtualIP:
+ VirtualIP: # DEPRECATED: use per service settings instead
type: string
default: '' # Has to be here because of the ignored empty value bug
+ HeatApiVirtualIP:
+ type: string
+ default: ''
+ GlanceApiVirtualIP:
+ type: string
+ default: ''
+ MysqlVirtualIP:
+ type: string
+ default: ''
+ KeystonePublicApiVirtualIP:
+ type: string
+ default: ''
+ NeutronApiVirtualIP:
+ type: string
+ default: ''
EnablePackageInstall:
default: 'false'
description: Set to true to enable package installation via Puppet
@@ -431,6 +449,15 @@ parameters:
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
@@ -445,6 +472,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -483,6 +511,15 @@ resources:
StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
TenantIp: {get_attr: [TenantPort, ip_address]}
+ NetIpSubnetMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ ExternalIp: {get_attr: [ExternalPort, ip_subnet]}
+ InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]}
+ StorageIp: {get_attr: [StoragePort, ip_subnet]}
+ StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
+ TenantIp: {get_attr: [TenantPort, ip_subnet]}
+
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
properties:
@@ -495,7 +532,6 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
- signal_transport: NO_SIGNAL
config: {get_resource: NetworkConfig}
server: {get_resource: Controller}
input_values:
@@ -504,32 +540,30 @@ resources:
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: NetworkDeployment
properties:
- signal_transport: NO_SIGNAL
config: {get_resource: ControllerConfig}
server: {get_resource: Controller}
input_values:
bootstack_nodeid: {get_attr: [Controller, name]}
- controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
- controller_virtual_ip: {get_param: VirtualIP}
neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
heat.watch_server_url:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: HeatApiVirtualIP}
- ':8003'
heat.metadata_server_url:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: HeatApiVirtualIP}
- ':8000'
heat.waitcondition_server_url:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: HeatApiVirtualIP}
- ':8000/v1/waitcondition'
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
horizon_secret: {get_param: HorizonSecret}
@@ -542,33 +576,39 @@ resources:
cinder_password: {get_param: CinderPassword}
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
cinder_iscsi_helper: {get_param: CinderISCSIHelper}
+ cinder_backend_config: {get_param: CinderBackendConfig}
cinder_dsn:
list_join:
- ''
- - - 'mysql://cinder:unset@'
- - {get_param: VirtualIP}
+ - - 'mysql://cinder:'
+ - {get_param: CinderPassword}
+ - '@'
+ - {get_param: MysqlVirtualIP}
- '/cinder'
glance_port: {get_param: GlancePort}
- glance_protocol: {get_param: GlanceProtocol}
glance_password: {get_param: GlancePassword}
glance_backend: {get_param: GlanceBackend}
- glance_swift_store_auth_address: {list_join: ['', ['http://', {get_param: VirtualIP} , ':5000/v2.0']]}
glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
glance_log_file: {get_param: GlanceLogFile}
glance_dsn:
list_join:
- ''
- - - 'mysql://glance:unset@'
- - {get_param: VirtualIP}
+ - - 'mysql://glance:'
+ - {get_param: GlancePassword}
+ - '@'
+ - {get_param: MysqlVirtualIP}
- '/glance'
heat_password: {get_param: HeatPassword}
heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
heat_dsn:
list_join:
- ''
- - - 'mysql://heat:unset@'
- - {get_param: VirtualIP}
+ - - 'mysql://heat:'
+ - {get_param: HeatPassword}
+ - '@'
+ - {get_param: MysqlVirtualIP}
- '/heat'
+ keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
keystone_ca_certificate: {get_param: KeystoneCACertificate}
keystone_signing_key: {get_param: KeystoneSigningKey}
keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
@@ -577,20 +617,22 @@ resources:
keystone_dsn:
list_join:
- ''
- - - 'mysql://keystone:unset@'
- - {get_param: VirtualIP}
+ - - 'mysql://keystone:'
+ - {get_param: AdminToken}
+ - '@'
+ - {get_param: MysqlVirtualIP}
- '/keystone'
keystone_identity_uri:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: KeystonePublicApiVirtualIP}
- ':35357/'
keystone_auth_uri:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: KeystonePublicApiVirtualIP}
- ':5000/v2.0/'
enable_galera: {get_param: EnableGalera}
enable_ceph_storage: {get_param: EnableCephStorage}
@@ -609,7 +651,14 @@ resources:
neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
neutron_l3_ha: {get_param: NeutronL3HA}
- neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
+ neutron_network_vlan_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronNetworkVLANRanges}
neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
neutron_public_interface: {get_param: NeutronPublicInterface}
neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
@@ -622,29 +671,37 @@ resources:
neutron_dsn:
list_join:
- ''
- - - 'mysql://neutron:unset@'
- - {get_param: VirtualIP}
+ - - 'mysql://neutron:'
+ - {get_param: NeutronPassword}
+ - '@'
+ - {get_param: MysqlVirtualIP}
- '/ovs_neutron?charset=utf8'
neutron_url:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: NeutronApiVirtualIP}
- ':9696'
neutron_admin_auth_url:
list_join:
- ''
- - 'http://'
- - {get_param: VirtualIP}
+ - {get_param: KeystonePublicApiVirtualIP}
- ':35357/v2.0'
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
ceilometer_password: {get_param: CeilometerPassword}
+ ceilometer_coordination_url:
+ list_join:
+ - ''
+ - - 'redis://'
+ - {get_param: RedisVirtualIP}
+ - ':6379'
ceilometer_dsn:
list_join:
- ''
- - 'mysql://ceilometer:unset@'
- - {get_param: VirtualIP}
+ - {get_param: MysqlVirtualIP}
- '/ceilometer'
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
@@ -652,8 +709,10 @@ resources:
nova_dsn:
list_join:
- ''
- - - 'mysql://nova:unset@'
- - {get_param: VirtualIP}
+ - - 'mysql://nova:'
+ - {get_param: NovaPassword}
+ - '@'
+ - {get_param: MysqlVirtualIP}
- '/nova'
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
@@ -668,7 +727,6 @@ resources:
server: {get_param: NtpServer}
control_virtual_interface: {get_param: ControlVirtualInterface}
public_virtual_interface: {get_param: PublicVirtualInterface}
- public_virtual_ip: {get_param: PublicVirtualIP}
swift_hash_suffix: {get_param: SwiftHashSuffix}
swift_password: {get_param: SwiftPassword}
swift_part_power: {get_param: SwiftPartPower}
@@ -676,6 +734,38 @@ resources:
swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_mount_check: {get_param: SwiftMountCheck}
enable_package_install: {get_param: EnablePackageInstall}
+ swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
+ cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
+ cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ glance_api_servers:
+ list_join:
+ - ''
+ - - {get_param: GlanceProtocol}
+ - '://'
+ - {get_param: GlanceApiVirtualIP}
+ - ':'
+ - {get_param: GlancePort}
+ heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
+ neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
+ ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ redis_vip: {get_param: RedisVirtualIP}
+ memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+ mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
+ ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
+ ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
# Map heat metadata into hiera datafiles
ControllerConfig:
@@ -693,6 +783,7 @@ resources:
- ceph
- bootstrap_node # provided by BootstrapNodeConfig
- all_nodes # provided by allNodesConfig
+ - vip_data # provided by vip-config
- '"%{::osfamily}"'
- common
datafiles:
@@ -700,22 +791,25 @@ resources:
raw_data: {get_file: hieradata/common.yaml}
ceph:
raw_data: {get_file: hieradata/ceph.yaml}
+ mapped_data:
+ ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
+ ceph::profile::params::public_network: {get_input: ceph_public_network}
+ ceph::mon::public_addr: {get_input: ceph_public_ip}
object:
raw_data: {get_file: hieradata/object.yaml}
controller:
raw_data: {get_file: hieradata/controller.yaml}
mapped_data: # data supplied directly to this deployment configuration, etc
bootstack_nodeid: {get_input: bootstack_nodeid}
- controller_host: {get_input: controller_host} #local-ipv4
# Pacemaker
hacluster_pwd: {get_input: pcsd_password}
# Swift
- swift::proxy::proxy_local_net_ip: {get_input: controller_host}
+ swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
- swift::storage::all::storage_local_net_ip: {get_input: controller_host}
+ swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
swift::swift_hash_suffix: {get_input: swift_hash_suffix}
swift::proxy::authtoken::admin_password: {get_input: swift_password}
tripleo::ringbuilder::part_power: {get_input: swift_part_power}
@@ -731,41 +825,40 @@ resources:
cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
- cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
+ cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
cinder::database_connection: {get_input: cinder_dsn}
cinder::api::keystone_password: {get_input: cinder_password}
cinder::api::auth_uri: {get_input: keystone_auth_uri}
cinder::api::identity_uri: {get_input: keystone_identity_uri}
- cinder::api::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ cinder::api::bind_host: {get_input: cinder_api_network}
cinder::rabbit_userid: {get_input: rabbit_username}
cinder::rabbit_password: {get_input: rabbit_password}
cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
cinder::rabbit_port: {get_input: rabbit_client_port}
cinder::debug: {get_input: debug}
cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
+ cinder::glance::glance_api_servers: {get_input: glance_api_servers}
+ cinder_backend_config: {get_input: CinderBackendConfig}
# Glance
glance::api::bind_port: {get_input: glance_port}
- glance::api::bind_host: {get_input: controller_host}
+ glance::api::bind_host: {get_input: glance_api_network}
glance::api::auth_uri: {get_input: keystone_auth_uri}
glance::api::identity_uri: {get_input: keystone_identity_uri}
- glance::api::registry_host: {get_input: controller_host}
+ glance::api::registry_host: {get_input: glance_registry_network}
glance::api::keystone_password: {get_input: glance_password}
glance::api::debug: {get_input: debug}
- # used to construct glance_api_servers
- glance_port: {get_input: glance_port}
- glance_protocol: {get_input: glance_protocol}
glance_notifier_strategy: {get_input: glance_notifier_strategy}
glance_log_file: {get_input: glance_log_file}
glance_log_file: {get_input: glance_log_file}
glance::api::database_connection: {get_input: glance_dsn}
glance::registry::keystone_password: {get_input: glance_password}
glance::registry::database_connection: {get_input: glance_dsn}
- glance::registry::bind_host: {get_input: controller_host}
+ glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
glance::registry::auth_uri: {get_input: keystone_auth_uri}
glance::registry::identity_uri: {get_input: keystone_identity_uri}
glance::registry::debug: {get_input: debug}
- glance::backend::swift::swift_store_auth_address: {get_input: glance_swift_store_auth_address}
+ glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
glance::backend::swift::swift_store_user: service:glance
glance::backend::swift::swift_store_key: {get_input: glance_password}
glance_backend: {get_input: glance_backend}
@@ -783,9 +876,9 @@ resources:
heat::auth_uri: {get_input: keystone_auth_uri}
heat::identity_uri: {get_input: keystone_identity_uri}
heat::keystone_password: {get_input: heat_password}
- heat::api::bind_host: {get_input: controller_host}
- heat::api_cloudwatch::bind_host: {get_input: controller_host}
- heat::api_cfn::bind_host: {get_input: controller_host}
+ heat::api::bind_host: {get_input: heat_api_network}
+ heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
+ heat::api_cfn::bind_host: {get_input: heat_api_network}
heat::database_connection: {get_input: heat_dsn}
heat::instance_user: heat-admin
heat::debug: {get_input: debug}
@@ -798,11 +891,11 @@ resources:
keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
keystone::database_connection: {get_input: keystone_dsn}
- keystone::public_bind_host: {get_input: controller_host}
- keystone::admin_bind_host: {get_input: controller_host}
+ keystone::public_bind_host: {get_input: keystone_public_api_network}
+ keystone::admin_bind_host: {get_input: keystone_admin_api_network}
keystone::debug: {get_input: debug}
# MongoDB
- mongodb::server::bind_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
+ mongodb::server::bind_ip: {get_input: mongo_db_network}
# MySQL
admin_password: {get_input: admin_password}
enable_galera: {get_input: enable_galera}
@@ -811,9 +904,10 @@ resources:
mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
mysql::server::root_password: {get_input: mysql_root_password}
mysql_cluster_name: {get_input: mysql_cluster_name}
+ mysql_bind_host: {get_input: mysql_network}
# Neutron
- neutron::bind_host: {get_input: controller_host}
+ neutron::bind_host: {get_input: neutron_api_network}
neutron::rabbit_password: {get_input: rabbit_password}
neutron::rabbit_user: {get_input: rabbit_user}
neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
@@ -823,14 +917,14 @@ resources:
neutron::server::identity_uri: {get_input: keystone_identity_uri}
neutron::server::database_connection: {get_input: neutron_dsn}
neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
- neutron::agents::ml2::ovs::local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]}
+ neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
neutron_flat_networks: {get_input: neutron_flat_networks}
neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
- neutron::agents::metadata::metadata_ip: {get_input: controller_virtual_ip}
+ neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
neutron_agent_mode: {get_input: neutron_agent_mode}
neutron_router_distributed: {get_input: neutron_router_distributed}
neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
- neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
+ neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
neutron::server::l3_ha: {get_input: neutron_l3_ha}
neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
@@ -844,6 +938,7 @@ resources:
neutron::agents::metadata::auth_password: {get_input: neutron_password}
neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
neutron_dsn: {get_input: neutron_dsn}
+ neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
# Ceilometer
ceilometer_backend: {get_input: ceilometer_backend}
@@ -854,11 +949,13 @@ resources:
ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
ceilometer::rabbit_port: {get_input: rabbit_client_port}
ceilometer::debug: {get_input: debug}
- ceilometer::api::host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ ceilometer::api::host: {get_input: ceilometer_api_network}
ceilometer::api::keystone_password: {get_input: ceilometer_password}
ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
+ ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
+ ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
@@ -870,40 +967,52 @@ resources:
nova::debug: {get_input: debug}
nova::api::auth_uri: {get_input: keystone_auth_uri}
nova::api::identity_uri: {get_input: keystone_identity_uri}
- nova::api::api_bind_address: {get_input: controller_host}
- nova::api::metadata_listen: {get_input: controller_host}
+ nova::api::api_bind_address: {get_input: nova_api_network}
+ nova::api::metadata_listen: {get_input: nova_metadata_network}
nova::api::admin_password: {get_input: nova_password}
nova::database_connection: {get_input: nova_dsn}
+ nova::glance_api_servers: {get_input: glance_api_servers}
nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
nova::network::neutron::neutron_url: {get_input: neutron_url}
nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
+ nova::vncproxy::host: {get_input: nova_api_network}
# Horizon
+ apache::ip: {get_input: horizon_network}
horizon::django_debug: {get_input: debug}
horizon::secret_key: {get_input: horizon_secret}
- horizon::bind_address: {get_input: controller_host}
+ horizon::bind_address: {get_input: horizon_network}
horizon::keystone_url: {get_input: keystone_auth_uri}
# Rabbit
- rabbitmq::node_ip_address: {get_input: controller_host}
+ rabbitmq::node_ip_address: {get_input: rabbitmq_network}
rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
# Redis
- redis::bind: {get_input: controller_host}
+ redis::bind: {get_input: redis_network}
+ redis_vip: {get_input: redis_vip}
# Misc
- memcached::listen_ip: {get_input: controller_host}
+ memcached::listen_ip: {get_input: memcached_network}
neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
ntp::servers: {get_input: ntp_servers}
control_virtual_interface: {get_input: control_virtual_interface}
- controller_virtual_ip: {get_input: controller_virtual_ip}
public_virtual_interface: {get_input: public_virtual_interface}
- public_virtual_ip: {get_input: public_virtual_ip}
tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
- tripleo::loadbalancer::controller_virtual_ip: {get_input: controller_virtual_ip}
tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
- tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip}
enable_package_install: {get_input: enable_package_install}
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: Controller}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
+
outputs:
ip_address:
description: IP address of the server in the ctlplane network
@@ -938,7 +1047,7 @@ outputs:
Server's IP address and hostname in the /etc/hosts format
value:
str_replace:
- template: IP HOST CLOUDNAME
+ template: IP HOST.localdomain HOST CLOUDNAME
params:
IP: {get_attr: [Controller, networks, ctlplane, 0]}
HOST: {get_attr: [Controller, name]}
@@ -953,11 +1062,11 @@ outputs:
str_replace:
template: 'r1z1-IP:%PORT%/d1'
params:
- IP: {get_attr: [Controller, networks, ctlplane, 0]}
+ IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
swift_proxy_memcache:
description: Swift proxy-memcache value
value:
str_replace:
template: "IP:11211"
params:
- IP: {get_attr: [Controller, networks, ctlplane, 0]}
+ IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
index c15d43ea..40c44aef 100644
--- a/puppet/hieradata/common.yaml
+++ b/puppet/hieradata/common.yaml
@@ -13,6 +13,16 @@ nova::network::neutron::vif_plugging_is_fatal: false
nova::network::neutron::vif_plugging_timeout: 30
nova::network::neutron::dhcp_domain: ''
+neutron::plugins::ml2::tunnel_id_ranges:
+ - '1:1000'
+neutron::plugins::ml2::vni_ranges:
+ - '1:1000'
+neutron::plugins::ml2::type_drivers:
+ - flat
+ - gre
+ - vxlan
+ - vlan
+
sysctl_settings:
net.ipv4.tcp_keepalive_intvl:
value: 1
diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml
index a72c4850..4915d3c8 100644
--- a/puppet/hieradata/compute.yaml
+++ b/puppet/hieradata/compute.yaml
@@ -15,6 +15,4 @@ nova::compute::rbd::rbd_keyring: 'client.openstack'
nova::compute::rbd::libvirt_images_rbd_pool: 'vms'
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
-neutron::plugins::ml2::tunnel_id_ranges: ['1:1000']
-
ceilometer::agent::auth::auth_tenant_name: 'service'
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 50cbb3f9..d0cbe890 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -67,8 +67,6 @@ neutron::core_plugin: 'ml2'
neutron::service_plugins:
- 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'
neutron::dhcp_agents_per_network: 2
-neutron::plugins::ml2::tunnel_id_ranges:
- - '1:1000'
neutron::server::sync_db: true
neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
@@ -90,6 +88,8 @@ pacemaker::corosync::manage_fw: false
# horizon
horizon::allowed_hosts: '*'
+horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
+
mysql::server::manage_config_file: true
mysql::server::package_name: mariadb-galera-server
@@ -115,3 +115,4 @@ tripleo::loadbalancer::ceilometer: true
tripleo::loadbalancer::heat_api: true
tripleo::loadbalancer::heat_cloudwatch: true
tripleo::loadbalancer::heat_cfn: true
+tripleo::loadbalancer::horizon: true
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index caca89a8..00bab7f6 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -68,7 +68,6 @@ include ::neutron
class { 'neutron::plugins::ml2':
flat_networks => split(hiera('neutron_flat_networks'), ','),
tenant_network_types => [hiera('neutron_tenant_network_type')],
- type_drivers => [hiera('neutron_tenant_network_type')],
}
class { 'neutron::agents::ml2::ovs':
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 27272643..19ed97fb 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -48,8 +48,7 @@ if hiera('step') >= 2 {
include ::mongodb::globals
include ::mongodb::server
- $mongo_node_ips = split(hiera('mongo_node_ips'), ',')
- $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017')
+ $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
$mongo_node_string = join($mongo_node_ips_with_port, ',')
$mongodb_replset = hiera('mongodb::server::replset')
@@ -62,7 +61,7 @@ if hiera('step') >= 2 {
}
# Redis
- $redis_node_ips = split(hiera('redis_node_ips'), ',')
+ $redis_node_ips = hiera('redis_node_ips')
$redis_master_hostname = downcase(hiera('bootstrap_nodeid'))
if $redis_master_hostname == $::hostname {
@@ -77,9 +76,7 @@ if hiera('step') >= 2 {
if count($redis_node_ips) > 1 {
Class['::tripleo::redis_notification'] -> Service['redis-sentinel']
include ::redis::sentinel
- class {'::tripleo::redis_notification' :
- haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'),
- }
+ include ::tripleo::redis_notification
}
if str2bool(hiera('enable_galera', 'true')) {
@@ -92,7 +89,7 @@ if hiera('step') >= 2 {
config_file => $mysql_config_file,
override_options => {
'mysqld' => {
- 'bind-address' => hiera('controller_host'),
+ 'bind-address' => hiera('mysql_bind_host'),
'max_connections' => '1024',
'open_files_limit' => '-1',
},
@@ -102,7 +99,7 @@ if hiera('step') >= 2 {
# FIXME: this should only occur on the bootstrap host (ditto for db syncs)
# Create all the database schemas
# Example DSN format: mysql://user:password@host/dbname
- $allowed_hosts = ['%',hiera('controller_host')]
+ $allowed_hosts = ['%',hiera('mysql_bind_host')]
$keystone_dsn = split(hiera('keystone::database_connection'), '[@:/?]')
class { 'keystone::db::mysql':
user => $keystone_dsn[3],
@@ -254,10 +251,7 @@ if hiera('step') >= 3 {
include ::glance::registry
include join(['::glance::backend::', $glance_backend])
- class { 'nova':
- glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]),
- }
-
+ include ::nova
include ::nova::api
include ::nova::cert
include ::nova::conductor
@@ -268,8 +262,9 @@ if hiera('step') >= 3 {
include ::neutron
include ::neutron::server
- include ::neutron::agents::dhcp
include ::neutron::agents::l3
+ include ::neutron::agents::dhcp
+ include ::neutron::agents::metadata
file { '/etc/neutron/dnsmasq-neutron.conf':
content => hiera('neutron_dnsmasq_options'),
@@ -280,18 +275,12 @@ if hiera('step') >= 3 {
}
class { 'neutron::plugins::ml2':
- flat_networks => split(hiera('neutron_flat_networks'), ','),
+ flat_networks => split(hiera('neutron_flat_networks'), ','),
tenant_network_types => [hiera('neutron_tenant_network_type')],
- type_drivers => [hiera('neutron_tenant_network_type')],
}
-
class { 'neutron::agents::ml2::ovs':
- bridge_mappings => split(hiera('neutron_bridge_mappings'), ','),
- tunnel_types => split(hiera('neutron_tunnel_types'), ','),
- }
-
- class { 'neutron::agents::metadata':
- auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']),
+ bridge_mappings => split(hiera('neutron_bridge_mappings'), ','),
+ tunnel_types => split(hiera('neutron_tunnel_types'), ','),
}
Service['neutron-server'] -> Service['neutron-dhcp-service']
@@ -345,7 +334,23 @@ if hiera('step') >= 3 {
}
}
- $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend])
+ if hiera('cinder_enable_netapp_backend', false) {
+ $cinder_netapp_backend = hiera('cinder::backend::netapp::title')
+
+ cinder_config {
+ "${cinder_netapp_backend}/host": value => 'hostgroup';
+ }
+
+ if hiera('cinder_netapp_nfs_shares', undef) {
+ $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',')
+ }
+
+ cinder::backend::netapp { $cinder_netapp_backend :
+ nfs_shares => $cinder_netapp_nfs_shares,
+ }
+ }
+
+ $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend])
class { '::cinder::backends' :
enabled_backends => $cinder_enabled_backends,
}
@@ -401,12 +406,10 @@ if hiera('step') >= 3 {
include ::ceilometer::alarm::evaluator
include ::ceilometer::expirer
include ::ceilometer::collector
+ include ceilometer::agent::auth
class { '::ceilometer::db' :
database_connection => $ceilometer_database_connection,
}
- class { 'ceilometer::agent::auth':
- auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']),
- }
Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
@@ -420,7 +423,7 @@ if hiera('step') >= 3 {
# Horizon
$vhost_params = { add_listen => false }
class { 'horizon':
- cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','),
+ cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'),
vhost_extra_params => $vhost_params,
}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index a7aa40cb..ed4f3512 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -96,14 +96,22 @@ if hiera('step') >= 1 {
if downcase(hiera('ceilometer_backend')) == 'mongodb' {
include ::mongodb::globals
- # FIXME: replace with service_manage => false on ::mongodb::server
- # when this is merged: https://github.com/puppetlabs/pupp etlabs-mongodb/pull/198
class { '::mongodb::server' :
- service_ensure => undef,
- service_enable => false,
+ service_manage => false,
}
}
+ # Memcached
+ class {'::memcached' :
+ service_manage => false,
+ }
+
+ # Redis
+ class { '::redis' :
+ service_manage => false,
+ notify_service => false,
+ }
+
# Galera
if str2bool(hiera('enable_galera', 'true')) {
$mysql_config_file = '/etc/my.cnf.d/galera.cnf'
@@ -122,7 +130,7 @@ if hiera('step') >= 1 {
'innodb_locks_unsafe_for_binlog'=> '1',
'query_cache_size' => '0',
'query_cache_type' => '0',
- 'bind-address' => hiera('controller_host'),
+ 'bind-address' => hiera('mysql_bind_host'),
'max_connections' => '1024',
'open_files_limit' => '-1',
'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so',
@@ -154,7 +162,17 @@ if hiera('step') >= 1 {
if hiera('step') >= 2 {
+ # NOTE(gfidente): the following vars are needed on all nodes so they
+ # need to stay out of pacemaker_master conditional
+ $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
+ $mongodb_replset = hiera('mongodb::server::replset')
+
if $pacemaker_master {
+
+ # FIXME: we should not have to access tripleo::loadbalancer class
+ # parameters here to configure pacemaker VIPs. The configuration
+ # of pacemaker VIPs could move into puppet-tripleo or we should
+ # make use of less specific hiera parameters here for the settings.
$control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip')
pacemaker::resource::ip { 'control_vip':
ip_address => $control_vip,
@@ -163,9 +181,35 @@ if hiera('step') >= 2 {
pacemaker::resource::ip { 'public_vip':
ip_address => $public_vip,
}
+
+ $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip')
+ if $internal_api_vip and $internal_api_vip != $control_vip {
+ pacemaker::resource::ip { 'internal_api_vip':
+ ip_address => $internal_api_vip,
+ }
+ }
+
+ $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip')
+ if $storage_vip and $storage_vip != $control_vip {
+ pacemaker::resource::ip { 'storage_vip':
+ ip_address => $storage_vip,
+ }
+ }
+
+ $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip')
+ if $storage_mgmt_vip and $storage_mgmt_vip != $control_vip {
+ pacemaker::resource::ip { 'storage_mgmt_vip':
+ ip_address => $storage_mgmt_vip,
+ }
+ }
+
pacemaker::resource::service { 'haproxy':
clone_params => true,
}
+ pacemaker::resource::service { $::memcached::params::service_name :
+ clone_params => true,
+ require => Class['::memcached'],
+ }
pacemaker::resource::ocf { 'rabbitmq':
ocf_agent_name => 'heartbeat:rabbitmq-cluster',
@@ -179,56 +223,58 @@ if hiera('step') >= 2 {
op_params => 'start timeout=120s',
clone_params => true,
require => Class['::mongodb::server'],
- before => Exec['mongodb-ready'],
}
# NOTE (spredzy) : The replset can only be run
# once all the nodes have joined the cluster.
- $mongo_node_ips = split(hiera('mongo_node_ips'), ',')
- $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017')
- $mongo_node_string = join($mongo_node_ips_with_port, ',')
- $mongodb_replset = hiera('mongodb::server::replset')
- $mongodb_cluster_ready_command = join(suffix(prefix($mongo_node_ips, '/bin/nc -w1 '), ' 27017 < /dev/null'), ' && ')
- exec { 'mongodb-ready' :
- command => $mongodb_cluster_ready_command,
- timeout => 30,
- tries => 180,
- try_sleep => 10,
+ mongodb_conn_validator { $mongo_node_ips_with_port :
+ require => Pacemaker::Resource::Service[$::mongodb::params::service_name],
+ before => Mongodb_replset[$mongodb_replset],
}
mongodb_replset { $mongodb_replset :
members => $mongo_node_ips_with_port,
- require => Exec['mongodb-ready'],
}
}
pacemaker::resource::ocf { 'galera' :
ocf_agent_name => 'heartbeat:galera',
- op_params => 'promote timeout=300s on-fail=block --master',
+ op_params => 'promote timeout=300s on-fail=block',
+ master_params => '',
meta_params => "master-max=${galera_nodes_count} ordered=true",
resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'",
require => Class['::mysql::server'],
before => Exec['galera-ready'],
}
- }
-
- # Redis
- $redis_node_ips = split(hiera('redis_node_ips'), ',')
- $redis_master_hostname = downcase(hiera('bootstrap_nodeid'))
-
- if $redis_master_hostname == $::hostname {
- $slaveof = undef
- } else {
- $slaveof = "${redis_master_hostname} 6379"
- }
- class {'::redis' :
- slaveof => $slaveof,
- }
- if count($redis_node_ips) > 1 {
- Class['::tripleo::redis_notification'] -> Service['redis-sentinel']
- include ::redis::sentinel
- class {'::tripleo::redis_notification' :
- haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'),
+ pacemaker::resource::ocf { 'redis':
+ ocf_agent_name => 'heartbeat:redis',
+ master_params => '',
+ meta_params => 'notify=true ordered=true interleave=true',
+ resource_params => 'wait_last_known_master=true',
+ require => Class['::redis'],
+ }
+ $redis_vip = hiera('redis_vip')
+ if $redis_vip and $redis_vip != $control_vip {
+ pacemaker::resource::ip { 'vip-redis':
+ ip_address => $redis_vip,
+ }
}
+ pacemaker::constraint::base { 'redis-master-then-vip-redis':
+ constraint_type => 'order',
+ first_resource => 'redis-master',
+ second_resource => "ip-${redis_vip}",
+ first_action => 'promote',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf['redis'],
+ Pacemaker::Resource::Ip['vip-redis']],
+ }
+ pacemaker::constraint::colocation { 'vip-redis-with-redis-master':
+ source => "ip-${redis_vip}",
+ target => 'redis-master',
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Ocf['redis'],
+ Pacemaker::Resource::Ip['vip-redis']],
+ }
+
}
exec { 'galera-ready' :
@@ -263,7 +309,7 @@ MYSQL_HOST=localhost\n",
# Create all the database schemas
# Example DSN format: mysql://user:password@host/dbname
if $sync_db {
- $allowed_hosts = ['%',hiera('controller_host')]
+ $allowed_hosts = ['%',hiera('mysql_bind_host')]
$keystone_dsn = split(hiera('keystone::database_connection'), '[@:/?]')
class { 'keystone::db::mysql':
user => $keystone_dsn[3],
@@ -350,8 +396,6 @@ MYSQL_HOST=localhost\n",
include ::ceph::profile::osd
}
- # Memcached
- include ::memcached
} #END STEP 2
@@ -417,52 +461,54 @@ if hiera('step') >= 3 {
}
include join(['::glance::backend::', $glance_backend])
- class { 'nova':
- glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]),
- }
+ include ::nova
class { '::nova::api' :
sync_db => $sync_db,
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::nova::cert' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::nova::conductor' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::nova::consoleauth' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::nova::vncproxy' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::nova::scheduler' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
include ::nova::network::neutron
+ # Neutron class definitions
include ::neutron
class { '::neutron::server' :
sync_db => $sync_db,
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::neutron::agents::dhcp' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::neutron::agents::l3' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
+ }
+ class { 'neutron::agents::metadata':
+ manage_service => false,
+ enabled => false,
}
-
file { '/etc/neutron/dnsmasq-neutron.conf':
content => hiera('neutron_dnsmasq_options'),
owner => 'neutron',
@@ -470,31 +516,17 @@ if hiera('step') >= 3 {
notify => Service['neutron-dhcp-service'],
require => Package['neutron'],
}
-
class { 'neutron::plugins::ml2':
- flat_networks => split(hiera('neutron_flat_networks'), ','),
+ flat_networks => split(hiera('neutron_flat_networks'), ','),
tenant_network_types => [hiera('neutron_tenant_network_type')],
- type_drivers => [hiera('neutron_tenant_network_type')],
}
-
class { 'neutron::agents::ml2::ovs':
- # manage_service => $non_pcmk_start, -- not implemented
- enabled => $non_pcmk_start,
+ # manage_service => false # not implemented
+ enabled => false,
bridge_mappings => split(hiera('neutron_bridge_mappings'), ','),
tunnel_types => split(hiera('neutron_tunnel_types'), ','),
}
- class { 'neutron::agents::metadata':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']),
- }
-
- Service['neutron-server'] -> Service['neutron-dhcp-service']
- Service['neutron-server'] -> Service['neutron-l3']
- Service['neutron-server'] -> Service['neutron-ovs-agent-service']
- Service['neutron-server'] -> Service['neutron-metadata']
-
include ::cinder
class { '::cinder::api':
sync_db => $sync_db,
@@ -551,7 +583,23 @@ if hiera('step') >= 3 {
}
}
- $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend])
+ if hiera('cinder_enable_netapp_backend', false) {
+ $cinder_netapp_backend = hiera('cinder::backend::netapp::title')
+
+ cinder_config {
+ "${cinder_netapp_backend}/host": value => 'hostgroup';
+ }
+
+ if hiera('cinder_netapp_nfs_shares', undef) {
+ $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',')
+ }
+
+ cinder::backend::netapp { $cinder_netapp_backend :
+ nfs_shares => $cinder_netapp_nfs_shares,
+ }
+ }
+
+ $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend])
class { '::cinder::backends' :
enabled_backends => $cinder_enabled_backends,
}
@@ -610,42 +658,41 @@ if hiera('step') >= 3 {
$ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
}
default : {
+ $mongo_node_string = join($mongo_node_ips_with_port, ',')
$ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
}
}
include ::ceilometer
class { '::ceilometer::api' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::ceilometer::agent::notification' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::ceilometer::agent::central' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::ceilometer::alarm::notifier' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::ceilometer::alarm::evaluator' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::ceilometer::collector' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
include ::ceilometer::expirer
class { '::ceilometer::db' :
database_connection => $ceilometer_database_connection,
sync_db => $sync_db,
}
- class { 'ceilometer::agent::auth':
- auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']),
- }
+ include ceilometer::agent::auth
Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
@@ -654,27 +701,34 @@ if hiera('step') >= 3 {
sync_db => $sync_db,
}
class { '::heat::api' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::heat::api_cfn' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::heat::api_cloudwatch' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
class { '::heat::engine' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
+ manage_service => false,
+ enabled => false,
}
- # Horizon
- $vhost_params = { add_listen => false }
+ # httpd/apache and horizon
+ # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent
+ include ::apache
+ include ::apache::mod::status
+ $vhost_params = {
+ add_listen => false,
+ priority => 10,
+ }
class { 'horizon':
- cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','),
+ cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'),
vhost_extra_params => $vhost_params,
+ server_aliases => $::hostname,
}
$snmpd_user = hiera('snmpd_readonly_user_name')
@@ -700,12 +754,22 @@ if hiera('step') >= 4 {
# Cinder
pacemaker::resource::service { $::cinder::params::api_service :
clone_params => "interleave=true",
+ require => Pacemaker::Resource::Service[$::keystone::params::service_name],
}
pacemaker::resource::service { $::cinder::params::scheduler_service :
clone_params => "interleave=true",
}
pacemaker::resource::service { $::cinder::params::volume_service : }
+ pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
+ constraint_type => 'order',
+ first_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::cinder::params::api_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
constraint_type => "order",
first_resource => "${::cinder::params::api_service}-clone",
@@ -742,11 +806,21 @@ if hiera('step') >= 4 {
# Glance
pacemaker::resource::service { $::glance::params::registry_service_name :
clone_params => "interleave=true",
+ require => Pacemaker::Resource::Service[$::keystone::params::service_name],
}
pacemaker::resource::service { $::glance::params::api_service_name :
clone_params => "interleave=true",
}
+ pacemaker::constraint::base { 'keystone-then-glance-registry-constraint':
+ constraint_type => 'order',
+ first_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::glance::params::registry_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint':
constraint_type => "order",
first_resource => "${::glance::params::registry_service_name}-clone",
@@ -756,13 +830,481 @@ if hiera('step') >= 4 {
require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
Pacemaker::Resource::Service[$::glance::params::api_service_name]],
}
- pacemaker::constraint::colocation { 'glance-registry-with-glance-api-colocation':
- source => "${::glance::params::registry_service_name}-clone",
- target => "${::glance::params::api_service_name}-clone",
+ pacemaker::constraint::colocation { 'glance-api-with-glance-registry-colocation':
+ source => "${::glance::params::api_service_name}-clone",
+ target => "${::glance::params::registry_service_name}-clone",
score => "INFINITY",
require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
Pacemaker::Resource::Service[$::glance::params::api_service_name]],
}
+
+ # Neutron
+ pacemaker::resource::service { $::neutron::params::server_service:
+ op_params => "start timeout=90",
+ clone_params => "interleave=true",
+ require => Pacemaker::Resource::Service[$::keystone::params::service_name]
+ }
+ pacemaker::resource::service { $::neutron::params::l3_agent_service:
+ clone_params => "interleave=true",
+ }
+ pacemaker::resource::service { $::neutron::params::dhcp_agent_service:
+ clone_params => "interleave=true",
+ }
+ pacemaker::resource::service { $::neutron::params::ovs_agent_service:
+ clone_params => "interleave=true",
+ }
+ pacemaker::resource::service { $::neutron::params::metadata_agent_service:
+ clone_params => "interleave=true",
+ }
+ pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service:
+ ocf_agent_name => "neutron:OVSCleanup",
+ clone_params => "interleave=true",
+ }
+ pacemaker::resource::ocf { 'neutron-netns-cleanup':
+ ocf_agent_name => "neutron:NetnsCleanup",
+ clone_params => "interleave=true",
+ }
+ pacemaker::resource::ocf { 'neutron-scale':
+ ocf_agent_name => "neutron:NeutronScale",
+ clone_params => "globally-unique=true clone-max=3 interleave=true",
+ }
+ pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
+ constraint_type => "order",
+ first_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::neutron::params::server_service}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service[$::keystone::params::service_name],
+ Pacemaker::Resource::Service[$::neutron::params::server_service]],
+ }
+ pacemaker::constraint::base { 'neutron-server-to-neutron-scale-constraint':
+ constraint_type => "order",
+ first_resource => "${::neutron::params::server_service}-clone",
+ second_resource => "neutron-scale-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
+ Pacemaker::Resource::Ocf['neutron-scale']],
+ }
+ pacemaker::constraint::base { 'neutron-scale-to-ovs-cleanup-constraint':
+ constraint_type => "order",
+ first_resource => "neutron-scale-clone",
+ second_resource => "${::neutron::params::ovs_cleanup_service}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Ocf['neutron-scale'],
+ Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"]],
+ }
+ pacemaker::constraint::colocation { 'neutron-scale-to-ovs-cleanup-colocation':
+ source => "${::neutron::params::ovs_cleanup_service}-clone",
+ target => "neutron-scale-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Ocf['neutron-scale'],
+ Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"]],
+ }
+ pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint':
+ constraint_type => "order",
+ first_resource => "${::neutron::params::ovs_cleanup_service}-clone",
+ second_resource => "neutron-netns-cleanup-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"],
+ Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
+ }
+ pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation':
+ source => "neutron-netns-cleanup-clone",
+ target => "${::neutron::params::ovs_cleanup_service}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"],
+ Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
+ }
+ pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint':
+ constraint_type => "order",
+ first_resource => "neutron-netns-cleanup-clone",
+ second_resource => "${::neutron::params::ovs_agent_service}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"],
+ Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]],
+ }
+ pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation':
+ source => "${::neutron::params::ovs_agent_service}-clone",
+ target => "neutron-netns-cleanup-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"],
+ Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]],
+ }
+ pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
+ constraint_type => "order",
+ first_resource => "${::neutron::params::ovs_agent_service}-clone",
+ second_resource => "${::neutron::params::dhcp_agent_service}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"],
+ Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]],
+
+ }
+ pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
+ source => "${::neutron::params::dhcp_agent_service}-clone",
+ target => "${::neutron::params::ovs_agent_service}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"],
+ Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]],
+ }
+ pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint':
+ constraint_type => "order",
+ first_resource => "${::neutron::params::dhcp_agent_service}-clone",
+ second_resource => "${::neutron::params::l3_agent_service}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"],
+ Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]]
+ }
+ pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation':
+ source => "${::neutron::params::l3_agent_service}-clone",
+ target => "${::neutron::params::dhcp_agent_service}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"],
+ Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]]
+ }
+ pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint':
+ constraint_type => "order",
+ first_resource => "${::neutron::params::l3_agent_service}-clone",
+ second_resource => "${::neutron::params::metadata_agent_service}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"],
+ Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]]
+ }
+ pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation':
+ source => "${::neutron::params::metadata_agent_service}-clone",
+ target => "${::neutron::params::l3_agent_service}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"],
+ Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]]
+ }
+
+ # Nova
+ pacemaker::resource::service { $::nova::params::api_service_name :
+ clone_params => "interleave=true",
+ op_params => "monitor start-delay=10s",
+ }
+ pacemaker::resource::service { $::nova::params::conductor_service_name :
+ clone_params => "interleave=true",
+ op_params => "monitor start-delay=10s",
+ }
+ pacemaker::resource::service { $::nova::params::consoleauth_service_name :
+ clone_params => "interleave=true",
+ op_params => "monitor start-delay=10s",
+ require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ }
+ pacemaker::resource::service { $::nova::params::vncproxy_service_name :
+ clone_params => "interleave=true",
+ op_params => "monitor start-delay=10s",
+ }
+ pacemaker::resource::service { $::nova::params::scheduler_service_name :
+ clone_params => "interleave=true",
+ op_params => "monitor start-delay=10s",
+ }
+
+ pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
+ constraint_type => 'order',
+ first_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::nova::params::consoleauth_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
+ pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint':
+ constraint_type => "order",
+ first_resource => "${::nova::params::consoleauth_service_name}-clone",
+ second_resource => "${::nova::params::vncproxy_service_name}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
+ Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
+ }
+ pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation':
+ source => "${::nova::params::vncproxy_service_name}-clone",
+ target => "${::nova::params::consoleauth_service_name}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
+ Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
+ }
+ # FIXME(gfidente): novncproxy will not start unless websockify is updated to 0.6
+ # which is not the case for f20 nor f21; ucomment when it becomes available
+ #pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint':
+ # constraint_type => "order",
+ # first_resource => "${::nova::params::vncproxy_service_name}-clone",
+ # second_resource => "${::nova::params::api_service_name}-clone",
+ # first_action => "start",
+ # second_action => "start",
+ # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
+ # Pacemaker::Resource::Service[$::nova::params::api_service_name]],
+ #}
+ #pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation':
+ # source => "${::nova::params::api_service_name}-clone",
+ # target => "${::nova::params::vncproxy_service_name}-clone",
+ # score => "INFINITY",
+ # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
+ # Pacemaker::Resource::Service[$::nova::params::api_service_name]],
+ #}
+ pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint':
+ constraint_type => "order",
+ first_resource => "${::nova::params::api_service_name}-clone",
+ second_resource => "${::nova::params::scheduler_service_name}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
+ Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
+ }
+ pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation':
+ source => "${::nova::params::scheduler_service_name}-clone",
+ target => "${::nova::params::api_service_name}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
+ Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
+ }
+ pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint':
+ constraint_type => "order",
+ first_resource => "${::nova::params::scheduler_service_name}-clone",
+ second_resource => "${::nova::params::conductor_service_name}-clone",
+ first_action => "start",
+ second_action => "start",
+ require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
+ Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
+ }
+ pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation':
+ source => "${::nova::params::conductor_service_name}-clone",
+ target => "${::nova::params::scheduler_service_name}-clone",
+ score => "INFINITY",
+ require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
+ Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
+ }
+
+ # Ceilometer
+ pacemaker::resource::service { $::ceilometer::params::agent_central_service_name :
+ clone_params => 'interleave=true',
+ require => [Pacemaker::Resource::Service[$::keystone::params::service_name],
+ Pacemaker::Resource::Service[$::mongodb::params::service_name]],
+ }
+ pacemaker::resource::service { $::ceilometer::params::collector_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::ceilometer::params::api_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::ceilometer::params::alarm_evaluator_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::ceilometer::params::alarm_notifier_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::ocf { 'delay' :
+ ocf_agent_name => 'heartbeat:Delay',
+ clone_params => 'interleave=true',
+ resource_params => 'startdelay=10',
+ }
+ pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ second_resource => "${::ceilometer::params::collector_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
+ }
+ pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::collector_service_name}-clone",
+ second_resource => "${::ceilometer::params::api_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
+ }
+ pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
+ source => "${::ceilometer::params::api_service_name}-clone",
+ target => "${::ceilometer::params::collector_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
+ }
+ pacemaker::constraint::base { 'ceilometer-api-then-ceilometer-delay-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::api_service_name}-clone",
+ second_resource => 'delay-clone',
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
+ Pacemaker::Resource::Ocf['delay']],
+ }
+ pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation':
+ source => 'delay-clone',
+ target => "${::ceilometer::params::api_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
+ Pacemaker::Resource::Ocf['delay']],
+ }
+ pacemaker::constraint::base { 'ceilometer-delay-then-ceilometer-alarm-evaluator-constraint':
+ constraint_type => 'order',
+ first_resource => 'delay-clone',
+ second_resource => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name],
+ Pacemaker::Resource::Ocf['delay']],
+ }
+ pacemaker::constraint::colocation { 'ceilometer-alarm-evaluator-with-ceilometer-delay-colocation':
+ source => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
+ target => 'delay-clone',
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
+ Pacemaker::Resource::Ocf['delay']],
+ }
+ pacemaker::constraint::base { 'ceilometer-alarm-evaluator-then-ceilometer-alarm-notifier-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
+ second_resource => "${::ceilometer::params::alarm_notifier_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
+ }
+ pacemaker::constraint::colocation { 'ceilometer-alarm-notifier-with-ceilometer-alarm-evaluator-colocation':
+ source => "${::ceilometer::params::alarm_notifier_service_name}-clone",
+ target => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
+ }
+ pacemaker::constraint::base { 'ceilometer-alarm-notifier-then-ceilometer-notification-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::alarm_notifier_service_name}-clone",
+ second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
+ }
+ pacemaker::constraint::colocation { 'ceilometer-notification-with-ceilometer-alarm-notifier-colocation':
+ source => "${::ceilometer::params::agent_notification_service_name}-clone",
+ target => "${::ceilometer::params::alarm_notifier_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
+ }
+ if downcase(hiera('ceilometer_backend')) == 'mongodb' {
+ pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint':
+ constraint_type => 'order',
+ first_resource => "${::mongodb::params::service_name}-clone",
+ second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Service[$::mongodb::params::service_name]],
+ }
+ }
+ pacemaker::constraint::base { 'vip-redis-then-ceilometer-central':
+ constraint_type => 'order',
+ first_resource => "ip-${redis_vip}",
+ second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Ip['vip-redis']],
+ }
+ pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
+ constraint_type => 'order',
+ first_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
+
+ # Heat
+ pacemaker::resource::service { $::heat::params::api_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::heat::params::api_cfn_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::service { $::heat::params::engine_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint':
+ constraint_type => 'order',
+ first_resource => "${::heat::params::api_service_name}-clone",
+ second_resource => "${::heat::params::api_cfn_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
+ Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
+ }
+ pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation':
+ source => "${::heat::params::api_cfn_service_name}-clone",
+ target => "${::heat::params::api_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
+ Pacemaker::Resource::Service[$::heat::params::api_service_name]],
+ }
+ pacemaker::constraint::base { 'heat-api-cfn-then-heat-api-cloudwatch-constraint':
+ constraint_type => 'order',
+ first_resource => "${::heat::params::api_cfn_service_name}-clone",
+ second_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
+ Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
+ }
+ pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation':
+ source => "${::heat::params::api_cloudwatch_service_name}-clone",
+ target => "${::heat::params::api_cfn_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
+ Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name]],
+ }
+ pacemaker::constraint::base { 'heat-api-cloudwatch-then-heat-engine-constraint':
+ constraint_type => 'order',
+ first_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
+ second_resource => "${::heat::params::engine_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
+ Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
+ }
+ pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation':
+ source => "${::heat::params::engine_service_name}-clone",
+ target => "${::heat::params::api_cloudwatch_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
+ Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
+ }
+ pacemaker::constraint::base { 'ceilometer-notification-then-heat-api-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
+ second_resource => "${::heat::params::api_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]],
+ }
+
+ # Horizon
+ pacemaker::resource::service { $::horizon::params::http_service:
+ clone_params => "interleave=true",
+ }
+
+
}
} #END STEP 4
diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp
index 80cf6a21..edfeaeca 100644
--- a/puppet/manifests/overcloud_volume.pp
+++ b/puppet/manifests/overcloud_volume.pp
@@ -31,6 +31,7 @@ if count(hiera('ntp::servers')) > 0 {
}
include ::cinder
+include ::cinder::glance
include ::cinder::volume
include ::cinder::setup_test_volume
diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage-puppet.yaml
index 12292dec..15481032 100644
--- a/puppet/swift-storage-puppet.yaml
+++ b/puppet/swift-storage-puppet.yaml
@@ -51,6 +51,20 @@ parameters:
default: 'false'
description: Set to true to enable package installation via Puppet
type: boolean
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
@@ -64,6 +78,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
@@ -90,6 +105,13 @@ resources:
StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
+ NetIpMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
+ StorageIp: {get_attr: [StoragePort, ip_address]}
+ StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
@@ -105,6 +127,8 @@ resources:
hierarchy:
- heat_config_%{::deploy_config_name}
- object
+ - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
+ - all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- common
datafiles:
@@ -112,29 +136,29 @@ resources:
raw_data: {get_file: hieradata/common.yaml}
object:
raw_data: {get_file: hieradata/object.yaml}
- oac_data: # data we map in from other OAC configurations
- tripleo::ringbuilder::devices: swift.devices
mapped_data: # data supplied directly to this deployment configuration, etc
swift::swift_hash_suffix: { get_input: swift_hash_suffix }
tripleo::ringbuilder::part_power: { get_input: swift_part_power }
tripleo::ringbuilder::replicas: {get_input: swift_replicas }
# Swift
- swift::storage::all::storage_local_net_ip: {get_input: local_ip}
+ swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
swift_mount_check: {get_input: swift_mount_check }
tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours }
ntp::servers: {get_input: ntp_servers}
# NOTE(dprince): build_ring support is currently not wired in.
# See: https://review.openstack.org/#/c/109225/
tripleo::ringbuilder::build_ring: True
+ snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
+ snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
enable_package_install: {get_input: enable_package_install}
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
+ depends_on: NetworkDeployment
properties:
server: {get_resource: SwiftStorage}
config: {get_resource: SwiftStorageHieraConfig}
- signal_transport: NO_SIGNAL
input_values:
local_ip: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
@@ -150,12 +174,25 @@ resources:
params:
server: {get_param: NtpServer}
enable_package_install: {get_param: EnablePackageInstall}
+ swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
+
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: SwiftStorage}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
outputs:
hosts_entry:
value:
str_replace:
- template: "IP HOST"
+ template: "IP HOST.localdomain HOST"
params:
IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
HOST: {get_attr: [SwiftStorage, name]}
@@ -169,7 +206,7 @@ outputs:
str_replace:
template: 'r1z1-IP:%PORT%/d1'
params:
- IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
internal_api_ip_address:
description: IP address of the server in the internal_api network
value: {get_attr: [InternalApiPort, ip_address]}
diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml
new file mode 100644
index 00000000..1dec489c
--- /dev/null
+++ b/puppet/vip-config.yaml
@@ -0,0 +1,41 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Configure hieradata for service -> virtual IP mappings.
+
+resources:
+ VipConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ hiera:
+ datafiles:
+ vip_data:
+ mapped_data:
+ keystone_admin_api_vip: {get_input: keystone_admin_api_vip}
+ keystone_public_api_vip: {get_input: keystone_public_api_vip}
+ neutron_api_vip: {get_input: neutron_api_vip}
+ cinder_api_vip: {get_input: cinder_api_vip}
+ glance_api_vip: {get_input: glance_api_vip}
+ glance_registry_vip: {get_input: glance_registry_vip}
+ swift_proxy_vip: {get_input: swift_proxy_vip}
+ nova_api_vip: {get_input: nova_api_vip}
+ nova_metadata_vip: {get_input: nova_metadata_vip}
+ ceilometer_api_vip: {get_input: ceilometer_api_vip}
+ heat_api_vip: {get_input: heat_api_vip}
+ horizon_vip: {get_input: horizon_vip}
+ redis_vip: {get_input: redis_vip}
+ mysql_vip: {get_input: mysql_vip}
+ tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip}
+ tripleo::loadbalancer::controller_virtual_ip: {get_input: control_virtual_ip}
+ tripleo::loadbalancer::internal_api_virtual_ip: {get_input: internal_api_virtual_ip}
+ tripleo::loadbalancer::storage_virtual_ip: {get_input: storage_virtual_ip}
+ tripleo::loadbalancer::storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip}
+ tripleo::redis_notification::haproxy_monitor_ip: {get_input: control_virtual_ip}
+
+
+outputs:
+ OS::stack_id:
+ description: The VipConfigImpl resource.
+ value: {get_resource: VipConfigImpl}
diff --git a/swift-storage.yaml b/swift-storage.yaml
index 68923eef..466f2fbb 100644
--- a/swift-storage.yaml
+++ b/swift-storage.yaml
@@ -82,6 +82,15 @@ parameters:
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
resources:
SwiftConfig:
@@ -112,6 +121,7 @@ resources:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
+ name: {get_param: Hostname}
NodeUserData:
type: OS::TripleO::NodeUserData
diff --git a/undercloud-bm-nova-config.yaml b/undercloud-bm-nova-config.yaml
index e70c9099..306dc0a1 100644
--- a/undercloud-bm-nova-config.yaml
+++ b/undercloud-bm-nova-config.yaml
@@ -8,7 +8,7 @@ resources:
compute_driver: {get_param: NovaComputeDriver}
compute_manager: {get_param: NovaComputeManager}
scheduler_host_manager: {get_param: NovaSchedulerHostManager}
- db: mysql://nova:unset@localhost/nova
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]}
default_ephemeral_format: ext4
host: 127.0.0.1
metadata-proxy: false
@@ -17,7 +17,7 @@ resources:
reserved_host_memory_mb: 0
baremetal:
arch: {get_input: nova_arch}
- db: mysql://nova:unset@localhost/nova_bm
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova_bm']]}
power_manager: {get_input: power_manager}
pxe_deploy_timeout: {get_input: pxe_deploy_timeout}
service-password: {get_input: nova_service_password}
diff --git a/undercloud-source.yaml b/undercloud-source.yaml
index ce5b7e8d..6fe2066d 100644
--- a/undercloud-source.yaml
+++ b/undercloud-source.yaml
@@ -260,7 +260,7 @@ resources:
recheck_interval : 5
quorum_policy : ignore
ceilometer:
- db: mysql://ceilometer:unset@localhost/ceilometer
+ db: {list_join: ['', ['mysql://ceilometer:', {get_param: CeilometerPassword}, '@localhost/ceilometer']]}
debug: {get_param: Debug}
metering_secret: {get_param: CeilometerMeteringSecret}
snmpd_readonly_user_name:
@@ -272,7 +272,7 @@ resources:
db-password: unset
glance:
backend: file
- db: mysql://glance:unset@localhost/glance
+ db: {list_join: ['', ['mysql://glance:', {get_param: GlancePassword}, '@localhost/glance']]}
debug: {get_param: Debug}
host: 127.0.0.1
port:
@@ -291,14 +291,14 @@ resources:
admin_tenant_name: service
admin_user: heat
auth_encryption_key: unset___________
- db: mysql://heat:unset@localhost/heat
+ db: {list_join: ['', ['mysql://heat:', {get_param: HeatPassword}, '@localhost/heat']]}
debug: {get_param: Debug}
stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
watch_server_url: {get_input: heat.watch_server_url}
metadata_server_url: {get_input: heat.metadata_server_url}
waitcondition_server_url: {get_input: heat.waitcondition_server_url}
keystone:
- db: mysql://keystone:unset@localhost/keystone
+ db: {list_join: ['', ['mysql://keystone:', {get_param: AdminToken}, '@localhost/keystone']]}
debug: {get_param: Debug}
host: 127.0.0.1
ca_certificate: {get_param: KeystoneCACertificate}
@@ -314,7 +314,7 @@ resources:
neutron:
debug: {get_param: Debug}
host: 127.0.0.1
- ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
+ ovs_db: {list_join: ['', ['mysql://neutron:', {get_param: NeutronPassword}, '@localhost/ovs_neutron?charset=utf8']]}
ovs:
local_ip:
get_input: controller_host
diff --git a/undercloud-vm-ironic-config.yaml b/undercloud-vm-ironic-config.yaml
index f5aa4981..cc0dafb6 100644
--- a/undercloud-vm-ironic-config.yaml
+++ b/undercloud-vm-ironic-config.yaml
@@ -8,7 +8,7 @@ resources:
compute_driver: {get_param: NovaComputeDriver}
compute_manager: {get_param: NovaComputeManager}
scheduler_host_manager: {get_param: NovaSchedulerHostManager}
- db: mysql://nova:unset@localhost/nova
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]}
debug: {get_param: Debug}
default_ephemeral_format: ext4
host: 127.0.0.1
@@ -22,6 +22,6 @@ resources:
properties:
config:
ironic:
- db: mysql://ironic:unset@localhost/ironic
+ db: {list_join: ['', ['mysql://ironic:', {get_param: IronicPassword}, '@localhost/ironic']]}
service-password: {get_input: ironic_service_password}
virtual_power_ssh_key: {get_input: virtual_power_ssh_key}
diff --git a/undercloud-vm-nova-config.yaml b/undercloud-vm-nova-config.yaml
index 9dbb8c22..1fb8abb3 100644
--- a/undercloud-vm-nova-config.yaml
+++ b/undercloud-vm-nova-config.yaml
@@ -8,7 +8,7 @@ resources:
compute_driver: {get_param: NovaComputeDriver}
compute_manager: {get_param: NovaComputeManager}
scheduler_host_manager: {get_param: NovaSchedulerHostManager}
- db: mysql://nova:unset@localhost/nova
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]}
default_ephemeral_format: ext4
host: 127.0.0.1
metadata-proxy: false
@@ -17,7 +17,7 @@ resources:
reserved_host_memory_mb: 0
baremetal:
arch: {get_input: nova_arch}
- db: mysql://nova:unset@localhost/nova_bm
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova_bm']]}
power_manager: {get_input: power_manager}
pxe_deploy_timeout: {get_input: pxe_deploy_timeout}
virtual_power:
diff --git a/vip-config.yaml b/vip-config.yaml
new file mode 100644
index 00000000..8f984ab7
--- /dev/null
+++ b/vip-config.yaml
@@ -0,0 +1,16 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Configure hieradata for service -> virtual IP mappings.
+
+resources:
+ VipConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ # by default does nothing
+
+outputs:
+ OS::stack_id:
+ description: The VipConfigImpl resource.
+ value: {get_resource: VipConfigImpl}