diff options
27 files changed, 389 insertions, 48 deletions
diff --git a/compute.yaml b/compute.yaml index dd968e72..88d4cb2b 100644 --- a/compute.yaml +++ b/compute.yaml @@ -181,6 +181,23 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + NeutronCorePlugin: + default: "ml2" + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -367,6 +384,9 @@ resources: agent_mode: {get_input: neutron_agent_mode} ovs_db: {get_input: neutron_dsn} metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} + core_plugin: {get_input: neutron_core_plugin} + service_plugins: {get_input: neutron_service_plugins} + type_drivers: {get_input: neutron_type_drivers} mechanism_drivers: {get_input: neutron_mechanism_drivers} allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} l3_ha: {get_input: neutron_l3_ha} @@ -444,6 +464,23 @@ resources: neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} diff --git a/controller.yaml b/controller.yaml index d6438d13..18dcc8eb 100644 --- a/controller.yaml +++ b/controller.yaml @@ -317,6 +317,23 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -687,6 +704,9 @@ resources: metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} agent_mode: {get_input: neutron_agent_mode} router_distributed: {get_input: neutron_router_distributed} + core_plugin: {get_input: neutron_core_plugin} + service_plugins: {get_input: neutron_service_plugins} + type_drivers: {get_input: neutron_type_drivers} mechanism_drivers: {get_input: neutron_mechanism_drivers} allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} l3_ha: {get_input: neutron_l3_ha} @@ -934,6 +954,23 @@ resources: neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} diff --git a/environments/overcloud-steps.yaml b/environments/overcloud-steps.yaml index 99f73688..f61cbb6f 100644 --- a/environments/overcloud-steps.yaml +++ b/environments/overcloud-steps.yaml @@ -1,7 +1,7 @@ # Specifies hooks/breakpoints where overcloud deployment should stop # Allows operator validation between steps, and/or more granular control. # Note: the wildcards relate to naming convention for some resource suffixes, -# e.g see puppet/*-post-puppet.yaml, enabling this will mean we wait for +# e.g see puppet/*-post.yaml, enabling this will mean we wait for # a user signal on every *Deployment_StepN resource defined in those files. resource_registry: resources: diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index 3d4c772b..eaeb7ef0 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -8,6 +8,7 @@ # command_arguments - yum command arguments, defaults to "" echo "Started yum_update.sh on server $deploy_server_id at `date`" +echo -n "false" > $heat_outputs_path.update_managed_packages if [[ -z "$update_identifier" ]]; then echo "Not running due to unset update_identifier" @@ -20,6 +21,9 @@ mkdir -p $timestamp_dir # sanitise to remove unusual characters update_identifier=${update_identifier//[^a-zA-Z0-9-_]/} +# seconds to wait for this node to rejoin the cluster after update +cluster_start_timeout=360 + timestamp_file="$timestamp_dir/$update_identifier" if [[ -a "$timestamp_file" ]]; then echo "Not running for already-run timestamp \"$update_identifier\"" @@ -27,6 +31,28 @@ if [[ -a "$timestamp_file" ]]; then fi touch "$timestamp_file" +command_arguments=${command_arguments:-} + +list_updates=$(yum list updates) + +if [[ "$list_updates" == "" ]]; then + echo "No packages require updating" + exit 0 +fi + +pacemaker_status=$(systemctl is-active pacemaker) + +if [[ "$pacemaker_status" == "active" ]] ; then + echo "Pacemaker running, stopping cluster node and doing full package update" + pcs cluster stop +else + echo "Excluding upgrading packages that are handled by config management tooling" + command_arguments="$command_arguments --skip-broken" + for exclude in $(cat /var/lib/tripleo/installed-packages/* | sort -u); do + command_arguments="$command_arguments --exclude $exclude" + done +fi + command=${command:-update} full_command="yum -y $command $command_arguments" echo "Running: $full_command" @@ -36,6 +62,27 @@ return_code=$? echo "$result" echo "yum return code: $return_code" +if [[ "$pacemaker_status" == "active" ]] ; then + echo "Starting cluster node" + pcs cluster start + + hostname=$(hostname -s) + tstart=$(date +%s) + while [[ "$(pcs status | grep "^Online" | grep -F -o $hostname)" == "" ]]; do + sleep 5 + tnow=$(date +%s) + if (( tnow-tstart > cluster_start_timeout )) ; then + echo "ERROR $hostname failed to join cluster in $cluster_start_timeout seconds" + pcs status + exit 1 + fi + done + pcs status + +else + echo -n "true" > $heat_outputs_path.update_managed_packages +fi + echo "Finished yum_update.sh on server $deploy_server_id at `date`" exit $return_code diff --git a/extraconfig/tasks/yum_update.yaml b/extraconfig/tasks/yum_update.yaml index e918149e..d313ca9f 100644 --- a/extraconfig/tasks/yum_update.yaml +++ b/extraconfig/tasks/yum_update.yaml @@ -20,7 +20,10 @@ resources: - name: command_arguments description: yum command arguments, defaults to "" default: '' + outputs: + - name: update_managed_packages + description: boolean value indicating whether to upgrade managed packages outputs: OS::stack_id: - value: {get_resource: config}
\ No newline at end of file + value: {get_resource: config} diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index cdf626ea..b527c10f 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -1,22 +1,22 @@ resource_registry: - OS::TripleO::BlockStorage: puppet/cinder-storage-puppet.yaml + OS::TripleO::BlockStorage: puppet/cinder-storage.yaml OS::TripleO::BlockStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::Compute: puppet/compute-puppet.yaml + OS::TripleO::Compute: puppet/compute.yaml OS::TripleO::Compute::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment - OS::TripleO::Controller: puppet/controller-puppet.yaml + OS::TripleO::Controller: puppet/controller.yaml OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml - OS::TripleO::ObjectStorage: puppet/swift-storage-puppet.yaml + OS::TripleO::ObjectStorage: puppet/swift-storage.yaml OS::TripleO::ObjectStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::CephStorage: puppet/ceph-storage-puppet.yaml + OS::TripleO::CephStorage: puppet/ceph-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::ControllerPostDeployment: puppet/controller-post-puppet.yaml + OS::TripleO::ControllerPostDeployment: puppet/controller-post.yaml # set to controller-config-pacemaker.yaml to enable pacemaker OS::TripleO::ControllerConfig: puppet/controller-config.yaml - OS::TripleO::ComputePostDeployment: puppet/compute-post-puppet.yaml + OS::TripleO::ComputePostDeployment: puppet/compute-post.yaml OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml - OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post-puppet.yaml + OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml OS::TripleO::CephClusterConfig::SoftwareConfig: puppet/ceph-cluster-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml @@ -34,6 +34,7 @@ resource_registry: OS::TripleO::NodeUserData: firstboot/userdata_default.yaml OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::ComputeExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml + OS::TripleO::CephStorageExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml # "AllNodes" Extra cluster config, runs on all nodes prior to the post_deploy diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index e7c4dfc7..4b065dd8 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -172,6 +172,23 @@ parameters: of VXLAN VNI IDs that are available for tenant network allocation default: ["1:1000", ] type: comma_delimited_list + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -792,6 +809,9 @@ resources: NeutronDVR: {get_param: NeutronDVR} NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NeutronAgentMode: {get_param: NeutronAgentMode} + NeutronCorePlugin: {get_param: NeutronCorePlugin} + NeutronServicePlugins: {get_param: NeutronServicePlugins} + NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} @@ -875,6 +895,9 @@ resources: NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NeutronAgentMode: {get_param: NeutronComputeAgentMode} NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} + NeutronCorePlugin: {get_param: NeutronCorePlugin} + NeutronServicePlugins: {get_param: NeutronServicePlugins} + NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} # L3 HA and Failover is not relevant for Computes, should be removed NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} diff --git a/puppet/ceph-storage-post-puppet.yaml b/puppet/ceph-storage-post.yaml index 1b5b944d..1b5b944d 100644 --- a/puppet/ceph-storage-post-puppet.yaml +++ b/puppet/ceph-storage-post.yaml diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage.yaml index 4b4c76fc..1213d3df 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage.yaml @@ -139,6 +139,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} @@ -149,6 +150,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - ceph_extraconfig - extraconfig @@ -168,9 +170,17 @@ resources: mapped_data: ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} ceph::profile::params::public_network: {get_input: ceph_public_network} + # Hook for site-specific additional pre-deployment config, e.g extra hieradata + CephStorageExtraConfigPre: + depends_on: CephStorageDeployment + type: OS::TripleO::CephStorageExtraConfigPre + properties: + server: {get_resource: CephStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -203,4 +213,9 @@ outputs: value: {get_attr: [StorageMgmtPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying - value: {get_attr: [CephStorageDeployment, deploy_stdout]} + value: + list_join: + - ',' + - - {get_attr: [CephStorageDeployment, deploy_stdout]} + - {get_attr: [CephStorageExtraConfigPre, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage.yaml index f597512a..5779c097 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage.yaml @@ -217,6 +217,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles BlockStorageConfig: @@ -226,6 +227,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - volume_extraconfig - extraconfig @@ -257,6 +259,7 @@ resources: cinder::glance::glance_api_servers: {get_input: glance_api_servers} ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} @@ -295,4 +298,8 @@ outputs: value: {get_attr: [StorageMgmtPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying - value: {get_attr: [BlockStorageDeployment, deploy_stdout]} + value: + list_join: + - '' + - - {get_attr: [BlockStorageDeployment, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/compute-post-puppet.yaml b/puppet/compute-post.yaml index b4a6126b..b4a6126b 100644 --- a/puppet/compute-post-puppet.yaml +++ b/puppet/compute-post.yaml diff --git a/puppet/compute-puppet.yaml b/puppet/compute.yaml index 3f730994..e1e84f04 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute.yaml @@ -149,6 +149,23 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -333,6 +350,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - compute_extraconfig - extraconfig @@ -403,11 +421,15 @@ resources: neutron_router_distributed: {get_input: neutron_router_distributed} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} + neutron::core_plugin: {get_input: neutron_core_plugin} + neutron::service_plugins: {get_input: neutron_service_plugins} + neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} admin_password: {get_input: admin_password} ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} NovaComputeDeployment: type: OS::TripleO::SoftwareDeployment @@ -481,6 +503,23 @@ resources: neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} neutron_url: @@ -506,6 +545,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Hook for site-specific additional pre-deployment config, e.g extra hieradata ComputeExtraConfigPre: @@ -562,3 +602,4 @@ outputs: - ',' - - {get_attr: [NovaComputeDeployment, deploy_stdout]} - {get_attr: [ComputeExtraConfigPre, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/controller-post-puppet.yaml b/puppet/controller-post.yaml index 49cbe1e2..49cbe1e2 100644 --- a/puppet/controller-post-puppet.yaml +++ b/puppet/controller-post.yaml diff --git a/puppet/controller-puppet.yaml b/puppet/controller.yaml index 084fe3d1..8d10482c 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller.yaml @@ -297,6 +297,23 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -748,6 +765,23 @@ resources: neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} @@ -854,6 +888,7 @@ resources: swift_min_part_hours: {get_param: SwiftMinPartHours} swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} @@ -896,6 +931,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - controller_extraconfig - extraconfig @@ -1075,6 +1111,9 @@ resources: neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_router_distributed: {get_input: neutron_router_distributed} + neutron::core_plugin: {get_input: neutron_core_plugin} + neutron::service_plugins: {get_input: neutron_service_plugins} + neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} @@ -1158,6 +1197,7 @@ resources: tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata ControllerExtraConfigPre: @@ -1239,6 +1279,7 @@ outputs: description: identifier which changes if the controller configuration may need re-applying value: list_join: - - ',' - - - {get_attr: [ControllerDeployment, deploy_stdout]} - - {get_attr: [ControllerExtraConfigPre, deploy_stdout]} + - ',' + - - {get_attr: [ControllerDeployment, deploy_stdout]} + - {get_attr: [ControllerExtraConfigPre, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml index 277b0747..d08a1692 100644 --- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml +++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml @@ -163,8 +163,17 @@ resources: config: | #!/bin/sh MACS=$(ifconfig | grep ether | awk '{print $2}' | tr "\n" " ") - HOSTNAME=$(hostname -f) - echo "$HOSTNAME $MACS" + HOST_FQDN=$(hostname -f) + if [ -z "$HOST_FQDN" ]; then + HOSTNAME=$(hostname -s) + # hardcoding the domain name to avoid DNS lookup dependency + # same type of hardcoding appears elsewhere + # --ie. controller-puppet.yaml + # FIXME_HOSTNAME_DOMAIN_HARDCODE + echo "$HOSTNAME.localdomain $MACS" + else + echo "$HOST_FQDN $MACS" + fi CollectMacDeploymentsController: type: OS::Heat::SoftwareDeployments diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml new file mode 100644 index 00000000..80c8ad6e --- /dev/null +++ b/puppet/extraconfig/pre_deploy/per_node.yaml @@ -0,0 +1,56 @@ +heat_template_version: 2015-04-30 + +description: Configure hieradata overrides for specific nodes + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + # This would be a lookup of the node UUID as provided by dmidecode + # to the json required for the node-specific hieradata + # Note this needs to be a json blob e.g: + # parameter_defaults: + # NodeDataLookup: | + # {"AB4114B1-9C9D-409A-BEFB-D88C151BF2C3": {"foo": "bar"}, + # "8CF1A7EA-7B4B-4433-AC83-17675514B1B8": {"foo2": "bar2"}} + NodeDataLookup: + type: string + default: '' + description: json string containing per-node configuration map + +resources: + NodeSpecificConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: node_lookup + config: | + #!/bin/sh + node_id=$(dmidecode --s system-uuid) + + # Create a /etc/puppet/hieradata/UUID.json file to provide + # the data of the NodeDataLookup parameter that matches the + # system UUID + echo $node_lookup | python -c " + import json + import sys + input = sys.stdin.readline() or '{}' + cnt = json.loads(input) + print json.dumps(cnt.get('${node_id}', {})) + " > /etc/puppet/hieradata/${node_id}.json + + NodeSpecificDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: NodeSpecificConfig} + server: {get_param: server} + input_values: + node_lookup: {get_param: NodeDataLookup} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [NodeSpecificDeployment, deploy_stdout]} diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 455f7f22..4a872d57 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -14,11 +14,6 @@ nova::network::neutron::vif_plugging_timeout: 30 nova::network::neutron::dhcp_domain: '' neutron::allow_overlapping_ips: true -neutron::plugins::ml2::type_drivers: - - flat - - gre - - vxlan - - vlan sysctl_settings: net.ipv4.tcp_keepalive_intvl: diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index 7d94e163..d7c1f879 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -15,7 +15,6 @@ nova::compute::rbd::rbd_keyring: 'client.openstack' nova::compute::rbd::libvirt_images_rbd_pool: 'vms' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" -nova::api::default_floating_pool: 'public' nova::config::nova_config: cinder/catalog_info: value: 'volumev2:cinderv2:internalURL' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 4b8711d8..a66c1eaa 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -51,9 +51,9 @@ swift::proxy::pipeline: - 'ratelimit' - 'tempurl' - 'formpost' - - 'staticweb' - 'authtoken' - 'keystone' + - 'staticweb' - 'proxy-logging' - 'proxy-server' @@ -66,9 +66,6 @@ glance::backend::swift::swift_store_create_container_on_put: true glance::backend::rbd::rbd_store_user: 'openstack' # neutron -neutron::core_plugin: 'ml2' -neutron::service_plugins: - - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' neutron::server::sync_db: true neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 6c5dda42..a88ca2d9 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -39,3 +39,4 @@ include ::ceph::profile::client include ::ceph::profile::osd hiera_include('ceph_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index e6fa9471..fb5a3520 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -93,3 +93,4 @@ class { 'snmp': } hiera_include('compute_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index fdb16ea2..36b91a7b 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -462,3 +462,6 @@ if hiera('step') >= 3 { if hiera('step') >= 4 { include ::keystone::cron::token_flush } #END STEP 4 + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index e4a179d6..0a0ce781 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -1196,24 +1196,22 @@ if hiera('step') >= 4 { require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]], } - # FIXME(gfidente): novncproxy will not start unless websockify is updated to 0.6 - # which is not the case for f20 nor f21; ucomment when it becomes available - #pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint': - # constraint_type => "order", - # first_resource => "${::nova::params::vncproxy_service_name}-clone", - # second_resource => "${::nova::params::api_service_name}-clone", - # first_action => "start", - # second_action => "start", - # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], - # Pacemaker::Resource::Service[$::nova::params::api_service_name]], - #} - #pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation': - # source => "${::nova::params::api_service_name}-clone", - # target => "${::nova::params::vncproxy_service_name}-clone", - # score => "INFINITY", - # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], - # Pacemaker::Resource::Service[$::nova::params::api_service_name]], - #} + pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint': + constraint_type => "order", + first_resource => "${::nova::params::vncproxy_service_name}-clone", + second_resource => "${::nova::params::api_service_name}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], + Pacemaker::Resource::Service[$::nova::params::api_service_name]], + } + pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation': + source => "${::nova::params::api_service_name}-clone", + target => "${::nova::params::vncproxy_service_name}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], + Pacemaker::Resource::Service[$::nova::params::api_service_name]], + } pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint': constraint_type => "order", first_resource => "${::nova::params::api_service_name}-clone", @@ -1273,6 +1271,22 @@ if hiera('step') >= 4 { clone_params => 'interleave=true', resource_params => 'startdelay=10', } + # Fedora doesn't know `require-all` parameter for constraints yet + if $::operatingsystem == 'Fedora' { + $redis_ceilometer_constraint_params = undef + } else { + $redis_ceilometer_constraint_params = 'require-all=false' + } + pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => "redis-master", + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'promote', + second_action => 'start', + constraint_params => $redis_ceilometer_constraint_params, + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]], + } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', first_resource => "${::keystone::params::service_name}-clone", @@ -1472,3 +1486,6 @@ if hiera('step') >= 4 { } } #END STEP 4 + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 59db696e..5f4b070d 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -48,4 +48,5 @@ class { 'snmp': snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } -hiera_include('object_classes')
\ No newline at end of file +hiera_include('object_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_object': ensure => present} diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index d1f6d6a5..eaaed66e 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -52,4 +52,5 @@ class { 'snmp': snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } -hiera_include('volume_classes')
\ No newline at end of file +hiera_include('volume_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_volume': ensure => present} diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp index 14fbafdd..1897dcd0 100644 --- a/puppet/manifests/ringbuilder.pp +++ b/puppet/manifests/ringbuilder.pp @@ -90,3 +90,5 @@ class tripleo::ringbuilder ( } include ::tripleo::ringbuilder + +package_manifest{'/var/lib/tripleo/installed-packages/ringbuilder': ensure => present} diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage.yaml index 67617771..f6623be6 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage.yaml @@ -156,6 +156,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - object_extraconfig - extraconfig @@ -188,6 +189,7 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} SwiftStorageHieraDeploy: @@ -211,6 +213,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} UpdateConfig: @@ -255,4 +258,8 @@ outputs: value: {get_attr: [StorageMgmtPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying - value: {get_attr: [SwiftStorageHieraDeploy, deploy_stdout]} + value: + list_join: + - ',' + - - {get_attr: [SwiftStorageHieraDeploy, deploy_stdout]} + - {get_param: UpdateIdentifier} |