diff options
139 files changed, 3131 insertions, 3023 deletions
@@ -45,6 +45,8 @@ nosetests.xml *~ *.swp +*.bundle +Gemfile.lock doc/_build diff --git a/Gemfile b/Gemfile new file mode 100644 index 00000000..302ef415 --- /dev/null +++ b/Gemfile @@ -0,0 +1,24 @@ +source 'https://rubygems.org' + +group :development, :test do + gem 'puppetlabs_spec_helper', :require => false + + gem 'puppet-lint', '~> 1.1' + gem 'puppet-lint-absolute_classname-check' + gem 'puppet-lint-absolute_template_path' + gem 'puppet-lint-trailing_newline-check' + + # Puppet 4.x related lint checks + gem 'puppet-lint-unquoted_string-check' + gem 'puppet-lint-leading_zero-check' + gem 'puppet-lint-variable_contains_upcase' + gem 'puppet-lint-numericvariable' +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby @@ -22,19 +22,19 @@ overcloud.yaml: deprecated/overcloud-source.yaml deprecated/block-storage.yaml d python ./tripleo_heat_merge/merge.py --hot --scale NovaCompute=$${COMPUTESCALE:-'1'} --scale controller=$${CONTROLSCALE:-'1'} --scale SwiftStorage=$${SWIFTSTORAGESCALE:-'0'} --scale BlockStorage=$${BLOCKSTORAGESCALE:-'0'} --scale CephStorage=$${CEPHSTORAGESCALE:-'0'} deprecated/overcloud-source.yaml deprecated/block-storage.yaml deprecated/swift-source.yaml deprecated/swift-storage-source.yaml deprecated/ssl-source.yaml deprecated/swift-deploy.yaml deprecated/nova-compute-config.yaml ${CONTROLEXTRA} > $@.tmp mv $@.tmp $@ -undercloud-vm.yaml: undercloud-source.yaml undercloud-vm-nova-config.yaml undercloud-vm-nova-deploy.yaml +undercloud-vm.yaml: deprecated/undercloud-source.yaml deprecated/undercloud-vm-nova-config.yaml deprecated/undercloud-vm-nova-deploy.yaml python ./tripleo_heat_merge/merge.py --hot $^ > $@.tmp mv $@.tmp $@ -undercloud-bm.yaml: undercloud-source.yaml undercloud-bm-nova-config.yaml undercloud-bm-nova-deploy.yaml +undercloud-bm.yaml: deprecated/undercloud-source.yaml deprecated/undercloud-bm-nova-config.yaml deprecated/undercloud-bm-nova-deploy.yaml python ./tripleo_heat_merge/merge.py --hot $^ > $@.tmp mv $@.tmp $@ -undercloud-vm-ironic.yaml: undercloud-source.yaml undercloud-vm-ironic-config.yaml undercloud-vm-ironic-deploy.yaml +undercloud-vm-ironic.yaml: deprecated/undercloud-source.yaml deprecated/undercloud-vm-ironic-config.yaml deprecated/undercloud-vm-ironic-deploy.yaml python ./tripleo_heat_merge/merge.py --hot $^ > $@.tmp mv $@.tmp $@ -undercloud-vm-ironic-vlan.yaml: undercloud-source.yaml undercloud-vm-ironic-config.yaml undercloud-vm-ironic-deploy.yaml undercloud-vlan-port.yaml +undercloud-vm-ironic-vlan.yaml: deprecated/undercloud-source.yaml deprecated/undercloud-vm-ironic-config.yaml deprecated/undercloud-vm-ironic-deploy.yaml deprecated/undercloud-vlan-port.yaml python ./tripleo_heat_merge/merge.py --hot $^ > $@.tmp mv $@.tmp $@ diff --git a/README.md b/README.md deleted file mode 100644 index 97cc384e..00000000 --- a/README.md +++ /dev/null @@ -1,10 +0,0 @@ -templates -========= - -Generic templates to describe multi-host infrastructure, consumable by OpenStack Heat, Crowbar, others. - - -merge.py -======== - -The Makefile contains several targets for generated templates, see its contents for all of them. To run functional tests for merge.py, run 'make test'. diff --git a/README.rst b/README.rst new file mode 100644 index 00000000..148a741f --- /dev/null +++ b/README.rst @@ -0,0 +1,55 @@ +====================== +tripleo-heat-templates +====================== + +Heat templates to deploy OpenStack using OpenStack. + +* Free software: Apache license +* Documentation: http://docs.openstack.org/developer/tripleo-docs +* Source: http://git.openstack.org/cgit/openstack/tripleo-heat-templates +* Bugs: http://bugs.launchpad.net/tripleo + +Features +-------- + +The ability to deploy a multi-node, role based OpenStack deployment using +OpenStack Heat. Notable features include: + + * Choice of deployment/configuration tooling: puppet, os-apply-config, and + (soon) docker + + * Role based deployment: roles for the controller, compute, ceph, swift, + and cinder storage + + * physical network configuration: support for isolated networks, bonding, + and standard ctlplane networking + +Directories +----------- + +A description of the directory layout in TripleO Heat Templates. + + * deprecated: contains templates that have been deprecated + + * environments: contains heat environment files that can be used with -e + on the command like to enable features, etc. + + * extraconfig: templates used to enable 'extra' functionality. Includes + functionality for distro specific registration and upgrades. + + * firstboot: example first_boot scripts that can be used when initially + creating instances. + + * network: heat templates to help create isolated networks and ports + + * puppet: templates mostly driven by configuration with puppet. To use these + templates you can use the overcloud-resource-registry-puppet.yaml. + + * os-apply-config: templates mostly driven by configuration w/ + os-collect-config and bash based + elements (which use the Heat os-apply-config group). + These will soon be deprecated and are no longer part + of the upstream CI testing efforts. + + * validation-scripts: validation scripts useful to all deployment + configurations diff --git a/Rakefile b/Rakefile new file mode 100644 index 00000000..bca6a6c2 --- /dev/null +++ b/Rakefile @@ -0,0 +1,6 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' + +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_autoloader_layout') diff --git a/base.yaml b/base.yaml deleted file mode 100644 index a1ba509f..00000000 --- a/base.yaml +++ /dev/null @@ -1,77 +0,0 @@ -heat_template_version: 2013-05-23 -description: 'Tie OpenStack components together' -parameters: - KeystoneAdminToken: - description: Admin Token needed for keystone - type: string - hidden: true - TemplateRoot: - description: URL Base where all of our templates are available - type: string -resources: - RabbitMQ: - type: AWS::CloudFormation::Stack - TemplateURL: - Fn::Join: - - {get_param: TemplateRoot} - - rabbitmq.yaml - parameters: - InstanceType: m1.small - KeyName: default - RabbitMQImage: image-rabbitmq - MySQL: - type: AWS::CloudFormation::Stack - TemplateURL: - Fn::Join: - - {get_param: TemplateRoot} - - mysql.yaml - parameters: - InstanceType: m1.small - KeyName: default - MySQLImage: image-mysql - Keystone: - type: AWS::CloudFormation::Stack - TemplateURL: - Fn::Join: - - {get_param: TemplateRoot} - - keystone.yaml - parameters: - AdminToken: {get_param: KeystoneAdminToken} - KeyName: default - KeystoneDSN: - Fn::Join: - - 'mysql://keystone:' - - {get_attr: [ MySQL , KeystonePassword ]} - - '@' - - {get_attr: [ MySQL , MySQLHost ]} - - '/keystone' - Glance: - type: AWS::CloudFormation::Stack - TemplateURL: - Fn::Join: - - {get_param: TemplateRoot} - - glance.yaml - parameters: - KeyName: default - HeatDSN: - Fn::Join: - - 'mysql://glance:' - - {get_attr: [ MySQL, GlancePassword ] } - - '@' - - {get_attr: [ MySQL, MySQLHost ]} - - '/glance' - Heat: - type: AWS::CloudFormation::Stack - TemplateURL: - Fn::Join: - - {get_param: TemplateRoot} - - heat.yaml - parameters: - KeyName: default - HeatDSN: - Fn::Join: - - 'mysql://heat:' - - {get_attr: [ MySQL, HeatPassword ] } - - '@' - - {get_attr: [ MySQL, MySQLHost ]} - - '/heat' diff --git a/debian-mirror.yaml b/debian-mirror.yaml deleted file mode 100644 index ddfff6a6..00000000 --- a/debian-mirror.yaml +++ /dev/null @@ -1,31 +0,0 @@ -description: 'Debian-mirror: A Debian or Ubuntu mirror in the cloud' -parameters: - DebianMirrorArchitectures: - default: [{"arch": "amd64"}] - description: The architectures to be mirrored - type: JSON - DebianMirrorComponents: - default: ["main", "restricted", "universe", "multiverse"] - description: The components to be mirrored - type: JSON - DebianMirrorMirror: - default: http://archive.ubuntu.com/ubuntu - description: The mirror that is to be used as the source - type: string - DebianMirrorSuites: - default: ["saucy", "saucy-updates", "saucy-security"] - description: The suites to be mirrored - type: JSON -resources: - debianMirrorConfig: - type: AWS::AutoScaling::LaunchConfiguration - metadata: - debian-mirror: - mirror: - get_param: DebianMirrorMirror - suites: - get_param: DebianMirrorSuites - architectures: - get_param: DebianMirrorArchitectures - components: - get_param: DebianMirrorComponents diff --git a/undercloud-bm-nova-config.yaml b/deprecated/undercloud-bm-nova-config.yaml index 306dc0a1..306dc0a1 100644 --- a/undercloud-bm-nova-config.yaml +++ b/deprecated/undercloud-bm-nova-config.yaml diff --git a/undercloud-bm-nova-deploy.yaml b/deprecated/undercloud-bm-nova-deploy.yaml index dca68329..dca68329 100644 --- a/undercloud-bm-nova-deploy.yaml +++ b/deprecated/undercloud-bm-nova-deploy.yaml diff --git a/undercloud-source.yaml b/deprecated/undercloud-source.yaml index 6fe2066d..317896d9 100644 --- a/undercloud-source.yaml +++ b/deprecated/undercloud-source.yaml @@ -1,4 +1,4 @@ -description: All-in-one baremetal OpenStack and all dependencies. +description: Deprecated. Use instack-undercloud instead. All-in-one baremetal OpenStack and all dependencies. heat_template_version: 2013-05-23 parameters: AdminPassword: diff --git a/undercloud-vlan-port.yaml b/deprecated/undercloud-vlan-port.yaml index 7e39f5fc..7e39f5fc 100644 --- a/undercloud-vlan-port.yaml +++ b/deprecated/undercloud-vlan-port.yaml diff --git a/undercloud-vm-ironic-config.yaml b/deprecated/undercloud-vm-ironic-config.yaml index cc0dafb6..cc0dafb6 100644 --- a/undercloud-vm-ironic-config.yaml +++ b/deprecated/undercloud-vm-ironic-config.yaml diff --git a/undercloud-vm-ironic-deploy.yaml b/deprecated/undercloud-vm-ironic-deploy.yaml index 5d23495c..5d23495c 100644 --- a/undercloud-vm-ironic-deploy.yaml +++ b/deprecated/undercloud-vm-ironic-deploy.yaml diff --git a/undercloud-vm-nova-config.yaml b/deprecated/undercloud-vm-nova-config.yaml index 1fb8abb3..1fb8abb3 100644 --- a/undercloud-vm-nova-config.yaml +++ b/deprecated/undercloud-vm-nova-config.yaml diff --git a/undercloud-vm-nova-deploy.yaml b/deprecated/undercloud-vm-nova-deploy.yaml index da15b46d..da15b46d 100644 --- a/undercloud-vm-nova-deploy.yaml +++ b/deprecated/undercloud-vm-nova-deploy.yaml diff --git a/docker/README-containers.md b/docker/README-containers.md new file mode 100644 index 00000000..17990b54 --- /dev/null +++ b/docker/README-containers.md @@ -0,0 +1,50 @@ +# Using Docker Containers With TripleO + +## Configuring TripleO with to use a container based compute node. + +Steps include: +- Adding a base OS image to glance +- Deploy an overcloud configured to use the docker compute heat templates + +## Getting base OS image working. + +Download the fedora atomic image into glance: + +``` +wget https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2 +glance image-create --name atomic-image --file Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2 --disk-format qcow2 --container-format bare +``` + +## Configuring TripleO + +You can use the tripleo.sh script up until the point of running the Overcloud. +https://github.com/openstack/tripleo-common/blob/master/scripts/tripleo.sh + +Create the Overcloud: +``` +$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker-rdo.yaml --libvirt-type=qemu +``` + +Source the overcloudrc and then you can use the overcloud. + +## Debugging + +You can ssh into the controller/compute nodes by using the heat key, eg: +``` +nova list +ssh heat-admin@<compute_node_ip> +``` + +You can check to see what docker containers are running: +``` +sudo docker ps -a +``` + +To enter a container that doesn't seem to be working right: +``` +sudo docker exec -ti <container name> /bin/bash +``` + +Then you can check logs etc. + +You can also just do a 'docker logs' on a given container. diff --git a/docker/compute-post.yaml b/docker/compute-post.yaml new file mode 100644 index 00000000..0d049ebc --- /dev/null +++ b/docker/compute-post.yaml @@ -0,0 +1,228 @@ +heat_template_version: 2015-04-30 + +description: > + OpenStack compute node post deployment for Docker. + +parameters: + servers: + type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied + DockerComputeImage: + type: string + DockerComputeDataImage: + type: string + DockerLibvirtImage: + type: string + DockerNeutronAgentImage: + type: string + DockerOpenvswitchImage: + type: string + DockerOvsVswitchdImage: + type: string + DockerOpenvswitchDBImage: + type: string + +resources: + + ComputePuppetConfig: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_hiera: True + enable_facter: False + tags: package,file,concat,file_line,nova_config,neutron_config,neutron_agent_ovs,neutron_plugin_ml2 + inputs: + - name: tripleo::packages::enable_install + type: Boolean + default: True + outputs: + - name: result + config: + get_file: ../puppet/manifests/overcloud_compute.pp + + ComputePuppetDeployment: + type: OS::Heat::SoftwareDeployments + properties: + servers: {get_param: servers} + config: {get_resource: ComputePuppetConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} + tripleo::packages::enable_install: True + + CopyEtcConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + outputs: + - name: result + config: {get_file: ./copy-etc.sh} + + CopyEtcDeployment: + type: OS::Heat::SoftwareDeployments + depends_on: ComputePuppetDeployment + properties: + config: {get_resource: CopyEtcConfig} + servers: {get_param: servers} + + NovaComputeContainersDeploymentOVS: + type: OS::Heat::StructuredDeployments + properties: + config: {get_resource: NovaComputeContainersConfigOVS} + servers: {get_param: servers} + + NovaComputeContainersConfigOVS: + type: OS::Heat::StructuredConfig + properties: + group: docker-compose + config: + ovsvswitchd: + image: {get_param: DockerOvsVswitchdImage} + container_name: ovs-vswitchd + net: host + privileged: true + restart: always + volumes: + - /run:/run + - /lib/modules:/lib/modules:ro + environment: + - KOLLA_CONFIG_STRATEGY=CONFIG_EXTERNAL_COPY_ALWAYS + + openvswitchdb: + image: {get_param: DockerOpenvswitchDBImage} + container_name: ovs-db-server + net: host + restart: always + volumes: + - /run:/run + environment: + - KOLLA_CONFIG_STRATEGY=CONFIG_EXTERNAL_COPY_ALWAYS + + NovaComputeContainersDeploymentNetconfig: + type: OS::Heat::SoftwareDeployments + depends_on: NovaComputeContainersDeploymentOVS + properties: + config: {get_resource: NovaComputeContainersConfigNetconfig} + servers: {get_param: servers} + + # We run os-net-config here because we depend on the ovs containers to be up + # and running before we configure the network. This allows explicit timing + # of the network configuration. + NovaComputeContainersConfigNetconfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + outputs: + - name: result + config: | + #!/bin/bash + /usr/local/bin/run-os-net-config + + LibvirtContainersDeployment: + type: OS::Heat::StructuredDeployments + depends_on: [CopyEtcDeployment, ComputePuppetDeployment, NovaComputeContainersDeploymentNetconfig] + properties: + config: {get_resource: LibvirtContainersConfig} + servers: {get_param: servers} + + LibvirtContainersConfig: + type: OS::Heat::StructuredConfig + properties: + group: docker-compose + config: + computedata: + image: {get_param: DockerComputeDataImage} + container_name: computedata + + libvirt: + image: {get_param: DockerLibvirtImage} + container_name: libvirt + net: host + pid: host + privileged: true + restart: always + volumes: + - /run:/run + - /lib/modules:/lib/modules:ro + - /var/lib/etc-data/libvirt/libvirtd.conf:/opt/kolla/libvirtd/libvirtd.conf + - /var/lib/nova/instances:/var/lib/nova/instances + environment: + - KOLLA_CONFIG_STRATEGY=CONFIG_EXTERNAL_COPY_ALWAYS + volumes_from: + - computedata + + NovaComputeContainersDeployment: + type: OS::Heat::StructuredDeployments + depends_on: [CopyEtcDeployment, ComputePuppetDeployment, NovaComputeContainersDeploymentNetconfig, LibvirtContainersDeployment] + properties: + config: {get_resource: NovaComputeContainersConfig} + servers: {get_param: servers} + + NovaComputeContainersConfig: + type: OS::Heat::StructuredConfig + properties: + group: docker-compose + config: + openvswitch: + image: {get_param: DockerOpenvswitchImage} + container_name: openvswitch + net: host + privileged: true + restart: always + volumes: + - /run:/run + - /lib/modules:/lib/modules:ro + - /var/lib/etc-data/neutron/neutron.conf:/etc/kolla/neutron-openvswitch-agent/:ro + - /var/lib/etc-data/neutron/plugins/ml2/ml2_conf.ini:/etc/kolla/neutron-openvswitch-agent/:ro + environment: + - KOLLA_CONFIG_STRATEGY=CONFIG_EXTERNAL_COPY_ALWAYS + volumes_from: + - computedata + # FIXME: Kolla now uses a JSON model to run custom commands. We rebuilt a custom container to read in KOLLA_COMMAND_ARGS + + # FIXME: Here we're subjugating kolla's start scripts because we want our custom run command + neutronagent: + image: {get_param: DockerOpenvswitchImage} + container_name: neutronagent + net: host + pid: host + privileged: true + restart: always + volumes: + - /run:/run + - /lib/modules:/lib/modules:ro + - /var/lib/etc-data/neutron/neutron.conf:/etc/neutron/neutron.conf:ro + - /var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:ro + environment: + - KOLLA_CONFIG_STRATEGY=CONFIG_EXTERNAL_COPY_ALWAYS + # FIXME: Kolla now uses a JSON model to run custom commands. We rebuilt a custom container to read in KOLLA_COMMAND_ARGS + - KOLLA_COMMAND_ARGS=--config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini + volumes_from: + - computedata + + novacompute: + image: {get_param: DockerComputeImage} + container_name: novacompute + net: host + privileged: true + restart: always + volumes: + - /run:/run + - /sys/fs/cgroup:/sys/fs/cgroup + - /lib/modules:/lib/modules:ro + - /var/lib/etc-data/:/etc/:ro + - /var/lib/nova/instances:/var/lib/nova/instances + volumes_from: + - computedata + # FIXME: this skips the kolla start.sh script and just starts Nova + # Ideally we'd have an environment that switched the kolla container + # to be externally configured. + command: /usr/bin/nova-compute + + ExtraConfig: + depends_on: NovaComputeContainersDeployment + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} diff --git a/docker/copy-etc.sh b/docker/copy-etc.sh new file mode 100644 index 00000000..1a6cd520 --- /dev/null +++ b/docker/copy-etc.sh @@ -0,0 +1,3 @@ +#!/bin/bash +echo "Copying agent container /etc to /var/lib/etc-data" +cp -a /etc/* /var/lib/etc-data/ diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml new file mode 100644 index 00000000..8adc8939 --- /dev/null +++ b/docker/firstboot/install_docker_agents.yaml @@ -0,0 +1,28 @@ +heat_template_version: 2014-10-16 + +parameters: + DockerAgentImage: + type: string + default: dprince/heat-docker-agents-centos + +resources: + + userdata: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: install_docker_agents} + + install_docker_agents: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + str_replace: + params: + $agent_image: {get_param: DockerAgentImage} + template: {get_file: ./start_docker_agents.sh} + +outputs: + OS::stack_id: + value: {get_resource: userdata} diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh new file mode 100644 index 00000000..caf511bd --- /dev/null +++ b/docker/firstboot/start_docker_agents.sh @@ -0,0 +1,74 @@ +#!/bin/bash +set -eux + +# firstboot isn't split out by role yet so we handle it this way +if ! hostname | grep compute &>/dev/null; then + echo "Exiting. This script is only for the compute role." + exit 0 +fi + +mkdir -p /var/lib/etc-data/ #FIXME: this should be a docker data container + +# heat-docker-agents service +cat <<EOF > /etc/systemd/system/heat-docker-agents.service + +[Unit] +Description=Heat Docker Agent Container +After=docker.service +Requires=docker.service + +[Service] +User=root +Restart=on-failure +ExecStartPre=-/usr/bin/docker kill heat-agents +ExecStartPre=-/usr/bin/docker rm heat-agents +ExecStartPre=/usr/bin/docker pull $agent_image +ExecStart=/usr/bin/docker run --name heat-agents --privileged --net=host -v /var/lib/etc-data:/var/lib/etc-data -v /run:/run -v /etc:/host/etc -v /usr/bin/atomic:/usr/bin/atomic -v /var/lib/dhclient:/var/lib/dhclient -v /var/lib/cloud:/var/lib/cloud -v /var/lib/heat-cfntools:/var/lib/heat-cfntools --entrypoint=/usr/bin/os-collect-config $agent_image +ExecStop=/usr/bin/docker stop heat-agents + +[Install] +WantedBy=multi-user.target + +EOF + +# update docker for local insecure registry(optional) +# Note: This is different for different docker versions +# For older docker versions < 1.4.x use commented line +#echo "OPTIONS='--insecure-registry $docker_registry'" >> /etc/sysconfig/docker +#echo "ADD_REGISTRY='--registry-mirror $docker_registry'" >> /etc/sysconfig/docker + +# Local docker registry 1.8 +#/bin/sed -i s/ADD_REGISTRY/#ADD_REGISTRY/ /etc/sysconfig/docker + +/sbin/setenforce 0 +/sbin/modprobe ebtables + +# Create /var/lib/etc-data for now. FIXME: This should go into a data container. +#mkdir -p /var/lib/etc-data + +echo nameserver 8.8.8.8 > /etc/resolv.conf + +# We need hostname -f to return in a centos container for the puppet hook +HOSTNAME=$(hostname) +echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts + +# Another hack.. we need latest docker.. +/usr/bin/systemctl stop docker.service +/bin/curl -o /tmp/docker https://get.docker.com/builds/Linux/x86_64/docker-latest +/bin/mount -o remount,rw /usr +/bin/rm /bin/docker +/bin/cp /tmp/docker /bin/docker +/bin/chmod 755 /bin/docker + +# enable and start docker +/usr/bin/systemctl enable docker.service +/usr/bin/systemctl restart --no-block docker.service + +# enable and start heat-docker-agents +chmod 0640 /etc/systemd/system/heat-docker-agents.service +/usr/bin/systemctl enable heat-docker-agents.service +/usr/bin/systemctl start --no-block heat-docker-agents.service + +# Disable NetworkManager and let the ifup/down scripts work properly. +/usr/bin/systemctl disable NetworkManager +/usr/bin/systemctl stop NetworkManager diff --git a/environments/config-debug.yaml b/environments/config-debug.yaml new file mode 100644 index 00000000..b176c255 --- /dev/null +++ b/environments/config-debug.yaml @@ -0,0 +1,5 @@ +# A Heat environment file which can be used to enable config +# management (e.g. Puppet) debugging. + +parameter_defaults: + ConfigDebug: true diff --git a/environments/docker-rdo.yaml b/environments/docker-rdo.yaml new file mode 100644 index 00000000..8a6e1018 --- /dev/null +++ b/environments/docker-rdo.yaml @@ -0,0 +1,17 @@ +resource_registry: + # Docker container with heat agents for containerized compute node. + OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml + OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml + +parameters: + NovaImage: atomic-image + +parameter_defaults: + DockerComputeImage: rthallisey/centos-binary-nova-compute:liberty + DockerComputeDataImage: kollaglue/centos-rdo-nova-compute-data:liberty2 + DockerLibvirtImage: kollaglue/centos-rdo-nova-libvirt:liberty2 + DockerNeutronAgentImage: kollaglue/centos-rdo-neutron-agents:liberty2 + DockerOpenvswitchImage: rthallisey/centos-rdo-neutron-openvswitch-agent:latest + DockerOvsVswitchdImage: kollaglue/centos-rdo-ovs-vswitchd:liberty2 + DockerOpenvswitchDBImage: kollaglue/centos-rdo-ovs-db-server:liberty2 diff --git a/environments/net-multiple-nics.yaml b/environments/net-multiple-nics.yaml new file mode 100644 index 00000000..5ee516fb --- /dev/null +++ b/environments/net-multiple-nics.yaml @@ -0,0 +1,13 @@ +# This template configures each role to use a separate NIC for +# each isolated network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/multiple-nics/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/multiple-nics/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/multiple-nics/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/multiple-nics/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/multiple-nics/ceph-storage.yaml diff --git a/environments/neutron-ml2-cisco-n1kv.yaml b/environments/neutron-ml2-cisco-n1kv.yaml new file mode 100644 index 00000000..651e9564 --- /dev/null +++ b/environments/neutron-ml2-cisco-n1kv.yaml @@ -0,0 +1,11 @@ +# A Heat environment file which can be used to enable a +# a Cisco N1KV backend, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml + OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml + +parameter_defaults: + N1000vVSMIP: '192.0.2.50' + N1000vMgmtGatewayIP: '192.0.2.1' + N1000vVSMDomainID: '100' + N1000vVSMHostMgmtIntf: 'br-ex' diff --git a/environments/overcloud-steps.yaml b/environments/overcloud-steps.yaml index 99f73688..f61cbb6f 100644 --- a/environments/overcloud-steps.yaml +++ b/environments/overcloud-steps.yaml @@ -1,7 +1,7 @@ # Specifies hooks/breakpoints where overcloud deployment should stop # Allows operator validation between steps, and/or more granular control. # Note: the wildcards relate to naming convention for some resource suffixes, -# e.g see puppet/*-post-puppet.yaml, enabling this will mean we wait for +# e.g see puppet/*-post.yaml, enabling this will mean we wait for # a user signal on every *Deployment_StepN resource defined in those files. resource_registry: resources: diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index 3c7901cc..f22967f4 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -3,7 +3,7 @@ resource_registry: OS::TripleO::CephClusterConfig::SoftwareConfig: ../puppet/extraconfig/ceph/ceph-external-config.yaml -parameters: +parameter_defaults: # NOTE: These example parameters are required when using Ceph External #CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' #CephClientKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' @@ -13,6 +13,11 @@ parameters: NovaEnableRbdBackend: true CinderEnableRbdBackend: true GlanceBackend: rbd + # If the Ceph pools which host VMs, Volumes and Images do not match these + # names, edit the following as needed. + NovaRbdPoolName: vms + CinderRbdPoolName: volumes + GlanceRbdPoolName: images # finally we disable the Cinder LVM backend CinderEnableIscsiBackend: false diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 535ec6fe..5ccfa58e 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -1,7 +1,7 @@ ## A Heat environment file which can be used to set up storage ## backends. Defaults to Ceph used as a backend for Cinder, Glance and ## Nova ephemeral storage. -parameters: +parameter_defaults: #### BACKEND SELECTION #### diff --git a/examples/launchconfig1.yaml b/examples/launchconfig1.yaml deleted file mode 100644 index 70ea2463..00000000 --- a/examples/launchconfig1.yaml +++ /dev/null @@ -1,24 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - A: - Type: String - Default: test1 - B: - Type: String - Default: test2 - resource1Image: - Type: String - Default: resource1 -Resources: - notcomputeConfigBase: - Type: AWS::AutoScaling::LaunchConfiguration - Metadata: - OpenStack::Role: notcomputeConfig - a: {Ref: A} - b: {Ref: B} - resource1: - Type: OS::Nova::Server - Properties: - flavor: test_flavor - image: {Ref: resource1Image} - key_name: test_key diff --git a/examples/launchconfig1_hot.yaml b/examples/launchconfig1_hot.yaml deleted file mode 100644 index 4c86e76d..00000000 --- a/examples/launchconfig1_hot.yaml +++ /dev/null @@ -1,24 +0,0 @@ -heat_template_version: 2014-10-16 -parameters: - A: - type: string - default: test1 - B: - type: string - default: test2 - resource1Image: - type: string - default: resource1 -resources: - notcomputeConfigBase: - type: AWS::AutoScaling::LaunchConfiguration - metadata: - OpenStack::Role: notcomputeConfig - a: {get_param: A} - b: {get_param: B} - resource1: - type: OS::Nova::Server - properties: - flavor: test_flavor - image: {get_param: resource1Image} - key_name: test_key diff --git a/examples/launchconfig2.yaml b/examples/launchconfig2.yaml deleted file mode 100644 index 3ced0cc4..00000000 --- a/examples/launchconfig2.yaml +++ /dev/null @@ -1,20 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - C: - Type: String - Default: test3 - resource2Image: - Type: String - Default: resource2 -Resources: - notcomputeConfigMixin: - Type: AWS::AutoScaling::LaunchConfiguration - Metadata: - OpenStack::Role: notcomputeConfig - c: {Ref: C} - resource2: - Type: OS::Nova::Server - Properties: - flavor: test_flavor - image: {Ref: resource2Image} - key_name: test_key diff --git a/examples/launchconfig2_hot.yaml b/examples/launchconfig2_hot.yaml deleted file mode 100644 index 1586a4d0..00000000 --- a/examples/launchconfig2_hot.yaml +++ /dev/null @@ -1,20 +0,0 @@ -heat_template_version: 2014-10-16 -parameters: - C: - type: string - default: test3 - resource2Image: - type: string - default: resource2 -resources: - notcomputeConfigMixin: - type: AWS::AutoScaling::LaunchConfiguration - metadata: - OpenStack::Role: notcomputeConfig - c: {get_param: C} - resource2: - type: OS::Nova::Server - properties: - flavor: test_flavor - image: {get_param: resource2Image} - key_name: test_key diff --git a/examples/launchconfig_result.yaml b/examples/launchconfig_result.yaml deleted file mode 100644 index 76c12b84..00000000 --- a/examples/launchconfig_result.yaml +++ /dev/null @@ -1,43 +0,0 @@ -Description: examples/launchconfig1.yaml,examples/launchconfig2.yaml -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - A: - Default: test1 - Type: String - B: - Default: test2 - Type: String - C: - Default: test3 - Type: String - resource1Image: - Default: resource1 - Type: String - resource2Image: - Default: resource2 - Type: String -Resources: - notcomputeConfig: - Metadata: - OpenStack::Role: notcomputeConfig - a: - Ref: A - b: - Ref: B - c: - Ref: C - Type: AWS::AutoScaling::LaunchConfiguration - resource1: - Properties: - flavor: test_flavor - image: - Ref: resource1Image - key_name: test_key - Type: OS::Nova::Server - resource2: - Properties: - flavor: test_flavor - image: - Ref: resource2Image - key_name: test_key - Type: OS::Nova::Server diff --git a/examples/launchconfig_result_hot.yaml b/examples/launchconfig_result_hot.yaml deleted file mode 100644 index 1375bae9..00000000 --- a/examples/launchconfig_result_hot.yaml +++ /dev/null @@ -1,43 +0,0 @@ -description: examples/launchconfig1_hot.yaml,examples/launchconfig2_hot.yaml -heat_template_version: '2014-10-16' -parameters: - A: - default: test1 - type: string - B: - default: test2 - type: string - C: - default: test3 - type: string - resource1Image: - default: resource1 - type: string - resource2Image: - default: resource2 - type: string -resources: - notcomputeConfig: - metadata: - OpenStack::Role: notcomputeConfig - a: - get_param: A - b: - get_param: B - c: - get_param: C - type: AWS::AutoScaling::LaunchConfiguration - resource1: - properties: - flavor: test_flavor - image: - get_param: resource1Image - key_name: test_key - type: OS::Nova::Server - resource2: - properties: - flavor: test_flavor - image: - get_param: resource2Image - key_name: test_key - type: OS::Nova::Server diff --git a/examples/lib.yaml b/examples/lib.yaml deleted file mode 100644 index d42e95f8..00000000 --- a/examples/lib.yaml +++ /dev/null @@ -1,13 +0,0 @@ -Parameters: - ImportantValue: - Default: a_default - Type: String - BImage: - Type: String -Resources: - GenericB: - Type: OS::Nova::Server - Properties: - image: {Ref: BImage} - Metadata: - my_meta: {Ref: ImportantValue} diff --git a/examples/lib_hot.yaml b/examples/lib_hot.yaml deleted file mode 100644 index b5af05e4..00000000 --- a/examples/lib_hot.yaml +++ /dev/null @@ -1,13 +0,0 @@ -parameters: - ImportantValue: - default: a_default - type: string - BImage: - type: string -resources: - GenericB: - type: OS::Nova::Server - properties: - image: {get_param: BImage} - metadata: - my_meta: {get_param: ImportantValue} diff --git a/examples/scale1.yaml b/examples/scale1.yaml deleted file mode 100644 index 6acb6049..00000000 --- a/examples/scale1.yaml +++ /dev/null @@ -1,32 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Resources: - ComputeUser: - Type: AWS::IAM::User - Properties: - Policies: [ { Ref: ComputeAccessPolicy } ] - GlobalAccessPolicy: - Type: OS::Heat::AccessPolicy - NovaCompute0Key: - Type: FileInclude - Path: examples/scale2.yaml - SubKey: Resources.NovaCompute0Key - NovaCompute0CompletionCondition: - Type: FileInclude - Path: examples/scale2.yaml - SubKey: Resources.NovaCompute0CompletionCondition - NovaCompute0CompletionHandle: - Type: FileInclude - Path: examples/scale2.yaml - SubKey: Resources.NovaCompute0CompletionHandle - NovaCompute0Config: - Type: FileInclude - Path: examples/scale2.yaml - SubKey: Resources.NovaCompute0Config - Parameters: - ComputeImage: "123" - RabbitUserName: "guest" - RabbitPassword: "guest" - NovaCompute0: - Type: FileInclude - Path: examples/scale2.yaml - SubKey: Resources.NovaCompute0 diff --git a/examples/scale1_hot.yaml b/examples/scale1_hot.yaml deleted file mode 100644 index 6e46a32d..00000000 --- a/examples/scale1_hot.yaml +++ /dev/null @@ -1,32 +0,0 @@ -heat_template_version: 2014-10-16 -resources: - ComputeUser: - type: AWS::IAM::User - properties: - Policies: [ { get_param: ComputeAccessPolicy } ] - GlobalAccessPolicy: - type: OS::Heat::AccessPolicy - NovaCompute0Key: - type: FileInclude - Path: examples/scale2_hot.yaml - SubKey: resources.NovaCompute0Key - NovaCompute0CompletionCondition: - type: FileInclude - Path: examples/scale2_hot.yaml - SubKey: resources.NovaCompute0CompletionCondition - NovaCompute0CompletionHandle: - type: FileInclude - Path: examples/scale2_hot.yaml - SubKey: resources.NovaCompute0CompletionHandle - NovaCompute0Config: - type: FileInclude - Path: examples/scale2_hot.yaml - SubKey: resources.NovaCompute0Config - parameters: - ComputeImage: "123" - RabbitUserName: "guest" - RabbitPassword: "guest" - NovaCompute0: - type: FileInclude - Path: examples/scale2_hot.yaml - SubKey: resources.NovaCompute0 diff --git a/examples/scale2.yaml b/examples/scale2.yaml deleted file mode 100644 index 8b3e4f8f..00000000 --- a/examples/scale2.yaml +++ /dev/null @@ -1,69 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - ComputeImage: - Type: String - RabbitUserName: - Type: String - RabbitPassword: - Type: String - NoEcho: true -Resources: - ComputeAccessPolicy: - Type: OS::Heat::AccessPolicy - Properties: - AllowedResources: [ NovaCompute0 ] - NovaCompute0Key: - Type: AWS::IAM::AccessKey - Properties: - UserName: - Ref: ComputeUser - NovaCompute0CompletionCondition: - Type: AWS::CloudFormation::WaitCondition - DependsOn: notcompute - Properties: - Handle: {Ref: NovaCompute0CompletionHandle} - Count: '1' - Timeout: '1800' - NovaCompute0CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0: - Type: OS::Nova::Server - Properties: - image: - Ref: ComputeImage - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - secret_access_key: - Fn::GetAtt: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {Ref: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - NovaCompute0Config: - Type: AWS::AutoScaling::LaunchConfiguration - Metadata: - completion-handle: - Ref: NovaCompute0CompletionHandle - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - secret_access_key: - Fn::GetAtt: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {Ref: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - neutron: - ovs: - local_ip: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute0 - - networks - rabbit: - username: {Ref: RabbitUserName} - password: {Ref: RabbitPassword} - diff --git a/examples/scale2_hot.yaml b/examples/scale2_hot.yaml deleted file mode 100644 index eb507616..00000000 --- a/examples/scale2_hot.yaml +++ /dev/null @@ -1,62 +0,0 @@ -heat_template_version: 2014-10-16 -parameters: - ComputeImage: - type: string - RabbitUserName: - type: string - RabbitPassword: - type: string - hidden: true -resources: - ComputeAccessPolicy: - type: OS::Heat::AccessPolicy - properties: - AllowedResources: [ NovaCompute0 ] - NovaCompute0Key: - type: AWS::IAM::AccessKey - properties: - UserName: - get_param: ComputeUser - NovaCompute0CompletionCondition: - type: AWS::CloudFormation::WaitCondition - depends_on: notcompute - properties: - Handle: {get_resource: NovaCompute0CompletionHandle} - Count: '1' - Timeout: '1800' - NovaCompute0CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0: - type: OS::Nova::Server - properties: - image: - get_param: ComputeImage - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - secret_access_key: - get_attr: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {get_param: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - NovaCompute0Config: - type: AWS::AutoScaling::LaunchConfiguration - metadata: - completion-handle: - get_resource: NovaCompute0CompletionHandle - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - secret_access_key: - get_attr: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {get_param: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - neutron: - ovs: - local_ip: {get_attr: [NovaCompute0, networks, ctlplane, 0]} - rabbit: - username: {get_param: RabbitUserName} - password: {get_param: RabbitPassword} - diff --git a/examples/scale_map.yaml b/examples/scale_map.yaml deleted file mode 100644 index 08bcbf7c..00000000 --- a/examples/scale_map.yaml +++ /dev/null @@ -1,56 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Resources: - ComputeUser: - Type: AWS::IAM::User - Properties: - Policies: [ { Ref: ComputeAccessPolicy } ] - GlobalAccessPolicy: - Type: OS::Heat::AccessPolicy - NovaCompute0Key: - Type: FileInclude - Path: examples/scale_map2.yaml - SubKey: Resources.NovaCompute0Key - NovaCompute0CompletionCondition: - Type: FileInclude - Path: examples/scale_map2.yaml - SubKey: Resources.NovaCompute0CompletionCondition - NovaCompute0CompletionHandle: - Type: FileInclude - Path: examples/scale_map2.yaml - SubKey: Resources.NovaCompute0CompletionHandle - NovaCompute0Config: - Type: FileInclude - Path: examples/scale_map2.yaml - SubKey: Resources.NovaCompute0Config - Parameters: - AllHosts: - Fn::Join: - - "\n" - - Merge::Map: - NovaCompute0: - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute0 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - Fn::Join: - - '.' - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - 'local' - NovaCompute0: - Type: FileInclude - Path: examples/scale_map2.yaml - SubKey: Resources.NovaCompute0 diff --git a/examples/scale_map2.yaml b/examples/scale_map2.yaml deleted file mode 100644 index 7e5c839c..00000000 --- a/examples/scale_map2.yaml +++ /dev/null @@ -1,54 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - AllHosts: - Type: String - ComputeImage: - Type: String -Resources: - ComputeAccessPolicy: - Type: OS::Heat::AccessPolicy - Properties: - AllowedResources: [ NovaCompute0 ] - NovaCompute0Key: - Type: AWS::IAM::AccessKey - Properties: - UserName: - Ref: ComputeUser - NovaCompute0CompletionCondition: - Type: AWS::CloudFormation::WaitCondition - DependsOn: notcompute - Properties: - Handle: {Ref: NovaCompute0CompletionHandle} - Count: '1' - Timeout: '1800' - NovaCompute0CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0: - Type: OS::Nova::Server - Properties: - image: - Ref: ComputeImage - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - secret_access_key: - Fn::GetAtt: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {Ref: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - NovaCompute0Config: - Type: AWS::AutoScaling::LaunchConfiguration - Metadata: - completion-handle: - Ref: NovaCompute0CompletionHandle - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - secret_access_key: - Fn::GetAtt: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {Ref: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - hosts: - Ref: AllHosts diff --git a/examples/scale_map2_hot.yaml b/examples/scale_map2_hot.yaml deleted file mode 100644 index 1d7dc5fc..00000000 --- a/examples/scale_map2_hot.yaml +++ /dev/null @@ -1,54 +0,0 @@ -heat_template_version: 2014-10-16 -parameters: - AllHosts: - type: string - ComputeImage: - type: string -resources: - ComputeAccessPolicy: - type: OS::Heat::AccessPolicy - properties: - AllowedResources: [ NovaCompute0 ] - NovaCompute0Key: - type: AWS::IAM::AccessKey - properties: - UserName: - get_param: ComputeUser - NovaCompute0CompletionCondition: - type: AWS::CloudFormation::WaitCondition - depends_on: notcompute - properties: - Handle: {get_resource: NovaCompute0CompletionHandle} - Count: '1' - Timeout: '1800' - NovaCompute0CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0: - type: OS::Nova::Server - properties: - image: - get_param: ComputeImage - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - secret_access_key: - get_attr: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {get_param: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - NovaCompute0Config: - type: AWS::AutoScaling::LaunchConfiguration - metadata: - completion-handle: - get_resource: NovaCompute0CompletionHandle - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - secret_access_key: - get_attr: [ NovaCompute0Key, SecretAccessKey ] - stack_name: {get_param: 'AWS::StackName'} - path: NovaCompute0Config.Metadata - hosts: - get_param: AllHosts diff --git a/examples/scale_map_hot.yaml b/examples/scale_map_hot.yaml deleted file mode 100644 index 4a6d6843..00000000 --- a/examples/scale_map_hot.yaml +++ /dev/null @@ -1,42 +0,0 @@ -heat_template_version: 2014-10-16 -resources: - ComputeUser: - type: AWS::IAM::User - properties: - Policies: [ { get_param: ComputeAccessPolicy } ] - GlobalAccessPolicy: - type: OS::Heat::AccessPolicy - NovaCompute0Key: - type: FileInclude - Path: examples/scale_map2_hot.yaml - SubKey: resources.NovaCompute0Key - NovaCompute0CompletionCondition: - type: FileInclude - Path: examples/scale_map2_hot.yaml - SubKey: resources.NovaCompute0CompletionCondition - NovaCompute0CompletionHandle: - type: FileInclude - Path: examples/scale_map2_hot.yaml - SubKey: resources.NovaCompute0CompletionHandle - NovaCompute0Config: - type: FileInclude - Path: examples/scale_map2_hot.yaml - SubKey: resources.NovaCompute0Config - parameters: - AllHosts: - list_join: - - "\n" - - Merge::Map: - NovaCompute0: - list_join: - - ' ' - - - {get_attr: [NovaCompute0, networks, ctlplane, 0]} - - {get_attr: [NovaCompute0, show, name]} - - list_join: - - '.' - - - {get_attr: [NovaCompute0, show, name]} - - 'local' - NovaCompute0: - type: FileInclude - Path: examples/scale_map2_hot.yaml - SubKey: resources.NovaCompute0 diff --git a/examples/scale_map_result.yaml b/examples/scale_map_result.yaml deleted file mode 100644 index c4617835..00000000 --- a/examples/scale_map_result.yaml +++ /dev/null @@ -1,367 +0,0 @@ -Description: examples/scale_map.yaml -HeatTemplateFormatVersion: '2012-12-12' -Resources: - ComputeUser: - Properties: - Policies: - - Ref: ComputeAccessPolicy - Type: AWS::IAM::User - GlobalAccessPolicy: - Type: OS::Heat::AccessPolicy - NovaCompute0: - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Properties: - image: - Ref: ComputeImage - Type: OS::Nova::Server - NovaCompute0CompletionCondition: - DependsOn: notcompute - Properties: - Count: '1' - Handle: - Ref: NovaCompute0CompletionHandle - Timeout: '1800' - Type: AWS::CloudFormation::WaitCondition - NovaCompute0CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0Config: - Metadata: - completion-handle: - Ref: NovaCompute0CompletionHandle - hosts: - Fn::Join: - - ' - - ' - - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute0 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - local - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute1 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute1 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute1 - - show - - local - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute2 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute2 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute2 - - show - - local - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Type: AWS::AutoScaling::LaunchConfiguration - NovaCompute0Key: - Properties: - UserName: - Ref: ComputeUser - Type: AWS::IAM::AccessKey - NovaCompute1: - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute1Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Properties: - image: - Ref: ComputeImage - Type: OS::Nova::Server - NovaCompute1CompletionCondition: - DependsOn: notcompute - Properties: - Count: '1' - Handle: - Ref: NovaCompute1CompletionHandle - Timeout: '1800' - Type: AWS::CloudFormation::WaitCondition - NovaCompute1CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute1Config: - Metadata: - completion-handle: - Ref: NovaCompute1CompletionHandle - hosts: - Fn::Join: - - ' - - ' - - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute0 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - local - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute1 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute1 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute1 - - show - - local - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute2 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute2 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute2 - - show - - local - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute1Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Type: AWS::AutoScaling::LaunchConfiguration - NovaCompute1Key: - Properties: - UserName: - Ref: ComputeUser - Type: AWS::IAM::AccessKey - NovaCompute2: - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute2Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Properties: - image: - Ref: ComputeImage - Type: OS::Nova::Server - NovaCompute2CompletionCondition: - DependsOn: notcompute - Properties: - Count: '1' - Handle: - Ref: NovaCompute2CompletionHandle - Timeout: '1800' - Type: AWS::CloudFormation::WaitCondition - NovaCompute2CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute2Config: - Metadata: - completion-handle: - Ref: NovaCompute2CompletionHandle - hosts: - Fn::Join: - - ' - - ' - - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute0 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute0 - - show - - local - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute1 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute1 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute1 - - show - - local - - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute2 - - networks - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute2 - - show - - Fn::Join: - - . - - - Fn::Select: - - name - - Fn::GetAtt: - - NovaCompute2 - - show - - local - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute2Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Type: AWS::AutoScaling::LaunchConfiguration - NovaCompute2Key: - Properties: - UserName: - Ref: ComputeUser - Type: AWS::IAM::AccessKey diff --git a/examples/scale_map_result_hot.yaml b/examples/scale_map_result_hot.yaml deleted file mode 100644 index 4e657238..00000000 --- a/examples/scale_map_result_hot.yaml +++ /dev/null @@ -1,331 +0,0 @@ -description: examples/scale_map_hot.yaml -heat_template_version: '2014-10-16' -resources: - ComputeUser: - properties: - Policies: - - get_param: ComputeAccessPolicy - type: AWS::IAM::User - GlobalAccessPolicy: - type: OS::Heat::AccessPolicy - NovaCompute0: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - get_attr: - - NovaCompute0Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute0CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute0CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute0CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0Config: - metadata: - completion-handle: - get_resource: NovaCompute0CompletionHandle - hosts: - list_join: - - ' - - ' - - - list_join: - - ' ' - - - get_attr: - - NovaCompute0 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute0 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute0 - - show - - name - - local - - list_join: - - ' ' - - - get_attr: - - NovaCompute1 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute1 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute1 - - show - - name - - local - - list_join: - - ' ' - - - get_attr: - - NovaCompute2 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute2 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute2 - - show - - name - - local - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - get_attr: - - NovaCompute0Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute0Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey - NovaCompute1: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - get_attr: - - NovaCompute1Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute1CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute1CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute1CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute1Config: - metadata: - completion-handle: - get_resource: NovaCompute1CompletionHandle - hosts: - list_join: - - ' - - ' - - - list_join: - - ' ' - - - get_attr: - - NovaCompute0 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute0 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute0 - - show - - name - - local - - list_join: - - ' ' - - - get_attr: - - NovaCompute1 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute1 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute1 - - show - - name - - local - - list_join: - - ' ' - - - get_attr: - - NovaCompute2 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute2 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute2 - - show - - name - - local - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - get_attr: - - NovaCompute1Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute1Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey - NovaCompute2: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - get_attr: - - NovaCompute2Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute2CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute2CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute2CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute2Config: - metadata: - completion-handle: - get_resource: NovaCompute2CompletionHandle - hosts: - list_join: - - ' - - ' - - - list_join: - - ' ' - - - get_attr: - - NovaCompute0 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute0 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute0 - - show - - name - - local - - list_join: - - ' ' - - - get_attr: - - NovaCompute1 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute1 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute1 - - show - - name - - local - - list_join: - - ' ' - - - get_attr: - - NovaCompute2 - - networks - - ctlplane - - 0 - - get_attr: - - NovaCompute2 - - show - - name - - list_join: - - . - - - get_attr: - - NovaCompute2 - - show - - name - - local - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - get_attr: - - NovaCompute2Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute2Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey diff --git a/examples/scale_map_result_hot_blacklist.yaml b/examples/scale_map_result_hot_blacklist.yaml deleted file mode 100644 index decb0d5e..00000000 --- a/examples/scale_map_result_hot_blacklist.yaml +++ /dev/null @@ -1,367 +0,0 @@ -description: examples/scale_map_hot.yaml -heat_template_version: '2013-05-23' -resources: - ComputeUser: - properties: - Policies: - - get_param: ComputeAccessPolicy - type: AWS::IAM::User - GlobalAccessPolicy: - type: OS::Heat::AccessPolicy - NovaCompute0: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - get_attr: - - NovaCompute0Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute0CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute0CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute0CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0Config: - metadata: - completion-handle: - get_resource: NovaCompute0CompletionHandle - hosts: - list_join: - - ' - - ' - - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute0 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute0 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute0 - - show - - local - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute3 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute3 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute3 - - show - - local - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute4 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute4 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute4 - - show - - local - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - get_attr: - - NovaCompute0Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute0Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey - NovaCompute3: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute3Key - path: NovaCompute3Config.Metadata - secret_access_key: - get_attr: - - NovaCompute3Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute3CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute3CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute3CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute3Config: - metadata: - completion-handle: - get_resource: NovaCompute3CompletionHandle - hosts: - list_join: - - ' - - ' - - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute0 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute0 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute0 - - show - - local - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute3 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute3 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute3 - - show - - local - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute4 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute4 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute4 - - show - - local - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute3Key - path: NovaCompute3Config.Metadata - secret_access_key: - get_attr: - - NovaCompute3Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute3Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey - NovaCompute4: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute4Key - path: NovaCompute4Config.Metadata - secret_access_key: - get_attr: - - NovaCompute4Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute4CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute4CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute4CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute4Config: - metadata: - completion-handle: - get_resource: NovaCompute4CompletionHandle - hosts: - list_join: - - ' - - ' - - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute0 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute0 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute0 - - show - - local - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute3 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute3 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute3 - - show - - local - - list_join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - get_attr: - - NovaCompute4 - - networks - - Fn::Select: - - name - - get_attr: - - NovaCompute4 - - show - - list_join: - - . - - - Fn::Select: - - name - - get_attr: - - NovaCompute4 - - show - - local - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute4Key - path: NovaCompute4Config.Metadata - secret_access_key: - get_attr: - - NovaCompute4Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute4Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey diff --git a/examples/scale_result.yaml b/examples/scale_result.yaml deleted file mode 100644 index 5b28684b..00000000 --- a/examples/scale_result.yaml +++ /dev/null @@ -1,193 +0,0 @@ -Description: examples/scale1.yaml -HeatTemplateFormatVersion: '2012-12-12' -Resources: - ComputeUser: - Properties: - Policies: - - Ref: ComputeAccessPolicy - Type: AWS::IAM::User - GlobalAccessPolicy: - Type: OS::Heat::AccessPolicy - NovaCompute0: - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Properties: - image: - Ref: ComputeImage - Type: OS::Nova::Server - NovaCompute0CompletionCondition: - DependsOn: notcompute - Properties: - Count: '1' - Handle: - Ref: NovaCompute0CompletionHandle - Timeout: '1800' - Type: AWS::CloudFormation::WaitCondition - NovaCompute0CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0Config: - Metadata: - completion-handle: - Ref: NovaCompute0CompletionHandle - neutron: - ovs: - local_ip: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute0 - - networks - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - rabbit: - password: guest - username: guest - Type: AWS::AutoScaling::LaunchConfiguration - NovaCompute0Key: - Properties: - UserName: - Ref: ComputeUser - Type: AWS::IAM::AccessKey - NovaCompute1: - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute1Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Properties: - image: - Ref: ComputeImage - Type: OS::Nova::Server - NovaCompute1CompletionCondition: - DependsOn: notcompute - Properties: - Count: '1' - Handle: - Ref: NovaCompute1CompletionHandle - Timeout: '1800' - Type: AWS::CloudFormation::WaitCondition - NovaCompute1CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute1Config: - Metadata: - completion-handle: - Ref: NovaCompute1CompletionHandle - neutron: - ovs: - local_ip: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute1 - - networks - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute1Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - rabbit: - password: guest - username: guest - Type: AWS::AutoScaling::LaunchConfiguration - NovaCompute1Key: - Properties: - UserName: - Ref: ComputeUser - Type: AWS::IAM::AccessKey - NovaCompute2: - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute2Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - Properties: - image: - Ref: ComputeImage - Type: OS::Nova::Server - NovaCompute2CompletionCondition: - DependsOn: notcompute - Properties: - Count: '1' - Handle: - Ref: NovaCompute2CompletionHandle - Timeout: '1800' - Type: AWS::CloudFormation::WaitCondition - NovaCompute2CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - NovaCompute2Config: - Metadata: - completion-handle: - Ref: NovaCompute2CompletionHandle - neutron: - ovs: - local_ip: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - NovaCompute2 - - networks - os-collect-config: - cfn: - access_key_id: - Ref: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - Fn::GetAtt: - - NovaCompute2Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - rabbit: - password: guest - username: guest - Type: AWS::AutoScaling::LaunchConfiguration - NovaCompute2Key: - Properties: - UserName: - Ref: ComputeUser - Type: AWS::IAM::AccessKey diff --git a/examples/scale_result_hot.yaml b/examples/scale_result_hot.yaml deleted file mode 100644 index a1b27095..00000000 --- a/examples/scale_result_hot.yaml +++ /dev/null @@ -1,187 +0,0 @@ -description: examples/scale1_hot.yaml -heat_template_version: '2014-10-16' -resources: - ComputeUser: - properties: - Policies: - - get_param: ComputeAccessPolicy - type: AWS::IAM::User - GlobalAccessPolicy: - type: OS::Heat::AccessPolicy - NovaCompute0: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - get_attr: - - NovaCompute0Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute0CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute0CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute0CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute0Config: - metadata: - completion-handle: - get_resource: NovaCompute0CompletionHandle - neutron: - ovs: - local_ip: - get_attr: - - NovaCompute0 - - networks - - ctlplane - - 0 - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute0Key - path: NovaCompute0Config.Metadata - secret_access_key: - get_attr: - - NovaCompute0Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - rabbit: - password: guest - username: guest - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute0Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey - NovaCompute1: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - get_attr: - - NovaCompute1Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute1CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute1CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute1CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute1Config: - metadata: - completion-handle: - get_resource: NovaCompute1CompletionHandle - neutron: - ovs: - local_ip: - get_attr: - - NovaCompute1 - - networks - - ctlplane - - 0 - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute1Key - path: NovaCompute1Config.Metadata - secret_access_key: - get_attr: - - NovaCompute1Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - rabbit: - password: guest - username: guest - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute1Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey - NovaCompute2: - metadata: - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - get_attr: - - NovaCompute2Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - properties: - image: - get_param: ComputeImage - type: OS::Nova::Server - NovaCompute2CompletionCondition: - depends_on: notcompute - properties: - Count: '1' - Handle: - get_resource: NovaCompute2CompletionHandle - Timeout: '1800' - type: AWS::CloudFormation::WaitCondition - NovaCompute2CompletionHandle: - type: AWS::CloudFormation::WaitConditionHandle - NovaCompute2Config: - metadata: - completion-handle: - get_resource: NovaCompute2CompletionHandle - neutron: - ovs: - local_ip: - get_attr: - - NovaCompute2 - - networks - - ctlplane - - 0 - os-collect-config: - cfn: - access_key_id: - get_resource: NovaCompute2Key - path: NovaCompute2Config.Metadata - secret_access_key: - get_attr: - - NovaCompute2Key - - SecretAccessKey - stack_name: - get_param: AWS::StackName - rabbit: - password: guest - username: guest - type: AWS::AutoScaling::LaunchConfiguration - NovaCompute2Key: - properties: - UserName: - get_param: ComputeUser - type: AWS::IAM::AccessKey diff --git a/examples/source.yaml b/examples/source.yaml deleted file mode 100644 index 88f0bde7..00000000 --- a/examples/source.yaml +++ /dev/null @@ -1,16 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - SourceImage: - Type: String - Default: my_image -Resources: - A: - Type: OS::Nova::Server - Properties: - image: {Ref: SourceImage} - B: - Type: FileInclude - Path: examples/lib.yaml - SubKey: Resources.GenericB - Parameters: - ImportantValue: {'Fn::Join': [ '', ['one', 'two', 'three']]} diff --git a/examples/source2.yaml b/examples/source2.yaml deleted file mode 100644 index f59f85ef..00000000 --- a/examples/source2.yaml +++ /dev/null @@ -1,4 +0,0 @@ -__include__: - path: examples/lib.yaml - params: - ImportantValue: Foo diff --git a/examples/source2_hot.yaml b/examples/source2_hot.yaml deleted file mode 100644 index e3861a6c..00000000 --- a/examples/source2_hot.yaml +++ /dev/null @@ -1,4 +0,0 @@ -__include__: - path: examples/lib_hot.yaml - params: - ImportantValue: Foo diff --git a/examples/source2_lib_result.yaml b/examples/source2_lib_result.yaml deleted file mode 100644 index 172dce0f..00000000 --- a/examples/source2_lib_result.yaml +++ /dev/null @@ -1,16 +0,0 @@ -Description: examples/source2.yaml -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - BImage: - Type: String - ImportantValue: - Default: a_default - Type: String -Resources: - GenericB: - Metadata: - my_meta: Foo - Properties: - image: - Ref: BImage - Type: OS::Nova::Server diff --git a/examples/source2_lib_result_hot.yaml b/examples/source2_lib_result_hot.yaml deleted file mode 100644 index 294fed89..00000000 --- a/examples/source2_lib_result_hot.yaml +++ /dev/null @@ -1,16 +0,0 @@ -description: examples/source2_hot.yaml -heat_template_version: '2014-10-16' -parameters: - BImage: - type: string - ImportantValue: - default: a_default - type: string -resources: - GenericB: - metadata: - my_meta: Foo - properties: - image: - get_param: BImage - type: OS::Nova::Server diff --git a/examples/source_hot.yaml b/examples/source_hot.yaml deleted file mode 100644 index 15314886..00000000 --- a/examples/source_hot.yaml +++ /dev/null @@ -1,16 +0,0 @@ -heat_template_version: 2014-10-16 -parameters: - SourceImage: - type: string - default: my_image -resources: - A: - type: OS::Nova::Server - properties: - image: {get_param: SourceImage} - B: - type: FileInclude - Path: examples/lib_hot.yaml - SubKey: resources.GenericB - parameters: - ImportantValue: {"Fn::Join": [ '', ['one', 'two', 'three']]} diff --git a/examples/source_include_subkey.yaml b/examples/source_include_subkey.yaml deleted file mode 100644 index 37591d80..00000000 --- a/examples/source_include_subkey.yaml +++ /dev/null @@ -1,11 +0,0 @@ -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - Foo: - Type: String -Resources: - __include__: - path: examples/lib.yaml - subkey: Resources - params: - BImage: - Ref: Foo diff --git a/examples/source_include_subkey_hot.yaml b/examples/source_include_subkey_hot.yaml deleted file mode 100644 index 8970db44..00000000 --- a/examples/source_include_subkey_hot.yaml +++ /dev/null @@ -1,11 +0,0 @@ -heat_template_version: 2014-10-16 -parameters: - Foo: - type: string -resources: - __include__: - path: examples/lib_hot.yaml - subkey: resources - params: - BImage: - get_param: Foo diff --git a/examples/source_include_subkey_result.yaml b/examples/source_include_subkey_result.yaml deleted file mode 100644 index 641e8148..00000000 --- a/examples/source_include_subkey_result.yaml +++ /dev/null @@ -1,14 +0,0 @@ -Description: examples/source_include_subkey.yaml -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - Foo: - Type: String -Resources: - GenericB: - Metadata: - my_meta: - Ref: ImportantValue - Properties: - image: - Ref: Foo - Type: OS::Nova::Server diff --git a/examples/source_include_subkey_result_hot.yaml b/examples/source_include_subkey_result_hot.yaml deleted file mode 100644 index ec3bfb6f..00000000 --- a/examples/source_include_subkey_result_hot.yaml +++ /dev/null @@ -1,14 +0,0 @@ -description: examples/source_include_subkey_hot.yaml -heat_template_version: '2014-10-16' -parameters: - Foo: - type: string -resources: - GenericB: - metadata: - my_meta: - get_param: ImportantValue - properties: - image: - get_param: Foo - type: OS::Nova::Server diff --git a/examples/source_lib_result.yaml b/examples/source_lib_result.yaml deleted file mode 100644 index 5844c813..00000000 --- a/examples/source_lib_result.yaml +++ /dev/null @@ -1,24 +0,0 @@ -Description: examples/source.yaml -HeatTemplateFormatVersion: '2012-12-12' -Parameters: - SourceImage: - Default: my_image - Type: String -Resources: - A: - Properties: - image: - Ref: SourceImage - Type: OS::Nova::Server - B: - Metadata: - my_meta: - Fn::Join: - - '' - - - one - - two - - three - Properties: - image: - Ref: BImage - Type: OS::Nova::Server diff --git a/examples/source_lib_result_hot.yaml b/examples/source_lib_result_hot.yaml deleted file mode 100644 index 0235f200..00000000 --- a/examples/source_lib_result_hot.yaml +++ /dev/null @@ -1,24 +0,0 @@ -description: examples/source_hot.yaml -heat_template_version: '2014-10-16' -parameters: - SourceImage: - default: my_image - type: string -resources: - A: - properties: - image: - get_param: SourceImage - type: OS::Nova::Server - B: - metadata: - my_meta: - list_join: - - '' - - - one - - two - - three - properties: - image: - get_param: BImage - type: OS::Nova::Server diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml deleted file mode 100644 index 7b48392d..00000000 --- a/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resource_registry: - OS::TripleO::NodeExtraConfigPost: rhel-registration.yaml diff --git a/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml index 70437a8a..70437a8a 100644 --- a/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration-resource-registry.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration-resource-registry.yaml new file mode 100644 index 00000000..75453302 --- /dev/null +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration-resource-registry.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::NodeExtraConfig: rhel-registration.yaml diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index bf6c88cd..d5160915 100644 --- a/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -6,8 +6,8 @@ description: > # Note extra parameters can be defined, then passed data via the # environment parameter_defaults, without modifying the parent template parameters: - servers: - type: json + server: + type: string # To be defined via a local or global environment in parameter_defaults rhel_reg_activation_key: type: string @@ -71,9 +71,9 @@ resources: config: {get_file: scripts/rhel-registration} RHELRegistrationDeployment: - type: OS::Heat::SoftwareDeployments + type: OS::Heat::SoftwareDeployment properties: - servers: {get_param: servers} + server: {get_param: server} config: {get_resource: RHELRegistration} actions: ['CREATE'] # Only do this on CREATE input_values: @@ -104,10 +104,16 @@ resources: - name: REG_METHOD RHELUnregistrationDeployment: - type: OS::Heat::SoftwareDeployments + type: OS::Heat::SoftwareDeployment properties: - servers: {get_param: servers} + server: {get_param: server} config: {get_resource: RHELUnregistration} actions: ['DELETE'] # Only do this on DELETE input_values: REG_METHOD: {get_param: rhel_reg_method} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [RHELRegistrationDeployment, deploy_stdout]} + diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index cbbd6a1d..cbbd6a1d 100644 --- a/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-unregistration index 1e72e0a6..1e72e0a6 100644 --- a/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-unregistration diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index 3d4c772b..9125ca07 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -8,6 +8,7 @@ # command_arguments - yum command arguments, defaults to "" echo "Started yum_update.sh on server $deploy_server_id at `date`" +echo -n "false" > $heat_outputs_path.update_managed_packages if [[ -z "$update_identifier" ]]; then echo "Not running due to unset update_identifier" @@ -20,6 +21,9 @@ mkdir -p $timestamp_dir # sanitise to remove unusual characters update_identifier=${update_identifier//[^a-zA-Z0-9-_]/} +# seconds to wait for this node to rejoin the cluster after update +cluster_start_timeout=360 + timestamp_file="$timestamp_dir/$update_identifier" if [[ -a "$timestamp_file" ]]; then echo "Not running for already-run timestamp \"$update_identifier\"" @@ -27,6 +31,34 @@ if [[ -a "$timestamp_file" ]]; then fi touch "$timestamp_file" +command_arguments=${command_arguments:-} + +list_updates=$(yum list updates) + +if [[ "$list_updates" == "" ]]; then + echo "No packages require updating" + exit 0 +fi + +pacemaker_status=$(systemctl is-active pacemaker) + +if [[ "$pacemaker_status" == "active" ]] ; then + echo "Pacemaker running, stopping cluster node and doing full package update" + node_count=$(pcs status xml | grep -o "<nodes_configured.*/>" | grep -o 'number="[0-9]*"' | grep -o "[0-9]*") + if [[ "$node_count" == "1" ]] ; then + echo "Active node count is 1, stopping node with --force" + pcs cluster stop --force + else + pcs cluster stop + fi +else + echo "Excluding upgrading packages that are handled by config management tooling" + command_arguments="$command_arguments --skip-broken" + for exclude in $(cat /var/lib/tripleo/installed-packages/* | sort -u); do + command_arguments="$command_arguments --exclude $exclude" + done +fi + command=${command:-update} full_command="yum -y $command $command_arguments" echo "Running: $full_command" @@ -36,6 +68,27 @@ return_code=$? echo "$result" echo "yum return code: $return_code" +if [[ "$pacemaker_status" == "active" ]] ; then + echo "Starting cluster node" + pcs cluster start + + hostname=$(hostname -s) + tstart=$(date +%s) + while [[ "$(pcs status | grep "^Online" | grep -F -o $hostname)" == "" ]]; do + sleep 5 + tnow=$(date +%s) + if (( tnow-tstart > cluster_start_timeout )) ; then + echo "ERROR $hostname failed to join cluster in $cluster_start_timeout seconds" + pcs status + exit 1 + fi + done + pcs status + +else + echo -n "true" > $heat_outputs_path.update_managed_packages +fi + echo "Finished yum_update.sh on server $deploy_server_id at `date`" exit $return_code diff --git a/extraconfig/tasks/yum_update.yaml b/extraconfig/tasks/yum_update.yaml index e918149e..d313ca9f 100644 --- a/extraconfig/tasks/yum_update.yaml +++ b/extraconfig/tasks/yum_update.yaml @@ -20,7 +20,10 @@ resources: - name: command_arguments description: yum command arguments, defaults to "" default: '' + outputs: + - name: update_managed_packages + description: boolean value indicating whether to upgrade managed packages outputs: OS::stack_id: - value: {get_resource: config}
\ No newline at end of file + value: {get_resource: config} diff --git a/nagios3.yaml b/nagios3.yaml deleted file mode 100644 index e2ba8ccf..00000000 --- a/nagios3.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright 2014 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -heat_template_version: 2013-05-23 -description: Deploy Nagios -parameters: - adm_web_passwd: - type: string - description: Password for initial admin user - hidden: true - external_network: - type: string - description: Network to attach floating ips to. - default: ext-net - flavor: - type: string - description: What flavor to use for the nagios server. - default: m1.small - image: - type: string - description: Image for Nagios. - default: nagios - key_name: - type: string - description: What Nova SSH key to use for the nagios server. - default: default - monitor_networks: - type: json - description: Neutron networks to monitor. - default: [] - nova_os_auth_url: - type: string - default: '' - description: URL for Keystone to access Nova. - nova_os_password: - type: string - hidden: true - description: password to present to nova_host_ip. - default: '' - nova_os_username: - type: string - description: username to present to nova_host_ip. - default: '' - nova_os_tenant_name: - type: string - description: tenant name to present to nova_host_ip. - default: '' - server_network: - type: string - description: Network id for server. - default: default-net -resources: - nagios_config: - type: OS::Heat::StructuredConfig - properties: - config: - nagios3: - adm_web_passwd: { get_input: adm_web_passwd } - os_auth_url: { get_input: nova_os_auth_url } - os_password: { get_input: nova_os_password } - os_username: { get_input: nova_os_username } - os_tenant_name: { get_input: nova_os_tenant_name } - monitor_networks: { get_input: monitor_networks } - completion-signal: { get_input: deploy_signal_id } - nagios_security_group: - type: OS::Neutron::SecurityGroup - properties: - name: monitoring - rules: - - direction: ingress - port_range_max: 22 - port_range_min: 22 - protocol: tcp - - direction: ingress - port_range_max: 80 - port_range_min: 80 - protocol: tcp - - direction: ingress - protocol: icmp - - direction: egress - protocol: tcp - - direction: egress - protocol: udp - - direction: egress - protocol: icmp - nagios_net_port: - type: OS::Neutron::Port - properties: - network_id: { get_param: server_network } - security_groups: [ { get_resource: nagios_security_group } ] - nagios_server: - type: OS::Nova::Server - properties: - flavor: { get_param: flavor } - image: { get_param: image } - key_name: { get_param: key_name } - networks: - - network: { get_param: server_network } - port: { get_resource: nagios_net_port } - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - - NodeUserData: - type: OS::TripleO::NodeUserData - - nagios_floating_ip: - type: OS::Neutron::FloatingIP - properties: - floating_network_id: { get_param: external_network } - port_id: { get_resource: nagios_net_port } - nagios_deploy: - type: OS::Heat::StructuredDeployment - properties: - server: { get_resource: nagios_server } - config: { get_resource: nagios_config } - input_values: - adm_web_passwd: { get_param: adm_web_passwd } - nova_os_auth_url: { get_param: nova_os_auth_url } - nova_os_password: { get_param: nova_os_password } - nova_os_username: { get_param: nova_os_username } - nova_os_tenant_name: { get_param: nova_os_tenant_name } - monitor_networks: { get_param: monitor_networks } -outputs: - nagios_address: - description: Address of Nagios admin interface. - value: { get_attr: [ nagios_floating_ip, floating_ip_address ] } diff --git a/net-config-bond.yaml b/net-config-bond.yaml index d74fc0bc..797df4bf 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -4,6 +4,10 @@ description: > Software Config to drive os-net-config with 2 bonded nics on a bridge. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml index c3416e02..ad16ef0b 100644 --- a/net-config-bridge.yaml +++ b/net-config-bridge.yaml @@ -4,6 +4,10 @@ description: > Software Config to drive os-net-config for a simple bridge. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network diff --git a/net-config-noop.yaml b/net-config-noop.yaml index 3d88dd9c..30de5846 100644 --- a/net-config-noop.yaml +++ b/net-config-noop.yaml @@ -5,6 +5,10 @@ description: > to use the parameter driven (init-neutron-ovs) configuration instead. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network diff --git a/net-config-static-bridge.yaml b/net-config-static-bridge.yaml new file mode 100644 index 00000000..52c8f895 --- /dev/null +++ b/net-config-static-bridge.yaml @@ -0,0 +1,84 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config for a simple bridge configured + with a static IP address for the ctlplane network. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index cd70cbef..620d1f7a 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -5,6 +5,10 @@ description: > with VLANs attached for the ceph storage role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -38,7 +42,20 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number - + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -49,6 +66,25 @@ resources: os_net_config: network_config: - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - type: ovs_bridge name: br-bond members: @@ -69,15 +105,15 @@ resources: device: bond1 vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index 866112cb..f4c6de8f 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -5,6 +5,10 @@ description: > with VLANs attached for the cinder storage role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -42,6 +46,20 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -52,6 +70,25 @@ resources: os_net_config: network_config: - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - type: ovs_bridge name: br-bond members: @@ -72,22 +109,22 @@ resources: device: bond1 vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 3a46a48d..8cb3705b 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -5,6 +5,10 @@ description: > with VLANs attached for the compute role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -42,6 +46,20 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -52,6 +70,25 @@ resources: os_net_config: network_config: - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - type: ovs_bridge name: {get_input: bridge_name} members: @@ -72,22 +109,22 @@ resources: device: bond1 vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: TenantNetworkVlanID} addresses: - - - ip_netmask: {get_param: TenantIpSubnet} + - + ip_netmask: {get_param: TenantIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index 3c19f515..4290be20 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -5,6 +5,10 @@ description: > with VLANs attached for the controller role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -55,6 +59,17 @@ parameters: default: '10.0.0.1' description: default route for the external network type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -65,8 +80,24 @@ resources: os_net_config: network_config: - + type: interface + name: nic1 + use_dhcp: false + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - type: ovs_bridge name: {get_input: bridge_name} + dns_servers: {get_param: DnsServers} members: - type: ovs_bond @@ -96,29 +127,29 @@ resources: device: bond1 vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: TenantNetworkVlanID} addresses: - - - ip_netmask: {get_param: TenantIpSubnet} + - + ip_netmask: {get_param: TenantIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index f31ed0e7..f6b2a699 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -5,6 +5,10 @@ description: > with VLANs attached for the swift storage role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -42,6 +46,20 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -52,6 +70,25 @@ resources: os_net_config: network_config: - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - type: ovs_bridge name: br-bond members: @@ -72,22 +109,22 @@ resources: device: bond1 vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan device: bond1 vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/README.md b/network/config/multiple-nics/README.md new file mode 100644 index 00000000..3d81f0be --- /dev/null +++ b/network/config/multiple-nics/README.md @@ -0,0 +1,21 @@ +This directory contains Heat templates to help configure +multiple NICs for each Overcloud role, where it is +assumed that each NIC is running a specific network +traffic type and that VLANs are not being used. + +Configuration +------------- + +To make use of these templates create a Heat environment that looks +something like this: + + resource\_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/multiple-nics/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: network/config/multiple-nics/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: network/config/multiple-nics/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/multiple-nics/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/multiple-nics/ceph-storage.yaml + +Or use this Heat environment file: + + environments/net-multiple-nics.yaml diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml new file mode 100644 index 00000000..a0508583 --- /dev/null +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -0,0 +1,113 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the ceph storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: json + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + type: interface + name: nic2 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: interface + name: nic3 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml new file mode 100644 index 00000000..c84586bb --- /dev/null +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -0,0 +1,120 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the cinder storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: json + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + type: interface + name: nic2 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: interface + name: nic3 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: interface + name: nic4 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml new file mode 100644 index 00000000..70a18081 --- /dev/null +++ b/network/config/multiple-nics/compute.yaml @@ -0,0 +1,116 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the compute role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: json + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + type: interface + name: nic2 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: interface + name: nic4 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + # Create a bridge which can also be used for VLAN-mode bridge mapping + type: ovs_bridge + name: br-tenant + use_dhcp: false + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + members: + - + type: interface + name: nic5 + use_dhcp: false + # force the MAC address of the bridge to this interface + primary: true + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml new file mode 100644 index 00000000..63f53a1f --- /dev/null +++ b/network/config/multiple-nics/controller.yaml @@ -0,0 +1,152 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the controller role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: json + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + type: interface + name: nic2 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: interface + name: nic3 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: interface + name: nic4 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + # Create a bridge which can also be used for VLAN-mode bridge mapping + type: ovs_bridge + name: br-tenant + use_dhcp: false + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + members: + - + type: interface + name: nic5 + use_dhcp: false + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + ip_netmask: 0.0.0.0/0 + next_hop: {get_param: ExternalInterfaceDefaultRoute} + members: + - + type: interface + name: nic6 + # force the MAC address of the bridge to this interface + primary: true + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml new file mode 100644 index 00000000..25ac75f2 --- /dev/null +++ b/network/config/multiple-nics/swift-storage.yaml @@ -0,0 +1,120 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the swift storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: json + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + type: interface + name: nic2 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: interface + name: nic3 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: interface + name: nic4 + use_dhcp: false + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml index 4a25f763..5148c520 100644 --- a/network/config/single-nic-vlans/ceph-storage.yaml +++ b/network/config/single-nic-vlans/ceph-storage.yaml @@ -5,6 +5,10 @@ description: > ceph storage role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -33,6 +37,20 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -45,7 +63,22 @@ resources: - type: ovs_bridge name: br-storage - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} members: - type: interface @@ -56,14 +89,14 @@ resources: type: vlan vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml index 397b1ecd..e79a9f4b 100644 --- a/network/config/single-nic-vlans/cinder-storage.yaml +++ b/network/config/single-nic-vlans/cinder-storage.yaml @@ -5,6 +5,10 @@ description: > cinder storage role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -37,6 +41,20 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -49,7 +67,22 @@ resources: - type: ovs_bridge name: br-storage - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} members: - type: interface @@ -60,20 +93,20 @@ resources: type: vlan vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml index c73aed5e..4e93b31c 100644 --- a/network/config/single-nic-vlans/compute.yaml +++ b/network/config/single-nic-vlans/compute.yaml @@ -5,6 +5,10 @@ description: > compute role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -37,6 +41,20 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -49,7 +67,22 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} members: - type: interface @@ -60,20 +93,20 @@ resources: type: vlan vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan vlan_id: {get_param: TenantNetworkVlanID} addresses: - - - ip_netmask: {get_param: TenantIpSubnet} + - + ip_netmask: {get_param: TenantIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index 4cfa1317..3c536d67 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -5,6 +5,10 @@ description: > controller role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -49,6 +53,17 @@ parameters: default: '10.0.0.1' description: default route for the external network type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -61,7 +76,19 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} members: - type: interface @@ -82,26 +109,26 @@ resources: type: vlan vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} - type: vlan vlan_id: {get_param: TenantNetworkVlanID} addresses: - - - ip_netmask: {get_param: TenantIpSubnet} + - + ip_netmask: {get_param: TenantIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml index f033ced7..83b3304f 100644 --- a/network/config/single-nic-vlans/swift-storage.yaml +++ b/network/config/single-nic-vlans/swift-storage.yaml @@ -5,6 +5,10 @@ description: > swift storage role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -37,6 +41,20 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -49,7 +67,22 @@ resources: - type: ovs_bridge name: br-storage - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} members: - type: interface @@ -60,20 +93,20 @@ resources: type: vlan vlan_id: {get_param: InternalApiNetworkVlanID} addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} + - + ip_netmask: {get_param: InternalApiIpSubnet} - type: vlan vlan_id: {get_param: StorageNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageIpSubnet} + - + ip_netmask: {get_param: StorageIpSubnet} - type: vlan vlan_id: {get_param: StorageMgmtNetworkVlanID} addresses: - - - ip_netmask: {get_param: StorageMgmtIpSubnet} + - + ip_netmask: {get_param: StorageMgmtIpSubnet} outputs: OS::stack_id: diff --git a/all-nodes-config.yaml b/os-apply-config/all-nodes-config.yaml index 3f0bd61c..3f0bd61c 100644 --- a/all-nodes-config.yaml +++ b/os-apply-config/all-nodes-config.yaml diff --git a/ceph-cluster-config.yaml b/os-apply-config/ceph-cluster-config.yaml index c3cf8e8a..4e435ffb 100644 --- a/ceph-cluster-config.yaml +++ b/os-apply-config/ceph-cluster-config.yaml @@ -27,6 +27,15 @@ parameters: type: comma_delimited_list ceph_mon_ips: type: comma_delimited_list + NovaRbdPoolName: + default: vms + type: string + CinderRbdPoolName: + default: volumes + type: string + GlanceRbdPoolName: + default: images + type: string resources: CephClusterConfigImpl: diff --git a/ceph-storage-post.yaml b/os-apply-config/ceph-storage-post.yaml index 734f90bd..734f90bd 100644 --- a/ceph-storage-post.yaml +++ b/os-apply-config/ceph-storage-post.yaml diff --git a/ceph-storage.yaml b/os-apply-config/ceph-storage.yaml index 5f9f5373..fc321d88 100644 --- a/ceph-storage.yaml +++ b/os-apply-config/ceph-storage.yaml @@ -20,10 +20,12 @@ parameters: default: '' description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephMonitors: default: '' description: The list of ip/names to use as Ceph monitors @@ -85,6 +87,7 @@ resources: NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} diff --git a/cinder-storage-post.yaml b/os-apply-config/cinder-storage-post.yaml index ad4e0460..ad4e0460 100644 --- a/cinder-storage-post.yaml +++ b/os-apply-config/cinder-storage-post.yaml diff --git a/cinder-storage.yaml b/os-apply-config/cinder-storage.yaml index f65d9289..7f1164c4 100644 --- a/cinder-storage.yaml +++ b/os-apply-config/cinder-storage.yaml @@ -87,6 +87,7 @@ parameters: RabbitPassword: default: 'guest' type: string + hidden: true RabbitUserName: default: 'guest' type: string @@ -165,6 +166,7 @@ resources: NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} diff --git a/compute-post.yaml b/os-apply-config/compute-post.yaml index 695690d4..695690d4 100644 --- a/compute-post.yaml +++ b/os-apply-config/compute-post.yaml diff --git a/compute.yaml b/os-apply-config/compute.yaml index 9a2c6f17..ee55c587 100644 --- a/compute.yaml +++ b/os-apply-config/compute.yaml @@ -29,6 +29,10 @@ parameters: default: false description: Whether to enable or not the NFS backend for Cinder type: boolean + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean Debug: default: '' description: Set to True to enable debugging on all services. @@ -181,6 +185,24 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true + NeutronCorePlugin: + default: "ml2" + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -315,6 +337,7 @@ resources: NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} @@ -366,6 +389,9 @@ resources: agent_mode: {get_input: neutron_agent_mode} ovs_db: {get_input: neutron_dsn} metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} + core_plugin: {get_input: neutron_core_plugin} + service_plugins: {get_input: neutron_service_plugins} + type_drivers: {get_input: neutron_type_drivers} mechanism_drivers: {get_input: neutron_mechanism_drivers} allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} l3_ha: {get_input: neutron_l3_ha} @@ -443,6 +469,23 @@ resources: neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} diff --git a/controller-post.yaml b/os-apply-config/controller-post.yaml index aac96357..aac96357 100644 --- a/controller-post.yaml +++ b/os-apply-config/controller-post.yaml diff --git a/controller.yaml b/os-apply-config/controller.yaml index 79f5ece5..f289d9b5 100644 --- a/controller.yaml +++ b/os-apply-config/controller.yaml @@ -215,9 +215,11 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + hidden: true HorizonSecret: description: Secret key for Django type: string + hidden: true Image: type: string default: overcloud-control @@ -317,6 +319,24 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -417,6 +437,7 @@ parameters: PcsdPassword: type: string description: The password for the 'pcsd' user. + hidden: true PublicVirtualInterface: default: 'br-ex' description: > @@ -449,6 +470,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string RedisVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug @@ -585,6 +610,7 @@ resources: NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} @@ -686,6 +712,9 @@ resources: metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} agent_mode: {get_input: neutron_agent_mode} router_distributed: {get_input: neutron_router_distributed} + core_plugin: {get_input: neutron_core_plugin} + service_plugins: {get_input: neutron_service_plugins} + type_drivers: {get_input: neutron_type_drivers} mechanism_drivers: {get_input: neutron_mechanism_drivers} allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} l3_ha: {get_input: neutron_l3_ha} @@ -933,6 +962,23 @@ resources: neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} diff --git a/swift-devices-and-proxy-config.yaml b/os-apply-config/swift-devices-and-proxy-config.yaml index 4f01dbea..4f01dbea 100644 --- a/swift-devices-and-proxy-config.yaml +++ b/os-apply-config/swift-devices-and-proxy-config.yaml diff --git a/swift-storage-post.yaml b/os-apply-config/swift-storage-post.yaml index 1b1c406d..1b1c406d 100644 --- a/swift-storage-post.yaml +++ b/os-apply-config/swift-storage-post.yaml diff --git a/swift-storage.yaml b/os-apply-config/swift-storage.yaml index 1a2967fa..d62d7d1a 100644 --- a/swift-storage.yaml +++ b/os-apply-config/swift-storage.yaml @@ -149,6 +149,7 @@ resources: NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} diff --git a/vip-config.yaml b/os-apply-config/vip-config.yaml index 8f984ab7..8f984ab7 100644 --- a/vip-config.yaml +++ b/os-apply-config/vip-config.yaml diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index cdf626ea..7e65d4b1 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -1,22 +1,22 @@ resource_registry: - OS::TripleO::BlockStorage: puppet/cinder-storage-puppet.yaml + OS::TripleO::BlockStorage: puppet/cinder-storage.yaml OS::TripleO::BlockStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::Compute: puppet/compute-puppet.yaml + OS::TripleO::Compute: puppet/compute.yaml OS::TripleO::Compute::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment - OS::TripleO::Controller: puppet/controller-puppet.yaml + OS::TripleO::Controller: puppet/controller.yaml OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml - OS::TripleO::ObjectStorage: puppet/swift-storage-puppet.yaml + OS::TripleO::ObjectStorage: puppet/swift-storage.yaml OS::TripleO::ObjectStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::CephStorage: puppet/ceph-storage-puppet.yaml + OS::TripleO::CephStorage: puppet/ceph-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::ControllerPostDeployment: puppet/controller-post-puppet.yaml + OS::TripleO::ControllerPostDeployment: puppet/controller-post.yaml # set to controller-config-pacemaker.yaml to enable pacemaker OS::TripleO::ControllerConfig: puppet/controller-config.yaml - OS::TripleO::ComputePostDeployment: puppet/compute-post-puppet.yaml + OS::TripleO::ComputePostDeployment: puppet/compute-post.yaml OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml - OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post-puppet.yaml + OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml OS::TripleO::CephClusterConfig::SoftwareConfig: puppet/ceph-cluster-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml @@ -30,10 +30,13 @@ resource_registry: # Hooks for operator extra config # NodeUserData == Cloud-init additional user-data, e.g cloud-config # ControllerExtraConfigPre == Controller configuration pre service deployment + # NodeExtraConfig == All nodes configuration pre service deployment # NodeExtraConfigPost == All nodes configuration post service deployment OS::TripleO::NodeUserData: firstboot/userdata_default.yaml OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::ComputeExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml + OS::TripleO::CephStorageExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml + OS::TripleO::NodeExtraConfig: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml # "AllNodes" Extra cluster config, runs on all nodes prior to the post_deploy diff --git a/overcloud-resource-registry.yaml b/overcloud-resource-registry.yaml index dd7e1a1c..d6eb97f9 100644 --- a/overcloud-resource-registry.yaml +++ b/overcloud-resource-registry.yaml @@ -1,23 +1,23 @@ resource_registry: - OS::TripleO::BlockStorage: cinder-storage.yaml + OS::TripleO::BlockStorage: os-apply-config/cinder-storage.yaml OS::TripleO::BlockStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::Compute: compute.yaml + OS::TripleO::Compute: os-apply-config/compute.yaml OS::TripleO::Compute::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment - OS::TripleO::Controller: controller.yaml + OS::TripleO::Controller: os-apply-config/controller.yaml OS::TripleO::Controller::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::ObjectStorage: swift-storage.yaml + OS::TripleO::ObjectStorage: os-apply-config/swift-storage.yaml OS::TripleO::ObjectStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::CephStorage: ceph-storage.yaml + OS::TripleO::CephStorage: os-apply-config/ceph-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml - OS::TripleO::ControllerPostDeployment: controller-post.yaml - OS::TripleO::ComputePostDeployment: compute-post.yaml - OS::TripleO::ObjectStoragePostDeployment: swift-storage-post.yaml - OS::TripleO::BlockStoragePostDeployment: cinder-storage-post.yaml - OS::TripleO::CephStoragePostDeployment: ceph-storage-post.yaml - OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: swift-devices-and-proxy-config.yaml - OS::TripleO::CephClusterConfig::SoftwareConfig: ceph-cluster-config.yaml - OS::TripleO::AllNodes::SoftwareConfig: all-nodes-config.yaml + OS::TripleO::ControllerPostDeployment: os-apply-config/controller-post.yaml + OS::TripleO::ComputePostDeployment: os-apply-config/compute-post.yaml + OS::TripleO::ObjectStoragePostDeployment: os-apply-config/swift-storage-post.yaml + OS::TripleO::BlockStoragePostDeployment: os-apply-config/cinder-storage-post.yaml + OS::TripleO::CephStoragePostDeployment: os-apply-config/ceph-storage-post.yaml + OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: os-apply-config/swift-devices-and-proxy-config.yaml + OS::TripleO::CephClusterConfig::SoftwareConfig: os-apply-config/ceph-cluster-config.yaml + OS::TripleO::AllNodes::SoftwareConfig: os-apply-config/all-nodes-config.yaml OS::TripleO::BootstrapNode::SoftwareConfig: bootstrap-config.yaml OS::TripleO::NodeUserData: firstboot/userdata_default.yaml OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml @@ -31,7 +31,7 @@ resource_registry: # TripleO overcloud networks OS::TripleO::Network: network/networks.yaml - OS::TripleO::VipConfig: vip-config.yaml + OS::TripleO::VipConfig: os-apply-config/vip-config.yaml OS::TripleO::Network::External: network/noop.yaml OS::TripleO::Network::InternalApi: network/noop.yaml @@ -73,4 +73,4 @@ resource_registry: OS::TripleO::Controller::Ports::RedisVipPort: network/ports/noop.yaml # validation resources - OS::TripleO::AllNodes::Validation: all-nodes-validation.yaml + OS::TripleO::AllNodes::Validation: os-apply-config/all-nodes-validation.yaml diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index e7c4dfc7..a1ae3907 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -1,8 +1,10 @@ heat_template_version: 2015-04-30 description: > - Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL - server,Dedicated RabbitMQ Server,Group of Nova Computes + Deploy an OpenStack environment, consisting of several node types (roles), + Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage + roles enable independent scaling of the storage components, but the minimal + deployment is one Controller and one Compute node. # TODO(shadower): we should probably use the parameter groups to put @@ -38,10 +40,12 @@ parameters: default: '' description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -50,6 +54,7 @@ parameters: default: '' description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. type: string + hidden: true CephExternalMonHost: default: '' type: string @@ -58,6 +63,10 @@ parameters: default: true description: Whether to enable or not the Iscsi backend for Cinder type: boolean + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean CloudName: default: '' description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -78,6 +87,14 @@ parameters: default: http description: Protocol to use when connecting to glance, set to https for SSL. type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + HorizonAllowedHosts: + default: '*' + description: A list of IP/Hostname allowed to connect to horizon + type: comma_delimited_list ImageUpdatePolicy: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. @@ -103,9 +120,9 @@ parameters: type: string default: "datacentre:br-ex" NeutronControlPlaneID: - default: '' + default: 'ctlplane' type: string - description: Neutron ID for ctlplane network. + description: Neutron ID or name for ctlplane network. NeutronEnableTunnelling: type: string default: "True" @@ -154,6 +171,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronTunnelTypes: default: 'vxlan' description: | @@ -172,6 +190,23 @@ parameters: of VXLAN VNI IDs that are available for tenant network allocation default: ["1:1000", ] type: comma_delimited_list + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -179,7 +214,7 @@ parameters: values, use a comma separated string, like so: 'openvswitch,l2_population' type: string NeutronAllowL3AgentFailover: - default: 'True' + default: 'False' description: Allow automatic l3-agent failover type: string NeutronL3HA: @@ -188,7 +223,7 @@ parameters: type: string NeutronDhcpAgentsPerNetwork: type: number - default: 3 + default: 1 description: The number of neutron dhcp agents to schedule per network NovaPassword: default: unset @@ -232,6 +267,11 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + # We need to set this as string because 'unlimited' is a valid setting + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -248,10 +288,6 @@ parameters: description: The keystone auth secret. type: string hidden: true - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean CinderLVMLoopDeviceSize: default: 5000 description: The size of the loopback file used by the cinder LVM driver. @@ -280,6 +316,8 @@ parameters: ControllerCount: type: number default: 1 + constraints: + - range: {min: 1} controllerExtraConfig: default: {} description: | @@ -760,9 +798,11 @@ resources: GlanceBackend: {get_param: GlanceBackend} GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy} GlanceLogFile: {get_param: GlanceLogFile} + HAProxySyslogAddress: {get_param: HAProxySyslogAddress} HeatPassword: {get_param: HeatPassword} HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} + HorizonAllowedHosts: {get_param: HorizonAllowedHosts} HorizonSecret: {get_resource: HorizonSecret} Image: {get_param: controllerImage} ImageUpdatePolicy: {get_param: ImageUpdatePolicy} @@ -792,6 +832,9 @@ resources: NeutronDVR: {get_param: NeutronDVR} NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NeutronAgentMode: {get_param: NeutronAgentMode} + NeutronCorePlugin: {get_param: NeutronCorePlugin} + NeutronServicePlugins: {get_param: NeutronServicePlugins} + NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} NeutronL3HA: {get_param: NeutronL3HA} @@ -808,6 +851,7 @@ resources: RabbitCookie: {get_attr: [RabbitCookie, value]} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} + RabbitFDLimit: {get_param: RabbitFDLimit} SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} @@ -823,8 +867,13 @@ resources: VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now. PublicVirtualIP: {get_attr: [PublicVirtualIP, ip_address]} ServiceNetMap: {get_param: ServiceNetMap} + CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} @@ -850,6 +899,7 @@ resources: CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} CeilometerPassword: {get_param: CeilometerPassword} CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} + CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} Debug: {get_param: Debug} ExtraConfig: {get_param: ExtraConfig} Flavor: {get_param: OvercloudComputeFlavor} @@ -875,6 +925,9 @@ resources: NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NeutronAgentMode: {get_param: NeutronComputeAgentMode} NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} + NeutronCorePlugin: {get_param: NeutronCorePlugin} + NeutronServicePlugins: {get_param: NeutronServicePlugins} + NeutronTypeDrivers: {get_param: NeutronTypeDrivers} NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} # L3 HA and Failover is not relevant for Computes, should be removed NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} @@ -1054,7 +1107,7 @@ resources: depends_on: Networks properties: name: control_virtual_ip - network_id: {get_param: NeutronControlPlaneID} + network: {get_param: NeutronControlPlaneID} fixed_ips: {get_param: ControlFixedIPs} replacement_policy: AUTO diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml index 99265493..5e54a621 100644 --- a/puppet/ceph-cluster-config.yaml +++ b/puppet/ceph-cluster-config.yaml @@ -27,6 +27,15 @@ parameters: type: comma_delimited_list ceph_mon_ips: type: comma_delimited_list + NovaRbdPoolName: + default: vms + type: string + CinderRbdPoolName: + default: volumes + type: string + GlanceRbdPoolName: + default: images + type: string resources: CephClusterConfigImpl: @@ -69,11 +78,21 @@ resources: secret: 'ADMIN_KEY', mode: '0644', cap_mon: 'allow r', - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images' + cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL' } }" params: ADMIN_KEY: {get_param: ceph_admin_key} + NOVA_POOL: {get_param: NovaRbdPoolName} + CINDER_POOL: {get_param: CinderRbdPoolName} + GLANCE_POOL: {get_param: GlanceRbdPoolName} + nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} + cinder_rbd_pool_name: {get_param: CinderRbdPoolName} + glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} + ceph_pools: + - {get_param: CinderRbdPoolName} + - {get_param: NovaRbdPoolName} + - {get_param: GlanceRbdPoolName} outputs: config_id: diff --git a/puppet/ceph-storage-post-puppet.yaml b/puppet/ceph-storage-post.yaml index 1b5b944d..0f7dd36f 100644 --- a/puppet/ceph-storage-post-puppet.yaml +++ b/puppet/ceph-storage-post.yaml @@ -4,6 +4,10 @@ description: > OpenStack ceph storage node post deployment for Puppet parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean servers: type: json NodeConfigIdentifiers: @@ -16,6 +20,8 @@ resources: type: OS::Heat::SoftwareConfig properties: group: puppet + options: + enable_debug: {get_param: ConfigDebug} outputs: - name: result config: diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage.yaml index f08b83cd..75294599 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage.yaml @@ -102,6 +102,7 @@ resources: NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} @@ -138,6 +139,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} @@ -148,6 +150,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - ceph_extraconfig - extraconfig @@ -167,9 +170,25 @@ resources: mapped_data: ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} ceph::profile::params::public_network: {get_input: ceph_public_network} + # Hook for site-specific additional pre-deployment config, e.g extra hieradata + CephStorageExtraConfigPre: + depends_on: CephStorageDeployment + type: OS::TripleO::CephStorageExtraConfigPre + properties: + server: {get_resource: CephStorage} + + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: CephStorageExtraConfigPre + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: CephStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -202,4 +221,9 @@ outputs: value: {get_attr: [StorageMgmtPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying - value: {get_attr: [CephStorageDeployment, deploy_stdout]} + value: + list_join: + - ',' + - - {get_attr: [CephStorageDeployment, deploy_stdout]} + - {get_attr: [CephStorageExtraConfigPre, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index 24d2b8a3..c97cfcf9 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -2,6 +2,10 @@ heat_template_version: 2015-04-30 description: 'OpenStack cinder storage post deployment for Puppet' parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean servers: type: json NodeConfigIdentifiers: @@ -14,6 +18,8 @@ resources: type: OS::Heat::SoftwareConfig properties: group: puppet + options: + enable_debug: {get_param: ConfigDebug} outputs: - name: result config: diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage.yaml index d764c6f7..6a869219 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage.yaml @@ -59,6 +59,7 @@ parameters: RabbitPassword: default: 'guest' type: string + hidden: true RabbitUserName: default: 'guest' type: string @@ -161,6 +162,7 @@ resources: NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} @@ -216,6 +218,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles BlockStorageConfig: @@ -225,6 +228,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - volume_extraconfig - extraconfig @@ -256,9 +260,18 @@ resources: cinder::glance::glance_api_servers: {get_input: glance_api_servers} ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: BlockStorageDeployment + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: BlockStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -294,4 +307,8 @@ outputs: value: {get_attr: [StorageMgmtPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying - value: {get_attr: [BlockStorageDeployment, deploy_stdout]} + value: + list_join: + - '' + - - {get_attr: [BlockStorageDeployment, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/compute-post-puppet.yaml b/puppet/compute-post.yaml index b4a6126b..b63b06b4 100644 --- a/puppet/compute-post-puppet.yaml +++ b/puppet/compute-post.yaml @@ -4,6 +4,10 @@ description: > OpenStack compute node post deployment for Puppet. parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean servers: type: json NodeConfigIdentifiers: @@ -17,6 +21,8 @@ resources: type: OS::Heat::SoftwareConfig properties: group: puppet + options: + enable_debug: {get_param: ConfigDebug} outputs: - name: result config: diff --git a/puppet/compute-puppet.yaml b/puppet/compute.yaml index 74e9b63e..2b635357 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute.yaml @@ -29,6 +29,10 @@ parameters: default: false description: Whether to enable or not the NFS backend for Cinder type: boolean + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean Debug: default: '' description: Set to True to enable debugging on all services. @@ -149,6 +153,24 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -312,6 +334,7 @@ resources: NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} @@ -332,6 +355,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - compute_extraconfig - extraconfig @@ -341,6 +365,7 @@ resources: - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - common + - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre datafiles: compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} @@ -364,6 +389,7 @@ resources: nova_api_host: {get_input: nova_api_host} nova::compute::vncproxy_host: {get_input: nova_public_ip} nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend} + rbd_persistent_storage: {get_input: cinder_enable_rbd_backend} nova_password: {get_input: nova_password} nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} ceilometer::debug: {get_input: debug} @@ -402,11 +428,15 @@ resources: neutron_router_distributed: {get_input: neutron_router_distributed} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} + neutron::core_plugin: {get_input: neutron_core_plugin} + neutron::service_plugins: {get_input: neutron_service_plugins} + neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} admin_password: {get_input: admin_password} ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} NovaComputeDeployment: type: OS::TripleO::SoftwareDeployment @@ -423,6 +453,7 @@ resources: nova_api_host: {get_param: NovaApiHost} nova_password: {get_param: NovaPassword} nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend} + cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} @@ -480,6 +511,23 @@ resources: neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} neutron_url: @@ -505,6 +553,7 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Hook for site-specific additional pre-deployment config, e.g extra hieradata ComputeExtraConfigPre: @@ -513,6 +562,14 @@ resources: properties: server: {get_resource: NovaCompute} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: ComputeExtraConfigPre + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: NovaCompute} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -561,3 +618,4 @@ outputs: - ',' - - {get_attr: [NovaComputeDeployment, deploy_stdout]} - {get_attr: [ComputeExtraConfigPre, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index 38161cd7..dc81498a 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -3,6 +3,12 @@ heat_template_version: 2015-04-30 description: > A software config which runs manifests/overcloud_controller_pacemaker.pp +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + resources: ControllerPuppetConfigImpl: @@ -10,6 +16,7 @@ resources: properties: group: puppet options: + enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False outputs: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index 4135ffac..f85e1a9e 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -3,6 +3,12 @@ heat_template_version: 2015-04-30 description: > A software config which runs manifests/overcloud_controller.pp +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + resources: ControllerPuppetConfigImpl: @@ -10,6 +16,7 @@ resources: properties: group: puppet options: + enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False outputs: diff --git a/puppet/controller-post-puppet.yaml b/puppet/controller-post.yaml index 49cbe1e2..941e1ac5 100644 --- a/puppet/controller-post-puppet.yaml +++ b/puppet/controller-post.yaml @@ -4,6 +4,10 @@ description: > OpenStack controller node post deployment for Puppet. parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean servers: type: json NodeConfigIdentifiers: @@ -46,6 +50,7 @@ resources: properties: group: puppet options: + enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False inputs: diff --git a/puppet/controller-puppet.yaml b/puppet/controller.yaml index eb19b36d..4504428d 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller.yaml @@ -4,6 +4,11 @@ description: > OpenStack controller node configured by Puppet. parameters: + AdminEmail: + default: 'admin@example.com' + description: The email for the keystone admin account. + type: string + hidden: true AdminPassword: default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. @@ -14,6 +19,9 @@ parameters: description: The keystone auth secret and db password. type: string hidden: true + CeilometerApiVirtualIP: + type: string + default: '' CeilometerBackend: default: 'mongodb' description: The ceilometer backend type. @@ -28,6 +36,9 @@ parameters: description: The password for the ceilometer service and db account. type: string hidden: true + CinderApiVirtualIP: + type: string + default: '' CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -174,6 +185,34 @@ parameters: type: string constraints: - allowed_values: ['swift', 'file', 'rbd'] + GlanceFilePcmkDevice: + default: '' + description: > + An exported storage device that should be mounted by Pacemaker + as Glance storage. Effective when GlanceFilePcmkManage is true. + type: string + GlanceFilePcmkFstype: + default: 'nfs' + description: > + Filesystem type for Pacemaker mount used as Glance storage. + Effective when GlanceFilePcmkManage is true. + type: string + GlanceFilePcmkManage: + default: false + description: > + Whether to make Glance file backend a mount managed by Pacemaker. + Effective when GlanceBackend is 'file'. + type: boolean + GlanceFilePcmkOptions: + default: '' + description: > + Mount options for Pacemaker mount used as Glance storage. + Effective when GlanceFilePcmkManage is true. + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string HeatPassword: default: unset description: The password for the Heat service and db account, used by the Heat services. @@ -187,9 +226,15 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + hidden: true + HorizonAllowedHosts: + default: '*' + description: A list of IP/Hostname allowed to connect to horizon + type: comma_delimited_list HorizonSecret: description: Secret key for Django type: string + hidden: true Image: type: string default: overcloud-control @@ -237,6 +282,10 @@ parameters: type: string constraints: - allowed_values: [ 'basic', 'cadf' ] + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -297,6 +346,24 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list NeutronMechanismDrivers: default: 'openvswitch' description: | @@ -378,6 +445,9 @@ parameters: of VXLAN VNI IDs that are available for tenant network allocation default: ["1:1000", ] type: comma_delimited_list + NovaApiVirtualIP: + type: string + default: '' NovaPassword: default: unset description: The password for the nova service and db account, used by nova-api. @@ -393,13 +463,14 @@ parameters: PcsdPassword: type: string description: The password for the 'pcsd' user. + hidden: true PublicVirtualInterface: default: 'br-ex' description: > Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string - PublicVirtualIP: # DEPRECATED: use per service settings instead + PublicVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug RabbitCookie: @@ -425,6 +496,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string RedisVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug @@ -475,6 +550,9 @@ parameters: services. hidden: true type: string + SwiftProxyVirtualIP: + type: string + default: '' SwiftReplicas: type: number default: 3 @@ -488,6 +566,9 @@ parameters: GlanceApiVirtualIP: type: string default: '' + GlanceRegistryVirtualIP: + type: string + default: '' MysqlVirtualIP: type: string default: '' @@ -602,6 +683,7 @@ resources: NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} @@ -626,6 +708,7 @@ resources: input_values: bootstack_nodeid: {get_attr: [Controller, name]} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} + haproxy_log_address: {get_param: HAProxySyslogAddress} heat.watch_server_url: list_join: - '' @@ -645,7 +728,9 @@ resources: - {get_param: HeatApiVirtualIP} - ':8000/v1/waitcondition' heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} + horizon_allowed_hosts: {get_param: HorizonAllowedHosts} horizon_secret: {get_param: HorizonSecret} + admin_email: {get_param: AdminEmail} admin_password: {get_param: AdminPassword} admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} @@ -677,6 +762,10 @@ resources: glance_port: {get_param: GlancePort} glance_password: {get_param: GlancePassword} glance_backend: {get_param: GlanceBackend} + glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice} + glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype} + glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage} + glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} glance_log_file: {get_param: GlanceLogFile} glance_dsn: @@ -718,13 +807,25 @@ resources: - '' - - 'http://' - {get_param: KeystoneAdminApiVirtualIP} - - ':35357/' + - ':35357' keystone_auth_uri: list_join: - '' - - 'http://' - {get_param: KeystonePublicApiVirtualIP} - ':5000/v2.0/' + keystone_public_url: + list_join: + - '' + - - 'http://' + - {get_param: PublicVirtualIP} + - ':5000' + keystone_internal_url: + list_join: + - '' + - - 'http://' + - {get_param: KeystonePublicApiVirtualIP} + - ':5000' keystone_ec2_uri: list_join: - '' @@ -747,6 +848,23 @@ resources: neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} neutron_agent_mode: {get_param: NeutronAgentMode} neutron_router_distributed: {get_param: NeutronDVR} + neutron_core_plugin: {get_param: NeutronCorePlugin} + neutron_service_plugins: + str_replace: + template: "['PLUGINS']" + params: + PLUGINS: + list_join: + - "','" + - {get_param: NeutronServicePlugins} + neutron_type_drivers: + str_replace: + template: "['DRIVERS']" + params: + DRIVERS: + list_join: + - "','" + - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} @@ -817,7 +935,9 @@ resources: ceilometer_dsn: list_join: - '' - - - 'mysql://ceilometer:unset@' + - - 'mysql://ceilometer:' + - {get_param: CeilometerPassword} + - '@' - {get_param: MysqlVirtualIP} - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} @@ -839,6 +959,14 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} mongodb_no_journal: {get_param: MongoDbNoJournal} + # We need to force this into quotes or hiera will return integer causing + # the puppet module validation regexp to fail. + # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401 + rabbit_fd_limit: + str_replace: + template: "'LIMIT'" + params: + LIMIT: {get_param: RabbitFDLimit} ntp_servers: str_replace: template: '["server"]' @@ -853,6 +981,7 @@ resources: swift_min_part_hours: {get_param: SwiftMinPartHours} swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} @@ -867,9 +996,11 @@ resources: - {get_param: GlanceApiVirtualIP} - ':' - {get_param: GlancePort} + glance_registry_host: {get_param: GlanceRegistryVirtualIP} heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + keystone_region: {get_param: KeystoneRegion} mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} @@ -895,6 +1026,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - controller_extraconfig - extraconfig @@ -912,6 +1044,7 @@ resources: - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre + - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre datafiles: controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} @@ -983,7 +1116,7 @@ resources: glance::api::bind_host: {get_input: glance_api_network} glance::api::auth_uri: {get_input: keystone_auth_uri} glance::api::identity_uri: {get_input: keystone_identity_uri} - glance::api::registry_host: {get_input: glance_registry_network} + glance::api::registry_host: {get_input: glance_registry_host} glance::api::keystone_password: {get_input: glance_password} glance::api::debug: {get_input: debug} glance_notifier_strategy: {get_input: glance_notifier_strategy} @@ -992,7 +1125,7 @@ resources: glance::api::database_connection: {get_input: glance_dsn} glance::registry::keystone_password: {get_input: glance_password} glance::registry::database_connection: {get_input: glance_dsn} - glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + glance::registry::bind_host: {get_input: glance_registry_network} glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} @@ -1001,6 +1134,10 @@ resources: glance::backend::swift::swift_store_key: {get_input: glance_password} glance_backend: {get_input: glance_backend} glance::db::mysql::password: {get_input: glance_password} + glance_file_pcmk_device: {get_input: glance_file_pcmk_device} + glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype} + glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage} + glance_file_pcmk_options: {get_input: glance_file_pcmk_options} # Heat heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} @@ -1041,6 +1178,12 @@ resources: keystone::rabbit_port: {get_input: rabbit_client_port} keystone::notification_driver: {get_input: keystone_notification_driver} keystone::notification_format: {get_input: keystone_notification_format} + keystone::roles::admin::email: {get_input: admin_email} + keystone::roles::admin::password: {get_input: admin_password} + keystone::endpoint::public_url: {get_input: keystone_public_url} + keystone::endpoint::internal_url: {get_input: keystone_internal_url} + keystone::endpoint::admin_url: {get_input: keystone_identity_uri} + keystone::endpoint::region: {get_input: keystone_region} # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} mongodb::server::nojournal: {get_input: mongodb_no_journal} @@ -1074,6 +1217,9 @@ resources: neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_router_distributed: {get_input: neutron_router_distributed} + neutron::core_plugin: {get_input: neutron_core_plugin} + neutron::service_plugins: {get_input: neutron_service_plugins} + neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} @@ -1137,6 +1283,7 @@ resources: # Horizon apache::ip: {get_input: horizon_network} + horizon::allowed_hosts: {get_input: horizon_allowed_hosts} horizon::django_debug: {get_input: debug} horizon::secret_key: {get_input: horizon_secret} horizon::bind_address: {get_input: horizon_network} @@ -1145,6 +1292,7 @@ resources: # Rabbit rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} + rabbitmq::file_limit: {get_input: rabbit_fd_limit} # Redis redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} @@ -1156,7 +1304,9 @@ resources: public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} + tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata ControllerExtraConfigPre: @@ -1165,6 +1315,14 @@ resources: properties: server: {get_resource: Controller} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: ControllerExtraConfigPre + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: Controller} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -1238,6 +1396,7 @@ outputs: description: identifier which changes if the controller configuration may need re-applying value: list_join: - - ',' - - - {get_attr: [ControllerDeployment, deploy_stdout]} - - {get_attr: [ControllerExtraConfigPre, deploy_stdout]} + - ',' + - - {get_attr: [ControllerDeployment, deploy_stdout]} + - {get_attr: [ControllerExtraConfigPre, deploy_stdout]} + - {get_param: UpdateIdentifier} diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml index 277b0747..2413f5a4 100644 --- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml +++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml @@ -163,8 +163,17 @@ resources: config: | #!/bin/sh MACS=$(ifconfig | grep ether | awk '{print $2}' | tr "\n" " ") - HOSTNAME=$(hostname -f) - echo "$HOSTNAME $MACS" + HOST_FQDN=$(hostname -f) + if [ -z "$HOST_FQDN" ]; then + HOSTNAME=$(hostname -s) + # hardcoding the domain name to avoid DNS lookup dependency + # same type of hardcoding appears elsewhere + # --ie. controller-puppet.yaml + # FIXME_HOSTNAME_DOMAIN_HARDCODE + echo "$HOSTNAME.localdomain $MACS" + else + echo "$HOST_FQDN $MACS" + fi CollectMacDeploymentsController: type: OS::Heat::SoftwareDeployments @@ -256,10 +265,14 @@ resources: for (mac,swport) in nexus[nexus_switch]['servers'].iteritems(): lmac=mac.lower() if lmac in mac2host: - if mac2host[lmac] in nexus_cp[nexus_switch]['servers']: - nexus_cp[nexus_switch]['servers'][mac2host[lmac]]['ports'] += ',' + swport['ports'] + hostname = mac2host[lmac] + # for puppet we need a unique title even at the 2nd key level + serv_key = nexus_switch + "::" + hostname + if serv_key in nexus_cp[nexus_switch]['servers']: + nexus_cp[nexus_switch]['servers'][serv_key]['ports'] += ',' + swport['ports'] else: - nexus_cp[nexus_switch]['servers'][mac2host[lmac]] = swport + nexus_cp[nexus_switch]['servers'][serv_key] = swport + nexus_cp[nexus_switch]['servers'][serv_key]['hostname'] = hostname del nexus_cp[nexus_switch]['servers'][mac] # Note this echo means you can view the data via heat deployment-show print json.dumps(nexus_cp) diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml index 62907104..fadc8a00 100644 --- a/puppet/extraconfig/ceph/ceph-external-config.yaml +++ b/puppet/extraconfig/ceph/ceph-external-config.yaml @@ -29,6 +29,15 @@ parameters: type: comma_delimited_list ceph_mon_ips: type: comma_delimited_list + NovaRbdPoolName: + default: vms + type: string + CinderRbdPoolName: + default: volumes + type: string + GlanceRbdPoolName: + default: images + type: string resources: CephClusterConfigImpl: @@ -51,12 +60,21 @@ resources: secret: 'CLIENT_KEY', mode: '0644', cap_mon: 'allow r', - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images' + cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL' } }" params: CLIENT_KEY: {get_param: ceph_client_key} - + NOVA_POOL: {get_param: NovaRbdPoolName} + CINDER_POOL: {get_param: CinderRbdPoolName} + GLANCE_POOL: {get_param: GlanceRbdPoolName} + nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} + cinder_rbd_pool_name: {get_param: CinderRbdPoolName} + glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} + ceph_pools: + - {get_param: CinderRbdPoolName} + - {get_param: NovaRbdPoolName} + - {get_param: GlanceRbdPoolName} outputs: config_id: diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml index 18295a2f..7ec2190f 100644 --- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml +++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml @@ -18,6 +18,7 @@ parameters: type: string CinderNetappPassword: type: string + hidden: true CinderNetappServerHostname: type: string CinderNetappServerPort: @@ -65,6 +66,7 @@ parameters: CinderNetappSaPassword: type: string default: '' + hidden: true CinderNetappStoragePools: type: string default: '' diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml new file mode 100644 index 00000000..6730ddf1 --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml @@ -0,0 +1,179 @@ +heat_template_version: 2015-04-30 + +description: Configure hieradata for Cisco N1KV configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + N1000vVSMIP: + type: string + default: '192.0.2.50' + N1000vVSMDomainID: + type: number + default: 100 + N1000vVSMIPV6: + type: string + default: '::1' + N1000vVEMHostMgmtIntf: + type: string + default: 'br-ex' + N1000vUplinkProfile: + type: string + default: '{eth1: system-uplink,}' + N1000vVtepConfig: + type: string + default: '{}' + N1000vVEMSource: + type: string + default: '' + N1000vVEMVersion: + type: string + default: '' + N1000vPortDB: + type: string + default: 'ovs' + N1000vVtepsInSameSub: + type: boolean + default: false + N1000vVEMFastpathFlood: + type: string + default: 'enable' +#VSM Puppet Parameter + N1000vVSMSource: + type: string + default: '' + N1000vVSMVersion: + type: string + default: 'latest' + N1000vVSMHostMgmtIntf: + type: string + default: 'br-ex' + N1000vVSMRole: + type: string + default: 'primary' + N1000vVSMPassword: + type: string + default: 'Password' + N1000vMgmtNetmask: + type: string + default: '255.255.255.0' + N1000vMgmtGatewayIP: + type: string + default: '192.0.2.1' + N1000vPacemakerControl: + type: boolean + default: true + N1000vExistingBridge: + type: boolean + default: true + N1000vVSMHostMgmtIntfVlan: + type: number + default: 0 +#Plugin Parameters + N1000vVSMUser: + type: string + default: 'admin' + N1000vPollDuration: + type: number + default: 60 + N1000vHttpPoolSize: + type: number + default: 5 + N1000vHttpTimeout: + type: number + default: 15 + N1000vSyncInterval: + type: number + default: 300 + N1000vMaxVSMRetries: + type: number + default: 2 + +resources: + CiscoN1kvConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + cisco_n1kv_data: + mapped_data: + #enable_cisco_n1kv: {get_input: EnableCiscoN1kv} + # VEM Parameters + n1kv_vem_source: {get_input: n1kv_vem_source} + n1kv_vem_version: {get_input: n1kv_vem_version} + neutron::agents::n1kv_vem::n1kv_vsm_ip: {get_input: n1kv_vsm_ip} + neutron::agents::n1kv_vem::n1kv_vsm_domain_id: {get_input: n1kv_vsm_domain_id} + neutron::agents::n1kv_vem::n1kv_vsm_ip_v6: {get_input: n1kv_vsm_ip_v6} + neutron::agents::n1kv_vem::host_mgmt_intf: {get_input: n1kv_vem_host_mgmt_intf} + neutron::agents::n1kv_vem::uplink_profile: {get_input: n1kv_vem_uplink_profile} + neutron::agents::n1kv_vem::vtep_config: {get_input: n1kv_vem_vtep_config} + neutron::agents::n1kv_vem::portdb: {get_input: n1kv_vem_portdb} + neutron::agents::n1kv_vem::vteps_in_same_subnet: {get_input: n1kv_vem_vteps_in_same_subnet} + neutron::agents::n1kv_vem::fastpath_flood: {get_input: n1kv_vem_fastpath_flood} + #VSM Parameter + n1kv_vsm_source: {get_input: n1kv_vsm_source} + n1kv_vsm_version: {get_input: n1kv_vsm_version} + n1k_vsm::phy_if_bridge: {get_input: n1kv_vsm_host_mgmt_intf} + n1k_vsm::vsm_role: {get_input: n1kv_vsm_role} + n1k_vsm::pacemaker_control: {get_input: n1kv_vsm_pacemaker_ctrl} + n1k_vsm::existing_bridge: {get_input: n1kv_vsm_existing_br} + n1k_vsm::vsm_admin_passwd: {get_input: n1kv_vsm_password} + n1k_vsm::vsm_domain_id: {get_input: n1kv_vsm_domain_id} + n1k_vsm::vsm_mgmt_ip: {get_input: n1kv_vsm_ip} + n1k_vsm::vsm_mgmt_netmask: {get_input: n1kv_vsm_mgmt_netmask} + n1k_vsm::vsm_mgmt_gateway: {get_input: n1kv_vsm_gateway_ip} + n1k_vsm::phy_gateway: {get_input: n1kv_vsm_gateway_ip} + n1k_vsm::phy_bridge_vlan: {get_input: n1kv_phy_brige_vlan} + # Cisco N1KV driver Parameters + neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_ip: {get_input: n1kv_vsm_ip} + neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_username: {get_input: n1kv_vsm_username} + neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_password: {get_input: n1kv_vsm_password} + neutron::plugins::ml2::cisco::nexus1000v::poll_duration: {get_input: n1kv_vsm_poll_duration} + neutron::plugins::ml2::cisco::nexus1000v::http_pool_size: {get_input: n1kv_vsm_http_pool_size} + neutron::plugins::ml2::cisco::nexus1000v::http_timeout: {get_input: n1kv_vsm_http_timeout} + neutron::plugins::ml2::cisco::nexus1000v::n1kv_vsm_sync_interval: {get_input: n1kv_vsm_sync_interval} + neutron::plugins::ml2::cisco::nexus1000v::max_vsm_retries: {get_input: n1kv_max_vsm_retries} + + CiscoN1kvDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: CiscoN1kvConfig} + server: {get_param: server} + input_values: + n1kv_vsm_ip: {get_param: N1000vVSMIP} + n1kv_vsm_domain_id: {get_param: N1000vVSMDomainID} + n1kv_vsm_ip_v6: {get_param: N1000vVSMIPV6} + n1kv_vem_host_mgmt_intf: {get_param: N1000vVEMHostMgmtIntf} + n1kv_vem_uplink_profile: {get_param: N1000vUplinkProfile} + n1kv_vem_vtep_config: {get_param: N1000vVtepConfig} + n1kv_vem_source: {get_param: N1000vVEMSource} + n1kv_vem_version: {get_param: N1000vVEMVersion} + n1kv_vem_portdb: {get_param: N1000vPortDB} + n1kv_vem_vteps_in_same_subnet: {get_param: N1000vVtepsInSameSub} + n1kv_vem_fastpath_flood: {get_param: N1000vVEMFastpathFlood} + n1kv_vsm_source: {get_param: N1000vVSMSource} + n1kv_vsm_version: {get_param: N1000vVSMVersion} + n1kv_vsm_host_mgmt_intf: {get_param: N1000vVSMHostMgmtIntf} + n1kv_vsm_role: {get_param: N1000vVSMRole} + n1kv_vsm_password: {get_param: N1000vVSMPassword} + n1kv_vsm_mgmt_netmask: {get_param: N1000vMgmtNetmask} + n1kv_vsm_gateway_ip: {get_param: N1000vMgmtGatewayIP} + n1kv_phy_brige_vlan: {get_param: N1000vVSMHostMgmtIntfVlan} + n1kv_vsm_pacemaker_ctrl: {get_param: N1000vPacemakerControl} + n1kv_vsm_existing_br: {get_param: N1000vExistingBridge} + n1kv_vsm_username: {get_param: N1000vVSMUser} + n1kv_vsm_poll_duration: {get_param: N1000vPollDuration} + n1kv_vsm_http_pool_size: {get_param: N1000vHttpPoolSize} + n1kv_vsm_http_timeout: {get_param: N1000vHttpTimeout} + n1kv_vsm_sync_interval: {get_param: N1000vSyncInterval} + n1kv_max_vsm_retries: {get_param: N1000vMaxVSMRetries} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [CiscoN1kvDeployment, deploy_stdout]} diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml new file mode 100644 index 00000000..80c8ad6e --- /dev/null +++ b/puppet/extraconfig/pre_deploy/per_node.yaml @@ -0,0 +1,56 @@ +heat_template_version: 2015-04-30 + +description: Configure hieradata overrides for specific nodes + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + + # Config specific parameters, to be provided via parameter_defaults + # This would be a lookup of the node UUID as provided by dmidecode + # to the json required for the node-specific hieradata + # Note this needs to be a json blob e.g: + # parameter_defaults: + # NodeDataLookup: | + # {"AB4114B1-9C9D-409A-BEFB-D88C151BF2C3": {"foo": "bar"}, + # "8CF1A7EA-7B4B-4433-AC83-17675514B1B8": {"foo2": "bar2"}} + NodeDataLookup: + type: string + default: '' + description: json string containing per-node configuration map + +resources: + NodeSpecificConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: node_lookup + config: | + #!/bin/sh + node_id=$(dmidecode --s system-uuid) + + # Create a /etc/puppet/hieradata/UUID.json file to provide + # the data of the NodeDataLookup parameter that matches the + # system UUID + echo $node_lookup | python -c " + import json + import sys + input = sys.stdin.readline() or '{}' + cnt = json.loads(input) + print json.dumps(cnt.get('${node_id}', {})) + " > /etc/puppet/hieradata/${node_id}.json + + NodeSpecificDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: NodeSpecificConfig} + server: {get_param: server} + input_values: + node_lookup: {get_param: NodeDataLookup} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [NodeSpecificDeployment, deploy_stdout]} diff --git a/puppet/hieradata/ceph.yaml b/puppet/hieradata/ceph.yaml index 18a48622..ca6d3954 100644 --- a/puppet/hieradata/ceph.yaml +++ b/puppet/hieradata/ceph.yaml @@ -7,11 +7,6 @@ ceph::profile::params::osds: {/srv/data: {}} ceph::profile::params::manage_repo: false ceph::profile::params::authentication_type: cephx -ceph_pools: - - volumes - - vms - - images - ceph_classes: [] ceph_osd_selinux_permissive: true diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 455f7f22..030f661d 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -14,11 +14,6 @@ nova::network::neutron::vif_plugging_timeout: 30 nova::network::neutron::dhcp_domain: '' neutron::allow_overlapping_ips: true -neutron::plugins::ml2::type_drivers: - - flat - - gre - - vxlan - - vlan sysctl_settings: net.ipv4.tcp_keepalive_intvl: @@ -34,3 +29,5 @@ cinder::rabbit_heartbeat_timeout_threshold: 60 ceilometer::rabbit_heartbeat_timeout_threshold: 60 heat::rabbit_heartbeat_timeout_threshold: 60 keystone::rabbit_heartbeat_timeout_threshold: 60 + +nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index bb49bb90..659008a5 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -12,15 +12,9 @@ nova::compute::libvirt::migration_support: true nova::compute::rbd::libvirt_rbd_user: 'openstack' nova::compute::rbd::rbd_keyring: 'client.openstack' -nova::compute::rbd::libvirt_images_rbd_pool: 'vms' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" -nova::config::nova_config: - cinder/catalog_info: - value: 'volumev2:cinderv2:internalURL' - DEFAULT/default_floating_pool: - value: 'public' - ceilometer::agent::auth::auth_tenant_name: 'service' +ceilometer::agent::auth::auth_endpoint_type: 'internalURL' -compute_classes: []
\ No newline at end of file +compute_classes: [] diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 798e63f6..a4914c0e 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -42,6 +42,8 @@ heat::keystone_tenant: 'service' # keystone keystone::cron::token_flush::maxdelay: 3600 +keystone::roles::admin::service_tenant: 'service' +keystone::roles::admin::admin_tenant: 'admin' #swift swift::proxy::pipeline: @@ -51,9 +53,9 @@ swift::proxy::pipeline: - 'ratelimit' - 'tempurl' - 'formpost' - - 'staticweb' - 'authtoken' - 'keystone' + - 'staticweb' - 'proxy-logging' - 'proxy-server' @@ -65,22 +67,20 @@ glance::api::show_image_direct_url: true glance::registry::pipeline: 'keystone' glance::backend::swift::swift_store_create_container_on_put: true glance::backend::rbd::rbd_store_user: 'openstack' +glance_file_pcmk_directory: '/var/lib/glance/images' # neutron -neutron::core_plugin: 'ml2' -neutron::service_plugins: - - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' neutron::server::sync_db: true neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf # nova nova::notify_on_state_change: 'vm_and_task_state' +nova::api::default_floating_pool: 'public' nova::api::osapi_v3: true nova::scheduler::filter::ram_allocation_ratio: '1.0' -nova::config::nova_config: - DEFAULT/default_floating_pool: - value: 'public' +# ceilometer +ceilometer::agent::auth::auth_endpoint_type: 'internalURL' # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler @@ -97,12 +97,14 @@ pacemaker::resource_defaults::defaults: resource-stickiness: { value: INFINITY } # horizon -horizon::allowed_hosts: '*' +horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache horizon::django_session_engine: 'django.contrib.sessions.backends.cache' +horizon::vhost_extra_params: + add_listen: false + priority: 10 # mysql mysql::server::manage_config_file: true -mysql::server::remove_default_accounts: true tripleo::loadbalancer::keystone_admin: true diff --git a/puppet/hieradata/object.yaml b/puppet/hieradata/object.yaml index 3a379035..d4a0e81d 100644 --- a/puppet/hieradata/object.yaml +++ b/puppet/hieradata/object.yaml @@ -1,4 +1,7 @@ # Hiera data for swift storage nodes +swift::storage::all::incoming_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' +swift::storage::all::outgoing_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' + swift::storage::all::object_pipeline: - healthcheck - recon @@ -15,4 +18,4 @@ swift::proxy::keystone::operator_roles: - swiftoperator - ResellerAdmin -object_classes: []
\ No newline at end of file +object_classes: [] diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 6c5dda42..51f5e88d 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -include tripleo::packages +include ::tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -25,13 +25,13 @@ if str2bool(hiera('ceph_osd_selinux_permissive', true)) { exec { 'set selinux to permissive on boot': command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", - path => ["/usr/bin", "/usr/sbin"], + path => ['/usr/bin', '/usr/sbin'], } exec { 'set selinux to permissive': - command => "setenforce 0", + command => 'setenforce 0', onlyif => "which setenforce && getenforce | grep -i 'enforcing'", - path => ["/usr/bin", "/usr/sbin"], + path => ['/usr/bin', '/usr/sbin'], } -> Class['ceph::profile::osd'] } @@ -39,3 +39,4 @@ include ::ceph::profile::client include ::ceph::profile::osd hiera_include('ceph_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index e6fa9471..4c927569 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -include tripleo::packages +include ::tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -24,14 +24,14 @@ if count(hiera('ntp::servers')) > 0 { file { ['/etc/libvirt/qemu/networks/autostart/default.xml', '/etc/libvirt/qemu/networks/default.xml']: ensure => absent, - before => Service['libvirt'] + before => Service['libvirt'], } # in case libvirt has been already running before the Puppet run, make # sure the default network is destroyed exec { 'libvirt-default-net-destroy': command => '/usr/bin/virsh net-destroy default', - onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"', - before => Service['libvirt'], + onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"', + before => Service['libvirt'], } include ::nova @@ -43,8 +43,9 @@ nova_config { 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; } -$nova_enable_rbd_backend = hiera('nova::compute::rbd::ephemeral_storage', false) -if $nova_enable_rbd_backend { +$rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false) +$rbd_persistent_storage = hiera('rbd_persistent_storage', false) +if $rbd_ephemeral_storage or $rbd_persistent_storage { include ::ceph::profile::client $client_keys = hiera('ceph::profile::params::client_keys') @@ -54,10 +55,10 @@ if $nova_enable_rbd_backend { } if hiera('cinder_enable_nfs_backend', false) { - if ($::selinux != "false") { + if str2bool($::selinux) { selboolean { 'virt_use_nfs': - value => on, - persistent => true, + value => on, + persistent => true, } -> Package['nfs-utils'] } @@ -68,17 +69,26 @@ include ::nova::compute::libvirt include ::nova::network::neutron include ::neutron -class { 'neutron::plugins::ml2': +class { '::neutron::plugins::ml2': flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], } -class { 'neutron::agents::ml2::ovs': +class { '::neutron::agents::ml2::ovs': bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), tunnel_types => split(hiera('neutron_tunnel_types'), ','), } +if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') { + class { '::neutron::agents::n1kv_vem': + n1kv_source => hiera('n1kv_vem_source', undef), + n1kv_version => hiera('n1kv_vem_version', undef), + } +} + + include ::ceilometer +include ::ceilometer::config include ::ceilometer::agent::compute include ::ceilometer::agent::auth @@ -87,9 +97,10 @@ snmp::snmpv3_user { $snmpd_user: authtype => 'MD5', authpass => hiera('snmpd_readonly_user_password'), } -class { 'snmp': +class { '::snmp': agentaddress => ['udp:161','udp6:[::1]:161'], snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } hiera_include('compute_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index fdb16ea2..695cb519 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -include tripleo::packages +include ::tripleo::packages if hiera('step') >= 1 { @@ -70,21 +70,22 @@ if hiera('step') >= 2 { include ::tripleo::redis_notification } - if str2bool(hiera('enable_galera', 'true')) { + if str2bool(hiera('enable_galera', true)) { $mysql_config_file = '/etc/my.cnf.d/galera.cnf' } else { $mysql_config_file = '/etc/my.cnf.d/server.cnf' } # TODO Galara - class { 'mysql::server': - config_file => $mysql_config_file, - override_options => { + class { '::mysql::server': + config_file => $mysql_config_file, + override_options => { 'mysqld' => { - 'bind-address' => hiera('mysql_bind_host'), - 'max_connections' => hiera('mysql_max_connections'), + 'bind-address' => hiera('mysql_bind_host'), + 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', }, - } + }, + remove_default_accounts => true, } # FIXME: this should only occur on the bootstrap host (ditto for db syncs) @@ -125,31 +126,31 @@ if hiera('step') >= 2 { $enable_ceph = hiera('ceph_storage_count', 0) > 0 if $enable_ceph { - class { 'ceph::profile::params': - mon_initial_members => downcase(hiera('ceph_mon_initial_members')) + class { '::ceph::profile::params': + mon_initial_members => downcase(hiera('ceph_mon_initial_members')), } include ::ceph::profile::mon } - if str2bool(hiera('enable_ceph_storage', 'false')) { + if str2bool(hiera('enable_ceph_storage', false)) { if str2bool(hiera('ceph_osd_selinux_permissive', true)) { exec { 'set selinux to permissive on boot': command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", - path => ["/usr/bin", "/usr/sbin"], + path => ['/usr/bin', '/usr/sbin'], } exec { 'set selinux to permissive': - command => "setenforce 0", + command => 'setenforce 0', onlyif => "which setenforce && getenforce | grep -i 'enforcing'", - path => ["/usr/bin", "/usr/sbin"], + path => ['/usr/bin', '/usr/sbin'], } -> Class['ceph::profile::osd'] } include ::ceph::profile::osd } - if str2bool(hiera('enable_external_ceph', 'false')) { + if str2bool(hiera('enable_external_ceph', false)) { include ::ceph::profile::client } @@ -158,6 +159,8 @@ if hiera('step') >= 2 { if hiera('step') >= 3 { include ::keystone + include ::keystone::roles::admin + include ::keystone::endpoint #TODO: need a cleanup-keystone-tokens.sh solution here keystone_config { @@ -193,9 +196,9 @@ if hiera('step') >= 3 { $glance_backend = downcase(hiera('glance_backend', 'swift')) case $glance_backend { - swift: { $backend_store = 'glance.store.swift.Store' } - file: { $backend_store = 'glance.store.filesystem.Store' } - rbd: { $backend_store = 'glance.store.rbd.Store' } + 'swift': { $backend_store = 'glance.store.swift.Store' } + 'file': { $backend_store = 'glance.store.filesystem.Store' } + 'rbd': { $backend_store = 'glance.store.rbd.Store' } default: { fail('Unrecognized glance_backend parameter.') } } $http_store = ['glance.store.http.Store'] @@ -203,8 +206,8 @@ if hiera('step') >= 3 { # TODO: notifications, scrubber, etc. include ::glance - class { 'glance::api': - known_stores => $glance_store + class { '::glance::api': + known_stores => $glance_store, } include ::glance::registry include join(['::glance::backend::', $glance_backend]) @@ -236,14 +239,28 @@ if hiera('step') >= 3 { require => Package['neutron'], } - class { 'neutron::plugins::ml2': - flat_networks => split(hiera('neutron_flat_networks'), ','), + class { '::neutron::plugins::ml2': + flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - mechanism_drivers => [hiera('neutron_mechanism_drivers')], + mechanism_drivers => [hiera('neutron_mechanism_drivers')], } - class { 'neutron::agents::ml2::ovs': + class { '::neutron::agents::ml2::ovs': bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), - tunnel_types => split(hiera('neutron_tunnel_types'), ','), + tunnel_types => split(hiera('neutron_tunnel_types'), ','), + } + if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::nexus1000v + + class { '::neutron::agents::n1kv_vem': + n1kv_source => hiera('n1kv_vem_source', undef), + n1kv_version => hiera('n1kv_vem_version', undef), + } + + class { '::n1k_vsm': + n1kv_source => hiera('n1kv_vsm_source', undef), + n1kv_version => hiera('n1kv_vsm_version', undef), + pacemaker_control => false, + } } if 'cisco_ucsm' in hiera('neutron_mechanism_drivers') { @@ -255,7 +272,7 @@ if hiera('step') >= 3 { } if hiera('neutron_enable_bigswitch_ml2', false) { - include neutron::plugins::ml2::bigswitch::restproxy + include ::neutron::plugins::ml2::bigswitch::restproxy } neutron_l3_agent_config { 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); @@ -274,7 +291,7 @@ if hiera('step') >= 3 { include ::cinder::glance include ::cinder::scheduler include ::cinder::volume - class {'cinder::setup_test_volume': + class { '::cinder::setup_test_volume': size => join([hiera('cinder_lvm_loop_device_size'), 'M']), } @@ -299,7 +316,7 @@ if hiera('step') >= 3 { $ceph_pools = hiera('ceph_pools') ceph::pool { $ceph_pools : } - $cinder_pool_requires = [Ceph::Pool['volumes']] + $cinder_pool_requires = [Ceph::Pool[hiera('cinder_rbd_pool_name')]] } else { $cinder_pool_requires = [] @@ -309,7 +326,7 @@ if hiera('step') >= 3 { $cinder_rbd_backend = 'tripleo_ceph' cinder::backend::rbd { $cinder_rbd_backend : - rbd_pool => 'volumes', + rbd_pool => hiera('cinder_rbd_pool_name'), rbd_user => 'openstack', rbd_secret_uuid => hiera('ceph::profile::params::fsid'), require => $cinder_pool_requires, @@ -354,18 +371,18 @@ if hiera('step') >= 3 { if hiera('cinder_enable_nfs_backend', false) { $cinder_nfs_backend = 'tripleo_nfs' - if ($::selinux != "false") { + if str2bool($::selinux) { selboolean { 'virt_use_nfs': - value => on, - persistent => true, + value => on, + persistent => true, } -> Package['nfs-utils'] } package {'nfs-utils': } -> cinder::backend::nfs { $cinder_nfs_backend : - nfs_servers => hiera('cinder_nfs_servers'), - nfs_mount_options => hiera('cinder_nfs_mount_options'), - nfs_shares_config => '/etc/cinder/shares-nfs.conf', + nfs_servers => hiera('cinder_nfs_servers'), + nfs_mount_options => hiera('cinder_nfs_mount_options'), + nfs_shares_config => '/etc/cinder/shares-nfs.conf', } } @@ -389,9 +406,9 @@ if hiera('step') >= 3 { include ::swift::proxy::formpost # swift storage - if str2bool(hiera('enable_swift_storage', 'true')) { - class {'swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')) + if str2bool(hiera('enable_swift_storage', true)) { + class { '::swift::storage::all': + mount_check => str2bool(hiera('swift_mount_check')), } if(!defined(File['/srv/node'])) { file { '/srv/node': @@ -417,6 +434,7 @@ if hiera('step') >= 3 { } } include ::ceilometer + include ::ceilometer::config include ::ceilometer::api include ::ceilometer::agent::notification include ::ceilometer::agent::central @@ -424,7 +442,7 @@ if hiera('step') >= 3 { include ::ceilometer::alarm::evaluator include ::ceilometer::expirer include ::ceilometer::collector - include ceilometer::agent::auth + include ::ceilometer::agent::auth class { '::ceilometer::db' : database_connection => $ceilometer_database_connection, } @@ -439,10 +457,16 @@ if hiera('step') >= 3 { include ::heat::engine # Horizon - $vhost_params = { add_listen => false } - class { 'horizon': - cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), - vhost_extra_params => $vhost_params, + if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') { + $_profile_support = 'cisco' + } else { + $_profile_support = 'None' + } + $neutron_options = {'profile_support' => $_profile_support } + + class { '::horizon': + cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), + neutron_options => $neutron_options, } $snmpd_user = hiera('snmpd_readonly_user_name') @@ -450,7 +474,7 @@ if hiera('step') >= 3 { authtype => 'MD5', authpass => hiera('snmpd_readonly_user_password'), } - class { 'snmp': + class { '::snmp': agentaddress => ['udp:161','udp6:[::1]:161'], snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } @@ -462,3 +486,6 @@ if hiera('step') >= 3 { if hiera('step') >= 4 { include ::keystone::cron::token_flush } #END STEP 4 + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index e4a179d6..91bc1b14 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -18,7 +18,7 @@ Pcmk_resource <| |> { try_sleep => 3, } -include tripleo::packages +include ::tripleo::packages if $::hostname == downcase(hiera('bootstrap_nodeid')) { $pacemaker_master = true @@ -28,7 +28,7 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) { $sync_db = false } -$enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5 +$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5 # When to start and enable services which haven't been Pacemakerized # FIXME: remove when we start all OpenStack services using Pacemaker @@ -55,7 +55,7 @@ if hiera('step') >= 1 { $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G')) user { 'hacluster': - ensure => present, + ensure => present, } -> class { '::pacemaker': hacluster_pwd => hiera('hacluster_pwd'), @@ -68,7 +68,7 @@ if hiera('step') >= 1 { disable => !$enable_fencing, } if $enable_fencing { - include tripleo::fencing + include ::tripleo::fencing # enable stonith after all fencing devices have been created Class['tripleo::fencing'] -> Class['pacemaker::stonith'] @@ -93,7 +93,7 @@ if hiera('step') >= 1 { environment_variables => hiera('rabbitmq_environment'), } -> file { '/var/lib/rabbitmq/.erlang.cookie': - ensure => 'present', + ensure => file, owner => 'rabbitmq', group => 'rabbitmq', mode => '0400', @@ -120,7 +120,7 @@ if hiera('step') >= 1 { } # Galera - if str2bool(hiera('enable_galera', 'true')) { + if str2bool(hiera('enable_galera', true)) { $mysql_config_file = '/etc/my.cnf.d/galera.cnf' } else { $mysql_config_file = '/etc/my.cnf.d/server.cnf' @@ -154,16 +154,17 @@ if hiera('step') >= 1 { 'wsrep_causal_reads' => '0', 'wsrep_notify_cmd' => '', 'wsrep_sst_method' => 'rsync', - } + }, } class { '::mysql::server': - create_root_user => false, - create_root_my_cnf => false, - config_file => $mysql_config_file, - override_options => $mysqld_options, - service_manage => false, - service_enabled => false, + create_root_user => false, + create_root_my_cnf => false, + config_file => $mysql_config_file, + override_options => $mysqld_options, + remove_default_accounts => $pacemaker_master, + service_manage => false, + service_enabled => false, } } @@ -177,7 +178,7 @@ if hiera('step') >= 2 { if $pacemaker_master { - include pacemaker::resource_defaults + include ::pacemaker::resource_defaults # FIXME: we should not have to access tripleo::loadbalancer class # parameters here to configure pacemaker VIPs. The configuration @@ -198,8 +199,8 @@ if hiera('step') >= 2 { first_action => 'start', second_action => 'start', constraint_params => 'kind=Optional', - require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Ip['control_vip']], + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['control_vip']], } pacemaker::constraint::colocation { 'control_vip-with-haproxy': source => "ip-${control_vip}", @@ -221,8 +222,8 @@ if hiera('step') >= 2 { first_action => 'start', second_action => 'start', constraint_params => 'kind=Optional', - require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Ip['public_vip']], + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['public_vip']], } pacemaker::constraint::colocation { 'public_vip-with-haproxy': source => "ip-${public_vip}", @@ -245,8 +246,8 @@ if hiera('step') >= 2 { first_action => 'start', second_action => 'start', constraint_params => 'kind=Optional', - require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Ip['redis_vip']], + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['redis_vip']], } pacemaker::constraint::colocation { 'redis_vip-with-haproxy': source => "ip-${redis_vip}", @@ -269,8 +270,8 @@ if hiera('step') >= 2 { first_action => 'start', second_action => 'start', constraint_params => 'kind=Optional', - require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Ip['internal_api_vip']], + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['internal_api_vip']], } pacemaker::constraint::colocation { 'internal_api_vip-with-haproxy': source => "ip-${internal_api_vip}", @@ -293,8 +294,8 @@ if hiera('step') >= 2 { first_action => 'start', second_action => 'start', constraint_params => 'kind=Optional', - require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Ip['storage_vip']], + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['storage_vip']], } pacemaker::constraint::colocation { 'storage_vip-with-haproxy': source => "ip-${storage_vip}", @@ -317,8 +318,8 @@ if hiera('step') >= 2 { first_action => 'start', second_action => 'start', constraint_params => 'kind=Optional', - require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Ip['storage_mgmt_vip']], + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['storage_mgmt_vip']], } pacemaker::constraint::colocation { 'storage_mgmt_vip-with-haproxy': source => "ip-${storage_mgmt_vip}", @@ -330,7 +331,7 @@ if hiera('step') >= 2 { } pacemaker::resource::service { $::memcached::params::service_name : - clone_params => true, + clone_params => 'interleave=true', require => Class['::memcached'], } @@ -384,7 +385,7 @@ if hiera('step') >= 2 { timeout => 30, tries => 180, try_sleep => 10, - environment => ["AVAILABLE_WHEN_READONLY=0"], + environment => ['AVAILABLE_WHEN_READONLY=0'], require => File['/etc/sysconfig/clustercheck'], } @@ -410,28 +411,28 @@ MYSQL_HOST=localhost\n", # Create all the database schemas if $sync_db { - class { 'keystone::db::mysql': - require => Exec['galera-ready'], + class { '::keystone::db::mysql': + require => Exec['galera-ready'], } - class { 'glance::db::mysql': - require => Exec['galera-ready'], + class { '::glance::db::mysql': + require => Exec['galera-ready'], } - class { 'nova::db::mysql': - require => Exec['galera-ready'], + class { '::nova::db::mysql': + require => Exec['galera-ready'], } - class { 'neutron::db::mysql': - require => Exec['galera-ready'], + class { '::neutron::db::mysql': + require => Exec['galera-ready'], } - class { 'cinder::db::mysql': - require => Exec['galera-ready'], + class { '::cinder::db::mysql': + require => Exec['galera-ready'], } - class { 'heat::db::mysql': - require => Exec['galera-ready'], + class { '::heat::db::mysql': + require => Exec['galera-ready'], } if downcase(hiera('ceilometer_backend')) == 'mysql' { - class { 'ceilometer::db::mysql': - require => Exec['galera-ready'], + class { '::ceilometer::db::mysql': + require => Exec['galera-ready'], } } } @@ -443,31 +444,31 @@ MYSQL_HOST=localhost\n", $enable_ceph = hiera('ceph_storage_count', 0) > 0 if $enable_ceph { - class { 'ceph::profile::params': - mon_initial_members => downcase(hiera('ceph_mon_initial_members')) + class { '::ceph::profile::params': + mon_initial_members => downcase(hiera('ceph_mon_initial_members')), } include ::ceph::profile::mon } - if str2bool(hiera('enable_ceph_storage', 'false')) { + if str2bool(hiera('enable_ceph_storage', false)) { if str2bool(hiera('ceph_osd_selinux_permissive', true)) { exec { 'set selinux to permissive on boot': command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", - path => ["/usr/bin", "/usr/sbin"], + path => ['/usr/bin', '/usr/sbin'], } exec { 'set selinux to permissive': - command => "setenforce 0", + command => 'setenforce 0', onlyif => "which setenforce && getenforce | grep -i 'enforcing'", - path => ["/usr/bin", "/usr/sbin"], + path => ['/usr/bin', '/usr/sbin'], } -> Class['ceph::profile::osd'] } include ::ceph::profile::osd } - if str2bool(hiera('enable_external_ceph', 'false')) { + if str2bool(hiera('enable_external_ceph', false)) { include ::ceph::profile::client } @@ -477,9 +478,9 @@ MYSQL_HOST=localhost\n", if hiera('step') >= 3 { class { '::keystone': - sync_db => $sync_db, + sync_db => $sync_db, manage_service => false, - enabled => false, + enabled => false, } #TODO: need a cleanup-keystone-tokens.sh solution here @@ -516,25 +517,35 @@ if hiera('step') >= 3 { $glance_backend = downcase(hiera('glance_backend', 'swift')) case $glance_backend { - swift: { $backend_store = 'glance.store.swift.Store' } - file: { $backend_store = 'glance.store.filesystem.Store' } - rbd: { $backend_store = 'glance.store.rbd.Store' } + 'swift': { $backend_store = 'glance.store.swift.Store' } + 'file': { $backend_store = 'glance.store.filesystem.Store' } + 'rbd': { $backend_store = 'glance.store.rbd.Store' } default: { fail('Unrecognized glance_backend parameter.') } } $http_store = ['glance.store.http.Store'] $glance_store = concat($http_store, $backend_store) + if $glance_backend == 'file' and hiera('glance_file_pcmk_manage', false) { + pacemaker::resource::filesystem { 'glance-fs': + device => hiera('glance_file_pcmk_device'), + directory => hiera('glance_file_pcmk_directory'), + fstype => hiera('glance_file_pcmk_fstype'), + fsoptions => hiera('glance_file_pcmk_options', ''), + clone_params => '', + } + } + # TODO: notifications, scrubber, etc. include ::glance - class { 'glance::api': - known_stores => $glance_store, + class { '::glance::api': + known_stores => $glance_store, manage_service => false, - enabled => false, + enabled => false, } class { '::glance::registry' : - sync_db => $sync_db, + sync_db => $sync_db, manage_service => false, - enabled => false, + enabled => false, } include join(['::glance::backend::', $glance_backend]) @@ -545,51 +556,51 @@ if hiera('step') >= 3 { include ::nova::config class { '::nova::api' : - sync_db => $sync_db, + sync_db => $sync_db, manage_service => false, - enabled => false, + enabled => false, } class { '::nova::cert' : manage_service => false, - enabled => false, + enabled => false, } class { '::nova::conductor' : manage_service => false, - enabled => false, + enabled => false, } class { '::nova::consoleauth' : manage_service => false, - enabled => false, + enabled => false, } class { '::nova::vncproxy' : manage_service => false, - enabled => false, + enabled => false, } include ::nova::scheduler::filter class { '::nova::scheduler' : manage_service => false, - enabled => false, + enabled => false, } include ::nova::network::neutron # Neutron class definitions include ::neutron class { '::neutron::server' : - sync_db => $sync_db, + sync_db => $sync_db, manage_service => false, - enabled => false, + enabled => false, } class { '::neutron::agents::dhcp' : manage_service => false, - enabled => false, + enabled => false, } class { '::neutron::agents::l3' : manage_service => false, - enabled => false, + enabled => false, } - class { 'neutron::agents::metadata': + class { '::neutron::agents::metadata': manage_service => false, - enabled => false, + enabled => false, } file { '/etc/neutron/dnsmasq-neutron.conf': content => hiera('neutron_dnsmasq_options'), @@ -598,16 +609,16 @@ if hiera('step') >= 3 { notify => Service['neutron-dhcp-service'], require => Package['neutron'], } - class { 'neutron::plugins::ml2': - flat_networks => split(hiera('neutron_flat_networks'), ','), + class { '::neutron::plugins::ml2': + flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - mechanism_drivers => [hiera('neutron_mechanism_drivers')], + mechanism_drivers => [hiera('neutron_mechanism_drivers')], } - class { 'neutron::agents::ml2::ovs': - manage_service => false, - enabled => false, - bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), - tunnel_types => split(hiera('neutron_tunnel_types'), ','), + class { '::neutron::agents::ml2::ovs': + manage_service => false, + enabled => false, + bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), + tunnel_types => split(hiera('neutron_tunnel_types'), ','), } if 'cisco_ucsm' in hiera('neutron_mechanism_drivers') { @@ -617,9 +628,22 @@ if hiera('step') >= 3 { include ::neutron::plugins::ml2::cisco::nexus include ::neutron::plugins::ml2::cisco::type_nexus_vxlan } + if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::nexus1000v + + class { '::neutron::agents::n1kv_vem': + n1kv_source => hiera('n1kv_vem_source', undef), + n1kv_version => hiera('n1kv_vem_version', undef), + } + + class { '::n1k_vsm': + n1kv_source => hiera('n1kv_vsm_source', undef), + n1kv_version => hiera('n1kv_vsm_version', undef), + } + } if hiera('neutron_enable_bigswitch_ml2', false) { - include neutron::plugins::ml2::bigswitch::restproxy + include ::neutron::plugins::ml2::bigswitch::restproxy } neutron_l3_agent_config { 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); @@ -630,20 +654,20 @@ if hiera('step') >= 3 { include ::cinder class { '::cinder::api': - sync_db => $sync_db, + sync_db => $sync_db, manage_service => false, - enabled => false, + enabled => false, } class { '::cinder::scheduler' : manage_service => false, - enabled => false, + enabled => false, } class { '::cinder::volume' : manage_service => false, - enabled => false, + enabled => false, } include ::cinder::glance - class {'cinder::setup_test_volume': + class { '::cinder::setup_test_volume': size => join([hiera('cinder_lvm_loop_device_size'), 'M']), } @@ -668,7 +692,7 @@ if hiera('step') >= 3 { $ceph_pools = hiera('ceph_pools') ceph::pool { $ceph_pools : } - $cinder_pool_requires = [Ceph::Pool['volumes']] + $cinder_pool_requires = [Ceph::Pool[hiera('cinder_rbd_pool_name')]] } else { $cinder_pool_requires = [] @@ -678,7 +702,7 @@ if hiera('step') >= 3 { $cinder_rbd_backend = 'tripleo_ceph' cinder::backend::rbd { $cinder_rbd_backend : - rbd_pool => 'volumes', + rbd_pool => hiera('cinder_rbd_pool_name'), rbd_user => 'openstack', rbd_secret_uuid => hiera('ceph::profile::params::fsid'), require => $cinder_pool_requires, @@ -723,18 +747,18 @@ if hiera('step') >= 3 { if hiera('cinder_enable_nfs_backend', false) { $cinder_nfs_backend = 'tripleo_nfs' - if ($::selinux != "false") { + if str2bool($::selinux) { selboolean { 'virt_use_nfs': - value => on, - persistent => true, + value => on, + persistent => true, } -> Package['nfs-utils'] } - package {'nfs-utils': } -> + package { 'nfs-utils': } -> cinder::backend::nfs { $cinder_nfs_backend: - nfs_servers => hiera('cinder_nfs_servers'), - nfs_mount_options => hiera('cinder_nfs_mount_options'), - nfs_shares_config => '/etc/cinder/shares-nfs.conf', + nfs_servers => hiera('cinder_nfs_servers'), + nfs_mount_options => hiera('cinder_nfs_mount_options'), + nfs_shares_config => '/etc/cinder/shares-nfs.conf', } } @@ -746,7 +770,7 @@ if hiera('step') >= 3 { # swift proxy class { '::swift::proxy' : manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + enabled => $non_pcmk_start, } include ::swift::proxy::proxy_logging include ::swift::proxy::healthcheck @@ -760,21 +784,21 @@ if hiera('step') >= 3 { include ::swift::proxy::formpost # swift storage - if str2bool(hiera('enable_swift_storage', 'true')) { + if str2bool(hiera('enable_swift_storage', true)) { class {'::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')) + mount_check => str2bool(hiera('swift_mount_check')), } class {'::swift::storage::account': manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + enabled => $non_pcmk_start, } class {'::swift::storage::container': manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + enabled => $non_pcmk_start, } class {'::swift::storage::object': manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, + enabled => $non_pcmk_start, } if(!defined(File['/srv/node'])) { file { '/srv/node': @@ -790,47 +814,47 @@ if hiera('step') >= 3 { } # Ceilometer - $ceilometer_backend = downcase(hiera('ceilometer_backend')) - case $ceilometer_backend { - /mysql/ : { + case downcase(hiera('ceilometer_backend')) { + /mysql/: { $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string') } - default : { + default: { $mongo_node_string = join($mongo_node_ips_with_port, ',') $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}" } } include ::ceilometer + include ::ceilometer::config class { '::ceilometer::api' : manage_service => false, - enabled => false, + enabled => false, } class { '::ceilometer::agent::notification' : manage_service => false, - enabled => false, + enabled => false, } class { '::ceilometer::agent::central' : manage_service => false, - enabled => false, + enabled => false, } class { '::ceilometer::alarm::notifier' : manage_service => false, - enabled => false, + enabled => false, } class { '::ceilometer::alarm::evaluator' : manage_service => false, - enabled => false, + enabled => false, } class { '::ceilometer::collector' : manage_service => false, - enabled => false, + enabled => false, } include ::ceilometer::expirer class { '::ceilometer::db' : database_connection => $ceilometer_database_connection, sync_db => $sync_db, } - include ceilometer::agent::auth + include ::ceilometer::agent::auth Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } @@ -840,33 +864,37 @@ if hiera('step') >= 3 { } class { '::heat::api' : manage_service => false, - enabled => false, + enabled => false, } class { '::heat::api_cfn' : manage_service => false, - enabled => false, + enabled => false, } class { '::heat::api_cloudwatch' : manage_service => false, - enabled => false, + enabled => false, } class { '::heat::engine' : manage_service => false, - enabled => false, + enabled => false, } # httpd/apache and horizon # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent - include ::apache + class { '::apache' : + service_enable => false, + # service_manage => false, # <-- not supported with horizon&apache mod_wsgi? + } include ::apache::mod::status - $vhost_params = { - add_listen => false, - priority => 10, + if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') { + $_profile_support = 'cisco' + } else { + $_profile_support = 'None' } - class { 'horizon': - cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), - vhost_extra_params => $vhost_params, - server_aliases => $::hostname, + $neutron_options = {'profile_support' => $_profile_support } + class { '::horizon': + cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), + neutron_options => $neutron_options, } $snmpd_user = hiera('snmpd_readonly_user_name') @@ -874,7 +902,7 @@ if hiera('step') >= 3 { authtype => 'MD5', authpass => hiera('snmpd_readonly_user_password'), } - class { 'snmp': + class { '::snmp': agentaddress => ['udp:161','udp6:[::1]:161'], snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } @@ -890,12 +918,16 @@ if hiera('step') >= 4 { # Keystone pacemaker::resource::service { $::keystone::params::service_name : - clone_params => "interleave=true", + clone_params => 'interleave=true', + verify_on_create => true, + require => [File['/etc/keystone/ssl/certs/ca.pem'], + File['/etc/keystone/ssl/private/signing_key.pem'], + File['/etc/keystone/ssl/certs/signing_cert.pem']], } pacemaker::constraint::base { 'haproxy-then-keystone-constraint': constraint_type => 'order', - first_resource => "haproxy-clone", + first_resource => 'haproxy-clone', second_resource => "${::keystone::params::service_name}-clone", first_action => 'start', second_action => 'start', @@ -904,7 +936,7 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'rabbitmq-then-keystone-constraint': constraint_type => 'order', - first_resource => "rabbitmq-clone", + first_resource => 'rabbitmq-clone', second_resource => "${::keystone::params::service_name}-clone", first_action => 'start', second_action => 'start', @@ -913,7 +945,7 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'memcached-then-keystone-constraint': constraint_type => 'order', - first_resource => "memcached-clone", + first_resource => 'memcached-clone', second_resource => "${::keystone::params::service_name}-clone", first_action => 'start', second_action => 'start', @@ -922,7 +954,7 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'galera-then-keystone-constraint': constraint_type => 'order', - first_resource => "galera-master", + first_resource => 'galera-master', second_resource => "${::keystone::params::service_name}-clone", first_action => 'promote', second_action => 'start', @@ -932,11 +964,11 @@ if hiera('step') >= 4 { # Cinder pacemaker::resource::service { $::cinder::params::api_service : - clone_params => "interleave=true", + clone_params => 'interleave=true', require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::cinder::params::scheduler_service : - clone_params => "interleave=true", + clone_params => 'interleave=true', } pacemaker::resource::service { $::cinder::params::volume_service : } @@ -950,45 +982,45 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::keystone::params::service_name]], } pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': - constraint_type => "order", - first_resource => "${::cinder::params::api_service}-clone", + constraint_type => 'order', + first_resource => "${::cinder::params::api_service}-clone", second_resource => "${::cinder::params::scheduler_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::cinder::params::api_service], - Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::cinder::params::api_service], + Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], } pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation': - source => "${::cinder::params::scheduler_service}-clone", - target => "${::cinder::params::api_service}-clone", - score => "INFINITY", + source => "${::cinder::params::scheduler_service}-clone", + target => "${::cinder::params::api_service}-clone", + score => 'INFINITY', require => [Pacemaker::Resource::Service[$::cinder::params::api_service], Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], } pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint': - constraint_type => "order", - first_resource => "${::cinder::params::scheduler_service}-clone", - second_resource => "${::cinder::params::volume_service}", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], - Pacemaker::Resource::Service[$::cinder::params::volume_service]], + constraint_type => 'order', + first_resource => "${::cinder::params::scheduler_service}-clone", + second_resource => $::cinder::params::volume_service, + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], + Pacemaker::Resource::Service[$::cinder::params::volume_service]], } pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation': - source => "${::cinder::params::volume_service}", - target => "${::cinder::params::scheduler_service}-clone", - score => "INFINITY", + source => $::cinder::params::volume_service, + target => "${::cinder::params::scheduler_service}-clone", + score => 'INFINITY', require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], Pacemaker::Resource::Service[$::cinder::params::volume_service]], } # Glance pacemaker::resource::service { $::glance::params::registry_service_name : - clone_params => "interleave=true", + clone_params => 'interleave=true', require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::glance::params::api_service_name : - clone_params => "interleave=true", + clone_params => 'interleave=true', } pacemaker::constraint::base { 'keystone-then-glance-registry-constraint': @@ -1001,18 +1033,18 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::keystone::params::service_name]], } pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint': - constraint_type => "order", + constraint_type => 'order', first_resource => "${::glance::params::registry_service_name}-clone", second_resource => "${::glance::params::api_service_name}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], - Pacemaker::Resource::Service[$::glance::params::api_service_name]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], + Pacemaker::Resource::Service[$::glance::params::api_service_name]], } pacemaker::constraint::colocation { 'glance-api-with-glance-registry-colocation': source => "${::glance::params::api_service_name}-clone", target => "${::glance::params::registry_service_name}-clone", - score => "INFINITY", + score => 'INFINITY', require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], Pacemaker::Resource::Service[$::glance::params::api_service_name]], } @@ -1024,151 +1056,154 @@ if hiera('step') >= 4 { # https://bugzilla.redhat.com/show_bug.cgi?id=1233061 exec { '/usr/bin/systemctl start neutron-server && /usr/bin/sleep 5' : } -> pacemaker::resource::service { $::neutron::params::server_service: - op_params => "start timeout=90", - clone_params => "interleave=true", - require => Pacemaker::Resource::Service[$::keystone::params::service_name] + clone_params => 'interleave=true', + require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::neutron::params::l3_agent_service: - clone_params => "interleave=true", + clone_params => 'interleave=true', } pacemaker::resource::service { $::neutron::params::dhcp_agent_service: - clone_params => "interleave=true", + clone_params => 'interleave=true', } pacemaker::resource::service { $::neutron::params::ovs_agent_service: - clone_params => "interleave=true", + clone_params => 'interleave=true', } pacemaker::resource::service { $::neutron::params::metadata_agent_service: - clone_params => "interleave=true", + clone_params => 'interleave=true', } pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service: - ocf_agent_name => "neutron:OVSCleanup", - clone_params => "interleave=true", + ocf_agent_name => 'neutron:OVSCleanup', + clone_params => 'interleave=true', } pacemaker::resource::ocf { 'neutron-netns-cleanup': - ocf_agent_name => "neutron:NetnsCleanup", - clone_params => "interleave=true", - } - pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': - constraint_type => "order", - first_resource => "${::keystone::params::service_name}-clone", - second_resource => "${::neutron::params::server_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], - Pacemaker::Resource::Service[$::neutron::params::server_service]], - } - pacemaker::constraint::base { 'neutron-server-to-neutron-ovs-cleanup-constraint': - constraint_type => "order", - first_resource => "${::neutron::params::server_service}-clone", - second_resource => "${::neutron::params::ovs_cleanup_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::neutron::params::server_service], - Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"]], + ocf_agent_name => 'neutron:NetnsCleanup', + clone_params => 'interleave=true', } + + # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint': - constraint_type => "order", - first_resource => "${::neutron::params::ovs_cleanup_service}-clone", - second_resource => "neutron-netns-cleanup-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"], - Pacemaker::Resource::Ocf['neutron-netns-cleanup']], + constraint_type => 'order', + first_resource => "${::neutron::params::ovs_cleanup_service}-clone", + second_resource => 'neutron-netns-cleanup-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service], + Pacemaker::Resource::Ocf['neutron-netns-cleanup']], } pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation': - source => "neutron-netns-cleanup-clone", - target => "${::neutron::params::ovs_cleanup_service}-clone", - score => "INFINITY", - require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"], + source => 'neutron-netns-cleanup-clone', + target => "${::neutron::params::ovs_cleanup_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service], Pacemaker::Resource::Ocf['neutron-netns-cleanup']], } pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint': - constraint_type => "order", - first_resource => "neutron-netns-cleanup-clone", + constraint_type => 'order', + first_resource => 'neutron-netns-cleanup-clone', second_resource => "${::neutron::params::ovs_agent_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"], - Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], } pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation': - source => "${::neutron::params::ovs_agent_service}-clone", - target => "neutron-netns-cleanup-clone", - score => "INFINITY", - require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"], - Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]], + source => "${::neutron::params::ovs_agent_service}-clone", + target => 'neutron-netns-cleanup-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } + + #another chain keystone-->neutron-server-->ovs-agent-->dhcp-->l3 + pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::neutron::params::server_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::keystone::params::service_name], + Pacemaker::Resource::Service[$::neutron::params::server_service]], + } + pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], } pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': - constraint_type => "order", - first_resource => "${::neutron::params::ovs_agent_service}-clone", + constraint_type => 'order', + first_resource => "${::neutron::params::ovs_agent_service}-clone", second_resource => "${::neutron::params::dhcp_agent_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"], - Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], } pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation': - source => "${::neutron::params::dhcp_agent_service}-clone", - target => "${::neutron::params::ovs_agent_service}-clone", - score => "INFINITY", - require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"], - Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]], + source => "${::neutron::params::dhcp_agent_service}-clone", + target => "${::neutron::params::ovs_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], } pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint': - constraint_type => "order", - first_resource => "${::neutron::params::dhcp_agent_service}-clone", + constraint_type => 'order', + first_resource => "${::neutron::params::dhcp_agent_service}-clone", second_resource => "${::neutron::params::l3_agent_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"], - Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]] + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]], } pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation': - source => "${::neutron::params::l3_agent_service}-clone", - target => "${::neutron::params::dhcp_agent_service}-clone", - score => "INFINITY", - require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"], - Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]] + source => "${::neutron::params::l3_agent_service}-clone", + target => "${::neutron::params::dhcp_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]], } pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint': - constraint_type => "order", - first_resource => "${::neutron::params::l3_agent_service}-clone", + constraint_type => 'order', + first_resource => "${::neutron::params::l3_agent_service}-clone", second_resource => "${::neutron::params::metadata_agent_service}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"], - Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]] + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], } pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation': - source => "${::neutron::params::metadata_agent_service}-clone", - target => "${::neutron::params::l3_agent_service}-clone", - score => "INFINITY", - require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"], - Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]] + source => "${::neutron::params::metadata_agent_service}-clone", + target => "${::neutron::params::l3_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], } # Nova pacemaker::resource::service { $::nova::params::api_service_name : - clone_params => "interleave=true", - op_params => "start timeout=90s monitor start-delay=10s", + clone_params => 'interleave=true', + op_params => 'start timeout=90s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::conductor_service_name : - clone_params => "interleave=true", - op_params => "start timeout=90s monitor start-delay=10s", + clone_params => 'interleave=true', + op_params => 'start timeout=90s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::consoleauth_service_name : - clone_params => "interleave=true", - op_params => "start timeout=90s monitor start-delay=10s", - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + clone_params => 'interleave=true', + op_params => 'start timeout=90s monitor start-delay=10s', + require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::nova::params::vncproxy_service_name : - clone_params => "interleave=true", - op_params => "start timeout=90s monitor start-delay=10s", + clone_params => 'interleave=true', + op_params => 'start timeout=90s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::scheduler_service_name : - clone_params => "interleave=true", - op_params => "start timeout=90s monitor start-delay=10s", + clone_params => 'interleave=true', + op_params => 'start timeout=90s monitor start-delay=10s', } pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': @@ -1181,77 +1216,85 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::keystone::params::service_name]], } pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint': - constraint_type => "order", + constraint_type => 'order', first_resource => "${::nova::params::consoleauth_service_name}-clone", second_resource => "${::nova::params::vncproxy_service_name}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], - Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], + Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]], } pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation': - source => "${::nova::params::vncproxy_service_name}-clone", - target => "${::nova::params::consoleauth_service_name}-clone", - score => "INFINITY", + source => "${::nova::params::vncproxy_service_name}-clone", + target => "${::nova::params::consoleauth_service_name}-clone", + score => 'INFINITY', require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]], } - # FIXME(gfidente): novncproxy will not start unless websockify is updated to 0.6 - # which is not the case for f20 nor f21; ucomment when it becomes available - #pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint': - # constraint_type => "order", - # first_resource => "${::nova::params::vncproxy_service_name}-clone", - # second_resource => "${::nova::params::api_service_name}-clone", - # first_action => "start", - # second_action => "start", - # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], - # Pacemaker::Resource::Service[$::nova::params::api_service_name]], - #} - #pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation': - # source => "${::nova::params::api_service_name}-clone", - # target => "${::nova::params::vncproxy_service_name}-clone", - # score => "INFINITY", - # require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], - # Pacemaker::Resource::Service[$::nova::params::api_service_name]], - #} + pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint': + constraint_type => 'order', + first_resource => "${::nova::params::vncproxy_service_name}-clone", + second_resource => "${::nova::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], + Pacemaker::Resource::Service[$::nova::params::api_service_name]], + } + pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation': + source => "${::nova::params::api_service_name}-clone", + target => "${::nova::params::vncproxy_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name], + Pacemaker::Resource::Service[$::nova::params::api_service_name]], + } pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint': - constraint_type => "order", + constraint_type => 'order', first_resource => "${::nova::params::api_service_name}-clone", second_resource => "${::nova::params::scheduler_service_name}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::nova::params::api_service_name], - Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::nova::params::api_service_name], + Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]], } pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation': - source => "${::nova::params::scheduler_service_name}-clone", - target => "${::nova::params::api_service_name}-clone", - score => "INFINITY", + source => "${::nova::params::scheduler_service_name}-clone", + target => "${::nova::params::api_service_name}-clone", + score => 'INFINITY', require => [Pacemaker::Resource::Service[$::nova::params::api_service_name], Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]], } pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint': - constraint_type => "order", + constraint_type => 'order', first_resource => "${::nova::params::scheduler_service_name}-clone", second_resource => "${::nova::params::conductor_service_name}-clone", - first_action => "start", - second_action => "start", - require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name], - Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name], + Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], } pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation': - source => "${::nova::params::conductor_service_name}-clone", - target => "${::nova::params::scheduler_service_name}-clone", - score => "INFINITY", + source => "${::nova::params::conductor_service_name}-clone", + target => "${::nova::params::scheduler_service_name}-clone", + score => 'INFINITY', require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name], Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], } # Ceilometer - pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : - clone_params => 'interleave=true', - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], - Pacemaker::Resource::Service[$::mongodb::params::service_name]], + case downcase(hiera('ceilometer_backend')) { + /mysql/: { + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : + clone_params => 'interleave=true', + require => Pacemaker::Resource::Service[$::keystone::params::service_name], + } + } + default: { + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : + clone_params => 'interleave=true', + require => [Pacemaker::Resource::Service[$::keystone::params::service_name], + Pacemaker::Resource::Service[$::mongodb::params::service_name]], + } + } } pacemaker::resource::service { $::ceilometer::params::collector_service_name : clone_params => 'interleave=true', @@ -1273,6 +1316,22 @@ if hiera('step') >= 4 { clone_params => 'interleave=true', resource_params => 'startdelay=10', } + # Fedora doesn't know `require-all` parameter for constraints yet + if $::operatingsystem == 'Fedora' { + $redis_ceilometer_constraint_params = undef + } else { + $redis_ceilometer_constraint_params = 'require-all=false' + } + pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => 'redis-master', + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'promote', + second_action => 'start', + constraint_params => $redis_ceilometer_constraint_params, + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]], + } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', first_resource => "${::keystone::params::service_name}-clone", @@ -1411,8 +1470,8 @@ if hiera('step') >= 4 { second_resource => "${::heat::params::api_cfn_service_name}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], - Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], + require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], + Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], } pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation': source => "${::heat::params::api_cfn_service_name}-clone", @@ -1427,8 +1486,8 @@ if hiera('step') >= 4 { second_resource => "${::heat::params::api_cloudwatch_service_name}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], - Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], + require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], + Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], } pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation': source => "${::heat::params::api_cloudwatch_service_name}-clone", @@ -1443,8 +1502,8 @@ if hiera('step') >= 4 { second_resource => "${::heat::params::engine_service_name}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], - Pacemaker::Resource::Service[$::heat::params::engine_service_name]], + require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], + Pacemaker::Resource::Service[$::heat::params::engine_service_name]], } pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation': source => "${::heat::params::engine_service_name}-clone", @@ -1465,10 +1524,52 @@ if hiera('step') >= 4 { # Horizon pacemaker::resource::service { $::horizon::params::http_service: - clone_params => "interleave=true", + clone_params => 'interleave=true', } + #VSM + if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') { + pacemaker::resource::ocf { 'vsm-p' : + ocf_agent_name => 'heartbeat:VirtualDomain', + resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_primary_deploy.xml', + require => Class['n1k_vsm'], + meta_params => 'resource-stickiness=INFINITY', + } + if str2bool(hiera('n1k_vsm::pacemaker_control', true)) { + pacemaker::resource::ocf { 'vsm-s' : + ocf_agent_name => 'heartbeat:VirtualDomain', + resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_secondary_deploy.xml', + require => Class['n1k_vsm'], + meta_params => 'resource-stickiness=INFINITY', + } + pacemaker::constraint::colocation { 'vsm-colocation-contraint': + source => 'vsm-p', + target => 'vsm-s', + score => '-INFINITY', + require => [Pacemaker::Resource::Ocf['vsm-p'], + Pacemaker::Resource::Ocf['vsm-s']], + } + } + } } } #END STEP 4 + +if hiera('step') >= 5 { + + if $pacemaker_master { + + class {'::keystone::roles::admin' : + require => Pacemaker::Resource::Service[$::keystone::params::service_name], + } -> + class {'::keystone::endpoint' : + require => Pacemaker::Resource::Service[$::keystone::params::service_name], + } + + } + +} #END STEP 5 + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 59db696e..5f0b4c82 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -include tripleo::packages +include ::tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -22,8 +22,8 @@ if count(hiera('ntp::servers')) > 0 { } include ::swift -class {'swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')) +class { '::swift::storage::all': + mount_check => str2bool(hiera('swift_mount_check')), } if(!defined(File['/srv/node'])) { file { '/srv/node': @@ -43,9 +43,10 @@ snmp::snmpv3_user { $snmpd_user: authtype => 'MD5', authpass => hiera('snmpd_readonly_user_password'), } -class { 'snmp': +class { '::snmp': agentaddress => ['udp:161','udp6:[::1]:161'], snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } -hiera_include('object_classes')
\ No newline at end of file +hiera_include('object_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_object': ensure => present} diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index d1f6d6a5..7f24959a 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -include tripleo::packages +include ::tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -47,9 +47,10 @@ snmp::snmpv3_user { $snmpd_user: authtype => 'MD5', authpass => hiera('snmpd_readonly_user_password'), } -class { 'snmp': +class { '::snmp': agentaddress => ['udp:161','udp6:[::1]:161'], snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } -hiera_include('volume_classes')
\ No newline at end of file +hiera_include('volume_classes') +package_manifest{'/var/lib/tripleo/installed-packages/overcloud_volume': ensure => present} diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp index 14fbafdd..4296208b 100644 --- a/puppet/manifests/ringbuilder.pp +++ b/puppet/manifests/ringbuilder.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -include tripleo::packages +include ::tripleo::packages define add_devices( $swift_zones = '1' @@ -37,31 +37,33 @@ define add_devices( $base = regsubst($name,'^r1.*-(.*)$','\1') $object = regsubst($base, '%PORT%', '6000') ring_object_device { $object: - zone => '1', - weight => 100, + zone => '1', + weight => 100, } $container = regsubst($base, '%PORT%', '6001') ring_container_device { $container: - zone => '1', - weight => 100, + zone => '1', + weight => 100, } $account = regsubst($base, '%PORT%', '6002') ring_account_device { $account: - zone => '1', - weight => 100, + zone => '1', + weight => 100, } } class tripleo::ringbuilder ( $swift_zones = '1', $devices = '', - $build_ring = 'True', + $build_ring = true, $part_power, $replicas, $min_part_hours, ) { - if str2bool(downcase("$build_ring")) { + validate_bool($build_ring) + + if $build_ring { $device_array = strip(split(rstrip($devices), ',')) @@ -74,7 +76,7 @@ class tripleo::ringbuilder ( # add all other devices add_devices {$device_array: - swift_zones => $swift_zones + swift_zones => $swift_zones, } -> # rebalance @@ -90,3 +92,5 @@ class tripleo::ringbuilder ( } include ::tripleo::ringbuilder + +package_manifest{'/var/lib/tripleo/installed-packages/ringbuilder': ensure => present} diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index ee50c86a..d22f5386 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -2,6 +2,10 @@ heat_template_version: 2015-04-30 description: 'OpenStack swift storage node post deployment for Puppet' parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean servers: type: json NodeConfigIdentifiers: @@ -15,6 +19,8 @@ resources: type: OS::Heat::SoftwareConfig properties: group: puppet + options: + enable_debug: {get_param: ConfigDebug} outputs: - name: result config: @@ -32,6 +38,8 @@ resources: type: OS::Heat::SoftwareConfig properties: group: puppet + options: + enable_debug: {get_param: ConfigDebug} outputs: - name: result config: diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage.yaml index 5c4ff5a1..22ec6096 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage.yaml @@ -130,6 +130,7 @@ resources: NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig properties: + ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} @@ -155,6 +156,7 @@ resources: config: hiera: hierarchy: + - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - object_extraconfig - extraconfig @@ -187,6 +189,7 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_install: {get_input: enable_package_install} + tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} SwiftStorageHieraDeploy: @@ -210,8 +213,17 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + # Hook for site-specific additional pre-deployment config, + # applying to all nodes, e.g node registration/unregistration + NodeExtraConfig: + depends_on: SwiftStorageHieraDeploy + type: OS::TripleO::NodeExtraConfig + properties: + server: {get_resource: SwiftStorage} + UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -254,4 +266,8 @@ outputs: value: {get_attr: [StorageMgmtPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying - value: {get_attr: [SwiftStorageHieraDeploy, deploy_stdout]} + value: + list_join: + - ',' + - - {get_attr: [SwiftStorageHieraDeploy, deploy_stdout]} + - {get_param: UpdateIdentifier} @@ -2,7 +2,7 @@ name = tripleo-heat-templates summary = Heat templates for deploying OpenStack with OpenStack. description-file = - README.md + README.rst author = OpenStack author_email = openstack-dev@lists.openstack.org license = Apache License (2.0) diff --git a/validation-scripts/all-nodes.sh b/validation-scripts/all-nodes.sh index 38a5a55e..8057f201 100644 --- a/validation-scripts/all-nodes.sh +++ b/validation-scripts/all-nodes.sh @@ -2,7 +2,7 @@ # For each unique remote IP (specified via Heat) we check to # see if one of the locally configured networks matches and if so we -# attempt a ping test on that networks remote IP. +# attempt a ping test the remote network IP. function ping_controller_ips() { local REMOTE_IPS=$1 @@ -15,7 +15,7 @@ function ping_controller_ips() { if [ $REMOTE_NETWORK/$LOCAL_CIDR == $LOCAL_NETWORK ]; then echo -n "Trying to ping $REMOTE_IP for local network $LOCAL_NETWORK..." - if ! ping -c 1 $REMOTE_IP &> /dev/null; then + if ! ping -W 300 -c 1 $REMOTE_IP &> /dev/null; then echo "FAILURE" echo "$REMOTE_IP is not pingable. Local Network: $LOCAL_NETWORK" >&2 exit 1 @@ -26,4 +26,22 @@ function ping_controller_ips() { done } +# Ping all default gateways. There should only be one +# if using upstream t-h-t network templates but we test +# all of them should some manual network config have +# multiple gateways. +function ping_default_gateways() { + DEFAULT_GW=$(ip r | grep ^default | cut -d " " -f 3) + for GW in $DEFAULT_GW; do + echo -n "Trying to ping default gateway ${GW}..." + if ! ping -c 1 $GW &> /dev/null; then + echo "FAILURE" + echo "$GW is not pingable." + exit 1 + fi + done + echo "SUCCESS" +} + ping_controller_ips "$ping_test_ips" +ping_default_gateways |