aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore1
-rw-r--r--Makefile5
-rw-r--r--nagios3.yaml235
-rw-r--r--overcloud-source.yaml24
-rw-r--r--tuskar-source.yaml21
5 files changed, 156 insertions, 130 deletions
diff --git a/.gitignore b/.gitignore
index 06513ac8..ae03b039 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,7 +4,6 @@ overcloud-with-block-storage.yaml
overcloud-with-block-storage-nfs.yaml
undercloud-bm.yaml
undercloud-vm.yaml
-undercloud-vm-tuskar.yaml
undercloud-vm-ironic.yaml
*.py[cod]
diff --git a/Makefile b/Makefile
index 2bb095a8..3fb54d34 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,6 @@ generated_templates = \
overcloud-with-block-storage-nfs.yaml \
undercloud-vm.yaml \
undercloud-bm.yaml \
- undercloud-vm-tuskar.yaml \
undercloud-vm-ironic.yaml
# Files included in overcloud-source.yaml via FileInclude
@@ -29,10 +28,6 @@ undercloud-bm.yaml: undercloud-source.yaml undercloud-bm-nova-config.yaml underc
python ./tripleo_heat_merge/merge.py $^ > $@.tmp
mv $@.tmp $@
-undercloud-vm-tuskar.yaml: undercloud-source.yaml undercloud-vm-source.yaml tuskar-source.yaml
- python ./tripleo_heat_merge/merge.py $^ > $@.tmp
- mv $@.tmp $@
-
undercloud-vm-ironic.yaml: undercloud-source.yaml undercloud-vm-ironic-config.yaml undercloud-vm-ironic-deploy.yaml
python ./tripleo_heat_merge/merge.py $^ > $@.tmp
mv $@.tmp $@
diff --git a/nagios3.yaml b/nagios3.yaml
index e60eb559..1e0a4615 100644
--- a/nagios3.yaml
+++ b/nagios3.yaml
@@ -1,103 +1,132 @@
-HeatTemplateFormatVersion: '2012-12-12'
-Description: 'Nagios3'
-Parameters:
- KeyName:
- Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
- Type: String
- Default: default
- AdmWebPasswd:
- Description: Password for nagiosadmin web admin user.
- Type: String
- Default: nagiosadmin
- NoEcho: true
- NovaHostIp:
- Description: nova ip.
- Type: String
- Default: 192.0.2.1
- NovaOsPassword:
- Description: nova OS_PASSWORD.
- Type: String
- Default: unset
- NoEcho: true
- NovaOsUsername:
- Description: nova OS_USERNAME.
- Type: String
- Default: admin
- NovaOsTenantName:
- Description: nova OS_TENANT_NAME.
- Type: String
- Default: admin
- Nagios3ImageId:
- Description: Nagios image.
- Type: String
- Default: nagios3
- InstanceType:
- Description: Use this flavor.
- Type: String
- Default: baremetal
- InitialIpSplitKey:
- Description: Network name from nova list to get initial ip list from.
- Type: String
- Default: ctlplane
- Apache2SnakeoilPem:
- Description: Snakeoil PEM file.
- Type: String
- NoEcho: true
- Default: |
- ----- BEGIN PlaceHolder...
- Apache2SnakeoilKey:
- Description: Snakeoil Key file.
- Type: String
- NoEcho: true
- Default: |
- ----- BEGIN PlaceHolder...
- PostfixMailHostname:
- Description: Hostname for postfix..
- Type: String
- Default: nagios3-nagios3
- PostfixMailDomain:
- Description: Top level domain for postfix.
- Type: String
- Default: novalocal
- PostfixDelayWarningTime:
- Description: Amount of time to Delay warnnings.
- Type: String
- Default: 4h
-Resources:
- nagios3:
- Metadata:
- OpenStack::ImageBuilder::Elements: [ nagios3 ]
- apache2:
- snakeoil_pem:
- Ref: Apache2SnakeoilPem
- snakeoil_key:
- Ref: Apache2SnakeoilKey
- nagios3:
- adm_web_passwd:
- Ref: AdmWebPasswd
- nova_host_ip:
- Ref: NovaHostIp
- nova_os_password:
- Ref: NovaOsPassword
- nova_os_username:
- Ref: NovaOsUsername
- nova_os_tenant_name:
- Ref: NovaOsTenantName
- initial_network_split_key:
- Ref: InitialIpSplitKey
- postfix:
- mailhostname:
- Ref: PostfixMailHostname
- maildomain:
- Ref: PostfixMailDomain
- delay_warning_time:
- Ref: PostfixDelayWarningTime
- Type: AWS::EC2::Instance
- Properties:
- KeyName:
- Ref: KeyName
- ImageId:
- Ref: Nagios3ImageId
- InstanceType: {Ref: InstanceType}
-Outputs:
- Nagios3Host: {'Fn::Select': [ 0, {'Fn::Select': [ 'ctlplane', 'Fn::GetAtt': [ 'nagios3' , 'networks' ] ]} ]}
+# Copyright 2014 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+heat_template_version: 2013-05-23
+description: Deploy Nagios
+parameters:
+ adm_web_passwd:
+ type: string
+ description: Password for initial admin user
+ hidden: true
+ nova_os_auth_url:
+ type: string
+ default: ''
+ description: URL for Keystone to access Nova.
+ nova_os_password:
+ type: string
+ hidden: true
+ description: password to present to nova_host_ip.
+ default: ''
+ nova_os_username:
+ type: string
+ description: username to present to nova_host_ip.
+ default: ''
+ nova_os_tenant_name:
+ type: string
+ description: tenant name to present to nova_host_ip.
+ default: ''
+ monitor_networks:
+ type: json
+ description: Neutron networks to monitor.
+ default: []
+ image:
+ type: string
+ description: Image for Nagios.
+ default: nagios
+ server_network:
+ type: string
+ description: Network id for server.
+ default: default-net
+ external_network:
+ type: string
+ description: Network to attach floating ips to.
+ default: ext-net
+ flavor:
+ type: string
+ description: What flavor to use for the nagios server.
+ default: m1.small
+ key_name:
+ type: string
+ description: What Nova SSH key to use for the nagios server.
+ default: default
+resources:
+ nagios_config:
+ type: OS::Heat::StructuredConfig
+ properties:
+ config:
+ nagios3:
+ adm_web_passwd: { get_input: adm_web_passwd }
+ os_auth_url: { get_input: nova_os_auth_url }
+ os_password: { get_input: nova_os_password }
+ os_username: { get_input: nova_os_username }
+ os_tenant_name: { get_input: nova_os_tenant_name }
+ monitor_networks: { get_input: monitor_networks }
+ completion-signal: { get_input: deploy_signal_id }
+ nagios_security_group:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name: monitoring
+ rules:
+ - direction: ingress
+ port_range_max: 22
+ port_range_min: 22
+ protocol: tcp
+ - direction: ingress
+ port_range_max: 80
+ port_range_min: 80
+ protocol: tcp
+ - direction: ingress
+ protocol: icmp
+ - direction: egress
+ protocol: tcp
+ - direction: egress
+ protocol: udp
+ - direction: egress
+ protocol: icmp
+ nagios_net_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: server_network }
+ security_groups: [ { get_resource: nagios_security_group } ]
+ nagios_server:
+ type: OS::Nova::Server
+ properties:
+ flavor: { get_param: flavor }
+ image: { get_param: image }
+ key_name: { get_param: key_name }
+ user_data_format: SOFTWARE_CONFIG
+ networks:
+ - network: { get_param: server_network }
+ port: { get_resource: nagios_net_port }
+ nagios_floating_ip:
+ type: OS::Neutron::FloatingIP
+ properties:
+ floating_network_id: { get_param: external_network }
+ port_id: { get_resource: nagios_net_port }
+ nagios_deploy:
+ type: OS::Heat::StructuredDeployment
+ properties:
+ server: { get_resource: nagios_server }
+ config: { get_resource: nagios_config }
+ input_values:
+ adm_web_passwd: { get_param: adm_web_passwd }
+ nova_os_auth_url: { get_param: nova_os_auth_url }
+ nova_os_password: { get_param: nova_os_password }
+ nova_os_username: { get_param: nova_os_username }
+ nova_os_tenant_name: { get_param: nova_os_tenant_name }
+ monitor_networks: { get_param: monitor_networks }
+outputs:
+ nagios_address:
+ description: Address of Nagios admin interface.
+ value: { get_attr: [ nagios_floating_ip, floating_ip_address ] }
diff --git a/overcloud-source.yaml b/overcloud-source.yaml
index df4c2ea3..7ecb92ce 100644
--- a/overcloud-source.yaml
+++ b/overcloud-source.yaml
@@ -244,6 +244,26 @@ Parameters:
Default: []
Description: Should be used for arbitrary ips.
Type: Json
+ KeystoneCACertificate:
+ Default: ''
+ Description: Keystone self-signed certificate authority certificate.
+ Type: String
+ NoEcho: true
+ KeystoneCAKey:
+ Default: ''
+ Description: Keystone certificate authority key.
+ Type: String
+ NoEcho: true
+ KeystoneSigningCertificate:
+ Default: ''
+ Description: Keystone certificate for verifying token validity.
+ Type: String
+ NoEcho: true
+ KeystoneSigningKey:
+ Default: ''
+ Description: Keystone key for signing tokens.
+ Type: String
+ NoEcho: true
Resources:
ControlVirtualIP:
Type: OS::Neutron::Port
@@ -420,6 +440,10 @@ Resources:
db: mysql://keystone:unset@localhost/keystone
host:
get_input: controller_host
+ ca_key: {Ref: KeystoneCAKey}
+ ca_certificate: {Ref: KeystoneCACertificate}
+ signing_key: {Ref: KeystoneSigningKey}
+ signing_certificate: {Ref: KeystoneSigningCertificate}
mysql:
innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize}
neutron:
diff --git a/tuskar-source.yaml b/tuskar-source.yaml
deleted file mode 100644
index 6f84292d..00000000
--- a/tuskar-source.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-Parameters:
- # NOTE(rpodolyaka): limitation of tuskar-api, see https://bugs.launchpad.net/tuskar/+bug/1235236
- OvercloudAdminPassword:
- Default: unset
- Description: The password of admin user of the overcloud (required by some services in the under cloud)
- Type: String
- OvercloudKeystoneHost:
- Description: The Overcloud Host running Keystone
- Type: String
-Resources:
- undercloudTuskarVm:
- Type: AWS::AutoScaling::LaunchConfiguration
- Metadata:
- OpenStack::Role: undercloudConfig
- tuskar:
- db: mysql://tuskar:unset@localhost/tuskar?charset=utf8
- user: admin
- tenant_name: admin
- password: {Ref: AdminPassword}
- overcloud-admin-password: {Ref: OvercloudAdminPassword}
- overcloud-keystone-host: {Ref: OvercloudKeystoneHost}