aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docker/firstboot/start_docker_agents.sh16
-rwxr-xr-xextraconfig/tasks/pacemaker_maintenance_mode.sh19
-rw-r--r--extraconfig/tasks/pre_puppet_pacemaker.yaml9
-rw-r--r--network/endpoints/endpoint_data.yaml3
-rw-r--r--network/endpoints/endpoint_map.yaml117
-rw-r--r--overcloud-resource-registry-puppet.yaml3
-rw-r--r--overcloud.yaml18
-rw-r--r--puppet/controller-config-pacemaker.yaml5
-rw-r--r--puppet/controller-config.yaml5
-rw-r--r--puppet/controller-post.yaml7
-rw-r--r--puppet/controller.yaml6
-rw-r--r--puppet/hieradata/controller.yaml1
-rw-r--r--puppet/services/README.rst50
-rw-r--r--puppet/services/services.yaml40
14 files changed, 156 insertions, 143 deletions
diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh
index bb458a68..027aed40 100644
--- a/docker/firstboot/start_docker_agents.sh
+++ b/docker/firstboot/start_docker_agents.sh
@@ -48,23 +48,13 @@ fi
/sbin/setenforce 0
/sbin/modprobe ebtables
+# CentOS sets ptmx to 000. Withoutit being 666, we can't use Cinder volumes
+chmod 666 /dev/pts/ptmx
+
# We need hostname -f to return in a centos container for the puppet hook
HOSTNAME=$(hostname)
echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts
-# Another hack.. we need a different docker version
-# (should obviously be dropped once the atomic image contains docker 1.8.2)
-/usr/bin/systemctl stop docker.service
-/bin/curl -o /tmp/docker https://get.docker.com/builds/Linux/x86_64/docker-1.8.2
-/bin/mount -o remount,rw /usr
-/bin/rm /bin/docker
-/bin/cp /tmp/docker /bin/docker
-/bin/chmod 755 /bin/docker
-
-# enable and start docker
-/usr/bin/systemctl enable docker.service
-/usr/bin/systemctl restart --no-block docker.service
-
# enable and start heat-docker-agents
chmod 0640 /etc/systemd/system/heat-docker-agents.service
/usr/bin/systemctl enable heat-docker-agents.service
diff --git a/extraconfig/tasks/pacemaker_maintenance_mode.sh b/extraconfig/tasks/pacemaker_maintenance_mode.sh
new file mode 100755
index 00000000..ddc84ad2
--- /dev/null
+++ b/extraconfig/tasks/pacemaker_maintenance_mode.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+set -x
+
+# On initial deployment, the pacemaker service is disabled and is-active exits
+# 3 in that case, so allow this to fail gracefully.
+pacemaker_status=$(systemctl is-active pacemaker || :)
+
+if [ "$pacemaker_status" = "active" ]; then
+ pcs property set maintenance-mode=true
+fi
+
+# We need to reload haproxy in case the certificate changed because
+# puppet doesn't know the contents of the cert file. We shouldn't
+# reload it if it wasn't already active (such as if using external
+# loadbalancer or on initial deployment).
+haproxy_status=$(systemctl is-active haproxy || :)
+if [ "$haproxy_status" = "active" ]; then
+ systemctl reload haproxy
+fi
diff --git a/extraconfig/tasks/pre_puppet_pacemaker.yaml b/extraconfig/tasks/pre_puppet_pacemaker.yaml
index 2cfe92a7..82546588 100644
--- a/extraconfig/tasks/pre_puppet_pacemaker.yaml
+++ b/extraconfig/tasks/pre_puppet_pacemaker.yaml
@@ -14,13 +14,8 @@ resources:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: |
- #!/bin/bash
- pacemaker_status=$(systemctl is-active pacemaker)
-
- if [ "$pacemaker_status" = "active" ]; then
- pcs property set maintenance-mode=true
- fi
+ config:
+ get_file: pacemaker_maintenance_mode.sh
ControllerPrePuppetMaintenanceModeDeployment:
type: OS::Heat::SoftwareDeployments
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index a74d75da..edcfaca1 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -123,17 +123,14 @@ Nova:
vip_param: NovaApi
uri_suffixes:
'': /v2.1/%(tenant_id)s
- V3: /v3
Public:
vip_param: Public
uri_suffixes:
'': /v2.1/%(tenant_id)s
- V3: /v3
Admin:
vip_param: NovaApi
uri_suffixes:
'': /v2.1/%(tenant_id)s
- V3: /v3
port: 8774
NovaEC2:
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 956fb0ba..07266f98 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -1307,123 +1307,6 @@ outputs:
IP_ADDRESS: {get_param: PublicVirtualIP}
- ':'
- get_param: [EndpointMap, NovaPublic, port]
- NovaV3Admin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, NovaAdmin, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: NovaApiVirtualIP}
- port:
- get_param: [EndpointMap, NovaAdmin, port]
- protocol:
- get_param: [EndpointMap, NovaAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, NovaAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, NovaAdmin, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: NovaApiVirtualIP}
- - ':'
- - get_param: [EndpointMap, NovaAdmin, port]
- - /v3
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, NovaAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, NovaAdmin, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: NovaApiVirtualIP}
- - ':'
- - get_param: [EndpointMap, NovaAdmin, port]
- NovaV3Internal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, NovaInternal, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: NovaApiVirtualIP}
- port:
- get_param: [EndpointMap, NovaInternal, port]
- protocol:
- get_param: [EndpointMap, NovaInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, NovaInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, NovaInternal, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: NovaApiVirtualIP}
- - ':'
- - get_param: [EndpointMap, NovaInternal, port]
- - /v3
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, NovaInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, NovaInternal, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: NovaApiVirtualIP}
- - ':'
- - get_param: [EndpointMap, NovaInternal, port]
- NovaV3Public:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, NovaPublic, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: PublicVirtualIP}
- port:
- get_param: [EndpointMap, NovaPublic, port]
- protocol:
- get_param: [EndpointMap, NovaPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, NovaPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, NovaPublic, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: PublicVirtualIP}
- - ':'
- - get_param: [EndpointMap, NovaPublic, port]
- - /v3
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, NovaPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, NovaPublic, host]
- params:
- CLOUDNAME: {get_param: CloudName}
- IP_ADDRESS: {get_param: PublicVirtualIP}
- - ':'
- - get_param: [EndpointMap, NovaPublic, port]
NovaEC2Admin:
host:
str_replace:
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index 54074d12..bc3b7241 100644
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -122,6 +122,9 @@ resource_registry:
# validation resources
OS::TripleO::AllNodes::Validation: all-nodes-validation.yaml
+ # services
+ OS::TripleO::Services: puppet/services/services.yaml
+
parameter_defaults:
EnablePackageInstall: false
SoftwareConfigTransport: POLL_TEMP_URL
diff --git a/overcloud.yaml b/overcloud.yaml
index 19e847a5..cd724b3e 100644
--- a/overcloud.yaml
+++ b/overcloud.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: 2016-04-08
description: >
Deploy an OpenStack environment, consisting of several node types (roles),
@@ -711,6 +711,13 @@ parameters:
via parameter_defaults in the resource registry.
type: json
+ ControllerServices:
+ default: []
+ description: A list of service resources (configured in the Heat
+ resource_registry) which represent nested stacks
+ for each service that should get installed on the Controllers.
+ type: comma_delimited_list
+
# Block storage specific parameters
BlockStorageCount:
type: number
@@ -892,6 +899,13 @@ resources:
SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
PublicVirtualIP: {get_attr: [VipMap, net_ip_uri_map, external]}
+ ControllerServiceChain:
+ type: OS::TripleO::Services
+ properties:
+ Services: {get_param: ControllerServices}
+ EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
+ MysqlVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+
Controller:
type: OS::Heat::ResourceGroup
depends_on: Networks
@@ -1043,6 +1057,7 @@ resources:
NodeIndex: '%index%'
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: ControllerSchedulerHints}
+ ServiceConfigSettings: {get_attr: [ControllerServiceChain, config_settings]}
Compute:
type: OS::Heat::ResourceGroup
@@ -1611,6 +1626,7 @@ resources:
allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
controller_config: {get_attr: [Controller, attributes, config_identifier]}
deployment_identifier: {get_param: DeployIdentifier}
+ StepConfig: {get_attr: [ControllerServiceChain, step_config]}
ComputeNodesPostDeployment:
type: OS::TripleO::ComputePostDeployment
diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml
index 21db825a..dfebcf82 100644
--- a/puppet/controller-config-pacemaker.yaml
+++ b/puppet/controller-config-pacemaker.yaml
@@ -8,6 +8,10 @@ parameters:
default: false
description: Whether to run config management (e.g. Puppet) in debug mode.
type: boolean
+ StepConfig:
+ type: string
+ description: Config manifests that will be used to step through the deployment.
+ default: ''
resources:
@@ -26,6 +30,7 @@ resources:
- ''
- - get_file: manifests/overcloud_controller_pacemaker.pp
- get_file: manifests/ringbuilder.pp
+ - {get_param: StepConfig}
outputs:
OS::stack_id:
diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml
index f7a6a56d..458aff32 100644
--- a/puppet/controller-config.yaml
+++ b/puppet/controller-config.yaml
@@ -8,6 +8,10 @@ parameters:
default: false
description: Whether to run config management (e.g. Puppet) in debug mode.
type: boolean
+ StepConfig:
+ type: string
+ description: Config manifests that will be used to step through the deployment.
+ default: ''
resources:
@@ -26,6 +30,7 @@ resources:
- ''
- - get_file: manifests/overcloud_controller.pp
- get_file: manifests/ringbuilder.pp
+ - {get_param: StepConfig}
outputs:
OS::stack_id:
diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml
index 04f20b61..80b08a06 100644
--- a/puppet/controller-post.yaml
+++ b/puppet/controller-post.yaml
@@ -13,7 +13,10 @@ parameters:
NodeConfigIdentifiers:
type: json
description: Value which changes if the node configuration may need to be re-applied
-
+ StepConfig:
+ type: string
+ description: Config manifests that will be used to step through the deployment.
+ default: ''
resources:
@@ -35,6 +38,8 @@ resources:
ControllerPuppetConfig:
type: OS::TripleO::ControllerConfig
+ properties:
+ StepConfig: {get_param: StepConfig}
# Step through a series of Puppet runs using the same manifest.
# NOTE: To enable stepping through the deployments via heat hooks,
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index efdf08bb..d966700f 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -790,6 +790,9 @@ parameters:
type: json
description: Optional scheduler hints to pass to nova
default: {}
+ ServiceConfigSettings:
+ type: json
+ default: {}
resources:
@@ -1294,6 +1297,7 @@ resources:
- heat_config_%{::deploy_config_name}
- controller_extraconfig
- extraconfig
+ - service_configs
- controller
- database
- object
@@ -1316,6 +1320,8 @@ resources:
- neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
- neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
datafiles:
+ service_configs:
+ mapped_data: {get_param: ServiceConfigSettings}
controller_extraconfig:
mapped_data: {get_param: ControllerExtraConfig}
extraconfig:
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 3e523f1b..5e87793a 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -90,7 +90,6 @@ neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
# nova
nova::notify_on_state_change: 'vm_and_task_state'
nova::api::default_floating_pool: 'public'
-nova::api::osapi_v3: true
nova::api::sync_db_api: true
nova::scheduler::filter::ram_allocation_ratio: '1.0'
nova::cron::archive_deleted_rows::hour: '*/12'
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
new file mode 100644
index 00000000..38d2ac64
--- /dev/null
+++ b/puppet/services/README.rst
@@ -0,0 +1,50 @@
+========
+services
+========
+
+A TripleO nested stack Heat template that encapsulates generic configuration
+data to configure a specific service. This generally includes everything
+needed to configure the service excluding the local bind ports which
+are still managed in the per-node role templates directly (controller.yaml,
+compute.yaml, etc.). All other (global) service settings go into
+the puppet/service templates.
+
+Input Parameters
+----------------
+
+Each service may define its own input parameters and defaults.
+Operators will use the parameter_defaults section of any Heat
+environment to set per service parameters.
+
+Config Settings
+---------------
+
+Each service may define a config_settings output variable which returns
+Hiera settings to be configured.
+
+Steps
+-----
+
+Each service may define an output variable which returns a puppet manifest
+snippet that will run at each of the following steps. Earlier manifests
+are re-asserted when applying latter ones.
+
+ * config_settings: Custom hiera settings for this service.
+
+ * step_config: A puppet manifest that is used to step through the deployment
+ sequence. Each sequence is given a "step" (via hiera('step') that provides
+ information for when puppet classes should activate themselves.
+
+ Steps correlate to the following:
+
+ 1) Load Balancer configuration
+
+ 2) Core Services (Database/Rabbit/NTP/etc.)
+
+ 3) Early Openstack Service setup (Ringbuilder, etc.)
+
+ 4) General OpenStack Services
+
+ 5) Service activation (Pacemaker)
+
+ 6) Fencing (Pacemaker)
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
new file mode 100644
index 00000000..f9681634
--- /dev/null
+++ b/puppet/services/services.yaml
@@ -0,0 +1,40 @@
+heat_template_version: 2016-04-08
+
+description: >
+ Utility stack to convert an array of services into a set of combined
+ role configs.
+
+parameters:
+ Services:
+ default: []
+ description: |
+ List nested stack service templates.
+ type: comma_delimited_list
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ MysqlVirtualIPUri:
+ default: ''
+ type: string
+ description: The URI virtual IP for the MySQL service.
+
+resources:
+
+ ServiceChain:
+ type: OS::Heat::ResourceChain
+ properties:
+ resources: {get_param: Services}
+ concurrent: true
+ resource_properties:
+ EndpointMap: {get_param: EndpointMap}
+ MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri}
+
+outputs:
+ config_settings:
+ description: Configuration settings.
+ value: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
+ step_config:
+ description: Step configuration.
+ value: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]}