diff options
110 files changed, 2926 insertions, 1202 deletions
diff --git a/default_passwords.yaml b/default_passwords.yaml index a7d9c978..7a47f443 100644 --- a/default_passwords.yaml +++ b/default_passwords.yaml @@ -5,8 +5,6 @@ description: Passwords we manage at the top level parameters: DefaultMysqlRootPassword: type: string - DefaultMysqlClusterPassword: - type: string DefaultRabbitCookie: type: string DefaultHeatAuthEncryptionKey: @@ -21,7 +19,6 @@ outputs: description: Password data value: mysql_root_password: {get_param: DefaultMysqlRootPassword} - mysql_cluster_password: {get_param: DefaultMysqlClusterPassword} rabbit_cookie: {get_param: DefaultRabbitCookie} heat_auth_encryption_key: {get_param: DefaultHeatAuthEncryptionKey} pcsd_password: {get_param: DefaultPcsdPassword} diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index a3f39ebe..39ded654 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -7,3 +7,6 @@ parameter_defaults: SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here + +resource_registry: + OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/inject-trust-anchor-hiera.yaml b/environments/inject-trust-anchor-hiera.yaml new file mode 100644 index 00000000..b4908c1b --- /dev/null +++ b/environments/inject-trust-anchor-hiera.yaml @@ -0,0 +1,8 @@ +parameter_defaults: + CAMap: + first-ca-name: + content: | + The content of the CA cert goes here + second-ca-name: + content: | + The content of the CA cert goes here diff --git a/environments/network-environment.yaml b/environments/network-environment.yaml index cf94d7fc..d0fc9ec6 100644 --- a/environments/network-environment.yaml +++ b/environments/network-environment.yaml @@ -15,14 +15,23 @@ resource_registry: parameter_defaults: # This section is where deployment-specific configuration is done + # CIDR subnet mask length for provisioning network + ControlPlaneSubnetCidr: '24' + # Gateway router for the provisioning network (or Undercloud IP) + ControlPlaneDefaultRoute: 192.0.2.254 + EC2MetadataIp: 192.0.2.1 # Generally the IP of the Undercloud # Customize the IP subnets to match the local environment InternalApiNetCidr: 172.17.0.0/24 StorageNetCidr: 172.18.0.0/24 StorageMgmtNetCidr: 172.19.0.0/24 TenantNetCidr: 172.16.0.0/24 ExternalNetCidr: 10.0.0.0/24 - # CIDR subnet mask length for provisioning network - ControlPlaneSubnetCidr: '24' + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 20 + StorageNetworkVlanID: 30 + StorageMgmtNetworkVlanID: 40 + TenantNetworkVlanID: 50 + ExternalNetworkVlanID: 10 # Customize the IP ranges on each network to use for static IPs and VIPs InternalApiAllocationPools: [{'start': '172.17.0.10', 'end': '172.17.0.200'}] StorageAllocationPools: [{'start': '172.18.0.10', 'end': '172.18.0.200'}] @@ -32,18 +41,13 @@ parameter_defaults: ExternalAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.50'}] # Gateway router for the external network ExternalInterfaceDefaultRoute: 10.0.0.1 - # Gateway router for the provisioning network (or Undercloud IP) - ControlPlaneDefaultRoute: 192.0.2.254 - # Generally the IP of the Undercloud - EC2MetadataIp: 192.0.2.1 + # Uncomment if using the Management Network (see network-management.yaml) + # ManagementNetCidr: 10.0.1.0/24 + # ManagementAllocationPools: [{'start': '10.0.1.10', 'end', '10.0.1.50'}] + # Use either this parameter or ControlPlaneDefaultRoute in the NIC templates + # ManagementInterfaceDefaultRoute: 10.0.1.1 # Define the DNS servers (maximum 2) for the overcloud nodes DnsServers: ["8.8.8.8","8.8.4.4"] - # Customize the VLAN IDs to match the local environment - InternalApiNetworkVlanID: 10 - StorageNetworkVlanID: 20 - StorageMgmtNetworkVlanID: 30 - TenantNetworkVlanID: 40 - ExternalNetworkVlanID: 50 # Set to empty string to enable multiple external networks or VLANs NeutronExternalNetworkBridge: "''" # The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling. diff --git a/environments/neutron-opendaylight-l3.yaml b/environments/neutron-opendaylight-l3.yaml new file mode 100644 index 00000000..d61270b2 --- /dev/null +++ b/environments/neutron-opendaylight-l3.yaml @@ -0,0 +1,14 @@ +# A Heat environment that can be used to deploy OpenDaylight with L3 DVR +resource_registry: + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::OpenDaylight: puppet/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None + +parameter_defaults: + EnableOpenDaylightOnController: true + NeutronEnableForceMetadata: true + NeutronMechanismDrivers: 'opendaylight' + NeutronServicePlugins: "networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin" + OpenDaylightEnableL3: "'yes'" diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml new file mode 100644 index 00000000..8fa2e542 --- /dev/null +++ b/environments/neutron-opendaylight.yaml @@ -0,0 +1,11 @@ +# A Heat environment that can be used to deploy OpenDaylight +resource_registry: + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::OpenDaylight: puppet/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: puppet/services/opendaylight-ovs.yaml + +parameter_defaults: + EnableOpenDaylightOnController: true + NeutronEnableForceMetadata: true + NeutronMechanismDrivers: 'opendaylight' diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index 19cca657..06e4f7aa 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -2,9 +2,12 @@ # use of an externally managed Ceph cluster. resource_registry: OS::TripleO::Services::CephExternal: ../puppet/services/ceph-external.yaml + OS::TripleO::Services::CephMon: OS::Heat::None + OS::TripleO::Services::CephClient: OS::Heat::None + OS::TripleO::Services::CephOSD: OS::Heat::None parameter_defaults: - # NOTE: These example parameters are required when using Ceph External + # NOTE: These example parameters are required when using CephExternal #CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' #CephClientKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' #CephExternalMonHost: '172.16.1.7, 172.16.1.8' @@ -26,3 +29,6 @@ parameter_defaults: # finally we disable the Cinder LVM backend CinderEnableIscsiBackend: false + + # Backward compatibility setting, will be removed in the future + CephAdminKey: '' diff --git a/environments/services/sahara.yaml b/environments/services/sahara.yaml index d4be3742..82205dd1 100644 --- a/environments/services/sahara.yaml +++ b/environments/services/sahara.yaml @@ -1,3 +1,3 @@ resource_registry: - OS::TripleO::Services::SaharaApi: puppet/services/sahara-api.yaml - OS::TripleO::Services::SaharaEngine: puppet/services/sahara-engine.yaml + OS::TripleO::Services::SaharaApi: ../../puppet/services/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: ../../puppet/services/sahara-engine.yaml diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml index 3629672a..7c8e850c 100644 --- a/environments/tls-endpoints-public-dns.yaml +++ b/environments/tls-endpoints-public-dns.yaml @@ -50,6 +50,3 @@ parameter_defaults: SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} - -resource_registry: - OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml index d3f07cda..80595c6c 100644 --- a/environments/tls-endpoints-public-ip.yaml +++ b/environments/tls-endpoints-public-ip.yaml @@ -50,6 +50,3 @@ parameter_defaults: SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} - -resource_registry: - OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh index 36d85444..bc115ef7 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -18,7 +18,7 @@ STONITH_STATE=$(pcs property show stonith-enabled | grep "stonith-enabled" | awk pcs property set stonith-enabled=false # If for some reason rpm-python are missing we want to error out early enough -if [ ! rpm -q rpm-python &> /dev/null ]; then +if ! rpm -q rpm-python &> /dev/null; then echo_error "ERROR: upgrade cannot start without rpm-python installed" exit 1 fi @@ -50,7 +50,7 @@ if [ "$mariadb_do_major_upgrade" = "auto" ]; then DO_MYSQL_UPGRADE=0 fi echo "mysql upgrade required: $DO_MYSQL_UPGRADE" -elif [ "$mariadb_do_major_upgrade" = 0 ]; then +elif [ "$mariadb_do_major_upgrade" = "no" ]; then DO_MYSQL_UPGRADE=0 else DO_MYSQL_UPGRADE=1 @@ -199,3 +199,5 @@ crudini --set /etc/ceilometer/ceilometer.conf DEFAULT rpc_backend rabbit # https://bugzilla.redhat.com/show_bug.cgi?id=1284058 # Ifd1861e3df46fad0e44ff9b5cbd58711bbc87c97 Swift Ceilometer middleware no longer exists crudini --set /etc/swift/proxy-server.conf pipeline:main pipeline "catch_errors healthcheck cache ratelimit tempurl formpost authtoken keystone staticweb proxy-logging proxy-server" +# LP: 1615035, required only for M/N upgrade. +crudini --set /etc/nova/nova.conf DEFAULT scheduler_host_manager host_manager diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh index 643ae57f..bc708cce 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh @@ -53,6 +53,7 @@ if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname) keystone-manage db_sync neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head nova-manage db sync + nova-manage api_db sync pcs resource enable memcached check_resource memcached started 600 diff --git a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh index 164269dc..7ed7012d 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh +++ b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh @@ -38,11 +38,11 @@ function is_mysql_upgrade_needed { fi local currentepoch=$(rpm -q --qf "%{epoch}" $name) - local currentversion=$(rpm -q --qf "%{version}" $name) + local currentversion=$(rpm -q --qf "%{version}" $name | cut -d. -f-2) local currentrelease=$(rpm -q --qf "%{release}" $name) local newoutput=$(repoquery -a --pkgnarrow=updates --qf "%{epoch} %{version} %{release}\n" $name) local newepoch=$(echo "$newoutput" | awk '{ print $1 }') - local newversion=$(echo "$newoutput" | awk '{ print $2 }') + local newversion=$(echo "$newoutput" | awk '{ print $2 }' | cut -d. -f-2) local newrelease=$(echo "$newoutput" | awk '{ print $3 }') # With this we trigger the dump restore/path if we change either epoch or @@ -56,64 +56,3 @@ function is_mysql_upgrade_needed { fi echo "1" } - -function add_missing_openstack_core_constraints { - # The CIBs are saved under /root as they might contain sensitive data - CIB="/root/migration.cib" - CIB_BACKUP="/root/backup.cib" - CIB_PUSH_NEEDED=n - - rm -f "$CIB" "$CIB_BACKUP" || /bin/true - pcs cluster cib "$CIB" - cp "$CIB" "$CIB_BACKUP" - - if ! pcs -f "$CIB" constraint --full | grep 'start openstack-sahara-api-clone then start openstack-sahara-engine-clone'; then - pcs -f "$CIB" constraint order start openstack-sahara-api-clone then start openstack-sahara-engine-clone - CIB_PUSH_NEEDED=y - fi - - if ! pcs -f "$CIB" constraint --full | grep 'start openstack-core-clone then start openstack-ceilometer-notification-clone'; then - pcs -f "$CIB" constraint order start openstack-core-clone then start openstack-ceilometer-notification-clone - CIB_PUSH_NEEDED=y - fi - - if ! pcs -f "$CIB" constraint --full | grep 'start openstack-aodh-evaluator-clone then start openstack-aodh-listener-clone'; then - pcs -f "$CIB" constraint order start openstack-aodh-evaluator-clone then start openstack-aodh-listener-clone - CIB_PUSH_NEEDED=y - fi - - if pcs -f "$CIB" constraint --full | grep 'start openstack-core-clone then start openstack-heat-api-clone'; then - CID=$(pcs -f "$CIB" constraint --full | grep 'start openstack-core-clone then start openstack-heat-api-clone' | sed -e 's/.*id\://g' -e 's/)//g') - pcs -f "$CIB" constraint remove $CID - CIB_PUSH_NEEDED=y - fi - - if [ "$CIB_PUSH_NEEDED" = 'y' ]; then - pcs cluster cib-push "$CIB" - fi -} - -function remove_ceilometer_alarm { - if pcs status | grep openstack-ceilometer-alarm; then - # Disable pacemaker resources for ceilometer-alarms - pcs resource disable openstack-ceilometer-alarm-evaluator - check_resource openstack-ceilometer-alarm-evaluator stopped 600 - pcs resource delete openstack-ceilometer-alarm-evaluator - pcs resource disable openstack-ceilometer-alarm-notifier - check_resource openstack-ceilometer-alarm-notifier stopped 600 - pcs resource delete openstack-ceilometer-alarm-notifier - - # remove constraints - pcs constraint remove ceilometer-delay-then-ceilometer-alarm-evaluator-constraint - pcs constraint remove ceilometer-alarm-evaluator-with-ceilometer-delay-colocation - pcs constraint remove ceilometer-alarm-evaluator-then-ceilometer-alarm-notifier-constraint - pcs constraint remove ceilometer-alarm-notifier-with-ceilometer-alarm-evaluator-colocation - pcs constraint remove ceilometer-alarm-notifier-then-ceilometer-notification-constraint - pcs constraint remove ceilometer-notification-with-ceilometer-alarm-notifier-colocation - - fi - - # uninstall openstack-ceilometer-alarm package - yum -y remove openstack-ceilometer-alarm - -} diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh index b2e5be16..1637cee2 100755 --- a/extraconfig/tasks/pacemaker_resource_restart.sh +++ b/extraconfig/tasks/pacemaker_resource_restart.sh @@ -10,29 +10,12 @@ if [ "$pacemaker_status" = "active" -a \ "$(hiera bootstrap_nodeid)" = "$(facter hostname)" -a \ "$(hiera stack_action)" = "UPDATE" ]; then - #ensure neutron constraints like - #https://review.openstack.org/#/c/245093/ - if pcs constraint order show | grep "start neutron-server-clone then start neutron-ovs-cleanup-clone"; then - pcs constraint remove order-neutron-server-clone-neutron-ovs-cleanup-clone-mandatory - fi - - pcs resource disable httpd - check_resource httpd stopped 300 - pcs resource disable openstack-core - check_resource openstack-core stopped 1800 - - if pcs status | grep haproxy-clone; then - pcs resource restart haproxy-clone - fi - pcs resource restart redis-master - pcs resource restart mongod-clone - pcs resource restart rabbitmq-clone - pcs resource restart memcached-clone - pcs resource restart galera-master - - pcs resource enable openstack-core - check_resource openstack-core started 1800 - pcs resource enable httpd - check_resource httpd started 800 - + PCMK_RESOURCES="haproxy-clone redis-master rabbitmq-clone galera-master openstack-cinder-volume openstack-cinder-backup" + # Ten minutes of timeout to restart each resource, given there are no constraints should be enough + TIMEOUT=600 + for resource in $PCMK_RESOURCES; do + if pcs status | grep $resource; then + pcs resource restart --wait=$TIMEOUT $resource + fi + done fi diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index 93db8666..b414747f 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -38,6 +38,14 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number StorageNetworkVlanID: default: 30 description: Vlan ID for the storage network traffic. @@ -46,6 +54,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number ManagementNetworkVlanID: default: 60 description: Vlan ID for the management network traffic. @@ -57,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -123,6 +143,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -130,6 +152,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index bea98c19..5ee9ff09 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -38,6 +38,10 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -50,6 +54,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number ManagementNetworkVlanID: default: 60 description: Vlan ID for the management network traffic. @@ -61,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -134,6 +150,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -141,6 +159,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 774bf02d..19c011eb 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -38,6 +38,10 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -46,6 +50,10 @@ parameters: default: 30 description: Vlan ID for the storage network traffic. type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number TenantNetworkVlanID: default: 50 description: Vlan ID for the tenant network traffic. @@ -61,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -134,6 +150,8 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -141,6 +159,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml index d9532439..6242e2f8 100644 --- a/network/config/bond-with-vlans/controller-no-external.yaml +++ b/network/config/bond-with-vlans/controller-no-external.yaml @@ -62,10 +62,17 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -102,6 +109,9 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} - type: ovs_bridge name: {get_input: bridge_name} @@ -148,6 +158,8 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -155,6 +167,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml index 7869ebfc..71b7e1b1 100644 --- a/network/config/bond-with-vlans/controller-v6.yaml +++ b/network/config/bond-with-vlans/controller-v6.yaml @@ -64,10 +64,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -75,6 +71,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -106,6 +110,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -134,6 +139,7 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -166,6 +172,9 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: vlan # device: bond1 @@ -173,6 +182,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index d3627ead..9917f073 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -62,10 +62,17 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -158,6 +165,9 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: vlan # device: bond1 @@ -165,6 +175,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index de9121e5..4dd6628f 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -38,6 +38,10 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -50,6 +54,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number ManagementNetworkVlanID: default: 60 description: Vlan ID for the management network traffic. @@ -61,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -134,6 +150,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -141,6 +159,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml index 84cb0f12..c31c6e65 100644 --- a/network/config/multiple-nics/ceph-storage.yaml +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -118,6 +122,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -125,6 +131,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml index 0b0218c5..4f8b7f64 100644 --- a/network/config/multiple-nics/cinder-storage.yaml +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -125,6 +129,8 @@ resources: - ip_netmask: {get_param: InternalApiIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -132,6 +138,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml index 97eef52b..77514745 100644 --- a/network/config/multiple-nics/compute.yaml +++ b/network/config/multiple-nics/compute.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -133,6 +137,8 @@ resources: # force the MAC address of the bridge to this interface primary: true # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -140,6 +146,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/controller-v6.yaml b/network/config/multiple-nics/controller-v6.yaml index b69879fb..da1f95f1 100644 --- a/network/config/multiple-nics/controller-v6.yaml +++ b/network/config/multiple-nics/controller-v6.yaml @@ -59,10 +59,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -70,6 +66,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -102,6 +106,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -150,6 +155,7 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -160,6 +166,9 @@ resources: # force the MAC address of the bridge to this interface primary: true # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: interface # name: nic7 @@ -167,6 +176,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml index 377fd116..7a1f9e5f 100644 --- a/network/config/multiple-nics/controller.yaml +++ b/network/config/multiple-nics/controller.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -155,6 +159,9 @@ resources: # force the MAC address of the bridge to this interface primary: true # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: interface # name: nic7 @@ -162,6 +169,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml index b75bbd6e..05083105 100644 --- a/network/config/multiple-nics/swift-storage.yaml +++ b/network/config/multiple-nics/swift-storage.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -125,6 +129,8 @@ resources: - ip_netmask: {get_param: InternalApiIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -132,6 +138,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml index a46d7e20..fc8e8b6f 100644 --- a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml @@ -29,6 +29,18 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number StorageNetworkVlanID: default: 30 description: Vlan ID for the storage network traffic. @@ -37,6 +49,14 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -44,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -99,6 +127,20 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: br-storage + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml index 08613a3b..6fb247ed 100644 --- a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +49,14 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -48,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -110,6 +134,20 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: br-storage + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml index b6522c67..e31720d8 100644 --- a/network/config/single-nic-linux-bridge-vlans/compute.yaml +++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -37,10 +45,18 @@ parameters: default: 30 description: Vlan ID for the storage network traffic. type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number TenantNetworkVlanID: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -48,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -81,7 +105,6 @@ resources: ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} - - ip_netmask: 0.0.0.0/0 default: true next_hop: {get_param: ControlPlaneDefaultRoute} members: @@ -111,6 +134,20 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: {get_input: bridge_name} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml new file mode 100644 index 00000000..80125149 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml @@ -0,0 +1,178 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + controller role with IPv6 on the External network. The IPv6 default + route is on the External network, and the IPv4 default route is on + the Control Plane. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + # IPv6 Default Route + - + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: {get_input: bridge_name} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml index 72105481..aef5d4e3 100644 --- a/network/config/single-nic-linux-bridge-vlans/controller.yaml +++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,10 +53,21 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -64,9 +79,6 @@ parameters: EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string resources: OsNetConfigImpl: @@ -92,8 +104,8 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - - ip_netmask: 0.0.0.0/0 default: true next_hop: {get_param: ControlPlaneDefaultRoute} members: @@ -110,8 +122,8 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - - ip_netmask: 0.0.0.0/0 default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} - @@ -142,6 +154,21 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: {get_input: bridge_name} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml index 962b9890..a5d2f966 100644 --- a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +49,14 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -48,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -110,6 +134,20 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: br-storage + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml index 80bc32d3..6fa288af 100644 --- a/network/config/single-nic-vlans/ceph-storage.yaml +++ b/network/config/single-nic-vlans/ceph-storage.yaml @@ -52,6 +52,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -106,12 +114,18 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml index e509443a..d1135776 100644 --- a/network/config/single-nic-vlans/cinder-storage.yaml +++ b/network/config/single-nic-vlans/cinder-storage.yaml @@ -56,6 +56,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -116,12 +124,18 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml index 8cf6825d..bd3cef34 100644 --- a/network/config/single-nic-vlans/compute.yaml +++ b/network/config/single-nic-vlans/compute.yaml @@ -56,6 +56,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -116,12 +124,18 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller-no-external.yaml b/network/config/single-nic-vlans/controller-no-external.yaml index eb5e1e5a..8e8b0f5d 100644 --- a/network/config/single-nic-vlans/controller-no-external.yaml +++ b/network/config/single-nic-vlans/controller-no-external.yaml @@ -5,6 +5,10 @@ description: > controller role. No external IP is configured. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -53,10 +57,28 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -69,7 +91,22 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} members: - type: interface @@ -101,12 +138,18 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller-v6.yaml b/network/config/single-nic-vlans/controller-v6.yaml index 472e539d..ecbf2efb 100644 --- a/network/config/single-nic-vlans/controller-v6.yaml +++ b/network/config/single-nic-vlans/controller-v6.yaml @@ -59,10 +59,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -70,6 +66,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -102,6 +106,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -115,9 +120,10 @@ resources: type: vlan vlan_id: {get_param: ExternalNetworkVlanID} addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} + - + ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -145,12 +151,20 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} - #- # Uncomment when including environments/network-management.yaml + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index a5a0745d..c5979a89 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -57,10 +57,17 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -137,12 +144,20 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} - #- # Uncomment when including environments/network-management.yaml + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml index efc03393..7b06580c 100644 --- a/network/config/single-nic-vlans/swift-storage.yaml +++ b/network/config/single-nic-vlans/swift-storage.yaml @@ -56,6 +56,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -116,12 +124,18 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py index 3110f3f7..964f58f7 100755 --- a/network/endpoints/build_endpoint_map.py +++ b/network/endpoints/build_endpoint_map.py @@ -30,9 +30,9 @@ import yaml (IN_FILE, OUT_FILE) = ('endpoint_data.yaml', 'endpoint_map.yaml') SUBST = (SUBST_IP_ADDRESS, SUBST_CLOUDNAME) = ('IP_ADDRESS', 'CLOUDNAME') -PARAMS = (PARAM_CLOUDNAME, PARAM_ENDPOINTMAP, PARAM_NETIPMAP, +PARAMS = (PARAM_CLOUD_ENDPOINTS, PARAM_ENDPOINTMAP, PARAM_NETIPMAP, PARAM_SERVICENETMAP) = ( - 'CloudName', 'EndpointMap', 'NetIpMap', 'ServiceNetMap') + 'CloudEndpoints', 'EndpointMap', 'NetIpMap', 'ServiceNetMap') FIELDS = (F_PORT, F_PROTOCOL, F_HOST) = ('port', 'protocol', 'host') ENDPOINT_TYPES = frozenset(['Internal', 'Public', 'Admin']) @@ -95,10 +95,11 @@ def template_parameters(config): 'via parameter_defaults in the ' 'resource registry.') - params[PARAM_CLOUDNAME] = make_parameter('string', - 'overcloud', - 'The DNS name of this cloud. ' - 'e.g. ci-overcloud.tripleo.org') + params[PARAM_CLOUD_ENDPOINTS] = make_parameter( + 'json', + {}, + ('A map containing the DNS names for the different endpoints ' + '(external, internal_api, etc.)')) return params @@ -124,7 +125,10 @@ def template_output_definition(endpoint_name, ['NetIpMap', {'get_param': ['ServiceNetMap', net_param]}]}, - SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, + SUBST_CLOUDNAME: {'get_param': + [PARAM_CLOUD_ENDPOINTS, + {'get_param': ['ServiceNetMap', + net_param]}]}, }) ]) } @@ -139,7 +143,10 @@ def template_output_definition(endpoint_name, 'params': {'NETWORK': {'get_param': ['ServiceNetMap', net_param]}}}}]}, - SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, + SUBST_CLOUDNAME: {'get_param': + [PARAM_CLOUD_ENDPOINTS, + {'get_param': ['ServiceNetMap', + net_param]}]}, }) ]) } diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index d0553117..dd29bcde 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -69,8 +69,11 @@ parameters: SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. - CloudName: {type: string, default: overcloud, description: The DNS name - of this cloud. e.g. ci-overcloud.tripleo.org} + CloudEndpoints: + type: json + default: {} + description: A map containing the DNS names for the different endpoints + (external, internal_api, etc.) outputs: endpoint_map: value: @@ -80,7 +83,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -94,7 +100,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -112,7 +121,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -132,7 +144,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -149,7 +164,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -163,7 +181,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -181,7 +202,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -201,7 +225,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -218,7 +245,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -232,7 +262,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -250,7 +283,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -270,7 +306,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -287,7 +326,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -301,7 +343,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -319,7 +364,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -339,7 +387,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -356,7 +407,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -370,7 +424,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -388,7 +445,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -408,7 +468,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -425,7 +488,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -439,7 +505,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -457,7 +526,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -477,7 +549,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -494,7 +569,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -508,7 +586,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -526,7 +607,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -547,7 +631,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -564,7 +651,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -578,7 +668,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -596,7 +689,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -617,7 +713,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -634,7 +733,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -648,7 +750,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -666,7 +771,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -687,7 +795,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -704,7 +815,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -718,7 +832,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -736,7 +853,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -757,7 +877,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -774,7 +897,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -788,7 +914,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -806,7 +935,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -827,7 +959,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -844,7 +979,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -858,7 +996,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -876,7 +1017,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -897,7 +1041,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -914,7 +1061,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -928,7 +1078,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -946,7 +1099,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -967,7 +1123,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -984,7 +1143,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -998,7 +1160,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1016,7 +1181,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1037,7 +1205,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1054,7 +1225,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1068,7 +1242,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1086,7 +1263,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1107,7 +1287,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1124,7 +1307,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1138,7 +1324,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1156,7 +1345,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1176,7 +1368,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1193,7 +1388,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1207,7 +1405,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1225,7 +1426,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1245,7 +1449,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1262,7 +1469,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1276,7 +1486,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1294,7 +1507,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1314,7 +1530,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1331,7 +1550,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1345,7 +1567,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1363,7 +1588,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1383,7 +1611,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1400,7 +1631,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1414,7 +1648,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1432,7 +1669,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1452,7 +1692,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1469,7 +1712,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1483,7 +1729,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1501,7 +1750,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1521,7 +1773,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1538,7 +1793,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1552,7 +1810,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1570,7 +1831,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1590,7 +1854,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1607,7 +1874,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1621,7 +1891,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1639,7 +1912,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1660,7 +1936,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1677,7 +1956,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1691,7 +1973,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1709,7 +1994,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1730,7 +2018,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1747,7 +2038,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1761,7 +2055,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1779,7 +2076,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1800,7 +2100,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1817,7 +2120,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1831,7 +2137,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1849,7 +2158,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1870,7 +2182,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1887,7 +2202,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1901,7 +2219,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1919,7 +2240,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1940,7 +2264,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1957,7 +2284,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1971,7 +2301,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1989,7 +2322,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2010,7 +2346,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2027,7 +2366,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2041,7 +2383,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2059,7 +2404,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2080,7 +2428,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2097,7 +2448,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2111,7 +2465,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2129,7 +2486,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2150,7 +2510,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2167,7 +2530,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2181,7 +2547,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2199,7 +2568,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2220,7 +2592,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2237,7 +2612,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2251,7 +2629,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2269,7 +2650,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2290,7 +2674,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2307,7 +2694,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2321,7 +2711,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2339,7 +2732,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2360,7 +2756,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2377,7 +2776,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2391,7 +2793,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2409,7 +2814,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2430,7 +2838,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2447,7 +2858,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2461,7 +2875,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2479,7 +2896,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2500,7 +2920,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2517,7 +2940,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2531,7 +2957,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2549,7 +2978,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2570,7 +3002,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2587,7 +3022,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2601,7 +3039,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2619,7 +3060,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2640,7 +3084,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2657,7 +3104,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2671,7 +3121,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2689,7 +3142,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2710,7 +3166,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2727,7 +3186,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2741,7 +3203,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2759,7 +3224,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2780,7 +3248,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2797,7 +3268,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2811,7 +3285,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2829,7 +3306,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2850,7 +3330,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2867,7 +3350,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2881,7 +3367,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2899,7 +3388,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2920,7 +3412,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2937,7 +3432,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2951,7 +3449,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2969,7 +3470,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2990,7 +3494,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3007,7 +3514,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3021,7 +3531,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3039,7 +3552,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3060,7 +3576,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3077,7 +3596,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3091,7 +3613,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3109,7 +3634,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3130,7 +3658,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3147,7 +3678,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3161,7 +3695,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3179,7 +3716,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3200,7 +3740,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3217,7 +3760,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3231,7 +3777,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3249,7 +3798,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3269,7 +3821,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3286,7 +3841,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3300,7 +3858,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3318,7 +3879,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3338,7 +3902,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3355,7 +3922,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3369,7 +3939,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3387,7 +3960,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3407,7 +3983,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3424,7 +4003,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3438,7 +4020,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3456,7 +4041,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3476,7 +4064,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3493,7 +4084,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3507,7 +4101,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3525,7 +4122,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3546,7 +4146,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3563,7 +4166,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3577,7 +4183,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3595,7 +4204,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3616,7 +4228,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3633,7 +4248,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3647,7 +4265,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3665,7 +4286,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3686,7 +4310,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3703,7 +4330,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3717,7 +4347,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3735,7 +4368,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3755,7 +4391,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3772,7 +4411,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3786,7 +4428,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3804,7 +4449,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3824,7 +4472,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3841,7 +4492,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3855,7 +4509,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3873,7 +4530,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3893,7 +4553,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3910,7 +4573,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3924,7 +4590,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3942,7 +4611,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3963,7 +4635,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3980,7 +4655,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3994,7 +4672,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4012,7 +4693,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4033,7 +4717,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4050,7 +4737,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4064,7 +4754,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4082,7 +4775,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4103,7 +4799,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4120,7 +4819,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4134,7 +4836,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4152,7 +4857,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4172,7 +4880,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4189,7 +4900,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4203,7 +4917,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4221,7 +4938,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4242,7 +4962,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4259,7 +4982,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4273,7 +4999,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4291,7 +5020,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4312,7 +5044,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4329,7 +5064,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4343,7 +5081,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4361,7 +5102,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4381,7 +5125,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4398,7 +5145,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4412,7 +5162,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4430,7 +5183,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4450,7 +5206,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4467,7 +5226,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4481,7 +5243,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4499,7 +5264,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4519,7 +5287,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml index 32272bd6..36f3358e 100644 --- a/network/ports/net_ip_list_map.yaml +++ b/network/ports/net_ip_list_map.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 parameters: ControlPlaneIpList: @@ -22,6 +22,12 @@ parameters: ManagementIpList: default: [] type: comma_delimited_list + EnabledServices: + default: [] + type: comma_delimited_list + ServiceNetMap: + default: {} + type: json outputs: net_ip_map: @@ -36,3 +42,32 @@ outputs: storage_mgmt: {get_param: StorageMgmtIpList} tenant: {get_param: TenantIpList} management: {get_param: ManagementIpList} + service_ips: + description: > + Map of enabled services to a list of their IP addresses + value: + yaql: + # This filters any entries where the value hasn't been substituted for + # a list, e.g it's still $service_network. This happens when there is + # no network defined for the service in the ServiceNetMap, which is OK + # as not all services have to be bound to a network, so we filter them + expression: dict($.data.map.items().where(not isString($[1]))) + data: + map: + map_replace: + - map_replace: + - map_merge: + repeat: + template: + SERVICE_node_ips: SERVICE_network + for_each: + SERVICE: {get_param: EnabledServices} + - values: {get_param: ServiceNetMap} + - values: + ctlplane: {get_param: ControlPlaneIpList} + external: {get_param: ExternalIpList} + internal_api: {get_param: InternalApiIpList} + storage: {get_param: StorageIpList} + storage_mgmt: {get_param: StorageMgmtIpList} + tenant: {get_param: TenantIpList} + management: {get_param: ManagementIpList} diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml index fea8987a..50f5c55a 100644 --- a/network/service_net_map.yaml +++ b/network/service_net_map.yaml @@ -47,6 +47,7 @@ parameters: ObjectStorageHostnameResolveNetwork: internal_api CephStorageHostnameResolveNetwork: storage PublicNetwork: external + OpenDaylightApiNetwork: internal_api description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 817ff2c8..57399210 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -130,6 +130,7 @@ resource_registry: # services OS::TripleO::Services: puppet/services/services.yaml + OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml OS::TripleO::Services::CephMon: OS::Heat::None OS::TripleO::Services::CephOSD: OS::Heat::None OS::TripleO::Services::CephClient: OS::Heat::None @@ -165,8 +166,10 @@ resource_registry: OS::TripleO::Services::NeutronCorePluginOpencontrail: puppet/services/neutron-plugin-opencontrail.yaml OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml + # ComputeNeutronOvsAgent can be overriden to puppet/services/neutron-ovs-dpdk-agent.yaml also to enable DPDK OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml OS::TripleO::Services::Pacemaker: OS::Heat::None + OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None OS::TripleO::Services::RabbitMQ: puppet/services/rabbitmq.yaml OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml @@ -217,6 +220,8 @@ resource_registry: OS::TripleO::Services::NovaIronic: OS::Heat::None OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml + OS::TripleO::Services::OpenDaylight: OS::Heat::None + OS::TripleO::Services::OpenDaylightOvs: OS::Heat::None parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.yaml b/overcloud.yaml index a4f8fee1..38a36800 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -16,6 +16,30 @@ parameters: default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string + CloudNameInternal: + default: overcloud.internalapi.localdomain + description: > + The DNS name of this cloud's internal API endpoint. E.g. + 'ci-overcloud.internalapi.tripleo.org'. + type: string + CloudNameStorage: + default: overcloud.storage.localdomain + description: > + The DNS name of this cloud's storage endpoint. E.g. + 'ci-overcloud.storage.tripleo.org'. + type: string + CloudNameStorageManagement: + default: overcloud.storagemgmt.localdomain + description: > + The DNS name of this cloud's storage management endpoint. E.g. + 'ci-overcloud.storagemgmt.tripleo.org'. + type: string + CloudNameManagement: + default: overcloud.management.localdomain + description: > + The DNS name of this cloud's storage management endpoint. E.g. + 'ci-overcloud.management.tripleo.org'. + type: string ControlFixedIPs: default: [] description: Should be used for arbitrary ips. @@ -56,6 +80,12 @@ parameters: Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json + RedisVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the virtual IP used by Redis. E.g. + [{'ip_address':'1.2.3.4'}] + type: json CloudDomain: default: 'localdomain' type: string @@ -85,11 +115,6 @@ parameters: may be implementation specific, e.g puppet hieradata. Any role specific ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig. type: json - SwiftHashSuffix: - description: A random string to be used as a salt when hashing to determine mappings in the ring. - type: string - hidden: true - # Compute-specific params ComputeCount: @@ -109,6 +134,7 @@ parameters: ControllerServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephExternal - OS::TripleO::Services::CinderApi @@ -172,6 +198,7 @@ parameters: - OS::TripleO::Services::NovaIronic - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::OpenDaylight description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -179,6 +206,7 @@ parameters: ComputeServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephClient - OS::TripleO::Services::CephExternal - OS::TripleO::Services::Timezone @@ -194,6 +222,8 @@ parameters: - OS::TripleO::Services::ComputeNeutronMetadataAgent - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::NeutronSriovAgent + - OS::TripleO::Services::OpenDaylightOvs description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -211,6 +241,7 @@ parameters: type: json BlockStorageServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CinderVolume - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -235,6 +266,7 @@ parameters: type: json ObjectStorageServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::SwiftStorage @@ -262,6 +294,7 @@ parameters: type: json CephStorageServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephOSD - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -374,7 +407,12 @@ resources: EndpointMap: type: OS::TripleO::EndpointMap properties: - CloudName: {get_param: CloudName} + CloudEndpoints: + external: {get_param: CloudName} + internal_api: {get_param: CloudNameInternal} + storage: {get_param: CloudNameStorage} + storage_mgmt: {get_param: CloudNameStorageManagement} + management: {get_param: CloudNameManagement} NetIpMap: {get_attr: [VipMap, net_ip_map]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} @@ -397,17 +435,12 @@ resources: properties: CloudDomain: {get_param: CloudDomain} controllerExtraConfig: {get_param: controllerExtraConfig} - HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} HorizonSecret: {get_resource: HorizonSecret} - MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} - MysqlRootPassword: {get_attr: [MysqlRootPassword, value]} PcsdPassword: {get_resource: PcsdPassword} - RabbitCookie: {get_attr: [RabbitCookie, value]} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} Hostname: str_replace: template: {get_param: ControllerHostnameFormat} @@ -437,9 +470,6 @@ resources: CloudDomain: {get_param: CloudDomain} NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge} NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface} - # L3 HA and Failover is not relevant for Computes, should be removed - NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} - NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} Hostname: @@ -500,7 +530,6 @@ resources: resource_def: type: OS::TripleO::ObjectStorage properties: - HashSuffix: {get_param: SwiftHashSuffix} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} Hostname: @@ -558,6 +587,8 @@ resources: StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} TenantIpList: {get_attr: [Controller, tenant_ip_address]} ManagementIpList: {get_attr: [Controller, management_ip_address]} + EnabledServices: {get_attr: [ControllerServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig @@ -578,30 +609,22 @@ resources: - list_join: - '\n' - {get_attr: [CephStorage, hosts_entry]} + enabled_services: + list_join: + - ',' + - {get_attr: [ControllerServiceChain, role_data, service_names]} + - {get_attr: [ComputeServiceChain, role_data, service_names]} + - {get_attr: [BlockStorageServiceChain, role_data, service_names]} + - {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + - {get_attr: [CephStorageServiceChain, role_data, service_names]} controller_ips: {get_attr: [Controller, ip_address]} controller_names: {get_attr: [Controller, hostname]} + service_ips: {get_attr: [ControllerIpListMap, service_ips]} + # FIXME(shardy): These require further work to move into service_ips rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RabbitmqNetwork]}]} - mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MongodbNetwork]}]} - redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]}]} memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} - mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} - horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HorizonNetwork]}]} - heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} - swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} - ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} - aodh_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} - gnocchi_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} - nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} - nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaMetadataNetwork]}]} - glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} - glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceRegistryNetwork]}]} - cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} - manila_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} - neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} - sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} - ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} ceph_mon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephPublicNetwork]}]} ceph_mon_node_names: {get_attr: [Controller, hostname]} DeployIdentifier: {get_param: DeployIdentifier} @@ -612,11 +635,6 @@ resources: properties: length: 10 - MysqlClusterUniquePart: - type: OS::Heat::RandomString - properties: - length: 10 - RabbitCookie: type: OS::Heat::RandomString properties: @@ -627,7 +645,6 @@ resources: type: OS::TripleO::DefaultPasswords properties: DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]} - DefaultMysqlClusterPassword: {get_attr: [MysqlClusterUniquePart, value]} DefaultRabbitCookie: {get_attr: [RabbitCookie, value]} DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]} DefaultPcsdPassword: {get_attr: [PcsdPassword, value]} @@ -655,6 +672,7 @@ resources: PortName: redis_virtual_ip NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]} ServiceName: redis + FixedIPs: {get_param: RedisVirtualFixedIPs} # The public VIP is on the External net, falls back to ctlplane PublicVirtualIP: @@ -739,6 +757,7 @@ resources: internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} + opendaylight_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]} storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} @@ -934,6 +953,9 @@ resources: RoleData: {get_attr: [CephStorageServiceChain, role_data]} outputs: + ManagedEndpoints: + description: Asserts that the keystone endpoints have been provisioned. + value: true KeystoneURL: description: URL for the Overcloud Keystone service value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} @@ -976,6 +998,9 @@ outputs: NovaInternalVip: description: VIP for Nova API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} + OpenDaylightInternalVip: + description: VIP for OpenDaylight API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]} SaharaInternalVip: description: VIP for Sahara API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index f1ce42b1..644c1938 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -1,57 +1,27 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'All Nodes Config for Puppet' parameters: hosts: type: comma_delimited_list + # FIXME(shardy) this can be comma_delimited_list when + # https://bugs.launchpad.net/heat/+bug/1617019 is fixed + enabled_services: + type: string controller_ips: type: comma_delimited_list + service_ips: + type: json controller_names: type: comma_delimited_list rabbit_node_ips: type: comma_delimited_list - mongo_node_ips: - type: comma_delimited_list - redis_node_ips: - type: comma_delimited_list memcache_node_ips: type: comma_delimited_list - mysql_node_ips: - type: comma_delimited_list - horizon_node_ips: - type: comma_delimited_list - heat_api_node_ips: - type: comma_delimited_list - swift_proxy_node_ips: - type: comma_delimited_list - ceilometer_api_node_ips: - type: comma_delimited_list - aodh_api_node_ips: - type: comma_delimited_list - nova_api_node_ips: - type: comma_delimited_list - nova_metadata_node_ips: - type: comma_delimited_list - glance_api_node_ips: - type: comma_delimited_list - glance_registry_node_ips: - type: comma_delimited_list - gnocchi_api_node_ips: - type: comma_delimited_list - cinder_api_node_ips: - type: comma_delimited_list - manila_api_node_ips: - type: comma_delimited_list - neutron_api_node_ips: - type: comma_delimited_list keystone_public_api_node_ips: type: comma_delimited_list keystone_admin_api_node_ips: type: comma_delimited_list - sahara_api_node_ips: - type: comma_delimited_list - ironic_api_node_ips: - type: comma_delimited_list ceph_mon_node_ips: type: comma_delimited_list ceph_mon_node_names: @@ -92,245 +62,99 @@ resources: bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip} all_nodes: mapped_data: - controller_node_ips: - list_join: - - ',' - - {get_param: controller_ips} - controller_node_names: - list_join: - - ',' - - {get_param: controller_names} - galera_node_names: - list_join: - - ',' - - {get_param: controller_names} - rabbitmq_node_ips: &rabbit_nodes_array - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: rabbit_node_ips} - mongodb_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: mongo_node_ips} - redis_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: redis_node_ips} - memcached_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: memcache_node_ips} - memcached_node_ips_v6: - str_replace: - template: "['inet6:[SERVERS_LIST]']" - params: - SERVERS_LIST: - list_join: - - "]','inet6:[" - - {get_param: memcache_node_ips} - mysql_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: mysql_node_ips} - horizon_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: horizon_node_ips} - heat_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: heat_api_node_ips} - swift_proxy_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: swift_proxy_node_ips} - ceilometer_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: ceilometer_api_node_ips} - aodh_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: aodh_api_node_ips} - gnocchi_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: gnocchi_api_node_ips} - nova_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: nova_api_node_ips} - nova_metadata_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: nova_metadata_node_ips} - glance_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: glance_api_node_ips} - glance_registry_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: glance_registry_node_ips} - cinder_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: cinder_api_node_ips} - manila_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: manila_api_node_ips} - neutron_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: neutron_api_node_ips} - # TODO: pass a `midonet_api_node_ips` var - midonet_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: neutron_api_node_ips} - keystone_public_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: keystone_public_api_node_ips} - keystone_admin_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: keystone_admin_api_node_ips} - sahara_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: sahara_api_node_ips} - ironic_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: ironic_api_node_ips} - - tripleo::profile::base::ceph::ceph_mon_initial_members: - list_join: - - ',' - - {get_param: ceph_mon_node_names} - tripleo::profile::base::ceph::ceph_mon_host: - list_join: - - ',' - - {get_param: ceph_mon_node_ips} - tripleo::profile::base::ceph::ceph_mon_host_v6: - str_replace: - template: "'[IPS_LIST]'" - params: - IPS_LIST: - list_join: - - '],[' - - {get_param: ceph_mon_node_ips} - # NOTE(gfidente): interpolation with %{} in the - # hieradata file can't be used as it returns string - ceilometer::rabbit_hosts: *rabbit_nodes_array - aodh::rabbit_hosts: *rabbit_nodes_array - cinder::rabbit_hosts: *rabbit_nodes_array - glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array - manila::rabbit_hosts: *rabbit_nodes_array - heat::rabbit_hosts: *rabbit_nodes_array - neutron::rabbit_hosts: *rabbit_nodes_array - nova::rabbit_hosts: *rabbit_nodes_array - keystone::rabbit_hosts: *rabbit_nodes_array - sahara::rabbit_hosts: *rabbit_nodes_array - ironic::rabbit_hosts: *rabbit_nodes_array + map_merge: + - enabled_services: {get_param: enabled_services} + # This writes out a mapping of service_name_enabled: 'true' + # For any services not enabled, hiera foo_enabled will + # return nil, as it's undefined + - map_merge: + repeat: + template: + # Note this must be string 'true' due to + # https://bugs.launchpad.net/heat/+bug/1617203 + SERVICE_enabled: 'true' + for_each: + SERVICE: + str_split: [',', {get_param: enabled_services}] + # provides a mapping of service_name_ips to a list of IPs + - {get_param: service_ips} + - controller_node_ips: + list_join: + - ',' + - {get_param: controller_ips} + controller_node_names: + list_join: + - ',' + - {get_param: controller_names} + galera_node_names: + list_join: + - ',' + - {get_param: controller_names} + rabbitmq_node_ips: &rabbit_nodes_array + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: rabbit_node_ips} + memcached_node_ips_v6: + str_replace: + template: "['inet6:[SERVERS_LIST]']" + params: + SERVERS_LIST: + list_join: + - "]','inet6:[" + - {get_param: memcache_node_ips} + keystone_public_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_public_api_node_ips} + keystone_admin_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_admin_api_node_ips} + tripleo::profile::base::ceph::ceph_mon_initial_members: + list_join: + - ',' + - {get_param: ceph_mon_node_names} + tripleo::profile::base::ceph::ceph_mon_host: + list_join: + - ',' + - {get_param: ceph_mon_node_ips} + tripleo::profile::base::ceph::ceph_mon_host_v6: + str_replace: + template: "'[IPS_LIST]'" + params: + IPS_LIST: + list_join: + - '],[' + - {get_param: ceph_mon_node_ips} + # NOTE(gfidente): interpolation with %{} in the + # hieradata file can't be used as it returns string + ceilometer::rabbit_hosts: *rabbit_nodes_array + aodh::rabbit_hosts: *rabbit_nodes_array + cinder::rabbit_hosts: *rabbit_nodes_array + glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array + manila::rabbit_hosts: *rabbit_nodes_array + heat::rabbit_hosts: *rabbit_nodes_array + neutron::rabbit_hosts: *rabbit_nodes_array + nova::rabbit_hosts: *rabbit_nodes_array + keystone::rabbit_hosts: *rabbit_nodes_array + sahara::rabbit_hosts: *rabbit_nodes_array + ironic::rabbit_hosts: *rabbit_nodes_array - deploy_identifier: {get_param: DeployIdentifier} - update_identifier: {get_param: UpdateIdentifier} - stack_action: {get_param: StackAction} + deploy_identifier: {get_param: DeployIdentifier} + update_identifier: {get_param: UpdateIdentifier} + stack_action: {get_param: StackAction} outputs: config_id: diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index 70baeb6e..a83e0cfe 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -38,6 +38,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index de5a9c39..829456b5 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -231,22 +231,6 @@ resources: server: {get_resource: CephStorage} input_values: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - ceph_cluster_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} - ceph_public_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} CephStorageConfig: type: OS::Heat::StructuredConfig @@ -261,8 +245,6 @@ resources: - extraconfig - service_names - service_configs - - ceph_cluster # provided by CephClusterConfig - - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' merge_behavior: deeper @@ -282,8 +264,6 @@ resources: ceph: mapped_data: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index c3dd403e..6416c43e 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -37,6 +37,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 9bf00761..ef3f08ff 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -106,7 +106,7 @@ resources: properties: image: {get_param: BlockStorageImage} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudBlockStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -234,18 +234,6 @@ resources: input_values: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - cinder_iscsi_ip_address: - str_replace: - template: "'IP'" - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles @@ -281,8 +269,6 @@ resources: mapped_data: {get_param: ExtraConfig} volume: mapped_data: - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index c1b37772..d0c6082c 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -38,6 +38,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index c6dc94d6..1790aa0d 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -42,9 +42,6 @@ parameters: NodeIndex: type: number default: 0 - NovaApiHost: - type: string - default: '' # Has to be here because of the ignored empty value bug NovaComputeExtraConfig: default: {} description: | @@ -54,9 +51,6 @@ parameters: NovaComputeIPs: default: {} type: json - NovaPublicIP: - type: string - default: '' # Has to be here because of the ignored empty value bug ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -264,7 +258,6 @@ resources: - service_names - service_configs - compute - - ceph_cluster # provided by CephClusterConfig - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre @@ -272,6 +265,7 @@ resources: - nova_nuage_data # Optionally provided by ComputeExtraConfigPre - midonet_data # Optionally provided by AllNodesExtraConfig - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre + - cisco_aci_data # Optionally provided by ComputeExtraConfigPre merge_behavior: deeper datafiles: service_names: @@ -288,11 +282,6 @@ resources: mapped_data: {get_param: ExtraConfig} compute: mapped_data: - nova_api_host: {get_input: nova_api_host} - nova::compute::vncproxy_host: {get_input: nova_public_ip} - nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} - neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} - tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} NovaComputeDeployment: @@ -303,10 +292,6 @@ resources: config: {get_resource: NovaComputeConfig} server: {get_resource: NovaCompute} input_values: - nova_public_ip: {get_param: NovaPublicIP} - nova_api_host: {get_param: NovaApiHost} - nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} - neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Resource for site-specific injection of root certificate diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index 5116cac7..b313f5de 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -23,6 +23,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result config: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index cadba703..811c544d 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -23,6 +23,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result config: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index c38057d9..28fd08da 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -4,14 +4,6 @@ description: > OpenStack controller node configured by Puppet. parameters: - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - AodhPassword: - description: The password for the aodh services. - type: string - hidden: true controllerExtraConfig: default: {} description: | @@ -31,10 +23,6 @@ parameters: ... } type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string CorosyncIPv6: default: false description: Enable IPv6 in Corosync @@ -47,10 +35,6 @@ parameters: default: false description: Whether to enable fencing in Pacemaker or not. type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean EnableLoadBalancer: default: true description: Whether to deploy a LoadBalancer on the Controller @@ -99,21 +83,6 @@ parameters: type: string constraints: - custom_constraint: nova.flavor - HAProxyStatsPassword: - description: Password for HAProxy stats endpoint - type: string - HAProxyStatsUser: - description: User for HAProxy stats endpoint - default: admin - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string - HeatAuthEncryptionKey: - description: Auth encryption key for heat-engine - type: string - hidden: true HorizonSecret: description: Secret key for Django type: string @@ -149,31 +118,6 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean - MysqlClusterUniquePart: - description: A unique identifier of the MySQL cluster the controller is in. - type: string - default: 'unset' # Has to be here because of the ignored empty value bug - # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446 - # constraints: - # - length: {min: 4, max: 10} - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - MysqlClustercheckPassword: - type: string - hidden: true - MysqlRootPassword: - type: string - hidden: true - default: '' # Has to be here because of the ignored empty value bug NeutronMetadataProxySharedSecret: description: Shared secret to prevent spoofing type: string @@ -203,34 +147,6 @@ parameters: type: string description: The password for the 'pcsd' user. hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - RabbitCookie: - type: string - default: '' # Has to be here because of the ignored empty value bug - hidden: true - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number RedisPassword: description: The password for Redis type: string @@ -242,18 +158,14 @@ parameters: type: string default: '' # Has to be here because of the ignored empty value bug description: An IP address which is wrapped in brackets in case of IPv6 - SwiftHashSuffix: - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level default: '' - MysqlVirtualIP: - type: string - default: '' ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -480,42 +392,16 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - haproxy_log_address: {get_param: HAProxySyslogAddress} - haproxy_stats_password: {get_param: HAProxyStatsPassword} - haproxy_stats_user: {get_param: HAProxyStatsUser} - heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} horizon_secret: {get_param: HorizonSecret} - admin_password: {get_param: AdminPassword} debug: {get_param: Debug} keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } enable_fencing: {get_param: EnableFencing} - enable_galera: {get_param: EnableGalera} enable_load_balancer: {get_param: EnableLoadBalancer} manage_firewall: {get_param: ManageFirewall} purge_firewall_rules: {get_param: PurgeFirewallRules} - mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} - mysql_max_connections: {get_param: MysqlMaxConnections} - mysql_root_password: {get_param: MysqlRootPassword} - mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} - mysql_cluster_name: - str_replace: - template: tripleo-CLUSTER - params: - CLUSTER: {get_param: MysqlClusterUniquePart} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } - aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } - aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] } - ceilometer_coordination_url: - list_join: - - '' - - - 'redis://:' - - {get_param: RedisPassword} - - '@' - - {get_param: RedisVirtualIPUri} - - ':6379/' nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} @@ -525,43 +411,9 @@ resources: instance_name_template: {get_param: InstanceNameTemplate} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_cookie: {get_param: RabbitCookie} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} - swift_hash_suffix: {get_param: SwiftHashSuffix} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: - str_replace: - template: "'IP'" - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]} - cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} - heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongodbNetwork]}]} neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} - ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} @@ -577,30 +429,7 @@ resources: template: "NETWORK_subnet" params: NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} - rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitmqNetwork]}]} - redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} - sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} - memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - mysql_virtual_ip: {get_param: MysqlVirtualIP} - ceph_cluster_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} - ceph_public_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} - ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles @@ -619,8 +448,6 @@ resources: - service_names - controller - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - - ceph_cluster # provided by CephClusterConfig - - ceph - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by vip-config @@ -632,6 +459,7 @@ resources: - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig + - cisco_aci_data # Optionally provided by ControllerExtraConfigPre merge_behavior: deeper datafiles: service_names: @@ -649,11 +477,6 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - ceph: - mapped_data: - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} - ceph::profile::params::public_addr: {get_input: ceph_public_ip} controller: mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} @@ -665,78 +488,17 @@ resources: corosync_ipv6: {get_input: corosync_ipv6} tripleo::fencing::config: {get_input: fencing_config} - # Swift - # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml - swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} - swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - swift::swift_hash_path_suffix: {get_input: swift_hash_suffix} - - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} - cinder::api::bind_host: {get_input: cinder_api_network} - - # Glance - glance::api::bind_host: {get_input: glance_api_network} - glance::registry::bind_host: {get_input: glance_registry_network} - - # Heat - heat::api::bind_host: {get_input: heat_api_network} - heat::api_cloudwatch::bind_host: {get_input: heat_api_network} - heat::api_cfn::bind_host: {get_input: heat_api_network} - heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} - - # Keystone - keystone::admin_bind_host: {get_input: keystone_admin_api_network} - keystone::public_bind_host: {get_input: keystone_public_api_network} - keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network} - keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network} - - # Manila - manila::api::bind_host: {get_input: manila_api_network} - - # MongoDB - mongodb::server::bind_ip: {get_input: mongo_db_network} - - # MySQL - admin_password: {get_input: admin_password} - enable_galera: {get_input: enable_galera} - mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} - mysql_max_connections: {get_input: mysql_max_connections} - mysql::server::root_password: {get_input: mysql_root_password} - mysql_clustercheck_password: {get_input: mysql_clustercheck_password} - mysql_cluster_name: {get_input: mysql_cluster_name} - mysql_bind_host: {get_input: mysql_network} - mysql_virtual_ip: {get_input: mysql_virtual_ip} - # Neutron neutron::bind_host: {get_input: neutron_api_network} - neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - - # Aodh - aodh::api::host: {get_input: aodh_api_network} - aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} - - # Ceilometer - ceilometer::api::host: {get_input: ceilometer_api_network} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - # Gnocchi - gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network} - gnocchi::api::host: {get_input: gnocchi_api_network} - gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri} - gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri} - gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri} - # Nova nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova::use_ipv6: {get_input: nova_ipv6} - nova::api::auth_uri: {get_input: keystone_auth_uri} - nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} - nova::api::admin_password: {get_input: nova_password} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} @@ -751,32 +513,14 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} - # Sahara - sahara::host: {get_input: sahara_api_network} - - # RabbitMQ - rabbitmq::node_ip_address: {get_input: rabbitmq_network} - rabbitmq::erlang_cookie: {get_input: rabbit_cookie} # Redis - redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} # Firewall tripleo::firewall::manage_firewall: {get_input: manage_firewall} tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules} # Misc memcached_ipv6: {get_input: memcached_ipv6} - memcached::listen_ip: {get_input: memcached_network} - control_virtual_interface: {get_input: control_virtual_interface} - public_virtual_interface: {get_input: public_virtual_interface} - tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} - tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user} - tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password} - tripleo::haproxy::redis_password: {get_input: redis_password} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata @@ -893,7 +637,14 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: IP: get_attr: diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml index b85cfe71..4308052b 100644 --- a/puppet/services/aodh-api.yaml +++ b/puppet/services/aodh-api.yaml @@ -37,12 +37,18 @@ outputs: - get_attr: [AodhBase, role_data, config_settings] - aodh::wsgi::apache::ssl: false aodh::api::service_name: 'httpd' - aodh::api::keystone_tenant: 'service' - - tripleo.aodh_api.firewall_rules: + tripleo.aodh_api.firewall_rules: '128 aodh-api': dport: - 8042 - 13042 - + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + aodh::api::host: {get_param: [ServiceNetMap, AodhApiNetwork]} + aodh::wsgi::apache::bind_host: {get_param: [ServiceNetMap, AodhApiNetwork]} step_config: | include tripleo::profile::base::aodh::api diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 603b2d82..15f81953 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -82,9 +82,10 @@ outputs: aodh::rabbit_password: {get_param: RabbitPassword} aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL} aodh::rabbit_port: {get_param: RabbitClientPort} - aodh::api::keystone_password: {get_param: AodhPassword} - aodh::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - aodh::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + aodh::keystone::authtoken::project_name: 'service' + aodh::keystone::authtoken::password: {get_param: AodhPassword} + aodh::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } aodh::auth::auth_password: {get_param: AodhPassword} aodh::keystone::auth::public_url: {get_param: [EndpointMap, AodhPublic, uri]} aodh::keystone::auth::internal_url: {get_param: [EndpointMap, AodhInternal, uri]} diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml new file mode 100644 index 00000000..1a534156 --- /dev/null +++ b/puppet/services/ca-certs.yaml @@ -0,0 +1,35 @@ +heat_template_version: 2016-04-08 + +description: > + HAproxy service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + CAMap: + description: > + Map containing the CA certs and information needed for deploying them. + default: {} + type: json + +outputs: + role_data: + description: Role data for injecting CA certificates. + value: + service_name: ca_certs + config_settings: + tripleo::trusted_cas::ca_map: {get_param: CAMap} + step_config: | + include ::tripleo::trusted_cas diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index b9f021e3..201a2b7b 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -41,6 +41,15 @@ outputs: dport: - 8777 - 13777 - - ceilometer::api::keystone_tenant: 'service' + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + - ceilometer::api::service_name: 'httpd' + ceilometer::api::host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::wsgi::apache::ssl: false step_config: | include ::tripleo::profile::base::ceilometer::api diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 1a65a595..62fdd5c1 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -91,9 +91,10 @@ outputs: ceilometer::metering_secret: {get_param: CeilometerMeteringSecret} # we include db_sync class in puppet-tripleo ceilometer::db::sync_db: false - ceilometer::api::keystone_password: {get_param: CeilometerPassword} - ceilometer::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - ceilometer::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + ceilometer::keystone::authtoken::project_name: 'service' + ceilometer::keystone::authtoken::password: {get_param: CeilometerPassword} + ceilometer::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ceilometer::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword} ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents} diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 415b77b6..4d98546d 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -4,7 +4,9 @@ description: > Ceph base service. Shared by all Ceph services. parameters: + # NOTE(gfidente): needs a default to cope with external Ceph deployments were we don't pass (and need) an Admin key CephAdminKey: + default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true @@ -77,6 +79,22 @@ outputs: ceph::profile::params::manage_repo: false ceph::profile::params::authentication_type: cephx ceph::profile::params::fsid: {get_param: CephClusterFSID} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ceph::profile::params::cluster_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} + ceph::profile::params::public_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} + ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephPublicNetwork]} ceph::profile::params::client_keys: str_replace: template: "{ diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 5ff99dd2..5df0739f 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -78,5 +78,11 @@ outputs: dport: - 8776 - 13776 + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + cinder::api::bind_host: {get_param: [ServiceNetMap, CinderApiNetwork]} step_config: | include ::tripleo::profile::base::cinder::api diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml index 5dab466e..de7e6bab 100644 --- a/puppet/services/cinder-volume.yaml +++ b/puppet/services/cinder-volume.yaml @@ -90,5 +90,15 @@ outputs: tripleo.cinder_volume.firewall_rules: '120 iscsi initiator': dport: 3260 + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: + str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]} step_config: | include ::tripleo::profile::base::cinder::volume diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml index b6eb4803..36962a34 100644 --- a/puppet/services/database/mongodb.yaml +++ b/puppet/services/database/mongodb.yaml @@ -45,5 +45,12 @@ outputs: dport: 27018 '103 mongod': dport: 27017 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + mongodb::server::bind_ip: {get_param: [ServiceNetMap, MongodbNetwork]} step_config: | include ::tripleo::profile::base::database::mongodb diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml index 8d2185f6..b0eea481 100644 --- a/puppet/services/database/mysql.yaml +++ b/puppet/services/database/mysql.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > MySQL service deployment using puppet @@ -19,6 +19,21 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MysqlMaxConnections: + description: Configures MySQL max_connections config setting + type: number + default: 4096 + MysqlRootPassword: + type: string + hidden: true + default: '' + MysqlClustercheckPassword: + type: string + hidden: true + EnableGalera: + default: true + description: Whether to use Galera instead of regular MariaDB. + type: boolean outputs: role_data: @@ -42,5 +57,22 @@ outputs: - 4567 - 4568 - 9200 + mysql_max_connections: {get_param: MysqlMaxConnections} + mysql::server::root_password: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: MysqlRootPassword} + - {get_param: [DefaultPasswords, mysql_root_password]} + mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} + enable_galera: {get_param: EnableGalera} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]} step_config: | include ::tripleo::profile::base::database::mysql diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index 301b2bb1..4ed3c007 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -32,8 +32,13 @@ outputs: redis::requirepass: {get_param: RedisPassword} redis::masterauth: {get_param: RedisPassword} redis::sentinel_auth_pass: {get_param: RedisPassword} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + redis::bind: {get_param: [ServiceNetMap, RedisNetwork]} redis::port: 6379 redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' - tripleo::loadbalancer::redis_password: {get_param: RedisPassword} diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 4954119f..d2376af3 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -131,6 +131,12 @@ outputs: glance::api::keystone_tenant: 'service' glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true - + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]} step_config: | include ::tripleo::profile::base::glance::api diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index d8861f70..06ef9379 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -66,5 +66,12 @@ outputs: '112 glance_registry': dport: - 9191 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + glance::registry::bind_host: {get_param: [ServiceNetMap, GlanceRegistryNetwork]} step_config: | include ::tripleo::profile::base::glance::registry diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index bc217743..ec42f3f5 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -23,7 +23,7 @@ parameters: type: string hidden: true GnocchiBackend: - default: file + default: swift description: The short name of the Gnocchi backend to use. Should be one of swift, rbd, or file type: string @@ -56,7 +56,6 @@ outputs: - 8041 - 13041 gnocchi::api::enabled: true - gnocchi::api::manage_service: false gnocchi::api::service_name: 'httpd' gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} @@ -70,5 +69,17 @@ outputs: gnocchi::keystone::authtoken::project_name: 'service' gnocchi::wsgi::apache::ssl: false tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]} + gnocchi::api::host: {get_param: [ServiceNetMap, GnocchiApiNetwork]} + + gnocchi::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + gnocchi::api::keystone_identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + gnocchi::storage::swift::swift_authurl: {get_param: [EndpointMap, KeystoneInternal, uri]} step_config: | include ::tripleo::profile::base::gnocchi::api diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index ac5a17ca..9f114ac4 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -40,6 +40,10 @@ parameters: description: The password for the redis service account. type: string hidden: true + Debug: + type: string + default: '' + description: Set to True to enable debugging on all services. outputs: aux_parameters: @@ -52,7 +56,7 @@ outputs: service_name: gnocchi_base config_settings: #Gnocchi engine - gnocchi::debug: {get_input: debug} + gnocchi::debug: {get_param: Debug} gnocchi::db::database_connection: list_join: - '' @@ -85,7 +89,6 @@ outputs: - {get_param: CephClientUserName} - 'keyring' #Gnocchi statsd - gnocchi::statsd::manage_service: false gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26' gnocchi::statsd::user_id: '27c0d3f8-e7ee-42f0-8317-72237d1c5ae3' gnocchi::statsd::project_id: '6c38cd8d-099a-4cb2-aecf-17be688e8616' diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index df342ebd..205d0552 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -35,6 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::metricd::manage_service: false step_config: | include ::tripleo::profile::base::gnocchi::metricd diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index b6e63bf3..018ad2b1 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -35,6 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::statsd::manage_service: false step_config: | include ::tripleo::profile::base::gnocchi::statsd diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 00574c2f..6885449e 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -18,6 +18,32 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + hidden: true + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + RedisPassword: + description: The password for Redis + type: string + hidden: true + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: @@ -29,25 +55,32 @@ outputs: '107 haproxy stats': dport: 1993 # TODO(emilien) make it composable to find which services are actually running - tripleo::haproxy::keystone_admin: true - tripleo::haproxy::keystone_public: true - tripleo::haproxy::neutron: true - tripleo::haproxy::cinder: true - tripleo::haproxy::glance_api: true - tripleo::haproxy::glance_registry: true - tripleo::haproxy::nova_osapi: true - tripleo::haproxy::nova_metadata: true - tripleo::haproxy::nova_novncproxy: true + tripleo::haproxy::keystone_admin: '"%{hiera(\"keystone_enabled\")}"' + tripleo::haproxy::keystone_public: '"%{hiera(\"keystone_enabled\")}"' + tripleo::haproxy::neutron: '"%{hiera(\"neutron_api_enabled\")}"' + tripleo::haproxy::cinder: '"%{hiera(\"cinder_api_enabled\")}"' + tripleo::haproxy::glance_api: '"%{hiera(\"glance_api_enabled\")}"' + tripleo::haproxy::glance_registry: '"%{hiera(\"glance_registry_enabled\")}"' + tripleo::haproxy::nova_osapi: '"%{hiera(\"nova_api_enabled\")}"' + tripleo::haproxy::nova_metadata: '"%{hiera(\"nova_api_enabled\")}"' + tripleo::haproxy::nova_novncproxy: '"%{hiera(\"nova_vncproxy_enabled\")}"' tripleo::haproxy::mysql: true - tripleo::haproxy::redis: true - tripleo::haproxy::sahara: true - tripleo::haproxy::swift_proxy_server: true - tripleo::haproxy::ceilometer: true - tripleo::haproxy::aodh: true - tripleo::haproxy::gnocchi: true - tripleo::haproxy::heat_api: true - tripleo::haproxy::heat_cloudwatch: true - tripleo::haproxy::heat_cfn: true - tripleo::haproxy::horizon: true + tripleo::haproxy::redis: '"%{hiera(\"redis_enabled\")}"' + tripleo::haproxy::sahara: '"%{hiera(\"sahara_api_enabled\")}"' + tripleo::haproxy::swift_proxy_server: '"%{hiera(\"swift_proxy_enabled\")}"' + tripleo::haproxy::ceilometer: '"%{hiera(\"ceilometer_api_enabled\")}"' + tripleo::haproxy::aodh: '"%{hiera(\"aodh_api_enabled\")}"' + tripleo::haproxy::gnocchi: '"%{hiera(\"gnocchi_api_enabled\")}"' + tripleo::haproxy::heat_api: '"%{hiera(\"heat_api_enabled\")}"' + tripleo::haproxy::heat_cloudwatch: '"%{hiera(\"heat_api_cloudwatch_enabled\")}"' + tripleo::haproxy::heat_cfn: '"%{hiera(\"heat_api_cfn_enabled\")}"' + tripleo::haproxy::horizon: '"%{hiera(\"horizon_enabled\")}"' + tripleo::haproxy::ironic: '"%{hiera(\"ironic_api_enabled\")}"' + tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} + tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} + tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} + tripleo::haproxy::redis_password: {get_param: RedisPassword} + tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::haproxy diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index 4f8900aa..a15ea32d 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -59,5 +59,12 @@ outputs: dport: - 8000 - 13800 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + heat::api_cfn::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]} step_config: | include ::tripleo::profile::base::heat::api_cfn diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index 7a09aad0..6d645ee7 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -45,5 +45,12 @@ outputs: dport: - 8003 - 13003 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + heat::api_cloudwatch::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]} step_config: | include ::tripleo::profile::base::heat::api_cloudwatch diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index 3a5d2a13..ec3b0e37 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -59,5 +59,12 @@ outputs: dport: - 8004 - 13004 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + heat::api::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]} step_config: | include ::tripleo::profile::base::heat::api diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index fba80c5d..b230ec1d 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > Openstack Heat Engine service configured with Puppet @@ -35,6 +35,11 @@ parameters: description: Password for heat_stack_domain_admin user. type: string hidden: true + HeatAuthEncryptionKey: + description: Auth encryption key for heat-engine + type: string + hidden: true + default: '' resources: HeatBase: @@ -76,5 +81,12 @@ outputs: heat::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + heat::engine::auth_encryption_key: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: HeatAuthEncryptionKey} + - {get_param: [DefaultPasswords, heat_auth_encryption_key]} step_config: | include ::tripleo::profile::base::heat::engine diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index e185630e..d0516e1b 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -45,11 +45,12 @@ outputs: # the TFTP server IP in ironic-conductor.yaml as it should not be # the VIP, but rather a real IP of the controller. - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} - ironic::api::admin_password: {get_param: IronicPassword} - ironic::api::admin_tenant_name: 'service' - ironic::api::admin_user: 'ironic' - ironic::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - ironic::api::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ironic::api::authtoken::password: {get_param: IronicPassword} + ironic::api::authtoken::project_name: 'service' + ironic::api::authtoken::username: 'ironic' + ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ironic::api::host_ip: {get_input: ironic_api_network} ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} # This is used to build links in responses ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} @@ -59,5 +60,10 @@ outputs: ironic::keystone::auth::auth_name: 'ironic' ironic::keystone::auth::password: {get_param: IronicPassword } ironic::keystone::auth::tenant: 'service' + tripleo.ironic_api.firewall_rules: + '133 ironic api': + dport: + - 6385 + - 13385 step_config: | include ::tripleo::profile::base::ironic::api diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index 9bc86a2c..27479f79 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -41,10 +41,15 @@ outputs: - get_attr: [IronicBase, role_data, config_settings] # FIXME: I have no idea why neutron_url is in "api" manifest - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} ironic::enabled_drivers: {get_param: IronicEnabledDrivers} # Prevent tftp_server from defaulting to my_ip setting, which is # controller VIP, not a real IP. ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} + tripleo.ironic_conductor.firewall_rules: + '134 ironic conductor TFTP': + dport: 69 + proto: udp step_config: | include ::tripleo::profile::base::ironic::conductor diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index c8c977c6..b783345b 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -18,11 +18,24 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: description: Role data for the Keepalived role. value: service_name: keepalived + config_settings: + tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::keepalived diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 0a5193df..c763c391 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -149,5 +149,16 @@ outputs: - 13000 - 35357 - 13357 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + # NOTE: this applies to all 4 bind IP settings below... + keystone::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]} + keystone::public_bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]} + keystone::wsgi::apache::bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]} + keystone::wsgi::apache::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]} step_config: | include ::tripleo::profile::base::keystone diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 8b456af5..b3987747 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -43,9 +43,10 @@ outputs: config_settings: map_merge: - get_attr: [ManilaBase, role_data, config_settings] - - manila::api::keystone_password: {get_param: ManilaPassword} - manila::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - manila::api::keystone_auth_host: {get_param: [EndpointMap, ManilaInternal, host]} + - manila::keystone::authtoken::password: {get_param: ManilaPassword} + manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + manila::keystone::authtoken::project_name: 'service' manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]} manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]} manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]} @@ -54,7 +55,13 @@ outputs: manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]} manila::keystone::auth::password: {get_param: ManilaPassword } manila::keystone::auth::region: {get_param: KeystoneRegion } - manila::api::keystone_tenant: 'service' + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + manila::api::bind_host: {get_param: [ServiceNetMap, ManilaApiNetwork]} step_config: | include ::tripleo::profile::base::manila::api diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml index 59c639e8..3b47261e 100644 --- a/puppet/services/memcached.yaml +++ b/puppet/services/memcached.yaml @@ -25,6 +25,12 @@ outputs: value: service_name: memcached config_settings: + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + memcached::listen_ip: {get_param: [ServiceNetMap, MemcachedNetwork]} tripleo.memcached.firewall_rules: '121 memcached': dport: 11211 diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index ed2dbd0e..513cb2d4 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -18,10 +18,19 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NeutronEnableMetadataNetwork: + default: false + description: If True, DHCP provide metadata network. Requires either + IsolatedMetadata or ForceMetadata parameters to also be True. + type: boolean NeutronEnableIsolatedMetadata: - default: 'False' + default: false description: If True, DHCP provide metadata route to VM. - type: string + type: boolean + NeutronEnableForceMetadata: + default: false + description: If True, DHCP always provides metadata route to VM. + type: boolean resources: @@ -41,6 +50,8 @@ outputs: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} + neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata} + neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork} tripleo.neutron_dhcp.firewall_rules: '115 neutron dhcp input': proto: 'udp' diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 7520f6f6..1b19f90f 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -48,6 +48,11 @@ parameters: description: | Enable support for distributed routing in the OVS Agent. type: boolean + NeutronEnableARPResponder: + default: false + description: | + Enable ARP responder feature in the OVS Agent. + type: boolean resources: @@ -68,6 +73,7 @@ outputs: - get_attr: [NeutronBase, role_data, config_settings] neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} + neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder} neutron::agents::ml2::ovs::bridge_mappings: str_replace: template: MAPPINGS @@ -83,5 +89,12 @@ outputs: template: AGENT_EXTENSIONS params: AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]} step_config: | include ::tripleo::profile::base::neutron::ovs diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml new file mode 100644 index 00000000..1f1e14ab --- /dev/null +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -0,0 +1,73 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron OVS DPDK configured with Puppet for Compute Role + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NeutronDpdkCoreList: + default: "" + description: List of cores to be used for DPDK Poll Mode Driver + type: string + NeutronDpdkMemoryChannels: + default: "" + description: Number of memory channels to be used for DPDK + type: string + NeutronDpdkSocketMemory: + default: "" + description: Memory allocated for each socket + type: string + NeutronDpdkDriverType: + default: "vfio-pci" + description: DPDK Driver type + type: string + # below parameters has to be set in neutron agent only for compute nodes. + # as of now there is no other usecase for these parameters except dpdk. + # should be moved to compute only ovs agent in case of any other usecases. + NeutronDatapathType: + default: "" + description: Datapath type for ovs bridges + type: string + NeutronVhostuserSocketDir: + default: "" + description: The vhost-user socket directory for OVS + type: string + +resources: + + NeutronOvsAgent: + type: ./neutron-ovs-agent.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Neutron OVS DPDK Agent service. + value: + service_name: neutron_ovs_dpdk_agent + config_settings: + map_merge: + - get_attr: [NeutronOvsAgent, role_data, config_settings] + neutron::agents::ml2::ovs::enable_dpdk: true + neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType} + neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir} + vswitch::dpdk::core_list: {get_param: NeutronDpdkCoreList} + vswitch::dpdk::memory_channels: {get_param: NeutronDpdkMemoryChannels} + vswitch::dpdk::socket_mem: {get_param: NeutronDpdkSocketMemory} + vswitch::dpdk::driver_type: {get_param: NeutronDpdkDriverType} + step_config: {get_attr: [NeutronOvsAgent, role_data, step_config]} diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 165b9687..5dbae3dc 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -60,7 +60,12 @@ parameters: default: 'vxlan' description: The tenant network type for Neutron. type: comma_delimited_list - + NeutronSupportedPCIVendorDevs: + description: | + List of supported pci vendor devices in the format VendorID:ProductID. + By default Intel & Mellanox SR-IOV capable NICs are supported. + type: comma_delimited_list + default: ['15b3:1004','8086:10ca'] resources: NeutronBase: @@ -118,6 +123,7 @@ outputs: template: TYPES params: TYPES: {get_param: NeutronNetworkType} + neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs} step_config: | include ::tripleo::profile::base::neutron::plugins::ml2 diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml new file mode 100644 index 00000000..559500df --- /dev/null +++ b/puppet/services/neutron-sriov-agent.yaml @@ -0,0 +1,58 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron SR-IOV nic agent configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: > + Mapping of service_name -> network name. Typically set via + parameter_defaults in the resource registry. This mapping overrides those + in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + NeutronPhysicalDevMappings: + description: > + List of <physical_network>:<physical device> + All physical networks listed in network_vlan_ranges + on the server should have mappings to appropriate + interfaces on each agent. + type: comma_delimited_list + default: "" + NeutronExcludeDevices: + description: > + List of <network_device>:<excluded_devices> mapping + network_device to the agent's node-specific list of virtual functions + that should not be used for virtual networking. excluded_devices is a + semicolon separated list of virtual functions to exclude from + network_device. The network_device in the mapping should appear in the + physical_device_mappings list. + type: comma_delimited_list + default: "" + NeutronSriovNumVFs: + description: > + Provide the list of VFs to be reserved for each SR-IOV interface. + Format "<interface_name1>:<numvfs1>","<interface_name2>:<numvfs2>" + Example "eth1:4096","eth2:128" + type: comma_delimited_list + default: "" + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the Neutron SR-IOV nic agent service. + value: + service_name: neutron_sriov_agent + config_settings: + neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} + neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} + neutron::agents::ml2::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} + step_config: | + include ::tripleo::profile::base::neutron::sriov diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index 143c0619..c2bd395e 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -61,7 +61,10 @@ outputs: - 8774 - 13774 - 8775 - nova::api::admin_tenant_name: 'service' + nova::keystone::authtoken::project_name: 'service' + nova::keystone::authtoken::password: {get_param: NovaPassword} + nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} nova::api::enabled: true nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 1a473a4e..6bc1c187 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -40,6 +40,26 @@ parameters: default: '' description: Libvirt VIF driver configuration for the network type: string + NovaPCIPassthrough: + description: > + List of PCI Passthrough whitelist parameters. + Example - + NovaPCIPassthrough: + - vendor_id: "8086" + product_id: "154c" + address: "0000:05:00.0" + physical_network: "datacentre" + For different formats, refer to the nova.conf documentation for + pci_passthrough_whitelist configuration + type: json + default: '' + NovaVcpuPinSet: + description: > + A list or range of physical CPU cores to reserve for virtual machine + processes. + Ex. NovaVcpuPinSet: ['4-12','^8'] will reserve cores from 4-12 excluding 8 + type: comma_delimited_list + default: [] resources: NovaBase: @@ -58,6 +78,12 @@ outputs: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::compute::libvirt::manage_libvirt_services: false + nova::compute::pci_passthrough: + str_replace: + template: "'JSON_PARAM'" + params: + JSON_PARAM: {get_param: NovaPCIPassthrough} + nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet} # we manage migration in nova common puppet profile nova::compute::libvirt::migration_support: false tripleo::profile::base::nova::manage_migration: true @@ -88,7 +114,14 @@ outputs: # example openvswitch. nova::compute::reserved_host_memory: 2048 nova::compute::neutron::libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver} - + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + nova::compute::vncserver_proxyclient_address: {get_param: [ServiceNetMap, NovaVncProxyNetwork]} + nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host]} step_config: | # TODO(emilien): figure how to deal with libvirt profile. # We'll probably treat it like we do with Neutron plugins. diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index 78ff008b..c8f2591d 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -18,6 +18,17 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NovaSchedulerAvailableFilters: + default: [] + description: List of scheduler available filters + type: comma_delimited_list + NovaSchedulerDefaultFilters: + type: comma_delimited_list + default: [] + description: > + An array of filters used by Nova to filter a node.These filters will be + applied in the order they are listed, so place your most restrictive + filters first to make the filtering process more efficient. resources: NovaBase: @@ -36,5 +47,7 @@ outputs: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::scheduler::filter::ram_allocation_ratio: '1.0' + nova::scheduler::filter::scheduler_available_filters: {get_param: NovaSchedulerAvailableFilters} + nova::scheduler::filter::scheduler_default_filters: {get_param: NovaSchedulerDefaultFilters} step_config: | include tripleo::profile::base::nova::scheduler diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml new file mode 100644 index 00000000..64dd7663 --- /dev/null +++ b/puppet/services/opendaylight-api.yaml @@ -0,0 +1,81 @@ +heat_template_version: 2016-04-08 + +description: > + OpenDaylight SDN Controller. + +parameters: + OpenDaylightPort: + default: 8081 + description: Set opendaylight service port + type: number + EnableOpenDaylightOnController: + default: false + description: Whether to install OpenDaylight on control nodes. + type: boolean + OpenDaylightUsername: + default: 'admin' + description: The username for the opendaylight server. + type: string + OpenDaylightPassword: + default: 'admin' + type: string + description: The password for the opendaylight server. + hidden: true + OpenDaylightEnableL3: + description: Knob to enable/disable ODL L3 + type: string + default: 'no' + OpenDaylightEnableDHCP: + description: Knob to enable/disable ODL DHCP Server + type: boolean + default: false + OpenDaylightFeatures: + description: List of features to install with ODL + type: comma_delimited_list + default: ["odl-netvirt-openstack","odl-netvirt-ui"] + OpenDaylightConnectionProtocol: + description: L7 protocol used for REST access + type: string + default: 'http' + OpenDaylightCheckURL: + description: URL postfix to verify ODL has finished starting up + type: string + default: 'restconf/operational/network-topology:network-topology/topology/netvirt:1' + OpenDaylightApiVirtualIP: + type: string + default: '' + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +outputs: + role_data: + description: Role data for the OpenDaylight service. + value: + service_name: opendaylight_api + config_settings: + opendaylight::odl_rest_port: {get_param: OpenDaylightPort} + odl_on_controller: {get_param: EnableOpenDaylightOnController} + opendaylight_check_url: {get_param: OpenDaylightCheckURL} + opendaylight::username: {get_param: OpenDaylightUsername} + opendaylight::password: {get_param: OpenDaylightPassword} + opendaylight::enable_l3: {get_param: OpenDaylightEnableL3} + opendaylight::extra_features: {get_param: OpenDaylightFeatures} + opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP} + opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} + opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpenDaylightApiNetwork]} + tripleo::haproxy::opendaylight: true + step_config: | + include tripleo::profile::base::neutron::opendaylight + include tripleo::profile::base::neutron::plugins::ovs::opendaylight diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml new file mode 100644 index 00000000..8bcb72f7 --- /dev/null +++ b/puppet/services/opendaylight-ovs.yaml @@ -0,0 +1,47 @@ +heat_template_version: 2016-04-08 + +description: > + OpenDaylight OVS Configuration. + +parameters: + OpenDaylightPort: + default: 8081 + description: Set opendaylight service port + type: number + OpenDaylightConnectionProtocol: + description: L7 protocol used for REST access + type: string + default: 'http' + OpenDaylightCheckURL: + description: URL postfix to verify ODL has finished starting up + type: string + default: 'restconf/operational/network-topology:network-topology/topology/netvirt:1' + OpenDaylightApiVirtualIP: + type: string + default: '' + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +outputs: + role_data: + description: Role data for the OpenDaylight service. + value: + service_name: opendaylight_ovs + config_settings: + opendaylight::odl_rest_port: {get_param: OpenDaylightPort} + opendaylight_check_url: {get_param: OpenDaylightCheckURL} + opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} + step_config: | + include tripleo::profile::base::neutron::plugins::ovs::opendaylight diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml index ac4bdcf0..78714878 100644 --- a/puppet/services/pacemaker/ceilometer-agent-central.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-central.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-agent-central.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml index 112dde1c..6290203a 100644 --- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-notification.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-agent-notification.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml index f50e4a15..d130a4bb 100644 --- a/puppet/services/pacemaker/ceilometer-api.yaml +++ b/puppet/services/pacemaker/ceilometer-api.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-api.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml index 8d4348db..97da92e8 100644 --- a/puppet/services/pacemaker/ceilometer-collector.yaml +++ b/puppet/services/pacemaker/ceilometer-collector.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-collector.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml index e63a8f1e..d555ed0a 100644 --- a/puppet/services/pacemaker/database/mysql.yaml +++ b/puppet/services/pacemaker/database/mysql.yaml @@ -20,11 +20,21 @@ parameters: via parameter_defaults in the resource registry. type: json +resources: + + MysqlBase: + type: ../../database/mysql.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Service MySQL with Pacemaker using composable services. value: service_name: mysql config_settings: + get_attr: [MysqlBase, role_data, config_settings] step_config: | include ::tripleo::profile::pacemaker::database::mysql diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml index 1f6ed461..42c7131d 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/pacemaker/gnocchi-api.yaml @@ -21,7 +21,7 @@ parameters: resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-api.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -35,5 +35,7 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] + - gnocchi::metricd::manage_service: false + gnocchi::metricd::enabled: false step_config: | include ::tripleo::profile::pacemaker::gnocchi::api diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml index cea27e9a..177d7744 100644 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ b/puppet/services/pacemaker/gnocchi-metricd.yaml @@ -21,7 +21,7 @@ parameters: resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-metricd.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -36,6 +36,7 @@ outputs: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - gnocchi::metricd::manage_service: false + gnocchi::metricd::enabled: false tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} step_config: | diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml index 2e1531fc..a247a514 100644 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ b/puppet/services/pacemaker/gnocchi-statsd.yaml @@ -21,7 +21,7 @@ parameters: resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-statsd.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -36,6 +36,7 @@ outputs: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - gnocchi::statsd::manage_service: false + gnocchi::statsd::enabled: false tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} step_config: | include ::tripleo::profile::pacemaker::gnocchi::statsd diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 5d580648..06595b07 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > RabbitMQ service configured with Puppet @@ -34,6 +34,10 @@ parameters: default: false description: Enable IPv6 in RabbitMQ type: boolean + RabbitCookie: + type: string + default: '' + hidden: true outputs: role_data: @@ -66,5 +70,19 @@ outputs: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' loopback_users: '[]' + rabbitmq::erlang_cookie: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: RabbitCookie} + - {get_param: [DefaultPasswords, rabbit_cookie]} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]} step_config: | include ::tripleo::profile::base::rabbitmq diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 5715a8c3..fae9c434 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -54,6 +54,12 @@ outputs: sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} sahara::keystone::auth::password: {get_param: SaharaPassword } sahara::keystone::auth::region: {get_param: KeystoneRegion} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + sahara::host: {get_param: [ServiceNetMap, SaharaApiNetwork]} tripleo.sahara_api.firewall_rules: '132 sahara': dport: diff --git a/puppet/services/swift-base.yaml b/puppet/services/swift-base.yaml new file mode 100644 index 00000000..741adb4d --- /dev/null +++ b/puppet/services/swift-base.yaml @@ -0,0 +1,33 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Swift Proxy service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + SwiftHashSuffix: + description: A random string to be used as a salt when hashing to determine mappings + in the ring. + hidden: true + type: string + +outputs: + role_data: + description: Role data for the Swift common swift settings. + value: + service_name: swift_base + config_settings: + swift::swift_hash_path_suffix: {get_param: SwiftHashSuffix} diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index 6c2bb44b..cba08090 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -39,6 +39,13 @@ parameters: default: 'regionOne' description: Keystone region for endpoint +resources: + SwiftBase: + type: ./swift-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -46,50 +53,59 @@ outputs: value: service_name: swift_proxy config_settings: - # Swift - swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - swift::proxy::authtoken::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - swift::proxy::authtoken::admin_password: {get_param: SwiftPassword} - swift::proxy::authtoken::admin_tenant_name: 'service' - swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout} - swift::proxy::workers: {get_param: SwiftWorkers} - swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]} - swift::keystone::auth::internal_url: {get_param: [EndpointMap, SwiftInternal, uri]} - swift::keystone::auth::admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]} - swift::keystone::auth::public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]} - swift::keystone::auth::internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]} - swift::keystone::auth::admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]} - swift::keystone::auth::password: {get_param: SwiftPassword} - swift::keystone::auth::region: {get_param: KeystoneRegion} - tripleo.swift_proxy.firewall_rules: - '122 swift proxy': - dport: - - 8080 - - 13808 - swift::keystone::auth::tenant: 'service' - swift::keystone::auth::configure_s3_endpoint: false - swift::keystone::auth::operator_roles: - - admin - - swiftoperator - - ResellerAdmin - swift::proxy::keystone::operator_roles: - - admin - - swiftoperator - - ResellerAdmin - swift::proxy::pipeline: - - 'catch_errors' - - 'healthcheck' - - 'proxy-logging' - - 'cache' - - 'ratelimit' - - 'bulk' - - 'tempurl' - - 'formpost' - - 'authtoken' - - 'keystone' - - 'staticweb' - - 'proxy-logging' - - 'proxy-server' - swift::proxy::account_autocreate: true + map_merge: + - get_attr: [SwiftBase, role_data, config_settings] + + - swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + swift::proxy::authtoken::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + swift::proxy::authtoken::admin_password: {get_param: SwiftPassword} + swift::proxy::authtoken::admin_tenant_name: 'service' + swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout} + swift::proxy::workers: {get_param: SwiftWorkers} + swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]} + swift::keystone::auth::internal_url: {get_param: [EndpointMap, SwiftInternal, uri]} + swift::keystone::auth::admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]} + swift::keystone::auth::public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]} + swift::keystone::auth::internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]} + swift::keystone::auth::admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]} + swift::keystone::auth::password: {get_param: SwiftPassword} + swift::keystone::auth::region: {get_param: KeystoneRegion} + tripleo.swift_proxy.firewall_rules: + '122 swift proxy': + dport: + - 8080 + - 13808 + swift::keystone::auth::tenant: 'service' + swift::keystone::auth::configure_s3_endpoint: false + swift::keystone::auth::operator_roles: + - admin + - swiftoperator + - ResellerAdmin + swift::proxy::keystone::operator_roles: + - admin + - swiftoperator + - ResellerAdmin + swift::proxy::pipeline: + - 'catch_errors' + - 'healthcheck' + - 'proxy-logging' + - 'cache' + - 'ratelimit' + - 'bulk' + - 'tempurl' + - 'formpost' + - 'authtoken' + - 'keystone' + - 'staticweb' + - 'proxy-logging' + - 'proxy-server' + swift::proxy::account_autocreate: true + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + swift::proxy::proxy_local_net_ip: {get_param: [ServiceNetMap, SwiftProxyNetwork]} step_config: | include ::tripleo::profile::base::swift::proxy diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 558f2752..6c7c3c7a 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -26,6 +26,10 @@ parameters: default: false description: Value of mount_check in Swift account/container/object -server.conf type: boolean + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list @@ -41,33 +45,44 @@ parameter_groups: parameters: - ControllerEnableSwiftStorage +resources: + SwiftBase: + type: ./swift-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Role data for the Swift Proxy role. value: service_name: swift_storage config_settings: - # Swift - swift::storage::all::mount_check: {get_param: SwiftMountCheck} - tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage} - tripleo.swift_storage.firewall_rules: - '123 swift storage': - dport: - - 873 - - 6000 - - 6001 - - 6002 - swift::storage::all::incoming_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' - swift::storage::all::outgoing_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' - swift::storage::all::object_pipeline: - - healthcheck - - recon - - object-server - swift::storage::all::container_pipeline: - - healthcheck - - container-server - swift::storage::all::account_pipeline: - - healthcheck - - account-server + map_merge: + - get_attr: [SwiftBase, role_data, config_settings] + - swift::storage::all::mount_check: {get_param: SwiftMountCheck} + tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage} + tripleo.swift_storage.firewall_rules: + '123 swift storage': + dport: + - 873 + - 6000 + - 6001 + - 6002 + swift::storage::all::incoming_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' + swift::storage::all::outgoing_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' + swift::storage::all::object_pipeline: + - healthcheck + - recon + - object-server + swift::storage::all::container_pipeline: + - healthcheck + - container-server + swift::storage::all::account_pipeline: + - healthcheck + - account-server + swift::storage::disks: {get_param: SwiftRawDisks} + swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index 306a4d6e..859fad2c 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -36,6 +36,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index dc28ee76..b933c542 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -7,11 +7,6 @@ parameters: type: string constraints: - custom_constraint: nova.flavor - HashSuffix: - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string SwiftStorageImage: default: overcloud-full type: string @@ -21,14 +16,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true UpdateIdentifier: default: '' type: string @@ -101,6 +88,10 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json resources: @@ -262,10 +253,6 @@ resources: mapped_data: {get_param: ExtraConfig} object: mapped_data: # data supplied directly to this deployment configuration, etc - swift::swift_hash_path_suffix: { get_input: swift_hash_suffix } - swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -277,12 +264,7 @@ resources: server: {get_resource: SwiftStorage} config: {get_resource: SwiftStorageHieraConfig} input_values: - local_ip: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - swift_hash_suffix: {get_param: HashSuffix} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} # Resource for site-specific injection of root certificate NodeTLSCAData: @@ -377,7 +359,14 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: IP: get_attr: diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 7ce23a20..cbd7ea09 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -39,6 +39,7 @@ resources: storage_virtual_ip: {get_input: storage_virtual_ip} storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} ironic_api_vip: {get_input: ironic_api_vip} + opendaylight_api_vip: {get_input: opendaylight_api_vip} # public_virtual_ip and controller_virtual_ip are needed in # both HAproxy & keepalived. tripleo::haproxy::public_virtual_ip: {get_input: public_virtual_ip} |