aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore15
-rw-r--r--ci/environments/scenario002-multinode.yaml5
-rw-r--r--ci/environments/scenario003-multinode.yaml11
-rw-r--r--ci/environments/scenario004-multinode.yaml62
-rw-r--r--ci/pingtests/scenario002-multinode.yaml5
-rw-r--r--ci/pingtests/scenario004-multinode.yaml127
-rw-r--r--environments/major-upgrade-composable-steps.yaml3
-rw-r--r--environments/services/zaqar.yaml2
-rw-r--r--environments/tls-endpoints-public-dns.yaml6
-rw-r--r--environments/tls-endpoints-public-ip.yaml6
-rw-r--r--environments/tls-everywhere-endpoints-dns.yaml6
-rw-r--r--network/endpoints/endpoint_data.yaml18
-rw-r--r--network/endpoints/endpoint_map.yaml492
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml5
-rw-r--r--overcloud.j2.yaml21
-rw-r--r--puppet/blockstorage-role.yaml36
-rw-r--r--puppet/cephstorage-role.yaml36
-rw-r--r--puppet/compute-role.yaml36
-rw-r--r--puppet/controller-role.yaml36
-rw-r--r--puppet/major_upgrade_steps.j2.yaml98
-rw-r--r--puppet/objectstorage-role.yaml37
-rw-r--r--puppet/role.role.j2.yaml42
-rw-r--r--puppet/services/README.rst30
-rw-r--r--puppet/services/aodh-api.yaml4
-rw-r--r--puppet/services/apache-internal-tls-certmonger.yaml4
-rw-r--r--puppet/services/barbican-api.yaml2
-rw-r--r--puppet/services/ceilometer-api.yaml4
-rw-r--r--puppet/services/ceph-rgw.yaml1
-rw-r--r--puppet/services/cinder-api.yaml4
-rw-r--r--puppet/services/database/mysql.yaml10
-rw-r--r--puppet/services/gnocchi-api.yaml4
-rw-r--r--puppet/services/haproxy.yaml7
-rw-r--r--puppet/services/keepalived.yaml8
-rw-r--r--puppet/services/keystone.yaml19
-rw-r--r--puppet/services/nova-api.yaml4
-rw-r--r--puppet/services/pacemaker/database/mysql.yaml2
-rw-r--r--puppet/services/panko-api.yaml4
-rw-r--r--puppet/services/rabbitmq.yaml17
-rw-r--r--puppet/services/services.yaml5
-rw-r--r--puppet/services/tripleo-packages.yaml4
-rw-r--r--puppet/services/zaqar.yaml66
-rw-r--r--puppet/upgrade_config.yaml48
-rw-r--r--requirements.txt1
-rwxr-xr-xtools/process-templates.py125
-rw-r--r--tox.ini7
45 files changed, 1453 insertions, 32 deletions
diff --git a/.gitignore b/.gitignore
index 3d7aded8..0925145c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,3 +44,18 @@ doc/_build
# Built by pbr (python setup.py sdist):
AUTHORS
ChangeLog
+
+extraconfig/all_nodes/mac_hostname.yaml
+extraconfig/all_nodes/random_string.yaml
+extraconfig/all_nodes/swap-partition.yaml
+extraconfig/all_nodes/swap.yaml
+extraconfig/tasks/major_upgrade_pacemaker_init.yaml
+network/service_net_map.yaml
+overcloud-resource-registry-puppet.yaml
+overcloud.yaml
+puppet/blockstorage-config.yaml
+puppet/cephstorage-config.yaml
+puppet/compute-config.yaml
+puppet/controller-config.yaml
+puppet/objectstorage-config.yaml
+puppet/post.yaml
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml
index b8bc5762..97fec24c 100644
--- a/ci/environments/scenario002-multinode.yaml
+++ b/ci/environments/scenario002-multinode.yaml
@@ -1,7 +1,8 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- OS::TripleO::Services::BarbicanApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/barbican-api.yaml
+ OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
+ OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
parameter_defaults:
ControllerServices:
@@ -42,6 +43,8 @@ parameter_defaults:
- OS::TripleO::Services::SwiftStorage
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Zaqar
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario003-multinode.yaml b/ci/environments/scenario003-multinode.yaml
index e540bc55..092426cb 100644
--- a/ci/environments/scenario003-multinode.yaml
+++ b/ci/environments/scenario003-multinode.yaml
@@ -1,11 +1,11 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- OS::TripleO::Services::SaharaApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/sahara-api.yaml
- OS::TripleO::Services::SaharaEngine: /usr/share/openstack-tripleo-heat-templates/puppet/services/sahara-engine.yaml
- OS::TripleO::Services::MistralApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/mistral-api.yaml
- OS::TripleO::Services::MistralEngine: /usr/share/openstack-tripleo-heat-templates/puppet/services/mistral-engine.yaml
- OS::TripleO::Services::MistralExecutor: /usr/share/openstack-tripleo-heat-templates/puppet/services/mistral-executor.yaml
+ OS::TripleO::Services::SaharaApi: ../../puppet/services/sahara-api.yaml
+ OS::TripleO::Services::SaharaEngine: ../../puppet/services/sahara-engine.yaml
+ OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml
+ OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml
+ OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml
parameter_defaults:
ControllerServices:
@@ -49,3 +49,4 @@ parameter_defaults:
Debug: true
# we don't deploy Swift so we switch to file backend.
GlanceBackend: 'file'
+ KeystoneTokenProvider: 'fernet'
diff --git a/ci/environments/scenario004-multinode.yaml b/ci/environments/scenario004-multinode.yaml
new file mode 100644
index 00000000..4aa18709
--- /dev/null
+++ b/ci/environments/scenario004-multinode.yaml
@@ -0,0 +1,62 @@
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml
+ OS::TripleO::Services::CephRgw: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-rgw.yaml
+ OS::TripleO::Services::SwiftProxy: OS::Heat::None
+ OS::TripleO::Services::SwiftStorage: OS::Heat::None
+ OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::GlanceRegistry
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephRgw
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ Debug: true
+ #NOTE(gfidente): not great but we need this to deploy on ext4
+ #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
+ ExtraConfig:
+ ceph::profile::params::osd_max_object_name_len: 256
+ ceph::profile::params::osd_max_object_namespace_len: 64
+ #NOTE: These ID's and keys should be regenerated for
+ # a production deployment. What is here is suitable for
+ # developer and CI testing only.
+ CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
+ CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
+ CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
+ CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
diff --git a/ci/pingtests/scenario002-multinode.yaml b/ci/pingtests/scenario002-multinode.yaml
index d7a30fd9..1ab7eef9 100644
--- a/ci/pingtests/scenario002-multinode.yaml
+++ b/ci/pingtests/scenario002-multinode.yaml
@@ -144,6 +144,11 @@ resources:
ram: 512
vcpus: 1
+ zaqar_queue:
+ type: OS::Zaqar::Queue
+ properties:
+ name: pingtest-queue
+
outputs:
server1_private_ip:
description: IP address of server1 in private network
diff --git a/ci/pingtests/scenario004-multinode.yaml b/ci/pingtests/scenario004-multinode.yaml
new file mode 100644
index 00000000..17792cd1
--- /dev/null
+++ b/ci/pingtests/scenario004-multinode.yaml
@@ -0,0 +1,127 @@
+heat_template_version: 2013-05-23
+
+description: >
+ HOT template to created resources deployed by scenario004.
+parameters:
+ key_name:
+ type: string
+ description: Name of keypair to assign to servers
+ default: 'pingtest_key'
+ image:
+ type: string
+ description: Name of image to use for servers
+ default: 'pingtest_image'
+ public_net_name:
+ type: string
+ default: 'nova'
+ description: >
+ ID or name of public network for which floating IP addresses will be allocated
+ private_net_name:
+ type: string
+ description: Name of private network to be created
+ default: 'default-net'
+ private_net_cidr:
+ type: string
+ description: Private network address (CIDR notation)
+ default: '192.168.2.0/24'
+ private_net_gateway:
+ type: string
+ description: Private network gateway address
+ default: '192.168.2.1'
+ private_net_pool_start:
+ type: string
+ description: Start of private network IP address allocation pool
+ default: '192.168.2.100'
+ private_net_pool_end:
+ type: string
+ default: '192.168.2.200'
+ description: End of private network IP address allocation pool
+
+resources:
+
+ key_pair:
+ type: OS::Nova::KeyPair
+ properties:
+ save_private_key: true
+ name: {get_param: key_name }
+
+ private_net:
+ type: OS::Neutron::Net
+ properties:
+ name: { get_param: private_net_name }
+
+ private_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network_id: { get_resource: private_net }
+ cidr: { get_param: private_net_cidr }
+ gateway_ip: { get_param: private_net_gateway }
+ allocation_pools:
+ - start: { get_param: private_net_pool_start }
+ end: { get_param: private_net_pool_end }
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ external_gateway_info:
+ network: { get_param: public_net_name }
+
+ router_interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: private_subnet }
+
+ server1:
+ type: OS::Nova::Server
+ properties:
+ name: Server1
+ flavor: { get_resource: test_flavor }
+ image: { get_param: image }
+ key_name: { get_resource: key_pair }
+ networks:
+ - port: { get_resource: server1_port }
+
+ server1_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_resource: private_net }
+ fixed_ips:
+ - subnet_id: { get_resource: private_subnet }
+ security_groups: [{ get_resource: server_security_group }]
+
+ server1_floating_ip:
+ type: OS::Neutron::FloatingIP
+ # TODO: investigate why we need this depends_on and if we could
+ # replace it by router_id with get_resource: router_interface
+ depends_on: router_interface
+ properties:
+ floating_network: { get_param: public_net_name }
+ port_id: { get_resource: server1_port }
+
+ server_security_group:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ description: Add security group rules for server
+ name: pingtest-security-group
+ rules:
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: icmp
+
+ test_flavor:
+ type: OS::Nova::Flavor
+ properties:
+ ram: 512
+ vcpus: 1
+
+outputs:
+ server1_private_ip:
+ description: IP address of server1 in private network
+ value: { get_attr: [ server1, first_address ] }
+ server1_public_ip:
+ description: Floating IP address of server1 in public network
+ value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml
new file mode 100644
index 00000000..7e10014b
--- /dev/null
+++ b/environments/major-upgrade-composable-steps.yaml
@@ -0,0 +1,3 @@
+resource_registry:
+ OS::TripleO::UpgradeSteps: ../puppet/major_upgrade_steps.yaml
+ OS::TripleO::PostDeploySteps: OS::Heat::None
diff --git a/environments/services/zaqar.yaml b/environments/services/zaqar.yaml
new file mode 100644
index 00000000..ee137925
--- /dev/null
+++ b/environments/services/zaqar.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 70a0d31f..e91c7bc3 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -62,3 +62,9 @@ parameter_defaults:
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
+ ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
+ ZaqarWebSocketAdmin: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketInternal: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketPublic: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 21f8876a..c9096f44 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -62,3 +62,9 @@ parameter_defaults:
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
+ ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
+ ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'}
+ ZaqarWebSocketAdmin: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketInternal: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketPublic: {protocol: 'https', port: '9000', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index 6afb3a63..365b0a54 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -62,3 +62,9 @@ parameter_defaults:
SwiftAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
SwiftInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
+ ZaqarAdmin: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
+ ZaqarInternal: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
+ ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
+ ZaqarWebSocketAdmin: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketInternal: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketPublic: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index aeda0a9f..0178c4dd 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -276,3 +276,21 @@ Ironic:
uri_suffixes:
'': /v1
port: 6385
+
+Zaqar:
+ Internal:
+ net_param: ZaqarApi
+ Public:
+ net_param: Public
+ Admin:
+ net_param: ZaqarApi
+ port: 8888
+
+ZaqarWebSocket:
+ Internal:
+ net_param: ZaqarApi
+ Public:
+ net_param: Public
+ Admin:
+ net_param: ZaqarApi
+ port: 9000
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 5e582d41..7ebb318f 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -79,6 +79,12 @@ parameters:
SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
+ ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS}
+ ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS}
+ ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS}
+ ZaqarWebSocketAdmin: {protocol: http, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketInternal: {protocol: http, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketPublic: {protocol: http, port: '9000', host: IP_ADDRESS}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
CloudEndpoints:
@@ -6291,3 +6297,489 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, SwiftPublic, port]
+ ZaqarAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarAdmin, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarAdmin, port]
+ ZaqarInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarInternal, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarInternal, port]
+ ZaqarPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarPublic, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarPublic, port]
+ ZaqarWebSocketAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketAdmin, port]
+ ZaqarWebSocketInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, ZaqarApiNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, ZaqarApiNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketInternal, port]
+ ZaqarWebSocketPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, port]
+ protocol:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, ZaqarWebSocketPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, ZaqarWebSocketPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, ZaqarWebSocketPublic, port]
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 30b9f2b9..77a48658 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -100,6 +100,10 @@ resource_registry:
# validation resources
OS::TripleO::AllNodes::Validation: all-nodes-validation.yaml
+ # Upgrade resources
+ OS::TripleO::UpgradeConfig: puppet/upgrade_config.yaml
+ OS::TripleO::UpgradeSteps: OS::Heat::None
+
# services
OS::TripleO::Services: puppet/services/services.yaml
OS::TripleO::Services::Apache: puppet/services/apache.yaml
@@ -215,6 +219,7 @@ resource_registry:
OS::TripleO::Services::ContrailControl: puppet/services/network/contrail-control.yaml
OS::TripleO::Services::ContrailDatabase: puppet/services/network/contrail-database.yaml
OS::TripleO::Services::ContrailWebui: puppet/services/network/contrail-webui.yaml
+ OS::TripleO::Services::Zaqar: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index 6146a48a..39a092b1 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -604,6 +604,21 @@ resources:
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
{% endfor %}
+ # Upgrade steps for all roles
+ AllNodesUpgradeSteps:
+ type: OS::TripleO::UpgradeSteps
+ depends_on: AllNodesDeploySteps
+ properties:
+ servers:
+{% for role in roles %}
+ {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+{% endfor %}
+ role_data:
+{% for role in roles %}
+ {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
+{% endfor %}
+
+
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
@@ -636,3 +651,9 @@ outputs:
{% for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
{% endfor %}
+ RoleData:
+ description: The configuration data associated with each role
+ value:
+{% for role in roles %}
+ {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
+{% endfor %}
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index 45552e05..c9bf894f 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -266,6 +266,42 @@ resources:
extraconfig: {get_param: ExtraConfig}
volume:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+ fqdn_internal_api:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ fqdn_storage:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - storage
+ - {get_param: CloudDomain}
+ fqdn_storage_mgmt:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ fqdn_tenant:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ fqdn_management:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - management
+ - {get_param: CloudDomain}
+ fqdn_ctlplane:
+ list_join:
+ - '.'
+ - - {get_attr: [BlockStorage, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 03b57e2b..18787a21 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -271,6 +271,42 @@ resources:
extraconfig: {get_param: ExtraConfig}
ceph:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+ fqdn_internal_api:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ fqdn_storage:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - storage
+ - {get_param: CloudDomain}
+ fqdn_storage_mgmt:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ fqdn_tenant:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ fqdn_management:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - management
+ - {get_param: CloudDomain}
+ fqdn_ctlplane:
+ list_join:
+ - '.'
+ - - {get_attr: [CephStorage, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 13464339..f359bf70 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -284,6 +284,42 @@ resources:
extraconfig: {get_param: ExtraConfig}
compute:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+ fqdn_internal_api:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ fqdn_storage:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - storage
+ - {get_param: CloudDomain}
+ fqdn_storage_mgmt:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ fqdn_tenant:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ fqdn_management:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - management
+ - {get_param: CloudDomain}
+ fqdn_ctlplane:
+ list_join:
+ - '.'
+ - - {get_attr: [NovaCompute, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index 09e10eae..77b54ff3 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -344,6 +344,42 @@ resources:
# Misc
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+ fqdn_internal_api:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ fqdn_storage:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storage
+ - {get_param: CloudDomain}
+ fqdn_storage_mgmt:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ fqdn_tenant:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ fqdn_management:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - management
+ - {get_param: CloudDomain}
+ fqdn_ctlplane:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
ControllerExtraConfigPre:
diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml
new file mode 100644
index 00000000..f8dad433
--- /dev/null
+++ b/puppet/major_upgrade_steps.j2.yaml
@@ -0,0 +1,98 @@
+heat_template_version: 2016-10-14
+description: 'Upgrade steps for all roles'
+
+parameters:
+ servers:
+ type: json
+
+ role_data:
+ type: json
+ description: Mapping of Role name e.g Controller to the per-role data
+
+ UpdateIdentifier:
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ the Upgrade resources to re-run on all roles.
+
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
+
+resources:
+
+ # For the UpgradeInit also rename /etc/resolv.conf.save for +bug/1567004
+ UpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+{% for role in roles %}
+ {{role.name}}Upgrade_Init:
+ type: OS::Heat::StructuredDeploymentGroup
+ properties:
+ name: {{role.name}}Upgrade_Init
+ servers: {get_param: [servers, {{role.name}}]}
+ config: {get_resource: UpgradeInitConfig}
+{% endfor %}
+
+# Upgrade Steps for all roles
+# FIXME(shardy): would be nice to make the number of steps configurable
+{% for step in range(1, 8) %}
+ {% for role in roles %}
+ # Step {{step}} resources
+ {{role.name}}UpgradeConfig_Step{{step}}:
+ type: OS::TripleO::UpgradeConfig
+ # The UpgradeConfig resources could actually be created without
+ # serialization, but the event output is easier to follow if we
+ # do, and there should be minimal performance hit (creating the
+ # config is cheap compared to the time to apply the deployment).
+ depends_on:
+ {% if step == 1 %}
+ - {{role.name}}Upgrade_Init
+ {% else %}
+ {% for dep in roles %}
+ - {{dep.name}}Upgrade_Step{{step -1}}
+ {% endfor %}
+ {% endif %}
+ properties:
+ UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_tasks]}
+ step: {{step}}
+
+ {{role.name}}Upgrade_Step{{step}}:
+ type: OS::Heat::StructuredDeploymentGroup
+ {% if step > 1 %}
+ depends_on:
+ {% for dep in roles %}
+ - {{dep.name}}Upgrade_Step{{step -1}}
+ {% endfor %}
+ {% endif %}
+ properties:
+ name: {{role.name}}Upgrade_Step{{step}}
+ servers: {get_param: [servers, {{role.name}}]}
+ config: {get_resource: {{role.name}}UpgradeConfig_Step{{step}}}
+ input_values:
+ role: {{role.name}}
+ update_identifier: {get_param: UpdateIdentifier}
+ {% endfor %}
+{% endfor %}
+
+outputs:
+ # Output the config for each role, just use Step1 as the config should be
+ # the same for all steps (only the tag provided differs)
+ upgrade_configs:
+ description: The per-role upgrade configuration used
+ value:
+{% for role in roles %}
+ {{role.name.lower()}}: {get_attr: [{{role.name}}UpgradeConfig_Step1, upgrade_config]}
+{% endfor %}
+
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index 533cd2c1..60c12c3b 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -255,6 +255,43 @@ resources:
extraconfig: {get_param: ExtraConfig}
object:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+ fqdn_internal_api:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ fqdn_storage:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - storage
+ - {get_param: CloudDomain}
+ fqdn_storage_mgmt:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ fqdn_tenant:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ fqdn_management:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - management
+ - {get_param: CloudDomain}
+ fqdn_ctlplane:
+ list_join:
+ - '.'
+ - - {get_attr: [SwiftStorage, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index c2c322d8..587ff58d 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -5,13 +5,17 @@ parameters:
description: Flavor for the {{role}} node.
default: baremetal
type: string
+{% if disable_constraints is not defined %}
constraints:
- custom_constraint: nova.flavor
+{% endif %}
{{role}}Image:
type: string
default: overcloud-full
+{% if disable_constraints is not defined %}
constraints:
- custom_constraint: glance.image
+{% endif %}
ImageUpdatePolicy:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
@@ -20,8 +24,10 @@ parameters:
description: Name of an existing Nova key pair to enable SSH access to the instances
type: string
default: default
+{% if disable_constraints is not defined %}
constraints:
- custom_constraint: nova.keypair
+{% endif %}
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -279,6 +285,42 @@ resources:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
+ fqdn_internal_api:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ fqdn_storage:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - storage
+ - {get_param: CloudDomain}
+ fqdn_storage_mgmt:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ fqdn_tenant:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ fqdn_management:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - management
+ - {get_param: CloudDomain}
+ fqdn_ctlplane:
+ list_join:
+ - '.'
+ - - {get_attr: [{{role}}, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index 3accff36..856b306e 100644
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -22,8 +22,8 @@ Config Settings
Each service may define a config_settings output variable which returns
Hiera settings to be configured.
-Steps
------
+Deployment Steps
+----------------
Each service may define an output variable which returns a puppet manifest
snippet that will run at each of the following steps. Earlier manifests
@@ -48,3 +48,29 @@ are re-asserted when applying latter ones.
4) General OpenStack Services
5) Service activation (Pacemaker)
+
+Upgrade Steps
+-------------
+
+Each service template may optionally define a `upgrade_tasks` key, which is a
+list of ansible tasks to be performed during the upgrade process.
+
+Similar to the step_config, we allow a series of steps for the per-service
+upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first
+step, "step2" for the second, etc.
+
+ Steps/tages correlate to the following:
+
+ 1) Quiesce the control-plane, e.g disable LoadBalancer, stop pacemaker cluster
+
+ 2) Stop all control-plane services, ready for upgrade
+
+ 3) Perform a package update, (either specific packages or the whole system)
+
+ 4) Start services needed for migration tasks (e.g DB)
+
+ 5) Perform any migration tasks, e.g DB sync commands
+
+ 6) Start control-plane services
+
+ 7) Any additional online migration tasks (e.g data migrations)
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index 347a8c13..0cc7ad8b 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -55,7 +55,7 @@ outputs:
aodh::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
aodh::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
aodh::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/apache-internal-tls-certmonger.yaml b/puppet/services/apache-internal-tls-certmonger.yaml
index 87e53f13..1d76b9a3 100644
--- a/puppet/services/apache-internal-tls-certmonger.yaml
+++ b/puppet/services/apache-internal-tls-certmonger.yaml
@@ -35,8 +35,8 @@ outputs:
httpd-NETWORK:
service_certificate: '/etc/pki/tls/certs/httpd-NETWORK.crt'
service_key: '/etc/pki/tls/private/httpd-NETWORK.key'
- hostname: "%{::fqdn_NETWORK}"
- principal: "HTTP/%{::fqdn_NETWORK}"
+ hostname: "%{hiera('fqdn_NETWORK')}"
+ principal: "HTTP/%{hiera('fqdn_NETWORK')}"
for_each:
NETWORK:
# NOTE(jaosorior) Get unique network names to create
diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index 1a5e9134..24687d03 100644
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -93,7 +93,7 @@ outputs:
barbican::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
barbican::db::database_connection:
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 2f34f248..2e2d3f2d 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -75,7 +75,7 @@ outputs:
ceilometer::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
@@ -83,7 +83,7 @@ outputs:
ceilometer::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
service_config_settings:
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index 89c1a5ee..4b85d28f 100644
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -68,6 +68,7 @@ outputs:
ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]}
ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]}
ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]}
+ ceph::rgw::keystone::auth::user: 'swift'
ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}
ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion}
ceph::rgw::keystone::auth::tenant: 'service'
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 8d57418e..6cb2b194 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -101,7 +101,7 @@ outputs:
cinder::api::bind_host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
@@ -115,7 +115,7 @@ outputs:
cinder::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
-
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index bed8f7d3..abe752e2 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -87,8 +87,16 @@ outputs:
tripleo::profile::base::database::mysql::bind_address:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: |
include ::tripleo::profile::base::database::mysql
+ upgrade_tasks:
+ - name: Stop service
+ tags: step2
+ service: name=mariadb state=stopped
+ - name: Start service
+ tags: step4
+ service: name=mariadb state=started
+
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index d5f8e62d..b3d39e0f 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -91,7 +91,7 @@ outputs:
gnocchi::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
@@ -105,7 +105,7 @@ outputs:
gnocchi::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index c8edade5..675a79ec 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -77,3 +77,10 @@ outputs:
- get_attr: [HAProxyInternalTLS, role_data, certificates_specs]
step_config: |
include ::tripleo::profile::base::haproxy
+ upgrade_tasks:
+ - name: Stop haproxy service
+ tags: step1
+ service: name=haproxy state=stopped
+ - name: Start haproxy service
+ tags: step4 # Needed at step 4 for mysql
+ service: name=haproxy state=started
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index 6f2c44ec..b4f1a100 100644
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -64,3 +64,11 @@ outputs:
- tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
step_config: |
include ::tripleo::profile::base::keepalived
+ upgrade_tasks:
+ - name: Stop keepalived service
+ tags: step1
+ service: name=keepalived state=stopped
+ - name: Start keepalived service
+ tags: step4 # Needed at step 4 for mysql
+ service: name=keepalived state=started
+
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index c2a282d4..e48d7037 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -195,13 +195,13 @@ outputs:
keystone::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
keystone::wsgi::apache::servername_admin:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
@@ -219,13 +219,13 @@ outputs:
keystone::admin_bind_host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::public_bind_host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
@@ -248,3 +248,14 @@ outputs:
keystone::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ # Ansible tasks to handle upgrade
+ upgrade_tasks:
+ - name: Stop keystone service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ - name: Sync keystone DB
+ tags: step5
+ command: keystone-manage db_sync
+ - name: Start keystone service (running under httpd)
+ tags: step6
+ service: name=httpd state=started
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index c4d5c6bb..50e4c996 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -108,7 +108,7 @@ outputs:
nova::api::api_bind_address:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd'
@@ -122,7 +122,7 @@ outputs:
nova::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml
index ea3d8abd..f2905903 100644
--- a/puppet/services/pacemaker/database/mysql.yaml
+++ b/puppet/services/pacemaker/database/mysql.yaml
@@ -40,7 +40,7 @@ outputs:
- tripleo::profile::pacemaker::database::mysql::bind_address:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
index 700edc7f..a8bd5e8a 100644
--- a/puppet/services/panko-api.yaml
+++ b/puppet/services/panko-api.yaml
@@ -55,7 +55,7 @@ outputs:
panko::wsgi::apache::servername:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
panko::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
panko::api::host:
str_replace:
template:
- '%{::fqdn_$NETWORK}'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index 44a09a42..190487e0 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -73,7 +73,13 @@ outputs:
rabbitmq::repos_ensure: false
rabbitmq::tcp_keepalive: true
rabbitmq_environment:
- RABBITMQ_NODENAME: "rabbit@%{::hostname}"
+ RABBITMQ_NODENAME:
+ str_replace:
+ template:
+ "rabbit@%{hiera('fqdn_$NETWORK')}"
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+ RABBITMQ_USE_LONGNAME: true
RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
rabbitmq_kernel_variables:
inet_dist_listen_min: '25672'
@@ -97,6 +103,13 @@ outputs:
# internal_api_subnet - > IP/CIDR
rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]}
rabbitmq::nr_ha_queues: {get_param: RabbitHAQueues}
-
step_config: |
include ::tripleo::profile::base::rabbitmq
+ upgrade_tasks:
+ - name: Stop rabbitmq service
+ tags: step2
+ service: name=rabbitmq-server state=stopped
+ - name: Start rabbitmq service
+ tags: step6
+ service: name=rabbitmq-server state=started
+
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index ffe2d2d4..13df5bbe 100644
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -108,3 +108,8 @@ outputs:
expression: $.data.role_data.where($ != null).select($.get('service_config_settings')).where($ != null).reduce($1.mergeWith($2), {})
data: {role_data: {get_attr: [ServiceChain, role_data]}}
step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]}
+ upgrade_tasks:
+ yaql:
+ # Note we use distinct() here to filter any identical tasks, e.g yum update for all services
+ expression: $.data.where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
+ data: {get_attr: [ServiceChain, role_data]}
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index 124f5fe8..69912fa5 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -32,3 +32,7 @@ outputs:
tripleo::packages::enable_install: {get_param: EnablePackageInstall}
step_config: |
include ::tripleo::packages
+ upgrade_tasks:
+ - name: Update all packages
+ tags: step3
+ yum: name=* state=latest
diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
new file mode 100644
index 00000000..77240c3c
--- /dev/null
+++ b/puppet/services/zaqar.yaml
@@ -0,0 +1,66 @@
+heat_template_version: 2016-04-08
+
+description: >
+ Openstack Zaqar service. Shared for all Heat services.
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ ZaqarPassword:
+ description: The password for Zaqar
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+
+
+outputs:
+ role_data:
+ description: Shared role data for the Heat services.
+ value:
+ service_name: zaqar
+ config_settings:
+ zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
+ zaqar::keystone::authtoken::project_name: 'service'
+ zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ zaqar::debug: {get_param: Debug}
+ zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
+ zaqar::transport::wsgi::bind: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
+ zaqar::message_pipeline: 'zaqar.notification.notifier'
+ zaqar::unreliable: true
+ service_config_settings:
+ keystone:
+ zaqar::keystone::auth::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
+ zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
+ zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
+ zaqar::keystone::auth::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth::tenant: 'service'
+ zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
+ zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
+ zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
+ zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth_websocket::tenant: 'service'
+
+ step_config: |
+ include ::tripleo::profile::base::zaqar
diff --git a/puppet/upgrade_config.yaml b/puppet/upgrade_config.yaml
new file mode 100644
index 00000000..c67e10b3
--- /dev/null
+++ b/puppet/upgrade_config.yaml
@@ -0,0 +1,48 @@
+heat_template_version: 2016-10-14
+description: 'Upgrade for via ansible by applying a step related tag'
+
+parameters:
+ UpgradeStepConfig:
+ type: json
+ description: Config (ansible yaml) that will be used to step through the deployment.
+ default: ''
+
+ step:
+ type: string
+ description: Step number of the upgrade
+
+resources:
+
+ AnsibleConfig:
+ type: OS::Heat::Value
+ properties:
+ value:
+ str_replace:
+ template: CONFIG
+ params:
+ CONFIG:
+ - hosts: localhost
+ connection: local
+ tasks: {get_param: UpgradeStepConfig}
+
+ AnsibleUpgradeConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: ansible
+ options:
+ tags:
+ str_replace:
+ template: "stepSTEP"
+ params:
+ STEP: {get_param: step}
+ inputs:
+ - name: role
+ config: {get_attr: [AnsibleConfig, value]}
+
+outputs:
+ OS::stack_id:
+ description: The software config which runs ansible with tags
+ value: {get_resource: AnsibleUpgradeConfigImpl}
+ upgrade_config:
+ description: The configuration file used for upgrade
+ value: {get_attr: [AnsibleConfig, value]}
diff --git a/requirements.txt b/requirements.txt
index 4e46b891..9c4a708a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1,2 @@
pbr>=0.5.21,<1.0
+Jinja2>=2.8 # BSD License (3 clause)
diff --git a/tools/process-templates.py b/tools/process-templates.py
new file mode 100755
index 00000000..a15b00e2
--- /dev/null
+++ b/tools/process-templates.py
@@ -0,0 +1,125 @@
+#!/usr/bin/env python
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import argparse
+import jinja2
+import os
+import sys
+import yaml
+
+
+def parse_opts(argv):
+ parser = argparse.ArgumentParser(
+ description='Configure host network interfaces using a JSON'
+ ' config file format.')
+ parser.add_argument('-p', '--base_path', metavar='BASE_PATH',
+ help="""base path of templates to process.""",
+ default='.')
+ parser.add_argument('-r', '--roles-data', metavar='ROLES_DATA',
+ help="""relative path to the roles_data.yaml file.""",
+ default='roles_data.yaml')
+ parser.add_argument('--safe',
+ action='store_true',
+ help="""Enable safe mode (do not overwrite files).""",
+ default=False)
+ opts = parser.parse_args(argv[1:])
+
+ return opts
+
+
+def _j2_render_to_file(j2_template, j2_data, outfile_name=None,
+ overwrite=True):
+ yaml_f = outfile_name or j2_template.replace('.j2.yaml', '.yaml')
+ print('rendering j2 template to file: %s' % outfile_name)
+
+ if not overwrite and os.path.exists(outfile_name):
+ print('ERROR: path already exists for file: %s' % outfile_name)
+ sys.exit(1)
+
+ try:
+ # Render the j2 template
+ template = jinja2.Environment().from_string(j2_template)
+ r_template = template.render(**j2_data)
+ except jinja2.exceptions.TemplateError as ex:
+ error_msg = ("Error rendering template %s : %s"
+ % (yaml_f, six.text_type(ex)))
+ print(error_msg)
+ raise Exception(error_msg)
+ with open(outfile_name, 'w') as out_f:
+ out_f.write(r_template)
+
+
+def process_templates(template_path, role_data_path, overwrite):
+
+ with open(role_data_path) as role_data_file:
+ role_data = yaml.safe_load(role_data_file)
+
+ j2_excludes_path = os.path.join(template_path, 'j2_excludes.yaml')
+ with open(j2_excludes_path) as role_data_file:
+ j2_excludes = yaml.safe_load(role_data_file)
+
+ role_names = [r.get('name') for r in role_data]
+ r_map = {}
+ for r in role_data:
+ r_map[r.get('name')] = r
+ excl_templates = ['%s/%s' % (template_path, e)
+ for e in j2_excludes.get('name')]
+
+ if os.path.isdir(template_path):
+ for subdir, dirs, files in os.walk(template_path):
+ for f in files:
+ file_path = os.path.join(subdir, f)
+ # We do two templating passes here:
+ # 1. *.role.j2.yaml - we template just the role name
+ # and create multiple files (one per role)
+ # 2. *.j2.yaml - we template with all roles_data,
+ # and create one file common to all roles
+ if f.endswith('.role.j2.yaml'):
+ print("jinja2 rendering role template %s" % f)
+ with open(file_path) as j2_template:
+ template_data = j2_template.read()
+ print("jinja2 rendering roles %s" % ","
+ .join(role_names))
+ for role in role_names:
+ j2_data = {'role': role}
+ # (dprince) For the undercloud installer we don't
+ # want to have heat check nova/glance API's
+ if r_map[role].get('disable_constraints', False):
+ j2_data['disable_constraints'] = True
+ out_f = "-".join(
+ [role.lower(),
+ os.path.basename(f).replace('.role.j2.yaml',
+ '.yaml')])
+ out_f_path = os.path.join(subdir, out_f)
+ if not (out_f_path in excl_templates):
+ _j2_render_to_file(template_data, j2_data,
+ out_f_path, overwrite)
+ else:
+ print('skipping rendering of %s' % out_f_path)
+ elif f.endswith('.j2.yaml'):
+ print("jinja2 rendering normal template %s" % f)
+ with open(file_path) as j2_template:
+ template_data = j2_template.read()
+ j2_data = {'roles': role_data}
+ out_f = file_path.replace('.j2.yaml', '.yaml')
+ _j2_render_to_file(template_data, j2_data, out_f,
+ overwrite)
+
+ else:
+ print('Unexpected argument %s' % template_path)
+
+opts = parse_opts(sys.argv)
+
+role_data_path = os.path.join(opts.base_path, opts.roles_data)
+
+process_templates(opts.base_path, role_data_path, (not opts.safe))
diff --git a/tox.ini b/tox.ini
index 5d09e0a4..c8a912b8 100644
--- a/tox.ini
+++ b/tox.ini
@@ -11,4 +11,9 @@ deps = -r{toxinidir}/requirements.txt
commands = {posargs}
[testenv:pep8]
-commands = python ./tools/yaml-validate.py .
+commands =
+ python ./tools/process-templates.py
+ python ./tools/yaml-validate.py .
+
+[testenv:templates]
+commands = python ./tools/process-templates.py