diff options
64 files changed, 1257 insertions, 227 deletions
diff --git a/capabilities_map.yaml b/capabilities-map.yaml index 30ee211e..30ee211e 100644 --- a/capabilities_map.yaml +++ b/capabilities-map.yaml diff --git a/docker/compute-post.yaml b/docker/compute-post.yaml index 8f786f72..8f9e9627 100644 --- a/docker/compute-post.yaml +++ b/docker/compute-post.yaml @@ -68,6 +68,7 @@ resources: ComputePuppetDeployment: type: OS::Heat::SoftwareDeployments properties: + name: ComputePuppetDeployment servers: {get_param: servers} config: {get_resource: ComputePuppetConfig} input_values: @@ -86,6 +87,7 @@ resources: type: OS::Heat::SoftwareDeployments depends_on: ComputePuppetDeployment properties: + name: CopyEtcDeployment config: {get_resource: CopyEtcConfig} servers: {get_param: servers} @@ -162,6 +164,7 @@ resources: type: OS::Heat::SoftwareDeployments depends_on: CopyEtcDeployment properties: + name: CopyJsonDeployment config: {get_resource: CopyJsonConfig} servers: {get_param: servers} input_values: @@ -174,6 +177,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: CopyJsonDeployment properties: + name: NovaComputeContainersDeploymentOVS config: {get_resource: NovaComputeContainersConfigOVS} servers: {get_param: servers} @@ -187,7 +191,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOvsVswitchdImage} ] - container_name: ovs-vswitchd net: host privileged: true restart: always @@ -203,7 +206,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchDBImage} ] - container_name: ovsdb-server net: host restart: always volumes: @@ -216,6 +218,7 @@ resources: type: OS::Heat::SoftwareDeployments depends_on: NovaComputeContainersDeploymentOVS properties: + name: NovaComputeContainersDeploymentNetconfig config: {get_resource: NovaComputeContainersConfigNetconfig} servers: {get_param: servers} @@ -236,6 +239,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: [CopyJsonDeployment, CopyEtcDeployment, ComputePuppetDeployment, NovaComputeContainersDeploymentNetconfig] properties: + name: LibvirtContainersDeployment config: {get_resource: LibvirtContainersConfig} servers: {get_param: servers} @@ -259,7 +263,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ] - container_name: libvirt net: host pid: host privileged: true @@ -279,6 +282,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: [CopyJsonDeployment, CopyEtcDeployment, ComputePuppetDeployment, NovaComputeContainersDeploymentNetconfig, LibvirtContainersDeployment] properties: + name: NovaComputeContainersDeployment config: {get_resource: NovaComputeContainersConfig} servers: {get_param: servers} @@ -292,7 +296,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ] - container_name: openvswitch net: host privileged: true restart: always @@ -313,7 +316,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ] - container_name: neutronagent net: host pid: host privileged: true @@ -338,7 +340,6 @@ resources: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerComputeImage} ] - container_name: novacompute net: host privileged: true restart: always diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml index 348c1755..2858552f 100644 --- a/docker/firstboot/install_docker_agents.yaml +++ b/docker/firstboot/install_docker_agents.yaml @@ -3,7 +3,7 @@ heat_template_version: 2014-10-16 parameters: DockerAgentImage: type: string - default: tripleoupstream/heat-docker-agents + default: heat-docker-agents DockerNamespace: type: string default: kollaglue @@ -26,7 +26,10 @@ resources: config: str_replace: params: - $agent_image: {get_param: DockerAgentImage} + $agent_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerAgentImage} ] $docker_registry: {get_param: DockerNamespace} $docker_namespace_is_registry: {get_param: DockerNamespaceIsRegistry} template: {get_file: ./start_docker_agents.sh} diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh index a0e95d11..963c7eee 100644 --- a/docker/firstboot/start_docker_agents.sh +++ b/docker/firstboot/start_docker_agents.sh @@ -39,14 +39,15 @@ EOF # Local docker registry 1.8 if [ $docker_namespace_is_registry ]; then - /bin/sed -i "s/# INSECURE_REGISTRY='--insecure-registry '/INSECURE_REGISTRY='--insecure-registry $docker_registry'/g" /etc/sysconfig/docker + # if namespace is used with local registry, trim all namespacing + trim_var=$docker_registry + registry_host="${trim_var%%/*}" + /bin/sed -i "s/# INSECURE_REGISTRY='--insecure-registry'/INSECURE_REGISTRY='--insecure-registry $registry_host'/g" /etc/sysconfig/docker fi /sbin/setenforce 0 /sbin/modprobe ebtables -echo nameserver 8.8.8.8 > /etc/resolv.conf - # We need hostname -f to return in a centos container for the puppet hook HOSTNAME=$(hostname) echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts diff --git a/environments/docker.yaml b/environments/docker.yaml index 6376b749..7c6dc407 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -8,7 +8,7 @@ parameters: parameter_defaults: # Defaults to 'tripleoupstream'. Specify a local docker registry - # Example: 192.168.122.131:8787 + # Example: 192.0.2.1:8787/tripleoupstream DockerNamespace: tripleoupstream # Enable local Docker registry DockerNamespaceIsRegistry: false diff --git a/environments/net-single-nic-linux-bridge-with-vlans.yaml b/environments/net-single-nic-linux-bridge-with-vlans.yaml new file mode 100644 index 00000000..d5f2ed62 --- /dev/null +++ b/environments/net-single-nic-linux-bridge-with-vlans.yaml @@ -0,0 +1,23 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml + +# We use parameter_defaults instead of parameters here because Tuskar munges +# the names of top level and role level parameters with the role name and a +# version. Using parameter_defaults makes it such that if the parameter name is +# not defined in the template, we don't get an error. +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 5ccfa58e..bd320bd9 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -43,9 +43,10 @@ parameter_defaults: ## OSDs are deployed on dedicated ceph-storage nodes only. # ControllerEnableCephStorage: false - ## When deploying Ceph through the oscplugin CLI, the following + ## When deploying Ceph Nodes through the oscplugin CLI, the following ## parameters are set automatically by the CLI. When deploying via - ## heat stack-create, they need to be provided manually. + ## heat stack-create or ceph on the controller nodes only, + ## they need to be provided manually. ## Number of Ceph storage nodes to deploy # CephStorageCount: 0 diff --git a/environments/updates/README.md b/environments/updates/README.md index 8c03411d..426d7329 100644 --- a/environments/updates/README.md +++ b/environments/updates/README.md @@ -7,3 +7,6 @@ Contents **update-from-keystone-admin-internal-api.yaml** To be used if the Keystone Admin API was originally deployed on the Internal API network. + +**update-from-publicvip-on-ctlplane.yaml** + To be used if the PublicVirtualIP resource was deployed as an additional VIP on the 'ctlplane'. diff --git a/environments/updates/update-from-publicvip-on-ctlplane.yaml b/environments/updates/update-from-publicvip-on-ctlplane.yaml new file mode 100644 index 00000000..c62428b4 --- /dev/null +++ b/environments/updates/update-from-publicvip-on-ctlplane.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Network::Ports::ExternalVipPort: ../../network/ports/ctlplane_vip.yaml
\ No newline at end of file diff --git a/extraconfig/all_nodes/mac_hostname.yaml b/extraconfig/all_nodes/mac_hostname.yaml index 739cbf0a..5883e06a 100644 --- a/extraconfig/all_nodes/mac_hostname.yaml +++ b/extraconfig/all_nodes/mac_hostname.yaml @@ -40,6 +40,7 @@ resources: CollectMacDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsController servers: {get_param: controller_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -47,6 +48,7 @@ resources: CollectMacDeploymentsCompute: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCompute servers: {get_param: compute_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -54,6 +56,7 @@ resources: CollectMacDeploymentsBlockStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsBlockStorage servers: {get_param: blockstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -61,6 +64,7 @@ resources: CollectMacDeploymentsObjectStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsObjectStorage servers: {get_param: objectstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -68,6 +72,7 @@ resources: CollectMacDeploymentsCephStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCephStorage servers: {get_param: cephstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -95,6 +100,7 @@ resources: DistributeMacDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: DistributeMacDeploymentsController servers: {get_param: controller_servers} config: {get_resource: DistributeMacConfig} input_values: diff --git a/extraconfig/all_nodes/random_string.yaml b/extraconfig/all_nodes/random_string.yaml index b4b30274..49d2d8b6 100644 --- a/extraconfig/all_nodes/random_string.yaml +++ b/extraconfig/all_nodes/random_string.yaml @@ -41,6 +41,7 @@ resources: RandomDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: RandomDeploymentsController servers: {get_param: controller_servers} config: {get_resource: RandomConfig} actions: ['CREATE'] # Only do this on CREATE @@ -50,6 +51,7 @@ resources: RandomDeploymentsCompute: type: OS::Heat::SoftwareDeployments properties: + name: RandomDeploymentsCompute servers: {get_param: compute_servers} config: {get_resource: RandomConfig} actions: ['CREATE'] # Only do this on CREATE diff --git a/extraconfig/post_deploy/example.yaml b/extraconfig/post_deploy/example.yaml index 1d3dca25..f83dff76 100644 --- a/extraconfig/post_deploy/example.yaml +++ b/extraconfig/post_deploy/example.yaml @@ -22,6 +22,7 @@ resources: ExtraDeployments: type: OS::Heat::SoftwareDeployments properties: + name: ExtraDeployments servers: {get_param: servers} config: {get_resource: ExtraConfig} actions: ['CREATE'] # Only do this on CREATE diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index d5160915..a884bdae 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -73,6 +73,7 @@ resources: RHELRegistrationDeployment: type: OS::Heat::SoftwareDeployment properties: + name: RHELRegistrationDeployment server: {get_param: server} config: {get_resource: RHELRegistration} actions: ['CREATE'] # Only do this on CREATE @@ -106,6 +107,7 @@ resources: RHELUnregistrationDeployment: type: OS::Heat::SoftwareDeployment properties: + name: RHELUnregistrationDeployment server: {get_param: server} config: {get_resource: RHELUnregistration} actions: ['DELETE'] # Only do this on DELETE diff --git a/extraconfig/tasks/pacemaker_common_functions.sh b/extraconfig/tasks/pacemaker_common_functions.sh new file mode 100755 index 00000000..32d06c4a --- /dev/null +++ b/extraconfig/tasks/pacemaker_common_functions.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +set -eu + +function check_resource { + + if [ "$#" -ne 3 ]; then + echo_error "ERROR: check_resource function expects 3 parameters, $# given" + exit 1 + fi + + service=$1 + state=$2 + timeout=$3 + + if [ "$state" = "stopped" ]; then + match_for_incomplete='Started' + else # started + match_for_incomplete='Stopped' + fi + + if timeout -k 10 $timeout crm_resource --wait; then + node_states=$(pcs status --full | grep "$service" | grep -v Clone) + if echo "$node_states" | grep -q "$match_for_incomplete"; then + echo_error "ERROR: cluster finished transition but $service was not in $state state, exiting." + exit 1 + else + echo "$service has $state" + fi + else + echo_error "ERROR: cluster remained unstable for more than $timeout seconds, exiting." + exit 1 + fi + +} + +function echo_error { + echo "$@" | tee /dev/fd2 +} diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh index 12201097..b2bdc55a 100755 --- a/extraconfig/tasks/pacemaker_resource_restart.sh +++ b/extraconfig/tasks/pacemaker_resource_restart.sh @@ -3,38 +3,6 @@ set -eux pacemaker_status=$(systemctl is-active pacemaker) -check_interval=3 - -function check_resource { - - service=$1 - state=$2 - timeout=$3 - tstart=$(date +%s) - tend=$(( $tstart + $timeout )) - - if [ "$state" = "stopped" ]; then - match_for_incomplete='Started' - else # started - match_for_incomplete='Stopped' - fi - - while (( $(date +%s) < $tend )); do - node_states=$(pcs status --full | grep "$service" | grep -v Clone) - if echo "$node_states" | grep -q "$match_for_incomplete"; then - echo "$service not yet $state, sleeping $check_interval seconds." - sleep $check_interval - else - echo "$service has $state" - timeout -k 10 $timeout crm_resource --wait - return - fi - done - - echo "$service never $state after $timeout seconds" | tee /dev/fd/2 - exit 1 - -} # Run if pacemaker is running, we're the bootstrap node, # and we're updating the deployment (not creating). diff --git a/extraconfig/tasks/post_puppet_pacemaker.yaml b/extraconfig/tasks/post_puppet_pacemaker.yaml index 7de41d94..fbed9ce5 100644 --- a/extraconfig/tasks/post_puppet_pacemaker.yaml +++ b/extraconfig/tasks/post_puppet_pacemaker.yaml @@ -33,7 +33,11 @@ resources: type: OS::Heat::SoftwareConfig properties: group: script - config: {get_file: pacemaker_resource_restart.sh} + config: + list_join: + - '' + - - get_file: pacemaker_common_functions.sh + - get_file: pacemaker_resource_restart.sh ControllerPostPuppetRestartDeployment: type: OS::Heat::SoftwareDeployments diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index c6313d9d..869b1a42 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -150,15 +150,15 @@ openstack-nova-scheduler" kill $(ps ax | grep -e "keepalived.*\.pid-vrrp" | awk '{print $1}') 2>/dev/null || : kill $(ps ax | grep -e "radvd.*\.pid\.radvd" | awk '{print $1}') 2>/dev/null || : else - echo "Excluding upgrading packages that are handled by config management tooling" - command_arguments="$command_arguments --skip-broken" - for exclude in $(cat /var/lib/tripleo/installed-packages/* | sort -u); do - command_arguments="$command_arguments --exclude $exclude" - done + echo "Upgrading openstack-puppet-modules" + yum -q -y update openstack-puppet-modules + echo "Upgrading other packages is handled by config management tooling" + echo -n "true" > $heat_outputs_path.update_managed_packages + exit 0 fi command=${command:-update} -full_command="yum -y $command $command_arguments" +full_command="yum -q -y $command $command_arguments" echo "Running: $full_command" result=$($full_command) @@ -199,9 +199,6 @@ if [[ "$pacemaker_status" == "active" ]] ; then fi pcs status - -else - echo -n "true" > $heat_outputs_path.update_managed_packages fi echo "Finished yum_update.sh on server $deploy_server_id at `date`" diff --git a/net-config-linux-bridge.yaml b/net-config-linux-bridge.yaml index 0646ffab..0980803e 100644 --- a/net-config-linux-bridge.yaml +++ b/net-config-linux-bridge.yaml @@ -28,6 +28,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml index a2a6b40d..84cb0f12 100644 --- a/network/config/multiple-nics/ceph-storage.yaml +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml index 06b4b83f..0b0218c5 100644 --- a/network/config/multiple-nics/cinder-storage.yaml +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml index 32851cfb..377fd116 100644 --- a/network/config/multiple-nics/controller.yaml +++ b/network/config/multiple-nics/controller.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml index 4d5a7b99..b75bbd6e 100644 --- a/network/config/multiple-nics/swift-storage.yaml +++ b/network/config/multiple-nics/swift-storage.yaml @@ -84,7 +84,7 @@ resources: config: os_net_config: network_config: - - + - type: interface name: nic1 use_dhcp: false diff --git a/network/config/single-nic-linux-bridge-vlans/README.md b/network/config/single-nic-linux-bridge-vlans/README.md new file mode 100644 index 00000000..b7ded049 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/README.md @@ -0,0 +1,19 @@ +This directory contains Heat templates to help configure +Vlans on a single NICs for each Overcloud role. + +Configuration +------------- + +To make use of these templates create a Heat environment that looks +something like this: + + resource\_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml + +Or use this Heat environment file: + + environments/net-single-nic-linux-bridge-with-vlans.yaml diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml new file mode 100644 index 00000000..a46d7e20 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml @@ -0,0 +1,106 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + ceph storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: br-storage + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml new file mode 100644 index 00000000..08613a3b --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml @@ -0,0 +1,117 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + cinder storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: br-storage + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml new file mode 100644 index 00000000..b6522c67 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml @@ -0,0 +1,118 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + compute role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + ip_netmask: 0.0.0.0/0 + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml new file mode 100644 index 00000000..72105481 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml @@ -0,0 +1,149 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + controller role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + ip_netmask: 0.0.0.0/0 + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + ip_netmask: 0.0.0.0/0 + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml new file mode 100644 index 00000000..962b9890 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml @@ -0,0 +1,117 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + swift storage role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: br-storage + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: br-storage + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index 0ff0a8e5..096ee558 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -40,6 +40,9 @@ parameters: SwiftProxyVirtualIP: type: string default: '' + SaharaApiVirtualIP: + type: string + default: '' EndpointMap: type: json default: @@ -74,6 +77,9 @@ parameters: SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. CloudName: @@ -179,19 +185,19 @@ resources: GlanceRegistryInternal: type: OS::TripleO::Endpoint properties: - EndpointName: GlanceInternal + EndpointName: GlanceRegistryInternal EndpointMap: { get_param: EndpointMap } IP: {get_param: GlanceRegistryVirtualIP} GlanceRegistryPublic: type: OS::TripleO::Endpoint properties: - EndpointName: GlancePublic + EndpointName: GlanceRegistryPublic EndpointMap: { get_param: EndpointMap } IP: {get_param: PublicVirtualIP} GlanceRegistryAdmin: type: OS::TripleO::Endpoint properties: - EndpointName: GlanceAdmin + EndpointName: GlanceRegistryAdmin EndpointMap: { get_param: EndpointMap } IP: {get_param: GlanceRegistryVirtualIP} @@ -223,7 +229,7 @@ resources: HorizonPublic: type: OS::TripleO::Endpoint properties: - EndpointName: HeatPublic + EndpointName: HorizonPublic EndpointMap: { get_param: EndpointMap } IP: {get_param: PublicVirtualIP} CloudName: {get_param: CloudName} @@ -404,6 +410,31 @@ resources: IP: {get_param: SwiftProxyVirtualIP} CloudName: {get_param: CloudName} + SaharaInternal: + type: OS::TripleO::Endpoint + properties: + EndpointName: SaharaInternal + EndpointMap: { get_param: EndpointMap } + IP: {get_param: SaharaApiVirtualIP} + CloudName: {get_param: CloudName} + UriSuffix: '/v1.1/%(tenant_id)s' + SaharaPublic: + type: OS::TripleO::Endpoint + properties: + EndpointName: SaharaPublic + EndpointMap: { get_param: EndpointMap } + IP: {get_param: SaharaApiVirtualIP} + CloudName: {get_param: CloudName} + UriSuffix: '/v1.1/%(tenant_id)s' + SaharaAdmin: + type: OS::TripleO::Endpoint + properties: + EndpointName: SaharaAdmin + EndpointMap: { get_param: EndpointMap } + IP: {get_param: SaharaApiVirtualIP} + CloudName: {get_param: CloudName} + UriSuffix: '/v1.1/%(tenant_id)s' + outputs: endpoint_map: value: @@ -448,3 +479,6 @@ outputs: SwiftS3Internal: {get_attr: [ SwiftS3Internal, endpoint] } SwiftS3Public: {get_attr: [ SwiftS3Public, endpoint] } SwiftS3Admin: {get_attr: [ SwiftS3Admin, endpoint] } + SaharaInternal: {get_attr: [ SaharaInternal, endpoint] } + SaharaPublic: {get_attr: [ SaharaPublic, endpoint] } + SaharaAdmin: {get_attr: [ SaharaAdmin, endpoint] } diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 888a3c89..7288aba8 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -124,3 +124,4 @@ resource_registry: parameter_defaults: EnablePackageInstall: false + SoftwareConfigTransport: POLL_TEMP_URL diff --git a/overcloud.yaml b/overcloud.yaml index 34fba00b..e1f7b4b5 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -88,6 +88,12 @@ parameters: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. type: string + InternalApiVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the InternalApiVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json KeyName: default: default description: Name of an existing Nova key pair to enable SSH access to the instances @@ -177,13 +183,13 @@ parameters: description: | Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronVniRanges: description: | Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronCorePlugin: default: 'ml2' @@ -284,6 +290,18 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + StorageVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the StorageVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + StorageMgmtVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json TimeZone: default: 'UTC' description: The timezone to be set on nodes. @@ -307,7 +325,7 @@ parameters: type: string hidden: true CinderLVMLoopDeviceSize: - default: 5000 + default: 10280 description: The size of the loopback file used by the cinder LVM driver. type: number CinderNfsMountOptions: @@ -543,6 +561,10 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. + SaharaPassword: + description: The password for the sahara service account. + type: string + hidden: true # Compute-specific params CeilometerComputeAgent: @@ -633,6 +655,7 @@ parameters: NovaVncProxyNetwork: internal_api SwiftMgmtNetwork: storage_mgmt SwiftProxyNetwork: storage + SaharaApiNetwork: internal_api HorizonNetwork: internal_api MemcachedNetwork: internal_api RabbitMqNetwork: internal_api @@ -826,6 +849,7 @@ resources: MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} @@ -851,7 +875,6 @@ resources: CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} - CloudName: {get_param: CloudName} CloudDomain: {get_param: CloudDomain} ControlVirtualInterface: {get_param: ControlVirtualInterface} ControllerExtraConfig: {get_param: controllerExtraConfig} @@ -928,6 +951,7 @@ resources: RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} RabbitFDLimit: {get_param: RabbitFDLimit} + SaharaPassword: {get_param: SaharaPassword} SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} @@ -954,6 +978,7 @@ resources: KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -1180,6 +1205,7 @@ resources: neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -1238,6 +1264,7 @@ resources: properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: internal_api_virtual_ip + FixedIPs: {get_param: InternalApiVirtualFixedIPs} StorageVirtualIP: depends_on: Networks @@ -1245,6 +1272,7 @@ resources: properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: storage_virtual_ip + FixedIPs: {get_param: StorageVirtualFixedIPs} StorageMgmtVirtualIP: depends_on: Networks @@ -1252,6 +1280,7 @@ resources: properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: storage_management_virtual_ip + FixedIPs: {get_param: StorageMgmtVirtualFixedIPs} VipMap: type: OS::TripleO::Network::Ports::NetVipMap @@ -1269,6 +1298,7 @@ resources: VipDeployment: type: OS::Heat::StructuredDeployments properties: + name: VipDeployment config: {get_resource: VipConfig} servers: {get_attr: [Controller, attributes, nova_server_resource]} input_values: @@ -1292,6 +1322,7 @@ resources: control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]} public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} + sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} @@ -1304,18 +1335,21 @@ resources: ControllerBootstrapNodeDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerBootstrapNodeDeployment config: {get_attr: [ControllerBootstrapNodeConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} ControllerSwiftDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerSwiftDeployment config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} ObjectStorageSwiftDeployment: type: OS::Heat::StructuredDeployments properties: + name: ObjectStorageSwiftDeployment config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} @@ -1329,18 +1363,21 @@ resources: ComputeCephDeployment: type: OS::Heat::StructuredDeployments properties: + name: ComputeCephDeployment config: {get_attr: [CephClusterConfig, config_id]} servers: {get_attr: [Compute, attributes, nova_server_resource]} ControllerCephDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerCephDeployment config: {get_attr: [CephClusterConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} CephStorageCephDeployment: type: OS::Heat::StructuredDeployments properties: + name: CephStorageCephDeployment config: {get_attr: [CephClusterConfig, config_id]} servers: {get_attr: [CephStorage, attributes, nova_server_resource]} @@ -1375,36 +1412,42 @@ resources: ControllerClusterDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerClusterDeployment config: {get_resource: ControllerClusterConfig} servers: {get_attr: [Controller, attributes, nova_server_resource]} ControllerAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: ControllerAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [Controller, attributes, nova_server_resource]} ComputeAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: ComputeAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [Compute, attributes, nova_server_resource]} BlockStorageAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: BlockStorageAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} ObjectStorageAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: ObjectStorageAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} CephStorageAllNodesDeployment: type: OS::Heat::StructuredDeployments properties: + name: CephStorageAllNodesDeployment config: {get_attr: [allNodesConfig, config_id]} servers: {get_attr: [CephStorage, attributes, nova_server_resource]} @@ -1425,6 +1468,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerAllNodesDeployment properties: + name: ControllerAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [Controller, attributes, nova_server_resource]} @@ -1432,6 +1476,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ComputeAllNodesDeployment properties: + name: ComputeAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [Compute, attributes, nova_server_resource]} @@ -1439,6 +1484,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: BlockStorageAllNodesDeployment properties: + name: BlockStorageAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} @@ -1446,6 +1492,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ObjectStorageAllNodesDeployment properties: + name: ObjectStorageAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} @@ -1453,6 +1500,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: CephStorageAllNodesDeployment properties: + name: CephStorageAllNodesValidationDeployment config: {get_resource: AllNodesValidationConfig} servers: {get_attr: [CephStorage, attributes, nova_server_resource]} @@ -1549,6 +1597,9 @@ outputs: NovaInternalVip: description: VIP for Nova API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SaharaInternalVip: + description: VIP for Sahara API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} SwiftInternalVip: description: VIP for Swift Proxy internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 9dd43680..e85975d4 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -50,6 +50,8 @@ parameters: type: comma_delimited_list keystone_admin_api_node_ips: type: comma_delimited_list + sahara_api_node_ips: + type: comma_delimited_list DeployIdentifier: type: string @@ -67,8 +69,8 @@ resources: allNodesConfigImpl: type: OS::Heat::StructuredConfig properties: + group: os-apply-config config: - completion-signal: {get_input: deploy_signal_id} hosts: list_join: - "\n" @@ -225,6 +227,15 @@ resources: list_join: - "','" - {get_param: neutron_api_node_ips} + # TODO: pass a `midonet_api_node_ips` var + midonet_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: neutron_api_node_ips} keystone_public_api_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -241,6 +252,14 @@ resources: list_join: - "','" - {get_param: keystone_admin_api_node_ips} + sahara_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: sahara_api_node_ips} # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string @@ -250,6 +269,7 @@ resources: neutron::rabbit_hosts: *rabbit_nodes_array nova::rabbit_hosts: *rabbit_nodes_array keystone::rabbit_hosts: *rabbit_nodes_array + sahara::rabbit_hosts: *rabbit_nodes_array deploy_identifier: {get_param: DeployIdentifier} update_identifier: {get_param: UpdateIdentifier} diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index 0f7dd36f..f9c53465 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -30,6 +30,7 @@ resources: CephStorageDeployment_Step1: type: OS::Heat::StructuredDeployments properties: + name: CephStorageDeployment_Step1 servers: {get_param: servers} config: {get_resource: CephStoragePuppetConfig} input_values: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 3044d975..e310e1f5 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -190,6 +190,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: CephStorage} actions: {get_param: NetworkDeploymentActions} @@ -198,6 +199,7 @@ resources: type: OS::Heat::StructuredDeployment depends_on: NetworkDeployment properties: + name: CephStorageDeployment config: {get_resource: CephStorageConfig} server: {get_resource: CephStorage} input_values: diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index c97cfcf9..9b7c752a 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -28,5 +28,14 @@ resources: VolumeDeployment_Step1: type: OS::Heat::StructuredDeployments properties: + name: VolumeDeployment_Step1 servers: {get_param: servers} config: {get_resource: VolumePuppetConfig} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + depends_on: VolumeDeployment_Step1 + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 82aa3a03..0bec3e93 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -13,7 +13,7 @@ parameters: description: The iSCSI helper to use with cinder. type: string CinderLVMLoopDeviceSize: - default: 5000 + default: 10280 description: The size of the loopback file used by the cinder LVM driver. type: number CinderPassword: @@ -231,6 +231,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: BlockStorage} actions: {get_param: NetworkDeploymentActions} @@ -239,11 +240,12 @@ resources: type: OS::Heat::StructuredDeployment depends_on: NetworkDeployment properties: + name: BlockStorageDeployment server: {get_resource: BlockStorage} config: {get_resource: BlockStorageConfig} input_values: debug: {get_param: Debug} - cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: MysqlVirtualIP} , '/cinder']]} + cinder_dsn: {list_join: ['', ['mysql+pymysql://cinder:', {get_param: CinderPassword}, '@', {get_param: MysqlVirtualIP} , '/cinder']]} snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} cinder_lvm_loop_device_size: @@ -330,6 +332,7 @@ resources: UpdateDeployment: type: OS::Heat::SoftwareDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: BlockStorage} input_values: diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index b63b06b4..3861e50c 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -31,6 +31,7 @@ resources: ComputePuppetDeployment: type: OS::Heat::StructuredDeployments properties: + name: ComputePuppetDeployment servers: {get_param: servers} config: {get_resource: ComputePuppetConfig} input_values: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index f4165756..8b2bcd33 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -127,13 +127,13 @@ parameters: description: | Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronVniRanges: description: | Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronPublicInterfaceRawDevice: default: '' @@ -409,6 +409,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: NovaCompute} actions: {get_param: NetworkDeploymentActions} @@ -487,7 +488,7 @@ resources: neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} - neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} @@ -519,6 +520,7 @@ resources: type: OS::TripleO::SoftwareDeployment depends_on: NetworkDeployment properties: + name: NovaComputeDeployment config: {get_resource: NovaComputeConfig} server: {get_resource: NovaCompute} input_values: @@ -650,6 +652,7 @@ resources: UpdateDeployment: type: OS::Heat::SoftwareDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: NovaCompute} input_values: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index ed8129e7..d250dd70 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -35,6 +35,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerPrePuppet properties: + name: ControllerLoadBalancerDeployment_Step1 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -46,6 +47,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerLoadBalancerDeployment_Step1 properties: + name: ControllerServicesBaseDeployment_Step2 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -71,6 +73,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerServicesBaseDeployment_Step2 properties: + name: ControllerRingbuilderDeployment_Step3 servers: {get_param: servers} config: {get_resource: ControllerRingbuilderPuppetConfig} input_values: @@ -80,6 +83,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerRingbuilderDeployment_Step3 properties: + name: ControllerOvercloudServicesDeployment_Step4 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -90,6 +94,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerOvercloudServicesDeployment_Step4 properties: + name: ControllerOvercloudServicesDeployment_Step5 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: @@ -100,6 +105,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: ControllerOvercloudServicesDeployment_Step5 properties: + name: ControllerOvercloudServicesDeployment_Step6 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index c2ab163c..33411e32 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -61,7 +61,7 @@ parameters: description: The iSCSI helper to use with cinder. type: string CinderLVMLoopDeviceSize: - default: 5000 + default: 10280 description: The size of the loopback file used by the cinder LVM driver. type: number CinderNfsMountOptions: @@ -89,10 +89,6 @@ parameters: default: 0 description: Number of workers for Cinder service. type: number - CloudName: - default: overcloud - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - type: string ControllerExtraConfig: default: {} description: | @@ -276,6 +272,11 @@ parameters: default: '' description: Keystone self-signed certificate authority certificate. type: string + KeystoneEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Keystone database. + type: boolean KeystoneSigningCertificate: default: '' description: Keystone certificate for verifying token validity. @@ -320,6 +321,14 @@ parameters: default: 0 description: Number of workers for Keystone service. type: number + SaharaApiVirtualIP: + type: string + default: '' + SaharaPassword: + default: unset + description: The password for the sahara service account, used by sahara-api. + type: string + hidden: true MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -492,13 +501,13 @@ parameters: description: | Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronVniRanges: description: | Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] + default: ["1:4094", ] type: comma_delimited_list NeutronPluginExtensions: default: "qos,port_security" @@ -819,6 +828,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: Controller} actions: {get_param: NetworkDeploymentActions} @@ -841,10 +851,12 @@ resources: server: {get_resource: Controller} NodeIndex: {get_param: NodeIndex} + ControllerDeployment: type: OS::TripleO::SoftwareDeployment depends_on: NetworkDeployment properties: + name: ControllerDeployment config: {get_resource: ControllerConfig} server: {get_resource: Controller} input_values: @@ -904,7 +916,7 @@ resources: cinder_dsn: list_join: - '' - - - 'mysql://cinder:' + - - 'mysql+pymysql://cinder:' - {get_param: CinderPassword} - '@' - {get_param: MysqlVirtualIP} @@ -921,7 +933,7 @@ resources: glance_dsn: list_join: - '' - - - 'mysql://glance:' + - - 'mysql+pymysql://glance:' - {get_param: GlancePassword} - '@' - {get_param: MysqlVirtualIP} @@ -931,7 +943,7 @@ resources: heat_dsn: list_join: - '' - - - 'mysql://heat:' + - - 'mysql+pymysql://heat:' - {get_param: HeatPassword} - '@' - {get_param: MysqlVirtualIP} @@ -943,10 +955,11 @@ resources: keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} keystone_notification_driver: {get_param: KeystoneNotificationDriver} keystone_notification_format: {get_param: KeystoneNotificationFormat} + keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone_dsn: list_join: - '' - - - 'mysql://keystone:' + - - 'mysql+pymysql://keystone:' - {get_param: AdminToken} - '@' - {get_param: MysqlVirtualIP} @@ -1052,7 +1065,7 @@ resources: neutron_dsn: list_join: - '' - - - 'mysql://neutron:' + - - 'mysql+pymysql://neutron:' - {get_param: NeutronPassword} - '@' - {get_param: MysqlVirtualIP} @@ -1060,7 +1073,7 @@ resources: neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } - neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] } + neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri_no_suffix ] } nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] } ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} @@ -1074,7 +1087,7 @@ resources: ceilometer_dsn: list_join: - '' - - - 'mysql://ceilometer:' + - - 'mysql+pymysql://ceilometer:' - {get_param: CeilometerPassword} - '@' - {get_param: MysqlVirtualIP} @@ -1086,11 +1099,19 @@ resources: nova_dsn: list_join: - '' - - - 'mysql://nova:' + - - 'mysql+pymysql://nova:' - {get_param: NovaPassword} - '@' - {get_param: MysqlVirtualIP} - '/nova' + nova_api_dsn: + list_join: + - '' + - - 'mysql+pymysql://nova_api:' + - {get_param: NovaPassword} + - '@' + - {get_param: MysqlVirtualIP} + - '/nova_api' instance_name_template: {get_param: InstanceNameTemplate} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} @@ -1120,6 +1141,15 @@ resources: swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} + sahara_password: {get_param: SaharaPassword} + sahara_dsn: + list_join: + - '' + - - 'mysql://sahara:' + - {get_param: SaharaPassword} + - '@' + - {get_param: MysqlVirtualIP} + - '/sahara' swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} @@ -1142,6 +1172,7 @@ resources: rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} + sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} mysql_virtual_ip: {get_param: MysqlVirtualIP} @@ -1311,8 +1342,10 @@ resources: keystone_ssl_certificate: {get_input: keystone_ssl_certificate} keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key} keystone::database_connection: {get_input: keystone_dsn} - keystone::public_bind_host: {get_input: keystone_public_api_network} keystone::admin_bind_host: {get_input: keystone_admin_api_network} + keystone::public_bind_host: {get_input: keystone_public_api_network} + keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network} + keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network} keystone::debug: {get_input: debug} keystone::db::mysql::password: {get_input: admin_token} keystone::rabbit_userid: {get_input: rabbit_username} @@ -1329,6 +1362,7 @@ resources: keystone::endpoint::region: {get_input: keystone_region} keystone::admin_workers: {get_input: keystone_workers} keystone::public_workers: {get_input: keystone_workers} + keystone_enable_db_purge: {get_input: keystone_enable_db_purge} # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} @@ -1382,7 +1416,7 @@ resources: neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges} - neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings} + neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings} neutron_public_interface: {get_input: neutron_public_interface} neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route} @@ -1404,6 +1438,7 @@ resources: neutron::server::notifications::nova_url: {get_input: nova_internal_url} neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url} neutron::server::notifications::tenant_name: 'service' + neutron::server::notifications::project_name: 'service' neutron::server::notifications::password: {get_input: nova_password} # Ceilometer @@ -1441,6 +1476,7 @@ resources: nova::api::ec2_workers: {get_input: nova_workers} nova::api::metadata_workers: {get_input: nova_workers} nova::database_connection: {get_input: nova_dsn} + nova::api_database_connection: {get_input: nova_api_dsn} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} @@ -1449,6 +1485,7 @@ resources: nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova::db::mysql::password: {get_input: nova_password} + nova::db::mysql_api::password: {get_input: nova_password} nova_enable_db_purge: {get_input: nova_enable_db_purge} # Horizon @@ -1459,6 +1496,29 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} + # Sahara + sahara::host: {get_input: sahara_api_network} + sahara::plugins: + - cdh + - hdp + - mapr + - vanilla + - spark + - storm + sahara::admin_password: {get_input: sahara_password} + sahara::auth_uri: {get_input: keystone_auth_uri} + sahara::admin_user: sahara + sahara::identity_uri: {get_input: keystone_identity_uri} + sahara::use_neutron: true + sahara::database_connection: {get_input: sahara_dsn} + sahara::debug: {get_input: debug} + sahara::rpc_backend: rabbit + sahara::rabbit_userid: {get_input: rabbit_username} + sahara::rabbit_password: {get_input: rabbit_password} + sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + sahara::rabbit_port: {get_input: rabbit_client_port} + sahara::db::mysql::password: {get_input: sahara_password} + # Rabbit rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} @@ -1506,6 +1566,7 @@ resources: UpdateDeployment: type: OS::Heat::SoftwareDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: Controller} input_values: @@ -1549,12 +1610,11 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: IP HOST.DOMAIN HOST CLOUDNAME + template: IP HOST.DOMAIN HOST params: IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} HOST: {get_attr: [Controller, name]} - CLOUDNAME: {get_param: CloudName} nova_server_resource: description: Heat resource handle for the Nova compute server value: diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml index 2413f5a4..655fd0f2 100644 --- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml +++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml @@ -131,6 +131,7 @@ resources: NetworkCiscoDeployment: type: OS::Heat::StructuredDeployments properties: + name: NetworkCiscoDeployment config: {get_resource: NetworkCiscoConfig} servers: {get_param: controller_servers} input_values: @@ -178,6 +179,7 @@ resources: CollectMacDeploymentsController: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsController servers: {get_param: controller_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -185,6 +187,7 @@ resources: CollectMacDeploymentsCompute: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCompute servers: {get_param: compute_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -192,6 +195,7 @@ resources: CollectMacDeploymentsBlockStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsBlockStorage servers: {get_param: blockstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -199,6 +203,7 @@ resources: CollectMacDeploymentsObjectStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsObjectStorage servers: {get_param: objectstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -206,6 +211,7 @@ resources: CollectMacDeploymentsCephStorage: type: OS::Heat::SoftwareDeployments properties: + name: CollectMacDeploymentsCephStorage servers: {get_param: cephstorage_servers} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE @@ -280,6 +286,7 @@ resources: MappingToNexusDeploymentsController: type: OS::Heat::SoftwareDeployment properties: + name: MappingToNexusDeploymentsController server: {get_param: [controller_servers, '0']} config: {get_resource: MappingToNexusConfig} input_values: @@ -323,6 +330,7 @@ resources: type: OS::Heat::SoftwareDeployment depends_on: MappingToNexusDeploymentsController properties: + name: MappingToUCSMDeploymentsController server: {get_param: [controller_servers, '0']} config: {get_resource: MappingToUCSMConfig} input_values: diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml index 7cefc24b..ebd6c251 100644 --- a/puppet/extraconfig/ceph/ceph-external-config.yaml +++ b/puppet/extraconfig/ceph/ceph-external-config.yaml @@ -76,7 +76,7 @@ resources: cinder_rbd_pool_name: {get_param: CinderRbdPoolName} glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} - glance::backend::rbd::rbd_store_pool: {get_param: CephClientUserName} + glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} nova::compute::rbd::rbd_keyring: list_join: - '.' diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml index 96368e37..5561c74a 100644 --- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml +++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml @@ -70,6 +70,7 @@ resources: NovaNuageDeployment: type: OS::Heat::StructuredDeployment properties: + name: NovaNuageDeployment config: {get_resource: NovaNuageConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml index 7ec2190f..ab442f2b 100644 --- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml +++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml @@ -114,6 +114,7 @@ resources: CinderNetappDeployment: type: OS::Heat::StructuredDeployment properties: + name: CinderNetappDeployment config: {get_resource: CinderNetappConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml index bf06d25d..1e652960 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml @@ -56,6 +56,7 @@ resources: NeutronBigswitchDeployment: type: OS::Heat::StructuredDeployment properties: + name: NeutronBigswitchDeployment config: {get_resource: NeutronBigswitchConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml index 6730ddf1..cec885cd 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml @@ -142,6 +142,7 @@ resources: CiscoN1kvDeployment: type: OS::Heat::StructuredDeployment properties: + name: CiscoN1kvDeployment config: {get_resource: CiscoN1kvConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml index 8378d2fc..a4cfea07 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml @@ -71,6 +71,7 @@ resources: NeutronNuageDeployment: type: OS::Heat::StructuredDeployment properties: + name: NeutronNuageDeployment config: {get_resource: NeutronNuageConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml index 80c8ad6e..e236e336 100644 --- a/puppet/extraconfig/pre_deploy/per_node.yaml +++ b/puppet/extraconfig/pre_deploy/per_node.yaml @@ -45,6 +45,7 @@ resources: NodeSpecificDeployment: type: OS::Heat::SoftwareDeployment properties: + name: NodeSpecificDeployment config: {get_resource: NodeSpecificConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml index 7e34f071..aab42849 100644 --- a/puppet/extraconfig/tls/ca-inject.yaml +++ b/puppet/extraconfig/tls/ca-inject.yaml @@ -45,7 +45,7 @@ resources: cat > ${cacert_path} << EOF ${cacert_content} EOF - chmod 0440 ${cacert_path} + chmod 0444 ${cacert_path} chown root:root ${cacert_path} ${update_anchor_command} md5sum ${cacert_path} > ${heat_outputs_path}.root_cert_md5sum @@ -53,6 +53,7 @@ resources: CADeployment: type: OS::Heat::SoftwareDeployment properties: + name: CADeployment config: {get_resource: CAConfig} server: {get_param: server} input_values: diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml index ce524ba9..20bb3737 100644 --- a/puppet/extraconfig/tls/tls-cert-inject.yaml +++ b/puppet/extraconfig/tls/tls-cert-inject.yaml @@ -67,6 +67,7 @@ resources: ControllerTLSDeployment: type: OS::Heat::SoftwareDeployment properties: + name: ControllerTLSDeployment config: {get_resource: ControllerTLSConfig} server: {get_param: server} input_values: diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index b4b51abf..30645687 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -14,6 +14,9 @@ nova::network::neutron::dhcp_domain: '' neutron::allow_overlapping_ips: true +kernel_modules: + nf_conntrack: {} + sysctl_settings: net.ipv4.tcp_keepalive_intvl: value: 1 @@ -21,6 +24,15 @@ sysctl_settings: value: 5 net.ipv4.tcp_keepalive_time: value: 5 + net.nf_conntrack_max: + value: 500000 + net.netfilter.nf_conntrack_max: + value: 500000 + # prevent neutron bridges from autoconfiguring ipv6 addresses + net.ipv6.conf.default.accept_ra: + value: 0 + net.ipv6.conf.default.autoconf: + value: 0 nova::rabbit_heartbeat_timeout_threshold: 60 neutron::rabbit_heartbeat_timeout_threshold: 60 diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 1e7f9a6a..a4dda4b4 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -34,15 +34,26 @@ glance::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service' +neutron::agents::l3::router_delete_namespaces: True +neutron::agents::dhcp::dhcp_delete_namespaces: True cinder::api::keystone_tenant: 'service' swift::proxy::authtoken::admin_tenant_name: 'service' ceilometer::api::keystone_tenant: 'service' heat::keystone_tenant: 'service' +sahara::admin_tenant_name: 'service' # keystone keystone::cron::token_flush::maxdelay: 3600 keystone::roles::admin::service_tenant: 'service' keystone::roles::admin::admin_tenant: 'admin' +keystone::cron::token_flush::destination: '/dev/null' +keystone::config::keystone_config: + DEFAULT/secure_proxy_ssl_header: + value: 'HTTP_X_FORWARDED_PROTO' + ec2/driver: + value: 'keystone.contrib.ec2.backends.sql.Ec2' +keystone::service_name: 'httpd' +keystone::wsgi::apache::ssl: false #swift swift::proxy::pipeline: @@ -76,6 +87,7 @@ neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' nova::api::osapi_v3: true +nova::api::sync_db_api: true nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::cron::archive_deleted_rows::hour: '*/12' nova::cron::archive_deleted_rows::destination: '/dev/null' @@ -86,6 +98,9 @@ ceilometer::agent::auth::auth_endpoint_type: 'internalURL' # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler cinder::cron::db_purge::destination: '/dev/null' +cinder::config::cinder_config: + DEFAULT/host: + value: hostgroup # heat heat::engine::configure_delegated_roles: false @@ -121,6 +136,7 @@ tripleo::loadbalancer::nova_metadata: true tripleo::loadbalancer::nova_novncproxy: true tripleo::loadbalancer::mysql: true tripleo::loadbalancer::redis: true +tripleo::loadbalancer::sahara: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true tripleo::loadbalancer::heat_api: true diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml index 7e925d90..61714691 100644 --- a/puppet/hieradata/database.yaml +++ b/puppet/hieradata/database.yaml @@ -6,6 +6,13 @@ nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" +nova::db::mysql_api::user: nova_api +nova::db::mysql_api::host: "%{hiera('mysql_virtual_ip')}" +nova::db::mysql_api::dbname: nova_api +nova::db::mysql_api::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + # Glance glance::db::mysql::user: glance glance::db::mysql::host: "%{hiera('mysql_virtual_ip')}" @@ -53,3 +60,10 @@ ceilometer::db::mysql::dbname: ceilometer ceilometer::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + +sahara::db::mysql::user: sahara +sahara::db::mysql::host: "%{hiera('mysql_virtual_ip')}" +sahara::db::mysql::dbname: sahara +sahara::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 7444155c..0db5b45a 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -16,7 +16,9 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp @@ -38,6 +40,7 @@ if str2bool(hiera('ceph_osd_selinux_permissive', true)) { } -> Class['ceph::profile::osd'] } +include ::ceph::conf include ::ceph::profile::client include ::ceph::profile::osd diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index bb3575cf..3022787b 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -16,7 +16,9 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp @@ -37,6 +39,16 @@ exec { 'libvirt-default-net-destroy': before => Service['libvirt'], } +# When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique +exec { 'reset-iscsi-initiator-name': + command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi', + onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset', +}-> + +file { '/etc/iscsi/.initiator_reset': + ensure => present, +} + include ::nova include ::nova::config include ::nova::compute @@ -49,6 +61,7 @@ nova_config { $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false) $rbd_persistent_storage = hiera('rbd_persistent_storage', false) if $rbd_ephemeral_storage or $rbd_persistent_storage { + include ::ceph::conf include ::ceph::profile::client $client_keys = hiera('ceph::profile::params::client_keys') @@ -78,6 +91,7 @@ if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' } include ::nova::network::neutron include ::neutron +include ::neutron::config # If the value of core plugin is set to 'nuage', # include nuage agent, diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 5541734f..601f35f7 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -20,7 +20,9 @@ $enable_load_balancer = hiera('enable_load_balancer', true) if hiera('step') >= 1 { + create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> $controller_node_ips = split(hiera('controller_node_ips'), ',') @@ -83,11 +85,15 @@ if hiera('step') >= 2 { $mysql_config_file = '/etc/my.cnf.d/server.cnf' } # TODO Galara + # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we + # set bind-address to a hostname instead of an ip address; to move Mysql + # from internal_api on another network we'll have to customize both + # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap class { '::mysql::server': config_file => $mysql_config_file, override_options => { 'mysqld' => { - 'bind-address' => hiera('mysql_bind_host'), + 'bind-address' => $::hostname, 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', }, @@ -100,9 +106,11 @@ if hiera('step') >= 2 { include ::keystone::db::mysql include ::glance::db::mysql include ::nova::db::mysql + include ::nova::db::mysql_api include ::neutron::db::mysql include ::cinder::db::mysql include ::heat::db::mysql + include ::sahara::db::mysql if downcase(hiera('ceilometer_backend')) == 'mysql' { include ::ceilometer::db::mysql } @@ -130,12 +138,13 @@ if hiera('step') >= 2 { # pre-install swift here so we can build rings include ::swift - $enable_ceph = hiera('ceph_storage_count', 0) > 0 + $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) if $enable_ceph { class { '::ceph::profile::params': mon_initial_members => downcase(hiera('ceph_mon_initial_members')), } + include ::ceph::conf include ::ceph::profile::mon } @@ -154,10 +163,12 @@ if hiera('step') >= 2 { } -> Class['ceph::profile::osd'] } + include ::ceph::conf include ::ceph::profile::osd } if str2bool(hiera('enable_external_ceph', false)) { + include ::ceph::conf include ::ceph::profile::client } @@ -166,13 +177,13 @@ if hiera('step') >= 2 { if hiera('step') >= 3 { include ::keystone + include ::keystone::config include ::keystone::roles::admin include ::keystone::endpoint + include ::keystone::wsgi::apache #TODO: need a cleanup-keystone-tokens.sh solution here - keystone_config { - 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2'; - } + file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: ensure => 'directory', owner => 'keystone', @@ -213,6 +224,7 @@ if hiera('step') >= 3 { # TODO: notifications, scrubber, etc. include ::glance + include ::glance::config class { '::glance::api': known_stores => $glance_store, } @@ -242,7 +254,8 @@ if hiera('step') >= 3 { if hiera('enable_zookeeper_on_controller') { class {'::tripleo::cluster::zookeeper': zookeeper_server_ips => $zookeeper_node_ips, - zookeeper_client_ip => $ipaddress, + # TODO: create a 'bind' hiera key for zookeeper + zookeeper_client_ip => hiera('neutron::bind_host'), zookeeper_hostnames => hiera('controller_node_names') } } @@ -251,7 +264,8 @@ if hiera('step') >= 3 { if hiera('enable_cassandra_on_controller') { class {'::tripleo::cluster::cassandra': cassandra_servers => $cassandra_node_ips, - cassandra_ip => $ipaddress + # TODO: create a 'bind' hiera key for cassandra + cassandra_ip => hiera('neutron::bind_host'), } } @@ -262,10 +276,11 @@ if hiera('step') >= 3 { class {'::tripleo::network::midonet::api': zookeeper_servers => $zookeeper_node_ips, - vip => $ipaddress, - keystone_ip => $ipaddress, + vip => hiera('tripleo::loadbalancer::public_virtual_ip'), + keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_admin_token => hiera('keystone::admin_token'), - bind_address => $ipaddress, + # TODO: create a 'bind' hiera key for api + bind_address => hiera('neutron::bind_host'), admin_password => hiera('admin_password') } @@ -281,6 +296,7 @@ if hiera('step') >= 3 { include ::neutron } + include ::neutron::config include ::neutron::server include ::neutron::server::notifications @@ -307,7 +323,7 @@ if hiera('step') >= 3 { if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { class {'::neutron::plugins::midonet': - midonet_api_ip => $ipaddress, + midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_tenant => hiera('neutron::server::auth_tenant'), keystone_password => hiera('neutron::server::auth_password') } @@ -357,6 +373,8 @@ if hiera('step') >= 3 { } include ::cinder + include ::cinder::config + include ::tripleo::ssl::cinder_config include ::cinder::api include ::cinder::glance include ::cinder::scheduler @@ -404,10 +422,6 @@ if hiera('step') >= 3 { if hiera('cinder_enable_eqlx_backend', false) { $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name') - cinder_config { - "${cinder_eqlx_backend}/host": value => 'hostgroup'; - } - cinder::backend::eqlx { $cinder_eqlx_backend : volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef), san_ip => hiera('cinder::backend::eqlx::san_ip', undef), @@ -415,7 +429,7 @@ if hiera('step') >= 3 { san_password => hiera('cinder::backend::eqlx::san_password', undef), san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), - eqlx_pool => hiera('cinder::backend::eqlx::eqlx_lpool', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef), eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), @@ -425,10 +439,6 @@ if hiera('step') >= 3 { if hiera('cinder_enable_dellsc_backend', false) { $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name') - cinder_config { - "${cinder_dellsc_backend}/host": value => 'hostgroup'; - } - cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend : volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef), san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), @@ -437,7 +447,7 @@ if hiera('step') >= 3 { dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), - dell_sc_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_port', undef), + dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef), dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), } @@ -446,10 +456,6 @@ if hiera('step') >= 3 { if hiera('cinder_enable_netapp_backend', false) { $cinder_netapp_backend = hiera('cinder::backend::netapp::title') - cinder_config { - "${cinder_netapp_backend}/host": value => 'hostgroup'; - } - if hiera('cinder::backend::netapp::nfs_shares', undef) { $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') } @@ -559,11 +565,17 @@ if hiera('step') >= 3 { # Heat include ::heat + include ::heat::config include ::heat::api include ::heat::api_cfn include ::heat::api_cloudwatch include ::heat::engine + # Sahara + include ::sahara + include ::sahara::service::api + include ::sahara::service::engine + # Horizon if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { $_profile_support = 'cisco' @@ -592,10 +604,13 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) - include ::keystone::cron::token_flush + if $keystone_enable_db_purge { + include ::keystone::cron::token_flush + } if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 3ce94315..b57bcffb 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -39,7 +39,9 @@ $non_pcmk_start = hiera('step') >= 4 if hiera('step') >= 1 { + create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> include ::timezone @@ -134,6 +136,11 @@ if hiera('step') >= 1 { $galera_nodes = downcase(hiera('galera_node_names', $::hostname)) $galera_nodes_count = count(split($galera_nodes, ',')) + # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we + # set bind-address to a hostname instead of an ip address; to move Mysql + # from internal_api on another network we'll have to customize both + # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap + $mysql_bind_host = hiera('mysql_bind_host') $mysqld_options = { 'mysqld' => { 'skip-name-resolve' => '1', @@ -143,7 +150,7 @@ if hiera('step') >= 1 { 'innodb_locks_unsafe_for_binlog'=> '1', 'query_cache_size' => '0', 'query_cache_type' => '0', - 'bind-address' => hiera('mysql_bind_host'), + 'bind-address' => $::hostname, 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so', @@ -158,8 +165,8 @@ if hiera('step') >= 1 { 'wsrep_auto_increment_control' => '1', 'wsrep_drupal_282555_workaround'=> '0', 'wsrep_causal_reads' => '0', - 'wsrep_notify_cmd' => '', 'wsrep_sst_method' => 'rsync', + 'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;", }, } @@ -430,6 +437,9 @@ MYSQL_HOST=localhost\n", class { '::nova::db::mysql': require => Exec['galera-ready'], } + class { '::nova::db::mysql_api': + require => Exec['galera-ready'], + } class { '::neutron::db::mysql': require => Exec['galera-ready'], } @@ -445,18 +455,23 @@ MYSQL_HOST=localhost\n", require => Exec['galera-ready'], } } + + class { '::sahara::db::mysql': + require => Exec['galera-ready'], + } } # pre-install swift here so we can build rings include ::swift # Ceph - $enable_ceph = hiera('ceph_storage_count', 0) > 0 + $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false) if $enable_ceph { class { '::ceph::profile::params': mon_initial_members => downcase(hiera('ceph_mon_initial_members')), } + include ::ceph::conf include ::ceph::profile::mon } @@ -475,10 +490,12 @@ MYSQL_HOST=localhost\n", } -> Class['ceph::profile::osd'] } + include ::ceph::conf include ::ceph::profile::osd } if str2bool(hiera('enable_external_ceph', false)) { + include ::ceph::conf include ::ceph::profile::client } @@ -492,11 +509,10 @@ if hiera('step') >= 3 { manage_service => false, enabled => false, } + include ::keystone::config #TODO: need a cleanup-keystone-tokens.sh solution here - keystone_config { - 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2'; - } + file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: ensure => 'directory', owner => 'keystone', @@ -548,6 +564,7 @@ if hiera('step') >= 3 { # TODO: notifications, scrubber, etc. include ::glance + include ::glance::config class { '::glance::api': known_stores => $glance_store, manage_service => false, @@ -568,6 +585,7 @@ if hiera('step') >= 3 { class { '::nova::api' : sync_db => $sync_db, + sync_db_api => $sync_db, manage_service => false, enabled => false, } @@ -604,8 +622,9 @@ if hiera('step') >= 3 { if hiera('enable_zookeeper_on_controller') { class {'::tripleo::cluster::zookeeper': zookeeper_server_ips => $zookeeper_node_ips, - zookeeper_client_ip => $ipaddress, - zookeeper_hostnames => hiera('controller_node_names') + # TODO: create a 'bind' hiera key for zookeeper + zookeeper_client_ip => hiera('neutron::bind_host'), + zookeeper_hostnames => split(hiera('controller_node_names'), ',') } } @@ -613,7 +632,8 @@ if hiera('step') >= 3 { if hiera('enable_cassandra_on_controller') { class {'::tripleo::cluster::cassandra': cassandra_servers => $cassandra_node_ips, - cassandra_ip => $ipaddress + # TODO: create a 'bind' hiera key for cassandra + cassandra_ip => hiera('neutron::bind_host'), } } @@ -623,11 +643,12 @@ if hiera('step') >= 3 { } class {'::tripleo::network::midonet::api': - zookeeper_servers => hiera('neutron_api_node_ips'), - vip => $public_vip, - keystone_ip => $public_vip, + zookeeper_servers => $zookeeper_node_ips, + vip => hiera('tripleo::loadbalancer::public_virtual_ip'), + keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_admin_token => hiera('keystone::admin_token'), - bind_address => $ipaddress, + # TODO: create a 'bind' hiera key for api + bind_address => hiera('neutron::bind_host'), admin_password => hiera('admin_password') } @@ -642,6 +663,7 @@ if hiera('step') >= 3 { include ::neutron } + include ::neutron::config class { '::neutron::server' : sync_db => $sync_db, manage_service => false, @@ -653,7 +675,7 @@ if hiera('step') >= 3 { } if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { class {'::neutron::plugins::midonet': - midonet_api_ip => $public_vip, + midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'), keystone_tenant => hiera('neutron::server::auth_tenant'), keystone_password => hiera('neutron::server::auth_password') } @@ -721,6 +743,8 @@ if hiera('step') >= 3 { } include ::cinder + include ::cinder::config + include ::tripleo::ssl::cinder_config class { '::cinder::api': sync_db => $sync_db, manage_service => false, @@ -778,10 +802,6 @@ if hiera('step') >= 3 { if hiera('cinder_enable_eqlx_backend', false) { $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name') - cinder_config { - "${cinder_eqlx_backend}/host": value => 'hostgroup'; - } - cinder::backend::eqlx { $cinder_eqlx_backend : volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef), san_ip => hiera('cinder::backend::eqlx::san_ip', undef), @@ -789,7 +809,7 @@ if hiera('step') >= 3 { san_password => hiera('cinder::backend::eqlx::san_password', undef), san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), - eqlx_pool => hiera('cinder::backend::eqlx::eqlx_lpool', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef), eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), @@ -799,10 +819,6 @@ if hiera('step') >= 3 { if hiera('cinder_enable_dellsc_backend', false) { $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name') - cinder_config { - "${cinder_dellsc_backend}/host": value => 'hostgroup'; - } - cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend : volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef), san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), @@ -811,7 +827,7 @@ if hiera('step') >= 3 { dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), - dell_sc_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_port', undef), + dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef), dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), } @@ -820,10 +836,6 @@ if hiera('step') >= 3 { if hiera('cinder_enable_netapp_backend', false) { $cinder_netapp_backend = hiera('cinder::backend::netapp::title') - cinder_config { - "${cinder_netapp_backend}/host": value => 'hostgroup'; - } - if hiera('cinder::backend::netapp::nfs_shares', undef) { $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') } @@ -875,6 +887,18 @@ if hiera('step') >= 3 { enabled_backends => $cinder_enabled_backends, } + class { '::sahara': + sync_db => $sync_db, + } + class { '::sahara::service::api': + manage_service => false, + enabled => false, + } + class { '::sahara::service::engine': + manage_service => false, + enabled => false, + } + # swift proxy class { '::swift::proxy' : manage_service => $non_pcmk_start, @@ -959,6 +983,7 @@ if hiera('step') >= 3 { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } # Heat + include ::heat::config class { '::heat' : sync_db => $sync_db, } @@ -985,6 +1010,7 @@ if hiera('step') >= 3 { service_enable => false, # service_manage => false, # <-- not supported with horizon&apache mod_wsgi? } + include ::keystone::wsgi::apache include ::apache::mod::status if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { $_profile_support = 'cisco' @@ -1012,10 +1038,13 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) - include ::keystone::cron::token_flush + if $keystone_enable_db_purge { + include ::keystone::cron::token_flush + } if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows } @@ -1025,57 +1054,49 @@ if hiera('step') >= 4 { if $pacemaker_master { - # Keystone - pacemaker::resource::service { $::keystone::params::service_name : - clone_params => 'interleave=true', - verify_on_create => true, - require => [File['/etc/keystone/ssl/certs/ca.pem'], - File['/etc/keystone/ssl/private/signing_key.pem'], - File['/etc/keystone/ssl/certs/signing_cert.pem']], - } if $enable_load_balancer { pacemaker::constraint::base { 'haproxy-then-keystone-constraint': constraint_type => 'order', first_resource => 'haproxy-clone', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::apache::params::service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service['haproxy'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } } pacemaker::constraint::base { 'rabbitmq-then-keystone-constraint': constraint_type => 'order', first_resource => 'rabbitmq-clone', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::apache::params::service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Ocf['rabbitmq'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'memcached-then-keystone-constraint': constraint_type => 'order', first_resource => 'memcached-clone', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::apache::params::service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service['memcached'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'galera-then-keystone-constraint': constraint_type => 'order', first_resource => 'galera-master', - second_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::apache::params::service_name}-clone", first_action => 'promote', second_action => 'start', require => [Pacemaker::Resource::Ocf['galera'], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } # Cinder pacemaker::resource::service { $::cinder::params::api_service : clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } pacemaker::resource::service { $::cinder::params::scheduler_service : clone_params => 'interleave=true', @@ -1084,12 +1105,12 @@ if hiera('step') >= 4 { pacemaker::constraint::base { 'keystone-then-cinder-api-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => "${::apache::params::service_name}-clone", second_resource => "${::cinder::params::api_service}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::cinder::params::api_service], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': constraint_type => 'order', @@ -1124,10 +1145,28 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::cinder::params::volume_service]], } + # Sahara + pacemaker::resource::service { $::sahara::params::api_service_name : + clone_params => 'interleave=true', + require => Pacemaker::Resource::Service[$::apache::params::service_name], + } + pacemaker::resource::service { $::sahara::params::engine_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'keystone-then-sahara-api-constraint': + constraint_type => 'order', + first_resource => "${::apache::params::service_name}-clone", + second_resource => "${::sahara::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name], + Pacemaker::Resource::Service[$::apache::params::service_name]], + } + # Glance pacemaker::resource::service { $::glance::params::registry_service_name : clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } pacemaker::resource::service { $::glance::params::api_service_name : clone_params => 'interleave=true', @@ -1135,12 +1174,12 @@ if hiera('step') >= 4 { pacemaker::constraint::base { 'keystone-then-glance-registry-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => "${::apache::params::service_name}-clone", second_resource => "${::glance::params::registry_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint': constraint_type => 'order', @@ -1178,12 +1217,12 @@ if hiera('step') >= 4 { } -> pacemaker::resource::service { $::neutron::params::server_service: clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name] + require => Pacemaker::Resource::Service[$::apache::params::service_name] } } else { pacemaker::resource::service { $::neutron::params::server_service: clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name] + require => Pacemaker::Resource::Service[$::apache::params::service_name] } } if hiera('neutron::enable_l3_agent', true) { @@ -1255,28 +1294,16 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], } } - pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': - constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", - second_resource => "${::neutron::params::server_service}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], - Pacemaker::Resource::Service[$::neutron::params::server_service]], - } - if hiera('neutron::enable_ovs_agent',true) { - pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': - constraint_type => 'order', - first_resource => "${::neutron::params::server_service}-clone", - second_resource => "${::neutron::params::ovs_agent_service}-clone", + constraint_type => 'order', + first_resource => "${::apache::params::service_name}-clone", + second_resource => "${::neutron::params::server_service}-clone", first_action => 'start', second_action => 'start', - require => [Pacemaker::Resource::Service[$::neutron::params::server_service], - Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + require => [Pacemaker::Resource::Service[$::apache::params::service_name], + Pacemaker::Resource::Service[$::neutron::params::server_service]], } - } - if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) { + if hiera('neutron::enable_ovs_agent',true) { pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': constraint_type => 'order', first_resource => "${::neutron::params::ovs_agent_service}-clone", @@ -1285,8 +1312,19 @@ if hiera('step') >= 4 { second_action => 'start', require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], - } + } + if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) { + pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } + pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation': source => "${::neutron::params::dhcp_agent_service}-clone", target => "${::neutron::params::ovs_agent_service}-clone", @@ -1372,34 +1410,29 @@ if hiera('step') >= 4 { # Nova pacemaker::resource::service { $::nova::params::api_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::conductor_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::consoleauth_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } pacemaker::resource::service { $::nova::params::vncproxy_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::scheduler_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s', } pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => "${::apache::params::service_name}-clone", second_resource => "${::nova::params::consoleauth_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint': constraint_type => 'order', @@ -1471,14 +1504,14 @@ if hiera('step') >= 4 { /mysql/: { pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : clone_params => 'interleave=true', - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } } default: { pacemaker::resource::service { $::ceilometer::params::agent_central_service_name : clone_params => 'interleave=true', - require => [Pacemaker::Resource::Service[$::keystone::params::service_name], - Pacemaker::Resource::Service[$::mongodb::params::service_name]], + require => [Pacemaker::Resource::Service[$::apache::params::service_name], + Pacemaker::Resource::Service[$::mongodb::params::service_name]], } } } @@ -1514,12 +1547,12 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => "${::apache::params::service_name}-clone", second_resource => "${::ceilometer::params::agent_central_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint': constraint_type => 'order', @@ -1589,12 +1622,12 @@ if hiera('step') >= 4 { } pacemaker::constraint::base { 'keystone-then-heat-api-constraint': constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", + first_resource => "${::apache::params::service_name}-clone", second_resource => "${::heat::params::api_service_name}-clone", first_action => 'start', second_action => 'start', require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], + Pacemaker::Resource::Service[$::apache::params::service_name]], } pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint': constraint_type => 'order', @@ -1654,9 +1687,13 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]], } - # Horizon - pacemaker::resource::service { $::horizon::params::http_service: - clone_params => 'interleave=true', + # Horizon and Keystone + pacemaker::resource::service { $::apache::params::service_name: + clone_params => 'interleave=true', + verify_on_create => true, + require => [File['/etc/keystone/ssl/certs/ca.pem'], + File['/etc/keystone/ssl/private/signing_key.pem'], + File['/etc/keystone/ssl/certs/signing_cert.pem']], } #VSM @@ -1693,12 +1730,11 @@ if hiera('step') >= 5 { if $pacemaker_master { class {'::keystone::roles::admin' : - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } -> class {'::keystone::endpoint' : - require => Pacemaker::Resource::Service[$::keystone::params::service_name], + require => Pacemaker::Resource::Service[$::apache::params::service_name], } - } } #END STEP 5 diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 63ac396e..1ac66904 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -16,7 +16,9 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 5a69725a..72cd36c3 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -16,7 +16,9 @@ include ::tripleo::packages include ::tripleo::firewall +create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) +Exec <| tag == 'kmod::load' |> -> Sysctl <| |> if count(hiera('ntp::servers')) > 0 { include ::ntp diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index d22f5386..a55b3959 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -29,6 +29,7 @@ resources: StorageDeployment_Step1: type: OS::Heat::StructuredDeployments properties: + name: StorageDeployment_Step1 servers: {get_param: servers} config: {get_resource: StoragePuppetConfig} input_values: @@ -49,6 +50,7 @@ resources: type: OS::Heat::StructuredDeployments depends_on: StorageDeployment_Step1 properties: + name: StorageRingbuilderDeployment_Step2 servers: {get_param: servers} config: {get_resource: StorageRingbuilderPuppetConfig} input_values: diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 10c87493..142e47cc 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -200,6 +200,7 @@ resources: NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: + name: NetworkDeployment config: {get_resource: NetworkConfig} server: {get_resource: SwiftStorage} actions: {get_param: NetworkDeploymentActions} @@ -252,6 +253,7 @@ resources: type: OS::Heat::StructuredDeployment depends_on: NetworkDeployment properties: + name: SwiftStorageHieraDeploy server: {get_resource: SwiftStorage} config: {get_resource: SwiftStorageHieraConfig} input_values: diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 1dec489c..5e2f698f 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -16,9 +16,12 @@ resources: keystone_admin_api_vip: {get_input: keystone_admin_api_vip} keystone_public_api_vip: {get_input: keystone_public_api_vip} neutron_api_vip: {get_input: neutron_api_vip} + # TODO: pass a `midonet_api_vip` var + midonet_api_vip: {get_input: neutron_api_vip} cinder_api_vip: {get_input: cinder_api_vip} glance_api_vip: {get_input: glance_api_vip} glance_registry_vip: {get_input: glance_registry_vip} + sahara_api_vip: {get_input: sahara_api_vip} swift_proxy_vip: {get_input: swift_proxy_vip} nova_api_vip: {get_input: nova_api_vip} nova_metadata_vip: {get_input: nova_metadata_vip} diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index cb5669a7..fe690d8c 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -16,11 +16,13 @@ import sys import traceback import yaml -base_path = sys.argv[1] -exit_val = 0 -failed_files = [] + +def exit_usage(): + print('Usage %s <yaml file or directory>' % sys.argv[0]) + sys.exit(1) def validate(filename): + print('Validating %s' % filename) try: yaml.load(open(filename).read()) except Exception: @@ -28,14 +30,31 @@ def validate(filename): return 1 return 0 -for subdir, dirs, files in os.walk(base_path): - for f in files: - if f.endswith('.yaml'): - file_path = os.path.join(subdir, f) - failed = validate(file_path) - if failed: - failed_files.append(file_path) - exit_val |= failed +if len(sys.argv) < 2: + exit_usage() + +path_args = sys.argv[1:] +exit_val = 0 +failed_files = [] + +for base_path in path_args: + if os.path.isdir(base_path): + for subdir, dirs, files in os.walk(base_path): + for f in files: + if f.endswith('.yaml'): + file_path = os.path.join(subdir, f) + failed = validate(file_path) + if failed: + failed_files.append(file_path) + exit_val |= failed + elif os.path.isfile(base_path) and base_path.endswith('.yaml'): + failed = validate(base_path) + if failed: + failed_files.append(base_path) + exit_val |= failed + else: + print('Unexpected argument %s' % base_path) + exit_usage() if failed_files: print('Validation failed on:') @@ -10,5 +10,5 @@ deps = -r{toxinidir}/requirements.txt [testenv:venv] commands = {posargs} -[testenv:validate] -commands = python ./tools/yaml-validate.py .
\ No newline at end of file +[testenv:linters] +commands = python ./tools/yaml-validate.py . |