diff options
-rwxr-xr-x | docker/docker-puppet.py | 2 | ||||
-rw-r--r-- | docker/services/haproxy.yaml | 12 | ||||
-rw-r--r-- | docker/services/neutron-plugin-ml2.yaml | 4 | ||||
-rw-r--r-- | docker/services/opendaylight-api.yaml | 116 | ||||
-rw-r--r-- | environments/docker-centos-tripleoupstream.yaml | 109 | ||||
-rw-r--r-- | environments/docker.yaml | 3 | ||||
-rw-r--r-- | environments/major-upgrade-composable-steps-docker.yaml | 2 | ||||
-rw-r--r-- | environments/services-docker/neutron-opendaylight.yaml | 16 | ||||
-rw-r--r-- | puppet/role.role.j2.yaml | 188 | ||||
-rw-r--r-- | puppet/services/nova-compute.yaml | 15 | ||||
-rw-r--r-- | test-requirements.txt | 2 | ||||
-rwxr-xr-x | tools/process-templates.py | 26 | ||||
-rwxr-xr-x | tools/yaml-validate.py | 2 |
13 files changed, 385 insertions, 112 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py index 4c193e49..7ca63337 100755 --- a/docker/docker-puppet.py +++ b/docker/docker-puppet.py @@ -203,7 +203,7 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume # Disables archiving if [ -z "$NO_ARCHIVE" ]; then - archivedirs=("/etc" "/root" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www") + archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www") rsync_srcs="" for d in "${archivedirs[@]}"; do if [ -d "$d" ]; then diff --git a/docker/services/haproxy.yaml b/docker/services/haproxy.yaml index 242f0751..5831fe89 100644 --- a/docker/services/haproxy.yaml +++ b/docker/services/haproxy.yaml @@ -42,6 +42,11 @@ parameters: default: /dev/log description: Syslog address where HAproxy will send its log type: string + DeployedSSLCertificatePath: + default: '/etc/pki/tls/private/overcloud_endpoint.pem' + description: > + The filepath of the certificate as it will be stored in the controller. + type: string RedisPassword: description: The password for Redis type: string @@ -93,6 +98,12 @@ outputs: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ] + volumes: &deployed_cert_mount + - list_join: + - ':' + - - {get_param: DeployedSSLCertificatePath} + - {get_param: DeployedSSLCertificatePath} + - 'ro' kolla_config: /var/lib/kolla/config_files/haproxy.json: command: haproxy -f /etc/haproxy/haproxy.cfg @@ -109,6 +120,7 @@ outputs: volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} + - *deployed_cert_mount - - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/haproxy/etc/:/etc/:ro diff --git a/docker/services/neutron-plugin-ml2.yaml b/docker/services/neutron-plugin-ml2.yaml index 7211014e..aa62bded 100644 --- a/docker/services/neutron-plugin-ml2.yaml +++ b/docker/services/neutron-plugin-ml2.yaml @@ -38,7 +38,7 @@ parameters: resources: NeutronBase: - type: ../../puppet/services/neutron-plugin-ml2.yaml + type: OS::TripleO::Docker::NeutronMl2PluginBase properties: EndpointMap: {get_param: EndpointMap} ServiceNetMap: {get_param: ServiceNetMap} @@ -60,7 +60,7 @@ outputs: # BEGIN DOCKER SETTINGS puppet_config: config_volume: 'neutron' - puppet_tags: '' + puppet_tags: neutron_plugin_ml2 step_config: *step_config config_image: list_join: diff --git a/docker/services/opendaylight-api.yaml b/docker/services/opendaylight-api.yaml new file mode 100644 index 00000000..cb476685 --- /dev/null +++ b/docker/services/opendaylight-api.yaml @@ -0,0 +1,116 @@ +heat_template_version: pike + +description: > + OpenStack containerized OpenDaylight API service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerOpendaylightApiImage: + description: image + default: 'centos-binary-opendaylight:latest' + type: string + DockerOpendaylightConfigImage: + description: image + default: 'centos-binary-opendaylight:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + OpenDaylightBase: + type: ../../puppet/services/opendaylight-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the OpenDaylight API role. + value: + service_name: {get_attr: [OpenDaylightBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [OpenDaylightBase, role_data, config_settings] + step_config: &step_config + list_join: + - "\n" + - - get_attr: [OpenDaylightBase, role_data, step_config] + - "include tripleo::profile::base::neutron::opendaylight::create_cluster" + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: opendaylight + # 'file,concat,file_line,augeas' are included by default + puppet_tags: odl_user,tripleo::profile::base::neutron::opendaylight::configure_cluster + step_config: *step_config + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/opendaylight_api.json: + command: /opt/opendaylight/bin/karaf + permissions: + - path: /opt/opendaylight + owner: odl:odl + recurse: true + docker_config: + step_1: + opendaylight_api: + start_order: 0 + image: &odl_api_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightApiImage} ] + privileged: false + net: host + detach: true + user: odl + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/opendaylight_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/opendaylight/opt/opendaylight/data/idmlight.db.mv.db:/opt/opendaylight/data/idmlight.db.mv.db + - /var/lib/config-data/opendaylight/opt/opendaylight/configuration/initial/:/opt/opendaylight/configuration/initial/ + - /var/lib/config-data/opendaylight/opt/opendaylight/etc/jetty.xml:/opt/opendaylight/etc/jetty.xml:ro + - /var/lib/config-data/opendaylight/opt/opendaylight/etc/org.apache.karaf.features.cfg:/opt/opendaylight/etc/org.apache.karaf.features.cfg:ro + - /var/lib/config-data/opendaylight/opt/opendaylight/etc/org.ops4j.pax.logging.cfg:/opt/opendaylight/etc/org.ops4j.pax.logging.cfg:ro + - /var/lib/config-data/opendaylight/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg:/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + + upgrade_tasks: + - name: Stop and disable opendaylight_api service + tags: step2 + service: name=opendaylight state=stopped enabled=no diff --git a/environments/docker-centos-tripleoupstream.yaml b/environments/docker-centos-tripleoupstream.yaml new file mode 100644 index 00000000..648c8c26 --- /dev/null +++ b/environments/docker-centos-tripleoupstream.yaml @@ -0,0 +1,109 @@ +parameter_defaults: + #DockerAodhApiImage: 'tripleoupstream/centos-binary-aodh-api:latest' + #DockerAodhConfigImage: 'tripleoupstream/centos-binary-aodh-api:latest' + #DockerAodhEvaluatorImage: 'tripleoupstream/centos-binary-aodh-evaluator:latest' + #DockerAodhListenerImage: 'tripleoupstream/centos-binary-aodh-listener:latest' + #DockerAodhNotifierImage: 'tripleoupstream/centos-binary-aodh-notifier:latest' + #DockerCeilometerCentralImage: 'tripleoupstream/centos-binary-ceilometer-central:latest' + #DockerCeilometerComputeImage: 'tripleoupstream/centos-binary-ceilometer-compute:latest' + #DockerCeilometerConfigImage: 'tripleoupstream/centos-binary-ceilometer-central:latest' + #DockerCeilometerIpmiImage: 'tripleoupstream/centos-binary-ceilometer-ipmi:latest' + #DockerCeilometerNotificationImage: 'tripleoupstream/centos-binary-ceilometer-notification:latest' + #DockerCinderApiImage: 'tripleoupstream/centos-binary-cinder-api:latest' + #DockerCinderBackupImage: 'tripleoupstream/centos-binary-cinder-backup:latest' + #DockerCinderConfigImage: 'tripleoupstream/centos-binary-cinder-api:latest' + #DockerCinderSchedulerImage: 'tripleoupstream/centos-binary-cinder-scheduler:latest' + #DockerCinderVolumeImage: 'tripleoupstream/centos-binary-cinder-volume:latest' + #DockerClustercheckConfigImage: 'tripleoupstream/centos-binary-mariadb:latest' + #DockerClustercheckImage: 'tripleoupstream/centos-binary-mariadb:latest' + #DockerCollectdConfigImage: 'tripleoupstream/centos-binary-collectd:latest' + #DockerCollectdImage: 'tripleoupstream/centos-binary-collectd:latest' + #DockerCongressApiImage: 'tripleoupstream/centos-binary-congress-api:latest' + #DockerCongressConfigImage: 'tripleoupstream/centos-binary-congress-api:latest' + #DockerEc2ApiConfigImage: 'tripleoupstream/centos-binary-ec2-api:latest' + #DockerEc2ApiImage: 'tripleoupstream/centos-binary-ec2-api:latest' + #DockerEtcdConfigImage: 'tripleoupstream/centos-binary-etcd:latest' + #DockerEtcdImage: 'tripleoupstream/centos-binary-etcd:latest' + #DockerGlanceApiConfigImage: 'tripleoupstream/centos-binary-glance-api:latest' + #DockerGlanceApiImage: 'tripleoupstream/centos-binary-glance-api:latest' + #DockerGnocchiApiImage: 'tripleoupstream/centos-binary-gnocchi-api:latest' + #DockerGnocchiConfigImage: 'tripleoupstream/centos-binary-gnocchi-api:latest' + #DockerGnocchiMetricdImage: 'tripleoupstream/centos-binary-gnocchi-metricd:latest' + #DockerGnocchiStatsdImage: 'tripleoupstream/centos-binary-gnocchi-statsd:latest' + #DockerHAProxyConfigImage: 'tripleoupstream/centos-binary-haproxy:latest' + #DockerHAProxyImage: 'tripleoupstream/centos-binary-haproxy:latest' + #DockerHeatApiCfnConfigImage: 'tripleoupstream/centos-binary-heat-api-cfn:latest' + #DockerHeatApiCfnImage: 'tripleoupstream/centos-binary-heat-api-cfn:latest' + #DockerHeatApiConfigImage: 'tripleoupstream/centos-binary-heat-api:latest' + #DockerHeatApiImage: 'tripleoupstream/centos-binary-heat-api:latest' + #DockerHeatConfigImage: 'tripleoupstream/centos-binary-heat-api:latest' + #DockerHeatEngineImage: 'tripleoupstream/centos-binary-heat-engine:latest' + #DockerHorizonConfigImage: 'tripleoupstream/centos-binary-horizon:latest' + #DockerHorizonImage: 'tripleoupstream/centos-binary-horizon:latest' + #DockerIronicApiImage: 'tripleoupstream/centos-binary-ironic-api:latest' + #DockerIronicConductorImage: 'tripleoupstream/centos-binary-ironic-conductor:latest' + #DockerIronicConfigImage: 'tripleoupstream/centos-binary-ironic-pxe:latest' + #DockerIronicPxeImage: 'tripleoupstream/centos-binary-ironic-pxe:latest' + #DockerIscsidConfigImage: 'tripleoupstream/centos-binary-iscsid:latest' + #DockerIscsidImage: 'tripleoupstream/centos-binary-iscsid:latest' + #DockerKeystoneConfigImage: 'tripleoupstream/centos-binary-keystone:latest' + #DockerKeystoneImage: 'tripleoupstream/centos-binary-keystone:latest' + #DockerManilaApiImage: 'tripleoupstream/centos-binary-manila-api:latest' + #DockerManilaConfigImage: 'tripleoupstream/centos-binary-manila-api:latest' + #DockerManilaSchedulerImage: 'tripleoupstream/centos-binary-manila-scheduler:latest' + #DockerMemcachedConfigImage: 'tripleoupstream/centos-binary-memcached:latest' + #DockerMemcachedImage: 'tripleoupstream/centos-binary-memcached:latest' + #DockerMistralApiImage: 'tripleoupstream/centos-binary-mistral-api:latest' + #DockerMistralConfigImage: 'tripleoupstream/centos-binary-mistral-api:latest' + #DockerMistralEngineImage: 'tripleoupstream/centos-binary-mistral-engine:latest' + #DockerMistralExecutorImage: 'tripleoupstream/centos-binary-mistral-executor:latest' + #DockerMongodbConfigImage: 'tripleoupstream/centos-binary-mongodb:latest' + #DockerMongodbImage: 'tripleoupstream/centos-binary-mongodb:latest' + #DockerMultipathdConfigImage: 'tripleoupstream/centos-binary-multipathd:latest' + #DockerMultipathdImage: 'tripleoupstream/centos-binary-multipathd:latest' + #DockerMysqlClientConfigImage: 'tripleoupstream/centos-binary-mariadb:latest' + #DockerMysqlConfigImage: 'tripleoupstream/centos-binary-mariadb:latest' + #DockerMysqlImage: 'tripleoupstream/centos-binary-mariadb:latest' + #DockerNeutronApiImage: 'tripleoupstream/centos-binary-neutron-server:latest' + #DockerNeutronConfigImage: 'tripleoupstream/centos-binary-neutron-server:latest' + #DockerNeutronDHCPImage: 'tripleoupstream/centos-binary-neutron-dhcp-agent:latest' + #DockerNeutronL3AgentImage: 'tripleoupstream/centos-binary-neutron-l3-agent:latest' + #DockerNeutronMetadataImage: 'tripleoupstream/centos-binary-neutron-metadata-agent:latest' + #DockerNovaApiImage: 'tripleoupstream/centos-binary-nova-api:latest' + #DockerNovaComputeImage: 'tripleoupstream/centos-binary-nova-compute:latest' + #DockerNovaComputeIronicImage: 'tripleoupstream/centos-binary-nova-compute-ironic:latest' + #DockerNovaConductorImage: 'tripleoupstream/centos-binary-nova-conductor:latest' + #DockerNovaConfigImage: 'tripleoupstream/centos-binary-nova-base:latest' + #DockerNovaConsoleauthImage: 'tripleoupstream/centos-binary-nova-consoleauth:latest' + #DockerNovaLibvirtConfigImage: 'tripleoupstream/centos-binary-nova-compute:latest' + #DockerNovaLibvirtImage: 'tripleoupstream/centos-binary-nova-libvirt:latest' + #DockerNovaPlacementConfigImage: 'tripleoupstream/centos-binary-nova-placement-api:latest' + #DockerNovaPlacementImage: 'tripleoupstream/centos-binary-nova-placement-api:latest' + #DockerNovaSchedulerImage: 'tripleoupstream/centos-binary-nova-scheduler:latest' + #DockerNovaVncProxyImage: 'tripleoupstream/centos-binary-nova-novncproxy:latest' + #DockerOctaviaApiImage: 'tripleoupstream/centos-binary-octavia-api:latest' + #DockerOctaviaConfigImage: 'tripleoupstream/centos-binary-octavia-api:latest' + #DockerOctaviaHealthManagerImage: 'tripleoupstream/centos-binary-octavia-health-manager:latest' + #DockerOctaviaHousekeepingImage: 'tripleoupstream/centos-binary-octavia-housekeeping:latest' + #DockerOctaviaWorkerImage: 'tripleoupstream/centos-binary-octavia-worker:latest' + #DockerOpenvswitchImage: 'tripleoupstream/centos-binary-neutron-openvswitch-agent:latest' + #DockerPankoApiImage: 'tripleoupstream/centos-binary-panko-api:latest' + #DockerPankoConfigImage: 'tripleoupstream/centos-binary-panko-api:latest' + #DockerRabbitmqConfigImage: 'tripleoupstream/centos-binary-rabbitmq:latest' + #DockerRabbitmqImage: 'tripleoupstream/centos-binary-rabbitmq:latest' + #DockerRedisConfigImage: 'tripleoupstream/centos-binary-redis:latest' + #DockerRedisImage: 'tripleoupstream/centos-binary-redis:latest' + #DockerSaharaApiImage: 'tripleoupstream/centos-binary-sahara-api:latest' + #DockerSaharaConfigImage: 'tripleoupstream/centos-binary-sahara-api:latest' + #DockerSaharaEngineImage: 'tripleoupstream/centos-binary-sahara-engine:latest' + #DockerSensuClientImage: 'tripleoupstream/centos-binary-sensu-client:latest' + #DockerSensuConfigImage: 'tripleoupstream/centos-binary-sensu-client:latest' + #DockerSwiftAccountImage: 'tripleoupstream/centos-binary-swift-account:latest' + #DockerSwiftConfigImage: 'tripleoupstream/centos-binary-swift-proxy-server:latest' + #DockerSwiftContainerImage: 'tripleoupstream/centos-binary-swift-container:latest' + #DockerSwiftObjectImage: 'tripleoupstream/centos-binary-swift-object:latest' + #DockerSwiftProxyImage: 'tripleoupstream/centos-binary-swift-proxy-server:latest' + #DockerTackerConfigImage: 'tripleoupstream/centos-binary-tacker:latest' + #DockerTackerImage: 'tripleoupstream/centos-binary-tacker:latest' + #DockerZaqarConfigImage: 'tripleoupstream/centos-binary-zaqar:latest' + #DockerZaqarImage: 'tripleoupstream/centos-binary-zaqar:latest' diff --git a/environments/docker.yaml b/environments/docker.yaml index 03713e83..c32001a7 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -6,6 +6,8 @@ resource_registry: OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml OS::TripleO::Services::Docker: ../puppet/services/docker.yaml + # Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2 + OS::TripleO::Docker::NeutronMl2PluginBase: ../puppet/services/neutron-plugin-ml2.yaml #NOTE (dprince) add roles to be docker enabled as we support them OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml @@ -75,3 +77,4 @@ parameter_defaults: - OS::TripleO::Services::Docker - OS::TripleO::Services::CeilometerAgentCompute - OS::TripleO::Services::Sshd + - OS::TripleO::Services::OpenDaylightOvs diff --git a/environments/major-upgrade-composable-steps-docker.yaml b/environments/major-upgrade-composable-steps-docker.yaml index 24eedf83..20340c78 100644 --- a/environments/major-upgrade-composable-steps-docker.yaml +++ b/environments/major-upgrade-composable-steps-docker.yaml @@ -9,4 +9,6 @@ parameter_defaults: UpgradeLevelNovaCompute: auto UpgradeInitCommonCommand: | #!/bin/bash + set -eu # Ocata to Pike, put any needed host-level workarounds here + yum install -y ansible-pacemaker diff --git a/environments/services-docker/neutron-opendaylight.yaml b/environments/services-docker/neutron-opendaylight.yaml new file mode 100644 index 00000000..b749cb69 --- /dev/null +++ b/environments/services-docker/neutron-opendaylight.yaml @@ -0,0 +1,16 @@ +# A Heat environment that can be used to deploy OpenDaylight with L3 DVR using Docker containers +resource_registry: + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None + OS::TripleO::Services::OpenDaylightApi: ../../docker/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: ../../puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None + OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-odl.yaml + +parameter_defaults: + NeutronEnableForceMetadata: true + NeutronMechanismDrivers: 'opendaylight_v2' + NeutronServicePlugins: 'odl-router_v2,trunk' + DockerNeutronApiImage: 'centos-binary-neutron-server-opendaylight:latest' + DockerNeutronConfigImage: 'centos-binary-neutron-server-opendaylight:latest' diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index 5aac0892..e1a23ab3 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -1,18 +1,18 @@ heat_template_version: pike -description: 'OpenStack {{role}} node configured by Puppet' +description: 'OpenStack {{role.name}} node configured by Puppet' parameters: - Overcloud{{role}}Flavor: - description: Flavor for the {{role}} node. + Overcloud{{role.name}}Flavor: + description: Flavor for the {{role.name}} node. default: baremetal type: string -{% if disable_constraints is not defined %} +{% if role.disable_constraints is not defined %} constraints: - custom_constraint: nova.flavor {% endif %} - {{role}}Image: + {{role.name}}Image: type: string default: overcloud-full -{% if disable_constraints is not defined %} +{% if role.disable_constraints is not defined %} constraints: - custom_constraint: glance.image {% endif %} @@ -24,7 +24,7 @@ parameters: description: Name of an existing Nova key pair to enable SSH access to the instances type: string default: default -{% if disable_constraints is not defined %} +{% if role.disable_constraints is not defined %} constraints: - custom_constraint: nova.keypair {% endif %} @@ -63,14 +63,14 @@ parameters: default: {} description: | Additional hiera configuration to inject into the cluster. Note - that {{role}}ExtraConfig takes precedence over ExtraConfig. + that {{role.name}}ExtraConfig takes precedence over ExtraConfig. type: json - {{role}}ExtraConfig: + {{role.name}}ExtraConfig: default: {} description: | Role specific additional hiera configuration to inject into the cluster. type: json - {{role}}IPs: + {{role.name}}IPs: default: {} type: json NetworkDeploymentActions: @@ -91,7 +91,7 @@ parameters: description: > The DNS domain used for the hosts. This must match the overcloud_domain_name configured on the undercloud. - {{role}}ServerMetadata: + {{role.name}}ServerMetadata: default: {} description: > Extra properties or metadata passed to Nova for the created nodes in @@ -106,7 +106,7 @@ parameters: the overcloud. It's accessible via the Nova metadata API. This applies to all roles and is merged with a role-specific metadata parameter. type: json - {{role}}SchedulerHints: + {{role.name}}SchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -203,16 +203,16 @@ conditions: - "" resources: - {{role}}: - type: OS::TripleO::{{role}}Server + {{role.name}}: + type: OS::TripleO::{{role.name}}Server metadata: os-collect-config: command: {get_param: ConfigCommand} splay: {get_param: ConfigCollectSplay} properties: - image: {get_param: {{role}}Image} + image: {get_param: {{role.name}}Image} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Overcloud{{role}}Flavor} + flavor: {get_param: Overcloud{{role.name}}Flavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -226,9 +226,9 @@ resources: metadata: map_merge: - {get_param: ServerMetadata} - - {get_param: {{role}}ServerMetadata} + - {get_param: {{role.name}}ServerMetadata} - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: {{role}}SchedulerHints} + scheduler_hints: {get_param: {{role.name}}SchedulerHints} deployment_swift_data: if: - deployment_swift_data_map_unset @@ -261,54 +261,54 @@ resources: # For optional operator role-specific userdata # Should return a OS::Heat::MultipartMime reference via OS::stack_id RoleUserData: - type: OS::TripleO::{{role}}::NodeUserData + type: OS::TripleO::{{role.name}}::NodeUserData ExternalPort: - type: OS::TripleO::{{role}}::Ports::ExternalPort + type: OS::TripleO::{{role.name}}::Ports::ExternalPort properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} InternalApiPort: - type: OS::TripleO::{{role}}::Ports::InternalApiPort + type: OS::TripleO::{{role.name}}::Ports::InternalApiPort properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} StoragePort: - type: OS::TripleO::{{role}}::Ports::StoragePort + type: OS::TripleO::{{role.name}}::Ports::StoragePort properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} StorageMgmtPort: - type: OS::TripleO::{{role}}::Ports::StorageMgmtPort + type: OS::TripleO::{{role.name}}::Ports::StorageMgmtPort properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} TenantPort: - type: OS::TripleO::{{role}}::Ports::TenantPort + type: OS::TripleO::{{role.name}}::Ports::TenantPort properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} ManagementPort: - type: OS::TripleO::{{role}}::Ports::ManagementPort + type: OS::TripleO::{{role.name}}::Ports::ManagementPort properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} NetworkConfig: - type: OS::TripleO::{{role}}::Net::SoftwareConfig + type: OS::TripleO::{{role.name}}::Net::SoftwareConfig properties: - ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]} + ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]} ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} @@ -319,7 +319,7 @@ resources: NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: - ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]} + ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} @@ -348,91 +348,91 @@ resources: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - external - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - external internal_api: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - internalapi - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - internalapi storage: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storage - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storage storage_mgmt: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storagemgmt - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storagemgmt tenant: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - tenant - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - tenant management: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - management - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - management ctlplane: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - ctlplane - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - ctlplane PreNetworkConfig: - type: OS::TripleO::{{role}}::PreNetworkConfig + type: OS::TripleO::{{role.name}}::PreNetworkConfig properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} @@ -442,7 +442,7 @@ resources: properties: name: NetworkDeployment config: {get_resource: NetworkConfig} - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} actions: {get_param: NetworkDeploymentActions} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -453,7 +453,7 @@ resources: - {get_param: NetworkDeploymentActions} - [] - {{role}}UpgradeInitConfig: + {{role.name}}UpgradeInitConfig: type: OS::Heat::SoftwareConfig properties: group: script @@ -467,26 +467,26 @@ resources: # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - {{role}}UpgradeInitDeployment: + {{role.name}}UpgradeInitDeployment: type: OS::Heat::SoftwareDeployment depends_on: NetworkDeployment properties: - name: {{role}}UpgradeInitDeployment - server: {get_resource: {{role}}} - config: {get_resource: {{role}}UpgradeInitConfig} + name: {{role.name}}UpgradeInitDeployment + server: {get_resource: {{role.name}}} + config: {get_resource: {{role.name}}UpgradeInitConfig} actions: if: - server_not_blacklisted - ['CREATE', 'UPDATE'] - [] - {{role}}Deployment: + {{role.name}}Deployment: type: OS::Heat::StructuredDeployment - depends_on: {{role}}UpgradeInitDeployment + depends_on: {{role.name}}UpgradeInitDeployment properties: - name: {{role}}Deployment - config: {get_resource: {{role}}Config} - server: {get_resource: {{role}}} + name: {{role.name}}Deployment + config: {get_resource: {{role.name}}Config} + server: {get_resource: {{role.name}}} input_values: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} actions: @@ -495,7 +495,7 @@ resources: - ['CREATE', 'UPDATE'] - [] - {{role}}Config: + {{role.name}}Config: type: OS::Heat::StructuredConfig properties: group: hiera @@ -504,11 +504,11 @@ resources: - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - config_step - - {{role.lower()}}_extraconfig + - {{role.name.lower()}}_extraconfig - extraconfig - service_names - service_configs - - {{role.lower()}} + - {{role.name.lower()}} - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig @@ -522,9 +522,9 @@ resources: map_replace: - {get_param: ServiceConfigSettings} - values: {get_attr: [NetIpMap, net_ip_map]} - {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig} + {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig} extraconfig: {get_param: ExtraConfig} - {{role.lower()}}: + {{role.name.lower()}}: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources} tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups} @@ -538,25 +538,25 @@ resources: # Resource for site-specific injection of root certificate NodeTLSCAData: - depends_on: {{role}}Deployment + depends_on: {{role.name}}Deployment type: OS::TripleO::NodeTLSCAData properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} # Hook for site-specific additional pre-deployment config, e.g extra hieradata - {{role}}ExtraConfigPre: - depends_on: {{role}}Deployment - type: OS::TripleO::{{role}}ExtraConfigPre + {{role.name}}ExtraConfigPre: + depends_on: {{role.name}}Deployment + type: OS::TripleO::{{role.name}}ExtraConfigPre properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} # Hook for site-specific additional pre-deployment config, # applying to all nodes, e.g node registration/unregistration NodeExtraConfig: - depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData] + depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -567,7 +567,7 @@ resources: properties: name: UpdateDeployment config: {get_resource: UpdateConfig} - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} input_values: update_identifier: get_param: UpdateIdentifier @@ -579,17 +579,17 @@ resources: SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey - depends_on: {{role}}Deployment + depends_on: {{role.name}}Deployment properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} outputs: ip_address: description: IP address of the server in the ctlplane network - value: {get_attr: [{{role}}, networks, ctlplane, 0]} + value: {get_attr: [{{role.name}}, networks, ctlplane, 0]} hostname: description: Hostname of the server - value: {get_attr: [{{role}}, name]} + value: {get_attr: [{{role.name}}, name]} hostname_map: description: Mapping of network names to hostnames value: @@ -613,9 +613,9 @@ outputs: MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [{{role}}, name]} + PRIMARYHOST: {get_attr: [{{role.name}}, name]} EXTERNALIP: {get_attr: [ExternalPort, ip_address]} EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} @@ -628,7 +628,7 @@ outputs: TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]} + CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} known_hosts_entry: description: Entry for ssh known hosts @@ -643,9 +643,9 @@ TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [{{role}}, name]} + PRIMARYHOST: {get_attr: [{{role.name}}, name]} EXTERNALIP: {get_attr: [ExternalPort, ip_address]} EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} @@ -658,13 +658,13 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]} + CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} nova_server_resource: - description: Heat resource handle for {{role}} server + description: Heat resource handle for {{role.name}} server value: - {get_resource: {{role}}} + {get_resource: {{role.name}}} condition: server_not_blacklisted external_ip_address: description: IP address of the server in the external network @@ -686,4 +686,4 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" value: {get_attr: [ManagementPort, ip_address]} os_collect_config: description: The os-collect-config configuration associated with this server resource - value: {get_attr: [{{role}}, os_collect_config]} + value: {get_attr: [{{role.name}}, os_collect_config]} diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 68a71e42..33b07ded 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -32,6 +32,13 @@ parameters: CephClientUserName: default: openstack type: string + CephClientKey: + description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. + type: string + hidden: true + CephClusterFSID: + type: string + description: The Ceph cluster FSID. Must be a UUID. CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -159,12 +166,8 @@ outputs: nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend} rbd_persistent_storage: {get_param: CinderEnableRbdBackend} - nova::compute::rbd::rbd_keyring: - list_join: - - '.' - - - 'client' - - {get_param: CephClientUserName} - nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" + nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey} + nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID} nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend} diff --git a/test-requirements.txt b/test-requirements.txt index 81136356..6e0eea3c 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -4,7 +4,7 @@ PyYAML>=3.10.0 # MIT Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause) six>=1.9.0 # MIT -sphinx!=1.6.1,>=1.5.1 # BSD +sphinx>=1.6.2 # BSD oslosphinx>=4.7.0 # Apache-2.0 reno!=2.3.1,>=1.8.0 # Apache-2.0 coverage!=4.4,>=4.0 # Apache-2.0 diff --git a/tools/process-templates.py b/tools/process-templates.py index 69ed96a6..c7d5ed9e 100755 --- a/tools/process-templates.py +++ b/tools/process-templates.py @@ -138,19 +138,31 @@ def process_templates(template_path, role_data_path, output_dir, print("jinja2 rendering roles %s" % "," .join(role_names)) for role in role_names: - j2_data = {'role': role} - # (dprince) For the undercloud installer we don't - # want to have heat check nova/glance API's - if r_map[role].get('disable_constraints', False): - j2_data['disable_constraints'] = True + j2_data = {'role': r_map[role]} out_f = "-".join( [role.lower(), os.path.basename(f).replace('.role.j2.yaml', '.yaml')]) out_f_path = os.path.join(out_dir, out_f) if not (out_f_path in excl_templates): - _j2_render_to_file(template_data, j2_data, - out_f_path, overwrite) + if '{{role.name}}' in template_data: + j2_data = {'role': r_map[role]} + _j2_render_to_file(template_data, j2_data, + out_f_path, overwrite) + else: + # Backwards compatibility with templates + # that specify {{role}} vs {{role.name}} + j2_data = {'role': role} + # (dprince) For the undercloud installer we + # don'twant to have heat check nova/glance + # API's + if r_map[role].get('disable_constraints', + False): + j2_data['disable_constraints'] = True + _j2_render_to_file( + template_data,j2_data, + out_f_path, overwrite) + else: print('skipping rendering of %s' % out_f_path) elif f.endswith('.j2.yaml'): diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index 674449f5..f9e89db2 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -38,7 +38,7 @@ OPTIONAL_DOCKER_SECTIONS = ['docker_puppet_tasks', 'upgrade_tasks', 'metadata_settings', 'kolla_config'] REQUIRED_DOCKER_PUPPET_CONFIG_SECTIONS = ['config_volume', 'step_config', 'config_image'] -OPTIONAL_DOCKER_PUPPET_CONFIG_SECTIONS = [ 'puppet_tags' ] +OPTIONAL_DOCKER_PUPPET_CONFIG_SECTIONS = [ 'puppet_tags', 'volumes' ] # Mapping of parameter names to a list of the fields we should _not_ enforce # consistency across files on. This should only contain parameters whose # definition we cannot change for backwards compatibility reasons. New |