diff options
48 files changed, 388 insertions, 330 deletions
diff --git a/deployed-server/ctlplane-port.yaml b/deployed-server/ctlplane-port.yaml new file mode 100644 index 00000000..eb10fba0 --- /dev/null +++ b/deployed-server/ctlplane-port.yaml @@ -0,0 +1,23 @@ +heat_template_version: 2014-10-16 + +parameters: + Hostname: + type: string + +resources: + + ControlPlanePort: + type: OS::Neutron::Port + properties: + network: ctlplane + name: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + - port + replacement_policy: AUTO + +outputs: + ip_address: + value: {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]} diff --git a/deployed-server/deployed-server.yaml b/deployed-server/deployed-server.yaml index 81941047..da5698e5 100644 --- a/deployed-server/deployed-server.yaml +++ b/deployed-server/deployed-server.yaml @@ -94,16 +94,9 @@ resources: server: {get_resource: deployed-server} ControlPlanePort: - type: OS::Neutron::Port + type: OS::TripleO::DeployedServer::ControlPlanePort properties: - network: ctlplane - name: - list_join: - - '-' - - - {get_attr: [HostsEntryDeployment, hostname]} - - ctlplane - - port - replacement_policy: AUTO + Hostname: {get_attr: [HostsEntryDeployment, hostname]} outputs: # FIXME(shardy) this is needed because TemplateResource returns an @@ -113,7 +106,7 @@ outputs: networks: value: ctlplane: - - {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]} + - {get_attr: [ControlPlanePort, ip_address]} name: value: {get_attr: [HostsEntryDeployment, hostname]} hosts_entry: diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml index 3c9e3459..c63d399a 100644 --- a/environments/deployed-server-environment.yaml +++ b/environments/deployed-server-environment.yaml @@ -1,3 +1,4 @@ resource_registry: OS::TripleO::Server: ../deployed-server/deployed-server.yaml OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml + OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/ctlplane-port.yaml diff --git a/environments/deployed-server-noop-ctlplane.yaml b/environments/deployed-server-noop-ctlplane.yaml new file mode 100644 index 00000000..cfda314d --- /dev/null +++ b/environments/deployed-server-noop-ctlplane.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Server: ../deployed-server/deployed-server.yaml + OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml + OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index 16430290..74b91106 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -18,3 +18,5 @@ resource_registry: OS::TripleO::Services::MySQL: ../puppet/services/pacemaker/database/mysql.yaml # Services that are disabled by default (use relevant environment files): OS::Tripleo::Services::ManilaShare: OS::Heat::None + OS::TripleO::Services::SaharaApi: ../puppet/services/pacemaker/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: ../puppet/services/pacemaker/sahara-engine.yaml diff --git a/environments/services/mistral.yaml b/environments/services/mistral.yaml new file mode 100644 index 00000000..4e99fa01 --- /dev/null +++ b/environments/services/mistral.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml + OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml + OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml diff --git a/environments/updates/update-from-overcloud-compute-hostnames.yaml b/environments/updates/update-from-overcloud-compute-hostnames.yaml new file mode 100644 index 00000000..f628f0de --- /dev/null +++ b/environments/updates/update-from-overcloud-compute-hostnames.yaml @@ -0,0 +1,2 @@ +parameter_defaults: + ComputeHostnameFormat: '%stackname%-compute-%index%' diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index f653274f..ef3437f4 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -34,16 +34,19 @@ Cinder: uri_suffixes: '': /v1/%(tenant_id)s V2: /v2/%(tenant_id)s + V3: /v3/%(tenant_id)s Public: vip_param: Public uri_suffixes: '': /v1/%(tenant_id)s V2: /v2/%(tenant_id)s + V3: /v3/%(tenant_id)s Admin: vip_param: CinderApi uri_suffixes: '': /v1/%(tenant_id)s V2: /v2/%(tenant_id)s + V3: /v3/%(tenant_id)s port: 8776 Glance: diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index aadd370a..0b5a13b2 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -548,6 +548,123 @@ outputs: IP_ADDRESS: {get_param: PublicVirtualIP} - ':' - get_param: [EndpointMap, CinderPublic, port] + CinderV3Admin: + host: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + port: + get_param: [EndpointMap, CinderAdmin, port] + protocol: + get_param: [EndpointMap, CinderAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + - /v3/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + CinderV3Internal: + host: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + port: + get_param: [EndpointMap, CinderInternal, port] + protocol: + get_param: [EndpointMap, CinderInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderInternal, port] + - /v3/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: CinderApiVirtualIP} + - ':' + - get_param: [EndpointMap, CinderInternal, port] + CinderV3Public: + host: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, CinderPublic, port] + protocol: + get_param: [EndpointMap, CinderPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CinderPublic, port] + - /v3/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, CinderPublic, port] GlanceAdmin: host: str_replace: diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index 78c7c32c..1ed74528 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -82,6 +82,26 @@ outputs: storage_mgmt: {get_param: StorageMgmtIp} tenant: {get_param: TenantIp} management: {get_param: ManagementIp} + ctlplane_subnet: + list_join: + - '' + - - {get_param: ControlPlaneIp} + - '/' + - {get_param: ControlPlaneSubnetCidr} + external_subnet: {get_param: ExternalIpSubnet} + internal_api_subnet: {get_param: InternalApiIpSubnet} + storage_subnet: {get_param: StorageIpSubnet} + storage_mgmt_subnet: {get_param: StorageMgmtIpSubnet} + tenant_subnet: {get_param: TenantIpSubnet} + management_subnet: {get_param: ManagementIpSubnet} + ctlplane_uri: {get_param: ControlPlaneIp} + external_uri: {get_param: ExternalIpUri} + internal_api_uri: {get_param: InternalApiIpUri} + storage_uri: {get_param: StorageIpUri} + storage_mgmt_uri: {get_param: StorageMgmtIpUri} + tenant_uri: {get_param: TenantIpUri} + management_uri: {get_param: ManagementIpUri} + # net_ip_subnet_map is deprecated, please use *subnet from net_ip_map net_ip_subnet_map: description: > A Hash containing a mapping of network names to assigned IPs/CIDR @@ -99,6 +119,7 @@ outputs: storage_mgmt: {get_param: StorageMgmtIpSubnet} tenant: {get_param: TenantIpSubnet} management: {get_param: ManagementIpSubnet} + # net_ip_uri_map is deprecated, please use *uri from net_ip_map net_ip_uri_map: description: > A Hash containing a mapping of network names to assigned IPs for a diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index f6d76d97..59c0d7da 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -203,6 +203,9 @@ resource_registry: OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml + OS::TripleO::Services::MistralEngine: OS::Heat::None + OS::TripleO::Services::MistralApi: OS::Heat::None + OS::TripleO::Services::MistralExecutor: OS::Heat::None parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.yaml b/overcloud.yaml index 67baf246..dde5a8c3 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -12,18 +12,6 @@ description: > parameters: # Common parameters (not specific to a role) - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean CloudName: default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -32,10 +20,6 @@ parameters: default: [] description: Should be used for arbitrary ips. type: json - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string InternalApiVirtualFixedIPs: default: [] description: > @@ -46,22 +30,10 @@ parameters: default: 'ctlplane' type: string description: Neutron ID or name for ctlplane network. - NeutronPassword: - description: The password for the neutron service account, used by neutron agents. - type: string - hidden: true NeutronPublicInterface: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - NovaIPv6: - default: false - description: Enable IPv6 features in Nova - type: boolean - NovaPassword: - description: The password for the nova service account, used by nova-api. - type: string - hidden: true PublicVirtualFixedIPs: default: [] description: > @@ -72,24 +44,6 @@ parameters: type: string default: unset description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number StorageVirtualFixedIPs: default: [] description: > @@ -124,12 +78,6 @@ parameters: description: | Deprecated. Use ControllerExtraConfig via parameter_defaults instead. type: json - OvercloudControlFlavor: - description: Flavor for control nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor ExtraConfig: default: {} description: | @@ -158,40 +106,6 @@ parameters: default: nic1 description: What interface to add to the HypervisorNeutronPhysicalBridge. type: string - NovaComputeDriver: - type: string - default: libvirt.LibvirtDriver - NovaComputeExtraConfig: - default: {} - description: | - NovaCompute specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - NovaComputeLibvirtType: - default: kvm - type: string - NovaComputeLibvirtVifDriver: - default: '' - description: Libvirt VIF driver configuration for the network - type: string - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean - NovaOVSBridge: - default: 'br-int' - description: Name of integration bridge used by Open vSwitch - type: string - NovaSecurityGroupAPI: - default: 'neutron' - description: The full class name of the security API class - type: string - OvercloudComputeFlavor: - description: Use this flavor - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor ServiceNetMap: default: NeutronTenantNetwork: tenant @@ -288,6 +202,8 @@ parameters: - OS::TripleO::Services::AodhEvaluator - OS::TripleO::Services::AodhNotifier - OS::TripleO::Services::AodhListener + - OS::TripleO::Services::SaharaApi + - OS::TripleO::Services::SaharaEngine description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -317,12 +233,6 @@ parameters: BlockStorageCount: type: number default: 0 - OvercloudBlockStorageFlavor: - description: Flavor for block storage nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor BlockStorageExtraConfig: default: {} description: | @@ -345,12 +255,6 @@ parameters: ObjectStorageCount: type: number default: 0 - OvercloudSwiftStorageFlavor: - description: Flavor for Swift storage nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor ObjectStorageExtraConfig: default: {} description: | @@ -376,12 +280,6 @@ parameters: CephStorageCount: type: number default: 0 - OvercloudCephStorageFlavor: - default: baremetal - description: Flavor for Ceph storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor CephStorageExtraConfig: default: {} description: | @@ -533,7 +431,6 @@ resources: type: OS::TripleO::Controller properties: controllerExtraConfig: {get_param: controllerExtraConfig} - Flavor: {get_param: OvercloudControlFlavor} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} HorizonSecret: {get_resource: HorizonSecret} MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} @@ -570,45 +467,22 @@ resources: resource_def: type: OS::TripleO::Compute properties: - AdminPassword: {get_param: AdminPassword} - CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} - CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} - Debug: {get_param: Debug} - ExtraConfig: {get_param: ExtraConfig} - Flavor: {get_param: OvercloudComputeFlavor} GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - NeutronPassword: {get_param: NeutronPassword} NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge} NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface} # L3 HA and Failover is not relevant for Computes, should be removed NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - NovaComputeDriver: {get_param: NovaComputeDriver} - NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig} - NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType} - NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver} - NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend} - NovaIPv6: {get_param: NovaIPv6} NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]} - NovaPassword: {get_param: NovaPassword} - NovaOVSBridge: {get_param: NovaOVSBridge} - NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI} RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: template: {get_param: ComputeHostnameFormat} params: '%stackname%': {get_param: 'OS::stack_name'} - CloudDomain: {get_param: CloudDomain} - ServerMetadata: {get_param: ServerMetadata} NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ComputeServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ComputeServiceChain, role_data, service_names]} @@ -628,7 +502,6 @@ resources: resource_def: type: OS::TripleO::BlockStorage properties: - Flavor: {get_param: OvercloudBlockStorageFlavor} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -659,7 +532,6 @@ resources: resource_def: type: OS::TripleO::ObjectStorage properties: - Flavor: {get_param: OvercloudSwiftStorageFlavor} HashSuffix: {get_param: SwiftHashSuffix} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_param: ServiceNetMap} @@ -691,7 +563,6 @@ resources: resource_def: type: OS::TripleO::CephStorage properties: - Flavor: {get_param: OvercloudCephStorageFlavor} ServiceNetMap: {get_param: ServiceNetMap} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: @@ -721,12 +592,23 @@ resources: allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig properties: - compute_hosts: {get_attr: [Compute, hosts_entry]} - controller_hosts: {get_attr: [Controller, hosts_entry]} + hosts: + - list_join: + - '\n' + - {get_attr: [Compute, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [Controller, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [BlockStorage, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [ObjectStorage, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [CephStorage, hosts_entry]} controller_ips: {get_attr: [Controller, ip_address]} - block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]} - object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]} - ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]} controller_names: {get_attr: [Controller, hostname]} rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} @@ -1131,3 +1013,11 @@ outputs: hostname-based access to the deployed nodes (useful for testing without setting up a DNS). value: {get_attr: [allNodesConfig, hosts_entries]} + EnabledServices: + description: The services enabled on each role + value: + Controller: {get_attr: [ControllerServiceChain, role_data, service_names]} + Compute: {get_attr: [ComputeServiceChain, role_data, service_names]} + BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]} + ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 4c9355d5..793b17dd 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -2,18 +2,10 @@ heat_template_version: 2015-04-30 description: 'All Nodes Config for Puppet' parameters: - compute_hosts: - type: comma_delimited_list - controller_hosts: + hosts: type: comma_delimited_list controller_ips: type: comma_delimited_list - block_storage_hosts: - type: comma_delimited_list - object_storage_hosts: - type: comma_delimited_list - ceph_storage_hosts: - type: comma_delimited_list controller_names: type: comma_delimited_list rabbit_node_ips: @@ -91,21 +83,7 @@ resources: hosts: list_join: - "\n" - - - list_join: - - "\n" - - {get_param: compute_hosts} - - list_join: - - "\n" - - {get_param: controller_hosts} - - list_join: - - "\n" - - {get_param: block_storage_hosts} - - list_join: - - "\n" - - {get_param: object_storage_hosts} - - list_join: - - "\n" - - {get_param: ceph_storage_hosts} + - {get_param: hosts} hiera: datafiles: bootstrap_node: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 2f007536..ace9e151 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -1,8 +1,9 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack ceph storage node configured by Puppet' parameters: - Flavor: + OvercloudCephStorageFlavor: description: Flavor for the Ceph Storage node. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -108,7 +109,7 @@ resources: properties: image: {get_param: CephStorageImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudCephStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -263,7 +264,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} network: mapped_data: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} @@ -274,7 +278,6 @@ resources: extraconfig: mapped_data: {get_param: ExtraConfig} ceph: - raw_data: {get_file: hieradata/ceph.yaml} mapped_data: tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 28f16866..e4df6aed 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack cinder storage configured by Puppet' parameters: BlockStorageImage: @@ -20,9 +20,10 @@ parameters: BlockStorageIPs: default: {} type: json - Flavor: + OvercloudBlockStorageFlavor: description: Flavor for block storage nodes to request when deploying. type: string + default: baremetal constraints: - custom_constraint: nova.flavor KeyName: @@ -270,7 +271,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} network: mapped_data: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} @@ -281,7 +285,6 @@ resources: extraconfig: mapped_data: {get_param: ExtraConfig} volume: - raw_data: {get_file: hieradata/volume.yaml} mapped_data: # Cinder tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 1ae55cd3..e029c605 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-10-15 +heat_template_version: 2016-10-14 description: > OpenStack hypervisor node configured via Puppet. @@ -40,8 +40,9 @@ parameters: Additional hiera configuration to inject into the cluster. Note that NovaComputeExtraConfig takes precedence over ExtraConfig. type: json - Flavor: + OvercloudComputeFlavor: description: Flavor for the nova compute node + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -231,7 +232,7 @@ resources: image: {get_param: NovaImage} image_update_policy: get_param: ImageUpdatePolicy - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudComputeFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -367,7 +368,6 @@ resources: - service_configs - compute - ceph_cluster # provided by CephClusterConfig - - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - network @@ -382,7 +382,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} extraconfig: @@ -392,10 +395,7 @@ resources: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} - ceph: - raw_data: {get_file: hieradata/ceph.yaml} compute: - raw_data: {get_file: hieradata/compute.yaml} mapped_data: cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} nova::use_ipv6: {get_input: nova_ipv6} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 52d80e57..5734ce0a 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack controller node configured by Puppet. @@ -93,8 +93,9 @@ parameters: ] } type: json - Flavor: + OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -342,7 +343,7 @@ resources: properties: image: {get_param: controllerImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudControlFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -495,12 +496,6 @@ resources: horizon_secret: {get_param: HorizonSecret} admin_password: {get_param: AdminPassword} debug: {get_param: Debug} - cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]} - cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]} - cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} - cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} - cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} - cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } @@ -519,12 +514,6 @@ resources: params: CLUSTER: {get_param: MysqlClusterUniquePart} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_password: {get_param: NeutronPassword} - neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } - neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } - neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } - neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } - nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] } aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] } @@ -546,9 +535,6 @@ resources: nova_password: {get_param: NovaPassword} upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} instance_name_template: {get_param: InstanceNameTemplate} - nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]} - nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]} - nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} @@ -618,7 +604,6 @@ resources: - service_configs - service_names - controller - - object - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - ceph_cluster # provided by CephClusterConfig - ceph @@ -640,7 +625,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} controller_extraconfig: mapped_data: map_merge: @@ -654,15 +642,11 @@ resources: net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} ceph: - raw_data: {get_file: hieradata/ceph.yaml} mapped_data: ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} ceph::profile::params::public_network: {get_input: ceph_public_network} ceph::profile::params::public_addr: {get_input: ceph_public_ip} - object: - raw_data: {get_file: hieradata/object.yaml} controller: - raw_data: {get_file: hieradata/controller.yaml} mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} @@ -682,19 +666,10 @@ resources: # Cinder tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} cinder::api::bind_host: {get_input: cinder_api_network} - cinder::keystone::auth::public_url: {get_input: cinder_public_url } - cinder::keystone::auth::internal_url: {get_input: cinder_internal_url } - cinder::keystone::auth::admin_url: {get_input: cinder_admin_url } - cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 } - cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 } - cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 } - cinder::keystone::auth::password: {get_input: cinder_password } - cinder::keystone::auth::region: {get_input: keystone_region} # Glance glance::api::bind_host: {get_input: glance_api_network} glance::registry::bind_host: {get_input: glance_registry_network} - glance::keystone::auth::region: {get_input: keystone_region} # Heat heat::api::bind_host: {get_input: heat_api_network} @@ -729,11 +704,6 @@ resources: neutron::bind_host: {get_input: neutron_api_network} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - neutron::keystone::auth::public_url: {get_input: neutron_public_url } - neutron::keystone::auth::internal_url: {get_input: neutron_internal_url } - neutron::keystone::auth::admin_url: {get_input: neutron_admin_url } - neutron::keystone::auth::password: {get_input: neutron_password } - neutron::keystone::auth::region: {get_input: keystone_region} # Aodh aodh::api::host: {get_input: aodh_api_network} @@ -766,16 +736,8 @@ resources: nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} - nova::network::neutron::neutron_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova_enable_db_purge: {get_input: nova_enable_db_purge} - nova::keystone::auth::public_url: {get_input: nova_public_url} - nova::keystone::auth::internal_url: {get_input: nova_internal_url} - nova::keystone::auth::admin_url: {get_input: nova_admin_url} - nova::keystone::auth::password: {get_input: nova_password } - nova::keystone::auth::region: {get_input: keystone_region} # Horizon apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet} @@ -785,6 +747,9 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} + # Sahara + sahara::host: {get_input: sahara_api_network} + # RabbitMQ rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} diff --git a/puppet/hieradata/README.rst b/puppet/hieradata/README.rst deleted file mode 100644 index 64a60229..00000000 --- a/puppet/hieradata/README.rst +++ /dev/null @@ -1 +0,0 @@ -Do not add more hieradata in this directory, and use composable services. diff --git a/puppet/hieradata/ceph.yaml b/puppet/hieradata/ceph.yaml deleted file mode 100644 index c8c5804b..00000000 --- a/puppet/hieradata/ceph.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# Do not add hieradata in this file, and use composable services. -ceph_classes: [] diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml deleted file mode 100644 index 54b3d412..00000000 --- a/puppet/hieradata/compute.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -compute_classes: [] diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml deleted file mode 100644 index d18e0bc9..00000000 --- a/puppet/hieradata/controller.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -controller_classes: [] diff --git a/puppet/hieradata/object.yaml b/puppet/hieradata/object.yaml deleted file mode 100644 index 5aa0cfb6..00000000 --- a/puppet/hieradata/object.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -object_classes: [] diff --git a/puppet/hieradata/volume.yaml b/puppet/hieradata/volume.yaml deleted file mode 100644 index 42b85e1a..00000000 --- a/puppet/hieradata/volume.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -volume_classes: [] diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 152694d9..df83496f 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('ceph_classes') + hiera_include('ceph_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')]) diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index ab7f846f..19ec575a 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('compute_classes') + hiera_include('compute_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')]) diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 69e48e95..30e7c8d9 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -17,8 +17,8 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('controller_classes') -} #END STEP 4 + hiera_include('controller_classes', []) +} $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 0aec972d..a782207e 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -16,17 +16,9 @@ include ::tripleo::packages include ::tripleo::firewall -if $::hostname == downcase(hiera('bootstrap_nodeid')) { - $pacemaker_master = true - $sync_db = true -} else { - $pacemaker_master = false - $sync_db = false +if hiera('step') >= 4 { + hiera_include('controller_classes', []) } -if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) { - hiera_include('controller_classes') -} #END STEP 4 - $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 1f04c581..18e90d1f 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('object_classes') + hiera_include('object_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')]) diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 7c7da586..f6787719 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('volume_classes') + hiera_include('volume_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')]) diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index 80f656d0..a51ec2df 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -13,10 +13,6 @@ parameters: description: The password for the redis service account. type: string hidden: true - RedisVirtualIPUri: - type: string - default: '' - resources: CeilometerServiceBase: @@ -38,7 +34,7 @@ outputs: - - 'redis://:' - {get_param: RedisPassword} - '@' - - {get_param: RedisVirtualIPUri} + - "%{hiera('redis_vip')}" - ':6379/' step_config: | include ::tripleo::profile::base::ceilometer::agent::central diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index bce52f36..47028610 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -58,9 +58,6 @@ outputs: config_settings: tripleo::profile::base::ceph::ceph_ipv6: {get_param: CephIPv6} tripleo::profile::base::ceph::enable_ceph_storage: {get_param: ControllerEnableCephStorage} - ceph::profile::params::osd_pool_default_pg_num: 32 - ceph::profile::params::osd_pool_default_pgp_num: 32 - ceph::profile::params::osd_pool_default_size: 3 ceph::profile::params::osd_pool_default_min_size: 1 ceph::profile::params::osds: {/srv/data: {}} ceph::profile::params::manage_repo: false diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index f48515e5..074d941d 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -31,6 +31,19 @@ parameters: NovaRbdPoolName: default: vms type: string + CephPools: + description: > + It can be used to override settings for one of the predefined pools, or to create + additional ones. Example: + { + "volumes": { + "size": 5, + "pg_num: 128, + "pgp_num": 128 + } + } + default: {} + type: json resources: CephBase: @@ -46,12 +59,24 @@ outputs: - get_attr: [CephBase, role_data, config_settings] - ceph::profile::params::ms_bind_ipv6: {get_param: CephIPv6} ceph::profile::params::mon_key: {get_param: CephMonKey} + # repeat returns items in a list, so we need to map_merge twice tripleo::profile::base::ceph::mon::ceph_pools: - - {get_param: CinderRbdPoolName} - - {get_param: CinderBackupRbdPoolName} - - {get_param: NovaRbdPoolName} - - {get_param: GlanceRbdPoolName} - - {get_param: GnocchiRbdPoolName} + map_merge: + - map_merge: + repeat: + for_each: + <%pool%>: + - {get_param: CinderRbdPoolName} + - {get_param: CinderBackupRbdPoolName} + - {get_param: NovaRbdPoolName} + - {get_param: GlanceRbdPoolName} + - {get_param: GnocchiRbdPoolName} + template: + <%pool%>: + pg_num: 32 + pgp_num: 32 + size: 3 + - {get_param: CephPools} tripleo.ceph_mon.firewall_rules: '110 ceph_mon': dport: diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 5e58dee9..3568cb06 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -18,6 +18,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: @@ -34,10 +38,22 @@ outputs: config_settings: map_merge: - get_attr: [CinderBase, role_data, config_settings] - - cinder::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - cinder::api::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - cinder::api::keystone_password: {get_param: CinderPassword} - cinder::api::keystone_tenant: 'service' + - cinder::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + cinder::keystone::authtoken::password: {get_param: CinderPassword} + cinder::keystone::authtoken::project_name: 'service' + cinder::keystone::auth::tenant: 'service' + cinder::keystone::auth::public_url: {get_param: [EndpointMap, CinderPublic, uri]} + cinder::keystone::auth::internal_url: {get_param: [EndpointMap, CinderInternal, uri]} + cinder::keystone::auth::admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} + cinder::keystone::auth::public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} + cinder::keystone::auth::internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} + cinder::keystone::auth::admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} + cinder::keystone::auth::public_url_v3: {get_param: [EndpointMap, CinderV3Public, uri]} + cinder::keystone::auth::internal_url_v3: {get_param: [EndpointMap, CinderV3Internal, uri]} + cinder::keystone::auth::admin_url_v3: {get_param: [EndpointMap, CinderV3Admin, uri]} + cinder::keystone::auth::password: {get_param: CinderPassword} + cinder::keystone::auth::region: {get_param: KeystoneRegion} cinder::api::enable_proxy_headers_parsing: true cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL' # TODO(emilien) move it to puppet-cinder diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index d923e7c6..f5d98afa 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -64,7 +64,6 @@ outputs: - '%' - "%{hiera('mysql_bind_host')}" cinder::rabbit_heartbeat_timeout_threshold: 60 - cinder::keystone::auth::tenant: 'service' cinder::host: hostgroup cinder::cron::db_purge::destination: '/dev/null' cinder::db::database_db_max_retries: -1 diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 99065789..bb14546f 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -60,6 +60,10 @@ parameters: Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. type: string + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint outputs: role_data: @@ -106,6 +110,7 @@ outputs: glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]} glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]} glance::keystone::auth::password: {get_param: GlancePassword } + glance::keystone::auth::region: {get_param: KeystoneRegion} glance::registry::db::database_db_max_retries: -1 glance::registry::db::database_max_retries: -1 tripleo.glance_api.firewall_rules: diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index f8832dd8..c3a3b7ae 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -35,6 +35,7 @@ outputs: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::api_cfn::workers: {get_param: HeatWorkers} + heat::keystone::auth_cfn::tenant: 'service' heat::keystone::auth_cfn::public_url: {get_param: [EndpointMap, HeatCfnPublic, uri]} heat::keystone::auth_cfn::internal_url: {get_param: [EndpointMap, HeatCfnInternal, uri]} heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]} diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index c0e7a690..b4402a17 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -35,6 +35,7 @@ outputs: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::api::workers: {get_param: HeatWorkers} + heat::keystone::auth::tenant: 'service' heat::keystone::auth::public_url: {get_param: [EndpointMap, HeatPublic, uri]} heat::keystone::auth::internal_url: {get_param: [EndpointMap, HeatInternal, uri]} heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 01f2a51b..091a4e9b 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -47,7 +47,6 @@ outputs: value: 'role:admin' heat::rabbit_heartbeat_timeout_threshold: 60 heat::keystone_tenant: 'service' - heat::keystone::auth::tenant: 'service' heat::keystone::domain::domain_name: 'heat_stack' heat::keystone::domain::domain_admin: 'heat_stack_domain_admin' heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost' diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 3f8ac7e8..f6339c83 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -64,6 +64,5 @@ outputs: neutron::allow_overlapping_ips: true neutron::rabbit_heartbeat_timeout_threshold: 60 neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed - neutron::keystone::auth::tenant: 'service' neutron::db::database_db_max_retries: -1 neutron::db::database_max_retries: -1 diff --git a/puppet/services/neutron-server.yaml b/puppet/services/neutron-server.yaml index d64fd66d..cd602e6e 100644 --- a/puppet/services/neutron-server.yaml +++ b/puppet/services/neutron-server.yaml @@ -33,6 +33,10 @@ parameters: description: Enable Neutron DVR. default: false type: boolean + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: @@ -56,14 +60,18 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ovs_neutron' + neutron::keystone::auth::tenant: 'service' + neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]} + neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } + neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } + neutron::keystone::auth::password: {get_param: NeutronPassword} + neutron::keystone::auth::region: {get_param: KeystoneRegion} neutron::server::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } neutron::server::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - neutron::server::auth_tenant: 'service' - neutron::server::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {get_param: NeutronL3HA} - neutron::server::auth_password: {get_param: NeutronPassword} + neutron::server::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index 045a8614..d560edb4 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -13,6 +13,14 @@ parameters: default: 0 description: Number of workers for Nova API service. type: number + NovaPassword: + description: The password for the nova service and db account, used by nova-api. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: NovaBase: @@ -47,5 +55,11 @@ outputs: nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true nova::api::enable_proxy_headers_parsing: true + nova::keystone::auth::tenant: 'service' + nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]} + nova::keystone::auth::internal_url: {get_param: [EndpointMap, NovaInternal, uri]} + nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} + nova::keystone::auth::password: {get_param: NovaPassword} + nova::keystone::auth::region: {get_param: KeystoneRegion} step_config: | include tripleo::profile::base::nova::api diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index e3379821..5bc94b2b 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -13,6 +13,10 @@ parameters: description: The password for the nova service and db account, used by nova-api. type: string hidden: true + NeutronPassword: + description: The password for the neutron service and db account, used by neutron agents. + type: string + hidden: true RabbitPassword: description: The password for RabbitMQ type: string @@ -82,13 +86,15 @@ outputs: nova::network::neutron::neutron_project_name: 'service' nova::network::neutron::neutron_username: 'neutron' nova::network::neutron::dhcp_domain: '' + nova::network::neutron::neutron_password: {get_param: NeutronPassword} + nova::network::neutron::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]} nova::rabbit_heartbeat_timeout_threshold: 60 nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed. nova::notify_on_state_change: 'vm_and_task_state' nova::notification_driver: messagingv2 nova::network::neutron::neutron_auth_type: 'v3password' - nova::keystone::auth::tenant: 'service' nova::db::mysql::user: nova nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} nova::db::mysql::dbname: nova diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml index ac05a01a..a06afb2d 100644 --- a/puppet/services/pacemaker/sahara-api.yaml +++ b/puppet/services/pacemaker/sahara-api.yaml @@ -28,4 +28,4 @@ outputs: - sahara::service::api::manage_service: false sahara::service::api::enabled: false step_config: | - include ::tripleo::profile::pacemaker::sahara + include ::tripleo::profile::pacemaker::sahara::api diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml index f6bd8f61..a1191f87 100644 --- a/puppet/services/pacemaker/sahara-engine.yaml +++ b/puppet/services/pacemaker/sahara-engine.yaml @@ -27,7 +27,5 @@ outputs: - get_attr: [SaharaEngineBase, role_data, config_settings] - sahara::service::engine::manage_service: false sahara::service::engine::enabled: false - # No puppet manifests since sahara-engine is included in - # ::tripleo::profile::pacemaker::sahara which is maintained alongside of - # pacemaker/sahara-api.yaml. - step_config: + step_config: | + include ::tripleo::profile::pacemaker::sahara::engine diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 7ca9bbd5..85324312 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -10,7 +10,6 @@ parameters: via parameter_defaults in the resource registry. type: json SaharaPassword: - default: unset description: The password for the sahara service account, used by sahara-api. type: string hidden: true @@ -18,9 +17,6 @@ parameters: default: 0 description: The number of workers for the sahara-api. type: number - SaharaApiVirtualIP: - type: string - default: '' KeystoneRegion: type: string default: 'regionOne' @@ -29,6 +25,8 @@ parameters: resources: SaharaBase: type: ./sahara-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -38,12 +36,8 @@ outputs: config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] - - sahara::host: {get_param: SaharaApiVirtualIP} - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]} - sahara::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - sahara::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } - sahara::admin_password: {get_param: SaharaPassword} - sahara::service::api::api_workers: {get_param: SaharaApiWorkers} + - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]} + sahara::service::api::api_workers: {get_param: SaharaWorkers} sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]} sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]} sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml index 2f8cd91b..7ec44a49 100644 --- a/puppet/services/sahara-base.yaml +++ b/puppet/services/sahara-base.yaml @@ -4,6 +4,11 @@ description: > OpenStack Sahara base service. Shared for all Sahara services. parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json RabbitPassword: description: The password for RabbitMQ type: string @@ -22,6 +27,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + SaharaPassword: + description: The password for the sahara service account, used by sahara-api. + type: string + hidden: true Debug: type: string default: '' @@ -33,11 +42,30 @@ outputs: value: service_name: sahara_base config_settings: + sahara::database_connection: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://sahara:' + - {get_param: SaharaPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/sahara' + sahara::db::mysql::password: {get_param: SaharaPassword} + sahara::db::mysql::user: sahara + sahara::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + sahara::db::mysql::dbname: sahara + sahara::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" sahara::rabbit_password: {get_param: RabbitPassword} sahara::rabbit_user: {get_param: RabbitUserName} sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL} sahara::rabbit_port: {get_param: RabbitClientPort} sahara::debug: {get_param: Debug} + sahara::admin_password: {get_param: SaharaPassword} + sahara::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + sahara::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } sahara::use_neutron: true sahara::plugins: - cdh diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml index 074f83c7..de2ac7ef 100644 --- a/puppet/services/sahara-engine.yaml +++ b/puppet/services/sahara-engine.yaml @@ -9,15 +9,12 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - SaharaPassword: - default: unset - description: The password for the sahara service account, used by sahara-api. - type: string - hidden: true resources: SaharaBase: type: ./sahara-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -27,22 +24,5 @@ outputs: config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] - - sahara_dsn: &sahara_dsn - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://sahara:' - - {get_param: SaharaPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/sahara' - sahara::database_connection: *sahara_dsn - sahara::db::mysql::password: {get_param: SaharaPassword} - sahara::db::mysql::user: sahara - sahara::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} - sahara::db::mysql::dbname: sahara - sahara::db::mysql::allowed_hosts: - - '%' - - "%{hiera('mysql_bind_host')}" step_config: | include ::tripleo::profile::base::sahara::engine diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 5e331f44..3553f77a 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -1,8 +1,9 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack swift storage node configured by Puppet' parameters: - Flavor: + OvercloudSwiftStorageFlavor: description: Flavor for Swift storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -115,7 +116,7 @@ resources: command: {get_param: ConfigCommand} properties: image: {get_param: SwiftStorageImage} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudSwiftStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -257,7 +258,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} network: mapped_data: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} @@ -268,7 +272,6 @@ resources: extraconfig: mapped_data: {get_param: ExtraConfig} object: - raw_data: {get_file: hieradata/object.yaml} mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_path_suffix: { get_input: swift_hash_suffix } swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} |