diff options
| -rw-r--r-- | .gitignore | 15 | ||||
| -rw-r--r-- | README.rst | 9 | ||||
| -rw-r--r-- | ci/environments/scenario003-multinode.yaml | 10 | ||||
| -rw-r--r-- | hosts-config.yaml | 18 | ||||
| -rw-r--r-- | overcloud.j2.yaml | 6 | ||||
| -rw-r--r-- | puppet/blockstorage-role.yaml | 36 | ||||
| -rw-r--r-- | puppet/cephstorage-role.yaml | 36 | ||||
| -rw-r--r-- | puppet/compute-role.yaml | 36 | ||||
| -rw-r--r-- | puppet/controller-role.yaml | 36 | ||||
| -rw-r--r-- | puppet/objectstorage-role.yaml | 37 | ||||
| -rw-r--r-- | puppet/role.role.j2.yaml | 42 | ||||
| -rw-r--r-- | requirements.txt | 1 | ||||
| -rwxr-xr-x | scripts/hosts-config.sh | 47 | ||||
| -rwxr-xr-x | tools/process-templates.py | 125 | ||||
| -rw-r--r-- | tox.ini | 7 |
15 files changed, 448 insertions, 13 deletions
@@ -44,3 +44,18 @@ doc/_build # Built by pbr (python setup.py sdist): AUTHORS ChangeLog + +extraconfig/all_nodes/mac_hostname.yaml +extraconfig/all_nodes/random_string.yaml +extraconfig/all_nodes/swap-partition.yaml +extraconfig/all_nodes/swap.yaml +extraconfig/tasks/major_upgrade_pacemaker_init.yaml +network/service_net_map.yaml +overcloud-resource-registry-puppet.yaml +overcloud.yaml +puppet/blockstorage-config.yaml +puppet/cephstorage-config.yaml +puppet/compute-config.yaml +puppet/controller-config.yaml +puppet/objectstorage-config.yaml +puppet/post.yaml @@ -1,3 +1,12 @@ +======================== +Team and repository tags +======================== + +.. image:: http://governance.openstack.org/badges/tripleo-heat-templates.svg + :target: http://governance.openstack.org/reference/tags/index.html + +.. Change things from this point on + ====================== tripleo-heat-templates ====================== diff --git a/ci/environments/scenario003-multinode.yaml b/ci/environments/scenario003-multinode.yaml index e540bc55..25fe1697 100644 --- a/ci/environments/scenario003-multinode.yaml +++ b/ci/environments/scenario003-multinode.yaml @@ -1,11 +1,11 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml - OS::TripleO::Services::SaharaApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/sahara-api.yaml - OS::TripleO::Services::SaharaEngine: /usr/share/openstack-tripleo-heat-templates/puppet/services/sahara-engine.yaml - OS::TripleO::Services::MistralApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/mistral-api.yaml - OS::TripleO::Services::MistralEngine: /usr/share/openstack-tripleo-heat-templates/puppet/services/mistral-engine.yaml - OS::TripleO::Services::MistralExecutor: /usr/share/openstack-tripleo-heat-templates/puppet/services/mistral-executor.yaml + OS::TripleO::Services::SaharaApi: ../../puppet/services/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: ../../puppet/services/sahara-engine.yaml + OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml + OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml + OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml parameter_defaults: ControllerServices: diff --git a/hosts-config.yaml b/hosts-config.yaml index b5a22b7f..a24b9bb4 100644 --- a/hosts-config.yaml +++ b/hosts-config.yaml @@ -8,11 +8,18 @@ parameters: resources: hostsConfigImpl: - type: OS::Heat::StructuredConfig + type: OS::Heat::SoftwareConfig properties: - group: os-apply-config - config: - hosts: {get_param: hosts} + group: script + inputs: + - name: hosts + default: + list_join: + - ' ' + - str_split: + - '\n' + - {get_param: hosts} + config: {get_file: scripts/hosts-config.sh} outputs: config_id: @@ -25,3 +32,6 @@ outputs: hostname-based access to the deployed nodes (useful for testing without setting up a DNS). value: {get_attr: [hostsConfigImpl, config, hosts]} + OS::stack_id: + description: The ID of the hostsConfigImpl resource. + value: {get_resource: hostsConfigImpl} diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index e2c05eef..39a092b1 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -187,7 +187,7 @@ resources: type: string value: list_join: - - '\n' + - "\n" - - str_replace: template: IP HOST params: @@ -370,7 +370,7 @@ resources: properties: hosts: list_join: - - '\n' + - "\n" - - if: - add_vips_to_etc_hosts - {get_attr: [VipHosts, value]} @@ -378,7 +378,7 @@ resources: - {% for role in roles %} - list_join: - - '\n' + - "\n" - {get_attr: [{{role.name}}, hosts_entry]} {% endfor %} diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml index 45552e05..c9bf894f 100644 --- a/puppet/blockstorage-role.yaml +++ b/puppet/blockstorage-role.yaml @@ -266,6 +266,42 @@ resources: extraconfig: {get_param: ExtraConfig} volume: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} + fqdn_internal_api: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - internalapi + - {get_param: CloudDomain} + fqdn_storage: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - storage + - {get_param: CloudDomain} + fqdn_storage_mgmt: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - storagemgmt + - {get_param: CloudDomain} + fqdn_tenant: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - tenant + - {get_param: CloudDomain} + fqdn_management: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - management + - {get_param: CloudDomain} + fqdn_ctlplane: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - ctlplane + - {get_param: CloudDomain} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml index 03b57e2b..18787a21 100644 --- a/puppet/cephstorage-role.yaml +++ b/puppet/cephstorage-role.yaml @@ -271,6 +271,42 @@ resources: extraconfig: {get_param: ExtraConfig} ceph: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} + fqdn_internal_api: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - internalapi + - {get_param: CloudDomain} + fqdn_storage: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - storage + - {get_param: CloudDomain} + fqdn_storage_mgmt: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - storagemgmt + - {get_param: CloudDomain} + fqdn_tenant: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - tenant + - {get_param: CloudDomain} + fqdn_management: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - management + - {get_param: CloudDomain} + fqdn_ctlplane: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - ctlplane + - {get_param: CloudDomain} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml index 13464339..f359bf70 100644 --- a/puppet/compute-role.yaml +++ b/puppet/compute-role.yaml @@ -284,6 +284,42 @@ resources: extraconfig: {get_param: ExtraConfig} compute: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} + fqdn_internal_api: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - internalapi + - {get_param: CloudDomain} + fqdn_storage: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - storage + - {get_param: CloudDomain} + fqdn_storage_mgmt: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - storagemgmt + - {get_param: CloudDomain} + fqdn_tenant: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - tenant + - {get_param: CloudDomain} + fqdn_management: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - management + - {get_param: CloudDomain} + fqdn_ctlplane: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - ctlplane + - {get_param: CloudDomain} NovaComputeDeployment: type: OS::TripleO::SoftwareDeployment diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml index 09e10eae..77b54ff3 100644 --- a/puppet/controller-role.yaml +++ b/puppet/controller-role.yaml @@ -344,6 +344,42 @@ resources: # Misc tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} + fqdn_internal_api: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - internalapi + - {get_param: CloudDomain} + fqdn_storage: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - storage + - {get_param: CloudDomain} + fqdn_storage_mgmt: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - storagemgmt + - {get_param: CloudDomain} + fqdn_tenant: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - tenant + - {get_param: CloudDomain} + fqdn_management: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - management + - {get_param: CloudDomain} + fqdn_ctlplane: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - ctlplane + - {get_param: CloudDomain} # Hook for site-specific additional pre-deployment config, e.g extra hieradata ControllerExtraConfigPre: diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml index 533cd2c1..60c12c3b 100644 --- a/puppet/objectstorage-role.yaml +++ b/puppet/objectstorage-role.yaml @@ -255,6 +255,43 @@ resources: extraconfig: {get_param: ExtraConfig} object: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} + fqdn_internal_api: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - internalapi + - {get_param: CloudDomain} + fqdn_storage: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - storage + - {get_param: CloudDomain} + fqdn_storage_mgmt: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - storagemgmt + - {get_param: CloudDomain} + fqdn_tenant: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - tenant + - {get_param: CloudDomain} + fqdn_management: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - management + - {get_param: CloudDomain} + fqdn_ctlplane: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - ctlplane + - {get_param: CloudDomain} + SwiftStorageHieraDeploy: type: OS::Heat::StructuredDeployment diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index c2c322d8..587ff58d 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -5,13 +5,17 @@ parameters: description: Flavor for the {{role}} node. default: baremetal type: string +{% if disable_constraints is not defined %} constraints: - custom_constraint: nova.flavor +{% endif %} {{role}}Image: type: string default: overcloud-full +{% if disable_constraints is not defined %} constraints: - custom_constraint: glance.image +{% endif %} ImageUpdatePolicy: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. @@ -20,8 +24,10 @@ parameters: description: Name of an existing Nova key pair to enable SSH access to the instances type: string default: default +{% if disable_constraints is not defined %} constraints: - custom_constraint: nova.keypair +{% endif %} ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -279,6 +285,42 @@ resources: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources} tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups} + fqdn_internal_api: + list_join: + - '.' + - - {get_attr: [{{role}}, name]} + - internalapi + - {get_param: CloudDomain} + fqdn_storage: + list_join: + - '.' + - - {get_attr: [{{role}}, name]} + - storage + - {get_param: CloudDomain} + fqdn_storage_mgmt: + list_join: + - '.' + - - {get_attr: [{{role}}, name]} + - storagemgmt + - {get_param: CloudDomain} + fqdn_tenant: + list_join: + - '.' + - - {get_attr: [{{role}}, name]} + - tenant + - {get_param: CloudDomain} + fqdn_management: + list_join: + - '.' + - - {get_attr: [{{role}}, name]} + - management + - {get_param: CloudDomain} + fqdn_ctlplane: + list_join: + - '.' + - - {get_attr: [{{role}}, name]} + - ctlplane + - {get_param: CloudDomain} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/requirements.txt b/requirements.txt index 4e46b891..9c4a708a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1,2 @@ pbr>=0.5.21,<1.0 +Jinja2>=2.8 # BSD License (3 clause) diff --git a/scripts/hosts-config.sh b/scripts/hosts-config.sh new file mode 100755 index 00000000..4826d615 --- /dev/null +++ b/scripts/hosts-config.sh @@ -0,0 +1,47 @@ +#!/bin/bash +set -eux +set -o pipefail + +write_entries() { + local file="$1" + local entries="$2" + + # Don't do anything if the file isn't there + if [ ! -f "$file" ]; then + return + fi + + if grep -q "^# HEAT_HOSTS_START" "$file"; then + temp=$(mktemp) + awk -v v="$entries" '/^# HEAT_HOSTS_START/ { + print $0 + print v + f=1 + }f &&!/^# HEAT_HOSTS_END$/{next}/^# HEAT_HOSTS_END$/{f=0}!f' "$file" > "$temp" + echo "INFO: Updating hosts file $file, check below for changes" + diff "$file" "$temp" || true + cat "$temp" > "$file" + else + echo -ne "\n# HEAT_HOSTS_START - Do not edit manually within this section!\n" >> "$file" + echo "$entries" >> "$file" + echo -ne "# HEAT_HOSTS_END\n\n" >> "$file" + fi + +} + +if [ ! -z "$hosts" ]; then + # cloud-init files are /etc/cloud/templates/hosts.OSNAME.tmpl + DIST=$(lsb_release -is | tr -s [A-Z] [a-z]) + case $DIST in + fedora|redhatenterpriseserver) + name="redhat" + ;; + *) + name="$DIST" + ;; + esac + write_entries "/etc/cloud/templates/hosts.${name}.tmpl" "$hosts" + write_entries "/etc/hosts" "$hosts" +else + echo "No hosts in Heat, nothing written." +fi diff --git a/tools/process-templates.py b/tools/process-templates.py new file mode 100755 index 00000000..a15b00e2 --- /dev/null +++ b/tools/process-templates.py @@ -0,0 +1,125 @@ +#!/usr/bin/env python +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import argparse +import jinja2 +import os +import sys +import yaml + + +def parse_opts(argv): + parser = argparse.ArgumentParser( + description='Configure host network interfaces using a JSON' + ' config file format.') + parser.add_argument('-p', '--base_path', metavar='BASE_PATH', + help="""base path of templates to process.""", + default='.') + parser.add_argument('-r', '--roles-data', metavar='ROLES_DATA', + help="""relative path to the roles_data.yaml file.""", + default='roles_data.yaml') + parser.add_argument('--safe', + action='store_true', + help="""Enable safe mode (do not overwrite files).""", + default=False) + opts = parser.parse_args(argv[1:]) + + return opts + + +def _j2_render_to_file(j2_template, j2_data, outfile_name=None, + overwrite=True): + yaml_f = outfile_name or j2_template.replace('.j2.yaml', '.yaml') + print('rendering j2 template to file: %s' % outfile_name) + + if not overwrite and os.path.exists(outfile_name): + print('ERROR: path already exists for file: %s' % outfile_name) + sys.exit(1) + + try: + # Render the j2 template + template = jinja2.Environment().from_string(j2_template) + r_template = template.render(**j2_data) + except jinja2.exceptions.TemplateError as ex: + error_msg = ("Error rendering template %s : %s" + % (yaml_f, six.text_type(ex))) + print(error_msg) + raise Exception(error_msg) + with open(outfile_name, 'w') as out_f: + out_f.write(r_template) + + +def process_templates(template_path, role_data_path, overwrite): + + with open(role_data_path) as role_data_file: + role_data = yaml.safe_load(role_data_file) + + j2_excludes_path = os.path.join(template_path, 'j2_excludes.yaml') + with open(j2_excludes_path) as role_data_file: + j2_excludes = yaml.safe_load(role_data_file) + + role_names = [r.get('name') for r in role_data] + r_map = {} + for r in role_data: + r_map[r.get('name')] = r + excl_templates = ['%s/%s' % (template_path, e) + for e in j2_excludes.get('name')] + + if os.path.isdir(template_path): + for subdir, dirs, files in os.walk(template_path): + for f in files: + file_path = os.path.join(subdir, f) + # We do two templating passes here: + # 1. *.role.j2.yaml - we template just the role name + # and create multiple files (one per role) + # 2. *.j2.yaml - we template with all roles_data, + # and create one file common to all roles + if f.endswith('.role.j2.yaml'): + print("jinja2 rendering role template %s" % f) + with open(file_path) as j2_template: + template_data = j2_template.read() + print("jinja2 rendering roles %s" % "," + .join(role_names)) + for role in role_names: + j2_data = {'role': role} + # (dprince) For the undercloud installer we don't + # want to have heat check nova/glance API's + if r_map[role].get('disable_constraints', False): + j2_data['disable_constraints'] = True + out_f = "-".join( + [role.lower(), + os.path.basename(f).replace('.role.j2.yaml', + '.yaml')]) + out_f_path = os.path.join(subdir, out_f) + if not (out_f_path in excl_templates): + _j2_render_to_file(template_data, j2_data, + out_f_path, overwrite) + else: + print('skipping rendering of %s' % out_f_path) + elif f.endswith('.j2.yaml'): + print("jinja2 rendering normal template %s" % f) + with open(file_path) as j2_template: + template_data = j2_template.read() + j2_data = {'roles': role_data} + out_f = file_path.replace('.j2.yaml', '.yaml') + _j2_render_to_file(template_data, j2_data, out_f, + overwrite) + + else: + print('Unexpected argument %s' % template_path) + +opts = parse_opts(sys.argv) + +role_data_path = os.path.join(opts.base_path, opts.roles_data) + +process_templates(opts.base_path, role_data_path, (not opts.safe)) @@ -11,4 +11,9 @@ deps = -r{toxinidir}/requirements.txt commands = {posargs} [testenv:pep8] -commands = python ./tools/yaml-validate.py . +commands = + python ./tools/process-templates.py + python ./tools/yaml-validate.py . + +[testenv:templates] +commands = python ./tools/process-templates.py |