diff options
75 files changed, 2855 insertions, 234 deletions
diff --git a/all-nodes-config.yaml b/all-nodes-config.yaml index 7fa27c5d..9687dafc 100644 --- a/all-nodes-config.yaml +++ b/all-nodes-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'All Nodes Config' parameters: diff --git a/bootstrap-config.yaml b/bootstrap-config.yaml index 14da8265..6082dbce 100644 --- a/bootstrap-config.yaml +++ b/bootstrap-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Bootstrap Config' parameters: diff --git a/ceph-cluster-config.yaml b/ceph-cluster-config.yaml index 6cc170ce..f44e27c1 100644 --- a/ceph-cluster-config.yaml +++ b/ceph-cluster-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Ceph Cluster config data' parameters: diff --git a/ceph-storage-post.yaml b/ceph-storage-post.yaml index 2a0fa043..06c2a291 100644 --- a/ceph-storage-post.yaml +++ b/ceph-storage-post.yaml @@ -1,8 +1,18 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Ceph Storage Post Deployment' # NOTE: this is a noop for os-apply-config style deployments because # post deployment ordering is controlled by tripleo-image-elements parameters: servers: - type: json
\ No newline at end of file + type: json + +resources: + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/ceph-storage.yaml b/ceph-storage.yaml index f89d5f3a..74530147 100644 --- a/ceph-storage.yaml +++ b/ceph-storage.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Common Ceph Storage Configuration' parameters: Image: @@ -45,13 +45,26 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + StoragePort: + type: OS::TripleO::CephStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::CephStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig + properties: + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: CephStorage} CephStorageDeployment: @@ -114,7 +127,13 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [CephStorage, networks, ctlplane, 0]} HOST: {get_attr: [CephStorage, name]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/cinder-storage-post.yaml b/cinder-storage-post.yaml index 0331685a..8943c502 100644 --- a/cinder-storage-post.yaml +++ b/cinder-storage-post.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Common Block Storage Post Deployment' # NOTE: this is a noop for os-apply-config style deployments because # post deployment ordering is controlled by tripleo-image-elements @@ -6,3 +6,13 @@ description: 'Common Block Storage Post Deployment' parameters: servers: type: json + +resources: + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/cinder-storage.yaml b/cinder-storage.yaml index 98123b83..aee67c9d 100644 --- a/cinder-storage.yaml +++ b/cinder-storage.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Common Block Storage Configuration' parameters: Image: @@ -116,13 +116,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::BlockStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::BlockStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: BlockStorage} BlockStorageDeployment: @@ -164,7 +183,16 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [BlockStorage, networks, ctlplane, 0]} HOST: {get_attr: [BlockStorage, name]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/compute-post.yaml b/compute-post.yaml index 8c49709f..e568a5a6 100644 --- a/compute-post.yaml +++ b/compute-post.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Compute Post Deployment' # NOTE: this is a noop for os-apply-config style deployments because # post deployment ordering is controlled by tripleo-image-elements @@ -6,3 +6,14 @@ description: 'Compute Post Deployment' parameters: servers: type: json + +resources: + + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/compute.yaml b/compute.yaml index f7e434f5..8e5cdec7 100644 --- a/compute.yaml +++ b/compute.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack hypervisor node. Can be wrapped in a ResourceGroup for scaling. @@ -264,14 +264,33 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::Compute::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Compute::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Compute::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: NovaCompute} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -419,6 +438,15 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [NovaCompute, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} @@ -427,7 +455,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [NovaCompute, networks, ctlplane, 0]} HOST: {get_attr: [NovaCompute, name]} diff --git a/controller-post.yaml b/controller-post.yaml index 31a3062a..926adeae 100644 --- a/controller-post.yaml +++ b/controller-post.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Controller Post Deployment' # NOTE: this is a noop for os-apply-config style deployments because # post deployment ordering is controlled by tripleo-image-elements @@ -6,3 +6,12 @@ description: 'Controller Post Deployment' parameters: servers: type: json + +resources: + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} diff --git a/controller.yaml b/controller.yaml index 9044ade3..403ef05a 100644 --- a/controller.yaml +++ b/controller.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack control plane node. Can be wrapped in a ResourceGroup for scaling. @@ -14,6 +14,10 @@ parameters: description: The keystone auth secret and db password. type: string hidden: true + CeilometerBackend: + default: 'mongodb' + description: The ceilometer backend type. + type: string CeilometerMeteringSecret: default: unset description: Secret shared by the ceilometer services. @@ -144,6 +148,13 @@ parameters: default: http description: Protocol to use when connecting to glance, set to https for SSL. type: string + GlanceBackend: + default: swift + description: The short name of the Glance backend to use. Should be one + of swift, rbd, or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset description: The password for the Heat service and db account, used by the Heat services. @@ -157,6 +168,9 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + HorizonSecret: + description: Secret key for Django + type: string Image: type: string default: overcloud-control @@ -423,14 +437,45 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::Controller::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + InternalApiPort: + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Controller::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig + properties: + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: Controller} input_values: bridge_name: br-ex @@ -921,6 +966,21 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [Controller, networks, ctlplane, 0]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} @@ -936,7 +996,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: IP HOST HOST.novalocal CLOUDNAME + template: IP HOST CLOUDNAME params: IP: {get_attr: [Controller, networks, ctlplane, 0]} HOST: {get_attr: [Controller, name]} diff --git a/deprecated/overcloud-source.yaml b/deprecated/overcloud-source.yaml index 82fe6755..d355c4df 100644 --- a/deprecated/overcloud-source.yaml +++ b/deprecated/overcloud-source.yaml @@ -877,10 +877,6 @@ resources: - ' ' - - {get_attr: [NovaCompute0, networks, ctlplane, 0]} - {get_attr: [NovaCompute0, name]} - - Fn::Join: - - '.' - - - {get_attr: [NovaCompute0, name]} - - 'novalocal' - Fn::Join: - "\n" - Merge::Map: @@ -889,10 +885,6 @@ resources: - ' ' - - {get_attr: [BlockStorage0, networks, ctlplane, 0]} - {get_attr: [BlockStorage0, name]} - - Fn::Join: - - '.' - - - {get_attr: [BlockStorage0, name]} - - 'novalocal' - Fn::Join: - "\n" - Merge::Map: @@ -901,10 +893,6 @@ resources: - ' ' - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]} - {get_attr: [SwiftStorage0, name]} - - Fn::Join: - - '.' - - - {get_attr: [SwiftStorage0, name]} - - 'novalocal' - Fn::Join: - "\n" - Merge::Map: @@ -913,10 +901,6 @@ resources: - ' ' - - {get_attr: [controller0, networks, ctlplane, 0]} - {get_attr: [controller0, name]} - - Fn::Join: - - '.' - - - {get_attr: [controller0, name]} - - 'novalocal' - {get_param: CloudName} rabbit: nodes: diff --git a/environments/README.md b/environments/README.md new file mode 100644 index 00000000..4111f7ed --- /dev/null +++ b/environments/README.md @@ -0,0 +1,13 @@ +This directory contains Heat environment file snippets which can +be used to enable features in the Overcloud. + +Configuration +------------- + +These can be enabled using the -e [path to environment yaml] option with +heatclient. + +Below is an example of how to enable the Ceph template using +devtest\_overcloud.sh: + + export OVERCLOUD\_CUSTOM\_HEAT\_ENV=$TRIPLEO\_ROOT/tripleo-heat-templates/environments/ceph_devel.yaml diff --git a/environments/net-bond-with-vlans.yaml b/environments/net-bond-with-vlans.yaml new file mode 100644 index 00000000..38c31cac --- /dev/null +++ b/environments/net-bond-with-vlans.yaml @@ -0,0 +1,13 @@ +# This template configures each role to use a pair of bonded nics (nic2 and +# nic3) and configures an IP address on each relevant isolated network +# for each role. This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/bond-with-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml new file mode 100644 index 00000000..5eb2b2da --- /dev/null +++ b/environments/network-isolation.yaml @@ -0,0 +1,35 @@ +# Enable the creation of Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +resource_registry: + OS::TripleO::Network::External: ../network/external.yaml + OS::TripleO::Network::InternalApi: ../network/internal_api.yaml + OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml + OS::TripleO::Network::Storage: ../network/storage.yaml + OS::TripleO::Network::Tenant: ../network/tenant.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml diff --git a/environments/overcloud-steps.yaml b/environments/overcloud-steps.yaml new file mode 100644 index 00000000..99f73688 --- /dev/null +++ b/environments/overcloud-steps.yaml @@ -0,0 +1,10 @@ +# Specifies hooks/breakpoints where overcloud deployment should stop +# Allows operator validation between steps, and/or more granular control. +# Note: the wildcards relate to naming convention for some resource suffixes, +# e.g see puppet/*-post-puppet.yaml, enabling this will mean we wait for +# a user signal on every *Deployment_StepN resource defined in those files. +resource_registry: + resources: + "*NodesPostDeployment": + "*Deployment_Step*": + hooks: [pre-create, pre-update] diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml new file mode 100644 index 00000000..d782e8d8 --- /dev/null +++ b/environments/puppet-ceph-devel.yaml @@ -0,0 +1,16 @@ +# A Heat environment file which can be used to enable a Ceph +# storage cluster using the controller and 2 ceph nodes. +# Rbd backends are enabled for Cinder, Glance, and Nova. +parameters: + CephStorageCount: 2 + #NOTE: These ID's and keys should be regenerated for + # a production deployment. What is here is suitable for + # developer and CI testing only. + CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' + CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ==' + CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' + NovaEnableRbdBackend: true + CinderEnableRbdBackend: true + GlanceBackend: rbd + CinderEnableIscsiBackend: false + ControllerEnableCephStorage: true diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml new file mode 100644 index 00000000..f235cf8f --- /dev/null +++ b/environments/puppet-pacemaker.yaml @@ -0,0 +1,4 @@ +# An environment which enables configuration of an +# Overcloud controller with Pacemaker. +resource_registry: + OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml diff --git a/extraconfig/post_deploy/default.yaml b/extraconfig/post_deploy/default.yaml new file mode 100644 index 00000000..ddfe0243 --- /dev/null +++ b/extraconfig/post_deploy/default.yaml @@ -0,0 +1,5 @@ +heat_template_version: 2014-10-16 +description: 'Extra Post Deployment Config' +parameters: + servers: + type: json diff --git a/extraconfig/post_deploy/example.yaml b/extraconfig/post_deploy/example.yaml new file mode 100644 index 00000000..6b816d40 --- /dev/null +++ b/extraconfig/post_deploy/example.yaml @@ -0,0 +1,27 @@ +heat_template_version: 2014-10-16 + +description: > + Example extra config for post-deployment + +# Note extra parameters can be defined, then passed data via the +# environment parameter_defaults, without modifying the parent template +parameters: + servers: + type: json + +resources: + + ExtraConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: | + #!/bin/sh + echo "extra" > /root/extra + + ExtraDeployments: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: ExtraConfig} + actions: ['CREATE'] # Only do this on CREATE diff --git a/firstboot/userdata_dev_rsync.yaml b/firstboot/userdata_dev_rsync.yaml new file mode 100644 index 00000000..7dc7bd4d --- /dev/null +++ b/firstboot/userdata_dev_rsync.yaml @@ -0,0 +1,49 @@ +heat_template_version: 2014-10-16 + +description: > + This is first boot configuration for development purposes. It allows + overriding contents of the deployed images via rsync before + configuration (e.g. Puppet) starts, speeding up the feedback loop + between making a change and seeing it applied. + + To prepare the host, put something like this to /etc/rsyncd.conf: + + [overcloudsync] + path = /root/overcloudsync + comment = overcloud pre-puppet customizations + + Then run `rsync --daemon`. + +parameters: + dev_rsync_host: + type: string + default: 192.168.122.1 + description: Host to sync contents from via rsync + dev_rsync_module: + type: string + default: overcloudsync + description: Name of the module defined in rsyncd.conf on rsync_host + +resources: + userdata: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: rsync_config} + subtype: 'x-shellscript' + + rsync_config: + type: OS::Heat::SoftwareConfig + properties: + config: + str_replace: + template: | + #!/bin/bash + rsync -avr rsync://RSYNC_HOST/RSYNC_MODULE / + params: + RSYNC_HOST: {get_param: dev_rsync_host} + RSYNC_MODULE: {get_param: dev_rsync_module} + +outputs: + OS::stack_id: + value: {get_resource: userdata} diff --git a/net-config-bond.yaml b/net-config-bond.yaml index 3518dbae..d74fc0bc 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -1,8 +1,30 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > Software Config to drive os-net-config with 2 bonded nics on a bridge. +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig @@ -38,7 +60,6 @@ resources: name: nic2 outputs: - config_id: - description: The ID of the OsNetConfigImpl resource. - value: - {get_resource: OsNetConfigImpl} + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml index d1faa5df..c3416e02 100644 --- a/net-config-bridge.yaml +++ b/net-config-bridge.yaml @@ -1,8 +1,30 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > Software Config to drive os-net-config for a simple bridge. +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig @@ -31,7 +53,6 @@ resources: primary: true outputs: - config_id: - description: The ID of the OsNetConfigImpl resource. - value: - {get_resource: OsNetConfigImpl} + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/net-config-noop.yaml b/net-config-noop.yaml index a3b1d1af..3d88dd9c 100644 --- a/net-config-noop.yaml +++ b/net-config-noop.yaml @@ -1,9 +1,31 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > Software Config to no-op for os-net-config. Using this will allow you to use the parameter driven (init-neutron-ovs) configuration instead. +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig @@ -12,7 +34,6 @@ resources: config: outputs: - config_id: - description: The ID of the OsNetConfigImpl resource. - value: - {get_resource: OsNetConfigImpl} + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/README.md b/network/config/bond-with-vlans/README.md new file mode 100644 index 00000000..1679df3c --- /dev/null +++ b/network/config/bond-with-vlans/README.md @@ -0,0 +1,15 @@ +This directory contains Heat templates to help configure +Vlans on a bonded pair of NICs for each Overcloud role. + +Configuration +------------- + +To make use of these templates create a Heat environment that looks +something like this: + + resource\_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: network/config/bond-with-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/bond-with-vlans/ceph-storage.yaml diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml new file mode 100644 index 00000000..90617b30 --- /dev/null +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -0,0 +1,81 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the ceph storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: vlan_mode=trunk trunks=10,20,30,40,50 + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: 30 + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 40 + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml new file mode 100644 index 00000000..95204d35 --- /dev/null +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -0,0 +1,88 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the cinder storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: vlan_mode=trunk trunks=10,20,30,40,50 + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: 20 + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 30 + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 40 + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml new file mode 100644 index 00000000..d7113c8c --- /dev/null +++ b/network/config/bond-with-vlans/compute.yaml @@ -0,0 +1,88 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the compute role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: vlan_mode=trunk trunks=10,20,30,40,50 + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: 20 + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 30 + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 50 + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml new file mode 100644 index 00000000..478581c2 --- /dev/null +++ b/network/config/bond-with-vlans/controller.yaml @@ -0,0 +1,102 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the controller role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: vlan_mode=trunk trunks=10,20,30,40,50 + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: 10 + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 20 + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 30 + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 40 + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 50 + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml new file mode 100644 index 00000000..337fef5b --- /dev/null +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -0,0 +1,88 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with a VLANs attached for the swift storage role. + +parameters: + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: true + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + - + type: ovs_bridge + name: br-bond + members: + - + type: ovs_bond + name: bond1 + ovs_options: vlan_mode=trunk trunks=10,20,30,40,50 + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: 20 + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 30 + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: 40 + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/external.yaml b/network/external.yaml new file mode 100644 index 00000000..e9aa5b32 --- /dev/null +++ b/network/external.yaml @@ -0,0 +1,58 @@ +heat_template_version: 2015-04-30 + +description: > + External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + ExternalNetCidr: + default: '10.0.0.0/24' + description: Cidr for the external network. + type: string + ExternalNetValueSpecs: + default: {'provider:physical_network': 'external', 'provider:network_type': 'flat'} + description: Value specs for the external network. + type: string + ExternalNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + ExternalNetEnableDHCP: + default: false + description: Whether to enable DHCP on the associated subnet. + type: boolean + ExternalNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + ExternalNetName: + default: external + description: The name of the external network. + type: string + ExternalSubnetName: + default: external_subnet + description: The name of the external subnet in Neutron. + type: string + + +resources: + ExternalNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: ExternalNetAdminStateUp} + name: {get_param: ExternalNetName} + shared: {get_param: ExternalNetShared} + value_specs: {get_param: ExternalNetValueSpecs} + + ExternalSubnet: + type: OS::Neutron::Subnet + properties: + cidr: {get_param: ExternalNetCidr} + enable_dhcp: {get_param: ExternalNetEnableDHCP} + name: {get_param: ExternalSubnetName} + network: {get_resource: ExternalNetwork} + +outputs: + OS::stack_id: + description: Neutron external network + value: {get_resource: ExternalNetwork} diff --git a/network/internal_api.yaml b/network/internal_api.yaml new file mode 100644 index 00000000..5abfb117 --- /dev/null +++ b/network/internal_api.yaml @@ -0,0 +1,57 @@ +heat_template_version: 2015-04-30 + +description: > + Internal API network. Used for most APIs, Database, RPC. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + InternalApiNetCidr: + default: '172.16.2.0/24' + description: Cidr for the internal API network. + type: string + InternalApiNetValueSpecs: + default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'} + description: Value specs for the internal API network. + type: string + InternalApiNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + InternalApiNetEnableDHCP: + default: false + description: Whether to enable DHCP on the associated subnet. + type: boolean + InternalApiNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + InternalApiNetName: + default: internal_api + description: The name of the internal API network. + type: string + InternalApiSubnetName: + default: internal_api_subnet + description: The name of the internal API subnet in Neutron. + type: string + +resources: + InternalApiNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: InternalApiNetAdminStateUp} + name: {get_param: InternalApiNetName} + shared: {get_param: InternalApiNetShared} + value_specs: {get_param: InternalApiNetValueSpecs} + + InternalApiSubnet: + type: OS::Neutron::Subnet + properties: + cidr: {get_param: InternalApiNetCidr} + enable_dhcp: {get_param: InternalApiNetEnableDHCP} + name: {get_param: InternalApiSubnetName} + network: {get_resource: InternalApiNetwork} + +outputs: + OS::stack_id: + description: Neutron internal network + value: {get_resource: InternalApiNetwork} diff --git a/network/networks.yaml b/network/networks.yaml new file mode 100644 index 00000000..6618af38 --- /dev/null +++ b/network/networks.yaml @@ -0,0 +1,20 @@ +heat_template_version: 2015-04-30 + +description: Create networks to split out Overcloud traffic + +resources: + + ExternalNetwork: + type: OS::TripleO::Network::External + + InternalNetwork: + type: OS::TripleO::Network::InternalApi + + StorageMgmtNetwork: + type: OS::TripleO::Network::StorageMgmt + + StorageNetwork: + type: OS::TripleO::Network::Storage + + TenantNetwork: + type: OS::TripleO::Network::Tenant diff --git a/network/noop.yaml b/network/noop.yaml new file mode 100644 index 00000000..0963d2ce --- /dev/null +++ b/network/noop.yaml @@ -0,0 +1,3 @@ +heat_template_version: 2015-04-30 + +description: A stack which creates no network(s). diff --git a/network/ports/external.yaml b/network/ports/external.yaml new file mode 100644 index 00000000..db86b329 --- /dev/null +++ b/network/ports/external.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the external network. + +parameters: + ExternalNetName: + description: Name of the external neutron network + default: external + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + ExternalPort: + type: OS::Neutron::Port + properties: + network: {get_param: ExternalNetName} + replacement_policy: AUTO + +outputs: + ip_address: + description: external network IP + value: {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the external network IP + value: + list_join: + - '' + - - {get_attr: [ExternalPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [ExternalPort, subnets, 0, cidr, -2]} + - {get_attr: [ExternalPort, subnets, 0, cidr, -1]} diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml new file mode 100644 index 00000000..59c0e0ad --- /dev/null +++ b/network/ports/internal_api.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the internal_api network. + +parameters: + InternalApiNetName: + description: Name of the internal API neutron network + default: internal_api + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + InternalApiPort: + type: OS::Neutron::Port + properties: + network: {get_param: InternalApiNetName} + replacement_policy: AUTO + +outputs: + ip_address: + description: internal API network IP + value: {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the internal API network IP + value: + list_join: + - '' + - - {get_attr: [InternalApiPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [InternalApiPort, subnets, 0, cidr, -2]} + - {get_attr: [InternalApiPort, subnets, 0, cidr, -1]} diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml new file mode 100644 index 00000000..b7138b25 --- /dev/null +++ b/network/ports/net_ip_map.yaml @@ -0,0 +1,30 @@ +heat_template_version: 2014-10-16 + +parameters: + ExternalIp: + default: '' + type: string + InternalApiIp: + default: '' + type: string + StorageIp: + default: '' + type: string + StorageMgmtIp: + default: '' + type: string + TenantIp: + default: '' + type: string + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + external: {get_param: ExternalIp} + internal_api: {get_param: InternalApiIp} + storage: {get_param: StorageIp} + storage_mgmt: {get_param: StorageMgmtIp} + tenant: {get_param: TenantIp} diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml new file mode 100644 index 00000000..6bbf23c9 --- /dev/null +++ b/network/ports/noop.yaml @@ -0,0 +1,26 @@ +heat_template_version: 2015-04-30 + +description: > + Returns the control plane port (provisioning network) as the ip_address. + +parameters: + ControlPlaneIP: + description: IP address on the control plane + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + +outputs: + ip_address: + description: pass thru network IP + value: {get_param: ControlPlaneIP} + ip_subnet: + description: IP/Subnet CIDR for the pass thru network IP + value: + list_join: + - '' + - - {get_param: ControlPlaneIP} + - '/' + - {get_param: ControlPlaneSubnetCidr} diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml new file mode 100644 index 00000000..27f60a0d --- /dev/null +++ b/network/ports/storage.yaml @@ -0,0 +1,37 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the storage network. + +parameters: + StorageNetName: + description: Name of the storage neutron network + default: storage + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + StoragePort: + type: OS::Neutron::Port + properties: + network: {get_param: StorageNetName} + replacement_policy: AUTO + +outputs: + ip_address: + description: storage network IP + value: {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage network IP + value: + list_join: + - '' + - - {get_attr: [StoragePort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [StoragePort, subnets, 0, cidr, -2]} + - {get_attr: [StoragePort, subnets, 0, cidr, -1]} + diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml new file mode 100644 index 00000000..03cc224e --- /dev/null +++ b/network/ports/storage_mgmt.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the storage_mgmt API network. + +parameters: + StorageMgmtNetName: + description: Name of the storage_mgmt API neutron network + default: storage_mgmt + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + StorageMgmtPort: + type: OS::Neutron::Port + properties: + network: {get_param: StorageMgmtNetName} + replacement_policy: AUTO + +outputs: + ip_address: + description: storage_mgmt network IP + value: {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage_mgmt network IP + value: + list_join: + - '' + - - {get_attr: [StorageMgmtPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -2]} + - {get_attr: [StorageMgmtPort, subnets, 0, cidr, -1]} diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml new file mode 100644 index 00000000..1957c41b --- /dev/null +++ b/network/ports/tenant.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the tenant network. + +parameters: + TenantNetName: + description: Name of the tenant neutron network + default: tenant + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + type: string + +resources: + + TenantPort: + type: OS::Neutron::Port + properties: + network: {get_param: TenantNetName} + replacement_policy: AUTO + +outputs: + ip_address: + description: tenant network IP + value: {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the tenant network IP + value: + list_join: + - '' + - - {get_attr: [TenantPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [TenantPort, subnets, 0, cidr, -2]} + - {get_attr: [TenantPort, subnets, 0, cidr, -1]} diff --git a/network/storage.yaml b/network/storage.yaml new file mode 100644 index 00000000..1f60adf4 --- /dev/null +++ b/network/storage.yaml @@ -0,0 +1,57 @@ +heat_template_version: 2015-04-30 + +description: > + Storage network. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + StorageNetCidr: + default: '172.16.1.0/24' + description: Cidr for the storage network. + type: string + StorageNetValueSpecs: + default: {'provider:physical_network': 'storage', 'provider:network_type': 'flat'} + description: Value specs for the storage network. + type: string + StorageNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + StorageNetEnableDHCP: + default: false + description: Whether to enable DHCP on the associated subnet. + type: boolean + StorageNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + StorageNetName: + default: storage + description: The name of the storage network. + type: string + StorageSubnetName: + default: storage_subnet + description: The name of the storage subnet in Neutron. + type: string + +resources: + StorageNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: StorageNetAdminStateUp} + name: {get_param: StorageNetName} + shared: {get_param: StorageNetShared} + value_specs: {get_param: StorageNetValueSpecs} + + StorageSubnet: + type: OS::Neutron::Subnet + properties: + cidr: {get_param: StorageNetCidr} + enable_dhcp: {get_param: StorageNetEnableDHCP} + name: {get_param: StorageSubnetName} + network: {get_resource: StorageNetwork} + +outputs: + OS::stack_id: + description: Neutron storage network + value: {get_resource: StorageNetwork} diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml new file mode 100644 index 00000000..e97d4364 --- /dev/null +++ b/network/storage_mgmt.yaml @@ -0,0 +1,57 @@ +heat_template_version: 2015-04-30 + +description: > + Storage management network. Storage replication, etc. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + StorageMgmtNetCidr: + default: '172.16.3.0/24' + description: Cidr for the storage management network. + type: string + StorageMgmtNetValueSpecs: + default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'} + description: Value specs for the storage_mgmt network. + type: string + StorageMgmtNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + StorageMgmtNetEnableDHCP: + default: false + description: Whether to enable DHCP on the associated subnet. + type: boolean + StorageMgmtNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + StorageMgmtNetName: + default: storage_mgmt + description: The name of the Storage management network. + type: string + StorageMgmtSubnetName: + default: storage_mgmt_subnet + description: The name of the Storage management subnet in Neutron. + type: string + +resources: + StorageMgmtNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: StorageMgmtNetAdminStateUp} + name: {get_param: StorageMgmtNetName} + shared: {get_param: StorageMgmtNetShared} + value_specs: {get_param: StorageMgmtNetValueSpecs} + + StorageMgmtSubnet: + type: OS::Neutron::Subnet + properties: + cidr: {get_param: StorageMgmtNetCidr} + enable_dhcp: {get_param: StorageMgmtNetEnableDHCP} + name: {get_param: StorageMgmtSubnetName} + network: {get_resource: StorageMgmtNetwork} + +outputs: + OS::stack_id: + description: Neutron storage management network + value: {get_resource: StorageMgmtNetwork} diff --git a/network/tenant.yaml b/network/tenant.yaml new file mode 100644 index 00000000..db7f99f3 --- /dev/null +++ b/network/tenant.yaml @@ -0,0 +1,57 @@ +heat_template_version: 2015-04-30 + +description: > + Tenant network. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + TenantNetCidr: + default: '172.16.0.0/24' + description: Cidr for the tenant network. + type: string + TenantNetValueSpecs: + default: {'provider:physical_network': 'tenant', 'provider:network_type': 'flat'} + description: Value specs for the tenant network. + type: string + TenantNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + TenantNetEnableDHCP: + default: false + description: Whether to enable DHCP on the associated subnet. + type: boolean + TenantNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + TenantNetName: + default: tenant + description: The name of the tenant network. + type: string + TenantSubnetName: + default: tenant_subnet + description: The name of the tenant subnet in Neutron. + type: string + +resources: + TenantNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: TenantNetAdminStateUp} + name: {get_param: TenantNetName} + shared: {get_param: TenantNetShared} + value_specs: {get_param: TenantNetValueSpecs} + + TenantSubnet: + type: OS::Neutron::Subnet + properties: + cidr: {get_param: TenantNetCidr} + enable_dhcp: {get_param: TenantNetEnableDHCP} + name: {get_param: TenantSubnetName} + network: {get_resource: TenantNetwork} + +outputs: + OS::stack_id: + description: Neutron tenant network + value: {get_resource: TenantNetwork} diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 08293465..b4c3b5a2 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -11,6 +11,8 @@ resource_registry: OS::TripleO::CephStorage: puppet/ceph-storage-puppet.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml OS::TripleO::ControllerPostDeployment: puppet/controller-post-puppet.yaml + # set to controller-config-pacemaker.yaml to enable pacemaker + OS::TripleO::ControllerConfig: puppet/controller-config.yaml OS::TripleO::ComputePostDeployment: puppet/compute-post-puppet.yaml OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml @@ -20,6 +22,51 @@ resource_registry: OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml OS::TripleO::NodeUserData: firstboot/userdata_default.yaml + OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml + + # TripleO overcloud networks + OS::TripleO::Network: network/networks.yaml + + OS::TripleO::Network::External: network/noop.yaml + OS::TripleO::Network::InternalApi: network/noop.yaml + OS::TripleO::Network::StorageMgmt: network/noop.yaml + OS::TripleO::Network::Storage: network/noop.yaml + OS::TripleO::Network::Tenant: network/noop.yaml + + OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml parameter_defaults: EnablePackageInstall: false + # Mapping of service_name -> network name. + ServiceNetMap: + NeutronLocalIp: tenant + CeilometerApiNetwork: internal_api + MongoDbNetwork: internal_api + CinderApiNetwork: internal_api + CinderIscsiNetwork: storage diff --git a/overcloud-resource-registry.yaml b/overcloud-resource-registry.yaml index 71043104..df67bf13 100644 --- a/overcloud-resource-registry.yaml +++ b/overcloud-resource-registry.yaml @@ -20,3 +20,41 @@ resource_registry: OS::TripleO::AllNodes::SoftwareConfig: all-nodes-config.yaml OS::TripleO::BootstrapNode::SoftwareConfig: bootstrap-config.yaml OS::TripleO::NodeUserData: firstboot/userdata_default.yaml + OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml + + # TripleO overcloud networks + OS::TripleO::Network: network/networks.yaml + + OS::TripleO::Network::External: network/noop.yaml + OS::TripleO::Network::InternalApi: network/noop.yaml + OS::TripleO::Network::StorageMgmt: network/noop.yaml + OS::TripleO::Network::Storage: network/noop.yaml + OS::TripleO::Network::Tenant: network/noop.yaml + + OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index 1a629b8a..7c2c3a21 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL @@ -15,6 +15,10 @@ parameters: description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true + CeilometerBackend: + default: 'mongodb' + description: The ceilometer backend type. + type: string CeilometerMeteringSecret: default: unset description: Secret shared by the ceilometer services. @@ -327,6 +331,13 @@ parameters: description: The password for the glance service account, used by the glance services. type: string hidden: true + GlanceBackend: + default: swift + description: The short name of the Glance backend to use. Should be one + of swift, rbd or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset description: The password for the Heat service account, used by the Heat services. @@ -534,8 +545,14 @@ resources: properties: length: 16 + HorizonSecret: + type: OS::Heat::RandomString + properties: + length: 10 + Controller: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: ControllerCount} resource_def: @@ -543,6 +560,7 @@ resources: properties: AdminPassword: {get_param: AdminPassword} AdminToken: {get_param: AdminToken} + CeilometerBackend: {get_param: CeilometerBackend} CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} CeilometerPassword: {get_param: CeilometerPassword} CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} @@ -563,11 +581,13 @@ resources: GlancePort: {get_param: GlancePort} GlanceProtocol: {get_param: GlanceProtocol} GlancePassword: {get_param: GlancePassword} + GlanceBackend: {get_param: GlanceBackend} GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy} GlanceLogFile: {get_param: GlanceLogFile} HeatPassword: {get_param: HeatPassword} HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} + HorizonSecret: {get_resource: HorizonSecret} Image: {get_param: controllerImage} ImageUpdatePolicy: {get_param: ImageUpdatePolicy} KeyName: {get_param: KeyName} @@ -621,6 +641,7 @@ resources: Compute: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: ComputeCount} resource_def: @@ -676,6 +697,7 @@ resources: BlockStorage: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: BlockStorageCount} resource_def: @@ -699,6 +721,7 @@ resources: ObjectStorage: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: ObjectStorageCount} resource_def: @@ -716,6 +739,7 @@ resources: CephStorage: type: OS::Heat::ResourceGroup + depends_on: Networks properties: count: {get_param: CephStorageCount} resource_def: @@ -753,8 +777,13 @@ resources: length: 20 salt: {get_param: RabbitCookieSalt} + # creates the network architecture + Networks: + type: OS::TripleO::Network + ControlVirtualIP: type: OS::Neutron::Port + depends_on: Networks properties: name: control_virtual_ip network_id: {get_param: NeutronControlPlaneID} @@ -763,6 +792,7 @@ resources: PublicVirtualIP: type: OS::Neutron::Port + depends_on: Networks properties: name: public_virtual_ip network: {get_param: PublicVirtualNetwork} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 9345e5c5..963835e9 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'All Nodes Config for Puppet' parameters: @@ -42,10 +42,6 @@ resources: - list_join: - "\n" - {get_param: ceph_storage_hosts} - sysctl: - net.ipv4.tcp_keepalive_time: 5 - net.ipv4.tcp_keepalive_probes: 5 - net.ipv4.tcp_keepalive_intvl: 1 hiera: datafiles: all_nodes: @@ -54,10 +50,22 @@ resources: list_join: - ',' - {get_param: controller_ips} - rabbit_node_ips: + controller_node_names: list_join: - ',' - - {get_param: controller_ips} + - {get_param: controller_names} + galera_node_names: + list_join: + - ',' + - {get_param: controller_names} + rabbit_node_ips: &rabbit_nodes_array + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: controller_ips} mongo_node_ips: list_join: - ',' @@ -66,6 +74,17 @@ resources: list_join: - ',' - {get_param: controller_ips} + memcache_node_ips: + list_join: + - ',' + - {get_param: controller_ips} + # NOTE(gfidente): interpolation with %{} in the + # hieradata file can't be used as it returns string + ceilometer::rabbit_hosts: *rabbit_nodes_array + cinder::rabbit_hosts: *rabbit_nodes_array + heat::rabbit_hosts: *rabbit_nodes_array + neutron::rabbit_hosts: *rabbit_nodes_array + nova::rabbit_hosts: *rabbit_nodes_array outputs: config_id: diff --git a/puppet/bootstrap-config.yaml b/puppet/bootstrap-config.yaml index a8eb7585..c88ed408 100644 --- a/puppet/bootstrap-config.yaml +++ b/puppet/bootstrap-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Bootstrap Config Puppet' parameters: diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml index e01bd19d..33b18574 100644 --- a/puppet/ceph-cluster-config.yaml +++ b/puppet/ceph-cluster-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Ceph Cluster config data for Puppet' parameters: @@ -36,7 +36,6 @@ resources: - {get_param: ceph_mon_ips} ceph::profile::params::fsid: {get_param: ceph_fsid} ceph::profile::params::mon_key: {get_param: ceph_mon_key} - ceph::profile::params::osds: "{/srv/data: {}}" # We should use a separated key for the non-admin clients ceph::profile::params::client_keys: str_replace: @@ -57,7 +56,7 @@ resources: secret: 'ADMIN_KEY', mode: '0644', cap_mon: 'allow r', - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms' + cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images' } }" params: diff --git a/puppet/ceph-storage-post-puppet.yaml b/puppet/ceph-storage-post-puppet.yaml index 53ecbe1f..eb62ba1e 100644 --- a/puppet/ceph-storage-post-puppet.yaml +++ b/puppet/ceph-storage-post-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack ceph storage node post deployment for Puppet @@ -22,3 +22,12 @@ resources: properties: servers: {get_param: servers} config: {get_resource: CephStoragePuppetConfig} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + depends_on: CephStorageDeployment_Step1 + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage-puppet.yaml index 660ea30a..00dbca01 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'OpenStack ceph storage node configured by Puppet' parameters: Flavor: @@ -45,13 +45,26 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + StoragePort: + type: OS::TripleO::CephStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::CephStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig + properties: + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: CephStorage} CephStorageDeployment: @@ -94,7 +107,7 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [CephStorage, networks, ctlplane, 0]} HOST: {get_attr: [CephStorage, name]} @@ -102,3 +115,9 @@ outputs: description: Heat resource handle for the ceph storage server value: {get_resource: CephStorage} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index e11493c4..f17a1567 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'OpenStack cinder storage post deployment for Puppet' parameters: diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml index ab7bb8a8..007a489c 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'OpenStack cinder storage configured by Puppet' parameters: Image: @@ -128,13 +128,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::BlockStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::BlockStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: BlockStorage} BlockStorageDeployment: @@ -154,11 +173,6 @@ resources: size: {get_param: CinderLVMLoopDeviceSize} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} - rabbit_hosts: - str_replace: - template: '["host"]' - params: - host: {get_param: VirtualIP} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} @@ -181,6 +195,7 @@ resources: hierarchy: - heat_config_%{::deploy_config_name} - volume + - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - common datafiles: @@ -196,7 +211,6 @@ resources: cinder::setup_test_volume::size: {get_input: cinder_lvm_loop_device_size} cinder_iscsi_helper: {get_input: cinder_iscsi_helper} cinder::database_connection: {get_input: cinder_dsn} - cinder::rabbit_hosts: {get_input: rabbit_hosts} cinder::rabbit_userid: {get_input: rabbit_username} cinder::rabbit_password: {get_input: rabbit_password} cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -211,7 +225,7 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [BlockStorage, networks, ctlplane, 0]} HOST: {get_attr: [BlockStorage, name]} @@ -219,3 +233,12 @@ outputs: description: Heat resource handle for the block storage server value: {get_resource: BlockStorage} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/puppet/compute-post-puppet.yaml b/puppet/compute-post-puppet.yaml index 9b7eb0cf..ca5eb649 100644 --- a/puppet/compute-post-puppet.yaml +++ b/puppet/compute-post-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack compute node post deployment for Puppet. @@ -23,3 +23,12 @@ resources: properties: servers: {get_param: servers} config: {get_resource: ComputePuppetConfig} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + depends_on: ComputePuppetDeployment + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml index a31ea858..28a4e045 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack hypervisor node configured via Puppet. @@ -247,6 +247,11 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json resources: @@ -267,14 +272,40 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::Compute::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Compute::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Compute::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: NovaCompute} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -291,6 +322,7 @@ resources: - compute - ceph_cluster # provided by CephClusterConfig - ceph + - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - common datafiles: @@ -304,7 +336,6 @@ resources: nova::compute::vncserver_proxyclient_address: local-ipv4 mapped_data: nova::debug: {get_input: debug} - nova::rabbit_hosts: {get_input: rabbit_hosts} nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -316,7 +347,6 @@ resources: nova_enable_rbd_backend: {get_input: nova_enable_rbd_backend} nova_password: {get_input: nova_password} ceilometer::debug: {get_input: debug} - ceilometer::rabbit_hosts: {get_input: rabbit_hosts} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -329,14 +359,14 @@ resources: snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} nova::glance_api_servers: {get_input: glance_api_servers} neutron::debug: {get_input: debug} - neutron::rabbit_hosts: {get_input: rabbit_hosts} neutron::rabbit_password: {get_input: rabbit_password} neutron::rabbit_user: {get_input: rabbit_user} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} neutron::rabbit_port: {get_input: rabbit_client_port} neutron_flat_networks: {get_input: neutron_flat_networks} neutron_host: {get_input: neutron_host} - neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} + neutron::agents::ml2::ovs::local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]} + neutron_tenant_network_type: {get_input: neutron_tenant_network_type} neutron_tunnel_types: {get_input: neutron_tunnel_types} neutron::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} @@ -418,11 +448,6 @@ resources: - {get_param: NeutronHost} - ':35357/v2.0' admin_password: {get_param: AdminPassword} - rabbit_hosts: - str_replace: - template: '["host"]' - params: - host: {get_param: RabbitHost} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} @@ -438,6 +463,15 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [NovaCompute, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} @@ -446,7 +480,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [NovaCompute, networks, ctlplane, 0]} HOST: {get_attr: [NovaCompute, name]} diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml new file mode 100644 index 00000000..38161cd7 --- /dev/null +++ b/puppet/controller-config-pacemaker.yaml @@ -0,0 +1,23 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_controller_pacemaker.pp + +resources: + + ControllerPuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_hiera: True + enable_facter: False + outputs: + - name: result + config: + get_file: manifests/overcloud_controller_pacemaker.pp + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller_pacemaker.pp + value: {get_resource: ControllerPuppetConfigImpl} diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml new file mode 100644 index 00000000..4135ffac --- /dev/null +++ b/puppet/controller-config.yaml @@ -0,0 +1,23 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_controller.pp + +resources: + + ControllerPuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_hiera: True + enable_facter: False + outputs: + - name: result + config: + get_file: manifests/overcloud_controller.pp + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: ControllerPuppetConfigImpl} diff --git a/puppet/controller-post-puppet.yaml b/puppet/controller-post-puppet.yaml index 009a10ae..373daba2 100644 --- a/puppet/controller-post-puppet.yaml +++ b/puppet/controller-post-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack controller node post deployment for Puppet. @@ -10,21 +10,13 @@ parameters: resources: ControllerPuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_hiera: True - enable_facter: False - outputs: - - name: result - config: - get_file: manifests/overcloud_controller.pp + type: OS::TripleO::ControllerConfig # Step through a series of Puppet runs using the same manifest. - # NOTE(dprince): Heat breakpoints would make for a really cool way to step - # through breakpoints in a controlled manner across the entire cluster - ControllerDeploymentLoadBalancer_Step1: + # NOTE: To enable stepping through the deployments via heat hooks, + # you must observe the glob naming defined in overcloud-steps.yaml + # e.g all Deployment resources should have a *Deployment_StepN suffix + ControllerLoadBalancerDeployment_Step1: type: OS::Heat::StructuredDeployments properties: servers: {get_param: servers} @@ -33,9 +25,9 @@ resources: step: 1 actions: ['CREATE'] # no need for two passes on an UPDATE - ControllerDeploymentServicesBase_Step2: + ControllerServicesBaseDeployment_Step2: type: OS::Heat::StructuredDeployments - depends_on: ControllerDeploymentLoadBalancer_Step1 + depends_on: ControllerLoadBalancerDeployment_Step1 properties: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} @@ -58,12 +50,12 @@ resources: ControllerRingbuilderDeployment_Step3: type: OS::Heat::StructuredDeployments - depends_on: ControllerDeploymentServicesBase_Step2 + depends_on: ControllerServicesBaseDeployment_Step2 properties: servers: {get_param: servers} config: {get_resource: ControllerRingbuilderPuppetConfig} - ControllerDeploymentOvercloudServices_Step4: + ControllerOvercloudServicesDeployment_Step4: type: OS::Heat::StructuredDeployments depends_on: ControllerRingbuilderDeployment_Step3 properties: @@ -71,3 +63,20 @@ resources: config: {get_resource: ControllerPuppetConfig} input_values: step: 3 + + ControllerOvercloudServicesDeployment_Step5: + type: OS::Heat::StructuredDeployments + depends_on: ControllerOvercloudServicesDeployment_Step4 + properties: + servers: {get_param: servers} + config: {get_resource: ControllerPuppetConfig} + input_values: + step: 4 + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + depends_on: ControllerOvercloudServicesDeployment_Step5 + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index 3014df9b..bbd3ec20 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack controller node configured by Puppet. @@ -14,6 +14,10 @@ parameters: description: The keystone auth secret and db password. type: string hidden: true + CeilometerBackend: + default: 'mongodb' + description: The ceilometer backend type. + type: string CeilometerMeteringSecret: default: unset description: Secret shared by the ceilometer services. @@ -144,6 +148,13 @@ parameters: default: http description: Protocol to use when connecting to glance, set to https for SSL. type: string + GlanceBackend: + default: swift + description: The short name of the Glance backend to use. Should be one + of swift, rbd, or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset description: The password for the Heat service and db account, used by the Heat services. @@ -157,6 +168,9 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + HorizonSecret: + description: Secret key for Django + type: string Image: type: string default: overcloud-control @@ -412,6 +426,11 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json resources: @@ -430,14 +449,54 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::Controller::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + InternalApiPort: + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Controller::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + ExternalIp: {get_attr: [ExternalPort, ip_address]} + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig + properties: + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: Controller} input_values: bridge_name: br-ex @@ -473,6 +532,7 @@ resources: - {get_param: VirtualIP} - ':8000/v1/waitcondition' heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} + horizon_secret: {get_param: HorizonSecret} admin_password: {get_param: AdminPassword} admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} @@ -493,6 +553,7 @@ resources: glance_port: {get_param: GlancePort} glance_protocol: {get_param: GlanceProtocol} glance_password: {get_param: GlancePassword} + glance_backend: {get_param: GlanceBackend} glance_swift_store_auth_address: {list_join: ['', ['http://', {get_param: VirtualIP} , ':5000/v2.0']]} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} glance_log_file: {get_param: GlanceLogFile} @@ -540,7 +601,6 @@ resources: - {get_param: VirtualIP} - ':5000/v2.0/' enable_galera: {get_param: EnableGalera} - enable_pacemaker: {get_param: EnablePacemaker} enable_ceph_storage: {get_param: EnableCephStorage} enable_swift_storage: {get_param: EnableSwiftStorage} mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} @@ -587,8 +647,15 @@ resources: - - 'http://' - {get_param: VirtualIP} - ':35357/v2.0' + ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} + ceilometer_dsn: + list_join: + - '' + - - 'mysql://ceilometer:unset@' + - {get_param: VirtualIP} + - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} nova_password: {get_param: NovaPassword} @@ -601,11 +668,6 @@ resources: - {get_param: VirtualIP} - '/nova' pcsd_password: {get_param: PcsdPassword} - rabbit_hosts: - str_replace: - template: '["host"]' - params: - host: {get_param: VirtualIP} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} rabbit_cookie: {get_param: RabbitCookie} @@ -659,7 +721,6 @@ resources: controller_host: {get_input: controller_host} #local-ipv4 # Pacemaker - enable_pacemaker: {get_input: enable_pacemaker} hacluster_pwd: {get_input: pcsd_password} # Swift @@ -682,13 +743,12 @@ resources: cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size} cinder_iscsi_helper: {get_input: cinder_iscsi_helper} - cinder_iscsi_ip_address: {get_input: controller_host} + cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} cinder::database_connection: {get_input: cinder_dsn} cinder::api::keystone_password: {get_input: cinder_password} cinder::api::auth_uri: {get_input: keystone_auth_uri} cinder::api::identity_uri: {get_input: keystone_identity_uri} - cinder::api::bind_host: {get_input: controller_host} - cinder::rabbit_hosts: {get_input: rabbit_hosts} + cinder::api::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} cinder::rabbit_userid: {get_input: rabbit_username} cinder::rabbit_password: {get_input: rabbit_password} cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -720,6 +780,7 @@ resources: glance::backend::swift::swift_store_auth_address: {get_input: glance_swift_store_auth_address} glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} + glance_backend: {get_input: glance_backend} # Heat heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} @@ -727,7 +788,6 @@ resources: heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url} heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url} heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} - heat::rabbit_hosts: {get_input: rabbit_hosts} heat::rabbit_userid: {get_input: rabbit_username} heat::rabbit_password: {get_input: rabbit_password} heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -754,7 +814,7 @@ resources: keystone::admin_bind_host: {get_input: controller_host} keystone::debug: {get_input: debug} # MongoDB - mongodb::server::bind_ip: {get_input: controller_host} + mongodb::server::bind_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} # MySQL admin_password: {get_input: admin_password} enable_galera: {get_input: enable_galera} @@ -766,7 +826,6 @@ resources: # Neutron neutron::bind_host: {get_input: controller_host} - neutron::rabbit_hosts: {get_input: rabbit_hosts} neutron::rabbit_password: {get_input: rabbit_password} neutron::rabbit_user: {get_input: rabbit_user} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -776,7 +835,7 @@ resources: neutron::server::identity_uri: {get_input: keystone_identity_uri} neutron::server::database_connection: {get_input: neutron_dsn} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} - neutron::agents::ml2::ovs::local_ip: {get_input: controller_host} + neutron::agents::ml2::ovs::local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]} neutron_flat_networks: {get_input: neutron_flat_networks} neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret} neutron::agents::metadata::metadata_ip: {get_input: controller_virtual_ip} @@ -799,14 +858,15 @@ resources: neutron_dsn: {get_input: neutron_dsn} # Ceilometer + ceilometer_backend: {get_input: ceilometer_backend} + ceilometer_mysql_conn_string: {get_input: ceilometer_dsn} ceilometer::metering_secret: {get_input: ceilometer_metering_secret} - ceilometer::rabbit_hosts: {get_input: rabbit_hosts} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} ceilometer::rabbit_port: {get_input: rabbit_client_port} ceilometer::debug: {get_input: debug} - ceilometer::api::host: {get_input: controller_host} + ceilometer::api::host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} ceilometer::api::keystone_password: {get_input: ceilometer_password} ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri} @@ -815,7 +875,6 @@ resources: snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} # Nova - nova::rabbit_hosts: {get_input: rabbit_hosts} nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -832,6 +891,12 @@ resources: nova::network::neutron::neutron_url: {get_input: neutron_url} nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} + # Horizon + horizon::django_debug: {get_input: debug} + horizon::secret_key: {get_input: horizon_secret} + horizon::bind_address: {get_input: controller_host} + horizon::keystone_url: {get_input: keystone_auth_uri} + # Rabbit rabbitmq::node_ip_address: {get_input: controller_host} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} @@ -855,6 +920,21 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [Controller, networks, ctlplane, 0]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} @@ -870,7 +950,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: IP HOST HOST.novalocal CLOUDNAME + template: IP HOST CLOUDNAME params: IP: {get_attr: [Controller, networks, ctlplane, 0]} HOST: {get_attr: [Controller, name]} diff --git a/puppet/hieradata/ceph.yaml b/puppet/hieradata/ceph.yaml index e43b0da5..280457df 100644 --- a/puppet/hieradata/ceph.yaml +++ b/puppet/hieradata/ceph.yaml @@ -3,9 +3,11 @@ ceph::profile::params::osd_pool_default_pg_num: 128 ceph::profile::params::osd_pool_default_pgp_num: 128 ceph::profile::params::osd_pool_default_size: 3 ceph::profile::params::osd_pool_default_min_size: 1 +ceph::profile::params::osds: {/srv/data: {}} ceph::profile::params::manage_repo: false ceph::profile::params::authentication_type: cephx ceph_pools: - volumes - vms + - images diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 14ba97e2..c15d43ea 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -11,4 +11,12 @@ nova::network::neutron::neutron_admin_tenant_name: 'service' nova::network::neutron::neutron_admin_username: 'neutron' nova::network::neutron::vif_plugging_is_fatal: false nova::network::neutron::vif_plugging_timeout: 30 +nova::network::neutron::dhcp_domain: '' +sysctl_settings: + net.ipv4.tcp_keepalive_intvl: + value: 1 + net.ipv4.tcp_keepalive_probes: + value: 5 + net.ipv4.tcp_keepalive_time: + value: 5
\ No newline at end of file diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 5cf9f350..4f46c7fb 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -5,11 +5,21 @@ nova::consoleauth::enabled: true nova::vncproxy::enabled: true nova::scheduler::enabled: true +# rabbitmq rabbitmq::delete_guest_user: false rabbitmq::wipe_db_on_cookie_change: true rabbitmq::port: '5672' rabbitmq::package_source: undef rabbitmq::repos_ensure: false +rabbitmq_environment: + RABBITMQ_NODENAME: "rabbit@%{::hostname}" + RABBITMQ_SERVER_ERL_ARGS: '"+K true +A30 +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"' +rabbitmq_kernel_variables: + inet_dist_listen_min: '35672' + inet_dist_listen_max: '35672' +rabbitmq_config_variables: + tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' + cluster_partition_handling: 'pause_minority' mongodb::server::replset: tripleo @@ -48,12 +58,9 @@ swift::proxy::account_autocreate: true # glance glance::api::pipeline: 'keystone' -glance::api::known_stores: - - glance.store.filesystem.Store - - glance.store.swift.Store glance::registry::pipeline: 'keystone' -glance::registry::manage_service: true glance::backend::swift::swift_store_create_container_on_put: true +glance::backend::rbd::rbd_store_user: 'openstack' # neutron neutron::core_plugin: 'ml2' @@ -81,8 +88,15 @@ heat::engine::trusts_delegated_roles: [] pacemaker::corosync::cluster_name: 'tripleo_cluster' pacemaker::corosync::manage_fw: false +# horizon +horizon::allowed_hosts: '*' + mysql::server::manage_config_file: true + +tripleo::loadbalancer::galera_master_ip: "%{hiera('bootstrap_nodeid_ip')}" +tripleo::loadbalancer::galera_master_hostname: "%{hiera('bootstrap_nodeid')}" + tripleo::loadbalancer::keystone_admin: true tripleo::loadbalancer::keystone_public: true tripleo::loadbalancer::neutron: true @@ -94,7 +108,6 @@ tripleo::loadbalancer::nova_osapi: true tripleo::loadbalancer::nova_metadata: true tripleo::loadbalancer::nova_novncproxy: true tripleo::loadbalancer::mysql: true -tripleo::loadbalancer::rabbitmq: true tripleo::loadbalancer::redis: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index ce2ab3af..b645f9fe 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -24,6 +24,8 @@ if !str2bool(hiera('enable_package_install', 'false')) { } } +create_resources(sysctl::value, hiera('sysctl_settings'), {}) + if count(hiera('ntp::servers')) > 0 { include ::ntp } diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index ffa55cdb..caca89a8 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -24,6 +24,8 @@ if !str2bool(hiera('enable_package_install', 'false')) { } } +create_resources(sysctl::value, hiera('sysctl_settings'), {}) + if count(hiera('ntp::servers')) > 0 { include ::ntp } diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 7e7f2fb2..27272643 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -24,51 +24,15 @@ if !str2bool(hiera('enable_package_install', 'false')) { } } -$enable_pacemaker = str2bool(hiera('enable_pacemaker')) -$enable_keepalived = !$enable_pacemaker -if $::hostname == downcase(hiera('bootstrap_nodeid')) { - $pacemaker_master = true -} else { - $pacemaker_master = false -} - if hiera('step') >= 1 { + create_resources(sysctl::value, hiera('sysctl_settings'), {}) + $controller_node_ips = split(hiera('controller_node_ips'), ',') class { '::tripleo::loadbalancer' : controller_hosts => $controller_node_ips, - manage_vip => $enable_keepalived, - } - - if $enable_pacemaker { - $pacemaker_cluster_members = regsubst(hiera('controller_node_ips'), ',', ' ', 'G') - user { 'hacluster': - ensure => present, - } -> - class { '::pacemaker': - hacluster_pwd => hiera('hacluster_pwd'), - } -> - class { '::pacemaker::corosync': - cluster_members => $pacemaker_cluster_members, - setup_cluster => $pacemaker_master, - } - class { '::pacemaker::stonith': - disable => true, - } - if $pacemaker_master { - $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip') - pacemaker::resource::ip { 'control_vip': - ip_address => $control_vip, - } - $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip') - pacemaker::resource::ip { 'public_vip': - ip_address => $public_vip, - } - pacemaker::resource::systemd { 'haproxy': - clone => true, - } - } + manage_vip => true, } } @@ -80,17 +44,20 @@ if hiera('step') >= 2 { } # MongoDB - include ::mongodb::globals - include ::mongodb::server - $mongo_node_ips = split(hiera('mongo_node_ips'), ',') - $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') - $mongo_node_string = join($mongo_node_ips_with_port, ',') - - $mongodb_replset = hiera('mongodb::server::replset') - $ceilometer_mongodb_conn_string = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}" - if downcase(hiera('bootstrap_nodeid')) == $::hostname { - mongodb_replset { $mongodb_replset : - members => $mongo_node_ips_with_port, + if downcase(hiera('ceilometer_backend')) == 'mongodb' { + include ::mongodb::globals + + include ::mongodb::server + $mongo_node_ips = split(hiera('mongo_node_ips'), ',') + $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') + $mongo_node_string = join($mongo_node_ips_with_port, ',') + + $mongodb_replset = hiera('mongodb::server::replset') + $ceilometer_mongodb_conn_string = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}" + if downcase(hiera('bootstrap_nodeid')) == $::hostname { + mongodb_replset { $mongodb_replset : + members => $mongo_node_ips_with_port, + } } } @@ -125,8 +92,10 @@ if hiera('step') >= 2 { config_file => $mysql_config_file, override_options => { 'mysqld' => { - 'bind-address' => hiera('controller_host') - } + 'bind-address' => hiera('controller_host'), + 'max_connections' => '1024', + 'open_files_limit' => '-1', + }, } } @@ -182,47 +151,35 @@ if hiera('step') >= 2 { dbname => $heat_dsn[6], allowed_hosts => $allowed_hosts, } + if downcase(hiera('ceilometer_backend')) == 'mysql' { + $ceilometer_dsn = split(hiera('ceilometer_mysql_conn_string'), '[@:/?]') + class { 'ceilometer::db::mysql': + user => $ceilometer_dsn[3], + password => $ceilometer_dsn[4], + host => $ceilometer_dsn[5], + dbname => $ceilometer_dsn[6], + allowed_hosts => $allowed_hosts, + } + } - if $enable_pacemaker { - # the module ignores erlang_cookie if cluster_config is false - file { '/var/lib/rabbitmq/.erlang.cookie': - ensure => 'present', - owner => 'rabbitmq', - group => 'rabbitmq', - mode => '0400', - content => hiera('rabbitmq::erlang_cookie'), - replace => true, - } -> + $rabbit_nodes = hiera('rabbit_node_ips') + if count($rabbit_nodes) > 1 { class { '::rabbitmq': - service_manage => false, - environment_variables => { - 'RABBITMQ_NODENAME' => "rabbit@$::hostname", - }, + config_cluster => true, + cluster_nodes => $rabbit_nodes, + tcp_keepalive => false, + config_kernel_variables => hiera('rabbitmq_kernel_variables'), + config_variables => hiera('rabbitmq_config_variables'), + environment_variables => hiera('rabbitmq_environment'), } - if $pacemaker_master { - pacemaker::resource::ocf { 'rabbitmq': - resource_name => 'heartbeat:rabbitmq-cluster', - options => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'', - clone => true, - require => Class['::rabbitmq'], - } + rabbitmq_policy { 'ha-all@/': + pattern => '^(?!amq\.).*', + definition => { + 'ha-mode' => 'all', + }, } } else { - $rabbit_nodes = split(hiera('rabbit_node_ips'), ',') - if count($rabbit_nodes) > 1 { - class { '::rabbitmq': - config_cluster => true, - cluster_nodes => $rabbit_nodes, - } - rabbitmq_policy { 'ha-all@/': - pattern => '^(?!amq\.).*', - definition => { - 'ha-mode' => 'all', - }, - } - } else { - include ::rabbitmq - } + include ::rabbitmq } # pre-install swift here so we can build rings @@ -281,11 +238,21 @@ if hiera('step') >= 3 { require => File['/etc/keystone/ssl/certs'], } + $glance_backend = downcase(hiera('glance_backend', 'swift')) + case $glance_backend { + swift: { $glance_store = 'glance.store.swift.Store' } + file: { $glance_store = 'glance.store.filesystem.Store' } + rbd: { $glance_store = 'glance.store.rbd.Store' } + default: { fail('Unrecognized glance_backend parameter.') } + } + # TODO: notifications, scrubber, etc. include ::glance - include ::glance::api + class { 'glance::api': + known_stores => [$glance_store] + } include ::glance::registry - include ::glance::backend::swift + include join(['::glance::backend::', $glance_backend]) class { 'nova': glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), @@ -417,6 +384,15 @@ if hiera('step') >= 3 { } # Ceilometer + $ceilometer_backend = downcase(hiera('ceilometer_backend')) + case $ceilometer_backend { + /mysql/ : { + $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string') + } + default : { + $ceilometer_database_connection = $ceilometer_mongodb_conn_string + } + } include ::ceilometer include ::ceilometer::api include ::ceilometer::agent::notification @@ -426,7 +402,7 @@ if hiera('step') >= 3 { include ::ceilometer::expirer include ::ceilometer::collector class { '::ceilometer::db' : - database_connection => $ceilometer_mongodb_conn_string, + database_connection => $ceilometer_database_connection, } class { 'ceilometer::agent::auth': auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']), @@ -441,6 +417,13 @@ if hiera('step') >= 3 { include ::heat::api_cloudwatch include ::heat::engine + # Horizon + $vhost_params = { add_listen => false } + class { 'horizon': + cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','), + vhost_extra_params => $vhost_params, + } + $snmpd_user = hiera('snmpd_readonly_user_name') snmp::snmpv3_user { $snmpd_user: authtype => 'MD5', diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp new file mode 100644 index 00000000..a7aa40cb --- /dev/null +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -0,0 +1,768 @@ +# Copyright 2015 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +Pcmk_resource <| |> { + tries => 10, + try_sleep => 3, +} + +if !str2bool(hiera('enable_package_install', 'false')) { + case $::osfamily { + 'RedHat': { + Package { provider => 'norpm' } # provided by tripleo-puppet + } + default: { + warning('enable_package_install option not supported.') + } + } +} + +if $::hostname == downcase(hiera('bootstrap_nodeid')) { + $pacemaker_master = true + $sync_db = true +} else { + $pacemaker_master = false + $sync_db = false +} + +# When to start and enable services which haven't been Pacemakerized +# FIXME: remove when we start all OpenStack services using Pacemaker +# (occurences of this variable will be gradually replaced with false) +$non_pcmk_start = hiera('step') >= 4 + +if hiera('step') >= 1 { + + create_resources(sysctl::value, hiera('sysctl_settings'), {}) + + if count(hiera('ntp::servers')) > 0 { + include ::ntp + } + + $controller_node_ips = split(hiera('controller_node_ips'), ',') + $controller_node_names = split(downcase(hiera('controller_node_names')), ',') + class { '::tripleo::loadbalancer' : + controller_hosts => $controller_node_ips, + controller_hosts_names => $controller_node_names, + manage_vip => false, + haproxy_service_manage => false, + } + + $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G')) + user { 'hacluster': + ensure => present, + } -> + class { '::pacemaker': + hacluster_pwd => hiera('hacluster_pwd'), + } -> + class { '::pacemaker::corosync': + cluster_members => $pacemaker_cluster_members, + setup_cluster => $pacemaker_master, + } + class { '::pacemaker::stonith': + disable => true, + } + + # Only configure RabbitMQ in this step, don't start it yet to + # avoid races where non-master nodes attempt to start without + # config (eg. binding on 0.0.0.0) + # The module ignores erlang_cookie if cluster_config is false + class { '::rabbitmq': + service_manage => false, + tcp_keepalive => false, + config_kernel_variables => hiera('rabbitmq_kernel_variables'), + config_variables => hiera('rabbitmq_config_variables'), + environment_variables => hiera('rabbitmq_environment'), + } -> + file { '/var/lib/rabbitmq/.erlang.cookie': + ensure => 'present', + owner => 'rabbitmq', + group => 'rabbitmq', + mode => '0400', + content => hiera('rabbitmq::erlang_cookie'), + replace => true, + } + + if downcase(hiera('ceilometer_backend')) == 'mongodb' { + include ::mongodb::globals + # FIXME: replace with service_manage => false on ::mongodb::server + # when this is merged: https://github.com/puppetlabs/pupp etlabs-mongodb/pull/198 + class { '::mongodb::server' : + service_ensure => undef, + service_enable => false, + } + } + + # Galera + if str2bool(hiera('enable_galera', 'true')) { + $mysql_config_file = '/etc/my.cnf.d/galera.cnf' + } else { + $mysql_config_file = '/etc/my.cnf.d/server.cnf' + } + $galera_nodes = downcase(hiera('galera_node_names', $::hostname)) + $galera_nodes_count = count(split($galera_nodes, ',')) + + $mysqld_options = { + 'mysqld' => { + 'skip-name-resolve' => '1', + 'binlog_format' => 'ROW', + 'default-storage-engine' => 'innodb', + 'innodb_autoinc_lock_mode' => '2', + 'innodb_locks_unsafe_for_binlog'=> '1', + 'query_cache_size' => '0', + 'query_cache_type' => '0', + 'bind-address' => hiera('controller_host'), + 'max_connections' => '1024', + 'open_files_limit' => '-1', + 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so', + 'wsrep_cluster_name' => 'galera_cluster', + 'wsrep_slave_threads' => '1', + 'wsrep_certify_nonPK' => '1', + 'wsrep_max_ws_rows' => '131072', + 'wsrep_max_ws_size' => '1073741824', + 'wsrep_debug' => '0', + 'wsrep_convert_LOCK_to_trx' => '0', + 'wsrep_retry_autocommit' => '1', + 'wsrep_auto_increment_control' => '1', + 'wsrep_drupal_282555_workaround'=> '0', + 'wsrep_causal_reads' => '0', + 'wsrep_notify_cmd' => '', + 'wsrep_sst_method' => 'rsync', + } + } + + class { '::mysql::server': + create_root_user => false, + create_root_my_cnf => false, + config_file => $mysql_config_file, + override_options => $mysqld_options, + service_manage => false, + } + +} + +if hiera('step') >= 2 { + + if $pacemaker_master { + $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip') + pacemaker::resource::ip { 'control_vip': + ip_address => $control_vip, + } + $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip') + pacemaker::resource::ip { 'public_vip': + ip_address => $public_vip, + } + pacemaker::resource::service { 'haproxy': + clone_params => true, + } + + pacemaker::resource::ocf { 'rabbitmq': + ocf_agent_name => 'heartbeat:rabbitmq-cluster', + resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'', + clone_params => 'ordered=true interleave=true', + require => Class['::rabbitmq'], + } + + if downcase(hiera('ceilometer_backend')) == 'mongodb' { + pacemaker::resource::service { $::mongodb::params::service_name : + op_params => 'start timeout=120s', + clone_params => true, + require => Class['::mongodb::server'], + before => Exec['mongodb-ready'], + } + # NOTE (spredzy) : The replset can only be run + # once all the nodes have joined the cluster. + $mongo_node_ips = split(hiera('mongo_node_ips'), ',') + $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') + $mongo_node_string = join($mongo_node_ips_with_port, ',') + $mongodb_replset = hiera('mongodb::server::replset') + $mongodb_cluster_ready_command = join(suffix(prefix($mongo_node_ips, '/bin/nc -w1 '), ' 27017 < /dev/null'), ' && ') + exec { 'mongodb-ready' : + command => $mongodb_cluster_ready_command, + timeout => 30, + tries => 180, + try_sleep => 10, + } + mongodb_replset { $mongodb_replset : + members => $mongo_node_ips_with_port, + require => Exec['mongodb-ready'], + } + } + + pacemaker::resource::ocf { 'galera' : + ocf_agent_name => 'heartbeat:galera', + op_params => 'promote timeout=300s on-fail=block --master', + meta_params => "master-max=${galera_nodes_count} ordered=true", + resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'", + require => Class['::mysql::server'], + before => Exec['galera-ready'], + } + } + + # Redis + $redis_node_ips = split(hiera('redis_node_ips'), ',') + $redis_master_hostname = downcase(hiera('bootstrap_nodeid')) + + if $redis_master_hostname == $::hostname { + $slaveof = undef + } else { + $slaveof = "${redis_master_hostname} 6379" + } + class {'::redis' : + slaveof => $slaveof, + } + + if count($redis_node_ips) > 1 { + Class['::tripleo::redis_notification'] -> Service['redis-sentinel'] + include ::redis::sentinel + class {'::tripleo::redis_notification' : + haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'), + } + } + + exec { 'galera-ready' : + command => '/usr/bin/clustercheck >/dev/null', + timeout => 30, + tries => 180, + try_sleep => 10, + environment => ["AVAILABLE_WHEN_READONLY=0"], + require => File['/etc/sysconfig/clustercheck'], + } + + file { '/etc/sysconfig/clustercheck' : + ensure => file, + content => "MYSQL_USERNAME=root\n +MYSQL_PASSWORD=''\n +MYSQL_HOST=localhost\n", + } + + xinetd::service { 'galera-monitor' : + port => '9200', + server => '/usr/bin/clustercheck', + per_source => 'UNLIMITED', + log_on_success => '', + log_on_failure => 'HOST', + flags => 'REUSE', + service_type => 'UNLISTED', + user => 'root', + group => 'root', + require => File['/etc/sysconfig/clustercheck'], + } + + # Create all the database schemas + # Example DSN format: mysql://user:password@host/dbname + if $sync_db { + $allowed_hosts = ['%',hiera('controller_host')] + $keystone_dsn = split(hiera('keystone::database_connection'), '[@:/?]') + class { 'keystone::db::mysql': + user => $keystone_dsn[3], + password => $keystone_dsn[4], + host => $keystone_dsn[5], + dbname => $keystone_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + $glance_dsn = split(hiera('glance::api::database_connection'), '[@:/?]') + class { 'glance::db::mysql': + user => $glance_dsn[3], + password => $glance_dsn[4], + host => $glance_dsn[5], + dbname => $glance_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + $nova_dsn = split(hiera('nova::database_connection'), '[@:/?]') + class { 'nova::db::mysql': + user => $nova_dsn[3], + password => $nova_dsn[4], + host => $nova_dsn[5], + dbname => $nova_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + $neutron_dsn = split(hiera('neutron::server::database_connection'), '[@:/?]') + class { 'neutron::db::mysql': + user => $neutron_dsn[3], + password => $neutron_dsn[4], + host => $neutron_dsn[5], + dbname => $neutron_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + $cinder_dsn = split(hiera('cinder::database_connection'), '[@:/?]') + class { 'cinder::db::mysql': + user => $cinder_dsn[3], + password => $cinder_dsn[4], + host => $cinder_dsn[5], + dbname => $cinder_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + $heat_dsn = split(hiera('heat::database_connection'), '[@:/?]') + class { 'heat::db::mysql': + user => $heat_dsn[3], + password => $heat_dsn[4], + host => $heat_dsn[5], + dbname => $heat_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + if downcase(hiera('ceilometer_backend')) == 'mysql' { + $ceilometer_dsn = split(hiera('ceilometer_mysql_conn_string'), '[@:/?]') + class { 'ceilometer::db::mysql': + user => $ceilometer_dsn[3], + password => $ceilometer_dsn[4], + host => $ceilometer_dsn[5], + dbname => $ceilometer_dsn[6], + allowed_hosts => $allowed_hosts, + require => Exec['galera-ready'], + } + } + } + + # pre-install swift here so we can build rings + include ::swift + + # Ceph + $cinder_enable_rbd_backend = hiera('cinder_enable_rbd_backend', false) + $enable_ceph = $cinder_enable_rbd_backend + + if $enable_ceph { + class { 'ceph::profile::params': + mon_initial_members => downcase(hiera('ceph_mon_initial_members')) + } + include ::ceph::profile::mon + } + + if str2bool(hiera('enable_ceph_storage', 'false')) { + include ::ceph::profile::client + include ::ceph::profile::osd + } + + # Memcached + include ::memcached + +} #END STEP 2 + +if hiera('step') >= 3 { + + class { '::keystone': + sync_db => $sync_db, + manage_service => false, + enabled => false, + } + + #TODO: need a cleanup-keystone-tokens.sh solution here + keystone_config { + 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2'; + } + file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: + ensure => 'directory', + owner => 'keystone', + group => 'keystone', + require => Package['keystone'], + } + file { '/etc/keystone/ssl/certs/signing_cert.pem': + content => hiera('keystone_signing_certificate'), + owner => 'keystone', + group => 'keystone', + notify => Service['keystone'], + require => File['/etc/keystone/ssl/certs'], + } + file { '/etc/keystone/ssl/private/signing_key.pem': + content => hiera('keystone_signing_key'), + owner => 'keystone', + group => 'keystone', + notify => Service['keystone'], + require => File['/etc/keystone/ssl/private'], + } + file { '/etc/keystone/ssl/certs/ca.pem': + content => hiera('keystone_ca_certificate'), + owner => 'keystone', + group => 'keystone', + notify => Service['keystone'], + require => File['/etc/keystone/ssl/certs'], + } + + $glance_backend = downcase(hiera('glance_backend', 'swift')) + case $glance_backend { + swift: { $glance_store = 'glance.store.swift.Store' } + file: { $glance_store = 'glance.store.filesystem.Store' } + rbd: { $glance_store = 'glance.store.rbd.Store' } + default: { fail('Unrecognized glance_backend parameter.') } + } + + # TODO: notifications, scrubber, etc. + include ::glance + class { 'glance::api': + known_stores => [$glance_store], + manage_service => false, + enabled => false, + } + class { '::glance::registry' : + sync_db => $sync_db, + manage_service => false, + enabled => false, + } + include join(['::glance::backend::', $glance_backend]) + + class { 'nova': + glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), + } + + class { '::nova::api' : + sync_db => $sync_db, + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::nova::cert' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::nova::conductor' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::nova::consoleauth' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::nova::vncproxy' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::nova::scheduler' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + include ::nova::network::neutron + + include ::neutron + class { '::neutron::server' : + sync_db => $sync_db, + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::neutron::agents::dhcp' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::neutron::agents::l3' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + + file { '/etc/neutron/dnsmasq-neutron.conf': + content => hiera('neutron_dnsmasq_options'), + owner => 'neutron', + group => 'neutron', + notify => Service['neutron-dhcp-service'], + require => Package['neutron'], + } + + class { 'neutron::plugins::ml2': + flat_networks => split(hiera('neutron_flat_networks'), ','), + tenant_network_types => [hiera('neutron_tenant_network_type')], + type_drivers => [hiera('neutron_tenant_network_type')], + } + + class { 'neutron::agents::ml2::ovs': + # manage_service => $non_pcmk_start, -- not implemented + enabled => $non_pcmk_start, + bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), + tunnel_types => split(hiera('neutron_tunnel_types'), ','), + } + + class { 'neutron::agents::metadata': + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']), + } + + Service['neutron-server'] -> Service['neutron-dhcp-service'] + Service['neutron-server'] -> Service['neutron-l3'] + Service['neutron-server'] -> Service['neutron-ovs-agent-service'] + Service['neutron-server'] -> Service['neutron-metadata'] + + include ::cinder + class { '::cinder::api': + sync_db => $sync_db, + manage_service => false, + enabled => false, + } + class { '::cinder::scheduler' : + manage_service => false, + enabled => false, + } + class { '::cinder::volume' : + manage_service => false, + enabled => false, + } + include ::cinder::glance + class {'cinder::setup_test_volume': + size => join([hiera('cinder_lvm_loop_device_size'), 'M']), + } + + $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true) + if $cinder_enable_iscsi { + $cinder_iscsi_backend = 'tripleo_iscsi' + + cinder::backend::iscsi { $cinder_iscsi_backend : + iscsi_ip_address => hiera('cinder_iscsi_ip_address'), + iscsi_helper => hiera('cinder_iscsi_helper'), + } + } + + if $enable_ceph { + + Ceph_pool { + pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'), + pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'), + size => hiera('ceph::profile::params::osd_pool_default_size'), + } + + $ceph_pools = hiera('ceph_pools') + ceph::pool { $ceph_pools : } + } + + if $cinder_enable_rbd_backend { + $cinder_rbd_backend = 'tripleo_ceph' + + cinder_config { + "${cinder_rbd_backend}/host": value => 'hostgroup'; + } + + cinder::backend::rbd { $cinder_rbd_backend : + rbd_pool => 'volumes', + rbd_user => 'openstack', + rbd_secret_uuid => hiera('ceph::profile::params::fsid'), + require => Ceph::Pool['volumes'], + } + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend]) + class { '::cinder::backends' : + enabled_backends => $cinder_enabled_backends, + } + + # swift proxy + class { '::swift::proxy' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + include ::swift::proxy::proxy_logging + include ::swift::proxy::healthcheck + include ::swift::proxy::cache + include ::swift::proxy::keystone + include ::swift::proxy::authtoken + include ::swift::proxy::staticweb + include ::swift::proxy::ceilometer + include ::swift::proxy::ratelimit + include ::swift::proxy::catch_errors + include ::swift::proxy::tempurl + include ::swift::proxy::formpost + + # swift storage + if str2bool(hiera('enable_swift_storage', 'true')) { + class {'::swift::storage::all': + mount_check => str2bool(hiera('swift_mount_check')) + } + class {'::swift::storage::account': + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class {'::swift::storage::container': + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class {'::swift::storage::object': + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + if(!defined(File['/srv/node'])) { + file { '/srv/node': + ensure => directory, + owner => 'swift', + group => 'swift', + require => Package['openstack-swift'], + } + } + $swift_components = ['account', 'container', 'object'] + swift::storage::filter::recon { $swift_components : } + swift::storage::filter::healthcheck { $swift_components : } + } + + # Ceilometer + $ceilometer_backend = downcase(hiera('ceilometer_backend')) + case $ceilometer_backend { + /mysql/ : { + $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string') + } + default : { + $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}" + } + } + include ::ceilometer + class { '::ceilometer::api' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::ceilometer::agent::notification' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::ceilometer::agent::central' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::ceilometer::alarm::notifier' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::ceilometer::alarm::evaluator' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::ceilometer::collector' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + include ::ceilometer::expirer + class { '::ceilometer::db' : + database_connection => $ceilometer_database_connection, + sync_db => $sync_db, + } + class { 'ceilometer::agent::auth': + auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']), + } + + Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } + + # Heat + class { '::heat' : + sync_db => $sync_db, + } + class { '::heat::api' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::heat::api_cfn' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::heat::api_cloudwatch' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + class { '::heat::engine' : + manage_service => $non_pcmk_start, + enabled => $non_pcmk_start, + } + + # Horizon + $vhost_params = { add_listen => false } + class { 'horizon': + cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','), + vhost_extra_params => $vhost_params, + } + + $snmpd_user = hiera('snmpd_readonly_user_name') + snmp::snmpv3_user { $snmpd_user: + authtype => 'MD5', + authpass => hiera('snmpd_readonly_user_password'), + } + class { 'snmp': + agentaddress => ['udp:161','udp6:[::1]:161'], + snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + } + +} #END STEP 3 + +if hiera('step') >= 4 { + if $pacemaker_master { + + # Keystone + pacemaker::resource::service { $::keystone::params::service_name : + clone_params => "interleave=true", + } + + # Cinder + pacemaker::resource::service { $::cinder::params::api_service : + clone_params => "interleave=true", + } + pacemaker::resource::service { $::cinder::params::scheduler_service : + clone_params => "interleave=true", + } + pacemaker::resource::service { $::cinder::params::volume_service : } + + pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': + constraint_type => "order", + first_resource => "${::cinder::params::api_service}-clone", + second_resource => "${::cinder::params::scheduler_service}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::cinder::params::api_service], + Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], + } + pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation': + source => "${::cinder::params::scheduler_service}-clone", + target => "${::cinder::params::api_service}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::cinder::params::api_service], + Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], + } + pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint': + constraint_type => "order", + first_resource => "${::cinder::params::scheduler_service}-clone", + second_resource => "${::cinder::params::volume_service}", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], + Pacemaker::Resource::Service[$::cinder::params::volume_service]], + } + pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation': + source => "${::cinder::params::volume_service}", + target => "${::cinder::params::scheduler_service}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], + Pacemaker::Resource::Service[$::cinder::params::volume_service]], + } + + # Glance + pacemaker::resource::service { $::glance::params::registry_service_name : + clone_params => "interleave=true", + } + pacemaker::resource::service { $::glance::params::api_service_name : + clone_params => "interleave=true", + } + + pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint': + constraint_type => "order", + first_resource => "${::glance::params::registry_service_name}-clone", + second_resource => "${::glance::params::api_service_name}-clone", + first_action => "start", + second_action => "start", + require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], + Pacemaker::Resource::Service[$::glance::params::api_service_name]], + } + pacemaker::constraint::colocation { 'glance-registry-with-glance-api-colocation': + source => "${::glance::params::registry_service_name}-clone", + target => "${::glance::params::api_service_name}-clone", + score => "INFINITY", + require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name], + Pacemaker::Resource::Service[$::glance::params::api_service_name]], + } + } + +} #END STEP 4 diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 8d0ad783..24799c8c 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -24,6 +24,8 @@ if !str2bool(hiera('enable_package_install', 'false')) { } } +create_resources(sysctl::value, hiera('sysctl_settings'), {}) + if count(hiera('ntp::servers')) > 0 { include ::ntp } diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 3d7cb490..80cf6a21 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -24,6 +24,8 @@ if str2bool(hiera('disable_package_install', 'false')) { } } +create_resources(sysctl::value, hiera('sysctl_settings'), {}) + if count(hiera('ntp::servers')) > 0 { include ::ntp } diff --git a/puppet/swift-devices-and-proxy-config.yaml b/puppet/swift-devices-and-proxy-config.yaml index 731f69a1..92ef5c1c 100644 --- a/puppet/swift-devices-and-proxy-config.yaml +++ b/puppet/swift-devices-and-proxy-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Swift Devices and Proxy Config for Puppet' parameters: diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index edceba97..7a3c1abb 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'OpenStack swift storage node post deployment for Puppet' parameters: @@ -37,3 +37,12 @@ resources: properties: servers: {get_param: servers} config: {get_resource: StorageRingbuilderPuppetConfig} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + depends_on: StorageRingbuilderDeployment_Step2 + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage-puppet.yaml index c3eb9536..12292dec 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'OpenStack swift storage node configured by Puppet' parameters: Flavor: @@ -68,13 +68,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::SwiftStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::SwiftStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: SwiftStorage} SwiftStorageHieraConfig: @@ -136,7 +155,7 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} HOST: {get_attr: [SwiftStorage, name]} @@ -151,3 +170,12 @@ outputs: template: 'r1z1-IP:%PORT%/d1' params: IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} diff --git a/swift-devices-and-proxy-config.yaml b/swift-devices-and-proxy-config.yaml index d422a3ef..4f01dbea 100644 --- a/swift-devices-and-proxy-config.yaml +++ b/swift-devices-and-proxy-config.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Swift Devices and Proxy Config' parameters: diff --git a/swift-storage-post.yaml b/swift-storage-post.yaml index dfac4b2a..53490d71 100644 --- a/swift-storage-post.yaml +++ b/swift-storage-post.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Swift Storage Post Deployment' # NOTE: this is a noop for os-apply-config style deployments because # post deployment ordering is controlled by tripleo-image-elements @@ -6,3 +6,13 @@ description: 'Swift Storage Post Deployment' parameters: servers: type: json + +resources: + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ExtraConfig: + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: servers} + diff --git a/swift-storage.yaml b/swift-storage.yaml index 7160c14d..68923eef 100644 --- a/swift-storage.yaml +++ b/swift-storage.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Common Swift Storage Configuration' parameters: ExtraConfig: @@ -116,13 +116,32 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + InternalApiPort: + type: OS::TripleO::SwiftStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::SwiftStorage::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig + properties: + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: SwiftStorage} SwiftStorageDeploy: @@ -145,7 +164,7 @@ outputs: hosts_entry: value: str_replace: - template: "IP HOST HOST.novalocal" + template: "IP HOST" params: IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} HOST: {get_attr: [SwiftStorage, name]} @@ -160,3 +179,12 @@ outputs: template: 'r1z1-IP:%PORT%/d1' params: IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} |