diff options
73 files changed, 1152 insertions, 404 deletions
@@ -82,7 +82,7 @@ and should be executed according to the following table: | neutron-bgpvpn | | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | ovn | | | | | | X | -+---------------------------------------------------------------------------------------------------------+ ++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | neutron-l2gw | | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | rabbitmq | X | X | X | X | X | X | diff --git a/ci/common/net-config-multinode-os-net-config.yaml b/ci/common/net-config-multinode-os-net-config.yaml index 6f4542bd..9d45a9ff 100644 --- a/ci/common/net-config-multinode-os-net-config.yaml +++ b/ci/common/net-config-multinode-os-net-config.yaml @@ -15,7 +15,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -23,7 +23,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/ci/common/net-config-multinode.yaml b/ci/common/net-config-multinode.yaml index f7e250e2..6beb62f0 100644 --- a/ci/common/net-config-multinode.yaml +++ b/ci/common/net-config-multinode.yaml @@ -15,7 +15,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -23,7 +23,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2 index b36bb97a..8d17c223 100644 --- a/common/deploy-steps.j2 +++ b/common/deploy-steps.j2 @@ -11,6 +11,7 @@ # primary role is: {{primary_role_name}} {% set deploy_steps_max = 6 -%} {% set update_steps_max = 6 -%} +{% set upgrade_steps_max = 6 -%} heat_template_version: pike @@ -337,4 +338,20 @@ outputs: with_sequence: count={{deploy_steps_max-1}} loop_control: loop_var: step + upgrade_steps_tasks: | +{%- for role in roles %} + - include: {{role.name}}/upgrade_tasks.yaml + when: role_name == '{{role.name}}' +{%- endfor %} + upgrade_steps_playbook: | + - hosts: overcloud + tasks: + - include: upgrade_steps_tasks.yaml + with_sequence: count={{upgrade_steps_max-1}} + loop_control: + loop_var: step + - include: deploy_steps_tasks.yaml + with_sequence: count={{deploy_steps_max-1}} + loop_control: + loop_var: step diff --git a/docker/firstboot/setup_docker_host.sh b/docker/firstboot/setup_docker_host.sh deleted file mode 100755 index af213bbd..00000000 --- a/docker/firstboot/setup_docker_host.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -set -eux -# This file contains setup steps that can't be or have not yet been moved to -# puppet - -# Disable libvirtd since it conflicts with nova_libvirt container -/usr/bin/systemctl disable libvirtd.service -/usr/bin/systemctl stop libvirtd.service -# Disable virtlogd since it conflicts with nova_virtlogd container -/usr/bin/systemctl disable virtlogd.service -/usr/bin/systemctl stop virtlogd.service diff --git a/docker/firstboot/setup_docker_host.yaml b/docker/firstboot/setup_docker_host.yaml deleted file mode 100644 index ddfa8802..00000000 --- a/docker/firstboot/setup_docker_host.yaml +++ /dev/null @@ -1,19 +0,0 @@ -heat_template_version: pike - -resources: - - userdata: - type: OS::Heat::MultipartMime - properties: - parts: - - config: {get_resource: setup_docker_host} - - setup_docker_host: - type: OS::Heat::SoftwareConfig - properties: - group: script - config: {get_file: ./setup_docker_host.sh} - -outputs: - OS::stack_id: - value: {get_resource: userdata} diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml index 52c4a65c..e65c503b 100644 --- a/docker/services/ceph-ansible/ceph-base.yaml +++ b/docker/services/ceph-ansible/ceph-base.yaml @@ -88,6 +88,14 @@ parameters: description: default minimum replication for RBD copies type: number default: 3 + ManilaCephFSNativeCephFSAuthId: + default: manila + type: string + CephManilaClientKey: + default: '' + description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. + type: string + hidden: true CephIPv6: default: False type: boolean @@ -202,6 +210,16 @@ outputs: GLANCE_POOL: {get_param: GlanceRbdPoolName} GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} mode: "0644" + - name: + list_join: + - '.' + - - client + - {get_param: ManilaCephFSNativeCephFSAuthId} + key: {get_param: CephManilaClientKey} + mon_cap: "allow r, allow command auth del, allow command auth caps, allow command auth get, allow command auth get-or-create" + mds_cap: "allow *" + osd_cap: "allow rw" + mode: "0644" keys: *openstack_keys pools: [] ceph_conf_overrides: diff --git a/docker/services/ceph-ansible/ceph-mds.yaml b/docker/services/ceph-ansible/ceph-mds.yaml new file mode 100644 index 00000000..4ef3a669 --- /dev/null +++ b/docker/services/ceph-ansible/ceph-mds.yaml @@ -0,0 +1,83 @@ +heat_template_version: pike + +description: > + Ceph Metadata service. + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + CephMdsKey: + description: The cephx key for the MDS service. Can be created + with ceph-authtool --gen-print-key. + type: string + hidden: true + ManilaCephFSDataPoolName: + default: manila_data + type: string + ManilaCephFSMetadataPoolName: + default: manila_metadata + type: string + ManilaCephFSNativeShareBackendName: + default: cephfs + type: string + +resources: + CephBase: + type: ./ceph-base.yaml + properties: + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Ceph Metadata service. + value: + service_name: ceph_mds + upgrade_tasks: [] + step_config: '' + puppet_config: + config_image: '' + config_volume: '' + step_config: '' + docker_config: {} + service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]} + config_settings: + map_merge: + - tripleo.ceph_mds.firewall_rules: + '112 ceph_mds': + dport: + - '6800-7300' + - ceph_mds_ansible_vars: + map_merge: + - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]} + - cephfs_data: {get_param: ManilaCephFSDataPoolName} + cephfs_metadata: {get_param: ManilaCephFSMetadataPoolName} + cephfs: {get_param: ManilaCephFSNativeShareBackendName} diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml index 54331415..402dc351 100644 --- a/docker/services/database/mysql.yaml +++ b/docker/services/database/mysql.yaml @@ -40,6 +40,18 @@ parameters: type: string hidden: true default: '' + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -86,10 +98,21 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + preserve_properties: true + optional: true permissions: - path: /var/lib/mysql owner: mysql:mysql recurse: true + - path: /etc/pki/tls/certs/mysql.crt + owner: mysql:mysql + optional: true + - path: /etc/pki/tls/private/mysql.key + owner: mysql:mysql + optional: true docker_config: # Kolla_bootstrap runs before permissions set by kolla_config step_1: @@ -108,12 +131,25 @@ outputs: # Kolla bootstraps aren't idempotent, explicitly checking if bootstrap was done command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start'] volumes: &mysql_volumes - - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro - - /etc/localtime:/etc/localtime:ro - - /etc/hosts:/etc/hosts:ro - - /var/lib/mysql:/var/lib/mysql - - /var/log/containers/mysql:/var/log/mariadb + list_concat: + - + - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json + - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro + - /etc/localtime:/etc/localtime:ro + - /etc/hosts:/etc/hosts:ro + - /var/lib/mysql:/var/lib/mysql + - /var/log/containers/mysql:/var/log/mariadb + - if: + - internal_tls_enabled + - + - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - /etc/pki/tls/certs/mysql.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mysql.crt:ro + - /etc/pki/tls/private/mysql.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/mysql.key:ro + - null environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - KOLLA_BOOTSTRAP=True @@ -146,9 +182,24 @@ outputs: step_config: 'include ::tripleo::profile::base::database::mysql' config_image: *mysql_config_image volumes: - - /var/lib/mysql:/var/lib/mysql/:ro - - /var/log/containers/mysql:/var/log/mariadb - - /var/lib/config-data/mysql/root:/root:ro #provides .my.cnf + list_concat: + - + - /var/lib/mysql:/var/lib/mysql/:ro + - /var/log/containers/mysql:/var/log/mariadb + - /var/lib/config-data/mysql/root:/root:ro #provides .my.cnf + - if: + - internal_tls_enabled + - + - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - /etc/pki/tls/certs/mysql.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mysql.crt:ro + - /etc/pki/tls/private/mysql.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/mysql.key:ro + - null + metadata_settings: + get_attr: [MysqlPuppetBase, role_data, metadata_settings] host_prep_tasks: - name: create persistent directories file: diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml index 044eb283..df226b15 100644 --- a/docker/services/glance-api.yaml +++ b/docker/services/glance-api.yaml @@ -39,10 +39,16 @@ parameters: EnableInternalTLS: type: boolean default: false + GlanceNfsEnabled: + default: false + description: > + When using GlanceBackend 'file', mount NFS share for image storage. + type: boolean conditions: internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} + nfs_backend_enabled: {equals: [{get_param: GlanceNfsEnabled}, true]} resources: @@ -128,6 +134,11 @@ outputs: - /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/glance:/var/log/glance - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro + - + if: + - nfs_backend_enabled + - /var/lib/glance:/var/lib/glance + - '' environment: - KOLLA_BOOTSTRAP=True - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/haproxy.yaml b/docker/services/haproxy.yaml index 2f0584ea..f0e2f71d 100644 --- a/docker/services/haproxy.yaml +++ b/docker/services/haproxy.yaml @@ -60,6 +60,18 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -86,6 +98,9 @@ outputs: - get_attr: [HAProxyBase, role_data, config_settings] - tripleo::haproxy::haproxy_daemon: false tripleo::haproxy::haproxy_service_manage: false + # NOTE(jaosorior): We disable the CRL since we have no way to restart haproxy + # when this is updated + tripleo::haproxy::crl_file: null step_config: &step_config get_attr: [HAProxyBase, role_data, step_config] service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]} @@ -96,12 +111,23 @@ outputs: step_config: "class {'::tripleo::profile::base::haproxy': manage_firewall => false}" config_image: {get_param: DockerHAProxyConfigImage} - volumes: &deployed_cert_mount - - list_join: - - ':' - - - {get_param: DeployedSSLCertificatePath} - - {get_param: DeployedSSLCertificatePath} - - 'ro' + volumes: + list_concat: + - - list_join: + - ':' + - - {get_param: DeployedSSLCertificatePath} + - {get_param: DeployedSSLCertificatePath} + - 'ro' + - if: + - internal_tls_enabled + - - /etc/pki/tls/certs/haproxy:/etc/pki/tls/certs/haproxy:ro + - /etc/pki/tls/private/haproxy:/etc/pki/tls/private/haproxy:ro + - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - null kolla_config: /var/lib/kolla/config_files/haproxy.json: command: haproxy -f /etc/haproxy/haproxy.cfg @@ -110,6 +136,16 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + preserve_properties: true + optional: true + permissions: + - path: /etc/pki/tls/certs/haproxy + owner: haproxy:haproxy + recurse: true + optional: true docker_config: step_1: haproxy_firewall: @@ -133,7 +169,6 @@ outputs: volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - *deployed_cert_mount - - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro @@ -154,10 +189,24 @@ outputs: volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - *deployed_cert_mount - - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro + - list_join: + - ':' + - - {get_param: DeployedSSLCertificatePath} + - {get_param: DeployedSSLCertificatePath} + - 'ro' + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/haproxy:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/haproxy:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/haproxy:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/haproxy:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS metadata_settings: diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index 7637e6e9..62c25bb2 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -243,6 +243,19 @@ outputs: file: path: /etc/ceph state: directory + - name: check if libvirt is installed + command: /usr/bin/rpm -q libvirt-daemon + failed_when: false + register: libvirt_installed + - name: make sure libvirt services are disabled + service: + name: "{{ item }}" + state: stopped + enabled: no + with_items: + - libvirtd.service + - virtlogd.socket + when: libvirt_installed.rc == 0 upgrade_tasks: - name: Stop and disable libvirtd service tags: step2 diff --git a/docker/services/nova-metadata.yaml b/docker/services/nova-metadata.yaml index 0a8a74cd..53ae7910 100644 --- a/docker/services/nova-metadata.yaml +++ b/docker/services/nova-metadata.yaml @@ -4,6 +4,12 @@ description: > OpenStack containerized Nova Metadata service parameters: + DockerNovaMetadataImage: + description: image + type: string + DockerNovaConfigImage: + description: The container image to use for the nova config_volume + type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -33,6 +39,9 @@ parameters: resources: + ContainersCommon: + type: ./containers-common.yaml + NovaMetadataBase: type: ../../puppet/services/nova-metadata.yaml properties: @@ -56,9 +65,56 @@ outputs: service_config_settings: {get_attr: [NovaMetadataBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS puppet_config: - config_volume: '' - puppet_tags: '' + config_volume: nova + puppet_tags: nova_config step_config: *step_config - config_image: '' - kolla_config: {} - docker_config: {} + config_image: {get_param: DockerNovaConfigImage} + kolla_config: + /var/lib/kolla/config_files/nova_metadata.json: + command: /usr/bin/nova-api-metadata + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + permissions: + - path: /var/log/nova + owner: nova:nova + recurse: true + docker_config: + step_2: + nova_init_logs: + image: &nova_metadata_image {get_param: DockerNovaMetadataImage} + privileged: false + user: root + volumes: + - /var/log/containers/nova:/var/log/nova + command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova'] + step_4: + nova_metadata: + start_order: 2 + image: *nova_metadata_image + net: host + user: nova + privileged: true + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/nova_metadata.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro + - /var/log/containers/nova:/var/log/nova + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + metadata_settings: + get_attr: [NovaMetadataBase, role_data, metadata_settings] + host_prep_tasks: + - name: create persistent logs directory + file: + path: /var/log/containers/nova + state: directory + upgrade_tasks: + - name: Stop and disable nova_api service + tags: step2 + service: name=openstack-nova-api state=stopped enabled=no diff --git a/docker/services/pacemaker/haproxy.yaml b/docker/services/pacemaker/haproxy.yaml index 24155912..5ba54f85 100644 --- a/docker/services/pacemaker/haproxy.yaml +++ b/docker/services/pacemaker/haproxy.yaml @@ -41,6 +41,22 @@ parameters: default: {} description: Parameters specific to the role type: json + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. + InternalTLSCRLPEMFile: + default: '/etc/pki/CA/crl/overcloud-crl.pem' + type: string + description: Specifies the default CRL PEM file to use for revocation if + TLS is used for services in the internal network. + HAProxyInternalTLSCertsDirectory: + default: '/etc/pki/tls/certs/haproxy' + type: string + HAProxyInternalTLSKeysDirectory: + default: '/etc/pki/tls/private/haproxy' + type: string resources: @@ -65,6 +81,17 @@ outputs: - tripleo::haproxy::haproxy_daemon: false haproxy_docker: true tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image {get_param: DockerHAProxyImage} + # the list of directories that contain the certs to bind mount in the countainer + # bind-mounting the directories rather than all the cert, key and pem files ensures + # that docker won't create directories on the host when then pem files do not exist + tripleo::profile::pacemaker::haproxy_bundle::tls_mapping: &tls_mapping + - get_param: InternalTLSCAFile + - get_param: HAProxyInternalTLSKeysDirectory + - get_param: HAProxyInternalTLSCertsDirectory + tripleo::profile::pacemaker::haproxy_bundle::internal_certs_directory: {get_param: HAProxyInternalTLSCertsDirectory} + tripleo::profile::pacemaker::haproxy_bundle::internal_keys_directory: {get_param: HAProxyInternalTLSKeysDirectory} + # disable the use CRL file until we can restart the container when the file expires + tripleo::haproxy::crl_file: null step_config: "" service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS @@ -80,11 +107,9 @@ outputs: - 'include ::tripleo::profile::pacemaker::haproxy_bundle' config_image: {get_param: DockerHAProxyConfigImage} volumes: &deployed_cert_mount - - list_join: - - ':' - - - {get_param: DeployedSSLCertificatePath} - - {get_param: DeployedSSLCertificatePath} - - 'ro' + yaql: + expression: $.data.select($+":"+$+":ro") + data: *tls_mapping kolla_config: /var/lib/kolla/config_files/haproxy.json: command: haproxy -f /etc/haproxy/haproxy.cfg @@ -94,6 +119,28 @@ outputs: merge: true preserve_properties: true optional: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + optional: true + preserve_properties: true + permissions: + - path: + list_join: + - '' + - - {get_param: HAProxyInternalTLSCertsDirectory} + - '/*' + owner: haproxy:haproxy + perm: '0600' + optional: true + - path: + list_join: + - '' + - - {get_param: HAProxyInternalTLSKeysDirectory} + - '/*' + owner: haproxy:haproxy + perm: '0600' + optional: true docker_config: step_2: haproxy_init_bundle: diff --git a/docker/services/pacemaker/manila-share.yaml b/docker/services/pacemaker/manila-share.yaml new file mode 100644 index 00000000..7103ba8b --- /dev/null +++ b/docker/services/pacemaker/manila-share.yaml @@ -0,0 +1,142 @@ +heat_template_version: pike + +description: > + OpenStack containerized Manila Share service + +parameters: + DockerManilaShareImage: + description: image + type: string + DockerManilaConfigImage: + description: image + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + MySQLClient: + type: ../../../puppet/services/database/mysql-client.yaml + + ManilaBase: + type: ../../../puppet/services/pacemaker/manila-share.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Manila Share role. + value: + service_name: {get_attr: [ManilaBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [ManilaBase, role_data, config_settings] + - tripleo::profile::pacemaker::manila::share_bundle::manila_share_docker_image: &manila_share_image {get_param: DockerManilaShareImage} + manila::share::manage_service: false + manila::share::enabled: false + manila::host: hostgroup + step_config: "" + service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: manila + puppet_tags: manila_config,file,concat,file_line + step_config: + list_join: + - "\n" + - - {get_attr: [ManilaBase, role_data, step_config]} + - - {get_attr: [MySQLClient, role_data, step_config]} + config_image: {get_param: DockerManilaConfigImage} + kolla_config: + /var/lib/kolla/config_files/manila_share.json: + command: /usr/bin/manila-share --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + # NOTE(gfidente): ceph ansible generated + - source: "/var/lib/kolla/config_files/src-ceph/" + dest: "/etc/ceph" + merge: true + preserve_properties: true + permissions: + - path: /var/log/manila + owner: manila:manila + recurse: true + docker_config: + step_3: + manila_share_init_logs: + start_order: 0 + image: *manila_share_image + privileged: false + user: root + volumes: + - /var/log/containers/manila:/var/log/manila + command: ['/bin/bash', '-c', 'chown -R manila:manila /var/log/manila'] + step_5: + manila_share_init_bundle: + start_order: 0 + detach: false + net: host + user: root + command: + - '/bin/bash' + - '-c' + - str_replace: + template: + list_join: + - '; ' + - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 5}' > /etc/puppet/hieradata/docker.json" + - "FACTER_uuid=docker puppet apply --tags file_line,concat,augeas,TAGS --debug -v -e 'CONFIG'" + params: + TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location' + CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::manila::share_bundle' + image: *manila_share_image + volumes: + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - /etc/puppet:/tmp/puppet-etc:ro + - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro + - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro + - /dev/shm:/dev/shm:rw + host_prep_tasks: + - name: create persistent directories + file: + path: "{{ item }}" + state: directory + with_items: + - /var/log/containers/manila + - /var/lib/manila + upgrade_tasks: + - name: Stop and disable manila_share service + tags: step2 + service: name=openstack-manila-share state=stopped enabled=no diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml index de53ceee..d8e50afd 100644 --- a/docker/services/pacemaker/rabbitmq.yaml +++ b/docker/services/pacemaker/rabbitmq.yaml @@ -92,6 +92,11 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + optional: true + preserve_properties: true permissions: - path: /var/lib/rabbitmq owner: rabbitmq:rabbitmq @@ -99,6 +104,14 @@ outputs: - path: /var/log/rabbitmq owner: rabbitmq:rabbitmq recurse: true + - path: /etc/pki/tls/certs/rabbitmq.crt + owner: rabbitmq:rabbitmq + perm: '0600' + optional: true + - path: /etc/pki/tls/private/rabbitmq.key + owner: rabbitmq:rabbitmq + perm: '0600' + optional: true # When using pacemaker we don't launch the container, instead that is done by pacemaker # itself. docker_config: @@ -164,6 +177,8 @@ outputs: echo 'export ERL_EPMD_ADDRESS=127.0.0.1' > /etc/rabbitmq/rabbitmq-env.conf echo 'export ERL_EPMD_PORT=4370' >> /etc/rabbitmq/rabbitmq-env.conf for pid in $(pgrep epmd); do if [ "$(lsns -o NS -p $pid)" == "$(lsns -o NS -p 1)" ]; then kill $pid; break; fi; done + metadata_settings: + get_attr: [RabbitmqBase, role_data, metadata_settings] upgrade_tasks: - name: get bootstrap nodeid tags: common diff --git a/environments/ceph-ansible/ceph-mds.yaml b/environments/ceph-ansible/ceph-mds.yaml new file mode 100644 index 00000000..0834269c --- /dev/null +++ b/environments/ceph-ansible/ceph-mds.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::CephMds: ../../docker/services/ceph-ansible/ceph-mds.yaml diff --git a/environments/composable-roles/monolithic-ha.yaml b/environments/composable-roles/monolithic-ha.yaml new file mode 100644 index 00000000..a1dcd7bf --- /dev/null +++ b/environments/composable-roles/monolithic-ha.yaml @@ -0,0 +1,59 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Monolithic Controller HA deployment +# description: | +# A Heat environment that can be used to deploy controller and compute +# services in an HA configuration with SSL everywhere and network +# isolation. +# This should be used with a roles_data.yaml containing the Controller, +# Compute and CephStorage roles. +# openstack overcloud roles generate -o ~/roles_data.yaml Controller Compute CephStorage +parameter_defaults: + # Number of CephStorage nodes to deploy + # Type: number + CephStorageCount: 1 + + # Format for CephStorage node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + CephStorageHostnameFormat: '%stackname%-cephstorage-%index%' + + # Number of Compute nodes to deploy + # Type: number + ComputeCount: 3 + + # Format for Compute node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + ComputeHostnameFormat: '%stackname%-novacompute-%index%' + + # Number of Controller nodes to deploy + # Type: number + ControllerCount: 3 + + # Format for Controller node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + ControllerHostnameFormat: '%stackname%-controller-%index%' + + # DNS servers to use for the Overcloud + # Type: comma_delimited_list + DnsServers: ['8.8.8.8', '8,8.4.4'] + + # NTP servers list. Defaulted to pool.ntp.org in order to have a sane default for Pacemaker deployments when not configuring this parameter by default. + # Type: comma_delimited_list + NtpServer: ['pool.ntp.org'] + + # Name of the flavor for Ceph nodes + # Type: string + OvercloudCephStorageFlavor: ceph + + # Name of the flavor for Compute nodes + # Type: string + OvercloudComputeFlavor: compute + + # Name of the flavor for Controller nodes + # Type: string + OvercloudControllerFlavor: control + diff --git a/environments/composable-roles/monolithic-nonha.yaml b/environments/composable-roles/monolithic-nonha.yaml new file mode 100644 index 00000000..f49ddf2a --- /dev/null +++ b/environments/composable-roles/monolithic-nonha.yaml @@ -0,0 +1,59 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Monolithic Controller Non-HA deployment +# description: | +# A Heat environment that can be used to deploy controller and compute +# services in an Non-HA configuration with SSL undercloud only and a +# flat network. +# This should be used with a roles_data.yaml containing the Controller, +# Compute and CephStorage roles. +# openstack overcloud roles generate -o ~/roles_data.yaml Controller Compute CephStorage +parameter_defaults: + # Number of CephStorage nodes to deploy + # Type: number + CephStorageCount: 1 + + # Format for CephStorage node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + CephStorageHostnameFormat: '%stackname%-cephstorage-%index%' + + # Number of Compute nodes to deploy + # Type: number + ComputeCount: 1 + + # Format for Compute node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + ComputeHostnameFormat: '%stackname%-novacompute-%index%' + + # Number of Controller nodes to deploy + # Type: number + ControllerCount: 1 + + # Format for Controller node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + ControllerHostnameFormat: '%stackname%-controller-%index%' + + # DNS servers to use for the Overcloud + # Type: comma_delimited_list + DnsServers: ['8.8.8.8', '8,8.4.4'] + + # NTP servers list. Defaulted to pool.ntp.org in order to have a sane default for Pacemaker deployments when not configuring this parameter by default. + # Type: comma_delimited_list + NtpServer: ['pool.ntp.org'] + + # Name of the flavor for Ceph nodes + # Type: string + OvercloudCephStorageFlavor: ceph + + # Name of the flavor for Compute nodes + # Type: string + OvercloudComputeFlavor: compute + + # Name of the flavor for Controller nodes + # Type: string + OvercloudControllerFlavor: control + diff --git a/environments/composable-roles/standalone.yaml b/environments/composable-roles/standalone.yaml new file mode 100644 index 00000000..3305c9ed --- /dev/null +++ b/environments/composable-roles/standalone.yaml @@ -0,0 +1,84 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Controller HA deployment with standalone Database, Messaging and Networker nodes. +# description: | +# A Heat environment that can be used to deploy controller, database, +# messaging, networker and compute services in an HA configuration with SSL +# everywhere and network isolation. +# This should be used with a roles_data.yaml containing the +# ControllerOpenstack, Database, Messaging, Networker, Compute and +# CephStorage roles. +# openstack overcloud roles generate -o ~/roles_data.yaml ControllerOpenstack Database Messaging Networker Compute CephStorage +parameter_defaults: + # Number of CephStorage nodes to deploy + # Type: number + CephStorageCount: 1 + + # Format for CephStorage node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + CephStorageHostnameFormat: '%stackname%-cephstorage-%index%' + + # Number of Compute nodes to deploy + # Type: number + ComputeCount: 1 + + # Format for Compute node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + ComputeHostnameFormat: '%stackname%-novacompute-%index%' + + # Number of Controller nodes to deploy + # Type: number + ControllerCount: 3 + + # Format for Controller node hostnames Note %index% is translated into the index of the node, e.g 0/1/2 etc and %stackname% is replaced with the stack name e.g overcloud + # Type: string + ControllerHostnameFormat: '%stackname%-controller-%index%' + + # Number of Database nodes + # Type: number + DatabaseCount: 3 + + # DNS servers to use for the Overcloud + # Type: comma_delimited_list + DnsServers: ['8.8.8.8', '8,8.4.4'] + + # Number of Messaging nodes + # Type: number + MessagingCount: 3 + + # Number of Networker nodes + # Type: number + NetworkerCount: 2 + + # NTP servers list. Defaulted to pool.ntp.org in order to have a sane default for Pacemaker deployments when not configuring this parameter by default. + # Type: comma_delimited_list + NtpServer: ['pool.ntp.org'] + + # Name of the flavor for Ceph nodes + # Type: string + OvercloudCephStorageFlavor: ceph + + # Name of the flavor for Compute nodes + # Type: string + OvercloudComputeFlavor: compute + + # Name of the flavor for Controller nodes + # Type: string + OvercloudControllerFlavor: control + + # Name of the flavor for Database nodes + # Type: string + OvercloudDatabaseFlavor: db + + # Name of the flavor for Messaging nodes + # Type: string + OvercloudMessagingFlavor: messaging + + # Name of the flavor for Networker nodes + # Type: string + OvercloudNetworkerFlavor: networker + diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml index 49d02e6f..e977dff2 100644 --- a/environments/docker-services-tls-everywhere.yaml +++ b/environments/docker-services-tls-everywhere.yaml @@ -1,11 +1,6 @@ # This environment contains the services that can work with TLS-everywhere. resource_registry: - # This can be used when you don't want to run puppet on the host, - # e.g atomic, but it has been replaced with OS::TripleO::Services::Docker - # OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml OS::TripleO::Services::Docker: ../puppet/services/docker.yaml - # The compute node still needs extra initialization steps - OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml # Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2 OS::TripleO::Docker::NeutronMl2PluginBase: ../puppet/services/neutron-plugin-ml2.yaml @@ -26,7 +21,6 @@ resource_registry: OS::TripleO::Services::HeatApi: ../docker/services/heat-api.yaml OS::TripleO::Services::HeatApiCfn: ../docker/services/heat-api-cfn.yaml OS::TripleO::Services::HeatEngine: ../docker/services/heat-engine.yaml - OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml OS::TripleO::Services::Memcached: ../docker/services/memcached.yaml OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml @@ -36,8 +30,17 @@ resource_registry: OS::TripleO::Services::NeutronMetadataAgent: ../docker/services/neutron-metadata.yaml OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml + OS::TripleO::Services::NovaApi: ../docker/services/nova-api.yaml + OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml + OS::TripleO::Services::NovaConsoleauth: ../docker/services/nova-consoleauth.yaml + OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml + OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml + OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml + OS::TripleO::Services::NovaVncProxy: ../docker/services/nova-vnc-proxy.yaml OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml OS::TripleO::Services::SwiftStorage: ../docker/services/swift-storage.yaml + OS::TripleO::Services::HAproxy: ../docker/services/haproxy.yaml + OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml diff --git a/environments/docker.yaml b/environments/docker.yaml index 9b977f6e..a47e0d4d 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -1,10 +1,4 @@ resource_registry: - # This can be used when you don't want to run puppet on the host, - # e.g atomic, but it has been replaced with OS::TripleO::Services::Docker - # OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml - # The compute node still needs extra initialization steps - OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml - OS::TripleO::Services::Docker: ../puppet/services/docker.yaml # Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2 OS::TripleO::Docker::NeutronMl2PluginBase: ../puppet/services/neutron-plugin-ml2.yaml @@ -22,6 +16,7 @@ resource_registry: OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml OS::TripleO::Services::NovaConsoleauth: ../docker/services/nova-consoleauth.yaml + OS::TripleO::Services::NovaMetadata: ../docker/services/nova-metadata.yaml OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml OS::TripleO::Services::NovaVncProxy: ../docker/services/nova-vnc-proxy.yaml diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index d14ed73f..487857ef 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -235,11 +235,25 @@ case "${REG_METHOD:-}" in if [ "$satellite_version" = "6" ]; then repos="$repos --enable ${satellite_repo}" curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" + + # https://bugs.launchpad.net/tripleo/+bug/1711435 + # Delete the /etc/rhsm/facts directory entirely so that the + # %post script from katello-ca-consumer does not override the + # hostname with $(hostname -f) if there is no fqdn set + fqdn=$(hostname -f) + if [ "$fqdn" = "localhost" -o "$fqdn" = "localhost.localdomain" ]; then + rm -rf /etc/rhsm/facts + fi + rpm -Uvh katello-ca-consumer-latest.noarch.rpm || true retry subscription-manager register $opts retry subscription-manager $repos retry yum install -y katello-agent || true # needed for errata reporting to satellite6 katello-package-upload + + # https://bugs.launchpad.net/tripleo/+bug/1711435 + # recreate the facts dir just in case we rm'd it earlier + mkdir -p /etc/rhsm/facts else pushd /usr/share/rhn/ curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT diff --git a/net-config-bond.yaml b/net-config-bond.yaml index 95b47455..8a97c854 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -22,7 +22,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -30,7 +30,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml index 29646ab5..0668245d 100644 --- a/net-config-bridge.yaml +++ b/net-config-bridge.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-linux-bridge.yaml b/net-config-linux-bridge.yaml index 6c44e60e..3964341a 100644 --- a/net-config-linux-bridge.yaml +++ b/net-config-linux-bridge.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-noop.yaml b/net-config-noop.yaml index 57f1a197..bdfda577 100644 --- a/net-config-noop.yaml +++ b/net-config-noop.yaml @@ -15,7 +15,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -23,7 +23,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-static-bridge-with-external-dhcp.yaml b/net-config-static-bridge-with-external-dhcp.yaml index cbf282ea..0e0d5900 100644 --- a/net-config-static-bridge-with-external-dhcp.yaml +++ b/net-config-static-bridge-with-external-dhcp.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-static-bridge.yaml b/net-config-static-bridge.yaml index c778bd81..e3e930d5 100644 --- a/net-config-static-bridge.yaml +++ b/net-config-static-bridge.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-static.yaml b/net-config-static.yaml index e864be03..02e2fe65 100644 --- a/net-config-static.yaml +++ b/net-config-static.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/net-config-undercloud.yaml b/net-config-undercloud.yaml index 881fbfd7..df02833a 100644 --- a/net-config-undercloud.yaml +++ b/net-config-undercloud.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index 9683456a..bd15a189 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index 3ad6d653..4ea3c470 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/compute-dpdk.yaml b/network/config/bond-with-vlans/compute-dpdk.yaml index 095c4973..5def1ca9 100644 --- a/network/config/bond-with-vlans/compute-dpdk.yaml +++ b/network/config/bond-with-vlans/compute-dpdk.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 882402af..2acbc877 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml index 4901f94d..55603518 100644 --- a/network/config/bond-with-vlans/controller-no-external.yaml +++ b/network/config/bond-with-vlans/controller-no-external.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml index 33c6fa65..69ab7539 100644 --- a/network/config/bond-with-vlans/controller-v6.yaml +++ b/network/config/bond-with-vlans/controller-v6.yaml @@ -14,7 +14,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -22,7 +22,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index 100821b7..70e41eb6 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/networker.yaml b/network/config/bond-with-vlans/networker.yaml index aa6e9da6..45994c72 100644 --- a/network/config/bond-with-vlans/networker.yaml +++ b/network/config/bond-with-vlans/networker.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index 0ede081f..c31bf225 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/contrail/contrail-nic-config-compute.yaml b/network/config/contrail/contrail-nic-config-compute.yaml index a5f0ecab..5f9e9198 100644 --- a/network/config/contrail/contrail-nic-config-compute.yaml +++ b/network/config/contrail/contrail-nic-config-compute.yaml @@ -16,7 +16,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string InternalApiDefaultRoute: # Not used by default in this template default: '10.0.0.1' @@ -28,7 +28,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/contrail/contrail-nic-config.yaml b/network/config/contrail/contrail-nic-config.yaml index 595f34d1..fb78caca 100644 --- a/network/config/contrail/contrail-nic-config.yaml +++ b/network/config/contrail/contrail-nic-config.yaml @@ -16,7 +16,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string InternalApiDefaultRoute: # Not used by default in this template default: '10.0.0.1' @@ -28,7 +28,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml index 3cc4361f..8448f84f 100644 --- a/network/config/multiple-nics/ceph-storage.yaml +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml index fa7d49e3..57882e22 100644 --- a/network/config/multiple-nics/cinder-storage.yaml +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/compute-dvr.yaml b/network/config/multiple-nics/compute-dvr.yaml index a7939125..562a63d9 100644 --- a/network/config/multiple-nics/compute-dvr.yaml +++ b/network/config/multiple-nics/compute-dvr.yaml @@ -13,7 +13,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -21,7 +21,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml index d1dc06a3..febfed0c 100644 --- a/network/config/multiple-nics/compute.yaml +++ b/network/config/multiple-nics/compute.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/controller-v6.yaml b/network/config/multiple-nics/controller-v6.yaml index 477eeaae..17544f22 100644 --- a/network/config/multiple-nics/controller-v6.yaml +++ b/network/config/multiple-nics/controller-v6.yaml @@ -13,7 +13,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -21,7 +21,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml index 59f16b93..7d9dbe7a 100644 --- a/network/config/multiple-nics/controller.yaml +++ b/network/config/multiple-nics/controller.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/networker.yaml b/network/config/multiple-nics/networker.yaml index b251fb9c..abee66ca 100644 --- a/network/config/multiple-nics/networker.yaml +++ b/network/config/multiple-nics/networker.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml index 180f553f..cf547918 100644 --- a/network/config/multiple-nics/swift-storage.yaml +++ b/network/config/multiple-nics/swift-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml index 6685f2bc..b22f633a 100644 --- a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml index ecc57ad5..1c5a8c9a 100644 --- a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml index a637ef00..f4fd5fba 100644 --- a/network/config/single-nic-linux-bridge-vlans/compute.yaml +++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml index d4058078..44fc961c 100644 --- a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml +++ b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml @@ -13,7 +13,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -21,7 +21,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml index a52a8b84..0a54145a 100644 --- a/network/config/single-nic-linux-bridge-vlans/controller.yaml +++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/networker.yaml b/network/config/single-nic-linux-bridge-vlans/networker.yaml index b1733dec..7dd48944 100644 --- a/network/config/single-nic-linux-bridge-vlans/networker.yaml +++ b/network/config/single-nic-linux-bridge-vlans/networker.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml index ad154fad..2649391f 100644 --- a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml index 790e8a7d..ebcc721c 100644 --- a/network/config/single-nic-vlans/ceph-storage.yaml +++ b/network/config/single-nic-vlans/ceph-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml index 6dee3bee..d2548e4e 100644 --- a/network/config/single-nic-vlans/cinder-storage.yaml +++ b/network/config/single-nic-vlans/cinder-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml index d2559d2c..78814af1 100644 --- a/network/config/single-nic-vlans/compute.yaml +++ b/network/config/single-nic-vlans/compute.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/controller-no-external.yaml b/network/config/single-nic-vlans/controller-no-external.yaml index d26de321..1dc9a6f3 100644 --- a/network/config/single-nic-vlans/controller-no-external.yaml +++ b/network/config/single-nic-vlans/controller-no-external.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/controller-v6.yaml b/network/config/single-nic-vlans/controller-v6.yaml index 8f68760f..f1055ae3 100644 --- a/network/config/single-nic-vlans/controller-v6.yaml +++ b/network/config/single-nic-vlans/controller-v6.yaml @@ -13,7 +13,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -21,7 +21,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index 8530118f..171fcf5d 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/networker.yaml b/network/config/single-nic-vlans/networker.yaml index 54a17e46..2502984a 100644 --- a/network/config/single-nic-vlans/networker.yaml +++ b/network/config/single-nic-vlans/networker.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml index b4587e04..99ab66c1 100644 --- a/network/config/single-nic-vlans/swift-storage.yaml +++ b/network/config/single-nic-vlans/swift-storage.yaml @@ -12,7 +12,7 @@ parameters: type: string InternalApiIpSubnet: default: '' - description: IP address/subnet on the internal API network + description: IP address/subnet on the internal_api network type: string StorageIpSubnet: default: '' @@ -20,7 +20,7 @@ parameters: type: string StorageMgmtIpSubnet: default: '' - description: IP address/subnet on the storage mgmt network + description: IP address/subnet on the storage_mgmt network type: string TenantIpSubnet: default: '' diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.j2.yaml index 6d7b7c16..e929ab2c 100644 --- a/network/ports/net_ip_list_map.yaml +++ b/network/ports/net_ip_list_map.j2.yaml @@ -4,24 +4,11 @@ parameters: ControlPlaneIpList: default: [] type: comma_delimited_list - ExternalIpList: - default: [] - type: comma_delimited_list - InternalApiIpList: - default: [] - type: comma_delimited_list - StorageIpList: - default: [] - type: comma_delimited_list - StorageMgmtIpList: - default: [] - type: comma_delimited_list - TenantIpList: - default: [] - type: comma_delimited_list - ManagementIpList: +{%- for network in networks %} + {{network.name}}IpList: default: [] type: comma_delimited_list +{%- endfor %} EnabledServices: default: [] type: comma_delimited_list @@ -58,7 +45,12 @@ parameters: TenantNetName: default: tenant description: The name of the tenant network. +{%- for network in networks %} + {{network.name}}NetName: + default: {{network.name_lower}} + description: The name of the {{network.name_lower}} network. type: string +{%- endfor %} resources: @@ -91,19 +83,13 @@ resources: value: map_replace: - ctlplane: {get_param: ControlPlaneIpList} - external: {get_param: ExternalIpList} - internal_api: {get_param: InternalApiIpList} - storage: {get_param: StorageIpList} - storage_mgmt: {get_param: StorageMgmtIpList} - tenant: {get_param: TenantIpList} - management: {get_param: ManagementIpList} +{%- for network in networks %} + {{network.name_lower}}: {get_param: {{network.name}}IpList} +{%- endfor %} - keys: - external: {get_param: ExternalNetName} - internal_api: {get_param: InternalApiNetName} - storage: {get_param: StorageNetName} - storage_mgmt: {get_param: StorageMgmtNetName} - tenant: {get_param: TenantNetName} - management: {get_param: ManagementNetName} +{%- for network in networks %} + {{network.name_lower}}: {get_param: {{network.name}}NetName} +{%- endfor %} outputs: net_ip_map: diff --git a/network/ports/net_ip_map.j2.yaml b/network/ports/net_ip_map.j2.yaml new file mode 100644 index 00000000..f01d624a --- /dev/null +++ b/network/ports/net_ip_map.j2.yaml @@ -0,0 +1,81 @@ +heat_template_version: pike + +parameters: + ControlPlaneIp: + default: '' + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string +{%- for network in networks %} + {{network.name}}Ip: + default: '' + type: string + {{network.name}}IpSubnet: + description: 'IP address/subnet on the {{network.name_lower}} network' + default: '' + type: string + {{network.name}}IpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 +{%- endfor %} + +{%- for network in networks %} + {{network.name}}NetName: + default: {{network.name_lower}} + description: The name of the {{network.name_lower}} network. + type: string +{%- endfor %} + +resources: + + NetIpMapValue: + type: OS::Heat::Value + properties: + type: json + value: + map_replace: + - ctlplane: {get_param: ControlPlaneIp} +{%- for network in networks %} + {{network.name_lower}}: {get_param: {{network.name}}Ip} +{%- endfor %} + ctlplane_subnet: + list_join: + - '' + - - {get_param: ControlPlaneIp} + - '/' + - {get_param: ControlPlaneSubnetCidr} +{%- for network in networks %} + {{network.name_lower}}_subnet: {get_param: {{network.name}}IpSubnet} +{%- endfor %} + ctlplane_uri: {get_param: ControlPlaneIp} +{%- for network in networks %} + {{network.name_lower}}_uri: {get_param: {{network.name}}IpUri} +{%- endfor %} + - keys: +{%- for network in networks %} + {{network.name_lower}}: {get_param: {{network.name}}NetName} +{%- endfor %} +{%- for network in networks %} + {{network.name_lower}}_subnet: + str_replace: + template: NAME_subnet + params: + NAME: {get_param: {{network.name}}NetName} +{%- endfor %} +{%- for network in networks %} + {{network.name_lower}}_uri: + str_replace: + template: NAME_uri + params: + NAME: {get_param: {{network.name}}NetName} +{%- endfor %} + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: {get_attr: [NetIpMapValue, value]} diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml deleted file mode 100644 index 1b0e7589..00000000 --- a/network/ports/net_ip_map.yaml +++ /dev/null @@ -1,210 +0,0 @@ -heat_template_version: pike - -parameters: - ControlPlaneIp: - default: '' - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ExternalIp: - default: '' - type: string - ExternalIpSubnet: - default: '' - type: string - description: IP address/subnet on the external network - ExternalIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - InternalApiIp: - default: '' - type: string - InternalApiIpSubnet: - default: '' - type: string - description: IP address/subnet on the internal API network - InternalApiIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageIp: - default: '' - type: string - StorageIpSubnet: - default: '' - type: string - description: IP address/subnet on the storage network - StorageIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageMgmtIp: - default: '' - type: string - StorageMgmtIpSubnet: - default: '' - type: string - description: IP address/subnet on the storage mgmt network - StorageMgmtIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - TenantIp: - default: '' - type: string - TenantIpSubnet: - default: '' - type: string - description: IP address/subnet on the tenant network - TenantIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - ManagementIp: - default: '' - type: string - ManagementIpSubnet: - default: '' - type: string - description: IP address/subnet on the management network - ManagementIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - - InternalApiNetName: - default: internal_api - description: The name of the internal_api network. - type: string - ExternalNetName: - default: external - description: The name of the external network. - type: string - ManagementNetName: - default: management - description: The name of the management network. - type: string - StorageNetName: - default: storage - description: The name of the storage network. - type: string - StorageMgmtNetName: - default: storage_mgmt - description: The name of the storage_mgmt network. - type: string - TenantNetName: - default: tenant - description: The name of the tenant network. - type: string - -resources: - - NetIpMapValue: - type: OS::Heat::Value - properties: - type: json - value: - map_replace: - - ctlplane: {get_param: ControlPlaneIp} - external: {get_param: ExternalIp} - internal_api: {get_param: InternalApiIp} - storage: {get_param: StorageIp} - storage_mgmt: {get_param: StorageMgmtIp} - tenant: {get_param: TenantIp} - management: {get_param: ManagementIp} - ctlplane_subnet: - list_join: - - '' - - - {get_param: ControlPlaneIp} - - '/' - - {get_param: ControlPlaneSubnetCidr} - external_subnet: {get_param: ExternalIpSubnet} - internal_api_subnet: {get_param: InternalApiIpSubnet} - storage_subnet: {get_param: StorageIpSubnet} - storage_mgmt_subnet: {get_param: StorageMgmtIpSubnet} - tenant_subnet: {get_param: TenantIpSubnet} - management_subnet: {get_param: ManagementIpSubnet} - ctlplane_uri: {get_param: ControlPlaneIp} - external_uri: {get_param: ExternalIpUri} - internal_api_uri: {get_param: InternalApiIpUri} - storage_uri: {get_param: StorageIpUri} - storage_mgmt_uri: {get_param: StorageMgmtIpUri} - tenant_uri: {get_param: TenantIpUri} - management_uri: {get_param: ManagementIpUri} - - keys: - external: {get_param: ExternalNetName} - internal_api: {get_param: InternalApiNetName} - storage: {get_param: StorageNetName} - storage_mgmt: {get_param: StorageMgmtNetName} - tenant: {get_param: TenantNetName} - management: {get_param: ManagementNetName} - external_subnet: - str_replace: - template: NAME_subnet - params: - NAME: {get_param: ExternalNetName} - internal_api_subnet: - str_replace: - template: NAME_subnet - params: - NAME: {get_param: InternalApiNetName} - storage_subnet: - str_replace: - template: NAME_subnet - params: - NAME: {get_param: StorageNetName} - storage_mgmt_subnet: - str_replace: - template: NAME_subnet - params: - NAME: {get_param: StorageMgmtNetName} - tenant_subnet: - str_replace: - template: NAME_subnet - params: - NAME: {get_param: TenantNetName} - management_subnet: - str_replace: - template: NAME_subnet - params: - NAME: {get_param: ManagementNetName} - external_uri: - str_replace: - template: NAME_uri - params: - NAME: {get_param: ExternalNetName} - internal_api_uri: - str_replace: - template: NAME_uri - params: - NAME: {get_param: InternalApiNetName} - storage_uri: - str_replace: - template: NAME_uri - params: - NAME: {get_param: StorageNetName} - storage_mgmt_uri: - str_replace: - template: NAME_uri - params: - NAME: {get_param: StorageMgmtNetName} - tenant_uri: - str_replace: - template: NAME_uri - params: - NAME: {get_param: TenantNetName} - management_uri: - str_replace: - template: NAME_uri - params: - NAME: {get_param: ManagementNetName} - -outputs: - net_ip_map: - description: > - A Hash containing a mapping of network names to assigned IPs - for a specific machine. - value: {get_attr: [NetIpMapValue, value]} diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 63868b54..2a9f9d76 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -279,7 +279,6 @@ resource_registry: OS::TripleO::Services::NeutronVppAgent: OS::Heat::None OS::TripleO::Services::Docker: OS::Heat::None OS::TripleO::Services::CertmongerUser: OS::Heat::None - OS::TripleO::Services::Iscsid: OS::Heat::None OS::TripleO::Services::Clustercheck: OS::Heat::None OS::TripleO::Services::VRTSHyperScale: OS::Heat::None diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 63ab92eb..642a0f09 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -67,6 +67,14 @@ parameters: MonitoringSubscriptionHorizon: default: 'overcloud-horizon' type: string + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. conditions: @@ -109,6 +117,14 @@ outputs: - {get_param: [DefaultPasswords, horizon_secret]} horizon::secure_cookies: {get_param: [HorizonSecureCookies]} memcached_ipv6: {get_param: MemcachedIPv6} + horizon::servername: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} + horizon::listen_ssl: {get_param: EnableInternalTLS} + horizon::horizon_ca: {get_param: InternalTLSCAFile} - if: - debug_unset diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml index a1134f3e..f4675875 100644 --- a/puppet/services/pacemaker/cinder-volume.yaml +++ b/puppet/services/pacemaker/cinder-volume.yaml @@ -66,11 +66,17 @@ outputs: resource: openstack-cinder-volume state: disable wait_for_resource: true - - name: Sync cinder DB + - name: get bootstrap nodeid tags: step5 - command: cinder-manage db sync - - name: Start cinder_volume service (pacemaker) - tags: step5 - pacemaker_resource: - resource: openstack-cinder-volume - state: enable + command: hiera bootstrap_nodeid + register: bootstrap_node + - block: + - name: Sync cinder DB + tags: step5 + command: cinder-manage db sync + - name: Start cinder_volume service (pacemaker) + tags: step5 + pacemaker_resource: + resource: openstack-cinder-volume + state: enable + when: bootstrap_node.stdout == ansible_hostname diff --git a/releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml b/releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml new file mode 100644 index 00000000..04b21fba --- /dev/null +++ b/releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml @@ -0,0 +1,8 @@ +--- +fixes: + - Workaround systems getting registered as "localhost" during + RHEL registration if they don't have a fqdn set by first + rm'ing the /etc/rhsm/facts directory. When the directory does not + exist, the katello-rshm-consumer which runs when installing + the katello-ca-consumer will not set the hostname.override fact to + "localhost". See https://bugs.launchpad.net/tripleo/+bug/1711435 diff --git a/sample-env-generator/composable-roles.yaml b/sample-env-generator/composable-roles.yaml new file mode 100644 index 00000000..91d6060f --- /dev/null +++ b/sample-env-generator/composable-roles.yaml @@ -0,0 +1,174 @@ +# +# This environment generator is used to generate some sample composable role +# environment files. +# +environments: + - + name: composable-roles/monolithic-nonha + title: Monolithic Controller Non-HA deployment + description: | + A Heat environment that can be used to deploy controller and compute + services in an Non-HA configuration with SSL undercloud only and a + flat network. + This should be used with a roles_data.yaml containing the Controller, + Compute and CephStorage roles. + openstack overcloud roles generate -o ~/roles_data.yaml Controller Compute CephStorage + files: + overcloud.yaml: + parameters: + - ControllerHostnameFormat + - ComputeHostnameFormat + - CephStorageHostnameFormat + - ControllerCount + - ComputeCount + - CephStorageCount + puppet/services/time/ntp.yaml: + parameters: + - NtpServer + sample-env-generator/composable-roles.yaml: + parameters: + - DnsServers + - OvercloudControllerFlavor + - OvercloudComputeFlavor + - OvercloudCephStorageFlavor + sample_values: + ControllerCount: 1 + OvercloudControllerFlavor: control + ComputeCount: 1 + OvercloudComputeFlavor: compute + CephStorageCount: 1 + OvercloudCephStorageFlavor: ceph + + - + name: composable-roles/monolithic-ha + title: Monolithic Controller HA deployment + description: | + A Heat environment that can be used to deploy controller and compute + services in an HA configuration with SSL everywhere and network + isolation. + This should be used with a roles_data.yaml containing the Controller, + Compute and CephStorage roles. + openstack overcloud roles generate -o ~/roles_data.yaml Controller Compute CephStorage + files: + overcloud.yaml: + parameters: + - ControllerHostnameFormat + - ComputeHostnameFormat + - CephStorageHostnameFormat + - ControllerCount + - ComputeCount + - CephStorageCount + puppet/services/time/ntp.yaml: + parameters: + - NtpServer + sample-env-generator/composable-roles.yaml: + parameters: + - DnsServers + - OvercloudControllerFlavor + - OvercloudComputeFlavor + - OvercloudCephStorageFlavor + sample_values: + ControllerCount: 3 + OvercloudControllerFlavor: control + ComputeCount: 3 + OvercloudComputeFlavor: compute + CephStorageCount: 1 + OvercloudCephStorageFlavor: ceph + + - + name: composable-roles/standalone + title: Controller HA deployment with standalone Database, Messaging and Networker nodes. + description: | + A Heat environment that can be used to deploy controller, database, + messaging, networker and compute services in an HA configuration with SSL + everywhere and network isolation. + This should be used with a roles_data.yaml containing the + ControllerOpenstack, Database, Messaging, Networker, Compute and + CephStorage roles. + openstack overcloud roles generate -o ~/roles_data.yaml ControllerOpenstack Database Messaging Networker Compute CephStorage + files: + overcloud.yaml: + parameters: + - ControllerHostnameFormat + - ComputeHostnameFormat + - CephStorageHostnameFormat + - ControllerCount + - ComputeCount + - CephStorageCount + puppet/services/time/ntp.yaml: + parameters: + - NtpServer + sample-env-generator/composable-roles.yaml: + parameters: + - DnsServers + - DatabaseCount + - MessagingCount + - NetworkerCount + - OvercloudControllerFlavor + - OvercloudComputeFlavor + - OvercloudCephStorageFlavor + - OvercloudDatabaseFlavor + - OvercloudMessagingFlavor + - OvercloudNetworkerFlavor + sample_values: + ControllerCount: 3 + OvercloudControllerFlavor: control + ComputeCount: 1 + OvercloudComputeFlavor: compute + CephStorageCount: 1 + OvercloudCephStorageFlavor: ceph + DatabaseCount: 3 + OvercloudDatabaseFlavor: db + MessagingCount: 3 + OvercloudMessagingFlavor: messaging + NetworkerCount: 2 + OvercloudNetworkerFlavor: networker + + +# NOTE(aschultz): So because these are dynamic based on the roles used, we +# do not currently define these in any heat files. So we're defining them here +# so that the sample env generator can still provide these configuration items +# in the generated config files. +parameters: + DnsServers: + default: ['8.8.8.8', '8,8.4.4'] + description: DNS servers to use for the Overcloud + type: comma_delimited_list + # Dynamic vars based on roles + DatabaseCount: + default: 0 + description: Number of Database nodes + type: number + MessagingCount: + default: 0 + description: Number of Messaging nodes + type: number + NetworkerCount: + default: 0 + description: Number of Networker nodes + type: number + OvercloudControllerFlavor: + default: control + description: Name of the flavor for Controller nodes + type: string + OvercloudComputeFlavor: + default: compute + description: Name of the flavor for Compute nodes + type: string + OvercloudCephStorageFlavor: + default: compute + description: Name of the flavor for Ceph nodes + type: string + OvercloudDatabaseFlavor: + default: database + description: Name of the flavor for Database nodes + type: string + OvercloudMessagingFlavor: + default: messaging + description: Name of the flavor for Messaging nodes + type: string + OvercloudNetworkerFlavor: + default: networker + description: Name of the flavor for Networker nodes + type: string + |