aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.rst156
-rw-r--r--capabilities-map.yaml507
-rw-r--r--ci/environments/multinode-3nodes.yaml3
-rw-r--r--ci/environments/multinode-containers.yaml3
-rw-r--r--ci/environments/multinode-core.yaml1
-rw-r--r--ci/environments/multinode.yaml2
-rw-r--r--ci/environments/multinode_major_upgrade.yaml2
-rw-r--r--ci/environments/scenario001-multinode-containers.yaml3
-rw-r--r--ci/environments/scenario001-multinode.yaml2
-rw-r--r--ci/environments/scenario002-multinode-containers.yaml3
-rw-r--r--ci/environments/scenario002-multinode.yaml2
-rw-r--r--ci/environments/scenario003-multinode-containers.yaml2
-rw-r--r--ci/environments/scenario003-multinode.yaml2
-rw-r--r--ci/environments/scenario004-multinode-containers.yaml6
-rw-r--r--ci/environments/scenario004-multinode.yaml2
-rw-r--r--ci/environments/scenario007-multinode.yaml76
-rw-r--r--ci/pingtests/scenario007-multinode.yaml127
-rw-r--r--common/services.yaml195
-rw-r--r--deployed-server/deployed-server-bootstrap-centos.yaml1
-rw-r--r--deployed-server/deployed-server-bootstrap-rhel.yaml1
-rw-r--r--deployed-server/deployed-server-environment-output.yaml10
-rw-r--r--deployed-server/deployed-server-roles-data.yaml3
-rw-r--r--deployed-server/deployed-server.yaml1
-rw-r--r--docker/README-containers.md59
-rw-r--r--docker/deploy-steps-playbook.yaml8
-rwxr-xr-xdocker/docker-puppet.py4
-rw-r--r--docker/docker-steps.j262
-rw-r--r--docker/firstboot/setup_docker_host.yaml16
-rw-r--r--docker/services/aodh-api.yaml8
-rw-r--r--docker/services/aodh-evaluator.yaml8
-rw-r--r--docker/services/aodh-listener.yaml8
-rw-r--r--docker/services/aodh-notifier.yaml8
-rw-r--r--docker/services/ceph-ansible/ceph-base.yaml205
-rw-r--r--docker/services/ceph-ansible/ceph-client.yaml (renamed from puppet/services/network/contrail-provision.yaml)24
-rw-r--r--docker/services/ceph-ansible/ceph-mon.yaml86
-rw-r--r--docker/services/ceph-ansible/ceph-osd.yaml75
-rw-r--r--docker/services/cinder-api.yaml37
-rw-r--r--docker/services/cinder-backup.yaml29
-rw-r--r--docker/services/cinder-scheduler.yaml8
-rw-r--r--docker/services/cinder-volume.yaml25
-rw-r--r--docker/services/collectd.yaml4
-rw-r--r--docker/services/congress.yaml8
-rw-r--r--docker/services/containers-common.yaml6
-rw-r--r--docker/services/database/mysql-client.yaml62
-rw-r--r--docker/services/ec2-api.yaml8
-rw-r--r--docker/services/glance-api.yaml17
-rw-r--r--docker/services/gnocchi-metricd.yaml17
-rw-r--r--docker/services/gnocchi-statsd.yaml8
-rw-r--r--docker/services/haproxy.yaml42
-rw-r--r--docker/services/heat-api-cfn.yaml21
-rw-r--r--docker/services/heat-api.yaml47
-rw-r--r--docker/services/heat-engine.yaml8
-rw-r--r--docker/services/ironic-api.yaml8
-rw-r--r--docker/services/ironic-conductor.yaml8
-rw-r--r--docker/services/iscsid.yaml36
-rw-r--r--docker/services/keystone.yaml34
-rw-r--r--docker/services/manila-api.yaml8
-rw-r--r--docker/services/manila-scheduler.yaml8
-rw-r--r--docker/services/manila-share.yaml35
-rw-r--r--docker/services/mistral-api.yaml8
-rw-r--r--docker/services/mistral-engine.yaml8
-rw-r--r--docker/services/mistral-executor.yaml20
-rw-r--r--docker/services/multipathd.yaml8
-rw-r--r--docker/services/neutron-api.yaml18
-rw-r--r--docker/services/neutron-dhcp.yaml18
-rw-r--r--docker/services/neutron-l3.yaml8
-rw-r--r--docker/services/neutron-metadata.yaml18
-rw-r--r--docker/services/nova-api.yaml30
-rw-r--r--docker/services/nova-compute.yaml40
-rw-r--r--docker/services/nova-conductor.yaml8
-rw-r--r--docker/services/nova-consoleauth.yaml8
-rw-r--r--docker/services/nova-ironic.yaml14
-rw-r--r--docker/services/nova-libvirt.yaml39
-rw-r--r--docker/services/nova-migration-target.yaml124
-rw-r--r--docker/services/nova-placement.yaml10
-rw-r--r--docker/services/nova-scheduler.yaml8
-rw-r--r--docker/services/nova-vnc-proxy.yaml8
-rw-r--r--docker/services/octavia-api.yaml8
-rw-r--r--docker/services/opendaylight-api.yaml23
-rw-r--r--docker/services/pacemaker/cinder-backup.yaml34
-rw-r--r--docker/services/pacemaker/cinder-volume.yaml37
-rw-r--r--docker/services/pacemaker/database/mysql.yaml36
-rw-r--r--docker/services/pacemaker/database/redis.yaml33
-rw-r--r--docker/services/pacemaker/haproxy.yaml22
-rw-r--r--docker/services/pacemaker/rabbitmq.yaml33
-rw-r--r--docker/services/panko-api.yaml8
-rw-r--r--docker/services/sahara-api.yaml8
-rw-r--r--docker/services/sahara-engine.yaml8
-rw-r--r--docker/services/swift-storage.yaml1
-rw-r--r--docker/services/tacker.yaml8
-rw-r--r--docker/services/zaqar.yaml123
-rw-r--r--environments/ceph-ansible/ceph-ansible.yaml12
-rw-r--r--environments/cinder-dellps-config.yaml1
-rw-r--r--environments/contrail/contrail-net-storage-mgmt.yaml37
-rw-r--r--environments/contrail/contrail-net.yaml27
-rw-r--r--environments/contrail/contrail-services.yaml27
-rw-r--r--environments/contrail/roles_data_contrail.yaml17
-rw-r--r--environments/deployed-server-deployed-neutron-ports.yaml4
-rw-r--r--environments/docker-centos-tripleoupstream.yaml3
-rw-r--r--environments/docker-ha.yaml8
-rw-r--r--environments/docker-services-tls-everywhere.yaml9
-rw-r--r--environments/docker.yaml5
-rw-r--r--environments/host-config-and-reboot.j2.yaml8
-rw-r--r--environments/hyperconverged-ceph.yaml3
-rw-r--r--environments/network-isolation.j2.yaml2
-rw-r--r--environments/neutron-ml2-ovn-ha.yaml7
-rw-r--r--environments/neutron-ml2-ovn.yaml13
-rw-r--r--environments/neutron-opendaylight-dpdk.yaml22
-rw-r--r--environments/neutron-ovs-dpdk.yaml23
-rw-r--r--environments/overcloud-baremetal.j2.yaml7
-rw-r--r--environments/overcloud-services.yaml8
-rw-r--r--environments/predictable-placement/custom-domain.yaml35
-rw-r--r--environments/puppet-ceph.yaml4
-rw-r--r--environments/services-docker/octavia.yaml5
-rw-r--r--environments/split-stack-consistent-hostname-format.j2.yaml5
-rw-r--r--environments/ssl/tls-endpoints-public-dns.yaml33
-rw-r--r--environments/ssl/tls-endpoints-public-ip.yaml33
-rw-r--r--environments/ssl/tls-everywhere-endpoints-dns.yaml33
-rw-r--r--environments/storage/enable-ceph.yaml4
-rw-r--r--environments/tls-endpoints-public-dns.yaml33
-rw-r--r--environments/tls-endpoints-public-ip.yaml33
-rw-r--r--environments/tls-everywhere-endpoints-dns.yaml33
-rw-r--r--environments/undercloud.yaml2
-rw-r--r--environments/veritas-hyperscale/cinder-veritas-hyperscale-config.yaml18
-rw-r--r--environments/veritas-hyperscale/veritas-hyperscale-config.yaml31
-rw-r--r--extraconfig/all_nodes/contrail/enable_contrail_repo.yaml43
-rw-r--r--extraconfig/nova_metadata/krb-service-principals.yaml4
-rw-r--r--extraconfig/post_deploy/example_run_on_update.yaml3
-rw-r--r--extraconfig/pre_network/contrail/compute_pre_network.yaml162
-rw-r--r--extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml168
-rw-r--r--extraconfig/pre_network/host_config_and_reboot.yaml122
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker.j2.yaml1
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker_restart.yaml1
-rw-r--r--extraconfig/tasks/ssh/host_public_key.yaml1
-rw-r--r--extraconfig/tasks/tripleo_upgrade_node.sh4
-rw-r--r--firstboot/install_vrouter_kmod.yaml105
-rw-r--r--j2_excludes.yaml36
-rw-r--r--network/config/contrail/contrail-nic-config-compute.yaml (renamed from environments/contrail/contrail-nic-config-compute.yaml)0
-rw-r--r--network/config/contrail/contrail-nic-config.yaml164
-rw-r--r--network/endpoints/endpoint_data.yaml81
-rw-r--r--network/endpoints/endpoint_map.yaml2316
-rw-r--r--network/management.yaml2
-rw-r--r--network/network.network.j2.yaml92
-rw-r--r--network/networks.j2.yaml11
-rw-r--r--network/ports/ctlplane_vip.yaml4
-rw-r--r--network/ports/external.yaml2
-rw-r--r--network/ports/external_from_pool.yaml2
-rw-r--r--network/ports/external_from_pool_v6.yaml2
-rw-r--r--network/ports/external_v6.yaml2
-rw-r--r--network/ports/internal_api.yaml2
-rw-r--r--network/ports/internal_api_from_pool.yaml2
-rw-r--r--network/ports/internal_api_from_pool_v6.yaml2
-rw-r--r--network/ports/internal_api_v6.yaml2
-rw-r--r--network/ports/management.yaml2
-rw-r--r--network/ports/management_from_pool.yaml2
-rw-r--r--network/ports/management_from_pool_v6.yaml2
-rw-r--r--network/ports/management_v6.yaml2
-rw-r--r--network/ports/net_ip_map.yaml5
-rw-r--r--network/ports/net_vip_map_external.yaml4
-rw-r--r--network/ports/net_vip_map_external_v6.yaml4
-rw-r--r--network/ports/noop.yaml12
-rw-r--r--network/ports/port.network.j2.yaml72
-rw-r--r--network/ports/port_from_pool.network.j2.yaml65
-rw-r--r--network/ports/storage.yaml2
-rw-r--r--network/ports/storage_from_pool.yaml2
-rw-r--r--network/ports/storage_from_pool_v6.yaml2
-rw-r--r--network/ports/storage_mgmt.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool.yaml4
-rw-r--r--network/ports/storage_mgmt_from_pool_v6.yaml4
-rw-r--r--network/ports/storage_mgmt_v6.yaml2
-rw-r--r--network/ports/storage_v6.yaml2
-rw-r--r--network/ports/tenant.yaml2
-rw-r--r--network/ports/tenant_from_pool.yaml2
-rw-r--r--network/ports/tenant_from_pool_v6.yaml2
-rw-r--r--network/ports/tenant_v6.yaml2
-rw-r--r--network/ports/vip.yaml2
-rw-r--r--network/ports/vip_v6.yaml2
-rw-r--r--network_data.yaml37
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml7
-rw-r--r--overcloud.j2.yaml6
-rw-r--r--puppet/all-nodes-config.yaml1
-rw-r--r--puppet/blockstorage-role.yaml2
-rw-r--r--puppet/cephstorage-role.yaml2
-rw-r--r--puppet/compute-role.yaml2
-rw-r--r--puppet/controller-role.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml (renamed from puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml)64
-rw-r--r--puppet/major_upgrade_steps.j2.yaml3
-rw-r--r--puppet/objectstorage-role.yaml2
-rw-r--r--puppet/puppet-steps.j25
-rw-r--r--puppet/role.role.j2.yaml33
-rw-r--r--puppet/services/aodh-api.yaml5
-rw-r--r--puppet/services/ceilometer-agent-compute.yaml5
-rw-r--r--puppet/services/ceilometer-base.yaml2
-rw-r--r--puppet/services/ceph-mon.yaml4
-rw-r--r--puppet/services/ceph-rgw.yaml2
-rw-r--r--puppet/services/cinder-backend-dellps.yaml4
-rw-r--r--puppet/services/cinder-backend-veritas-hyperscale.yaml56
-rw-r--r--puppet/services/congress.yaml1
-rw-r--r--puppet/services/database/mongodb-base.yaml4
-rw-r--r--puppet/services/database/mysql.yaml6
-rw-r--r--puppet/services/database/redis-base.yaml2
-rw-r--r--puppet/services/docker.yaml19
-rw-r--r--puppet/services/ec2-api.yaml2
-rw-r--r--puppet/services/external-swift-proxy.yaml2
-rw-r--r--puppet/services/haproxy.yaml2
-rw-r--r--puppet/services/heat-api-cfn.yaml4
-rw-r--r--puppet/services/heat-api-cloudwatch.yaml2
-rw-r--r--puppet/services/heat-api.yaml2
-rw-r--r--puppet/services/iscsid.yaml41
-rw-r--r--puppet/services/keystone.yaml1
-rw-r--r--puppet/services/manila-scheduler.yaml2
-rw-r--r--puppet/services/monitoring/sensu-base.yaml2
-rw-r--r--puppet/services/monitoring/sensu-client.yaml3
-rw-r--r--puppet/services/network/contrail-analytics.yaml31
-rw-r--r--puppet/services/network/contrail-base.yaml100
-rw-r--r--puppet/services/network/contrail-config.yaml8
-rw-r--r--puppet/services/network/contrail-control.yaml5
-rw-r--r--puppet/services/network/contrail-dpdk.yaml82
-rw-r--r--puppet/services/network/contrail-neutron-plugin.yaml4
-rw-r--r--puppet/services/network/contrail-tsn.yaml17
-rw-r--r--puppet/services/network/contrail-vrouter.yaml16
-rw-r--r--puppet/services/network/contrail-webui.yaml12
-rw-r--r--puppet/services/neutron-api.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-l3-compute-dvr.yaml1
-rw-r--r--puppet/services/neutron-l3.yaml1
-rw-r--r--puppet/services/neutron-ovs-agent.yaml6
-rw-r--r--puppet/services/neutron-plugin-ml2.yaml4
-rw-r--r--puppet/services/nova-api.yaml2
-rw-r--r--puppet/services/nova-base.yaml2
-rw-r--r--puppet/services/nova-compute.yaml21
-rw-r--r--puppet/services/nova-conductor.yaml2
-rw-r--r--puppet/services/nova-libvirt.yaml38
-rw-r--r--puppet/services/nova-migration-target.yaml57
-rw-r--r--puppet/services/nova-placement.yaml2
-rw-r--r--puppet/services/opendaylight-api.yaml5
-rw-r--r--puppet/services/ovn-controller.yaml (renamed from puppet/services/neutron-compute-plugin-ovn.yaml)24
-rw-r--r--puppet/services/ovn-dbs.yaml14
-rw-r--r--puppet/services/pacemaker.yaml19
-rw-r--r--puppet/services/rabbitmq.yaml2
-rw-r--r--puppet/services/swift-proxy.yaml2
-rw-r--r--puppet/services/swift-storage.yaml1
-rw-r--r--puppet/services/tacker.yaml1
-rw-r--r--puppet/services/tripleo-packages.yaml2
-rw-r--r--puppet/services/tuned.yaml50
-rw-r--r--puppet/services/veritas-hyperscale-controller.yaml106
-rw-r--r--puppet/services/zaqar.yaml83
-rw-r--r--releasenotes/notes/ceph-ansible-workflow-70f7d52faf4cd419.yaml14
-rw-r--r--releasenotes/notes/cleanup-odl-clustering-93a3ec132f3c2343.yaml6
-rw-r--r--releasenotes/notes/composable-veritas-hyperscale-driver-e7f0a35d7d9a8df1.yaml3
-rw-r--r--releasenotes/notes/computeovsdpdk-role-67d53a405ce4174b.yaml4
-rw-r--r--releasenotes/notes/contrail-bugfixes-and-dpdk-enabling-0233a06e23259660.yaml9
-rw-r--r--releasenotes/notes/opendaylight-manage-repos-9eaf900c08e8d96f.yaml5
-rw-r--r--releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml5
-rw-r--r--releasenotes/notes/ps-san_private_key-5aa111e7907ba600.yaml4
-rw-r--r--releasenotes/notes/systemd-d9a41bb3709d0653.yaml9
-rw-r--r--releasenotes/notes/tuned-service-650c0eec1cf12a4d.yaml4
-rw-r--r--releasenotes/notes/zaqar_backends-ccf8adfd24a17bf5.yaml5
-rw-r--r--releasenotes/notes/zaqar_undercloud_backends-f63224a2a3aa684e.yaml5
-rw-r--r--releasenotes/source/conf.py2
-rw-r--r--roles/BlockStorage.yaml2
-rw-r--r--roles/CephStorage.yaml1
-rw-r--r--roles/Compute.yaml3
-rw-r--r--roles/ComputeHCI.yaml3
-rw-r--r--roles/ComputeOvsDpdk.yaml41
-rw-r--r--roles/Controller.yaml3
-rw-r--r--roles/ControllerOpenstack.yaml3
-rw-r--r--roles/Database.yaml2
-rw-r--r--roles/IronicConductor.yaml1
-rw-r--r--roles/Messaging.yaml1
-rw-r--r--roles/Networker.yaml2
-rw-r--r--roles/ObjectStorage.yaml1
-rw-r--r--roles/README.rst3
-rw-r--r--roles/Telemetry.yaml2
-rw-r--r--roles/Undercloud.yaml2
-rw-r--r--roles_data.yaml10
-rw-r--r--roles_data_undercloud.yaml2
-rw-r--r--sample-env-generator/predictable-placement.yaml15
-rw-r--r--sample-env-generator/storage.yaml4
-rw-r--r--test-requirements.txt2
-rwxr-xr-xtools/process-templates.py41
-rwxr-xr-xtools/yaml-validate.py165
282 files changed, 4560 insertions, 3912 deletions
diff --git a/README.rst b/README.rst
index 988a0d86..f670fa60 100644
--- a/README.rst
+++ b/README.rst
@@ -64,80 +64,82 @@ Service testing matrix
The configuration for the CI scenarios will be defined in `tripleo-heat-templates/ci/`
and should be executed according to the following table:
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha |
-+================+=============+=============+=============+=============+=================+
-| keystone | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| glance | rbd | swift | file | swift + rbd | swift |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| cinder | rbd | iscsi | | | iscsi |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| heat | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| mysql | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| neutron | ovs | ovs | ovs | ovs | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| neutron-bgpvpn | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| neutron-l2gw | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| rabbitmq | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| mongodb | X | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| redis | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| haproxy | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| keepalived | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| memcached | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| pacemaker | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| nova | qemu | qemu | qemu | qemu | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| ntp | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| snmp | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| timezone | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| sahara | | | X | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| mistral | | | X | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| swift | | X | | | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| aodh | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| ceilometer | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| gnocchi | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| panko | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| barbican | | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| zaqar | | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| ec2api | | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| cephrgw | | X | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| tacker | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| congress | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| cephmds | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| manila | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| collectd | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| fluentd | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| sensu-client | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
++----------------+-------------+-------------+-------------+-------------+-----------------++-------------+
+| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha | scenario007 |
++================+=============+=============+=============+=============+=================+==============+
+| keystone | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| glance | rbd | swift | file | swift + rbd | swift | file |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| cinder | rbd | iscsi | | | iscsi | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| heat | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| mysql | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| neutron | ovs | ovs | ovs | ovs | X | ovn |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| neutron-bgpvpn | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ovn | | | | | | X |
++---------------------------------------------------------------------------------------------------------+
+| neutron-l2gw | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| rabbitmq | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| mongodb | X | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| redis | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| haproxy | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| keepalived | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| memcached | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| pacemaker | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| nova | qemu | qemu | qemu | qemu | X | qemu |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ntp | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| snmp | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| timezone | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| sahara | | | X | | | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| mistral | | | X | | | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| swift | | X | | | X | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| aodh | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ceilometer | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| gnocchi | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| panko | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| barbican | | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| zaqar | | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ec2api | | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| cephrgw | | X | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| tacker | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| congress | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| cephmds | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| manila | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| collectd | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| fluentd | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| sensu-client | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
diff --git a/capabilities-map.yaml b/capabilities-map.yaml
index d0ec0152..fdf2ad63 100644
--- a/capabilities-map.yaml
+++ b/capabilities-map.yaml
@@ -10,13 +10,13 @@
# environment_groups: (required)
# environment_groups:
-# Identifies an environment choice. If group includes multiple environments it
-# indicates that environments in group are mutually exclusive.
+# Identifies a group of environments.
# Attributes:
# title: (optional)
# description: (optional)
# tags: a list of tags to provide additional information for e.g. filtering (optional)
# environments: (required)
+# mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive
# environments:
# List of environments in environment group
@@ -25,149 +25,37 @@
# title: (required)
# description: (optional)
# requires: an array of environments which are required by this environment (optional)
-# resource_registry: [tbd] (optional)
-
-# resource_registry:
-# [tbd] Each environment can provide options on resource_registry level applicable
-# only when that given environment is used. (resource_type of that environment can
-# be implemented using multiple templates).
topics:
- - title: Base Resources Configuration
+ - title: General Deployment Options
description:
environment_groups:
- - title:
- description: Enable base configuration for all resources required for OpenStack Deployment
+ - name: general-deployment-options
+ title:
+ description: Enables base configuration for all resources required for OpenStack Deployment
environments:
- file: overcloud-resource-registry-puppet.yaml
title: Base resources configuration
description:
-
- - title: Deployment Options
- description:
- environment_groups:
- - title: High Availability
- description: Enables configuration of an Overcloud controller with Pacemaker
- environments:
- - file: environments/puppet-pacemaker.yaml
- title: Pacemaker
- description: Enable configuration of an Overcloud controller with Pacemaker
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Pacemaker options
- description:
- environments:
- - file: environments/puppet-pacemaker-no-restart.yaml
- title: Pacemaker No Restart
- description:
- requires:
- - environments/puppet-pacemaker.yaml
- - overcloud-resource-registry-puppet.yaml
- - title: Docker RDO
+ - title: Containerized Deployment
description: >
- Docker container with heat agents for containerized compute node
+ Configures Deployment to use containerized services
environments:
- file: environments/docker.yaml
- title: Docker RDO
+ title: Containerized Deployment
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Enable TLS
- description: >
- environments:
- - file: environments/enable-tls.yaml
- title: TLS
- description: >
- Use this option to pass in certificates for SSL deployments.
- For these values to take effect, one of the TLS endpoints
- environments must also be used.
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: TLS Endpoints
- description: >
- environments:
- - file: environments/tls-endpoints-public-dns.yaml
- title: SSL-enabled deployment with DNS name as public endpoint
- description: >
- Use this environment when deploying an SSL-enabled overcloud where the public
- endpoint is a DNS name.
- requires:
- - environments/enable-tls.yaml
- - overcloud-resource-registry-puppet.yaml
- - file: environments/tls-endpoints-public-ip.yaml
- title: SSL-enabled deployment with IP address as public endpoint
- description: >
- Use this environment when deploying an SSL-enabled overcloud where the public
- endpoint is an IP address.
- requires:
- - environments/enable-tls.yaml
- - overcloud-resource-registry-puppet.yaml
- - title: External load balancer
- description: >
- Enable external load balancer
- environments:
- - file: environments/external-loadbalancer-vip-v6.yaml
- title: External load balancer IPv6
- description: >
- requires:
- - overcloud-resource-registry-puppet.yaml
- - file: environments/external-loadbalancer-vip.yaml
- title: External load balancer IPv4
- description: >
- requires:
- - overcloud-resource-registry-puppet.yaml
-
- - title: Additional Services
- description: Deploy additional Overcloud services
- environment_groups:
- - title: Manila
- description:
- environments:
- - file: environments/manila-generic-config.yaml
- title: Manila
- description: Enable Manila generic driver backend
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Sahara
- description:
- environments:
- - file: environments/services/sahara.yaml
- title: Sahara
- description: Deploy Sahara service
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Ironic
- description:
- environments:
- - file: environments/services/ironic.yaml
- title: Ironic
- description: Deploy Ironic service
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Mistral
- description:
- environments:
- - file: environments/services/mistral.yaml
- title: Mistral
- description: Deploy Mistral service
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Ceilometer Api
- description:
+ - title: High Availability
+ description: Enables configuration of an Overcloud Controller with Pacemaker
environments:
- - file: environments/services/disable-ceilometer-api.yaml
- title: Ceilometer Api
- description: Disable Ceilometer Api service. This service is
- deprecated and will be removed in future releases. Please move
- to using gnocchi/aodh/panko apis instead.
+ - file: environments/puppet-pacemaker.yaml
+ title: High Availability (Pacemaker)
+ description:
requires:
- overcloud-resource-registry-puppet.yaml
- # - title: Network Interface Configuration
- # description:
- # environment_groups:
-
- - title: Overlay Network Configuration
+ - title: Network Configuration
description:
environment_groups:
- title: Network Isolation
@@ -189,10 +77,12 @@ topics:
to that role) on these networks.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Single NIC or Bonding
+ mutually_exclusive: true
+ - title: NICs, Bonding, VLANs Configuration
description: >
- Configure roles to use pair of bonded nics or to use Vlans on a
- single nic. This option assumes use of Network Isolation.
+ Choose one of the pre-defined configurations or provide custom
+ network-environment.yaml instead. Note that pre-defined configuration work
+ only with standard Roles and Networks. These options assume use of Network Isolation.
environments:
- file: environments/net-bond-with-vlans.yaml
title: Bond with Vlans
@@ -202,7 +92,6 @@ topics:
for each role. This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-bond-with-vlans-no-external.yaml
title: Bond with Vlans No External Ports
description: >
@@ -212,7 +101,6 @@ topics:
Sets external ports to noop.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-bond-with-vlans-v6.yaml
title: Bond with Vlans IPv6
description: >
@@ -222,7 +110,6 @@ topics:
This option assumes use of Network Isolation IPv6.
requires:
- environments/network-isolation-v6.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-multiple-nics.yaml
title: Multiple NICs
description: >
@@ -231,7 +118,6 @@ topics:
This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-multiple-nics-v6.yaml
title: Multiple NICs IPv6
description: >
@@ -240,7 +126,6 @@ topics:
This option assumes use of Network Isolation IPv6.
requires:
- environments/network-isolation-v6.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-with-vlans.yaml
title: Single NIC with Vlans
description: >
@@ -248,7 +133,6 @@ topics:
each isolated network. This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-with-vlans-no-external.yaml
title: Single NIC with Vlans No External Ports
description: >
@@ -257,7 +141,6 @@ topics:
Sets external ports to noop.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-linux-bridge-with-vlans.yaml
title: Single NIC with Linux Bridge Vlans
description: >
@@ -265,7 +148,6 @@ topics:
each isolated network. This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-with-vlans-v6.yaml
title: Single NIC with Vlans IPv6
description: >
@@ -274,7 +156,7 @@ topics:
This option assumes use of Network Isolation IPv6
requires:
- environments/network-isolation-v6.yaml
- - overcloud-resource-registry-puppet.yaml
+ mutually_exclusive: true
- title: Management Network
description: >
Enable the creation of a system management network. This
@@ -292,6 +174,35 @@ topics:
description:
requires:
- overcloud-resource-registry-puppet.yaml
+ mutually_exclusive: true
+
+ - title: Docker Network
+ description: >
+ [Temporary] Use this option when deploying containerized deployment
+ without network isolation
+ environments:
+ - file: environments/docker-network.yaml
+ title: Docker network
+ description:
+ requires:
+ - environments/docker.yaml
+
+ - title: External load balancer
+ description: >
+ Enable external load balancer, requires network Isolation to be enabled.
+ Note that this option assumes standard isolated networks set.
+ environments:
+ - file: environments/external-loadbalancer-vip.yaml
+ title: External load balancer IPv4
+ description: >
+ requires:
+ - environments/network-isolation.yaml
+ - file: environments/external-loadbalancer-vip-v6.yaml
+ title: External load balancer IPv6
+ description: >
+ requires:
+ - environments/network-isolation-v6.yaml
+ mutually_exclusive: true
- title: Neutron Plugin Configuration
description:
@@ -327,8 +238,8 @@ topics:
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - file: environments/neutron-midonet.yaml
- title: Deploy MidoNet Services
+ - file: environments/networking/neutron-midonet.yaml
+ title: Neutron MidoNet Services
description:
requires:
- overcloud-resource-registry-puppet.yaml
@@ -378,34 +289,10 @@ topics:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Nova Extensions
- description:
- environment_groups:
- - title: Nova Extensions
- description:
- environments:
- - file: environments/nova-nuage-config.yaml
- title: Nuage backend
- description: >
- Enables Nuage backend on the Compute
- requires:
- - overcloud-resource-registry-puppet.yaml
-
- title: Storage
description:
environment_groups:
- - title: Cinder backup service
- description:
- environments:
- - file: environments/cinder-backup.yaml
- title: Cinder backup service
- description: >
- OpenStack Cinder Backup service with Pacemaker configured
- with Puppet
- requires:
- - environments/puppet-pacemaker.yaml
- - overcloud-resource-registry-puppet.yaml
- - title: Cinder backend
+ - title: Cinder backends
description: >
Enable various Cinder backends
environments:
@@ -414,7 +301,7 @@ topics:
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - file: environments/cinder-netapp-config.yaml
+ - file: environments/storage/cinder-netapp-config.yaml
title: Cinder NetApp backend
description:
requires:
@@ -422,22 +309,19 @@ topics:
- file: environments/cinder-dellsc-config.yaml
title: Cinder Dell EMC Storage Center ISCSI backend
description: >
- Enables a Cinder Dell EMC Storage Center ISCSI backend,
- configured via puppet
+ Enables a Cinder Dell EMC Storage Center ISCSI backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-hpelefthand-config.yaml
title: Cinder HPELeftHandISCSI backend
description: >
- Enables a Cinder HPELeftHandISCSI backend, configured
- via puppet
+ Enables a Cinder HPELeftHandISCSI backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-dellps-config.yaml
title: Cinder Dell EMC PS Series backend
description: >
- Enables a Cinder Dell EMC PS Series backend,
- configured via puppet
+ Enables a Cinder Dell EMC PS Series backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-iser.yaml
@@ -447,110 +331,209 @@ topics:
- file: environments/cinder-scaleio-config.yaml
title: Cinder Dell EMC ScaleIO backend
description: >
- Enables a Cinder Dell EMC ScaleIO backend,
+ Enables a Cinder Dell EMC ScaleIO backend
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/cinder-veritas-hyperscale-config.yaml
+ title: Cinder Veritas HyperScale backend
+ description: >
+ Enables a Cinder Veritas HyperScale backend,
configured via puppet
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Ceph
- description: >
- Enable the use of Ceph in the overcloud
+ - title: Cinder backup service
+ description:
environments:
- - file: environments/puppet-ceph-external.yaml
- title: Externally managed Ceph
+ - file: environments/cinder-backup.yaml
+ title: Cinder backup service
description: >
- Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
+ OpenStack Cinder Backup service with Pacemaker
requires:
+ - environments/puppet-pacemaker.yaml
- overcloud-resource-registry-puppet.yaml
+ - title: Ceph
+ description: >
+ Enable the use of Ceph in the overcloud
+ environments:
- file: environments/puppet-ceph.yaml
- title: TripleO managed Ceph
+ title: Ceph Storage Backend
description: >
Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: CephMDS
- description: >
- Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
- filesystems hosted in Ceph.
+ - file: environments/storage/external-ceph.yaml
+ title: Externally managed Ceph
+ description: >
+ Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ mutually_exclusive: true
+ - title: Additional Ceph Options
+ description:
environments:
- file: environments/services/ceph-mds.yaml
title: Deploys CephMDS
- description:
+ description: >
+ Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
+ filesystems hosted in Ceph.
requires:
- environments/puppet-ceph.yaml
- - title: Ceph Rados Gateway
- description: >
- Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
- which stores data in the Ceph cluster.
- environments:
- file: environments/ceph-radosgw.yaml
- title: Deploys CephRGW
- description:
+ title: Ceph Rados Gateway
+ description: >
+ Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
+ which stores data in the Ceph cluster.
requires:
- environments/puppet-ceph.yaml
- - title: Manila with CephFS
- description: >
- Deploys Manila and configures it with the CephFS driver. This requires the deployment of
- Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
- environments:
- file: environments/manila-cephfsnative-config.yaml
- title: Deploys Manila with CephFS driver
- description: Deploys Manila and configures CephFS as its default backend.
+ title: Manila with CephFS
+ description: >
+ Deploys Manila and configures it with the CephFS driver. This requires the deployment of
+ Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Storage Environment
- description: >
- Can be used to set up storage backends. Defaults to Ceph used as a
- backend for Cinder, Glance, Nova ephemeral storage and Gnocchi. It
- configures which services will use Ceph, or if any of the services
- will use NFS. And more. Usually requires to be edited by user first.
- tags:
- - no-gui
+ - title: Glance backends
+ description:
environments:
- - file: environments/storage-environment.yaml
- title: Storage Environment
- description:
+ - file: environments/storage/glance-nfs.yaml
+ title: Glance NFS Backend
+ description: |
+ Configure and enable this option to enable the use of an NFS
+ share as the backend for Glance.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Utilities
- description:
+
+ - title: Security
+ description: Security Hardening Options
environment_groups:
- - title: Config Debug
- description: Enable config management (e.g. Puppet) debugging
+ - title: TLS
+ description:
environments:
- - file: environments/config-debug.yaml
- title: Config Debug
+ - file: environments/ssl/enable-tls.yaml
+ title: SSL on OpenStack Public Endpoints
+ description: >
+ Use this option to pass in certificates for SSL deployments.
+ For these values to take effect, one of the TLS endpoints
+ options must also be used.
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: TLS Endpoints
+ description:
+ environments:
+ - file: environments/ssl/tls-endpoints-public-dns.yaml
+ title: SSL-enabled deployment with DNS name as public endpoint
+ description: >
+ Use this option when deploying an SSL-enabled overcloud where the public
+ endpoint is a DNS name.
+ requires:
+ - environments/ssl/enable-tls.yaml
+ - file: environments/ssl/tls-everywhere-endpoints-dns.yaml
+ title: Deploy All SSL Endpoints as DNS names
+ description: >
+ Use this option when deploying an overcloud where all the endpoints are
+ DNS names and there's TLS in all endpoint types.
+ requires:
+ - environments/ssl/enable-tls.yaml
+ - file: environments/ssl/tls-endpoints-public-ip.yaml
+ title: SSL-enabled deployment with IP address as public endpoint
+ description: >
+ Use this option when deploying an SSL-enabled overcloud where the public
+ endpoint is an IP address.
+ requires:
+ - environments/ssl/enable-tls.yaml
+ mutually_exclusive: true
+ - title: SSH Banner Text
+ description: Enables population of SSH Banner Text
+ environments:
+ - file: environments/sshd-banner.yaml
+ title: SSH Banner Text
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Disable journal in MongoDb
- description: >
- Since, when journaling is enabled, MongoDb will create big journal
- file it can take time. In a CI environment for example journaling is
- not necessary.
+ - title: Horizon Password Validation
+ description: Enable Horizon Password validation
environments:
- - file: environments/mongodb-nojournal.yaml
- title: Disable journal in MongoDb
+ - file: environments/horizon_password_validation.yaml
+ title: Horizon Password Validation
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Overcloud Steps
- description: >
- Specifies hooks/breakpoints where overcloud deployment should stop
- Allows operator validation between steps, and/or more granular control.
- Note: the wildcards relate to naming convention for some resource suffixes,
- e.g see puppet/*-post.yaml, enabling this will mean we wait for
- a user signal on every *Deployment_StepN resource defined in those files.
- tags:
- - no-gui
+ - title: AuditD Rules
+ description: Management of AuditD rules
environments:
- - file: environments/overcloud-steps.yaml
- title: Overcloud Steps
+ - file: environments/auditd.yaml
+ title: AuditD Rule Management
description:
requires:
- overcloud-resource-registry-puppet.yaml
+ - title: Keystone CADF auditing
+ description: Enable CADF notifications in Keystone for auditing
+ environments:
+ - file: environments/cadf.yaml
+ title: Keystone CADF auditing
+ - title: SecureTTY Values
+ description: Set values within /etc/securetty
+ environments:
+ - file: environments/securetty.yaml
+ title: SecureTTY Values
+
+ - title: Additional Services
+ description:
+ environment_groups:
+ - title:
+ description: Deploy additional services
+ environments:
+ - file: environments/services/manila-generic-config.yaml
+ title: Barbican
+ description: Enable Barbican with the default secret store backend
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/manila-generic-config.yaml
+ title: Manila
+ description: Enable Manila with generic driver backend
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/sahara.yaml
+ title: Sahara
+ description: Deploy Sahara service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/ironic.yaml
+ title: Ironic
+ description: Deploy Ironic service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/mistral.yaml
+ title: Mistral
+ description: Deploy Mistral service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/ec2-api.yaml
+ title: EC2 API
+ description: Enable EC2-API service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/zaqar.yaml
+ title: Zaqar
+ description: Deploy Zaqar service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+
+ - title: Nova Extensions
+ description:
+ environment_groups:
+ - title: Nova Extensions
+ description:
+ environments:
+ - file: environments/nova-nuage-config.yaml
+ title: Nuage backend
+ description: >
+ Enables Nuage backend on the Compute
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- title: Operational Tools
description:
@@ -559,7 +542,7 @@ topics:
description: Enable monitoring agents
environments:
- file: environments/monitoring-environment.yaml
- title: Enable monitoring agents
+ title: Monitoring agents
description:
requires:
- overcloud-resource-registry-puppet.yaml
@@ -567,7 +550,7 @@ topics:
description: Enable centralized logging clients (fluentd)
environments:
- file: environments/logging-environment.yaml
- title: Enable fluentd client
+ title: fluentd client
description:
requires:
- overcloud-resource-registry-puppet.yaml
@@ -575,45 +558,45 @@ topics:
description: Enable performance monitoring agents
environments:
- file: environments/collectd-environment.yaml
- title: Enable performance monitoring agents
+ title: Performance monitoring agents
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Security Options
- description: Security Hardening Options
+ - title: Utilities
+ description:
environment_groups:
- - title: SSH Banner Text
- description: Enables population of SSH Banner Text
+ - title: Config Debug
+ description: Enable config management (e.g. Puppet) debugging
environments:
- - file: environments/sshd-banner.yaml
- title: SSH Banner Text
+ - file: environments/config-debug.yaml
+ title: Config Debug
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Horizon Password Validation
- description: Enable Horizon Password validation
+ - title: Disable journal in MongoDb
+ description: >
+ Since, when journaling is enabled, MongoDb will create big journal
+ file it can take time. In a CI environment for example journaling is
+ not necessary.
environments:
- - file: environments/horizon_password_validation.yaml
- title: Horizon Password Validation
+ - file: environments/mongodb-nojournal.yaml
+ title: Disable journal in MongoDb
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: AuditD Rules
- description: Management of AuditD rules
+ - title: Overcloud Steps
+ description: >
+ Specifies hooks/breakpoints where overcloud deployment should stop
+ Allows operator validation between steps, and/or more granular control.
+ Note: the wildcards relate to naming convention for some resource suffixes,
+ e.g see puppet/*-post.yaml, enabling this will mean we wait for
+ a user signal on every *Deployment_StepN resource defined in those files.
+ tags:
+ - no-gui
environments:
- - file: environments/auditd.yaml
- title: AuditD Rule Management
+ - file: environments/overcloud-steps.yaml
+ title: Overcloud Steps
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Keystone CADF auditing
- description: Enable CADF notifications in Keystone for auditing
- environments:
- - file: environments/cadf.yaml
- title: Keystone CADF auditing
- - title: SecureTTY Values
- description: Set values within /etc/securetty
- environments:
- - file: environments/securetty.yaml
- title: SecureTTY Values
diff --git a/ci/environments/multinode-3nodes.yaml b/ci/environments/multinode-3nodes.yaml
index ef51a779..e040b015 100644
--- a/ci/environments/multinode-3nodes.yaml
+++ b/ci/environments/multinode-3nodes.yaml
@@ -55,8 +55,10 @@
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
- name: Controller
CountDefault: 1
@@ -79,3 +81,4 @@
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
diff --git a/ci/environments/multinode-containers.yaml b/ci/environments/multinode-containers.yaml
index d2550365..7768c4f0 100644
--- a/ci/environments/multinode-containers.yaml
+++ b/ci/environments/multinode-containers.yaml
@@ -16,6 +16,7 @@ resource_registry:
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
@@ -59,7 +60,9 @@ parameter_defaults:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/multinode-core.yaml b/ci/environments/multinode-core.yaml
index b5316f1b..0dd59e96 100644
--- a/ci/environments/multinode-core.yaml
+++ b/ci/environments/multinode-core.yaml
@@ -21,6 +21,7 @@ parameters:
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
resources:
diff --git a/ci/environments/multinode.yaml b/ci/environments/multinode.yaml
index 72b1bc41..2b25e58e 100644
--- a/ci/environments/multinode.yaml
+++ b/ci/environments/multinode.yaml
@@ -57,7 +57,9 @@ parameter_defaults:
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/multinode_major_upgrade.yaml b/ci/environments/multinode_major_upgrade.yaml
index ba5e3335..d8f71414 100644
--- a/ci/environments/multinode_major_upgrade.yaml
+++ b/ci/environments/multinode_major_upgrade.yaml
@@ -54,9 +54,11 @@ parameter_defaults:
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario001-multinode-containers.yaml b/ci/environments/scenario001-multinode-containers.yaml
index 89339d10..73dc5b14 100644
--- a/ci/environments/scenario001-multinode-containers.yaml
+++ b/ci/environments/scenario001-multinode-containers.yaml
@@ -26,6 +26,7 @@ resource_registry:
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
@@ -62,6 +63,7 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::Redis
- OS::TripleO::Services::AodhApi
@@ -89,6 +91,7 @@ parameter_defaults:
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml
index 8abd079f..54eef744 100644
--- a/ci/environments/scenario001-multinode.yaml
+++ b/ci/environments/scenario001-multinode.yaml
@@ -60,6 +60,7 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::Redis
- OS::TripleO::Services::AodhApi
@@ -87,6 +88,7 @@ parameter_defaults:
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario002-multinode-containers.yaml b/ci/environments/scenario002-multinode-containers.yaml
index b795535a..d300f773 100644
--- a/ci/environments/scenario002-multinode-containers.yaml
+++ b/ci/environments/scenario002-multinode-containers.yaml
@@ -19,6 +19,7 @@ resource_registry:
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
@@ -53,6 +54,7 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
@@ -67,6 +69,7 @@ parameter_defaults:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml
index 220979b9..cdbcbfd6 100644
--- a/ci/environments/scenario002-multinode.yaml
+++ b/ci/environments/scenario002-multinode.yaml
@@ -52,6 +52,7 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
@@ -66,6 +67,7 @@ parameter_defaults:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario003-multinode-containers.yaml b/ci/environments/scenario003-multinode-containers.yaml
index 71daf8ec..e3789ea8 100644
--- a/ci/environments/scenario003-multinode-containers.yaml
+++ b/ci/environments/scenario003-multinode-containers.yaml
@@ -20,6 +20,7 @@ resource_registry:
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
@@ -62,6 +63,7 @@ parameter_defaults:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario003-multinode.yaml b/ci/environments/scenario003-multinode.yaml
index 7a72562c..5e797b40 100644
--- a/ci/environments/scenario003-multinode.yaml
+++ b/ci/environments/scenario003-multinode.yaml
@@ -50,6 +50,7 @@ parameter_defaults:
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::SaharaApi
- OS::TripleO::Services::SaharaEngine
@@ -59,6 +60,7 @@ parameter_defaults:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario004-multinode-containers.yaml b/ci/environments/scenario004-multinode-containers.yaml
index c2a2331c..6d795f97 100644
--- a/ci/environments/scenario004-multinode-containers.yaml
+++ b/ci/environments/scenario004-multinode-containers.yaml
@@ -16,8 +16,7 @@ resource_registry:
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
OS::TripleO::Services::ManilaApi: ../../docker/services/manila-api.yaml
OS::TripleO::Services::ManilaScheduler: ../../docker/services/manila-scheduler.yaml
- # NOTE: being containerized here: https://review.openstack.org/#/c/471527/
- OS::TripleO::Services::ManilaShare: ../../puppet/services/manila-share.yaml
+ OS::TripleO::Services::ManilaShare: ../../docker/services/manila-share.yaml
OS::TripleO::Services::ManilaBackendCephFs: ../../puppet/services/manila-backend-cephfs.yaml
# TODO: containerize NeutronBgpVpnApi
OS::TripleO::Services::NeutronBgpVpnApi: ../../puppet/services/neutron-bgpvpn-api.yaml
@@ -30,6 +29,7 @@ resource_registry:
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
@@ -74,9 +74,11 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario004-multinode.yaml b/ci/environments/scenario004-multinode.yaml
index a15db896..bd30347a 100644
--- a/ci/environments/scenario004-multinode.yaml
+++ b/ci/environments/scenario004-multinode.yaml
@@ -74,9 +74,11 @@ parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
diff --git a/ci/environments/scenario007-multinode.yaml b/ci/environments/scenario007-multinode.yaml
new file mode 100644
index 00000000..dd73f476
--- /dev/null
+++ b/ci/environments/scenario007-multinode.yaml
@@ -0,0 +1,76 @@
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Disable neutron services not required for OVN and enable services required for OVN.
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
+ OS::TripleO::Services::OVNController: ../../puppet/services/ovn-controller.yaml
+ OS::TripleO::Services::OVNDBs: ../../puppet/services/ovn-dbs.yaml
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Sshd
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ # For OVN.
+ NeutronMechanismDrivers: ovn
+ OVNVifType: ovs
+ OVNNeutronSyncMode: log
+ OVNQosDriver: ovn-qos
+ OVNTunnelEncapType: geneve
+ NeutronEnableDHCPAgent: false
+ NeutronTypeDrivers: 'geneve,vlan,flat,vxlan'
+ NeutronNetworkType: 'geneve'
+ NeutronServicePlugins: 'qos,networking_ovn.l3.l3_ovn.OVNL3RouterPlugin'
+ NeutronVniRanges: ['1:65536', ]
+ OVNBridgeMappings: 'datacentre:br-ex'
+ Debug: true
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ KeystoneTokenProvider: 'fernet'
+ SwiftCeilometerPipelineEnabled: false
diff --git a/ci/pingtests/scenario007-multinode.yaml b/ci/pingtests/scenario007-multinode.yaml
new file mode 100644
index 00000000..b7d6213b
--- /dev/null
+++ b/ci/pingtests/scenario007-multinode.yaml
@@ -0,0 +1,127 @@
+heat_template_version: pike
+
+description: >
+ HOT template to created resources deployed by scenario007.
+parameters:
+ key_name:
+ type: string
+ description: Name of keypair to assign to servers
+ default: 'pingtest_key'
+ image:
+ type: string
+ description: Name of image to use for servers
+ default: 'pingtest_image'
+ public_net_name:
+ type: string
+ default: 'nova'
+ description: >
+ ID or name of public network for which floating IP addresses will be allocated
+ private_net_name:
+ type: string
+ description: Name of private network to be created
+ default: 'default-net'
+ private_net_cidr:
+ type: string
+ description: Private network address (CIDR notation)
+ default: '192.168.2.0/24'
+ private_net_gateway:
+ type: string
+ description: Private network gateway address
+ default: '192.168.2.1'
+ private_net_pool_start:
+ type: string
+ description: Start of private network IP address allocation pool
+ default: '192.168.2.100'
+ private_net_pool_end:
+ type: string
+ default: '192.168.2.200'
+ description: End of private network IP address allocation pool
+
+resources:
+
+ key_pair:
+ type: OS::Nova::KeyPair
+ properties:
+ save_private_key: true
+ name: {get_param: key_name }
+
+ private_net:
+ type: OS::Neutron::Net
+ properties:
+ name: { get_param: private_net_name }
+
+ private_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network_id: { get_resource: private_net }
+ cidr: { get_param: private_net_cidr }
+ gateway_ip: { get_param: private_net_gateway }
+ allocation_pools:
+ - start: { get_param: private_net_pool_start }
+ end: { get_param: private_net_pool_end }
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ external_gateway_info:
+ network: { get_param: public_net_name }
+
+ router_interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: private_subnet }
+
+ server1:
+ type: OS::Nova::Server
+ properties:
+ name: Server1
+ flavor: { get_resource: test_flavor }
+ image: { get_param: image }
+ key_name: { get_resource: key_pair }
+ networks:
+ - port: { get_resource: server1_port }
+
+ server1_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_resource: private_net }
+ fixed_ips:
+ - subnet_id: { get_resource: private_subnet }
+ security_groups: [{ get_resource: server_security_group }]
+
+ server1_floating_ip:
+ type: OS::Neutron::FloatingIP
+ # TODO: investigate why we need this depends_on and if we could
+ # replace it by router_id with get_resource: router_interface
+ depends_on: router_interface
+ properties:
+ floating_network: { get_param: public_net_name }
+ port_id: { get_resource: server1_port }
+
+ server_security_group:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ description: Add security group rules for server
+ name: pingtest-security-group
+ rules:
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: icmp
+
+ test_flavor:
+ type: OS::Nova::Flavor
+ properties:
+ ram: 512
+ vcpus: 1
+
+outputs:
+ server1_private_ip:
+ description: IP address of server1 in private network
+ value: { get_attr: [ server1, first_address ] }
+ server1_public_ip:
+ description: Floating IP address of server1 in public network
+ value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
diff --git a/common/services.yaml b/common/services.yaml
index 8581656e..0bc3462f 100644
--- a/common/services.yaml
+++ b/common/services.yaml
@@ -1,4 +1,3 @@
-#FIXME move into common when specfile adds it
heat_template_version: pike
description: >
@@ -36,7 +35,7 @@ parameters:
description: Role name on which the service is applied
type: string
RoleParameters:
- description: Role Specific parameters to be provided to service
+ description: Parameters specific to the role
default: {}
type: json
@@ -63,26 +62,47 @@ resources:
properties:
RoleData: {get_attr: [ServiceChain, role_data]}
-outputs:
- role_data:
- description: Combined Role data for this set of services.
- value:
- service_names:
- {get_attr: [ServiceChain, role_data, service_name]}
- monitoring_subscriptions:
+ PuppetStepConfig:
+ type: OS::Heat::Value
+ properties:
+ type: string
+ value:
yaql:
- expression: list($.data.role_data.where($ != null).select($.get('monitoring_subscription')).where($ != null))
- data: {role_data: {get_attr: [ServiceChain, role_data]}}
- logging_sources:
+ expression:
+ # select 'step_config' only from services that do not have a docker_config
+ coalesce($.data.service_names, []).zip(coalesce($.data.step_config, []), coalesce($.data.docker_config, [])).where($[2] = null).where($[1] != null).select($[1]).join("\n")
+ data:
+ service_names: {get_attr: [ServiceChain, role_data, service_name]}
+ step_config: {get_attr: [ServiceChain, role_data, step_config]}
+ docker_config: {get_attr: [ServiceChain, role_data, docker_config]}
+
+ DockerConfig:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression:
+ # select 'docker_config' only from services that have it
+ coalesce($.data.service_names, []).zip(coalesce($.data.docker_config, [])).where($[1] != null).select($[1]).reduce($1.mergeWith($2), {})
+ data:
+ service_names: {get_attr: [ServiceChain, role_data, service_names]}
+ docker_config: {get_attr: [ServiceChain, role_data, docker_config]}
+
+ LoggingSourcesConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
# Transform the individual logging_source configuration from
# each service in the chain into a global list, adding some
# default configuration at the same time.
yaql:
expression: >
let(
- default_format => $.data.default_format,
- pos_file_path => $.data.pos_file_path,
- sources => $.data.sources.flatten()
+ default_format => coalesce($.data.default_format, ''),
+ pos_file_path => coalesce($.data.pos_file_path, ''),
+ sources => coalesce($.data.sources, {}).flatten()
) ->
$sources.where($ != null).select({
'type' => 'tail',
@@ -95,59 +115,150 @@ outputs:
sources:
- {get_attr: [LoggingConfiguration, LoggingDefaultSources]}
- yaql:
- expression: list($.data.role_data.where($ != null).select($.get('logging_source')).where($ != null))
+ expression: list(coalesce($.data.role_data, []).where($ != null).select($.get('logging_source')).where($ != null))
data: {role_data: {get_attr: [ServiceChain, role_data]}}
- {get_attr: [LoggingConfiguration, LoggingExtraSources]}
default_format: {get_attr: [LoggingConfiguration, LoggingDefaultFormat]}
pos_file_path: {get_attr: [LoggingConfiguration, LoggingPosFilePath]}
- logging_groups:
+
+ LoggingGroupsConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
# Build a list of unique groups to which we should add the
# fluentd user.
yaql:
expression: >
- set(($.data.default + $.data.extra + $.data.role_data.where($ != null).select($.get('logging_groups'))).flatten()).where($)
+ set((coalesce($.data.default, []) + coalesce($.data.extra, []) + coalesce($.data.role_data, []).where($ != null).select($.get('logging_groups'))).flatten()).where($)
data:
default: {get_attr: [LoggingConfiguration, LoggingDefaultGroups]}
extra: {get_attr: [LoggingConfiguration, LoggingExtraGroups]}
role_data: {get_attr: [ServiceChain, role_data]}
- config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
- global_config_settings:
+
+ MonitoringSubscriptionsConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ expression: list(coalesce($.data.role_data, []).where($ != null).select($.get('monitoring_subscription')).where($ != null))
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ ServiceNames:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ filter:
+ - [null]
+ - {get_attr: [ServiceChain, role_data, service_name]}
+
+ GlobalConfigSettings:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
map_merge:
yaql:
- expression: list($.data.role_data.where($ != null).select($.get('global_config_settings')).where($ != null))
+ expression: list(coalesce($.data.role_data, []).where($ != null).select($.get('global_config_settings')).where($ != null))
data: {role_data: {get_attr: [ServiceChain, role_data]}}
- service_config_settings:
+
+ ServiceConfigSettings:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
yaql:
- expression: $.data.role_data.where($ != null).select($.get('service_config_settings')).where($ != null).reduce($1.mergeWith($2), {})
+ expression: coalesce($.data.role_data, []).where($ != null).select($.get('service_config_settings')).where($ != null).reduce($1.mergeWith($2), {})
data: {role_data: {get_attr: [ServiceChain, role_data]}}
- service_workflow_tasks:
+
+ ServiceWorkflowTasks:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
yaql:
- expression: $.data.role_data.where($ != null).select($.get('service_workflow_tasks')).where($ != null).reduce($1.mergeWith($2), {})
+ expression: coalesce($.data.role_data, []).where($ != null).select($.get('service_workflow_tasks')).where($ != null).reduce($1.mergeWith($2), {})
data: {role_data: {get_attr: [ServiceChain, role_data]}}
- step_config: {get_attr: [ServiceChain, role_data, step_config]}
- upgrade_tasks:
+
+ UpgradeTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
yaql:
# Note we use distinct() here to filter any identical tasks, e.g yum update for all services
- expression: $.data.where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
+ expression: coalesce($.data, []).where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
- upgrade_batch_tasks:
+
+ UpgradeBatchTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
yaql:
- # Note we use distinct() here to filter any identical tasks, e.g yum update for all services
- expression: $.data.where($ != null).select($.get('upgrade_batch_tasks')).where($ != null).flatten().distinct()
+ expression: coalesce($.data, []).where($ != null).select($.get('upgrade_batch_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
- service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
- # Keys to support docker/services
- puppet_config: {get_attr: [ServiceChain, role_data, puppet_config]}
- kolla_config:
- map_merge: {get_attr: [ServiceChain, role_data, kolla_config]}
- docker_config:
- {get_attr: [ServiceChain, role_data, docker_config]}
- docker_puppet_tasks:
- {get_attr: [ServiceChain, role_data, docker_puppet_tasks]}
- host_prep_tasks:
+ PuppetConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ expression: coalesce($.data, []).where($ != null).select($.get('puppet_config')).where($ != null).distinct()
+ data: {get_attr: [ServiceChain, role_data]}
+
+ KollaConfig:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: coalesce($.data.role_data, []).where($ != null).select($.get('kolla_config')).where($ != null).reduce($1.mergeWith($2), {})
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ DockerPuppetTasks:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: dict(coalesce($.data, []).where($ != null).select($.get('docker_puppet_tasks')).where($ != null).selectMany($.items()).groupBy($[0], $[1]))
+ data: {get_attr: [ServiceChain, role_data]}
+
+ HostPrepTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
yaql:
# Note we use distinct() here to filter any identical tasks
- expression: $.data.where($ != null).select($.get('host_prep_tasks')).where($ != null).flatten().distinct()
+ expression: coalesce($.data, []).where($ != null).select($.get('host_prep_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
+
+outputs:
+ role_data:
+ description: Combined Role data for this set of services.
+ value:
+ service_names: {get_attr: [ServiceNames, value]}
+ monitoring_subscriptions: {get_attr: [MonitoringSubscriptionsConfig, value]}
+ logging_sources: {get_attr: [LoggingSourcesConfig, value]}
+ logging_groups: {get_attr: [LoggingGroupsConfig, value]}
+ config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
+ global_config_settings: {get_attr: [GlobalConfigSettings, value]}
+ service_config_settings: {get_attr: [ServiceConfigSettings, value]}
+ service_workflow_tasks: {get_attr: [ServiceWorkflowTasks, value]}
+ step_config: {get_attr: [PuppetStepConfig, value]}
+ upgrade_tasks: {get_attr: [UpgradeTasks, value]}
+ upgrade_batch_tasks: {get_attr: [UpgradeBatchTasks, value]}
+ service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
+
+ # Keys to support docker/services
+ puppet_config: {get_attr: [PuppetConfig, value]}
+ kolla_config: {get_attr: [KollaConfig, value]}
+ docker_config: {get_attr: [DockerConfig, value]}
+ docker_puppet_tasks: {get_attr: [DockerPuppetTasks, value]}
+ host_prep_tasks: {get_attr: [HostPrepTasks, value]}
diff --git a/deployed-server/deployed-server-bootstrap-centos.yaml b/deployed-server/deployed-server-bootstrap-centos.yaml
index 5b268234..d57ea9fc 100644
--- a/deployed-server/deployed-server-bootstrap-centos.yaml
+++ b/deployed-server/deployed-server-bootstrap-centos.yaml
@@ -18,5 +18,6 @@ resources:
DeployedServerBootstrapDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: DeployedServerBootstrapDeployment
config: {get_resource: DeployedServerBootstrapConfig}
server: {get_param: server}
diff --git a/deployed-server/deployed-server-bootstrap-rhel.yaml b/deployed-server/deployed-server-bootstrap-rhel.yaml
index a9018515..554bff3e 100644
--- a/deployed-server/deployed-server-bootstrap-rhel.yaml
+++ b/deployed-server/deployed-server-bootstrap-rhel.yaml
@@ -18,5 +18,6 @@ resources:
DeployedServerBootstrapDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: DeployedServerBootstrapDeployment
config: {get_resource: DeployedServerBootstrapConfig}
server: {get_param: server}
diff --git a/deployed-server/deployed-server-environment-output.yaml b/deployed-server/deployed-server-environment-output.yaml
index eaf77459..89c3886d 100644
--- a/deployed-server/deployed-server-environment-output.yaml
+++ b/deployed-server/deployed-server-environment-output.yaml
@@ -34,21 +34,11 @@ resources:
fixed_ips:
- ip_address: {get_param: [VipMap, redis]}
- ResourceRegistry:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- OS::TripleO::DeployedServer::ControlPlanePort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml
- OS::TripleO::Network::Ports::ControlPlaneVipPort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml
-
DeployedServerEnvironment:
type: OS::Heat::Value
properties:
type: json
value:
- resource_registry:
- {get_attr: [ResourceRegistry, value]}
parameter_defaults:
map_merge:
- {get_attr: [DeployedServerPortMapParameter, value]}
diff --git a/deployed-server/deployed-server-roles-data.yaml b/deployed-server/deployed-server-roles-data.yaml
index 084c2f8f..4a305c68 100644
--- a/deployed-server/deployed-server-roles-data.yaml
+++ b/deployed-server/deployed-server-roles-data.yaml
@@ -41,6 +41,7 @@
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
- OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::NeutronDhcpAgent
@@ -118,6 +119,7 @@
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
@@ -130,6 +132,7 @@
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
- name: BlockStorageDeployedServer
disable_constraints: True
diff --git a/deployed-server/deployed-server.yaml b/deployed-server/deployed-server.yaml
index 16deb7d6..d116e7c6 100644
--- a/deployed-server/deployed-server.yaml
+++ b/deployed-server/deployed-server.yaml
@@ -9,6 +9,7 @@ parameters:
key_name:
type: string
default: unused
+ description: Name of keypair to assign to servers
security_groups:
type: json
default: []
diff --git a/docker/README-containers.md b/docker/README-containers.md
index 5a9f6f3c..376af3ec 100644
--- a/docker/README-containers.md
+++ b/docker/README-containers.md
@@ -1,58 +1,3 @@
-# Using Docker Containers With TripleO
+# Containers based OpenStack deployment
-## Configuring TripleO with to use a container based compute node.
-
-Steps include:
-- Adding a base OS image to glance
-- Deploy an overcloud configured to use the docker compute heat templates
-
-## Getting base OS image working.
-
-Download the fedora atomic image into glance:
-
-```
-wget https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2
-glance image-create --name atomic-image --file Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2 --disk-format qcow2 --container-format bare
-```
-
-## Configuring TripleO
-
-You can use the tripleo.sh script up until the point of running the Overcloud.
-https://github.com/openstack/tripleo-common/blob/master/scripts/tripleo.sh
-
-You will want to set up the runtime puppet script delivery system described here:
-http://hardysteven.blogspot.ca/2016/08/tripleo-deploy-artifacts-and-puppet.html
-
-Create the Overcloud:
-```
-$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network.yaml --libvirt-type=qemu
-```
-
-Using Network Isolation in the Overcloud:
-```
-$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network-isolation.yaml --libvirt-type=qemu
-```
-
-Source the overcloudrc and then you can use the overcloud.
-
-## Debugging
-
-You can ssh into the controller/compute nodes by using the heat key, eg:
-```
-nova list
-ssh heat-admin@<compute_node_ip>
-```
-
-You can check to see what docker containers are running:
-```
-sudo docker ps -a
-```
-
-To enter a container that doesn't seem to be working right:
-```
-sudo docker exec -ti <container name> /bin/bash
-```
-
-Then you can check logs etc.
-
-You can also just do a 'docker logs' on a given container.
+https://docs.openstack.org/tripleo-docs/latest/install/containers_deployment/
diff --git a/docker/deploy-steps-playbook.yaml b/docker/deploy-steps-playbook.yaml
index 446c73a6..b884e0e7 100644
--- a/docker/deploy-steps-playbook.yaml
+++ b/docker/deploy-steps-playbook.yaml
@@ -10,7 +10,7 @@
command: >-
puppet apply
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
- --logdest syslog --color=false
+ --logdest syslog --logdest console --color=false
/var/lib/tripleo-config/puppet_step_config.pp
changed_when: false
check_mode: no
@@ -64,6 +64,10 @@
########################################################
# Bootstrap tasks, only performed on bootstrap_server_id
########################################################
+ - name: Check if /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json exists
+ stat:
+ path: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
+ register: docker_puppet_tasks_json
- name: Run docker-puppet tasks (bootstrap tasks)
shell: python /var/lib/docker-puppet/docker-puppet.py
environment:
@@ -71,7 +75,7 @@
NET_HOST: "true"
NO_ARCHIVE: "true"
STEP: "{{step}}"
- when: deploy_server_id == bootstrap_server_id
+ when: deploy_server_id == bootstrap_server_id and docker_puppet_tasks_json.stat.exists
changed_when: false
check_mode: no
register: outputs
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index 9780054b..fadd12d3 100755
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -211,11 +211,11 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
sync
FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply \
- --color=false --logdest syslog $TAGS /etc/config.pp
+ --color=false --logdest syslog --logdest console $TAGS /etc/config.pp
# Disables archiving
if [ -z "$NO_ARCHIVE" ]; then
- archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron")
+ archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron" "/var/lib/nova/.ssh")
rsync_srcs=""
for d in "${archivedirs[@]}"; do
if [ -d "$d" ]; then
diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2
index 4b0c8789..05ff7945 100644
--- a/docker/docker-steps.j2
+++ b/docker/docker-steps.j2
@@ -60,23 +60,6 @@ conditions:
resources:
- # These utility tasks use docker-puppet.py to execute tasks via puppet
- # We only execute these on the first node in the primary role
- {{primary_role_name}}DockerPuppetTasks:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- yaql:
- expression:
- $.data.default_tasks + dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
- data:
- docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]}
- default_tasks:
-{%- for step in range(1, deploy_steps_max) %}
- step_{{step}}: {}
-{%- endfor %}
-
RoleConfig:
type: OS::Heat::SoftwareConfig
properties:
@@ -133,6 +116,7 @@ resources:
{%- for r in roles %}
{{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
{%- endfor %}
+ evaluate_env: false
UPDATE:
workflow: { get_resource: WorkflowTasks_Step{{step}} }
params:
@@ -142,6 +126,7 @@ resources:
{%- for r in roles %}
{{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
{%- endfor %}
+ evaluate_env: false
always_update: true
# END service_workflow_tasks handling
{% endfor %}
@@ -175,11 +160,11 @@ resources:
vars:
puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]}
docker_puppet_script: {get_file: docker-puppet.py}
- docker_puppet_tasks: {get_attr: [{{primary_role_name}}DockerPuppetTasks, value]}
- docker_startup_configs: {get_attr: [{{role.name}}DockerConfig, value]}
+ docker_puppet_tasks: {get_param: [role_data, {{role.name}}, docker_puppet_tasks]}
+ docker_startup_configs: {get_param: [role_data, {{role.name}}, docker_config]}
kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]}
bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
- puppet_step_config: {get_attr: [{{role.name}}PuppetStepConfig, value]}
+ puppet_step_config: {get_param: [role_data, {{role.name}}, step_config]}
tasks:
# Join host_prep_tasks with the other per-host configuration
yaql:
@@ -193,10 +178,9 @@ resources:
file: path=/var/lib/tripleo-config state=directory
- name: Write the puppet step_config manifest
copy: content="{{puppet_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes
- # This is the docker-puppet configs end in
+ # this creates a JSON config file for our docker-puppet.py script
- name: Create /var/lib/docker-puppet
file: path=/var/lib/docker-puppet state=directory
- # this creates a JSON config file for our docker-puppet.py script
- name: Write docker-puppet-tasks json files
copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes
# FIXME: can we move docker-puppet somewhere so it's installed via a package?
@@ -220,6 +204,13 @@ resources:
########################################################
# Bootstrap tasks, only performed on bootstrap_server_id
########################################################
+ - name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
+ file:
+ path: "{{item}}"
+ state: absent
+ with_fileglob:
+ - /var/lib/docker-puppet/docker-puppet-tasks*.json
+ when: deploy_server_id == bootstrap_server_id
- name: Write docker-puppet-tasks json files
copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes
with_dict: "{{docker_puppet_tasks}}"
@@ -232,33 +223,6 @@ resources:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}HostPrepConfig}
- {{role.name}}PuppetStepConfig:
- type: OS::Heat::Value
- properties:
- type: string
- value:
- yaql:
- expression:
- # select 'step_config' only from services that do not have a docker_config
- $.data.service_names.zip($.data.step_config, $.data.docker_config).where($[2] = null).where($[1] != null).select($[1]).join("\n")
- data:
- service_names: {get_param: [role_data, {{role.name}}, service_names]}
- step_config: {get_param: [role_data, {{role.name}}, step_config]}
- docker_config: {get_param: [role_data, {{role.name}}, docker_config]}
-
- {{role.name}}DockerConfig:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- yaql:
- expression:
- # select 'docker_config' only from services that have it
- $.data.service_names.zip($.data.docker_config).where($[1] != null).select($[1]).reduce($1.mergeWith($2), {})
- data:
- service_names: {get_param: [role_data, {{role.name}}, service_names]}
- docker_config: {get_param: [role_data, {{role.name}}, docker_config]}
-
# BEGIN CONFIG STEPS
{{role.name}}PreConfig:
diff --git a/docker/firstboot/setup_docker_host.yaml b/docker/firstboot/setup_docker_host.yaml
index 41b036da..ddfa8802 100644
--- a/docker/firstboot/setup_docker_host.yaml
+++ b/docker/firstboot/setup_docker_host.yaml
@@ -1,14 +1,5 @@
heat_template_version: pike
-parameters:
- DockerNamespace:
- type: string
- default: tripleoupstream
- description: namespace
- DockerNamespaceIsRegistry:
- type: boolean
- default: false
-
resources:
userdata:
@@ -21,12 +12,7 @@ resources:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config:
- str_replace:
- params:
- $docker_registry: {get_param: DockerNamespace}
- $docker_namespace_is_registry: {get_param: DockerNamespaceIsRegistry}
- template: {get_file: ./setup_docker_host.sh}
+ config: {get_file: ./setup_docker_host.sh}
outputs:
OS::stack_id:
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index 70b43eb1..8afb6d28 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -49,6 +49,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhApiPuppetBase:
type: ../../puppet/services/aodh-api.yaml
properties:
@@ -68,7 +71,10 @@ outputs:
- get_attr: [AodhApiPuppetBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [AodhApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml
index f75c57b3..86bdfdf9 100644
--- a/docker/services/aodh-evaluator.yaml
+++ b/docker/services/aodh-evaluator.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhEvaluatorBase:
type: ../../puppet/services/aodh-evaluator.yaml
properties:
@@ -61,7 +64,10 @@ outputs:
map_merge:
- get_attr: [AodhEvaluatorBase, role_data, config_settings]
step_config: &step_config
- get_attr: [AodhEvaluatorBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhEvaluatorBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhEvaluatorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml
index 9db2ffbe..3f986ab2 100644
--- a/docker/services/aodh-listener.yaml
+++ b/docker/services/aodh-listener.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhListenerBase:
type: ../../puppet/services/aodh-listener.yaml
properties:
@@ -61,7 +64,10 @@ outputs:
map_merge:
- get_attr: [AodhListenerBase, role_data, config_settings]
step_config: &step_config
- get_attr: [AodhListenerBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhListenerBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhListenerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml
index c16c0161..852120c9 100644
--- a/docker/services/aodh-notifier.yaml
+++ b/docker/services/aodh-notifier.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhNotifierBase:
type: ../../puppet/services/aodh-notifier.yaml
properties:
@@ -61,7 +64,10 @@ outputs:
map_merge:
- get_attr: [AodhNotifierBase, role_data, config_settings]
step_config: &step_config
- get_attr: [AodhNotifierBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhNotifierBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhNotifierBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml
new file mode 100644
index 00000000..1468415e
--- /dev/null
+++ b/docker/services/ceph-ansible/ceph-base.yaml
@@ -0,0 +1,205 @@
+heat_template_version: pike
+
+description: >
+ Ceph base service. Shared by all Ceph services.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephAnsibleWorkflowName:
+ type: string
+ description: Name of the Mistral workflow to execute
+ default: tripleo.storage.v1.ceph-install
+ CephAnsiblePlaybook:
+ type: string
+ description: Path to the ceph-ansible playbook to execute
+ default: /usr/share/ceph-ansible/site-docker.yml.sample
+ CephAnsibleExtraConfig:
+ type: json
+ description: Extra vars for the ceph-ansible playbook
+ default: {}
+ CephClusterFSID:
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
+ CephPoolDefaultPgNum:
+ description: default pg_num to use for the RBD pools
+ type: number
+ default: 32
+ CephPools:
+ description: >
+ It can be used to override settings for one of the predefined pools, or to create
+ additional ones. Example:
+ {
+ "volumes": {
+ "size": 5,
+ "pg_num": 128,
+ "pgp_num": 128
+ }
+ }
+ default: {}
+ type: json
+ CinderRbdPoolName:
+ default: volumes
+ type: string
+ CinderBackupRbdPoolName:
+ default: backups
+ type: string
+ GlanceRbdPoolName:
+ default: images
+ type: string
+ GnocchiRbdPoolName:
+ default: metrics
+ type: string
+ NovaRbdPoolName:
+ default: vms
+ type: string
+ CephClientKey:
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephClientUserName:
+ default: openstack
+ type: string
+ CephPoolDefaultSize:
+ description: default minimum replication for RBD copies
+ type: number
+ default: 3
+ CephIPv6:
+ default: False
+ type: boolean
+ DockerCephDaemonImage:
+ description: image
+ type: string
+ default: 'ceph/daemon:tag-build-master-jewel-centos-7'
+
+conditions:
+ custom_registry_host:
+ yaql:
+ data: {get_param: DockerCephDaemonImage}
+ expression: $.data.split('/')[0].matches('(\.|:)')
+
+outputs:
+ role_data:
+ description: Role data for the Ceph base service.
+ value:
+ service_name: ceph_base
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks:
+ step2:
+ - name: ceph_base_ansible_workflow
+ workflow: { get_param: CephAnsibleWorkflowName }
+ input:
+ ceph_ansible_extra_vars: {get_param: CephAnsibleExtraConfig}
+ ceph_ansible_playbook: {get_param: CephAnsiblePlaybook}
+ config_settings:
+ ceph_common_ansible_vars:
+ fsid: { get_param: CephClusterFSID }
+ docker: true
+ ceph_docker_registry:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: regex('(?:https?://)?(.*)/').split($.data)[1]
+ data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ - docker.io
+ ceph_docker_image:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: regex('(?:https?://)?(.*)/').split($.data)[2]
+ data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ - {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ ceph_docker_image_tag: {str_split: [':', {get_param: DockerCephDaemonImage}, 1]}
+ containerized_deployment: true
+ public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
+ cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
+ user_config: true
+ ceph_stable: true
+ ceph_origin: distro
+ openstack_config: true
+ openstack_pools:
+ list_concat:
+ - repeat:
+ template:
+ name: <%pool%>
+ pg_num: {get_param: CephPoolDefaultPgNum}
+ rule_name: ""
+ for_each:
+ <%pool%>:
+ - {get_param: CinderRbdPoolName}
+ - {get_param: CinderBackupRbdPoolName}
+ - {get_param: NovaRbdPoolName}
+ - {get_param: GlanceRbdPoolName}
+ - {get_param: GnocchiRbdPoolName}
+ - repeat:
+ template:
+ name: <%pool%>
+ pg_num: {get_param: CephPoolDefaultPgNum}
+ rule_name: ""
+ for_each:
+ <%pool%>: {get_param: CephPools}
+ openstack_keys: &openstack_keys
+ - name:
+ list_join:
+ - '.'
+ - - client
+ - {get_param: CephClientUserName}
+ key: {get_param: CephClientKey}
+ mon_cap: "allow r"
+ osd_cap:
+ str_replace:
+ template: "allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL"
+ params:
+ NOVA_POOL: {get_param: NovaRbdPoolName}
+ CINDER_POOL: {get_param: CinderRbdPoolName}
+ CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
+ GLANCE_POOL: {get_param: GlanceRbdPoolName}
+ GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+ acls:
+ - "u:glance:r--"
+ - "u:nova:r--"
+ - "u:cinder:r--"
+ - "u:gnocchi:r--"
+ keys: *openstack_keys
+ pools: []
+ ceph_conf_overrides:
+ global:
+ osd_pool_default_size: {get_param: CephPoolDefaultSize}
+ osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
+ ntp_service_enabled: false
+ generate_fsid: false
+ ip_version:
+ if:
+ - {get_param: CephIPv6}
+ - ipv6
+ - ipv4
diff --git a/puppet/services/network/contrail-provision.yaml b/docker/services/ceph-ansible/ceph-client.yaml
index f3a43224..55d8d9da 100644
--- a/puppet/services/network/contrail-provision.yaml
+++ b/docker/services/ceph-ansible/ceph-client.yaml
@@ -1,7 +1,7 @@
heat_template_version: pike
description: >
- Provision Contrail services after deployment
+ Ceph Client service.
parameters:
ServiceData:
@@ -32,8 +32,8 @@ parameters:
type: json
resources:
- ContrailBase:
- type: ./contrail-base.yaml
+ CephBase:
+ type: ./ceph-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
@@ -44,11 +44,15 @@ resources:
outputs:
role_data:
- description: Contrail provisioning role
+ description: Role data for the Ceph Client service.
value:
- service_name: contrail_provision
- config_settings:
- map_merge:
- - get_attr: [ContrailBase, role_data, config_settings]
- step_config: |
- include ::tripleo::network::contrail::provision
+ service_name: ceph_client
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings: {}
diff --git a/docker/services/ceph-ansible/ceph-mon.yaml b/docker/services/ceph-ansible/ceph-mon.yaml
new file mode 100644
index 00000000..90149d1e
--- /dev/null
+++ b/docker/services/ceph-ansible/ceph-mon.yaml
@@ -0,0 +1,86 @@
+heat_template_version: pike
+
+description: >
+ Ceph Monitor service.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephMonKey:
+ description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephAdminKey:
+ default: ''
+ description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephValidationRetries:
+ type: number
+ default: 40
+ description: Number of retry attempts for Ceph validation
+ CephValidationDelay:
+ type: number
+ default: 30
+ description: Interval (in seconds) in between validation checks
+
+resources:
+ CephBase:
+ type: ./ceph-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceph Monitor service.
+ value:
+ service_name: ceph_mon
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings:
+ map_merge:
+ - tripleo.ceph_mon.firewall_rules:
+ '110 ceph_mon':
+ dport:
+ - 6789
+ - ceph_mon_ansible_vars:
+ map_merge:
+ - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
+ - monitor_secret: {get_param: CephMonKey}
+ admin_secret: {get_param: CephAdminKey}
+ monitor_interface: br_ex
diff --git a/docker/services/ceph-ansible/ceph-osd.yaml b/docker/services/ceph-ansible/ceph-osd.yaml
new file mode 100644
index 00000000..6e0f4a60
--- /dev/null
+++ b/docker/services/ceph-ansible/ceph-osd.yaml
@@ -0,0 +1,75 @@
+heat_template_version: pike
+
+description: >
+ Ceph OSD service.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephAnsibleDisksConfig:
+ type: json
+ description: Disks config settings for ceph-ansible
+ default:
+ devices:
+ - /dev/vdb
+ journal_size: 512
+ journal_collocation: true
+
+resources:
+ CephBase:
+ type: ./ceph-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceph OSD service.
+ value:
+ service_name: ceph_osd
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings:
+ map_merge:
+ - tripleo.ceph_osd.firewall_rules:
+ '111 ceph_osd':
+ dport:
+ - '6800-7300'
+ - ceph_osd_ansible_vars:
+ map_merge:
+ - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
+ - {get_param: CephAnsibleDisksConfig} \ No newline at end of file
diff --git a/docker/services/cinder-api.yaml b/docker/services/cinder-api.yaml
index 0cd1dd7b..900131c9 100644
--- a/docker/services/cinder-api.yaml
+++ b/docker/services/cinder-api.yaml
@@ -49,6 +49,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-api.yaml
properties:
@@ -66,7 +69,10 @@ outputs:
service_name: {get_attr: [CinderBase, role_data, service_name]}
config_settings: {get_attr: [CinderBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -86,6 +92,17 @@ outputs:
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
+ /var/lib/kolla/config_files/cinder_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/cinder
+ owner: cinder:cinder
+ recurse: true
docker_config:
step_2:
cinder_api_init_logs:
@@ -140,6 +157,24 @@ outputs:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ cinder_api_cron:
+ image: *cinder_api_image
+ net: host
+ user: root
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/cinder_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/cinder:/var/log/cinder
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+
+ metadata_settings:
+ get_attr: [CinderBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
diff --git a/docker/services/cinder-backup.yaml b/docker/services/cinder-backup.yaml
index 46dbea1d..ad3b43c2 100644
--- a/docker/services/cinder-backup.yaml
+++ b/docker/services/cinder-backup.yaml
@@ -43,6 +43,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-backup.yaml
properties:
@@ -60,7 +63,10 @@ outputs:
service_name: {get_attr: [CinderBase, role_data, service_name]}
config_settings: {get_attr: [CinderBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -72,15 +78,15 @@ outputs:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- # NOTE(mandre): the copy of ceph conf will need to go once we
- # generate a ceph.conf for cinder in puppet
- # Copy ceph config files before cinder ones as a precaution, for
- # the later one to take precendence in case of duplicate files.
- - source: "/var/lib/kolla/config_files/src-ceph/*"
+ - source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- - source: "/var/lib/kolla/config_files/src/*"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/"
merge: true
preserve_properties: true
@@ -113,13 +119,12 @@ outputs:
-
- /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- # FIXME: we need to generate a ceph.conf with puppet for this
- - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- - /etc/iscsi:/etc/iscsi
- /var/lib/cinder:/var/lib/cinder
- /var/log/containers/cinder:/var/log/cinder
environment:
@@ -132,6 +137,10 @@ outputs:
with_items:
- /var/lib/cinder
- /var/log/containers/cinder
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable cinder_backup service
tags: step2
diff --git a/docker/services/cinder-scheduler.yaml b/docker/services/cinder-scheduler.yaml
index 1bae005c..1ac31874 100644
--- a/docker/services/cinder-scheduler.yaml
+++ b/docker/services/cinder-scheduler.yaml
@@ -43,6 +43,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-scheduler.yaml
properties:
@@ -60,7 +63,10 @@ outputs:
service_name: {get_attr: [CinderBase, role_data, service_name]}
config_settings: {get_attr: [CinderBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/cinder-volume.yaml b/docker/services/cinder-volume.yaml
index 2ecc7adc..eb904c0b 100644
--- a/docker/services/cinder-volume.yaml
+++ b/docker/services/cinder-volume.yaml
@@ -51,6 +51,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-volume.yaml
properties:
@@ -75,6 +78,7 @@ outputs:
- "\n"
- - "include ::tripleo::profile::base::lvm"
- get_attr: [CinderBase, role_data, step_config]
+ - get_attr: [MySQLClient, role_data, step_config]
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -86,15 +90,15 @@ outputs:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- # NOTE(mandre): the copy of ceph conf will need to go once we
- # generate a ceph.conf for cinder in puppet
- # Copy ceph config files before cinder ones as a precaution, for
- # the later one to take precendence in case of duplicate files.
- - source: "/var/lib/kolla/config_files/src-ceph/*"
+ - source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- - source: "/var/lib/kolla/config_files/src/*"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/"
merge: true
preserve_properties: true
@@ -124,13 +128,12 @@ outputs:
-
- /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- # FIXME: we need to generate a ceph.conf with puppet for this
- - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /lib/modules:/lib/modules:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- - /etc/iscsi:/etc/iscsi
- /var/lib/cinder:/var/lib/cinder
- /var/log/containers/cinder:/var/log/cinder
environment:
@@ -143,6 +146,10 @@ outputs:
with_items:
- /var/log/containers/cinder
- /var/lib/cinder
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
- name: cinder_enable_iscsi_backend fact
set_fact:
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
diff --git a/docker/services/collectd.yaml b/docker/services/collectd.yaml
index 2989729c..3c0ba09b 100644
--- a/docker/services/collectd.yaml
+++ b/docker/services/collectd.yaml
@@ -89,15 +89,17 @@ outputs:
collectd:
image: {get_param: DockerCollectdImage}
net: host
+ pid: host
privileged: true
+ user: root
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/run/docker.sock:/var/run/docker.sock:rw
- /var/lib/kolla/config_files/collectd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/collectd/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/collectd:/var/log/collectd:rw
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
diff --git a/docker/services/congress.yaml b/docker/services/congress.yaml
index e49682f9..08170cef 100644
--- a/docker/services/congress.yaml
+++ b/docker/services/congress.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CongressBase:
type: ../../puppet/services/congress.yaml
properties:
@@ -61,7 +64,10 @@ outputs:
map_merge:
- get_attr: [CongressBase, role_data, config_settings]
step_config: &step_config
- get_attr: [CongressBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CongressBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CongressBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/containers-common.yaml b/docker/services/containers-common.yaml
index 71ea8d1f..2c894da5 100644
--- a/docker/services/containers-common.yaml
+++ b/docker/services/containers-common.yaml
@@ -66,5 +66,9 @@ outputs:
- /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro
- if:
- internal_tls_enabled
- - - {get_param: InternalTLSCAFile}
+ - - list_join:
+ - ':'
+ - - {get_param: InternalTLSCAFile}
+ - {get_param: InternalTLSCAFile}
+ - 'ro'
- null
diff --git a/docker/services/database/mysql-client.yaml b/docker/services/database/mysql-client.yaml
deleted file mode 100644
index d45d58e1..00000000
--- a/docker/services/database/mysql-client.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-heat_template_version: pike
-
-description: >
- Configuration for containerized MySQL clients
-
-parameters:
- DockerMysqlClientConfigImage:
- description: The container image to use for the mysql_client config_volume
- type: string
- ServiceData:
- default: {}
- description: Dictionary packing service data
- type: json
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- RoleName:
- default: ''
- description: Role name on which the service is applied
- type: string
- RoleParameters:
- default: {}
- description: Parameters specific to the role
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EnableInternalTLS:
- type: boolean
- default: false
- InternalTLSCAFile:
- default: '/etc/ipa/ca.crt'
- type: string
- description: Specifies the default CA cert to use if TLS is used for
- services in the internal network.
-
-outputs:
- role_data:
- description: Role for setting mysql client parameters
- value:
- service_name: mysql_client
- config_settings:
- tripleo::profile::base::database::mysql::client::mysql_client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]}
- tripleo::profile::base::database::mysql::client::enable_ssl: {get_param: EnableInternalTLS}
- tripleo::profile::base::database::mysql::client::ssl_ca: {get_param: InternalTLSCAFile}
- # BEGIN DOCKER SETTINGS #
- step_config: ""
- puppet_config:
- config_volume: mysql_client
- puppet_tags: file # set this even though file is the default
- step_config: "include ::tripleo::profile::base::database::mysql::client"
- config_image: {get_param: DockerMysqlClientConfigImage}
- # no need for a docker config, this service only generates configuration files
- docker_config: {}
diff --git a/docker/services/ec2-api.yaml b/docker/services/ec2-api.yaml
index 9f1ecbc1..1d4ddd38 100644
--- a/docker/services/ec2-api.yaml
+++ b/docker/services/ec2-api.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
Ec2ApiPuppetBase:
type: ../../puppet/services/ec2-api.yaml
properties:
@@ -58,7 +61,10 @@ outputs:
service_name: {get_attr: [Ec2ApiPuppetBase, role_data, service_name]}
config_settings: {get_attr: [Ec2ApiPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [Ec2ApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [Ec2ApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [Ec2ApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml
index d88c64b5..044eb283 100644
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@@ -50,6 +50,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
GlanceApiPuppetBase:
type: ../../puppet/services/glance-api.yaml
properties:
@@ -70,7 +73,10 @@ outputs:
- get_attr: [GlanceApiPuppetBase, role_data, config_settings]
- glance::api::sync_db: false
step_config: &step_config
- get_attr: [GlanceApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [GlanceApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [GlanceApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
@@ -86,6 +92,10 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
config_files:
@@ -117,6 +127,7 @@ outputs:
- /var/lib/kolla/config_files/glance_api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/glance:/var/log/glance
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
@@ -156,6 +167,10 @@ outputs:
file:
path: /var/log/containers/glance
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable glance_api service
tags: step2
diff --git a/docker/services/gnocchi-metricd.yaml b/docker/services/gnocchi-metricd.yaml
index 1a0a1ddb..5a6958a0 100644
--- a/docker/services/gnocchi-metricd.yaml
+++ b/docker/services/gnocchi-metricd.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
GnocchiMetricdBase:
type: ../../puppet/services/gnocchi-metricd.yaml
properties:
@@ -59,7 +62,10 @@ outputs:
service_name: {get_attr: [GnocchiMetricdBase, role_data, service_name]}
config_settings: {get_attr: [GnocchiMetricdBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [GnocchiMetricdBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [GnocchiMetricdBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [GnocchiMetricdBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -75,6 +81,10 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
@@ -93,6 +103,7 @@ outputs:
- /var/lib/kolla/config_files/gnocchi_metricd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
@@ -100,6 +111,10 @@ outputs:
file:
path: /var/log/containers/gnocchi
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-gnocchi-metricd service
tags: step2
diff --git a/docker/services/gnocchi-statsd.yaml b/docker/services/gnocchi-statsd.yaml
index 00d218d2..19e658cd 100644
--- a/docker/services/gnocchi-statsd.yaml
+++ b/docker/services/gnocchi-statsd.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
GnocchiStatsdBase:
type: ../../puppet/services/gnocchi-statsd.yaml
properties:
@@ -59,7 +62,10 @@ outputs:
service_name: {get_attr: [GnocchiStatsdBase, role_data, service_name]}
config_settings: {get_attr: [GnocchiStatsdBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [GnocchiStatsdBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [GnocchiStatsdBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [GnocchiStatsdBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/haproxy.yaml b/docker/services/haproxy.yaml
index 21baf5c6..2f0584ea 100644
--- a/docker/services/haproxy.yaml
+++ b/docker/services/haproxy.yaml
@@ -46,7 +46,7 @@ parameters:
The filepath of the certificate as it will be stored in the controller.
type: string
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
MonitoringSubscriptionHaproxy:
@@ -85,6 +85,7 @@ outputs:
map_merge:
- get_attr: [HAProxyBase, role_data, config_settings]
- tripleo::haproxy::haproxy_daemon: false
+ tripleo::haproxy::haproxy_service_manage: false
step_config: &step_config
get_attr: [HAProxyBase, role_data, step_config]
service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
@@ -92,7 +93,8 @@ outputs:
puppet_config:
config_volume: haproxy
puppet_tags: haproxy_config
- step_config: *step_config
+ step_config:
+ "class {'::tripleo::profile::base::haproxy': manage_firewall => false}"
config_image: {get_param: DockerHAProxyConfigImage}
volumes: &deployed_cert_mount
- list_join:
@@ -110,10 +112,44 @@ outputs:
preserve_properties: true
docker_config:
step_1:
+ haproxy_firewall:
+ detach: false
+ image: {get_param: DockerHAProxyImage}
+ net: host
+ user: root
+ privileged: true
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 1}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'tripleo::firewall::rule'
+ CONFIG: *step_config
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ - *deployed_cert_mount
+ -
+ - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro
+ # puppet saves iptables rules in /etc/sysconfig
+ - /etc/sysconfig:/etc/sysconfig:rw
+ # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+ # the necessary bit and prevent systemd to try to reload the service in the container
+ - /usr/libexec/iptables:/usr/libexec/iptables:ro
+ - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
haproxy:
image: {get_param: DockerHAProxyImage}
net: host
- privileged: false
restart: always
volumes:
list_concat:
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml
index aff0f1a1..70612899 100644
--- a/docker/services/heat-api-cfn.yaml
+++ b/docker/services/heat-api-cfn.yaml
@@ -125,8 +125,25 @@ outputs:
path: /var/log/containers/heat
state: directory
upgrade_tasks:
- - name: Stop and disable heat_api_cfn service
+ - name: Check if heat_api_cfn is deployed
+ command: systemctl is-enabled openstack-heat-api-cfn
+ tags: common
+ ignore_errors: True
+ register: heat_api_cfn_enabled
+ - name: check for heat_api_cfn running under apache (post upgrade)
tags: step2
- service: name=httpd state=stopped enabled=no
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cfn_wsgi"
+ register: heat_api_cfn_apache
+ ignore_errors: true
+ changed_when: false
+ check_mode: no
+ - name: Stop heat_api_cfn service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: heat_api_cfn_apache.rc == 0
+ - name: Stop and disable heat_api_cfn service (pre-upgrade not under httpd)
+ tags: step2
+ service: name=openstack-heat-api-cfn state=stopped enabled=no
+ when: heat_api_cfn_enabled.rc == 0
metadata_settings:
get_attr: [HeatBase, role_data, metadata_settings]
diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index d09230fe..9e38b060 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -90,6 +90,17 @@ outputs:
- path: /var/log/heat
owner: heat:heat
recurse: true
+ /var/lib/kolla/config_files/heat_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/heat
+ owner: heat:heat
+ recurse: true
docker_config:
step_4:
heat_api:
@@ -119,14 +130,46 @@ outputs:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ heat_api_cron:
+ image: {get_param: DockerHeatApiImage}
+ net: host
+ user: root
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/heat_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/heat_api/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/heat:/var/log/heat
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: create persistent logs directory
file:
path: /var/log/containers/heat
state: directory
upgrade_tasks:
- - name: Stop and disable heat_api service
+ - name: Check is heat_api is deployed
+ command: systemctl is-enabled openstack-heat-api
+ tags: common
+ ignore_errors: True
+ register: heat_api_enabled
+ - name: check for heat_api running under apache (post upgrade)
+ tags: step2
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_wsgi"
+ register: heat_api_apache
+ ignore_errors: true
+ changed_when: false
+ check_mode: no
+ - name: Stop heat_api service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: heat_api_apache.rc == 0
+ - name: Stop and disable heat_api service (pre-upgrade not under httpd)
tags: step2
- service: name=httpd state=stopped enabled=no
+ service: name=openstack-heat-api state=stopped enabled=no
+ when: heat_api_enabled.rc == 0
metadata_settings:
get_attr: [HeatBase, role_data, metadata_settings]
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index 789f3f9d..a20dc131 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -43,6 +43,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
HeatBase:
type: ../../puppet/services/heat-engine.yaml
properties:
@@ -63,7 +66,10 @@ outputs:
- get_attr: [HeatBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [HeatBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [HeatBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index 90978f3e..2a9735b5 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
IronicApiBase:
type: ../../puppet/services/ironic-api.yaml
properties:
@@ -62,7 +65,10 @@ outputs:
- get_attr: [IronicApiBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [IronicApiBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [IronicApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml
index 6368bd23..37f4d46e 100644
--- a/docker/services/ironic-conductor.yaml
+++ b/docker/services/ironic-conductor.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
IronicConductorBase:
type: ../../puppet/services/ironic-conductor.yaml
properties:
@@ -69,7 +72,10 @@ outputs:
- ironic::pxe::http_root: /var/lib/ironic/httpboot
- ironic::conductor::http_root: /var/lib/ironic/httpboot
step_config: &step_config
- get_attr: [IronicConductorBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [IronicConductorBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [IronicConductorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/iscsid.yaml b/docker/services/iscsid.yaml
index b39b72e2..80519800 100644
--- a/docker/services/iscsid.yaml
+++ b/docker/services/iscsid.yaml
@@ -42,23 +42,38 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ IscsidBase:
+ type: ../../puppet/services/iscsid.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
outputs:
role_data:
- description: Role data for the Iscsid API role.
+ description: Role data for the Iscsid role.
value:
- service_name: iscsid
- config_settings: {}
- step_config: ''
- service_config_settings: {}
+ service_name: {get_attr: [IscsidBase, role_data, service_name]}
+ config_settings: {get_attr: [IscsidBase, role_data, config_settings]}
+ step_config: &step_config
+ {get_attr: [IscsidBase, role_data, step_config]}
+ service_config_settings: {get_attr: [IscsidBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: iscsid
- #puppet_tags: file
- step_config: ''
+ puppet_tags: iscsid_config
+ step_config: *step_config
config_image: {get_param: DockerIscsidConfigImage}
kolla_config:
/var/lib/kolla/config_files/iscsid.json:
command: /usr/sbin/iscsid -f
+ config_files:
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
iscsid:
@@ -76,14 +91,10 @@ outputs:
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- - /etc/iscsi:/etc/iscsi
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- - name: create /etc/iscsi
- file:
- path: /etc/iscsi
- state: directory
- name: stat /lib/systemd/system/iscsid.socket
stat: path=/lib/systemd/system/iscsid.socket
register: stat_iscsid_socket
@@ -107,4 +118,3 @@ outputs:
tags: step2
service: name=iscsid.socket state=stopped enabled=no
when: stat_iscsid_socket.stat.exists
- metadata_settings: {}
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index da04682e..fcc458a2 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -55,6 +55,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
KeystoneBase:
type: ../../puppet/services/keystone.yaml
properties:
@@ -83,6 +86,7 @@ outputs:
- "\n"
- - "['Keystone_user', 'Keystone_endpoint', 'Keystone_domain', 'Keystone_tenant', 'Keystone_user_role', 'Keystone_role', 'Keystone_service'].each |String $val| { noop_resource($val) }"
- {get_attr: [KeystoneBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [KeystoneBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -98,6 +102,19 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ /var/lib/kolla/config_files/keystone_cron.json:
+ # FIXME(dprince): this is unused ATM because Kolla hardcodes the
+ # args for the keystone container to -DFOREGROUND
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/keystone
+ owner: keystone:keystone
+ recurse: true
docker_config:
# Kolla_bootstrap/db sync runs before permissions set by kolla_config
step_2:
@@ -150,6 +167,23 @@ outputs:
user: root
command:
[ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
+ keystone_cron:
+ start_order: 4
+ image: *keystone_image
+ user: root
+ net: host
+ privileged: false
+ restart: always
+ command: ['/bin/bash', '-c', '/usr/local/bin/kolla_set_configs && /usr/sbin/crond -n']
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/keystone_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/keystone:/var/log/keystone
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
# Keystone endpoint creation occurs only on single node
step_3:
diff --git a/docker/services/manila-api.yaml b/docker/services/manila-api.yaml
index c33f4094..7b2dbfaf 100644
--- a/docker/services/manila-api.yaml
+++ b/docker/services/manila-api.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ManilaApiPuppetBase:
type: ../../puppet/services/manila-api.yaml
properties:
@@ -57,7 +60,10 @@ outputs:
service_name: {get_attr: [ManilaApiPuppetBase, role_data, service_name]}
config_settings: {get_attr: [ManilaApiPuppetBase, role_data, config_settings]}
step_config: &step_config
- {get_attr: [ManilaApiPuppetBase, role_data, step_config]}
+ list_join:
+ - "\n"
+ - - {get_attr: [ManilaApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ManilaApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
diff --git a/docker/services/manila-scheduler.yaml b/docker/services/manila-scheduler.yaml
index 730d33f6..7b5dfec3 100644
--- a/docker/services/manila-scheduler.yaml
+++ b/docker/services/manila-scheduler.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ManilaSchedulerPuppetBase:
type: ../../puppet/services/manila-scheduler.yaml
properties:
@@ -57,7 +60,10 @@ outputs:
service_name: {get_attr: [ManilaSchedulerPuppetBase, role_data, service_name]}
config_settings: {get_attr: [ManilaSchedulerPuppetBase, role_data, config_settings]}
step_config: &step_config
- {get_attr: [ManilaSchedulerPuppetBase, role_data, step_config]}
+ list_join:
+ - "\n"
+ - - {get_attr: [ManilaSchedulerPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ManilaSchedulerPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
diff --git a/docker/services/manila-share.yaml b/docker/services/manila-share.yaml
index 9733b6f9..332ba864 100644
--- a/docker/services/manila-share.yaml
+++ b/docker/services/manila-share.yaml
@@ -4,17 +4,11 @@ description: >
OpenStack containerized Manila Share service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerManilaShareImage:
description: image
- default: 'centos-binary-manila-share:latest'
type: string
DockerManilaConfigImage:
description: image
- default: 'centos-binary-manila-base:latest'
type: string
EndpointMap:
default: {}
@@ -48,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ManilaBase:
type: ../../puppet/services/manila-share.yaml
properties:
@@ -65,17 +62,17 @@ outputs:
service_name: {get_attr: [ManilaBase, role_data, service_name]}
config_settings: {get_attr: [ManilaBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [ManilaBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [ManilaBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: manila
puppet_tags: manila_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ]
+ config_image: {get_param: DockerManilaConfigImage}
kolla_config:
/var/lib/kolla/config_files/manila_share.json:
command: /usr/bin/manila-share --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
@@ -84,9 +81,8 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
- # NOTE(gfidente): ceph-ansible generated
- - source: "/var/lib/kolla/config_files/src-ceph/*"
- dest: "/etc/ceph"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
merge: true
preserve_properties: true
permissions:
@@ -96,10 +92,7 @@ outputs:
docker_config:
step_4:
manila_share:
- image: &manila_share_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerManilaShareImage} ]
+ image: &manila_share_image {get_param: DockerManilaShareImage}
net: host
restart: always
volumes:
@@ -109,7 +102,7 @@ outputs:
- /var/lib/kolla/config_files/manila_share.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/manila:/var/log/manila
- - /etc/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
@@ -117,6 +110,10 @@ outputs:
file:
path: /var/log/containers/manila
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable manila_share service
tags: step2
diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml
index 73db3742..38b97aef 100644
--- a/docker/services/mistral-api.yaml
+++ b/docker/services/mistral-api.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
MistralApiBase:
type: ../../puppet/services/mistral-api.yaml
properties:
@@ -61,7 +64,10 @@ outputs:
map_merge:
- get_attr: [MistralApiBase, role_data, config_settings]
step_config: &step_config
- get_attr: [MistralApiBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [MistralApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [MistralApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml
index 4c6b300d..2b498be3 100644
--- a/docker/services/mistral-engine.yaml
+++ b/docker/services/mistral-engine.yaml
@@ -43,6 +43,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
MistralBase:
type: ../../puppet/services/mistral-engine.yaml
properties:
@@ -62,7 +65,10 @@ outputs:
map_merge:
- get_attr: [MistralBase, role_data, config_settings]
step_config: &step_config
- get_attr: [MistralBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [MistralBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml
index 3346a049..e106fe47 100644
--- a/docker/services/mistral-executor.yaml
+++ b/docker/services/mistral-executor.yaml
@@ -43,6 +43,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
MistralBase:
type: ../../puppet/services/mistral-executor.yaml
properties:
@@ -62,7 +65,10 @@ outputs:
map_merge:
- get_attr: [MistralBase, role_data, config_settings]
step_config: &step_config
- get_attr: [MistralBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [MistralBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -109,6 +115,18 @@ outputs:
path: /var/log/containers/mistral
state: directory
upgrade_tasks:
+ - name: Check if mistral executor is deployed
+ command: systemctl is-enabled openstack-mistral-executor
+ tags: common
+ ignore_errors: True
+ register: mistral_executor_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-mistral-executor is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-mistral-executor' --property ActiveState |
+ grep '\bactive\b'
+ when: mistral_executor_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable mistral_executor service
tags: step2
+ when: mistral_executor_enabled.rc == 0
service: name=openstack-mistral-executor state=stopped enabled=no
diff --git a/docker/services/multipathd.yaml b/docker/services/multipathd.yaml
index 51b93029..fc749f37 100644
--- a/docker/services/multipathd.yaml
+++ b/docker/services/multipathd.yaml
@@ -59,6 +59,11 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/multipathd.json:
command: /usr/sbin/multipathd -d
+ config_files:
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
multipathd:
@@ -72,11 +77,11 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/multipathd.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- - /etc/iscsi:/etc/iscsi
- /var/lib/cinder:/var/lib/cinder
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
@@ -85,4 +90,3 @@ outputs:
- name: Stop and disable multipathd service
tags: step2
service: name=multipathd state=stopped enabled=no
- metadata_settings: {}
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index 547deaf0..b4fce226 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -49,6 +49,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NeutronBase:
type: ../../puppet/services/neutron-api.yaml
properties:
@@ -68,7 +71,10 @@ outputs:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
step_config: &step_config
- get_attr: [NeutronBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NeutronBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -163,8 +169,18 @@ outputs:
path: /var/log/containers/neutron
state: directory
upgrade_tasks:
+ - name: Check if neutron_server is deployed
+ command: systemctl is-enabled neutron-server
+ tags: common
+ ignore_errors: True
+ register: neutron_server_enabled
+ - name: "PreUpgrade step0,validation: Check service neutron-server is running"
+ shell: /usr/bin/systemctl show 'neutron-server' --property ActiveState | grep '\bactive\b'
+ when: neutron_server_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable neutron_api service
tags: step2
+ when: neutron_server_enabled.rc == 0
service: name=neutron-server state=stopped enabled=no
metadata_settings:
get_attr: [NeutronBase, role_data, metadata_settings]
diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml
index c7444070..4b75d542 100644
--- a/docker/services/neutron-dhcp.yaml
+++ b/docker/services/neutron-dhcp.yaml
@@ -81,6 +81,9 @@ outputs:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ - path: /var/lib/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_dhcp:
@@ -97,15 +100,30 @@ outputs:
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run/:/run
+ - /var/lib/neutron:/var/lib/neutron
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
+ - name: create /var/lib/neutron
+ file:
+ path: /var/lib/neutron
+ state: directory
- name: create persistent logs directory
file:
path: /var/log/containers/neutron
state: directory
upgrade_tasks:
+ - name: Check if neutron_dhcp_agent is deployed
+ command: systemctl is-enabled neutron-dhcp-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_dhcp_agent_enabled
+ - name: "PreUpgrade step0,validation: Check service neutron-dhcp-agent is running"
+ shell: /usr/bin/systemctl show 'neutron-dhcp-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_dhcp_agent_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable neutron_dhcp service
tags: step2
+ when: neutron_dhcp_agent_enabled.rc == 0
service: name=neutron-dhcp-agent state=stopped enabled=no
diff --git a/docker/services/neutron-l3.yaml b/docker/services/neutron-l3.yaml
index c3a4d27f..06470c05 100644
--- a/docker/services/neutron-l3.yaml
+++ b/docker/services/neutron-l3.yaml
@@ -77,6 +77,9 @@ outputs:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ - path: /var/lib/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_l3_agent:
@@ -93,10 +96,15 @@ outputs:
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
+ - /var/lib/neutron:/var/lib/neutron
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
+ - name: create /var/lib/neutron
+ file:
+ path: /var/lib/neutron
+ state: directory
- name: create persistent logs directory
file:
path: /var/log/containers/neutron
diff --git a/docker/services/neutron-metadata.yaml b/docker/services/neutron-metadata.yaml
index f030faef..a5a7c34b 100644
--- a/docker/services/neutron-metadata.yaml
+++ b/docker/services/neutron-metadata.yaml
@@ -77,6 +77,9 @@ outputs:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ - path: /var/lib/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_metadata_agent:
@@ -93,15 +96,30 @@ outputs:
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
+ - /var/lib/neutron:/var/lib/neutron
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
+ - name: create /var/lib/neutron
+ file:
+ path: /var/lib/neutron
+ state: directory
- name: create persistent logs directory
file:
path: /var/log/containers/neutron
state: directory
upgrade_tasks:
+ - name: Check if neutron_metadata_agent is deployed
+ command: systemctl is-enabled neutron-metadata-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_metadata_agent_enabled
+ - name: "PreUpgrade step0,validation: Check service neutron-metadata-agent is running"
+ shell: /usr/bin/systemctl show 'neutron-metadata-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_metadata_agent_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable neutron_metadata service
tags: step2
+ when: neutron_metadata_agent_enabled.rc == 0
service: name=neutron-metadata-agent state=stopped enabled=no
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 1d73a538..da461049 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaApiBase:
type: ../../puppet/services/nova-api.yaml
properties:
@@ -69,6 +72,7 @@ outputs:
- "\n"
- - "['Nova_cell_v2'].each |String $val| { noop_resource($val) }"
- {get_attr: [NovaApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -88,6 +92,17 @@ outputs:
- path: /var/log/nova
owner: nova:nova
recurse: true
+ /var/lib/kolla/config_files/nova_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
# db sync runs before permissions set by kolla_config
step_2:
@@ -151,7 +166,7 @@ outputs:
user: nova
privileged: true
restart: always
- volumes: &nova_api_volumes
+ volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
@@ -164,12 +179,17 @@ outputs:
image: *nova_api_image
net: host
user: root
- privileged: true
+ privileged: false
restart: always
- volumes: *nova_api_volumes
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- command: "/usr/sbin/crond -n"
step_5:
nova_api_discover_hosts:
start_order: 1
@@ -179,6 +199,8 @@ outputs:
volumes: *nova_api_bootstrap_volumes
user: root
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
+ metadata_settings:
+ get_attr: [NovaApiBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index d8e76925..39d1740c 100644
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -36,12 +36,20 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ DockerNovaMigrationSshdPort:
+ default: 2022
+ description: Port that dockerized nova migration target sshd service
+ binds to.
+ type: number
resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaComputeBase:
type: ../../puppet/services/nova-compute.yaml
properties:
@@ -51,6 +59,7 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ MigrationSshPort: {get_param: DockerNovaMigrationSshdPort}
outputs:
role_data:
@@ -58,16 +67,12 @@ outputs:
value:
service_name: {get_attr: [NovaComputeBase, role_data, service_name]}
config_settings:
- map_merge:
- - get_attr: [NovaComputeBase, role_data, config_settings]
- # FIXME: we need to disable migration for now as the
- # hieradata is common for all services, and this means nova
- # and nova_placement puppet runs also try to configure
- # libvirt, and they fail. We can remove this override when
- # we have hieradata separation between containers.
- - tripleo::profile::base::nova::manage_migration: false
+ get_attr: [NovaComputeBase, role_data, config_settings]
step_config: &step_config
- get_attr: [NovaComputeBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaComputeBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
puppet_config:
config_volume: nova_libvirt
puppet_tags: nova_config,nova_paste_api_ini
@@ -81,6 +86,14 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
@@ -103,13 +116,16 @@ outputs:
-
- /var/lib/kolla/config_files/nova_compute.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev:/dev
- - /etc/iscsi:/etc/iscsi
- /lib/modules:/lib/modules:ro
- /run:/run
- /var/lib/nova:/var/lib/nova
- /var/lib/libvirt:/var/lib/libvirt
- /var/log/containers/nova:/var/log/nova
+ - /sys/class/net:/sys/class/net
+ - /sys/bus/pci:/sys/bus/pci
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
@@ -121,6 +137,10 @@ outputs:
- /var/log/containers/nova
- /var/lib/nova
- /var/lib/libvirt
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
diff --git a/docker/services/nova-conductor.yaml b/docker/services/nova-conductor.yaml
index 9f666577..ae737056 100644
--- a/docker/services/nova-conductor.yaml
+++ b/docker/services/nova-conductor.yaml
@@ -43,6 +43,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaConductorBase:
type: ../../puppet/services/nova-conductor.yaml
properties:
@@ -60,7 +63,10 @@ outputs:
service_name: {get_attr: [NovaConductorBase, role_data, service_name]}
config_settings: {get_attr: [NovaConductorBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaConductorBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaConductorBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaConductorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/nova-consoleauth.yaml b/docker/services/nova-consoleauth.yaml
index 0d3d1ec9..715a861b 100644
--- a/docker/services/nova-consoleauth.yaml
+++ b/docker/services/nova-consoleauth.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaConsoleauthPuppetBase:
type: ../../puppet/services/nova-consoleauth.yaml
properties:
@@ -59,7 +62,10 @@ outputs:
service_name: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_name]}
config_settings: {get_attr: [NovaConsoleauthPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaConsoleauthPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaConsoleauthPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml
index 89ef95ea..543758a1 100644
--- a/docker/services/nova-ironic.yaml
+++ b/docker/services/nova-ironic.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaIronicBase:
type: ../../puppet/services/nova-ironic.yaml
properties:
@@ -59,7 +62,10 @@ outputs:
service_name: {get_attr: [NovaIronicBase, role_data, service_name]}
config_settings: {get_attr: [NovaIronicBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaIronicBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaIronicBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
puppet_config:
config_volume: nova
puppet_tags: nova_config,nova_paste_api_ini
@@ -73,6 +79,10 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
@@ -94,9 +104,9 @@ outputs:
-
- /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /run:/run
- /dev:/dev
- - /etc/iscsi:/etc/iscsi
- /var/lib/nova/:/var/lib/nova
- /var/log/containers/nova:/var/log/nova
environment:
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index a5527747..2f3851a5 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -14,7 +14,7 @@ parameters:
type: string
EnablePackageInstall:
default: 'false'
- description: Set to true to enable package installation
+ description: Set to true to enable package installation at deploy time
type: boolean
ServiceData:
default: {}
@@ -51,6 +51,12 @@ parameters:
description: If set to true and if EnableInternalTLS is enabled, it will
set the libvirt URI's transport to tls and configure the
relevant keys for libvirt.
+ DockerNovaMigrationSshdPort:
+ default: 2022
+ description: Port that dockerized nova migration target sshd service
+ binds to.
+ type: number
+
conditions:
@@ -68,6 +74,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaLibvirtBase:
type: ../../puppet/services/nova-libvirt.yaml
properties:
@@ -77,6 +86,7 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ MigrationSshPort: {get_param: DockerNovaMigrationSshdPort}
outputs:
role_data:
@@ -84,19 +94,15 @@ outputs:
value:
service_name: {get_attr: [NovaLibvirtBase, role_data, service_name]}
config_settings:
- map_merge:
- - get_attr: [NovaLibvirtBase, role_data, config_settings]
- # FIXME: we need to disable migration for now as the
- # hieradata is common for all services, and this means nova
- # and nova_placement puppet runs also try to configure
- # libvirt, and they fail. We can remove this override when
- # we have hieradata separation between containers.
- - tripleo::profile::base::nova::manage_migration: false
+ get_attr: [NovaLibvirtBase, role_data, config_settings]
step_config: &step_config
- get_attr: [NovaLibvirtBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaLibvirtBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
puppet_config:
config_volume: nova_libvirt
- puppet_tags: nova_config
+ puppet_tags: libvirtd_config,nova_config,file,exec
step_config: *step_config
config_image: {get_param: DockerNovaLibvirtConfigImage}
kolla_config:
@@ -111,6 +117,10 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
@@ -129,11 +139,13 @@ outputs:
-
- /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /lib/modules:/lib/modules:ro
- /dev:/dev
- /run:/run
- /sys/fs/cgroup:/sys/fs/cgroup
- /var/lib/nova:/var/lib/nova
+ - /etc/libvirt/secrets:/etc/libvirt/secrets
# Needed to use host's virtlogd
- /var/run/libvirt:/var/run/libvirt
- /var/lib/libvirt:/var/lib/libvirt
@@ -148,9 +160,14 @@ outputs:
path: "{{ item }}"
state: directory
with_items:
+ - /etc/libvirt/secrets
- /etc/libvirt/qemu
- /var/lib/libvirt
- /var/log/containers/nova
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
- name: set enable_package_install fact
set_fact:
enable_package_install: {get_param: EnablePackageInstall}
diff --git a/docker/services/nova-migration-target.yaml b/docker/services/nova-migration-target.yaml
new file mode 100644
index 00000000..385343a0
--- /dev/null
+++ b/docker/services/nova-migration-target.yaml
@@ -0,0 +1,124 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Nova Migration Target service
+
+parameters:
+ DockerNovaComputeImage:
+ description: image
+ type: string
+ DockerNovaLibvirtConfigImage:
+ description: The container image to use for the nova_libvirt config_volume
+ type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ DockerNovaMigrationSshdPort:
+ default: 2022
+ description: Port that dockerized nova migration target sshd service
+ binds to.
+ type: number
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ SshdBase:
+ type: ../../puppet/services/sshd.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+ NovaMigrationTargetBase:
+ type: ../../puppet/services/nova-migration-target.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Migration Target service.
+ value:
+ service_name: nova_migration_target
+ config_settings:
+ map_merge:
+ - get_attr: [SshdBase, role_data, config_settings]
+ - get_attr: [NovaMigrationTargetBase, role_data, config_settings]
+ - tripleo.nova_migration_target.firewall_rules:
+ '113 nova_migration_target':
+ dport:
+ - {get_param: DockerNovaMigrationSshdPort}
+ step_config: &step_config
+ list_join:
+ - "\n"
+ - - get_attr: [SshdBase, role_data, step_config]
+ - get_attr: [NovaMigrationTargetBase, role_data, step_config]
+ puppet_config:
+ config_volume: nova_libvirt
+ step_config: *step_config
+ config_image: {get_param: DockerNovaLibvirtConfigImage}
+ kolla_config:
+ /var/lib/kolla/config_files/nova-migration-target.json:
+ command:
+ str_replace:
+ template: "/usr/sbin/sshd -D -p SSHDPORT"
+ params:
+ SSHDPORT: {get_param: DockerNovaMigrationSshdPort}
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: /host-ssh/ssh_host_*_key
+ dest: /etc/ssh/
+ owner: "root"
+ perm: "0600"
+ docker_config:
+ step_4:
+ nova_migration_target:
+ image: {get_param: DockerNovaComputeImage}
+ net: host
+ privileged: true
+ user: root
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova-migration-target.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /etc/ssh/:/host-ssh/:ro
+ - /run:/run
+ - /var/lib/nova:/var/lib/nova
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index 7350db20..d784ace3 100644
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaPlacementBase:
type: ../../puppet/services/nova-placement.yaml
properties:
@@ -62,7 +65,10 @@ outputs:
- get_attr: [NovaPlacementBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [NovaPlacementBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaPlacementBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaPlacementBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -100,6 +106,8 @@ outputs:
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ metadata_settings:
+ get_attr: [NovaPlacementBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml
index 5c1aa308..8d8a6358 100644
--- a/docker/services/nova-scheduler.yaml
+++ b/docker/services/nova-scheduler.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaSchedulerBase:
type: ../../puppet/services/nova-scheduler.yaml
properties:
@@ -59,7 +62,10 @@ outputs:
service_name: {get_attr: [NovaSchedulerBase, role_data, service_name]}
config_settings: {get_attr: [NovaSchedulerBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaSchedulerBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaSchedulerBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaSchedulerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/nova-vnc-proxy.yaml b/docker/services/nova-vnc-proxy.yaml
index 37831ff7..c5f651d2 100644
--- a/docker/services/nova-vnc-proxy.yaml
+++ b/docker/services/nova-vnc-proxy.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaVncProxyPuppetBase:
type: ../../puppet/services/nova-vnc-proxy.yaml
properties:
@@ -59,7 +62,10 @@ outputs:
service_name: {get_attr: [NovaVncProxyPuppetBase, role_data, service_name]}
config_settings: {get_attr: [NovaVncProxyPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaVncProxyPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaVncProxyPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaVncProxyPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/octavia-api.yaml b/docker/services/octavia-api.yaml
index f5b4baec..86730ebc 100644
--- a/docker/services/octavia-api.yaml
+++ b/docker/services/octavia-api.yaml
@@ -50,6 +50,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
OctaviaApiPuppetBase:
type: ../../puppet/services/octavia-api.yaml
properties:
@@ -67,7 +70,10 @@ outputs:
service_name: {get_attr: [OctaviaApiPuppetBase, role_data, service_name]}
config_settings: {get_attr: [OctaviaApiPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [OctaviaApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [OctaviaApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [OctaviaApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
diff --git a/docker/services/opendaylight-api.yaml b/docker/services/opendaylight-api.yaml
index 7d7892dd..6a62f65e 100644
--- a/docker/services/opendaylight-api.yaml
+++ b/docker/services/opendaylight-api.yaml
@@ -4,17 +4,11 @@ description: >
OpenStack containerized OpenDaylight API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOpendaylightApiImage:
description: image
- default: 'centos-binary-opendaylight:latest'
type: string
DockerOpendaylightConfigImage:
description: image
- default: 'centos-binary-opendaylight:latest'
type: string
EndpointMap:
default: {}
@@ -67,20 +61,14 @@ outputs:
map_merge:
- get_attr: [OpenDaylightBase, role_data, config_settings]
step_config: &step_config
- list_join:
- - "\n"
- - - get_attr: [OpenDaylightBase, role_data, step_config]
- - "include tripleo::profile::base::neutron::opendaylight::create_cluster"
+ get_attr: [OpenDaylightBase, role_data, step_config]
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: opendaylight
# 'file,concat,file_line,augeas' are included by default
- puppet_tags: odl_user,tripleo::profile::base::neutron::opendaylight::configure_cluster
+ puppet_tags: odl_user
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightConfigImage} ]
+ config_image: {get_param: DockerOpendaylightConfigImage}
kolla_config:
/var/lib/kolla/config_files/opendaylight_api.json:
command: /opt/opendaylight/bin/karaf
@@ -97,10 +85,7 @@ outputs:
step_1:
opendaylight_api:
start_order: 0
- image: &odl_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightApiImage} ]
+ image: &odl_api_image {get_param: DockerOpendaylightApiImage}
privileged: false
net: host
detach: true
diff --git a/docker/services/pacemaker/cinder-backup.yaml b/docker/services/pacemaker/cinder-backup.yaml
index ee8ee124..c6a80efa 100644
--- a/docker/services/pacemaker/cinder-backup.yaml
+++ b/docker/services/pacemaker/cinder-backup.yaml
@@ -52,6 +52,9 @@ parameters:
resources:
+ MySQLClient:
+ type: ../../../puppet/services/database/mysql-client.yaml
+
CinderBackupBase:
type: ../../../puppet/services/cinder-backup.yaml
properties:
@@ -82,7 +85,11 @@ outputs:
puppet_config:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
- step_config: {get_attr: [CinderBackupBase, role_data, step_config]}
+ step_config:
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBackupBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
@@ -139,6 +146,27 @@ outputs:
- /var/lib/cinder
- /var/log/containers/cinder
upgrade_tasks:
- - name: Stop and disable cinder_backup service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the openstack-cinder-backup cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-backup
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped openstack-cinder-backup cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-backup
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable cinder_backup service
tags: step2
- service: name=openstack-cinder-backup state=stopped enabled=no
+ service: name=openstack-cinder-backup enabled=no
diff --git a/docker/services/pacemaker/cinder-volume.yaml b/docker/services/pacemaker/cinder-volume.yaml
index d016cf83..3c1b7a74 100644
--- a/docker/services/pacemaker/cinder-volume.yaml
+++ b/docker/services/pacemaker/cinder-volume.yaml
@@ -48,6 +48,9 @@ parameters:
resources:
+ MySQLClient:
+ type: ../../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../../puppet/services/cinder-volume.yaml
properties:
@@ -76,7 +79,11 @@ outputs:
puppet_config:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
- step_config: {get_attr: [CinderBase, role_data, step_config]}
+ step_config:
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
@@ -157,6 +164,30 @@ outputs:
executable: /bin/bash
creates: /dev/loop2
upgrade_tasks:
- - name: Stop and disable cinder_volume service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the openstack-cinder-volume cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped openstack-cinder-volume cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable cinder_volume service from boot
tags: step2
- service: name=openstack-cinder-volume state=stopped enabled=no
+ service: name=openstack-cinder-volume enabled=no
+
+
+
diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml
index f38cccfc..f12852f8 100644
--- a/docker/services/pacemaker/database/mysql.yaml
+++ b/docker/services/pacemaker/database/mysql.yaml
@@ -65,6 +65,17 @@ outputs:
map_merge:
- {get_attr: [MysqlPuppetBase, role_data, config_settings]}
- tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image {get_param: DockerMysqlImage}
+ tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123
+ tripleo.mysql.firewall_rules:
+ '104 mysql galera-bundle':
+ dport:
+ - 873
+ - 3123
+ - 3306
+ - 4444
+ - 4567
+ - 4568
+ - 9200
step_config: ""
# BEGIN DOCKER SETTINGS #
puppet_config:
@@ -164,6 +175,27 @@ outputs:
path: /var/lib/mysql
state: directory
upgrade_tasks:
- - name: Stop and disable mysql service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the galera cluster resource
tags: step2
- service: name=mariadb state=stopped enabled=no
+ pacemaker_resource:
+ resource: galera
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped galera cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: galera
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable mysql service
+ tags: step2
+ service: name=mariadb enabled=no
diff --git a/docker/services/pacemaker/database/redis.yaml b/docker/services/pacemaker/database/redis.yaml
index e124b045..75b6d650 100644
--- a/docker/services/pacemaker/database/redis.yaml
+++ b/docker/services/pacemaker/database/redis.yaml
@@ -61,7 +61,13 @@ outputs:
redis::notify_service: false
redis::managed_by_cluster_manager: true
tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image {get_param: DockerRedisImage}
-
+ tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124
+ tripleo.redis.firewall_rules:
+ '108 redis-bundle':
+ dport:
+ - 3124
+ - 6379
+ - 26379
step_config: ""
service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
@@ -139,6 +145,27 @@ outputs:
path: /var/lib/redis
state: directory
upgrade_tasks:
- - name: Stop and disable redis service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the redis cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RedisBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped redis cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RedisBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable redis service
tags: step2
- service: name=redis state=stopped enabled=no
+ service: name=redis enabled=no
diff --git a/docker/services/pacemaker/haproxy.yaml b/docker/services/pacemaker/haproxy.yaml
index 86c460fa..24155912 100644
--- a/docker/services/pacemaker/haproxy.yaml
+++ b/docker/services/pacemaker/haproxy.yaml
@@ -137,3 +137,25 @@ outputs:
- /dev/shm:/dev/shm:rw
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
+ upgrade_tasks:
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the haproxy cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [HAProxyBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped haproxy cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [HAProxyBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml
index 19af94b2..de53ceee 100644
--- a/docker/services/pacemaker/rabbitmq.yaml
+++ b/docker/services/pacemaker/rabbitmq.yaml
@@ -63,6 +63,14 @@ outputs:
- {get_attr: [RabbitmqBase, role_data, config_settings]}
- rabbitmq::service_manage: false
tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image {get_param: DockerRabbitmqImage}
+ tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
+ tripleo.rabbitmq.firewall_rules:
+ '109 rabbitmq-bundle':
+ dport:
+ - 3122
+ - 4369
+ - 5672
+ - 25672
step_config: &step_config
get_attr: [RabbitmqBase, role_data, step_config]
service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
@@ -157,6 +165,27 @@ outputs:
echo 'export ERL_EPMD_PORT=4370' >> /etc/rabbitmq/rabbitmq-env.conf
for pid in $(pgrep epmd); do if [ "$(lsns -o NS -p $pid)" == "$(lsns -o NS -p 1)" ]; then kill $pid; break; fi; done
upgrade_tasks:
- - name: Stop and disable rabbitmq service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the rabbitmq cluster resource.
tags: step2
- service: name=rabbitmq-server state=stopped enabled=no
+ pacemaker_resource:
+ resource: {get_attr: [RabbitmqBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped rabbitmq cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RabbitmqBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable rabbitmq service
+ tags: step2
+ service: name=rabbitmq-server enabled=no
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index ad2fa0f6..01c17388 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -51,6 +51,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
PankoApiPuppetBase:
type: ../../puppet/services/panko-api.yaml
properties:
@@ -71,7 +74,10 @@ outputs:
- get_attr: [PankoApiPuppetBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [PankoApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [PankoApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [PankoApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
diff --git a/docker/services/sahara-api.yaml b/docker/services/sahara-api.yaml
index bff2fdac..b0c3736c 100644
--- a/docker/services/sahara-api.yaml
+++ b/docker/services/sahara-api.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
SaharaApiPuppetBase:
type: ../../puppet/services/sahara-api.yaml
properties:
@@ -60,7 +63,10 @@ outputs:
- get_attr: [SaharaApiPuppetBase, role_data, config_settings]
- sahara::sync_db: false
step_config: &step_config
- get_attr: [SaharaApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [SaharaApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [SaharaApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
diff --git a/docker/services/sahara-engine.yaml b/docker/services/sahara-engine.yaml
index 01d4bb9c..b1660296 100644
--- a/docker/services/sahara-engine.yaml
+++ b/docker/services/sahara-engine.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
SaharaEnginePuppetBase:
type: ../../puppet/services/sahara-engine.yaml
properties:
@@ -60,7 +63,10 @@ outputs:
- get_attr: [SaharaEnginePuppetBase, role_data, config_settings]
- sahara::sync_db: false
step_config: &step_config
- get_attr: [SaharaEnginePuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [SaharaEnginePuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [SaharaEnginePuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml
index 04e58b4a..e879b25d 100644
--- a/docker/services/swift-storage.yaml
+++ b/docker/services/swift-storage.yaml
@@ -462,6 +462,7 @@ outputs:
- openstack-swift-container-updater
- openstack-swift-container
- openstack-swift-object-auditor
+ - openstack-swift-object-expirer
- openstack-swift-object-replicator
- openstack-swift-object-updater
- openstack-swift-object
diff --git a/docker/services/tacker.yaml b/docker/services/tacker.yaml
index cdcb4d2a..1b7d78ca 100644
--- a/docker/services/tacker.yaml
+++ b/docker/services/tacker.yaml
@@ -42,6 +42,9 @@ resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
TackerBase:
type: ../../puppet/services/tacker.yaml
properties:
@@ -61,7 +64,10 @@ outputs:
map_merge:
- get_attr: [TackerBase, role_data, config_settings]
step_config: &step_config
- get_attr: [TackerBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [TackerBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [TackerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml
index 85a84550..072c6759 100644
--- a/docker/services/zaqar.yaml
+++ b/docker/services/zaqar.yaml
@@ -10,6 +10,10 @@ parameters:
DockerZaqarConfigImage:
description: The container image to use for the zaqar config_volume
type: string
+ ZaqarManagementStore:
+ type: string
+ description: The management store for Zaqar
+ default: mongodb
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@@ -36,12 +40,22 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+ zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
+ internal_tls_enabled: {get_param: EnableInternalTLS}
resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ZaqarBase:
type: ../../puppet/services/zaqar.yaml
properties:
@@ -51,6 +65,7 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
@@ -59,7 +74,10 @@ outputs:
service_name: {get_attr: [ZaqarBase, role_data, service_name]}
config_settings: {get_attr: [ZaqarBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [ZaqarBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [ZaqarBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ZaqarBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@@ -87,38 +105,75 @@ outputs:
owner: zaqar:zaqar
recurse: true
docker_config:
- step_4:
- zaqar:
- image: &zaqar_image {get_param: DockerZaqarImage}
- net: host
- privileged: false
- restart: always
- # NOTE(mandre) kolla image changes the user to 'zaqar', we need it
- # to be root to run httpd
- user: root
- volumes:
- list_concat:
- - {get_attr: [ContainersCommon, volumes]}
- -
- - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- - /var/log/containers/zaqar:/var/log/zaqar
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- zaqar_websocket:
- image: *zaqar_image
- net: host
- privileged: false
- restart: always
- volumes:
- list_concat:
- - {get_attr: [ContainersCommon, volumes]}
- -
- - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- - /var/log/containers/zaqar:/var/log/zaqar
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ map_merge:
+ -
+ if:
+ - zaqar_management_store_sqlalchemy
+ -
+ step_2:
+ zaqar_init_log:
+ image: &zaqar_image {get_param: DockerZaqarImage}
+ user: root
+ volumes:
+ - /var/log/containers/zaqar:/var/log/zaqar
+ command: ['/bin/bash', '-c', 'chown -R zaqar:zaqar /var/log/zaqar']
+ step_3:
+ zaqar_db_sync:
+ image: *zaqar_image
+ net: host
+ privileged: false
+ detach: false
+ user: root
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
+ command: "/usr/bin/bootstrap_host_exec zaqar su zaqar -s /bin/bash -c 'zaqar-sql-db-manage upgrade head'"
+ - {}
+ - step_4:
+ zaqar:
+ image: *zaqar_image
+ net: host
+ privileged: false
+ restart: always
+ # NOTE(mandre) kolla image changes the user to 'zaqar', we need it
+ # to be root to run httpd
+ user: root
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ zaqar_websocket:
+ image: *zaqar_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: create persistent logs directory
file:
@@ -128,3 +183,5 @@ outputs:
- name: Stop and disable zaqar service
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [ZaqarBase, role_data, metadata_settings]
diff --git a/environments/ceph-ansible/ceph-ansible.yaml b/environments/ceph-ansible/ceph-ansible.yaml
new file mode 100644
index 00000000..2c25828c
--- /dev/null
+++ b/environments/ceph-ansible/ceph-ansible.yaml
@@ -0,0 +1,12 @@
+resource_registry:
+ OS::TripleO::Services::CephMon: ../../docker/services/ceph-ansible/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../docker/services/ceph-ansible/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../docker/services/ceph-ansible/ceph-client.yaml
+
+parameter_defaults:
+ CinderEnableIscsiBackend: false
+ CinderEnableRbdBackend: true
+ CinderBackupBackend: ceph
+ NovaEnableRbdBackend: true
+ GlanceBackend: rbd
+ GnocchiBackend: rbd
diff --git a/environments/cinder-dellps-config.yaml b/environments/cinder-dellps-config.yaml
index eefd0fd6..f5adbafa 100644
--- a/environments/cinder-dellps-config.yaml
+++ b/environments/cinder-dellps-config.yaml
@@ -23,6 +23,7 @@ parameter_defaults:
CinderDellPsSanIp: ''
CinderDellPsSanLogin: ''
CinderDellPsSanPassword: ''
+ CinderDellPsSanPrivateKey: ''
CinderDellPsSanThinProvision: true
CinderDellPsGroupname: 'group-0'
CinderDellPsPool: 'default'
diff --git a/environments/contrail/contrail-net-storage-mgmt.yaml b/environments/contrail/contrail-net-storage-mgmt.yaml
new file mode 100644
index 00000000..b382732c
--- /dev/null
+++ b/environments/contrail/contrail-net-storage-mgmt.yaml
@@ -0,0 +1,37 @@
+resource_registry:
+ OS::TripleO::Compute::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+ OS::TripleO::ContrailDpdk::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailController::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailTsn::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+
+parameter_defaults:
+ ContrailConfigVIP: 10.0.0.10
+ ContrailAnalyticsVIP: 10.0.0.10
+ ContrailWebuiVIP: 10.0.0.10
+ ContrailVIP: 10.0.0.10
+ ControlPlaneSubnetCidr: '24'
+ ControlPlaneDefaultRoute: 192.168.24.254
+ InternalApiNetCidr: 10.3.0.0/24
+ InternalApiAllocationPools: [{'start': '10.3.0.10', 'end': '10.3.0.200'}]
+ InternalApiDefaultRoute: 10.3.0.1
+ StorageMgmtNetCidr: 10.0.0.0/24
+ StorageMgmtAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.200'}]
+ StorageMgmtDefaultRoute: 10.0.0.1
+ StorageMgmtInterfaceDefaultRoute: 10.0.0.1
+ StorageMgmtVirtualIP: 10.0.0.10
+ ManagementNetCidr: 10.1.0.0/24
+ ManagementAllocationPools: [{'start': '10.1.0.10', 'end': '10.1.0.200'}]
+ ManagementInterfaceDefaultRoute: 10.1.0.1
+ ExternalNetCidr: 10.2.0.0/24
+ ExternalAllocationPools: [{'start': '10.2.0.10', 'end': '10.2.0.200'}]
+ EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud
+ DnsServers: ["10.87.64.101"]
+ VrouterPhysicalInterface: eth1
+ VrouterGateway: 10.0.0.1
+ VrouterNetmask: 255.255.255.0
+ ControlVirtualInterface: eth0
+ PublicVirtualInterface: vlan10
+# VlanParentInterface: eth1 # If VrouterPhysicalInterface is a vlan interface using vlanX notation
diff --git a/environments/contrail/contrail-net.yaml b/environments/contrail/contrail-net.yaml
index cca9beac..a1862c36 100644
--- a/environments/contrail/contrail-net.yaml
+++ b/environments/contrail/contrail-net.yaml
@@ -1,10 +1,10 @@
resource_registry:
- OS::TripleO::Compute::Net::SoftwareConfig: contrail-nic-config-compute.yaml
- OS::TripleO::Controller::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailController::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailTsn::Net::SoftwareConfig: contrail-nic-config-compute.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config-compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailController::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailTsn::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config-compute.yaml
parameter_defaults:
ControlPlaneSubnetCidr: '24'
@@ -18,9 +18,16 @@ parameter_defaults:
ExternalNetCidr: 10.2.0.0/24
ExternalAllocationPools: [{'start': '10.2.0.10', 'end': '10.2.0.200'}]
EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud
- DnsServers: ["8.8.8.8","8.8.4.4"]
- VrouterPhysicalInterface: eth1
- VrouterGateway: 10.0.0.1
- VrouterNetmask: 255.255.255.0
+ DnsServers: ["8.8.8.8"]
+ NtpServer: 10.0.0.1
+ ContrailVrouterPhysicalInterface: eth1
+ ContrailVrouterGateway: 10.0.0.1
+ ContrailVrouterNetmask: 255.255.255.0
ControlVirtualInterface: eth0
PublicVirtualInterface: vlan10
+## If vhost0 is linked to a vlan interface:
+# ContrailVlanParentInterface: eth1 # If VrouterPhysicalInterface is a vlan interface using vlanX notation
+## If vhost0 is linked to a bonded vlan interface:
+# ContrailVlanParentInterface: bond0
+# ContrailBondInterface: bond0
+# ContrailBondInterfaceMembers: 'eth1,eth2'
diff --git a/environments/contrail/contrail-services.yaml b/environments/contrail/contrail-services.yaml
index 80ef9d3a..1cf4bc0a 100644
--- a/environments/contrail/contrail-services.yaml
+++ b/environments/contrail/contrail-services.yaml
@@ -8,7 +8,6 @@ resource_registry:
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginContrail
OS::TripleO::Services::ComputeNeutronCorePlugin: OS::TripleO::Services::ComputeNeutronCorePluginContrail
- OS::TripleO::NodeUserData: ../../firstboot/install_vrouter_kmod.yaml
OS::TripleO::Services::ContrailHeat: ../../puppet/services/network/contrail-heat.yaml
OS::TripleO::Services::ContrailAnalytics: ../../puppet/services/network/contrail-analytics.yaml
OS::TripleO::Services::ContrailAnalyticsDatabase: ../../puppet/services/network/contrail-analytics-database.yaml
@@ -17,10 +16,26 @@ resource_registry:
OS::TripleO::Services::ContrailDatabase: ../../puppet/services/network/contrail-database.yaml
OS::TripleO::Services::ContrailWebUI: ../../puppet/services/network/contrail-webui.yaml
OS::TripleO::Services::ContrailTsn: ../../puppet/services/network/contrail-tsn.yaml
+ OS::TripleO::Services::ContrailDpdk: ../../puppet/services/network/contrail-dpdk.yaml
OS::TripleO::Services::ComputeNeutronCorePluginContrail: ../../puppet/services/network/contrail-vrouter.yaml
OS::TripleO::Services::NeutronCorePluginContrail: ../../puppet/services/network/contrail-neutron-plugin.yaml
+ OS::TripleO::NodeUserData: ../../extraconfig/all_nodes/contrail/enable_contrail_repo.yaml
+ OS::TripleO::ContrailTsn::PreNetworkConfig: ../../extraconfig/pre_network/contrail/compute_pre_network.yaml
+ OS::TripleO::ContrailDpdk::PreNetworkConfig: ../../extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml
+ OS::TripleO::Compute::PreNetworkConfig: ../../extraconfig/pre_network/contrail/compute_pre_network.yaml
parameter_defaults:
- ContrailRepo: http://192.168.24.1/contrail-3.2.0.0-19
+ ServiceNetMap:
+ ContrailAnalyticsNetwork: internal_api
+ ContrailAnalyticsDatabaseNetwork: internal_api
+ ContrailConfigNetwork: internal_api
+ ContrailControlNetwork: internal_api
+ ContrailDatabaseNetwork: internal_api
+ ContrailWebuiNetwork: internal_api
+ ContrailTsnNetwork: internal_api
+ ContrailVrouterNetwork: internal_api
+ ContrailDpdkNetwork: internal_api
+ ContrailRepo: http://192.168.24.1/contrail
+ ContrailControlManageNamed: true
EnablePackageInstall: true
# ContrailConfigIfmapUserName: api-server
# ContrailConfigIfmapUserPassword: api-server
@@ -30,16 +45,16 @@ parameter_defaults:
OvercloudContrailAnalyticsDatabaseFlavor: contrail-analytics-database
OvercloudContrailTsnFlavor: contrail-tsn
OvercloudComputeFlavor: compute
+ OvercloudContrailDpdkFlavor: compute-dpdk
ControllerCount: 3
ContrailControllerCount: 3
ContrailAnalyticsCount: 3
ContrailAnalyticsDatabaseCount: 3
- ContrailTsnCount: 1
+ ContrailTsnCount: 0
ComputeCount: 3
- DnsServers: ["8.8.8.8","8.8.4.4"]
- NtpServer: 10.0.0.1
+ ContrailDpdkCount: 0
NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2
- NeutronServicePlugins: ''
+ NeutronServicePlugins: 'neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2'
NeutronTunnelTypes: ''
# NeutronMetadataProxySharedSecret:
# ContrailControlRNDCSecret: # sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
diff --git a/environments/contrail/roles_data_contrail.yaml b/environments/contrail/roles_data_contrail.yaml
index d6d6f291..eae809a5 100644
--- a/environments/contrail/roles_data_contrail.yaml
+++ b/environments/contrail/roles_data_contrail.yaml
@@ -109,6 +109,7 @@
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::Etcd
- OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::Iscsid
- name: Compute
CountDefault: 1
@@ -125,6 +126,7 @@
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
@@ -138,6 +140,7 @@
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::Iscsid
- name: BlockStorage
ServicesDefault:
@@ -205,6 +208,7 @@
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
- name: ContrailAnalytics
ServicesDefault:
@@ -244,3 +248,16 @@
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+
+- name: ContrailDpdk
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::ContrailTsn
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
diff --git a/environments/deployed-server-deployed-neutron-ports.yaml b/environments/deployed-server-deployed-neutron-ports.yaml
new file mode 100644
index 00000000..1464f4be
--- /dev/null
+++ b/environments/deployed-server-deployed-neutron-ports.yaml
@@ -0,0 +1,4 @@
+resource_registry:
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
+ OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/deployed-neutron-port.yaml
+
diff --git a/environments/docker-centos-tripleoupstream.yaml b/environments/docker-centos-tripleoupstream.yaml
index d94ac6d7..47f8e528 100644
--- a/environments/docker-centos-tripleoupstream.yaml
+++ b/environments/docker-centos-tripleoupstream.yaml
@@ -59,6 +59,7 @@ parameter_defaults:
DockerManilaApiImage: tripleoupstream/centos-binary-manila-api:latest
DockerManilaConfigImage: tripleoupstream/centos-binary-manila-api:latest
DockerManilaSchedulerImage: tripleoupstream/centos-binary-manila-scheduler:latest
+ DockerManilaShareImage: tripleoupstream/centos-binary-manila-share:latest
DockerMemcachedConfigImage: tripleoupstream/centos-binary-memcached:latest
DockerMemcachedImage: tripleoupstream/centos-binary-memcached:latest
DockerMistralApiImage: tripleoupstream/centos-binary-mistral-api:latest
@@ -99,6 +100,8 @@ parameter_defaults:
DockerOctaviaHealthManagerImage: tripleoupstream/centos-binary-octavia-health-manager:latest
DockerOctaviaHousekeepingImage: tripleoupstream/centos-binary-octavia-housekeeping:latest
DockerOctaviaWorkerImage: tripleoupstream/centos-binary-octavia-worker:latest
+ DockerOpendaylightApiImage: tripleoupstream/centos-binary-opendaylight:latest
+ DockerOpendaylightConfigImage: tripleoupstream/centos-binary-opendaylight:latest
DockerOpenvswitchImage: tripleoupstream/centos-binary-neutron-openvswitch-agent:latest
DockerPankoApiImage: tripleoupstream/centos-binary-panko-api:latest
DockerPankoConfigImage: tripleoupstream/centos-binary-panko-api:latest
diff --git a/environments/docker-ha.yaml b/environments/docker-ha.yaml
index 442262b3..474e9966 100644
--- a/environments/docker-ha.yaml
+++ b/environments/docker-ha.yaml
@@ -3,9 +3,6 @@
# ...deploy..-e docker.yaml -e docker-ha.yaml
resource_registry:
# Pacemaker runs on the host
- OS::TripleO::Tasks::ControllerPreConfig: ../extraconfig/tasks/pre_puppet_pacemaker.yaml
- OS::TripleO::Tasks::ControllerPostConfig: ../extraconfig/tasks/post_puppet_pacemaker.yaml
- OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
OS::TripleO::Services::Pacemaker: ../puppet/services/pacemaker.yaml
OS::TripleO::Services::PacemakerRemote: ../puppet/services/pacemaker_remote.yaml
@@ -13,8 +10,9 @@ resource_registry:
OS::TripleO::Services::Keepalived: OS::Heat::None
# HA Containers managed by pacemaker
- OS::TripleO::Services::CinderVolume: ../docker/services/pacemaker/cinder-volume.yaml
- OS::TripleO::Services::CinderBackup: ../docker/services/pacemaker/cinder-backup.yaml
+ # FIXME: enable those Cinder services once their non-HA counterpart are enabled
+ # OS::TripleO::Services::CinderVolume: ../docker/services/pacemaker/cinder-volume.yaml
+ # OS::TripleO::Services::CinderBackup: ../docker/services/pacemaker/cinder-backup.yaml
OS::TripleO::Services::Clustercheck: ../docker/services/pacemaker/clustercheck.yaml
OS::TripleO::Services::HAproxy: ../docker/services/pacemaker/haproxy.yaml
OS::TripleO::Services::MySQL: ../docker/services/pacemaker/database/mysql.yaml
diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml
index 8d304494..57cf2c5e 100644
--- a/environments/docker-services-tls-everywhere.yaml
+++ b/environments/docker-services-tls-everywhere.yaml
@@ -6,6 +6,8 @@ resource_registry:
OS::TripleO::Services::Docker: ../puppet/services/docker.yaml
# The compute node still needs extra initialization steps
OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
+ # Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2
+ OS::TripleO::Docker::NeutronMl2PluginBase: ../puppet/services/neutron-plugin-ml2.yaml
# NOTE: add roles to be docker enabled as we support them.
OS::TripleO::Services::AodhApi: ../docker/services/aodh-api.yaml
@@ -20,13 +22,16 @@ resource_registry:
OS::TripleO::Services::HeatApi: ../docker/services/heat-api.yaml
OS::TripleO::Services::HeatApiCfn: ../docker/services/heat-api-cfn.yaml
OS::TripleO::Services::HeatEngine: ../docker/services/heat-engine.yaml
+ OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml
OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml
+ OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml
+ OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml
OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml
OS::TripleO::Services::NeutronCorePlugin: ../docker/services/neutron-plugin-ml2.yaml
+ OS::TripleO::Services::NeutronMetadataAgent: ../docker/services/neutron-metadata.yaml
+ OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
- OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
- OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml
OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml
OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml
OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml
diff --git a/environments/docker.yaml b/environments/docker.yaml
index 52b2dc05..336a0b3c 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -22,6 +22,7 @@ resource_registry:
OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml
OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml
OS::TripleO::Services::NovaConsoleauth: ../docker/services/nova-consoleauth.yaml
+ OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml
OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml
OS::TripleO::Services::NovaVncProxy: ../docker/services/nova-vnc-proxy.yaml
OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml
@@ -31,8 +32,8 @@ resource_registry:
OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
+ OS::TripleO::Services::HAproxy: ../docker/services/haproxy.yaml
OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml
- OS::TripleO::Services::MySQLClient: ../docker/services/database/mysql-client.yaml
OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml
OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml
OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml
@@ -50,7 +51,7 @@ resource_registry:
OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml
OS::TripleO::Services::CeilometerAgentCentral: ../docker/services/ceilometer-agent-central.yaml
OS::TripleO::Services::CeilometerAgentIpmi: ../docker/services/ceilometer-agent-ipmi.yaml
- OS::TripleO::Services::CeilometerAgentCompute: ../docker/services/ceilometer-agent-compute.yaml
+ OS::TripleO::Services::ComputeCeilometerAgent: ../docker/services/ceilometer-agent-compute.yaml
OS::TripleO::Services::CeilometerAgentNotification: ../docker/services/ceilometer-agent-notification.yaml
OS::TripleO::Services::Horizon: ../docker/services/horizon.yaml
OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml
diff --git a/environments/host-config-and-reboot.j2.yaml b/environments/host-config-and-reboot.j2.yaml
index d5f69ec5..c16627db 100644
--- a/environments/host-config-and-reboot.j2.yaml
+++ b/environments/host-config-and-reboot.j2.yaml
@@ -11,8 +11,8 @@ resource_registry:
#ComputeParameters:
#KernelArgs: ""
#TunedProfileName: ""
- #HostIsolatedCoreList: ""
+ #IsolCpusList: ""
#ComputeOvsDpdkParameters:
- #KernelArgs: ""
- #TunedProfileName: ""
- #HostIsolatedCoreList: ""
+ #KernelArgs: "intel_iommu=on iommu=pt default_hugepagesz=1GB hugepagesz=1G hugepages=60"
+ #TunedProfileName: "cpu-partitioning"
+ #IsolCpusList: ""
diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml
index 05a3a391..834c4f10 100644
--- a/environments/hyperconverged-ceph.yaml
+++ b/environments/hyperconverged-ceph.yaml
@@ -16,6 +16,7 @@ parameter_defaults:
- OS::TripleO::Services::Securetty
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
@@ -25,6 +26,7 @@ parameter_defaults:
- OS::TripleO::Services::ComputeNeutronMetadataAgent
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::NeutronSriovAgent
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::SensuClient
@@ -37,3 +39,4 @@ parameter_defaults:
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::OVNController
diff --git a/environments/network-isolation.j2.yaml b/environments/network-isolation.j2.yaml
index 6a7318fc..1b792afd 100644
--- a/environments/network-isolation.j2.yaml
+++ b/environments/network-isolation.j2.yaml
@@ -17,7 +17,7 @@ resource_registry:
{%- endfor %}
# Port assignments for the VIPs
- {%- for network in networks if network.vip %}
+ {%- for network in networks if network.vip and network.enabled|default(true) %}
OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}.yaml
{%- endfor %}
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
diff --git a/environments/neutron-ml2-ovn-ha.yaml b/environments/neutron-ml2-ovn-ha.yaml
index c592d576..a9f732b2 100644
--- a/environments/neutron-ml2-ovn-ha.yaml
+++ b/environments/neutron-ml2-ovn-ha.yaml
@@ -2,14 +2,15 @@
# extensions, configured via puppet
resource_registry:
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
- OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml
+ OS::TripleO::Services::OVNController: ../puppet/services/ovn-controller.yaml
OS::TripleO::Services::OVNDBs: ../puppet/services/pacemaker/ovn-dbs.yaml
# Disabling Neutron services that overlap with OVN
- OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
- OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
parameter_defaults:
NeutronMechanismDrivers: ovn
diff --git a/environments/neutron-ml2-ovn.yaml b/environments/neutron-ml2-ovn.yaml
index 7483bdbb..7322b05c 100644
--- a/environments/neutron-ml2-ovn.yaml
+++ b/environments/neutron-ml2-ovn.yaml
@@ -1,15 +1,16 @@
# A Heat environment file which can be used to enable OVN
# extensions, configured via puppet
resource_registry:
- OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
- OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
- OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
- OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml
+ OS::TripleO::Services::OVNController: ../puppet/services/ovn-controller.yaml
+ OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
# Disabling Neutron services that overlap with OVN
- OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
- OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+ OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
parameter_defaults:
NeutronMechanismDrivers: ovn
diff --git a/environments/neutron-opendaylight-dpdk.yaml b/environments/neutron-opendaylight-dpdk.yaml
index 9ee4eb7e..d675252d 100644
--- a/environments/neutron-opendaylight-dpdk.yaml
+++ b/environments/neutron-opendaylight-dpdk.yaml
@@ -12,15 +12,23 @@ parameter_defaults:
NeutronMechanismDrivers: 'opendaylight_v2'
NeutronServicePlugins: 'odl-router_v2'
NovaSchedulerDefaultFilters: "RamFilter,ComputeFilter,AvailabilityZoneFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,NUMATopologyFilter"
- ## Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
- ## It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
- ## This can be done using ComputeKernelArgs as shown below.
- ComputeParameters:
- #ComputeKernelArgs: "intel_iommu=on default_hugepagesz=2MB hugepagesz=2MB hugepages=2048"
+
+ ComputeOvsDpdkParameters:
+ OvsEnableDpdk: True
+
+ ## Host configuration Parameters
+ #TunedProfileName: "cpu-partitioning"
+ #IsolCpusList: "" # Logical CPUs list to be isolated from the host process (applied via cpu-partitioning tuned).
+ # It is mandatory to provide isolated cpus for tuned to achive optimal performance.
+ # Example: "3-8,12-15,18"
+ #KernelArgs: "" # Space separated kernel args to configure hugepage and IOMMU.
+ # Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
+ # It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
+ # This should be done by configuring parameters via host-config-and-reboot.yaml environment file.
+
## Attempting to deploy DPDK without appropriate values for the below parameters may lead to unstable deployments
## due to CPU contention of DPDK PMD threads.
- OvsEnableDpdk: True
- ## It is highly recommended to to enable isolcpus (via ComputeKernelArgs) on compute overcloud nodes and set the following parameters:
+ ## It is highly recommended to to enable isolcpus (via KernelArgs) on compute overcloud nodes and set the following parameters:
#OvsDpdkSocketMemory: "" # Sets the amount of hugepage memory to assign per NUMA node.
# It is recommended to use the socket closest to the PCIe slot used for the
# desired DPDK NIC. Format should be comma separated per socket string such as:
diff --git a/environments/neutron-ovs-dpdk.yaml b/environments/neutron-ovs-dpdk.yaml
index ecfd0fea..029a198e 100644
--- a/environments/neutron-ovs-dpdk.yaml
+++ b/environments/neutron-ovs-dpdk.yaml
@@ -1,25 +1,32 @@
# A Heat environment that can be used to deploy DPDK with OVS
# Deploying DPDK requires enabling hugepages for the overcloud nodes
resource_registry:
- OS::TripleO::Services::ComputeNeutronOvsAgent: ../puppet/services/neutron-ovs-dpdk-agent.yaml
+ OS::TripleO::Services::ComputeNeutronOvsDpdk: ../puppet/services/neutron-ovs-dpdk-agent.yaml
parameter_defaults:
NeutronDatapathType: "netdev"
NeutronVhostuserSocketDir: "/var/lib/vhost_sockets"
NovaSchedulerDefaultFilters: "RamFilter,ComputeFilter,AvailabilityZoneFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,NUMATopologyFilter"
- ## Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
- ## It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
- ## This can be done using ComputeKernelArgs as shown below.
- #ComputeParameters:
- #ComputeKernelArgs: "intel_iommu=on default_hugepagesz=2MB hugepagesz=2MB hugepages=2048"
+ OvsDpdkDriverType: "vfio-pci"
+
+ #ComputeOvsDpdkParameters:
+ ## Host configuration Parameters
+ #TunedProfileName: "cpu-partitioning"
+ #IsolCpusList: "" # Logical CPUs list to be isolated from the host process (applied via cpu-partitioning tuned).
+ # It is mandatory to provide isolated cpus for tuned to achive optimal performance.
+ # Example: "3-8,12-15,18"
+ #KernelArgs: "" # Space separated kernel args to configure hugepage and IOMMU.
+ # Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
+ # It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
+ # This should be done by configuring parameters via host-config-and-reboot.yaml environment file.
+
## Attempting to deploy DPDK without appropriate values for the below parameters may lead to unstable deployments
## due to CPU contention of DPDK PMD threads.
- ## It is highly recommended to to enable isolcpus (via ComputeKernelArgs) on compute overcloud nodes and set the following parameters:
+ ## It is highly recommended to to enable isolcpus (via KernelArgs) on compute overcloud nodes and set the following parameters:
#OvsDpdkSocketMemory: "" # Sets the amount of hugepage memory to assign per NUMA node.
# It is recommended to use the socket closest to the PCIe slot used for the
# desired DPDK NIC. Format should be comma separated per socket string such as:
# "<socket 0 mem MB>,<socket 1 mem MB>", for example: "1024,0".
- #OvsDpdkDriverType: "vfio-pci" # Ensure the Overcloud NIC to be used for DPDK supports this UIO/PMD driver.
#OvsPmdCoreList: "" # List or range of CPU cores for PMD threads to be pinned to. Note, NIC
# location to cores on socket, number of hyper-threaded logical cores, and
# desired number of PMD threads can all play a role in configuring this setting.
diff --git a/environments/overcloud-baremetal.j2.yaml b/environments/overcloud-baremetal.j2.yaml
index 8d7bc8d9..93191a7b 100644
--- a/environments/overcloud-baremetal.j2.yaml
+++ b/environments/overcloud-baremetal.j2.yaml
@@ -11,10 +11,3 @@ parameter_defaults:
{% for role in roles %}
{{role.name}}Services: []
{% endfor %}
-
- # Consistent Hostname format
- ControllerHostnameFormat: overcloud-controller-%index%
- ComputeHostnameFormat: overcloud-novacompute-%index%
- ObjectStorageHostnameFormat: overcloud-objectstorage-%index%
- CephStorageHostnameFormat: overcloud-cephstorage-%index%
- BlockStorageHostnameFormat: overcloud-blockstorage-%index%
diff --git a/environments/overcloud-services.yaml b/environments/overcloud-services.yaml
index 1d01cb3c..ac1c69f0 100644
--- a/environments/overcloud-services.yaml
+++ b/environments/overcloud-services.yaml
@@ -1,10 +1,2 @@
resource_registry:
OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
-
-parameter_defaults:
- # Consistent Hostname format
- ControllerDeployedServerHostnameFormat: overcloud-controller-%index%
- ComputeDeployedServerHostnameFormat: overcloud-novacompute-%index%
- ObjectStorageDeployedServerHostnameFormat: overcloud-objectstorage-%index%
- CephStorageDeployedServerHostnameFormat: overcloud-cephstorage-%index%
- BlockStorageDeployedServerHostnameFormat: overcloud-blockstorage-%index%
diff --git a/environments/predictable-placement/custom-domain.yaml b/environments/predictable-placement/custom-domain.yaml
new file mode 100644
index 00000000..aacb677a
--- /dev/null
+++ b/environments/predictable-placement/custom-domain.yaml
@@ -0,0 +1,35 @@
+# *******************************************************************
+# This file was created automatically by the sample environment
+# generator. Developers should use `tox -e genconfig` to update it.
+# Users are recommended to make changes to a copy of the file instead
+# of the original, if any customizations are needed.
+# *******************************************************************
+# title: Custom Domain Name
+# description: |
+# This environment contains the parameters that need to be set in order to
+# use a custom domain name and have all of the various FQDNs reflect it.
+parameter_defaults:
+ # The DNS domain used for the hosts. This must match the overcloud_domain_name configured on the undercloud.
+ # Type: string
+ CloudDomain: localdomain
+
+ # The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
+ # Type: string
+ CloudName: overcloud.localdomain
+
+ # The DNS name of this cloud's provisioning network endpoint. E.g. 'ci-overcloud.ctlplane.tripleo.org'.
+ # Type: string
+ CloudNameCtlplane: overcloud.ctlplane.localdomain
+
+ # The DNS name of this cloud's internal API endpoint. E.g. 'ci-overcloud.internalapi.tripleo.org'.
+ # Type: string
+ CloudNameInternal: overcloud.internalapi.localdomain
+
+ # The DNS name of this cloud's storage endpoint. E.g. 'ci-overcloud.storage.tripleo.org'.
+ # Type: string
+ CloudNameStorage: overcloud.storage.localdomain
+
+ # The DNS name of this cloud's storage management endpoint. E.g. 'ci-overcloud.storagemgmt.tripleo.org'.
+ # Type: string
+ CloudNameStorageManagement: overcloud.storagemgmt.localdomain
+
diff --git a/environments/puppet-ceph.yaml b/environments/puppet-ceph.yaml
index 57af540a..2b4dfa05 100644
--- a/environments/puppet-ceph.yaml
+++ b/environments/puppet-ceph.yaml
@@ -1,3 +1,7 @@
+# ****************************************************************************
+# DEPRECATED: Use tripleo-heat-templates/environments/storage/enable-ceph.yaml
+# instead.
+# ****************************************************************************
resource_registry:
OS::TripleO::Services::CephMon: ../puppet/services/ceph-mon.yaml
OS::TripleO::Services::CephOSD: ../puppet/services/ceph-osd.yaml
diff --git a/environments/services-docker/octavia.yaml b/environments/services-docker/octavia.yaml
index b677a4f6..f0c671f6 100644
--- a/environments/services-docker/octavia.yaml
+++ b/environments/services-docker/octavia.yaml
@@ -3,3 +3,8 @@ resource_registry:
OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
+
+parameter_defaults:
+ NeutronServicePlugins: "qos,router,trunk,lbaasv2"
+ NeutronEnableForceMetadata: true
+
diff --git a/environments/split-stack-consistent-hostname-format.j2.yaml b/environments/split-stack-consistent-hostname-format.j2.yaml
new file mode 100644
index 00000000..8345c108
--- /dev/null
+++ b/environments/split-stack-consistent-hostname-format.j2.yaml
@@ -0,0 +1,5 @@
+parameter_defaults:
+ # Consistent Hostname format
+{% for role in roles %}
+ {{role.name}}HostnameFormat: overcloud-{{role.name.lower()}}-%index%
+{% endfor %}
diff --git a/environments/ssl/tls-endpoints-public-dns.yaml b/environments/ssl/tls-endpoints-public-dns.yaml
index 216afece..3b3ddc16 100644
--- a/environments/ssl/tls-endpoints-public-dns.yaml
+++ b/environments/ssl/tls-endpoints-public-dns.yaml
@@ -30,39 +30,6 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
diff --git a/environments/ssl/tls-endpoints-public-ip.yaml b/environments/ssl/tls-endpoints-public-ip.yaml
index d216ab7f..bca6a891 100644
--- a/environments/ssl/tls-endpoints-public-ip.yaml
+++ b/environments/ssl/tls-endpoints-public-ip.yaml
@@ -30,39 +30,6 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
diff --git a/environments/ssl/tls-everywhere-endpoints-dns.yaml b/environments/ssl/tls-everywhere-endpoints-dns.yaml
index 63157ddd..e3fe608b 100644
--- a/environments/ssl/tls-everywhere-endpoints-dns.yaml
+++ b/environments/ssl/tls-everywhere-endpoints-dns.yaml
@@ -30,39 +30,6 @@ parameter_defaults:
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
diff --git a/environments/storage/enable-ceph.yaml b/environments/storage/enable-ceph.yaml
index c629f74b..596ec16e 100644
--- a/environments/storage/enable-ceph.yaml
+++ b/environments/storage/enable-ceph.yaml
@@ -33,3 +33,7 @@ parameter_defaults:
# Type: boolean
NovaEnableRbdBackend: True
+resource_registry:
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 83b32495..38942899 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -24,39 +24,6 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 8e502972..b6613f42 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -24,39 +24,6 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index 84cabf10..074fae73 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -20,39 +20,6 @@ parameter_defaults:
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml
index 559d81df..4bc16f8c 100644
--- a/environments/undercloud.yaml
+++ b/environments/undercloud.yaml
@@ -20,3 +20,5 @@ parameter_defaults:
HeatMaxJsonBodySize: 2097152
IronicInspectorInterface: br-ctlplane
IronicInspectorIpRange: '192.168.24.100,192.168.24.200'
+ ZaqarMessageStore: 'swift'
+ ZaqarManagementStore: 'sqlalchemy'
diff --git a/environments/veritas-hyperscale/cinder-veritas-hyperscale-config.yaml b/environments/veritas-hyperscale/cinder-veritas-hyperscale-config.yaml
new file mode 100644
index 00000000..eaa6cf7f
--- /dev/null
+++ b/environments/veritas-hyperscale/cinder-veritas-hyperscale-config.yaml
@@ -0,0 +1,18 @@
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# A Heat environment file which can be used to enable a
+# a Veritas HyperScale backend, configured via puppet
+resource_registry:
+ OS::TripleO::Services::CinderBackendVRTSHyperScale: ../../puppet/services/cinder-backend-veritas-hyperscale.yaml
diff --git a/environments/veritas-hyperscale/veritas-hyperscale-config.yaml b/environments/veritas-hyperscale/veritas-hyperscale-config.yaml
new file mode 100644
index 00000000..f6633539
--- /dev/null
+++ b/environments/veritas-hyperscale/veritas-hyperscale-config.yaml
@@ -0,0 +1,31 @@
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# A Heat environment file which can be used to install
+# Veritas HyperScale packages for controller.
+resource_registry:
+ OS::TripleO::Services::VRTSHyperScale: ../../puppet/services/veritas-hyperscale-controller.yaml
+
+parameter_defaults:
+ EnablePackageInstall: true
+ VrtsRabbitPassword: ''
+ VrtsKeystonePassword: ''
+ VrtsMysqlPassword: ''
+ VrtsCtrlMgmtIP: ''
+ VrtsDashboardIP: ''
+ VrtsZookeeperIP: ''
+ VrtsSSHPassword: ''
+ VrtsConfigParam1: ''
+ VrtsConfigParam2: ''
+ VrtsConfigParam3: ''
diff --git a/extraconfig/all_nodes/contrail/enable_contrail_repo.yaml b/extraconfig/all_nodes/contrail/enable_contrail_repo.yaml
new file mode 100644
index 00000000..51da6f65
--- /dev/null
+++ b/extraconfig/all_nodes/contrail/enable_contrail_repo.yaml
@@ -0,0 +1,43 @@
+heat_template_version: pike
+
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: EnableContrailRepoConfig}
+
+ EnableContrailRepoConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ config:
+ str_replace:
+ template: |
+ #!/bin/bash
+ contrail_repo=$contrail_repo
+ if [[ ${contrail_repo} ]]; then
+ cat <<EOF > /etc/yum.repos.d/contrail.repo
+ [Contrail]
+ name=Contrail Repo
+ baseurl=${contrail_repo}
+ enabled=1
+ gpgcheck=0
+ protect=1
+ metadata_expire=30
+ EOF
+ fi
+ params:
+ $contrail_repo: {get_param: ContrailRepo}
+
+outputs:
+ # This means get_resource from the parent template will get the userdata, see:
+ # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent
+ # Note this is new-for-kilo, an alternative is returning a value then using
+ # get_attr in the parent template instead.
+ OS::stack_id:
+ value: {get_resource: userdata}
diff --git a/extraconfig/nova_metadata/krb-service-principals.yaml b/extraconfig/nova_metadata/krb-service-principals.yaml
index 59b8e7f5..cdd4341a 100644
--- a/extraconfig/nova_metadata/krb-service-principals.yaml
+++ b/extraconfig/nova_metadata/krb-service-principals.yaml
@@ -32,8 +32,8 @@ parameters:
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
- The DNS name of this cloud's storage management endpoint. E.g.
- 'ci-overcloud.management.tripleo.org'.
+ The DNS name of this cloud's provisioning network endpoint. E.g.
+ 'ci-overcloud.ctlplane.tripleo.org'.
type: string
resources:
diff --git a/extraconfig/post_deploy/example_run_on_update.yaml b/extraconfig/post_deploy/example_run_on_update.yaml
index 346a1d77..4e378b14 100644
--- a/extraconfig/post_deploy/example_run_on_update.yaml
+++ b/extraconfig/post_deploy/example_run_on_update.yaml
@@ -14,6 +14,9 @@ parameters:
# otherwise unchanged
DeployIdentifier:
type: string
+ default: ''
+ description: >
+ Setting this to a unique value will re-run any deployment tasks which perform configuration on a Heat stack-update.
resources:
diff --git a/extraconfig/pre_network/contrail/compute_pre_network.yaml b/extraconfig/pre_network/contrail/compute_pre_network.yaml
new file mode 100644
index 00000000..69e89f87
--- /dev/null
+++ b/extraconfig/pre_network/contrail/compute_pre_network.yaml
@@ -0,0 +1,162 @@
+heat_template_version: pike
+
+# NOTE: You don't need to pass the parameter explicitly from the
+# parent template, it can be specified via the parameter_defaults
+# in the resource_registry instead, if you want to override the default
+# and/or share values with other templates in the tree.
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVlanParentInterface:
+ default: ''
+ description: Parent interface of vlan interface
+ type: string
+ ContrailBondInterface:
+ default: ''
+ description: Bond interface name
+ type: string
+ ContrailBondInterfaceMembers:
+ default: ''
+ description: Bond interface members
+ type: string
+ ContrailBondMode:
+ default: '4'
+ description: Bond Mode
+ type: string
+ ContrailBondPolicy:
+ default: '1'
+ description: Bond Policy
+ type: string
+ RoleParameters:
+ type: json
+ description: Parameters specific to the role
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ server:
+ type: string
+
+description: >
+ This template installs the Contrail kernel module packages in order
+ to bring vhost0 interface up. Vhost0 interface must be up before
+ os-net-config takes over.
+
+resources:
+
+ ContrailVrouterModuleDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: ContrailVrouterModuleDeployment
+ server: {get_param: server}
+ config: {get_resource: ContrailVrouterModuleConfig}
+ input_values:
+ phy_int: {get_param: ContrailVrouterPhysicalInterface}
+ bond_int: {get_param: ContrailBondInterface}
+ bond_int_members: {get_param: ContrailBondInterfaceMembers}
+ vlan_parent: {get_param: ContrailVlanParentInterface}
+ contrail_repo: {get_param: ContrailRepo}
+ bond_mode: {get_param: ContrailBondMode}
+ bond_policy: {get_param: ContrailBondPolicy}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ ContrailVrouterModuleConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: phy_int
+ - name: bond_int
+ - name: bond_int_members
+ - name: vlan_parent
+ - name: contrail_repo
+ - name: bond_mode
+ - name: bond_policy
+ config: |
+ #!/bin/bash
+ phy_int=$phy_int
+ bond_int=$bond_int
+ bond_int_members=$bond_int_members
+ bond_mode=$bond_mode
+ bond_policy=$bond_policy
+ vlan_parent=$vlan_parent
+ contrail_repo=$contrail_repo
+ if [[ ${contrail_repo} ]]; then
+ yum install -y contrail-vrouter-utils
+ fi
+ function pkt_setup () {
+ for f in /sys/class/net/$1/queues/rx-*
+ do
+ q="$(echo $f | cut -d '-' -f2)"
+ r=$(($q%32))
+ s=$(($q/32))
+ ((mask=1<<$r))
+ str=(`printf "%x" $mask`)
+ if [ $s -gt 0 ]; then
+ for ((i=0; i < $s; i++))
+ do
+ str+=,00000000
+ done
+ fi
+ echo $str > $f/rps_cpus
+ done
+ ifconfig $1 up
+ }
+ function insert_vrouter() {
+ if [ -f /sys/class/net/pkt1/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt1
+ fi
+ if [ -f /sys/class/net/pkt2/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt2
+ fi
+ if [ -f /sys/class/net/pkt3/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt3
+ fi
+ DEV_MAC=$(cat /sys/class/net/${phy_int}/address)
+ vif --create vhost0 --mac $DEV_MAC
+ vif --add ${phy_int} --mac $DEV_MAC --vrf 0 --vhost-phys --type physical
+ vif --add vhost0 --mac $DEV_MAC --vrf 0 --type vhost --xconnect ${phy_int}
+ ip link set vhost0 up
+ return 0
+ }
+ if [[ ${bond_int} ]]; then
+ bond_int_member_list=$(echo ${bond_int_members} | tr "," "\n")
+ ip link add name ${bond_int} type bond
+ echo ${bond_mode} > /sys/class/net/${bond_int}/bonding/mode
+ echo ${bond_policy} > /sys/class/net/${bond_int}/bonding/xmit_hash_policy
+ for member in ${bond_int_member_list}; do
+ ip link set dev $member master ${bond_int}
+ done
+ fi
+ if [[ ${vlan_parent} ]]; then
+ vlanId=`echo ${phy_int} | awk -F"vlan" '{print $2}'`
+ ip link add name ${phy_int} link ${vlan_parent} type vlan id ${vlanId}
+ fi
+ if [[ ${contrail_repo} ]]; then
+ yumdownloader contrail-vrouter --destdir /tmp
+ cd /tmp
+ rpm2cpio /tmp/contrail-vrouter*.rpm | cpio -idmv
+ cp `find /tmp/lib/modules -name vrouter.ko |tail -1` /tmp
+ insmod /tmp/vrouter.ko
+ else
+ modprobe vrouter
+ fi
+ insert_vrouter
+ if [[ `ifconfig ${phy_int} |grep "inet "` ]]; then
+ def_gw=''
+ if [[ `ip route show |grep default|grep ${phy_int}` ]]; then
+ def_gw=`ip route show |grep default|grep ${phy_int}|awk '{print $3}'`
+ fi
+ ip=`ifconfig ${phy_int} |grep "inet "|awk '{print $2}'`
+ mask=`ifconfig ${phy_int} |grep "inet "|awk '{print $4}'`
+ ip address delete $ip/$mask dev ${phy_int}
+ ip address add $ip/$mask dev vhost0
+ if [[ $def_gw ]]; then
+ ip route add default via $def_gw
+ fi
+ fi
diff --git a/extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml b/extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml
new file mode 100644
index 00000000..4b3c673c
--- /dev/null
+++ b/extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml
@@ -0,0 +1,168 @@
+heat_template_version: pike
+
+# NOTE: You don't need to pass the parameter explicitly from the
+# parent template, it can be specified via the parameter_defaults
+# in the resource_registry instead, if you want to override the default
+# and/or share values with other templates in the tree.
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVlanParentInterface:
+ default: ''
+ description: Parent interface of vlan interface
+ type: string
+ ContrailBondInterface:
+ default: ''
+ description: Bond interface name
+ type: string
+ ContrailBondInterfaceMembers:
+ default: ''
+ description: Bond interface members
+ type: string
+ ContrailBondMode:
+ default: '4'
+ description: Bond Mode
+ type: string
+ ContrailBondPolicy:
+ default: '1'
+ description: Bond Policy
+ type: string
+ ContrailDpdkHugePages:
+ default: '2048'
+ description: DPDK Hugepages setting
+ type: string
+ RoleParameters:
+ type: json
+ description: Parameters specific to the role
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ server:
+ type: string
+
+description: >
+ This template installs the Contrail dpdk packages in order
+ to bring vhost0 interface up. Vhost0 interface must be up before
+ os-net-config takes over.
+
+resources:
+
+ ContrailVrouterDpdkDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: ContrailVrouterDpdkDeployment
+ server: {get_param: server}
+ config: {get_resource: ContrailVrouterDpdkConfig}
+ input_values:
+ phy_int: {get_param: ContrailVrouterPhysicalInterface}
+ bond_int: {get_param: ContrailBondInterface}
+ bond_int_members: {get_param: ContrailBondInterfaceMembers}
+ vlan_parent: {get_param: ContrailVlanParentInterface}
+ contrail_repo: {get_param: ContrailRepo}
+ bond_mode: {get_param: ContrailBondMode}
+ bond_policy: {get_param: ContrailBondPolicy}
+ dpdk_hugepages: {get_param: ContrailDpdkHugePages}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ ContrailVrouterDpdkConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ phy_int=$phy_int
+ bond_int=$bond_int
+ bond_int_members=$bond_int_members
+ bond_mode=$bond_mode
+ bond_policy=$bond_policy
+ vlan_parent=$vlan_parent
+ contrail_repo=$contrail_repo
+ dpdk_hugepages=$dpdk_hugepages
+ echo "vm.nr_hugepages = $dpdk_hugepages" >> /etc/sysctl.conf
+ echo "vm.max_map_count = 128960" >> /etc/sysctl.conf
+ echo "kernel.core_pattern = /var/crashes/core.%e.%p.%h.%t" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_time = 5" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_probes = 5" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_intvl = 1" >> /etc/sysctl.conf
+ /sbin/sysctl --system
+ modprobe uio
+ if [[ ${contrail_repo} ]]; then
+ yum install -y contrail-vrouter-utils contrail-vrouter-dpdk contrail-vrouter-dpdk-init
+ fi
+ pci_address=`ethtool -i ${phy_int} |grep bus-info| awk '{print $2}' |tr -d ' '`
+ if [[ ${vlan_parent} ]]; then
+ pci_address=`ethtool -i ${vlan_parent} |grep bus-info| awk '{print $2}' |tr -d ' '`
+ fi
+ if [[ ${bond_int} ]]; then
+ bond_int_member_list=$(echo ${bond_int_members} | tr "," "\n")
+ cat <<EOF> /etc/sysconfig/network-scripts/ifcfg-${bond_int}
+ DEVICE=${bond_int}
+ BOOTPROTO=none
+ ONBOOT=yes
+ USERCTL=no
+ BONDING_OPTS="mode=${bond_mode} xmit_hash_policy=${bond_policy}"
+ EOF
+ for member in ${bond_int_member_list}; do
+ cat <<EOF> /etc/sysconfig/network-scripts/ifcfg-${member}
+ DEVICE=${member}
+ BOOTPROTO=none
+ ONBOOT=yes
+ MASTER=${bond_int}
+ SLAVE=yes
+ USERCTL=no
+ EOF
+ ip link set dev ${member} down
+ done
+ ifup ${bond_int}
+ pci_address=0000:00:00.0
+ fi
+ if [[ ${vlan_parent} ]]; then
+ echo ${vlan_parent} >> /tmp/vlan_parent
+ vlanId=`echo ${phy_int} | awk -F"vlan" '{print $2}'`
+ ip link add name ${phy_int} link ${vlan_parent} type vlan id ${vlanId}
+ fi
+ cat <<EOF > /etc/contrail/agent_param
+ LOG=/var/log/contrail.log
+ CONFIG=/etc/contrail/contrail-vrouter-agent.conf
+ prog=/usr/bin/contrail-vrouter-agent
+ pname=contrail-vrouter-agent
+ LIBDIR=/usr/lib64
+ DEVICE=vhost0
+ dev=${phy_int}
+ vgw_subnet_ip=__VGW_SUBNET_IP__
+ vgw_intf=__VGW_INTF_LIST__
+ LOGFILE=--log-file=/var/log/contrail/vrouter.log
+ EOF
+ mac=`ip link sh dev ${phy_int} | grep link/ether|awk '{print $2}' | tr -d ' '`
+ cat <<EOF > /etc/contrail/contrail-vrouter-agent.conf
+ [DEFAULT]
+ platform=dpdk
+ physical_interface_address=$pci_address
+ physical_interface_mac=$mac
+ physical_uio_driver=uio_pci_generic
+ [VIRTUAL-HOST-INTERFACE]
+ physical_interface=${phy_int}
+ name=vhost0
+ EOF
+ echo $pci_address > /etc/contrail/dpdk_pci
+ echo $mac > /etc/contrail/dpdk_mac
+ systemctl start supervisor-vrouter
+ if [[ `ifconfig ${phy_int} |grep "inet "` ]]; then
+ def_gw=''
+ if [[ `ip route show |grep default|grep ${phy_int}` ]]; then
+ def_gw=`ip route show |grep default|grep ${phy_int}|awk '{print $3}'`
+ fi
+ ip=`ifconfig ${phy_int} |grep "inet "|awk '{print $2}'`
+ mask=`ifconfig ${phy_int} |grep "inet "|awk '{print $4}'`
+ ip address delete $ip/$mask dev ${phy_int}
+ ip address add $ip/$mask dev vhost0
+ if [[ $def_gw ]]; then
+ ip route add default via $def_gw
+ fi
+ fi
diff --git a/extraconfig/pre_network/host_config_and_reboot.yaml b/extraconfig/pre_network/host_config_and_reboot.yaml
index 31d0c1e0..87dbeaec 100644
--- a/extraconfig/pre_network/host_config_and_reboot.yaml
+++ b/extraconfig/pre_network/host_config_and_reboot.yaml
@@ -9,17 +9,11 @@ parameters:
type: string
RoleParameters:
type: json
- description: Role Specific parameters
+ description: Parameters specific to the role
default: {}
ServiceNames:
type: comma_delimited_list
default: []
- IsolCpusList:
- default: "0"
- description: List of cores to be isolated by tuned
- type: string
- constraints:
- - allowed_pattern: "[0-9,-]+"
OvsEnableDpdk:
default: false
description: Whether or not to configure enable DPDK in OVS
@@ -47,12 +41,6 @@ parameters:
mem>, <socket n mem>", where the value is specified in MB. For example:
"1024,0".
type: string
- OvsDpdkDriverType:
- default: "vfio-pci"
- description: >
- DPDK Driver type. Ensure the Overcloud NIC to be used for DPDK supports
- this UIO/PMD driver.
- type: string
OvsPmdCoreList:
description: >
A list or range of CPU cores for PMD threads to be pinned to. Note, NIC
@@ -67,6 +55,21 @@ parameters:
- allowed_pattern: "[0-9,-]*"
type: string
default: ""
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+ EnableDpdkDeploymentActions:
+ default: ['CREATE']
+ type: comma_delimited_list
+ description: >
+ Exposing the DPDK deployment action, it may be required to run DPDK
+ config during an upgrade. By default DPDK will be enabled during the
+ CREATE action only. But on cases when it requires for certain migration,
+ it may be required to run it for UPDATE action too.
# DEPRECATED: the following options are deprecated and are currently maintained
# for backwards compatibility. They will be removed in the Queens cycle.
HostCpusList:
@@ -91,29 +94,16 @@ parameters:
default: ''
description: Memory allocated for each socket
type: string
- NeutronDpdkDriverType:
- default: "vfio-pci"
- description: DPDK Driver type
- type: string
- deployment_actions:
- default: ['CREATE', 'UPDATE']
- type: comma_delimited_list
- description: >
- List of stack actions that will trigger any deployments in this
- templates. The actions will be an empty list of the server is in the
- toplevel DeploymentServerBlacklist parameter's value.
conditions:
is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}}
- # YAQL is enabled in conditions with https://review.openstack.org/#/c/467506/
is_dpdk_config_required:
or:
- yaql:
- expression: $.data.service_names.contains('neutron_ovs_dpdk_agent')
- data:
- service_names: {get_param: ServiceNames}
- - {get_param: OvsEnableDpdk}
- - {get_param: [RoleParameters, OvsEnableDpdk]}
+ expression: $.data.service_names.contains('neutron_ovs_dpdk_agent')
+ data:
+ service_names: {get_param: ServiceNames}
+ - {equals: [{get_param: [RoleParameters, OvsEnableDpdk]}, true]}
is_reboot_config_required:
or:
- is_host_config_required
@@ -122,8 +112,6 @@ conditions:
pmd_cores_empty: {equals: [{get_param: OvsPmdCoreList}, '']}
mem_channels_empty: {equals: [{get_param: OvsDpdkMemoryChannels}, '']}
socket_mem_empty: {equals: [{get_param: OvsDpdkSocketMemory}, '']}
- driver_not_set: {equals: [{get_param: OvsDpdkDriverType}, 'vfio-pci']}
- isol_cpus_empty: {equals: [{get_param: IsolCpusList}, '0']}
deployment_actions_empty:
equals:
- {get_param: deployment_actions}
@@ -137,19 +125,15 @@ resources:
value:
map_replace:
- map_replace:
- - IsolCpusList: IsolCpusList
- OvsDpdkCoreList: OvsDpdkCoreList
+ - OvsDpdkCoreList: OvsDpdkCoreList
OvsDpdkMemoryChannels: OvsDpdkMemoryChannels
OvsDpdkSocketMemory: OvsDpdkSocketMemory
- OvsDpdkDriverType: OvsDpdkDriverType
- OvsPmdCoreList: OvsDpdkCoreList
+ OvsPmdCoreList: OvsPmdCoreList
- values: {get_param: [RoleParameters]}
- values:
- IsolCpusList: {if: [isol_cpus_empty, {get_param: HostCpusList}, {get_param: IsolCpusList}]}
OvsDpdkCoreList: {if: [l_cores_empty, {get_param: HostCpusList}, {get_param: OvsDpdkCoreList}]}
OvsDpdkMemoryChannels: {if: [mem_channels_empty, {get_param: NeutronDpdkMemoryChannels}, {get_param: OvsDpdkMemoryChannels}]}
OvsDpdkSocketMemory: {if: [socket_mem_empty, {get_param: NeutronDpdkSocketMemory}, {get_param: OvsDpdkSocketMemory}]}
- OvsDpdkDriverType: {if: [driver_not_set, {get_param: NeutronDpdkDriverType}, {get_param: OvsDpdkDriverType}]}
OvsPmdCoreList: {if: [pmd_cores_empty, {get_param: NeutronDpdkCoreList}, {get_param: OvsPmdCoreList}]}
HostParametersConfig:
@@ -183,6 +167,40 @@ resources:
_TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]}
_TUNED_CORES_: {get_param: [RoleParameters, IsolCpusList]}
+ RebootConfig:
+ type: OS::Heat::SoftwareConfig
+ condition: is_reboot_config_required
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ # Stop os-collect-config to avoid any race collecting another
+ # deployment before reboot happens
+ systemctl stop os-collect-config.service
+ /sbin/reboot
+
+ RebootDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: HostParametersDeployment
+ condition: is_reboot_config_required
+ properties:
+ name: RebootDeployment
+ server: {get_param: server}
+ config: {get_resource: RebootConfig}
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
+ signal_transport: NO_SIGNAL
+
+ # With OvS2.7 (which is default with pike), ovs-vswitchd will start dpdk
+ # immediately after setting dpdk-init (behaviour change from ovs2.6).
+ # Starting of DPDK require the huge page configuration to be enabled. So
+ # reboot will happen before DPDK config and we don't need an explicity
+ # restart after dpdk-init as true because of the behavior change.
+ # TODO(skramaja): Dependency is that till the service file workaround, is
+ # maintained, restart of ovs is required.
EnableDpdkConfig:
type: OS::Heat::SoftwareConfig
condition: is_dpdk_config_required
@@ -218,6 +236,8 @@ resources:
sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
fi
+ systemctl daemon-reload
+ systemctl restart openvswitch
# DO NOT use --detailed-exitcodes
puppet apply --logdest console \
@@ -239,38 +259,16 @@ resources:
EnableDpdkDeployment:
type: OS::Heat::SoftwareDeployment
condition: is_dpdk_config_required
+ depends_on: RebootDeployment
properties:
name: EnableDpdkDeployment
server: {get_param: server}
config: {get_resource: EnableDpdkConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- RebootConfig:
- type: OS::Heat::SoftwareConfig
- condition: is_reboot_config_required
- properties:
- group: script
- config: |
- #!/bin/bash
- # Stop os-collect-config to avoid any race collecting another
- # deployment before reboot happens
- systemctl stop os-collect-config.service
- /sbin/reboot
-
- RebootDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: HostParametersDeployment
- condition: is_reboot_config_required
- properties:
- name: RebootDeployment
- server: {get_param: server}
- config: {get_resource: RebootConfig}
actions:
if:
- deployment_actions_empty
- []
- - ['CREATE'] # Only do this on CREATE
- signal_transport: NO_SIGNAL
+ - {get_param: EnableDpdkDeploymentActions}
outputs:
result:
diff --git a/extraconfig/tasks/post_puppet_pacemaker.j2.yaml b/extraconfig/tasks/post_puppet_pacemaker.j2.yaml
index 6bf5afb0..4d34aedf 100644
--- a/extraconfig/tasks/post_puppet_pacemaker.j2.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker.j2.yaml
@@ -27,6 +27,7 @@ resources:
{{role.name}}PostPuppetMaintenanceModeDeployment:
type: OS::Heat::SoftwareDeployments
properties:
+ name: {{role.name}}PostPuppetMaintenanceModeDeployment
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}PostPuppetMaintenanceModeConfig}
input_values: {get_param: input_values}
diff --git a/extraconfig/tasks/post_puppet_pacemaker_restart.yaml b/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
index 203ca1f8..102be8a8 100644
--- a/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
@@ -23,6 +23,7 @@ resources:
ControllerPostPuppetRestartDeployment:
type: OS::Heat::SoftwareDeployments
properties:
+ name: ControllerPostPuppetRestartDeployment
servers: {get_param: servers}
config: {get_resource: ControllerPostPuppetRestartConfig}
input_values: {get_param: input_values}
diff --git a/extraconfig/tasks/ssh/host_public_key.yaml b/extraconfig/tasks/ssh/host_public_key.yaml
index 02fdbf1c..ee06f0a9 100644
--- a/extraconfig/tasks/ssh/host_public_key.yaml
+++ b/extraconfig/tasks/ssh/host_public_key.yaml
@@ -36,6 +36,7 @@ resources:
config: {get_resource: SshHostPubKeyConfig}
server: {get_param: server}
actions: {get_param: deployment_actions}
+ name: SshHostPubKeyDeployment
outputs:
diff --git a/extraconfig/tasks/tripleo_upgrade_node.sh b/extraconfig/tasks/tripleo_upgrade_node.sh
index 1114897f..af49d49d 100644
--- a/extraconfig/tasks/tripleo_upgrade_node.sh
+++ b/extraconfig/tasks/tripleo_upgrade_node.sh
@@ -51,6 +51,10 @@ if [[ -n \$NOVA_COMPUTE ]]; then
log_debug "Restarting openstack ceilometer agent compute"
systemctl restart openstack-ceilometer-compute
yum install -y openstack-nova-migration
+ # https://bugs.launchpad.net/tripleo/+bug/1707926 stop&disable libvirtd
+ log_debug "Stop and disable libvirtd service for upgrade to containers"
+ systemctl stop libvirtd
+ systemctl disable libvirtd
fi
# Apply puppet manifest to converge just right after the ${ROLE} upgrade
diff --git a/firstboot/install_vrouter_kmod.yaml b/firstboot/install_vrouter_kmod.yaml
deleted file mode 100644
index 65e93fe3..00000000
--- a/firstboot/install_vrouter_kmod.yaml
+++ /dev/null
@@ -1,105 +0,0 @@
-heat_template_version: pike
-
-parameters:
- ContrailRepo:
- type: string
- default: http://192.168.24.1/contrail
- VrouterPhysicalInterface:
- default: 'eth0'
- description: vRouter physical interface
- type: string
-
-description: >
- Prepares vhost0 interface to be used by os-net-config
-
-resources:
- userdata:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: vrouter_module_config}
-
- vrouter_module_config:
- type: OS::Heat::SoftwareConfig
- properties:
- config:
- str_replace:
- template: |
- #!/bin/bash
- sed -i '/\[main\]/a \ \ \ \ \parser = future' /etc/puppet/puppet.conf
- cat <<EOF > /etc/yum.repos.d/contrail.repo
- [Contrail]
- name=Contrail Repo
- baseurl=$contrail_repo
- enabled=1
- gpgcheck=0
- protect=1
- EOF
- if [[ `hostname |awk -F"-" '{print $2}'` == "novacompute" || `hostname |awk -F"-" '{print $2}'` == "contrailtsn" ]]; then
- yum install -y contrail-vrouter-utils
- function pkt_setup () {
- for f in /sys/class/net/$1/queues/rx-*
- do
- q="$(echo $f | cut -d '-' -f2)"
- r=$(($q%32))
- s=$(($q/32))
- ((mask=1<<$r))
- str=(`printf "%x" $mask`)
- if [ $s -gt 0 ]; then
- for ((i=0; i < $s; i++))
- do
- str+=,00000000
- done
- fi
- echo $str > $f/rps_cpus
- done
- ifconfig $1 up
- }
- function insert_vrouter() {
- insmod /tmp/vrouter.ko
- if [ -f /sys/class/net/pkt1/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt1
- fi
- if [ -f /sys/class/net/pkt2/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt2
- fi
- if [ -f /sys/class/net/pkt3/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt3
- fi
- DEV_MAC=$(cat /sys/class/net/$phy_int/address)
- vif --create vhost0 --mac $DEV_MAC
- vif --add $phy_int --mac $DEV_MAC --vrf 0 --vhost-phys --type physical
- vif --add vhost0 --mac $DEV_MAC --vrf 0 --type vhost --xconnect $phy_int
- ip link set vhost0 up
- return 0
- }
- yumdownloader contrail-vrouter --destdir /tmp
- cd /tmp
- rpm2cpio /tmp/contrail-vrouter*.rpm | cpio -idmv
- cp `find /tmp/lib/modules -name vrouter.ko |tail -1` /tmp
- insert_vrouter
- if [[ `ifconfig $dev |grep "inet "` ]]; then
- def_gw=''
- if [[ `ip route show |grep default|grep $dev` ]]; then
- def_gw=`ip route show |grep default|grep $dev|awk '{print $3}'`
- fi
- ip=`ifconfig $dev |grep "inet "|awk '{print $2}'`
- mask=`ifconfig $dev |grep "inet "|awk '{print $4}'`
- ip address delete $ip/$mask dev $dev
- ip address add $ip/$mask dev vhost0
- if [[ $def_gw ]]; then
- ip route add default via $def_gw
- fi
- fi
- fi
- params:
- $phy_int: {get_param: VrouterPhysicalInterface}
- $contrail_repo: {get_param: ContrailRepo}
-
-outputs:
- # This means get_resource from the parent template will get the userdata, see:
- # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent
- # Note this is new-for-kilo, an alternative is returning a value then using
- # get_attr in the parent template instead.
- OS::stack_id:
- value: {get_resource: userdata}
diff --git a/j2_excludes.yaml b/j2_excludes.yaml
index 063e63d4..356068fc 100644
--- a/j2_excludes.yaml
+++ b/j2_excludes.yaml
@@ -8,3 +8,39 @@ name:
- puppet/blockstorage-role.yaml
- puppet/objectstorage-role.yaml
- puppet/cephstorage-role.yaml
+ - network/internal_api.yaml
+ - network/external.yaml
+ - network/storage.yaml
+ - network/storage_mgmt.yaml
+ - network/tenant.yaml
+ - network/management.yaml
+ - network/internal_api_v6.yaml
+ - network/external_v6.yaml
+ - network/storage_v6.yaml
+ - network/storage_mgmt_v6.yaml
+ - network/tenant_v6.yaml
+ - network/management_v6.yaml
+ - network/ports/internal_api.yaml
+ - network/ports/external.yaml
+ - network/ports/storage.yaml
+ - network/ports/storage_mgmt.yaml
+ - network/ports/tenant.yaml
+ - network/ports/management.yaml
+ - network/ports/internal_api_v6.yaml
+ - network/ports/external_v6.yaml
+ - network/ports/storage_v6.yaml
+ - network/ports/storage_mgmt_v6.yaml
+ - network/ports/tenant_v6.yaml
+ - network/ports/management_v6.yaml
+ - network/ports/internal_api_from_pool.yaml
+ - network/ports/external_from_pool.yaml
+ - network/ports/storage_from_pool.yaml
+ - network/ports/storage_mgmt_from_pool.yaml
+ - network/ports/tenant_from_pool.yaml
+ - network/ports/management_from_pool.yaml
+ - network/ports/internal_api_from_pool_v6.yaml
+ - network/ports/external_from_pool_v6.yaml
+ - network/ports/storage_from_pool_v6.yaml
+ - network/ports/storage_mgmt_from_pool_v6.yaml
+ - network/ports/tenant_from_pool_v6.yaml
+ - network/ports/management_from_pool_v6.yaml
diff --git a/environments/contrail/contrail-nic-config-compute.yaml b/network/config/contrail/contrail-nic-config-compute.yaml
index a5f0ecab..a5f0ecab 100644
--- a/environments/contrail/contrail-nic-config-compute.yaml
+++ b/network/config/contrail/contrail-nic-config-compute.yaml
diff --git a/network/config/contrail/contrail-nic-config.yaml b/network/config/contrail/contrail-nic-config.yaml
new file mode 100644
index 00000000..595f34d1
--- /dev/null
+++ b/network/config/contrail/contrail-nic-config.yaml
@@ -0,0 +1,164 @@
+heat_template_version: pike
+
+description: >
+ Software Config to drive os-net-config to configure multiple interfaces
+ for the compute role. This is an example for a Nova compute node using
+ Contrail vrouter and the vhost0 interface.
+
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ InternalApiDefaultRoute: # Not used by default in this template
+ default: '10.0.0.1'
+ description: The default route of the internal api network.
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute: # Not used by default in this template
+ default: '10.0.0.1'
+ description: The default route of the external network.
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - '/'
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: interface
+ name: nic2
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: InternalApiDefaultRoute
+ - type: linux_bridge
+ name: br0
+ use_dhcp: false
+ members:
+ - type: interface
+ name: nic3
+ - type: vlan
+ vlan_id:
+ get_param: ManagementNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: ManagementIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: StorageNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: StorageIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: StorageMgmtNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: StorageMgmtIpSubnet
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index ece40085..bed9c700 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -28,87 +28,6 @@ Ceilometer:
net_param: CeilometerApi
port: 8777
-ContrailConfig:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8082
-
-ContrailDiscovery:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 5998
-
-ContrailAnalyticsCollectorHttp:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8089
-
-ContrailAnalyticsApi:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8081
-
-ContrailAnalyticsHttp:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8090
-
-ContrailAnalyticsCollectorSandesh:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8086
-
-ContrailAnalyticsRedis:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 6379
-
-ContrailWebuiHttp:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8080
-
-ContrailWebuiHttps:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8143
-
Ec2Api:
Internal:
net_param: Ec2Api
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index 42d1fbd0..1ba7b6fa 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -37,39 +37,6 @@ parameters:
CongressAdmin: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressInternal: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressPublic: {protocol: http, port: '1789', host: IP_ADDRESS}
- ContrailAnalyticsApiAdmin: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsApiInternal: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsApiPublic: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpInternal: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpPublic: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsHttpAdmin: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsHttpInternal: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsHttpPublic: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsRedisAdmin: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailAnalyticsRedisInternal: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailAnalyticsRedisPublic: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailConfigAdmin: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailConfigInternal: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailConfigPublic: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailDiscoveryAdmin: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailDiscoveryInternal: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailDiscoveryPublic: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailWebuiHttpAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpsAdmin: {protocol: http, port: '8143', host: IP_ADDRESS}
- ContrailWebuiHttpsInternal: {protocol: http, port: '8143', host: IP_ADDRESS}
- ContrailWebuiHttpsPublic: {protocol: http, port: '8143', host: IP_ADDRESS}
Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiPublic: {protocol: http, port: '8788', host: IP_ADDRESS}
@@ -2101,2289 +2068,6 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, CongressPublic, port]
- ContrailAnalyticsApiAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- ContrailAnalyticsApiInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- ContrailAnalyticsApiPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- ContrailAnalyticsCollectorHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- ContrailAnalyticsCollectorHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- ContrailAnalyticsCollectorHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- ContrailAnalyticsCollectorSandeshAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- ContrailAnalyticsCollectorSandeshInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- ContrailAnalyticsCollectorSandeshPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- ContrailAnalyticsHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- ContrailAnalyticsHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- port]
- ContrailAnalyticsHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- ContrailAnalyticsRedisAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- ContrailAnalyticsRedisInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- port]
- ContrailAnalyticsRedisPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- ContrailConfigAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigAdmin, port]
- ContrailConfigInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigInternal, port]
- ContrailConfigPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigPublic, port]
- ContrailDiscoveryAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- ContrailDiscoveryInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- ContrailDiscoveryPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- ContrailWebuiHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- ContrailWebuiHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- ContrailWebuiHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- ContrailWebuiHttpsAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- ContrailWebuiHttpsInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- ContrailWebuiHttpsPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
Ec2ApiAdmin:
host:
str_replace:
diff --git a/network/management.yaml b/network/management.yaml
index f54794c3..d9f773c1 100644
--- a/network/management.yaml
+++ b/network/management.yaml
@@ -39,7 +39,7 @@ parameters:
description: Ip allocation pool range for the management network.
type: json
ManagementInterfaceDefaultRoute:
- default: null
+ default: unset
description: The default route of the management network.
type: string
diff --git a/network/network.network.j2.yaml b/network/network.network.j2.yaml
new file mode 100644
index 00000000..2c223c16
--- /dev/null
+++ b/network/network.network.j2.yaml
@@ -0,0 +1,92 @@
+heat_template_version: pike
+
+description: >
+ {{network.name}} network definition (automatically generated).
+
+parameters:
+ # the defaults here work for static IP assignment (IPAM) only
+ {{network.name}}NetCidr:
+ default: {{network.ip_subnet|default("")}}
+ description: Cidr for the {{network.name_lower}} network.
+ type: string
+ {{network.name}}NetValueSpecs:
+ default: {'provider:physical_network': '{{network.name_lower}}', 'provider:network_type': 'flat'}
+ description: Value specs for the {{network.name_lower}} network.
+ type: json
+ {{network.name}}NetAdminStateUp:
+ default: false
+ description: This admin state of the network.
+ type: boolean
+ {{network.name}}NetEnableDHCP:
+ default: false
+ description: Whether to enable DHCP on the associated subnet.
+ type: boolean
+ {{network.name}}NetShared:
+ default: false
+ description: Whether this network is shared across all tenants.
+ type: boolean
+ {{network.name}}NetName:
+ default: {{network.name_lower}}
+ description: The name of the {{network.name_lower}} network.
+ type: string
+ {{network.name}}SubnetName:
+ default: {{network.name_lower}}_subnet
+ description: The name of the {{network.name_lower}} subnet in Neutron.
+ type: string
+ {{network.name}}AllocationPools:
+ default: {{network.allocation_pools|default([])}}
+ description: Ip allocation pool range for the {{network.name_lower}} network.
+ type: json
+ {{network.name}}InterfaceDefaultRoute:
+ default: {{network.gateway_ip|default("not_defined")}}
+ description: default route for the {{network.name_lower}} network
+ type: string
+{%- if network.vlan %}
+ {{network.name}}NetworkVlanID:
+ default: {{network.vlan}}
+ description: Vlan ID for the {{network.name}} network traffic.
+ type: number
+{%- endif %}
+{%- if network.ipv6 %}
+ IPv6AddressMode:
+ default: dhcpv6-stateful
+ description: Neutron subnet IPv6 address mode
+ type: string
+ IPv6RAMode:
+ default: dhcpv6-stateful
+ description: Neutron subnet IPv6 router advertisement mode
+ type: string
+{%- endif %}
+
+resources:
+ {{network.name}}Network:
+ type: OS::Neutron::Net
+ properties:
+ admin_state_up: {get_param: {{network.name}}NetAdminStateUp}
+ name: {get_param: {{network.name}}NetName}
+ shared: {get_param: {{network.name}}NetShared}
+ value_specs: {get_param: {{network.name}}NetValueSpecs}
+
+ {{network.name}}Subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ cidr: {get_param: {{network.name}}NetCidr}
+ name: {get_param: {{network.name}}SubnetName}
+ network: {get_resource: {{network.name}}Network}
+ allocation_pools: {get_param: {{network.name}}AllocationPools}
+ gateway_ip: {get_param: {{network.name}}InterfaceDefaultRoute}
+{%- if network.ipv6 %}
+ ip_version: 6
+ ipv6_address_mode: {get_param: IPv6AddressMode}
+ ipv6_ra_mode: {get_param: IPv6RAMode}
+{%- else %}
+ enable_dhcp: {get_param: {{network.name}}NetEnableDHCP}
+{%- endif %}
+
+outputs:
+ OS::stack_id:
+ description: {{network.name_lower}} network
+ value: {get_resource: {{network.name}}Network}
+ subnet_cidr:
+ value: {get_attr: {{network.name}}Subnet, cidr}
+
diff --git a/network/networks.j2.yaml b/network/networks.j2.yaml
index 5aec597a..c790d370 100644
--- a/network/networks.j2.yaml
+++ b/network/networks.j2.yaml
@@ -5,11 +5,7 @@ description: Create networks to split out Overcloud traffic
resources:
{%- for network in networks %}
- {%- if network.name != 'InternalApi' %}
{{network.name}}Network:
- {%- else %}
- InternalNetwork:
- {%- endif %}
type: OS::TripleO::Network::{{network.name}}
{%- endfor %}
@@ -23,15 +19,8 @@ outputs:
# NOTE(gfidente): we need to replace the null value with a
# string to work around https://bugs.launchpad.net/heat/+bug/1700025
{%- for network in networks %}
- {%- if network.name != 'InternalApi' %}
{{network.name_lower}}:
yaql:
data: {get_attr: [{{network.name}}Network, subnet_cidr]}
expression: str($.data).replace('null', 'disabled')
- {%- else %}
- {{network.name_lower}}:
- yaql:
- data: {get_attr: [InternalNetwork, subnet_cidr]}
- expression: str($.data).replace('null', 'disabled')
- {%- endif %}
{%- endfor %}
diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml
index bb54ca62..f874c30d 100644
--- a/network/ports/ctlplane_vip.yaml
+++ b/network/ports/ctlplane_vip.yaml
@@ -9,8 +9,8 @@ parameters:
description: Name of the service to lookup
default: ''
type: string
- NetworkName:
- description: # Here for compatibility with isolated networks
+ NetworkName: # Here for compatibility with isolated networks
+ description: Name of the network where the VIP will be created
default: ctlplane
type: string
PortName:
diff --git a/network/ports/external.yaml b/network/ports/external.yaml
index a02cc284..72922093 100644
--- a/network/ports/external.yaml
+++ b/network/ports/external.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
ExternalNetName:
- description: Name of the external neutron network
+ description: The name of the external network.
default: external
type: string
PortName:
diff --git a/network/ports/external_from_pool.yaml b/network/ports/external_from_pool.yaml
index d2610c69..a14aa90b 100644
--- a/network/ports/external_from_pool.yaml
+++ b/network/ports/external_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
ExternalNetName:
- description: Name of the external network
+ description: The name of the external network.
default: external
type: string
PortName:
diff --git a/network/ports/external_from_pool_v6.yaml b/network/ports/external_from_pool_v6.yaml
index e5fe8d71..2aa51267 100644
--- a/network/ports/external_from_pool_v6.yaml
+++ b/network/ports/external_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
ExternalNetName:
- description: Name of the external network
+ description: The name of the external network.
default: external
type: string
PortName:
diff --git a/network/ports/external_v6.yaml b/network/ports/external_v6.yaml
index 12d61cce..5a1b5ae3 100644
--- a/network/ports/external_v6.yaml
+++ b/network/ports/external_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
ExternalNetName:
- description: Name of the external neutron network
+ description: The name of the external network.
default: external
type: string
PortName:
diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml
index f258080a..e9eb7875 100644
--- a/network/ports/internal_api.yaml
+++ b/network/ports/internal_api.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
InternalApiNetName:
- description: Name of the internal API neutron network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml
index cb87fd54..31c72daf 100644
--- a/network/ports/internal_api_from_pool.yaml
+++ b/network/ports/internal_api_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
InternalApiNetName:
- description: Name of the internal API network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml
index 12a0731b..657310ed 100644
--- a/network/ports/internal_api_from_pool_v6.yaml
+++ b/network/ports/internal_api_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
InternalApiNetName:
- description: Name of the internal API network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml
index 46e6e187..6a9e7083 100644
--- a/network/ports/internal_api_v6.yaml
+++ b/network/ports/internal_api_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
InternalApiNetName:
- description: Name of the internal API neutron network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
diff --git a/network/ports/management.yaml b/network/ports/management.yaml
index dd62033b..417d0612 100644
--- a/network/ports/management.yaml
+++ b/network/ports/management.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
ManagementNetName:
- description: Name of the management neutron network
+ description: The name of the management network.
default: management
type: string
PortName:
diff --git a/network/ports/management_from_pool.yaml b/network/ports/management_from_pool.yaml
index 188be68c..4815d163 100644
--- a/network/ports/management_from_pool.yaml
+++ b/network/ports/management_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
ManagementNetName:
- description: Name of the management network
+ description: The name of the management network.
default: management
type: string
PortName:
diff --git a/network/ports/management_from_pool_v6.yaml b/network/ports/management_from_pool_v6.yaml
index b5d44259..2a7d3b1d 100644
--- a/network/ports/management_from_pool_v6.yaml
+++ b/network/ports/management_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
ManagementNetName:
- description: Name of the management network
+ description: The name of the management network.
default: management
type: string
PortName:
diff --git a/network/ports/management_v6.yaml b/network/ports/management_v6.yaml
index 977502a8..9de06d9c 100644
--- a/network/ports/management_v6.yaml
+++ b/network/ports/management_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
ManagementNetName:
- description: Name of the management neutron network
+ description: The name of the management network.
default: management
type: string
PortName:
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index a6971b0f..ce58e96f 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -14,6 +14,7 @@ parameters:
ExternalIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the external network
ExternalIpUri:
default: ''
type: string
@@ -24,6 +25,7 @@ parameters:
InternalApiIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the internal API network
InternalApiIpUri:
default: ''
type: string
@@ -34,6 +36,7 @@ parameters:
StorageIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the storage network
StorageIpUri:
default: ''
type: string
@@ -44,6 +47,7 @@ parameters:
StorageMgmtIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the storage mgmt network
StorageMgmtIpUri:
default: ''
type: string
@@ -54,6 +58,7 @@ parameters:
TenantIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the tenant network
TenantIpUri:
default: ''
type: string
diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml
index 018bf2bb..d0847882 100644
--- a/network/ports/net_vip_map_external.yaml
+++ b/network/ports/net_vip_map_external.yaml
@@ -27,24 +27,28 @@ parameters:
ExternalIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
InternalApiIp:
default: ''
type: string
InternalApiIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageIp:
default: ''
type: string
StorageIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageMgmtIp:
default: ''
type: string
StorageMgmtIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
outputs:
net_ip_map:
diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml
index aa40cf17..72e60cb2 100644
--- a/network/ports/net_vip_map_external_v6.yaml
+++ b/network/ports/net_vip_map_external_v6.yaml
@@ -27,24 +27,28 @@ parameters:
ExternalIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
InternalApiIp:
default: ''
type: string
InternalApiIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageIp:
default: ''
type: string
StorageIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageMgmtIp:
default: ''
type: string
StorageMgmtIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
outputs:
net_ip_map:
diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml
index 8030bfc0..9f39c4ff 100644
--- a/network/ports/noop.yaml
+++ b/network/ports/noop.yaml
@@ -12,19 +12,21 @@ parameters:
description: IP address on the control plane
type: string
ControlPlaneNetwork:
- description: Name of the control plane network
+ description: The name of the undercloud Neutron control plane
default: ctlplane
type: string
PortName:
description: Name of the port
default: ''
type: string
- NetworkName:
- description: # Here for compatibility with vip.yaml
- default: ''
+ NetworkName: # Here for compatibility with vip.yaml
+ description: Name of the network where the VIP will be created
+ default: ctlplane
type: string
FixedIPs:
- description: # Here for compatibility with vip.yaml
+ description: >
+ Control the IP allocation for the VIP port. E.g.
+ [{'ip_address':'1.2.3.4'}]
default: []
type: json
ControlPlaneSubnetCidr: # Override this via parameter_defaults
diff --git a/network/ports/port.network.j2.yaml b/network/ports/port.network.j2.yaml
new file mode 100644
index 00000000..ded3e798
--- /dev/null
+++ b/network/ports/port.network.j2.yaml
@@ -0,0 +1,72 @@
+heat_template_version: pike
+
+description: >
+ Creates a port on the {{network.name}} network. The IP address will be chosen
+ automatically if FixedIPs is empty.
+
+parameters:
+ {{network.name}}NetName:
+ description: Name of the {{network.name_lower}} neutron network
+ default: {{network.name_lower|default(network.name|lower)}}
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatibility with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ ControlPlaneNetwork: # Here for compatibility with ctlplane_vip.yaml
+ description: The name of the undercloud Neutron control plane
+ default: ctlplane
+ type: string
+ FixedIPs:
+ description: >
+ Control the IP allocation for the VIP port. E.g.
+ [{'ip_address':'1.2.3.4'}]
+ default: []
+ type: json
+ IPPool: # Here for compatibility with from_pool.yaml
+ default: {}
+ type: json
+ NodeIndex: # Here for compatibility with from_pool.yaml
+ default: 0
+ type: number
+
+resources:
+
+ {{network.name}}Port:
+ type: OS::Neutron::Port
+ properties:
+ network: {get_param: {{network.name}}NetName}
+ name: {get_param: PortName}
+ fixed_ips: {get_param: FixedIPs}
+ replacement_policy: AUTO
+
+outputs:
+ ip_address:
+ description: {{network.name}} network IP
+ value: {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+ ip_address_uri:
+{%- if network.ipv6 %}
+ description: {{network.name}} network IP (with brackets for IPv6 URLs)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+ - ']'
+{%- else %}
+ description: {{network.name}} network IP (for compatibility with IPv6 URLs)
+ value: {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+{%- endif %}
+ ip_subnet:
+ description: IP/Subnet CIDR for the {{network.name}} network IP
+ value:
+ list_join:
+ - ''
+ - - {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+ - '/'
+ - {str_split: ['/', {get_attr: [{{network.name}}Port, subnets, 0, cidr]}, 1]}
+
diff --git a/network/ports/port_from_pool.network.j2.yaml b/network/ports/port_from_pool.network.j2.yaml
new file mode 100644
index 00000000..9c08ec76
--- /dev/null
+++ b/network/ports/port_from_pool.network.j2.yaml
@@ -0,0 +1,65 @@
+heat_template_version: pike
+
+description: >
+ Creates a port on the {{network.name}} network, using a map of IPs per role.
+ Each role has a map of IPs in <Role>IPs parameters, with a list of IPs by
+ network (lower_name or lower case). For example:
+ ControllerIPs:
+ external:
+ - 1.2.3.4 # First controller
+ - 1.2.3.5 # Second controller
+
+parameters:
+ {{network.name}}NetName:
+ description: Name of the {{network.name}} neutron network
+ default: {{network.name_lower}}
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatibility with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ ControlPlaneNetwork: # Here for compatibility with ctlplane_vip.yaml
+ description: The name of the undercloud Neutron control plane
+ default: ctlplane
+ type: string
+ IPPool: # Set in <Role>IPs map, see environments/ips-from-pool-all.yaml
+ default: {}
+ type: json
+ NodeIndex: # First node in the role will get first IP, and so on...
+ default: 0
+ type: number
+ {{network.name}}NetCidr:
+ default: {{network.ip_subnet}}
+ description: Cidr for the {{network.name_lower}} network.
+ type: string
+
+outputs:
+ ip_address:
+ description: {{network.name}} network IP
+ value: {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+{%- if network.ipv6 %}
+ description: {{network.name}} network IP (with brackets for IPv6 URLs)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+ - ']'
+{%- else %}
+ description: {{network.name}} network IP (for compatibility with {{network.name_lower}}_v6.yaml)
+ value: {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+{%- endif %}
+ ip_subnet:
+ description: IP/Subnet CIDR for the {{network.name}} network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {str_split: ['/', {get_param: {{network.name}}NetCidr}, 1]}
+
diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml
index 5c1aba1a..13e51ccf 100644
--- a/network/ports/storage.yaml
+++ b/network/ports/storage.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageNetName:
- description: Name of the storage neutron network
+ description: The name of the storage network.
default: storage
type: string
PortName:
diff --git a/network/ports/storage_from_pool.yaml b/network/ports/storage_from_pool.yaml
index ca5993fc..11aa20c7 100644
--- a/network/ports/storage_from_pool.yaml
+++ b/network/ports/storage_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageNetName:
- description: Name of the storage network
+ description: The name of the storage network.
default: storage
type: string
PortName:
diff --git a/network/ports/storage_from_pool_v6.yaml b/network/ports/storage_from_pool_v6.yaml
index ec7cd2f0..2d2c3055 100644
--- a/network/ports/storage_from_pool_v6.yaml
+++ b/network/ports/storage_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
StorageNetName:
- description: Name of the storage network
+ description: The name of the storage network.
default: storage
type: string
PortName:
diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml
index 94b058a2..c06c58ef 100644
--- a/network/ports/storage_mgmt.yaml
+++ b/network/ports/storage_mgmt.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: Name of the storage_mgmt API neutron network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml
index 63b2e154..07308a70 100644
--- a/network/ports/storage_mgmt_from_pool.yaml
+++ b/network/ports/storage_mgmt_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: Name of the storage MGMT network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
@@ -26,7 +26,7 @@ parameters:
type: number
StorageMgmtNetCidr:
default: '172.16.3.0/24'
- description: Cidr for the storage MGMT network.
+ description: Cidr for the storage management network.
type: string
outputs:
diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml
index 6d0b8794..1b30f0ce 100644
--- a/network/ports/storage_mgmt_from_pool_v6.yaml
+++ b/network/ports/storage_mgmt_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: Name of the storage MGMT network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
@@ -27,7 +27,7 @@ parameters:
type: number
StorageMgmtNetCidr:
default: 'fd00:fd00:fd00:4000::/64'
- description: Cidr for the storage MGMT network.
+ description: Cidr for the storage management network.
type: string
outputs:
diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml
index 3d70c690..c10b1393 100644
--- a/network/ports/storage_mgmt_v6.yaml
+++ b/network/ports/storage_mgmt_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: Name of the storage_mgmt API neutron network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
diff --git a/network/ports/storage_v6.yaml b/network/ports/storage_v6.yaml
index 6137d241..c7d47c54 100644
--- a/network/ports/storage_v6.yaml
+++ b/network/ports/storage_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageNetName:
- description: Name of the storage neutron network
+ description: The name of the storage network.
default: storage
type: string
PortName:
diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml
index a56b0f43..6c5eee38 100644
--- a/network/ports/tenant.yaml
+++ b/network/ports/tenant.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
TenantNetName:
- description: Name of the tenant neutron network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
diff --git a/network/ports/tenant_from_pool.yaml b/network/ports/tenant_from_pool.yaml
index 03ff6d11..94c419df 100644
--- a/network/ports/tenant_from_pool.yaml
+++ b/network/ports/tenant_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
TenantNetName:
- description: Name of the tenant network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
diff --git a/network/ports/tenant_from_pool_v6.yaml b/network/ports/tenant_from_pool_v6.yaml
index d45faf06..cc2b619a 100644
--- a/network/ports/tenant_from_pool_v6.yaml
+++ b/network/ports/tenant_from_pool_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
TenantNetName:
- description: Name of the tenant network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
diff --git a/network/ports/tenant_v6.yaml b/network/ports/tenant_v6.yaml
index d23e91f7..47d52d8a 100644
--- a/network/ports/tenant_v6.yaml
+++ b/network/ports/tenant_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
TenantNetName:
- description: Name of the tenant neutron network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml
index 70b4482c..f47760c8 100644
--- a/network/ports/vip.yaml
+++ b/network/ports/vip.yaml
@@ -11,7 +11,7 @@ parameters:
type: string
NetworkName:
description: Name of the network where the VIP will be created
- default: internal_api
+ default: ctlplane
type: string
PortName:
description: Name of the port
diff --git a/network/ports/vip_v6.yaml b/network/ports/vip_v6.yaml
index 09f646a6..90525a31 100644
--- a/network/ports/vip_v6.yaml
+++ b/network/ports/vip_v6.yaml
@@ -11,7 +11,7 @@ parameters:
type: string
NetworkName:
description: Name of the network where the VIP will be created
- default: internal_api
+ default: ctlplane
type: string
PortName:
description: Name of the port
diff --git a/network_data.yaml b/network_data.yaml
index 23c231f9..947769ae 100644
--- a/network_data.yaml
+++ b/network_data.yaml
@@ -5,30 +5,59 @@
# name: Name of the network (mandatory)
# name_lower: lowercase version of name used for filenames
# (optional, defaults to name.lower())
-# vlan: vlan for the network (optional)
-# gateway: gateway for the network (optional)
# enabled: Is the network enabled (optional, defaults to true)
+# ipv6: Does this network use IPv6 IPs? (optional, defaults to false)
+# (optional, may use parameter defaults in environment to set)
+# vlan: vlan for the network (optional)
# vip: Enable creation of a virtual IP on this network
-# [TODO] (dsneddon@redhat.com) - Enable dynamic creation of VIP ports, to support
-# VIPs on non-default networks. See https://bugs.launchpad.net/tripleo/+bug/1667104
+# [TODO] (dsneddon@redhat.com) - Enable dynamic creation of VIP ports,
+# to support VIPs on non-default networks.
+# See https://bugs.launchpad.net/tripleo/+bug/1667104
+# ip_subnet: IP/CIDR, e.g. '192.168.24.0/24' (optional, may use parameter defaults)
+# allocation_pools: IP range list e.g. [{'start':'10.0.0.4', 'end':'10.0.0.250}]
+# gateway_ip: gateway for the network (optional, may use parameter defaults)
+# NOTE: IP-related values set parameter defaults in templates, may be overridden.
+#
+# Example:
+# - name Example
+# vip: false
+# ip_subnet: '10.0.2.0/24'
+# allocation_pools: [{'start': '10.0.2.4', 'end': '10.0.2.250'}]
+# gateway_ip: '10.0.2.254'
#
+# TODO (dsneddon) remove existing templates from j2_excludes.yaml
+# and generate all templates dynamically.
+
- name: External
vip: true
name_lower: external
+ ip_subnet: '10.0.0.0/24'
+ allocation_pools: [{'start': '10.0.0.4', 'end': '10.0.0.250'}]
+ gateway_ip: '10.0.0.1'
- name: InternalApi
name_lower: internal_api
vip: true
+ ip_subnet: '172.16.2.0/24'
+ allocation_pools: [{'start': '172.16.2.4', 'end': '172.16.2.250'}]
- name: Storage
vip: true
name_lower: storage
+ ip_subnet: '172.16.1.0/24'
+ allocation_pools: [{'start': '172.16.1.4', 'end': '172.16.1.250'}]
- name: StorageMgmt
name_lower: storage_mgmt
vip: true
+ ip_subnet: '172.16.3.0/24'
+ allocation_pools: [{'start': '172.16.3.4', 'end': '172.16.3.250'}]
- name: Tenant
vip: false # Tenant network does not use VIPs
name_lower: tenant
+ ip_subnet: '172.16.0.0/24'
+ allocation_pools: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
- name: Management
# Management network is disabled by default
enabled: false
vip: false # Management network does not use VIPs
name_lower: management
+ ip_subnet: '10.0.1.0/24'
+ allocation_pools: [{'start': '10.0.1.4', 'end': '10.0.1.250'}]
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index a1220d30..0d3b875a 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -156,11 +156,13 @@ resource_registry:
OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
OS::TripleO::Services::NeutronCorePluginNSX: puppet/services/neutron-plugin-nsx.yaml
OS::TripleO::Services::OVNDBs: OS::Heat::None
+ OS::TripleO::Services::OVNController: OS::Heat::None
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronLinuxbridgeAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
+ OS::TripleO::Services::ComputeNeutronOvsDpdk: OS::Heat::None
OS::TripleO::Services::Pacemaker: OS::Heat::None
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None
@@ -169,10 +171,12 @@ resource_registry:
OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml
OS::TripleO::Services::HAProxyPublicTLS: OS::Heat::None
OS::TripleO::Services::HAProxyInternalTLS: OS::Heat::None
+ OS::TripleO::Services::Iscsid: puppet/services/iscsid.yaml
OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml
OS::TripleO::Services::Memcached: puppet/services/memcached.yaml
OS::TripleO::Services::SaharaApi: OS::Heat::None
OS::TripleO::Services::SaharaEngine: OS::Heat::None
+ OS::TripleO::Services::Tuned: puppet/services/tuned.yaml
OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::Sshd: puppet/services/sshd.yaml
OS::TripleO::Services::Redis: puppet/services/database/redis.yaml
@@ -186,6 +190,7 @@ resource_registry:
OS::TripleO::Services::NovaVncProxy: puppet/services/nova-vnc-proxy.yaml
OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml
OS::TripleO::Services::NovaLibvirt: puppet/services/nova-libvirt.yaml
+ OS::TripleO::Services::NovaMigrationTarget: puppet/services/nova-migration-target.yaml
OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml
OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml
OS::TripleO::Services::ExternalSwiftProxy: OS::Heat::None
@@ -257,6 +262,7 @@ resource_registry:
OS::TripleO::Services::CinderBackendDellSc: OS::Heat::None
OS::TripleO::Services::CinderBackendNetApp: OS::Heat::None
OS::TripleO::Services::CinderBackendScaleIO: OS::Heat::None
+ OS::TripleO::Services::CinderBackendVRTSHyperScale: OS::Heat::None
OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
OS::TripleO::Services::Etcd: OS::Heat::None
OS::TripleO::Services::Ec2Api: OS::Heat::None
@@ -272,6 +278,7 @@ resource_registry:
OS::TripleO::Services::CertmongerUser: OS::Heat::None
OS::TripleO::Services::Iscsid: OS::Heat::None
OS::TripleO::Services::Clustercheck: OS::Heat::None
+ OS::TripleO::Services::VRTSHyperScale: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index ddf2701a..2bfdf506 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -46,8 +46,8 @@ parameters:
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
- The DNS name of this cloud's storage management endpoint. E.g.
- 'ci-overcloud.management.tripleo.org'.
+ The DNS name of this cloud's provisioning network endpoint. E.g.
+ 'ci-overcloud.ctlplane.tripleo.org'.
type: string
ControlFixedIPs:
default: []
@@ -89,7 +89,7 @@ parameters:
description: Neutron ID or name for ctlplane network.
NeutronPublicInterface:
default: nic1
- description: What interface to bridge onto br-ex for network nodes.
+ description: Which interface to add to the NeutronPhysicalBridge.
type: string
PublicVirtualFixedIPs:
default: []
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index b29a8a98..24aa1525 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -45,6 +45,7 @@ parameters:
perform configuration on a Heat stack-update.
UpdateIdentifier:
type: string
+ default: ''
description: >
Setting to a previously unused value during stack-update will trigger
package update on all nodes
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index 7d58d1da..de7b6b49 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -141,7 +141,7 @@ parameters:
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 48e5b97a..ce44fd68 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -147,7 +147,7 @@ parameters:
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 3ad6f745..af45793e 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -159,7 +159,7 @@ parameters:
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index 933b5e60..38589a4e 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -173,7 +173,7 @@ parameters:
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml
index 313c1261..3b7bf40c 100644
--- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml
@@ -174,45 +174,15 @@ resources:
echo "$HOST_FQDN $MACS"
fi
- CollectMacDeploymentsController:
+{% for role in roles %}
+ CollectMacDeployments{{role.name}}:
type: OS::Heat::SoftwareDeployments
properties:
- name: CollectMacDeploymentsController
- servers: {get_param: [servers, Controller]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsCompute:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsCompute
- servers: {get_param: [servers, Compute]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsBlockStorage:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsBlockStorage
- servers: {get_param: [servers, BlockStorage]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsObjectStorage:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsObjectStorage
- servers: {get_param: [servers, ObjectStorage]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsCephStorage:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsCephStorage
- servers: {get_param: [servers, CephStorage]}
+ name: CollectMacDeployments{{role.name}}
+ servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
+{% endfor %}
# Now we calculate the additional nexus config based on the mappings
MappingToNexusConfig:
@@ -220,11 +190,9 @@ resources:
properties:
group: script
inputs:
- - name: controller_mappings
- - name: compute_mappings
- - name: blockstorage_mappings
- - name: objectstorage_mappings
- - name: cephstorage_mappings
+ {%- for role in roles %}
+ - name: {{role.name}}_mappings
+ {%- endfor %}
- name: nexus_config
config: |
#!/bin/python
@@ -233,11 +201,9 @@ resources:
import os
from copy import deepcopy
- mappings = ['controller_mappings',
- 'compute_mappings',
- 'blockstorage_mappings',
- 'objectstorage_mappings',
- 'cephstorage_mappings',
+ mappings = [{%- for role in roles %}
+ '{{role.name}}_mappings',
+ {%- endfor %}
'nexus_config']
mapdict_list = []
nexus = {}
@@ -295,11 +261,9 @@ resources:
# FIXME(shardy): It'd be more convenient if we could join these
# items together but because the returned format is a map (not a list)
# we can't use list_join or str_replace. Possible Heat TODO.
- controller_mappings: {get_attr: [CollectMacDeploymentsController, deploy_stdouts]}
- compute_mappings: {get_attr: [CollectMacDeploymentsCompute, deploy_stdouts]}
- blockstorage_mappings: {get_attr: [CollectMacDeploymentsBlockStorage, deploy_stdouts]}
- objectstorage_mappings: {get_attr: [CollectMacDeploymentsObjectStorage, deploy_stdouts]}
- cephstorage_mappings: {get_attr: [CollectMacDeploymentsCephStorage, deploy_stdouts]}
+ {%- for role in roles %}
+ {{role.name}}_mappings: {get_attr: [CollectMacDeployments{{role.name}}, deploy_stdouts]}
+ {%- endfor %}
nexus_config: {get_param: NetworkNexusConfig}
actions: ['CREATE'] # Only do this on CREATE
diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml
index 574c41b0..11113eec 100644
--- a/puppet/major_upgrade_steps.j2.yaml
+++ b/puppet/major_upgrade_steps.j2.yaml
@@ -18,6 +18,7 @@ parameters:
type: json
UpdateIdentifier:
type: string
+ default: ''
description: >
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
@@ -31,7 +32,7 @@ parameters:
default: 'regionOne'
description: Keystone region for endpoint
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index a03a9da5..10e56450 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -141,7 +141,7 @@ parameters:
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2
index 3d071018..f7651a57 100644
--- a/puppet/puppet-steps.j2
+++ b/puppet/puppet-steps.j2
@@ -23,6 +23,7 @@ resources:
{{role.name}}ArtifactsDeploy:
type: OS::Heat::StructuredDeployments
properties:
+ name: {{role.name}}ArtifactsDeploy
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}ArtifactsConfig}
@@ -36,7 +37,7 @@ resources:
{{role.name}}Config:
type: OS::TripleO::{{role.name}}Config
properties:
- StepConfig: {list_join: ["\n", {get_param: [role_data, {{role.name}}, step_config]}]}
+ StepConfig: {get_param: [role_data, {{role.name}}, step_config]}
# Step through a series of configuration steps
{% for step in range(1, deploy_steps_max) %}
@@ -139,6 +140,7 @@ resources:
{%- for r in roles %}
{{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
{%- endfor %}
+ evaluate_env: false
UPDATE:
workflow: { get_resource: WorkflowTasks_Step{{step}} }
params:
@@ -148,6 +150,7 @@ resources:
{%- for r in roles %}
{{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
{%- endfor %}
+ evaluate_env: false
always_update: true
{% endfor %}
# END service_workflow_tasks handling
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index 85520fc0..23d8896e 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -180,7 +180,7 @@ parameters:
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
@@ -513,14 +513,27 @@ resources:
fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ {%- endif -%}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
- depends_on: {{role.name}}Deployment
+ depends_on: NetworkDeployment
type: OS::TripleO::NodeTLSCAData
properties:
server: {get_resource: {{role.name}}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ # Resource for site-specific passing of private keys/certificates
+ NodeTLSData:
+ depends_on: NodeTLSCAData
+ type: OS::TripleO::NodeTLSData
+ properties:
+ server: {get_resource: {{role.name}}}
+ NodeIndex: {get_param: NodeIndex}
+ {%- endif -%}
+
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
{{role.name}}ExtraConfigPre:
depends_on: {{role.name}}Deployment
@@ -534,7 +547,13 @@ resources:
# Hook for site-specific additional pre-deployment config,
# applying to all nodes, e.g node registration/unregistration
NodeExtraConfig:
- depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
+ depends_on:
+ - {{role.name}}ExtraConfigPre
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ - NodeTLSData
+ {%- else %}
+ - NodeTLSCAData
+ {%- endif %}
type: OS::TripleO::NodeExtraConfig
# We have to use conditions here so that we don't break backwards
# compatibility with templates everywhere
@@ -674,6 +693,14 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
- 6
- 0
- keys: {hostname: {get_param: Hostname}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tls_key_modulus_md5:
+ description: MD5 checksum of the TLS Key Modulus
+ value: {get_attr: [NodeTLSData, key_modulus_md5]}
+ tls_cert_modulus_md5:
+ description: MD5 checksum of the TLS Certificate Modulus
+ value: {get_attr: [NodeTLSData, cert_modulus_md5]}
+ {%- endif %}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [{{role.name}}, os_collect_config]}
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index d9b61ccd..f84edde0 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -30,6 +30,10 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ GnocchiExternalProject:
+ default: 'service'
+ description: Project name of resources creator in Gnocchi.
+ type: string
MonitoringSubscriptionAodhApi:
default: 'overcloud-ceilometer-aodh-api'
type: string
@@ -85,6 +89,7 @@ outputs:
aodh::wsgi::apache::wsgi_process_display_name: 'aodh_wsgi'
aodh::api::service_name: 'httpd'
aodh::api::enable_proxy_headers_parsing: true
+ aodh::api::gnocchi_external_project_owner: {get_param: GnocchiExternalProject}
aodh::policy::policies: {get_param: AodhApiPolicies}
tripleo.aodh_api.firewall_rules:
'128 aodh-api':
diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml
index 3cf51519..27bc50f3 100644
--- a/puppet/services/ceilometer-agent-compute.yaml
+++ b/puppet/services/ceilometer-agent-compute.yaml
@@ -39,6 +39,10 @@ parameters:
type: string
constraints:
- allowed_values: ['naive', 'libvirt_metadata', 'workload_partitioning']
+ RedisPassword:
+ description: The password for the redis service account.
+ type: string
+ hidden: true
resources:
CeilometerServiceBase:
@@ -61,6 +65,7 @@ outputs:
map_merge:
- get_attr: [CeilometerServiceBase, role_data, config_settings]
- ceilometer::agent::compute::instance_discovery_method: {get_param: InstanceDiscoveryMethod}
+ - ceilometer_redis_password: {get_param: RedisPassword}
compute_namespace: true
service_config_settings:
get_attr: [CeilometerServiceBase, role_data, service_config_settings]
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 9fc1530a..5cc020a9 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -51,6 +51,8 @@ parameters:
description: >
A list of publishers to put in event_pipeline.yaml. When the
collector is used, override this with notifier:// publisher.
+ If zaqar is enabled, you can also publish to a zaqar queue
+ by including "zaqar://?queue=queue_name" in this list.
Set ManageEventPipeline to true for override to take effect.
type: comma_delimited_list
ManagePipeline:
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 3e4f5b42..4fe6e908 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -172,6 +172,6 @@ outputs:
until: ceph_quorum_nodecheck.rc == 0
retries: {get_param: CephValidationRetries}
delay: {get_param: CephValidationDelay}
- - name: set crush tunables
+ - name: ceph osd crush tunables default
tags: step0
- shell: ceph osd crush tunables optimal
+ shell: ceph osd crush tunables default
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index aa025684..29629461 100644
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -40,7 +40,7 @@ parameters:
type: string
hidden: true
SwiftPassword:
- description: The password for the swift service account, used by the Ceph RGW services.
+ description: The password for the swift service account
type: string
hidden: true
KeystoneRegion:
diff --git a/puppet/services/cinder-backend-dellps.yaml b/puppet/services/cinder-backend-dellps.yaml
index caa2f2f7..388e49b7 100644
--- a/puppet/services/cinder-backend-dellps.yaml
+++ b/puppet/services/cinder-backend-dellps.yaml
@@ -31,6 +31,9 @@ parameters:
CinderDellPsSanPassword:
type: string
hidden: true
+ CinderDellPsSanPrivateKey:
+ type: string
+ default: ''
CinderDellPsSanThinProvision:
type: boolean
default: true
@@ -87,6 +90,7 @@ outputs:
cinder::backend::eqlx::san_ip: {get_param: CinderDellPsSanIp}
cinder::backend::eqlx::san_login: {get_param: CinderDellPsSanLogin}
cinder::backend::eqlx::san_password: {get_param: CinderDellPsSanPassword}
+ cinder::backend::eqlx::san_private_key: {get_param: CinderDellPsSanPrivateKey}
cinder::backend::eqlx::san_thin_provision: {get_param: CinderDellPsSanThinProvision}
cinder::backend::eqlx::eqlx_group_name: {get_param: CinderDellPsGroupname}
cinder::backend::eqlx::eqlx_pool: {get_param: CinderDellPsPool}
diff --git a/puppet/services/cinder-backend-veritas-hyperscale.yaml b/puppet/services/cinder-backend-veritas-hyperscale.yaml
new file mode 100644
index 00000000..11ceb2fd
--- /dev/null
+++ b/puppet/services/cinder-backend-veritas-hyperscale.yaml
@@ -0,0 +1,56 @@
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+heat_template_version: ocata
+
+description: >
+ Openstack Veritas HyperScale backend
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+outputs:
+ role_data:
+ description: Role data for the Cinder Veritas HyperScale backend.
+ value:
+ service_name: cinder_backend_veritas_hyperscale
+ config_settings:
+ tripleo::profile::base::cinder::volume::cinder_enable_vrts_hs_backend: true
+ step_config: |
+ include ::tripleo::profile::base::cinder::volume
diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml
index 31a4d3eb..f5d38b60 100644
--- a/puppet/services/congress.yaml
+++ b/puppet/services/congress.yaml
@@ -37,6 +37,7 @@ parameters:
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
CongressDebug:
default: ''
description: Set to True to enable debugging Glance service.
diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml
index 2881a5c6..c218e8b5 100644
--- a/puppet/services/database/mongodb-base.yaml
+++ b/puppet/services/database/mongodb-base.yaml
@@ -56,7 +56,3 @@ outputs:
mongodb::server::journal: false
mongodb::server::ipv6: {get_param: MongoDbIPv6}
mongodb::server::replset: {get_param: MongoDbReplset}
- # for now, we don't want to manage these services which are enabled
- # by default with recent changes in puppet-systemd.
- systemd::manage_networkd: false
- systemd::manage_resolved: false
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index 9b8386c1..abbe7a22 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -51,7 +51,7 @@ parameters:
description: Whether to use Galera instead of regular MariaDB.
type: boolean
NovaPassword:
- description: The password for the nova db account
+ description: The password for the nova service and db account
type: string
hidden: true
EnableInternalTLS:
@@ -96,10 +96,6 @@ outputs:
- {get_param: [DefaultPasswords, mysql_root_password]}
mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
enable_galera: {get_param: EnableGalera}
- # for now, we don't want to manage these services which are enabled
- # by default with recent changes in puppet-systemd.
- systemd::manage_networkd: false
- systemd::manage_resolved: false
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):
diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml
index d15b30cb..2a6a89e9 100644
--- a/puppet/services/database/redis-base.yaml
+++ b/puppet/services/database/redis-base.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
RedisFDLimit:
diff --git a/puppet/services/docker.yaml b/puppet/services/docker.yaml
index d92b666b..d11ef66a 100644
--- a/puppet/services/docker.yaml
+++ b/puppet/services/docker.yaml
@@ -4,13 +4,11 @@ description: >
Configures docker on the host
parameters:
- DockerNamespace:
- description: namespace
- default: tripleoupstream
+ DockerInsecureRegistryAddress:
+ description: Optional. The IP Address and Port of an insecure docker
+ namespace that will be configured in /etc/sysconfig/docker.
type: string
- DockerNamespaceIsRegistry:
- type: boolean
- default: false
+ default: ''
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@@ -38,14 +36,19 @@ parameters:
description: Parameters specific to the role
type: json
+conditions:
+ insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, '']}
+
outputs:
role_data:
description: Role data for the docker service
value:
service_name: docker
config_settings:
- tripleo::profile::base::docker::docker_namespace: {get_param: DockerNamespace}
- tripleo::profile::base::docker::insecure_registry: {get_param: DockerNamespaceIsRegistry}
+ if:
+ - insecure_registry_is_empty
+ - {}
+ - tripleo::profile::base::docker::insecure_registry_address: {get_param: DockerInsecureRegistryAddress}
step_config: |
include ::tripleo::profile::base::docker
upgrade_tasks:
diff --git a/puppet/services/ec2-api.yaml b/puppet/services/ec2-api.yaml
index d5056c60..85fdb369 100644
--- a/puppet/services/ec2-api.yaml
+++ b/puppet/services/ec2-api.yaml
@@ -61,7 +61,7 @@ parameters:
path: /var/log/ec2api/ec2api.log
EnablePackageInstall:
default: 'false'
- description: Set to true to enable package installation via Puppet
+ description: Set to true to enable package installation at deploy time
type: boolean
Ec2ApiPolicies:
description: |
diff --git a/puppet/services/external-swift-proxy.yaml b/puppet/services/external-swift-proxy.yaml
index a4a25d9e..ac1f11ac 100644
--- a/puppet/services/external-swift-proxy.yaml
+++ b/puppet/services/external-swift-proxy.yaml
@@ -44,7 +44,7 @@ parameters:
type: string
default: 'service'
SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
+ description: The password for the swift service account
type: string
hidden: true
KeystoneRegion:
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 0af132e7..a37135da 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -51,7 +51,7 @@ parameters:
description: Whether or not to enable the HAProxy stats interface.
type: boolean
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
MonitoringSubscriptionHaproxy:
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index 2c13cb30..28bb8658 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -130,6 +130,8 @@ outputs:
heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]}
heat::keystone::auth_cfn::password: {get_param: HeatPassword}
heat::keystone::auth_cfn::region: {get_param: KeystoneRegion}
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Check if heat_api_cfn is deployed
command: systemctl is-enabled openstack-heat-api-cfn
@@ -151,5 +153,5 @@ outputs:
when: heat_api_cfn_apache.rc == 0
- name: Stop and disable heat_api_cfn service (pre-upgrade not under httpd)
tags: step1
- when: heat_api_cfn_apache.rc == 0
+ when: heat_api_cfn_enabled.rc == 0
service: name=openstack-heat-api-cfn state=stopped enabled=no
diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml
index b23dc895..689251a3 100644
--- a/puppet/services/heat-api-cloudwatch.yaml
+++ b/puppet/services/heat-api-cloudwatch.yaml
@@ -114,6 +114,8 @@ outputs:
- heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers}
step_config: |
include ::tripleo::profile::base::heat::api_cloudwatch
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Check if heat_api_cloudwatch is deployed
command: systemctl is-enabled openstack-heat-api-cloudwatch
diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml
index 3349271c..51f52a71 100644
--- a/puppet/services/heat-api.yaml
+++ b/puppet/services/heat-api.yaml
@@ -137,6 +137,8 @@ outputs:
heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
heat::keystone::auth::password: {get_param: HeatPassword}
heat::keystone::auth::region: {get_param: KeystoneRegion}
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Check is heat_api is deployed
command: systemctl is-enabled openstack-heat-api
diff --git a/puppet/services/iscsid.yaml b/puppet/services/iscsid.yaml
new file mode 100644
index 00000000..222977e9
--- /dev/null
+++ b/puppet/services/iscsid.yaml
@@ -0,0 +1,41 @@
+heat_template_version: pike
+
+description: >
+ Configure iscsid
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for iscsid
+ value:
+ service_name: iscsid
+ config_settings: {}
+ step_config: |
+ include ::tripleo::profile::base::iscsid
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index 136c0ad4..8796209b 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -67,6 +67,7 @@ parameters:
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
KeystoneDebug:
default: ''
description: Set to True to enable debugging Keystone service.
diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml
index 160b4e4a..7d43f685 100644
--- a/puppet/services/manila-scheduler.yaml
+++ b/puppet/services/manila-scheduler.yaml
@@ -32,7 +32,7 @@ parameters:
type: json
NovaPassword:
type: string
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
hidden: true
NeutronPassword:
description: The password for the neutron service and db account, used by neutron agents.
diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml
index 24dda549..0f0fe957 100644
--- a/puppet/services/monitoring/sensu-base.yaml
+++ b/puppet/services/monitoring/sensu-base.yaml
@@ -44,7 +44,7 @@ parameters:
to the RabbitMQ host. Set MonitoringRabbitUseSSL to true without
specifying a private key or cert chain to use SSL transport,
but not cert auth.
- type: string
+ type: boolean
MonitoringRabbitSSLPrivateKey:
default: ''
description: Private key to be used by Sensu to connect to RabbitMQ host.
diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml
index f2b062e0..a9ffabe5 100644
--- a/puppet/services/monitoring/sensu-client.yaml
+++ b/puppet/services/monitoring/sensu-client.yaml
@@ -31,8 +31,9 @@ parameters:
via parameter_defaults in the resource registry.
type: json
AdminPassword:
- description: Keystone admin user password
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
+ hidden: true
KeystoneRegion:
default: 'regionOne'
description: Keystone region for endpoint
diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml
index 51ecbf29..c60ffcd0 100644
--- a/puppet/services/network/contrail-analytics.yaml
+++ b/puppet/services/network/contrail-analytics.yaml
@@ -33,6 +33,26 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailAnalyticsCollectorHttp:
+ default: 8089
+ description: Contrail Analytics Collector http port
+ type: number
+ ContrailAnalyticsCollectorSandesh:
+ default: 8086
+ description: Contrail Analytics Collector sandesh port
+ type: number
+ ContrailAnalyticsHttp:
+ default: 8090
+ description: Contrail Analytics http port
+ type: number
+ ContrailAnalyticsRedis:
+ default: 6379
+ description: Contrail Analytics redis port
+ type: number
+ ContrailAnalyticsApi:
+ default: 8081
+ description: Contrail Analytics Api port
+ type: number
resources:
ContrailBase:
@@ -41,7 +61,6 @@ resources:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
@@ -53,14 +72,14 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::analytics::collector_http_server_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal, port]}
- contrail::analytics::collector_sandesh_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal, port]}
+ - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorHttp}
+ contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandesh}
contrail::analytics::host_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
- contrail::analytics::http_server_port: {get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]}
+ contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttp}
contrail::analytics::listen_ip_address: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
contrail::analytics::redis_server: '127.0.0.1'
- contrail::analytics::redis_server_port: {get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]}
+ contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedis}
contrail::analytics::rest_api_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
- contrail::analytics::rest_api_port: {get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]}
+ contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsApi}
step_config: |
include ::tripleo::network::contrail::analytics
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index 9ee8a651..77c30bd9 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -30,16 +30,16 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailAAAMode:
+ AAAMode:
description: AAAmode can be no-auth, cloud-admin or rbac
type: string
default: 'rbac'
- ContrailAAAModeAnalytics:
+ AAAModeAnalytics:
description: AAAmode for analytics can be no-auth, cloud-admin or rbac
type: string
default: 'no-auth'
AdminPassword:
- description: Keystone admin user password
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
AdminTenantName:
@@ -47,25 +47,33 @@ parameters:
type: string
default: 'admin'
AdminToken:
- description: Keystone admin token
+ description: The keystone auth secret and db password.
type: string
hidden: true
AdminUser:
description: Keystone admin user name
type: string
default: 'admin'
- AuthPortSSL:
- default: 13357
- description: Keystone SSL port
- type: number
- AuthPortSSLPublic:
- default: 13000
- description: Keystone Public SSL port
- type: number
ContrailAuth:
default: 'keystone'
description: Keystone authentication method
type: string
+ ContrailAnalyticsVIP:
+ default: ''
+ description: Contrail Analytics Api Virtual IP address
+ type: string
+ ContrailConfigPort:
+ default: 8082
+ description: Contrail Config Api port
+ type: number
+ ContrailConfigVIP:
+ default: ''
+ description: Contrail Config Virtual IP address
+ type: string
+ ContrailDiscoveryPort:
+ default: 5998
+ description: Contrail Config Api port
+ type: number
ContrailInsecure:
default: false
description: Keystone insecure mode
@@ -74,6 +82,14 @@ parameters:
default: '127.0.0.1:12111'
description: Memcached server
type: string
+ ContrailVIP:
+ default: ''
+ description: Contrail VIP
+ type: string
+ ContrailWebuiVIP:
+ default: ''
+ description: Contrail Webui Virtual IP address
+ type: string
RabbitPassword:
description: The password for RabbitMQ
type: string
@@ -87,29 +103,49 @@ parameters:
description: Set rabbit subscriber port, change this if using SSL
type: number
+conditions:
+ contrail_config_vip_unset: {equals : [{get_param: ContrailConfigVIP}, '']}
+ contrail_analytics_vip_unset: {equals : [{get_param: ContrailAnalyticsVIP}, '']}
+ contrail_webui_vip_unset: {equals : [{get_param: ContrailWebuiVIP}, '']}
+
outputs:
role_data:
description: Shared role data for the Contrail services.
value:
service_name: contrail_base
config_settings:
- contrail::aaa_mode: {get_param: ContrailAAAMode}
- contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics}
- contrail::admin_password: {get_param: AdminPassword}
- contrail::admin_tenant_name: {get_param: AdminTenantName}
- contrail::admin_token: {get_param: AdminToken}
- contrail::admin_user: {get_param: AdminUser}
- contrail::auth: {get_param: ContrailAuth}
- contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] }
- contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
- contrail::auth_port_ssl: {get_param: AuthPortSSL }
- contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
- contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic }
- contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
- contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
- contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] }
- contrail::insecure: {get_param: ContrailInsecure}
- contrail::memcached_server: {get_param: ContrailMemcachedServer}
- contrail::rabbit_password: {get_param: RabbitPassword}
- contrail::rabbit_user: {get_param: RabbitUserName}
- contrail::rabbit_port: {get_param: RabbitClientPort}
+ map_merge:
+ - contrail::aaa_mode: {get_param: AAAMode}
+ contrail::analytics_aaa_mode: {get_param: AAAModeAnalytics}
+ contrail::admin_password: {get_param: AdminPassword}
+ contrail::admin_tenant_name: {get_param: AdminTenantName}
+ contrail::admin_token: {get_param: AdminToken}
+ contrail::admin_user: {get_param: AdminUser}
+ contrail::auth: {get_param: ContrailAuth}
+ contrail::auth_host: {get_param: [EndpointMap, KeystoneAdmin, host] }
+ contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
+ contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
+ contrail::auth_protocol: {get_param: [EndpointMap, KeystonePublic, protocol] }
+ contrail::api_port: {get_param: ContrailConfigPort }
+ contrail::disc_server_port: {get_param: ContrailDiscoveryPort }
+ contrail::insecure: {get_param: ContrailInsecure}
+ contrail::memcached_server: {get_param: ContrailMemcachedServer}
+ contrail::rabbit_password: {get_param: RabbitPassword}
+ contrail::rabbit_user: {get_param: RabbitUserName}
+ contrail::rabbit_port: {get_param: RabbitClientPort}
+ contrail::vip: {get_param: ContrailVIP}
+ -
+ if:
+ - contrail_config_vip_unset
+ - {}
+ - contrail_config_vip: {get_param: ContrailConfigVIP}
+ -
+ if:
+ - contrail_webui_vip_unset
+ - {}
+ - contrail_webui_vip: {get_param: ContrailWebuiVIP}
+ -
+ if:
+ - contrail_analytics_vip_unset
+ - {}
+ - contrail_analytics_vip: {get_param: ContrailAnalyticsVIP}
diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml
index d11cf6d0..210c81d7 100644
--- a/puppet/services/network/contrail-config.yaml
+++ b/puppet/services/network/contrail-config.yaml
@@ -41,6 +41,10 @@ parameters:
description: Ifmap user password
type: string
default: 'api-server'
+ ContrailConfigPort:
+ default: 8082
+ description: Contrail Config Api port
+ type: number
resources:
ContrailBase:
@@ -64,8 +68,8 @@ outputs:
- contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword}
contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName}
contrail::config::listen_ip_address: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
- contrail::config::listen_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+ contrail::config::listen_port: {get_param: ContrailConfigPort}
contrail::config::redis_server: '127.0.0.1'
- contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork] }
+ contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
step_config: |
include ::tripleo::network::contrail::config
diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml
index 529160ee..20951b0b 100644
--- a/puppet/services/network/contrail-control.yaml
+++ b/puppet/services/network/contrail-control.yaml
@@ -41,6 +41,10 @@ parameters:
description: sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
type: string
hidden: true
+ ContrailControlManageNamed:
+ description: named config file mgmt
+ type: string
+ default: true
resources:
ContrailBase:
@@ -64,5 +68,6 @@ outputs:
- contrail::control::asn: {get_param: ContrailControlASN }
contrail::control::host_ip: {get_param: [ServiceNetMap, ContrailControlNetwork]}
contrail::control::rndc_secret: {get_param: ContrailControlRNDCSecret}
+ contrail::control::manage_named: {get_param: ContrailControlManageNamed}
step_config: |
include ::tripleo::network::contrail::control
diff --git a/puppet/services/network/contrail-dpdk.yaml b/puppet/services/network/contrail-dpdk.yaml
new file mode 100644
index 00000000..65b2a2a1
--- /dev/null
+++ b/puppet/services/network/contrail-dpdk.yaml
@@ -0,0 +1,82 @@
+heat_template_version: pike
+
+description: >
+ OpenStack Neutron Compute OpenContrail plugin
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronMetadataProxySharedSecret:
+ description: Shared secret to prevent spoofing
+ type: string
+ hidden: true
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVrouterGateway:
+ default: '192.168.24.1'
+ description: vRouter default gateway
+ type: string
+ ContrailVrouterNetmask:
+ default: '255.255.255.0'
+ description: vRouter netmask
+ type: string
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Compute OpenContrail plugin
+ value:
+ service_name: contrail_dpdk
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
+ contrail::vrouter::is_dpdk: 'true'
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
+ contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
+ '111 neutron_compute_plugin_opencontrail proxy':
+ dport:
+ - 8097
+ - 8085
+ proto: tcp
+ step_config: |
+ include ::tripleo::network::contrail::vrouter
diff --git a/puppet/services/network/contrail-neutron-plugin.yaml b/puppet/services/network/contrail-neutron-plugin.yaml
index 95951fd5..50a6be48 100644
--- a/puppet/services/network/contrail-neutron-plugin.yaml
+++ b/puppet/services/network/contrail-neutron-plugin.yaml
@@ -33,7 +33,7 @@ parameters:
ContrailExtensions:
description: List of OpenContrail extensions to be enabled
type: comma_delimited_list
- default: ''
+ default: 'ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None'
resources:
ContrailBase:
@@ -54,7 +54,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions
+ - neutron::api_extensions_path: '/usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions:/usr/lib/python2.7/site-packages/neutron_lbaas/extensions'
contrail::vrouter::contrail_extensions: {get_param: ContrailExtensions}
step_config: |
include tripleo::network::contrail::neutron_plugin
diff --git a/puppet/services/network/contrail-tsn.yaml b/puppet/services/network/contrail-tsn.yaml
index 469e18cc..a9655160 100644
--- a/puppet/services/network/contrail-tsn.yaml
+++ b/puppet/services/network/contrail-tsn.yaml
@@ -31,17 +31,18 @@ parameters:
via parameter_defaults in the resource registry.
type: json
NeutronMetadataProxySharedSecret:
- description: Metadata Secret
+ description: Shared secret to prevent spoofing
type: string
- VrouterPhysicalInterface:
+ hidden: true
+ ContrailVrouterPhysicalInterface:
default: 'eth0'
description: vRouter physical interface
type: string
- VrouterGateway:
+ ContrailVrouterGateway:
default: '192.168.24.1'
description: vRouter default gateway
type: string
- VrouterNetmask:
+ ContrailVrouterNetmask:
default: '255.255.255.0'
description: vRouter netmask
type: string
@@ -65,10 +66,10 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
- contrail::vrouter::physical_interface: {get_param: VrouterPhysicalInterface}
- contrail::vrouter::gateway: {get_param: VrouterGateway}
- contrail::vrouter::netmask: {get_param: VrouterNetmask}
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
contrail::vrouter::is_tsn: 'true'
tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
diff --git a/puppet/services/network/contrail-vrouter.yaml b/puppet/services/network/contrail-vrouter.yaml
index d36a5651..1773c367 100644
--- a/puppet/services/network/contrail-vrouter.yaml
+++ b/puppet/services/network/contrail-vrouter.yaml
@@ -31,7 +31,7 @@ parameters:
via parameter_defaults in the resource registry.
type: json
NeutronMetadataProxySharedSecret:
- description: Metadata Secret
+ description: Shared secret to prevent spoofing
type: string
hidden: true
ContrailVrouterPhysicalInterface:
@@ -46,6 +46,10 @@ parameters:
default: '255.255.255.0'
description: vRouter netmask
type: string
+ ContrailVrouterControlNodeIps:
+ description: List of Contrail Node IPs
+ type: comma_delimited_list
+ default: ''
resources:
ContrailBase:
@@ -66,14 +70,16 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
- '111 neutron_compute_plugin_opencontrail proxy':
+ contrail::vrouter::control_node_ips: {get_param: ContrailVrouterControlNodeIps}
+ tripleo.contrail_vrouter.firewall_rules:
+ '111 contrail_vrouter_8085':
+ dport: 8085
+ '112 contrail_vrouter_8097':
dport: 8097
- proto: tcp
step_config: |
include ::tripleo::network::contrail::vrouter
diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml
index aa73fb94..8f96643f 100644
--- a/puppet/services/network/contrail-webui.yaml
+++ b/puppet/services/network/contrail-webui.yaml
@@ -33,6 +33,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailWebuiHttp:
+ default: 8080
+ description: Contrail Webui http port
+ type: number
+ ContrailWebuiHttps:
+ default: 8143
+ description: Contrail Webui https port
+ type: number
resources:
ContrailBase:
@@ -53,8 +61,8 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::webui::http_port: {get_param: [EndpointMap, ContrailWebuiHttpInternal, port] }
- contrail::webui::https_port: {get_param: [EndpointMap, ContrailWebuiHttpsInternal, port] }
+ - contrail::webui::http_port: {get_param: ContrailWebuiHttp }
+ contrail::webui::https_port: {get_param: ContrailWebuiHttps }
contrail::webui::redis_ip: '127.0.0.1'
step_config: |
include ::tripleo::network::contrail::webui
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index d650b11f..459a968a 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -50,7 +50,7 @@ parameters:
description: Allow automatic l3-agent failover
type: string
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NeutronEnableDVR:
diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml
index 5842149f..f1a56530 100644
--- a/puppet/services/neutron-compute-plugin-nuage.yaml
+++ b/puppet/services/neutron-compute-plugin-nuage.yaml
@@ -31,7 +31,7 @@ parameters:
via parameter_defaults in the resource registry.
type: json
NovaPassword:
- description: The password for the nova service account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NuageMetadataPort:
diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml
index 0d56b3b1..a3baf710 100644
--- a/puppet/services/neutron-l3-compute-dvr.yaml
+++ b/puppet/services/neutron-l3-compute-dvr.yaml
@@ -34,6 +34,7 @@ parameters:
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
MonitoringSubscriptionNeutronL3Dvr:
default: 'overcloud-neutron-l3-dvr'
type: string
diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml
index 82371337..7ccf526a 100644
--- a/puppet/services/neutron-l3.yaml
+++ b/puppet/services/neutron-l3.yaml
@@ -33,6 +33,7 @@ parameters:
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
NeutronL3AgentMode:
description: |
Agent mode for L3 agent. Must be one of legacy or dvr_snat.
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 1d4029cf..7894f78b 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -32,8 +32,7 @@ parameters:
type: json
NeutronEnableL2Pop:
type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
+ description: Enable/disable the L2 population feature in the Neutron agents.
default: "False"
NeutronBridgeMappings:
description: >
@@ -47,8 +46,7 @@ parameters:
default: "datacentre:br-ex"
NeutronTunnelTypes:
default: 'vxlan'
- description: |
- The tunnel types for the Neutron tenant network.
+ description: The tunnel types for the Neutron tenant network.
type: comma_delimited_list
NeutronAgentExtensions:
default: "qos"
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index d98d1620..dd757b5d 100644
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -53,8 +53,8 @@ parameters:
default: 'datacentre:1:1000'
description: >
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
+ Neutron documentation for permitted values. Defaults to permitting VLANs
+ 1 to 1000 on the 'datacentre' physical network (See NeutronBridgeMappings).
type: comma_delimited_list
NeutronTunnelIdRanges:
description: |
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index a28f4672..b413fb12 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -35,7 +35,7 @@ parameters:
description: Number of workers for Nova services.
type: number
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index 82f8bc13..08302ee9 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -41,7 +41,7 @@ parameters:
constraints:
- allowed_values: [ 'messagingv2', 'noop' ]
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NeutronPassword:
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index d0f8fda2..6e1f3f56 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -97,14 +97,20 @@ parameters:
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
- default: auto
+ default: ''
MigrationSshKey:
type: json
description: >
SSH key for migration.
Expects a dictionary with keys 'public_key' and 'private_key'.
Values should be identical to SSH public/private key files.
- default: {}
+ default:
+ public_key: ''
+ private_key: ''
+ MigrationSshPort:
+ default: 22
+ description: Target port for migration over ssh
+ type: number
resources:
NovaBase:
@@ -159,14 +165,9 @@ outputs:
NovaPCIPassthrough: {get_param: NovaPCIPassthrough}
# we manage migration in nova common puppet profile
nova::compute::libvirt::migration_support: false
- tripleo::profile::base::nova::manage_migration: true
- tripleo::profile::base::nova::migration_ssh_key: {get_param: MigrationSshKey}
- tripleo::profile::base::nova::migration_ssh_localaddrs:
- - "%{hiera('cold_migration_ssh_inbound_addr')}"
- - "%{hiera('live_migration_ssh_inbound_addr')}"
- live_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
- cold_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaColdMigrationNetwork]}
- tripleo::profile::base::nova::nova_compute_enabled: true
+ tripleo::profile::base::nova::migration::client::nova_compute_enabled: true
+ tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]}
+ tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort}
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend}
diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml
index a6638be0..5abad452 100644
--- a/puppet/services/nova-conductor.yaml
+++ b/puppet/services/nova-conductor.yaml
@@ -45,7 +45,7 @@ parameters:
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
- default: auto
+ default: ''
conditions:
nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index 3a5d7536..e2ae7260 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -30,6 +30,20 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ CephClientUserName:
+ default: openstack
+ type: string
+ CephClientKey:
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephClusterFSID:
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
+ CinderEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Cinder
+ type: boolean
NovaComputeLibvirtType:
type: string
default: kvm
@@ -70,6 +84,19 @@ parameters:
the InternalTLSCAFile parameter) is not desired. The current
default reflects TripleO's default CA, which is FreeIPA.
It will only be used if internal TLS is enabled.
+ MigrationSshKey:
+ type: json
+ description: >
+ SSH key for migration.
+ Expects a dictionary with keys 'public_key' and 'private_key'.
+ Values should be identical to SSH public/private key files.
+ default:
+ public_key: ''
+ private_key: ''
+ MigrationSshPort:
+ default: 22
+ description: Target port for migration over ssh
+ type: number
conditions:
@@ -111,8 +138,12 @@ outputs:
- nova::compute::libvirt::manage_libvirt_services: false
# we manage migration in nova common puppet profile
nova::compute::libvirt::migration_support: false
- tripleo::profile::base::nova::manage_migration: true
- tripleo::profile::base::nova::libvirt_enabled: true
+ nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+ nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
+ nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
+ tripleo::profile::base::nova::migration::client::libvirt_enabled: true
+ tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]}
+ tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort}
nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents}
@@ -120,6 +151,7 @@ outputs:
nova::compute::libvirt::qemu::max_files: 32768
nova::compute::libvirt::qemu::max_processes: 131072
nova::compute::libvirt::vncserver_listen: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
+ rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
tripleo.nova_libvirt.firewall_rules:
'200 nova_libvirt':
dport:
@@ -132,7 +164,7 @@ outputs:
- use_tls_for_live_migration
-
generate_service_certificates: true
- tripleo::profile::base::nova::libvirt_tls: true
+ tripleo::profile::base::nova::migration::client::libvirt_tls: true
nova::migration::libvirt::live_migration_inbound_addr:
str_replace:
template:
diff --git a/puppet/services/nova-migration-target.yaml b/puppet/services/nova-migration-target.yaml
new file mode 100644
index 00000000..128abc2c
--- /dev/null
+++ b/puppet/services/nova-migration-target.yaml
@@ -0,0 +1,57 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack Nova migration target configured with Puppet
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ MigrationSshKey:
+ type: json
+ description: >
+ SSH key for migration.
+ Expects a dictionary with keys 'public_key' and 'private_key'.
+ Values should be identical to SSH public/private key files.
+ default:
+ public_key: ''
+ private_key: ''
+
+outputs:
+ role_data:
+ description: Role data for the Nova migration target service.
+ value:
+ service_name: nova_migration_target
+ config_settings:
+ tripleo::profile::base::nova::migration::target::ssh_authorized_keys:
+ - {get_param: [ MigrationSshKey, public_key ]}
+ tripleo::profile::base::nova::migration::target::ssh_localaddrs:
+ - "%{hiera('cold_migration_ssh_inbound_addr')}"
+ - "%{hiera('live_migration_ssh_inbound_addr')}"
+ live_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
+ cold_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaColdMigrationNetwork]}
+ step_config: |
+ include tripleo::profile::base::nova::migration::target
diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml
index 5cb4ef5c..916cefd9 100644
--- a/puppet/services/nova-placement.yaml
+++ b/puppet/services/nova-placement.yaml
@@ -35,7 +35,7 @@ parameters:
description: Number of workers for Nova services.
type: number
NovaPassword:
- description: The password for the nova service and db account, used by nova-placement.
+ description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index da925181..472dbcce 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -58,6 +58,10 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ OpenDaylightManageRepositories:
+ description: Whether to manage the OpenDaylight repository
+ type: boolean
+ default: false
outputs:
role_data:
@@ -72,6 +76,7 @@ outputs:
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
+ opendaylight::manage_repositories: {get_param: OpenDaylightManageRepositories}
tripleo.opendaylight_api.firewall_rules:
'137 opendaylight api':
dport:
diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/ovn-controller.yaml
index dfd87eda..30720448 100644
--- a/puppet/services/neutron-compute-plugin-ovn.yaml
+++ b/puppet/services/ovn-controller.yaml
@@ -1,7 +1,7 @@
heat_template_version: pike
description: >
- OpenStack Neutron Compute OVN agent
+ OpenStack OVN Controller agent
parameters:
EndpointMap:
@@ -45,23 +45,23 @@ parameters:
bridge on hosts - to a physical name 'datacentre' which can be used
to create provider networks (and we use this for the default floating
network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name
+ scripts or be sure to keep 'datacentre' as a mapping network name.
type: comma_delimited_list
default: "datacentre:br-ex"
outputs:
role_data:
- description: Role data for the Neutron Compute OVN agent
+ description: Role data for the OVN Controller agent
value:
- service_name: neutron_compute_plugin_ovn
+ service_name: ovn_controller
config_settings:
ovn::southbound::port: {get_param: OVNSouthboundServerPort}
ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
ovn::controller::ovn_encap_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]}
ovn::controller::ovn_bridge_mappings: {get_param: NeutronBridgeMappings}
nova::compute::force_config_drive: true
- tripleo.neutron_compute_plugin_ovn.firewall_rules:
+ tripleo.ovn_controller.firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
dport: 4789
@@ -70,3 +70,17 @@ outputs:
dport: 6081
step_config: |
include ::tripleo::profile::base::neutron::agents::ovn
+ upgrade_tasks:
+ - name: Check if ovn_controller is deployed
+ command: systemctl is-enabled ovn-controller
+ tags: common
+ ignore_errors: True
+ register: ovn_controller_enabled
+ - name: "PreUpgrade step0,validation: Check service ovn-controller is running"
+ shell: /usr/bin/systemctl show 'ovn-controller' --property ActiveState | grep '\bactive\b'
+ when: ovn_controller_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop ovn-controller service
+ tags: step1
+ when: ovn_controller_enabled.rc == 0
+ service: name=ovn-controller state=stopped
diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml
index f6f3e3c8..2b98008b 100644
--- a/puppet/services/ovn-dbs.yaml
+++ b/puppet/services/ovn-dbs.yaml
@@ -57,3 +57,17 @@ outputs:
- {get_param: OVNSouthboundServerPort}
step_config: |
include ::tripleo::profile::base::neutron::ovn_northd
+ upgrade_tasks:
+ - name: Check if ovn_northd is deployed
+ command: systemctl is-enabled ovn-northd
+ tags: common
+ ignore_errors: True
+ register: ovn_northd_enabled
+ - name: "PreUpgrade step0,validation: Check service ovn-northd is running"
+ shell: /usr/bin/systemctl show 'ovn-northd' --property ActiveState | grep '\bactive\b'
+ when: ovn_northd_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop ovn-northd service
+ tags: step1
+ when: ovn_northd_enabled.rc == 0
+ service: name=ovn-northd state=stopped
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index 893e8418..158d04bd 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -105,11 +105,6 @@ parameters:
description: Whether to deploy a LoadBalancer on the Controller
type: boolean
- PacemakerResources:
- type: comma_delimited_list
- description: List of resources managed by pacemaker
- default: ['rabbitmq', 'galera']
-
outputs:
role_data:
description: Role data for the Pacemaker role.
@@ -156,20 +151,8 @@ outputs:
async: 30
poll: 4
- name: Stop pacemaker cluster
- tags: step2
+ tags: step3
pacemaker_cluster: state=offline
- name: Start pacemaker cluster
tags: step4
pacemaker_cluster: state=online
- - name: Check pacemaker resource
- tags: step4
- pacemaker_is_active:
- resource: "{{ item }}"
- max_wait: 500
- with_items: {get_param: PacemakerResources}
- - name: Check pacemaker haproxy resource
- tags: step4
- pacemaker_is_active:
- resource: haproxy
- max_wait: 500
- when: {get_param: EnableLoadBalancer}
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index 66f5c4b6..5867721a 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -97,7 +97,7 @@ outputs:
NODE_PORT: ''
NODE_IP_ADDRESS: ''
RABBITMQ_NODENAME: "rabbit@%{::hostname}"
- RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
+ RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<15000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<15000:64/native>>}]"'
'export ERL_EPMD_ADDRESS': "%{hiera('rabbitmq::interface')}"
rabbitmq_kernel_variables:
inet_dist_listen_min: '25672'
diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml
index 283bb3f3..06e8180d 100644
--- a/puppet/services/swift-proxy.yaml
+++ b/puppet/services/swift-proxy.yaml
@@ -35,7 +35,7 @@ parameters:
description: Set to True to enable debugging on all services.
type: string
SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
+ description: The password for the swift service account
type: string
hidden: true
SwiftProxyNodeTimeout:
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index 40bc1368..f9c3cbae 100644
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -130,6 +130,7 @@ outputs:
- openstack-swift-container-updater
- openstack-swift-container
- openstack-swift-object-auditor
+ - openstack-swift-object-expirer
- openstack-swift-object-replicator
- openstack-swift-object-updater
- openstack-swift-object
diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml
index 7661dd2f..541a2eb6 100644
--- a/puppet/services/tacker.yaml
+++ b/puppet/services/tacker.yaml
@@ -37,6 +37,7 @@ parameters:
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
TackerDebug:
default: ''
description: Set to True to enable debugging Tacker service.
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index e52dd71e..e471c2a6 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -32,7 +32,7 @@ parameters:
type: json
EnablePackageInstall:
default: 'false'
- description: Set to true to enable package installation via Puppet
+ description: Set to true to enable package installation at deploy time
type: boolean
outputs:
diff --git a/puppet/services/tuned.yaml b/puppet/services/tuned.yaml
new file mode 100644
index 00000000..f1dec931
--- /dev/null
+++ b/puppet/services/tuned.yaml
@@ -0,0 +1,50 @@
+heat_template_version: ocata
+
+description: >
+ Configure tuned
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ TunedProfileName:
+ default: ''
+ description: Tuned Profile to apply to the host
+ type: string
+
+outputs:
+ role_data:
+ description: Role data for tuned
+ value:
+ service_name: tuned
+ config_settings:
+ map_replace:
+ - map_replace:
+ - tripleo::profile::base::tuned::profile: TunedProfileName
+ - values: {get_param: RoleParameters}
+ - values: {'TunedProfileName': {get_param: TunedProfileName}}
+ step_config: |
+ include ::tripleo::profile::base::tuned
diff --git a/puppet/services/veritas-hyperscale-controller.yaml b/puppet/services/veritas-hyperscale-controller.yaml
new file mode 100644
index 00000000..fe641ad6
--- /dev/null
+++ b/puppet/services/veritas-hyperscale-controller.yaml
@@ -0,0 +1,106 @@
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+heat_template_version: ocata
+
+description: >
+ Openstack Veritas HyperScale backend
+
+parameters:
+ VrtsRabbitPassword:
+ type: string
+ description: The Rabbitmq password of the hyperscale user. Mandatory.
+ VrtsKeystonePassword:
+ type: string
+ description: The Keystone password of the hyperscale service. Mandatory.
+ VrtsMysqlPassword:
+ type: string
+ description: The MySQL password of the hyperscale user. Mandatory.
+ VrtsCtrlMgmtIP:
+ type: string
+ default: ''
+ description: The management IP of HyperScale. The value will be inferred
+ from the rest of the deployment settings if left blank.
+ VrtsDashboardIP:
+ type: string
+ default: ''
+ description: The dashboard IP of HyperScale. The value will be inferred
+ from the rest of the deployment settings if left blank.
+ VrtsZookeeperIP:
+ type: string
+ description: The IP of a node where Zookeeper is configured. Mandatory.
+ VrtsSSHPassword:
+ type: string
+ description: The SSH password of the hyperscale user. Mandatory.
+ VrtsConfigParam1:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ VrtsConfigParam2:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ VrtsConfigParam3:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+outputs:
+ role_data:
+ description: Install Veritas HyperScale packages for controller.
+ value:
+ service_name: veritas_hyperscale_controller
+ config_settings:
+ global_config_settings:
+ vrts_ctrl_mgmt_ip: {get_param: VrtsCtrlMgmtIP}
+ vrts_dashboard_ip: {get_param: VrtsDashboardIP}
+ vrts_zookeeper_ip: {get_param: VrtsZookeeperIP}
+ vrts_ssh_passwd: {get_param: VrtsSSHPassword}
+ vrts_config_param1: {get_param: VrtsConfigParam1}
+ vrts_config_param2: {get_param: VrtsConfigParam2}
+ vrts_config_param3: {get_param: VrtsConfigParam3}
+ step_config: |
+ include ::veritas_hyperscale::controller_pkg_inst
+ service_config_settings:
+ rabbitmq:
+ vrts_rabbitmq_passwd: {get_param: VrtsRabbitPassword}
+ keystone:
+ vrts_keystone_passwd: {get_param: VrtsKeystonePassword}
+ mysql:
+ vrts_mysql_passwd: {get_param: VrtsMysqlPassword}
diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
index debdc742..4a1ad179 100644
--- a/puppet/services/zaqar.yaml
+++ b/puppet/services/zaqar.yaml
@@ -56,6 +56,14 @@ parameters:
type: string
description: Set the number of workers for zaqar::wsgi::apache
default: '%{::os_workers}'
+ ZaqarMessageStore:
+ type: string
+ description: The messaging store for Zaqar
+ default: mongodb
+ ZaqarManagementStore:
+ type: string
+ description: The management store for Zaqar
+ default: mongodb
EnableInternalTLS:
type: boolean
default: false
@@ -63,6 +71,8 @@ parameters:
conditions:
zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']}
+ zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']}
+ zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
resources:
@@ -95,7 +105,7 @@ outputs:
- {get_param: ZaqarDebug }
zaqar::server::service_name: 'httpd'
zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
- zaqar::wsgi::apache::ssl: false
+ zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS}
zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
zaqar::message_pipeline: 'zaqar.notification.notifier'
zaqar::unreliable: true
@@ -105,28 +115,71 @@ outputs:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
+ zaqar::message_store: {get_param: ZaqarMessageStore}
+ zaqar::management_store: {get_param: ZaqarManagementStore}
+ -
+ if:
+ - zaqar_messaging_store_swift
+ -
+ zaqar::messaging::swift::uri:
+ list_join:
+ - ''
+ - ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service']
+ zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ tripleo::profile::base::zaqar::messaging_store: 'swift'
+ - {}
+ -
+ if:
+ - zaqar_management_store_sqlalchemy
+ -
+ tripleo::profile::base::zaqar::management_store: 'sqlalchemy'
+ zaqar::management::sqlalchemy::uri:
+ make_url:
+ scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
+ username: zaqar
+ password: {get_param: ZaqarPassword}
+ host: {get_param: [EndpointMap, MysqlInternal, host]}
+ path: /zaqar
+ query:
+ read_default_file: /etc/my.cnf.d/tripleo.cnf
+ read_default_group: tripleo
+ - {}
-
if:
- zaqar_workers_zero
- {}
- zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
service_config_settings:
- keystone:
- zaqar::keystone::auth::password: {get_param: ZaqarPassword}
- zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
- zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
- zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
- zaqar::keystone::auth::region: {get_param: KeystoneRegion}
- zaqar::keystone::auth::tenant: 'service'
- zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
- zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
- zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
- zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
- zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
- zaqar::keystone::auth_websocket::tenant: 'service'
-
+ map_merge:
+ - keystone:
+ zaqar::keystone::auth::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
+ zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
+ zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
+ zaqar::keystone::auth::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth::tenant: 'service'
+ zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
+ zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
+ zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
+ zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth_websocket::tenant: 'service'
+ -
+ if:
+ - zaqar_management_store_sqlalchemy
+ - mysql:
+ zaqar::db::mysql::user: zaqar
+ zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ zaqar::db::mysql::dbname: zaqar
+ zaqar::db::mysql::password: {get_param: ZaqarPassword}
+ zaqar::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+ - {}
step_config: |
include ::tripleo::profile::base::zaqar
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
yaql:
expression: $.data.apache_upgrade + $.data.zaqar_upgrade
diff --git a/releasenotes/notes/ceph-ansible-workflow-70f7d52faf4cd419.yaml b/releasenotes/notes/ceph-ansible-workflow-70f7d52faf4cd419.yaml
new file mode 100644
index 00000000..c7d1826d
--- /dev/null
+++ b/releasenotes/notes/ceph-ansible-workflow-70f7d52faf4cd419.yaml
@@ -0,0 +1,14 @@
+---
+prelude: >
+ Deployment of Ceph in containers is implemented using a Mistral workflow.
+other:
+ - |
+ It is possible to deploy Ceph in docker containers in the overcloud. This
+ is implemented by triggering `ceph-ansible` via a Mistral workflow. A new
+ `CephAnsibleExtraConfig` parameter has been added to the templates and can
+ be used to provide arbitrary config variables consumed by `ceph-ansible`.
+ The pre-existing template params consumed by the TripleO Pike release to
+ drive `puppet-ceph` continue to work and are translated, when possible, into
+ their equivalent `ceph-ansible` variable. To enable the deployment of Ceph
+ in containers use `environments/ceph-ansible/ceph-ansible.yaml` when
+ deploying the overcloud. \ No newline at end of file
diff --git a/releasenotes/notes/cleanup-odl-clustering-93a3ec132f3c2343.yaml b/releasenotes/notes/cleanup-odl-clustering-93a3ec132f3c2343.yaml
new file mode 100644
index 00000000..01ce1758
--- /dev/null
+++ b/releasenotes/notes/cleanup-odl-clustering-93a3ec132f3c2343.yaml
@@ -0,0 +1,6 @@
+---
+deprecations:
+ - Deprecate and remove configuring clustering for
+ OpenDaylight container using an exec.
+ Configuration is now handled via puppet-opendaylight
+ using file resources.
diff --git a/releasenotes/notes/composable-veritas-hyperscale-driver-e7f0a35d7d9a8df1.yaml b/releasenotes/notes/composable-veritas-hyperscale-driver-e7f0a35d7d9a8df1.yaml
new file mode 100644
index 00000000..3c17e242
--- /dev/null
+++ b/releasenotes/notes/composable-veritas-hyperscale-driver-e7f0a35d7d9a8df1.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Add support for Veritas HyperScale Cinder backend.
diff --git a/releasenotes/notes/computeovsdpdk-role-67d53a405ce4174b.yaml b/releasenotes/notes/computeovsdpdk-role-67d53a405ce4174b.yaml
new file mode 100644
index 00000000..ec7f40c9
--- /dev/null
+++ b/releasenotes/notes/computeovsdpdk-role-67d53a405ce4174b.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - A new role ComputeOvsDpdk has been added to enable dynamic roles_data
+ creation with OVS-DPDK role.
diff --git a/releasenotes/notes/contrail-bugfixes-and-dpdk-enabling-0233a06e23259660.yaml b/releasenotes/notes/contrail-bugfixes-and-dpdk-enabling-0233a06e23259660.yaml
new file mode 100644
index 00000000..776c7b48
--- /dev/null
+++ b/releasenotes/notes/contrail-bugfixes-and-dpdk-enabling-0233a06e23259660.yaml
@@ -0,0 +1,9 @@
+---
+features:
+ - |
+ This patch enables the configuration of Contrail DPDK on the Compute nodes
+ by specifying the required parameters in an environment file.
+fixes:
+ - |
+ The patch moves the Contrail control plane communication from the public
+ network to the internal_api network.
diff --git a/releasenotes/notes/opendaylight-manage-repos-9eaf900c08e8d96f.yaml b/releasenotes/notes/opendaylight-manage-repos-9eaf900c08e8d96f.yaml
new file mode 100644
index 00000000..b7497b19
--- /dev/null
+++ b/releasenotes/notes/opendaylight-manage-repos-9eaf900c08e8d96f.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+ - |
+ Adding the ability to disable the OpenDaylight upstream repository.
+ Introducing the OpenDaylightManageRepositories parameter.
diff --git a/releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml b/releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml
new file mode 100644
index 00000000..23f482a1
--- /dev/null
+++ b/releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - Added support for DPDK with OvS2.7, which requires huge page
+ configuration (with reboot) to be available before enabling DPDK.
+
diff --git a/releasenotes/notes/ps-san_private_key-5aa111e7907ba600.yaml b/releasenotes/notes/ps-san_private_key-5aa111e7907ba600.yaml
new file mode 100644
index 00000000..63593311
--- /dev/null
+++ b/releasenotes/notes/ps-san_private_key-5aa111e7907ba600.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - Added new parameter san_private_key to configure SSH Private Key
+ for the PS Series cinder backend
diff --git a/releasenotes/notes/systemd-d9a41bb3709d0653.yaml b/releasenotes/notes/systemd-d9a41bb3709d0653.yaml
deleted file mode 100644
index af66f89d..00000000
--- a/releasenotes/notes/systemd-d9a41bb3709d0653.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-fixes:
- - |
- Latest commits in puppet-systemd enabled by default systemd-networkd and
- systemd-resolved but we don't want to manage them for now in TripleO.
- MySQL and MongoDB services were managing some systemd resources so now
- we ensure that these 2 systemd services are disabled. In the future, we
- might want and activate these services and revert that patch but for now
- we want to disable them.
diff --git a/releasenotes/notes/tuned-service-650c0eec1cf12a4d.yaml b/releasenotes/notes/tuned-service-650c0eec1cf12a4d.yaml
new file mode 100644
index 00000000..30e72db4
--- /dev/null
+++ b/releasenotes/notes/tuned-service-650c0eec1cf12a4d.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - Allows the user to set the tuned profile on a given
+ host. Defaults to throughput-performance.
diff --git a/releasenotes/notes/zaqar_backends-ccf8adfd24a17bf5.yaml b/releasenotes/notes/zaqar_backends-ccf8adfd24a17bf5.yaml
new file mode 100644
index 00000000..a72da829
--- /dev/null
+++ b/releasenotes/notes/zaqar_backends-ccf8adfd24a17bf5.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - |
+ Add Heat parameters which allow the end user to configure custom
+ management and messaging backends for MySQL and Swift.
diff --git a/releasenotes/notes/zaqar_undercloud_backends-f63224a2a3aa684e.yaml b/releasenotes/notes/zaqar_undercloud_backends-f63224a2a3aa684e.yaml
new file mode 100644
index 00000000..64a41424
--- /dev/null
+++ b/releasenotes/notes/zaqar_undercloud_backends-f63224a2a3aa684e.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - |
+ Update undercloud default Heat parameters so we use the Zaqar swift/mysql
+ backends. This allows us to drop MongoDB from the undercloud.
diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py
index 7b41a9e2..939b263c 100644
--- a/releasenotes/source/conf.py
+++ b/releasenotes/source/conf.py
@@ -52,7 +52,7 @@ copyright = u'2017, TripleO Developers'
# built documents.
#
# The full version, including alpha/beta/rc tags.
-release = '7.0.0.0b2'
+release = '7.0.0.0b3'
# The short X.Y version.
version = '7.0.0'
diff --git a/roles/BlockStorage.yaml b/roles/BlockStorage.yaml
index b0117400..e4fdfa44 100644
--- a/roles/BlockStorage.yaml
+++ b/roles/BlockStorage.yaml
@@ -13,6 +13,7 @@
- OS::TripleO::Services::BlockStorageCinderVolume
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Docker
- OS::TripleO::Services::FluentdClient
@@ -27,3 +28,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
diff --git a/roles/CephStorage.yaml b/roles/CephStorage.yaml
index 647c4d5a..f3978c5b 100644
--- a/roles/CephStorage.yaml
+++ b/roles/CephStorage.yaml
@@ -25,3 +25,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
diff --git a/roles/Compute.yaml b/roles/Compute.yaml
index 75a6f608..56daa864 100644
--- a/roles/Compute.yaml
+++ b/roles/Compute.yaml
@@ -33,6 +33,7 @@
- OS::TripleO::Services::NeutronVppAgent
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::Securetty
@@ -42,4 +43,6 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
diff --git a/roles/ComputeHCI.yaml b/roles/ComputeHCI.yaml
index a04a12e1..0e8a90b7 100644
--- a/roles/ComputeHCI.yaml
+++ b/roles/ComputeHCI.yaml
@@ -33,6 +33,7 @@
- OS::TripleO::Services::NeutronVppAgent
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::Securetty
@@ -42,4 +43,6 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
diff --git a/roles/ComputeOvsDpdk.yaml b/roles/ComputeOvsDpdk.yaml
new file mode 100644
index 00000000..7c3cd218
--- /dev/null
+++ b/roles/ComputeOvsDpdk.yaml
@@ -0,0 +1,41 @@
+###############################################################################
+# Role: ComputeOvsDpdk #
+###############################################################################
+- name: ComputeOvsDpdk
+ description: |
+ Compute OvS DPDK Role
+ CountDefault: 1
+ networks:
+ - InternalApi
+ - Tenant
+ - Storage
+ HostnameFormatDefault: '%stackname%-computeovsdpdk-%index%'
+ disable_upgrade_deployment: True
+ ServicesDefault:
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::ComputeCeilometerAgent
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::ComputeNeutronL3Agent
+ - OS::TripleO::Services::ComputeNeutronMetadataAgent
+ - OS::TripleO::Services::ComputeNeutronOvsDpdk
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
diff --git a/roles/Controller.yaml b/roles/Controller.yaml
index e3af321e..d702a63d 100644
--- a/roles/Controller.yaml
+++ b/roles/Controller.yaml
@@ -40,6 +40,7 @@
- OS::TripleO::Services::CinderBackendDellSc
- OS::TripleO::Services::CinderBackendNetApp
- OS::TripleO::Services::CinderBackendScaleIO
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::CinderScheduler
@@ -108,6 +109,7 @@
- OS::TripleO::Services::OpenDaylightApi
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::RabbitMQ
@@ -125,5 +127,6 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
diff --git a/roles/ControllerOpenstack.yaml b/roles/ControllerOpenstack.yaml
index 4ad405aa..10d76dd7 100644
--- a/roles/ControllerOpenstack.yaml
+++ b/roles/ControllerOpenstack.yaml
@@ -57,6 +57,7 @@
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
@@ -85,6 +86,7 @@
- OS::TripleO::Services::OpenDaylightApi
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::Redis
@@ -100,6 +102,7 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
diff --git a/roles/Database.yaml b/roles/Database.yaml
index 75b26a8c..e101fd4f 100644
--- a/roles/Database.yaml
+++ b/roles/Database.yaml
@@ -22,4 +22,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
diff --git a/roles/IronicConductor.yaml b/roles/IronicConductor.yaml
index 8a29b337..ae848bc8 100644
--- a/roles/IronicConductor.yaml
+++ b/roles/IronicConductor.yaml
@@ -19,3 +19,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
diff --git a/roles/Messaging.yaml b/roles/Messaging.yaml
index 5b06063f..47e0f920 100644
--- a/roles/Messaging.yaml
+++ b/roles/Messaging.yaml
@@ -21,4 +21,5 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
diff --git a/roles/Networker.yaml b/roles/Networker.yaml
index 635c430f..311e0a7d 100644
--- a/roles/Networker.yaml
+++ b/roles/Networker.yaml
@@ -36,4 +36,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
diff --git a/roles/ObjectStorage.yaml b/roles/ObjectStorage.yaml
index 27dc1233..81bedbd1 100644
--- a/roles/ObjectStorage.yaml
+++ b/roles/ObjectStorage.yaml
@@ -28,3 +28,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
diff --git a/roles/README.rst b/roles/README.rst
index cd1fcb47..b21a34b6 100644
--- a/roles/README.rst
+++ b/roles/README.rst
@@ -95,6 +95,7 @@ Example
BlockStorage
CephStorage
Compute
+ ComputeOvsDpdk
Controller
ControllerOpenstack
Database
@@ -151,12 +152,14 @@ Example
* OS::TripleO::Services::ComputeNeutronOvsAgent
* OS::TripleO::Services::Docker
* OS::TripleO::Services::FluentdClient
+ * OS::TripleO::Services::Iscsid
* OS::TripleO::Services::Kernel
* OS::TripleO::Services::MySQLClient
* OS::TripleO::Services::NeutronSriovAgent
* OS::TripleO::Services::NeutronVppAgent
* OS::TripleO::Services::NovaCompute
* OS::TripleO::Services::NovaLibvirt
+ * OS::TripleO::Services::NovaMigrationTarget
* OS::TripleO::Services::Ntp
* OS::TripleO::Services::OpenDaylightOvs
* OS::TripleO::Services::Securetty
diff --git a/roles/Telemetry.yaml b/roles/Telemetry.yaml
index d23ab6e3..b1c73798 100644
--- a/roles/Telemetry.yaml
+++ b/roles/Telemetry.yaml
@@ -29,4 +29,4 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
diff --git a/roles/Undercloud.yaml b/roles/Undercloud.yaml
index f56749a9..a408a21b 100644
--- a/roles/Undercloud.yaml
+++ b/roles/Undercloud.yaml
@@ -26,7 +26,6 @@
- OS::TripleO::Services::MistralApi
- OS::TripleO::Services::MistralEngine
- OS::TripleO::Services::MistralExecutor
- - OS::TripleO::Services::MongoDb
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::NeutronApi
- OS::TripleO::Services::NeutronCorePlugin
@@ -44,6 +43,7 @@
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator
- OS::TripleO::Services::UndercloudAodhListener
diff --git a/roles_data.yaml b/roles_data.yaml
index fe24a423..0d6c8035 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -43,6 +43,7 @@
- OS::TripleO::Services::CinderBackendDellSc
- OS::TripleO::Services::CinderBackendNetApp
- OS::TripleO::Services::CinderBackendScaleIO
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::CinderScheduler
@@ -111,6 +112,7 @@
- OS::TripleO::Services::OpenDaylightApi
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::RabbitMQ
@@ -128,6 +130,7 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
###############################################################################
@@ -165,6 +168,7 @@
- OS::TripleO::Services::NeutronVppAgent
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::Securetty
@@ -174,7 +178,9 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
###############################################################################
# Role: BlockStorage #
###############################################################################
@@ -190,6 +196,7 @@
- OS::TripleO::Services::BlockStorageCinderVolume
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Docker
- OS::TripleO::Services::FluentdClient
@@ -204,6 +211,7 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
###############################################################################
# Role: ObjectStorage #
###############################################################################
@@ -234,6 +242,7 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
###############################################################################
# Role: CephStorage #
###############################################################################
@@ -261,4 +270,5 @@
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml
index 2aa5a291..d61d1a2f 100644
--- a/roles_data_undercloud.yaml
+++ b/roles_data_undercloud.yaml
@@ -29,7 +29,6 @@
- OS::TripleO::Services::MistralApi
- OS::TripleO::Services::MistralEngine
- OS::TripleO::Services::MistralExecutor
- - OS::TripleO::Services::MongoDb
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::NeutronApi
- OS::TripleO::Services::NeutronCorePlugin
@@ -47,6 +46,7 @@
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator
- OS::TripleO::Services::UndercloudAodhListener
diff --git a/sample-env-generator/predictable-placement.yaml b/sample-env-generator/predictable-placement.yaml
index ffda7aca..3a971fbd 100644
--- a/sample-env-generator/predictable-placement.yaml
+++ b/sample-env-generator/predictable-placement.yaml
@@ -15,3 +15,18 @@ environments:
Note %index% is translated into the index of the node, e.g 0/1/2 etc
and %stackname% is replaced with OS::stack_name in the template below.
If you want to use the heat generated names, pass '' (empty string).
+ -
+ name: predictable-placement/custom-domain
+ title: Custom Domain Name
+ files:
+ overcloud.yaml:
+ parameters:
+ - CloudDomain
+ - CloudName
+ - CloudNameInternal
+ - CloudNameStorage
+ - CloudNameStorageManagement
+ - CloudNameCtlplane
+ description: |
+ This environment contains the parameters that need to be set in order to
+ use a custom domain name and have all of the various FQDNs reflect it.
diff --git a/sample-env-generator/storage.yaml b/sample-env-generator/storage.yaml
index aa0385cc..dc4fbb10 100644
--- a/sample-env-generator/storage.yaml
+++ b/sample-env-generator/storage.yaml
@@ -26,6 +26,10 @@ environments:
NovaEnableRbdBackend: True
GlanceBackend: rbd
GnocchiBackend: rbd
+ resource_registry:
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
description: |
Include this environment to enable Ceph as the backend for
Cinder, Nova, Gnocchi, and Glance.
diff --git a/test-requirements.txt b/test-requirements.txt
index 9291450a..1b60459c 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,7 +1,7 @@
# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
-openstackdocstheme>=1.11.0 # Apache-2.0
+openstackdocstheme>=1.11.0 # Apache-2.0
PyYAML>=3.10.0 # MIT
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
diff --git a/tools/process-templates.py b/tools/process-templates.py
index badc1426..07c27bad 100755
--- a/tools/process-templates.py
+++ b/tools/process-templates.py
@@ -96,6 +96,16 @@ def process_templates(template_path, role_data_path, output_dir,
r_map = {}
for r in role_data:
r_map[r.get('name')] = r
+
+ n_map = {}
+ for n in network_data:
+ if (n.get('enabled') is not False):
+ n_map[n.get('name')] = n
+ if not n.get('name_lower'):
+ n_map[n.get('name')]['name_lower'] = n.get('name').lower()
+ else:
+ print("skipping %s network: network is disabled" % n.get('name'))
+
excl_templates = ['%s/%s' % (template_path, e)
for e in j2_excludes.get('name')]
@@ -126,10 +136,13 @@ def process_templates(template_path, role_data_path, output_dir,
for f in files:
file_path = os.path.join(subdir, f)
- # We do two templating passes here:
+ # We do three templating passes here:
# 1. *.role.j2.yaml - we template just the role name
# and create multiple files (one per role)
- # 2. *.j2.yaml - we template with all roles_data,
+ # 2 *.network.j2.yaml - we template the network name and
+ # data and create multiple files for networks and
+ # network ports (one per network)
+ # 3. *.j2.yaml - we template with all roles_data,
# and create one file common to all roles
if f.endswith('.role.j2.yaml'):
print("jinja2 rendering role template %s" % f)
@@ -167,6 +180,30 @@ def process_templates(template_path, role_data_path, output_dir,
else:
print('skipping rendering of %s' % out_f_path)
+
+ elif f.endswith('.network.j2.yaml'):
+ print("jinja2 rendering network template %s" % f)
+ with open(file_path) as j2_template:
+ template_data = j2_template.read()
+ print("jinja2 rendering networks %s" % ",".join(n_map))
+ for network in n_map:
+ j2_data = {'network': n_map[network]}
+ # Output file names in "<name>.yaml" format
+ out_f = os.path.basename(f).replace('.network.j2.yaml',
+ '.yaml')
+ if os.path.dirname(file_path).endswith('ports'):
+ out_f = out_f.replace('port',
+ n_map[network]['name_lower'])
+ else:
+ out_f = out_f.replace('network',
+ n_map[network]['name_lower'])
+ out_f_path = os.path.join(out_dir, out_f)
+ if not (out_f_path in excl_templates):
+ _j2_render_to_file(template_data, j2_data,
+ out_f_path)
+ else:
+ print('skipping rendering of %s' % out_f_path)
+
elif f.endswith('.j2.yaml'):
print("jinja2 rendering normal template %s" % f)
with open(file_path) as j2_template:
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py
index 3828766f..a096d69a 100755
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@@ -31,6 +31,7 @@ envs_containing_endpoint_map = ['tls-endpoints-public-dns.yaml',
'tls-endpoints-public-ip.yaml',
'tls-everywhere-endpoints-dns.yaml']
ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
+OPTIONAL_SECTIONS = ['service_workflow_tasks']
REQUIRED_DOCKER_SECTIONS = ['service_name', 'docker_config', 'puppet_config',
'config_settings', 'step_config']
OPTIONAL_DOCKER_SECTIONS = ['docker_puppet_tasks', 'upgrade_tasks',
@@ -51,6 +52,60 @@ PARAMETER_DEFINITION_EXCLUSIONS = {'ManagementNetCidr': ['default'],
'StorageAllocationPools': ['default'],
'StorageMgmtNetCidr': ['default'],
'StorageMgmtAllocationPools': ['default'],
+ 'TenantNetCidr': ['default'],
+ 'TenantAllocationPools': ['default'],
+ 'InternalApiNetCidr': ['default'],
+ 'InternalApiAllocationPools': ['default'],
+ 'UpdateIdentifier': ['description'],
+ 'key_name': ['default'],
+ # There's one template that defines this
+ # differently, and I'm not sure if we can
+ # safely change it.
+ 'EC2MetadataIp': ['default'],
+ # Same as EC2MetadataIp
+ 'ControlPlaneDefaultRoute': ['default'],
+ # TODO(bnemec): Address these existing
+ # inconsistencies.
+ 'ServiceNetMap': ['description', 'default'],
+ 'network': ['default'],
+ 'ControlPlaneIP': ['default',
+ 'description'],
+ 'ControlPlaneIp': ['default',
+ 'description'],
+ 'NeutronBigswitchLLDPEnabled': ['default'],
+ 'NeutronWorkers': ['description'],
+ 'ServerMetadata': ['description'],
+ 'server': ['description'],
+ 'servers': ['description'],
+ 'ExtraConfig': ['description'],
+ 'DefaultPasswords': ['description',
+ 'default'],
+ 'BondInterfaceOvsOptions': ['description',
+ 'default',
+ 'constraints'],
+ 'KeyName': ['constraints'],
+ 'OVNSouthboundServerPort': ['description'],
+ 'ExternalInterfaceDefaultRoute':
+ ['description', 'default'],
+ 'IPPool': ['description'],
+ 'SSLCertificate': ['description',
+ 'default',
+ 'hidden'],
+ 'HostCpusList': ['default', 'constraints'],
+ 'NodeIndex': ['description'],
+ 'name': ['description', 'default'],
+ 'image': ['description', 'default'],
+ 'NeutronBigswitchAgentEnabled': ['default'],
+ 'EndpointMap': ['description', 'default'],
+ 'DockerManilaConfigImage': ['description',
+ 'default'],
+ 'replacement_policy': ['default'],
+ 'CloudDomain': ['description', 'default'],
+ 'EnableLoadBalancer': ['description'],
+ 'ControllerExtraConfig': ['description'],
+ 'NovaComputeExtraConfig': ['description'],
+ 'controllerExtraConfig': ['description'],
+ 'DockerSwiftConfigImage': ['default'],
}
PREFERRED_CAMEL_CASE = {
@@ -126,6 +181,22 @@ def validate_hci_computehci_role(hci_role_filename, hci_role_tpl):
return 0
+def search(item, check_item, check_key):
+ if check_item(item):
+ return True
+ elif isinstance(item, list):
+ for i in item:
+ if search(i, check_item, check_key):
+ return True
+ elif isinstance(item, dict):
+ for k in item.keys():
+ if check_key(k, item[k]):
+ return True
+ elif search(item[k], check_item, check_key):
+ return True
+ return False
+
+
def validate_mysql_connection(settings):
no_op = lambda *args: False
error_status = [0]
@@ -147,25 +218,69 @@ def validate_mysql_connection(settings):
error_status[0] = 1
return False
- def search(item, check_item, check_key):
- if check_item(item):
- return True
- elif isinstance(item, list):
- for i in item:
- if search(i, check_item, check_key):
- return True
- elif isinstance(item, dict):
- for k in item.keys():
- if check_key(k, item[k]):
- return True
- elif search(item[k], check_item, check_key):
- return True
- return False
-
search(settings, no_op, validate_mysql_uri)
return error_status[0]
+def validate_docker_service_mysql_usage(filename, tpl):
+ no_op = lambda *args: False
+ included_res = []
+
+ def match_included_res(item):
+ is_config_setting = isinstance(item, list) and len(item) > 1 and \
+ item[1:] == ['role_data', 'config_settings']
+ if is_config_setting:
+ included_res.append(item[0])
+ return is_config_setting
+
+ def match_use_mysql_protocol(items):
+ return items == ['EndpointMap', 'MysqlInternal', 'protocol']
+
+ all_content = []
+
+ def read_all(incfile, inctpl):
+ # search for included content
+ content = inctpl['outputs']['role_data']['value'].get('config_settings',{})
+ all_content.append(content)
+ included_res[:] = []
+ if search(content, match_included_res, no_op):
+ files = [inctpl['resources'][x]['type'] for x in included_res]
+ # parse included content
+ for r, f in zip(included_res, files):
+ # disregard class names, only consider file names
+ if 'OS::' in f:
+ continue
+ newfile = os.path.normpath(os.path.dirname(incfile)+'/'+f)
+ newtmp = yaml.load(open(newfile).read())
+ read_all(newfile, newtmp)
+
+ read_all(filename, tpl)
+ if search(all_content, match_use_mysql_protocol, no_op):
+ # ensure this service includes the mysqlclient service
+ resources = tpl['resources']
+ mysqlclient = [x for x in resources
+ if resources[x]['type'].endswith('mysql-client.yaml')]
+ if len(mysqlclient) == 0:
+ print("ERROR: containerized service %s uses mysql but "
+ "resource mysql-client.yaml is not used"
+ % filename)
+ return 1
+
+ # and that mysql::client puppet module is included in puppet-config
+ match_mysqlclient = \
+ lambda x: x == [mysqlclient[0], 'role_data', 'step_config']
+ role_data = tpl['outputs']['role_data']
+ puppet_config = role_data['value']['puppet_config']['step_config']
+ if not search(puppet_config, match_mysqlclient, no_op):
+ print("ERROR: containerized service %s uses mysql but "
+ "puppet_config section does not include "
+ "::tripleo::profile::base::database::mysql::client"
+ % filename)
+ return 1
+
+ return 0
+
+
def validate_docker_service(filename, tpl):
if 'outputs' in tpl and 'role_data' in tpl['outputs']:
if 'value' not in tpl['outputs']['role_data']:
@@ -186,12 +301,18 @@ def validate_docker_service(filename, tpl):
else:
if section_name in OPTIONAL_DOCKER_SECTIONS:
continue
+ elif section_name in OPTIONAL_SECTIONS:
+ continue
else:
print('ERROR: %s is extra in role_data for %s.'
% (section_name, filename))
return 1
if 'puppet_config' in role_data:
+ if validate_docker_service_mysql_usage(filename, tpl):
+ print('ERROR: could not validate use of mysql service for %s.'
+ % filename)
+ return 1
puppet_config = role_data['puppet_config']
for key in puppet_config:
if key in REQUIRED_DOCKER_PUPPET_CONFIG_SECTIONS:
@@ -219,11 +340,13 @@ def validate_docker_service(filename, tpl):
if 'docker_config' in role_data:
docker_config = role_data['docker_config']
for _, step in docker_config.items():
+ if not isinstance(step, dict):
+ # NOTE(mandre) this skips everything that is not a dict
+ # so we may ignore some containers definitions if they
+ # are in a map_merge for example
+ continue
for _, container in step.items():
if not isinstance(container, dict):
- # NOTE(mandre) this skips everything that is not a dict
- # so we may ignore some containers definitions if they
- # are in a map_merge for example
continue
command = container.get('command', '')
if isinstance(command, list):
@@ -422,10 +545,8 @@ for p, defs in param_map.items():
# If all items in the list are not == the first, then the check fails
if check_data.count(check_data[0]) != len(check_data):
mismatch_count += 1
- # TODO(bnemec): Make this a hard failure once all the templates have
- # been fixed.
- #exit_val |= 1
- #failed_files.extend([d['filename'] for d in defs])
+ exit_val |= 1
+ failed_files.extend([d['filename'] for d in defs])
print('Mismatched parameter definitions found for "%s"' % p)
print('Definitions found:')
for d in defs: