diff options
223 files changed, 6357 insertions, 1992 deletions
diff --git a/default_passwords.yaml b/default_passwords.yaml new file mode 100644 index 00000000..7a47f443 --- /dev/null +++ b/default_passwords.yaml @@ -0,0 +1,25 @@ +heat_template_version: 2016-10-14 + +description: Passwords we manage at the top level + +parameters: + DefaultMysqlRootPassword: + type: string + DefaultRabbitCookie: + type: string + DefaultHeatAuthEncryptionKey: + type: string + DefaultPcsdPassword: + type: string + DefaultHorizonSecret: + type: string + +outputs: + passwords: + description: Password data + value: + mysql_root_password: {get_param: DefaultMysqlRootPassword} + rabbit_cookie: {get_param: DefaultRabbitCookie} + heat_auth_encryption_key: {get_param: DefaultHeatAuthEncryptionKey} + pcsd_password: {get_param: DefaultPcsdPassword} + horizon_secret: {get_param: DefaultHorizonSecret} diff --git a/deployed-server/ctlplane-port.yaml b/deployed-server/ctlplane-port.yaml new file mode 100644 index 00000000..eb10fba0 --- /dev/null +++ b/deployed-server/ctlplane-port.yaml @@ -0,0 +1,23 @@ +heat_template_version: 2014-10-16 + +parameters: + Hostname: + type: string + +resources: + + ControlPlanePort: + type: OS::Neutron::Port + properties: + network: ctlplane + name: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + - port + replacement_policy: AUTO + +outputs: + ip_address: + value: {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]} diff --git a/deployed-server/deployed-server.yaml b/deployed-server/deployed-server.yaml index 81941047..da5698e5 100644 --- a/deployed-server/deployed-server.yaml +++ b/deployed-server/deployed-server.yaml @@ -94,16 +94,9 @@ resources: server: {get_resource: deployed-server} ControlPlanePort: - type: OS::Neutron::Port + type: OS::TripleO::DeployedServer::ControlPlanePort properties: - network: ctlplane - name: - list_join: - - '-' - - - {get_attr: [HostsEntryDeployment, hostname]} - - ctlplane - - port - replacement_policy: AUTO + Hostname: {get_attr: [HostsEntryDeployment, hostname]} outputs: # FIXME(shardy) this is needed because TemplateResource returns an @@ -113,7 +106,7 @@ outputs: networks: value: ctlplane: - - {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]} + - {get_attr: [ControlPlanePort, ip_address]} name: value: {get_attr: [HostsEntryDeployment, hostname]} hosts_entry: diff --git a/environments/cinder-backup.yaml b/environments/cinder-backup.yaml new file mode 100644 index 00000000..f01fcbd9 --- /dev/null +++ b/environments/cinder-backup.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::CinderBackup: ../puppet/services/pacemaker/cinder-backup.yaml + # For non-pcmk managed implementation + # OS::TripleO::Services::CinderBackup: ../puppet/services/cinder-backup.yaml
\ No newline at end of file diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml index 3c9e3459..c63d399a 100644 --- a/environments/deployed-server-environment.yaml +++ b/environments/deployed-server-environment.yaml @@ -1,3 +1,4 @@ resource_registry: OS::TripleO::Server: ../deployed-server/deployed-server.yaml OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml + OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/ctlplane-port.yaml diff --git a/environments/deployed-server-noop-ctlplane.yaml b/environments/deployed-server-noop-ctlplane.yaml new file mode 100644 index 00000000..cfda314d --- /dev/null +++ b/environments/deployed-server-noop-ctlplane.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Server: ../deployed-server/deployed-server.yaml + OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml + OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index ee1f5387..39ded654 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -1,59 +1,12 @@ +# Use this environment to pass in certificates for SSL deployments. +# For these values to take effect, one of the tls-endpoints-*.yaml environments +# must also be used. parameter_defaults: SSLCertificate: | The contents of your certificate go here SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here - EndpointMap: - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} - CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} - HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} - KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} - ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - MysqlNoBracketsInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} - SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} resource_registry: OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/major-upgrade-aodh-migration.yaml b/environments/major-upgrade-aodh-migration.yaml new file mode 100644 index 00000000..c1dbde42 --- /dev/null +++ b/environments/major-upgrade-aodh-migration.yaml @@ -0,0 +1,10 @@ +resource_registry: + # aodh data migration + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml + + # no-op the rest + OS::TripleO::ControllerPostDeployment: OS::Heat::None + OS::TripleO::ComputePostDeployment: OS::Heat::None + OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None + OS::TripleO::BlockStoragePostDeployment: OS::Heat::None + OS::TripleO::CephStoragePostDeployment: OS::Heat::None diff --git a/environments/network-environment.yaml b/environments/network-environment.yaml index 062c7bee..d0fc9ec6 100644 --- a/environments/network-environment.yaml +++ b/environments/network-environment.yaml @@ -15,14 +15,23 @@ resource_registry: parameter_defaults: # This section is where deployment-specific configuration is done + # CIDR subnet mask length for provisioning network + ControlPlaneSubnetCidr: '24' + # Gateway router for the provisioning network (or Undercloud IP) + ControlPlaneDefaultRoute: 192.0.2.254 + EC2MetadataIp: 192.0.2.1 # Generally the IP of the Undercloud # Customize the IP subnets to match the local environment InternalApiNetCidr: 172.17.0.0/24 StorageNetCidr: 172.18.0.0/24 StorageMgmtNetCidr: 172.19.0.0/24 TenantNetCidr: 172.16.0.0/24 ExternalNetCidr: 10.0.0.0/24 - # CIDR subnet mask length for provisioning network - ControlPlaneSubnetCidr: '24' + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 20 + StorageNetworkVlanID: 30 + StorageMgmtNetworkVlanID: 40 + TenantNetworkVlanID: 50 + ExternalNetworkVlanID: 10 # Customize the IP ranges on each network to use for static IPs and VIPs InternalApiAllocationPools: [{'start': '172.17.0.10', 'end': '172.17.0.200'}] StorageAllocationPools: [{'start': '172.18.0.10', 'end': '172.18.0.200'}] @@ -32,19 +41,16 @@ parameter_defaults: ExternalAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.50'}] # Gateway router for the external network ExternalInterfaceDefaultRoute: 10.0.0.1 - # Gateway router for the provisioning network (or Undercloud IP) - ControlPlaneDefaultRoute: 192.0.2.254 - # Generally the IP of the Undercloud - EC2MetadataIp: 192.0.2.1 + # Uncomment if using the Management Network (see network-management.yaml) + # ManagementNetCidr: 10.0.1.0/24 + # ManagementAllocationPools: [{'start': '10.0.1.10', 'end', '10.0.1.50'}] + # Use either this parameter or ControlPlaneDefaultRoute in the NIC templates + # ManagementInterfaceDefaultRoute: 10.0.1.1 # Define the DNS servers (maximum 2) for the overcloud nodes DnsServers: ["8.8.8.8","8.8.4.4"] - # Customize the VLAN IDs to match the local environment - InternalApiNetworkVlanID: 10 - StorageNetworkVlanID: 20 - StorageMgmtNetworkVlanID: 30 - TenantNetworkVlanID: 40 - ExternalNetworkVlanID: 50 # Set to empty string to enable multiple external networks or VLANs NeutronExternalNetworkBridge: "''" + # The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling. + NeutronTunnelTypes: 'vxlan' # Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100" BondInterfaceOvsOptions: "bond_mode=active-backup" diff --git a/environments/neutron-opencontrail.yaml b/environments/neutron-opencontrail.yaml index 4895287e..f2209ce2 100644 --- a/environments/neutron-opencontrail.yaml +++ b/environments/neutron-opencontrail.yaml @@ -14,7 +14,7 @@ resource_registry: parameter_defaults: NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 NeutronServicePlugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin - NeutronEnableTunnelling: false + NeutronTunnelTypes: '' # required params: #ContrailApiServerIp: diff --git a/environments/neutron-ovs-dvr.yaml b/environments/neutron-ovs-dvr.yaml new file mode 100644 index 00000000..223c2531 --- /dev/null +++ b/environments/neutron-ovs-dvr.yaml @@ -0,0 +1,24 @@ +# A Heat environment file that enables DVR in the overcloud. +# This works by configuring L3 and Metadata agents on the +# compute nodes. +resource_registry: + OS::TripleO::Services::ComputeNeutronL3Agent: ../puppet/services/neutron-l3-compute-dvr.yaml + OS::TripleO::Services::ComputeNeutronMetadataAgent: ../puppet/services/neutron-metadata.yaml + + # With DVR enabled, the Compute nodes also need the br-ex bridge to be + # connected to a physical network. + OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml + +parameter_defaults: + + # DVR requires that the L2 population feature is enabled + NeutronMechanismDrivers: ['openvswitch', 'l2population'] + NeutronEnableL2Pop: 'True' + + # Setting NeutronEnableDVR enables distributed routing support in the + # ML2 plugin and agents that support this feature + NeutronEnableDVR: true + + # We also need to set the proper agent mode for the L3 agent. This will only + # affect the agent on the controller node. + NeutronL3AgentMode: 'dvr_snat' diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml index a9e459df..9c8abbb4 100644 --- a/environments/puppet-ceph-devel.yaml +++ b/environments/puppet-ceph-devel.yaml @@ -16,6 +16,7 @@ parameter_defaults: CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw==' NovaEnableRbdBackend: true CinderEnableRbdBackend: true + CinderBackupBackend: ceph GlanceBackend: rbd GnocchiBackend: rbd CinderEnableIscsiBackend: false diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index d5e0b1b5..06e4f7aa 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -2,9 +2,12 @@ # use of an externally managed Ceph cluster. resource_registry: OS::TripleO::Services::CephExternal: ../puppet/services/ceph-external.yaml + OS::TripleO::Services::CephMon: OS::Heat::None + OS::TripleO::Services::CephClient: OS::Heat::None + OS::TripleO::Services::CephOSD: OS::Heat::None parameter_defaults: - # NOTE: These example parameters are required when using Ceph External + # NOTE: These example parameters are required when using CephExternal #CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' #CephClientKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' #CephExternalMonHost: '172.16.1.7, 172.16.1.8' @@ -12,6 +15,7 @@ parameter_defaults: # the following parameters enable Ceph backends for Cinder, Glance, Gnocchi and Nova NovaEnableRbdBackend: true CinderEnableRbdBackend: true + CinderBackupBackend: ceph GlanceBackend: rbd GnocchiBackend: rbd # If the Ceph pools which host VMs, Volumes and Images do not match these @@ -25,3 +29,6 @@ parameter_defaults: # finally we disable the Cinder LVM backend CinderEnableIscsiBackend: false + + # Backward compatibility setting, will be removed in the future + CephAdminKey: '' diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index fad2b9ee..8cfbab6d 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -7,51 +7,12 @@ resource_registry: OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml # custom pacemaker services - # NOTE: For now we will need to specify overrides to all services - # which use pacemaker. In the future (with upcoming HA light work) this - # list will hopefully be much smaller however. - OS::TripleO::Services::CinderApi: ../puppet/services/pacemaker/cinder-api.yaml - OS::TripleO::Services::CinderScheduler: ../puppet/services/pacemaker/cinder-scheduler.yaml + # NOTE: Please before adding any pacemaker-managed services, get in touch + # with bandini, Ng or beekhof OS::TripleO::Services::CinderVolume: ../puppet/services/pacemaker/cinder-volume.yaml - OS::TripleO::Services::Core: ../puppet/services/pacemaker/core.yaml - OS::TripleO::Services::Keystone: ../puppet/services/pacemaker/keystone.yaml - OS::TripleO::Services::GlanceApi: ../puppet/services/pacemaker/glance-api.yaml - OS::TripleO::Services::GlanceRegistry: ../puppet/services/pacemaker/glance-registry.yaml - OS::TripleO::Services::HeatApi: ../puppet/services/pacemaker/heat-api.yaml - OS::TripleO::Services::HeatApiCfn: ../puppet/services/pacemaker/heat-api-cfn.yaml - OS::TripleO::Services::HeatApiCloudwatch: ../puppet/services/pacemaker/heat-api-cloudwatch.yaml - OS::TripleO::Services::HeatEngine: ../puppet/services/pacemaker/heat-engine.yaml - OS::TripleO::Services::NeutronDhcpAgent: ../puppet/services/pacemaker/neutron-dhcp.yaml - OS::TripleO::Services::NeutronL3Agent: ../puppet/services/pacemaker/neutron-l3.yaml - OS::TripleO::Services::NeutronMetadataAgent: ../puppet/services/pacemaker/neutron-metadata.yaml - OS::TripleO::Services::NeutronServer: ../puppet/services/pacemaker/neutron-server.yaml - OS::TripleO::Services::NeutronCorePlugin: ../puppet/services/pacemaker/neutron-plugin-ml2.yaml - # Neutron Core Plugin Vendors (these typically override NeutronCorePlugin) - OS::TripleO::Services::NeutronCorePluginPlumgrid: ../puppet/services/pacemaker/neutron-plugin-plumgrid.yaml - OS::TripleO::Services::NeutronCorePluginNuage: ../puppet/services/pacemaker/neutron-plugin-nuage.yaml - OS::TripleO::Services::NeutronCorePluginOpencontrail: ../puppet/services/pacemaker/neutron-plugin-opencontrail.yaml - OS::TripleO::Services::NeutronCorePluginMidonet: ../puppet/services/pacemaker/neutron-midonet.yaml - OS::TripleO::Services::NeutronOvsAgent: ../puppet/services/pacemaker/neutron-ovs-agent.yaml OS::TripleO::Services::RabbitMQ: ../puppet/services/pacemaker/rabbitmq.yaml OS::TripleO::Services::HAproxy: ../puppet/services/pacemaker/haproxy.yaml - OS::TripleO::Services::Memcached: ../puppet/services/pacemaker/memcached.yaml OS::TripleO::Services::Pacemaker: ../puppet/services/pacemaker.yaml OS::TripleO::Services::Redis: ../puppet/services/pacemaker/database/redis.yaml - OS::TripleO::Services::NovaConductor: ../puppet/services/pacemaker/nova-conductor.yaml - OS::TripleO::Services::MongoDb: ../puppet/services/pacemaker/database/mongodb.yaml - OS::TripleO::Services::NovaApi: ../puppet/services/pacemaker/nova-api.yaml - OS::TripleO::Services::NovaScheduler: ../puppet/services/pacemaker/nova-scheduler.yaml - OS::TripleO::Services::NovaConsoleauth: ../puppet/services/pacemaker/nova-consoleauth.yaml - OS::TripleO::Services::NovaVncproxy: ../puppet/services/pacemaker/nova-vncproxy.yaml - OS::TripleO::Services::CeilometerApi: ../puppet/services/pacemaker/ceilometer-api.yaml - OS::TripleO::Services::CeilometerCollector: ../puppet/services/pacemaker/ceilometer-collector.yaml - OS::TripleO::Services::CeilometerAgentCentral: ../puppet/services/pacemaker/ceilometer-agent-central.yaml - OS::TripleO::Services::CeilometerAgentNotification: ../puppet/services/pacemaker/ceilometer-agent-notification.yaml - #Gnocchi services - OS::TripleO::Services::GnocchiApi: ../puppet/services/pacemaker/gnocchi-api.yaml - OS::TripleO::Services::GnocchiMetricd: ../puppet/services/pacemaker/gnocchi-metricd.yaml - OS::TripleO::Services::GnocchiStatsd: ../puppet/services/pacemaker/gnocchi-statsd.yaml OS::TripleO::Services::MySQL: ../puppet/services/pacemaker/database/mysql.yaml - OS::TripleO::Services::Horizon: ../puppet/services/pacemaker/horizon.yaml # Services that are disabled by default (use relevant environment files): - OS::Tripleo::Services::ManilaShare: OS::Heat::None diff --git a/environments/puppet-tenant-vlan.yaml b/environments/puppet-tenant-vlan.yaml index ed948bc5..45d2117a 100644 --- a/environments/puppet-tenant-vlan.yaml +++ b/environments/puppet-tenant-vlan.yaml @@ -1,4 +1,4 @@ parameter_defaults: NeutronNetworkType: vlan - NeutronEnableTunnelling: false + NeutronTunnelTypes: '' NeutronNetworkVLANRanges: datacentre:1:1000 diff --git a/environments/services/ironic.yaml b/environments/services/ironic.yaml new file mode 100644 index 00000000..8359f4a7 --- /dev/null +++ b/environments/services/ironic.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml + OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml diff --git a/environments/services/mistral.yaml b/environments/services/mistral.yaml new file mode 100644 index 00000000..4e99fa01 --- /dev/null +++ b/environments/services/mistral.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml + OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml + OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml diff --git a/environments/services/sahara.yaml b/environments/services/sahara.yaml new file mode 100644 index 00000000..82205dd1 --- /dev/null +++ b/environments/services/sahara.yaml @@ -0,0 +1,3 @@ +resource_registry: + OS::TripleO::Services::SaharaApi: ../../puppet/services/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: ../../puppet/services/sahara-engine.yaml diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 0128cabd..8cf34622 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -14,6 +14,8 @@ parameter_defaults: CinderEnableIscsiBackend: false ## Whether to enable rbd (Ceph) backend for Cinder. CinderEnableRbdBackend: true + ## Cinder Backup backend can be either 'ceph' or 'swift'. + CinderBackupBackend: ceph ## Whether to enable NFS backend for Cinder. # CinderEnableNfsBackend: false ## Whether to enable rbd (Ceph) backend for Nova ephemeral storage. diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml new file mode 100644 index 00000000..7c8e850c --- /dev/null +++ b/environments/tls-endpoints-public-dns.yaml @@ -0,0 +1,52 @@ +# Use this environment when deploying an SSL-enabled overcloud where the public +# endpoint is a DNS name. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml new file mode 100644 index 00000000..80595c6c --- /dev/null +++ b/environments/tls-endpoints-public-ip.yaml @@ -0,0 +1,52 @@ +# Use this environment when deploying an SSL-enabled overcloud where the public +# endpoint is an IP address. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'} + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'} + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'} + HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'} + HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'} + ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml index a9fa2bea..a5075300 100644 --- a/environments/updates/update-from-keystone-admin-internal-api.yaml +++ b/environments/updates/update-from-keystone-admin-internal-api.yaml @@ -2,10 +2,10 @@ # Keystone Admin API service is running on the Internal API network parameter_defaults: - ServiceNetMap: + ServiceNetMapDefaults: NeutronTenantNetwork: tenant CeilometerApiNetwork: internal_api - MongoDbNetwork: internal_api + MongodbNetwork: internal_api CinderApiNetwork: internal_api CinderIscsiNetwork: storage GlanceApiNetwork: storage @@ -21,7 +21,7 @@ parameter_defaults: SwiftProxyNetwork: storage HorizonNetwork: internal_api MemcachedNetwork: internal_api - RabbitMqNetwork: internal_api + RabbitmqNetwork: internal_api RedisNetwork: internal_api MysqlNetwork: internal_api CephClusterNetwork: storage_mgmt diff --git a/environments/updates/update-from-overcloud-compute-hostnames.yaml b/environments/updates/update-from-overcloud-compute-hostnames.yaml new file mode 100644 index 00000000..f628f0de --- /dev/null +++ b/environments/updates/update-from-overcloud-compute-hostnames.yaml @@ -0,0 +1,2 @@ +parameter_defaults: + ComputeHostnameFormat: '%stackname%-compute-%index%' diff --git a/extraconfig/tasks/aodh_data_migration.sh b/extraconfig/tasks/aodh_data_migration.sh new file mode 100644 index 00000000..d4c29673 --- /dev/null +++ b/extraconfig/tasks/aodh_data_migration.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# +# This delivers the aodh data migration script to be invoked as part of the tripleo +# major upgrade workflow to migrate all the alarm data from mongodb to mysql. +# This needs to run post controller node upgrades so new aodh mysql db configured and +# running. +# +set -eu + +#Get existing mongodb connection +MONGO_DB_CONNECTION="$(crudini --get /etc/ceilometer/ceilometer.conf database connection)" + +# Get the aodh database string from hiera data +MYSQL_DB_CONNECTION="$(crudini --get /etc/aodh/aodh.conf database connection)" + +#Run migration +/usr/bin/aodh-data-migration --nosql-conn $MONGO_DB_CONNECTION --sql-conn $MYSQL_DB_CONNECTION + + diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh index 36d85444..d67d5a1a 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -50,7 +50,7 @@ if [ "$mariadb_do_major_upgrade" = "auto" ]; then DO_MYSQL_UPGRADE=0 fi echo "mysql upgrade required: $DO_MYSQL_UPGRADE" -elif [ "$mariadb_do_major_upgrade" = 0 ]; then +elif [ "$mariadb_do_major_upgrade" = "no" ]; then DO_MYSQL_UPGRADE=0 else DO_MYSQL_UPGRADE=1 diff --git a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh index 164269dc..7ed7012d 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh +++ b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh @@ -38,11 +38,11 @@ function is_mysql_upgrade_needed { fi local currentepoch=$(rpm -q --qf "%{epoch}" $name) - local currentversion=$(rpm -q --qf "%{version}" $name) + local currentversion=$(rpm -q --qf "%{version}" $name | cut -d. -f-2) local currentrelease=$(rpm -q --qf "%{release}" $name) local newoutput=$(repoquery -a --pkgnarrow=updates --qf "%{epoch} %{version} %{release}\n" $name) local newepoch=$(echo "$newoutput" | awk '{ print $1 }') - local newversion=$(echo "$newoutput" | awk '{ print $2 }') + local newversion=$(echo "$newoutput" | awk '{ print $2 }' | cut -d. -f-2) local newrelease=$(echo "$newoutput" | awk '{ print $3 }') # With this we trigger the dump restore/path if we change either epoch or @@ -56,64 +56,3 @@ function is_mysql_upgrade_needed { fi echo "1" } - -function add_missing_openstack_core_constraints { - # The CIBs are saved under /root as they might contain sensitive data - CIB="/root/migration.cib" - CIB_BACKUP="/root/backup.cib" - CIB_PUSH_NEEDED=n - - rm -f "$CIB" "$CIB_BACKUP" || /bin/true - pcs cluster cib "$CIB" - cp "$CIB" "$CIB_BACKUP" - - if ! pcs -f "$CIB" constraint --full | grep 'start openstack-sahara-api-clone then start openstack-sahara-engine-clone'; then - pcs -f "$CIB" constraint order start openstack-sahara-api-clone then start openstack-sahara-engine-clone - CIB_PUSH_NEEDED=y - fi - - if ! pcs -f "$CIB" constraint --full | grep 'start openstack-core-clone then start openstack-ceilometer-notification-clone'; then - pcs -f "$CIB" constraint order start openstack-core-clone then start openstack-ceilometer-notification-clone - CIB_PUSH_NEEDED=y - fi - - if ! pcs -f "$CIB" constraint --full | grep 'start openstack-aodh-evaluator-clone then start openstack-aodh-listener-clone'; then - pcs -f "$CIB" constraint order start openstack-aodh-evaluator-clone then start openstack-aodh-listener-clone - CIB_PUSH_NEEDED=y - fi - - if pcs -f "$CIB" constraint --full | grep 'start openstack-core-clone then start openstack-heat-api-clone'; then - CID=$(pcs -f "$CIB" constraint --full | grep 'start openstack-core-clone then start openstack-heat-api-clone' | sed -e 's/.*id\://g' -e 's/)//g') - pcs -f "$CIB" constraint remove $CID - CIB_PUSH_NEEDED=y - fi - - if [ "$CIB_PUSH_NEEDED" = 'y' ]; then - pcs cluster cib-push "$CIB" - fi -} - -function remove_ceilometer_alarm { - if pcs status | grep openstack-ceilometer-alarm; then - # Disable pacemaker resources for ceilometer-alarms - pcs resource disable openstack-ceilometer-alarm-evaluator - check_resource openstack-ceilometer-alarm-evaluator stopped 600 - pcs resource delete openstack-ceilometer-alarm-evaluator - pcs resource disable openstack-ceilometer-alarm-notifier - check_resource openstack-ceilometer-alarm-notifier stopped 600 - pcs resource delete openstack-ceilometer-alarm-notifier - - # remove constraints - pcs constraint remove ceilometer-delay-then-ceilometer-alarm-evaluator-constraint - pcs constraint remove ceilometer-alarm-evaluator-with-ceilometer-delay-colocation - pcs constraint remove ceilometer-alarm-evaluator-then-ceilometer-alarm-notifier-constraint - pcs constraint remove ceilometer-alarm-notifier-with-ceilometer-alarm-evaluator-colocation - pcs constraint remove ceilometer-alarm-notifier-then-ceilometer-notification-constraint - pcs constraint remove ceilometer-notification-with-ceilometer-alarm-notifier-colocation - - fi - - # uninstall openstack-ceilometer-alarm package - yum -y remove openstack-ceilometer-alarm - -} diff --git a/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml b/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml new file mode 100644 index 00000000..9414ac19 --- /dev/null +++ b/extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml @@ -0,0 +1,33 @@ +heat_template_version: 2014-10-16 + +description: > + Software-config for performing aodh data migration + +parameters: + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + input_values: + type: json + description: input values for the software deployments +resources: + + AodhMysqlMigrationScriptConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: aodh_data_migration.sh} + + AodhMysqlMigrationScriptDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: controller_servers} + config: {get_resource: AodhMysqlMigrationScriptConfig} + input_values: {get_param: input_values} diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index 93db8666..b414747f 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -38,6 +38,14 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number StorageNetworkVlanID: default: 30 description: Vlan ID for the storage network traffic. @@ -46,6 +54,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number ManagementNetworkVlanID: default: 60 description: Vlan ID for the management network traffic. @@ -57,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -123,6 +143,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -130,6 +152,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index bea98c19..5ee9ff09 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -38,6 +38,10 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -50,6 +54,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number ManagementNetworkVlanID: default: 60 description: Vlan ID for the management network traffic. @@ -61,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -134,6 +150,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -141,6 +159,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 774bf02d..19c011eb 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -38,6 +38,10 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -46,6 +50,10 @@ parameters: default: 30 description: Vlan ID for the storage network traffic. type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number TenantNetworkVlanID: default: 50 description: Vlan ID for the tenant network traffic. @@ -61,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -134,6 +150,8 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -141,6 +159,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml index d9532439..6242e2f8 100644 --- a/network/config/bond-with-vlans/controller-no-external.yaml +++ b/network/config/bond-with-vlans/controller-no-external.yaml @@ -62,10 +62,17 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -102,6 +109,9 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} - type: ovs_bridge name: {get_input: bridge_name} @@ -148,6 +158,8 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -155,6 +167,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml index 7869ebfc..71b7e1b1 100644 --- a/network/config/bond-with-vlans/controller-v6.yaml +++ b/network/config/bond-with-vlans/controller-v6.yaml @@ -64,10 +64,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -75,6 +71,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -106,6 +110,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -134,6 +139,7 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -166,6 +172,9 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: vlan # device: bond1 @@ -173,6 +182,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index d3627ead..9917f073 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -62,10 +62,17 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -158,6 +165,9 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: vlan # device: bond1 @@ -165,6 +175,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index de9121e5..4dd6628f 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -38,6 +38,10 @@ parameters: description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using this option. type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -50,6 +54,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number ManagementNetworkVlanID: default: 60 description: Vlan ID for the management network traffic. @@ -61,6 +69,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -134,6 +150,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # device: bond1 @@ -141,6 +159,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml index 84cb0f12..c31c6e65 100644 --- a/network/config/multiple-nics/ceph-storage.yaml +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -118,6 +122,8 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -125,6 +131,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml index 0b0218c5..4f8b7f64 100644 --- a/network/config/multiple-nics/cinder-storage.yaml +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -125,6 +129,8 @@ resources: - ip_netmask: {get_param: InternalApiIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -132,6 +138,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml index 97eef52b..77514745 100644 --- a/network/config/multiple-nics/compute.yaml +++ b/network/config/multiple-nics/compute.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -133,6 +137,8 @@ resources: # force the MAC address of the bridge to this interface primary: true # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -140,6 +146,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/controller-v6.yaml b/network/config/multiple-nics/controller-v6.yaml index b69879fb..da1f95f1 100644 --- a/network/config/multiple-nics/controller-v6.yaml +++ b/network/config/multiple-nics/controller-v6.yaml @@ -59,10 +59,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -70,6 +66,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -102,6 +106,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -150,6 +155,7 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -160,6 +166,9 @@ resources: # force the MAC address of the bridge to this interface primary: true # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: interface # name: nic7 @@ -167,6 +176,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml index 377fd116..7a1f9e5f 100644 --- a/network/config/multiple-nics/controller.yaml +++ b/network/config/multiple-nics/controller.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -155,6 +159,9 @@ resources: # force the MAC address of the bridge to this interface primary: true # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: interface # name: nic7 @@ -162,6 +169,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml index b75bbd6e..05083105 100644 --- a/network/config/multiple-nics/swift-storage.yaml +++ b/network/config/multiple-nics/swift-storage.yaml @@ -57,10 +57,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -68,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -125,6 +129,8 @@ resources: - ip_netmask: {get_param: InternalApiIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: interface # name: nic7 @@ -132,6 +138,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml index a46d7e20..fc8e8b6f 100644 --- a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml @@ -29,6 +29,18 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number StorageNetworkVlanID: default: 30 description: Vlan ID for the storage network traffic. @@ -37,6 +49,14 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -44,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -99,6 +127,20 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: br-storage + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml index 08613a3b..6fb247ed 100644 --- a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +49,14 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -48,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -110,6 +134,20 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: br-storage + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml index b6522c67..e31720d8 100644 --- a/network/config/single-nic-linux-bridge-vlans/compute.yaml +++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -37,10 +45,18 @@ parameters: default: 30 description: Vlan ID for the storage network traffic. type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number TenantNetworkVlanID: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -48,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -81,7 +105,6 @@ resources: ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} - - ip_netmask: 0.0.0.0/0 default: true next_hop: {get_param: ControlPlaneDefaultRoute} members: @@ -111,6 +134,20 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: {get_input: bridge_name} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml new file mode 100644 index 00000000..80125149 --- /dev/null +++ b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml @@ -0,0 +1,178 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure VLANs for the + controller role with IPv6 on the External network. The IPv6 default + route is on the External network, and the IPv4 default route is on + the Control Plane. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: linux_bridge + name: {get_input: bridge_name} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + members: + - + type: interface + name: {get_input: interface_name} + # force the MAC address of the bridge to this interface + primary: true + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + # IPv6 Default Route + - + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + vlan_id: {get_param: StorageMgmtNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: StorageMgmtIpSubnet} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + device: {get_input: bridge_name} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: {get_input: bridge_name} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml index 72105481..aef5d4e3 100644 --- a/network/config/single-nic-linux-bridge-vlans/controller.yaml +++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,10 +53,21 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -64,9 +79,6 @@ parameters: EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string resources: OsNetConfigImpl: @@ -92,8 +104,8 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - - ip_netmask: 0.0.0.0/0 default: true next_hop: {get_param: ControlPlaneDefaultRoute} members: @@ -110,8 +122,8 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - - ip_netmask: 0.0.0.0/0 default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} - @@ -142,6 +154,21 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: {get_input: bridge_name} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml index 962b9890..a5d2f966 100644 --- a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml +++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +49,14 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -48,6 +64,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -110,6 +134,20 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # device: br-storage + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml index 80bc32d3..6fa288af 100644 --- a/network/config/single-nic-vlans/ceph-storage.yaml +++ b/network/config/single-nic-vlans/ceph-storage.yaml @@ -52,6 +52,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -106,12 +114,18 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml index e509443a..d1135776 100644 --- a/network/config/single-nic-vlans/cinder-storage.yaml +++ b/network/config/single-nic-vlans/cinder-storage.yaml @@ -56,6 +56,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -116,12 +124,18 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml index 8cf6825d..bd3cef34 100644 --- a/network/config/single-nic-vlans/compute.yaml +++ b/network/config/single-nic-vlans/compute.yaml @@ -56,6 +56,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -116,12 +124,18 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller-no-external.yaml b/network/config/single-nic-vlans/controller-no-external.yaml index eb5e1e5a..8e8b0f5d 100644 --- a/network/config/single-nic-vlans/controller-no-external.yaml +++ b/network/config/single-nic-vlans/controller-no-external.yaml @@ -5,6 +5,10 @@ description: > controller role. No external IP is configured. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -53,10 +57,28 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string resources: OsNetConfigImpl: @@ -69,7 +91,22 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} - use_dhcp: true + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} members: - type: interface @@ -101,12 +138,18 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller-v6.yaml b/network/config/single-nic-vlans/controller-v6.yaml index 472e539d..ecbf2efb 100644 --- a/network/config/single-nic-vlans/controller-v6.yaml +++ b/network/config/single-nic-vlans/controller-v6.yaml @@ -59,10 +59,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -70,6 +66,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -102,6 +106,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -115,9 +120,10 @@ resources: type: vlan vlan_id: {get_param: ExternalNetworkVlanID} addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} + - + ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -145,12 +151,20 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} - #- # Uncomment when including environments/network-management.yaml + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index a5a0745d..c5979a89 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -57,10 +57,17 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -137,12 +144,20 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} - #- # Uncomment when including environments/network-management.yaml + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. + #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml index efc03393..7b06580c 100644 --- a/network/config/single-nic-vlans/swift-storage.yaml +++ b/network/config/single-nic-vlans/swift-storage.yaml @@ -56,6 +56,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -116,12 +124,18 @@ resources: - ip_netmask: {get_param: StorageMgmtIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. #- # type: vlan # vlan_id: {get_param: ManagementNetworkVlanID} # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py index d8cdee3d..3110f3f7 100755 --- a/network/endpoints/build_endpoint_map.py +++ b/network/endpoints/build_endpoint_map.py @@ -30,7 +30,9 @@ import yaml (IN_FILE, OUT_FILE) = ('endpoint_data.yaml', 'endpoint_map.yaml') SUBST = (SUBST_IP_ADDRESS, SUBST_CLOUDNAME) = ('IP_ADDRESS', 'CLOUDNAME') -PARAMS = (PARAM_CLOUDNAME, PARAM_ENDPOINTMAP) = ('CloudName', 'EndpointMap') +PARAMS = (PARAM_CLOUDNAME, PARAM_ENDPOINTMAP, PARAM_NETIPMAP, + PARAM_SERVICENETMAP) = ( + 'CloudName', 'EndpointMap', 'NetIpMap', 'ServiceNetMap') FIELDS = (F_PORT, F_PROTOCOL, F_HOST) = ('port', 'protocol', 'host') ENDPOINT_TYPES = frozenset(['Internal', 'Public', 'Admin']) @@ -56,16 +58,8 @@ def load_endpoint_data(infile=None): return yaml.safe_load(f) -def vip_param_name(endpoint_type_defn): - return endpoint_type_defn['vip_param'] + 'VirtualIP' - - -def vip_param_names(config): - def ep_types(svc): - return (v for k, v in svc.items() if k in ENDPOINT_TYPES or not k) - - return set(vip_param_name(defn) - for svc in config.values() for defn in ep_types(svc)) +def net_param_name(endpoint_type_defn): + return endpoint_type_defn['net_param'] + 'Network' def endpoint_map_default(config): @@ -91,9 +85,9 @@ def make_parameter(ptype, default, description=None): def template_parameters(config): - params = collections.OrderedDict((n, make_parameter('string', '')) - for n in sorted(vip_param_names(config))) - + params = collections.OrderedDict() + params[PARAM_NETIPMAP] = make_parameter('json', {}, 'The Net IP map') + params[PARAM_SERVICENETMAP] = make_parameter('json', {}, 'The Service Net map') params[PARAM_ENDPOINTMAP] = make_parameter('json', endpoint_map_default(config), 'Mapping of service endpoint ' @@ -111,7 +105,7 @@ def template_parameters(config): def template_output_definition(endpoint_name, endpoint_variant, endpoint_type, - vip_param, + net_param, uri_suffix=None, name_override=None): def extract_field(field): @@ -122,11 +116,29 @@ def template_output_definition(endpoint_name, port = extract_field(F_PORT) protocol = extract_field(F_PROTOCOL) + host_nobrackets = { + 'str_replace': collections.OrderedDict([ + ('template', extract_field(F_HOST)), + ('params', { + SUBST_IP_ADDRESS: {'get_param': + ['NetIpMap', + {'get_param': ['ServiceNetMap', + net_param]}]}, + SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, + }) + ]) + } host = { 'str_replace': collections.OrderedDict([ ('template', extract_field(F_HOST)), ('params', { - SUBST_IP_ADDRESS: {'get_param': vip_param}, + SUBST_IP_ADDRESS: {'get_param': + ['NetIpMap', + {'str_replace': + {'template': 'NETWORK_uri', + 'params': {'NETWORK': + {'get_param': ['ServiceNetMap', + net_param]}}}}]}, SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, }) ]) @@ -140,6 +152,7 @@ def template_output_definition(endpoint_name, endpoint_type) return name, { + 'host_nobrackets': host_nobrackets, 'host': host, 'port': extract_field('port'), 'protocol': extract_field('protocol'), @@ -160,10 +173,9 @@ def template_endpoint_items(config): {'': None}).items(): name_override = defn.get('names', {}).get(variant) yield template_output_definition(ep_name, variant, ep_type, - vip_param_name(defn), + net_param_name(defn), suffix, name_override) - return itertools.chain.from_iterable(sorted(get_svc_endpoints(ep_name, svc)) for (ep_name, diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index 363950d1..84b03c7e 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -3,108 +3,105 @@ Aodh: Internal: - vip_param: AodhApi + net_param: AodhApi Public: - vip_param: Public + net_param: Public Admin: - vip_param: AodhApi + net_param: AodhApi port: 8042 Ceilometer: Internal: - vip_param: CeilometerApi + net_param: CeilometerApi Public: - vip_param: Public + net_param: Public Admin: - vip_param: CeilometerApi + net_param: CeilometerApi port: 8777 Gnocchi: Internal: - vip_param: GnocchiApi + net_param: GnocchiApi Public: - vip_param: Public + net_param: Public Admin: - vip_param: GnocchiApi + net_param: GnocchiApi port: 8041 Cinder: Internal: - vip_param: CinderApi + net_param: CinderApi uri_suffixes: '': /v1/%(tenant_id)s V2: /v2/%(tenant_id)s + V3: /v3/%(tenant_id)s Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v1/%(tenant_id)s V2: /v2/%(tenant_id)s + V3: /v3/%(tenant_id)s Admin: - vip_param: CinderApi + net_param: CinderApi uri_suffixes: '': /v1/%(tenant_id)s V2: /v2/%(tenant_id)s + V3: /v3/%(tenant_id)s port: 8776 Glance: Internal: - vip_param: GlanceApi + net_param: GlanceApi Public: - vip_param: Public + net_param: Public Admin: - vip_param: GlanceApi + net_param: GlanceApi port: 9292 GlanceRegistry: Internal: - vip_param: GlanceRegistry + net_param: GlanceRegistry port: 9191 Mysql: Internal: - vip_param: Mysql - protocol: mysql+pymysql - port: 3306 - -MysqlNoBrackets: - Internal: - vip_param: MysqlNoBrackets + net_param: Mysql protocol: mysql+pymysql port: 3306 Heat: Internal: - vip_param: HeatApi + net_param: HeatApi uri_suffixes: '': /v1/%(tenant_id)s Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v1/%(tenant_id)s Admin: - vip_param: HeatApi + net_param: HeatApi uri_suffixes: '': /v1/%(tenant_id)s port: 8004 HeatCfn: Internal: - vip_param: HeatApi + net_param: HeatApi uri_suffixes: '': /v1 Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v1 Admin: - vip_param: HeatApi + net_param: HeatApi uri_suffixes: '': /v1 port: 8000 Horizon: Public: - vip_param: Public + net_param: Public uri_suffixes: '': /dashboard port: 80 @@ -113,7 +110,7 @@ Horizon: # Required for https://bugs.launchpad.net/puppet-nova/+bug/1542486 Keystone: Internal: - vip_param: KeystonePublicApi + net_param: KeystonePublicApi uri_suffixes: '': /v2.0 EC2: /v2.0/ec2tokens @@ -121,12 +118,12 @@ Keystone: names: EC2: KeystoneEC2 Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v2.0 V3: /v3 Admin: - vip_param: KeystoneAdminApi + net_param: KeystoneAdminApi uri_suffixes: '': /v2.0 V3: /v3 @@ -135,65 +132,68 @@ Keystone: Manila: Internal: - vip_param: ManilaApi + net_param: ManilaApi uri_suffixes: '': /v2/%(tenant_id)s + V1: /v1/%(tenant_id)s Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v2/%(tenant_id)s + V1: /v1/%(tenant_id)s Admin: - vip_param: ManilaApi + net_param: ManilaApi uri_suffixes: '': /v2/%(tenant_id)s + V1: /v1/%(tenant_id)s port: 8786 Neutron: Internal: - vip_param: NeutronApi + net_param: NeutronApi Public: - vip_param: Public + net_param: Public Admin: - vip_param: NeutronApi + net_param: NeutronApi port: 9696 Nova: Internal: - vip_param: NovaApi + net_param: NovaApi uri_suffixes: '': /v2.1 Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v2.1 Admin: - vip_param: NovaApi + net_param: NovaApi uri_suffixes: '': /v2.1 port: 8774 NovaVNCProxy: Internal: - vip_param: NovaApi + net_param: NovaApi Public: - vip_param: Public + net_param: Public Admin: - vip_param: NovaApi + net_param: NovaApi port: 6080 Swift: Internal: - vip_param: SwiftProxy + net_param: SwiftProxy uri_suffixes: '': /v1/AUTH_%(tenant_id)s S3: Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v1/AUTH_%(tenant_id)s S3: Admin: - vip_param: SwiftProxy + net_param: SwiftProxy uri_suffixes: '': S3: @@ -201,30 +201,30 @@ Swift: Sahara: Internal: - vip_param: SaharaApi + net_param: SaharaApi uri_suffixes: '': /v1.1/%(tenant_id)s Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v1.1/%(tenant_id)s Admin: - vip_param: SaharaApi + net_param: SaharaApi uri_suffixes: '': /v1.1/%(tenant_id)s port: 8386 Ironic: Internal: - vip_param: IronicApi + net_param: IronicApi uri_suffixes: '': /v1 Public: - vip_param: Public + net_param: Public uri_suffixes: '': /v1 Admin: - vip_param: IronicApi + net_param: IronicApi uri_suffixes: '': /v1 port: 6385 diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index 98dad250..d0553117 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -8,24 +8,14 @@ description: A map of OpenStack endpoints. Since the endpoints are URLs, parameters come from net_ip_uri_map, which will include these brackets in IPv6 addresses. parameters: - AodhApiVirtualIP: {type: string, default: ''} - CeilometerApiVirtualIP: {type: string, default: ''} - CinderApiVirtualIP: {type: string, default: ''} - GlanceApiVirtualIP: {type: string, default: ''} - GlanceRegistryVirtualIP: {type: string, default: ''} - GnocchiApiVirtualIP: {type: string, default: ''} - HeatApiVirtualIP: {type: string, default: ''} - IronicApiVirtualIP: {type: string, default: ''} - KeystoneAdminApiVirtualIP: {type: string, default: ''} - KeystonePublicApiVirtualIP: {type: string, default: ''} - MysqlNoBracketsVirtualIP: {type: string, default: ''} - ManilaApiVirtualIP: {type: string, default: ''} - MysqlVirtualIP: {type: string, default: ''} - NeutronApiVirtualIP: {type: string, default: ''} - NovaApiVirtualIP: {type: string, default: ''} - PublicVirtualIP: {type: string, default: ''} - SaharaApiVirtualIP: {type: string, default: ''} - SwiftProxyVirtualIP: {type: string, default: ''} + NetIpMap: + type: json + default: {} + description: The Net IP map + ServiceNetMap: + type: json + default: {} + description: The Service Net map EndpointMap: type: json default: @@ -62,8 +52,6 @@ parameters: ManilaInternal: {protocol: http, port: '8786', host: IP_ADDRESS} ManilaPublic: {protocol: http, port: '8786', host: IP_ADDRESS} MysqlInternal: {protocol: mysql+pymysql, port: '3306', host: IP_ADDRESS} - MysqlNoBracketsInternal: {protocol: mysql+pymysql, port: '3306', - host: IP_ADDRESS} NeutronAdmin: {protocol: http, port: '9696', host: IP_ADDRESS} NeutronInternal: {protocol: http, port: '9696', host: IP_ADDRESS} NeutronPublic: {protocol: http, port: '9696', host: IP_ADDRESS} @@ -93,7 +81,24 @@ outputs: get_param: [EndpointMap, AodhAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: AodhApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, AodhApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, AodhAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, AodhApiNetwork] port: get_param: [EndpointMap, AodhAdmin, port] protocol: @@ -108,7 +113,14 @@ outputs: get_param: [EndpointMap, AodhAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: AodhApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, AodhApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, AodhAdmin, port] uri_no_suffix: @@ -121,7 +133,14 @@ outputs: get_param: [EndpointMap, AodhAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: AodhApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, AodhApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, AodhAdmin, port] AodhInternal: @@ -131,7 +150,24 @@ outputs: get_param: [EndpointMap, AodhInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: AodhApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, AodhApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, AodhInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, AodhApiNetwork] port: get_param: [EndpointMap, AodhInternal, port] protocol: @@ -146,7 +182,14 @@ outputs: get_param: [EndpointMap, AodhInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: AodhApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, AodhApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, AodhInternal, port] uri_no_suffix: @@ -159,7 +202,14 @@ outputs: get_param: [EndpointMap, AodhInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: AodhApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, AodhApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, AodhInternal, port] AodhPublic: @@ -169,7 +219,24 @@ outputs: get_param: [EndpointMap, AodhPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, AodhPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, AodhPublic, port] protocol: @@ -184,7 +251,14 @@ outputs: get_param: [EndpointMap, AodhPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, AodhPublic, port] uri_no_suffix: @@ -197,7 +271,14 @@ outputs: get_param: [EndpointMap, AodhPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, AodhPublic, port] CeilometerAdmin: @@ -207,7 +288,24 @@ outputs: get_param: [EndpointMap, CeilometerAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CeilometerApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CeilometerAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CeilometerApiNetwork] port: get_param: [EndpointMap, CeilometerAdmin, port] protocol: @@ -222,7 +320,14 @@ outputs: get_param: [EndpointMap, CeilometerAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CeilometerApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerAdmin, port] uri_no_suffix: @@ -235,7 +340,14 @@ outputs: get_param: [EndpointMap, CeilometerAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CeilometerApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerAdmin, port] CeilometerInternal: @@ -245,7 +357,24 @@ outputs: get_param: [EndpointMap, CeilometerInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CeilometerApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CeilometerInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CeilometerApiNetwork] port: get_param: [EndpointMap, CeilometerInternal, port] protocol: @@ -260,7 +389,14 @@ outputs: get_param: [EndpointMap, CeilometerInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CeilometerApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerInternal, port] uri_no_suffix: @@ -273,7 +409,14 @@ outputs: get_param: [EndpointMap, CeilometerInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CeilometerApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CeilometerApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerInternal, port] CeilometerPublic: @@ -283,7 +426,24 @@ outputs: get_param: [EndpointMap, CeilometerPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CeilometerPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, CeilometerPublic, port] protocol: @@ -298,7 +458,14 @@ outputs: get_param: [EndpointMap, CeilometerPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerPublic, port] uri_no_suffix: @@ -311,7 +478,14 @@ outputs: get_param: [EndpointMap, CeilometerPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CeilometerPublic, port] CinderAdmin: @@ -321,7 +495,24 @@ outputs: get_param: [EndpointMap, CinderAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CinderApiNetwork] port: get_param: [EndpointMap, CinderAdmin, port] protocol: @@ -336,7 +527,14 @@ outputs: get_param: [EndpointMap, CinderAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderAdmin, port] - /v1/%(tenant_id)s @@ -350,7 +548,14 @@ outputs: get_param: [EndpointMap, CinderAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderAdmin, port] CinderInternal: @@ -360,7 +565,24 @@ outputs: get_param: [EndpointMap, CinderInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CinderApiNetwork] port: get_param: [EndpointMap, CinderInternal, port] protocol: @@ -375,7 +597,14 @@ outputs: get_param: [EndpointMap, CinderInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderInternal, port] - /v1/%(tenant_id)s @@ -389,7 +618,14 @@ outputs: get_param: [EndpointMap, CinderInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderInternal, port] CinderPublic: @@ -399,7 +635,24 @@ outputs: get_param: [EndpointMap, CinderPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, CinderPublic, port] protocol: @@ -414,7 +667,14 @@ outputs: get_param: [EndpointMap, CinderPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderPublic, port] - /v1/%(tenant_id)s @@ -428,7 +688,14 @@ outputs: get_param: [EndpointMap, CinderPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderPublic, port] CinderV2Admin: @@ -438,7 +705,24 @@ outputs: get_param: [EndpointMap, CinderAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CinderApiNetwork] port: get_param: [EndpointMap, CinderAdmin, port] protocol: @@ -453,7 +737,14 @@ outputs: get_param: [EndpointMap, CinderAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderAdmin, port] - /v2/%(tenant_id)s @@ -467,7 +758,14 @@ outputs: get_param: [EndpointMap, CinderAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderAdmin, port] CinderV2Internal: @@ -477,7 +775,24 @@ outputs: get_param: [EndpointMap, CinderInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CinderApiNetwork] port: get_param: [EndpointMap, CinderInternal, port] protocol: @@ -492,7 +807,14 @@ outputs: get_param: [EndpointMap, CinderInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderInternal, port] - /v2/%(tenant_id)s @@ -506,7 +828,14 @@ outputs: get_param: [EndpointMap, CinderInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: CinderApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderInternal, port] CinderV2Public: @@ -516,7 +845,24 @@ outputs: get_param: [EndpointMap, CinderPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, CinderPublic, port] protocol: @@ -531,7 +877,14 @@ outputs: get_param: [EndpointMap, CinderPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderPublic, port] - /v2/%(tenant_id)s @@ -545,7 +898,224 @@ outputs: get_param: [EndpointMap, CinderPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CinderPublic, port] + CinderV3Admin: + host: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CinderApiNetwork] + port: + get_param: [EndpointMap, CinderAdmin, port] + protocol: + get_param: [EndpointMap, CinderAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + - /v3/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CinderAdmin, port] + CinderV3Internal: + host: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, CinderApiNetwork] + port: + get_param: [EndpointMap, CinderInternal, port] + protocol: + get_param: [EndpointMap, CinderInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CinderInternal, port] + - /v3/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, CinderApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CinderInternal, port] + CinderV3Public: + host: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] + port: + get_param: [EndpointMap, CinderPublic, port] + protocol: + get_param: [EndpointMap, CinderPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, CinderPublic, port] + - /v3/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, CinderPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, CinderPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, CinderPublic, port] GlanceAdmin: @@ -555,7 +1125,24 @@ outputs: get_param: [EndpointMap, GlanceAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GlanceAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, GlanceApiNetwork] port: get_param: [EndpointMap, GlanceAdmin, port] protocol: @@ -570,7 +1157,14 @@ outputs: get_param: [EndpointMap, GlanceAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlanceAdmin, port] uri_no_suffix: @@ -583,7 +1177,14 @@ outputs: get_param: [EndpointMap, GlanceAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlanceAdmin, port] GlanceInternal: @@ -593,7 +1194,24 @@ outputs: get_param: [EndpointMap, GlanceInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GlanceInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, GlanceApiNetwork] port: get_param: [EndpointMap, GlanceInternal, port] protocol: @@ -608,7 +1226,14 @@ outputs: get_param: [EndpointMap, GlanceInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlanceInternal, port] uri_no_suffix: @@ -621,7 +1246,14 @@ outputs: get_param: [EndpointMap, GlanceInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlanceInternal, port] GlancePublic: @@ -631,7 +1263,24 @@ outputs: get_param: [EndpointMap, GlancePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GlancePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, GlancePublic, port] protocol: @@ -646,7 +1295,14 @@ outputs: get_param: [EndpointMap, GlancePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlancePublic, port] uri_no_suffix: @@ -659,7 +1315,14 @@ outputs: get_param: [EndpointMap, GlancePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlancePublic, port] GlanceRegistryInternal: @@ -669,7 +1332,24 @@ outputs: get_param: [EndpointMap, GlanceRegistryInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceRegistryNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GlanceRegistryInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, GlanceRegistryNetwork] port: get_param: [EndpointMap, GlanceRegistryInternal, port] protocol: @@ -684,7 +1364,14 @@ outputs: get_param: [EndpointMap, GlanceRegistryInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceRegistryNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlanceRegistryInternal, port] uri_no_suffix: @@ -697,7 +1384,14 @@ outputs: get_param: [EndpointMap, GlanceRegistryInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GlanceRegistryNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GlanceRegistryInternal, port] GnocchiAdmin: @@ -707,7 +1401,24 @@ outputs: get_param: [EndpointMap, GnocchiAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GnocchiApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GnocchiApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GnocchiAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, GnocchiApiNetwork] port: get_param: [EndpointMap, GnocchiAdmin, port] protocol: @@ -722,7 +1433,14 @@ outputs: get_param: [EndpointMap, GnocchiAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GnocchiApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GnocchiApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GnocchiAdmin, port] uri_no_suffix: @@ -735,7 +1453,14 @@ outputs: get_param: [EndpointMap, GnocchiAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GnocchiApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GnocchiApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GnocchiAdmin, port] GnocchiInternal: @@ -745,7 +1470,24 @@ outputs: get_param: [EndpointMap, GnocchiInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GnocchiApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GnocchiApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GnocchiInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, GnocchiApiNetwork] port: get_param: [EndpointMap, GnocchiInternal, port] protocol: @@ -760,7 +1502,14 @@ outputs: get_param: [EndpointMap, GnocchiInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GnocchiApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GnocchiApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GnocchiInternal, port] uri_no_suffix: @@ -773,7 +1522,14 @@ outputs: get_param: [EndpointMap, GnocchiInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GnocchiApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, GnocchiApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GnocchiInternal, port] GnocchiPublic: @@ -783,7 +1539,24 @@ outputs: get_param: [EndpointMap, GnocchiPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, GnocchiPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, GnocchiPublic, port] protocol: @@ -798,7 +1571,14 @@ outputs: get_param: [EndpointMap, GnocchiPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GnocchiPublic, port] uri_no_suffix: @@ -811,7 +1591,14 @@ outputs: get_param: [EndpointMap, GnocchiPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, GnocchiPublic, port] HeatAdmin: @@ -821,7 +1608,24 @@ outputs: get_param: [EndpointMap, HeatAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HeatAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, HeatApiNetwork] port: get_param: [EndpointMap, HeatAdmin, port] protocol: @@ -836,7 +1640,14 @@ outputs: get_param: [EndpointMap, HeatAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatAdmin, port] - /v1/%(tenant_id)s @@ -850,7 +1661,14 @@ outputs: get_param: [EndpointMap, HeatAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatAdmin, port] HeatInternal: @@ -860,7 +1678,24 @@ outputs: get_param: [EndpointMap, HeatInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HeatInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, HeatApiNetwork] port: get_param: [EndpointMap, HeatInternal, port] protocol: @@ -875,7 +1710,14 @@ outputs: get_param: [EndpointMap, HeatInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatInternal, port] - /v1/%(tenant_id)s @@ -889,7 +1731,14 @@ outputs: get_param: [EndpointMap, HeatInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatInternal, port] HeatPublic: @@ -899,7 +1748,24 @@ outputs: get_param: [EndpointMap, HeatPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HeatPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, HeatPublic, port] protocol: @@ -914,7 +1780,14 @@ outputs: get_param: [EndpointMap, HeatPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatPublic, port] - /v1/%(tenant_id)s @@ -928,7 +1801,14 @@ outputs: get_param: [EndpointMap, HeatPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatPublic, port] HeatCfnAdmin: @@ -938,7 +1818,24 @@ outputs: get_param: [EndpointMap, HeatCfnAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HeatCfnAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, HeatApiNetwork] port: get_param: [EndpointMap, HeatCfnAdmin, port] protocol: @@ -953,7 +1850,14 @@ outputs: get_param: [EndpointMap, HeatCfnAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatCfnAdmin, port] - /v1 @@ -967,7 +1871,14 @@ outputs: get_param: [EndpointMap, HeatCfnAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatCfnAdmin, port] HeatCfnInternal: @@ -977,7 +1888,24 @@ outputs: get_param: [EndpointMap, HeatCfnInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HeatCfnInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, HeatApiNetwork] port: get_param: [EndpointMap, HeatCfnInternal, port] protocol: @@ -992,7 +1920,14 @@ outputs: get_param: [EndpointMap, HeatCfnInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatCfnInternal, port] - /v1 @@ -1006,7 +1941,14 @@ outputs: get_param: [EndpointMap, HeatCfnInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: HeatApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, HeatApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatCfnInternal, port] HeatCfnPublic: @@ -1016,7 +1958,24 @@ outputs: get_param: [EndpointMap, HeatCfnPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HeatCfnPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, HeatCfnPublic, port] protocol: @@ -1031,7 +1990,14 @@ outputs: get_param: [EndpointMap, HeatCfnPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatCfnPublic, port] - /v1 @@ -1045,7 +2011,14 @@ outputs: get_param: [EndpointMap, HeatCfnPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HeatCfnPublic, port] HorizonPublic: @@ -1055,7 +2028,24 @@ outputs: get_param: [EndpointMap, HorizonPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, HorizonPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, HorizonPublic, port] protocol: @@ -1070,7 +2060,14 @@ outputs: get_param: [EndpointMap, HorizonPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HorizonPublic, port] - /dashboard @@ -1084,7 +2081,14 @@ outputs: get_param: [EndpointMap, HorizonPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, HorizonPublic, port] IronicAdmin: @@ -1094,7 +2098,24 @@ outputs: get_param: [EndpointMap, IronicAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: IronicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, IronicApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, IronicApiNetwork] port: get_param: [EndpointMap, IronicAdmin, port] protocol: @@ -1109,7 +2130,14 @@ outputs: get_param: [EndpointMap, IronicAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: IronicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, IronicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, IronicAdmin, port] - /v1 @@ -1123,7 +2151,14 @@ outputs: get_param: [EndpointMap, IronicAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: IronicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, IronicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, IronicAdmin, port] IronicInternal: @@ -1133,7 +2168,24 @@ outputs: get_param: [EndpointMap, IronicInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: IronicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, IronicApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, IronicApiNetwork] port: get_param: [EndpointMap, IronicInternal, port] protocol: @@ -1148,7 +2200,14 @@ outputs: get_param: [EndpointMap, IronicInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: IronicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, IronicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, IronicInternal, port] - /v1 @@ -1162,7 +2221,14 @@ outputs: get_param: [EndpointMap, IronicInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: IronicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, IronicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, IronicInternal, port] IronicPublic: @@ -1172,7 +2238,24 @@ outputs: get_param: [EndpointMap, IronicPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, IronicPublic, port] protocol: @@ -1187,7 +2270,14 @@ outputs: get_param: [EndpointMap, IronicPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, IronicPublic, port] - /v1 @@ -1201,7 +2291,14 @@ outputs: get_param: [EndpointMap, IronicPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, IronicPublic, port] KeystoneAdmin: @@ -1211,7 +2308,24 @@ outputs: get_param: [EndpointMap, KeystoneAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystoneAdminApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystoneAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] port: get_param: [EndpointMap, KeystoneAdmin, port] protocol: @@ -1226,7 +2340,14 @@ outputs: get_param: [EndpointMap, KeystoneAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystoneAdminApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneAdmin, port] - /v2.0 @@ -1240,7 +2361,14 @@ outputs: get_param: [EndpointMap, KeystoneAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystoneAdminApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneAdmin, port] KeystoneEC2: @@ -1250,7 +2378,24 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] port: get_param: [EndpointMap, KeystoneInternal, port] protocol: @@ -1265,7 +2410,14 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneInternal, port] - /v2.0/ec2tokens @@ -1279,7 +2431,14 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneInternal, port] KeystoneInternal: @@ -1289,7 +2448,24 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] port: get_param: [EndpointMap, KeystoneInternal, port] protocol: @@ -1304,7 +2480,14 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneInternal, port] - /v2.0 @@ -1318,7 +2501,14 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneInternal, port] KeystonePublic: @@ -1328,7 +2518,24 @@ outputs: get_param: [EndpointMap, KeystonePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystonePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, KeystonePublic, port] protocol: @@ -1343,7 +2550,14 @@ outputs: get_param: [EndpointMap, KeystonePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystonePublic, port] - /v2.0 @@ -1357,7 +2571,14 @@ outputs: get_param: [EndpointMap, KeystonePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystonePublic, port] KeystoneV3Admin: @@ -1367,7 +2588,24 @@ outputs: get_param: [EndpointMap, KeystoneAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystoneAdminApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystoneAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] port: get_param: [EndpointMap, KeystoneAdmin, port] protocol: @@ -1382,7 +2620,14 @@ outputs: get_param: [EndpointMap, KeystoneAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystoneAdminApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneAdmin, port] - /v3 @@ -1396,7 +2641,14 @@ outputs: get_param: [EndpointMap, KeystoneAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystoneAdminApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystoneAdminApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneAdmin, port] KeystoneV3Internal: @@ -1406,7 +2658,24 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystoneInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] port: get_param: [EndpointMap, KeystoneInternal, port] protocol: @@ -1421,7 +2690,14 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneInternal, port] - /v3 @@ -1435,7 +2711,14 @@ outputs: get_param: [EndpointMap, KeystoneInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: KeystonePublicApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, KeystonePublicApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystoneInternal, port] KeystoneV3Public: @@ -1445,7 +2728,24 @@ outputs: get_param: [EndpointMap, KeystonePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, KeystonePublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, KeystonePublic, port] protocol: @@ -1460,7 +2760,14 @@ outputs: get_param: [EndpointMap, KeystonePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystonePublic, port] - /v3 @@ -1474,7 +2781,14 @@ outputs: get_param: [EndpointMap, KeystonePublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, KeystonePublic, port] ManilaAdmin: @@ -1484,7 +2798,24 @@ outputs: get_param: [EndpointMap, ManilaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: ManilaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, ManilaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, ManilaApiNetwork] port: get_param: [EndpointMap, ManilaAdmin, port] protocol: @@ -1499,7 +2830,14 @@ outputs: get_param: [EndpointMap, ManilaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: ManilaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, ManilaAdmin, port] - /v2/%(tenant_id)s @@ -1513,7 +2851,14 @@ outputs: get_param: [EndpointMap, ManilaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: ManilaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, ManilaAdmin, port] ManilaInternal: @@ -1523,7 +2868,24 @@ outputs: get_param: [EndpointMap, ManilaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: ManilaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, ManilaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, ManilaApiNetwork] port: get_param: [EndpointMap, ManilaInternal, port] protocol: @@ -1538,7 +2900,14 @@ outputs: get_param: [EndpointMap, ManilaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: ManilaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, ManilaInternal, port] - /v2/%(tenant_id)s @@ -1552,7 +2921,14 @@ outputs: get_param: [EndpointMap, ManilaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: ManilaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, ManilaInternal, port] ManilaPublic: @@ -1562,7 +2938,24 @@ outputs: get_param: [EndpointMap, ManilaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, ManilaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, ManilaPublic, port] protocol: @@ -1577,7 +2970,14 @@ outputs: get_param: [EndpointMap, ManilaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, ManilaPublic, port] - /v2/%(tenant_id)s @@ -1591,85 +2991,295 @@ outputs: get_param: [EndpointMap, ManilaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, ManilaPublic, port] - MysqlInternal: + ManilaV1Admin: host: str_replace: template: - get_param: [EndpointMap, MysqlInternal, host] + get_param: [EndpointMap, ManilaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, ManilaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: MysqlVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, ManilaApiNetwork] port: - get_param: [EndpointMap, MysqlInternal, port] + get_param: [EndpointMap, ManilaAdmin, port] protocol: - get_param: [EndpointMap, MysqlInternal, protocol] + get_param: [EndpointMap, ManilaAdmin, protocol] uri: list_join: - '' - - - get_param: [EndpointMap, MysqlInternal, protocol] + - - get_param: [EndpointMap, ManilaAdmin, protocol] - :// - str_replace: template: - get_param: [EndpointMap, MysqlInternal, host] + get_param: [EndpointMap, ManilaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: MysqlVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri - ':' - - get_param: [EndpointMap, MysqlInternal, port] + - get_param: [EndpointMap, ManilaAdmin, port] + - /v1/%(tenant_id)s uri_no_suffix: list_join: - '' - - - get_param: [EndpointMap, MysqlInternal, protocol] + - - get_param: [EndpointMap, ManilaAdmin, protocol] - :// - str_replace: template: - get_param: [EndpointMap, MysqlInternal, host] + get_param: [EndpointMap, ManilaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: MysqlVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri - ':' - - get_param: [EndpointMap, MysqlInternal, port] - MysqlNoBracketsInternal: + - get_param: [EndpointMap, ManilaAdmin, port] + ManilaV1Internal: + host: + str_replace: + template: + get_param: [EndpointMap, ManilaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, ManilaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, ManilaApiNetwork] + port: + get_param: [EndpointMap, ManilaInternal, port] + protocol: + get_param: [EndpointMap, ManilaInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, ManilaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, ManilaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, ManilaInternal, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, ManilaInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, ManilaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, ManilaApiNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, ManilaInternal, port] + ManilaV1Public: + host: + str_replace: + template: + get_param: [EndpointMap, ManilaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, ManilaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] + port: + get_param: [EndpointMap, ManilaPublic, port] + protocol: + get_param: [EndpointMap, ManilaPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, ManilaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, ManilaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, ManilaPublic, port] + - /v1/%(tenant_id)s + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, ManilaPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, ManilaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + - ':' + - get_param: [EndpointMap, ManilaPublic, port] + MysqlInternal: host: str_replace: template: - get_param: [EndpointMap, MysqlNoBracketsInternal, host] + get_param: [EndpointMap, MysqlInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, MysqlNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, MysqlInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: MysqlNoBracketsVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, MysqlNetwork] port: - get_param: [EndpointMap, MysqlNoBracketsInternal, port] + get_param: [EndpointMap, MysqlInternal, port] protocol: - get_param: [EndpointMap, MysqlNoBracketsInternal, protocol] + get_param: [EndpointMap, MysqlInternal, protocol] uri: list_join: - '' - - - get_param: [EndpointMap, MysqlNoBracketsInternal, protocol] + - - get_param: [EndpointMap, MysqlInternal, protocol] - :// - str_replace: template: - get_param: [EndpointMap, MysqlNoBracketsInternal, host] + get_param: [EndpointMap, MysqlInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: MysqlNoBracketsVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, MysqlNetwork] + template: NETWORK_uri - ':' - - get_param: [EndpointMap, MysqlNoBracketsInternal, port] + - get_param: [EndpointMap, MysqlInternal, port] uri_no_suffix: list_join: - '' - - - get_param: [EndpointMap, MysqlNoBracketsInternal, protocol] + - - get_param: [EndpointMap, MysqlInternal, protocol] - :// - str_replace: template: - get_param: [EndpointMap, MysqlNoBracketsInternal, host] + get_param: [EndpointMap, MysqlInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: MysqlNoBracketsVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, MysqlNetwork] + template: NETWORK_uri - ':' - - get_param: [EndpointMap, MysqlNoBracketsInternal, port] + - get_param: [EndpointMap, MysqlInternal, port] NeutronAdmin: host: str_replace: @@ -1677,7 +3287,24 @@ outputs: get_param: [EndpointMap, NeutronAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NeutronApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NeutronApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NeutronAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, NeutronApiNetwork] port: get_param: [EndpointMap, NeutronAdmin, port] protocol: @@ -1692,7 +3319,14 @@ outputs: get_param: [EndpointMap, NeutronAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NeutronApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NeutronApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NeutronAdmin, port] uri_no_suffix: @@ -1705,7 +3339,14 @@ outputs: get_param: [EndpointMap, NeutronAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NeutronApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NeutronApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NeutronAdmin, port] NeutronInternal: @@ -1715,7 +3356,24 @@ outputs: get_param: [EndpointMap, NeutronInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NeutronApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NeutronApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NeutronInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, NeutronApiNetwork] port: get_param: [EndpointMap, NeutronInternal, port] protocol: @@ -1730,7 +3388,14 @@ outputs: get_param: [EndpointMap, NeutronInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NeutronApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NeutronApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NeutronInternal, port] uri_no_suffix: @@ -1743,7 +3408,14 @@ outputs: get_param: [EndpointMap, NeutronInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NeutronApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NeutronApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NeutronInternal, port] NeutronPublic: @@ -1753,7 +3425,24 @@ outputs: get_param: [EndpointMap, NeutronPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NeutronPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, NeutronPublic, port] protocol: @@ -1768,7 +3457,14 @@ outputs: get_param: [EndpointMap, NeutronPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NeutronPublic, port] uri_no_suffix: @@ -1781,7 +3477,14 @@ outputs: get_param: [EndpointMap, NeutronPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NeutronPublic, port] NovaAdmin: @@ -1791,7 +3494,24 @@ outputs: get_param: [EndpointMap, NovaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NovaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, NovaApiNetwork] port: get_param: [EndpointMap, NovaAdmin, port] protocol: @@ -1806,7 +3526,14 @@ outputs: get_param: [EndpointMap, NovaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaAdmin, port] - /v2.1 @@ -1820,7 +3547,14 @@ outputs: get_param: [EndpointMap, NovaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaAdmin, port] NovaInternal: @@ -1830,7 +3564,24 @@ outputs: get_param: [EndpointMap, NovaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NovaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, NovaApiNetwork] port: get_param: [EndpointMap, NovaInternal, port] protocol: @@ -1845,7 +3596,14 @@ outputs: get_param: [EndpointMap, NovaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaInternal, port] - /v2.1 @@ -1859,7 +3617,14 @@ outputs: get_param: [EndpointMap, NovaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaInternal, port] NovaPublic: @@ -1869,7 +3634,24 @@ outputs: get_param: [EndpointMap, NovaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NovaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, NovaPublic, port] protocol: @@ -1884,7 +3666,14 @@ outputs: get_param: [EndpointMap, NovaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaPublic, port] - /v2.1 @@ -1898,7 +3687,14 @@ outputs: get_param: [EndpointMap, NovaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaPublic, port] NovaVNCProxyAdmin: @@ -1908,7 +3704,24 @@ outputs: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, NovaApiNetwork] port: get_param: [EndpointMap, NovaVNCProxyAdmin, port] protocol: @@ -1923,7 +3736,14 @@ outputs: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaVNCProxyAdmin, port] uri_no_suffix: @@ -1936,7 +3756,14 @@ outputs: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaVNCProxyAdmin, port] NovaVNCProxyInternal: @@ -1946,7 +3773,24 @@ outputs: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, NovaApiNetwork] port: get_param: [EndpointMap, NovaVNCProxyInternal, port] protocol: @@ -1961,7 +3805,14 @@ outputs: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaVNCProxyInternal, port] uri_no_suffix: @@ -1974,7 +3825,14 @@ outputs: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: NovaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, NovaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaVNCProxyInternal, port] NovaVNCProxyPublic: @@ -1984,7 +3842,24 @@ outputs: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, NovaVNCProxyPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, NovaVNCProxyPublic, port] protocol: @@ -1999,7 +3874,14 @@ outputs: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaVNCProxyPublic, port] uri_no_suffix: @@ -2012,7 +3894,14 @@ outputs: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, NovaVNCProxyPublic, port] SaharaAdmin: @@ -2022,7 +3911,24 @@ outputs: get_param: [EndpointMap, SaharaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SaharaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SaharaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SaharaAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, SaharaApiNetwork] port: get_param: [EndpointMap, SaharaAdmin, port] protocol: @@ -2037,7 +3943,14 @@ outputs: get_param: [EndpointMap, SaharaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SaharaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SaharaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SaharaAdmin, port] - /v1.1/%(tenant_id)s @@ -2051,7 +3964,14 @@ outputs: get_param: [EndpointMap, SaharaAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SaharaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SaharaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SaharaAdmin, port] SaharaInternal: @@ -2061,7 +3981,24 @@ outputs: get_param: [EndpointMap, SaharaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SaharaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SaharaApiNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SaharaInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, SaharaApiNetwork] port: get_param: [EndpointMap, SaharaInternal, port] protocol: @@ -2076,7 +4013,14 @@ outputs: get_param: [EndpointMap, SaharaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SaharaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SaharaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SaharaInternal, port] - /v1.1/%(tenant_id)s @@ -2090,7 +4034,14 @@ outputs: get_param: [EndpointMap, SaharaInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SaharaApiVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SaharaApiNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SaharaInternal, port] SaharaPublic: @@ -2100,7 +4051,24 @@ outputs: get_param: [EndpointMap, SaharaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SaharaPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, SaharaPublic, port] protocol: @@ -2115,7 +4083,14 @@ outputs: get_param: [EndpointMap, SaharaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SaharaPublic, port] - /v1.1/%(tenant_id)s @@ -2129,7 +4104,14 @@ outputs: get_param: [EndpointMap, SaharaPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SaharaPublic, port] SwiftAdmin: @@ -2139,7 +4121,24 @@ outputs: get_param: [EndpointMap, SwiftAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, SwiftProxyNetwork] port: get_param: [EndpointMap, SwiftAdmin, port] protocol: @@ -2154,7 +4153,14 @@ outputs: get_param: [EndpointMap, SwiftAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftAdmin, port] uri_no_suffix: @@ -2167,7 +4173,14 @@ outputs: get_param: [EndpointMap, SwiftAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftAdmin, port] SwiftInternal: @@ -2177,7 +4190,24 @@ outputs: get_param: [EndpointMap, SwiftInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, SwiftProxyNetwork] port: get_param: [EndpointMap, SwiftInternal, port] protocol: @@ -2192,7 +4222,14 @@ outputs: get_param: [EndpointMap, SwiftInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftInternal, port] - /v1/AUTH_%(tenant_id)s @@ -2206,7 +4243,14 @@ outputs: get_param: [EndpointMap, SwiftInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftInternal, port] SwiftPublic: @@ -2216,7 +4260,24 @@ outputs: get_param: [EndpointMap, SwiftPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, SwiftPublic, port] protocol: @@ -2231,7 +4292,14 @@ outputs: get_param: [EndpointMap, SwiftPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftPublic, port] - /v1/AUTH_%(tenant_id)s @@ -2245,7 +4313,14 @@ outputs: get_param: [EndpointMap, SwiftPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftPublic, port] SwiftS3Admin: @@ -2255,7 +4330,24 @@ outputs: get_param: [EndpointMap, SwiftAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SwiftAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, SwiftProxyNetwork] port: get_param: [EndpointMap, SwiftAdmin, port] protocol: @@ -2270,7 +4362,14 @@ outputs: get_param: [EndpointMap, SwiftAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftAdmin, port] uri_no_suffix: @@ -2283,7 +4382,14 @@ outputs: get_param: [EndpointMap, SwiftAdmin, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftAdmin, port] SwiftS3Internal: @@ -2293,7 +4399,24 @@ outputs: get_param: [EndpointMap, SwiftInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SwiftInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, SwiftProxyNetwork] port: get_param: [EndpointMap, SwiftInternal, port] protocol: @@ -2308,7 +4431,14 @@ outputs: get_param: [EndpointMap, SwiftInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftInternal, port] uri_no_suffix: @@ -2321,7 +4451,14 @@ outputs: get_param: [EndpointMap, SwiftInternal, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: SwiftProxyVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, SwiftProxyNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftInternal, port] SwiftS3Public: @@ -2331,7 +4468,24 @@ outputs: get_param: [EndpointMap, SwiftPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri + host_nobrackets: + str_replace: + template: + get_param: [EndpointMap, SwiftPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: + get_param: + - NetIpMap + - get_param: [ServiceNetMap, PublicNetwork] port: get_param: [EndpointMap, SwiftPublic, port] protocol: @@ -2346,7 +4500,14 @@ outputs: get_param: [EndpointMap, SwiftPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftPublic, port] uri_no_suffix: @@ -2359,6 +4520,13 @@ outputs: get_param: [EndpointMap, SwiftPublic, host] params: CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} + IP_ADDRESS: + get_param: + - NetIpMap + - str_replace: + params: + NETWORK: + get_param: [ServiceNetMap, PublicNetwork] + template: NETWORK_uri - ':' - get_param: [EndpointMap, SwiftPublic, port] diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index 78c7c32c..fcf2eeee 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -82,32 +82,22 @@ outputs: storage_mgmt: {get_param: StorageMgmtIp} tenant: {get_param: TenantIp} management: {get_param: ManagementIp} - net_ip_subnet_map: - description: > - A Hash containing a mapping of network names to assigned IPs/CIDR - for a specific machine. - value: - ctlplane: + ctlplane_subnet: list_join: - '' - - {get_param: ControlPlaneIp} - '/' - {get_param: ControlPlaneSubnetCidr} - external: {get_param: ExternalIpSubnet} - internal_api: {get_param: InternalApiIpSubnet} - storage: {get_param: StorageIpSubnet} - storage_mgmt: {get_param: StorageMgmtIpSubnet} - tenant: {get_param: TenantIpSubnet} - management: {get_param: ManagementIpSubnet} - net_ip_uri_map: - description: > - A Hash containing a mapping of network names to assigned IPs for a - specific machine with brackets around IPv6 addresses for use in URLs. - value: - ctlplane: {get_param: ControlPlaneIp} - external: {get_param: ExternalIpUri} - internal_api: {get_param: InternalApiIpUri} - storage: {get_param: StorageIpUri} - storage_mgmt: {get_param: StorageMgmtIpUri} - tenant: {get_param: TenantIpUri} - management: {get_param: ManagementIpUri} + external_subnet: {get_param: ExternalIpSubnet} + internal_api_subnet: {get_param: InternalApiIpSubnet} + storage_subnet: {get_param: StorageIpSubnet} + storage_mgmt_subnet: {get_param: StorageMgmtIpSubnet} + tenant_subnet: {get_param: TenantIpSubnet} + management_subnet: {get_param: ManagementIpSubnet} + ctlplane_uri: {get_param: ControlPlaneIp} + external_uri: {get_param: ExternalIpUri} + internal_api_uri: {get_param: InternalApiIpUri} + storage_uri: {get_param: StorageIpUri} + storage_mgmt_uri: {get_param: StorageMgmtIpUri} + tenant_uri: {get_param: TenantIpUri} + management_uri: {get_param: ManagementIpUri} diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml index a40a0bfc..71e6e811 100644 --- a/network/ports/net_vip_map_external.yaml +++ b/network/ports/net_vip_map_external.yaml @@ -45,12 +45,6 @@ parameters: StorageMgmtIpUri: default: '' type: string - TenantIp: - default: '' - type: string - TenantIpUri: - default: '' - type: string outputs: net_ip_map: @@ -63,13 +57,8 @@ outputs: internal_api: {get_param: InternalApiNetworkVip} storage: {get_param: StorageNetworkVip} storage_mgmt: {get_param: StorageMgmtNetworkVip} - net_ip_uri_map: - description: > - A Hash containing a mapping of netowrk names to assigned IPs for a - specific machine with brackets around IPv6 addresses for use in URLs. - value: - ctlplane: {get_param: ControlPlaneIP} - external: {get_param: ExternalNetworkVip} - internal_api: {get_param: InternalApiNetworkVip} - storage: {get_param: StorageNetworkVip} - storage_mgmt: {get_param: StorageMgmtNetworkVip} + ctlplane_uri: {get_param: ControlPlaneIP} + external_uri: {get_param: ExternalNetworkVip} + internal_api_uri: {get_param: InternalApiNetworkVip} + storage_uri: {get_param: StorageNetworkVip} + storage_mgmt_uri: {get_param: StorageMgmtNetworkVip} diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml index f6d67fe8..8d054349 100644 --- a/network/ports/net_vip_map_external_v6.yaml +++ b/network/ports/net_vip_map_external_v6.yaml @@ -45,12 +45,6 @@ parameters: StorageMgmtIpUri: default: '' type: string - TenantIp: - default: '' - type: string - TenantIpUri: - default: '' - type: string outputs: net_ip_map: @@ -63,31 +57,26 @@ outputs: internal_api: {get_param: InternalApiNetworkVip} storage: {get_param: StorageNetworkVip} storage_mgmt: {get_param: StorageMgmtNetworkVip} - net_ip_uri_map: - description: > - A Hash containing a mapping of netowrk names to assigned IPs for a - specific machine with brackets around IPv6 addresses for use in URLs. - value: - ctlplane: {get_param: ControlPlaneIP} - external: + ctlplane_uri: {get_param: ControlPlaneIP} + external_uri: list_join: - '' - - '[' - {get_param: ExternalNetworkVip} - ']' - internal_api: + internal_api_uri: list_join: - '' - - '[' - {get_param: InternalApiNetworkVip} - ']' - storage: + storage_uri: list_join: - '' - - '[' - {get_param: StorageNetworkVip} - ']' - storage_mgmt: + storage_mgmt_uri: list_join: - '' - - '[' diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml new file mode 100644 index 00000000..fea8987a --- /dev/null +++ b/network/service_net_map.yaml @@ -0,0 +1,92 @@ +heat_template_version: 2016-10-14 + +description: > + Mapping of service_name_network -> network name + +parameters: + ServiceNetMap: + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + default: {} + type: json + + ServiceNetMapDefaults: + default: + NeutronTenantNetwork: tenant + CeilometerApiNetwork: internal_api + AodhApiNetwork: internal_api + GnocchiApiNetwork: internal_api + MongodbNetwork: internal_api + CinderApiNetwork: internal_api + CinderIscsiNetwork: storage + GlanceApiNetwork: storage + GlanceRegistryNetwork: internal_api + IronicApiNetwork: internal_api + KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints + KeystonePublicApiNetwork: internal_api + ManilaApiNetwork: internal_api + NeutronApiNetwork: internal_api + HeatApiNetwork: internal_api + NovaApiNetwork: internal_api + NovaMetadataNetwork: internal_api + NovaVncProxyNetwork: internal_api + SwiftMgmtNetwork: storage_mgmt + SwiftProxyNetwork: storage + SaharaApiNetwork: internal_api + HorizonNetwork: internal_api + MemcachedNetwork: internal_api + RabbitmqNetwork: internal_api + RedisNetwork: internal_api + MysqlNetwork: internal_api + CephClusterNetwork: storage_mgmt + CephPublicNetwork: storage + ControllerHostnameResolveNetwork: internal_api + ComputeHostnameResolveNetwork: internal_api + BlockStorageHostnameResolveNetwork: internal_api + ObjectStorageHostnameResolveNetwork: internal_api + CephStorageHostnameResolveNetwork: storage + PublicNetwork: external + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + + # We define mappings to work around names that break when doing the + # CamelCase to snake_case conversion to align with service_names + ServiceNetMapDeprecatedMapping: + default: + MongoDbNetwork: MongodbNetwork + RabbitMqNetwork: RabbitmqNetwork + description: Mapping older deprecated service names, intended for + internal use only, this will be removed in future. + type: json + +parameter_groups: +- label: deprecated + description: Do not use deprecated params, they will be removed. + parameters: + - ServiceNetMapDeprecatedMapping + +outputs: + service_net_map: + value: + map_merge: + - {get_param: ServiceNetMapDefaults} + - map_replace: + - {get_param: ServiceNetMap} + - keys: {get_param: ServiceNetMapDeprecatedMapping} + + service_net_map_lower: + value: + # This does a conversion from CamelCase to snake_case, + # e.g HeatApiNetwork becomes heat_api_network so it + # matches the service names. + yaql: + expression: dict($.data.map.items().select([ regex(`([a-z0-9])([A-Z])`).replace($[0], '\\1_\\2').toLower(), $[1]])) + data: + map: + map_merge: + - {get_param: ServiceNetMapDefaults} + - map_replace: + - {get_param: ServiceNetMap} + - keys: {get_param: ServiceNetMapDeprecatedMapping} diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index dc74e889..817ff2c8 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -19,6 +19,7 @@ resource_registry: OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml + OS::TripleO::DefaultPasswords: default_passwords.yaml # Tasks (for internal TripleO usage) OS::TripleO::Tasks::UpdateWorkflow: OS::Heat::None @@ -118,6 +119,9 @@ resource_registry: OS::TripleO::BlockStorage::Ports::TenantPort: network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::ManagementPort: network/ports/noop.yaml + # Service to network Mappings + OS::TripleO::ServiceNetMap: network/service_net_map.yaml + # Service Endpoint Mappings OS::TripleO::EndpointMap: network/endpoints/endpoint_map.yaml @@ -131,6 +135,7 @@ resource_registry: OS::TripleO::Services::CephClient: OS::Heat::None OS::TripleO::Services::CephExternal: OS::Heat::None OS::TripleO::Services::CinderApi: puppet/services/cinder-api.yaml + OS::TripleO::Services::CinderBackup: OS::Heat::None OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml OS::TripleO::Services::Core: OS::Heat::None @@ -141,14 +146,15 @@ resource_registry: OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml - OS::TripleO::Services::IronicApi: puppet/services/ironic-api.yaml - OS::TripleO::Services::IronicConductor: puppet/services/ironic-conductor.yaml OS::TripleO::Services::Kernel: puppet/services/kernel.yaml OS::TripleO::Services::MySQL: puppet/services/database/mysql.yaml OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml - OS::TripleO::Services::NeutronServer: puppet/services/neutron-server.yaml + # FIXME(shardy) the duplicate NeutronServer line can be removed when we've updated + # the multinode job ControllerServices after this patch merges + OS::TripleO::Services::NeutronServer: puppet/services/neutron-api.yaml + OS::TripleO::Services::NeutronApi: puppet/services/neutron-api.yaml OS::TripleO::Services::NeutronCorePlugin: puppet/services/neutron-plugin-ml2.yaml # can be the same as NeutronCorePlugin but some vendors install different # things where VMs run @@ -165,8 +171,8 @@ resource_registry: OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml OS::TripleO::Services::Memcached: puppet/services/memcached.yaml - OS::TripleO::Services::SaharaApi: puppet/services/sahara-api.yaml - OS::TripleO::Services::SaharaEngine: puppet/services/sahara-engine.yaml + OS::TripleO::Services::SaharaApi: OS::Heat::None + OS::TripleO::Services::SaharaEngine: OS::Heat::None OS::TripleO::Services::Redis: puppet/services/database/redis.yaml OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml @@ -197,6 +203,20 @@ resource_registry: OS::Tripleo::Services::ManilaApi: OS::Heat::None OS::Tripleo::Services::ManilaScheduler: OS::Heat::None OS::Tripleo::Services::ManilaShare: OS::Heat::None + OS::TripleO::Services::ComputeNeutronL3Agent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronMetadataAgent: OS::Heat::None + OS::TripleO::Services::AodhApi: puppet/services/aodh-api.yaml + OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml + OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml + OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml + OS::TripleO::Services::MistralEngine: OS::Heat::None + OS::TripleO::Services::MistralApi: OS::Heat::None + OS::TripleO::Services::MistralExecutor: OS::Heat::None + OS::TripleO::Services::IronicApi: OS::Heat::None + OS::TripleO::Services::IronicConductor: OS::Heat::None + OS::TripleO::Services::NovaIronic: OS::Heat::None + OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml + OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.yaml b/overcloud.yaml index 630ae21c..b37426f8 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -12,22 +12,6 @@ description: > parameters: # Common parameters (not specific to a role) - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - AodhPassword: - description: The password for the aodh services. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean CloudName: default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -36,58 +20,20 @@ parameters: default: [] description: Should be used for arbitrary ips. type: json - CorosyncIPv6: - default: false - description: Enable IPv6 in Corosync - type: boolean - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string InternalApiVirtualFixedIPs: default: [] description: > Control the IP allocation for the InternalApiVirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json - KeyName: - default: default - description: Name of an existing Nova key pair to enable SSH access to the instances - type: string - constraints: - - custom_constraint: nova.keypair - MemcachedIPv6: - default: false - description: Enable IPv6 features in Memcached. - type: boolean NeutronControlPlaneID: default: 'ctlplane' type: string description: Neutron ID or name for ctlplane network. - NeutronPassword: - description: The password for the neutron service account, used by neutron agents. - type: string - hidden: true NeutronPublicInterface: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - NovaIPv6: - default: false - description: Enable IPv6 features in Nova - type: boolean - NovaPassword: - description: The password for the nova service account, used by nova-api. - type: string - hidden: true PublicVirtualFixedIPs: default: [] description: > @@ -98,28 +44,6 @@ parameters: type: string default: unset description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - RedisPassword: - description: The password for Redis - type: string - hidden: true StorageVirtualFixedIPs: default: [] description: > @@ -132,6 +56,12 @@ parameters: Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json + RedisVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the virtual IP used by Redis. E.g. + [{'ip_address':'1.2.3.4'}] + type: json CloudDomain: default: 'localdomain' type: string @@ -154,33 +84,6 @@ parameters: description: | Deprecated. Use ControllerExtraConfig via parameter_defaults instead. type: json - controllerImage: - type: string - default: overcloud-full - constraints: - - custom_constraint: glance.image - OvercloudControlFlavor: - description: Flavor for control nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string - EnableFencing: - default: false - description: Whether to enable fencing in Pacemaker or not. - type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean - ControllerSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} ExtraConfig: default: {} description: | @@ -188,74 +91,12 @@ parameters: may be implementation specific, e.g puppet hieradata. Any role specific ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig. type: json - FencingConfig: - default: {} - description: | - Pacemaker fencing configuration. The JSON should have - the following structure: - { - "devices": [ - { - "agent": "AGENT_NAME", - "host_mac": "HOST_MAC_ADDRESS", - "params": {"PARAM_NAME": "PARAM_VALUE"} - } - ] - } - For instance: - { - "devices": [ - { - "agent": "fence_xvm", - "host_mac": "52:54:00:aa:bb:cc", - "params": { - "multicast_address": "225.0.0.12", - "port": "baremetal_0", - "manage_fw": true, - "manage_key_file": true, - "key_file": "/etc/fence_xvm.key", - "key_file_password": "abcdef" - } - } - ] - } - type: json - type: string - hidden: true - InstanceNameTemplate: - default: 'instance-%08x' - description: Template string to be used to generate instance names - type: string - ManageFirewall: - default: true - description: Whether to manage IPtables rules. - type: boolean - PurgeFirewallRules: - default: false - description: Whether IPtables rules should be purged before setting up the ones. - type: boolean - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string SwiftHashSuffix: description: A random string to be used as a salt when hashing to determine mappings in the ring. type: string hidden: true + # Compute-specific params ComputeCount: type: number @@ -271,93 +112,13 @@ parameters: default: nic1 description: What interface to add to the HypervisorNeutronPhysicalBridge. type: string - NovaComputeDriver: - type: string - default: libvirt.LibvirtDriver - NovaComputeExtraConfig: - default: {} - description: | - NovaCompute specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - NovaComputeLibvirtType: - default: kvm - type: string - NovaComputeLibvirtVifDriver: - default: '' - description: Libvirt VIF driver configuration for the network - type: string - NovaComputeSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean - NovaImage: - type: string - default: overcloud-full - constraints: - - custom_constraint: glance.image - NovaOVSBridge: - default: 'br-int' - description: Name of integration bridge used by Open vSwitch - type: string - NovaSecurityGroupAPI: - default: 'neutron' - description: The full class name of the security API class - type: string - OvercloudComputeFlavor: - description: Use this flavor - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - ServiceNetMap: - default: - NeutronTenantNetwork: tenant - CeilometerApiNetwork: internal_api - AodhApiNetwork: internal_api - GnocchiApiNetwork: internal_api - MongoDbNetwork: internal_api - CinderApiNetwork: internal_api - CinderIscsiNetwork: storage - GlanceApiNetwork: storage - GlanceRegistryNetwork: internal_api - IronicApiNetwork: internal_api - KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints - KeystonePublicApiNetwork: internal_api - ManilaApiNetwork: internal_api - NeutronApiNetwork: internal_api - HeatApiNetwork: internal_api - NovaApiNetwork: internal_api - NovaMetadataNetwork: internal_api - NovaVncProxyNetwork: internal_api - SwiftMgmtNetwork: storage_mgmt - SwiftProxyNetwork: storage - SaharaApiNetwork: internal_api - HorizonNetwork: internal_api - MemcachedNetwork: internal_api - RabbitMqNetwork: internal_api - RedisNetwork: internal_api - MysqlNetwork: internal_api - CephClusterNetwork: storage_mgmt - CephPublicNetwork: storage - ControllerHostnameResolveNetwork: internal_api - ComputeHostnameResolveNetwork: internal_api - BlockStorageHostnameResolveNetwork: internal_api - ObjectStorageHostnameResolveNetwork: internal_api - CephStorageHostnameResolveNetwork: storage - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json ControllerServices: default: - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephExternal - OS::TripleO::Services::CinderApi + - OS::TripleO::Services::CinderBackup - OS::TripleO::Services::CinderScheduler - OS::TripleO::Services::CinderVolume - OS::TripleO::Services::Core @@ -373,7 +134,7 @@ parameters: - OS::TripleO::Services::NeutronDhcpAgent - OS::TripleO::Services::NeutronL3Agent - OS::TripleO::Services::NeutronMetadataAgent - - OS::TripleO::Services::NeutronServer + - OS::TripleO::Services::NeutronApi - OS::TripleO::Services::NeutronCorePlugin - OS::TripleO::Services::NeutronOvsAgent - OS::TripleO::Services::RabbitMQ @@ -406,6 +167,17 @@ parameters: - OS::Tripleo::Services::ManilaApi - OS::Tripleo::Services::ManilaScheduler - OS::Tripleo::Services::ManilaShare + - OS::TripleO::Services::AodhApi + - OS::TripleO::Services::AodhEvaluator + - OS::TripleO::Services::AodhNotifier + - OS::TripleO::Services::AodhListener + - OS::TripleO::Services::SaharaApi + - OS::TripleO::Services::SaharaEngine + - OS::TripleO::Services::IronicApi + - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::NovaIronic + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -424,6 +196,10 @@ parameters: - OS::TripleO::Services::ComputeNeutronCorePlugin - OS::TripleO::Services::ComputeNeutronOvsAgent - OS::TripleO::Services::ComputeCeilometerAgent + - OS::TripleO::Services::ComputeNeutronL3Agent + - OS::TripleO::Services::ComputeNeutronMetadataAgent + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -433,25 +209,12 @@ parameters: BlockStorageCount: type: number default: 0 - BlockStorageImage: - default: overcloud-full - type: string - OvercloudBlockStorageFlavor: - description: Flavor for block storage nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor BlockStorageExtraConfig: default: {} description: | BlockStorage specific configuration to inject into the cluster. Same structure as ExtraConfig. type: json - BlockStorageSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} BlockStorageServices: default: - OS::TripleO::Services::CinderVolume @@ -459,6 +222,8 @@ parameters: - OS::TripleO::Services::Ntp - OS::TripleO::Services::Timezone - OS::TripleO::Services::Snmp + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the BlockStorage nodes. @@ -468,25 +233,12 @@ parameters: ObjectStorageCount: type: number default: 0 - OvercloudSwiftStorageFlavor: - description: Flavor for Swift storage nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - SwiftStorageImage: - default: overcloud-full - type: string ObjectStorageExtraConfig: default: {} description: | ObjectStorage specific configuration to inject into the cluster. Same structure as ExtraConfig. type: json - ObjectStorageSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} ObjectStorageServices: default: - OS::TripleO::Services::Kernel @@ -495,6 +247,8 @@ parameters: - OS::TripleO::Services::SwiftRingBuilder - OS::TripleO::Services::Snmp - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the ObjectStorage nodes. @@ -506,31 +260,20 @@ parameters: CephStorageCount: type: number default: 0 - CephStorageImage: - default: overcloud-full - type: string - OvercloudCephStorageFlavor: - default: baremetal - description: Flavor for Ceph storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor CephStorageExtraConfig: default: {} description: | CephStorage specific configuration to inject into the cluster. Same structure as ExtraConfig. type: json - CephStorageSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} CephStorageServices: default: - OS::TripleO::Services::CephOSD - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the CephStorage nodes. @@ -631,34 +374,23 @@ resources: properties: length: 10 + ServiceNetMap: + type: OS::TripleO::ServiceNetMap + EndpointMap: type: OS::TripleO::EndpointMap properties: CloudName: {get_param: CloudName} - CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - AodhApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - CinderApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} - HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - IronicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} - KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - ManilaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - MysqlNoBracketsVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} - SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - PublicVirtualIP: {get_attr: [VipMap, net_ip_uri_map, external]} + NetIpMap: {get_attr: [VipMap, net_ip_map]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} ControllerServiceChain: type: OS::TripleO::Services properties: Services: {get_param: ControllerServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} Controller: type: OS::Heat::ResourceGroup @@ -669,68 +401,31 @@ resources: resource_def: type: OS::TripleO::Controller properties: - AdminPassword: {get_param: AdminPassword} - AodhPassword: {get_param: AodhPassword} CloudDomain: {get_param: CloudDomain} - ControlVirtualInterface: {get_param: ControlVirtualInterface} controllerExtraConfig: {get_param: controllerExtraConfig} - CorosyncIPv6: {get_param: CorosyncIPv6} - Debug: {get_param: Debug} - EnableFencing: {get_param: EnableFencing} - ManageFirewall: {get_param: ManageFirewall} - PurgeFirewallRules: {get_param: PurgeFirewallRules} - EnableGalera: {get_param: EnableGalera} - ExtraConfig: {get_param: ExtraConfig} - FencingConfig: {get_param: FencingConfig} - Flavor: {get_param: OvercloudControlFlavor} - HAProxySyslogAddress: {get_param: HAProxySyslogAddress} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} HorizonSecret: {get_resource: HorizonSecret} - Image: {get_param: controllerImage} - ImageUpdatePolicy: {get_param: ImageUpdatePolicy} - InstanceNameTemplate: {get_param: InstanceNameTemplate} - KeyName: {get_param: KeyName} - MemcachedIPv6: {get_param: MemcachedIPv6} - MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} - MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize} - MysqlMaxConnections: {get_param: MysqlMaxConnections} - MysqlRootPassword: {get_attr: [MysqlRootPassword, value]} - NeutronPublicInterface: {get_param: NeutronPublicInterface} - NeutronPassword: {get_param: NeutronPassword} - NovaIPv6: {get_param: NovaIPv6} - NovaPassword: {get_param: NovaPassword} PcsdPassword: {get_resource: PcsdPassword} - PublicVirtualInterface: {get_param: PublicVirtualInterface} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitCookie: {get_attr: [RabbitCookie, value]} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} - RedisPassword: {get_param: RedisPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} - SwiftHashSuffix: {get_param: SwiftHashSuffix} - ServiceNetMap: {get_param: ServiceNetMap} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: template: {get_param: ControllerHostnameFormat} params: '%stackname%': {get_param: 'OS::stack_name'} NodeIndex: '%index%' - ServerMetadata: {get_param: ServerMetadata} - SchedulerHints: {get_param: ControllerSchedulerHints} ServiceConfigSettings: {get_attr: [ControllerServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ControllerServiceChain, role_data, service_names]} ComputeServiceChain: - type: OS::TripleO::Services properties: Services: {get_param: ComputeServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} Compute: type: OS::Heat::ResourceGroup @@ -741,49 +436,19 @@ resources: resource_def: type: OS::TripleO::Compute properties: - AdminPassword: {get_param: AdminPassword} - CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} - CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} - Debug: {get_param: Debug} - ExtraConfig: {get_param: ExtraConfig} - Flavor: {get_param: OvercloudComputeFlavor} - GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - Image: {get_param: NovaImage} - ImageUpdatePolicy: {get_param: ImageUpdatePolicy} - KeyName: {get_param: KeyName} - KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - NeutronPassword: {get_param: NeutronPassword} + CloudDomain: {get_param: CloudDomain} NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge} NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface} # L3 HA and Failover is not relevant for Computes, should be removed - NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - NovaComputeDriver: {get_param: NovaComputeDriver} - NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig} - NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType} - NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver} - NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend} - NovaIPv6: {get_param: NovaIPv6} + NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]} - NovaPassword: {get_param: NovaPassword} - NovaOVSBridge: {get_param: NovaOVSBridge} - NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI} - RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} - ServiceNetMap: {get_param: ServiceNetMap} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: template: {get_param: ComputeHostnameFormat} params: '%stackname%': {get_param: 'OS::stack_name'} - CloudDomain: {get_param: CloudDomain} - ServerMetadata: {get_param: ServerMetadata} - SchedulerHints: {get_param: NovaComputeSchedulerHints} NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ComputeServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ComputeServiceChain, role_data, service_names]} @@ -792,7 +457,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: BlockStorageServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} BlockStorage: type: OS::Heat::ResourceGroup @@ -803,21 +470,17 @@ resources: resource_def: type: OS::TripleO::BlockStorage properties: - Image: {get_param: BlockStorageImage} - KeyName: {get_param: KeyName} - Flavor: {get_param: OvercloudBlockStorageFlavor} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: template: {get_param: BlockStorageHostnameFormat} params: '%stackname%': {get_param: 'OS::stack_name'} - ServiceNetMap: {get_param: ServiceNetMap} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} ExtraConfig: {get_param: ExtraConfig} BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} CloudDomain: {get_param: CloudDomain} ServerMetadata: {get_param: ServerMetadata} - SchedulerHints: {get_param: BlockStorageSchedulerHints} NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [BlockStorageServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [BlockStorageServiceChain, role_data, service_names]} @@ -826,7 +489,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: ObjectStorageServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} ObjectStorage: type: OS::Heat::ResourceGroup @@ -837,12 +502,9 @@ resources: resource_def: type: OS::TripleO::ObjectStorage properties: - KeyName: {get_param: KeyName} - Flavor: {get_param: OvercloudSwiftStorageFlavor} HashSuffix: {get_param: SwiftHashSuffix} - Image: {get_param: SwiftStorageImage} UpdateIdentifier: {get_param: UpdateIdentifier} - ServiceNetMap: {get_param: ServiceNetMap} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} Hostname: str_replace: template: {get_param: ObjectStorageHostnameFormat} @@ -852,7 +514,6 @@ resources: ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig} CloudDomain: {get_param: CloudDomain} ServerMetadata: {get_param: ServerMetadata} - SchedulerHints: {get_param: ObjectStorageSchedulerHints} NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} @@ -861,7 +522,9 @@ resources: type: OS::TripleO::Services properties: Services: {get_param: CephStorageServices} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + DefaultPasswords: {get_attr: [DefaultPasswords, passwords]} CephStorage: type: OS::Heat::ResourceGroup @@ -872,10 +535,7 @@ resources: resource_def: type: OS::TripleO::CephStorage properties: - Image: {get_param: CephStorageImage} - KeyName: {get_param: KeyName} - Flavor: {get_param: OvercloudCephStorageFlavor} - ServiceNetMap: {get_param: ServiceNetMap} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -886,7 +546,6 @@ resources: CephStorageExtraConfig: {get_param: CephStorageExtraConfig} CloudDomain: {get_param: CloudDomain} ServerMetadata: {get_param: ServerMetadata} - SchedulerHints: {get_param: CephStorageSchedulerHints} NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [CephStorageServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [CephStorageServiceChain, role_data, service_names]} @@ -905,36 +564,47 @@ resources: allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig properties: - compute_hosts: {get_attr: [Compute, hosts_entry]} - controller_hosts: {get_attr: [Controller, hosts_entry]} + hosts: + - list_join: + - '\n' + - {get_attr: [Compute, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [Controller, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [BlockStorage, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [ObjectStorage, hosts_entry]} + - list_join: + - '\n' + - {get_attr: [CephStorage, hosts_entry]} controller_ips: {get_attr: [Controller, ip_address]} - block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]} - object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]} - ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]} controller_names: {get_attr: [Controller, hostname]} - rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} - mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} - redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} - memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - aodh_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - gnocchi_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} - nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} - glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - manila_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} - ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} - ceph_mon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RabbitmqNetwork]}]} + mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MongodbNetwork]}]} + redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]}]} + memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} + mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} + horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HorizonNetwork]}]} + heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} + swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} + ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} + aodh_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} + gnocchi_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} + nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} + nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaMetadataNetwork]}]} + glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} + glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceRegistryNetwork]}]} + cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} + manila_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} + neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} + keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} + keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} + sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} + ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} + ceph_mon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephPublicNetwork]}]} ceph_mon_node_names: {get_attr: [Controller, hostname]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -944,17 +614,21 @@ resources: properties: length: 10 - MysqlClusterUniquePart: - type: OS::Heat::RandomString - properties: - length: 10 - RabbitCookie: type: OS::Heat::RandomString properties: length: 20 salt: {get_param: RabbitCookieSalt} + DefaultPasswords: + type: OS::TripleO::DefaultPasswords + properties: + DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]} + DefaultRabbitCookie: {get_attr: [RabbitCookie, value]} + DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]} + DefaultPcsdPassword: {get_attr: [PcsdPassword, value]} + DefaultHorizonSecret: {get_attr: [HorizonSecret, value]} + # creates the network architecture Networks: type: OS::TripleO::Network @@ -975,8 +649,9 @@ resources: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} ControlPlaneNetwork: {get_param: NeutronControlPlaneID} PortName: redis_virtual_ip - NetworkName: {get_param: [ServiceNetMap, RedisNetwork]} + NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]} ServiceName: redis + FixedIPs: {get_param: RedisVirtualFixedIPs} # The public VIP is on the External net, falls back to ctlplane PublicVirtualIP: @@ -1037,30 +712,30 @@ resources: servers: {get_attr: [Controller, attributes, nova_server_resource]} input_values: # service VIP mappings - keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} - ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - aodh_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - gnocchi_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} - heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} + keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} + neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} + cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} + glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} + glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceRegistryNetwork]}]} + swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} + nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} + nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaMetadataNetwork]}]} + ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} + aodh_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} + gnocchi_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} + heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} + horizon_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HorizonNetwork]}]} redis_vip: {get_attr: [RedisVirtualIP, ip_address]} - manila_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + manila_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} + mysql_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} + rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RabbitMqNetwork]}]} # direct configuration of Virtual IPs for each network control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]} public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} - sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} - ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} + sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} + ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} @@ -1147,6 +822,7 @@ resources: - {get_attr: [Controller, resource.0.storage_ip_address]} - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} - {get_attr: [Controller, resource.0.tenant_ip_address]} + - {get_attr: [Controller, resource.0.management_ip_address]} ControllerAllNodesValidationDeployment: type: OS::Heat::StructuredDeployments @@ -1260,49 +936,49 @@ outputs: value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} KeystoneAdminVip: description: Keystone Admin VIP endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} PublicVip: description: Controller VIP for public API endpoints value: {get_attr: [VipMap, net_ip_map, external]} AodhInternalVip: description: VIP for Aodh API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} CeilometerInternalVip: description: VIP for Ceilometer API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} CinderInternalVip: description: VIP for Cinder API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} GlanceInternalVip: description: VIP for Glance API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} GnocchiInternalVip: description: VIP for Gnocchi API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} HeatInternalVip: description: VIP for Heat API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} IronicInternalVip: description: VIP for Ironic API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} KeystoneInternalVip: description: VIP for Keystone API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} ManilaInternalVip: description: VIP for Manila API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} NeutronInternalVip: description: VIP for Neutron API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} NovaInternalVip: description: VIP for Nova API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} SaharaInternalVip: description: VIP for Sahara API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} SwiftInternalVip: description: VIP for Swift Proxy internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} EndpointMap: description: | Mapping of the resources with the needed info for their endpoints. @@ -1315,3 +991,11 @@ outputs: hostname-based access to the deployed nodes (useful for testing without setting up a DNS). value: {get_attr: [allNodesConfig, hosts_entries]} + EnabledServices: + description: The services enabled on each role + value: + Controller: {get_attr: [ControllerServiceChain, role_data, service_names]} + Compute: {get_attr: [ComputeServiceChain, role_data, service_names]} + BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]} + ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 4c9355d5..f1ce42b1 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -2,18 +2,10 @@ heat_template_version: 2015-04-30 description: 'All Nodes Config for Puppet' parameters: - compute_hosts: - type: comma_delimited_list - controller_hosts: + hosts: type: comma_delimited_list controller_ips: type: comma_delimited_list - block_storage_hosts: - type: comma_delimited_list - object_storage_hosts: - type: comma_delimited_list - ceph_storage_hosts: - type: comma_delimited_list controller_names: type: comma_delimited_list rabbit_node_ips: @@ -91,21 +83,7 @@ resources: hosts: list_join: - "\n" - - - list_join: - - "\n" - - {get_param: compute_hosts} - - list_join: - - "\n" - - {get_param: controller_hosts} - - list_join: - - "\n" - - {get_param: block_storage_hosts} - - list_join: - - "\n" - - {get_param: object_storage_hosts} - - list_join: - - "\n" - - {get_param: ceph_storage_hosts} + - {get_param: hosts} hiera: datafiles: bootstrap_node: @@ -126,7 +104,7 @@ resources: list_join: - ',' - {get_param: controller_names} - rabbit_node_ips: &rabbit_nodes_array + rabbitmq_node_ips: &rabbit_nodes_array str_replace: template: "['SERVERS_LIST']" params: @@ -134,7 +112,7 @@ resources: list_join: - "','" - {get_param: rabbit_node_ips} - mongo_node_ips: + mongodb_node_ips: str_replace: template: "['SERVERS_LIST']" params: @@ -150,7 +128,7 @@ resources: list_join: - "','" - {get_param: redis_node_ips} - memcache_node_ips: + memcached_node_ips: str_replace: template: "['SERVERS_LIST']" params: @@ -158,7 +136,7 @@ resources: list_join: - "','" - {get_param: memcache_node_ips} - memcache_node_ips_v6: + memcached_node_ips_v6: str_replace: template: "['inet6:[SERVERS_LIST]']" params: diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index 70baeb6e..a83e0cfe 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -38,6 +38,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 77ca4dc6..829456b5 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -1,14 +1,15 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack ceph storage node configured by Puppet' parameters: - Flavor: + OvercloudCephStorageFlavor: description: Flavor for the Ceph Storage node. + default: baremetal type: string constraints: - custom_constraint: nova.flavor - Image: + CephStorageImage: type: string - default: overcloud-ceph-storage + default: overcloud-full constraints: - custom_constraint: glance.image ImageUpdatePolicy: @@ -21,10 +22,6 @@ parameters: default: default constraints: - custom_constraint: nova.keypair - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -70,7 +67,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -81,7 +77,7 @@ parameters: Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. type: json - SchedulerHints: + CephStorageSchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -106,9 +102,9 @@ resources: os-collect-config: command: {get_param: ConfigCommand} properties: - image: {get_param: Image} + image: {get_param: CephStorageImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudCephStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -120,7 +116,7 @@ resources: params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} - scheduler_hints: {get_param: SchedulerHints} + scheduler_hints: {get_param: CephStorageSchedulerHints} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -234,10 +230,7 @@ resources: config: {get_resource: CephStorageConfig} server: {get_resource: CephStorage} input_values: - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} - ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} CephStorageConfig: type: OS::Heat::StructuredConfig @@ -252,37 +245,25 @@ resources: - extraconfig - service_names - service_configs - - ceph_cluster # provided by CephClusterConfig - - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - common - - network merge_behavior: deeper datafiles: service_names: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} - common: - raw_data: {get_file: hieradata/common.yaml} - network: mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} ceph_extraconfig: mapped_data: {get_param: CephStorageExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} ceph: - raw_data: {get_file: hieradata/ceph.yaml} mapped_data: - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index c3dd403e..6416c43e 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -37,6 +37,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index edd81b9d..ef3f08ff 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -1,9 +1,11 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack cinder storage configured by Puppet' parameters: - Image: - default: overcloud-cinder-volume + BlockStorageImage: + default: overcloud-full type: string + constraints: + - custom_constraint: glance.image ExtraConfig: default: {} description: | @@ -18,9 +20,10 @@ parameters: BlockStorageIPs: default: {} type: json - Flavor: + OvercloudBlockStorageFlavor: description: Flavor for block storage nodes to request when deploying. type: string + default: baremetal constraints: - custom_constraint: nova.flavor KeyName: @@ -35,10 +38,6 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean UpdateIdentifier: default: '' type: string @@ -70,7 +69,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -81,7 +79,7 @@ parameters: Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. type: json - SchedulerHints: + BlockStorageSchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -107,8 +105,8 @@ resources: command: {get_param: ConfigCommand} properties: image: - {get_param: Image} - flavor: {get_param: Flavor} + {get_param: BlockStorageImage} + flavor: {get_param: OvercloudBlockStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -120,7 +118,7 @@ resources: params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} - scheduler_hints: {get_param: SchedulerHints} + scheduler_hints: {get_param: BlockStorageSchedulerHints} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -236,12 +234,6 @@ resources: input_values: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - cinder_iscsi_ip_address: - str_replace: - template: "'IP'" - params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles @@ -261,32 +253,22 @@ resources: - volume - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - common - - network merge_behavior: deeper datafiles: service_names: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} - common: - raw_data: {get_file: hieradata/common.yaml} - network: mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} volume_extraconfig: mapped_data: {get_param: BlockStorageExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} volume: - raw_data: {get_file: hieradata/volume.yaml} mapped_data: - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index c1b37772..d0c6082c 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -38,6 +38,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 435e8b04..ad3a7230 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -1,56 +1,24 @@ -heat_template_version: 2015-10-15 +heat_template_version: 2016-10-14 description: > OpenStack hypervisor node configured via Puppet. parameters: - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - CeilometerComputeAgent: - description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly - type: string - default: '' - constraints: - - allowed_values: ['', Present] - CeilometerMeteringSecret: - description: Secret shared by the ceilometer services. - type: string - hidden: true - CeilometerPassword: - description: The password for the ceilometer service account. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string ExtraConfig: default: {} description: | Additional hiera configuration to inject into the cluster. Note that NovaComputeExtraConfig takes precedence over ExtraConfig. type: json - Flavor: + OvercloudComputeFlavor: description: Flavor for the nova compute node + default: baremetal type: string constraints: - custom_constraint: nova.flavor - GlanceHost: + NovaImage: type: string - default: '' # Has to be here because of the ignored empty value bug - Image: - type: string - default: overcloud-compute + default: overcloud-full constraints: - custom_constraint: glance.image ImageUpdatePolicy: @@ -63,16 +31,6 @@ parameters: default: default constraints: - custom_constraint: nova.keypair - KeystoneAdminApiVirtualIP: - type: string - default: '' - KeystonePublicApiVirtualIP: - type: string - default: '' - NeutronPassword: - description: The password for the neutron service account, used by neutron agents. - type: string - hidden: true NeutronPhysicalBridge: default: 'br-ex' description: An OVS bridge to create for accessing external networks. @@ -87,9 +45,6 @@ parameters: NovaApiHost: type: string default: '' # Has to be here because of the ignored empty value bug - NovaComputeDriver: - type: string - default: libvirt.LibvirtDriver NovaComputeExtraConfig: default: {} description: | @@ -99,65 +54,9 @@ parameters: NovaComputeIPs: default: {} type: json - NovaComputeLibvirtType: - type: string - default: kvm - NovaComputeLibvirtVifDriver: - default: '' - description: Libvirt VIF driver configuration for the network - type: string - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean - NovaIPv6: - default: false - description: Enable IPv6 features in Nova - type: boolean - NovaPassword: - description: The password for the nova service account, used by nova-api. - type: string - hidden: true NovaPublicIP: type: string default: '' # Has to be here because of the ignored empty value bug - NovaOVSBridge: - default: 'br-int' - description: Name of integration bridge used by Open vSwitch - type: string - NovaSecurityGroupAPI: - default: 'neutron' - description: The full class name of the security API class - type: string - RabbitHost: - type: string - default: '' # Has to be here because of the ignored empty value bug - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - UpgradeLevelNovaCompute: - type: string - description: Nova Compute upgrade level - default: '' - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -194,7 +93,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -205,7 +103,7 @@ parameters: Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. type: json - SchedulerHints: + NovaComputeSchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -228,11 +126,10 @@ resources: os-collect-config: command: {get_param: ConfigCommand} properties: - image: - {get_param: Image} + image: {get_param: NovaImage} image_update_policy: get_param: ImageUpdatePolicy - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudComputeFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -244,7 +141,7 @@ resources: params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} - scheduler_hints: {get_param: SchedulerHints} + scheduler_hints: {get_param: NovaComputeSchedulerHints} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -367,12 +264,8 @@ resources: - service_names - service_configs - compute - - ceph_cluster # provided by CephClusterConfig - - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - common - - network - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - nova_nuage_data # Optionally provided by ComputeExtraConfigPre @@ -385,77 +278,21 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - common: - raw_data: {get_file: hieradata/common.yaml} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} - ceph: - raw_data: {get_file: hieradata/ceph.yaml} compute: - raw_data: {get_file: hieradata/compute.yaml} mapped_data: - cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} - nova::use_ipv6: {get_input: nova_ipv6} - nova::debug: {get_input: debug} - nova::rabbit_userid: {get_input: rabbit_username} - nova::rabbit_password: {get_input: rabbit_password} - nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - nova::rabbit_port: {get_input: rabbit_client_port} - nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} - nova_compute_driver: {get_input: nova_compute_driver} - # TODO(emilien): move libvirt & migration parameters in libvirt profile - # used to deploy libvirt/kvm dependencies: - nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type} - # used to configured nova.conf: - nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type} - nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver} nova_api_host: {get_input: nova_api_host} nova::compute::vncproxy_host: {get_input: nova_public_ip} - nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend} - # TUNNELLED mode provides a security enhancement when using shared storage but is not - # supported when not using shared storage. - # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 - # In future versions of QEMU (2.6, mostly), Dan's native encryption - # work will obsolete the need to use TUNNELLED transport mode. - nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend} - rbd_persistent_storage: {get_input: cinder_enable_rbd_backend} - nova_password: {get_input: nova_password} nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} - nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol} - nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host} - nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port} - nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge} - nova::network::neutron::security_group_api: {get_input: nova_security_group_api} - ceilometer::debug: {get_input: debug} - ceilometer::rabbit_userid: {get_input: rabbit_username} - ceilometer::rabbit_password: {get_input: rabbit_password} - ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - ceilometer::rabbit_port: {get_input: rabbit_client_port} - ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret} - ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} - ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} - nova::glance_api_servers: {get_input: glance_api_servers} - neutron::debug: {get_input: debug} - neutron::rabbit_password: {get_input: rabbit_password} - neutron::rabbit_user: {get_input: rabbit_username} - neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - neutron::rabbit_port: {get_input: rabbit_client_port} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} - nova::network::neutron::neutron_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} - keystone_public_api_virtual_ip: {get_input: keystone_vip} - admin_password: {get_input: admin_password} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} NovaComputeDeployment: @@ -466,46 +303,10 @@ resources: config: {get_resource: NovaComputeConfig} server: {get_resource: NovaCompute} input_values: - cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} - debug: {get_param: Debug} - nova_compute_driver: {get_param: NovaComputeDriver} - nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType} - nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver} nova_public_ip: {get_param: NovaPublicIP} nova_api_host: {get_param: NovaApiHost} - nova_password: {get_param: NovaPassword} - nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend} - nova_ipv6: {get_param: NovaIPv6} - cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} - nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} - # Remove brackets that may come if the IP address is IPv6. - # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value - nova_vncproxy_host: - str_replace: - template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} - params: - '[': '' - ']': '' - nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} - nova_ovs_bridge: {get_param: NovaOVSBridge} - nova_security_group_api: {get_param: NovaSecurityGroupAPI} - upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} - ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} - ceilometer_password: {get_param: CeilometerPassword} - ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} - glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} - neutron_password: {get_param: NeutronPassword} - neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]} - neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]} - keystone_vip: {get_param: KeystonePublicApiVirtualIP} - admin_password: {get_param: AdminPassword} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Resource for site-specific injection of root certificate diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index 5116cac7..b313f5de 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -23,6 +23,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result config: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index cadba703..811c544d 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -23,6 +23,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result config: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index efd1b567..a8dc5fba 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1,13 +1,9 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack controller node configured by Puppet. parameters: - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true AodhPassword: description: The password for the aodh services. type: string @@ -31,10 +27,6 @@ parameters: ... } type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string CorosyncIPv6: default: false description: Enable IPv6 in Corosync @@ -47,10 +39,6 @@ parameters: default: false description: Whether to enable fencing in Pacemaker or not. type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean EnableLoadBalancer: default: true description: Whether to deploy a LoadBalancer on the Controller @@ -93,22 +81,12 @@ parameters: ] } type: json - Flavor: + OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor - HAProxyStatsPassword: - description: Password for HAProxy stats endpoint - type: string - HAProxyStatsUser: - description: User for HAProxy stats endpoint - default: admin - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string @@ -117,9 +95,9 @@ parameters: description: Secret key for Django type: string hidden: true - Image: + controllerImage: type: string - default: overcloud-control + default: overcloud-full constraints: - custom_constraint: glance.image ImageUpdatePolicy: @@ -136,10 +114,6 @@ parameters: type: string constraints: - custom_constraint: nova.keypair - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint ManageFirewall: default: false description: Whether to manage IPtables rules. @@ -152,31 +126,6 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean - MysqlClusterUniquePart: - description: A unique identifier of the MySQL cluster the controller is in. - type: string - default: 'unset' # Has to be here because of the ignored empty value bug - # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446 - # constraints: - # - length: {min: 4, max: 10} - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - MysqlClustercheckPassword: - type: string - hidden: true - MysqlRootPassword: - type: string - hidden: true - default: '' # Has to be here because of the ignored empty value bug NeutronMetadataProxySharedSecret: description: Shared secret to prevent spoofing type: string @@ -206,34 +155,6 @@ parameters: type: string description: The password for the 'pcsd' user. hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - RabbitCookie: - type: string - default: '' # Has to be here because of the ignored empty value bug - hidden: true - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number RedisPassword: description: The password for Redis type: string @@ -250,17 +171,14 @@ parameters: in the ring. hidden: true type: string + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level default: '' - MysqlVirtualIP: - type: string - default: '' - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -300,7 +218,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -311,7 +228,7 @@ parameters: Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. type: json - SchedulerHints: + ControllerSchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -340,9 +257,9 @@ resources: os-collect-config: command: {get_param: ConfigCommand} properties: - image: {get_param: Image} + image: {get_param: controllerImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudControlFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -354,7 +271,7 @@ resources: params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} - scheduler_hints: {get_param: SchedulerHints} + scheduler_hints: {get_param: ControllerSchedulerHints} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -488,44 +405,17 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - haproxy_log_address: {get_param: HAProxySyslogAddress} - haproxy_stats_password: {get_param: HAProxyStatsPassword} - haproxy_stats_user: {get_param: HAProxyStatsUser} heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} horizon_secret: {get_param: HorizonSecret} - admin_password: {get_param: AdminPassword} debug: {get_param: Debug} - cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]} - cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]} - cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} - cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} - cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} - cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } enable_fencing: {get_param: EnableFencing} - enable_galera: {get_param: EnableGalera} enable_load_balancer: {get_param: EnableLoadBalancer} manage_firewall: {get_param: ManageFirewall} purge_firewall_rules: {get_param: PurgeFirewallRules} - mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} - mysql_max_connections: {get_param: MysqlMaxConnections} - mysql_root_password: {get_param: MysqlRootPassword} - mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} - mysql_cluster_name: - str_replace: - template: tripleo-CLUSTER - params: - CLUSTER: {get_param: MysqlClusterUniquePart} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_password: {get_param: NeutronPassword} - neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } - neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } - neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } - neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } - nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] } - aodh_password: {get_param: AodhPassword} aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] } @@ -537,18 +427,6 @@ resources: - '@' - {get_param: RedisVirtualIPUri} - ':6379/' - aodh_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://aodh:' - - {get_param: AodhPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/aodh' - gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} - gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } - gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} @@ -556,38 +434,20 @@ resources: nova_password: {get_param: NovaPassword} upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} instance_name_template: {get_param: InstanceNameTemplate} - nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]} - nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]} - nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_cookie: {get_param: RabbitCookie} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: - str_replace: - template: "'IP'" - params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - keystone_region: {get_param: KeystoneRegion} manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} + mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongodbNetwork]}]} neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} @@ -600,17 +460,18 @@ resources: str_replace: template: "['SUBNET']" params: - SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + SUBNET: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - mysql_virtual_ip: {get_param: MysqlVirtualIP} - ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} - ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} - ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles @@ -628,17 +489,11 @@ resources: - service_configs - service_names - controller - - database - - object - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - - ceph_cluster # provided by CephClusterConfig - - ceph - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by vip-config - '"%{::osfamily}"' - - common - - network - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre @@ -653,7 +508,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} controller_extraconfig: mapped_data: map_merge: @@ -661,25 +519,7 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - common: - raw_data: {get_file: hieradata/common.yaml} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} - ceph: - raw_data: {get_file: hieradata/ceph.yaml} - mapped_data: - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} - ceph::profile::params::public_addr: {get_input: ceph_public_ip} - database: - raw_data: {get_file: hieradata/database.yaml} - object: - raw_data: {get_file: hieradata/object.yaml} controller: - raw_data: {get_file: hieradata/controller.yaml} mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} @@ -696,22 +536,9 @@ resources: swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift::swift_hash_path_suffix: {get_input: swift_hash_suffix} - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} - cinder::api::bind_host: {get_input: cinder_api_network} - cinder::keystone::auth::public_url: {get_input: cinder_public_url } - cinder::keystone::auth::internal_url: {get_input: cinder_internal_url } - cinder::keystone::auth::admin_url: {get_input: cinder_admin_url } - cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 } - cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 } - cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 } - cinder::keystone::auth::password: {get_input: cinder_password } - cinder::keystone::auth::region: {get_input: keystone_region} - # Glance glance::api::bind_host: {get_input: glance_api_network} glance::registry::bind_host: {get_input: glance_registry_network} - glance::keystone::auth::region: {get_input: keystone_region} # Heat heat::api::bind_host: {get_input: heat_api_network} @@ -731,89 +558,37 @@ resources: # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} - # MySQL - admin_password: {get_input: admin_password} - enable_galera: {get_input: enable_galera} - mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} - mysql_max_connections: {get_input: mysql_max_connections} - mysql::server::root_password: {get_input: mysql_root_password} - mysql_clustercheck_password: {get_input: mysql_clustercheck_password} - mysql_cluster_name: {get_input: mysql_cluster_name} - mysql_bind_host: {get_input: mysql_network} - mysql_virtual_ip: {get_input: mysql_virtual_ip} - # Neutron neutron::bind_host: {get_input: neutron_api_network} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - neutron::keystone::auth::public_url: {get_input: neutron_public_url } - neutron::keystone::auth::internal_url: {get_input: neutron_internal_url } - neutron::keystone::auth::admin_url: {get_input: neutron_admin_url } - neutron::keystone::auth::password: {get_input: neutron_password } - neutron::keystone::auth::region: {get_input: keystone_region} + + # Aodh + aodh::api::host: {get_input: aodh_api_network} + aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} # Ceilometer ceilometer::api::host: {get_input: ceilometer_api_network} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - # Aodh - aodh_mysql_conn_string: {get_input: aodh_dsn} - aodh::rabbit_userid: {get_input: rabbit_username} - aodh::rabbit_password: {get_input: rabbit_password} - aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - aodh::rabbit_port: {get_input: rabbit_client_port} - aodh::debug: {get_input: debug} - aodh::wsgi::apache::ssl: false - aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} - aodh::api::service_name: 'httpd' - aodh::api::host: {get_input: aodh_api_network} - aodh::api::keystone_password: {get_input: aodh_password} - aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri} - aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri} - aodh::auth::auth_url: {get_input: keystone_auth_uri} - aodh::auth::auth_password: {get_input: aodh_password} - aodh::db::mysql::password: {get_input: aodh_password} - # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination - aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url} - aodh::keystone::auth::public_url: {get_input: aodh_public_url } - aodh::keystone::auth::internal_url: {get_input: aodh_internal_url } - aodh::keystone::auth::admin_url: {get_input: aodh_admin_url } - aodh::keystone::auth::password: {get_input: aodh_password } - aodh::keystone::auth::region: {get_input: keystone_region} - # Gnocchi gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network} gnocchi::api::host: {get_input: gnocchi_api_network} gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri} gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri} gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri} - gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url } - gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url } - gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url } - gnocchi::keystone::auth::region: {get_input: keystone_region} # Nova nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova::use_ipv6: {get_input: nova_ipv6} - nova::api::auth_uri: {get_input: keystone_auth_uri} - nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} - nova::api::admin_password: {get_input: nova_password} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} - nova::network::neutron::neutron_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova_enable_db_purge: {get_input: nova_enable_db_purge} - nova::keystone::auth::public_url: {get_input: nova_public_url} - nova::keystone::auth::internal_url: {get_input: nova_internal_url} - nova::keystone::auth::admin_url: {get_input: nova_admin_url} - nova::keystone::auth::password: {get_input: nova_password } - nova::keystone::auth::region: {get_input: keystone_region} # Horizon apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet} @@ -823,9 +598,9 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} - # RabbitMQ - rabbitmq::node_ip_address: {get_input: rabbitmq_network} - rabbitmq::erlang_cookie: {get_input: rabbit_cookie} + # Sahara + sahara::host: {get_input: sahara_api_network} + # Redis redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} @@ -835,18 +610,7 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - control_virtual_interface: {get_input: control_virtual_interface} - public_virtual_interface: {get_input: public_virtual_interface} - tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} - tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user} - tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password} - tripleo::haproxy::redis_password: {get_input: redis_password} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata @@ -963,16 +727,37 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} swift_proxy_memcache: description: Swift proxy-memcache value value: str_replace: template: "IP:11211" params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} diff --git a/puppet/hieradata/README.rst b/puppet/hieradata/README.rst deleted file mode 100644 index 64a60229..00000000 --- a/puppet/hieradata/README.rst +++ /dev/null @@ -1 +0,0 @@ -Do not add more hieradata in this directory, and use composable services. diff --git a/puppet/hieradata/ceph.yaml b/puppet/hieradata/ceph.yaml deleted file mode 100644 index c8c5804b..00000000 --- a/puppet/hieradata/ceph.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# Do not add hieradata in this file, and use composable services. -ceph_classes: [] diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml deleted file mode 100644 index e7ae521e..00000000 --- a/puppet/hieradata/common.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -# TODO(emilien) move it to composable aodh roles later -aodh::auth::auth_region: 'regionOne' -aodh::auth::auth_tenant_name: 'service' diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml deleted file mode 100644 index 54b3d412..00000000 --- a/puppet/hieradata/compute.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -compute_classes: [] diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml deleted file mode 100644 index 905ea304..00000000 --- a/puppet/hieradata/controller.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -# TODO(emilien) move it to composable aodh roles later -aodh::api::keystone_tenant: 'service' -aodh::keystone::auth::tenant: 'service' - -# TODO(emilien) move it to composable roles later -# Already WIP with https://review.openstack.org/330785 -# and https://review.openstack.org/338527 -tripleo::firewall::firewall_rules: - '128 aodh': - dport: - - 8042 - - 13042 - -controller_classes: [] diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml deleted file mode 100644 index 05d4b697..00000000 --- a/puppet/hieradata/database.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -# Aodh -# TODO(emilien) move it to composable aodh roles later -aodh::db::mysql::user: aodh -aodh::db::mysql::host: "%{hiera('mysql_virtual_ip')}" -aodh::db::mysql::dbname: aodh -aodh::db::mysql::allowed_hosts: - - '%' - - "%{hiera('mysql_bind_host')}" diff --git a/puppet/hieradata/object.yaml b/puppet/hieradata/object.yaml deleted file mode 100644 index 5aa0cfb6..00000000 --- a/puppet/hieradata/object.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -object_classes: [] diff --git a/puppet/hieradata/volume.yaml b/puppet/hieradata/volume.yaml deleted file mode 100644 index 42b85e1a..00000000 --- a/puppet/hieradata/volume.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -volume_classes: [] diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 152694d9..2653badf 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -13,11 +13,8 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { - hiera_include('ceph_classes') + hiera_include('ceph_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')]) diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index ab7f846f..f96c193c 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -13,11 +13,8 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { - hiera_include('compute_classes') + hiera_include('compute_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')]) diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 067207f2..25bdbfb2 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -13,33 +13,9 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - -if hiera('step') >= 2 { - # FIXME: this should only occur on the bootstrap host (ditto for db syncs) - # Create all the database schemas - include ::aodh::db::mysql - -} #END STEP 2 - if hiera('step') >= 4 { - # Aodh - class { '::aodh' : - database_connection => hiera('aodh_mysql_conn_string'), - } - include ::aodh::db::sync - include ::aodh::auth - include ::aodh::api - include ::aodh::wsgi::apache - include ::aodh::evaluator - include ::aodh::notifier - include ::aodh::listener - include ::aodh::client - - hiera_include('controller_classes') - -} #END STEP 4 + hiera_include('controller_classes', []) +} $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 709d9968..d329d5fc 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -13,130 +13,9 @@ # License for the specific language governing permissions and limitations # under the License. -# TODO(jistr): use pcs resource provider instead of just no-ops -Service <| - tag == 'aodh-service' -|> { - hasrestart => true, - restart => '/bin/true', - start => '/bin/true', - stop => '/bin/true', +if hiera('step') >= 4 { + hiera_include('controller_classes', []) } -include ::tripleo::packages -include ::tripleo::firewall - -if $::hostname == downcase(hiera('bootstrap_nodeid')) { - $pacemaker_master = true - $sync_db = true -} else { - $pacemaker_master = false - $sync_db = false -} - -if hiera('step') >= 2 { - if $pacemaker_master { - class { '::aodh::db::mysql': - require => Exec['galera-ready'], - } - } -} #END STEP 2 - -if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) { - # Aodh - class { '::aodh' : - database_connection => hiera('aodh_mysql_conn_string'), - } - include ::aodh::config - include ::aodh::auth - include ::aodh::client - include ::aodh::wsgi::apache - class { '::aodh::api': - manage_service => false, - enabled => false, - service_name => 'httpd', - } - class { '::aodh::evaluator': - manage_service => false, - enabled => false, - } - class { '::aodh::notifier': - manage_service => false, - enabled => false, - } - class { '::aodh::listener': - manage_service => false, - enabled => false, - } - - hiera_include('controller_classes') - -} #END STEP 4 - -if hiera('step') >= 5 { - if $pacemaker_master { - - # Fedora doesn't know `require-all` parameter for constraints yet - if $::operatingsystem == 'Fedora' { - $redis_aodh_constraint_params = undef - } else { - $redis_aodh_constraint_params = 'require-all=false' - } - pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint': - constraint_type => 'order', - first_resource => 'redis-master', - second_resource => "${::aodh::params::evaluator_service_name}-clone", - first_action => 'promote', - second_action => 'start', - constraint_params => $redis_aodh_constraint_params, - require => [Pacemaker::Resource::Ocf['redis'], - Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]], - } - # Aodh - pacemaker::resource::service { $::aodh::params::evaluator_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::aodh::params::notifier_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::aodh::params::listener_service_name : - clone_params => 'interleave=true', - } - pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint': - constraint_type => 'order', - first_resource => "${::aodh::params::evaluator_service_name}-clone", - second_resource => "${::aodh::params::notifier_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], - Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]], - } - pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation': - source => "${::aodh::params::notifier_service_name}-clone", - target => "${::aodh::params::evaluator_service_name}-clone", - score => 'INFINITY', - require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], - Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]], - } - pacemaker::constraint::base { 'aodh-evaluator-then-aodh-listener-constraint': - constraint_type => 'order', - first_resource => "${::aodh::params::evaluator_service_name}-clone", - second_resource => "${::aodh::params::listener_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], - Pacemaker::Resource::Service[$::aodh::params::listener_service_name]], - } - pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation': - source => "${::aodh::params::listener_service_name}-clone", - target => "${::aodh::params::evaluator_service_name}-clone", - score => 'INFINITY', - require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], - Pacemaker::Resource::Service[$::aodh::params::listener_service_name]], - } - } - -} #END STEP 5 - $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 1f04c581..414a06ba 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -13,11 +13,8 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { - hiera_include('object_classes') + hiera_include('object_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')]) diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 7c7da586..e1cdadd5 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -13,11 +13,8 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages -include ::tripleo::firewall - if hiera('step') >= 4 { - hiera_include('volume_classes') + hiera_include('volume_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')]) diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml new file mode 100644 index 00000000..ae0f0c2d --- /dev/null +++ b/puppet/services/aodh-api.yaml @@ -0,0 +1,47 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Aodh API service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + AodhBase: + type: ./aodh-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Aodh API service. + value: + service_name: aodh_api + config_settings: + map_merge: + - get_attr: [AodhBase, role_data, config_settings] + - aodh::wsgi::apache::ssl: false + aodh::api::service_name: 'httpd' + - tripleo.aodh_api.firewall_rules: + '128 aodh-api': + dport: + - 8042 + - 13042 + + step_config: | + include tripleo::profile::base::aodh::api diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml new file mode 100644 index 00000000..15f81953 --- /dev/null +++ b/puppet/services/aodh-base.yaml @@ -0,0 +1,104 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Aodh service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + AodhPassword: + description: The password for the aodh services. + type: string + hidden: true + RedisPassword: + description: The password for the redis service account. + type: string + hidden: true + RabbitPassword: + description: The password for RabbitMQ + type: string + hidden: true + RabbitUserName: + default: guest + description: The username for RabbitMQ + type: string + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + +outputs: + role_data: + description: Role data for the Aodh role. + value: + service_name: aodh_base + config_settings: + aodh::evaluator::coordination_url: + list_join: + - '' + - - 'redis://:' + - {get_param: RedisPassword} + - '@' + - "%{hiera('redis_vip')}" + - ':6379/' + aodh::db::database_connection: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://aodh:' + - {get_param: AodhPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/aodh' + aodh::debug: {get_param: Debug} + aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri] } + aodh::rabbit_userid: {get_param: RabbitUserName} + aodh::rabbit_password: {get_param: RabbitPassword} + aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL} + aodh::rabbit_port: {get_param: RabbitClientPort} + aodh::keystone::authtoken::project_name: 'service' + aodh::keystone::authtoken::password: {get_param: AodhPassword} + aodh::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + aodh::auth::auth_password: {get_param: AodhPassword} + aodh::keystone::auth::public_url: {get_param: [EndpointMap, AodhPublic, uri]} + aodh::keystone::auth::internal_url: {get_param: [EndpointMap, AodhInternal, uri]} + aodh::keystone::auth::admin_url: {get_param: [EndpointMap, AodhAdmin, uri]} + aodh::keystone::auth::password: {get_param: AodhPassword} + aodh::keystone::auth::region: {get_param: KeystoneRegion} + aodh::keystone::auth::tenant: 'service' + aodh::db::mysql::user: aodh + aodh::db::mysql::password: {get_param: AodhPassword} + aodh::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + aodh::db::mysql::dbname: aodh + aodh::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + aodh::auth::auth_region: 'regionOne' + aodh::auth::auth_tenant_name: 'service' diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml new file mode 100644 index 00000000..3988c940 --- /dev/null +++ b/puppet/services/aodh-evaluator.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Aodh Evaluator service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + AodhBase: + type: ./aodh-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Aodh Evaluator service. + value: + service_name: aodh_evaluator + config_settings: + get_attr: [AodhBase, role_data, config_settings] + step_config: | + include tripleo::profile::base::aodh::evaluator diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml new file mode 100644 index 00000000..bc1ccde7 --- /dev/null +++ b/puppet/services/aodh-listener.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Aodh Listener service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + AodhBase: + type: ./aodh-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Aodh Listener service. + value: + service_name: aodh_listener + config_settings: + get_attr: [AodhBase, role_data, config_settings] + step_config: | + include tripleo::profile::base::aodh::listener diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml new file mode 100644 index 00000000..66e9f3e9 --- /dev/null +++ b/puppet/services/aodh-notifier.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Aodh Notifier service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + AodhBase: + type: ./aodh-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Aodh Notifier service. + value: + service_name: aodh_notifier + config_settings: + get_attr: [AodhBase, role_data, config_settings] + step_config: | + include tripleo::profile::base::aodh::notifier diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index 80f656d0..72bad632 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Central Agent service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,15 +22,13 @@ parameters: description: The password for the redis service account. type: string hidden: true - RedisVirtualIPUri: - type: string - default: '' - resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -38,7 +45,7 @@ outputs: - - 'redis://:' - {get_param: RedisPassword} - '@' - - {get_param: RedisVirtualIPUri} + - "%{hiera('redis_vip')}" - ':6379/' step_config: | include ::tripleo::profile::base::ceilometer::agent::central diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml index 181c64d2..5bfecfed 100644 --- a/puppet/services/ceilometer-agent-compute.yaml +++ b/puppet/services/ceilometer-agent-compute.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Compute Agent service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml index 58e28a3d..7873706d 100644 --- a/puppet/services/ceilometer-agent-notification.yaml +++ b/puppet/services/ceilometer-agent-notification.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Notification Agent service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index c5c143b0..3a01a1f9 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -30,6 +41,5 @@ outputs: dport: - 8777 - 13777 - - ceilometer::api::keystone_tenant: 'service' step_config: | include ::tripleo::profile::base::ceilometer::api diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index a812371c..62fdd5c1 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -35,6 +44,10 @@ parameters: default: false description: Whether to store events in ceilometer. type: boolean + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string KeystoneRegion: type: string default: 'regionOne' @@ -64,6 +77,7 @@ outputs: value: service_name: ceilometer_base config_settings: + ceilometer::debug: {get_param: Debug} ceilometer::db::database_connection: list_join: - '' @@ -77,9 +91,10 @@ outputs: ceilometer::metering_secret: {get_param: CeilometerMeteringSecret} # we include db_sync class in puppet-tripleo ceilometer::db::sync_db: false - ceilometer::api::keystone_password: {get_param: CeilometerPassword} - ceilometer::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - ceilometer::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + ceilometer::keystone::authtoken::project_name: 'service' + ceilometer::keystone::authtoken::password: {get_param: CeilometerPassword} + ceilometer::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ceilometer::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword} ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents} @@ -103,9 +118,12 @@ outputs: ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL} ceilometer::rabbit_port: {get_param: RabbitClientPort} ceilometer::db::mysql::user: ceilometer - ceilometer::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + ceilometer::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} ceilometer::db::mysql::dbname: ceilometer ceilometer::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" ceilometer::rabbit_heartbeat_timeout_threshold: 60 + ceilometer::db::database_db_max_retries: -1 + ceilometer::db::database_max_retries: -1 + ceilometer::telemetry_secret: {get_param: CeilometerMeteringSecret} diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml index 7a7bc19d..ef7ffbd6 100644 --- a/puppet/services/ceilometer-collector.yaml +++ b/puppet/services/ceilometer-collector.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Collector service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml index c960e6dc..63a6d41d 100644 --- a/puppet/services/ceilometer-expirer.yaml +++ b/puppet/services/ceilometer-expirer.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Expirer service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index bce52f36..4d98546d 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -4,7 +4,9 @@ description: > Ceph base service. Shared by all Ceph services. parameters: + # NOTE(gfidente): needs a default to cope with external Ceph deployments were we don't pass (and need) an Admin key CephAdminKey: + default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true @@ -36,6 +38,20 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list # used instead, but we need client support for that first @@ -58,14 +74,27 @@ outputs: config_settings: tripleo::profile::base::ceph::ceph_ipv6: {get_param: CephIPv6} tripleo::profile::base::ceph::enable_ceph_storage: {get_param: ControllerEnableCephStorage} - ceph::profile::params::osd_pool_default_pg_num: 32 - ceph::profile::params::osd_pool_default_pgp_num: 32 - ceph::profile::params::osd_pool_default_size: 3 ceph::profile::params::osd_pool_default_min_size: 1 ceph::profile::params::osds: {/srv/data: {}} ceph::profile::params::manage_repo: false ceph::profile::params::authentication_type: cephx ceph::profile::params::fsid: {get_param: CephClusterFSID} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ceph::profile::params::cluster_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} + ceph::profile::params::public_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} + ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephPublicNetwork]} ceph::profile::params::client_keys: str_replace: template: "{ diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml index 33bbbe58..a9e4621a 100644 --- a/puppet/services/ceph-client.yaml +++ b/puppet/services/ceph-client.yaml @@ -4,6 +4,15 @@ description: > Ceph Client service. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: CephBase: type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml index f6fe26db..959cee26 100644 --- a/puppet/services/ceph-external.yaml +++ b/puppet/services/ceph-external.yaml @@ -33,6 +33,20 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index f48515e5..f634ce8a 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -4,6 +4,15 @@ description: > Ceph Monitor service. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -31,10 +40,27 @@ parameters: NovaRbdPoolName: default: vms type: string + CephPools: + description: > + It can be used to override settings for one of the predefined pools, or to create + additional ones. Example: + { + "volumes": { + "size": 5, + "pg_num": 128, + "pgp_num": 128 + } + } + default: {} + type: json resources: CephBase: type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -46,12 +72,24 @@ outputs: - get_attr: [CephBase, role_data, config_settings] - ceph::profile::params::ms_bind_ipv6: {get_param: CephIPv6} ceph::profile::params::mon_key: {get_param: CephMonKey} + # repeat returns items in a list, so we need to map_merge twice tripleo::profile::base::ceph::mon::ceph_pools: - - {get_param: CinderRbdPoolName} - - {get_param: CinderBackupRbdPoolName} - - {get_param: NovaRbdPoolName} - - {get_param: GlanceRbdPoolName} - - {get_param: GnocchiRbdPoolName} + map_merge: + - map_merge: + repeat: + for_each: + <%pool%>: + - {get_param: CinderRbdPoolName} + - {get_param: CinderBackupRbdPoolName} + - {get_param: NovaRbdPoolName} + - {get_param: GlanceRbdPoolName} + - {get_param: GnocchiRbdPoolName} + template: + <%pool%>: + pg_num: 32 + pgp_num: 32 + size: 3 + - {get_param: CephPools} tripleo.ceph_mon.firewall_rules: '110 ceph_mon': dport: diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml index 21cefb34..d18ccabf 100644 --- a/puppet/services/ceph-osd.yaml +++ b/puppet/services/ceph-osd.yaml @@ -4,6 +4,15 @@ description: > Ceph OSD service. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: CephBase: type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 5e58dee9..5df0739f 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -13,17 +13,32 @@ parameters: description: The password for the cinder service account, used by cinder-api. type: string hidden: true + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -34,10 +49,22 @@ outputs: config_settings: map_merge: - get_attr: [CinderBase, role_data, config_settings] - - cinder::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - cinder::api::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - cinder::api::keystone_password: {get_param: CinderPassword} - cinder::api::keystone_tenant: 'service' + - cinder::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + cinder::keystone::authtoken::password: {get_param: CinderPassword} + cinder::keystone::authtoken::project_name: 'service' + cinder::keystone::auth::tenant: 'service' + cinder::keystone::auth::public_url: {get_param: [EndpointMap, CinderPublic, uri]} + cinder::keystone::auth::internal_url: {get_param: [EndpointMap, CinderInternal, uri]} + cinder::keystone::auth::admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} + cinder::keystone::auth::public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} + cinder::keystone::auth::internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} + cinder::keystone::auth::admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} + cinder::keystone::auth::public_url_v3: {get_param: [EndpointMap, CinderV3Public, uri]} + cinder::keystone::auth::internal_url_v3: {get_param: [EndpointMap, CinderV3Internal, uri]} + cinder::keystone::auth::admin_url_v3: {get_param: [EndpointMap, CinderV3Admin, uri]} + cinder::keystone::auth::password: {get_param: CinderPassword} + cinder::keystone::auth::region: {get_param: KeystoneRegion} cinder::api::enable_proxy_headers_parsing: true cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL' # TODO(emilien) move it to puppet-cinder @@ -51,5 +78,11 @@ outputs: dport: - 8776 - 13776 + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + cinder::api::bind_host: {get_param: [ServiceNetMap, CinderApiNetwork]} step_config: | include ::tripleo::profile::base::cinder::api diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml new file mode 100644 index 00000000..f92fdfdb --- /dev/null +++ b/puppet/services/cinder-backup.yaml @@ -0,0 +1,58 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Cinder Backup service configured with Puppet + +parameters: + CinderBackupBackend: + default: swift + description: The short name of the Cinder Backup backend to use. + type: string + constraints: + - allowed_values: ['swift', 'ceph'] + CinderBackupRbdPoolName: + default: backups + type: string + CephClientUserName: + default: openstack + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + CinderBase: + type: ./cinder-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Cinder Backup role. + value: + service_name: cinder_backup + config_settings: + map_merge: + - get_attr: [CinderBase, role_data, config_settings] + - cinder::backup::ceph::backup_ceph_user: {get_param: CephClientUserName} + cinder::backup::ceph::backup_ceph_pool: {get_param: CinderBackupRbdPoolName} + cinder::backup::swift::backup_swift_container: volumebackups + step_config: + str_replace: + template: "include ::tripleo::profile::base::cinder::backup::DRIVER" + params: + DRIVER: {get_param: CinderBackupBackend} diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index b224cd65..0db17189 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -12,6 +12,15 @@ parameters: default: '' description: Set to True to enable debugging on all services. type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -58,12 +67,13 @@ outputs: cinder::rabbit_password: {get_param: RabbitPassword} cinder::rabbit_port: {get_param: RabbitClientPort} cinder::db::mysql::user: cinder - cinder::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + cinder::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} cinder::db::mysql::dbname: cinder cinder::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" cinder::rabbit_heartbeat_timeout_threshold: 60 - cinder::keystone::auth::tenant: 'service' cinder::host: hostgroup cinder::cron::db_purge::destination: '/dev/null' + cinder::db::database_db_max_retries: -1 + cinder::db::database_max_retries: -1 diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml index e03090a2..129706b1 100644 --- a/puppet/services/cinder-scheduler.yaml +++ b/puppet/services/cinder-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder Scheduler service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml index 9f49bc06..de7e6bab 100644 --- a/puppet/services/cinder-volume.yaml +++ b/puppet/services/cinder-volume.yaml @@ -42,6 +42,15 @@ parameters: CephClientUserName: default: openstack type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -53,6 +62,8 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -79,5 +90,15 @@ outputs: tripleo.cinder_volume.firewall_rules: '120 iscsi initiator': dport: 3260 + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: + str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]} step_config: | include ::tripleo::profile::base::cinder::volume diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml index b8761320..3f4f106d 100644 --- a/puppet/services/database/mongodb-base.yaml +++ b/puppet/services/database/mongodb-base.yaml @@ -15,6 +15,20 @@ parameters: MongoDbReplset: type: string default: "tripleo" + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: aux_parameters: diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml index 6885cfd6..b6eb4803 100644 --- a/puppet/services/database/mongodb.yaml +++ b/puppet/services/database/mongodb.yaml @@ -5,6 +5,15 @@ description: > parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ parameters: resources: MongoDbBase: type: ./mongodb-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml index 6f8f91b5..b0eea481 100644 --- a/puppet/services/database/mysql.yaml +++ b/puppet/services/database/mysql.yaml @@ -1,15 +1,39 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > MySQL service deployment using puppet parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MysqlMaxConnections: + description: Configures MySQL max_connections config setting + type: number + default: 4096 + MysqlRootPassword: + type: string + hidden: true + default: '' + MysqlClustercheckPassword: + type: string + hidden: true + EnableGalera: + default: true + description: Whether to use Galera instead of regular MariaDB. + type: boolean outputs: role_data: @@ -33,5 +57,22 @@ outputs: - 4567 - 4568 - 9200 + mysql_max_connections: {get_param: MysqlMaxConnections} + mysql::server::root_password: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: MysqlRootPassword} + - {get_param: [DefaultPasswords, mysql_root_password]} + mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} + enable_galera: {get_param: EnableGalera} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]} step_config: | include ::tripleo::profile::base::database::mysql diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index fe8c0659..40711432 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -8,6 +8,20 @@ parameters: description: The password for Redis type: string hidden: true + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: @@ -22,4 +36,3 @@ outputs: redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' - tripleo::loadbalancer::redis_password: {get_param: RedisPassword} diff --git a/puppet/services/database/redis.yaml b/puppet/services/database/redis.yaml index ef005f77..1c333b97 100644 --- a/puppet/services/database/redis.yaml +++ b/puppet/services/database/redis.yaml @@ -4,6 +4,15 @@ description: > OpenStack Redis service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: RedisBase: type: ./redis-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 00751f51..4954119f 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -60,6 +69,10 @@ parameters: Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. type: string + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint outputs: role_data: @@ -106,6 +119,9 @@ outputs: glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]} glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]} glance::keystone::auth::password: {get_param: GlancePassword } + glance::keystone::auth::region: {get_param: KeystoneRegion} + glance::registry::db::database_db_max_retries: -1 + glance::registry::db::database_max_retries: -1 tripleo.glance_api.firewall_rules: '112 glance_api': dport: diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index 5ad4bb9a..d8861f70 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance Registry service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -45,11 +54,13 @@ outputs: glance::registry::debug: {get_param: Debug} glance::registry::workers: {get_param: GlanceWorkers} glance::db::mysql::user: glance - glance::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + glance::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} glance::db::mysql::dbname: glance glance::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + glance::registry::db::database_db_max_retries: -1 + glance::registry::db::database_max_retries: -1 tripleo.glance_registry.firewall_rules: '112 glance_registry': diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index d97626a6..cbf7e218 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -4,16 +4,42 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + GnocchiPassword: + description: The password for the gnocchi service and db account. + type: string + hidden: true + GnocchiBackend: + default: file + description: The short name of the Gnocchi backend to use. Should be one + of swift, rbd, or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -29,6 +55,19 @@ outputs: dport: - 8041 - 13041 - - gnocchi::api::keystone_tenant: 'service' + gnocchi::api::enabled: true + gnocchi::api::service_name: 'httpd' + gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } + gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} + gnocchi::keystone::auth::password: {get_param: GnocchiPassword} + gnocchi::keystone::auth::public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } + gnocchi::keystone::auth::region: {get_param: KeystoneRegion} + gnocchi::keystone::auth::tenant: 'service' + gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword} + gnocchi::keystone::authtoken::project_name: 'service' + gnocchi::wsgi::apache::ssl: false + tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} step_config: | include ::tripleo::profile::base::gnocchi::api diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index a408d5d7..9b9cafb8 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -4,18 +4,20 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - GnocchiBackend: - default: file - description: The short name of the Gnocchi backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] GnocchiIndexerBackend: default: 'mysql' description: The short name of the Gnocchi indexer backend to use. @@ -34,6 +36,10 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + RedisPassword: + description: The password for the redis service account. + type: string + hidden: true outputs: aux_parameters: @@ -56,19 +62,16 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/gnocchi' - gnocchi::keystone::auth::region: {get_param: KeystoneRegion} - gnocchi::keystone::auth::tenant: 'service' - gnocchi::keystone::auth::password: {get_param: GnocchiPassword} gnocchi::db::mysql::password: {get_param: GnocchiPassword} gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types' - #Gnocchi API - tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} - gnocchi::api::manage_service: false - gnocchi::api::enabled: true - gnocchi::api::service_name: 'httpd' - gnocchi::api::keystone_tenant: 'service' - gnocchi::api::keystone_password: {get_param: GnocchiPassword} - gnocchi::wsgi::apache::ssl: false + gnocchi::storage::coordination_url: + list_join: + - '' + - - 'redis://:' + - {get_param: RedisPassword} + - '@' + - "%{hiera('redis_vip')}" + - ':6379/' gnocchi::storage::swift::swift_user: 'service:gnocchi' gnocchi::storage::swift::swift_auth_version: 2 gnocchi::storage::swift::swift_key: {get_param: GnocchiPassword} @@ -82,17 +85,14 @@ outputs: - {get_param: CephClientUserName} - 'keyring' #Gnocchi statsd - gnocchi::statsd::manage_service: false gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26' gnocchi::statsd::user_id: '27c0d3f8-e7ee-42f0-8317-72237d1c5ae3' gnocchi::statsd::project_id: '6c38cd8d-099a-4cb2-aecf-17be688e8616' gnocchi::statsd::flush_delay: 10 gnocchi::statsd::archive_policy_name: 'low' gnocchi::db::mysql::user: gnocchi - gnocchi::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + gnocchi::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} gnocchi::db::mysql::dbname: gnocchi gnocchi::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" - gnocchi::auth::auth_region: {get_param: KeystoneRegion} - gnocchi::auth::auth_tenant_name: 'service' diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index 8041c6f4..205d0552 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -24,6 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::metricd::manage_service: false step_config: | include ::tripleo::profile::base::gnocchi::metricd diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index 9c8e6897..018ad2b1 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -24,6 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::statsd::manage_service: false step_config: | include ::tripleo::profile::base::gnocchi::statsd diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 902a1c3f..8ac669a9 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -4,11 +4,46 @@ description: > HAproxy service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + hidden: true + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + RedisPassword: + description: The password for Redis + type: string + hidden: true + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: @@ -40,5 +75,11 @@ outputs: tripleo::haproxy::heat_cloudwatch: true tripleo::haproxy::heat_cfn: true tripleo::haproxy::horizon: true + tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} + tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} + tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} + tripleo::haproxy::redis_password: {get_param: RedisPassword} + tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::haproxy diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index f8832dd8..4f8900aa 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudFormation API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -25,6 +34,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -35,6 +48,7 @@ outputs: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::api_cfn::workers: {get_param: HeatWorkers} + heat::keystone::auth_cfn::tenant: 'service' heat::keystone::auth_cfn::public_url: {get_param: [EndpointMap, HeatCfnPublic, uri]} heat::keystone::auth_cfn::internal_url: {get_param: [EndpointMap, HeatCfnInternal, uri]} heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]} diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index b4669ac3..7a09aad0 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudWatch API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -17,6 +26,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index c0e7a690..3a5d2a13 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -25,6 +34,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -35,6 +48,7 @@ outputs: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::api::workers: {get_param: HeatWorkers} + heat::keystone::auth::tenant: 'service' heat::keystone::auth::public_url: {get_param: [EndpointMap, HeatPublic, uri]} heat::keystone::auth::internal_url: {get_param: [EndpointMap, HeatInternal, uri]} heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index c40136f5..226d2a51 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -26,6 +26,20 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: @@ -47,7 +61,6 @@ outputs: value: 'role:admin' heat::rabbit_heartbeat_timeout_threshold: 60 heat::keystone_tenant: 'service' - heat::keystone::auth::tenant: 'service' heat::keystone::domain::domain_name: 'heat_stack' heat::keystone::domain::domain_admin: 'heat_stack_domain_admin' heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost' @@ -56,3 +69,5 @@ outputs: heat::cron::purge_deleted::age_type: 'days' heat::cron::purge_deleted::maxdelay: 3600 heat::cron::purge_deleted::destination: '/dev/null' + heat::db::database_db_max_retries: -1 + heat::db::database_max_retries: -1 diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index 13555a62..fba80c5d 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -30,6 +39,10 @@ parameters: resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -58,7 +71,7 @@ outputs: heat::db::mysql::password: {get_param: HeatPassword} heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} heat::db::mysql::user: heat - heat::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} heat::db::mysql::dbname: heat heat::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 64cf450a..c5d96819 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -4,6 +4,15 @@ description: > Horizon service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index 949cdf31..6b494256 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ironic API configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: IronicBase: type: ./ironic-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -34,10 +45,19 @@ outputs: # the TFTP server IP in ironic-conductor.yaml as it should not be # the VIP, but rather a real IP of the controller. - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} - ironic::api::admin_password: {get_param: IronicPassword} - ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} - ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} + ironic::api::authtoken::password: {get_param: IronicPassword} + ironic::api::authtoken::project_name: 'service' + ironic::api::authtoken::username: 'ironic' + ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} + # This is used to build links in responses + ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]} + ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} + ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} + ironic::keystone::auth::auth_name: 'ironic' ironic::keystone::auth::password: {get_param: IronicPassword } + ironic::keystone::auth::tenant: 'service' step_config: | include ::tripleo::profile::base::ironic::api diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml index 41d2234a..2f242da8 100644 --- a/puppet/services/ironic-base.yaml +++ b/puppet/services/ironic-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ironic services configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -51,7 +60,6 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ironic' - ironic::admin_tenant_name: 'service' ironic::debug: {get_param: Debug} ironic::rabbit_userid: {get_param: RabbitUserName} ironic::rabbit_password: {get_param: RabbitPassword} @@ -59,12 +67,10 @@ outputs: ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL} ironic::db::mysql::password: {get_param: IronicPassword} ironic::db::mysql::user: ironic - ironic::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + ironic::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} ironic::db::mysql::dbname: ironic ironic::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" - - ironic::keystone::auth::tenant: 'service' step_config: | include ::tripleo::profile::base::ironic diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index a3bce305..9bc86a2c 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ironic conductor configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: IronicBase: type: ./ironic-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -28,7 +39,10 @@ outputs: config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] - - ironic::enabled_drivers: {get_param: IronicEnabledDrivers} + # FIXME: I have no idea why neutron_url is in "api" manifest + - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} + ironic::enabled_drivers: {get_param: IronicEnabledDrivers} # Prevent tftp_server from defaulting to my_ip setting, which is # controller VIP, not a real IP. ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index 95a401c6..b783345b 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -4,16 +4,38 @@ description: > Keepalived service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: description: Role data for the Keepalived role. value: service_name: keepalived + config_settings: + tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::keepalived diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml index 50ebe925..2f01578e 100644 --- a/puppet/services/kernel.yaml +++ b/puppet/services/kernel.yaml @@ -4,6 +4,15 @@ description: > Load kernel modules with kmod and configure kernel options with sysctl. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 79c0dcc2..0a5193df 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -4,24 +4,11 @@ description: > OpenStack Keystone service configured with Puppet parameters: - KeystoneCACertificate: - default: '' - description: Keystone self-signed certificate authority certificate. - type: string KeystoneEnableDBPurge: default: true description: | Whether to create cron job for purging soft deleted rows in Keystone database. type: boolean - KeystoneSigningCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSigningKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true KeystoneSSLCertificate: default: '' description: Keystone certificate for verifying token validity. @@ -45,6 +32,15 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -105,9 +101,6 @@ outputs: - '/keystone' keystone::admin_token: {get_param: AdminToken} keystone::roles::admin::password: {get_param: AdminPassword} - keystone_ca_certificate: {get_param: KeystoneCACertificate} - keystone_signing_key: {get_param: KeystoneSigningKey} - keystone_signing_certificate: {get_param: KeystoneSigningCertificate} keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} keystone::enable_proxy_headers_parsing: true @@ -128,7 +121,7 @@ outputs: keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} keystone::db::mysql::user: keystone - keystone::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} keystone::db::mysql::dbname: keystone keystone::db::mysql::allowed_hosts: - '%' @@ -147,6 +140,8 @@ outputs: keystone::wsgi::apache::workers: {get_param: KeystoneWorkers} # override via extraconfig: keystone::wsgi::apache::threads: 1 + keystone::db::database_db_max_retries: -1 + keystone::db::database_max_retries: -1 tripleo.keystone.firewall_rules: '111 keystone': dport: diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index ccae4467..633e75ba 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -4,6 +4,15 @@ description: > Manila-api service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -22,6 +31,8 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -32,15 +43,18 @@ outputs: config_settings: map_merge: - get_attr: [ManilaBase, role_data, config_settings] - - manila::api::keystone_password: {get_param: ManilaPassword} - manila::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - manila::api::keystone_auth_host: {get_param: [EndpointMap, ManilaInternal, host]} - manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaPublic, uri]} - manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaInternal, uri]} - manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaAdmin, uri]} + - manila::keystone::authtoken::password: {get_param: ManilaPassword} + manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + manila::keystone::authtoken::project_name: 'service' + manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]} + manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]} + manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]} + manila::keystone::auth::public_url_v2: {get_param: [EndpointMap, ManilaPublic, uri]} + manila::keystone::auth::internal_url_v2: {get_param: [EndpointMap, ManilaInternal, uri]} + manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]} manila::keystone::auth::password: {get_param: ManilaPassword } manila::keystone::auth::region: {get_param: KeystoneRegion } - manila::api::keystone_tenant: 'service' step_config: | include ::tripleo::profile::base::manila::api diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml index c156379b..78bf1c63 100644 --- a/puppet/services/manila-base.yaml +++ b/puppet/services/manila-base.yaml @@ -4,6 +4,15 @@ description: > Openstack Manila base service. Shared by manila-api/scheduler/share services parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -93,7 +102,7 @@ outputs: manila::rabbit_port: {get_param: RabbitClientPort} manila::debug: {get_param: Debug} manila::db::mysql::user: manila - manila::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + manila::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} manila::db::mysql::dbname: manila manila::db::database_db_max_retries: -1 manila::db::database_max_retries: -1 diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml index b1d55a05..a5122ba0 100644 --- a/puppet/services/manila-scheduler.yaml +++ b/puppet/services/manila-scheduler.yaml @@ -4,6 +4,15 @@ description: > Manila-scheduler service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,6 +35,8 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml index 20f36aa3..184f3694 100644 --- a/puppet/services/manila-share.yaml +++ b/puppet/services/manila-share.yaml @@ -4,6 +4,15 @@ description: > Manila-share service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml index ceb29b55..59c639e8 100644 --- a/puppet/services/memcached.yaml +++ b/puppet/services/memcached.yaml @@ -4,6 +4,15 @@ description: > Memcached service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-server.yaml b/puppet/services/neutron-api.yaml index 1c7cef49..35ac32db 100644 --- a/puppet/services/neutron-server.yaml +++ b/puppet/services/neutron-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Server configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -29,17 +38,29 @@ parameters: description: The password for the nova service and db account, used by nova-api. type: string hidden: true + NeutronEnableDVR: + description: Enable Neutron DVR. + default: false + type: boolean + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Neutron Server agent service. value: - service_name: neutron_server + service_name: neutron_api config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] @@ -52,14 +73,18 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ovs_neutron' + neutron::keystone::auth::tenant: 'service' + neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]} + neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } + neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } + neutron::keystone::auth::password: {get_param: NeutronPassword} + neutron::keystone::auth::region: {get_param: KeystoneRegion} neutron::server::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } neutron::server::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - neutron::server::auth_tenant: 'service' - neutron::server::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {get_param: NeutronL3HA} - neutron::server::auth_password: {get_param: NeutronPassword} + neutron::server::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } @@ -70,7 +95,7 @@ outputs: neutron::server::sync_db: true neutron::db::mysql::password: {get_param: NeutronPassword} neutron::db::mysql::user: neutron - neutron::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} neutron::db::mysql::dbname: ovs_neutron neutron::db::mysql::allowed_hosts: - '%' @@ -85,5 +110,6 @@ outputs: dport: 4789 '106 vrrp': proto: vrrp + neutron::server::router_distributed: {get_param: NeutronEnableDVR} step_config: | include tripleo::profile::base::neutron::server diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index c1134824..39ffea24 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -42,6 +42,26 @@ parameters: type: string default: '' description: Set to True to enable debugging on all services. + EnableConfigPurge: + type: boolean + default: true + description: > + Remove configuration that is not generated by TripleO. Setting + to false may result in configuration remnants after updates/upgrades. + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json outputs: role_data: @@ -61,7 +81,9 @@ outputs: params: PLUGINS: {get_param: NeutronServicePlugins} neutron::debug: {get_param: Debug} + neutron::purge_config: {get_param: EnableConfigPurge} neutron::allow_overlapping_ips: true neutron::rabbit_heartbeat_timeout_threshold: 60 neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed - neutron::keystone::auth::tenant: 'service' + neutron::db::database_db_max_retries: -1 + neutron::db::database_max_retries: -1 diff --git a/puppet/services/neutron-compute-plugin-midonet.yaml b/puppet/services/neutron-compute-plugin-midonet.yaml index 200aaa1b..26b6fa6b 100644 --- a/puppet/services/neutron-compute-plugin-midonet.yaml +++ b/puppet/services/neutron-compute-plugin-midonet.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute Midonet plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml index 44aac571..c4f8ad12 100644 --- a/puppet/services/neutron-compute-plugin-nuage.yaml +++ b/puppet/services/neutron-compute-plugin-nuage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute Nuage plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-compute-plugin-opencontrail.yaml b/puppet/services/neutron-compute-plugin-opencontrail.yaml index fb6d640c..9f2fd13c 100644 --- a/puppet/services/neutron-compute-plugin-opencontrail.yaml +++ b/puppet/services/neutron-compute-plugin-opencontrail.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute OpenContrail plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-compute-plugin-plumgrid.yaml b/puppet/services/neutron-compute-plugin-plumgrid.yaml index ad1e3465..31a0a08b 100644 --- a/puppet/services/neutron-compute-plugin-plumgrid.yaml +++ b/puppet/services/neutron-compute-plugin-plumgrid.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Compute Plumgrid plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index 322e018d..513cb2d4 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -4,20 +4,42 @@ description: > OpenStack Neutron DHCP agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NeutronEnableMetadataNetwork: + default: false + description: If True, DHCP provide metadata network. Requires either + IsolatedMetadata or ForceMetadata parameters to also be True. + type: boolean NeutronEnableIsolatedMetadata: - default: 'False' + default: false description: If True, DHCP provide metadata route to VM. - type: string + type: boolean + NeutronEnableForceMetadata: + default: false + description: If True, DHCP always provides metadata route to VM. + type: boolean resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -28,6 +50,8 @@ outputs: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} + neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata} + neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork} tripleo.neutron_dhcp.firewall_rules: '115 neutron dhcp input': proto: 'udp' diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml new file mode 100644 index 00000000..0f3c2a70 --- /dev/null +++ b/puppet/services/neutron-l3-compute-dvr.yaml @@ -0,0 +1,50 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron L3 agent for DVR enabled compute nodes + configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + Debug: + type: string + default: '' + NeutronExternalNetworkBridge: + description: Name of bridge used for external network traffic. + type: string + default: 'br-ex' + +resources: + + NeutronBase: + type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for DVR L3 Agent on Compute Nodes + value: + service_name: neutron_l3_compute_dvr + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge} + neutron::agents::l3::agent_mode : 'dvr' + step_config: | + include tripleo::profile::base::neutron::l3 diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml index a7232a39..54beee6b 100644 --- a/puppet/services/neutron-l3.yaml +++ b/puppet/services/neutron-l3.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron L3 agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -16,11 +25,24 @@ parameters: description: Name of bridge used for external network traffic. type: string default: 'br-ex' + NeutronL3AgentMode: + description: | + Agent mode for L3 agent. Must be one of legacy or dvr_snat. + default: 'legacy' + type: string + constraints: + - allowed_values: + - legacy + - dvr_snat resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -32,5 +54,6 @@ outputs: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge} neutron::agents::l3::router_delete_namespaces: True + neutron::agents::l3::agent_mode : {get_param: NeutronL3AgentMode} step_config: | include tripleo::profile::base::neutron::l3 diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml index 73d8c3da..b9ec277a 100644 --- a/puppet/services/neutron-metadata.yaml +++ b/puppet/services/neutron-metadata.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Metadata agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,6 +35,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml index ccc0b0dd..48830d81 100644 --- a/puppet/services/neutron-midonet.yaml +++ b/puppet/services/neutron-midonet.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Midonet plugin and services parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index d8679f2e..5a0ad23c 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -4,14 +4,20 @@ description: > OpenStack Neutron OVS agent configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - NeutronEnableTunnelling: - type: string - default: "True" NeutronEnableL2Pop: type: string description: > @@ -37,11 +43,25 @@ parameters: description: | Comma-separated list of extensions enabled for the Neutron agents. type: comma_delimited_list + NeutronEnableDVR: + default: False + description: | + Enable support for distributed routing in the OVS Agent. + type: boolean + NeutronEnableARPResponder: + default: false + description: | + Enable ARP responder feature in the OVS Agent. + type: boolean resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -51,8 +71,9 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::ml2::ovs::enable_tunneling: {get_param: NeutronEnableTunnelling} neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} + neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} + neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder} neutron::agents::ml2::ovs::bridge_mappings: str_replace: template: MAPPINGS diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 158122ed..165b9687 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron ML2 Plugin configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -56,6 +65,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml index 5f228f96..838ec5ea 100644 --- a/puppet/services/neutron-plugin-nuage.yaml +++ b/puppet/services/neutron-plugin-nuage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Nuage plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -54,6 +63,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-opencontrail.yaml b/puppet/services/neutron-plugin-opencontrail.yaml index ed6a2c04..4e294965 100644 --- a/puppet/services/neutron-plugin-opencontrail.yaml +++ b/puppet/services/neutron-plugin-opencontrail.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Opencontrail plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -37,6 +46,10 @@ resources: NeutronBase: type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/neutron-plugin-plumgrid.yaml b/puppet/services/neutron-plugin-plumgrid.yaml index 5488bed7..30af8a3f 100644 --- a/puppet/services/neutron-plugin-plumgrid.yaml +++ b/puppet/services/neutron-plugin-plumgrid.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Plumgrid plugin parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index 045a8614..c2bd395e 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,11 +22,21 @@ parameters: default: 0 description: Number of workers for Nova API service. type: number + NovaPassword: + description: The password for the nova service and db account, used by nova-api. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -42,10 +61,19 @@ outputs: - 8774 - 13774 - 8775 - nova::api::admin_tenant_name: 'service' + nova::keystone::authtoken::project_name: 'service' + nova::keystone::authtoken::password: {get_param: NovaPassword} + nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} nova::api::enabled: true nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true nova::api::enable_proxy_headers_parsing: true + nova::keystone::auth::tenant: 'service' + nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]} + nova::keystone::auth::internal_url: {get_param: [EndpointMap, NovaInternal, uri]} + nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} + nova::keystone::auth::password: {get_param: NovaPassword} + nova::keystone::auth::region: {get_param: KeystoneRegion} step_config: | include tripleo::profile::base::nova::api diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index 21dbacd2..471ece34 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova base service. Shared for all Nova services. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,14 @@ parameters: description: The password for the nova service and db account, used by nova-api. type: string hidden: true + NeutronPassword: + description: The password for the neutron service and db account, used by neutron agents. + type: string + hidden: true + NovaOVSBridge: + default: 'br-int' + description: Name of integration bridge used by Open vSwitch + type: string RabbitPassword: description: The password for RabbitMQ type: string @@ -35,6 +52,20 @@ parameters: type: string default: '' description: Set to True to enable debugging on all services. + EnableConfigPurge: + type: boolean + default: true + description: > + Remove configuration that is not generated by TripleO. Setting + to false may result in configuration remnants after updates/upgrades. + NovaIPv6: + default: false + description: Enable IPv6 features in Nova + type: boolean + UpgradeLevelNovaCompute: + type: string + description: Nova Compute upgrade level + default: '' outputs: role_data: @@ -43,7 +74,7 @@ outputs: service_name: nova_base config_settings: nova::rabbit_password: {get_param: RabbitPassword} - nova::rabbit_user: {get_param: RabbitUserName} + nova::rabbit_userid: {get_param: RabbitUserName} nova::rabbit_use_ssl: {get_param: RabbitClientUseSSL} nova::rabbit_port: {get_param: RabbitClientPort} nova::database_connection: @@ -66,38 +97,47 @@ outputs: - '/nova_api' nova::db::mysql::password: {get_input: nova_password} nova::db::mysql::user: nova - nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql::dbname: nova nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" nova::db::mysql_api::password: {get_input: nova_password} nova::db::mysql_api::user: nova_api - nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql_api::dbname: nova_api nova::db::mysql_api::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" nova::debug: {get_param: Debug} + nova::purge_config: {get_param: EnableConfigPurge} nova::network::neutron::neutron_project_name: 'service' nova::network::neutron::neutron_username: 'neutron' nova::network::neutron::dhcp_domain: '' + nova::network::neutron::neutron_password: {get_param: NeutronPassword} + nova::network::neutron::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]} nova::rabbit_heartbeat_timeout_threshold: 60 nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed. nova::notify_on_state_change: 'vm_and_task_state' nova::notification_driver: messagingv2 nova::network::neutron::neutron_auth_type: 'v3password' - nova::keystone::auth::tenant: 'service' nova::db::mysql::user: nova - nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql::dbname: nova nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" nova::db::mysql_api::user: nova_api - nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql_api::dbname: nova_api nova::db::mysql_api::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + nova::db::database_db_max_retries: -1 + nova::db::database_max_retries: -1 + nova::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} + nova::use_ipv6: {get_param: NovaIPv6} + nova::upgrade_level_compute: {get_param: UpgradeLevelNovaCompute} + nova::network::neutron::neutron_ovs_bridge: {get_param: NovaOVSBridge} diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index bcc3a232..1a473a4e 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Compute service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,11 +24,29 @@ parameters: CephClientUserName: default: openstack type: string + CinderEnableNfsBackend: + default: false + description: Whether to enable or not the NFS backend for Cinder + type: boolean + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean + NovaEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Nova + type: boolean + NovaComputeLibvirtVifDriver: + default: '' + description: Libvirt VIF driver configuration for the network + type: string resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -37,6 +64,8 @@ outputs: tripleo::profile::base::nova::nova_compute_enabled: true nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} + tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend} + rbd_persistent_storage: {get_param: CinderEnableRbdBackend} nova::compute::rbd::rbd_keyring: list_join: - '.' @@ -45,13 +74,23 @@ outputs: nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"' nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' + nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend} + # TUNNELLED mode provides a security enhancement when using shared + # storage but is not supported when not using shared storage. + # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 + # In future versions of QEMU (2.6, mostly), danpb's native + # encryption work will obsolete the need to use TUNNELLED transport + # mode. + nova::migration::live_migration_tunnelled: {get_param: NovaEnableRbdBackend} # Changing the default from 512MB. The current templates can not deploy # overclouds with swap. On an idle compute node, we see ~1024MB of RAM # used. 2048 is suggested to account for other possible operations for # example openvswitch. nova::compute::reserved_host_memory: 2048 + nova::compute::neutron::libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver} + step_config: | # TODO(emilien): figure how to deal with libvirt profile. - # We'll probably threat it like we do with Neutron plugins. + # We'll probably treat it like we do with Neutron plugins. # Until then, just include it in the default nova-compute role. include tripleo::profile::base::nova::compute::libvirt diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml index 5964f883..0b6169da 100644 --- a/puppet/services/nova-conductor.yaml +++ b/puppet/services/nova-conductor.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Conductor service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -18,6 +27,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml index 5fbce1b1..67ff2ec3 100644 --- a/puppet/services/nova-consoleauth.yaml +++ b/puppet/services/nova-consoleauth.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Consoleauth service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-ironic.yaml b/puppet/services/nova-ironic.yaml new file mode 100644 index 00000000..bf7639dd --- /dev/null +++ b/puppet/services/nova-ironic.yaml @@ -0,0 +1,53 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Nova Compute service configured with Puppet and using Ironic + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + +resources: + NovaBase: + type: ./nova-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova Compute service with Ironic. + value: + service_name: nova_ironic + config_settings: + map_merge: + - get_attr: [NovaBase, role_data, config_settings] + - nova::compute::force_config_drive: true + nova::compute::reserved_host_memory: '0' + nova::compute::vnc_enabled: false + nova::ironic::common::admin_password: {get_param: IronicPassword} + nova::ironic::common::admin_tenant_name: 'service' + nova::ironic::common::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri]} + nova::ironic::common::admin_username: 'ironic' + nova::ironic::common::api_endpoint: {get_param: [EndpointMap, IronicInternal, uri]} + nova::network::neutron::dhcp_domain: '' + nova::scheduler::filter::scheduler_host_manager: 'ironic_host_manager' + step_config: | + include tripleo::profile::base::nova::compute::ironic diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index 939b6a09..1ebec974 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -4,16 +4,30 @@ description: > Libvirt service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NovaComputeLibvirtType: + type: string + default: kvm resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -30,5 +44,8 @@ outputs: nova::compute::libvirt::migration_support: false tripleo::profile::base::nova::manage_migration: true tripleo::profile::base::nova::libvirt_enabled: true + nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType} + nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType} + step_config: | include tripleo::profile::base::nova::libvirt diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index bd6e5116..78ff008b 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Scheduler service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vncproxy.yaml index 0b9cef38..0a1785d8 100644 --- a/puppet/services/nova-vncproxy.yaml +++ b/puppet/services/nova-vncproxy.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Vncproxy service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -25,5 +36,15 @@ outputs: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::vncproxy::enabled: true + nova::vncproxy::common::vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} + # Remove brackets that may come if the IP address is IPv6. + # For DNS names and IPv4, this will just get NovaVNCProxyPublic + nova::vncproxy::common::vncproxy_host: + str_replace: + template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} + params: + '[': '' + ']': '' + nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} step_config: | include tripleo::profile::base::nova::vncproxy diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml index b0ebb7d4..ac5b85c8 100644 --- a/puppet/services/pacemaker.yaml +++ b/puppet/services/pacemaker.yaml @@ -4,6 +4,15 @@ description: > Pacemaker service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml index 471b9f7a..ac4bdcf0 100644 --- a/puppet/services/pacemaker/ceilometer-agent-central.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-central.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Central Agent service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml index 2530848f..112dde1c 100644 --- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-notification.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Notification Agent service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml index f1885372..f50e4a15 100644 --- a/puppet/services/pacemaker/ceilometer-api.yaml +++ b/puppet/services/pacemaker/ceilometer-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer API service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml index 8d31e1aa..8d4348db 100644 --- a/puppet/services/pacemaker/ceilometer-collector.yaml +++ b/puppet/services/pacemaker/ceilometer-collector.yaml @@ -4,6 +4,15 @@ description: > OpenStack Ceilometer Collector service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: CeilometerServiceBase: type: ../ceilometer-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/cinder-api.yaml b/puppet/services/pacemaker/cinder-api.yaml index 706a189b..7c83037d 100644 --- a/puppet/services/pacemaker/cinder-api.yaml +++ b/puppet/services/pacemaker/cinder-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder API service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderApiBase: type: ../cinder-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml new file mode 100644 index 00000000..7e940c7e --- /dev/null +++ b/puppet/services/pacemaker/cinder-backup.yaml @@ -0,0 +1,60 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Cinder Backup service with Pacemaker configured with Puppet + +parameters: + CinderBackupBackend: + default: swift + description: The short name of the Cinder Backup backend to use. + type: string + constraints: + - allowed_values: ['swift', 'ceph'] + CinderBackupRbdPoolName: + default: backups + type: string + CephClientUserName: + default: openstack + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + CinderBackupBase: + type: ../cinder-backup.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + CinderBackupBackend: {get_param: CinderBackupBackend} + CinderBackupRbdPoolName: {get_param: CinderBackupRbdPoolName} + CephClientUserName: {get_param: CephClientUserName} + +outputs: + role_data: + description: Role data for the Cinder Backup role. + value: + service_name: cinder_backup + config_settings: + map_merge: + - get_attr: [CinderBackupBase, role_data, config_settings] + - cinder::backup::manage_service: false + cinder::backup::enabled: false + step_config: + list_join: + - "\n" + - - get_attr: [CinderBackupBase, role_data, step_config] + - "include ::tripleo::profile::pacemaker::cinder::backup" diff --git a/puppet/services/pacemaker/cinder-scheduler.yaml b/puppet/services/pacemaker/cinder-scheduler.yaml index 350d7126..6f26b412 100644 --- a/puppet/services/pacemaker/cinder-scheduler.yaml +++ b/puppet/services/pacemaker/cinder-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder Scheduler service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderSchedulerBase: type: ../cinder-scheduler.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml index 7b6e9a77..ffcdb529 100644 --- a/puppet/services/pacemaker/cinder-volume.yaml +++ b/puppet/services/pacemaker/cinder-volume.yaml @@ -4,6 +4,15 @@ description: > OpenStack Cinder Volume service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: CinderVolumeBase: type: ../cinder-volume.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/core.yaml b/puppet/services/pacemaker/core.yaml index 1c0c043c..9eca1de3 100644 --- a/puppet/services/pacemaker/core.yaml +++ b/puppet/services/pacemaker/core.yaml @@ -4,6 +4,15 @@ description: > OpenStack Core (fake) service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/pacemaker/database/mongodb.yaml b/puppet/services/pacemaker/database/mongodb.yaml index c09f93a9..64ae2e91 100644 --- a/puppet/services/pacemaker/database/mongodb.yaml +++ b/puppet/services/pacemaker/database/mongodb.yaml @@ -5,6 +5,15 @@ description: > parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ parameters: resources: MongoDbBase: type: ../../database/mongodb-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml index cc9dc946..d555ed0a 100644 --- a/puppet/services/pacemaker/database/mysql.yaml +++ b/puppet/services/pacemaker/database/mysql.yaml @@ -5,17 +5,36 @@ description: > parameters: #Parameters not used EndpointMap + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json +resources: + + MysqlBase: + type: ../../database/mysql.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Service MySQL with Pacemaker using composable services. value: service_name: mysql config_settings: + get_attr: [MysqlBase, role_data, config_settings] step_config: | include ::tripleo::profile::pacemaker::database::mysql diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml index 3cd8d168..d9156e67 100644 --- a/puppet/services/pacemaker/database/redis.yaml +++ b/puppet/services/pacemaker/database/redis.yaml @@ -4,6 +4,15 @@ description: > OpenStack Redis service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -13,6 +22,10 @@ parameters: resources: RedisBase: type: ../../database/redis-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/glance-api.yaml b/puppet/services/pacemaker/glance-api.yaml index 0fc17b22..ef4ba79a 100644 --- a/puppet/services/pacemaker/glance-api.yaml +++ b/puppet/services/pacemaker/glance-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance API service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -39,6 +48,8 @@ resources: GlanceApiBase: type: ../glance-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/glance-registry.yaml b/puppet/services/pacemaker/glance-registry.yaml index ae7aa307..e417f09f 100644 --- a/puppet/services/pacemaker/glance-registry.yaml +++ b/puppet/services/pacemaker/glance-registry.yaml @@ -4,6 +4,15 @@ description: > OpenStack Glance Registry service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: GlanceRegistryBase: type: ../glance-registry.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml index bcd73e61..50bd3fa7 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/pacemaker/gnocchi-api.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ../gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -24,5 +35,7 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] + - gnocchi::metricd::manage_service: false + gnocchi::metricd::enabled: false step_config: | include ::tripleo::profile::pacemaker::gnocchi::api diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml index ec487e89..0a6b03ea 100644 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ b/puppet/services/pacemaker/gnocchi-metricd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ../gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -25,6 +36,7 @@ outputs: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - gnocchi::metricd::manage_service: false + gnocchi::metricd::enabled: false tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} step_config: | diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml index d1106524..12256d32 100644 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ b/puppet/services/pacemaker/gnocchi-statsd.yaml @@ -4,6 +4,15 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: GnocchiServiceBase: type: ../gnocchi-base.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -25,6 +36,7 @@ outputs: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - gnocchi::statsd::manage_service: false + gnocchi::statsd::enabled: false tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} step_config: | include ::tripleo::profile::pacemaker::gnocchi::statsd diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml index 811a6697..de028339 100644 --- a/puppet/services/pacemaker/haproxy.yaml +++ b/puppet/services/pacemaker/haproxy.yaml @@ -4,6 +4,15 @@ description: > HAproxy service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: LoadbalancerServiceBase: type: ../haproxy.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -27,5 +38,6 @@ outputs: - tripleo::haproxy::haproxy_service_manage: false tripleo::haproxy::mysql_clustercheck: true enable_keepalived: false + tripleo::haproxy::keepalived: false step_config: | include ::tripleo::profile::pacemaker::haproxy diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml index 8f2c561a..155a35ec 100644 --- a/puppet/services/pacemaker/heat-api-cfn.yaml +++ b/puppet/services/pacemaker/heat-api-cfn.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudFormation API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatApiCfnBase: type: ../heat-api-cfn.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml index a08e0262..85927650 100644 --- a/puppet/services/pacemaker/heat-api-cloudwatch.yaml +++ b/puppet/services/pacemaker/heat-api-cloudwatch.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat CloudWatch API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatApiCloudwatchBase: type: ../heat-api-cloudwatch.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml index 5cf25516..d7220619 100644 --- a/puppet/services/pacemaker/heat-api.yaml +++ b/puppet/services/pacemaker/heat-api.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatApiBase: type: ../heat-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml index 4d41cbe4..579f5f10 100644 --- a/puppet/services/pacemaker/heat-engine.yaml +++ b/puppet/services/pacemaker/heat-engine.yaml @@ -4,6 +4,15 @@ description: > Openstack Heat Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: HeatEngineBase: type: ../heat-engine.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/horizon.yaml b/puppet/services/pacemaker/horizon.yaml index f8b5ad0c..bd1ff046 100644 --- a/puppet/services/pacemaker/horizon.yaml +++ b/puppet/services/pacemaker/horizon.yaml @@ -4,6 +4,15 @@ description: > Horizon service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: HorizonBase: type: ../horizon.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/keystone.yaml b/puppet/services/pacemaker/keystone.yaml index f5f136d3..701f01f1 100644 --- a/puppet/services/pacemaker/keystone.yaml +++ b/puppet/services/pacemaker/keystone.yaml @@ -4,6 +4,15 @@ description: > OpenStack Keystone service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: KeystoneServiceBase: type: ../keystone.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml index 0f88e89c..7479eb08 100644 --- a/puppet/services/pacemaker/manila-share.yaml +++ b/puppet/services/pacemaker/manila-share.yaml @@ -4,6 +4,15 @@ description: > The manila-share service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: ManilaShareBase: type: ../manila-share.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/memcached.yaml b/puppet/services/pacemaker/memcached.yaml index 43cd528e..e612d775 100644 --- a/puppet/services/pacemaker/memcached.yaml +++ b/puppet/services/pacemaker/memcached.yaml @@ -4,6 +4,15 @@ description: > Mecached service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: MemcachedServiceBase: type: ../memcached.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/neutron-dhcp.yaml b/puppet/services/pacemaker/neutron-dhcp.yaml index 3a5ada47..f5f785e3 100644 --- a/puppet/services/pacemaker/neutron-dhcp.yaml +++ b/puppet/services/pacemaker/neutron-dhcp.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron DHCP service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronDhcpBase: type: ../neutron-dhcp.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-l3.yaml b/puppet/services/pacemaker/neutron-l3.yaml index a4f2c0e1..87176632 100644 --- a/puppet/services/pacemaker/neutron-l3.yaml +++ b/puppet/services/pacemaker/neutron-l3.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron L3 service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronL3Base: type: ../neutron-l3.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-metadata.yaml b/puppet/services/pacemaker/neutron-metadata.yaml index 9b322f22..e00c2424 100644 --- a/puppet/services/pacemaker/neutron-metadata.yaml +++ b/puppet/services/pacemaker/neutron-metadata.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Metadata service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronMetadataBase: type: ../neutron-metadata.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-midonet.yaml b/puppet/services/pacemaker/neutron-midonet.yaml index e93ed661..fb39ea44 100644 --- a/puppet/services/pacemaker/neutron-midonet.yaml +++ b/puppet/services/pacemaker/neutron-midonet.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Midonet with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronMidonetBase: type: ../neutron-midonet.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-ovs-agent.yaml b/puppet/services/pacemaker/neutron-ovs-agent.yaml index b2260de9..353c2958 100644 --- a/puppet/services/pacemaker/neutron-ovs-agent.yaml +++ b/puppet/services/pacemaker/neutron-ovs-agent.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron OVS agent with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: NeutronOvsBase: type: ../neutron-ovs-agent.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/neutron-plugin-ml2.yaml b/puppet/services/pacemaker/neutron-plugin-ml2.yaml index dc10d093..234f116e 100644 --- a/puppet/services/pacemaker/neutron-plugin-ml2.yaml +++ b/puppet/services/pacemaker/neutron-plugin-ml2.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron ML2 Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,10 @@ resources: NeutronMl2Base: type: ../neutron-plugin-ml2.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: diff --git a/puppet/services/pacemaker/neutron-plugin-nuage.yaml b/puppet/services/pacemaker/neutron-plugin-nuage.yaml index 414c046c..9fca2cc3 100644 --- a/puppet/services/pacemaker/neutron-plugin-nuage.yaml +++ b/puppet/services/pacemaker/neutron-plugin-nuage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronPluginNuageBase: type: ../neutron-plugin-nuage.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml index 1d385d83..80d6ed92 100644 --- a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml +++ b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronPluginOpenContrail: type: ../neutron-plugin-nuage.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml index 69f5fd27..5dd4e588 100644 --- a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml +++ b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NeutronPluginPlumgridBase: type: ../neutron-plugin-ml2.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/neutron-server.yaml b/puppet/services/pacemaker/neutron-server.yaml index b0f739dc..fc04e5ee 100644 --- a/puppet/services/pacemaker/neutron-server.yaml +++ b/puppet/services/pacemaker/neutron-server.yaml @@ -4,6 +4,15 @@ description: > OpenStack Neutron Server with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -19,6 +28,8 @@ resources: NeutronServerBase: type: ../neutron-server.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml index 2d497ab5..709761e7 100644 --- a/puppet/services/pacemaker/nova-api.yaml +++ b/puppet/services/pacemaker/nova-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova API service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaApiBase: type: ../nova-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-conductor.yaml b/puppet/services/pacemaker/nova-conductor.yaml index 1f57cf08..7a2313c7 100644 --- a/puppet/services/pacemaker/nova-conductor.yaml +++ b/puppet/services/pacemaker/nova-conductor.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Conductor service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaConductorBase: type: ../nova-conductor.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml index bbab8bea..77550c80 100644 --- a/puppet/services/pacemaker/nova-consoleauth.yaml +++ b/puppet/services/pacemaker/nova-consoleauth.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Consoleauth service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaConsoleauthBase: type: ../nova-consoleauth.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml index bf2c62bc..2571ec43 100644 --- a/puppet/services/pacemaker/nova-scheduler.yaml +++ b/puppet/services/pacemaker/nova-scheduler.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Scheduler service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaSchedulerBase: type: ../nova-scheduler.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vncproxy.yaml index 0353d924..e536826e 100644 --- a/puppet/services/pacemaker/nova-vncproxy.yaml +++ b/puppet/services/pacemaker/nova-vncproxy.yaml @@ -4,6 +4,15 @@ description: > OpenStack Nova Vncproxy service with Pacemaker configured with Puppet. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: NovaVncproxyBase: type: ../nova-vncproxy.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml index b01caeea..3eb01398 100644 --- a/puppet/services/pacemaker/rabbitmq.yaml +++ b/puppet/services/pacemaker/rabbitmq.yaml @@ -4,6 +4,15 @@ description: > RabbitMQ service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -14,6 +23,8 @@ resources: RabbitMQServiceBase: type: ../rabbitmq.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml index ac05a01a..e20b7a08 100644 --- a/puppet/services/pacemaker/sahara-api.yaml +++ b/puppet/services/pacemaker/sahara-api.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara API service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: SaharaApiBase: type: ../sahara-api.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -28,4 +39,4 @@ outputs: - sahara::service::api::manage_service: false sahara::service::api::enabled: false step_config: | - include ::tripleo::profile::pacemaker::sahara + include ::tripleo::profile::pacemaker::sahara::api diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml index f6bd8f61..07de74ca 100644 --- a/puppet/services/pacemaker/sahara-engine.yaml +++ b/puppet/services/pacemaker/sahara-engine.yaml @@ -4,6 +4,15 @@ description: > OpenStack Sahara Engine service with Pacemaker configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -15,6 +24,8 @@ resources: SaharaEngineBase: type: ../sahara-engine.yaml properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -27,7 +38,5 @@ outputs: - get_attr: [SaharaEngineBase, role_data, config_settings] - sahara::service::engine::manage_service: false sahara::service::engine::enabled: false - # No puppet manifests since sahara-engine is included in - # ::tripleo::profile::pacemaker::sahara which is maintained alongside of - # pacemaker/sahara-api.yaml. - step_config: + step_config: | + include ::tripleo::profile::pacemaker::sahara::engine diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 4c02f359..06595b07 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -1,9 +1,18 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > RabbitMQ service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -25,6 +34,10 @@ parameters: default: false description: Enable IPv6 in RabbitMQ type: boolean + RabbitCookie: + type: string + default: '' + hidden: true outputs: role_data: @@ -57,5 +70,19 @@ outputs: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' loopback_users: '[]' + rabbitmq::erlang_cookie: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: RabbitCookie} + - {get_param: [DefaultPasswords, rabbit_cookie]} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]} step_config: | include ::tripleo::profile::base::rabbitmq diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 7ca9bbd5..5715a8c3 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -4,13 +4,21 @@ description: > OpenStack Sahara API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json SaharaPassword: - default: unset description: The password for the sahara service account, used by sahara-api. type: string hidden: true @@ -18,9 +26,6 @@ parameters: default: 0 description: The number of workers for the sahara-api. type: number - SaharaApiVirtualIP: - type: string - default: '' KeystoneRegion: type: string default: 'regionOne' @@ -29,6 +34,10 @@ parameters: resources: SaharaBase: type: ./sahara-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -38,12 +47,8 @@ outputs: config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] - - sahara::host: {get_param: SaharaApiVirtualIP} - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]} - sahara::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - sahara::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } - sahara::admin_password: {get_param: SaharaPassword} - sahara::service::api::api_workers: {get_param: SaharaApiWorkers} + - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]} + sahara::service::api::api_workers: {get_param: SaharaWorkers} sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]} sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]} sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml index 3e320128..c1ab8e8b 100644 --- a/puppet/services/sahara-base.yaml +++ b/puppet/services/sahara-base.yaml @@ -4,6 +4,20 @@ description: > OpenStack Sahara base service. Shared for all Sahara services. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json RabbitPassword: description: The password for RabbitMQ type: string @@ -22,6 +36,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + SaharaPassword: + description: The password for the sahara service account, used by sahara-api. + type: string + hidden: true Debug: type: string default: '' @@ -33,15 +51,34 @@ outputs: value: service_name: sahara_base config_settings: + sahara::database_connection: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://sahara:' + - {get_param: SaharaPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/sahara' + sahara::db::mysql::password: {get_param: SaharaPassword} + sahara::db::mysql::user: sahara + sahara::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + sahara::db::mysql::dbname: sahara + sahara::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" sahara::rabbit_password: {get_param: RabbitPassword} sahara::rabbit_user: {get_param: RabbitUserName} sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL} sahara::rabbit_port: {get_param: RabbitClientPort} sahara::debug: {get_param: Debug} + sahara::admin_password: {get_param: SaharaPassword} + sahara::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + sahara::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } sahara::use_neutron: true sahara::plugins: + - ambari - cdh - - hdp - mapr - vanilla - spark @@ -49,3 +86,5 @@ outputs: sahara::rpc_backend: rabbit sahara::admin_tenant_name: 'service' sahara::keystone::auth::tenant: 'service' + sahara::db::database_db_max_retries: -1 + sahara::db::database_max_retries: -1 diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml index 074f83c7..fcf4d485 100644 --- a/puppet/services/sahara-engine.yaml +++ b/puppet/services/sahara-engine.yaml @@ -4,20 +4,28 @@ description: > OpenStack Sahara Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - SaharaPassword: - default: unset - description: The password for the sahara service account, used by sahara-api. - type: string - hidden: true resources: SaharaBase: type: ./sahara-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -27,22 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] - - sahara_dsn: &sahara_dsn - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://sahara:' - - {get_param: SaharaPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/sahara' - sahara::database_connection: *sahara_dsn - sahara::db::mysql::password: {get_param: SaharaPassword} - sahara::db::mysql::user: sahara - sahara::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} - sahara::db::mysql::dbname: sahara - sahara::db::mysql::allowed_hosts: - - '%' - - "%{hiera('mysql_bind_host')}" step_config: | include ::tripleo::profile::base::sahara::engine diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index c9a952a5..bb40001a 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -10,11 +10,22 @@ parameters: description: | List nested stack service templates. type: comma_delimited_list + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + DefaultPasswords: + default: {} + description: Mapping of service -> default password. Used to help + pass top level passwords managed by Heat into services. + type: json resources: @@ -24,7 +35,9 @@ resources: resources: {get_param: Services} concurrent: true resource_properties: + ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_param: EndpointMap} + DefaultPasswords: {get_param: DefaultPasswords} outputs: role_data: diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml index 458f444b..e38ccf42 100644 --- a/puppet/services/snmp.yaml +++ b/puppet/services/snmp.yaml @@ -6,6 +6,15 @@ description: > monitoring. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index 99af7499..6c2bb44b 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -4,6 +4,15 @@ description: > OpenStack Swift Proxy service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index 0b17c73c..f41228e7 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -4,6 +4,15 @@ description: > OpenStack Swift Ringbuilder parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 74679231..664a701f 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -4,6 +4,15 @@ description: > OpenStack Swift Storage service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -17,6 +26,10 @@ parameters: default: false description: Value of mount_check in Swift account/container/object -server.conf type: boolean + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list @@ -60,5 +73,6 @@ outputs: swift::storage::all::account_pipeline: - healthcheck - account-server + swift::storage::disks: {get_param: SwiftRawDisks} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml index 59d25dd2..7aa3706f 100644 --- a/puppet/services/time/ntp.yaml +++ b/puppet/services/time/ntp.yaml @@ -7,6 +7,15 @@ description: > and configure NTP. parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml index 805c9050..384b5191 100644 --- a/puppet/services/time/timezone.yaml +++ b/puppet/services/time/timezone.yaml @@ -4,6 +4,15 @@ description: > Composable Timezone service parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml new file mode 100644 index 00000000..14965b4f --- /dev/null +++ b/puppet/services/tripleo-firewall.yaml @@ -0,0 +1,28 @@ +heat_template_version: 2016-04-08 + +description: > + TripleO Firewall settings + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the TripleO firewall settings + value: + service_name: tripleo_firewall + step_config: | + include ::tripleo::firewall diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml new file mode 100644 index 00000000..124f5fe8 --- /dev/null +++ b/puppet/services/tripleo-packages.yaml @@ -0,0 +1,34 @@ +heat_template_version: 2016-04-08 + +description: > + TripleO Package installation settings + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + EnablePackageInstall: + default: 'false' + description: Set to true to enable package installation via Puppet + type: boolean + +outputs: + role_data: + description: Role data for the TripleO package settings + value: + service_name: tripleo_packages + config_settings: + tripleo::packages::enable_install: {get_param: EnablePackageInstall} + step_config: | + include ::tripleo::packages diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index 306a4d6e..859fad2c 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -36,6 +36,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 034592a7..1f3022b8 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -1,8 +1,9 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack swift storage node configured by Puppet' parameters: - Flavor: + OvercloudSwiftStorageFlavor: description: Flavor for Swift storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -11,9 +12,11 @@ parameters: in the ring. hidden: true type: string - Image: - default: overcloud-swift-storage + SwiftStorageImage: + default: overcloud-full type: string + constraints: + - custom_constraint: glance.image KeyName: default: default description: Name of an existing Nova key pair to enable SSH access to the instances @@ -26,10 +29,6 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean UpdateIdentifier: default: '' type: string @@ -75,7 +74,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -86,7 +84,7 @@ parameters: Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. type: json - SchedulerHints: + ObjectStorageSchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -103,6 +101,10 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json resources: @@ -112,8 +114,8 @@ resources: os-collect-config: command: {get_param: ConfigCommand} properties: - image: {get_param: Image} - flavor: {get_param: Flavor} + image: {get_param: SwiftStorageImage} + flavor: {get_param: OvercloudSwiftStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -125,7 +127,7 @@ resources: params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} - scheduler_hints: {get_param: SchedulerHints} + scheduler_hints: {get_param: ObjectStorageSchedulerHints} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -248,34 +250,26 @@ resources: - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - - common - - network merge_behavior: deeper datafiles: service_names: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} - common: - raw_data: {get_file: hieradata/common.yaml} - network: mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} object_extraconfig: mapped_data: {get_param: ObjectStorageExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} object: - raw_data: {get_file: hieradata/object.yaml} mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_path_suffix: { get_input: swift_hash_suffix } swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -291,7 +285,6 @@ resources: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} swift_hash_suffix: {get_param: HashSuffix} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} @@ -388,9 +381,23 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} external_ip_address: description: IP address of the server in the external network value: {get_attr: [ExternalPort, ip_address]} diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index c93c84bc..d75aeb4f 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -39,6 +39,13 @@ def validate_service(filename, tpl): print('ERROR: service_name should match file name for service: %s.' % filename) return 1 + if 'parameters' in tpl: + required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords'] + for param in required_params: + if param not in tpl['parameters']: + print('ERROR: parameter %s is required for %s.' + % (param, filename)) + return 1 return 0 |