diff options
45 files changed, 445 insertions, 805 deletions
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml index 8afb6d28..da4b981c 100644 --- a/docker/services/aodh-api.yaml +++ b/docker/services/aodh-api.yaml @@ -114,6 +114,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/aodh/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro - /var/log/containers/aodh:/var/log/aodh command: "/usr/bin/bootstrap_host_exec aodh_api su aodh -s /bin/bash -c /usr/bin/aodh-dbsync" diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml index 85fe0608..52c4a65c 100644 --- a/docker/services/ceph-ansible/ceph-base.yaml +++ b/docker/services/ceph-ansible/ceph-base.yaml @@ -102,6 +102,33 @@ conditions: data: {get_param: DockerCephDaemonImage} expression: $.data.split('/')[0].matches('(\.|:)') +resources: + DockerImageUrlParts: + type: OS::Heat::Value + properties: + type: json + value: + host: + if: + - custom_registry_host + - yaql: + expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*)/').split($location)[1] + data: {get_param: DockerCephDaemonImage} + - docker.io + image: + if: + - custom_registry_host + - yaql: + expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*)/').split($location)[2] + data: {get_param: DockerCephDaemonImage} + - yaql: + expression: $.data.rightSplit(':', 1)[0] + data: {get_param: DockerCephDaemonImage} + image_tag: + yaql: + expression: $.data.rightSplit(':', 1)[1] + data: {get_param: DockerCephDaemonImage} + outputs: role_data: description: Role data for the Ceph base service. @@ -125,21 +152,9 @@ outputs: ceph_common_ansible_vars: fsid: { get_param: CephClusterFSID } docker: true - ceph_docker_registry: - if: - - custom_registry_host - - yaql: - expression: regex('(?:https?://)?(.*)/').split($.data)[1] - data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]} - - docker.io - ceph_docker_image: - if: - - custom_registry_host - - yaql: - expression: regex('(?:https?://)?(.*)/').split($.data)[2] - data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]} - - {str_split: [':', {get_param: DockerCephDaemonImage}, 0]} - ceph_docker_image_tag: {str_split: [':', {get_param: DockerCephDaemonImage}, 1]} + ceph_docker_registry: {get_attr: [DockerImageUrlParts, value, host]} + ceph_docker_image: {get_attr: [DockerImageUrlParts, value, image]} + ceph_docker_image_tag: {get_attr: [DockerImageUrlParts, value, image_tag]} containerized_deployment: true public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} monitor_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} @@ -186,11 +201,7 @@ outputs: CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} GLANCE_POOL: {get_param: GlanceRbdPoolName} GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} - acls: - - "u:glance:r--" - - "u:nova:r--" - - "u:cinder:r--" - - "u:gnocchi:r--" + mode: "0644" keys: *openstack_keys pools: [] ceph_conf_overrides: diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml index 86bb6d54..9b5c5b8f 100644 --- a/docker/services/database/mongodb.yaml +++ b/docker/services/database/mongodb.yaml @@ -36,6 +36,18 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -77,6 +89,10 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/mongodb owner: mongodb:mongodb @@ -84,6 +100,8 @@ outputs: - path: /var/log/mongodb owner: mongodb:mongodb recurse: true + - path: /etc/pki/tls/certs/mongodb.pem + owner: mongodb:mongodb docker_config: step_2: mongodb: @@ -91,11 +109,21 @@ outputs: net: host privileged: false volumes: &mongodb_volumes - - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro - - /etc/localtime:/etc/localtime:ro - - /var/log/containers/mongodb:/var/log/mongodb - - /var/lib/mongodb:/var/lib/mongodb + list_concat: + - - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json + - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro + - /etc/localtime:/etc/localtime:ro + - /var/log/containers/mongodb:/var/log/mongodb + - /var/lib/mongodb:/var/lib/mongodb + - if: + - internal_tls_enabled + - - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro + - null environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS docker_puppet_tasks: @@ -106,8 +134,18 @@ outputs: step_config: 'include ::tripleo::profile::base::database::mongodb' config_image: *mongodb_config_image volumes: - - /var/lib/mongodb:/var/lib/mongodb - - /var/log/containers/mongodb:/var/log/mongodb + list_concat: + - - /var/lib/mongodb:/var/lib/mongodb + - /var/log/containers/mongodb:/var/log/mongodb + - if: + - internal_tls_enabled + - - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro + - null host_prep_tasks: - name: create persistent directories file: diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml index 7c6b6766..1443da40 100644 --- a/docker/services/gnocchi-api.yaml +++ b/docker/services/gnocchi-api.yaml @@ -116,6 +116,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/gnocchi/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro - /var/log/containers/gnocchi:/var/log/gnocchi - /etc/ceph:/etc/ceph:ro diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml index a20dc131..fdba7d58 100644 --- a/docker/services/heat-engine.yaml +++ b/docker/services/heat-engine.yaml @@ -109,6 +109,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/heat/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro - /var/log/containers/heat:/var/log/heat command: "/usr/bin/bootstrap_host_exec heat_engine su heat -s /bin/bash -c 'heat-manage db_sync'" diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml index b4fce226..85a07128 100644 --- a/docker/services/neutron-api.yaml +++ b/docker/services/neutron-api.yaml @@ -122,6 +122,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/neutron/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro - /var/log/containers/neutron:/var/log/neutron diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index 45de265e..be2c8a5e 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -128,6 +128,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro - /var/log/containers/nova:/var/log/nova command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'" diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml index a9e49b28..8ba7d723 100644 --- a/docker/services/pacemaker/database/mysql.yaml +++ b/docker/services/pacemaker/database/mysql.yaml @@ -255,3 +255,9 @@ outputs: - name: Disable mysql service tags: step2 service: name=mariadb enabled=no + - name: Remove clustercheck service from xinetd + tags: step2 + file: state=absent path=/etc/xinetd.d/galera-monitor + - name: Restart xinetd service after clustercheck removal + tags: step2 + service: name=xinetd state=restarted diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml index 01c17388..626d9176 100644 --- a/docker/services/panko-api.yaml +++ b/docker/services/panko-api.yaml @@ -116,6 +116,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/panko/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/panko/etc/panko:/etc/panko:ro - /var/log/containers/panko:/var/log/panko command: "/usr/bin/bootstrap_host_exec panko_api su panko -s /bin/bash -c '/usr/bin/panko-dbsync'" diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml index 5a695171..db83f906 100644 --- a/environments/major-upgrade-composable-steps.yaml +++ b/environments/major-upgrade-composable-steps.yaml @@ -1,5 +1,5 @@ resource_registry: - OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml + OS::TripleO::PostDeploySteps: ../common/major_upgrade_steps.yaml parameter_defaults: EnableConfigPurge: true StackUpdateType: UPGRADE diff --git a/environments/network-isolation-v6.j2.yaml b/environments/network-isolation-v6.j2.yaml new file mode 100644 index 00000000..bb27ee43 --- /dev/null +++ b/environments/network-isolation-v6.j2.yaml @@ -0,0 +1,58 @@ +{%- set primary_role = [roles[0]] -%} +{%- for role in roles -%} + {%- if 'primary' in role.tags and 'controller' in role.tags -%} + {%- set _ = primary_role.pop() -%} + {%- set _ = primary_role.append(role) -%} + {%- endif -%} +{%- endfor -%} +{%- set primary_role_name = primary_role[0].name -%} +# Enable the creation of Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +# primary role is: {{primary_role_name}} +resource_registry: + # networks as defined in network_data.yaml + {%- for network in networks if network.enabled|default(true) %} + {%- if network.name != 'Tenant' %} + OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}_v6.yaml + {%- else %} + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}.yaml + {%- endif %} + {%- endfor %} + + # Port assignments for the VIPs + {%- for network in networks if network.vip and network.enabled|default(true) %} + OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml + {%- endfor %} + + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + +{%- for role in roles %} + # Port assignments for the {{role.name}} + {%- for network in networks %} + {%- if network.name in role.networks|default([]) and network.enabled|default(true) and network.name != 'Tenant' %} + OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml + {%- elif network.name in role.networks|default([]) and network.enabled|default(true) and network.name == 'Tenant' %} + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}.yaml + {%- else %} + OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/noop.yaml + {%- endif %} + {%- endfor %} +{%- endfor %} + + +parameter_defaults: + # Enable IPv6 for Ceph. + CephIPv6: True + # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster. + CorosyncIPv6: True + # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. + MongoDbIPv6: True + # Enable various IPv6 features in Nova. + NovaIPv6: True + # Enable IPv6 environment for RabbitMQ. + RabbitIPv6: True + # Enable IPv6 environment for Memcached. + MemcachedIPv6: True diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml deleted file mode 100644 index 11ca5b31..00000000 --- a/environments/network-isolation-v6.yaml +++ /dev/null @@ -1,57 +0,0 @@ -# Enable the creation of IPv6 Neutron networks for isolated Overcloud -# traffic and configure each role to assign ports (related -# to that role) on these networks. -resource_registry: - OS::TripleO::Network::External: ../network/external_v6.yaml - OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml - OS::TripleO::Network::Storage: ../network/storage_v6.yaml - # IPv4 until OVS and Neutron support IPv6 tunnel endpoints - OS::TripleO::Network::Tenant: ../network/tenant.yaml - - # Port assignments for the VIPs - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml - - # Port assignments for the controller role - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - - # Port assignments for the compute role - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml - - # Port assignments for the ceph storage role - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - - # Port assignments for the swift storage role - OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - - # Port assignments for the block storage role - OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - -parameter_defaults: - # Enable IPv6 for Ceph. - CephIPv6: True - # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster. - CorosyncIPv6: True - # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. - MongoDbIPv6: True - # Enable various IPv6 features in Nova. - NovaIPv6: True - # Enable IPv6 environment for RabbitMQ. - RabbitIPv6: true - # Enable IPv6 environment for Memcached. - MemcachedIPv6: true diff --git a/environments/network-management-v6.yaml b/environments/network-management-v6.yaml index 812e84f3..59056217 100644 --- a/environments/network-management-v6.yaml +++ b/environments/network-management-v6.yaml @@ -1,3 +1,7 @@ +# ****************************************************************************** +# DEPRECATED: Use tripleo-heat-templates/environments/network-isolation-v6.yaml +# and define the needed networks in your custom role file. +# ****************************************************************************** # Enable the creation of an IPv6 system management network. This # creates a Neutron network for isolated Overcloud # system management traffic and configures each role to diff --git a/environments/network-management.yaml b/environments/network-management.yaml index 041617be..5f50bb15 100644 --- a/environments/network-management.yaml +++ b/environments/network-management.yaml @@ -1,3 +1,7 @@ +# *************************************************************************** +# DEPRECATED: Use tripleo-heat-templates/environments/network-isolation.yaml +# and define the needed networks in your custom role file. +# *************************************************************************** # Enable the creation of a system management network. This # creates a Neutron network for isolated Overcloud # system management traffic and configures each role to diff --git a/extraconfig/nova_metadata/krb-service-principals.yaml b/extraconfig/nova_metadata/krb-service-principals.j2.yaml index cdd4341a..b18dba66 100644 --- a/extraconfig/nova_metadata/krb-service-principals.yaml +++ b/extraconfig/nova_metadata/krb-service-principals.j2.yaml @@ -5,30 +5,38 @@ parameters: RoleData: type: json description: the list containing the 'role_data' output for the ServiceChain - - # Coming from parameter_defaults +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName CloudName: default: overcloud.localdomain description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal CloudNameInternal: - default: overcloud.internalapi.localdomain + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's internal API endpoint. E.g. - 'ci-overcloud.internalapi.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorage: - default: overcloud.storage.localdomain +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + CloudNameStorageManagement: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage endpoint. E.g. - 'ci-overcloud.storage.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorageManagement: - default: overcloud.storagemgmt.localdomain +{%- else %} + CloudName{{network.name}}: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage management endpoint. E.g. - 'ci-overcloud.storagemgmt.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string +{%- endif %} +{%- endfor %} CloudNameCtlplane: default: overcloud.ctlplane.localdomain description: > @@ -61,10 +69,17 @@ resources: data: metadata: {get_attr: [IncomingMetadataSettings, value]} fqdns: +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} external: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} internal_api: {get_param: CloudNameInternal} - storage: {get_param: CloudNameStorage} +{%- elif network.name == 'StorageMgmt' %} storage_mgmt: {get_param: CloudNameStorageManagement} +{%- else %} + {{network.name_lower}}: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} ctlplane: {get_param: CloudNameCtlplane} CompactServices: @@ -82,3 +97,4 @@ outputs: map_merge: - {get_attr: [IndividualServices, value]} - compact_services: {get_attr: [CompactServices, value]} + diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index 8b2b2308..b9fd08b4 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -59,19 +59,18 @@ parameters: description: | When enabled, the system will perform a yum update after performing the RHEL Registration process. - deployment_actions: - default: ['CREATE', 'UPDATE'] - type: comma_delimited_list - description: > - List of stack actions that will trigger any deployments in this - templates. The actions will be an empty list of the server is in the - toplevel DeploymentServerBlacklist parameter's value. + DeleteOnRHELUnregistration: + type: boolean + default: false + description: | + When true, the system profile will be deleted from the registration + service when the rhel-registration.yaml nested stack is deleted. conditions: - deployment_actions_empty: + unregister_on_delete: equals: - - {get_param: deployment_actions} - - [] + - {get_param: DeleteOnRHELUnregistration} + - true update_requested: equals: - {get_param: UpdateOnRHELRegistration} @@ -79,6 +78,12 @@ conditions: resources: + DeploymentActions: + type: OS::Heat::Value + properties: + value: + yaql + RHELRegistration: type: OS::Heat::SoftwareConfig properties: @@ -155,9 +160,9 @@ resources: config: {get_resource: RHELUnregistration} actions: if: - - deployment_actions_empty + - unregister_on_delete + - ['DELETE'] - [] - - ['DELETE'] # Only do this on DELETE input_values: REG_METHOD: {get_param: rhel_reg_method} @@ -189,11 +194,7 @@ resources: name: UpdateDeploymentAfterRHELRegistration config: {get_resource: YumUpdateConfigurationAfterRHELRegistration} server: {get_param: server} - actions: - if: - - deployment_actions_empty - - [] - - ['CREATE'] # Only do this on CREATE + actions: ['CREATE'] # Only do this on CREATE outputs: deploy_stdout: diff --git a/j2_excludes.yaml b/j2_excludes.yaml index 4afbeb01..5bdb0af9 100644 --- a/j2_excludes.yaml +++ b/j2_excludes.yaml @@ -5,12 +5,6 @@ # name: # - puppet/cephstorage-role.yaml name: - - network/internal_api.yaml - - network/external.yaml - - network/storage.yaml - - network/storage_mgmt.yaml - - network/tenant.yaml - - network/management.yaml - network/internal_api_v6.yaml - network/external_v6.yaml - network/storage_v6.yaml diff --git a/network/external.yaml b/network/external.yaml deleted file mode 100644 index 708d4635..00000000 --- a/network/external.yaml +++ /dev/null @@ -1,69 +0,0 @@ -heat_template_version: pike - -description: > - External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - ExternalNetCidr: - default: '10.0.0.0/24' - description: Cidr for the external network. - type: string - ExternalNetValueSpecs: - default: {'provider:physical_network': 'external', 'provider:network_type': 'flat'} - description: Value specs for the external network. - type: json - ExternalNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - ExternalNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - ExternalNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - ExternalNetName: - default: external - description: The name of the external network. - type: string - ExternalSubnetName: - default: external_subnet - description: The name of the external subnet in Neutron. - type: string - ExternalAllocationPools: - default: [{'start': '10.0.0.4', 'end': '10.0.0.250'}] - description: Ip allocation pool range for the external network. - type: json - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - -resources: - ExternalNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: ExternalNetAdminStateUp} - name: {get_param: ExternalNetName} - shared: {get_param: ExternalNetShared} - value_specs: {get_param: ExternalNetValueSpecs} - - ExternalSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: ExternalNetCidr} - enable_dhcp: {get_param: ExternalNetEnableDHCP} - name: {get_param: ExternalSubnetName} - network: {get_resource: ExternalNetwork} - allocation_pools: {get_param: ExternalAllocationPools} - gateway_ip: {get_param: ExternalInterfaceDefaultRoute} - -outputs: - OS::stack_id: - description: Neutron external network - value: {get_resource: ExternalNetwork} - subnet_cidr: - value: {get_attr: [ExternalSubnet, cidr]} diff --git a/network/internal_api.yaml b/network/internal_api.yaml deleted file mode 100644 index 6e1885a9..00000000 --- a/network/internal_api.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Internal API network. Used for most APIs, Database, RPC. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - InternalApiNetCidr: - default: '172.16.2.0/24' - description: Cidr for the internal API network. - type: string - InternalApiNetValueSpecs: - default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'} - description: Value specs for the internal API network. - type: json - InternalApiNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - InternalApiNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - InternalApiNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - InternalApiNetName: - default: internal_api - description: The name of the internal API network. - type: string - InternalApiSubnetName: - default: internal_api_subnet - description: The name of the internal API subnet in Neutron. - type: string - InternalApiAllocationPools: - default: [{'start': '172.16.2.4', 'end': '172.16.2.250'}] - description: Ip allocation pool range for the internal API network. - type: json - -resources: - InternalApiNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: InternalApiNetAdminStateUp} - name: {get_param: InternalApiNetName} - shared: {get_param: InternalApiNetShared} - value_specs: {get_param: InternalApiNetValueSpecs} - - InternalApiSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: InternalApiNetCidr} - enable_dhcp: {get_param: InternalApiNetEnableDHCP} - name: {get_param: InternalApiSubnetName} - network: {get_resource: InternalApiNetwork} - allocation_pools: {get_param: InternalApiAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron internal network - value: {get_resource: InternalApiNetwork} - subnet_cidr: - value: {get_attr: [InternalApiSubnet, cidr]} diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml index 7264b1c0..6a0912e2 100644 --- a/network/internal_api_v6.yaml +++ b/network/internal_api_v6.yaml @@ -8,11 +8,11 @@ parameters: InternalApiNetCidr: # OpenStack uses the EUI-64 address format, which requires a /64 prefix default: 'fd00:fd00:fd00:2000::/64' - description: Cidr for the internal API network. + description: Cidr for the internal_api network. type: string InternalApiNetValueSpecs: default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'} - description: Value specs for the internal API network. + description: Value specs for the internal_api network. type: json InternalApiNetAdminStateUp: default: false @@ -24,15 +24,15 @@ parameters: type: boolean InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string InternalApiSubnetName: default: internal_api_subnet - description: The name of the internal API subnet in Neutron. + description: The name of the internal_api subnet in Neutron. type: string InternalApiAllocationPools: default: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}] - description: Ip allocation pool range for the internal API network. + description: Ip allocation pool range for the internal_api network. type: json IPv6AddressMode: default: dhcpv6-stateful diff --git a/network/management.yaml b/network/management.yaml deleted file mode 100644 index be197e5c..00000000 --- a/network/management.yaml +++ /dev/null @@ -1,70 +0,0 @@ -heat_template_version: pike - -description: > - Management network. System administration, SSH, DNS, NTP, etc. This network - would usually be the default gateway for the non-controller nodes. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - ManagementNetCidr: - default: '10.0.1.0/24' - description: Cidr for the management network. - type: string - ManagementNetValueSpecs: - default: {'provider:physical_network': 'management', 'provider:network_type': 'flat'} - description: Value specs for the management network. - type: json - ManagementNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - ManagementNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - ManagementNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - ManagementNetName: - default: management - description: The name of the management network. - type: string - ManagementSubnetName: - default: management_subnet - description: The name of the management subnet in Neutron. - type: string - ManagementAllocationPools: - default: [{'start': '10.0.1.4', 'end': '10.0.1.250'}] - description: Ip allocation pool range for the management network. - type: json - ManagementInterfaceDefaultRoute: - default: unset - description: The default route of the management network. - type: string - -resources: - ManagementNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: ManagementNetAdminStateUp} - name: {get_param: ManagementNetName} - shared: {get_param: ManagementNetShared} - value_specs: {get_param: ManagementNetValueSpecs} - - ManagementSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: ManagementNetCidr} - enable_dhcp: {get_param: ManagementNetEnableDHCP} - name: {get_param: ManagementSubnetName} - network: {get_resource: ManagementNetwork} - allocation_pools: {get_param: ManagementAllocationPools} - gateway_ip: {get_param: ManagementInterfaceDefaultRoute} - -outputs: - OS::stack_id: - description: Neutron management network - value: {get_resource: ManagementNetwork} - subnet_cidr: - value: {get_attr: [ManagementSubnet, cidr]} diff --git a/network/network.network.j2.yaml b/network/network.network.j2.yaml index ccf437bb..29d58cd5 100644 --- a/network/network.network.j2.yaml +++ b/network/network.network.j2.yaml @@ -15,7 +15,7 @@ parameters: type: json {{network.name}}NetAdminStateUp: default: false - description: This admin state of the network. + description: The admin state of the network. type: boolean {{network.name}}NetEnableDHCP: default: false @@ -27,7 +27,7 @@ parameters: type: boolean {{network.name}}NetName: default: {{network.name_lower}} - description: The name of the {{network.name_lower}} network. + description: The name of the {{network.name_lower}} network. type: string {{network.name}}SubnetName: default: {{network.name_lower}}_subnet @@ -38,7 +38,7 @@ parameters: description: Ip allocation pool range for the {{network.name_lower}} network. type: json {{network.name}}InterfaceDefaultRoute: - default: {{network.gateway_ip|default("not_defined")}} + default: {{network.gateway_ip|default('""')}} description: default route for the {{network.name_lower}} network type: string {%- if network.vlan %} diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml index e9eb7875..94006437 100644 --- a/network/ports/internal_api.yaml +++ b/network/ports/internal_api.yaml @@ -5,7 +5,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml index 31c72daf..6eeca142 100644 --- a/network/ports/internal_api_from_pool.yaml +++ b/network/ports/internal_api_from_pool.yaml @@ -5,7 +5,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: @@ -26,7 +26,7 @@ parameters: type: number InternalApiNetCidr: default: '172.16.2.0/24' - description: Cidr for the internal API network. + description: Cidr for the internal_api network. type: string outputs: diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml index 657310ed..589d72a8 100644 --- a/network/ports/internal_api_from_pool_v6.yaml +++ b/network/ports/internal_api_from_pool_v6.yaml @@ -6,7 +6,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: @@ -27,7 +27,7 @@ parameters: type: number InternalApiNetCidr: default: 'fd00:fd00:fd00:2000::/64' - description: Cidr for the internal API network. + description: Cidr for the internal_api network. type: string outputs: diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml index 6a9e7083..36a3ad07 100644 --- a/network/ports/internal_api_v6.yaml +++ b/network/ports/internal_api_v6.yaml @@ -5,7 +5,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml index a9111ed9..6d7b7c16 100644 --- a/network/ports/net_ip_list_map.yaml +++ b/network/ports/net_ip_list_map.yaml @@ -37,7 +37,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -53,7 +53,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index ce58e96f..1b0e7589 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -77,7 +77,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -93,7 +93,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/network/ports/net_vip_map_external.j2.yaml b/network/ports/net_vip_map_external.j2.yaml new file mode 100644 index 00000000..b17f48b5 --- /dev/null +++ b/network/ports/net_vip_map_external.j2.yaml @@ -0,0 +1,40 @@ +heat_template_version: pike + +parameters: + # Set these via parameter defaults to configure external VIPs + ControlPlaneIP: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}NetworkVip: + default: '' + type: string +{%- endfor %} + # The following are unused in this template + ControlPlaneIp: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}Ip: + default: '' + type: string + {{network.name}}IpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 +{%- endfor %} + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + ctlplane: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}: {get_param: {{network.name}}NetworkVip} +{%- endfor %} + ctlplane_uri: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}_uri: {get_param: {{network.name}}NetworkVip} +{%- endfor %} diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml deleted file mode 100644 index d0847882..00000000 --- a/network/ports/net_vip_map_external.yaml +++ /dev/null @@ -1,68 +0,0 @@ -heat_template_version: pike - -parameters: - # Set these via parameter defaults to configure external VIPs - ControlPlaneIP: - default: '' - type: string - ExternalNetworkVip: - default: '' - type: string - InternalApiNetworkVip: - default: '' - type: string - StorageNetworkVip: - default: '' - type: string - StorageMgmtNetworkVip: - default: '' - type: string - # The following are unused in this template - ControlPlaneIp: - default: '' - type: string - ExternalIp: - default: '' - type: string - ExternalIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - InternalApiIp: - default: '' - type: string - InternalApiIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageIp: - default: '' - type: string - StorageIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageMgmtIp: - default: '' - type: string - StorageMgmtIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - -outputs: - net_ip_map: - description: > - A Hash containing a mapping of network names to assigned IPs - for a specific machine. - value: - ctlplane: {get_param: ControlPlaneIP} - external: {get_param: ExternalNetworkVip} - internal_api: {get_param: InternalApiNetworkVip} - storage: {get_param: StorageNetworkVip} - storage_mgmt: {get_param: StorageMgmtNetworkVip} - ctlplane_uri: {get_param: ControlPlaneIP} - external_uri: {get_param: ExternalNetworkVip} - internal_api_uri: {get_param: InternalApiNetworkVip} - storage_uri: {get_param: StorageNetworkVip} - storage_mgmt_uri: {get_param: StorageMgmtNetworkVip} diff --git a/network/ports/net_vip_map_external_v6.j2.yaml b/network/ports/net_vip_map_external_v6.j2.yaml new file mode 100644 index 00000000..5eff73c1 --- /dev/null +++ b/network/ports/net_vip_map_external_v6.j2.yaml @@ -0,0 +1,45 @@ +heat_template_version: pike + +parameters: + # Set these via parameter defaults to configure external VIPs + ControlPlaneIP: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}NetworkVip: + default: '' + type: string +{%- endfor %} + # The following are unused in this template + ControlPlaneIp: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}Ip: + default: '' + type: string + {{network.name}}IpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 +{%- endfor %} + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + ctlplane: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}: {get_param: {{network.name}}NetworkVip} +{%- endfor %} + ctlplane_uri: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}_uri: + list_join: + - '' + - - '[' + - {get_param: {{network.name}}NetworkVip} + - ']' +{%- endfor %} diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml deleted file mode 100644 index 72e60cb2..00000000 --- a/network/ports/net_vip_map_external_v6.yaml +++ /dev/null @@ -1,88 +0,0 @@ -heat_template_version: pike - -parameters: - # Set these via parameter defaults to configure external VIPs - ControlPlaneIP: - default: '' - type: string - ExternalNetworkVip: - default: '' - type: string - InternalApiNetworkVip: - default: '' - type: string - StorageNetworkVip: - default: '' - type: string - StorageMgmtNetworkVip: - default: '' - type: string - # The following are unused in this template - ControlPlaneIp: - default: '' - type: string - ExternalIp: - default: '' - type: string - ExternalIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - InternalApiIp: - default: '' - type: string - InternalApiIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageIp: - default: '' - type: string - StorageIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageMgmtIp: - default: '' - type: string - StorageMgmtIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - -outputs: - net_ip_map: - description: > - A Hash containing a mapping of network names to assigned IPs - for a specific machine. - value: - ctlplane: {get_param: ControlPlaneIP} - external: {get_param: ExternalNetworkVip} - internal_api: {get_param: InternalApiNetworkVip} - storage: {get_param: StorageNetworkVip} - storage_mgmt: {get_param: StorageMgmtNetworkVip} - ctlplane_uri: {get_param: ControlPlaneIP} - external_uri: - list_join: - - '' - - - '[' - - {get_param: ExternalNetworkVip} - - ']' - internal_api_uri: - list_join: - - '' - - - '[' - - {get_param: InternalApiNetworkVip} - - ']' - storage_uri: - list_join: - - '' - - - '[' - - {get_param: StorageNetworkVip} - - ']' - storage_mgmt_uri: - list_join: - - '' - - - '[' - - {get_param: StorageMgmtNetworkVip} - - ']' diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml index c06c58ef..0940b849 100644 --- a/network/ports/storage_mgmt.yaml +++ b/network/ports/storage_mgmt.yaml @@ -5,7 +5,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml index 07308a70..7efbc5ee 100644 --- a/network/ports/storage_mgmt_from_pool.yaml +++ b/network/ports/storage_mgmt_from_pool.yaml @@ -5,7 +5,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: @@ -26,7 +26,7 @@ parameters: type: number StorageMgmtNetCidr: default: '172.16.3.0/24' - description: Cidr for the storage management network. + description: Cidr for the storage_mgmt network. type: string outputs: diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml index 1b30f0ce..07998aba 100644 --- a/network/ports/storage_mgmt_from_pool_v6.yaml +++ b/network/ports/storage_mgmt_from_pool_v6.yaml @@ -6,7 +6,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: @@ -27,7 +27,7 @@ parameters: type: number StorageMgmtNetCidr: default: 'fd00:fd00:fd00:4000::/64' - description: Cidr for the storage management network. + description: Cidr for the storage_mgmt network. type: string outputs: diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml index c10b1393..399590c1 100644 --- a/network/ports/storage_mgmt_v6.yaml +++ b/network/ports/storage_mgmt_v6.yaml @@ -5,7 +5,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml index ba8e5568..54646c38 100644 --- a/network/service_net_map.j2.yaml +++ b/network/service_net_map.j2.yaml @@ -106,7 +106,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -122,7 +122,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/network/storage.yaml b/network/storage.yaml deleted file mode 100644 index 9729044d..00000000 --- a/network/storage.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Storage network. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - StorageNetCidr: - default: '172.16.1.0/24' - description: Cidr for the storage network. - type: string - StorageNetValueSpecs: - default: {'provider:physical_network': 'storage', 'provider:network_type': 'flat'} - description: Value specs for the storage network. - type: json - StorageNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - StorageNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - StorageNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - StorageNetName: - default: storage - description: The name of the storage network. - type: string - StorageSubnetName: - default: storage_subnet - description: The name of the storage subnet in Neutron. - type: string - StorageAllocationPools: - default: [{'start': '172.16.1.4', 'end': '172.16.1.250'}] - description: Ip allocation pool range for the storage network. - type: json - -resources: - StorageNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: StorageNetAdminStateUp} - name: {get_param: StorageNetName} - shared: {get_param: StorageNetShared} - value_specs: {get_param: StorageNetValueSpecs} - - StorageSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: StorageNetCidr} - enable_dhcp: {get_param: StorageNetEnableDHCP} - name: {get_param: StorageSubnetName} - network: {get_resource: StorageNetwork} - allocation_pools: {get_param: StorageAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron storage network - value: {get_resource: StorageNetwork} - subnet_cidr: - value: {get_attr: [StorageSubnet, cidr]} diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml deleted file mode 100644 index fc005573..00000000 --- a/network/storage_mgmt.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Storage management network. Storage replication, etc. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - StorageMgmtNetCidr: - default: '172.16.3.0/24' - description: Cidr for the storage management network. - type: string - StorageMgmtNetValueSpecs: - default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'} - description: Value specs for the storage_mgmt network. - type: json - StorageMgmtNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - StorageMgmtNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - StorageMgmtNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - StorageMgmtNetName: - default: storage_mgmt - description: The name of the Storage management network. - type: string - StorageMgmtSubnetName: - default: storage_mgmt_subnet - description: The name of the Storage management subnet in Neutron. - type: string - StorageMgmtAllocationPools: - default: [{'start': '172.16.3.4', 'end': '172.16.3.250'}] - description: Ip allocation pool range for the storage mgmt network. - type: json - -resources: - StorageMgmtNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: StorageMgmtNetAdminStateUp} - name: {get_param: StorageMgmtNetName} - shared: {get_param: StorageMgmtNetShared} - value_specs: {get_param: StorageMgmtNetValueSpecs} - - StorageMgmtSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: StorageMgmtNetCidr} - enable_dhcp: {get_param: StorageMgmtNetEnableDHCP} - name: {get_param: StorageMgmtSubnetName} - network: {get_resource: StorageMgmtNetwork} - allocation_pools: {get_param: StorageMgmtAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron storage management network - value: {get_resource: StorageMgmtNetwork} - subnet_cidr: - value: {get_attr: [StorageMgmtSubnet, cidr]} diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml index cef87de9..7ed4c92e 100644 --- a/network/storage_mgmt_v6.yaml +++ b/network/storage_mgmt_v6.yaml @@ -8,7 +8,7 @@ parameters: StorageMgmtNetCidr: # OpenStack uses the EUI-64 address format, which requires a /64 prefix default: 'fd00:fd00:fd00:4000::/64' - description: Cidr for the storage management network. + description: Cidr for the storage_mgmt network. type: string StorageMgmtNetValueSpecs: default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'} @@ -24,15 +24,15 @@ parameters: type: boolean StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string StorageMgmtSubnetName: default: storage_mgmt_subnet - description: The name of the Storage management subnet in Neutron. + description: The name of the storage_mgmt subnet in Neutron. type: string StorageMgmtAllocationPools: default: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}] - description: Ip allocation pool range for the storage mgmt network. + description: Ip allocation pool range for the storage_mgmt network. type: json IPv6AddressMode: default: dhcpv6-stateful diff --git a/network/tenant.yaml b/network/tenant.yaml deleted file mode 100644 index 67c4abbc..00000000 --- a/network/tenant.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Tenant network. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - TenantNetCidr: - default: '172.16.0.0/24' - description: Cidr for the tenant network. - type: string - TenantNetValueSpecs: - default: {'provider:physical_network': 'tenant', 'provider:network_type': 'flat'} - description: Value specs for the tenant network. - type: json - TenantNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - TenantNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - TenantNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - TenantNetName: - default: tenant - description: The name of the tenant network. - type: string - TenantSubnetName: - default: tenant_subnet - description: The name of the tenant subnet in Neutron. - type: string - TenantAllocationPools: - default: [{'start': '172.16.0.4', 'end': '172.16.0.250'}] - description: Ip allocation pool range for the tenant network. - type: json - -resources: - TenantNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: TenantNetAdminStateUp} - name: {get_param: TenantNetName} - shared: {get_param: TenantNetShared} - value_specs: {get_param: TenantNetValueSpecs} - - TenantSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: TenantNetCidr} - enable_dhcp: {get_param: TenantNetEnableDHCP} - name: {get_param: TenantSubnetName} - network: {get_resource: TenantNetwork} - allocation_pools: {get_param: TenantAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron tenant network - value: {get_resource: TenantNetwork} - subnet_cidr: - value: {get_attr: [TenantSubnet, cidr]} diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index a7a4fe25..2e398671 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -21,40 +21,44 @@ description: > parameters: # Common parameters (not specific to a role) +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName CloudName: default: overcloud.localdomain description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal CloudNameInternal: - default: overcloud.internalapi.localdomain + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's internal API endpoint. E.g. - 'ci-overcloud.internalapi.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorage: - default: overcloud.storage.localdomain +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + CloudNameStorageManagement: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage endpoint. E.g. - 'ci-overcloud.storage.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorageManagement: - default: overcloud.storagemgmt.localdomain +{%- else %} + CloudName{{network.name}}: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage management endpoint. E.g. - 'ci-overcloud.storagemgmt.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string +{%- endif %} +{%- endfor %} CloudNameCtlplane: default: overcloud.ctlplane.localdomain description: > The DNS name of this cloud's provisioning network endpoint. E.g. 'ci-overcloud.ctlplane.tripleo.org'. type: string - ControlFixedIPs: - default: [] - description: > - Control the IP allocation for the ControlVirtualIP port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json ExtraConfig: default: {} description: | @@ -77,12 +81,6 @@ parameters: description: | DEPRECATED use ComputeExtraConfig instead type: json - InternalApiVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the InternalApiVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json NeutronControlPlaneID: default: 'ctlplane' type: string @@ -91,28 +89,34 @@ parameters: default: nic1 description: Which interface to add to the NeutronPhysicalBridge. type: string - PublicVirtualFixedIPs: + ControlFixedIPs: default: [] description: > - Control the IP allocation for the PublicVirtualInterface port. E.g. + Control the IP allocation for the ControlVirtualIP port. E.g. [{'ip_address':'1.2.3.4'}] type: json - RabbitCookieSalt: - type: string - default: unset - description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - StorageVirtualFixedIPs: +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # TODO (dsneddon) Legacy name, eventually refactor to match network name + PublicVirtualFixedIPs: default: [] description: > - Control the IP allocation for the StorageVirtualInterface port. E.g. + Control the IP allocation for the PublicVirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json - StorageMgmtVirtualFixedIPs: +{%- else %} + {{network.name}}VirtualFixedIPs: default: [] description: > - Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. + Control the IP allocation for the {{network.name}}VirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json +{%- endif %} +{%- endfor %} + RabbitCookieSalt: + type: string + default: unset + description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. RedisVirtualFixedIPs: default: [] description: > @@ -240,28 +244,38 @@ resources: - - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, external]} - HOST: {get_param: CloudName} + IP: {get_attr: [VipMap, net_ip_map, ctlplane]} + HOST: {get_param: CloudNameCtlplane} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, ctlplane]} - HOST: {get_param: CloudNameCtlplane} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} + HOST: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, internal_api]} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} HOST: {get_param: CloudNameInternal} +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, storage]} - HOST: {get_param: CloudNameStorage} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} + HOST: {get_param: CloudNameStorageManagement} +{%- else %} - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, storage_mgmt]} - HOST: {get_param: CloudNameStorageManagement} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} + HOST: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} HeatAuthEncryptionKey: type: OS::TripleO::RandomString @@ -297,11 +311,21 @@ resources: type: OS::TripleO::EndpointMap properties: CloudEndpoints: - external: {get_param: CloudName} - internal_api: {get_param: CloudNameInternal} - storage: {get_param: CloudNameStorage} - storage_mgmt: {get_param: CloudNameStorageManagement} ctlplane: {get_param: CloudNameCtlplane} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName + {{network.name_lower}}: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal + {{network.name_lower}}: {get_param: CloudNameInternal} +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + {{network.name_lower}}: {get_param: CloudNameStorageManagement} +{%- else %} + {{network.name_lower}}: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} NetIpMap: {get_attr: [VipMap, net_ip_map]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} @@ -458,12 +482,9 @@ resources: type: OS::TripleO::Network::Ports::NetIpListMap properties: ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]} - ExternalIpList: {get_attr: [{{role.name}}, external_ip_address]} - InternalApiIpList: {get_attr: [{{role.name}}, internal_api_ip_address]} - StorageIpList: {get_attr: [{{role.name}}, storage_ip_address]} - StorageMgmtIpList: {get_attr: [{{role.name}}, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [{{role.name}}, tenant_ip_address]} - ManagementIpList: {get_attr: [{{role.name}}, management_ip_address]} +{%- for network in networks if network.enabled|default(true) %} + {{network.name}}IpList: {get_attr: [{{role.name}}, {{network.name_lower}}_ip_address]} +{%- endfor %} EnabledServices: {get_attr: [{{role.name}}ServiceNames, value]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} ServiceHostnameList: {get_attr: [{{role.name}}, hostname]} @@ -582,10 +603,20 @@ resources: allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig properties: - cloud_name_external: {get_param: CloudName} - cloud_name_internal_api: {get_param: CloudNameInternal} - cloud_name_storage: {get_param: CloudNameStorage} - cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName + cloud_name_{{network.name_lower}}: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal + cloud_name_{{network.name_lower}}: {get_param: CloudNameInternal} +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + cloud_name_{{network.name_lower}}: {get_param: CloudNameStorageManagement} +{%- else %} + cloud_name_{{network.name_lower}}: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} cloud_name_ctlplane: {get_param: CloudNameCtlplane} enabled_services: list_join: @@ -699,6 +730,8 @@ resources: ServiceName: redis FixedIPs: {get_param: RedisVirtualFixedIPs} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} # The public VIP is on the External net, falls back to ctlplane PublicVirtualIP: depends_on: Networks @@ -708,43 +741,38 @@ resources: ControlPlaneNetwork: {get_param: NeutronControlPlaneID} PortName: public_virtual_ip FixedIPs: {get_param: PublicVirtualFixedIPs} - - InternalApiVirtualIP: +{%- elif network.name == 'StorageMgmt' %} + {{network.name}}VirtualIP: depends_on: Networks - type: OS::TripleO::Network::Ports::InternalApiVipPort + type: OS::TripleO::Network::Ports::{{network.name}}VipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: internal_api_virtual_ip - FixedIPs: {get_param: InternalApiVirtualFixedIPs} - - StorageVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::StorageVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_virtual_ip - FixedIPs: {get_param: StorageVirtualFixedIPs} - - StorageMgmtVirtualIP: + PortName: storage_management_virtual_ip + FixedIPs: {get_param: {{network.name}}VirtualFixedIPs} +{%- else %} + {{network.name}}VirtualIP: depends_on: Networks - type: OS::TripleO::Network::Ports::StorageMgmtVipPort + type: OS::TripleO::Network::Ports::{{network.name}}VipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_management_virtual_ip - FixedIPs: {get_param: StorageMgmtVirtualFixedIPs} + PortName: {{network.name_lower}}_virtual_ip + FixedIPs: {get_param: {{network.name}}VirtualFixedIPs} +{%- endif %} +{%- endfor %} VipMap: type: OS::TripleO::Network::Ports::NetVipMap properties: ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} - InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]} - StorageIp: {get_attr: [StorageVirtualIP, ip_address]} - StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} - StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} +{%- else %} + {{network.name}}Ip: {get_attr: [{{network.name}}VirtualIP, ip_address]} + {{network.name}}IpUri: {get_attr: [{{network.name}}VirtualIP, ip_address_uri]} +{%- endif %} +{%- endfor %} # No tenant or management VIP required # Because of nested get_attr functions in the KeystoneAdminVip output, we # can't determine which attributes of VipMap are used until after @@ -758,24 +786,12 @@ resources: PingTestIps: list_join: - ' ' - - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, external_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, internal_api_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, storage_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, storage_mgmt_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, tenant_ip_address]} + - +{%- for network in networks if network.enabled|default(true) %} - yaql: expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, management_ip_address]} + data: {get_attr: [{{primary_role_name}}, {{network.name_lower}}_ip_address]} +{%- endfor %} UpdateWorkflow: type: OS::TripleO::Tasks::UpdateWorkflow diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 24aa1525..3044fe39 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -76,7 +76,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -92,7 +92,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml b/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml new file mode 100644 index 00000000..764686f4 --- /dev/null +++ b/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml @@ -0,0 +1,5 @@ +--- +deprecations: + - | + Both environments/network-management.yaml and environments/network-management-v6.yaml + are now deprecated in favor of specifying the needed networks on each role. diff --git a/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml b/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml new file mode 100644 index 00000000..96e6234d --- /dev/null +++ b/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml @@ -0,0 +1,8 @@ +--- +fixes: + - Don't unregister systems from the portal/satellite + when deleting from Heat. There are several reasons why + it's compelling to fix this behavior. See + https://bugs.launchpad.net/tripleo/+bug/1710144 + for full information. The previous behavior can be triggered + by setting the DeleteOnRHELUnregistration parameter to "true". |