diff options
149 files changed, 3255 insertions, 1245 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml index c7816b7e..962dfb99 100644 --- a/capabilities-map.yaml +++ b/capabilities-map.yaml @@ -224,3 +224,15 @@ topics: description: requires: - overcloud-resource-registry-puppet.yaml + + - title: Operational Tools + description: + environment_groups: + - title: Monitoring agents + description: Enable monitoring agents + environments: + - file: environments/monitoring-environment.yaml + title: enable monitoring agents + description: + requires: + - overcloud-resource-registry-puppet.yaml diff --git a/environments/inject-trust-anchor-hiera.yaml b/environments/inject-trust-anchor-hiera.yaml new file mode 100644 index 00000000..b4908c1b --- /dev/null +++ b/environments/inject-trust-anchor-hiera.yaml @@ -0,0 +1,8 @@ +parameter_defaults: + CAMap: + first-ca-name: + content: | + The content of the CA cert goes here + second-ca-name: + content: | + The content of the CA cert goes here diff --git a/environments/monitoring-environment.yaml b/environments/monitoring-environment.yaml new file mode 100644 index 00000000..a8ad2084 --- /dev/null +++ b/environments/monitoring-environment.yaml @@ -0,0 +1,30 @@ +## A Heat environment file which can be used to set up monitoring +## and logging agents + +resource_registry: + OS::TripleO::Services::SensuClient: ../puppet/services/monitoring/sensu-client.yaml + +parameter_defaults: + #### Sensu settings #### + ##MonitoringRabbitHost: 10.10.10.10 + ##MonitoringRabbitPort: 5672 + ##MonitoringRabbitUserName: sensu + ##MonitoringRabbitPassword: sensu + ##MonitoringRabbitUseSSL: false + ##MonitoringRabbitVhost: "/sensu" + ##SensuClientCustomConfig: + ## - api: + ## - warning: 10 + ## critical: 20 + ## openstack: + ## - username: admin + ## password: changeme + ## project_name: admin + ## auth_url: http://controller:5000/v2.0 + ## region_name: RegionOne + + #### EFK settings #### + ## TBD + + #### Grafana/Graphite settings #### + ## TBD diff --git a/environments/neutron-opendaylight-l3.yaml b/environments/neutron-opendaylight-l3.yaml new file mode 100644 index 00000000..d61270b2 --- /dev/null +++ b/environments/neutron-opendaylight-l3.yaml @@ -0,0 +1,14 @@ +# A Heat environment that can be used to deploy OpenDaylight with L3 DVR +resource_registry: + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::OpenDaylight: puppet/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None + +parameter_defaults: + EnableOpenDaylightOnController: true + NeutronEnableForceMetadata: true + NeutronMechanismDrivers: 'opendaylight' + NeutronServicePlugins: "networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin" + OpenDaylightEnableL3: "'yes'" diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml new file mode 100644 index 00000000..8fa2e542 --- /dev/null +++ b/environments/neutron-opendaylight.yaml @@ -0,0 +1,11 @@ +# A Heat environment that can be used to deploy OpenDaylight +resource_registry: + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::OpenDaylight: puppet/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: puppet/services/opendaylight-ovs.yaml + +parameter_defaults: + EnableOpenDaylightOnController: true + NeutronEnableForceMetadata: true + NeutronMechanismDrivers: 'opendaylight' diff --git a/environments/neutron-ovs-dpdk.yaml b/environments/neutron-ovs-dpdk.yaml new file mode 100644 index 00000000..004b8ac0 --- /dev/null +++ b/environments/neutron-ovs-dpdk.yaml @@ -0,0 +1,18 @@ +## A Heat environment that can be used to deploy DPDK with OVS +resource_registry: + OS::TripleO::Services::ComputeNeutronOvsAgent: ../puppet/services/neutron-ovs-dpdk-agent.yaml + +parameter_defaults: + ## NeutronDpdkCoreList and NeutronDpdkMemoryChannels are REQUIRED settings. + ## Attempting to deploy DPDK without appropriate values will cause deployment to fail or lead to unstable deployments. + #NeutronDpdkCoreList: "" + #NeutronDpdkMemoryChannels: "" + + NeutronDatapathType: "netdev" + NeutronVhostuserSocketDir: "/var/run/openvswitch" + + #NeutronDpdkSocketMemory: "" + #NeutronDpdkDriverType: "vfio-pci" + #NovaReservedHostMemory: 4096 + #NovaVcpuPinSet: "" + diff --git a/environments/neutron-ovs-dvr.yaml b/environments/neutron-ovs-dvr.yaml index 223c2531..b658d3a5 100644 --- a/environments/neutron-ovs-dvr.yaml +++ b/environments/neutron-ovs-dvr.yaml @@ -9,6 +9,13 @@ resource_registry: # connected to a physical network. OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml + # DVR requires a port on the external network for each compute node. + # This will usually match the one currently in use for + # OS::TripleO::Controller::Ports::ExternalPort. + # Please review your network configuration before deploying to ensure that + # this is appropriate. + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml + parameter_defaults: # DVR requires that the L2 population feature is enabled @@ -22,3 +29,11 @@ parameter_defaults: # We also need to set the proper agent mode for the L3 agent. This will only # affect the agent on the controller node. NeutronL3AgentMode: 'dvr_snat' + + # L3 HA isn't supported for DVR enabled routers. If upgrading from a system + # where L3 HA is enabled and has neutron routers configured, it is + # recommended setting this value to true until such time all routers can be + # migrated to DVR routers. Once migration of the routers is complete, + # NeutronL3HA can be returned to false. All new systems should be deployed + # with NeutronL3HA set to false. + NeutronL3HA: false diff --git a/environments/neutron-sriov.yaml b/environments/neutron-sriov.yaml new file mode 100755 index 00000000..9b7e51f9 --- /dev/null +++ b/environments/neutron-sriov.yaml @@ -0,0 +1,22 @@ +## A Heat environment that can be used to deploy SR-IOV +resource_registry: + OS::TripleO::Services::NeutronSriovAgent: ../puppet/services/neutron-sriov-agent.yaml + +parameter_defaults: + NeutronMechanismDrivers: ['openvswitch','sriovnicswitch'] + + # Add PciPassthroughFilter to the scheduler default filters + #NovaSchedulerDefaultFilters: ['RetryFilter','AvailabilityZoneFilter','RamFilter','ComputeFilter','ComputeCapabilitiesFilter','ImagePropertiesFilter','ServerGroupAntiAffinityFilter','ServerGroupAffinityFilter','PciPassthroughFilter'] + #NovaSchedulerAvailableFilters: ["nova.scheduler.filters.all_filters","nova.scheduler.filters.pci_passthrough_filter.PciPassthroughFilter"] + + # Provide the vendorid:productid of the VFs + #NeutronSupportedPCIVendorDevs: ['8086:154c','8086:10ca','8086:1520'] + + #NeutronPhysicalDevMappings: "datacentre:ens20f2" + + # Number of VFs that needs to be configured for a physical interface + #NeutronSriovNumVFs: "ens20f2:5" + + #NovaPCIPassthrough: + # - devname: "ens20f2" + # physical_network: "datacentre" diff --git a/extraconfig/tasks/major_upgrade_ceph_mon.sh b/extraconfig/tasks/major_upgrade_ceph_mon.sh new file mode 100755 index 00000000..38befbbf --- /dev/null +++ b/extraconfig/tasks/major_upgrade_ceph_mon.sh @@ -0,0 +1,63 @@ +#!/bin/bash +set -eu +set -o pipefail + +echo INFO: starting $(basename "$0") + +# Exit if not running +if ! pidof ceph-mon; then + echo INFO: ceph-mon is not running, skipping + exit 0 +fi + +# Exit if not Hammer +INSTALLED_VERSION=$(ceph --version | awk '{print $3}') +if ! [[ "$INSTALLED_VERSION" =~ ^0\.94.* ]]; then + echo INFO: version of Ceph installed is not 0.94, skipping + exit 0 +fi + +MON_PID=$(pidof ceph-mon) +MON_ID=$(hostname -s) + +# Stop daemon using Hammer sysvinit script +service ceph stop mon.${MON_ID} + +# Ensure it's stopped +timeout 60 bash -c "while kill -0 ${MON_PID} 2> /dev/null; do + sleep 2; +done" + +# Update to Jewel +yum -y -q update ceph-mon + +# Restart/Exit if not on Jewel, only in that case we need the changes +UPDATED_VERSION=$(ceph --version | awk '{print $3}') +if [[ "$UPDATED_VERSION" =~ ^0\.94.* ]]; then + echo WARNING: Ceph was not upgraded, restarting daemons + service ceph start mon.${MON_ID} +elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then + echo INFO: Ceph was upgraded to Jewel + + # RPM could own some of these but we can't take risks on the pre-existing files + for d in /var/lib/ceph/mon /var/log/ceph /var/run/ceph /etc/ceph; do + chown -R ceph:ceph $d + done + + # Replay udev events with newer rules + udevadm trigger + + # Enable systemd unit + systemctl enable ceph-mon.target + systemctl enable ceph-mon@${MON_ID} + systemctl start ceph-mon@${MON_ID} + + # Wait for daemon to be back in the quorum + timeout 300 bash -c "until (ceph quorum_status | jq .quorum_names | grep -sq ${MON_ID}); do + echo Waiting for mon.${MON_ID} to re-join quorum; + sleep 10; + done" +else + echo ERROR: Ceph was upgraded to an unknown release, daemon is stopped, need manual intervention + exit 1 +fi diff --git a/extraconfig/tasks/major_upgrade_ceph_storage.sh b/extraconfig/tasks/major_upgrade_ceph_storage.sh index de42b16d..03a1c1c2 100644 --- a/extraconfig/tasks/major_upgrade_ceph_storage.sh +++ b/extraconfig/tasks/major_upgrade_ceph_storage.sh @@ -4,32 +4,89 @@ # major upgrade workflow. # set -eu +set -o pipefail UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh -cat > $UPGRADE_SCRIPT << ENDOFCAT +cat > $UPGRADE_SCRIPT << 'ENDOFCAT' +#!/bin/bash ### DO NOT MODIFY THIS FILE ### This file is automatically delivered to the ceph-storage nodes as part of the ### tripleo upgrades workflow +set -eu + +echo INFO: starting $(basename "$0") +# Exit if not running +if ! pidof ceph-osd; then + echo INFO: ceph-osd is not running, skipping + exit 0 +fi -function systemctl_ceph { - action=\$1 - systemctl \$action ceph -} +# Exit if not Hammer +INSTALLED_VERSION=$(ceph --version | awk '{print $3}') +if ! [[ "$INSTALLED_VERSION" =~ ^0\.94.* ]]; then + echo INFO: version of Ceph installed is not 0.94, skipping + exit 0 +fi -# "so that mirrors aren't rebalanced as if the OSD died" - gfidente +OSD_PIDS=$(pidof ceph-osd) +OSD_IDS=$(ls /var/lib/ceph/osd | awk 'BEGIN { FS = "-" } ; { print $2 }') + +# "so that mirrors aren't rebalanced as if the OSD died" - gfidente / leseb ceph osd set noout +ceph osd set norebalance +ceph osd set nodeep-scrub +ceph osd set noscrub + +# Stop daemon using Hammer sysvinit script +for OSD_ID in $OSD_IDS; do + service ceph stop osd.${OSD_ID} +done + +# Nice guy will return non-0 only when all failed +timeout 60 bash -c "while kill -0 ${OSD_PIDS} 2> /dev/null; do + sleep 2; +done" -systemctl_ceph stop +# Update (Ceph to Jewel) yum -y install python-zaqarclient # needed for os-collect-config yum -y update -systemctl_ceph start -ceph osd unset noout +# Restart/Exit if not on Jewel, only in that case we need the changes +UPDATED_VERSION=$(ceph --version | awk '{print $3}') +if [[ "$UPDATED_VERSION" =~ ^0\.94.* ]]; then + echo WARNING: Ceph was not upgraded, restarting daemon + for OSD_ID in $OSD_IDS; do + service ceph start osd.${OSD_ID} + done +elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then + # RPM could own some of these but we can't take risks on the pre-existing files + for d in /var/lib/ceph/osd /var/log/ceph /var/run/ceph /etc/ceph; do + chown -R ceph:ceph $d + done + + # Replay udev events with newer rules + udevadm trigger && udevadm settle + + # Enable systemd unit + systemctl enable ceph-osd.target + for OSD_ID in $OSD_IDS; do + systemctl enable ceph-osd@${OSD_ID} + systemctl start ceph-osd@${OSD_ID} + done + echo INFO: Ceph was upgraded to Jewel +else + echo ERROR: Ceph was upgraded to an unknown release, daemon is stopped, need manual intervention + exit 1 +fi + +ceph osd unset noout +ceph osd unset norebalance +ceph osd unset nodeep-scrub +ceph osd unset noscrub ENDOFCAT # ensure the permissions are OK chmod 0755 $UPGRADE_SCRIPT - diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh index d67d5a1a..0b702630 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -18,7 +18,7 @@ STONITH_STATE=$(pcs property show stonith-enabled | grep "stonith-enabled" | awk pcs property set stonith-enabled=false # If for some reason rpm-python are missing we want to error out early enough -if [ ! rpm -q rpm-python &> /dev/null ]; then +if ! rpm -q rpm-python &> /dev/null; then echo_error "ERROR: upgrade cannot start without rpm-python installed" exit 1 fi @@ -155,17 +155,19 @@ wsrep_on = ON wsrep_cluster_address = gcomm://localhost EOF -if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname)" ]; then - if [ $DO_MYSQL_UPGRADE -eq 1 ]; then - # Scripts run via heat have no HOME variable set and this confuses - # mysqladmin - export HOME=/root - mkdir /var/lib/mysql || /bin/true - chown mysql:mysql /var/lib/mysql - chmod 0755 /var/lib/mysql - restorecon -R /var/lib/mysql/ - mysql_install_db --datadir=/var/lib/mysql --user=mysql - chown -R mysql:mysql /var/lib/mysql/ +if [ $DO_MYSQL_UPGRADE -eq 1 ]; then + # Scripts run via heat have no HOME variable set and this confuses + # mysqladmin + export HOME=/root + + mkdir /var/lib/mysql || /bin/true + chown mysql:mysql /var/lib/mysql + chmod 0755 /var/lib/mysql + restorecon -R /var/lib/mysql/ + mysql_install_db --datadir=/var/lib/mysql --user=mysql + chown -R mysql:mysql /var/lib/mysql/ + + if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname)" ]; then mysqld_safe --wsrep-new-cluster & # We have a populated /root/.my.cnf with root/password here so # we need to temporarily rename it because the newly created @@ -182,6 +184,9 @@ fi # If we reached here without error we can safely blow away the origin # mysql dir from every controller + +# TODO: What if the upgrade fails on the bootstrap node, but not on +# this controller. Data may be lost. if [ $DO_MYSQL_UPGRADE -eq 1 ]; then rm -r $MYSQL_TEMP_UPGRADE_BACKUP_DIR fi @@ -199,3 +204,5 @@ crudini --set /etc/ceilometer/ceilometer.conf DEFAULT rpc_backend rabbit # https://bugzilla.redhat.com/show_bug.cgi?id=1284058 # Ifd1861e3df46fad0e44ff9b5cbd58711bbc87c97 Swift Ceilometer middleware no longer exists crudini --set /etc/swift/proxy-server.conf pipeline:main pipeline "catch_errors healthcheck cache ratelimit tempurl formpost authtoken keystone staticweb proxy-logging proxy-server" +# LP: 1615035, required only for M/N upgrade. +crudini --set /etc/nova/nova.conf DEFAULT scheduler_host_manager host_manager diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh index 643ae57f..bc708cce 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh @@ -53,6 +53,7 @@ if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname) keystone-manage db_sync neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head nova-manage db sync + nova-manage api_db sync pcs resource enable memcached check_resource memcached started 600 diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml index c70a954f..c2e14880 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker.yaml +++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml @@ -32,6 +32,23 @@ resources: # map_merge with input_values instead of feeding params into scripts # via str_replace on bash snippets + CephMonUpgradeConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: major_upgrade_ceph_mon.sh} + + CephMonUpgradeDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: controller_servers} + config: {get_resource: CephMonUpgradeConfig} + input_values: {get_param: input_values} + batch_create: + max_batch_size: 1 + rolling_update: + max_batch_size: 1 + ControllerPacemakerUpgradeConfig_Step1: type: OS::Heat::SoftwareConfig properties: @@ -57,6 +74,7 @@ resources: ControllerPacemakerUpgradeDeployment_Step1: type: OS::Heat::SoftwareDeploymentGroup + depends_on: CephMonUpgradeDeployment properties: servers: {get_param: controller_servers} config: {get_resource: ControllerPacemakerUpgradeConfig_Step1} diff --git a/extraconfig/tasks/pacemaker_resource_restart.sh b/extraconfig/tasks/pacemaker_resource_restart.sh index b2e5be16..fd1fd0dc 100755 --- a/extraconfig/tasks/pacemaker_resource_restart.sh +++ b/extraconfig/tasks/pacemaker_resource_restart.sh @@ -7,32 +7,23 @@ pacemaker_status=$(systemctl is-active pacemaker) # Run if pacemaker is running, we're the bootstrap node, # and we're updating the deployment (not creating). if [ "$pacemaker_status" = "active" -a \ - "$(hiera bootstrap_nodeid)" = "$(facter hostname)" -a \ - "$(hiera stack_action)" = "UPDATE" ]; then - - #ensure neutron constraints like - #https://review.openstack.org/#/c/245093/ - if pcs constraint order show | grep "start neutron-server-clone then start neutron-ovs-cleanup-clone"; then - pcs constraint remove order-neutron-server-clone-neutron-ovs-cleanup-clone-mandatory - fi - - pcs resource disable httpd - check_resource httpd stopped 300 - pcs resource disable openstack-core - check_resource openstack-core stopped 1800 - - if pcs status | grep haproxy-clone; then - pcs resource restart haproxy-clone - fi - pcs resource restart redis-master - pcs resource restart mongod-clone - pcs resource restart rabbitmq-clone - pcs resource restart memcached-clone - pcs resource restart galera-master - - pcs resource enable openstack-core - check_resource openstack-core started 1800 - pcs resource enable httpd - check_resource httpd started 800 + "$(hiera bootstrap_nodeid)" = "$(facter hostname)" ]; then + + TIMEOUT=600 + SERVICES_TO_RESTART="$(ls /var/lib/tripleo/pacemaker-restarts)" + PCS_STATUS_OUTPUT="$(pcs status)" + + for service in $SERVICES_TO_RESTART; do + if ! echo "$PCS_STATUS_OUTPUT" | grep $service; then + echo "Service $service not found as a pacemaker resource, cannot restart it." + exit 1 + fi + done + + for service in $SERVICES_TO_RESTART; do + echo "Restarting $service..." + pcs resource restart --wait=$TIMEOUT $service + rm -f /var/lib/tripleo/pacemaker-restarts/$service + done fi diff --git a/network/config/bond-with-vlans/compute-dpdk.yaml b/network/config/bond-with-vlans/compute-dpdk.yaml new file mode 100644 index 00000000..3fc764be --- /dev/null +++ b/network/config/bond-with-vlans/compute-dpdk.yaml @@ -0,0 +1,192 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with VLANs attached for the compute role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - + type: ovs_bridge + name: {get_input: bridge_name} + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} + - + type: ovs_user_bridge + name: br-link + members: + - + type: ovs_dpdk_bond + name: dpdkbond0 + members: + - + type: ovs_dpdk_port + name: dpdk0 + members: + - + type: interface + name: nic4 + - + type: ovs_dpdk_port + name: dpdk1 + members: + - + type: interface + name: nic5 + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py index 3110f3f7..964f58f7 100755 --- a/network/endpoints/build_endpoint_map.py +++ b/network/endpoints/build_endpoint_map.py @@ -30,9 +30,9 @@ import yaml (IN_FILE, OUT_FILE) = ('endpoint_data.yaml', 'endpoint_map.yaml') SUBST = (SUBST_IP_ADDRESS, SUBST_CLOUDNAME) = ('IP_ADDRESS', 'CLOUDNAME') -PARAMS = (PARAM_CLOUDNAME, PARAM_ENDPOINTMAP, PARAM_NETIPMAP, +PARAMS = (PARAM_CLOUD_ENDPOINTS, PARAM_ENDPOINTMAP, PARAM_NETIPMAP, PARAM_SERVICENETMAP) = ( - 'CloudName', 'EndpointMap', 'NetIpMap', 'ServiceNetMap') + 'CloudEndpoints', 'EndpointMap', 'NetIpMap', 'ServiceNetMap') FIELDS = (F_PORT, F_PROTOCOL, F_HOST) = ('port', 'protocol', 'host') ENDPOINT_TYPES = frozenset(['Internal', 'Public', 'Admin']) @@ -95,10 +95,11 @@ def template_parameters(config): 'via parameter_defaults in the ' 'resource registry.') - params[PARAM_CLOUDNAME] = make_parameter('string', - 'overcloud', - 'The DNS name of this cloud. ' - 'e.g. ci-overcloud.tripleo.org') + params[PARAM_CLOUD_ENDPOINTS] = make_parameter( + 'json', + {}, + ('A map containing the DNS names for the different endpoints ' + '(external, internal_api, etc.)')) return params @@ -124,7 +125,10 @@ def template_output_definition(endpoint_name, ['NetIpMap', {'get_param': ['ServiceNetMap', net_param]}]}, - SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, + SUBST_CLOUDNAME: {'get_param': + [PARAM_CLOUD_ENDPOINTS, + {'get_param': ['ServiceNetMap', + net_param]}]}, }) ]) } @@ -139,7 +143,10 @@ def template_output_definition(endpoint_name, 'params': {'NETWORK': {'get_param': ['ServiceNetMap', net_param]}}}}]}, - SUBST_CLOUDNAME: {'get_param': PARAM_CLOUDNAME}, + SUBST_CLOUDNAME: {'get_param': + [PARAM_CLOUD_ENDPOINTS, + {'get_param': ['ServiceNetMap', + net_param]}]}, }) ]) } diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index d0553117..dd29bcde 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -69,8 +69,11 @@ parameters: SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. - CloudName: {type: string, default: overcloud, description: The DNS name - of this cloud. e.g. ci-overcloud.tripleo.org} + CloudEndpoints: + type: json + default: {} + description: A map containing the DNS names for the different endpoints + (external, internal_api, etc.) outputs: endpoint_map: value: @@ -80,7 +83,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -94,7 +100,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -112,7 +121,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -132,7 +144,10 @@ outputs: template: get_param: [EndpointMap, AodhAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -149,7 +164,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -163,7 +181,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -181,7 +202,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -201,7 +225,10 @@ outputs: template: get_param: [EndpointMap, AodhInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, AodhApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -218,7 +245,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -232,7 +262,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -250,7 +283,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -270,7 +306,10 @@ outputs: template: get_param: [EndpointMap, AodhPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -287,7 +326,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -301,7 +343,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -319,7 +364,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -339,7 +387,10 @@ outputs: template: get_param: [EndpointMap, CeilometerAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -356,7 +407,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -370,7 +424,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -388,7 +445,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -408,7 +468,10 @@ outputs: template: get_param: [EndpointMap, CeilometerInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CeilometerApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -425,7 +488,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -439,7 +505,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -457,7 +526,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -477,7 +549,10 @@ outputs: template: get_param: [EndpointMap, CeilometerPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -494,7 +569,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -508,7 +586,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -526,7 +607,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -547,7 +631,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -564,7 +651,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -578,7 +668,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -596,7 +689,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -617,7 +713,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -634,7 +733,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -648,7 +750,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -666,7 +771,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -687,7 +795,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -704,7 +815,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -718,7 +832,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -736,7 +853,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -757,7 +877,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -774,7 +897,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -788,7 +914,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -806,7 +935,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -827,7 +959,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -844,7 +979,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -858,7 +996,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -876,7 +1017,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -897,7 +1041,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -914,7 +1061,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -928,7 +1078,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -946,7 +1099,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -967,7 +1123,10 @@ outputs: template: get_param: [EndpointMap, CinderAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -984,7 +1143,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -998,7 +1160,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1016,7 +1181,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1037,7 +1205,10 @@ outputs: template: get_param: [EndpointMap, CinderInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, CinderApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1054,7 +1225,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1068,7 +1242,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1086,7 +1263,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1107,7 +1287,10 @@ outputs: template: get_param: [EndpointMap, CinderPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1124,7 +1307,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1138,7 +1324,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1156,7 +1345,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1176,7 +1368,10 @@ outputs: template: get_param: [EndpointMap, GlanceAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1193,7 +1388,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1207,7 +1405,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1225,7 +1426,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1245,7 +1449,10 @@ outputs: template: get_param: [EndpointMap, GlanceInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1262,7 +1469,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1276,7 +1486,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1294,7 +1507,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1314,7 +1530,10 @@ outputs: template: get_param: [EndpointMap, GlancePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1331,7 +1550,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1345,7 +1567,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1363,7 +1588,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1383,7 +1611,10 @@ outputs: template: get_param: [EndpointMap, GlanceRegistryInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GlanceRegistryNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1400,7 +1631,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1414,7 +1648,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1432,7 +1669,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1452,7 +1692,10 @@ outputs: template: get_param: [EndpointMap, GnocchiAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1469,7 +1712,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1483,7 +1729,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1501,7 +1750,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1521,7 +1773,10 @@ outputs: template: get_param: [EndpointMap, GnocchiInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, GnocchiApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1538,7 +1793,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1552,7 +1810,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1570,7 +1831,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1590,7 +1854,10 @@ outputs: template: get_param: [EndpointMap, GnocchiPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1607,7 +1874,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1621,7 +1891,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1639,7 +1912,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1660,7 +1936,10 @@ outputs: template: get_param: [EndpointMap, HeatAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1677,7 +1956,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1691,7 +1973,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1709,7 +1994,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1730,7 +2018,10 @@ outputs: template: get_param: [EndpointMap, HeatInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1747,7 +2038,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1761,7 +2055,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1779,7 +2076,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1800,7 +2100,10 @@ outputs: template: get_param: [EndpointMap, HeatPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1817,7 +2120,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1831,7 +2137,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1849,7 +2158,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1870,7 +2182,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1887,7 +2202,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1901,7 +2219,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1919,7 +2240,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1940,7 +2264,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, HeatApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1957,7 +2284,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1971,7 +2301,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -1989,7 +2322,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2010,7 +2346,10 @@ outputs: template: get_param: [EndpointMap, HeatCfnPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2027,7 +2366,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2041,7 +2383,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2059,7 +2404,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2080,7 +2428,10 @@ outputs: template: get_param: [EndpointMap, HorizonPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2097,7 +2448,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2111,7 +2465,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2129,7 +2486,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2150,7 +2510,10 @@ outputs: template: get_param: [EndpointMap, IronicAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2167,7 +2530,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2181,7 +2547,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2199,7 +2568,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2220,7 +2592,10 @@ outputs: template: get_param: [EndpointMap, IronicInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, IronicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2237,7 +2612,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2251,7 +2629,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2269,7 +2650,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2290,7 +2674,10 @@ outputs: template: get_param: [EndpointMap, IronicPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2307,7 +2694,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2321,7 +2711,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2339,7 +2732,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2360,7 +2756,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2377,7 +2776,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2391,7 +2793,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2409,7 +2814,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2430,7 +2838,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2447,7 +2858,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2461,7 +2875,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2479,7 +2896,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2500,7 +2920,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2517,7 +2940,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2531,7 +2957,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2549,7 +2978,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2570,7 +3002,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2587,7 +3022,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2601,7 +3039,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2619,7 +3060,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2640,7 +3084,10 @@ outputs: template: get_param: [EndpointMap, KeystoneAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystoneAdminApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2657,7 +3104,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2671,7 +3121,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2689,7 +3142,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2710,7 +3166,10 @@ outputs: template: get_param: [EndpointMap, KeystoneInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, KeystonePublicApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2727,7 +3186,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2741,7 +3203,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2759,7 +3224,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2780,7 +3248,10 @@ outputs: template: get_param: [EndpointMap, KeystonePublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2797,7 +3268,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2811,7 +3285,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2829,7 +3306,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2850,7 +3330,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2867,7 +3350,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2881,7 +3367,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2899,7 +3388,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2920,7 +3412,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2937,7 +3432,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2951,7 +3449,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2969,7 +3470,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -2990,7 +3494,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3007,7 +3514,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3021,7 +3531,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3039,7 +3552,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3060,7 +3576,10 @@ outputs: template: get_param: [EndpointMap, ManilaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3077,7 +3596,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3091,7 +3613,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3109,7 +3634,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3130,7 +3658,10 @@ outputs: template: get_param: [EndpointMap, ManilaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, ManilaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3147,7 +3678,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3161,7 +3695,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3179,7 +3716,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3200,7 +3740,10 @@ outputs: template: get_param: [EndpointMap, ManilaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3217,7 +3760,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3231,7 +3777,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3249,7 +3798,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3269,7 +3821,10 @@ outputs: template: get_param: [EndpointMap, MysqlInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, MysqlNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3286,7 +3841,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3300,7 +3858,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3318,7 +3879,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3338,7 +3902,10 @@ outputs: template: get_param: [EndpointMap, NeutronAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3355,7 +3922,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3369,7 +3939,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3387,7 +3960,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3407,7 +3983,10 @@ outputs: template: get_param: [EndpointMap, NeutronInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NeutronApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3424,7 +4003,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3438,7 +4020,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3456,7 +4041,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3476,7 +4064,10 @@ outputs: template: get_param: [EndpointMap, NeutronPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3493,7 +4084,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3507,7 +4101,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3525,7 +4122,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3546,7 +4146,10 @@ outputs: template: get_param: [EndpointMap, NovaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3563,7 +4166,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3577,7 +4183,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3595,7 +4204,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3616,7 +4228,10 @@ outputs: template: get_param: [EndpointMap, NovaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3633,7 +4248,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3647,7 +4265,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3665,7 +4286,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3686,7 +4310,10 @@ outputs: template: get_param: [EndpointMap, NovaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3703,7 +4330,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3717,7 +4347,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3735,7 +4368,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3755,7 +4391,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3772,7 +4411,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3786,7 +4428,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3804,7 +4449,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3824,7 +4472,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, NovaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3841,7 +4492,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3855,7 +4509,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3873,7 +4530,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3893,7 +4553,10 @@ outputs: template: get_param: [EndpointMap, NovaVNCProxyPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3910,7 +4573,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3924,7 +4590,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3942,7 +4611,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3963,7 +4635,10 @@ outputs: template: get_param: [EndpointMap, SaharaAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3980,7 +4655,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -3994,7 +4672,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4012,7 +4693,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4033,7 +4717,10 @@ outputs: template: get_param: [EndpointMap, SaharaInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SaharaApiNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4050,7 +4737,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4064,7 +4754,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4082,7 +4775,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4103,7 +4799,10 @@ outputs: template: get_param: [EndpointMap, SaharaPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4120,7 +4819,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4134,7 +4836,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4152,7 +4857,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4172,7 +4880,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4189,7 +4900,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4203,7 +4917,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4221,7 +4938,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4242,7 +4962,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4259,7 +4982,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4273,7 +4999,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4291,7 +5020,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4312,7 +5044,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4329,7 +5064,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4343,7 +5081,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4361,7 +5102,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4381,7 +5125,10 @@ outputs: template: get_param: [EndpointMap, SwiftAdmin, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4398,7 +5145,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4412,7 +5162,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4430,7 +5183,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4450,7 +5206,10 @@ outputs: template: get_param: [EndpointMap, SwiftInternal, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, SwiftProxyNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4467,7 +5226,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4481,7 +5243,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4499,7 +5264,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap @@ -4519,7 +5287,10 @@ outputs: template: get_param: [EndpointMap, SwiftPublic, host] params: - CLOUDNAME: {get_param: CloudName} + CLOUDNAME: + get_param: + - CloudEndpoints + - get_param: [ServiceNetMap, PublicNetwork] IP_ADDRESS: get_param: - NetIpMap diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml index 32272bd6..07e2de4c 100644 --- a/network/ports/net_ip_list_map.yaml +++ b/network/ports/net_ip_list_map.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 parameters: ControlPlaneIpList: @@ -22,6 +22,15 @@ parameters: ManagementIpList: default: [] type: comma_delimited_list + EnabledServices: + default: [] + type: comma_delimited_list + ServiceNetMap: + default: {} + type: json + ServiceHostnameList: + default: [] + type: comma_delimited_list outputs: net_ip_map: @@ -36,3 +45,48 @@ outputs: storage_mgmt: {get_param: StorageMgmtIpList} tenant: {get_param: TenantIpList} management: {get_param: ManagementIpList} + service_ips: + description: > + Map of enabled services to a list of their IP addresses + value: + yaql: + # This filters any entries where the value hasn't been substituted for + # a list, e.g it's still $service_network. This happens when there is + # no network defined for the service in the ServiceNetMap, which is OK + # as not all services have to be bound to a network, so we filter them + expression: dict($.data.map.items().where(not isString($[1]))) + data: + map: + map_replace: + - map_replace: + - map_merge: + repeat: + template: + SERVICE_node_ips: SERVICE_network + for_each: + SERVICE: {get_param: EnabledServices} + - values: {get_param: ServiceNetMap} + - values: + ctlplane: {get_param: ControlPlaneIpList} + external: {get_param: ExternalIpList} + internal_api: {get_param: InternalApiIpList} + storage: {get_param: StorageIpList} + storage_mgmt: {get_param: StorageMgmtIpList} + tenant: {get_param: TenantIpList} + management: {get_param: ManagementIpList} + service_hostnames: + description: > + Map of enabled services to a list of hostnames where they're running + value: + yaql: + # If ServiceHostnameList is empty the role is deployed with zero nodes + # therefore we don't want to add any *_node_names to the map + expression: dict($.data.map.items().where(len($[1]) > 0)) + data: + map: + map_merge: + repeat: + template: + SERVICE_node_names: {get_param: ServiceHostnameList} + for_each: + SERVICE: {get_param: EnabledServices} diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml index fea8987a..4cfff402 100644 --- a/network/service_net_map.yaml +++ b/network/service_net_map.yaml @@ -13,6 +13,7 @@ parameters: ServiceNetMapDefaults: default: + ApacheNetwork: internal_api NeutronTenantNetwork: tenant CeilometerApiNetwork: internal_api AodhApiNetwork: internal_api @@ -22,7 +23,8 @@ parameters: CinderIscsiNetwork: storage GlanceApiNetwork: storage GlanceRegistryNetwork: internal_api - IronicApiNetwork: internal_api + IronicApiNetwork: ctlplane + IronicNetwork: ctlplane KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints KeystonePublicApiNetwork: internal_api ManilaApiNetwork: internal_api @@ -40,13 +42,14 @@ parameters: RedisNetwork: internal_api MysqlNetwork: internal_api CephClusterNetwork: storage_mgmt - CephPublicNetwork: storage + CephMonNetwork: storage ControllerHostnameResolveNetwork: internal_api ComputeHostnameResolveNetwork: internal_api BlockStorageHostnameResolveNetwork: internal_api ObjectStorageHostnameResolveNetwork: internal_api CephStorageHostnameResolveNetwork: storage PublicNetwork: external + OpenDaylightApiNetwork: internal_api description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json @@ -57,6 +60,7 @@ parameters: default: MongoDbNetwork: MongodbNetwork RabbitMqNetwork: RabbitmqNetwork + CephPublicNetwork: CephMonNetwork description: Mapping older deprecated service names, intended for internal use only, this will be removed in future. type: json diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 817ff2c8..b0a9c10c 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -57,7 +57,6 @@ resource_registry: # TripleO overcloud networks OS::TripleO::Network: network/networks.yaml - OS::TripleO::VipConfig: puppet/vip-config.yaml OS::TripleO::Network::External: OS::Heat::None OS::TripleO::Network::InternalApi: OS::Heat::None @@ -130,6 +129,8 @@ resource_registry: # services OS::TripleO::Services: puppet/services/services.yaml + OS::TripleO::Services::Apache: puppet/services/apache.yaml + OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml OS::TripleO::Services::CephMon: OS::Heat::None OS::TripleO::Services::CephOSD: OS::Heat::None OS::TripleO::Services::CephClient: OS::Heat::None @@ -167,6 +168,7 @@ resource_registry: OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml OS::TripleO::Services::Pacemaker: OS::Heat::None + OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None OS::TripleO::Services::RabbitMQ: puppet/services/rabbitmq.yaml OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml @@ -217,6 +219,9 @@ resource_registry: OS::TripleO::Services::NovaIronic: OS::Heat::None OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml + OS::TripleO::Services::OpenDaylight: OS::Heat::None + OS::TripleO::Services::OpenDaylightOvs: OS::Heat::None + OS::TripleO::Services::SensuClient: OS::Heat::None parameter_defaults: EnablePackageInstall: false diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml deleted file mode 120000 index 23dc6464..00000000 --- a/overcloud-without-mergepy.yaml +++ /dev/null @@ -1 +0,0 @@ -overcloud.yaml
\ No newline at end of file diff --git a/overcloud.yaml b/overcloud.yaml index 0f05f40f..6e039178 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -1,8 +1,8 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > Deploy an OpenStack environment, consisting of several node types (roles), - Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage + Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage roles enable independent scaling of the storage components, but the minimal deployment is one Controller and one Compute node. @@ -13,9 +13,33 @@ parameters: # Common parameters (not specific to a role) CloudName: - default: overcloud + default: overcloud.localdomain description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string + CloudNameInternal: + default: overcloud.internalapi.localdomain + description: > + The DNS name of this cloud's internal API endpoint. E.g. + 'ci-overcloud.internalapi.tripleo.org'. + type: string + CloudNameStorage: + default: overcloud.storage.localdomain + description: > + The DNS name of this cloud's storage endpoint. E.g. + 'ci-overcloud.storage.tripleo.org'. + type: string + CloudNameStorageManagement: + default: overcloud.storagemgmt.localdomain + description: > + The DNS name of this cloud's storage management endpoint. E.g. + 'ci-overcloud.storagemgmt.tripleo.org'. + type: string + CloudNameManagement: + default: overcloud.management.localdomain + description: > + The DNS name of this cloud's storage management endpoint. E.g. + 'ci-overcloud.management.tripleo.org'. + type: string ControlFixedIPs: default: [] description: Should be used for arbitrary ips. @@ -91,11 +115,6 @@ parameters: may be implementation specific, e.g puppet hieradata. Any role specific ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig. type: json - SwiftHashSuffix: - description: A random string to be used as a salt when hashing to determine mappings in the ring. - type: string - hidden: true - # Compute-specific params ComputeCount: @@ -115,6 +134,7 @@ parameters: ControllerServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephExternal - OS::TripleO::Services::CinderApi @@ -178,6 +198,8 @@ parameters: - OS::TripleO::Services::NovaIronic - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::OpenDaylight + - OS::TripleO::Services::SensuClient description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -185,6 +207,7 @@ parameters: ComputeServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephClient - OS::TripleO::Services::CephExternal - OS::TripleO::Services::Timezone @@ -200,6 +223,9 @@ parameters: - OS::TripleO::Services::ComputeNeutronMetadataAgent - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::NeutronSriovAgent + - OS::TripleO::Services::OpenDaylightOvs + - OS::TripleO::Services::SensuClient description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -217,6 +243,7 @@ parameters: type: json BlockStorageServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CinderVolume - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -224,6 +251,7 @@ parameters: - OS::TripleO::Services::Snmp - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::SensuClient description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the BlockStorage nodes. @@ -241,6 +269,7 @@ parameters: type: json ObjectStorageServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::SwiftStorage @@ -249,6 +278,7 @@ parameters: - OS::TripleO::Services::Timezone - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::SensuClient description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the ObjectStorage nodes. @@ -268,12 +298,14 @@ parameters: type: json CephStorageServices: default: + - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephOSD - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::Timezone - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::SensuClient description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the CephStorage nodes. @@ -380,7 +412,12 @@ resources: EndpointMap: type: OS::TripleO::EndpointMap properties: - CloudName: {get_param: CloudName} + CloudEndpoints: + external: {get_param: CloudName} + internal_api: {get_param: CloudNameInternal} + storage: {get_param: CloudNameStorage} + storage_mgmt: {get_param: CloudNameStorageManagement} + management: {get_param: CloudNameManagement} NetIpMap: {get_attr: [VipMap, net_ip_map]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} @@ -403,10 +440,7 @@ resources: properties: CloudDomain: {get_param: CloudDomain} controllerExtraConfig: {get_param: controllerExtraConfig} - HorizonSecret: {get_resource: HorizonSecret} - PcsdPassword: {get_resource: PcsdPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} - RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} Hostname: @@ -417,6 +451,7 @@ resources: NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ControllerServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ControllerServiceChain, role_data, service_names]} + MonitoringSubscriptions: {get_attr: [ControllerServiceChain, role_data, monitoring_subscriptions]} ComputeServiceChain: type: OS::TripleO::Services @@ -448,6 +483,7 @@ resources: NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ComputeServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ComputeServiceChain, role_data, service_names]} + MonitoringSubscriptions: {get_attr: [ComputeServiceChain, role_data, monitoring_subscriptions]} BlockStorageServiceChain: type: OS::TripleO::Services @@ -480,6 +516,7 @@ resources: NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [BlockStorageServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [BlockStorageServiceChain, role_data, service_names]} + MonitoringSubscriptions: {get_attr: [BlockStorageServiceChain, role_data, monitoring_subscriptions]} ObjectStorageServiceChain: type: OS::TripleO::Services @@ -498,7 +535,6 @@ resources: resource_def: type: OS::TripleO::ObjectStorage properties: - HashSuffix: {get_param: SwiftHashSuffix} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} Hostname: @@ -513,6 +549,7 @@ resources: NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + MonitoringSubscriptions: {get_attr: [ObjectStorageServiceChain, role_data, monitoring_subscriptions]} CephStorageServiceChain: type: OS::TripleO::Services @@ -545,6 +582,7 @@ resources: NodeIndex: '%index%' ServiceConfigSettings: {get_attr: [CephStorageServiceChain, role_data, config_settings]} ServiceNames: {get_attr: [CephStorageServiceChain, role_data, service_names]} + MonitoringSubscriptions: {get_attr: [CephStorageServiceChain, role_data, monitoring_subscriptions]} ControllerIpListMap: type: OS::TripleO::Network::Ports::NetIpListMap @@ -556,6 +594,65 @@ resources: StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} TenantIpList: {get_attr: [Controller, tenant_ip_address]} ManagementIpList: {get_attr: [Controller, management_ip_address]} + EnabledServices: {get_attr: [ControllerServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + ServiceHostnameList: {get_attr: [Controller, hostname]} + + ComputeIpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ControlPlaneIpList: {get_attr: [Compute, ip_address]} + ExternalIpList: {get_attr: [Compute, external_ip_address]} + InternalApiIpList: {get_attr: [Compute, internal_api_ip_address]} + StorageIpList: {get_attr: [Compute, storage_ip_address]} + StorageMgmtIpList: {get_attr: [Compute, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [Compute, tenant_ip_address]} + ManagementIpList: {get_attr: [Compute, management_ip_address]} + EnabledServices: {get_attr: [ComputeServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + ServiceHostnameList: {get_attr: [Compute, hostname]} + + BlockStorageIpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ControlPlaneIpList: {get_attr: [BlockStorage, ip_address]} + ExternalIpList: {get_attr: [BlockStorage, external_ip_address]} + InternalApiIpList: {get_attr: [BlockStorage, internal_api_ip_address]} + StorageIpList: {get_attr: [BlockStorage, storage_ip_address]} + StorageMgmtIpList: {get_attr: [BlockStorage, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [BlockStorage, tenant_ip_address]} + ManagementIpList: {get_attr: [BlockStorage, management_ip_address]} + EnabledServices: {get_attr: [BlockStorageServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + ServiceHostnameList: {get_attr: [BlockStorage, hostname]} + + ObjectStorageIpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ControlPlaneIpList: {get_attr: [ObjectStorage, ip_address]} + ExternalIpList: {get_attr: [ObjectStorage, external_ip_address]} + InternalApiIpList: {get_attr: [ObjectStorage, internal_api_ip_address]} + StorageIpList: {get_attr: [ObjectStorage, storage_ip_address]} + StorageMgmtIpList: {get_attr: [ObjectStorage, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [ObjectStorage, tenant_ip_address]} + ManagementIpList: {get_attr: [ObjectStorage, management_ip_address]} + EnabledServices: {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + ServiceHostnameList: {get_attr: [ObjectStorage, hostname]} + + CephStorageIpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ControlPlaneIpList: {get_attr: [CephStorage, ip_address]} + ExternalIpList: {get_attr: [CephStorage, external_ip_address]} + InternalApiIpList: {get_attr: [CephStorage, internal_api_ip_address]} + StorageIpList: {get_attr: [CephStorage, storage_ip_address]} + StorageMgmtIpList: {get_attr: [CephStorage, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [CephStorage, tenant_ip_address]} + ManagementIpList: {get_attr: [CephStorage, management_ip_address]} + EnabledServices: {get_attr: [CephStorageServiceChain, role_data, service_names]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} + ServiceHostnameList: {get_attr: [CephStorage, hostname]} allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig @@ -576,32 +673,46 @@ resources: - list_join: - '\n' - {get_attr: [CephStorage, hosts_entry]} + enabled_services: + list_join: + - ',' + - {get_attr: [ControllerServiceChain, role_data, service_names]} + - {get_attr: [ComputeServiceChain, role_data, service_names]} + - {get_attr: [BlockStorageServiceChain, role_data, service_names]} + - {get_attr: [ObjectStorageServiceChain, role_data, service_names]} + - {get_attr: [CephStorageServiceChain, role_data, service_names]} controller_ips: {get_attr: [Controller, ip_address]} controller_names: {get_attr: [Controller, hostname]} - rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RabbitmqNetwork]}]} - mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MongodbNetwork]}]} - redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]}]} + service_ips: + # Note (shardy) this somewhat complex yaql may be replaced + # with a map_deep_merge function in ocata. It merges the + # list of maps, but appends to colliding lists when a service + # is deployed on more than one role + yaql: + expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()])) + data: + l: + - {get_attr: [ControllerIpListMap, service_ips]} + - {get_attr: [ComputeIpListMap, service_ips]} + - {get_attr: [BlockStorageIpListMap, service_ips]} + - {get_attr: [ObjectStorageIpListMap, service_ips]} + - {get_attr: [CephStorageIpListMap, service_ips]} + service_node_names: + yaql: + expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()])) + data: + l: + - {get_attr: [ControllerIpListMap, service_hostnames]} + - {get_attr: [ComputeIpListMap, service_hostnames]} + - {get_attr: [BlockStorageIpListMap, service_hostnames]} + - {get_attr: [ObjectStorageIpListMap, service_hostnames]} + - {get_attr: [CephStorageIpListMap, service_hostnames]} + # FIXME(shardy): These require further work to move into service_ips memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} - mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} - horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HorizonNetwork]}]} - heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} - swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} - ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} - aodh_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} - gnocchi_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} - nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} - nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaMetadataNetwork]}]} - glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} - glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceRegistryNetwork]}]} - cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} - manila_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} - neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} - sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} - ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} - ceph_mon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephPublicNetwork]}]} - ceph_mon_node_names: {get_attr: [Controller, hostname]} + NetVipMap: {get_attr: [VipMap, net_ip_map]} + ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -697,44 +808,6 @@ resources: StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} # No tenant or management VIP required - VipConfig: - type: OS::TripleO::VipConfig - - VipDeployment: - type: OS::Heat::StructuredDeployments - properties: - name: VipDeployment - config: {get_resource: VipConfig} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - input_values: - # service VIP mappings - keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} - keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} - neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]} - cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]} - glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]} - glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceRegistryNetwork]}]} - swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]} - nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} - nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaMetadataNetwork]}]} - ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]} - aodh_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]} - gnocchi_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]} - heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]} - horizon_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HorizonNetwork]}]} - redis_vip: {get_attr: [RedisVirtualIP, ip_address]} - manila_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]} - mysql_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]} - rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, RabbitMqNetwork]}]} - # direct configuration of Virtual IPs for each network - control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]} - public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} - internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} - sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} - ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]} - storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} - storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} - ControllerSwiftDeployment: type: OS::Heat::StructuredDeployments properties: @@ -754,7 +827,6 @@ resources: properties: controller_swift_devices: {get_attr: [Controller, swift_device]} object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]} - controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]} ControllerAllNodesDeployment: type: OS::Heat::StructuredDeployments @@ -926,7 +998,11 @@ resources: servers: {get_attr: [CephStorage, attributes, nova_server_resource]} RoleData: {get_attr: [CephStorageServiceChain, role_data]} + outputs: + ManagedEndpoints: + description: Asserts that the keystone endpoints have been provisioned. + value: true KeystoneURL: description: URL for the Overcloud Keystone service value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} @@ -969,6 +1045,9 @@ outputs: NovaInternalVip: description: VIP for Nova API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]} + OpenDaylightInternalVip: + description: VIP for OpenDaylight API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]} SaharaInternalVip: description: VIP for Sahara API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index f1ce42b1..7aa29b24 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -1,63 +1,34 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'All Nodes Config for Puppet' parameters: hosts: type: comma_delimited_list + # FIXME(shardy) this can be comma_delimited_list when + # https://bugs.launchpad.net/heat/+bug/1617019 is fixed + enabled_services: + type: string controller_ips: type: comma_delimited_list + service_ips: + type: json + service_node_names: + type: json controller_names: type: comma_delimited_list - rabbit_node_ips: - type: comma_delimited_list - mongo_node_ips: - type: comma_delimited_list - redis_node_ips: - type: comma_delimited_list memcache_node_ips: type: comma_delimited_list - mysql_node_ips: - type: comma_delimited_list - horizon_node_ips: - type: comma_delimited_list - heat_api_node_ips: - type: comma_delimited_list - swift_proxy_node_ips: - type: comma_delimited_list - ceilometer_api_node_ips: - type: comma_delimited_list - aodh_api_node_ips: - type: comma_delimited_list - nova_api_node_ips: - type: comma_delimited_list - nova_metadata_node_ips: - type: comma_delimited_list - glance_api_node_ips: - type: comma_delimited_list - glance_registry_node_ips: - type: comma_delimited_list - gnocchi_api_node_ips: - type: comma_delimited_list - cinder_api_node_ips: - type: comma_delimited_list - manila_api_node_ips: - type: comma_delimited_list - neutron_api_node_ips: - type: comma_delimited_list keystone_public_api_node_ips: type: comma_delimited_list keystone_admin_api_node_ips: type: comma_delimited_list - sahara_api_node_ips: - type: comma_delimited_list - ironic_api_node_ips: - type: comma_delimited_list - ceph_mon_node_ips: - type: comma_delimited_list - ceph_mon_node_names: - type: comma_delimited_list + NetVipMap: + type: json + ServiceNetMap: + type: json DeployIdentifier: type: string + default: '' description: > Setting this to a unique value will re-run any deployment tasks which perform configuration on a Heat stack-update. @@ -92,245 +63,106 @@ resources: bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip} all_nodes: mapped_data: - controller_node_ips: - list_join: - - ',' - - {get_param: controller_ips} - controller_node_names: - list_join: - - ',' - - {get_param: controller_names} - galera_node_names: - list_join: - - ',' - - {get_param: controller_names} - rabbitmq_node_ips: &rabbit_nodes_array - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: rabbit_node_ips} - mongodb_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: mongo_node_ips} - redis_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: redis_node_ips} - memcached_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: memcache_node_ips} - memcached_node_ips_v6: - str_replace: - template: "['inet6:[SERVERS_LIST]']" - params: - SERVERS_LIST: - list_join: - - "]','inet6:[" - - {get_param: memcache_node_ips} - mysql_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: mysql_node_ips} - horizon_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: horizon_node_ips} - heat_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: heat_api_node_ips} - swift_proxy_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: swift_proxy_node_ips} - ceilometer_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: ceilometer_api_node_ips} - aodh_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: aodh_api_node_ips} - gnocchi_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: gnocchi_api_node_ips} - nova_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: nova_api_node_ips} - nova_metadata_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: nova_metadata_node_ips} - glance_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: glance_api_node_ips} - glance_registry_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: glance_registry_node_ips} - cinder_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: cinder_api_node_ips} - manila_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: manila_api_node_ips} - neutron_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: neutron_api_node_ips} - # TODO: pass a `midonet_api_node_ips` var - midonet_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: neutron_api_node_ips} - keystone_public_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: keystone_public_api_node_ips} - keystone_admin_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: keystone_admin_api_node_ips} - sahara_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: sahara_api_node_ips} - ironic_api_node_ips: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: ironic_api_node_ips} - - tripleo::profile::base::ceph::ceph_mon_initial_members: - list_join: - - ',' - - {get_param: ceph_mon_node_names} - tripleo::profile::base::ceph::ceph_mon_host: - list_join: - - ',' - - {get_param: ceph_mon_node_ips} - tripleo::profile::base::ceph::ceph_mon_host_v6: - str_replace: - template: "'[IPS_LIST]'" - params: - IPS_LIST: - list_join: - - '],[' - - {get_param: ceph_mon_node_ips} - # NOTE(gfidente): interpolation with %{} in the - # hieradata file can't be used as it returns string - ceilometer::rabbit_hosts: *rabbit_nodes_array - aodh::rabbit_hosts: *rabbit_nodes_array - cinder::rabbit_hosts: *rabbit_nodes_array - glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array - manila::rabbit_hosts: *rabbit_nodes_array - heat::rabbit_hosts: *rabbit_nodes_array - neutron::rabbit_hosts: *rabbit_nodes_array - nova::rabbit_hosts: *rabbit_nodes_array - keystone::rabbit_hosts: *rabbit_nodes_array - sahara::rabbit_hosts: *rabbit_nodes_array - ironic::rabbit_hosts: *rabbit_nodes_array + map_merge: + - enabled_services: {get_param: enabled_services} + # This writes out a mapping of service_name_enabled: 'true' + # For any services not enabled, hiera foo_enabled will + # return nil, as it's undefined + - map_merge: + repeat: + template: + # Note this must be string 'true' due to + # https://bugs.launchpad.net/heat/+bug/1617203 + SERVICE_enabled: 'true' + for_each: + SERVICE: + str_split: [',', {get_param: enabled_services}] + # provides a mapping of service_name_ips to a list of IPs + - {get_param: service_ips} + - {get_param: service_node_names} + - controller_node_ips: + list_join: + - ',' + - {get_param: controller_ips} + controller_node_names: + list_join: + - ',' + - {get_param: controller_names} + memcached_node_ips_v6: + str_replace: + template: "['inet6:[SERVERS_LIST]']" + params: + SERVERS_LIST: + list_join: + - "]','inet6:[" + - {get_param: memcache_node_ips} + keystone_public_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_public_api_node_ips} + keystone_admin_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_admin_api_node_ips} - deploy_identifier: {get_param: DeployIdentifier} - update_identifier: {get_param: UpdateIdentifier} - stack_action: {get_param: StackAction} + deploy_identifier: {get_param: DeployIdentifier} + update_identifier: {get_param: UpdateIdentifier} + stack_action: {get_param: StackAction} + vip_data: + mapped_data: + map_merge: + # Dynamically generate per-service VIP data based on enabled_services + # This works as follows (outer->inner functions) + # yaql - filters services where no mapping exists in ServiceNetMap + # map_replace: substitute e.g internal_api with the IP from NetVipMap + # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap + # map_merge/repeat: generate a per-service mapping + - yaql: + # This filters any entries where the value hasn't been substituted for + # a list, e.g it's still $service_network. This happens when there is + # no network defined for the service in the ServiceNetMap, which is OK + # as not all services have to be bound to a network, so we filter them + expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network"))) + data: + map: + map_replace: + - map_replace: + - map_merge: + repeat: + template: + SERVICE_vip: SERVICE_network + for_each: + SERVICE: + str_split: [',', {get_param: enabled_services}] + - values: {get_param: ServiceNetMap} + - values: {get_param: NetVipMap} + - keystone_admin_api_vip: + get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}] + keystone_public_api_vip: + get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}] + public_virtual_ip: {get_param: [NetVipMap, external]} + controller_virtual_ip: {get_param: [NetVipMap, ctlplane]} + internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]} + storage_virtual_ip: {get_param: [NetVipMap, storage]} + storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]} + # public_virtual_ip and controller_virtual_ip are needed in + # both HAproxy & keepalived. + tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]} + tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]} + tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]} + tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]} + tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]} + tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]} + tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]} + tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]} outputs: config_id: diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index a83e0cfe..df6b7249 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -15,6 +15,7 @@ parameters: default: {} DeployIdentifier: type: string + default: '' description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 829456b5..fe2a916f 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -90,6 +90,9 @@ parameters: ServiceNames: type: comma_delimited_list default: [] + MonitoringSubscriptions: + type: comma_delimited_list + default: [] ConfigCommand: type: string description: Command which will be run whenever configuration data changes @@ -252,6 +255,7 @@ resources: service_names: mapped_data: service_names: {get_param: ServiceNames} + sensu::subscriptions: {get_param: MonitoringSubscriptions} service_configs: mapped_data: map_replace: diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index 6416c43e..0620bc6c 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -10,6 +10,7 @@ parameters: type: json DeployIdentifier: type: string + default: '' description: Value which changes if the node configuration may need to be re-applied RoleData: type: json diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index ef3f08ff..bc26df75 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -30,14 +30,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true UpdateIdentifier: default: '' type: string @@ -92,6 +84,9 @@ parameters: ServiceNames: type: comma_delimited_list default: [] + MonitoringSubscriptions: + type: comma_delimited_list + default: [] ConfigCommand: type: string description: Command which will be run whenever configuration data changes @@ -232,8 +227,6 @@ resources: server: {get_resource: BlockStorage} config: {get_resource: BlockStorageConfig} input_values: - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles @@ -258,6 +251,7 @@ resources: service_names: mapped_data: service_names: {get_param: ServiceNames} + sensu::subscriptions: {get_param: MonitoringSubscriptions} service_configs: mapped_data: map_replace: @@ -270,8 +264,6 @@ resources: volume: mapped_data: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index d0c6082c..358ec5a8 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -15,6 +15,7 @@ parameters: default: {} DeployIdentifier: type: string + default: '' description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 1790aa0d..0f9e0313 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -107,6 +107,9 @@ parameters: ServiceNames: type: comma_delimited_list default: [] + MonitoringSubscriptions: + type: comma_delimited_list + default: [] ConfigCommand: type: string description: Command which will be run whenever configuration data changes @@ -271,6 +274,7 @@ resources: service_names: mapped_data: service_names: {get_param: ServiceNames} + sensu::subscriptions: {get_param: MonitoringSubscriptions} service_configs: mapped_data: map_replace: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 4af6cb46..c97c3bc8 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -15,6 +15,7 @@ parameters: default: {} DeployIdentifier: type: string + default: '' description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 0bdd8d34..c85546fa 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -4,10 +4,6 @@ description: > OpenStack controller node configured by Puppet. parameters: - AodhPassword: - description: The password for the aodh services. - type: string - hidden: true controllerExtraConfig: default: {} description: | @@ -27,18 +23,10 @@ parameters: ... } type: json - CorosyncIPv6: - default: false - description: Enable IPv6 in Corosync - type: boolean Debug: default: '' description: Set to True to enable debugging on all services. type: string - EnableFencing: - default: false - description: Whether to enable fencing in Pacemaker or not. - type: boolean EnableLoadBalancer: default: true description: Whether to deploy a LoadBalancer on the Controller @@ -49,48 +37,12 @@ parameters: Additional hieradata to inject into the cluster, note that ControllerExtraConfig takes precedence over ExtraConfig. type: json - FencingConfig: - default: {} - description: | - Pacemaker fencing configuration. The JSON should have - the following structure: - { - "devices": [ - { - "agent": "AGENT_NAME", - "host_mac": "HOST_MAC_ADDRESS", - "params": {"PARAM_NAME": "PARAM_VALUE"} - } - ] - } - For instance: - { - "devices": [ - { - "agent": "fence_xvm", - "host_mac": "52:54:00:aa:bb:cc", - "params": { - "multicast_address": "225.0.0.12", - "port": "baremetal_0", - "manage_fw": true, - "manage_key_file": true, - "key_file": "/etc/fence_xvm.key", - "key_file_password": "abcdef" - } - } - ] - } - type: json OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. default: baremetal type: string constraints: - custom_constraint: nova.flavor - HorizonSecret: - description: Secret key for Django - type: string - hidden: true controllerImage: type: string default: overcloud-full @@ -100,81 +52,23 @@ parameters: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. type: string - InstanceNameTemplate: - default: 'instance-%08x' - description: Template string to be used to generate instance names - type: string KeyName: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string constraints: - custom_constraint: nova.keypair - ManageFirewall: - default: false - description: Whether to manage IPtables rules. - type: boolean - MemcachedIPv6: - default: false - description: Enable IPv6 features in Memcached. - type: boolean - PurgeFirewallRules: - default: false - description: Whether IPtables rules should be purged before setting up the new ones. - type: boolean - NeutronMetadataProxySharedSecret: - description: Shared secret to prevent spoofing - type: string - hidden: true - NeutronPassword: - description: The password for the neutron service and db account, used by neutron agents. - type: string - hidden: true NeutronPublicInterface: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - NovaEnableDBPurge: - default: true - description: | - Whether to create cron job for purging soft deleted rows in Nova database. - type: boolean - NovaIPv6: - default: false - description: Enable IPv6 features in Nova - type: boolean - NovaPassword: - description: The password for the nova service and db account, used by nova-api. - type: string - hidden: true - PcsdPassword: - type: string - description: The password for the 'pcsd' user. - hidden: true - RedisPassword: - description: The password for Redis - type: string - hidden: true RedisVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug - RedisVirtualIPUri: - type: string - default: '' # Has to be here because of the ignored empty value bug - description: An IP address which is wrapped in brackets in case of IPv6 - SwiftHashSuffix: - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string SwiftRawDisks: default: {} description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' type: json - UpgradeLevelNovaCompute: - type: string - description: Nova Compute upgrade level - default: '' ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -234,6 +128,9 @@ parameters: ServiceNames: type: comma_delimited_list default: [] + MonitoringSubscriptions: + type: comma_delimited_list + default: [] ConfigCommand: type: string description: Command which will be run whenever configuration data changes @@ -401,70 +298,9 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - horizon_secret: {get_param: HorizonSecret} - debug: {get_param: Debug} - keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } - keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } - enable_fencing: {get_param: EnableFencing} enable_load_balancer: {get_param: EnableLoadBalancer} - manage_firewall: {get_param: ManageFirewall} - purge_firewall_rules: {get_param: PurgeFirewallRules} - neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } - aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } - aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] } - ceilometer_coordination_url: - list_join: - - '' - - - 'redis://:' - - {get_param: RedisPassword} - - '@' - - {get_param: RedisVirtualIPUri} - - ':6379/' - nova_enable_db_purge: {get_param: NovaEnableDBPurge} - nova_ipv6: {get_param: NovaIPv6} - corosync_ipv6: {get_param: CorosyncIPv6} - memcached_ipv6: {get_param: MemcachedIPv6} - nova_password: {get_param: NovaPassword} - upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} - instance_name_template: {get_param: InstanceNameTemplate} - fencing_config: {get_param: FencingConfig} - pcsd_password: {get_param: PcsdPassword} - swift_hash_suffix: {get_param: SwiftHashSuffix} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} - keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongodbNetwork]}]} - neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} - ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} - nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} - horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - horizon_subnet: - str_replace: - template: "['SUBNET']" - params: - SUBNET: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} - redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} - sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} - memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles ControllerConfig: @@ -484,7 +320,7 @@ resources: - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - - vip_data # provided by vip-config + - vip_data # provided by allNodesConfig - '"%{::osfamily}"' - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre @@ -499,6 +335,7 @@ resources: service_names: mapped_data: service_names: {get_param: ServiceNames} + sensu::subscriptions: {get_param: MonitoringSubscriptions} service_configs: mapped_data: map_replace: @@ -516,82 +353,11 @@ resources: bootstack_nodeid: {get_input: bootstack_nodeid} # Pacemaker - enable_fencing: {get_input: enable_fencing} enable_load_balancer: {get_input: enable_load_balancer} - hacluster_pwd: {get_input: pcsd_password} - corosync_ipv6: {get_input: corosync_ipv6} - tripleo::fencing::config: {get_input: fencing_config} - - # Swift - # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml - swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} - swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - swift::swift_hash_path_suffix: {get_input: swift_hash_suffix} - - # Keystone - keystone::admin_bind_host: {get_input: keystone_admin_api_network} - keystone::public_bind_host: {get_input: keystone_public_api_network} - keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network} - keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network} - - # Manila - manila::api::bind_host: {get_input: manila_api_network} - - # MongoDB - mongodb::server::bind_ip: {get_input: mongo_db_network} - - # Neutron - neutron::bind_host: {get_input: neutron_api_network} - neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} - neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - - # Aodh - aodh::api::host: {get_input: aodh_api_network} - aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} - - # Ceilometer - ceilometer::api::host: {get_input: ceilometer_api_network} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - - # Gnocchi - gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network} - gnocchi::api::host: {get_input: gnocchi_api_network} - gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri} - gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri} - gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri} - - # Nova - nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} - nova::use_ipv6: {get_input: nova_ipv6} - nova::api::api_bind_address: {get_input: nova_api_network} - nova::api::metadata_listen: {get_input: nova_metadata_network} - nova::glance_api_servers: {get_input: glance_api_servers} - nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} - nova::api::instance_name_template: {get_input: instance_name_template} - nova::vncproxy::host: {get_input: nova_api_network} - nova_enable_db_purge: {get_input: nova_enable_db_purge} - - # Horizon - apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet} - apache::ip: {get_input: horizon_network} - horizon::django_debug: {get_input: debug} - horizon::secret_key: {get_input: horizon_secret} - horizon::bind_address: {get_input: horizon_network} - horizon::keystone_url: {get_input: keystone_auth_uri} - - # Sahara - sahara::host: {get_input: sahara_api_network} # Redis - redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} - # Firewall - tripleo::firewall::manage_firewall: {get_input: manage_firewall} - tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules} # Misc - memcached_ipv6: {get_input: memcached_ipv6} - memcached::listen_ip: {get_input: memcached_network} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -726,20 +492,6 @@ outputs: template: "NETWORK_uri" params: NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} - swift_proxy_memcache: - description: Swift proxy-memcache value - value: - str_replace: - template: "IP:11211" - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml index ae0f0c2d..65afffad 100644 --- a/puppet/services/aodh-api.yaml +++ b/puppet/services/aodh-api.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionAodhApi: + default: 'overcloud-ceilometer-aodh-api' + type: string resources: AodhBase: @@ -27,21 +30,37 @@ resources: DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Role data for the Aodh API service. value: service_name: aodh_api + monitoring_subscription: {get_param: MonitoringSubscriptionAodhApi} config_settings: map_merge: - get_attr: [AodhBase, role_data, config_settings] + - get_attr: [ApacheServiceBase, role_data, config_settings] - aodh::wsgi::apache::ssl: false aodh::api::service_name: 'httpd' - - tripleo.aodh_api.firewall_rules: + tripleo.aodh_api.firewall_rules: '128 aodh-api': dport: - 8042 - 13042 - + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + aodh::api::host: {get_param: [ServiceNetMap, AodhApiNetwork]} + aodh::wsgi::apache::bind_host: {get_param: [ServiceNetMap, AodhApiNetwork]} step_config: | include tripleo::profile::base::aodh::api diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml index 3988c940..405c500e 100644 --- a/puppet/services/aodh-evaluator.yaml +++ b/puppet/services/aodh-evaluator.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionAodhEvaluator: + default: 'overcloud-ceilometer-aodh-evaluator' + type: string resources: AodhBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Aodh Evaluator service. value: service_name: aodh_evaluator + monitoring_subscription: {get_param: MonitoringSubscriptionAodhEvaluator} config_settings: get_attr: [AodhBase, role_data, config_settings] step_config: | diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml index bc1ccde7..fc4e8b39 100644 --- a/puppet/services/aodh-listener.yaml +++ b/puppet/services/aodh-listener.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionAodhListener: + default: 'overcloud-ceilometer-aodh-listener' + type: string resources: AodhBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Aodh Listener service. value: service_name: aodh_listener + monitoring_subscription: {get_param: MonitoringSubscriptionAodhListener} config_settings: get_attr: [AodhBase, role_data, config_settings] step_config: | diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml index 66e9f3e9..2e51c639 100644 --- a/puppet/services/aodh-notifier.yaml +++ b/puppet/services/aodh-notifier.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionAodhNotifier: + default: 'overcloud-ceilometer-aodh-notifier' + type: string resources: AodhBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Aodh Notifier service. value: service_name: aodh_notifier + monitoring_subscription: {get_param: MonitoringSubscriptionAodhNotifier} config_settings: get_attr: [AodhBase, role_data, config_settings] step_config: | diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml new file mode 100644 index 00000000..7595e4c3 --- /dev/null +++ b/puppet/services/apache.yaml @@ -0,0 +1,42 @@ +heat_template_version: 2016-10-14 + +description: > + Apache service configured with Puppet. Note this is typically included + automatically via other services which run via Apache. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the Apache role. + value: + service_name: apache + config_settings: + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]} + apache::server_signature: 'Off' + apache::server_tokens: 'Prod' + apache_remote_proxy_ips_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]} + apache::mod::remoteip::proxy_ips: + - "%{hiera('apache_remote_proxy_ips_network')}" diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml new file mode 100644 index 00000000..1a534156 --- /dev/null +++ b/puppet/services/ca-certs.yaml @@ -0,0 +1,35 @@ +heat_template_version: 2016-04-08 + +description: > + HAproxy service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + CAMap: + description: > + Map containing the CA certs and information needed for deploying them. + default: {} + type: json + +outputs: + role_data: + description: Role data for injecting CA certificates. + value: + service_name: ca_certs + config_settings: + tripleo::trusted_cas::ca_map: {get_param: CAMap} + step_config: | + include ::tripleo::trusted_cas diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index 72bad632..5d980d79 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -22,6 +22,9 @@ parameters: description: The password for the redis service account. type: string hidden: true + MonitoringSubscriptionCeilometerCentral: + default: 'overcloud-ceilometer-agent-central' + type: string resources: CeilometerServiceBase: @@ -36,6 +39,7 @@ outputs: description: Role data for the Ceilometer Central Agent role. value: service_name: ceilometer_agent_central + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCentral} config_settings: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml index 5bfecfed..5457539c 100644 --- a/puppet/services/ceilometer-agent-compute.yaml +++ b/puppet/services/ceilometer-agent-compute.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerCompute: + default: 'overcloud-ceilometer-agent-compute' + type: string resources: CeilometerServiceBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Ceilometer Compute Agent role. value: service_name: ceilometer_agent_compute + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCompute} config_settings: get_attr: [CeilometerServiceBase, role_data, config_settings] step_config: | diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml index 7873706d..bedb8b04 100644 --- a/puppet/services/ceilometer-agent-notification.yaml +++ b/puppet/services/ceilometer-agent-notification.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerNotification: + default: 'overcloud-ceilometer-agent-notification' + type: string resources: @@ -33,6 +36,7 @@ outputs: description: Role data for the Ceilometer Notification Agent role. value: service_name: ceilometer_agent_notification + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerNotification} config_settings: get_attr: [CeilometerServiceBase, role_data, config_settings] step_config: | diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index 3a01a1f9..5df9f2b3 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerApi: + default: 'overcloud-ceilometer-api' + type: string resources: @@ -28,18 +31,37 @@ resources: DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Role data for the Ceilometer API role. value: service_name: ceilometer_api + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerApi} config_settings: map_merge: + - get_attr: [ApacheServiceBase, role_data, config_settings] - get_attr: [CeilometerServiceBase, role_data, config_settings] - tripleo.ceilometer_api.firewall_rules: '124 ceilometer': dport: - 8777 - 13777 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + - ceilometer::api::service_name: 'httpd' + ceilometer::api::host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::wsgi::apache::ssl: false step_config: | include ::tripleo::profile::base::ceilometer::api diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml index ef7ffbd6..9dbb2759 100644 --- a/puppet/services/ceilometer-collector.yaml +++ b/puppet/services/ceilometer-collector.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerCollector: + default: 'overcloud-ceilometer-collector' + type: string resources: CeilometerServiceBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Ceilometer Collector role. value: service_name: ceilometer_collector + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCollector} config_settings: get_attr: [CeilometerServiceBase, role_data, config_settings] step_config: | diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml index 63a6d41d..3b811c4d 100644 --- a/puppet/services/ceilometer-expirer.yaml +++ b/puppet/services/ceilometer-expirer.yaml @@ -18,7 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - + MonitoringSubscriptionCeilometerExpirer: + default: 'overcloud-ceilometer-expirer' + type: string resources: CeilometerServiceBase: @@ -33,6 +35,7 @@ outputs: description: Role data for the Ceilometer Expirer role. value: service_name: ceilometer_expirer + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerExpirer} config_settings: get_attr: [CeilometerServiceBase, role_data, config_settings] step_config: | diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 4d98546d..ce8d9158 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -20,9 +20,6 @@ parameters: CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. - CephIPv6: - default: False - type: boolean CinderRbdPoolName: default: volumes type: string @@ -72,7 +69,6 @@ outputs: value: service_name: ceph_base config_settings: - tripleo::profile::base::ceph::ceph_ipv6: {get_param: CephIPv6} tripleo::profile::base::ceph::enable_ceph_storage: {get_param: ControllerEnableCephStorage} ceph::profile::params::osd_pool_default_min_size: 1 ceph::profile::params::osds: {/srv/data: {}} @@ -93,8 +89,8 @@ outputs: str_replace: template: "NETWORK_subnet" params: - NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} - ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephPublicNetwork]} + NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]} + ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]} ceph::profile::params::client_keys: str_replace: template: "{ diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml index a9e4621a..b482dd2e 100644 --- a/puppet/services/ceph-client.yaml +++ b/puppet/services/ceph-client.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCephClient: + default: 'overcloud-ceph-client' + type: string resources: CephBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Cinder OSD service. value: service_name: ceph_client + monitoring_subscription: {get_param: MonitoringSubscriptionCephClient} config_settings: get_attr: [CephBase, role_data, config_settings] step_config: | diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml index 959cee26..52c4824f 100644 --- a/puppet/services/ceph-external.yaml +++ b/puppet/services/ceph-external.yaml @@ -47,12 +47,16 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCephExternal: + default: 'overcloud-ceph-external' + type: string outputs: role_data: description: Role data for the Ceph External service. value: service_name: ceph_external + monitoring_subscription: {get_param: MonitoringSubscriptionCephExternal} config_settings: tripleo::profile::base::ceph::ceph_mon_host: {get_param: CephExternalMonHost} ceph::profile::params::fsid: {get_param: CephClusterFSID} diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index f634ce8a..a2b3f13e 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -53,6 +53,9 @@ parameters: } default: {} type: json + MonitoringSubscriptionCephMon: + default: 'overcloud-ceph-mon' + type: string resources: CephBase: @@ -67,6 +70,7 @@ outputs: description: Role data for the Ceph Monitor service. value: service_name: ceph_mon + monitoring_subscription: {get_param: MonitoringSubscriptionCephMon} config_settings: map_merge: - get_attr: [CephBase, role_data, config_settings] diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml index d18ccabf..f6378720 100644 --- a/puppet/services/ceph-osd.yaml +++ b/puppet/services/ceph-osd.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCephOsd: + default: 'overcloud-ceph-osd' + type: string resources: CephBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Cinder OSD service. value: service_name: ceph_osd + monitoring_subscription: {get_param: MonitoringSubscriptionCephOsd} config_settings: map_merge: - get_attr: [CephBase, role_data, config_settings] diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 5df0739f..94c94a65 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -31,6 +31,9 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionCinderApi: + default: 'overcloud-cinder-api' + type: string resources: @@ -46,6 +49,7 @@ outputs: description: Role data for the Cinder API role. value: service_name: cinder_api + monitoring_subscription: {get_param: MonitoringSubscriptionCinderApi} config_settings: map_merge: - get_attr: [CinderBase, role_data, config_settings] diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml index f92fdfdb..80795457 100644 --- a/puppet/services/cinder-backup.yaml +++ b/puppet/services/cinder-backup.yaml @@ -30,6 +30,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCinderBackup: + default: 'overcloud-cinder-backup' + type: string resources: @@ -45,6 +48,7 @@ outputs: description: Role data for the Cinder Backup role. value: service_name: cinder_backup + monitoring_subscription: {get_param: MonitoringSubscriptionCinderBackup} config_settings: map_merge: - get_attr: [CinderBase, role_data, config_settings] diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml index 129706b1..1326e267 100644 --- a/puppet/services/cinder-scheduler.yaml +++ b/puppet/services/cinder-scheduler.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCinderScheduler: + default: 'overcloud-cinder-scheduler' + type: string resources: @@ -33,6 +36,7 @@ outputs: description: Role data for the Cinder Scheduler role. value: service_name: cinder_scheduler + monitoring_subscription: {get_param: MonitoringSubscriptionCinderScheduler} config_settings: map_merge: - get_attr: [CinderBase, role_data, config_settings] diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml index de7e6bab..c84c784e 100644 --- a/puppet/services/cinder-volume.yaml +++ b/puppet/services/cinder-volume.yaml @@ -56,6 +56,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCinderVolume: + default: 'overcloud-cinder-volume' + type: string resources: @@ -71,6 +74,7 @@ outputs: description: Role data for the Cinder Volume role. value: service_name: cinder_volume + monitoring_subscription: {get_param: MonitoringSubscriptionCinderVolume} config_settings: map_merge: - get_attr: [CinderBase, role_data, config_settings] @@ -95,10 +99,6 @@ outputs: # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]} + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_param: [ServiceNetMap, CinderIscsiNetwork]} step_config: | include ::tripleo::profile::base::cinder::volume diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml index b6eb4803..36962a34 100644 --- a/puppet/services/database/mongodb.yaml +++ b/puppet/services/database/mongodb.yaml @@ -45,5 +45,12 @@ outputs: dport: 27018 '103 mongod': dport: 27017 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + mongodb::server::bind_ip: {get_param: [ServiceNetMap, MongodbNetwork]} step_config: | include ::tripleo::profile::base::database::mongodb diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index 40711432..4ed3c007 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -32,6 +32,12 @@ outputs: redis::requirepass: {get_param: RedisPassword} redis::masterauth: {get_param: RedisPassword} redis::sentinel_auth_pass: {get_param: RedisPassword} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + redis::bind: {get_param: [ServiceNetMap, RedisNetwork]} redis::port: 6379 redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index d2376af3..adc1b4cb 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -73,12 +73,16 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionGlanceApi: + default: 'overcloud-glance-api' + type: string outputs: role_data: description: Role data for the Glance API role. value: service_name: glance_api + monitoring_subscription: {get_param: MonitoringSubscriptionGlanceApi} config_settings: glance::api::database_connection: list_join: @@ -90,14 +94,14 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/glance' glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]} - glance::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - glance::api::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } glance::api::registry_host: str_replace: template: "'REGISTRY_HOST'" params: REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]} - glance::api::keystone_password: {get_param: GlancePassword} + glance::api::authtoken::password: {get_param: GlancePassword} glance::api::enable_proxy_headers_parsing: true glance::api::debug: {get_param: Debug} glance::api::workers: {get_param: GlanceWorkers} @@ -128,7 +132,7 @@ outputs: - 9292 - 13292 glance::keystone::auth::tenant: 'service' - glance::api::keystone_tenant: 'service' + glance::api::authtoken::project_name: 'service' glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true # NOTE: bind IP is found in Heat replacing the network name with the diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index 06ef9379..d5f01d46 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -30,12 +30,16 @@ parameters: default: 0 description: Number of workers for Glance service. type: number + MonitoringSubscriptionGlanceRegistry: + default: 'overcloud-glance-registry' + type: string outputs: role_data: description: Role data for the Glance Registry role. value: service_name: glance_registry + monitoring_subscription: {get_param: MonitoringSubscriptionGlanceRegistry} config_settings: glance::registry::database_connection: list_join: @@ -46,11 +50,11 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/glance' - glance::registry::keystone_password: {get_param: GlancePassword} - glance::registry::keystone_tenant: 'service' + glance::registry::authtoken::password: {get_param: GlancePassword} + glance::registry::authtoken::project_name: 'service' glance::registry::pipeline: 'keystone' - glance::registry::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - glance::registry::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + glance::registry::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + glance::registry::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } glance::registry::debug: {get_param: Debug} glance::registry::workers: {get_param: GlanceWorkers} glance::db::mysql::user: glance @@ -61,7 +65,6 @@ outputs: - "%{hiera('mysql_bind_host')}" glance::registry::db::database_db_max_retries: -1 glance::registry::db::database_max_retries: -1 - tripleo.glance_registry.firewall_rules: '112 glance_registry': dport: diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index cbf7e218..650865e2 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -23,7 +23,7 @@ parameters: type: string hidden: true GnocchiBackend: - default: file + default: swift description: The short name of the Gnocchi backend to use. Should be one of swift, rbd, or file type: string @@ -33,8 +33,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionGnocchiApi: + default: 'overcloud-gnocchi-api' + type: string resources: + GnocchiServiceBase: type: ./gnocchi-base.yaml properties: @@ -42,13 +46,22 @@ resources: DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Role data for the Gnocchi role. value: service_name: gnocchi_api + monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiApi} config_settings: map_merge: + - get_attr: [ApacheServiceBase, role_data, config_settings] - get_attr: [GnocchiServiceBase, role_data, config_settings] - tripleo.gnocchi_api.firewall_rules: '129 gnocchi-api': @@ -69,5 +82,17 @@ outputs: gnocchi::keystone::authtoken::project_name: 'service' gnocchi::wsgi::apache::ssl: false tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]} + gnocchi::api::host: {get_param: [ServiceNetMap, GnocchiApiNetwork]} + + gnocchi::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + gnocchi::api::keystone_identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + gnocchi::storage::swift::swift_authurl: {get_param: [EndpointMap, KeystoneInternal, uri]} step_config: | include ::tripleo::profile::base::gnocchi::api diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index 9b9cafb8..9f114ac4 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -40,6 +40,10 @@ parameters: description: The password for the redis service account. type: string hidden: true + Debug: + type: string + default: '' + description: Set to True to enable debugging on all services. outputs: aux_parameters: @@ -52,7 +56,7 @@ outputs: service_name: gnocchi_base config_settings: #Gnocchi engine - gnocchi::debug: {get_input: debug} + gnocchi::debug: {get_param: Debug} gnocchi::db::database_connection: list_join: - '' diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index 205d0552..ebdebd1e 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionGnocchiMetricd: + default: 'overcloud-gnocchi-metricd' + type: string resources: GnocchiServiceBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Gnocchi role. value: service_name: gnocchi_metricd + monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiMetricd} config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index 018ad2b1..04339f46 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionGnocchiStatsd: + default: 'overcloud-gnocchi-statsd' + type: string resources: GnocchiServiceBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Gnocchi role. value: service_name: gnocchi_statsd + monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiStatsd} config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 8ac669a9..974928c5 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -44,37 +44,20 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string + MonitoringSubscriptionHaproxy: + default: 'overcloud-haproxy' + type: string outputs: role_data: description: Role data for the HAproxy role. value: service_name: haproxy + monitoring_subscription: {get_param: MonitoringSubscriptionHaproxy} config_settings: tripleo.haproxy.firewall_rules: '107 haproxy stats': dport: 1993 - # TODO(emilien) make it composable to find which services are actually running - tripleo::haproxy::keystone_admin: true - tripleo::haproxy::keystone_public: true - tripleo::haproxy::neutron: true - tripleo::haproxy::cinder: true - tripleo::haproxy::glance_api: true - tripleo::haproxy::glance_registry: true - tripleo::haproxy::nova_osapi: true - tripleo::haproxy::nova_metadata: true - tripleo::haproxy::nova_novncproxy: true - tripleo::haproxy::mysql: true - tripleo::haproxy::redis: true - tripleo::haproxy::sahara: true - tripleo::haproxy::swift_proxy_server: true - tripleo::haproxy::ceilometer: true - tripleo::haproxy::aodh: true - tripleo::haproxy::gnocchi: true - tripleo::haproxy::heat_api: true - tripleo::haproxy::heat_cloudwatch: true - tripleo::haproxy::heat_cfn: true - tripleo::haproxy::horizon: true tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index a15ea32d..61a69078 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -30,6 +30,9 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionHeatApiCnf: + default: 'overcloud-heat-api-cfn' + type: string resources: HeatBase: @@ -44,6 +47,7 @@ outputs: description: Role data for the Heat CloudFormation API role. value: service_name: heat_api_cfn + monitoring_subscription: {get_param: MonitoringSubscriptionHeatApiCnf} config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index 6d645ee7..c12e56ef 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -22,6 +22,9 @@ parameters: default: 0 description: Number of workers for Heat service. type: number + MonitoringSubscriptionHeatApiCloudwatch: + default: 'overcloud-heat-api-cloudwatch' + type: string resources: HeatBase: @@ -36,6 +39,7 @@ outputs: description: Role data for the Heat Cloudwatch API role. value: service_name: heat_api_cloudwatch + monitoring_subscription: {get_param: MonitoringSubscriptionHeatApiCloudwatch} config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index ec3b0e37..64b0c53b 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -30,6 +30,9 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionHeatApi: + default: 'overcloud-heat-api' + type: string resources: HeatBase: @@ -44,6 +47,7 @@ outputs: description: Role data for the Heat API role. value: service_name: heat_api + monitoring_subscription: {get_param: MonitoringSubscriptionHeatApi} config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 226d2a51..7eb58f56 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -32,6 +32,10 @@ parameters: via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json + HeatPassword: + description: The password for the Heat service and db account, used by the Heat services. + type: string + hidden: true DefaultPasswords: default: {} type: json @@ -60,11 +64,13 @@ outputs: key: 'context_is_admin' value: 'role:admin' heat::rabbit_heartbeat_timeout_threshold: 60 - heat::keystone_tenant: 'service' + heat::keystone::authtoken::project_name: 'service' + heat::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + heat::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + heat::keystone::authtoken::password: {get_param: HeatPassword} heat::keystone::domain::domain_name: 'heat_stack' heat::keystone::domain::domain_admin: 'heat_stack_domain_admin' heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost' - heat::auth_plugin: 'password' heat::cron::purge_deleted::age: 30 heat::cron::purge_deleted::age_type: 'days' heat::cron::purge_deleted::maxdelay: 3600 diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index b230ec1d..089bf531 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -40,6 +40,9 @@ parameters: type: string hidden: true default: '' + MonitoringSubscriptionHeatEngine: + default: 'overcloud-heat-engine' + type: string resources: HeatBase: @@ -54,6 +57,7 @@ outputs: description: Role data for the Heat Engine role. value: service_name: heat_engine + monitoring_subscription: {get_param: MonitoringSubscriptionHeatEngine} config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] @@ -71,8 +75,6 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/heat' heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]} - heat::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - heat::keystone_password: {get_param: HeatPassword} heat::db::mysql::password: {get_param: HeatPassword} heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} heat::db::mysql::user: heat diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index c5d96819..6ea5ec4e 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > Horizon service configured with Puppet @@ -10,6 +10,10 @@ parameters: via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string DefaultPasswords: default: {} type: json @@ -22,17 +26,30 @@ parameters: default: '*' description: A list of IP/Hostname allowed to connect to horizon type: comma_delimited_list + HorizonSecret: + description: Secret key for Django + type: string + hidden: true + default: '' NeutronMechanismDrivers: default: 'openvswitch' description: | The mechanism drivers for the Neutron tenant network. type: comma_delimited_list + MemcachedIPv6: + default: false + description: Enable IPv6 features in Memcached. + type: boolean + MonitoringSubscriptionHorizon: + default: 'overcloud-horizon' + type: string outputs: role_data: description: Role data for the Horizon role. value: service_name: horizon + monitoring_subscription: {get_param: MonitoringSubscriptionHorizon} config_settings: horizon::allowed_hosts: {get_param: HorizonAllowedHosts} neutron::plugins::ml2::mechanism_drivers: @@ -51,5 +68,16 @@ outputs: add_listen: false priority: 10 access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"' + horizon::bind_address: {get_param: [ServiceNetMap, HorizonNetwork]} + horizon::django_debug: {get_param: Debug} + horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri]} + horizon::secret_key: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: HorizonSecret} + - {get_param: [DefaultPasswords, horizon_secret]} + memcached_ipv6: {get_param: MemcachedIPv6} step_config: | include ::tripleo::profile::base::horizon diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index 6b494256..5c3f370e 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -22,6 +22,9 @@ parameters: description: The password for the Ironic service and db account, used by the Ironic services type: string hidden: true + MonitoringSubscriptionIronicApi: + default: 'overcloud-ironic-api' + type: string resources: IronicBase: @@ -36,28 +39,35 @@ outputs: description: Role data for the Ironic API role. value: service_name: ironic_api + monitoring_subscription: {get_param: MonitoringSubscriptionIronicApi} config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] - # NOTE(dtantsur): the my_ip parameter is heavily overloaded in - # ironic. It's used as a default value for e.g. TFTP server IP, - # glance and neutron endpoints, virtual console IP. We override - # the TFTP server IP in ironic-conductor.yaml as it should not be - # the VIP, but rather a real IP of the controller. - - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} - ironic::api::authtoken::password: {get_param: IronicPassword} + - ironic::api::authtoken::password: {get_param: IronicPassword} ironic::api::authtoken::project_name: 'service' ironic::api::authtoken::username: 'ironic' ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ironic::api::host_ip: {get_param: [ServiceNetMap, IronicApiNetwork]} ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} # This is used to build links in responses ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} - ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]} - ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} - ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} + ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri_no_suffix]} + ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} + ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} ironic::keystone::auth::auth_name: 'ironic' ironic::keystone::auth::password: {get_param: IronicPassword } ironic::keystone::auth::tenant: 'service' + tripleo.ironic_api.firewall_rules: + '133 ironic api': + dport: + - 6385 + - 13385 step_config: | include ::tripleo::profile::base::ironic::api diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index 9bc86a2c..4ac9fc30 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -18,10 +18,27 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + IronicCleaningDiskErase: + default: 'full' + description: Type of disk cleaning before and between deployments, + "full" for full cleaning, "metadata" to clean only disk + metadata (partition table). + type: string IronicEnabledDrivers: - default: ['pxe_ipmitool', 'agent_ipmitool'] + default: ['pxe_ipmitool', 'pxe_drac', 'pxe_ilo'] description: Enabled Ironic drivers type: comma_delimited_list + IronicIPXEEnabled: + default: true + description: Whether to use iPXE instead of PXE for deployment. + type: boolean + IronicIPXEPort: + default: 8088 + description: Port to use for serving images when iPXE is used. + type: string + MonitoringSubscriptionIronicConductor: + default: 'overcloud-ironic-conductor' + type: string resources: IronicBase: @@ -36,15 +53,48 @@ outputs: description: Role data for the Ironic conductor role. value: service_name: ironic_conductor + monitoring_subscription: {get_param: MonitoringSubscriptionIronicConductor} config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] # FIXME: I have no idea why neutron_url is in "api" manifest - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} + ironic::conductor::cleaning_disk_erase: {get_param: IronicCleaningDiskErase} + ironic::conductor::enabled_drivers: {get_param: IronicEnabledDrivers} + # We need an endpoint containing a real IP, not a VIP here + ironic_conductor_http_host: {get_param: [ServiceNetMap, IronicNetwork]} + ironic::conductor::http_url: + list_join: + - '' + - - 'http://' + - '%{hiera("ironic_conductor_http_host")}:' + - {get_param: IronicIPXEPort} + ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled} ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} - ironic::enabled_drivers: {get_param: IronicEnabledDrivers} - # Prevent tftp_server from defaulting to my_ip setting, which is - # controller VIP, not a real IP. - ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ironic::drivers::pxe::tftp_server: {get_param: [ServiceNetMap, IronicNetwork]} + # NOTE(dtantsur): UEFI only works with iPXE currently for us + ironic::drivers::pxe::uefi_pxe_config_template: '$pybasedir/drivers/modules/ipxe_config.template' + ironic::drivers::pxe::uefi_pxe_bootfile_name: 'ipxe.efi' + tripleo.ironic_conductor.firewall_rules: + '134 ironic conductor TFTP': + dport: 69 + proto: udp + '135 ironic conductor HTTP': + dport: {get_param: IronicIPXEPort} + # NOTE(dtantsur): the my_ip parameter is heavily overloaded in + # ironic. It's used as a default value for e.g. TFTP server IP, + # glance and neutron endpoints, virtual console IP. We override + # the TFTP server IP in ironic-conductor.yaml as it should not be + # the VIP, but rather a real IP of the host. + ironic::my_ip: {get_param: [ServiceNetMap, IronicNetwork]} + ironic::pxe::common::http_port: {get_param: IronicIPXEPort} + step_config: | include ::tripleo::profile::base::ironic::conductor diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index b783345b..2b069d67 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -28,12 +28,16 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string + MonitoringSubscriptionKeepalived: + default: 'overcloud-keepalived' + type: string outputs: role_data: description: Role data for the Keepalived role. value: service_name: keepalived + monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived} config_settings: tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 0a5193df..79033047 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -84,70 +84,98 @@ parameters: type: string description: Set the number of workers for keystone::wsgi::apache default: '"%{::processorcount}"' + MonitoringSubscriptionKeystone: + default: 'overcloud-kestone' + type: string + +resources: + + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Role data for the Keystone role. value: service_name: keystone + monitoring_subscription: {get_param: MonitoringSubscriptionKeystone} config_settings: - keystone::database_connection: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://keystone:' - - {get_param: AdminToken} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/keystone' - keystone::admin_token: {get_param: AdminToken} - keystone::roles::admin::password: {get_param: AdminPassword} - keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} - keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} - keystone::enable_proxy_headers_parsing: true - keystone::debug: {get_param: Debug} - keystone::db::mysql::password: {get_param: AdminToken} - keystone::rabbit_userid: {get_param: RabbitUserName} - keystone::rabbit_password: {get_param: RabbitPassword} - keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL} - keystone::rabbit_port: {get_param: RabbitClientPort} - keystone::notification_driver: {get_param: KeystoneNotificationDriver} - keystone::notification_format: {get_param: KeystoneNotificationFormat} - keystone::roles::admin::email: {get_param: AdminEmail} - keystone::roles::admin::password: {get_param: AdminPassword} - keystone::endpoint::public_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} - keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} - keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - keystone::endpoint::region: {get_param: KeystoneRegion} - keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} - keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} - keystone::db::mysql::user: keystone - keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} - keystone::db::mysql::dbname: keystone - keystone::db::mysql::allowed_hosts: - - '%' - - "%{hiera('mysql_bind_host')}" - keystone::rabbit_heartbeat_timeout_threshold: 60 - keystone::cron::token_flush::maxdelay: 3600 - keystone::roles::admin::service_tenant: 'service' - keystone::roles::admin::admin_tenant: 'admin' - keystone::cron::token_flush::destination: '/dev/null' - keystone::config::keystone_config: - ec2/driver: - value: 'keystone.contrib.ec2.backends.sql.Ec2' - keystone::service_name: 'httpd' - keystone::wsgi::apache::ssl: false - - keystone::wsgi::apache::workers: {get_param: KeystoneWorkers} - # override via extraconfig: - keystone::wsgi::apache::threads: 1 - keystone::db::database_db_max_retries: -1 - keystone::db::database_max_retries: -1 - tripleo.keystone.firewall_rules: - '111 keystone': - dport: - - 5000 - - 13000 - - 35357 - - 13357 + config_settings: + map_merge: + - get_attr: [ApacheServiceBase, role_data, config_settings] + - keystone::database_connection: + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://keystone:' + - {get_param: AdminToken} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/keystone' + keystone::admin_token: {get_param: AdminToken} + keystone::roles::admin::password: {get_param: AdminPassword} + keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} + keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} + keystone::enable_proxy_headers_parsing: true + keystone::debug: {get_param: Debug} + keystone::db::mysql::password: {get_param: AdminToken} + keystone::rabbit_userid: {get_param: RabbitUserName} + keystone::rabbit_password: {get_param: RabbitPassword} + keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL} + keystone::rabbit_port: {get_param: RabbitClientPort} + keystone::notification_driver: {get_param: KeystoneNotificationDriver} + keystone::notification_format: {get_param: KeystoneNotificationFormat} + keystone::roles::admin::email: {get_param: AdminEmail} + keystone::roles::admin::password: {get_param: AdminPassword} + keystone::endpoint::public_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} + keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} + keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + keystone::endpoint::region: {get_param: KeystoneRegion} + keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} + keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} + keystone::db::mysql::user: keystone + keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + keystone::db::mysql::dbname: keystone + keystone::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + keystone::rabbit_heartbeat_timeout_threshold: 60 + keystone::cron::token_flush::maxdelay: 3600 + keystone::roles::admin::service_tenant: 'service' + keystone::roles::admin::admin_tenant: 'admin' + keystone::cron::token_flush::destination: '/dev/null' + keystone::config::keystone_config: + ec2/driver: + value: 'keystone.contrib.ec2.backends.sql.Ec2' + keystone::service_name: 'httpd' + keystone::wsgi::apache::ssl: false + + keystone::wsgi::apache::workers: {get_param: KeystoneWorkers} + # override via extraconfig: + keystone::wsgi::apache::threads: 1 + keystone::db::database_db_max_retries: -1 + keystone::db::database_max_retries: -1 + tripleo.keystone.firewall_rules: + '111 keystone': + dport: + - 5000 + - 13000 + - 35357 + - 13357 + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + # NOTE: this applies to all 4 bind IP settings below... + keystone::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]} + keystone::public_bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]} + keystone::wsgi::apache::bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]} + keystone::wsgi::apache::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]} step_config: | include ::tripleo::profile::base::keystone diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 633e75ba..2e43730d 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -26,6 +26,9 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionManilaApi: + default: 'overcloud-manila-api' + type: string resources: ManilaBase: @@ -40,6 +43,7 @@ outputs: description: Role data for the Manila-api role. value: service_name: manila_api + monitoring_subscription: {get_param: MonitoringSubscriptionManilaApi} config_settings: map_merge: - get_attr: [ManilaBase, role_data, config_settings] @@ -55,6 +59,13 @@ outputs: manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]} manila::keystone::auth::password: {get_param: ManilaPassword } manila::keystone::auth::region: {get_param: KeystoneRegion } + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + manila::api::bind_host: {get_param: [ServiceNetMap, ManilaApiNetwork]} step_config: | include ::tripleo::profile::base::manila::api diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml index a5122ba0..28addd68 100644 --- a/puppet/services/manila-scheduler.yaml +++ b/puppet/services/manila-scheduler.yaml @@ -30,6 +30,9 @@ parameters: description: The password for the manila service account. type: string hidden: true + MonitoringSubscriptionManilaScheduler: + default: 'overcloud-manila-scheduler' + type: string resources: ManilaBase: @@ -44,6 +47,7 @@ outputs: description: Role data for the Manila-scheduler role. value: service_name: manila_scheduler + monitoring_subscription: {get_param: MonitoringSubscriptionManilaScheduler} config_settings: map_merge: - get_attr: [ManilaBase, role_data, config_settings] @@ -65,4 +69,3 @@ outputs: - '/manila' step_config: | include ::tripleo::profile::base::manila::scheduler - diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml index 184f3694..e42d2fae 100644 --- a/puppet/services/manila-share.yaml +++ b/puppet/services/manila-share.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionManilaShare: + default: 'overcloud-manila-share' + type: string resources: ManilaBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Manila-share role. value: service_name: manila_share + monitoring_subscription: {get_param: MonitoringSubscriptionManilaShare} config_settings: map_merge: - get_attr: [ManilaBase, role_data, config_settings] diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml index 59c639e8..9e3f6375 100644 --- a/puppet/services/memcached.yaml +++ b/puppet/services/memcached.yaml @@ -18,13 +18,23 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionMemcached: + default: 'overcloud-memcached' + type: string outputs: role_data: description: Role data for the Memcached role. value: service_name: memcached + monitoring_subscription: {get_param: MonitoringSubscriptionMemcached} config_settings: + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + memcached::listen_ip: {get_param: [ServiceNetMap, MemcachedNetwork]} tripleo.memcached.firewall_rules: '121 memcached': dport: 11211 diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml new file mode 100644 index 00000000..d7350d07 --- /dev/null +++ b/puppet/services/monitoring/sensu-base.yaml @@ -0,0 +1,68 @@ +heat_template_version: 2016-04-08 + +description: Sensu base service + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + DefaultPasswords: + default: {} + type: json + MonitoringRabbitHost: + description: RabbitMQ host Sensu has to connect to. + type: string + default: '' + MonitoringRabbitPort: + default: 5672 + description: Set RabbitMQ subscriber port, change this if using SSL. + type: number + MonitoringRabbitUseSSL: + default: false + description: > + RabbitMQ client subscriber parameter to specify an SSL connection + to the RabbitMQ host. + type: string + MonitoringRabbitPassword: + description: The RabbitMQ password used for monitoring purposes. + type: string + hidden: true + MonitoringRabbitUserName: + description: The RabbitMQ username used for monitoring purposes. + type: string + default: sensu + MonitoringRabbitVhost: + description: The RabbitMQ vhost used for monitoring purposes. + type: string + default: '/sensu' + + +outputs: + role_data: + description: Role data for the Sensu role. + value: + service_name: sensu_base + config_settings: + sensu::enterprise: false + sensu::enterprise_dashboard: false + sensu::install_repo: false + sensu::manage_user: false + sensu::rabbitmq_host: {get_param: MonitoringRabbitHost} + sensu::rabbitmq_password: {get_param: MonitoringRabbitPassword} + sensu::rabbitmq_port: {get_param: MonitoringRabbitPort} + sensu::rabbitmq_ssl: {get_param: MonitoringRabbitUseSSL} + sensu::rabbitmq_user: {get_param: MonitoringRabbitUserName} + sensu::rabbitmq_vhost: {get_param: MonitoringRabbitVhost} + #sensu::redis_host: {get_param: MonitoringRedisHost} + #sensu::redis_password: {get_param: MonitoringRedisPassword} + sensu::sensu_plugin_provider: 'yum' + sensu::sensu_plugin_name: 'rubygem-sensu-plugin' + sensu::version: 'present' diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml new file mode 100644 index 00000000..3f37e750 --- /dev/null +++ b/puppet/services/monitoring/sensu-client.yaml @@ -0,0 +1,49 @@ +heat_template_version: 2016-04-08 + +description: Sensu client configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: > + Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + SensuClientCustomConfig: + default: {} + description: Hash containing custom sensu-client variables. + type: json + label: Custom configuration for Sensu Client variables + +resources: + SensuBase: + type: ./sensu-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Sensu client role. + value: + service_name: sensu_client + monitoring_subscription: all + config_settings: + map_merge: + - get_attr: [SensuBase, role_data, config_settings] + - sensu::api: false + sensu::client: true + sensu::server: false + sensu::client_custom: {get_param: SensuClientCustomConfig} + step_config: | + include ::tripleo::profile::base::monitoring::sensu diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 35ac32db..da4ec26b 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -46,6 +46,9 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionNeutronServer: + default: 'overcloud-neutron-server' + type: string resources: @@ -61,6 +64,7 @@ outputs: description: Role data for the Neutron Server agent service. value: service_name: neutron_api + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronServer} config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] @@ -79,19 +83,19 @@ outputs: neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } neutron::keystone::auth::password: {get_param: NeutronPassword} neutron::keystone::auth::region: {get_param: KeystoneRegion} - neutron::server::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - neutron::server::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {get_param: NeutronL3HA} - neutron::server::password: {get_param: NeutronPassword} + neutron::keystone::authtoken::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } neutron::server::notifications::tenant_name: 'service' neutron::server::notifications::project_name: 'service' neutron::server::notifications::password: {get_param: NovaPassword} - neutron::server::project_name: 'service' + neutron::keystone::authtoken::project_name: 'service' neutron::server::sync_db: true neutron::db::mysql::password: {get_param: NeutronPassword} neutron::db::mysql::user: neutron @@ -111,5 +115,11 @@ outputs: '106 vrrp': proto: vrrp neutron::server::router_distributed: {get_param: NeutronEnableDVR} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]} step_config: | include tripleo::profile::base::neutron::server diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 39ffea24..4eb417c0 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -48,6 +48,15 @@ parameters: description: > Remove configuration that is not generated by TripleO. Setting to false may result in configuration remnants after updates/upgrades. + NeutronGlobalPhysnetMtu: + type: number + default: 1500 + description: | + MTU of the underlying physical network. Neutron uses this value to + calculate MTU for all virtual network components. For flat and VLAN + networks, neutron uses this value without modification. For overlay + networks such as VXLAN, neutron automatically subtracts the overlay + protocol overhead from this value. ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -87,3 +96,4 @@ outputs: neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed neutron::db::database_db_max_retries: -1 neutron::db::database_max_retries: -1 + neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu} diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index 513cb2d4..b2ad5dab 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -31,6 +31,9 @@ parameters: default: false description: If True, DHCP always provides metadata route to VM. type: boolean + MonitoringSubscriptionNeutronDhcp: + default: 'overcloud-neutron-dhcp' + type: string resources: @@ -46,6 +49,7 @@ outputs: description: Role data for the Neutron DHCP agent service. value: service_name: neutron_dhcp + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronDhcp} config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml index 0f3c2a70..5eb3e252 100644 --- a/puppet/services/neutron-l3-compute-dvr.yaml +++ b/puppet/services/neutron-l3-compute-dvr.yaml @@ -26,6 +26,9 @@ parameters: description: Name of bridge used for external network traffic. type: string default: 'br-ex' + MonitoringSubscriptionNeutronL3Dvr: + default: 'overcloud-neutron-l3-dvr' + type: string resources: @@ -41,6 +44,7 @@ outputs: description: Role data for DVR L3 Agent on Compute Nodes value: service_name: neutron_l3_compute_dvr + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronL3Dvr} config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml index 54beee6b..de62a507 100644 --- a/puppet/services/neutron-l3.yaml +++ b/puppet/services/neutron-l3.yaml @@ -34,6 +34,9 @@ parameters: - allowed_values: - legacy - dvr_snat + MonitoringSubscriptionNeutronL3: + default: 'overcloud-neutron-l3-agent' + type: string resources: @@ -49,6 +52,7 @@ outputs: description: Role data for the Neutron L3 agent service. value: service_name: neutron_l3 + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronL3} config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml index b9ec277a..320ae0ce 100644 --- a/puppet/services/neutron-metadata.yaml +++ b/puppet/services/neutron-metadata.yaml @@ -30,6 +30,9 @@ parameters: description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true + MonitoringSubscriptionNeutronMetadata: + default: 'overcloud-neutron-metadata' + type: string resources: @@ -45,6 +48,7 @@ outputs: description: Role data for the Neutron Metadata agent service. value: service_name: neutron_metadata + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronMetadata} config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] @@ -53,5 +57,11 @@ outputs: neutron::agents::metadata::auth_password: {get_param: NeutronPassword} neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } neutron::agents::metadata::auth_tenant: 'service' + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + neutron::agents::metadata::metadata_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]} step_config: | include tripleo::profile::base::neutron::metadata diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml index 48830d81..0de256c0 100644 --- a/puppet/services/neutron-midonet.yaml +++ b/puppet/services/neutron-midonet.yaml @@ -40,12 +40,16 @@ parameters: description: 'Whether enable Cassandra cluster on Controller' type: boolean default: false + MonitoringSubscriptionNeutronMidonet: + default: 'overcloud-neutron-midonet' + type: string outputs: role_data: description: Role data for the Neutron Midonet plugin and services value: service_name: neutron_midonet + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronMidonet} config_settings: tripleo::profile::base::neutron::midonet::admin_password: {get_param: AdminPassword} tripleo::profile::base::neutron::midonet::keystone_admin_token: {get_param: AdminToken} diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 1b19f90f..36b609fc 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -53,6 +53,9 @@ parameters: description: | Enable ARP responder feature in the OVS Agent. type: boolean + MonitoringSubscriptionNeutronOvs: + default: 'overcloud-neutron-ovs-agent' + type: string resources: @@ -68,6 +71,7 @@ outputs: description: Role data for the Neutron OVS agent service. value: service_name: neutron_ovs_agent + monitoring_subscription: {get_param: MonitoringSubscriptionNeutronOvs} config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml new file mode 100644 index 00000000..8ee98a3d --- /dev/null +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -0,0 +1,75 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron OVS DPDK configured with Puppet for Compute Role + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NeutronDpdkCoreList: + description: List of cores to be used for DPDK Poll Mode Driver + type: string + constraints: + - allowed_pattern: "[0-9,-]+" + NeutronDpdkMemoryChannels: + description: Number of memory channels to be used for DPDK + type: string + constraints: + - allowed_pattern: "[0-9]+" + NeutronDpdkSocketMemory: + default: "" + description: Memory allocated for each socket + type: string + NeutronDpdkDriverType: + default: "vfio-pci" + description: DPDK Driver type + type: string + # below parameters has to be set in neutron agent only for compute nodes. + # as of now there is no other usecase for these parameters except dpdk. + # should be moved to compute only ovs agent in case of any other usecases. + NeutronDatapathType: + default: "" + description: Datapath type for ovs bridges + type: string + NeutronVhostuserSocketDir: + default: "" + description: The vhost-user socket directory for OVS + type: string + +resources: + + NeutronOvsAgent: + type: ./neutron-ovs-agent.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Neutron OVS DPDK Agent service. + value: + service_name: neutron_ovs_dpdk_agent + config_settings: + map_merge: + - get_attr: [NeutronOvsAgent, role_data, config_settings] + neutron::agents::ml2::ovs::enable_dpdk: true + neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType} + neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir} + vswitch::dpdk::core_list: {get_param: NeutronDpdkCoreList} + vswitch::dpdk::memory_channels: {get_param: NeutronDpdkMemoryChannels} + vswitch::dpdk::socket_mem: {get_param: NeutronDpdkSocketMemory} + vswitch::dpdk::driver_type: {get_param: NeutronDpdkDriverType} + step_config: {get_attr: [NeutronOvsAgent, role_data, step_config]} diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 165b9687..5dbae3dc 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -60,7 +60,12 @@ parameters: default: 'vxlan' description: The tenant network type for Neutron. type: comma_delimited_list - + NeutronSupportedPCIVendorDevs: + description: | + List of supported pci vendor devices in the format VendorID:ProductID. + By default Intel & Mellanox SR-IOV capable NICs are supported. + type: comma_delimited_list + default: ['15b3:1004','8086:10ca'] resources: NeutronBase: @@ -118,6 +123,7 @@ outputs: template: TYPES params: TYPES: {get_param: NeutronNetworkType} + neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs} step_config: | include ::tripleo::profile::base::neutron::plugins::ml2 diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml new file mode 100644 index 00000000..b9a93394 --- /dev/null +++ b/puppet/services/neutron-sriov-agent.yaml @@ -0,0 +1,58 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Neutron SR-IOV nic agent configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: > + Mapping of service_name -> network name. Typically set via + parameter_defaults in the resource registry. This mapping overrides those + in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + NeutronPhysicalDevMappings: + description: > + List of <physical_network>:<physical device> + All physical networks listed in network_vlan_ranges + on the server should have mappings to appropriate + interfaces on each agent. + type: comma_delimited_list + default: "" + NeutronExcludeDevices: + description: > + List of <network_device>:<excluded_devices> mapping + network_device to the agent's node-specific list of virtual functions + that should not be used for virtual networking. excluded_devices is a + semicolon separated list of virtual functions to exclude from + network_device. The network_device in the mapping should appear in the + physical_device_mappings list. + type: comma_delimited_list + default: "" + NeutronSriovNumVFs: + description: > + Provide the list of VFs to be reserved for each SR-IOV interface. + Format "<interface_name1>:<numvfs1>","<interface_name2>:<numvfs2>" + Example "eth1:4096","eth2:128" + type: comma_delimited_list + default: "" + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the Neutron SR-IOV nic agent service. + value: + service_name: neutron_sriov_agent + config_settings: + neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} + neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} + tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} + step_config: | + include ::tripleo::profile::base::neutron::sriov diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index c2bd395e..e1dbd8e1 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -30,6 +30,22 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NeutronMetadataProxySharedSecret: + description: Shared secret to prevent spoofing + type: string + hidden: true + InstanceNameTemplate: + default: 'instance-%08x' + description: Template string to be used to generate instance names + type: string + NovaEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Nova database. + type: boolean + MonitoringSubscriptionNovaApi: + default: 'overcloud-nova-api' + type: string resources: NovaBase: @@ -44,6 +60,7 @@ outputs: description: Role data for the Nova API service. value: service_name: nova_api + monitoring_subscription: {get_param: MonitoringSubscriptionNovaApi} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] @@ -75,5 +92,16 @@ outputs: nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} nova::keystone::auth::password: {get_param: NovaPassword} nova::keystone::auth::region: {get_param: KeystoneRegion} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + nova::api::api_bind_address: {get_param: [ServiceNetMap, NovaApiNetwork]} + nova::api::metadata_listen: {get_param: [ServiceNetMap, NovaMetadataNetwork]} + nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + nova::api::instance_name_template: {get_param: InstanceNameTemplate} + nova_enable_db_purge: {get_param: NovaEnableDBPurge} + step_config: | include tripleo::profile::base::nova::api diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index 471ece34..24a63bb4 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -95,14 +95,14 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/nova_api' - nova::db::mysql::password: {get_input: nova_password} + nova::db::mysql::password: {get_param: NovaPassword} nova::db::mysql::user: nova nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql::dbname: nova nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" - nova::db::mysql_api::password: {get_input: nova_password} + nova::db::mysql_api::password: {get_param: NovaPassword} nova::db::mysql_api::user: nova_api nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql_api::dbname: nova_api diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index dc962297..ccdcb52f 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -40,6 +40,36 @@ parameters: default: '' description: Libvirt VIF driver configuration for the network type: string + NovaPCIPassthrough: + description: > + List of PCI Passthrough whitelist parameters. + Example - + NovaPCIPassthrough: + - vendor_id: "8086" + product_id: "154c" + address: "0000:05:00.0" + physical_network: "datacentre" + For different formats, refer to the nova.conf documentation for + pci_passthrough_whitelist configuration + type: json + default: '' + NovaVcpuPinSet: + description: > + A list or range of physical CPU cores to reserve for virtual machine + processes. + Ex. NovaVcpuPinSet: ['4-12','^8'] will reserve cores from 4-12 excluding 8 + type: comma_delimited_list + default: [] + NovaReservedHostMemory: + description: > + Reserved RAM for host processes. + type: number + default: 2048 + constraints: + - range: { min: 512 } + MonitoringSubscriptionNovaCompute: + default: 'overcloud-nova-compute' + type: string resources: NovaBase: @@ -54,10 +84,18 @@ outputs: description: Role data for the Nova Compute service. value: service_name: nova_compute + monitoring_subscription: {get_param: MonitoringSubscriptionNovaCompute} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::compute::libvirt::manage_libvirt_services: false + nova::compute::pci_passthrough: + str_replace: + template: "'JSON_PARAM'" + params: + JSON_PARAM: {get_param: NovaPCIPassthrough} + nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet} + nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory} # we manage migration in nova common puppet profile nova::compute::libvirt::migration_support: false tripleo::profile::base::nova::manage_migration: true @@ -82,11 +120,6 @@ outputs: # encryption work will obsolete the need to use TUNNELLED transport # mode. nova::migration::live_migration_tunnelled: {get_param: NovaEnableRbdBackend} - # Changing the default from 512MB. The current templates can not deploy - # overclouds with swap. On an idle compute node, we see ~1024MB of RAM - # used. 2048 is suggested to account for other possible operations for - # example openvswitch. - nova::compute::reserved_host_memory: 2048 nova::compute::neutron::libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver} # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml index 0b6169da..5dbc7cac 100644 --- a/puppet/services/nova-conductor.yaml +++ b/puppet/services/nova-conductor.yaml @@ -22,6 +22,9 @@ parameters: default: 0 description: Number of workers for Nova Conductor service. type: number + MonitoringSubscriptionNovaConductor: + default: 'overcloud-nova-conductor' + type: string resources: NovaBase: @@ -36,6 +39,7 @@ outputs: description: Role data for the Nova Conductor service. value: service_name: nova_conductor + monitoring_subscription: {get_param: MonitoringSubscriptionNovaConductor} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml index 67ff2ec3..13e3a26a 100644 --- a/puppet/services/nova-consoleauth.yaml +++ b/puppet/services/nova-consoleauth.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionNovaConsoleauth: + default: 'overcloud-nova-consoleauth' + type: string resources: NovaBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Nova Consoleauth service. value: service_name: nova_consoleauth + monitoring_subscription: {get_param: MonitoringSubscriptionNovaConsoleauth} config_settings: get_attr: [NovaBase, role_data, config_settings] step_config: | diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index 1ebec974..b5ca2437 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -21,6 +21,9 @@ parameters: NovaComputeLibvirtType: type: string default: kvm + MonitoringSubscriptionNovaLibvirt: + default: 'overcloud-nova-libvirt' + type: string resources: NovaBase: @@ -35,6 +38,7 @@ outputs: description: Role data for the Libvirt service. value: service_name: nova_libvirt + monitoring_subscription: {get_param: MonitoringSubscriptionNovaLibvirt} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index 1e12b5ba..3ffc9c5a 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -22,6 +22,16 @@ parameters: default: [] description: List of scheduler available filters type: comma_delimited_list + NovaSchedulerDefaultFilters: + type: comma_delimited_list + default: [] + description: > + An array of filters used by Nova to filter a node.These filters will be + applied in the order they are listed, so place your most restrictive + filters first to make the filtering process more efficient. + MonitoringSubscriptionNovaScheduler: + default: 'overcloud-nova-scheduler' + type: string resources: NovaBase: @@ -36,10 +46,12 @@ outputs: description: Role data for the Nova Scheduler service. value: service_name: nova_scheduler + monitoring_subscription: {get_param: MonitoringSubscriptionNovaScheduler} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::scheduler::filter::scheduler_available_filters: {get_param: NovaSchedulerAvailableFilters} + nova::scheduler::filter::scheduler_default_filters: {get_param: NovaSchedulerDefaultFilters} step_config: | include tripleo::profile::base::nova::scheduler diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vncproxy.yaml index 0a1785d8..ce15fccc 100644 --- a/puppet/services/nova-vncproxy.yaml +++ b/puppet/services/nova-vncproxy.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionNovaVNCProxy: + default: 'overcloud-nova-vncproxy' + type: string resources: NovaBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Nova Vncproxy service. value: service_name: nova_vncproxy + monitoring_subscription: {get_param: MonitoringSubscriptionNovaVNCProxy} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] @@ -46,5 +50,11 @@ outputs: '[': '' ']': '' nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + nova::vncproxy::host: {get_param: [ServiceNetMap, NovaApiNetwork]} step_config: | include tripleo::profile::base::nova::vncproxy diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml new file mode 100644 index 00000000..d2ee036e --- /dev/null +++ b/puppet/services/opendaylight-api.yaml @@ -0,0 +1,80 @@ +heat_template_version: 2016-04-08 + +description: > + OpenDaylight SDN Controller. + +parameters: + OpenDaylightPort: + default: 8081 + description: Set opendaylight service port + type: number + EnableOpenDaylightOnController: + default: false + description: Whether to install OpenDaylight on control nodes. + type: boolean + OpenDaylightUsername: + default: 'admin' + description: The username for the opendaylight server. + type: string + OpenDaylightPassword: + default: 'admin' + type: string + description: The password for the opendaylight server. + hidden: true + OpenDaylightEnableL3: + description: Knob to enable/disable ODL L3 + type: string + default: 'no' + OpenDaylightEnableDHCP: + description: Knob to enable/disable ODL DHCP Server + type: boolean + default: false + OpenDaylightFeatures: + description: List of features to install with ODL + type: comma_delimited_list + default: ["odl-netvirt-openstack","odl-netvirt-ui"] + OpenDaylightConnectionProtocol: + description: L7 protocol used for REST access + type: string + default: 'http' + OpenDaylightCheckURL: + description: URL postfix to verify ODL has finished starting up + type: string + default: 'restconf/operational/network-topology:network-topology/topology/netvirt:1' + OpenDaylightApiVirtualIP: + type: string + default: '' + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +outputs: + role_data: + description: Role data for the OpenDaylight service. + value: + service_name: opendaylight_api + config_settings: + opendaylight::odl_rest_port: {get_param: OpenDaylightPort} + odl_on_controller: {get_param: EnableOpenDaylightOnController} + opendaylight_check_url: {get_param: OpenDaylightCheckURL} + opendaylight::username: {get_param: OpenDaylightUsername} + opendaylight::password: {get_param: OpenDaylightPassword} + opendaylight::enable_l3: {get_param: OpenDaylightEnableL3} + opendaylight::extra_features: {get_param: OpenDaylightFeatures} + opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP} + opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} + opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpenDaylightApiNetwork]} + step_config: | + include tripleo::profile::base::neutron::opendaylight + include tripleo::profile::base::neutron::plugins::ovs::opendaylight diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml new file mode 100644 index 00000000..8bcb72f7 --- /dev/null +++ b/puppet/services/opendaylight-ovs.yaml @@ -0,0 +1,47 @@ +heat_template_version: 2016-04-08 + +description: > + OpenDaylight OVS Configuration. + +parameters: + OpenDaylightPort: + default: 8081 + description: Set opendaylight service port + type: number + OpenDaylightConnectionProtocol: + description: L7 protocol used for REST access + type: string + default: 'http' + OpenDaylightCheckURL: + description: URL postfix to verify ODL has finished starting up + type: string + default: 'restconf/operational/network-topology:network-topology/topology/netvirt:1' + OpenDaylightApiVirtualIP: + type: string + default: '' + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + +outputs: + role_data: + description: Role data for the OpenDaylight service. + value: + service_name: opendaylight_ovs + config_settings: + opendaylight::odl_rest_port: {get_param: OpenDaylightPort} + opendaylight_check_url: {get_param: OpenDaylightCheckURL} + opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} + step_config: | + include tripleo::profile::base::neutron::plugins::ovs::opendaylight diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml index ac5b85c8..5d1d666a 100644 --- a/puppet/services/pacemaker.yaml +++ b/puppet/services/pacemaker.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > Pacemaker service configured with Puppet @@ -18,12 +18,61 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionPacemaker: + default: 'overcloud-pacemaker' + type: string + CorosyncIPv6: + default: false + description: Enable IPv6 in Corosync + type: boolean + EnableFencing: + default: false + description: Whether to enable fencing in Pacemaker or not. + type: boolean + PcsdPassword: + type: string + description: The password for the 'pcsd' user for pacemaker. + hidden: true + default: '' + FencingConfig: + default: {} + description: | + Pacemaker fencing configuration. The JSON should have + the following structure: + { + "devices": [ + { + "agent": "AGENT_NAME", + "host_mac": "HOST_MAC_ADDRESS", + "params": {"PARAM_NAME": "PARAM_VALUE"} + } + ] + } + For instance: + { + "devices": [ + { + "agent": "fence_xvm", + "host_mac": "52:54:00:aa:bb:cc", + "params": { + "multicast_address": "225.0.0.12", + "port": "baremetal_0", + "manage_fw": true, + "manage_key_file": true, + "key_file": "/etc/fence_xvm.key", + "key_file_password": "abcdef" + } + } + ] + } + type: json outputs: role_data: description: Role data for the Pacemaker role. value: service_name: pacemaker + monitoring_subscription: {get_param: MonitoringSubscriptionPacemaker} config_settings: pacemaker::corosync::cluster_name: 'tripleo_cluster' pacemaker::corosync::manage_fw: false @@ -40,5 +89,15 @@ outputs: '131 pacemaker udp': proto: 'udp' dport: 5405 + corosync_ipv6: {get_param: CorosyncIPv6} + tripleo::fencing::config: {get_param: FencingConfig} + enable_fencing: {get_param: EnableFencing} + hacluster_pwd: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: PcsdPassword} + - {get_param: [DefaultPasswords, pcsd_password]} step_config: | include ::tripleo::profile::base::pacemaker diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml index ac4bdcf0..5dcb62ca 100644 --- a/puppet/services/pacemaker/ceilometer-agent-central.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-central.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerCentral: + default: 'overcloud-ceilometer-agent-central' + type: string resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-agent-central.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Ceilometer Central Agent pacemaker role. value: service_name: ceilometer_agent_central + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCentral} config_settings: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml index 112dde1c..dbe14499 100644 --- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-notification.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerNotification: + default: 'overcloud-ceilometer-agent-notification' + type: string resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-agent-notification.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Ceilometer Notification Agent pacemaker role. value: service_name: ceilometer_agent_notification + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerNotification} config_settings: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml index f50e4a15..4b6c18f6 100644 --- a/puppet/services/pacemaker/ceilometer-api.yaml +++ b/puppet/services/pacemaker/ceilometer-api.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerApi: + default: 'overcloud-ceilometer-api' + type: string resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-api.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Ceilometer API pacemaker role. value: service_name: ceilometer_api + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerApi} config_settings: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml index 8d4348db..4c919515 100644 --- a/puppet/services/pacemaker/ceilometer-collector.yaml +++ b/puppet/services/pacemaker/ceilometer-collector.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionCeilometerCollector: + default: 'overcloud-ceilometer-collector' + type: string resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-collector.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Ceilometer Collector pacemaker role. value: service_name: ceilometer_collector + monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCollector} config_settings: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/cinder-api.yaml b/puppet/services/pacemaker/cinder-api.yaml index 7c83037d..e4bcfc3e 100644 --- a/puppet/services/pacemaker/cinder-api.yaml +++ b/puppet/services/pacemaker/cinder-api.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Cinder API role. value: service_name: cinder_api + monitoring_subscription: {get_attr: [CinderApiBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [CinderApiBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml index 7e940c7e..2ebc7680 100644 --- a/puppet/services/pacemaker/cinder-backup.yaml +++ b/puppet/services/pacemaker/cinder-backup.yaml @@ -48,6 +48,7 @@ outputs: description: Role data for the Cinder Backup role. value: service_name: cinder_backup + monitoring_subscription: {get_attr: [CinderBackupBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [CinderBackupBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/cinder-scheduler.yaml b/puppet/services/pacemaker/cinder-scheduler.yaml index 6f26b412..eb578e5c 100644 --- a/puppet/services/pacemaker/cinder-scheduler.yaml +++ b/puppet/services/pacemaker/cinder-scheduler.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Cinder Scheduler role. value: service_name: cinder_scheduler + monitoring_subscription: {get_attr: [CinderSchedulerBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [CinderSchedulerBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml index ffcdb529..d5dedf34 100644 --- a/puppet/services/pacemaker/cinder-volume.yaml +++ b/puppet/services/pacemaker/cinder-volume.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Cinder Volume role. value: service_name: cinder_volume + monitoring_subscription: {get_attr: [CinderVolumeBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [CinderVolumeBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/glance-api.yaml b/puppet/services/pacemaker/glance-api.yaml index ef4ba79a..684785af 100644 --- a/puppet/services/pacemaker/glance-api.yaml +++ b/puppet/services/pacemaker/glance-api.yaml @@ -57,6 +57,7 @@ outputs: description: Role data for the Glance role. value: service_name: glance_api + monitoring_subscription: {get_attr: [GlanceApiBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [GlanceApiBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/glance-registry.yaml b/puppet/services/pacemaker/glance-registry.yaml index e417f09f..5bcabcab 100644 --- a/puppet/services/pacemaker/glance-registry.yaml +++ b/puppet/services/pacemaker/glance-registry.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Glance role. value: service_name: glance_registry + monitoring_subscription: {get_attr: [GlanceRegistryBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [GlanceRegistryBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml index 50bd3fa7..6a9161fa 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/pacemaker/gnocchi-api.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionGnocchiApi: + default: 'overcloud-gnocchi-api' + type: string resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-api.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Gnocchi role. value: service_name: gnocchi_api + monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiApi} config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml index 0a6b03ea..0f36b5d5 100644 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ b/puppet/services/pacemaker/gnocchi-metricd.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionGnocchiMetricd: + default: 'overcloud-gnocchi-metricd' + type: string resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-metricd.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Gnocchi role. value: service_name: gnocchi_metricd + monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiMetricd} config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml index 12256d32..b9afc590 100644 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ b/puppet/services/pacemaker/gnocchi-statsd.yaml @@ -18,10 +18,13 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionGnocchiStatsd: + default: 'overcloud-gnocchi-statsd' + type: string resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-statsd.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,6 +35,7 @@ outputs: description: Role data for the Gnocchi role. value: service_name: gnocchi_statsd + monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiStatsd} config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml index de028339..52104a71 100644 --- a/puppet/services/pacemaker/haproxy.yaml +++ b/puppet/services/pacemaker/haproxy.yaml @@ -32,6 +32,7 @@ outputs: description: Role data for the HAproxy with pacemaker role. value: service_name: haproxy + monitoring_subscription: {get_attr: [LoadbalancerServiceBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [LoadbalancerServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml index 155a35ec..eae01b58 100644 --- a/puppet/services/pacemaker/heat-api-cfn.yaml +++ b/puppet/services/pacemaker/heat-api-cfn.yaml @@ -32,6 +32,7 @@ outputs: description: Role data for the Heat CloudFormation API role. value: service_name: heat_api_cfn + monitoring_subscription: {get_attr: [HeatApiCfnBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [HeatApiCfnBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml index 85927650..5608ae91 100644 --- a/puppet/services/pacemaker/heat-api-cloudwatch.yaml +++ b/puppet/services/pacemaker/heat-api-cloudwatch.yaml @@ -32,6 +32,7 @@ outputs: description: Role data for the Heat Cloudwatch API role. value: service_name: heat_api_cloudwatch + monitoring_subscription: {get_attr: [HeatApiCloudwatchBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [HeatApiCloudwatchBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml index d7220619..6fd790c4 100644 --- a/puppet/services/pacemaker/heat-api.yaml +++ b/puppet/services/pacemaker/heat-api.yaml @@ -32,6 +32,7 @@ outputs: description: Role data for the Heat API role. value: service_name: heat_api + monitoring_subscription: {get_attr: [HeatApiBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [HeatApiBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml index 579f5f10..b8c962a8 100644 --- a/puppet/services/pacemaker/heat-engine.yaml +++ b/puppet/services/pacemaker/heat-engine.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Heat engine role. value: service_name: heat_engine + monitoring_subscription: {get_attr: [HeatEngineBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [HeatEngineBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/horizon.yaml b/puppet/services/pacemaker/horizon.yaml index bd1ff046..18de23ae 100644 --- a/puppet/services/pacemaker/horizon.yaml +++ b/puppet/services/pacemaker/horizon.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Horizon role. value: service_name: horizon + monitoring_subscription: {get_attr: [HorizonBase, role_data, monitoring_subscription]} config_settings: get_attr: [HorizonBase, role_data, config_settings] step_config: | diff --git a/puppet/services/pacemaker/keystone.yaml b/puppet/services/pacemaker/keystone.yaml index 701f01f1..0a479c9a 100644 --- a/puppet/services/pacemaker/keystone.yaml +++ b/puppet/services/pacemaker/keystone.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Keystone pacemaker role. value: service_name: keystone + monitoring_subscription: {get_attr: [KeystoneServiceBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [KeystoneServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml index 7479eb08..cabc31a0 100644 --- a/puppet/services/pacemaker/manila-share.yaml +++ b/puppet/services/pacemaker/manila-share.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the manila-share pacemaker role. value: service_name: manila_share + monitoring_subscription: {get_attr: [ManilaShareBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [ManilaShareBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/memcached.yaml b/puppet/services/pacemaker/memcached.yaml index e612d775..04b895b6 100644 --- a/puppet/services/pacemaker/memcached.yaml +++ b/puppet/services/pacemaker/memcached.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Memcached pacemaker role. value: service_name: memcached + monitoring_subscription: {get_attr: [MemcachedServiceBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [MemcachedServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/neutron-dhcp.yaml b/puppet/services/pacemaker/neutron-dhcp.yaml index f5f785e3..9b9e5849 100644 --- a/puppet/services/pacemaker/neutron-dhcp.yaml +++ b/puppet/services/pacemaker/neutron-dhcp.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Neutron DHCP role. value: service_name: neutron_dhcp + monitoring_subscription: {get_attr: [NeutronDhcpBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NeutronDhcpBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/neutron-l3.yaml b/puppet/services/pacemaker/neutron-l3.yaml index 87176632..21ac02d4 100644 --- a/puppet/services/pacemaker/neutron-l3.yaml +++ b/puppet/services/pacemaker/neutron-l3.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Neutron L3 role. value: service_name: neutron_l3 + monitoring_subscription: {get_attr: [NeutronL3Base, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NeutronL3Base, role_data, config_settings] diff --git a/puppet/services/pacemaker/neutron-metadata.yaml b/puppet/services/pacemaker/neutron-metadata.yaml index e00c2424..8c22d42d 100644 --- a/puppet/services/pacemaker/neutron-metadata.yaml +++ b/puppet/services/pacemaker/neutron-metadata.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Neutron Metadata role. value: service_name: neutron_metadata + monitoring_subscription: {get_attr: [NeutronMetadataBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NeutronMetadataBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/neutron-midonet.yaml b/puppet/services/pacemaker/neutron-midonet.yaml index fb39ea44..fdd5dafb 100644 --- a/puppet/services/pacemaker/neutron-midonet.yaml +++ b/puppet/services/pacemaker/neutron-midonet.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Neutron Midonet plugin. value: service_name: neutron_midonet + monitoring_subscription: {get_attr: [NeutronMidonetBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NeutronMidonetBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/neutron-ovs-agent.yaml b/puppet/services/pacemaker/neutron-ovs-agent.yaml index 353c2958..18d60735 100644 --- a/puppet/services/pacemaker/neutron-ovs-agent.yaml +++ b/puppet/services/pacemaker/neutron-ovs-agent.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Neutron OVS agent service. value: service_name: neutron_ovs_agent + monitoring_subscription: {get_attr: [NeutronOvsBase, role_data, monitoring_subscription]} config_settings: get_attr: [NeutronOvsBase, role_data, config_settings] step_config: | diff --git a/puppet/services/pacemaker/neutron-server.yaml b/puppet/services/pacemaker/neutron-server.yaml index fc04e5ee..33bc2d99 100644 --- a/puppet/services/pacemaker/neutron-server.yaml +++ b/puppet/services/pacemaker/neutron-server.yaml @@ -37,6 +37,7 @@ outputs: description: Role data for the Neutron Server. value: service_name: neutron_server + monitoring_subscription: {get_attr: [NeutronServerBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NeutronServerBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml index 709761e7..3d565348 100644 --- a/puppet/services/pacemaker/nova-api.yaml +++ b/puppet/services/pacemaker/nova-api.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Nova API role. value: service_name: nova_api + monitoring_subscription: {get_attr: [NovaApiBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NovaApiBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/nova-conductor.yaml b/puppet/services/pacemaker/nova-conductor.yaml index 7a2313c7..9d55a48a 100644 --- a/puppet/services/pacemaker/nova-conductor.yaml +++ b/puppet/services/pacemaker/nova-conductor.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Nova Conductor role. value: service_name: nova_conductor + monitoring_subscription: {get_attr: [NovaConductorBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NovaConductorBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml index 77550c80..814505fb 100644 --- a/puppet/services/pacemaker/nova-consoleauth.yaml +++ b/puppet/services/pacemaker/nova-consoleauth.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Nova Consoleauth role. value: service_name: nova_consoleauth + monitoring_subscription: {get_attr: [NovaConsoleauthBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NovaConsoleauthBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml index 2571ec43..27692268 100644 --- a/puppet/services/pacemaker/nova-scheduler.yaml +++ b/puppet/services/pacemaker/nova-scheduler.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Nova Scheduler role. value: service_name: nova_scheduler + monitoring_subscription: {get_attr: [NovaSchedulerBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NovaSchedulerBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vncproxy.yaml index e536826e..0ec5de68 100644 --- a/puppet/services/pacemaker/nova-vncproxy.yaml +++ b/puppet/services/pacemaker/nova-vncproxy.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Nova Vncproxy role. value: service_name: nova_vncproxy + monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [NovaVncproxyBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml index 3eb01398..f3fa2d28 100644 --- a/puppet/services/pacemaker/rabbitmq.yaml +++ b/puppet/services/pacemaker/rabbitmq.yaml @@ -32,6 +32,7 @@ outputs: description: Role data for the RabbitMQ pacemaker role. value: service_name: rabbitmq + monitoring_subscription: {get_attr: [RabbitMQServiceBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [RabbitMQServiceBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml index e20b7a08..214e8dbb 100644 --- a/puppet/services/pacemaker/sahara-api.yaml +++ b/puppet/services/pacemaker/sahara-api.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Sahara API role. value: service_name: sahara_api + monitoring_subscription: {get_attr: [SaharaApiBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [SaharaApiBase, role_data, config_settings] diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml index 07de74ca..aa85115d 100644 --- a/puppet/services/pacemaker/sahara-engine.yaml +++ b/puppet/services/pacemaker/sahara-engine.yaml @@ -33,6 +33,7 @@ outputs: description: Role data for the Sahara Engine role. value: service_name: sahara_engine + monitoring_subscription: {get_attr: [SaharaEngineBase, role_data, monitoring_subscription]} config_settings: map_merge: - get_attr: [SaharaEngineBase, role_data, config_settings] diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 06595b07..a0669dcd 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -38,12 +38,16 @@ parameters: type: string default: '' hidden: true + MonitoringSubscriptionRabbitmq: + default: 'overcloud-rabbitmq' + type: string outputs: role_data: description: Role data for the RabbitMQ role. value: service_name: rabbitmq + monitoring_subscription: {get_param: MonitoringSubscriptionRabbitmq} config_settings: rabbitmq::file_limit: {get_param: RabbitFDLimit} rabbitmq::default_user: {get_param: RabbitUserName} diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 5715a8c3..7f15ca72 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -30,6 +30,9 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionSaharaApi: + default: 'overcloud-sahara-api' + type: string resources: SaharaBase: @@ -44,6 +47,7 @@ outputs: description: Role data for the Sahara API role. value: service_name: sahara_api + monitoring_subscription: {get_param: MonitoringSubscriptionSaharaApi} config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] @@ -54,6 +58,12 @@ outputs: sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} sahara::keystone::auth::password: {get_param: SaharaPassword } sahara::keystone::auth::region: {get_param: KeystoneRegion} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + sahara::host: {get_param: [ServiceNetMap, SaharaApiNetwork]} tripleo.sahara_api.firewall_rules: '132 sahara': dport: diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml index fcf4d485..9224fd5f 100644 --- a/puppet/services/sahara-engine.yaml +++ b/puppet/services/sahara-engine.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MonitoringSubscriptionSaharaEngine: + default: 'overcloud-sahara-engine' + type: string resources: SaharaBase: @@ -32,6 +35,7 @@ outputs: description: Role data for the Sahara Engine role. value: service_name: sahara_engine + monitoring_subscription: {get_param: MonitoringSubscriptionSaharaEngine} config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index bb40001a..669e2872 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -49,5 +49,9 @@ outputs: yaql: expression: list($.data.s_names.where($ != null)) data: {s_names: {get_attr: [ServiceChain, role_data, service_name]}} + monitoring_subscriptions: + yaql: + expression: list($.data.subscriptions.where($ != null)) + data: {subscriptions: {get_attr: [ServiceChain, role_data, monitoring_subscription]}} config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]} diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml index e38ccf42..4d01632d 100644 --- a/puppet/services/snmp.yaml +++ b/puppet/services/snmp.yaml @@ -35,8 +35,8 @@ outputs: value: service_name: snmp config_settings: - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + tripleo::profile::base::snmp::snmpd_user: {get_param: SnmpdReadonlyUserName} + tripleo::profile::base::snmp::snmpd_password: {get_param: SnmpdReadonlyUserPassword} tripleo.snmp.firewall_rules: '127 snmp': dport: 161 diff --git a/puppet/services/swift-base.yaml b/puppet/services/swift-base.yaml new file mode 100644 index 00000000..741adb4d --- /dev/null +++ b/puppet/services/swift-base.yaml @@ -0,0 +1,33 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Swift Proxy service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + SwiftHashSuffix: + description: A random string to be used as a salt when hashing to determine mappings + in the ring. + hidden: true + type: string + +outputs: + role_data: + description: Role data for the Swift common swift settings. + value: + service_name: swift_base + config_settings: + swift::swift_hash_path_suffix: {get_param: SwiftHashSuffix} diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index 6c2bb44b..d7b0cd7c 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -38,58 +38,78 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionSwiftProxy: + default: 'overcloud-swift-proxy' + type: string +resources: + SwiftBase: + type: ./swift-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Swift proxy service. value: service_name: swift_proxy + monitoring_subscription: {get_param: MonitoringSubscriptionSwiftProxy} config_settings: - # Swift - swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - swift::proxy::authtoken::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - swift::proxy::authtoken::admin_password: {get_param: SwiftPassword} - swift::proxy::authtoken::admin_tenant_name: 'service' - swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout} - swift::proxy::workers: {get_param: SwiftWorkers} - swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]} - swift::keystone::auth::internal_url: {get_param: [EndpointMap, SwiftInternal, uri]} - swift::keystone::auth::admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]} - swift::keystone::auth::public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]} - swift::keystone::auth::internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]} - swift::keystone::auth::admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]} - swift::keystone::auth::password: {get_param: SwiftPassword} - swift::keystone::auth::region: {get_param: KeystoneRegion} - tripleo.swift_proxy.firewall_rules: - '122 swift proxy': - dport: - - 8080 - - 13808 - swift::keystone::auth::tenant: 'service' - swift::keystone::auth::configure_s3_endpoint: false - swift::keystone::auth::operator_roles: - - admin - - swiftoperator - - ResellerAdmin - swift::proxy::keystone::operator_roles: - - admin - - swiftoperator - - ResellerAdmin - swift::proxy::pipeline: - - 'catch_errors' - - 'healthcheck' - - 'proxy-logging' - - 'cache' - - 'ratelimit' - - 'bulk' - - 'tempurl' - - 'formpost' - - 'authtoken' - - 'keystone' - - 'staticweb' - - 'proxy-logging' - - 'proxy-server' - swift::proxy::account_autocreate: true + map_merge: + - get_attr: [SwiftBase, role_data, config_settings] + + - swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + swift::proxy::authtoken::password: {get_param: SwiftPassword} + swift::proxy::authtoken::project_name: 'service' + swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout} + swift::proxy::workers: {get_param: SwiftWorkers} + swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]} + swift::keystone::auth::internal_url: {get_param: [EndpointMap, SwiftInternal, uri]} + swift::keystone::auth::admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]} + swift::keystone::auth::public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]} + swift::keystone::auth::internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]} + swift::keystone::auth::admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]} + swift::keystone::auth::password: {get_param: SwiftPassword} + swift::keystone::auth::region: {get_param: KeystoneRegion} + tripleo.swift_proxy.firewall_rules: + '122 swift proxy': + dport: + - 8080 + - 13808 + swift::keystone::auth::tenant: 'service' + swift::keystone::auth::configure_s3_endpoint: false + swift::keystone::auth::operator_roles: + - admin + - swiftoperator + - ResellerAdmin + swift::proxy::keystone::operator_roles: + - admin + - swiftoperator + - ResellerAdmin + swift::proxy::pipeline: + - 'catch_errors' + - 'healthcheck' + - 'proxy-logging' + - 'cache' + - 'ratelimit' + - 'bulk' + - 'tempurl' + - 'formpost' + - 'authtoken' + - 'keystone' + - 'staticweb' + - 'proxy-logging' + - 'proxy-server' + swift::proxy::account_autocreate: true + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + swift::proxy::proxy_local_net_ip: {get_param: [ServiceNetMap, SwiftProxyNetwork]} step_config: | include ::tripleo::profile::base::swift::proxy diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 664a701f..91d52569 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -30,6 +30,9 @@ parameters: default: {} description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' type: json + MonitoringSubscriptionSwiftStorage: + default: 'overcloud-swift-storage' + type: string # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list @@ -45,34 +48,45 @@ parameter_groups: parameters: - ControllerEnableSwiftStorage +resources: + SwiftBase: + type: ./swift-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Role data for the Swift Proxy role. value: service_name: swift_storage + monitoring_subscription: {get_param: MonitoringSubscriptionSwiftStorage} config_settings: - # Swift - swift::storage::all::mount_check: {get_param: SwiftMountCheck} - tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage} - tripleo.swift_storage.firewall_rules: - '123 swift storage': - dport: - - 873 - - 6000 - - 6001 - - 6002 - swift::storage::all::incoming_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' - swift::storage::all::outgoing_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' - swift::storage::all::object_pipeline: - - healthcheck - - recon - - object-server - swift::storage::all::container_pipeline: - - healthcheck - - container-server - swift::storage::all::account_pipeline: - - healthcheck - - account-server - swift::storage::disks: {get_param: SwiftRawDisks} + map_merge: + - get_attr: [SwiftBase, role_data, config_settings] + - swift::storage::all::mount_check: {get_param: SwiftMountCheck} + tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage} + tripleo.swift_storage.firewall_rules: + '123 swift storage': + dport: + - 873 + - 6000 + - 6001 + - 6002 + swift::storage::all::incoming_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' + swift::storage::all::outgoing_chmod: 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r' + swift::storage::all::object_pipeline: + - healthcheck + - recon + - object-server + swift::storage::all::container_pipeline: + - healthcheck + - container-server + swift::storage::all::account_pipeline: + - healthcheck + - account-server + swift::storage::disks: {get_param: SwiftRawDisks} + swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml index 14965b4f..f6ec458f 100644 --- a/puppet/services/tripleo-firewall.yaml +++ b/puppet/services/tripleo-firewall.yaml @@ -18,11 +18,22 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ManageFirewall: + default: false + description: Whether to manage IPtables rules. + type: boolean + PurgeFirewallRules: + default: false + description: Whether IPtables rules should be purged before setting up the new ones. + type: boolean outputs: role_data: description: Role data for the TripleO firewall settings value: service_name: tripleo_firewall + config_settings: + tripleo::firewall::manage_firewall: {get_param: ManageFirewall} + tripleo::firewall::purge_firewall_rules: {get_param: PurgeFirewallRules} step_config: | include ::tripleo::firewall diff --git a/puppet/swift-devices-and-proxy-config.yaml b/puppet/swift-devices-and-proxy-config.yaml index 14df831f..afee4dac 100644 --- a/puppet/swift-devices-and-proxy-config.yaml +++ b/puppet/swift-devices-and-proxy-config.yaml @@ -6,8 +6,6 @@ parameters: type: comma_delimited_list object_store_swift_devices: type: comma_delimited_list - controller_swift_proxy_memcaches: - type: comma_delimited_list resources: @@ -29,14 +27,6 @@ resources: - list_join: - ", " - {get_param: object_store_swift_devices} - swift::proxy::cache::memcache_servers: - str_replace: - template: "['SERVERS_LIST']" - params: - SERVERS_LIST: - list_join: - - "','" - - {get_param: controller_swift_proxy_memcaches} outputs: config_id: diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index 859fad2c..ebc54ab0 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -13,6 +13,7 @@ parameters: default: {} DeployIdentifier: type: string + default: '' description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 1f3022b8..a5bb1403 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -7,11 +7,6 @@ parameters: type: string constraints: - custom_constraint: nova.flavor - HashSuffix: - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string SwiftStorageImage: default: overcloud-full type: string @@ -21,14 +16,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true UpdateIdentifier: default: '' type: string @@ -97,6 +84,9 @@ parameters: ServiceNames: type: comma_delimited_list default: [] + MonitoringSubscriptions: + type: comma_delimited_list + default: [] ConfigCommand: type: string description: Command which will be run whenever configuration data changes @@ -255,6 +245,7 @@ resources: service_names: mapped_data: service_names: {get_param: ServiceNames} + sensu::subscriptions: {get_param: MonitoringSubscriptions} service_configs: mapped_data: map_replace: @@ -266,10 +257,6 @@ resources: mapped_data: {get_param: ExtraConfig} object: mapped_data: # data supplied directly to this deployment configuration, etc - swift::swift_hash_path_suffix: { get_input: swift_hash_suffix } - swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -281,12 +268,7 @@ resources: server: {get_resource: SwiftStorage} config: {get_resource: SwiftStorageHieraConfig} input_values: - local_ip: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - swift_hash_suffix: {get_param: HashSuffix} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml deleted file mode 100644 index 7ce23a20..00000000 --- a/puppet/vip-config.yaml +++ /dev/null @@ -1,57 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - Configure hieradata for service -> virtual IP mappings. - -resources: - VipConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - vip_data: - mapped_data: - keystone_admin_api_vip: {get_input: keystone_admin_api_vip} - keystone_public_api_vip: {get_input: keystone_public_api_vip} - neutron_api_vip: {get_input: neutron_api_vip} - # TODO: pass a `midonet_api_vip` var - midonet_api_vip: {get_input: neutron_api_vip} - cinder_api_vip: {get_input: cinder_api_vip} - glance_api_vip: {get_input: glance_api_vip} - glance_registry_vip: {get_input: glance_registry_vip} - sahara_api_vip: {get_input: sahara_api_vip} - swift_proxy_vip: {get_input: swift_proxy_vip} - manila_api_vip: {get_input: manila_api_vip} - nova_api_vip: {get_input: nova_api_vip} - nova_metadata_vip: {get_input: nova_metadata_vip} - ceilometer_api_vip: {get_input: ceilometer_api_vip} - aodh_api_vip: {get_input: aodh_api_vip} - gnocchi_api_vip: {get_input: gnocchi_api_vip} - heat_api_vip: {get_input: heat_api_vip} - horizon_vip: {get_input: horizon_vip} - redis_vip: {get_input: redis_vip} - mysql_vip: {get_input: mysql_vip} - public_virtual_ip: {get_input: public_virtual_ip} - controller_virtual_ip: {get_input: control_virtual_ip} - internal_api_virtual_ip: {get_input: internal_api_virtual_ip} - storage_virtual_ip: {get_input: storage_virtual_ip} - storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} - ironic_api_vip: {get_input: ironic_api_vip} - # public_virtual_ip and controller_virtual_ip are needed in - # both HAproxy & keepalived. - tripleo::haproxy::public_virtual_ip: {get_input: public_virtual_ip} - tripleo::haproxy::controller_virtual_ip: {get_input: control_virtual_ip} - tripleo::keepalived::public_virtual_ip: {get_input: public_virtual_ip} - tripleo::keepalived::controller_virtual_ip: {get_input: control_virtual_ip} - tripleo::keepalived::internal_api_virtual_ip: {get_input: internal_api_virtual_ip} - tripleo::keepalived::storage_virtual_ip: {get_input: storage_virtual_ip} - tripleo::keepalived::storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} - tripleo::redis_notification::haproxy_monitor_ip: {get_input: control_virtual_ip} - - -outputs: - OS::stack_id: - description: The VipConfigImpl resource. - value: {get_resource: VipConfigImpl} diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index d75aeb4f..7b3d3473 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -17,6 +17,8 @@ import traceback import yaml +required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords'] + def exit_usage(): print('Usage %s <yaml file or directory>' % sys.argv[0]) sys.exit(1) @@ -40,7 +42,6 @@ def validate_service(filename, tpl): % filename) return 1 if 'parameters' in tpl: - required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords'] for param in required_params: if param not in tpl['parameters']: print('ERROR: parameter %s is required for %s.' @@ -64,6 +65,8 @@ def validate(filename): return 1 # yaml is OK, now walk the parameters and output a warning for unused ones for p in tpl.get('parameters', {}): + if p in required_params: + continue str_p = '\'%s\'' % p in_resources = str_p in str(tpl.get('resources', {})) in_outputs = str_p in str(tpl.get('outputs', {})) |