diff options
85 files changed, 927 insertions, 4806 deletions
diff --git a/docker/deploy-steps-playbook.yaml b/common/deploy-steps-tasks.yaml index b884e0e7..998bbe0c 100644 --- a/docker/deploy-steps-playbook.yaml +++ b/common/deploy-steps-tasks.yaml @@ -1,6 +1,6 @@ -- hosts: localhost - connection: local - tasks: + # Note the indentation here is required as it's joined + # to create a playbook in deploy-steps.j2 + ##################################################### # Per step puppet configuration of the baremetal host ##################################################### @@ -27,7 +27,7 @@ shell: python /var/lib/docker-puppet/docker-puppet.py environment: NET_HOST: 'true' - DEBUG: '{{docker_puppet_debug}}' + DEBUG: '{{docker_puppet_debug|default(false)}}' when: step == "1" changed_when: false check_mode: no diff --git a/docker/docker-steps.j2 b/common/deploy-steps.j2 index 05ff7945..b36bb97a 100644 --- a/docker/docker-steps.j2 +++ b/common/deploy-steps.j2 @@ -10,6 +10,7 @@ {%- set primary_role_name = primary_role[0].name -%} # primary role is: {{primary_role_name}} {% set deploy_steps_max = 6 -%} +{% set update_steps_max = 6 -%} heat_template_version: pike @@ -72,7 +73,15 @@ resources: - name: update_identifier - name: bootstrap_server_id - name: docker_puppet_debug - config: {get_file: deploy-steps-playbook.yaml} + config: + str_replace: + template: | + - hosts: localhost + connection: local + tasks: + _TASKS + params: + _TASKS: {get_file: deploy-steps-tasks.yaml} {%- for step in range(1, deploy_steps_max) %} # BEGIN service_workflow_tasks handling @@ -159,7 +168,7 @@ resources: connection: local vars: puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]} - docker_puppet_script: {get_file: docker-puppet.py} + docker_puppet_script: {get_file: ../docker/docker-puppet.py} docker_puppet_tasks: {get_param: [role_data, {{role.name}}, docker_puppet_tasks]} docker_startup_configs: {get_param: [role_data, {{role.name}}, docker_config]} kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]} @@ -235,7 +244,7 @@ resources: {% for step in range(1, deploy_steps_max) %} {{role.name}}Deployment_Step{{step}}: - type: OS::Heat::StructuredDeploymentGroup + type: OS::TripleO::DeploymentSteps depends_on: - WorkflowTasks_Step{{step}}_Execution # TODO(gfidente): the following if/else condition @@ -294,3 +303,38 @@ resources: {% endfor %} + +outputs: + RoleConfig: + description: Mapping of config data for all roles + value: + deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml} + deploy_steps_playbook: | + - hosts: overcloud + tasks: +{%- for role in roles %} + - include: {{role.name}}/host_prep_tasks.yaml + when: role_name == '{{role.name}}' +{%- endfor %} + - include: deploy_steps_tasks.yaml + with_sequence: count={{deploy_steps_max-1}} + loop_control: + loop_var: step + update_steps_tasks: | +{%- for role in roles %} + - include: {{role.name}}/update_tasks.yaml + when: role_name == '{{role.name}}' +{%- endfor %} + update_steps_playbook: | + - hosts: overcloud + serial: 1 + tasks: + - include: update_steps_tasks.yaml + with_sequence: count={{update_steps_max-1}} + loop_control: + loop_var: step + - include: deploy_steps_tasks.yaml + with_sequence: count={{deploy_steps_max-1}} + loop_control: + loop_var: step + diff --git a/puppet/major_upgrade_steps.j2.yaml b/common/major_upgrade_steps.j2.yaml index 11113eec..11113eec 100644 --- a/puppet/major_upgrade_steps.j2.yaml +++ b/common/major_upgrade_steps.j2.yaml diff --git a/docker/post-upgrade.j2.yaml b/common/post-upgrade.j2.yaml index 4477f868..7cd6abdf 100644 --- a/docker/post-upgrade.j2.yaml +++ b/common/post-upgrade.j2.yaml @@ -1,4 +1,4 @@ # Note the include here is the same as post.j2.yaml but the data used at # # the time of rendering is different if any roles disable upgrades {% set roles = roles|rejectattr('disable_upgrade_deployment')|list -%} -{% include 'docker-steps.j2' %} +{% include 'deploy-steps.j2' %} diff --git a/common/post.j2.yaml b/common/post.j2.yaml new file mode 100644 index 00000000..8a70dfa9 --- /dev/null +++ b/common/post.j2.yaml @@ -0,0 +1 @@ +{% include 'deploy-steps.j2' %} diff --git a/common/services.yaml b/common/services.yaml index 0bc3462f..a8186e43 100644 --- a/common/services.yaml +++ b/common/services.yaml @@ -193,6 +193,16 @@ resources: expression: coalesce($.data, []).where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct() data: {get_attr: [ServiceChain, role_data]} + UpdateTasks: + type: OS::Heat::Value + properties: + type: comma_delimited_list + value: + yaql: + # Note we use distinct() here to filter any identical tasks, e.g yum update for all services + expression: coalesce($.data, []).where($ != null).select($.get('update_tasks')).where($ != null).flatten().distinct() + data: {get_attr: [ServiceChain, role_data]} + UpgradeBatchTasks: type: OS::Heat::Value properties: @@ -253,6 +263,7 @@ outputs: service_workflow_tasks: {get_attr: [ServiceWorkflowTasks, value]} step_config: {get_attr: [PuppetStepConfig, value]} upgrade_tasks: {get_attr: [UpgradeTasks, value]} + update_tasks: {get_attr: [UpdateTasks, value]} upgrade_batch_tasks: {get_attr: [UpgradeBatchTasks, value]} service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]} diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml deleted file mode 100644 index fd956215..00000000 --- a/docker/post.j2.yaml +++ /dev/null @@ -1 +0,0 @@ -{% include 'docker-steps.j2' %} diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml index 8afb6d28..da4b981c 100644 --- a/docker/services/aodh-api.yaml +++ b/docker/services/aodh-api.yaml @@ -114,6 +114,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/aodh/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro - /var/log/containers/aodh:/var/log/aodh command: "/usr/bin/bootstrap_host_exec aodh_api su aodh -s /bin/bash -c /usr/bin/aodh-dbsync" diff --git a/docker/services/ceilometer-agent-central.yaml b/docker/services/ceilometer-agent-central.yaml index 6caffd15..424c316f 100644 --- a/docker/services/ceilometer-agent-central.yaml +++ b/docker/services/ceilometer-agent-central.yaml @@ -115,7 +115,7 @@ outputs: command: - '/usr/bin/bootstrap_host_exec' - 'ceilometer_agent_central' - - "su ceilometer -s /bin/bash -c '/usr/bin/ceilometer-upgrade --skip-metering-database'" + - "su ceilometer -s /bin/bash -c 'for n in {1..10}; do /usr/bin/ceilometer-upgrade --skip-metering-database && exit 0 || sleep 5; done; exit 1'" upgrade_tasks: - name: Stop and disable ceilometer agent central service tags: step2 diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml index 1468415e..52c4a65c 100644 --- a/docker/services/ceph-ansible/ceph-base.yaml +++ b/docker/services/ceph-ansible/ceph-base.yaml @@ -102,6 +102,33 @@ conditions: data: {get_param: DockerCephDaemonImage} expression: $.data.split('/')[0].matches('(\.|:)') +resources: + DockerImageUrlParts: + type: OS::Heat::Value + properties: + type: json + value: + host: + if: + - custom_registry_host + - yaql: + expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*)/').split($location)[1] + data: {get_param: DockerCephDaemonImage} + - docker.io + image: + if: + - custom_registry_host + - yaql: + expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*)/').split($location)[2] + data: {get_param: DockerCephDaemonImage} + - yaql: + expression: $.data.rightSplit(':', 1)[0] + data: {get_param: DockerCephDaemonImage} + image_tag: + yaql: + expression: $.data.rightSplit(':', 1)[1] + data: {get_param: DockerCephDaemonImage} + outputs: role_data: description: Role data for the Ceph base service. @@ -125,23 +152,12 @@ outputs: ceph_common_ansible_vars: fsid: { get_param: CephClusterFSID } docker: true - ceph_docker_registry: - if: - - custom_registry_host - - yaql: - expression: regex('(?:https?://)?(.*)/').split($.data)[1] - data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]} - - docker.io - ceph_docker_image: - if: - - custom_registry_host - - yaql: - expression: regex('(?:https?://)?(.*)/').split($.data)[2] - data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]} - - {str_split: [':', {get_param: DockerCephDaemonImage}, 0]} - ceph_docker_image_tag: {str_split: [':', {get_param: DockerCephDaemonImage}, 1]} + ceph_docker_registry: {get_attr: [DockerImageUrlParts, value, host]} + ceph_docker_image: {get_attr: [DockerImageUrlParts, value, image]} + ceph_docker_image_tag: {get_attr: [DockerImageUrlParts, value, image_tag]} containerized_deployment: true public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} + monitor_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} user_config: true ceph_stable: true @@ -185,11 +201,7 @@ outputs: CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} GLANCE_POOL: {get_param: GlanceRbdPoolName} GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} - acls: - - "u:glance:r--" - - "u:nova:r--" - - "u:cinder:r--" - - "u:gnocchi:r--" + mode: "0644" keys: *openstack_keys pools: [] ceph_conf_overrides: diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml index 5ba79b31..9b5c5b8f 100644 --- a/docker/services/database/mongodb.yaml +++ b/docker/services/database/mongodb.yaml @@ -36,6 +36,18 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -77,6 +89,10 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/mongodb owner: mongodb:mongodb @@ -84,6 +100,8 @@ outputs: - path: /var/log/mongodb owner: mongodb:mongodb recurse: true + - path: /etc/pki/tls/certs/mongodb.pem + owner: mongodb:mongodb docker_config: step_2: mongodb: @@ -91,11 +109,21 @@ outputs: net: host privileged: false volumes: &mongodb_volumes - - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro - - /etc/localtime:/etc/localtime:ro - - /var/log/containers/mongodb:/var/log/mongodb - - /var/lib/mongodb:/var/lib/mongodb + list_concat: + - - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json + - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro + - /etc/localtime:/etc/localtime:ro + - /var/log/containers/mongodb:/var/log/mongodb + - /var/lib/mongodb:/var/lib/mongodb + - if: + - internal_tls_enabled + - - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro + - null environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS docker_puppet_tasks: @@ -106,8 +134,18 @@ outputs: step_config: 'include ::tripleo::profile::base::database::mongodb' config_image: *mongodb_config_image volumes: - - /var/lib/mongodb:/var/lib/mongodb - - /var/log/containers/mongodb:/var/log/mongodb + list_concat: + - - /var/lib/mongodb:/var/lib/mongodb + - /var/log/containers/mongodb:/var/log/mongodb + - if: + - internal_tls_enabled + - - list_join: + - ':' + - - {get_param: InternalTLSCAFile} + - {get_param: InternalTLSCAFile} + - 'ro' + - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro + - null host_prep_tasks: - name: create persistent directories file: @@ -116,6 +154,8 @@ outputs: with_items: - /var/log/containers/mongodb - /var/lib/mongodb + metadata_settings: + get_attr: [MongodbPuppetBase, role_data, metadata_settings] upgrade_tasks: - name: Stop and disable mongodb service tags: step2 diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml index 41fe197b..1443da40 100644 --- a/docker/services/gnocchi-api.yaml +++ b/docker/services/gnocchi-api.yaml @@ -88,6 +88,10 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-ceph/" + dest: "/etc/ceph/" + merge: true + preserve_properties: true permissions: - path: /var/log/gnocchi owner: gnocchi:gnocchi @@ -101,7 +105,7 @@ outputs: volumes: - /var/log/containers/gnocchi:/var/log/gnocchi command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R gnocchi:gnocchi /var/log/gnocchi'] - step_3: + step_4: gnocchi_db_sync: image: *gnocchi_api_image net: host @@ -112,14 +116,16 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/gnocchi/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro - /var/log/containers/gnocchi:/var/log/gnocchi + - /etc/ceph:/etc/ceph:ro command: str_replace: - template: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c /usr/bin/gnocchi-upgrade --sacks-number=SACK_NUM" + template: /usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c '/usr/bin/gnocchi-upgrade --sacks-number=SACK_NUM' params: SACK_NUM: {get_param: NumberOfStorageSacks} - step_4: + step_5: gnocchi_api: image: *gnocchi_api_image net: host @@ -132,6 +138,7 @@ outputs: - /var/lib/kolla/config_files/gnocchi_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro - /var/log/containers/gnocchi:/var/log/gnocchi + - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro - if: - internal_tls_enabled @@ -149,6 +156,10 @@ outputs: file: path: /var/log/containers/gnocchi state: directory + - name: ensure ceph configurations exist + file: + path: /etc/ceph + state: directory upgrade_tasks: - name: Stop and disable httpd service tags: step2 diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml index a20dc131..fdba7d58 100644 --- a/docker/services/heat-engine.yaml +++ b/docker/services/heat-engine.yaml @@ -109,6 +109,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/heat/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro - /var/log/containers/heat:/var/log/heat command: "/usr/bin/bootstrap_host_exec heat_engine su heat -s /bin/bash -c 'heat-manage db_sync'" diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml index b4fce226..85a07128 100644 --- a/docker/services/neutron-api.yaml +++ b/docker/services/neutron-api.yaml @@ -122,6 +122,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/neutron/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro - /var/log/containers/neutron:/var/log/neutron diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index da461049..be2c8a5e 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -36,6 +36,13 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -64,9 +71,6 @@ outputs: map_merge: - get_attr: [NovaApiBase, role_data, config_settings] - apache::default_vhost: false - nova_wsgi_enabled: false - nova::api::service_name: '%{::nova::params::api_service_name}' - nova::wsgi::apache_api::ssl: false step_config: &step_config list_join: - "\n" @@ -82,7 +86,7 @@ outputs: config_image: {get_param: DockerNovaConfigImage} kolla_config: /var/lib/kolla/config_files/nova_api.json: - command: /usr/bin/nova-api + command: /usr/sbin/httpd -DFOREGROUND config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" @@ -112,7 +116,7 @@ outputs: user: root volumes: - /var/log/containers/nova:/var/log/nova - command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova'] + command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R nova:nova /var/log/nova'] step_3: nova_api_db_sync: start_order: 0 @@ -124,6 +128,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro - /var/log/containers/nova:/var/log/nova command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'" @@ -163,7 +168,7 @@ outputs: start_order: 2 image: *nova_api_image net: host - user: nova + user: root privileged: true restart: always volumes: @@ -173,6 +178,16 @@ outputs: - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS nova_api_cron: diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml index d784ace3..26d17560 100644 --- a/docker/services/nova-placement.yaml +++ b/docker/services/nova-placement.yaml @@ -36,6 +36,13 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -104,6 +111,16 @@ outputs: - /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/nova_placement/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS metadata_settings: diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml index 3fb38349..8ba7d723 100644 --- a/docker/services/pacemaker/database/mysql.yaml +++ b/docker/services/pacemaker/database/mysql.yaml @@ -43,6 +43,14 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. resources: @@ -59,6 +67,10 @@ resources: RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} + outputs: role_data: description: Containerized service MySQL using composable services. @@ -79,6 +91,13 @@ outputs: - 4567 - 4568 - 9200 + - + if: + - internal_tls_enabled + - + tripleo::profile::pacemaker::database::mysql_bundle::ca_file: + get_param: InternalTLSCAFile + - {} step_config: "" # BEGIN DOCKER SETTINGS # puppet_config: @@ -103,6 +122,20 @@ outputs: dest: "/" merge: true preserve_properties: true + - source: "/var/lib/kolla/config_files/src-tls/*" + dest: "/" + merge: true + optional: true + preserve_properties: true + permissions: + - path: /etc/pki/tls/certs/mysql.crt + owner: mysql:mysql + perm: '0600' + optional: true + - path: /etc/pki/tls/private/mysql.key + owner: mysql:mysql + perm: '0600' + optional: true docker_config: step_1: mysql_data_ownership: @@ -195,6 +228,8 @@ outputs: file: path: /var/lib/mysql state: directory + metadata_settings: + get_attr: [MysqlPuppetBase, role_data, metadata_settings] upgrade_tasks: - name: get bootstrap nodeid tags: common @@ -220,3 +255,9 @@ outputs: - name: Disable mysql service tags: step2 service: name=mariadb enabled=no + - name: Remove clustercheck service from xinetd + tags: step2 + file: state=absent path=/etc/xinetd.d/galera-monitor + - name: Restart xinetd service after clustercheck removal + tags: step2 + service: name=xinetd state=restarted diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml index 01c17388..626d9176 100644 --- a/docker/services/panko-api.yaml +++ b/docker/services/panko-api.yaml @@ -116,6 +116,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/panko/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/panko/etc/panko:/etc/panko:ro - /var/log/containers/panko:/var/log/panko command: "/usr/bin/bootstrap_host_exec panko_api su panko -s /bin/bash -c '/usr/bin/panko-dbsync'" diff --git a/environments/docker-centos-tripleoupstream.yaml b/environments/docker-centos-tripleoupstream.yaml index 47f8e528..01a118e4 100644 --- a/environments/docker-centos-tripleoupstream.yaml +++ b/environments/docker-centos-tripleoupstream.yaml @@ -1,6 +1,6 @@ -# Generated with the following on 2017-07-12T11:40:50.219622 +# Generated with the following on 2017-08-11T04:58:59.567629 # -# overcloud container image prepare --env-file environments/docker-centos-tripleoupstream.yaml +# openstack overcloud container image prepare --env-file environments/docker-centos-tripleoupstream.yaml # parameter_defaults: @@ -9,6 +9,7 @@ parameter_defaults: DockerAodhEvaluatorImage: tripleoupstream/centos-binary-aodh-evaluator:latest DockerAodhListenerImage: tripleoupstream/centos-binary-aodh-listener:latest DockerAodhNotifierImage: tripleoupstream/centos-binary-aodh-notifier:latest + DockerBarbicanApiImage: tripleoupstream/centos-binary-barbican-api:latest DockerCeilometerCentralImage: tripleoupstream/centos-binary-ceilometer-central:latest DockerCeilometerComputeImage: tripleoupstream/centos-binary-ceilometer-compute:latest DockerCeilometerConfigImage: tripleoupstream/centos-binary-ceilometer-central:latest @@ -45,8 +46,8 @@ parameter_defaults: DockerHeatEngineImage: tripleoupstream/centos-binary-heat-engine:latest DockerHorizonConfigImage: tripleoupstream/centos-binary-horizon:latest DockerHorizonImage: tripleoupstream/centos-binary-horizon:latest - DockerIronicApiImage: tripleoupstream/centos-binary-ironic-api:latest DockerIronicApiConfigImage: tripleoupstream/centos-binary-ironic-api:latest + DockerIronicApiImage: tripleoupstream/centos-binary-ironic-api:latest DockerIronicConductorImage: tripleoupstream/centos-binary-ironic-conductor:latest DockerIronicConfigImage: tripleoupstream/centos-binary-ironic-pxe:latest DockerIronicInspectorConfigImage: tripleoupstream/centos-binary-ironic-inspector:latest @@ -82,7 +83,7 @@ parameter_defaults: DockerNovaComputeImage: tripleoupstream/centos-binary-nova-compute:latest DockerNovaComputeIronicImage: tripleoupstream/centos-binary-nova-compute-ironic:latest DockerNovaConductorImage: tripleoupstream/centos-binary-nova-conductor:latest - DockerNovaConfigImage: tripleoupstream/centos-binary-nova-base:latest + DockerNovaConfigImage: tripleoupstream/centos-binary-nova-api:latest DockerNovaConsoleauthImage: tripleoupstream/centos-binary-nova-consoleauth:latest DockerNovaLibvirtConfigImage: tripleoupstream/centos-binary-nova-compute:latest DockerNovaLibvirtImage: tripleoupstream/centos-binary-nova-libvirt:latest @@ -100,8 +101,6 @@ parameter_defaults: DockerOctaviaHealthManagerImage: tripleoupstream/centos-binary-octavia-health-manager:latest DockerOctaviaHousekeepingImage: tripleoupstream/centos-binary-octavia-housekeeping:latest DockerOctaviaWorkerImage: tripleoupstream/centos-binary-octavia-worker:latest - DockerOpendaylightApiImage: tripleoupstream/centos-binary-opendaylight:latest - DockerOpendaylightConfigImage: tripleoupstream/centos-binary-opendaylight:latest DockerOpenvswitchImage: tripleoupstream/centos-binary-neutron-openvswitch-agent:latest DockerPankoApiImage: tripleoupstream/centos-binary-panko-api:latest DockerPankoConfigImage: tripleoupstream/centos-binary-panko-api:latest diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml index d4743326..49d02e6f 100644 --- a/environments/docker-services-tls-everywhere.yaml +++ b/environments/docker-services-tls-everywhere.yaml @@ -41,6 +41,3 @@ resource_registry: OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml OS::TripleO::Services::SwiftStorage: ../docker/services/swift-storage.yaml - - OS::TripleO::PostDeploySteps: ../docker/post.yaml - OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml diff --git a/environments/docker.yaml b/environments/docker.yaml index 336a0b3c..9b977f6e 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -61,6 +61,3 @@ resource_registry: # OS::TripleO::Services::CinderScheduler: ../docker/services/cinder-scheduler.yaml # OS::TripleO::Services::CinderBackup: ../docker/services/cinder-backup.yaml # OS::TripleO::Services::CinderVolume: ../docker/services/cinder-volume.yaml - - OS::TripleO::PostDeploySteps: ../docker/post.yaml - OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml diff --git a/environments/ips-from-pool-all.yaml b/environments/ips-from-pool-all.yaml index 87563753..d4eccbcf 100644 --- a/environments/ips-from-pool-all.yaml +++ b/environments/ips-from-pool-all.yaml @@ -51,7 +51,7 @@ parameter_defaults: - 172.16.0.251 #management: #- 172.16.4.251 - NovaComputeIPs: + ComputeIPs: # Each compute will get an IP from the lists below, first compute, first IP internal_api: - 172.16.2.252 diff --git a/environments/major-upgrade-composable-steps-docker.yaml b/environments/major-upgrade-composable-steps-docker.yaml index 20340c78..888e2705 100644 --- a/environments/major-upgrade-composable-steps-docker.yaml +++ b/environments/major-upgrade-composable-steps-docker.yaml @@ -1,8 +1,5 @@ resource_registry: - # FIXME(shardy) do we need to break major_upgrade_steps.yaml apart to - # enable docker specific logic, or is just overridding PostUpgradeSteps - # enough (as we want to share the ansible tasks steps etc) - OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml + OS::TripleO::PostDeploySteps: ../common/major_upgrade_steps.yaml parameter_defaults: EnableConfigPurge: false StackUpdateType: UPGRADE diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml index 5a695171..db83f906 100644 --- a/environments/major-upgrade-composable-steps.yaml +++ b/environments/major-upgrade-composable-steps.yaml @@ -1,5 +1,5 @@ resource_registry: - OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml + OS::TripleO::PostDeploySteps: ../common/major_upgrade_steps.yaml parameter_defaults: EnableConfigPurge: true StackUpdateType: UPGRADE diff --git a/environments/major-upgrade-converge-docker.yaml b/environments/major-upgrade-converge-docker.yaml index 163d1de4..668f8a94 100644 --- a/environments/major-upgrade-converge-docker.yaml +++ b/environments/major-upgrade-converge-docker.yaml @@ -1,7 +1,7 @@ # Use this to reset any mappings only used for upgrades after the # update of all nodes is completed resource_registry: - OS::TripleO::PostDeploySteps: ../docker/post.yaml + OS::TripleO::PostDeploySteps: ../common/post.yaml parameter_defaults: EnableConfigPurge: false StackUpdateType: '' diff --git a/environments/major-upgrade-converge.yaml b/environments/major-upgrade-converge.yaml index d222fb86..668f8a94 100644 --- a/environments/major-upgrade-converge.yaml +++ b/environments/major-upgrade-converge.yaml @@ -1,7 +1,7 @@ # Use this to reset any mappings only used for upgrades after the # update of all nodes is completed resource_registry: - OS::TripleO::PostDeploySteps: ../puppet/post.yaml + OS::TripleO::PostDeploySteps: ../common/post.yaml parameter_defaults: EnableConfigPurge: false StackUpdateType: '' diff --git a/environments/network-isolation-v6.j2.yaml b/environments/network-isolation-v6.j2.yaml new file mode 100644 index 00000000..bb27ee43 --- /dev/null +++ b/environments/network-isolation-v6.j2.yaml @@ -0,0 +1,58 @@ +{%- set primary_role = [roles[0]] -%} +{%- for role in roles -%} + {%- if 'primary' in role.tags and 'controller' in role.tags -%} + {%- set _ = primary_role.pop() -%} + {%- set _ = primary_role.append(role) -%} + {%- endif -%} +{%- endfor -%} +{%- set primary_role_name = primary_role[0].name -%} +# Enable the creation of Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +# primary role is: {{primary_role_name}} +resource_registry: + # networks as defined in network_data.yaml + {%- for network in networks if network.enabled|default(true) %} + {%- if network.name != 'Tenant' %} + OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}_v6.yaml + {%- else %} + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}.yaml + {%- endif %} + {%- endfor %} + + # Port assignments for the VIPs + {%- for network in networks if network.vip and network.enabled|default(true) %} + OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml + {%- endfor %} + + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + +{%- for role in roles %} + # Port assignments for the {{role.name}} + {%- for network in networks %} + {%- if network.name in role.networks|default([]) and network.enabled|default(true) and network.name != 'Tenant' %} + OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml + {%- elif network.name in role.networks|default([]) and network.enabled|default(true) and network.name == 'Tenant' %} + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}.yaml + {%- else %} + OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/noop.yaml + {%- endif %} + {%- endfor %} +{%- endfor %} + + +parameter_defaults: + # Enable IPv6 for Ceph. + CephIPv6: True + # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster. + CorosyncIPv6: True + # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. + MongoDbIPv6: True + # Enable various IPv6 features in Nova. + NovaIPv6: True + # Enable IPv6 environment for RabbitMQ. + RabbitIPv6: True + # Enable IPv6 environment for Memcached. + MemcachedIPv6: True diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml deleted file mode 100644 index 11ca5b31..00000000 --- a/environments/network-isolation-v6.yaml +++ /dev/null @@ -1,57 +0,0 @@ -# Enable the creation of IPv6 Neutron networks for isolated Overcloud -# traffic and configure each role to assign ports (related -# to that role) on these networks. -resource_registry: - OS::TripleO::Network::External: ../network/external_v6.yaml - OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml - OS::TripleO::Network::Storage: ../network/storage_v6.yaml - # IPv4 until OVS and Neutron support IPv6 tunnel endpoints - OS::TripleO::Network::Tenant: ../network/tenant.yaml - - # Port assignments for the VIPs - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml - - # Port assignments for the controller role - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - - # Port assignments for the compute role - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml - - # Port assignments for the ceph storage role - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - - # Port assignments for the swift storage role - OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - - # Port assignments for the block storage role - OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - -parameter_defaults: - # Enable IPv6 for Ceph. - CephIPv6: True - # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster. - CorosyncIPv6: True - # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. - MongoDbIPv6: True - # Enable various IPv6 features in Nova. - NovaIPv6: True - # Enable IPv6 environment for RabbitMQ. - RabbitIPv6: true - # Enable IPv6 environment for Memcached. - MemcachedIPv6: true diff --git a/environments/network-management-v6.yaml b/environments/network-management-v6.yaml index 812e84f3..59056217 100644 --- a/environments/network-management-v6.yaml +++ b/environments/network-management-v6.yaml @@ -1,3 +1,7 @@ +# ****************************************************************************** +# DEPRECATED: Use tripleo-heat-templates/environments/network-isolation-v6.yaml +# and define the needed networks in your custom role file. +# ****************************************************************************** # Enable the creation of an IPv6 system management network. This # creates a Neutron network for isolated Overcloud # system management traffic and configures each role to diff --git a/environments/network-management.yaml b/environments/network-management.yaml index 041617be..5f50bb15 100644 --- a/environments/network-management.yaml +++ b/environments/network-management.yaml @@ -1,3 +1,7 @@ +# *************************************************************************** +# DEPRECATED: Use tripleo-heat-templates/environments/network-isolation.yaml +# and define the needed networks in your custom role file. +# *************************************************************************** # Enable the creation of a system management network. This # creates a Neutron network for isolated Overcloud # system management traffic and configures each role to diff --git a/extraconfig/nova_metadata/krb-service-principals.yaml b/extraconfig/nova_metadata/krb-service-principals.j2.yaml index cdd4341a..b18dba66 100644 --- a/extraconfig/nova_metadata/krb-service-principals.yaml +++ b/extraconfig/nova_metadata/krb-service-principals.j2.yaml @@ -5,30 +5,38 @@ parameters: RoleData: type: json description: the list containing the 'role_data' output for the ServiceChain - - # Coming from parameter_defaults +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName CloudName: default: overcloud.localdomain description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal CloudNameInternal: - default: overcloud.internalapi.localdomain + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's internal API endpoint. E.g. - 'ci-overcloud.internalapi.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorage: - default: overcloud.storage.localdomain +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + CloudNameStorageManagement: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage endpoint. E.g. - 'ci-overcloud.storage.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorageManagement: - default: overcloud.storagemgmt.localdomain +{%- else %} + CloudName{{network.name}}: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage management endpoint. E.g. - 'ci-overcloud.storagemgmt.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string +{%- endif %} +{%- endfor %} CloudNameCtlplane: default: overcloud.ctlplane.localdomain description: > @@ -61,10 +69,17 @@ resources: data: metadata: {get_attr: [IncomingMetadataSettings, value]} fqdns: +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} external: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} internal_api: {get_param: CloudNameInternal} - storage: {get_param: CloudNameStorage} +{%- elif network.name == 'StorageMgmt' %} storage_mgmt: {get_param: CloudNameStorageManagement} +{%- else %} + {{network.name_lower}}: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} ctlplane: {get_param: CloudNameCtlplane} CompactServices: @@ -82,3 +97,4 @@ outputs: map_merge: - {get_attr: [IndividualServices, value]} - compact_services: {get_attr: [CompactServices, value]} + diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index fb0d1699..b9fd08b4 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -59,22 +59,31 @@ parameters: description: | When enabled, the system will perform a yum update after performing the RHEL Registration process. - deployment_actions: - default: ['CREATE', 'UPDATE'] - type: comma_delimited_list - description: > - List of stack actions that will trigger any deployments in this - templates. The actions will be an empty list of the server is in the - toplevel DeploymentServerBlacklist parameter's value. + DeleteOnRHELUnregistration: + type: boolean + default: false + description: | + When true, the system profile will be deleted from the registration + service when the rhel-registration.yaml nested stack is deleted. conditions: - deployment_actions_empty: + unregister_on_delete: equals: - - {get_param: deployment_actions} - - [] + - {get_param: DeleteOnRHELUnregistration} + - true + update_requested: + equals: + - {get_param: UpdateOnRHELRegistration} + - true resources: + DeploymentActions: + type: OS::Heat::Value + properties: + value: + yaql + RHELRegistration: type: OS::Heat::SoftwareConfig properties: @@ -151,9 +160,9 @@ resources: config: {get_resource: RHELUnregistration} actions: if: - - deployment_actions_empty + - unregister_on_delete + - ['DELETE'] - [] - - ['DELETE'] # Only do this on DELETE input_values: REG_METHOD: {get_param: rhel_reg_method} @@ -180,17 +189,12 @@ resources: UpdateDeploymentAfterRHELRegistration: type: OS::Heat::SoftwareDeployment depends_on: RHELRegistrationDeployment - conditions: - update_requested: {get_param: UpdateOnRHELRegistration} + condition: update_requested properties: name: UpdateDeploymentAfterRHELRegistration config: {get_resource: YumUpdateConfigurationAfterRHELRegistration} server: {get_param: server} - actions: - if: - - deployment_actions_empty - - [] - - ['CREATE'] # Only do this on CREATE + actions: ['CREATE'] # Only do this on CREATE outputs: deploy_stdout: diff --git a/j2_excludes.yaml b/j2_excludes.yaml index 356068fc..5bdb0af9 100644 --- a/j2_excludes.yaml +++ b/j2_excludes.yaml @@ -1,19 +1,10 @@ # This template specifies which j2 rendered templates # should be excluded in the render process from # tripleo-common/tripleo_common/actions/templates.py - +# E.g: +# name: +# - puppet/cephstorage-role.yaml name: - - puppet/controller-role.yaml - - puppet/compute-role.yaml - - puppet/blockstorage-role.yaml - - puppet/objectstorage-role.yaml - - puppet/cephstorage-role.yaml - - network/internal_api.yaml - - network/external.yaml - - network/storage.yaml - - network/storage_mgmt.yaml - - network/tenant.yaml - - network/management.yaml - network/internal_api_v6.yaml - network/external_v6.yaml - network/storage_v6.yaml diff --git a/network/external.yaml b/network/external.yaml deleted file mode 100644 index 708d4635..00000000 --- a/network/external.yaml +++ /dev/null @@ -1,69 +0,0 @@ -heat_template_version: pike - -description: > - External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - ExternalNetCidr: - default: '10.0.0.0/24' - description: Cidr for the external network. - type: string - ExternalNetValueSpecs: - default: {'provider:physical_network': 'external', 'provider:network_type': 'flat'} - description: Value specs for the external network. - type: json - ExternalNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - ExternalNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - ExternalNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - ExternalNetName: - default: external - description: The name of the external network. - type: string - ExternalSubnetName: - default: external_subnet - description: The name of the external subnet in Neutron. - type: string - ExternalAllocationPools: - default: [{'start': '10.0.0.4', 'end': '10.0.0.250'}] - description: Ip allocation pool range for the external network. - type: json - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - -resources: - ExternalNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: ExternalNetAdminStateUp} - name: {get_param: ExternalNetName} - shared: {get_param: ExternalNetShared} - value_specs: {get_param: ExternalNetValueSpecs} - - ExternalSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: ExternalNetCidr} - enable_dhcp: {get_param: ExternalNetEnableDHCP} - name: {get_param: ExternalSubnetName} - network: {get_resource: ExternalNetwork} - allocation_pools: {get_param: ExternalAllocationPools} - gateway_ip: {get_param: ExternalInterfaceDefaultRoute} - -outputs: - OS::stack_id: - description: Neutron external network - value: {get_resource: ExternalNetwork} - subnet_cidr: - value: {get_attr: [ExternalSubnet, cidr]} diff --git a/network/internal_api.yaml b/network/internal_api.yaml deleted file mode 100644 index 6e1885a9..00000000 --- a/network/internal_api.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Internal API network. Used for most APIs, Database, RPC. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - InternalApiNetCidr: - default: '172.16.2.0/24' - description: Cidr for the internal API network. - type: string - InternalApiNetValueSpecs: - default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'} - description: Value specs for the internal API network. - type: json - InternalApiNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - InternalApiNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - InternalApiNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - InternalApiNetName: - default: internal_api - description: The name of the internal API network. - type: string - InternalApiSubnetName: - default: internal_api_subnet - description: The name of the internal API subnet in Neutron. - type: string - InternalApiAllocationPools: - default: [{'start': '172.16.2.4', 'end': '172.16.2.250'}] - description: Ip allocation pool range for the internal API network. - type: json - -resources: - InternalApiNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: InternalApiNetAdminStateUp} - name: {get_param: InternalApiNetName} - shared: {get_param: InternalApiNetShared} - value_specs: {get_param: InternalApiNetValueSpecs} - - InternalApiSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: InternalApiNetCidr} - enable_dhcp: {get_param: InternalApiNetEnableDHCP} - name: {get_param: InternalApiSubnetName} - network: {get_resource: InternalApiNetwork} - allocation_pools: {get_param: InternalApiAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron internal network - value: {get_resource: InternalApiNetwork} - subnet_cidr: - value: {get_attr: [InternalApiSubnet, cidr]} diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml index 7264b1c0..6a0912e2 100644 --- a/network/internal_api_v6.yaml +++ b/network/internal_api_v6.yaml @@ -8,11 +8,11 @@ parameters: InternalApiNetCidr: # OpenStack uses the EUI-64 address format, which requires a /64 prefix default: 'fd00:fd00:fd00:2000::/64' - description: Cidr for the internal API network. + description: Cidr for the internal_api network. type: string InternalApiNetValueSpecs: default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'} - description: Value specs for the internal API network. + description: Value specs for the internal_api network. type: json InternalApiNetAdminStateUp: default: false @@ -24,15 +24,15 @@ parameters: type: boolean InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string InternalApiSubnetName: default: internal_api_subnet - description: The name of the internal API subnet in Neutron. + description: The name of the internal_api subnet in Neutron. type: string InternalApiAllocationPools: default: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}] - description: Ip allocation pool range for the internal API network. + description: Ip allocation pool range for the internal_api network. type: json IPv6AddressMode: default: dhcpv6-stateful diff --git a/network/management.yaml b/network/management.yaml deleted file mode 100644 index be197e5c..00000000 --- a/network/management.yaml +++ /dev/null @@ -1,70 +0,0 @@ -heat_template_version: pike - -description: > - Management network. System administration, SSH, DNS, NTP, etc. This network - would usually be the default gateway for the non-controller nodes. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - ManagementNetCidr: - default: '10.0.1.0/24' - description: Cidr for the management network. - type: string - ManagementNetValueSpecs: - default: {'provider:physical_network': 'management', 'provider:network_type': 'flat'} - description: Value specs for the management network. - type: json - ManagementNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - ManagementNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - ManagementNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - ManagementNetName: - default: management - description: The name of the management network. - type: string - ManagementSubnetName: - default: management_subnet - description: The name of the management subnet in Neutron. - type: string - ManagementAllocationPools: - default: [{'start': '10.0.1.4', 'end': '10.0.1.250'}] - description: Ip allocation pool range for the management network. - type: json - ManagementInterfaceDefaultRoute: - default: unset - description: The default route of the management network. - type: string - -resources: - ManagementNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: ManagementNetAdminStateUp} - name: {get_param: ManagementNetName} - shared: {get_param: ManagementNetShared} - value_specs: {get_param: ManagementNetValueSpecs} - - ManagementSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: ManagementNetCidr} - enable_dhcp: {get_param: ManagementNetEnableDHCP} - name: {get_param: ManagementSubnetName} - network: {get_resource: ManagementNetwork} - allocation_pools: {get_param: ManagementAllocationPools} - gateway_ip: {get_param: ManagementInterfaceDefaultRoute} - -outputs: - OS::stack_id: - description: Neutron management network - value: {get_resource: ManagementNetwork} - subnet_cidr: - value: {get_attr: [ManagementSubnet, cidr]} diff --git a/network/network.network.j2.yaml b/network/network.network.j2.yaml index ccf437bb..29d58cd5 100644 --- a/network/network.network.j2.yaml +++ b/network/network.network.j2.yaml @@ -15,7 +15,7 @@ parameters: type: json {{network.name}}NetAdminStateUp: default: false - description: This admin state of the network. + description: The admin state of the network. type: boolean {{network.name}}NetEnableDHCP: default: false @@ -27,7 +27,7 @@ parameters: type: boolean {{network.name}}NetName: default: {{network.name_lower}} - description: The name of the {{network.name_lower}} network. + description: The name of the {{network.name_lower}} network. type: string {{network.name}}SubnetName: default: {{network.name_lower}}_subnet @@ -38,7 +38,7 @@ parameters: description: Ip allocation pool range for the {{network.name_lower}} network. type: json {{network.name}}InterfaceDefaultRoute: - default: {{network.gateway_ip|default("not_defined")}} + default: {{network.gateway_ip|default('""')}} description: default route for the {{network.name_lower}} network type: string {%- if network.vlan %} diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml index e9eb7875..94006437 100644 --- a/network/ports/internal_api.yaml +++ b/network/ports/internal_api.yaml @@ -5,7 +5,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml index 31c72daf..6eeca142 100644 --- a/network/ports/internal_api_from_pool.yaml +++ b/network/ports/internal_api_from_pool.yaml @@ -5,7 +5,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: @@ -26,7 +26,7 @@ parameters: type: number InternalApiNetCidr: default: '172.16.2.0/24' - description: Cidr for the internal API network. + description: Cidr for the internal_api network. type: string outputs: diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml index 657310ed..589d72a8 100644 --- a/network/ports/internal_api_from_pool_v6.yaml +++ b/network/ports/internal_api_from_pool_v6.yaml @@ -6,7 +6,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: @@ -27,7 +27,7 @@ parameters: type: number InternalApiNetCidr: default: 'fd00:fd00:fd00:2000::/64' - description: Cidr for the internal API network. + description: Cidr for the internal_api network. type: string outputs: diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml index 6a9e7083..36a3ad07 100644 --- a/network/ports/internal_api_v6.yaml +++ b/network/ports/internal_api_v6.yaml @@ -5,7 +5,7 @@ description: > parameters: InternalApiNetName: - description: The name of the internal API network. + description: The name of the internal_api network. default: internal_api type: string PortName: diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml index a9111ed9..6d7b7c16 100644 --- a/network/ports/net_ip_list_map.yaml +++ b/network/ports/net_ip_list_map.yaml @@ -37,7 +37,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -53,7 +53,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index ce58e96f..1b0e7589 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -77,7 +77,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -93,7 +93,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/network/ports/net_vip_map_external.j2.yaml b/network/ports/net_vip_map_external.j2.yaml new file mode 100644 index 00000000..b17f48b5 --- /dev/null +++ b/network/ports/net_vip_map_external.j2.yaml @@ -0,0 +1,40 @@ +heat_template_version: pike + +parameters: + # Set these via parameter defaults to configure external VIPs + ControlPlaneIP: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}NetworkVip: + default: '' + type: string +{%- endfor %} + # The following are unused in this template + ControlPlaneIp: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}Ip: + default: '' + type: string + {{network.name}}IpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 +{%- endfor %} + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + ctlplane: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}: {get_param: {{network.name}}NetworkVip} +{%- endfor %} + ctlplane_uri: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}_uri: {get_param: {{network.name}}NetworkVip} +{%- endfor %} diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml deleted file mode 100644 index d0847882..00000000 --- a/network/ports/net_vip_map_external.yaml +++ /dev/null @@ -1,68 +0,0 @@ -heat_template_version: pike - -parameters: - # Set these via parameter defaults to configure external VIPs - ControlPlaneIP: - default: '' - type: string - ExternalNetworkVip: - default: '' - type: string - InternalApiNetworkVip: - default: '' - type: string - StorageNetworkVip: - default: '' - type: string - StorageMgmtNetworkVip: - default: '' - type: string - # The following are unused in this template - ControlPlaneIp: - default: '' - type: string - ExternalIp: - default: '' - type: string - ExternalIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - InternalApiIp: - default: '' - type: string - InternalApiIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageIp: - default: '' - type: string - StorageIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageMgmtIp: - default: '' - type: string - StorageMgmtIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - -outputs: - net_ip_map: - description: > - A Hash containing a mapping of network names to assigned IPs - for a specific machine. - value: - ctlplane: {get_param: ControlPlaneIP} - external: {get_param: ExternalNetworkVip} - internal_api: {get_param: InternalApiNetworkVip} - storage: {get_param: StorageNetworkVip} - storage_mgmt: {get_param: StorageMgmtNetworkVip} - ctlplane_uri: {get_param: ControlPlaneIP} - external_uri: {get_param: ExternalNetworkVip} - internal_api_uri: {get_param: InternalApiNetworkVip} - storage_uri: {get_param: StorageNetworkVip} - storage_mgmt_uri: {get_param: StorageMgmtNetworkVip} diff --git a/network/ports/net_vip_map_external_v6.j2.yaml b/network/ports/net_vip_map_external_v6.j2.yaml new file mode 100644 index 00000000..5eff73c1 --- /dev/null +++ b/network/ports/net_vip_map_external_v6.j2.yaml @@ -0,0 +1,45 @@ +heat_template_version: pike + +parameters: + # Set these via parameter defaults to configure external VIPs + ControlPlaneIP: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}NetworkVip: + default: '' + type: string +{%- endfor %} + # The following are unused in this template + ControlPlaneIp: + default: '' + type: string +{%- for network in networks if network.vip|default(false) %} + {{network.name}}Ip: + default: '' + type: string + {{network.name}}IpUri: + default: '' + type: string + description: IP address with brackets in case of IPv6 +{%- endfor %} + +outputs: + net_ip_map: + description: > + A Hash containing a mapping of network names to assigned IPs + for a specific machine. + value: + ctlplane: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}: {get_param: {{network.name}}NetworkVip} +{%- endfor %} + ctlplane_uri: {get_param: ControlPlaneIP} +{%- for network in networks if network.vip|default(false) %} + {{network.name_lower}}_uri: + list_join: + - '' + - - '[' + - {get_param: {{network.name}}NetworkVip} + - ']' +{%- endfor %} diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml deleted file mode 100644 index 72e60cb2..00000000 --- a/network/ports/net_vip_map_external_v6.yaml +++ /dev/null @@ -1,88 +0,0 @@ -heat_template_version: pike - -parameters: - # Set these via parameter defaults to configure external VIPs - ControlPlaneIP: - default: '' - type: string - ExternalNetworkVip: - default: '' - type: string - InternalApiNetworkVip: - default: '' - type: string - StorageNetworkVip: - default: '' - type: string - StorageMgmtNetworkVip: - default: '' - type: string - # The following are unused in this template - ControlPlaneIp: - default: '' - type: string - ExternalIp: - default: '' - type: string - ExternalIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - InternalApiIp: - default: '' - type: string - InternalApiIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageIp: - default: '' - type: string - StorageIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - StorageMgmtIp: - default: '' - type: string - StorageMgmtIpUri: - default: '' - type: string - description: IP address with brackets in case of IPv6 - -outputs: - net_ip_map: - description: > - A Hash containing a mapping of network names to assigned IPs - for a specific machine. - value: - ctlplane: {get_param: ControlPlaneIP} - external: {get_param: ExternalNetworkVip} - internal_api: {get_param: InternalApiNetworkVip} - storage: {get_param: StorageNetworkVip} - storage_mgmt: {get_param: StorageMgmtNetworkVip} - ctlplane_uri: {get_param: ControlPlaneIP} - external_uri: - list_join: - - '' - - - '[' - - {get_param: ExternalNetworkVip} - - ']' - internal_api_uri: - list_join: - - '' - - - '[' - - {get_param: InternalApiNetworkVip} - - ']' - storage_uri: - list_join: - - '' - - - '[' - - {get_param: StorageNetworkVip} - - ']' - storage_mgmt_uri: - list_join: - - '' - - - '[' - - {get_param: StorageMgmtNetworkVip} - - ']' diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml index c06c58ef..0940b849 100644 --- a/network/ports/storage_mgmt.yaml +++ b/network/ports/storage_mgmt.yaml @@ -5,7 +5,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml index 07308a70..7efbc5ee 100644 --- a/network/ports/storage_mgmt_from_pool.yaml +++ b/network/ports/storage_mgmt_from_pool.yaml @@ -5,7 +5,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: @@ -26,7 +26,7 @@ parameters: type: number StorageMgmtNetCidr: default: '172.16.3.0/24' - description: Cidr for the storage management network. + description: Cidr for the storage_mgmt network. type: string outputs: diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml index 1b30f0ce..07998aba 100644 --- a/network/ports/storage_mgmt_from_pool_v6.yaml +++ b/network/ports/storage_mgmt_from_pool_v6.yaml @@ -6,7 +6,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: @@ -27,7 +27,7 @@ parameters: type: number StorageMgmtNetCidr: default: 'fd00:fd00:fd00:4000::/64' - description: Cidr for the storage management network. + description: Cidr for the storage_mgmt network. type: string outputs: diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml index c10b1393..399590c1 100644 --- a/network/ports/storage_mgmt_v6.yaml +++ b/network/ports/storage_mgmt_v6.yaml @@ -5,7 +5,7 @@ description: > parameters: StorageMgmtNetName: - description: The name of the Storage management network. + description: The name of the storage_mgmt network. default: storage_mgmt type: string PortName: diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml index ba8e5568..54646c38 100644 --- a/network/service_net_map.j2.yaml +++ b/network/service_net_map.j2.yaml @@ -106,7 +106,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -122,7 +122,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/network/storage.yaml b/network/storage.yaml deleted file mode 100644 index 9729044d..00000000 --- a/network/storage.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Storage network. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - StorageNetCidr: - default: '172.16.1.0/24' - description: Cidr for the storage network. - type: string - StorageNetValueSpecs: - default: {'provider:physical_network': 'storage', 'provider:network_type': 'flat'} - description: Value specs for the storage network. - type: json - StorageNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - StorageNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - StorageNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - StorageNetName: - default: storage - description: The name of the storage network. - type: string - StorageSubnetName: - default: storage_subnet - description: The name of the storage subnet in Neutron. - type: string - StorageAllocationPools: - default: [{'start': '172.16.1.4', 'end': '172.16.1.250'}] - description: Ip allocation pool range for the storage network. - type: json - -resources: - StorageNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: StorageNetAdminStateUp} - name: {get_param: StorageNetName} - shared: {get_param: StorageNetShared} - value_specs: {get_param: StorageNetValueSpecs} - - StorageSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: StorageNetCidr} - enable_dhcp: {get_param: StorageNetEnableDHCP} - name: {get_param: StorageSubnetName} - network: {get_resource: StorageNetwork} - allocation_pools: {get_param: StorageAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron storage network - value: {get_resource: StorageNetwork} - subnet_cidr: - value: {get_attr: [StorageSubnet, cidr]} diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml deleted file mode 100644 index fc005573..00000000 --- a/network/storage_mgmt.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Storage management network. Storage replication, etc. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - StorageMgmtNetCidr: - default: '172.16.3.0/24' - description: Cidr for the storage management network. - type: string - StorageMgmtNetValueSpecs: - default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'} - description: Value specs for the storage_mgmt network. - type: json - StorageMgmtNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - StorageMgmtNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - StorageMgmtNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - StorageMgmtNetName: - default: storage_mgmt - description: The name of the Storage management network. - type: string - StorageMgmtSubnetName: - default: storage_mgmt_subnet - description: The name of the Storage management subnet in Neutron. - type: string - StorageMgmtAllocationPools: - default: [{'start': '172.16.3.4', 'end': '172.16.3.250'}] - description: Ip allocation pool range for the storage mgmt network. - type: json - -resources: - StorageMgmtNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: StorageMgmtNetAdminStateUp} - name: {get_param: StorageMgmtNetName} - shared: {get_param: StorageMgmtNetShared} - value_specs: {get_param: StorageMgmtNetValueSpecs} - - StorageMgmtSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: StorageMgmtNetCidr} - enable_dhcp: {get_param: StorageMgmtNetEnableDHCP} - name: {get_param: StorageMgmtSubnetName} - network: {get_resource: StorageMgmtNetwork} - allocation_pools: {get_param: StorageMgmtAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron storage management network - value: {get_resource: StorageMgmtNetwork} - subnet_cidr: - value: {get_attr: [StorageMgmtSubnet, cidr]} diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml index cef87de9..7ed4c92e 100644 --- a/network/storage_mgmt_v6.yaml +++ b/network/storage_mgmt_v6.yaml @@ -8,7 +8,7 @@ parameters: StorageMgmtNetCidr: # OpenStack uses the EUI-64 address format, which requires a /64 prefix default: 'fd00:fd00:fd00:4000::/64' - description: Cidr for the storage management network. + description: Cidr for the storage_mgmt network. type: string StorageMgmtNetValueSpecs: default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'} @@ -24,15 +24,15 @@ parameters: type: boolean StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string StorageMgmtSubnetName: default: storage_mgmt_subnet - description: The name of the Storage management subnet in Neutron. + description: The name of the storage_mgmt subnet in Neutron. type: string StorageMgmtAllocationPools: default: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}] - description: Ip allocation pool range for the storage mgmt network. + description: Ip allocation pool range for the storage_mgmt network. type: json IPv6AddressMode: default: dhcpv6-stateful diff --git a/network/tenant.yaml b/network/tenant.yaml deleted file mode 100644 index 67c4abbc..00000000 --- a/network/tenant.yaml +++ /dev/null @@ -1,65 +0,0 @@ -heat_template_version: pike - -description: > - Tenant network. - -parameters: - # the defaults here work for static IP assignment (IPAM) only - TenantNetCidr: - default: '172.16.0.0/24' - description: Cidr for the tenant network. - type: string - TenantNetValueSpecs: - default: {'provider:physical_network': 'tenant', 'provider:network_type': 'flat'} - description: Value specs for the tenant network. - type: json - TenantNetAdminStateUp: - default: false - description: The admin state of the network. - type: boolean - TenantNetEnableDHCP: - default: false - description: Whether to enable DHCP on the associated subnet. - type: boolean - TenantNetShared: - default: false - description: Whether this network is shared across all tenants. - type: boolean - TenantNetName: - default: tenant - description: The name of the tenant network. - type: string - TenantSubnetName: - default: tenant_subnet - description: The name of the tenant subnet in Neutron. - type: string - TenantAllocationPools: - default: [{'start': '172.16.0.4', 'end': '172.16.0.250'}] - description: Ip allocation pool range for the tenant network. - type: json - -resources: - TenantNetwork: - type: OS::Neutron::Net - properties: - admin_state_up: {get_param: TenantNetAdminStateUp} - name: {get_param: TenantNetName} - shared: {get_param: TenantNetShared} - value_specs: {get_param: TenantNetValueSpecs} - - TenantSubnet: - type: OS::Neutron::Subnet - properties: - cidr: {get_param: TenantNetCidr} - enable_dhcp: {get_param: TenantNetEnableDHCP} - name: {get_param: TenantSubnetName} - network: {get_resource: TenantNetwork} - allocation_pools: {get_param: TenantAllocationPools} - gateway_ip: null - -outputs: - OS::stack_id: - description: Neutron tenant network - value: {get_resource: TenantNetwork} - subnet_cidr: - value: {get_attr: [TenantSubnet, cidr]} diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 0b4b4feb..63868b54 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -1,8 +1,8 @@ resource_registry: OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment - OS::TripleO::PostDeploySteps: puppet/post.yaml - OS::TripleO::PostUpgradeSteps: puppet/post-upgrade.yaml + OS::TripleO::PostDeploySteps: common/post.yaml + OS::TripleO::PostUpgradeSteps: common/post-upgrade.yaml OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml OS::TripleO::AllNodesDeployment: OS::Heat::StructuredDeployments OS::TripleO::Hosts::SoftwareConfig: hosts-config.yaml @@ -17,7 +17,7 @@ resource_registry: {% for role in roles %} OS::TripleO::{{role.name}}::PreNetworkConfig: OS::Heat::None - OS::TripleO::{{role.name}}PostDeploySteps: puppet/post.yaml + OS::TripleO::{{role.name}}PostDeploySteps: common/post.yaml OS::TripleO::{{role.name}}: puppet/{{role.name.lower()}}-role.yaml OS::TripleO::{{role.name}}Config: puppet/{{role.name.lower()}}-config.yaml OS::TripleO::Tasks::{{role.name}}PreConfig: OS::Heat::None @@ -109,6 +109,8 @@ resource_registry: OS::TripleO::DeployedServerEnvironment: OS::Heat::None + OS::TripleO::DeploymentSteps: OS::Heat::StructuredDeploymentGroup + # services OS::TripleO::Services: common/services.yaml OS::TripleO::Services::Apache: puppet/services/apache.yaml diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index 2bfdf506..2e398671 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -21,40 +21,44 @@ description: > parameters: # Common parameters (not specific to a role) +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName CloudName: default: overcloud.localdomain description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org type: string +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal CloudNameInternal: - default: overcloud.internalapi.localdomain + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's internal API endpoint. E.g. - 'ci-overcloud.internalapi.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorage: - default: overcloud.storage.localdomain +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + CloudNameStorageManagement: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage endpoint. E.g. - 'ci-overcloud.storage.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string - CloudNameStorageManagement: - default: overcloud.storagemgmt.localdomain +{%- else %} + CloudName{{network.name}}: + default: overcloud.{{network.name.lower()}}.localdomain description: > - The DNS name of this cloud's storage management endpoint. E.g. - 'ci-overcloud.storagemgmt.tripleo.org'. + The DNS name of this cloud's {{network.name_lower}} endpoint. E.g. + 'ci-overcloud.{{network.name.lower()}}.tripleo.org'. type: string +{%- endif %} +{%- endfor %} CloudNameCtlplane: default: overcloud.ctlplane.localdomain description: > The DNS name of this cloud's provisioning network endpoint. E.g. 'ci-overcloud.ctlplane.tripleo.org'. type: string - ControlFixedIPs: - default: [] - description: > - Control the IP allocation for the ControlVirtualIP port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json ExtraConfig: default: {} description: | @@ -77,12 +81,6 @@ parameters: description: | DEPRECATED use ComputeExtraConfig instead type: json - InternalApiVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the InternalApiVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json NeutronControlPlaneID: default: 'ctlplane' type: string @@ -91,28 +89,34 @@ parameters: default: nic1 description: Which interface to add to the NeutronPhysicalBridge. type: string - PublicVirtualFixedIPs: + ControlFixedIPs: default: [] description: > - Control the IP allocation for the PublicVirtualInterface port. E.g. + Control the IP allocation for the ControlVirtualIP port. E.g. [{'ip_address':'1.2.3.4'}] type: json - RabbitCookieSalt: - type: string - default: unset - description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - StorageVirtualFixedIPs: +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # TODO (dsneddon) Legacy name, eventually refactor to match network name + PublicVirtualFixedIPs: default: [] description: > - Control the IP allocation for the StorageVirtualInterface port. E.g. + Control the IP allocation for the PublicVirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json - StorageMgmtVirtualFixedIPs: +{%- else %} + {{network.name}}VirtualFixedIPs: default: [] description: > - Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. + Control the IP allocation for the {{network.name}}VirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json +{%- endif %} +{%- endfor %} + RabbitCookieSalt: + type: string + default: unset + description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. RedisVirtualFixedIPs: default: [] description: > @@ -186,11 +190,12 @@ parameters: {% if role.name != 'Compute' %} {{role.name}}SchedulerHints: + description: Optional scheduler hints to pass to nova {% else %} NovaComputeSchedulerHints: + description: DEPRECATED - use ComputeSchedulerHints instead {% endif %} type: json - description: Optional scheduler hints to pass to nova default: {} {{role.name}}Parameters: @@ -224,13 +229,6 @@ parameters: description: > List of server hostnames to blacklist from any triggered deployments. -parameter_groups: -- label: deprecated - description: Do not use deprecated params, they will be removed. - parameters: - - controllerExtraConfig - - NovaComputeExtraConfig - conditions: add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]} @@ -246,28 +244,38 @@ resources: - - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, external]} - HOST: {get_param: CloudName} + IP: {get_attr: [VipMap, net_ip_map, ctlplane]} + HOST: {get_param: CloudNameCtlplane} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, ctlplane]} - HOST: {get_param: CloudNameCtlplane} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} + HOST: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, internal_api]} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} HOST: {get_param: CloudNameInternal} +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, storage]} - HOST: {get_param: CloudNameStorage} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} + HOST: {get_param: CloudNameStorageManagement} +{%- else %} - str_replace: template: IP HOST params: - IP: {get_attr: [VipMap, net_ip_map, storage_mgmt]} - HOST: {get_param: CloudNameStorageManagement} + IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]} + HOST: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} HeatAuthEncryptionKey: type: OS::TripleO::RandomString @@ -303,11 +311,21 @@ resources: type: OS::TripleO::EndpointMap properties: CloudEndpoints: - external: {get_param: CloudName} - internal_api: {get_param: CloudNameInternal} - storage: {get_param: CloudNameStorage} - storage_mgmt: {get_param: CloudNameStorageManagement} ctlplane: {get_param: CloudNameCtlplane} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName + {{network.name_lower}}: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal + {{network.name_lower}}: {get_param: CloudNameInternal} +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + {{network.name_lower}}: {get_param: CloudNameStorageManagement} +{%- else %} + {{network.name_lower}}: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} NetIpMap: {get_attr: [VipMap, net_ip_map]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} @@ -464,12 +482,9 @@ resources: type: OS::TripleO::Network::Ports::NetIpListMap properties: ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]} - ExternalIpList: {get_attr: [{{role.name}}, external_ip_address]} - InternalApiIpList: {get_attr: [{{role.name}}, internal_api_ip_address]} - StorageIpList: {get_attr: [{{role.name}}, storage_ip_address]} - StorageMgmtIpList: {get_attr: [{{role.name}}, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [{{role.name}}, tenant_ip_address]} - ManagementIpList: {get_attr: [{{role.name}}, management_ip_address]} +{%- for network in networks if network.enabled|default(true) %} + {{network.name}}IpList: {get_attr: [{{role.name}}, {{network.name_lower}}_ip_address]} +{%- endfor %} EnabledServices: {get_attr: [{{role.name}}ServiceNames, value]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} ServiceHostnameList: {get_attr: [{{role.name}}, hostname]} @@ -588,10 +603,20 @@ resources: allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig properties: - cloud_name_external: {get_param: CloudName} - cloud_name_internal_api: {get_param: CloudNameInternal} - cloud_name_storage: {get_param: CloudNameStorage} - cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} + # Special case the External hostname param, which is CloudName + cloud_name_{{network.name_lower}}: {get_param: CloudName} +{%- elif network.name == 'InternalApi' %} + # Special case the Internal API hostname param, which is CloudNameInternal + cloud_name_{{network.name_lower}}: {get_param: CloudNameInternal} +{%- elif network.name == 'StorageMgmt' %} + # Special case StorageMgmt hostname param, which is CloudNameStorageManagement + cloud_name_{{network.name_lower}}: {get_param: CloudNameStorageManagement} +{%- else %} + cloud_name_{{network.name_lower}}: {get_param: CloudName{{network.name}}} +{%- endif %} +{%- endfor %} cloud_name_ctlplane: {get_param: CloudNameCtlplane} enabled_services: list_join: @@ -705,6 +730,8 @@ resources: ServiceName: redis FixedIPs: {get_param: RedisVirtualFixedIPs} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} # The public VIP is on the External net, falls back to ctlplane PublicVirtualIP: depends_on: Networks @@ -714,43 +741,38 @@ resources: ControlPlaneNetwork: {get_param: NeutronControlPlaneID} PortName: public_virtual_ip FixedIPs: {get_param: PublicVirtualFixedIPs} - - InternalApiVirtualIP: - depends_on: Networks - type: OS::TripleO::Network::Ports::InternalApiVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: internal_api_virtual_ip - FixedIPs: {get_param: InternalApiVirtualFixedIPs} - - StorageVirtualIP: +{%- elif network.name == 'StorageMgmt' %} + {{network.name}}VirtualIP: depends_on: Networks - type: OS::TripleO::Network::Ports::StorageVipPort + type: OS::TripleO::Network::Ports::{{network.name}}VipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_virtual_ip - FixedIPs: {get_param: StorageVirtualFixedIPs} - - StorageMgmtVirtualIP: + PortName: storage_management_virtual_ip + FixedIPs: {get_param: {{network.name}}VirtualFixedIPs} +{%- else %} + {{network.name}}VirtualIP: depends_on: Networks - type: OS::TripleO::Network::Ports::StorageMgmtVipPort + type: OS::TripleO::Network::Ports::{{network.name}}VipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_management_virtual_ip - FixedIPs: {get_param: StorageMgmtVirtualFixedIPs} + PortName: {{network.name_lower}}_virtual_ip + FixedIPs: {get_param: {{network.name}}VirtualFixedIPs} +{%- endif %} +{%- endfor %} VipMap: type: OS::TripleO::Network::Ports::NetVipMap properties: ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} +{%- for network in networks if network.vip|default(false) %} +{%- if network.name == 'External' %} ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} - InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]} - StorageIp: {get_attr: [StorageVirtualIP, ip_address]} - StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} - StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]} +{%- else %} + {{network.name}}Ip: {get_attr: [{{network.name}}VirtualIP, ip_address]} + {{network.name}}IpUri: {get_attr: [{{network.name}}VirtualIP, ip_address_uri]} +{%- endif %} +{%- endfor %} # No tenant or management VIP required # Because of nested get_attr functions in the KeystoneAdminVip output, we # can't determine which attributes of VipMap are used until after @@ -764,24 +786,12 @@ resources: PingTestIps: list_join: - ' ' - - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, external_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, internal_api_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, storage_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, storage_mgmt_ip_address]} - - yaql: - expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, tenant_ip_address]} + - +{%- for network in networks if network.enabled|default(true) %} - yaql: expression: coalesce($.data, []).first(null) - data: {get_attr: [{{primary_role_name}}, management_ip_address]} + data: {get_attr: [{{primary_role_name}}, {{network.name_lower}}_ip_address]} +{%- endfor %} UpdateWorkflow: type: OS::TripleO::Tasks::UpdateWorkflow @@ -935,6 +945,9 @@ outputs: - {get_attr: [{{role.name}}ServiceChainRoleData, value]} - {get_attr: [{{role.name}}MergedConfigSettings, value]} {% endfor %} + RoleConfig: + description: The configuration workflows associated with each role + value: {get_attr: [AllNodesDeploySteps, RoleConfig]} RoleNetIpMap: description: Mapping of each network to a list of IPs for each role value: diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 24aa1525..3044fe39 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -76,7 +76,7 @@ parameters: InternalApiNetName: default: internal_api - description: The name of the internal API network. + description: The name of the internal_api network. type: string ExternalNetName: default: external @@ -92,7 +92,7 @@ parameters: type: string StorageMgmtNetName: default: storage_mgmt - description: The name of the Storage management network. + description: The name of the storage_mgmt network. type: string TenantNetName: default: tenant diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml deleted file mode 100644 index de7b6b49..00000000 --- a/puppet/blockstorage-role.yaml +++ /dev/null @@ -1,704 +0,0 @@ -heat_template_version: pike -description: 'OpenStack cinder storage configured by Puppet' -parameters: - BlockStorageImage: - default: overcloud-full - type: string - constraints: - - custom_constraint: glance.image - ExtraConfig: - default: {} - description: | - Additional hiera configuration to inject into the cluster. Note - that BlockStorageExtraConfig takes precedence over ExtraConfig. - type: json - BlockStorageExtraConfig: - default: {} - description: | - Role specific additional hiera configuration to inject into the cluster. - type: json - BlockStorageIPs: - default: {} - type: json - OvercloudBlockStorageFlavor: - description: Flavor for block storage nodes to request when deploying. - type: string - default: baremetal - constraints: - - custom_constraint: nova.flavor - KeyName: - default: default - description: Name of an existing Nova key pair to enable SSH access to the instances - type: string - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - HostnameMap: - type: json - default: {} - description: Optional mapping to override hostnames - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - NetworkDeploymentActions: - type: comma_delimited_list - description: > - Heat action when to apply network configuration changes - default: ['CREATE'] - SoftwareConfigTransport: - default: POLL_SERVER_CFN - description: | - How the server should receive the metadata required for software configuration. - type: string - constraints: - - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This must match the - overcloud_domain_name configured on the undercloud. - BlockStorageServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This option is - role-specific and is merged with the values given to the ServerMetadata - parameter. - type: json - ServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This applies to - all roles and is merged with a role-specific metadata parameter. - type: json - BlockStorageSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} - NodeIndex: - type: number - default: 0 - ServiceConfigSettings: - type: json - default: {} - ServiceNames: - type: comma_delimited_list - default: [] - MonitoringSubscriptions: - type: comma_delimited_list - default: [] - ServiceMetadataSettings: - type: json - default: {} - ConfigCommand: - type: string - description: Command which will be run whenever configuration data changes - default: os-refresh-config --timeout 14400 - ConfigCollectSplay: - type: number - default: 30 - description: | - Maximum amount of time to possibly to delay configuation collection - polling. Defaults to 30 seconds. Set to 0 to disable it which will cause - the configuration collection to occur as soon as the collection process - starts. This setting is used to prevent the configuration collection - processes from polling all at the exact same time. - UpgradeInitCommand: - type: string - description: | - Command or script snippet to run on all overcloud nodes to - initialize the upgrade process. E.g. a repository switch. - default: '' - UpgradeInitCommonCommand: - type: string - description: | - Common commands required by the upgrades process. This should not - normally be modified by the operator and is set and unset in the - major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml - environment files. - default: '' - DeploymentServerBlacklistDict: - default: {} - type: json - description: > - Map of server hostnames to blacklist from any triggered - deployments. If the value is 1, the server will be blacklisted. This - parameter is generated from the parent template. - RoleParameters: - type: json - description: Parameters specific to the role - default: {} - DeploymentSwiftDataMap: - type: json - description: | - Map of servers to Swift container and object for storing deployment data. - The keys are the Heat assigned hostnames, and the value is a map of the - container/object name in Swift. Example value: - overcloud-controller-0: - container: overcloud-controller - object: 0 - overcloud-controller-1: - container: overcloud-controller - object: 1 - overcloud-controller-2: - container: overcloud-controller - object: 2 - overcloud-novacompute-0: - container: overcloud-compute - object: 0 - default: {} - -conditions: - server_not_blacklisted: - not: - equals: - - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]} - - 1 - deployment_swift_data_map_unset: - equals: - - get_param: - - DeploymentSwiftDataMap - - {get_param: Hostname} - - "" - -resources: - BlockStorage: - type: OS::TripleO::BlockStorageServer - metadata: - os-collect-config: - command: {get_param: ConfigCommand} - splay: {get_param: ConfigCollectSplay} - properties: - image: - {get_param: BlockStorageImage} - flavor: {get_param: OvercloudBlockStorageFlavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: UserData} - name: - str_replace: - template: {get_param: Hostname} - params: {get_param: HostnameMap} - software_config_transport: {get_param: SoftwareConfigTransport} - metadata: - map_merge: - - {get_param: ServerMetadata} - - {get_param: BlockStorageServerMetadata} - - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: BlockStorageSchedulerHints} - deployment_swift_data: - if: - - deployment_swift_data_map_unset - - {} - - {get_param: [DeploymentSwiftDataMap, - {get_param: Hostname}]} - - # Combine the NodeAdminUserData and NodeUserData mime archives - UserData: - type: OS::Heat::MultipartMime - properties: - parts: - - config: {get_resource: NodeAdminUserData} - type: multipart - - config: {get_resource: NodeUserData} - type: multipart - - config: {get_resource: RoleUserData} - type: multipart - - # Creates the "heat-admin" user if configured via the environment - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeAdminUserData: - type: OS::TripleO::NodeAdminUserData - - # For optional operator additional userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeUserData: - type: OS::TripleO::NodeUserData - - # For optional operator role-specific userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - RoleUserData: - type: OS::TripleO::BlockStorage::NodeUserData - - ExternalPort: - type: OS::TripleO::BlockStorage::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - IPPool: {get_param: BlockStorageIPs} - NodeIndex: {get_param: NodeIndex} - - InternalApiPort: - type: OS::TripleO::BlockStorage::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - IPPool: {get_param: BlockStorageIPs} - NodeIndex: {get_param: NodeIndex} - - StoragePort: - type: OS::TripleO::BlockStorage::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - IPPool: {get_param: BlockStorageIPs} - NodeIndex: {get_param: NodeIndex} - - StorageMgmtPort: - type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - IPPool: {get_param: BlockStorageIPs} - NodeIndex: {get_param: NodeIndex} - - TenantPort: - type: OS::TripleO::BlockStorage::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - IPPool: {get_param: BlockStorageIPs} - NodeIndex: {get_param: NodeIndex} - - ManagementPort: - type: OS::TripleO::BlockStorage::Ports::ManagementPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - IPPool: {get_param: BlockStorageIPs} - NodeIndex: {get_param: NodeIndex} - - NetworkConfig: - type: OS::TripleO::BlockStorage::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - - NetIpMap: - type: OS::TripleO::Network::Ports::NetIpMap - properties: - ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} - ExternalIp: {get_attr: [ExternalPort, ip_address]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiPort, ip_address]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} - StorageIp: {get_attr: [StoragePort, ip_address]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} - TenantIp: {get_attr: [TenantPort, ip_address]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} - ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} - - NetHostMap: - type: OS::Heat::Value - properties: - type: json - value: - external: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - external - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - external - internal_api: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - internalapi - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - internalapi - storage: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - storage - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - storage - storage_mgmt: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - storagemgmt - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - storagemgmt - tenant: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - tenant - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - tenant - management: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - management - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - management - ctlplane: - fqdn: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - ctlplane - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [BlockStorage, name]} - - ctlplane - - PreNetworkConfig: - type: OS::TripleO::BlockStorage::PreNetworkConfig - properties: - server: {get_resource: BlockStorage} - RoleParameters: {get_param: RoleParameters} - ServiceNames: {get_param: ServiceNames} - deployment_actions: {get_attr: [DeploymentActions, value]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: PreNetworkConfig - properties: - name: NetworkDeployment - config: {get_resource: NetworkConfig} - server: {get_resource: BlockStorage} - actions: - if: - - server_not_blacklisted - - {get_param: NetworkDeploymentActions} - - [] - - BlockStorageUpgradeInitConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - config: - list_join: - - '' - - - "#!/bin/bash\n\n" - - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n" - - get_param: UpgradeInitCommand - - get_param: UpgradeInitCommonCommand - - # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty - # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - BlockStorageUpgradeInitDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: BlockStorageUpgradeInitDeployment - server: {get_resource: BlockStorage} - config: {get_resource: BlockStorageUpgradeInitConfig} - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - BlockStorageDeployment: - type: OS::Heat::StructuredDeployment - depends_on: BlockStorageUpgradeInitDeployment - properties: - name: BlockStorageDeployment - server: {get_resource: BlockStorage} - config: {get_resource: BlockStorageConfig} - input_values: - enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - # Map heat metadata into hiera datafiles - BlockStorageConfig: - type: OS::Heat::StructuredConfig - properties: - group: hiera - config: - hierarchy: - - '"%{::uuid}"' - - heat_config_%{::deploy_config_name} - - config_step - - volume_extraconfig - - extraconfig - - service_names - - service_configs - - volume - - bootstrap_node # provided by allNodesConfig - - all_nodes # provided by allNodesConfig - - vip_data # provided by allNodesConfig - - '"%{::osfamily}"' - merge_behavior: deeper - datafiles: - service_names: - service_names: {get_param: ServiceNames} - sensu::subscriptions: {get_param: MonitoringSubscriptions} - service_configs: - map_replace: - - {get_param: ServiceConfigSettings} - - values: {get_attr: [NetIpMap, net_ip_map]} - volume_extraconfig: {get_param: BlockStorageExtraConfig} - extraconfig: {get_param: ExtraConfig} - volume: - tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]} - fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]} - fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]} - - # Resource for site-specific injection of root certificate - NodeTLSCAData: - depends_on: BlockStorageDeployment - type: OS::TripleO::NodeTLSCAData - properties: - server: {get_resource: BlockStorage} - - # Hook for site-specific additional pre-deployment config, - # applying to all nodes, e.g node registration/unregistration - NodeExtraConfig: - depends_on: NodeTLSCAData - type: OS::TripleO::NodeExtraConfig - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: BlockStorage} - - UpdateConfig: - type: OS::TripleO::Tasks::PackageUpdate - - UpdateDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: UpdateDeployment - config: {get_resource: UpdateConfig} - server: {get_resource: BlockStorage} - input_values: - update_identifier: - get_param: UpdateIdentifier - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - DeploymentActions: - type: OS::Heat::Value - properties: - value: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - SshHostPubKey: - type: OS::TripleO::Ssh::HostPubKey - depends_on: BlockStorageDeployment - properties: - server: {get_resource: BlockStorage} - deployment_actions: {get_attr: [DeploymentActions, value]} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [BlockStorage, networks, ctlplane, 0]} - hostname: - description: Hostname of the server - value: {get_attr: [BlockStorage, name]} - hostname_map: - description: Mapping of network names to hostnames - value: - external: {get_attr: [NetHostMap, value, external, fqdn]} - internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - storage: {get_attr: [NetHostMap, value, storage, fqdn]} - storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - management: {get_attr: [NetHostMap, value, management, fqdn]} - ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - hosts_entry: - value: - str_replace: - template: | - PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST - EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST - INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST - STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST - STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST - TENANTIP TENANTHOST.DOMAIN TENANTHOST - MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST - CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [BlockStorage, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - known_hosts_entry: - description: Entry for ssh known hosts - value: - str_replace: - template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\ -EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\ -INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\ -STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\ -STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\ -TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ -MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ -CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [BlockStorage, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} - nova_server_resource: - description: Heat resource handle for the block storage server - value: - {get_resource: BlockStorage} - condition: server_not_blacklisted - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - management_ip_address: - description: IP address of the server in the management network - value: {get_attr: [ManagementPort, ip_address]} - deployed_server_port_map: - description: | - Map of Heat created hostname of the server to ip address. This is the - hostname before it has been mapped with the HostnameMap parameter, and - the IP address from the ctlplane network. This map can be used to construct - the DeployedServerPortMap parameter when using split-stack. - value: - map_replace: - - hostname: - fixed_ips: - - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]} - - keys: - hostname: - list_join: - - '-' - - - {get_param: Hostname} - - ctlplane - deployed_server_deployment_swift_data_map: - description: - Map of Heat created hostname of the server to the Swift container and object - used to created the temporary url for metadata polling with - os-collect-config. - value: - map_replace: - - hostname: - container: - str_split: - - '/' - - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]} - - 5 - object: - str_split: - - '?' - - str_split: - - '/' - - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]} - - 6 - - 0 - - keys: {hostname: {get_param: Hostname}} - os_collect_config: - description: The os-collect-config configuration associated with this server resource - value: {get_attr: [BlockStorage, os_collect_config]} diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml deleted file mode 100644 index ce44fd68..00000000 --- a/puppet/cephstorage-role.yaml +++ /dev/null @@ -1,718 +0,0 @@ -heat_template_version: pike -description: 'OpenStack ceph storage node configured by Puppet' -parameters: - OvercloudCephStorageFlavor: - description: Flavor for the Ceph Storage node. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - CephStorageImage: - type: string - default: overcloud-full - constraints: - - custom_constraint: glance.image - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - description: Name of an existing Nova key pair to enable SSH access to the instances - type: string - default: default - constraints: - - custom_constraint: nova.keypair - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - HostnameMap: - type: json - default: {} - description: Optional mapping to override hostnames - ExtraConfig: - default: {} - description: | - Additional hiera configuration to inject into the cluster. Note - that CephStorageExtraConfig takes precedence over ExtraConfig. - type: json - CephStorageExtraConfig: - default: {} - description: | - Role specific additional hiera configuration to inject into the cluster. - type: json - CephStorageIPs: - default: {} - type: json - NetworkDeploymentActions: - type: comma_delimited_list - description: > - Heat action when to apply network configuration changes - default: ['CREATE'] - SoftwareConfigTransport: - default: POLL_SERVER_CFN - description: | - How the server should receive the metadata required for software configuration. - type: string - constraints: - - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This must match the - overcloud_domain_name configured on the undercloud. - CephStorageServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This option is - role-specific and is merged with the values given to the ServerMetadata - parameter. - type: json - ServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This applies to - all roles and is merged with a role-specific metadata parameter. - type: json - CephStorageSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} - NodeIndex: - type: number - default: 0 - ServiceConfigSettings: - type: json - default: {} - ServiceNames: - type: comma_delimited_list - default: [] - MonitoringSubscriptions: - type: comma_delimited_list - default: [] - ServiceMetadataSettings: - type: json - default: {} - ConfigCommand: - type: string - description: Command which will be run whenever configuration data changes - default: os-refresh-config --timeout 14400 - ConfigCollectSplay: - type: number - default: 30 - description: | - Maximum amount of time to possibly to delay configuation collection - polling. Defaults to 30 seconds. Set to 0 to disable it which will cause - the configuration collection to occur as soon as the collection process - starts. This setting is used to prevent the configuration collection - processes from polling all at the exact same time. - UpgradeInitCommand: - type: string - description: | - Command or script snippet to run on all overcloud nodes to - initialize the upgrade process. E.g. a repository switch. - default: '' - UpgradeInitCommonCommand: - type: string - description: | - Common commands required by the upgrades process. This should not - normally be modified by the operator and is set and unset in the - major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml - environment files. - default: '' - DeploymentServerBlacklistDict: - default: {} - type: json - description: > - Map of server hostnames to blacklist from any triggered - deployments. If the value is 1, the server will be blacklisted. This - parameter is generated from the parent template. - RoleParameters: - type: json - description: Parameters specific to the role - default: {} - DeploymentSwiftDataMap: - type: json - description: | - Map of servers to Swift container and object for storing deployment data. - The keys are the Heat assigned hostnames, and the value is a map of the - container/object name in Swift. Example value: - overcloud-controller-0: - container: overcloud-controller - object: 0 - overcloud-controller-1: - container: overcloud-controller - object: 1 - overcloud-controller-2: - container: overcloud-controller - object: 2 - overcloud-novacompute-0: - container: overcloud-compute - object: 0 - default: {} - -conditions: - server_not_blacklisted: - not: - equals: - - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]} - - 1 - deployment_swift_data_map_unset: - equals: - - get_param: - - DeploymentSwiftDataMap - - {get_param: Hostname} - - "" - -resources: - CephStorage: - type: OS::TripleO::CephStorageServer - metadata: - os-collect-config: - command: {get_param: ConfigCommand} - splay: {get_param: ConfigCollectSplay} - properties: - image: {get_param: CephStorageImage} - image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: OvercloudCephStorageFlavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: UserData} - name: - str_replace: - template: {get_param: Hostname} - params: {get_param: HostnameMap} - software_config_transport: {get_param: SoftwareConfigTransport} - metadata: - map_merge: - - {get_param: ServerMetadata} - - {get_param: CephStorageServerMetadata} - - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: CephStorageSchedulerHints} - deployment_swift_data: - if: - - deployment_swift_data_map_unset - - {} - - {get_param: [DeploymentSwiftDataMap, - {get_param: Hostname}]} - - # Combine the NodeAdminUserData and NodeUserData mime archives - UserData: - type: OS::Heat::MultipartMime - properties: - parts: - - config: {get_resource: NodeAdminUserData} - type: multipart - - config: {get_resource: NodeUserData} - type: multipart - - config: {get_resource: RoleUserData} - type: multipart - - # Creates the "heat-admin" user if configured via the environment - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeAdminUserData: - type: OS::TripleO::NodeAdminUserData - - # For optional operator additional userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeUserData: - type: OS::TripleO::NodeUserData - - # For optional operator role-specific userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - RoleUserData: - type: OS::TripleO::CephStorage::NodeUserData - - ExternalPort: - type: OS::TripleO::CephStorage::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - IPPool: {get_param: CephStorageIPs} - NodeIndex: {get_param: NodeIndex} - - InternalApiPort: - type: OS::TripleO::CephStorage::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - IPPool: {get_param: CephStorageIPs} - NodeIndex: {get_param: NodeIndex} - - StoragePort: - type: OS::TripleO::CephStorage::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - IPPool: {get_param: CephStorageIPs} - NodeIndex: {get_param: NodeIndex} - - StorageMgmtPort: - type: OS::TripleO::CephStorage::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - IPPool: {get_param: CephStorageIPs} - NodeIndex: {get_param: NodeIndex} - - TenantPort: - type: OS::TripleO::CephStorage::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - IPPool: {get_param: CephStorageIPs} - NodeIndex: {get_param: NodeIndex} - - ManagementPort: - type: OS::TripleO::CephStorage::Ports::ManagementPort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - IPPool: {get_param: CephStorageIPs} - NodeIndex: {get_param: NodeIndex} - - NetworkConfig: - type: OS::TripleO::CephStorage::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - - NetIpMap: - type: OS::TripleO::Network::Ports::NetIpMap - properties: - ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} - ExternalIp: {get_attr: [ExternalPort, ip_address]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiPort, ip_address]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} - StorageIp: {get_attr: [StoragePort, ip_address]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} - TenantIp: {get_attr: [TenantPort, ip_address]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} - ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} - - NetHostMap: - type: OS::Heat::Value - properties: - type: json - value: - external: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - external - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - external - internal_api: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - internalapi - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - internalapi - storage: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - storage - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - storage - storage_mgmt: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - storagemgmt - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - storagemgmt - tenant: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - tenant - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - tenant - management: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - management - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - management - ctlplane: - fqdn: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - ctlplane - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [CephStorage, name]} - - ctlplane - - PreNetworkConfig: - type: OS::TripleO::CephStorage::PreNetworkConfig - properties: - server: {get_resource: CephStorage} - RoleParameters: {get_param: RoleParameters} - ServiceNames: {get_param: ServiceNames} - deployment_actions: {get_attr: [DeploymentActions, value]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: PreNetworkConfig - properties: - name: NetworkDeployment - config: {get_resource: NetworkConfig} - server: {get_resource: CephStorage} - actions: - if: - - server_not_blacklisted - - {get_param: NetworkDeploymentActions} - - [] - - CephStorageUpgradeInitConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - config: - list_join: - - '' - - - "#!/bin/bash\n\n" - - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n" - - get_param: UpgradeInitCommand - - get_param: UpgradeInitCommonCommand - - # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty - # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - CephStorageUpgradeInitDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: CephStorageUpgradeInitDeployment - server: {get_resource: CephStorage} - config: {get_resource: CephStorageUpgradeInitConfig} - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - CephStorageDeployment: - type: OS::Heat::StructuredDeployment - depends_on: CephStorageUpgradeInitDeployment - properties: - name: CephStorageDeployment - config: {get_resource: CephStorageConfig} - server: {get_resource: CephStorage} - input_values: - enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - CephStorageConfig: - type: OS::Heat::StructuredConfig - properties: - group: hiera - config: - hierarchy: - - '"%{::uuid}"' - - heat_config_%{::deploy_config_name} - - config_step - - ceph_extraconfig - - extraconfig - - service_names - - service_configs - - ceph - - bootstrap_node # provided by allNodesConfig - - all_nodes # provided by allNodesConfig - - vip_data # provided by allNodesConfig - - '"%{::osfamily}"' - merge_behavior: deeper - datafiles: - service_names: - service_names: {get_param: ServiceNames} - sensu::subscriptions: {get_param: MonitoringSubscriptions} - service_configs: - map_replace: - - {get_param: ServiceConfigSettings} - - values: {get_attr: [NetIpMap, net_ip_map]} - ceph_extraconfig: {get_param: CephStorageExtraConfig} - extraconfig: {get_param: ExtraConfig} - ceph: - tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]} - fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]} - fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]} - - # Resource for site-specific injection of root certificate - NodeTLSCAData: - depends_on: CephStorageDeployment - type: OS::TripleO::NodeTLSCAData - properties: - server: {get_resource: CephStorage} - - # Hook for site-specific additional pre-deployment config, e.g extra hieradata - CephStorageExtraConfigPre: - depends_on: CephStorageDeployment - type: OS::TripleO::CephStorageExtraConfigPre - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: CephStorage} - - # Hook for site-specific additional pre-deployment config, - # applying to all nodes, e.g node registration/unregistration - NodeExtraConfig: - depends_on: [CephStorageExtraConfigPre, NodeTLSCAData] - type: OS::TripleO::NodeExtraConfig - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: CephStorage} - - UpdateConfig: - type: OS::TripleO::Tasks::PackageUpdate - - UpdateDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - config: {get_resource: UpdateConfig} - server: {get_resource: CephStorage} - input_values: - update_identifier: - get_param: UpdateIdentifier - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - DeploymentActions: - type: OS::Heat::Value - properties: - value: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - SshHostPubKey: - type: OS::TripleO::Ssh::HostPubKey - depends_on: CephStorageDeployment - properties: - server: {get_resource: CephStorage} - deployment_actions: {get_attr: [DeploymentActions, value]} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [CephStorage, networks, ctlplane, 0]} - hostname: - description: Hostname of the server - value: {get_attr: [CephStorage, name]} - hostname_map: - description: Mapping of network names to hostnames - value: - external: {get_attr: [NetHostMap, value, external, fqdn]} - internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - storage: {get_attr: [NetHostMap, value, storage, fqdn]} - storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - management: {get_attr: [NetHostMap, value, management, fqdn]} - ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - hosts_entry: - value: - str_replace: - template: | - PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST - EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST - INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST - STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST - STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST - TENANTIP TENANTHOST.DOMAIN TENANTHOST - MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST - CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [CephStorage, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - known_hosts_entry: - description: Entry for ssh known hosts - value: - str_replace: - template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\ -EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\ -INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\ -STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\ -STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\ -TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ -MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ -CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [CephStorage, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} - nova_server_resource: - description: Heat resource handle for the ceph storage server - value: - {get_resource: CephStorage} - condition: server_not_blacklisted - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - management_ip_address: - description: IP address of the server in the management network - value: {get_attr: [ManagementPort, ip_address]} - deployed_server_port_map: - description: | - Map of Heat created hostname of the server to ip address. This is the - hostname before it has been mapped with the HostnameMap parameter, and - the IP address from the ctlplane network. This map can be used to construct - the DeployedServerPortMap parameter when using split-stack. - value: - map_replace: - - hostname: - fixed_ips: - - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]} - - keys: - hostname: - list_join: - - '-' - - - {get_param: Hostname} - - ctlplane - deployed_server_deployment_swift_data_map: - description: - Map of Heat created hostname of the server to the Swift container and object - used to created the temporary url for metadata polling with - os-collect-config. - value: - map_replace: - - hostname: - container: - str_split: - - '/' - - {get_attr: [CephStorage, os_collect_config, request, metadata_url]} - - 5 - object: - str_split: - - '?' - - str_split: - - '/' - - {get_attr: [CephStorage, os_collect_config, request, metadata_url]} - - 6 - - 0 - - keys: {hostname: {get_param: Hostname}} - os_collect_config: - description: The os-collect-config configuration associated with this server resource - value: {get_attr: [CephStorage, os_collect_config]} diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml deleted file mode 100644 index af45793e..00000000 --- a/puppet/compute-role.yaml +++ /dev/null @@ -1,744 +0,0 @@ -heat_template_version: pike - -description: > - OpenStack hypervisor node configured via Puppet. - -parameters: - ExtraConfig: - default: {} - description: | - Additional hiera configuration to inject into the cluster. Note - that NovaComputeExtraConfig takes precedence over ExtraConfig. - type: json - OvercloudComputeFlavor: - description: Flavor for the nova compute node - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - NovaImage: - type: string - default: overcloud-full - constraints: - - custom_constraint: glance.image - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - description: Name of an existing Nova key pair to enable SSH access to the instances - type: string - default: default - constraints: - - custom_constraint: nova.keypair - NeutronPhysicalBridge: - default: 'br-ex' - description: An OVS bridge to create for accessing external networks. - type: string - NeutronPublicInterface: - default: nic1 - description: Which interface to add to the NeutronPhysicalBridge. - type: string - NodeIndex: - type: number - default: 0 - NovaComputeExtraConfig: - default: {} - description: | - NovaCompute specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - NovaComputeIPs: - default: {} - type: json - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - HostnameMap: - type: json - default: {} - description: Optional mapping to override hostnames - NetworkDeploymentActions: - type: comma_delimited_list - description: > - Heat action when to apply network configuration changes - default: ['CREATE'] - SoftwareConfigTransport: - default: POLL_SERVER_CFN - description: | - How the server should receive the metadata required for software configuration. - type: string - constraints: - - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This must match the - overcloud_domain_name configured on the undercloud. - NovaComputeServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This option is - role-specific and is merged with the values given to the ServerMetadata - parameter. - type: json - ServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This applies to - all roles and is merged with a role-specific metadata parameter. - type: json - NovaComputeSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} - ServiceConfigSettings: - type: json - default: {} - ServiceNames: - type: comma_delimited_list - default: [] - MonitoringSubscriptions: - type: comma_delimited_list - default: [] - ServiceMetadataSettings: - type: json - default: {} - ConfigCommand: - type: string - description: Command which will be run whenever configuration data changes - default: os-refresh-config --timeout 14400 - ConfigCollectSplay: - type: number - default: 30 - description: | - Maximum amount of time to possibly to delay configuation collection - polling. Defaults to 30 seconds. Set to 0 to disable it which will cause - the configuration collection to occur as soon as the collection process - starts. This setting is used to prevent the configuration collection - processes from polling all at the exact same time. - UpgradeInitCommand: - type: string - description: | - Command or script snippet to run on all overcloud nodes to - initialize the upgrade process. E.g. a repository switch. - default: '' - UpgradeInitCommonCommand: - type: string - description: | - Common commands required by the upgrades process. This should not - normally be modified by the operator and is set and unset in the - major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml - environment files. - default: '' - DeploymentServerBlacklistDict: - default: {} - type: json - description: > - Map of server hostnames to blacklist from any triggered - deployments. If the value is 1, the server will be blacklisted. This - parameter is generated from the parent template. - RoleParameters: - type: json - description: Parameters specific to the role - default: {} - DeploymentSwiftDataMap: - type: json - description: | - Map of servers to Swift container and object for storing deployment data. - The keys are the Heat assigned hostnames, and the value is a map of the - container/object name in Swift. Example value: - overcloud-controller-0: - container: overcloud-controller - object: 0 - overcloud-controller-1: - container: overcloud-controller - object: 1 - overcloud-controller-2: - container: overcloud-controller - object: 2 - overcloud-novacompute-0: - container: overcloud-compute - object: 0 - default: {} - -conditions: - deployment_swift_data_map_unset: - equals: - - get_param: - - DeploymentSwiftDataMap - - {get_param: Hostname} - - "" - server_not_blacklisted: - not: - equals: - - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]} - - 1 - -resources: - - NovaCompute: - type: OS::TripleO::ComputeServer - metadata: - os-collect-config: - command: {get_param: ConfigCommand} - splay: {get_param: ConfigCollectSplay} - properties: - image: {get_param: NovaImage} - image_update_policy: - get_param: ImageUpdatePolicy - flavor: {get_param: OvercloudComputeFlavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: UserData} - name: - str_replace: - template: {get_param: Hostname} - params: {get_param: HostnameMap} - software_config_transport: {get_param: SoftwareConfigTransport} - metadata: - map_merge: - - {get_param: ServerMetadata} - - {get_param: NovaComputeServerMetadata} - - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: NovaComputeSchedulerHints} - deployment_swift_data: - if: - - deployment_swift_data_map_unset - - {} - - {get_param: [DeploymentSwiftDataMap, - {get_param: Hostname}]} - - # Combine the NodeAdminUserData and NodeUserData mime archives - UserData: - type: OS::Heat::MultipartMime - properties: - parts: - - config: {get_resource: NodeAdminUserData} - type: multipart - - config: {get_resource: NodeUserData} - type: multipart - - config: {get_resource: RoleUserData} - type: multipart - - # Creates the "heat-admin" user if configured via the environment - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeAdminUserData: - type: OS::TripleO::NodeAdminUserData - - # For optional operator additional userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeUserData: - type: OS::TripleO::NodeUserData - - # For optional operator role-specific userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - RoleUserData: - type: OS::TripleO::Compute::NodeUserData - - ExternalPort: - type: OS::TripleO::Compute::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - IPPool: {get_param: NovaComputeIPs} - NodeIndex: {get_param: NodeIndex} - - InternalApiPort: - type: OS::TripleO::Compute::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - IPPool: {get_param: NovaComputeIPs} - NodeIndex: {get_param: NodeIndex} - - StoragePort: - type: OS::TripleO::Compute::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - IPPool: {get_param: NovaComputeIPs} - NodeIndex: {get_param: NodeIndex} - - StorageMgmtPort: - type: OS::TripleO::Compute::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - IPPool: {get_param: NovaComputeIPs} - NodeIndex: {get_param: NodeIndex} - - TenantPort: - type: OS::TripleO::Compute::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - IPPool: {get_param: NovaComputeIPs} - NodeIndex: {get_param: NodeIndex} - - ManagementPort: - type: OS::TripleO::Compute::Ports::ManagementPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - IPPool: {get_param: NovaComputeIPs} - NodeIndex: {get_param: NodeIndex} - - NetIpMap: - type: OS::TripleO::Network::Ports::NetIpMap - properties: - ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} - ExternalIp: {get_attr: [ExternalPort, ip_address]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiPort, ip_address]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} - StorageIp: {get_attr: [StoragePort, ip_address]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} - TenantIp: {get_attr: [TenantPort, ip_address]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} - ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} - - NetHostMap: - type: OS::Heat::Value - properties: - type: json - value: - external: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - external - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - external - internal_api: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - internalapi - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - internalapi - storage: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - storage - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - storage - storage_mgmt: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - storagemgmt - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - storagemgmt - tenant: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - tenant - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - tenant - management: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - management - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - management - ctlplane: - fqdn: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - ctlplane - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [NovaCompute, name]} - - ctlplane - - PreNetworkConfig: - type: OS::TripleO::Compute::PreNetworkConfig - properties: - server: {get_resource: NovaCompute} - RoleParameters: {get_param: RoleParameters} - ServiceNames: {get_param: ServiceNames} - deployment_actions: {get_attr: [DeploymentActions, value]} - - NetworkConfig: - type: OS::TripleO::Compute::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: PreNetworkConfig - properties: - name: NetworkDeployment - actions: - if: - - server_not_blacklisted - - {get_param: NetworkDeploymentActions} - - [] - config: {get_resource: NetworkConfig} - server: {get_resource: NovaCompute} - input_values: - bridge_name: {get_param: NeutronPhysicalBridge} - interface_name: {get_param: NeutronPublicInterface} - - NovaComputeUpgradeInitConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - config: - list_join: - - '' - - - "#!/bin/bash\n\n" - - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n" - - get_param: UpgradeInitCommand - - get_param: UpgradeInitCommonCommand - - # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty - # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - NovaComputeUpgradeInitDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: NovaComputeUpgradeInitDeployment - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - server: {get_resource: NovaCompute} - config: {get_resource: NovaComputeUpgradeInitConfig} - - NovaComputeConfig: - type: OS::Heat::StructuredConfig - properties: - group: hiera - config: - hierarchy: - - '"%{::uuid}"' - - heat_config_%{::deploy_config_name} - - config_step - - compute_extraconfig - - extraconfig - - service_names - - service_configs - - compute - - bootstrap_node # provided by allNodesConfig - - all_nodes # provided by allNodesConfig - - vip_data # provided by allNodesConfig - - '"%{::osfamily}"' - - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre - - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - - nova_nuage_data # Optionally provided by ComputeExtraConfigPre - - midonet_data # Optionally provided by AllNodesExtraConfig - - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre - - cisco_aci_data # Optionally provided by ComputeExtraConfigPre - merge_behavior: deeper - datafiles: - service_names: - service_names: {get_param: ServiceNames} - sensu::subscriptions: {get_param: MonitoringSubscriptions} - service_configs: - map_replace: - - {get_param: ServiceConfigSettings} - - values: {get_attr: [NetIpMap, net_ip_map]} - compute_extraconfig: {get_param: NovaComputeExtraConfig} - extraconfig: {get_param: ExtraConfig} - compute: - tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]} - fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]} - fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]} - - NovaComputeDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: NovaComputeUpgradeInitDeployment - properties: - name: NovaComputeDeployment - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - config: {get_resource: NovaComputeConfig} - server: {get_resource: NovaCompute} - input_values: - enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - - # Resource for site-specific injection of root certificate - NodeTLSCAData: - depends_on: NovaComputeDeployment - type: OS::TripleO::NodeTLSCAData - properties: - server: {get_resource: NovaCompute} - - # Hook for site-specific additional pre-deployment config, e.g extra hieradata - ComputeExtraConfigPre: - depends_on: NovaComputeDeployment - type: OS::TripleO::ComputeExtraConfigPre - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: NovaCompute} - - # Hook for site-specific additional pre-deployment config, - # applying to all nodes, e.g node registration/unregistration - NodeExtraConfig: - depends_on: [ComputeExtraConfigPre, NodeTLSCAData] - type: OS::TripleO::NodeExtraConfig - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: NovaCompute} - - UpdateConfig: - type: OS::TripleO::Tasks::PackageUpdate - - UpdateDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: UpdateDeployment - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - config: {get_resource: UpdateConfig} - server: {get_resource: NovaCompute} - input_values: - update_identifier: - get_param: UpdateIdentifier - - DeploymentActions: - type: OS::Heat::Value - properties: - value: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - SshHostPubKey: - type: OS::TripleO::Ssh::HostPubKey - depends_on: NovaComputeDeployment - properties: - server: {get_resource: NovaCompute} - deployment_actions: {get_attr: [DeploymentActions, value]} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [NovaCompute, networks, ctlplane, 0]} - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - management_ip_address: - description: IP address of the server in the management network - value: {get_attr: [ManagementPort, ip_address]} - deployed_server_port_map: - description: | - Map of Heat created hostname of the server to ip address. This is the - hostname before it has been mapped with the HostnameMap parameter, and - the IP address from the ctlplane network. This map can be used to construct - the DeployedServerPortMap parameter when using split-stack. - value: - map_replace: - - hostname: - fixed_ips: - - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]} - - keys: - hostname: - list_join: - - '-' - - - {get_param: Hostname} - - ctlplane - deployed_server_deployment_swift_data_map: - description: - Map of Heat created hostname of the server to the Swift container and object - used to created the temporary url for metadata polling with - os-collect-config. - value: - map_replace: - - hostname: - container: - str_split: - - '/' - - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]} - - 5 - object: - str_split: - - '?' - - str_split: - - '/' - - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]} - - 6 - - 0 - - keys: {hostname: {get_param: Hostname}} - hostname: - description: Hostname of the server - value: {get_attr: [NovaCompute, name]} - hostname_map: - description: Mapping of network names to hostnames - value: - external: {get_attr: [NetHostMap, value, external, fqdn]} - internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - storage: {get_attr: [NetHostMap, value, storage, fqdn]} - storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - management: {get_attr: [NetHostMap, value, management, fqdn]} - ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - hosts_entry: - description: > - Server's IP address and hostname in the /etc/hosts format - value: - str_replace: - template: | - PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST - EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST - INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST - STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST - STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST - TENANTIP TENANTHOST.DOMAIN TENANTHOST - MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST - CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [NovaCompute, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - known_hosts_entry: - description: Entry for ssh known hosts - value: - str_replace: - template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\ -EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\ -INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\ -STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\ -STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\ -TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ -MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ -CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [NovaCompute, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} - nova_server_resource: - description: Heat resource handle for the Nova compute server - value: - {get_resource: NovaCompute} - condition: server_not_blacklisted - os_collect_config: - description: The os-collect-config configuration associated with this server resource - value: {get_attr: [NovaCompute, os_collect_config]} diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml deleted file mode 100644 index ab81d1aa..00000000 --- a/puppet/controller-role.yaml +++ /dev/null @@ -1,781 +0,0 @@ -heat_template_version: pike - -description: > - OpenStack controller node configured by Puppet. - -parameters: - controllerExtraConfig: - default: {} - description: | - Deprecated. Use ControllerExtraConfig via parameter_defaults instead. - type: json - ControllerExtraConfig: - default: {} - description: | - Controller specific hiera configuration data to inject into the cluster. - type: json - ControllerIPs: - default: {} - description: > - A network mapped list of IPs to assign to Controllers in the following form: - { - "internal_api": ["a.b.c.d", "e.f.g.h"], - ... - } - type: json - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - ExtraConfig: - default: {} - description: | - Additional hieradata to inject into the cluster, note that - ControllerExtraConfig takes precedence over ExtraConfig. - type: json - OvercloudControlFlavor: - description: Flavor for control nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - controllerImage: - type: string - default: overcloud-full - constraints: - - custom_constraint: glance.image - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - default: default - description: Name of an existing Nova key pair to enable SSH access to the instances - type: string - constraints: - - custom_constraint: nova.keypair - NeutronPhysicalBridge: - default: 'br-ex' - description: An OVS bridge to create for accessing external networks. - type: string - NeutronPublicInterface: - default: nic1 - description: Which interface to add to the NeutronPhysicalBridge. - type: string - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - HostnameMap: - type: json - default: {} - description: Optional mapping to override hostnames - NetworkDeploymentActions: - type: comma_delimited_list - description: > - Heat action when to apply network configuration changes - default: ['CREATE'] - NodeIndex: - type: number - default: 0 - SoftwareConfigTransport: - default: POLL_SERVER_CFN - description: | - How the server should receive the metadata required for software configuration. - type: string - constraints: - - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This must match the - overcloud_domain_name configured on the undercloud. - ControllerServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This option is - role-specific and is merged with the values given to the ServerMetadata - parameter. - type: json - ServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This applies to - all roles and is merged with a role-specific metadata parameter. - type: json - ControllerSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} - ServiceConfigSettings: - type: json - default: {} - ServiceNames: - type: comma_delimited_list - default: [] - MonitoringSubscriptions: - type: comma_delimited_list - default: [] - ServiceMetadataSettings: - type: json - default: {} - ConfigCommand: - type: string - description: Command which will be run whenever configuration data changes - default: os-refresh-config --timeout 14400 - ConfigCollectSplay: - type: number - default: 30 - description: | - Maximum amount of time to possibly to delay configuation collection - polling. Defaults to 30 seconds. Set to 0 to disable it which will cause - the configuration collection to occur as soon as the collection process - starts. This setting is used to prevent the configuration collection - processes from polling all at the exact same time. - UpgradeInitCommand: - type: string - description: | - Command or script snippet to run on all overcloud nodes to - initialize the upgrade process. E.g. a repository switch. - default: '' - UpgradeInitCommonCommand: - type: string - description: | - Common commands required by the upgrades process. This should not - normally be modified by the operator and is set and unset in the - major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml - environment files. - default: '' - DeploymentServerBlacklistDict: - default: {} - type: json - description: > - Map of server hostnames to blacklist from any triggered - deployments. If the value is 1, the server will be blacklisted. This - parameter is generated from the parent template. - RoleParameters: - type: json - description: Parameters specific to the role - default: {} - DeploymentSwiftDataMap: - type: json - description: | - Map of servers to Swift container and object for storing deployment data. - The keys are the Heat assigned hostnames, and the value is a map of the - container/object name in Swift. Example value: - overcloud-controller-0: - container: overcloud-controller - object: 0 - overcloud-controller-1: - container: overcloud-controller - object: 1 - overcloud-controller-2: - container: overcloud-controller - object: 2 - overcloud-novacompute-0: - container: overcloud-compute - object: 0 - default: {} - -parameter_groups: -- label: deprecated - description: Do not use deprecated params, they will be removed. - parameters: - - controllerExtraConfig - -conditions: - server_not_blacklisted: - not: - equals: - - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]} - - 1 - deployment_swift_data_map_unset: - equals: - - get_param: - - DeploymentSwiftDataMap - - {get_param: Hostname} - - "" - -resources: - - Controller: - type: OS::TripleO::ControllerServer - metadata: - os-collect-config: - command: {get_param: ConfigCommand} - splay: {get_param: ConfigCollectSplay} - properties: - image: {get_param: controllerImage} - image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: OvercloudControlFlavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: UserData} - name: - str_replace: - template: {get_param: Hostname} - params: {get_param: HostnameMap} - software_config_transport: {get_param: SoftwareConfigTransport} - metadata: - map_merge: - - {get_param: ServerMetadata} - - {get_param: ControllerServerMetadata} - - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: ControllerSchedulerHints} - deployment_swift_data: - if: - - deployment_swift_data_map_unset - - {} - - {get_param: [DeploymentSwiftDataMap, - {get_param: Hostname}]} - - # Combine the NodeAdminUserData and NodeUserData mime archives - UserData: - type: OS::Heat::MultipartMime - properties: - parts: - - config: {get_resource: NodeAdminUserData} - type: multipart - - config: {get_resource: NodeUserData} - type: multipart - - config: {get_resource: RoleUserData} - type: multipart - - # Creates the "heat-admin" user if configured via the environment - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeAdminUserData: - type: OS::TripleO::NodeAdminUserData - - # For optional operator additional userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeUserData: - type: OS::TripleO::NodeUserData - - # For optional operator role-specific userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - RoleUserData: - type: OS::TripleO::Controller::NodeUserData - - ExternalPort: - type: OS::TripleO::Controller::Ports::ExternalPort - properties: - IPPool: {get_param: ControllerIPs} - NodeIndex: {get_param: NodeIndex} - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - InternalApiPort: - type: OS::TripleO::Controller::Ports::InternalApiPort - properties: - IPPool: {get_param: ControllerIPs} - NodeIndex: {get_param: NodeIndex} - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - StoragePort: - type: OS::TripleO::Controller::Ports::StoragePort - properties: - IPPool: {get_param: ControllerIPs} - NodeIndex: {get_param: NodeIndex} - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - StorageMgmtPort: - type: OS::TripleO::Controller::Ports::StorageMgmtPort - properties: - IPPool: {get_param: ControllerIPs} - NodeIndex: {get_param: NodeIndex} - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - TenantPort: - type: OS::TripleO::Controller::Ports::TenantPort - properties: - IPPool: {get_param: ControllerIPs} - NodeIndex: {get_param: NodeIndex} - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - ManagementPort: - type: OS::TripleO::Controller::Ports::ManagementPort - properties: - IPPool: {get_param: ControllerIPs} - NodeIndex: {get_param: NodeIndex} - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - NetIpMap: - type: OS::TripleO::Network::Ports::NetIpMap - properties: - ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} - ExternalIp: {get_attr: [ExternalPort, ip_address]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiPort, ip_address]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} - StorageIp: {get_attr: [StoragePort, ip_address]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} - TenantIp: {get_attr: [TenantPort, ip_address]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} - ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} - - NetHostMap: - type: OS::Heat::Value - properties: - type: json - value: - external: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - external - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - external - internal_api: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - internalapi - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - internalapi - storage: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - storage - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - storage - storage_mgmt: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - storagemgmt - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - storagemgmt - tenant: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - tenant - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - tenant - management: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - management - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - management - ctlplane: - fqdn: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - ctlplane - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [Controller, name]} - - ctlplane - - PreNetworkConfig: - type: OS::TripleO::Controller::PreNetworkConfig - properties: - server: {get_resource: Controller} - RoleParameters: {get_param: RoleParameters} - ServiceNames: {get_param: ServiceNames} - deployment_actions: {get_attr: [DeploymentActions, value]} - - NetworkConfig: - type: OS::TripleO::Controller::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: PreNetworkConfig - properties: - name: NetworkDeployment - config: {get_resource: NetworkConfig} - server: {get_resource: Controller} - actions: - if: - - server_not_blacklisted - - {get_param: NetworkDeploymentActions} - - [] - input_values: - bridge_name: {get_param: NeutronPhysicalBridge} - interface_name: {get_param: NeutronPublicInterface} - - # Resource for site-specific injection of root certificate - NodeTLSCAData: - depends_on: NetworkDeployment - type: OS::TripleO::NodeTLSCAData - properties: - server: {get_resource: Controller} - - # Resource for site-specific passing of private keys/certificates - NodeTLSData: - depends_on: NodeTLSCAData - type: OS::TripleO::NodeTLSData - properties: - server: {get_resource: Controller} - NodeIndex: {get_param: NodeIndex} - - ControllerUpgradeInitConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - config: - list_join: - - '' - - - "#!/bin/bash\n\n" - - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n" - - get_param: UpgradeInitCommand - - get_param: UpgradeInitCommonCommand - - # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty - # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - ControllerUpgradeInitDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: ControllerUpgradeInitDeployment - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - server: {get_resource: Controller} - config: {get_resource: ControllerUpgradeInitConfig} - - ControllerDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: ControllerUpgradeInitDeployment - properties: - name: ControllerDeployment - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - config: {get_resource: ControllerConfig} - server: {get_resource: Controller} - input_values: - enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - - # Map heat metadata into hiera datafiles - ControllerConfig: - type: OS::Heat::StructuredConfig - properties: - group: hiera - config: - hierarchy: - - '"%{::uuid}"' - - heat_config_%{::deploy_config_name} - - config_step - - controller_extraconfig - - extraconfig - - service_configs - - service_names - - controller - - bootstrap_node # provided by BootstrapNodeConfig - - all_nodes # provided by allNodesConfig - - vip_data # provided by allNodesConfig - - '"%{::osfamily}"' - - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - - midonet_data #Optionally provided by AllNodesExtraConfig - - cisco_aci_data # Optionally provided by ControllerExtraConfigPre - merge_behavior: deeper - datafiles: - service_names: - service_names: {get_param: ServiceNames} - sensu::subscriptions: {get_param: MonitoringSubscriptions} - service_configs: - map_replace: - - {get_param: ServiceConfigSettings} - - values: {get_attr: [NetIpMap, net_ip_map]} - controller_extraconfig: - map_merge: - - {get_param: controllerExtraConfig} - - {get_param: ControllerExtraConfig} - extraconfig: {get_param: ExtraConfig} - controller: - # Misc - tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]} - fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]} - fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]} - - # Hook for site-specific additional pre-deployment config, e.g extra hieradata - ControllerExtraConfigPre: - depends_on: ControllerDeployment - type: OS::TripleO::ControllerExtraConfigPre - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: Controller} - - # Hook for site-specific additional pre-deployment config, - # applying to all nodes, e.g node registration/unregistration - NodeExtraConfig: - depends_on: [ControllerExtraConfigPre, NodeTLSData] - type: OS::TripleO::NodeExtraConfig - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: Controller} - - UpdateConfig: - type: OS::TripleO::Tasks::PackageUpdate - - UpdateDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: UpdateDeployment - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - config: {get_resource: UpdateConfig} - server: {get_resource: Controller} - input_values: - update_identifier: - get_param: UpdateIdentifier - - DeploymentActions: - type: OS::Heat::Value - properties: - value: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - SshHostPubKey: - type: OS::TripleO::Ssh::HostPubKey - depends_on: ControllerDeployment - properties: - server: {get_resource: Controller} - deployment_actions: {get_attr: [DeploymentActions, value]} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [Controller, networks, ctlplane, 0]} - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - management_ip_address: - description: IP address of the server in the management network - value: {get_attr: [ManagementPort, ip_address]} - deployed_server_port_map: - description: - Map of Heat created hostname of the server to ip address. This is the - hostname before it has been mapped with the HostnameMap parameter, and - the IP address from the ctlplane network. This map can be used to construct - the DeployedServerPortMap parameter when using split-stack. - value: - map_replace: - - hostname: - fixed_ips: - - ip_address: {get_attr: [Controller, networks, ctlplane, 0]} - - keys: - hostname: - list_join: - - '-' - - - {get_param: Hostname} - - ctlplane - deployed_server_deployment_swift_data_map: - description: - Map of Heat created hostname of the server to the Swift container and object - used to created the temporary url for metadata polling with - os-collect-config. - value: - map_replace: - - hostname: - container: - str_split: - - '/' - - {get_attr: [Controller, os_collect_config, request, metadata_url]} - - 5 - object: - str_split: - - '?' - - str_split: - - '/' - - {get_attr: [Controller, os_collect_config, request, metadata_url]} - - 6 - - 0 - - keys: {hostname: {get_param: Hostname}} - hostname: - description: Hostname of the server - value: {get_attr: [Controller, name]} - hostname_map: - description: Mapping of network names to hostnames - value: - external: {get_attr: [NetHostMap, value, external, fqdn]} - internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - storage: {get_attr: [NetHostMap, value, storage, fqdn]} - storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - management: {get_attr: [NetHostMap, value, management, fqdn]} - ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - hosts_entry: - description: > - Server's IP address and hostname in the /etc/hosts format - value: - str_replace: - template: | - PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST - EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST - INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST - STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST - STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST - TENANTIP TENANTHOST.DOMAIN TENANTHOST - MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST - CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [Controller, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - known_hosts_entry: - description: Entry for ssh known hosts - value: - str_replace: - template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\ -EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\ -INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\ -STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\ -STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\ -TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ -MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ -CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [Controller, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} - nova_server_resource: - description: Heat resource handle for the Nova compute server - value: - {get_resource: Controller} - condition: server_not_blacklisted - tls_key_modulus_md5: - description: MD5 checksum of the TLS Key Modulus - value: {get_attr: [NodeTLSData, key_modulus_md5]} - tls_cert_modulus_md5: - description: MD5 checksum of the TLS Certificate Modulus - value: {get_attr: [NodeTLSData, cert_modulus_md5]} - os_collect_config: - description: The os-collect-config configuration associated with this server resource - value: {get_attr: [Controller, os_collect_config]} diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml deleted file mode 100644 index 10e56450..00000000 --- a/puppet/objectstorage-role.yaml +++ /dev/null @@ -1,703 +0,0 @@ -heat_template_version: pike -description: 'OpenStack swift storage node configured by Puppet' -parameters: - OvercloudSwiftStorageFlavor: - description: Flavor for Swift storage nodes to request when deploying. - default: baremetal - type: string - constraints: - - custom_constraint: nova.flavor - SwiftStorageImage: - default: overcloud-full - type: string - constraints: - - custom_constraint: glance.image - KeyName: - default: default - description: Name of an existing Nova key pair to enable SSH access to the instances - type: string - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - Hostname: - type: string - default: '' # Defaults to Heat created hostname - HostnameMap: - type: json - default: {} - description: Optional mapping to override hostnames - ExtraConfig: - default: {} - description: | - Additional hiera configuration to inject into the cluster. Note - that ObjectStorageExtraConfig takes precedence over ExtraConfig. - type: json - ObjectStorageExtraConfig: - default: {} - description: | - Role specific additional hiera configuration to inject into the cluster. - type: json - SwiftStorageIPs: - default: {} - type: json - NetworkDeploymentActions: - type: comma_delimited_list - description: > - Heat action when to apply network configuration changes - default: ['CREATE'] - SoftwareConfigTransport: - default: POLL_SERVER_CFN - description: | - How the server should receive the metadata required for software configuration. - type: string - constraints: - - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This must match the - overcloud_domain_name configured on the undercloud. - SwiftStorageServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This option is - role-specific and is merged with the values given to the ServerMetadata - parameter. - type: json - ServerMetadata: - default: {} - description: > - Extra properties or metadata passed to Nova for the created nodes in - the overcloud. It's accessible via the Nova metadata API. This applies to - all roles and is merged with a role-specific metadata parameter. - type: json - ObjectStorageSchedulerHints: - type: json - description: Optional scheduler hints to pass to nova - default: {} - NodeIndex: - type: number - default: 0 - ServiceConfigSettings: - type: json - default: {} - ServiceNames: - type: comma_delimited_list - default: [] - MonitoringSubscriptions: - type: comma_delimited_list - default: [] - ServiceMetadataSettings: - type: json - default: {} - ConfigCommand: - type: string - description: Command which will be run whenever configuration data changes - default: os-refresh-config --timeout 14400 - ConfigCollectSplay: - type: number - default: 30 - description: | - Maximum amount of time to possibly to delay configuation collection - polling. Defaults to 30 seconds. Set to 0 to disable it which will cause - the configuration collection to occur as soon as the collection process - starts. This setting is used to prevent the configuration collection - processes from polling all at the exact same time. - UpgradeInitCommand: - type: string - description: | - Command or script snippet to run on all overcloud nodes to - initialize the upgrade process. E.g. a repository switch. - default: '' - UpgradeInitCommonCommand: - type: string - description: | - Common commands required by the upgrades process. This should not - normally be modified by the operator and is set and unset in the - major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml - environment files. - default: '' - DeploymentServerBlacklistDict: - default: {} - type: json - description: > - Map of server hostnames to blacklist from any triggered - deployments. If the value is 1, the server will be blacklisted. This - parameter is generated from the parent template. - RoleParameters: - type: json - description: Parameters specific to the role - default: {} - DeploymentSwiftDataMap: - type: json - description: | - Map of servers to Swift container and object for storing deployment data. - The keys are the Heat assigned hostnames, and the value is a map of the - container/object name in Swift. Example value: - overcloud-controller-0: - container: overcloud-controller - object: 0 - overcloud-controller-1: - container: overcloud-controller - object: 1 - overcloud-controller-2: - container: overcloud-controller - object: 2 - overcloud-novacompute-0: - container: overcloud-compute - object: 0 - default: {} - -conditions: - server_not_blacklisted: - not: - equals: - - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]} - - 1 - deployment_swift_data_map_unset: - equals: - - get_param: - - DeploymentSwiftDataMap - - {get_param: Hostname} - - "" - -resources: - - SwiftStorage: - type: OS::TripleO::ObjectStorageServer - metadata: - os-collect-config: - command: {get_param: ConfigCommand} - splay: {get_param: ConfigCollectSplay} - properties: - image: {get_param: SwiftStorageImage} - flavor: {get_param: OvercloudSwiftStorageFlavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: UserData} - name: - str_replace: - template: {get_param: Hostname} - params: {get_param: HostnameMap} - software_config_transport: {get_param: SoftwareConfigTransport} - metadata: - map_merge: - - {get_param: ServerMetadata} - - {get_param: SwiftStorageServerMetadata} - - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: ObjectStorageSchedulerHints} - deployment_swift_data: - if: - - deployment_swift_data_map_unset - - {} - - {get_param: [DeploymentSwiftDataMap, - {get_param: Hostname}]} - - # Combine the NodeAdminUserData and NodeUserData mime archives - UserData: - type: OS::Heat::MultipartMime - properties: - parts: - - config: {get_resource: NodeAdminUserData} - type: multipart - - config: {get_resource: NodeUserData} - type: multipart - - config: {get_resource: RoleUserData} - type: multipart - - # Creates the "heat-admin" user if configured via the environment - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeAdminUserData: - type: OS::TripleO::NodeAdminUserData - - # For optional operator additional userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - NodeUserData: - type: OS::TripleO::NodeUserData - - # For optional operator role-specific userdata - # Should return a OS::Heat::MultipartMime reference via OS::stack_id - RoleUserData: - type: OS::TripleO::ObjectStorage::NodeUserData - - ExternalPort: - type: OS::TripleO::SwiftStorage::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - IPPool: {get_param: SwiftStorageIPs} - NodeIndex: {get_param: NodeIndex} - - InternalApiPort: - type: OS::TripleO::SwiftStorage::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - IPPool: {get_param: SwiftStorageIPs} - NodeIndex: {get_param: NodeIndex} - - StoragePort: - type: OS::TripleO::SwiftStorage::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - IPPool: {get_param: SwiftStorageIPs} - NodeIndex: {get_param: NodeIndex} - - StorageMgmtPort: - type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - IPPool: {get_param: SwiftStorageIPs} - NodeIndex: {get_param: NodeIndex} - - TenantPort: - type: OS::TripleO::SwiftStorage::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - IPPool: {get_param: SwiftStorageIPs} - NodeIndex: {get_param: NodeIndex} - - ManagementPort: - type: OS::TripleO::SwiftStorage::Ports::ManagementPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - IPPool: {get_param: SwiftStorageIPs} - NodeIndex: {get_param: NodeIndex} - - NetworkConfig: - type: OS::TripleO::ObjectStorage::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - - NetIpMap: - type: OS::TripleO::Network::Ports::NetIpMap - properties: - ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - ExternalIp: {get_attr: [ExternalPort, ip_address]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiPort, ip_address]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} - StorageIp: {get_attr: [StoragePort, ip_address]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} - TenantIp: {get_attr: [TenantPort, ip_address]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} - ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} - - NetHostMap: - type: OS::Heat::Value - properties: - type: json - value: - external: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - external - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - external - internal_api: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - internalapi - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - internalapi - storage: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - storage - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - storage - storage_mgmt: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - storagemgmt - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - storagemgmt - tenant: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - tenant - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - tenant - management: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - management - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - management - ctlplane: - fqdn: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - ctlplane - - {get_param: CloudDomain} - short: - list_join: - - '.' - - - {get_attr: [SwiftStorage, name]} - - ctlplane - - PreNetworkConfig: - type: OS::TripleO::ObjectStorage::PreNetworkConfig - properties: - server: {get_resource: SwiftStorage} - RoleParameters: {get_param: RoleParameters} - ServiceNames: {get_param: ServiceNames} - deployment_actions: {get_attr: [DeploymentActions, value]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - depends_on: PreNetworkConfig - properties: - name: NetworkDeployment - config: {get_resource: NetworkConfig} - server: {get_resource: SwiftStorage} - actions: - if: - - server_not_blacklisted - - {get_param: NetworkDeploymentActions} - - [] - - - SwiftStorageUpgradeInitConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - config: - list_join: - - '' - - - "#!/bin/bash\n\n" - - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n" - - get_param: UpgradeInitCommand - - get_param: UpgradeInitCommonCommand - - # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty - # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - SwiftStorageUpgradeInitDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - name: SwiftStorageUpgradeInitDeployment - server: {get_resource: SwiftStorage} - config: {get_resource: SwiftStorageUpgradeInitConfig} - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - SwiftStorageHieraConfig: - type: OS::Heat::StructuredConfig - properties: - group: hiera - config: - hierarchy: - - '"%{::uuid}"' - - heat_config_%{::deploy_config_name} - - config_step - - object_extraconfig - - extraconfig - - service_names - - service_configs - - object - - bootstrap_node # provided by allNodesConfig - - all_nodes # provided by allNodesConfig - - vip_data # provided by allNodesConfig - - '"%{::osfamily}"' - merge_behavior: deeper - datafiles: - service_names: - service_names: {get_param: ServiceNames} - sensu::subscriptions: {get_param: MonitoringSubscriptions} - service_configs: - map_replace: - - {get_param: ServiceConfigSettings} - - values: {get_attr: [NetIpMap, net_ip_map]} - object_extraconfig: {get_param: ObjectStorageExtraConfig} - extraconfig: {get_param: ExtraConfig} - object: - tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]} - fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]} - fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]} - - SwiftStorageHieraDeploy: - type: OS::Heat::StructuredDeployment - depends_on: SwiftStorageUpgradeInitDeployment - properties: - name: SwiftStorageHieraDeploy - server: {get_resource: SwiftStorage} - config: {get_resource: SwiftStorageHieraConfig} - input_values: - enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - # Resource for site-specific injection of root certificate - NodeTLSCAData: - depends_on: SwiftStorageHieraDeploy - type: OS::TripleO::NodeTLSCAData - properties: - server: {get_resource: SwiftStorage} - - # Hook for site-specific additional pre-deployment config, - # applying to all nodes, e.g node registration/unregistration - NodeExtraConfig: - depends_on: NodeTLSCAData - type: OS::TripleO::NodeExtraConfig - # We have to use conditions here so that we don't break backwards - # compatibility with templates everywhere - condition: server_not_blacklisted - properties: - server: {get_resource: SwiftStorage} - - UpdateConfig: - type: OS::TripleO::Tasks::PackageUpdate - - UpdateDeployment: - type: OS::Heat::SoftwareDeployment - depends_on: NetworkDeployment - properties: - config: {get_resource: UpdateConfig} - server: {get_resource: SwiftStorage} - input_values: - update_identifier: - get_param: UpdateIdentifier - actions: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - DeploymentActions: - type: OS::Heat::Value - properties: - value: - if: - - server_not_blacklisted - - ['CREATE', 'UPDATE'] - - [] - - SshHostPubKey: - type: OS::TripleO::Ssh::HostPubKey - depends_on: SwiftStorageHieraDeploy - properties: - server: {get_resource: SwiftStorage} - deployment_actions: {get_attr: [DeploymentActions, value]} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - hostname: - description: Hostname of the server - value: {get_attr: [SwiftStorage, name]} - hostname_map: - description: Mapping of network names to hostnames - value: - external: {get_attr: [NetHostMap, value, external, fqdn]} - internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - storage: {get_attr: [NetHostMap, value, storage, fqdn]} - storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - management: {get_attr: [NetHostMap, value, management, fqdn]} - ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} - hosts_entry: - value: - str_replace: - template: | - PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST - EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST - INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST - STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST - STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST - TENANTIP TENANTHOST.DOMAIN TENANTHOST - MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST - CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [SwiftStorage, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - known_hosts_entry: - description: Entry for ssh known hosts - value: - str_replace: - template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\ -EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\ -INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\ -STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\ -STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\ -TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ -MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ -CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" - params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]} - DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [SwiftStorage, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} - HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} - nova_server_resource: - description: Heat resource handle for the swift storage server - value: - {get_resource: SwiftStorage} - condition: server_not_blacklisted - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - management_ip_address: - description: IP address of the server in the management network - value: {get_attr: [ManagementPort, ip_address]} - deployed_server_port_map: - description: | - Map of Heat created hostname of the server to ip address. This is the - hostname before it has been mapped with the HostnameMap parameter, and - the IP address from the ctlplane network. This map can be used to construct - the DeployedServerPortMap parameter when using split-stack. - value: - map_replace: - - hostname: - fixed_ips: - - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - - keys: - hostname: - list_join: - - '-' - - - {get_param: Hostname} - - ctlplane - deployed_server_deployment_swift_data_map: - description: - Map of Heat created hostname of the server to the Swift container and object - used to created the temporary url for metadata polling with - os-collect-config. - value: - map_replace: - - hostname: - container: - str_split: - - '/' - - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]} - - 5 - object: - str_split: - - '?' - - str_split: - - '/' - - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]} - - 6 - - 0 - - keys: {hostname: {get_param: Hostname}} - os_collect_config: - description: The os-collect-config configuration associated with this server resource - value: {get_attr: [SwiftStorage, os_collect_config]} diff --git a/puppet/post-upgrade.j2.yaml b/puppet/post-upgrade.j2.yaml deleted file mode 100644 index bdd1e613..00000000 --- a/puppet/post-upgrade.j2.yaml +++ /dev/null @@ -1,30 +0,0 @@ -heat_template_version: pike - -description: > - Post-upgrade configuration steps via puppet for all roles - where upgrade is not disabled as defined in ../roles_data.yaml - -parameters: - servers: - type: json - description: Mapping of Role name e.g Controller to a list of servers - stack_name: - type: string - description: Name of the topmost stack - role_data: - type: json - description: Mapping of Role name e.g Controller to the per-role data - DeployIdentifier: - default: '' - type: string - description: > - Setting this to a unique value will re-run any deployment tasks which - perform configuration on a Heat stack-update. - ctlplane_service_ips: - type: json - -resources: -# Note the include here is the same as post.j2.yaml but the data used at -# the time of rendering is different if any roles disable upgrades -{% set roles = roles|rejectattr('disable_upgrade_deployment')|list -%} -{% include 'puppet-steps.j2' %} diff --git a/puppet/post.j2.yaml b/puppet/post.j2.yaml deleted file mode 100644 index 67e1ecfd..00000000 --- a/puppet/post.j2.yaml +++ /dev/null @@ -1,31 +0,0 @@ -heat_template_version: pike - -description: > - Post-deploy configuration steps via puppet for all roles, - as defined in ../roles_data.yaml - -parameters: - servers: - type: json - description: Mapping of Role name e.g Controller to a list of servers - stack_name: - type: string - description: Name of the topmost stack - role_data: - type: json - description: Mapping of Role name e.g Controller to the per-role data - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - DeployIdentifier: - default: '' - type: string - description: > - Setting this to a unique value will re-run any deployment tasks which - perform configuration on a Heat stack-update. - ctlplane_service_ips: - type: json - -{% include 'puppet-steps.j2' %} diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2 deleted file mode 100644 index f7651a57..00000000 --- a/puppet/puppet-steps.j2 +++ /dev/null @@ -1,156 +0,0 @@ -{% set deploy_steps_max = 6 %} -conditions: -{% for step in range(1, deploy_steps_max) %} - WorkflowTasks_Step{{step}}_Enabled: - or: - {%- for role in roles %} - - not: - equals: - - get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}] - - '' - - False - {%- endfor %} -{% endfor %} - -resources: - # Post deployment steps for all roles - # A single config is re-applied with an incrementing step number -{% for role in roles %} - # {{role.name}} Role post-deploy steps - {{role.name}}ArtifactsConfig: - type: deploy-artifacts.yaml - - {{role.name}}ArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - name: {{role.name}}ArtifactsDeploy - servers: {get_param: [servers, {{role.name}}]} - config: {get_resource: {{role.name}}ArtifactsConfig} - - {{role.name}}PreConfig: - type: OS::TripleO::Tasks::{{role.name}}PreConfig - properties: - servers: {get_param: [servers, {{role.name}}]} - input_values: - update_identifier: {get_param: DeployIdentifier} - - {{role.name}}Config: - type: OS::TripleO::{{role.name}}Config - properties: - StepConfig: {get_param: [role_data, {{role.name}}, step_config]} - - # Step through a series of configuration steps -{% for step in range(1, deploy_steps_max) %} - {{role.name}}Deployment_Step{{step}}: - type: OS::Heat::StructuredDeploymentGroup - depends_on: - - WorkflowTasks_Step{{step}}_Execution - # TODO(gfidente): the following if/else condition - # replicates what is already defined for the - # WorkflowTasks_StepX resource and can be remove - # if https://bugs.launchpad.net/heat/+bug/1700569 - # is fixed. - {%- if step == 1 %} - {%- for dep in roles %} - - {{dep.name}}PreConfig - - {{dep.name}}ArtifactsDeploy - {%- endfor %} - {%- else %} - {%- for dep in roles %} - - {{dep.name}}Deployment_Step{{step -1}} - {%- endfor %} - {%- endif %} - properties: - name: {{role.name}}Deployment_Step{{step}} - servers: {get_param: [servers, {{role.name}}]} - config: {get_resource: {{role.name}}Config} - input_values: - step: {{step}} - update_identifier: {get_param: DeployIdentifier} -{% endfor %} - - # Note, this should be the last step to execute configuration changes. - # Ensure that all {{role.name}}ExtraConfigPost steps are executed - # after all the previous deployment steps. - {{role.name}}ExtraConfigPost: - depends_on: - {%- for dep in roles %} - - {{dep.name}}Deployment_Step5 - {%- endfor %} - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: [servers, {{role.name}}]} - - # The {{role.name}}PostConfig steps are in charge of - # quiescing all services, i.e. in the Controller case, - # we should run a full service reload. - {{role.name}}PostConfig: - type: OS::TripleO::Tasks::{{role.name}}PostConfig - depends_on: - {%- for dep in roles %} - - {{dep.name}}ExtraConfigPost - {%- endfor %} - properties: - servers: {get_param: servers} - input_values: - update_identifier: {get_param: DeployIdentifier} - - -{% endfor %} - -# BEGIN service_workflow_tasks handling -{% for step in range(1, deploy_steps_max) %} - WorkflowTasks_Step{{step}}: - type: OS::Mistral::Workflow - condition: WorkflowTasks_Step{{step}}_Enabled - depends_on: - {%- if step == 1 %} - {%- for dep in roles %} - - {{dep.name}}PreConfig - - {{dep.name}}ArtifactsDeploy - {%- endfor %} - {%- else %} - {%- for dep in roles %} - - {{dep.name}}Deployment_Step{{step -1}} - {%- endfor %} - {%- endif %} - properties: - name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflowtasks", "step{{step}}"]]} - type: direct - tasks: - yaql: - expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten() - data: - {%- for role in roles %} - - get_param: [role_data, {{role.name}}, service_workflow_tasks] - {%- endfor %} - - WorkflowTasks_Step{{step}}_Execution: - type: OS::Mistral::ExternalResource - condition: WorkflowTasks_Step{{step}}_Enabled - depends_on: WorkflowTasks_Step{{step}} - properties: - actions: - CREATE: - workflow: { get_resource: WorkflowTasks_Step{{step}} } - params: - env: - service_ips: { get_param: ctlplane_service_ips } - role_merged_configs: - {%- for r in roles %} - {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]} - {%- endfor %} - evaluate_env: false - UPDATE: - workflow: { get_resource: WorkflowTasks_Step{{step}} } - params: - env: - service_ips: { get_param: ctlplane_service_ips } - role_merged_configs: - {%- for r in roles %} - {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]} - {%- endfor %} - evaluate_env: false - always_update: true -{% endfor %} -# END service_workflow_tasks handling diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index f1abf8dd..5453e65c 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -1,27 +1,40 @@ -{# ## Some variables are set to enable rendering backwards compatible templates #} -{# ## where a few parameter/resource names don't match the expected pattern #} -{# ## FIXME: we need some way to deprecate the old inconsistent parameters #} -{%- if role.name == 'Controller' -%} - {%- set deprecated_extraconfig_param = 'controllerExtraConfig' -%} -{% endif %} +{#- ## Some variables are set to enable rendering backwards compatible templates #} +{#- ## where a few parameter/resource names don't match the expected pattern #} +{#- ## FIXME: we need some way to deprecate the old inconsistent parameters #} +{%- set server_resource_name = role.deprecated_server_resource_name|default(role.name) -%} heat_template_version: pike description: 'OpenStack {{role.name}} node configured by Puppet' parameters: +{%- set default_flavor_name = 'baremetal' %} +{%- if role.deprecated_param_flavor is defined %} + {{role.deprecated_param_flavor}}: + description: DEPRECATED Use Overcloud{{role.name}}Flavor instead. + default: {{default_flavor_name}} + type: string +{%- endif %} Overcloud{{role.name}}Flavor: description: Flavor for the {{role.name}} node. - default: baremetal + default: {{default_flavor_name}} type: string -{% if role.disable_constraints is not defined %} +{%- if role.disable_constraints is not defined %} constraints: - custom_constraint: nova.flavor -{% endif %} +{%- endif %} +{%- set default_image_name = 'overcloud-full' %} +{%- if role.deprecated_param_image is defined %} + {{role.deprecated_param_image}}: + type: string + default: {{default_image_name}} + description: DEPRECATED Use {{role.name}}Image instead +{%- endif %} {{role.name}}Image: type: string - default: overcloud-full -{% if role.disable_constraints is not defined %} + default: {{default_image_name}} + description: The disk image file to use for the role. +{%- if role.disable_constraints is not defined %} constraints: - custom_constraint: glance.image -{% endif %} +{%- endif %} ImageUpdatePolicy: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. @@ -30,13 +43,13 @@ parameters: description: Name of an existing Nova key pair to enable SSH access to the instances type: string default: default -{% if role.disable_constraints is not defined %} +{%- if role.disable_constraints is not defined %} constraints: - custom_constraint: nova.keypair -{% endif %} +{%- endif %} NeutronPhysicalBridge: default: 'br-ex' - description: An OVS bridge to create for accessing tenant networks. + description: An OVS bridge to create for accessing external networks. type: string NeutronPublicInterface: default: nic1 @@ -76,8 +89,8 @@ parameters: description: | Role specific additional hiera configuration to inject into the cluster. type: json -{%- if deprecated_extraconfig_param is defined %} - {{deprecated_extraconfig_param}}: +{%- if role.deprecated_param_extraconfig is defined %} + {{role.deprecated_param_extraconfig}}: default: {} description: | DEPRECATED use {{role.name}}ExtraConfig instead @@ -86,6 +99,12 @@ parameters: {{role.name}}IPs: default: {} type: json +{%- if role.deprecated_param_ips is defined %} + {{role.deprecated_param_ips}}: + default: {} + description: DEPRECATED - use {{role.name}}IPs instead + type: json +{%- endif %} NetworkDeploymentActions: type: comma_delimited_list description: > @@ -112,6 +131,12 @@ parameters: role-specific and is merged with the values given to the ServerMetadata parameter. type: json +{%- if role.deprecated_param_metadata is defined %} + {{role.deprecated_param_metadata}}: + default: {} + description: DEPRECATED - use {{role.name}}ServerMetadata instead + type: json +{%- endif %} ServerMetadata: default: {} description: > @@ -123,6 +148,12 @@ parameters: type: json description: Optional scheduler hints to pass to nova default: {} +{%- if role.deprecated_param_scheduler_hints is defined %} + {{role.deprecated_param_scheduler_hints}}: + type: json + description: DEPRECATED - use {{role.name}}SchedulerHints instead + default: {} +{%- endif %} NodeIndex: type: number default: 0 @@ -202,12 +233,16 @@ parameters: object: 0 default: {} -{% if deprecated_extraconfig_param is defined %} +{% if role.uses_deprecated_params is defined %} parameter_groups: - label: deprecated description: Do not use deprecated params, they will be removed. parameters: - - {{deprecated_extraconfig_param}} +{%- for property in role %} +{%- if property.startswith('deprecated_param_') %} + - {{role[property]}} +{%- endif %} +{%- endfor %} {%- endif %} conditions: @@ -222,18 +257,48 @@ conditions: - DeploymentSwiftDataMap - {get_param: Hostname} - "" +{%- if role.deprecated_param_image is defined %} + deprecated_param_image_set: + not: + equals: + - {get_param: {{role.deprecated_param_image}}} + - {{default_image_name}} +{%- endif %} +{%- if role.deprecated_param_flavor is defined %} + deprecated_param_flavor_set: + not: + equals: + - {get_param: {{role.deprecated_param_flavor}}} + - {{default_flavor_name}} +{%- endif %} resources: - {{role.name}}: + {{server_resource_name}}: type: OS::TripleO::{{role.name}}Server metadata: os-collect-config: command: {get_param: ConfigCommand} splay: {get_param: ConfigCollectSplay} properties: - image: {get_param: {{role.name}}Image} + image: +{%- if role.deprecated_param_image is defined %} + if: + - deprecated_param_image_set + - {get_param: {{role.deprecated_param_image}}} + - {get_param: {{role.name}}Image} +{%- else %} + get_param: {{role.name}}Image +{%- endif %} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Overcloud{{role.name}}Flavor} + flavor: +{%- if role.deprecated_param_flavor is defined %} + if: + - deprecated_param_flavor_set + - {get_param: {{role.deprecated_param_flavor}}} + - {get_param: Overcloud{{role.name}}Flavor} +{%- else %} + get_param: Overcloud{{role.name}}Flavor +{%- endif %} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -247,9 +312,17 @@ resources: metadata: map_merge: - {get_param: ServerMetadata} +{%- if role.deprecated_param_metadata is defined %} + - {get_param: {{role.deprecated_param_metadata}}} +{%- endif %} - {get_param: {{role.name}}ServerMetadata} - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: {{role.name}}SchedulerHints} + scheduler_hints: + map_merge: +{%- if role.deprecated_param_scheduler_hints is defined %} + - {get_param: {{role.deprecated_param_scheduler_hints}}} +{%- endif %} + - {get_param: {{role.name}}SchedulerHints} deployment_swift_data: if: - deployment_swift_data_map_unset @@ -288,15 +361,20 @@ resources: {{network.name}}Port: type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port properties: - ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role.name}}IPs} + ControlPlaneIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} + IPPool: + map_merge: +{%- if role.deprecated_param_ips is defined %} + - {get_param: {{role.deprecated_param_ips}}} +{%- endif %} + - {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} {%- endfor %} NetworkConfig: type: OS::TripleO::{{role.name}}::Net::SoftwareConfig properties: - ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} {%- for network in networks %} {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]} {%- endfor %} @@ -304,7 +382,7 @@ resources: NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: - ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} {%- for network in networks %} {{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]} {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]} @@ -320,91 +398,91 @@ resources: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - external - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - external internal_api: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - internalapi - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - internalapi storage: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - storage - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - storage storage_mgmt: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - storagemgmt - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - storagemgmt tenant: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - tenant - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - tenant management: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - management - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - management ctlplane: fqdn: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - ctlplane - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role.name}}, name]} + - - {get_attr: [{{server_resource_name}}, name]} - ctlplane PreNetworkConfig: type: OS::TripleO::{{role.name}}::PreNetworkConfig properties: - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} deployment_actions: {get_attr: [DeploymentActions, value]} @@ -415,7 +493,7 @@ resources: properties: name: NetworkDeployment config: {get_resource: NetworkConfig} - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} actions: {get_param: NetworkDeploymentActions} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -426,7 +504,7 @@ resources: - {get_param: NetworkDeploymentActions} - [] - {{role.name}}UpgradeInitConfig: + {{server_resource_name}}UpgradeInitConfig: type: OS::Heat::SoftwareConfig properties: group: script @@ -440,26 +518,26 @@ resources: # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - {{role.name}}UpgradeInitDeployment: + {{server_resource_name}}UpgradeInitDeployment: type: OS::Heat::SoftwareDeployment depends_on: NetworkDeployment properties: - name: {{role.name}}UpgradeInitDeployment - server: {get_resource: {{role.name}}} - config: {get_resource: {{role.name}}UpgradeInitConfig} + name: {{server_resource_name}}UpgradeInitDeployment + server: {get_resource: {{server_resource_name}}} + config: {get_resource: {{server_resource_name}}UpgradeInitConfig} actions: if: - server_not_blacklisted - ['CREATE', 'UPDATE'] - [] - {{role.name}}Deployment: + {{server_resource_name}}Deployment: type: OS::Heat::StructuredDeployment - depends_on: {{role.name}}UpgradeInitDeployment + depends_on: {{server_resource_name}}UpgradeInitDeployment properties: - name: {{role.name}}Deployment - config: {get_resource: {{role.name}}Config} - server: {get_resource: {{role.name}}} + name: {{server_resource_name}}Deployment + config: {get_resource: {{server_resource_name}}Config} + server: {get_resource: {{server_resource_name}}} input_values: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} actions: @@ -468,7 +546,7 @@ resources: - ['CREATE', 'UPDATE'] - [] - {{role.name}}Config: + {{server_resource_name}}Config: type: OS::Heat::StructuredConfig properties: group: hiera @@ -486,6 +564,13 @@ resources: - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig - '"%{::osfamily}"' + # The following are required for compatibility with the Controller role + # where some vendor integrations added hieradata via ExtraConfigPre + - neutron_bigswitch_data # Optionally provided by Controller/ComputeExtraConfigPre + - neutron_cisco_data # Optionally provided by Controller/ComputeExtraConfigPre + - cisco_n1kv_data # Optionally provided by Controller/ComputeExtraConfigPre + - midonet_data #Optionally provided by AllNodesExtraConfig + - cisco_aci_data # Optionally provided by Controller/ComputeExtraConfigPre merge_behavior: deeper datafiles: service_names: @@ -497,10 +582,10 @@ resources: - values: {get_attr: [NetIpMap, net_ip_map]} {{role.name.lower()}}_extraconfig: map_merge: -{%- if deprecated_extraconfig_param is defined %} - - {get_param: {{deprecated_extraconfig_param}}} +{%- if role.deprecated_param_extraconfig is defined %} + - {get_param: {{role.deprecated_param_extraconfig}}} {%- endif %} - - {get_param: {{role.name}}ExtraConfig} + - {get_param: {{server_resource_name}}ExtraConfig} extraconfig: {get_param: ExtraConfig} {{role.name.lower()}}: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -519,7 +604,7 @@ resources: depends_on: NetworkDeployment type: OS::TripleO::NodeTLSCAData properties: - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} {%- if 'primary' in role.tags and 'controller' in role.tags %} # Resource for site-specific passing of private keys/certificates @@ -527,19 +612,19 @@ resources: depends_on: NodeTLSCAData type: OS::TripleO::NodeTLSData properties: - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} NodeIndex: {get_param: NodeIndex} {%- endif -%} # Hook for site-specific additional pre-deployment config, e.g extra hieradata {{role.name}}ExtraConfigPre: - depends_on: {{role.name}}Deployment + depends_on: {{server_resource_name}}Deployment type: OS::TripleO::{{role.name}}ExtraConfigPre # We have to use conditions here so that we don't break backwards # compatibility with templates everywhere condition: server_not_blacklisted properties: - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} # Hook for site-specific additional pre-deployment config, # applying to all nodes, e.g node registration/unregistration @@ -556,7 +641,7 @@ resources: # compatibility with templates everywhere condition: server_not_blacklisted properties: - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -567,7 +652,7 @@ resources: properties: name: UpdateDeployment config: {get_resource: UpdateConfig} - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} input_values: update_identifier: get_param: UpdateIdentifier @@ -588,18 +673,18 @@ resources: SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey - depends_on: {{role.name}}Deployment + depends_on: {{server_resource_name}}Deployment properties: - server: {get_resource: {{role.name}}} + server: {get_resource: {{server_resource_name}}} deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: description: IP address of the server in the ctlplane network - value: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + value: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} hostname: description: Hostname of the server - value: {get_attr: [{{role.name}}, name]} + value: {get_attr: [{{server_resource_name}}, name]} hostname_map: description: Mapping of network names to hostnames value: @@ -619,12 +704,12 @@ outputs: params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [{{role.name}}, name]} + PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]} {%- for network in networks %} {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]} {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]} {%- endfor %} - CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} known_hosts_entry: description: Entry for ssh known hosts @@ -638,18 +723,18 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [{{role.name}}, name]} + PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]} {%- for network in networks %} {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]} {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]} {%- endfor %} - CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} nova_server_resource: description: Heat resource handle for {{role.name}} server value: - {get_resource: {{role.name}}} + {get_resource: {{server_resource_name}}} condition: server_not_blacklisted deployed_server_port_map: description: | @@ -661,7 +746,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" map_replace: - hostname: fixed_ips: - - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + - ip_address: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]} - keys: hostname: list_join: @@ -679,14 +764,14 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" container: str_split: - '/' - - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]} + - {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]} - 5 object: str_split: - '?' - str_split: - '/' - - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]} + - {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]} - 6 - 0 - keys: {hostname: {get_param: Hostname}} @@ -700,7 +785,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" {%- endif %} os_collect_config: description: The os-collect-config configuration associated with this server resource - value: {get_attr: [{{role.name}}, os_collect_config]} + value: {get_attr: [{{server_resource_name}}, os_collect_config]} {%- for network in networks %} {{network.name_lower|default(network.name.lower())}}_ip_address: description: IP address of the server in the {{network.name}} network diff --git a/puppet/services/README.rst b/puppet/services/README.rst index d55414b7..a593d55e 100644 --- a/puppet/services/README.rst +++ b/puppet/services/README.rst @@ -155,7 +155,7 @@ Similar to the step_config, we allow a series of steps for the per-service upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first step, "step2" for the second, etc. - Steps/tages correlate to the following: + Steps/tags correlate to the following: 1) Stop all control-plane services. @@ -186,6 +186,18 @@ Note that the services are not started in the upgrade tasks - we instead re-run puppet which does any reconfiguration required for the new version, then starts the services. +Update Steps +------------ + +Each service template may optionally define a `update_tasks` key, which is a +list of ansible tasks to be performed during the minor update process. + +Similar to the upgrade_tasks, we allow a series of steps for the per-service +update sequence, but note update_task selects the steps via a conditional +referencing the step variable e.g when: step == 2, which is different to the +tags based approach used for upgrade_tasks (the two may be aligned in future). + + Nova Server Metadata Settings ----------------------------- diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index bc91374a..1ea6b1ae 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -76,6 +76,12 @@ parameters: description: Firewall driver for realizing neutron security group function type: string default: 'openvswitch' + NeutronOverlayIPVersion: + default: 4 + description: IP version used for all overlay network endpoints. + type: number + constraints: + - allowed_values: [4,6] resources: NeutronBase: @@ -105,6 +111,7 @@ outputs: neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges} neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType} neutron::plugins::ml2::firewall_driver: {get_param: NeutronFirewallDriver} + neutron::plugins::ml2::overlay_ip_version: {get_param: NeutronOverlayIPVersion} step_config: | include ::tripleo::profile::base::neutron::plugins::ml2 diff --git a/puppet/services/pacemaker_remote.yaml b/puppet/services/pacemaker_remote.yaml index 76511784..47ca6142 100644 --- a/puppet/services/pacemaker_remote.yaml +++ b/puppet/services/pacemaker_remote.yaml @@ -35,6 +35,11 @@ parameters: description: The authkey for the pacemaker remote service. hidden: true default: '' + PcsdPassword: + type: string + description: The password for the 'pcsd' user for pacemaker. + hidden: true + default: '' MonitoringSubscriptionPacemakerRemote: default: 'overcloud-pacemaker_remote' type: string @@ -103,5 +108,13 @@ outputs: tripleo::fencing::config: {get_param: FencingConfig} enable_fencing: {get_param: EnableFencing} tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey} + pacemaker::corosync::manage_fw: false + hacluster_pwd: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: PcsdPassword} + - {get_param: [DefaultPasswords, pcsd_password]} step_config: | include ::tripleo::profile::base::pacemaker_remote diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml index e471c2a6..2a8620c8 100644 --- a/puppet/services/tripleo-packages.yaml +++ b/puppet/services/tripleo-packages.yaml @@ -56,3 +56,7 @@ outputs: - name: Update all packages tags: step3 yum: name=* state=latest + update_tasks: + - name: Update all packages + yum: name=* state=latest + when: step == "3" diff --git a/releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml b/releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml new file mode 100644 index 00000000..dd01e36f --- /dev/null +++ b/releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml @@ -0,0 +1,9 @@ +--- +deprecations: + - | + The following parameters are deprecated for the Compute role: + NovaComputeSchedulerHints - use ComputeSchedulerHints instead + NovaComputeServerMetadata - use ComputeServerMetadata instead + NovaComputeExtraConfig - use ComputeExtraConfig instead + NovaComputeIPs - use ComputeIPs instead + NovaImage - Use OvercloudComputeImage instead diff --git a/releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml b/releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml new file mode 100644 index 00000000..02f596d3 --- /dev/null +++ b/releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml @@ -0,0 +1,8 @@ +--- +deprecations: + - | + The following parameters are deprecated for the Controller role: + controllerExtraConfig - Use ControllerExtraConfig instead, + OvercloudControlFlavor - Use OvercloudControllerFlavor instead, + controllerImage - use ControllerImage instead. + diff --git a/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml b/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml new file mode 100644 index 00000000..764686f4 --- /dev/null +++ b/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml @@ -0,0 +1,5 @@ +--- +deprecations: + - | + Both environments/network-management.yaml and environments/network-management-v6.yaml + are now deprecated in favor of specifying the needed networks on each role. diff --git a/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml b/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml new file mode 100644 index 00000000..96e6234d --- /dev/null +++ b/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml @@ -0,0 +1,8 @@ +--- +fixes: + - Don't unregister systems from the portal/satellite + when deleting from Heat. There are several reasons why + it's compelling to fix this behavior. See + https://bugs.launchpad.net/tripleo/+bug/1710144 + for full information. The previous behavior can be triggered + by setting the DeleteOnRHELUnregistration parameter to "true". diff --git a/releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml b/releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml new file mode 100644 index 00000000..e417f5f2 --- /dev/null +++ b/releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml @@ -0,0 +1,9 @@ +--- +fixes: + - | + Fix Heat condition for RHEL registration yum update + There were 2 problems with this condition making the + rhel-registration.yaml template broken: "conditions" should be "condition" + and the condition should refer to just a condition name defined in the + "conditions:" section of the template. See + https://bugs.launchpad.net/tripleo/+bug/1709916 diff --git a/releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml b/releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml new file mode 100644 index 00000000..1c20b26d --- /dev/null +++ b/releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml @@ -0,0 +1,5 @@ +--- +features: + - Add NeutronOverlayIPVersion parameter to congfigure neutron ML2 + overlay_ip_version option. This parameter should be set to 6 when user + requires tenant vxlan tunnel endpoints to be IPv6. diff --git a/releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml b/releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml new file mode 100644 index 00000000..8fa77fcb --- /dev/null +++ b/releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml @@ -0,0 +1,8 @@ +--- +deprecations: + - | + The following parameters are deprecated for the ObjectStorage role: + SwiftStorageServerMetadata - use ObjectStorageServerMetadata instead + SwiftStorageIPs - use ObjectStorageIPs instead + SwiftStorageImage - Use ObjectStorageImage instead + OvercloudSwiftStorageFlavor - Use OvercloudObjectStorageFlavor instead diff --git a/releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml b/releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml new file mode 100644 index 00000000..a9563223 --- /dev/null +++ b/releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml @@ -0,0 +1,21 @@ +--- +deprecations: + - | + The static role definitions contained a number of conflicting parameters + which require special handling to convert to dynamic template generation. + In the future, these parameters will be removed. If a role requires one + of these deprecated parameters, then it will be defined in the role + definition in a property named "deprecated_param_<name>". If the role has one + or more deprecated parameters, then "uses_deprecated_params" should be + set to True as well. This will enable creation of a parameter_group + containing the deprecated parameters in the role definition, which will enable + warning users if they use deprecated parameters on deployment. +upgrade: + - | + For deployments where a custom roles_data file is used, it should be rebased + against the default roles_data.yaml, as several additional items, e.g to + specify deprecated parameter names for some of the default roles, have been + added. Alternatively you can regenerate your roles_data using the new + overcloud roles generate command, so that the updated role definitions in + /usr/share/openstack-tripleo-heat-templates/roles are used, which include + the necessary additional data. diff --git a/roles/Compute.yaml b/roles/Compute.yaml index 56daa864..ce5ab742 100644 --- a/roles/Compute.yaml +++ b/roles/Compute.yaml @@ -10,6 +10,15 @@ - Tenant - Storage HostnameFormatDefault: '%stackname%-novacompute-%index%' + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_image: 'NovaImage' + deprecated_param_extraconfig: 'NovaComputeExtraConfig' + deprecated_param_metadata: 'NovaComputeServerMetadata' + deprecated_param_scheduler_hints: 'NovaComputeSchedulerHints' + deprecated_param_ips: 'NovaComputeIPs' + deprecated_server_resource_name: 'NovaCompute' disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::AuditD diff --git a/roles/Controller.yaml b/roles/Controller.yaml index d702a63d..224d1356 100644 --- a/roles/Controller.yaml +++ b/roles/Controller.yaml @@ -16,6 +16,12 @@ - StorageMgmt - Tenant HostnameFormatDefault: '%stackname%-controller-%index%' + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_extraconfig: 'controllerExtraConfig' + deprecated_param_flavor: 'OvercloudControlFlavor' + deprecated_param_image: 'controllerImage' ServicesDefault: - OS::TripleO::Services::AodhApi - OS::TripleO::Services::AodhEvaluator diff --git a/roles/ObjectStorage.yaml b/roles/ObjectStorage.yaml index 81bedbd1..ad372be6 100644 --- a/roles/ObjectStorage.yaml +++ b/roles/ObjectStorage.yaml @@ -8,6 +8,13 @@ - InternalApi - Storage - StorageMgmt + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_metadata: 'SwiftStorageServerMetadata' + deprecated_param_ips: 'SwiftStorageIPs' + deprecated_param_image: 'SwiftStorageImage' + deprecated_param_flavor: 'OvercloudSwiftStorageFlavor' disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::AuditD diff --git a/roles_data.yaml b/roles_data.yaml index 0d6c8035..8f670994 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -19,6 +19,12 @@ - StorageMgmt - Tenant HostnameFormatDefault: '%stackname%-controller-%index%' + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_extraconfig: 'controllerExtraConfig' + deprecated_param_flavor: 'OvercloudControlFlavor' + deprecated_param_image: 'controllerImage' ServicesDefault: - OS::TripleO::Services::AodhApi - OS::TripleO::Services::AodhEvaluator @@ -145,6 +151,15 @@ - Tenant - Storage HostnameFormatDefault: '%stackname%-novacompute-%index%' + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_image: 'NovaImage' + deprecated_param_extraconfig: 'NovaComputeExtraConfig' + deprecated_param_metadata: 'NovaComputeServerMetadata' + deprecated_param_scheduler_hints: 'NovaComputeSchedulerHints' + deprecated_param_ips: 'NovaComputeIPs' + deprecated_server_resource_name: 'NovaCompute' disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::AuditD @@ -222,6 +237,13 @@ - InternalApi - Storage - StorageMgmt + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_metadata: 'SwiftStorageServerMetadata' + deprecated_param_ips: 'SwiftStorageIPs' + deprecated_param_image: 'SwiftStorageImage' + deprecated_param_flavor: 'OvercloudSwiftStorageFlavor' disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::AuditD |