aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--common/deploy-steps-tasks.yaml (renamed from docker/deploy-steps-playbook.yaml)8
-rw-r--r--common/deploy-steps.j2 (renamed from docker/docker-steps.j2)50
-rw-r--r--common/major_upgrade_steps.j2.yaml (renamed from puppet/major_upgrade_steps.j2.yaml)0
-rw-r--r--common/post-upgrade.j2.yaml (renamed from docker/post-upgrade.j2.yaml)2
-rw-r--r--common/post.j2.yaml1
-rw-r--r--common/services.yaml11
-rw-r--r--docker/post.j2.yaml1
-rw-r--r--docker/services/aodh-api.yaml1
-rw-r--r--docker/services/ceilometer-agent-central.yaml2
-rw-r--r--docker/services/ceph-ansible/ceph-base.yaml52
-rw-r--r--docker/services/database/mongodb.yaml54
-rw-r--r--docker/services/gnocchi-api.yaml17
-rw-r--r--docker/services/heat-engine.yaml1
-rw-r--r--docker/services/neutron-api.yaml1
-rw-r--r--docker/services/nova-api.yaml27
-rw-r--r--docker/services/nova-placement.yaml17
-rw-r--r--docker/services/pacemaker/database/mysql.yaml41
-rw-r--r--docker/services/panko-api.yaml1
-rw-r--r--environments/docker-centos-tripleoupstream.yaml11
-rw-r--r--environments/docker-services-tls-everywhere.yaml3
-rw-r--r--environments/docker.yaml3
-rw-r--r--environments/ips-from-pool-all.yaml2
-rw-r--r--environments/major-upgrade-composable-steps-docker.yaml5
-rw-r--r--environments/major-upgrade-composable-steps.yaml2
-rw-r--r--environments/major-upgrade-converge-docker.yaml2
-rw-r--r--environments/major-upgrade-converge.yaml2
-rw-r--r--environments/network-isolation-v6.j2.yaml58
-rw-r--r--environments/network-isolation-v6.yaml57
-rw-r--r--environments/network-management-v6.yaml4
-rw-r--r--environments/network-management.yaml4
-rw-r--r--extraconfig/nova_metadata/krb-service-principals.j2.yaml (renamed from extraconfig/nova_metadata/krb-service-principals.yaml)44
-rw-r--r--extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml42
-rw-r--r--j2_excludes.yaml15
-rw-r--r--network/external.yaml69
-rw-r--r--network/internal_api.yaml65
-rw-r--r--network/internal_api_v6.yaml10
-rw-r--r--network/management.yaml70
-rw-r--r--network/network.network.j2.yaml6
-rw-r--r--network/ports/internal_api.yaml2
-rw-r--r--network/ports/internal_api_from_pool.yaml4
-rw-r--r--network/ports/internal_api_from_pool_v6.yaml4
-rw-r--r--network/ports/internal_api_v6.yaml2
-rw-r--r--network/ports/net_ip_list_map.yaml4
-rw-r--r--network/ports/net_ip_map.yaml4
-rw-r--r--network/ports/net_vip_map_external.j2.yaml40
-rw-r--r--network/ports/net_vip_map_external.yaml68
-rw-r--r--network/ports/net_vip_map_external_v6.j2.yaml45
-rw-r--r--network/ports/net_vip_map_external_v6.yaml88
-rw-r--r--network/ports/storage_mgmt.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool.yaml4
-rw-r--r--network/ports/storage_mgmt_from_pool_v6.yaml4
-rw-r--r--network/ports/storage_mgmt_v6.yaml2
-rw-r--r--network/service_net_map.j2.yaml4
-rw-r--r--network/storage.yaml65
-rw-r--r--network/storage_mgmt.yaml65
-rw-r--r--network/storage_mgmt_v6.yaml8
-rw-r--r--network/tenant.yaml65
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml8
-rw-r--r--overcloud.j2.yaml221
-rw-r--r--puppet/all-nodes-config.yaml4
-rw-r--r--puppet/blockstorage-role.yaml704
-rw-r--r--puppet/cephstorage-role.yaml718
-rw-r--r--puppet/compute-role.yaml744
-rw-r--r--puppet/controller-role.yaml781
-rw-r--r--puppet/objectstorage-role.yaml703
-rw-r--r--puppet/post-upgrade.j2.yaml30
-rw-r--r--puppet/post.j2.yaml31
-rw-r--r--puppet/puppet-steps.j2156
-rw-r--r--puppet/role.role.j2.yaml237
-rw-r--r--puppet/services/README.rst14
-rw-r--r--puppet/services/neutron-plugin-ml2.yaml7
-rw-r--r--puppet/services/pacemaker_remote.yaml13
-rw-r--r--puppet/services/tripleo-packages.yaml4
-rw-r--r--releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml9
-rw-r--r--releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml8
-rw-r--r--releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml5
-rw-r--r--releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml8
-rw-r--r--releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml9
-rw-r--r--releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml5
-rw-r--r--releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml8
-rw-r--r--releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml21
-rw-r--r--roles/Compute.yaml9
-rw-r--r--roles/Controller.yaml6
-rw-r--r--roles/ObjectStorage.yaml7
-rw-r--r--roles_data.yaml22
85 files changed, 927 insertions, 4806 deletions
diff --git a/docker/deploy-steps-playbook.yaml b/common/deploy-steps-tasks.yaml
index b884e0e7..998bbe0c 100644
--- a/docker/deploy-steps-playbook.yaml
+++ b/common/deploy-steps-tasks.yaml
@@ -1,6 +1,6 @@
-- hosts: localhost
- connection: local
- tasks:
+ # Note the indentation here is required as it's joined
+ # to create a playbook in deploy-steps.j2
+
#####################################################
# Per step puppet configuration of the baremetal host
#####################################################
@@ -27,7 +27,7 @@
shell: python /var/lib/docker-puppet/docker-puppet.py
environment:
NET_HOST: 'true'
- DEBUG: '{{docker_puppet_debug}}'
+ DEBUG: '{{docker_puppet_debug|default(false)}}'
when: step == "1"
changed_when: false
check_mode: no
diff --git a/docker/docker-steps.j2 b/common/deploy-steps.j2
index 05ff7945..b36bb97a 100644
--- a/docker/docker-steps.j2
+++ b/common/deploy-steps.j2
@@ -10,6 +10,7 @@
{%- set primary_role_name = primary_role[0].name -%}
# primary role is: {{primary_role_name}}
{% set deploy_steps_max = 6 -%}
+{% set update_steps_max = 6 -%}
heat_template_version: pike
@@ -72,7 +73,15 @@ resources:
- name: update_identifier
- name: bootstrap_server_id
- name: docker_puppet_debug
- config: {get_file: deploy-steps-playbook.yaml}
+ config:
+ str_replace:
+ template: |
+ - hosts: localhost
+ connection: local
+ tasks:
+ _TASKS
+ params:
+ _TASKS: {get_file: deploy-steps-tasks.yaml}
{%- for step in range(1, deploy_steps_max) %}
# BEGIN service_workflow_tasks handling
@@ -159,7 +168,7 @@ resources:
connection: local
vars:
puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]}
- docker_puppet_script: {get_file: docker-puppet.py}
+ docker_puppet_script: {get_file: ../docker/docker-puppet.py}
docker_puppet_tasks: {get_param: [role_data, {{role.name}}, docker_puppet_tasks]}
docker_startup_configs: {get_param: [role_data, {{role.name}}, docker_config]}
kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]}
@@ -235,7 +244,7 @@ resources:
{% for step in range(1, deploy_steps_max) %}
{{role.name}}Deployment_Step{{step}}:
- type: OS::Heat::StructuredDeploymentGroup
+ type: OS::TripleO::DeploymentSteps
depends_on:
- WorkflowTasks_Step{{step}}_Execution
# TODO(gfidente): the following if/else condition
@@ -294,3 +303,38 @@ resources:
{% endfor %}
+
+outputs:
+ RoleConfig:
+ description: Mapping of config data for all roles
+ value:
+ deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml}
+ deploy_steps_playbook: |
+ - hosts: overcloud
+ tasks:
+{%- for role in roles %}
+ - include: {{role.name}}/host_prep_tasks.yaml
+ when: role_name == '{{role.name}}'
+{%- endfor %}
+ - include: deploy_steps_tasks.yaml
+ with_sequence: count={{deploy_steps_max-1}}
+ loop_control:
+ loop_var: step
+ update_steps_tasks: |
+{%- for role in roles %}
+ - include: {{role.name}}/update_tasks.yaml
+ when: role_name == '{{role.name}}'
+{%- endfor %}
+ update_steps_playbook: |
+ - hosts: overcloud
+ serial: 1
+ tasks:
+ - include: update_steps_tasks.yaml
+ with_sequence: count={{update_steps_max-1}}
+ loop_control:
+ loop_var: step
+ - include: deploy_steps_tasks.yaml
+ with_sequence: count={{deploy_steps_max-1}}
+ loop_control:
+ loop_var: step
+
diff --git a/puppet/major_upgrade_steps.j2.yaml b/common/major_upgrade_steps.j2.yaml
index 11113eec..11113eec 100644
--- a/puppet/major_upgrade_steps.j2.yaml
+++ b/common/major_upgrade_steps.j2.yaml
diff --git a/docker/post-upgrade.j2.yaml b/common/post-upgrade.j2.yaml
index 4477f868..7cd6abdf 100644
--- a/docker/post-upgrade.j2.yaml
+++ b/common/post-upgrade.j2.yaml
@@ -1,4 +1,4 @@
# Note the include here is the same as post.j2.yaml but the data used at
# # the time of rendering is different if any roles disable upgrades
{% set roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
-{% include 'docker-steps.j2' %}
+{% include 'deploy-steps.j2' %}
diff --git a/common/post.j2.yaml b/common/post.j2.yaml
new file mode 100644
index 00000000..8a70dfa9
--- /dev/null
+++ b/common/post.j2.yaml
@@ -0,0 +1 @@
+{% include 'deploy-steps.j2' %}
diff --git a/common/services.yaml b/common/services.yaml
index 0bc3462f..a8186e43 100644
--- a/common/services.yaml
+++ b/common/services.yaml
@@ -193,6 +193,16 @@ resources:
expression: coalesce($.data, []).where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
+ UpdateTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ # Note we use distinct() here to filter any identical tasks, e.g yum update for all services
+ expression: coalesce($.data, []).where($ != null).select($.get('update_tasks')).where($ != null).flatten().distinct()
+ data: {get_attr: [ServiceChain, role_data]}
+
UpgradeBatchTasks:
type: OS::Heat::Value
properties:
@@ -253,6 +263,7 @@ outputs:
service_workflow_tasks: {get_attr: [ServiceWorkflowTasks, value]}
step_config: {get_attr: [PuppetStepConfig, value]}
upgrade_tasks: {get_attr: [UpgradeTasks, value]}
+ update_tasks: {get_attr: [UpdateTasks, value]}
upgrade_batch_tasks: {get_attr: [UpgradeBatchTasks, value]}
service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml
deleted file mode 100644
index fd956215..00000000
--- a/docker/post.j2.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{% include 'docker-steps.j2' %}
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index 8afb6d28..da4b981c 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -114,6 +114,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/aodh/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- /var/log/containers/aodh:/var/log/aodh
command: "/usr/bin/bootstrap_host_exec aodh_api su aodh -s /bin/bash -c /usr/bin/aodh-dbsync"
diff --git a/docker/services/ceilometer-agent-central.yaml b/docker/services/ceilometer-agent-central.yaml
index 6caffd15..424c316f 100644
--- a/docker/services/ceilometer-agent-central.yaml
+++ b/docker/services/ceilometer-agent-central.yaml
@@ -115,7 +115,7 @@ outputs:
command:
- '/usr/bin/bootstrap_host_exec'
- 'ceilometer_agent_central'
- - "su ceilometer -s /bin/bash -c '/usr/bin/ceilometer-upgrade --skip-metering-database'"
+ - "su ceilometer -s /bin/bash -c 'for n in {1..10}; do /usr/bin/ceilometer-upgrade --skip-metering-database && exit 0 || sleep 5; done; exit 1'"
upgrade_tasks:
- name: Stop and disable ceilometer agent central service
tags: step2
diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml
index 1468415e..52c4a65c 100644
--- a/docker/services/ceph-ansible/ceph-base.yaml
+++ b/docker/services/ceph-ansible/ceph-base.yaml
@@ -102,6 +102,33 @@ conditions:
data: {get_param: DockerCephDaemonImage}
expression: $.data.split('/')[0].matches('(\.|:)')
+resources:
+ DockerImageUrlParts:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ host:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*)/').split($location)[1]
+ data: {get_param: DockerCephDaemonImage}
+ - docker.io
+ image:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*)/').split($location)[2]
+ data: {get_param: DockerCephDaemonImage}
+ - yaql:
+ expression: $.data.rightSplit(':', 1)[0]
+ data: {get_param: DockerCephDaemonImage}
+ image_tag:
+ yaql:
+ expression: $.data.rightSplit(':', 1)[1]
+ data: {get_param: DockerCephDaemonImage}
+
outputs:
role_data:
description: Role data for the Ceph base service.
@@ -125,23 +152,12 @@ outputs:
ceph_common_ansible_vars:
fsid: { get_param: CephClusterFSID }
docker: true
- ceph_docker_registry:
- if:
- - custom_registry_host
- - yaql:
- expression: regex('(?:https?://)?(.*)/').split($.data)[1]
- data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
- - docker.io
- ceph_docker_image:
- if:
- - custom_registry_host
- - yaql:
- expression: regex('(?:https?://)?(.*)/').split($.data)[2]
- data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
- - {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
- ceph_docker_image_tag: {str_split: [':', {get_param: DockerCephDaemonImage}, 1]}
+ ceph_docker_registry: {get_attr: [DockerImageUrlParts, value, host]}
+ ceph_docker_image: {get_attr: [DockerImageUrlParts, value, image]}
+ ceph_docker_image_tag: {get_attr: [DockerImageUrlParts, value, image_tag]}
containerized_deployment: true
public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
+ monitor_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
user_config: true
ceph_stable: true
@@ -185,11 +201,7 @@ outputs:
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
GLANCE_POOL: {get_param: GlanceRbdPoolName}
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
- acls:
- - "u:glance:r--"
- - "u:nova:r--"
- - "u:cinder:r--"
- - "u:gnocchi:r--"
+ mode: "0644"
keys: *openstack_keys
pools: []
ceph_conf_overrides:
diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml
index 5ba79b31..9b5c5b8f 100644
--- a/docker/services/database/mongodb.yaml
+++ b/docker/services/database/mongodb.yaml
@@ -36,6 +36,18 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+ InternalTLSCAFile:
+ default: '/etc/ipa/ca.crt'
+ type: string
+ description: Specifies the default CA cert to use if TLS is used for
+ services in the internal network.
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -77,6 +89,10 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-tls/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/mongodb
owner: mongodb:mongodb
@@ -84,6 +100,8 @@ outputs:
- path: /var/log/mongodb
owner: mongodb:mongodb
recurse: true
+ - path: /etc/pki/tls/certs/mongodb.pem
+ owner: mongodb:mongodb
docker_config:
step_2:
mongodb:
@@ -91,11 +109,21 @@ outputs:
net: host
privileged: false
volumes: &mongodb_volumes
- - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro
- - /etc/localtime:/etc/localtime:ro
- - /var/log/containers/mongodb:/var/log/mongodb
- - /var/lib/mongodb:/var/lib/mongodb
+ list_concat:
+ - - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json
+ - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /var/log/containers/mongodb:/var/log/mongodb
+ - /var/lib/mongodb:/var/lib/mongodb
+ - if:
+ - internal_tls_enabled
+ - - list_join:
+ - ':'
+ - - {get_param: InternalTLSCAFile}
+ - {get_param: InternalTLSCAFile}
+ - 'ro'
+ - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro
+ - null
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
@@ -106,8 +134,18 @@ outputs:
step_config: 'include ::tripleo::profile::base::database::mongodb'
config_image: *mongodb_config_image
volumes:
- - /var/lib/mongodb:/var/lib/mongodb
- - /var/log/containers/mongodb:/var/log/mongodb
+ list_concat:
+ - - /var/lib/mongodb:/var/lib/mongodb
+ - /var/log/containers/mongodb:/var/log/mongodb
+ - if:
+ - internal_tls_enabled
+ - - list_join:
+ - ':'
+ - - {get_param: InternalTLSCAFile}
+ - {get_param: InternalTLSCAFile}
+ - 'ro'
+ - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro
+ - null
host_prep_tasks:
- name: create persistent directories
file:
@@ -116,6 +154,8 @@ outputs:
with_items:
- /var/log/containers/mongodb
- /var/lib/mongodb
+ metadata_settings:
+ get_attr: [MongodbPuppetBase, role_data, metadata_settings]
upgrade_tasks:
- name: Stop and disable mongodb service
tags: step2
diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml
index 41fe197b..1443da40 100644
--- a/docker/services/gnocchi-api.yaml
+++ b/docker/services/gnocchi-api.yaml
@@ -88,6 +88,10 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
@@ -101,7 +105,7 @@ outputs:
volumes:
- /var/log/containers/gnocchi:/var/log/gnocchi
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R gnocchi:gnocchi /var/log/gnocchi']
- step_3:
+ step_4:
gnocchi_db_sync:
image: *gnocchi_api_image
net: host
@@ -112,14 +116,16 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/gnocchi/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
+ - /etc/ceph:/etc/ceph:ro
command:
str_replace:
- template: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c /usr/bin/gnocchi-upgrade --sacks-number=SACK_NUM"
+ template: /usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c '/usr/bin/gnocchi-upgrade --sacks-number=SACK_NUM'
params:
SACK_NUM: {get_param: NumberOfStorageSacks}
- step_4:
+ step_5:
gnocchi_api:
image: *gnocchi_api_image
net: host
@@ -132,6 +138,7 @@ outputs:
- /var/lib/kolla/config_files/gnocchi_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
-
if:
- internal_tls_enabled
@@ -149,6 +156,10 @@ outputs:
file:
path: /var/log/containers/gnocchi
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable httpd service
tags: step2
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index a20dc131..fdba7d58 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -109,6 +109,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/heat/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- /var/log/containers/heat:/var/log/heat
command: "/usr/bin/bootstrap_host_exec heat_engine su heat -s /bin/bash -c 'heat-manage db_sync'"
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index b4fce226..85a07128 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -122,6 +122,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/neutron/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
- /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
- /var/log/containers/neutron:/var/log/neutron
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index da461049..be2c8a5e 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -36,6 +36,13 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -64,9 +71,6 @@ outputs:
map_merge:
- get_attr: [NovaApiBase, role_data, config_settings]
- apache::default_vhost: false
- nova_wsgi_enabled: false
- nova::api::service_name: '%{::nova::params::api_service_name}'
- nova::wsgi::apache_api::ssl: false
step_config: &step_config
list_join:
- "\n"
@@ -82,7 +86,7 @@ outputs:
config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_api.json:
- command: /usr/bin/nova-api
+ command: /usr/sbin/httpd -DFOREGROUND
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
@@ -112,7 +116,7 @@ outputs:
user: root
volumes:
- /var/log/containers/nova:/var/log/nova
- command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova']
+ command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R nova:nova /var/log/nova']
step_3:
nova_api_db_sync:
start_order: 0
@@ -124,6 +128,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- /var/log/containers/nova:/var/log/nova
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'"
@@ -163,7 +168,7 @@ outputs:
start_order: 2
image: *nova_api_image
net: host
- user: nova
+ user: root
privileged: true
restart: always
volumes:
@@ -173,6 +178,16 @@ outputs:
- /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
nova_api_cron:
diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index d784ace3..26d17560 100644
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -36,6 +36,13 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -104,6 +111,16 @@ outputs:
- /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_placement/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
metadata_settings:
diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml
index 3fb38349..8ba7d723 100644
--- a/docker/services/pacemaker/database/mysql.yaml
+++ b/docker/services/pacemaker/database/mysql.yaml
@@ -43,6 +43,14 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+ InternalTLSCAFile:
+ default: '/etc/ipa/ca.crt'
+ type: string
+ description: Specifies the default CA cert to use if TLS is used for
+ services in the internal network.
resources:
@@ -59,6 +67,10 @@ resources:
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
+
outputs:
role_data:
description: Containerized service MySQL using composable services.
@@ -79,6 +91,13 @@ outputs:
- 4567
- 4568
- 9200
+ -
+ if:
+ - internal_tls_enabled
+ -
+ tripleo::profile::pacemaker::database::mysql_bundle::ca_file:
+ get_param: InternalTLSCAFile
+ - {}
step_config: ""
# BEGIN DOCKER SETTINGS #
puppet_config:
@@ -103,6 +122,20 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-tls/*"
+ dest: "/"
+ merge: true
+ optional: true
+ preserve_properties: true
+ permissions:
+ - path: /etc/pki/tls/certs/mysql.crt
+ owner: mysql:mysql
+ perm: '0600'
+ optional: true
+ - path: /etc/pki/tls/private/mysql.key
+ owner: mysql:mysql
+ perm: '0600'
+ optional: true
docker_config:
step_1:
mysql_data_ownership:
@@ -195,6 +228,8 @@ outputs:
file:
path: /var/lib/mysql
state: directory
+ metadata_settings:
+ get_attr: [MysqlPuppetBase, role_data, metadata_settings]
upgrade_tasks:
- name: get bootstrap nodeid
tags: common
@@ -220,3 +255,9 @@ outputs:
- name: Disable mysql service
tags: step2
service: name=mariadb enabled=no
+ - name: Remove clustercheck service from xinetd
+ tags: step2
+ file: state=absent path=/etc/xinetd.d/galera-monitor
+ - name: Restart xinetd service after clustercheck removal
+ tags: step2
+ service: name=xinetd state=restarted
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index 01c17388..626d9176 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -116,6 +116,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/panko/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/panko/etc/panko:/etc/panko:ro
- /var/log/containers/panko:/var/log/panko
command: "/usr/bin/bootstrap_host_exec panko_api su panko -s /bin/bash -c '/usr/bin/panko-dbsync'"
diff --git a/environments/docker-centos-tripleoupstream.yaml b/environments/docker-centos-tripleoupstream.yaml
index 47f8e528..01a118e4 100644
--- a/environments/docker-centos-tripleoupstream.yaml
+++ b/environments/docker-centos-tripleoupstream.yaml
@@ -1,6 +1,6 @@
-# Generated with the following on 2017-07-12T11:40:50.219622
+# Generated with the following on 2017-08-11T04:58:59.567629
#
-# overcloud container image prepare --env-file environments/docker-centos-tripleoupstream.yaml
+# openstack overcloud container image prepare --env-file environments/docker-centos-tripleoupstream.yaml
#
parameter_defaults:
@@ -9,6 +9,7 @@ parameter_defaults:
DockerAodhEvaluatorImage: tripleoupstream/centos-binary-aodh-evaluator:latest
DockerAodhListenerImage: tripleoupstream/centos-binary-aodh-listener:latest
DockerAodhNotifierImage: tripleoupstream/centos-binary-aodh-notifier:latest
+ DockerBarbicanApiImage: tripleoupstream/centos-binary-barbican-api:latest
DockerCeilometerCentralImage: tripleoupstream/centos-binary-ceilometer-central:latest
DockerCeilometerComputeImage: tripleoupstream/centos-binary-ceilometer-compute:latest
DockerCeilometerConfigImage: tripleoupstream/centos-binary-ceilometer-central:latest
@@ -45,8 +46,8 @@ parameter_defaults:
DockerHeatEngineImage: tripleoupstream/centos-binary-heat-engine:latest
DockerHorizonConfigImage: tripleoupstream/centos-binary-horizon:latest
DockerHorizonImage: tripleoupstream/centos-binary-horizon:latest
- DockerIronicApiImage: tripleoupstream/centos-binary-ironic-api:latest
DockerIronicApiConfigImage: tripleoupstream/centos-binary-ironic-api:latest
+ DockerIronicApiImage: tripleoupstream/centos-binary-ironic-api:latest
DockerIronicConductorImage: tripleoupstream/centos-binary-ironic-conductor:latest
DockerIronicConfigImage: tripleoupstream/centos-binary-ironic-pxe:latest
DockerIronicInspectorConfigImage: tripleoupstream/centos-binary-ironic-inspector:latest
@@ -82,7 +83,7 @@ parameter_defaults:
DockerNovaComputeImage: tripleoupstream/centos-binary-nova-compute:latest
DockerNovaComputeIronicImage: tripleoupstream/centos-binary-nova-compute-ironic:latest
DockerNovaConductorImage: tripleoupstream/centos-binary-nova-conductor:latest
- DockerNovaConfigImage: tripleoupstream/centos-binary-nova-base:latest
+ DockerNovaConfigImage: tripleoupstream/centos-binary-nova-api:latest
DockerNovaConsoleauthImage: tripleoupstream/centos-binary-nova-consoleauth:latest
DockerNovaLibvirtConfigImage: tripleoupstream/centos-binary-nova-compute:latest
DockerNovaLibvirtImage: tripleoupstream/centos-binary-nova-libvirt:latest
@@ -100,8 +101,6 @@ parameter_defaults:
DockerOctaviaHealthManagerImage: tripleoupstream/centos-binary-octavia-health-manager:latest
DockerOctaviaHousekeepingImage: tripleoupstream/centos-binary-octavia-housekeeping:latest
DockerOctaviaWorkerImage: tripleoupstream/centos-binary-octavia-worker:latest
- DockerOpendaylightApiImage: tripleoupstream/centos-binary-opendaylight:latest
- DockerOpendaylightConfigImage: tripleoupstream/centos-binary-opendaylight:latest
DockerOpenvswitchImage: tripleoupstream/centos-binary-neutron-openvswitch-agent:latest
DockerPankoApiImage: tripleoupstream/centos-binary-panko-api:latest
DockerPankoConfigImage: tripleoupstream/centos-binary-panko-api:latest
diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml
index d4743326..49d02e6f 100644
--- a/environments/docker-services-tls-everywhere.yaml
+++ b/environments/docker-services-tls-everywhere.yaml
@@ -41,6 +41,3 @@ resource_registry:
OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml
OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml
OS::TripleO::Services::SwiftStorage: ../docker/services/swift-storage.yaml
-
- OS::TripleO::PostDeploySteps: ../docker/post.yaml
- OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
diff --git a/environments/docker.yaml b/environments/docker.yaml
index 336a0b3c..9b977f6e 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -61,6 +61,3 @@ resource_registry:
# OS::TripleO::Services::CinderScheduler: ../docker/services/cinder-scheduler.yaml
# OS::TripleO::Services::CinderBackup: ../docker/services/cinder-backup.yaml
# OS::TripleO::Services::CinderVolume: ../docker/services/cinder-volume.yaml
-
- OS::TripleO::PostDeploySteps: ../docker/post.yaml
- OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
diff --git a/environments/ips-from-pool-all.yaml b/environments/ips-from-pool-all.yaml
index 87563753..d4eccbcf 100644
--- a/environments/ips-from-pool-all.yaml
+++ b/environments/ips-from-pool-all.yaml
@@ -51,7 +51,7 @@ parameter_defaults:
- 172.16.0.251
#management:
#- 172.16.4.251
- NovaComputeIPs:
+ ComputeIPs:
# Each compute will get an IP from the lists below, first compute, first IP
internal_api:
- 172.16.2.252
diff --git a/environments/major-upgrade-composable-steps-docker.yaml b/environments/major-upgrade-composable-steps-docker.yaml
index 20340c78..888e2705 100644
--- a/environments/major-upgrade-composable-steps-docker.yaml
+++ b/environments/major-upgrade-composable-steps-docker.yaml
@@ -1,8 +1,5 @@
resource_registry:
- # FIXME(shardy) do we need to break major_upgrade_steps.yaml apart to
- # enable docker specific logic, or is just overridding PostUpgradeSteps
- # enough (as we want to share the ansible tasks steps etc)
- OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml
+ OS::TripleO::PostDeploySteps: ../common/major_upgrade_steps.yaml
parameter_defaults:
EnableConfigPurge: false
StackUpdateType: UPGRADE
diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml
index 5a695171..db83f906 100644
--- a/environments/major-upgrade-composable-steps.yaml
+++ b/environments/major-upgrade-composable-steps.yaml
@@ -1,5 +1,5 @@
resource_registry:
- OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml
+ OS::TripleO::PostDeploySteps: ../common/major_upgrade_steps.yaml
parameter_defaults:
EnableConfigPurge: true
StackUpdateType: UPGRADE
diff --git a/environments/major-upgrade-converge-docker.yaml b/environments/major-upgrade-converge-docker.yaml
index 163d1de4..668f8a94 100644
--- a/environments/major-upgrade-converge-docker.yaml
+++ b/environments/major-upgrade-converge-docker.yaml
@@ -1,7 +1,7 @@
# Use this to reset any mappings only used for upgrades after the
# update of all nodes is completed
resource_registry:
- OS::TripleO::PostDeploySteps: ../docker/post.yaml
+ OS::TripleO::PostDeploySteps: ../common/post.yaml
parameter_defaults:
EnableConfigPurge: false
StackUpdateType: ''
diff --git a/environments/major-upgrade-converge.yaml b/environments/major-upgrade-converge.yaml
index d222fb86..668f8a94 100644
--- a/environments/major-upgrade-converge.yaml
+++ b/environments/major-upgrade-converge.yaml
@@ -1,7 +1,7 @@
# Use this to reset any mappings only used for upgrades after the
# update of all nodes is completed
resource_registry:
- OS::TripleO::PostDeploySteps: ../puppet/post.yaml
+ OS::TripleO::PostDeploySteps: ../common/post.yaml
parameter_defaults:
EnableConfigPurge: false
StackUpdateType: ''
diff --git a/environments/network-isolation-v6.j2.yaml b/environments/network-isolation-v6.j2.yaml
new file mode 100644
index 00000000..bb27ee43
--- /dev/null
+++ b/environments/network-isolation-v6.j2.yaml
@@ -0,0 +1,58 @@
+{%- set primary_role = [roles[0]] -%}
+{%- for role in roles -%}
+ {%- if 'primary' in role.tags and 'controller' in role.tags -%}
+ {%- set _ = primary_role.pop() -%}
+ {%- set _ = primary_role.append(role) -%}
+ {%- endif -%}
+{%- endfor -%}
+{%- set primary_role_name = primary_role[0].name -%}
+# Enable the creation of Neutron networks for isolated Overcloud
+# traffic and configure each role to assign ports (related
+# to that role) on these networks.
+# primary role is: {{primary_role_name}}
+resource_registry:
+ # networks as defined in network_data.yaml
+ {%- for network in networks if network.enabled|default(true) %}
+ {%- if network.name != 'Tenant' %}
+ OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}_v6.yaml
+ {%- else %}
+ # IPv4 until OVS and Neutron support IPv6 tunnel endpoints
+ OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}.yaml
+ {%- endif %}
+ {%- endfor %}
+
+ # Port assignments for the VIPs
+ {%- for network in networks if network.vip and network.enabled|default(true) %}
+ OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml
+ {%- endfor %}
+
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml
+
+{%- for role in roles %}
+ # Port assignments for the {{role.name}}
+ {%- for network in networks %}
+ {%- if network.name in role.networks|default([]) and network.enabled|default(true) and network.name != 'Tenant' %}
+ OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml
+ {%- elif network.name in role.networks|default([]) and network.enabled|default(true) and network.name == 'Tenant' %}
+ # IPv4 until OVS and Neutron support IPv6 tunnel endpoints
+ OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}.yaml
+ {%- else %}
+ OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/noop.yaml
+ {%- endif %}
+ {%- endfor %}
+{%- endfor %}
+
+
+parameter_defaults:
+ # Enable IPv6 for Ceph.
+ CephIPv6: True
+ # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster.
+ CorosyncIPv6: True
+ # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP.
+ MongoDbIPv6: True
+ # Enable various IPv6 features in Nova.
+ NovaIPv6: True
+ # Enable IPv6 environment for RabbitMQ.
+ RabbitIPv6: True
+ # Enable IPv6 environment for Memcached.
+ MemcachedIPv6: True
diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml
deleted file mode 100644
index 11ca5b31..00000000
--- a/environments/network-isolation-v6.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-# Enable the creation of IPv6 Neutron networks for isolated Overcloud
-# traffic and configure each role to assign ports (related
-# to that role) on these networks.
-resource_registry:
- OS::TripleO::Network::External: ../network/external_v6.yaml
- OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml
- OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml
- OS::TripleO::Network::Storage: ../network/storage_v6.yaml
- # IPv4 until OVS and Neutron support IPv6 tunnel endpoints
- OS::TripleO::Network::Tenant: ../network/tenant.yaml
-
- # Port assignments for the VIPs
- OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml
- OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml
- OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml
- OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml
- OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml
-
- # Port assignments for the controller role
- OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml
- OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml
- OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml
- OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml
- OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml
-
- # Port assignments for the compute role
- OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml
- OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml
- OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml
-
- # Port assignments for the ceph storage role
- OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml
- OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml
-
- # Port assignments for the swift storage role
- OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml
- OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml
- OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml
-
- # Port assignments for the block storage role
- OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml
- OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml
- OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml
-
-parameter_defaults:
- # Enable IPv6 for Ceph.
- CephIPv6: True
- # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster.
- CorosyncIPv6: True
- # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP.
- MongoDbIPv6: True
- # Enable various IPv6 features in Nova.
- NovaIPv6: True
- # Enable IPv6 environment for RabbitMQ.
- RabbitIPv6: true
- # Enable IPv6 environment for Memcached.
- MemcachedIPv6: true
diff --git a/environments/network-management-v6.yaml b/environments/network-management-v6.yaml
index 812e84f3..59056217 100644
--- a/environments/network-management-v6.yaml
+++ b/environments/network-management-v6.yaml
@@ -1,3 +1,7 @@
+# ******************************************************************************
+# DEPRECATED: Use tripleo-heat-templates/environments/network-isolation-v6.yaml
+# and define the needed networks in your custom role file.
+# ******************************************************************************
# Enable the creation of an IPv6 system management network. This
# creates a Neutron network for isolated Overcloud
# system management traffic and configures each role to
diff --git a/environments/network-management.yaml b/environments/network-management.yaml
index 041617be..5f50bb15 100644
--- a/environments/network-management.yaml
+++ b/environments/network-management.yaml
@@ -1,3 +1,7 @@
+# ***************************************************************************
+# DEPRECATED: Use tripleo-heat-templates/environments/network-isolation.yaml
+# and define the needed networks in your custom role file.
+# ***************************************************************************
# Enable the creation of a system management network. This
# creates a Neutron network for isolated Overcloud
# system management traffic and configures each role to
diff --git a/extraconfig/nova_metadata/krb-service-principals.yaml b/extraconfig/nova_metadata/krb-service-principals.j2.yaml
index cdd4341a..b18dba66 100644
--- a/extraconfig/nova_metadata/krb-service-principals.yaml
+++ b/extraconfig/nova_metadata/krb-service-principals.j2.yaml
@@ -5,30 +5,38 @@ parameters:
RoleData:
type: json
description: the list containing the 'role_data' output for the ServiceChain
-
- # Coming from parameter_defaults
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
+ # Special case the External hostname param, which is CloudName
CloudName:
default: overcloud.localdomain
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
+{%- elif network.name == 'InternalApi' %}
+ # Special case the Internal API hostname param, which is CloudNameInternal
CloudNameInternal:
- default: overcloud.internalapi.localdomain
+ default: overcloud.{{network.name.lower()}}.localdomain
description: >
- The DNS name of this cloud's internal API endpoint. E.g.
- 'ci-overcloud.internalapi.tripleo.org'.
+ The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
+ 'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
- CloudNameStorage:
- default: overcloud.storage.localdomain
+{%- elif network.name == 'StorageMgmt' %}
+ # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
+ CloudNameStorageManagement:
+ default: overcloud.{{network.name.lower()}}.localdomain
description: >
- The DNS name of this cloud's storage endpoint. E.g.
- 'ci-overcloud.storage.tripleo.org'.
+ The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
+ 'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
- CloudNameStorageManagement:
- default: overcloud.storagemgmt.localdomain
+{%- else %}
+ CloudName{{network.name}}:
+ default: overcloud.{{network.name.lower()}}.localdomain
description: >
- The DNS name of this cloud's storage management endpoint. E.g.
- 'ci-overcloud.storagemgmt.tripleo.org'.
+ The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
+ 'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
+{%- endif %}
+{%- endfor %}
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
@@ -61,10 +69,17 @@ resources:
data:
metadata: {get_attr: [IncomingMetadataSettings, value]}
fqdns:
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
external: {get_param: CloudName}
+{%- elif network.name == 'InternalApi' %}
internal_api: {get_param: CloudNameInternal}
- storage: {get_param: CloudNameStorage}
+{%- elif network.name == 'StorageMgmt' %}
storage_mgmt: {get_param: CloudNameStorageManagement}
+{%- else %}
+ {{network.name_lower}}: {get_param: CloudName{{network.name}}}
+{%- endif %}
+{%- endfor %}
ctlplane: {get_param: CloudNameCtlplane}
CompactServices:
@@ -82,3 +97,4 @@ outputs:
map_merge:
- {get_attr: [IndividualServices, value]}
- compact_services: {get_attr: [CompactServices, value]}
+
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
index fb0d1699..b9fd08b4 100644
--- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
@@ -59,22 +59,31 @@ parameters:
description: |
When enabled, the system will perform a yum update after performing the
RHEL Registration process.
- deployment_actions:
- default: ['CREATE', 'UPDATE']
- type: comma_delimited_list
- description: >
- List of stack actions that will trigger any deployments in this
- templates. The actions will be an empty list of the server is in the
- toplevel DeploymentServerBlacklist parameter's value.
+ DeleteOnRHELUnregistration:
+ type: boolean
+ default: false
+ description: |
+ When true, the system profile will be deleted from the registration
+ service when the rhel-registration.yaml nested stack is deleted.
conditions:
- deployment_actions_empty:
+ unregister_on_delete:
equals:
- - {get_param: deployment_actions}
- - []
+ - {get_param: DeleteOnRHELUnregistration}
+ - true
+ update_requested:
+ equals:
+ - {get_param: UpdateOnRHELRegistration}
+ - true
resources:
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ yaql
+
RHELRegistration:
type: OS::Heat::SoftwareConfig
properties:
@@ -151,9 +160,9 @@ resources:
config: {get_resource: RHELUnregistration}
actions:
if:
- - deployment_actions_empty
+ - unregister_on_delete
+ - ['DELETE']
- []
- - ['DELETE'] # Only do this on DELETE
input_values:
REG_METHOD: {get_param: rhel_reg_method}
@@ -180,17 +189,12 @@ resources:
UpdateDeploymentAfterRHELRegistration:
type: OS::Heat::SoftwareDeployment
depends_on: RHELRegistrationDeployment
- conditions:
- update_requested: {get_param: UpdateOnRHELRegistration}
+ condition: update_requested
properties:
name: UpdateDeploymentAfterRHELRegistration
config: {get_resource: YumUpdateConfigurationAfterRHELRegistration}
server: {get_param: server}
- actions:
- if:
- - deployment_actions_empty
- - []
- - ['CREATE'] # Only do this on CREATE
+ actions: ['CREATE'] # Only do this on CREATE
outputs:
deploy_stdout:
diff --git a/j2_excludes.yaml b/j2_excludes.yaml
index 356068fc..5bdb0af9 100644
--- a/j2_excludes.yaml
+++ b/j2_excludes.yaml
@@ -1,19 +1,10 @@
# This template specifies which j2 rendered templates
# should be excluded in the render process from
# tripleo-common/tripleo_common/actions/templates.py
-
+# E.g:
+# name:
+# - puppet/cephstorage-role.yaml
name:
- - puppet/controller-role.yaml
- - puppet/compute-role.yaml
- - puppet/blockstorage-role.yaml
- - puppet/objectstorage-role.yaml
- - puppet/cephstorage-role.yaml
- - network/internal_api.yaml
- - network/external.yaml
- - network/storage.yaml
- - network/storage_mgmt.yaml
- - network/tenant.yaml
- - network/management.yaml
- network/internal_api_v6.yaml
- network/external_v6.yaml
- network/storage_v6.yaml
diff --git a/network/external.yaml b/network/external.yaml
deleted file mode 100644
index 708d4635..00000000
--- a/network/external.yaml
+++ /dev/null
@@ -1,69 +0,0 @@
-heat_template_version: pike
-
-description: >
- External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
-
-parameters:
- # the defaults here work for static IP assignment (IPAM) only
- ExternalNetCidr:
- default: '10.0.0.0/24'
- description: Cidr for the external network.
- type: string
- ExternalNetValueSpecs:
- default: {'provider:physical_network': 'external', 'provider:network_type': 'flat'}
- description: Value specs for the external network.
- type: json
- ExternalNetAdminStateUp:
- default: false
- description: The admin state of the network.
- type: boolean
- ExternalNetEnableDHCP:
- default: false
- description: Whether to enable DHCP on the associated subnet.
- type: boolean
- ExternalNetShared:
- default: false
- description: Whether this network is shared across all tenants.
- type: boolean
- ExternalNetName:
- default: external
- description: The name of the external network.
- type: string
- ExternalSubnetName:
- default: external_subnet
- description: The name of the external subnet in Neutron.
- type: string
- ExternalAllocationPools:
- default: [{'start': '10.0.0.4', 'end': '10.0.0.250'}]
- description: Ip allocation pool range for the external network.
- type: json
- ExternalInterfaceDefaultRoute:
- default: '10.0.0.1'
- description: default route for the external network
- type: string
-
-resources:
- ExternalNetwork:
- type: OS::Neutron::Net
- properties:
- admin_state_up: {get_param: ExternalNetAdminStateUp}
- name: {get_param: ExternalNetName}
- shared: {get_param: ExternalNetShared}
- value_specs: {get_param: ExternalNetValueSpecs}
-
- ExternalSubnet:
- type: OS::Neutron::Subnet
- properties:
- cidr: {get_param: ExternalNetCidr}
- enable_dhcp: {get_param: ExternalNetEnableDHCP}
- name: {get_param: ExternalSubnetName}
- network: {get_resource: ExternalNetwork}
- allocation_pools: {get_param: ExternalAllocationPools}
- gateway_ip: {get_param: ExternalInterfaceDefaultRoute}
-
-outputs:
- OS::stack_id:
- description: Neutron external network
- value: {get_resource: ExternalNetwork}
- subnet_cidr:
- value: {get_attr: [ExternalSubnet, cidr]}
diff --git a/network/internal_api.yaml b/network/internal_api.yaml
deleted file mode 100644
index 6e1885a9..00000000
--- a/network/internal_api.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: pike
-
-description: >
- Internal API network. Used for most APIs, Database, RPC.
-
-parameters:
- # the defaults here work for static IP assignment (IPAM) only
- InternalApiNetCidr:
- default: '172.16.2.0/24'
- description: Cidr for the internal API network.
- type: string
- InternalApiNetValueSpecs:
- default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'}
- description: Value specs for the internal API network.
- type: json
- InternalApiNetAdminStateUp:
- default: false
- description: The admin state of the network.
- type: boolean
- InternalApiNetEnableDHCP:
- default: false
- description: Whether to enable DHCP on the associated subnet.
- type: boolean
- InternalApiNetShared:
- default: false
- description: Whether this network is shared across all tenants.
- type: boolean
- InternalApiNetName:
- default: internal_api
- description: The name of the internal API network.
- type: string
- InternalApiSubnetName:
- default: internal_api_subnet
- description: The name of the internal API subnet in Neutron.
- type: string
- InternalApiAllocationPools:
- default: [{'start': '172.16.2.4', 'end': '172.16.2.250'}]
- description: Ip allocation pool range for the internal API network.
- type: json
-
-resources:
- InternalApiNetwork:
- type: OS::Neutron::Net
- properties:
- admin_state_up: {get_param: InternalApiNetAdminStateUp}
- name: {get_param: InternalApiNetName}
- shared: {get_param: InternalApiNetShared}
- value_specs: {get_param: InternalApiNetValueSpecs}
-
- InternalApiSubnet:
- type: OS::Neutron::Subnet
- properties:
- cidr: {get_param: InternalApiNetCidr}
- enable_dhcp: {get_param: InternalApiNetEnableDHCP}
- name: {get_param: InternalApiSubnetName}
- network: {get_resource: InternalApiNetwork}
- allocation_pools: {get_param: InternalApiAllocationPools}
- gateway_ip: null
-
-outputs:
- OS::stack_id:
- description: Neutron internal network
- value: {get_resource: InternalApiNetwork}
- subnet_cidr:
- value: {get_attr: [InternalApiSubnet, cidr]}
diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml
index 7264b1c0..6a0912e2 100644
--- a/network/internal_api_v6.yaml
+++ b/network/internal_api_v6.yaml
@@ -8,11 +8,11 @@ parameters:
InternalApiNetCidr:
# OpenStack uses the EUI-64 address format, which requires a /64 prefix
default: 'fd00:fd00:fd00:2000::/64'
- description: Cidr for the internal API network.
+ description: Cidr for the internal_api network.
type: string
InternalApiNetValueSpecs:
default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'}
- description: Value specs for the internal API network.
+ description: Value specs for the internal_api network.
type: json
InternalApiNetAdminStateUp:
default: false
@@ -24,15 +24,15 @@ parameters:
type: boolean
InternalApiNetName:
default: internal_api
- description: The name of the internal API network.
+ description: The name of the internal_api network.
type: string
InternalApiSubnetName:
default: internal_api_subnet
- description: The name of the internal API subnet in Neutron.
+ description: The name of the internal_api subnet in Neutron.
type: string
InternalApiAllocationPools:
default: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}]
- description: Ip allocation pool range for the internal API network.
+ description: Ip allocation pool range for the internal_api network.
type: json
IPv6AddressMode:
default: dhcpv6-stateful
diff --git a/network/management.yaml b/network/management.yaml
deleted file mode 100644
index be197e5c..00000000
--- a/network/management.yaml
+++ /dev/null
@@ -1,70 +0,0 @@
-heat_template_version: pike
-
-description: >
- Management network. System administration, SSH, DNS, NTP, etc. This network
- would usually be the default gateway for the non-controller nodes.
-
-parameters:
- # the defaults here work for static IP assignment (IPAM) only
- ManagementNetCidr:
- default: '10.0.1.0/24'
- description: Cidr for the management network.
- type: string
- ManagementNetValueSpecs:
- default: {'provider:physical_network': 'management', 'provider:network_type': 'flat'}
- description: Value specs for the management network.
- type: json
- ManagementNetAdminStateUp:
- default: false
- description: The admin state of the network.
- type: boolean
- ManagementNetEnableDHCP:
- default: false
- description: Whether to enable DHCP on the associated subnet.
- type: boolean
- ManagementNetShared:
- default: false
- description: Whether this network is shared across all tenants.
- type: boolean
- ManagementNetName:
- default: management
- description: The name of the management network.
- type: string
- ManagementSubnetName:
- default: management_subnet
- description: The name of the management subnet in Neutron.
- type: string
- ManagementAllocationPools:
- default: [{'start': '10.0.1.4', 'end': '10.0.1.250'}]
- description: Ip allocation pool range for the management network.
- type: json
- ManagementInterfaceDefaultRoute:
- default: unset
- description: The default route of the management network.
- type: string
-
-resources:
- ManagementNetwork:
- type: OS::Neutron::Net
- properties:
- admin_state_up: {get_param: ManagementNetAdminStateUp}
- name: {get_param: ManagementNetName}
- shared: {get_param: ManagementNetShared}
- value_specs: {get_param: ManagementNetValueSpecs}
-
- ManagementSubnet:
- type: OS::Neutron::Subnet
- properties:
- cidr: {get_param: ManagementNetCidr}
- enable_dhcp: {get_param: ManagementNetEnableDHCP}
- name: {get_param: ManagementSubnetName}
- network: {get_resource: ManagementNetwork}
- allocation_pools: {get_param: ManagementAllocationPools}
- gateway_ip: {get_param: ManagementInterfaceDefaultRoute}
-
-outputs:
- OS::stack_id:
- description: Neutron management network
- value: {get_resource: ManagementNetwork}
- subnet_cidr:
- value: {get_attr: [ManagementSubnet, cidr]}
diff --git a/network/network.network.j2.yaml b/network/network.network.j2.yaml
index ccf437bb..29d58cd5 100644
--- a/network/network.network.j2.yaml
+++ b/network/network.network.j2.yaml
@@ -15,7 +15,7 @@ parameters:
type: json
{{network.name}}NetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
{{network.name}}NetEnableDHCP:
default: false
@@ -27,7 +27,7 @@ parameters:
type: boolean
{{network.name}}NetName:
default: {{network.name_lower}}
- description: The name of the {{network.name_lower}} network.
+ description: The name of the {{network.name_lower}} network.
type: string
{{network.name}}SubnetName:
default: {{network.name_lower}}_subnet
@@ -38,7 +38,7 @@ parameters:
description: Ip allocation pool range for the {{network.name_lower}} network.
type: json
{{network.name}}InterfaceDefaultRoute:
- default: {{network.gateway_ip|default("not_defined")}}
+ default: {{network.gateway_ip|default('""')}}
description: default route for the {{network.name_lower}} network
type: string
{%- if network.vlan %}
diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml
index e9eb7875..94006437 100644
--- a/network/ports/internal_api.yaml
+++ b/network/ports/internal_api.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
InternalApiNetName:
- description: The name of the internal API network.
+ description: The name of the internal_api network.
default: internal_api
type: string
PortName:
diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml
index 31c72daf..6eeca142 100644
--- a/network/ports/internal_api_from_pool.yaml
+++ b/network/ports/internal_api_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
InternalApiNetName:
- description: The name of the internal API network.
+ description: The name of the internal_api network.
default: internal_api
type: string
PortName:
@@ -26,7 +26,7 @@ parameters:
type: number
InternalApiNetCidr:
default: '172.16.2.0/24'
- description: Cidr for the internal API network.
+ description: Cidr for the internal_api network.
type: string
outputs:
diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml
index 657310ed..589d72a8 100644
--- a/network/ports/internal_api_from_pool_v6.yaml
+++ b/network/ports/internal_api_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
InternalApiNetName:
- description: The name of the internal API network.
+ description: The name of the internal_api network.
default: internal_api
type: string
PortName:
@@ -27,7 +27,7 @@ parameters:
type: number
InternalApiNetCidr:
default: 'fd00:fd00:fd00:2000::/64'
- description: Cidr for the internal API network.
+ description: Cidr for the internal_api network.
type: string
outputs:
diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml
index 6a9e7083..36a3ad07 100644
--- a/network/ports/internal_api_v6.yaml
+++ b/network/ports/internal_api_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
InternalApiNetName:
- description: The name of the internal API network.
+ description: The name of the internal_api network.
default: internal_api
type: string
PortName:
diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml
index a9111ed9..6d7b7c16 100644
--- a/network/ports/net_ip_list_map.yaml
+++ b/network/ports/net_ip_list_map.yaml
@@ -37,7 +37,7 @@ parameters:
InternalApiNetName:
default: internal_api
- description: The name of the internal API network.
+ description: The name of the internal_api network.
type: string
ExternalNetName:
default: external
@@ -53,7 +53,7 @@ parameters:
type: string
StorageMgmtNetName:
default: storage_mgmt
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
type: string
TenantNetName:
default: tenant
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index ce58e96f..1b0e7589 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -77,7 +77,7 @@ parameters:
InternalApiNetName:
default: internal_api
- description: The name of the internal API network.
+ description: The name of the internal_api network.
type: string
ExternalNetName:
default: external
@@ -93,7 +93,7 @@ parameters:
type: string
StorageMgmtNetName:
default: storage_mgmt
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
type: string
TenantNetName:
default: tenant
diff --git a/network/ports/net_vip_map_external.j2.yaml b/network/ports/net_vip_map_external.j2.yaml
new file mode 100644
index 00000000..b17f48b5
--- /dev/null
+++ b/network/ports/net_vip_map_external.j2.yaml
@@ -0,0 +1,40 @@
+heat_template_version: pike
+
+parameters:
+ # Set these via parameter defaults to configure external VIPs
+ ControlPlaneIP:
+ default: ''
+ type: string
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name}}NetworkVip:
+ default: ''
+ type: string
+{%- endfor %}
+ # The following are unused in this template
+ ControlPlaneIp:
+ default: ''
+ type: string
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name}}Ip:
+ default: ''
+ type: string
+ {{network.name}}IpUri:
+ default: ''
+ type: string
+ description: IP address with brackets in case of IPv6
+{%- endfor %}
+
+outputs:
+ net_ip_map:
+ description: >
+ A Hash containing a mapping of network names to assigned IPs
+ for a specific machine.
+ value:
+ ctlplane: {get_param: ControlPlaneIP}
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name_lower}}: {get_param: {{network.name}}NetworkVip}
+{%- endfor %}
+ ctlplane_uri: {get_param: ControlPlaneIP}
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name_lower}}_uri: {get_param: {{network.name}}NetworkVip}
+{%- endfor %}
diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml
deleted file mode 100644
index d0847882..00000000
--- a/network/ports/net_vip_map_external.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-heat_template_version: pike
-
-parameters:
- # Set these via parameter defaults to configure external VIPs
- ControlPlaneIP:
- default: ''
- type: string
- ExternalNetworkVip:
- default: ''
- type: string
- InternalApiNetworkVip:
- default: ''
- type: string
- StorageNetworkVip:
- default: ''
- type: string
- StorageMgmtNetworkVip:
- default: ''
- type: string
- # The following are unused in this template
- ControlPlaneIp:
- default: ''
- type: string
- ExternalIp:
- default: ''
- type: string
- ExternalIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
- InternalApiIp:
- default: ''
- type: string
- InternalApiIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
- StorageIp:
- default: ''
- type: string
- StorageIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
- StorageMgmtIp:
- default: ''
- type: string
- StorageMgmtIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
-
-outputs:
- net_ip_map:
- description: >
- A Hash containing a mapping of network names to assigned IPs
- for a specific machine.
- value:
- ctlplane: {get_param: ControlPlaneIP}
- external: {get_param: ExternalNetworkVip}
- internal_api: {get_param: InternalApiNetworkVip}
- storage: {get_param: StorageNetworkVip}
- storage_mgmt: {get_param: StorageMgmtNetworkVip}
- ctlplane_uri: {get_param: ControlPlaneIP}
- external_uri: {get_param: ExternalNetworkVip}
- internal_api_uri: {get_param: InternalApiNetworkVip}
- storage_uri: {get_param: StorageNetworkVip}
- storage_mgmt_uri: {get_param: StorageMgmtNetworkVip}
diff --git a/network/ports/net_vip_map_external_v6.j2.yaml b/network/ports/net_vip_map_external_v6.j2.yaml
new file mode 100644
index 00000000..5eff73c1
--- /dev/null
+++ b/network/ports/net_vip_map_external_v6.j2.yaml
@@ -0,0 +1,45 @@
+heat_template_version: pike
+
+parameters:
+ # Set these via parameter defaults to configure external VIPs
+ ControlPlaneIP:
+ default: ''
+ type: string
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name}}NetworkVip:
+ default: ''
+ type: string
+{%- endfor %}
+ # The following are unused in this template
+ ControlPlaneIp:
+ default: ''
+ type: string
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name}}Ip:
+ default: ''
+ type: string
+ {{network.name}}IpUri:
+ default: ''
+ type: string
+ description: IP address with brackets in case of IPv6
+{%- endfor %}
+
+outputs:
+ net_ip_map:
+ description: >
+ A Hash containing a mapping of network names to assigned IPs
+ for a specific machine.
+ value:
+ ctlplane: {get_param: ControlPlaneIP}
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name_lower}}: {get_param: {{network.name}}NetworkVip}
+{%- endfor %}
+ ctlplane_uri: {get_param: ControlPlaneIP}
+{%- for network in networks if network.vip|default(false) %}
+ {{network.name_lower}}_uri:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: {{network.name}}NetworkVip}
+ - ']'
+{%- endfor %}
diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml
deleted file mode 100644
index 72e60cb2..00000000
--- a/network/ports/net_vip_map_external_v6.yaml
+++ /dev/null
@@ -1,88 +0,0 @@
-heat_template_version: pike
-
-parameters:
- # Set these via parameter defaults to configure external VIPs
- ControlPlaneIP:
- default: ''
- type: string
- ExternalNetworkVip:
- default: ''
- type: string
- InternalApiNetworkVip:
- default: ''
- type: string
- StorageNetworkVip:
- default: ''
- type: string
- StorageMgmtNetworkVip:
- default: ''
- type: string
- # The following are unused in this template
- ControlPlaneIp:
- default: ''
- type: string
- ExternalIp:
- default: ''
- type: string
- ExternalIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
- InternalApiIp:
- default: ''
- type: string
- InternalApiIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
- StorageIp:
- default: ''
- type: string
- StorageIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
- StorageMgmtIp:
- default: ''
- type: string
- StorageMgmtIpUri:
- default: ''
- type: string
- description: IP address with brackets in case of IPv6
-
-outputs:
- net_ip_map:
- description: >
- A Hash containing a mapping of network names to assigned IPs
- for a specific machine.
- value:
- ctlplane: {get_param: ControlPlaneIP}
- external: {get_param: ExternalNetworkVip}
- internal_api: {get_param: InternalApiNetworkVip}
- storage: {get_param: StorageNetworkVip}
- storage_mgmt: {get_param: StorageMgmtNetworkVip}
- ctlplane_uri: {get_param: ControlPlaneIP}
- external_uri:
- list_join:
- - ''
- - - '['
- - {get_param: ExternalNetworkVip}
- - ']'
- internal_api_uri:
- list_join:
- - ''
- - - '['
- - {get_param: InternalApiNetworkVip}
- - ']'
- storage_uri:
- list_join:
- - ''
- - - '['
- - {get_param: StorageNetworkVip}
- - ']'
- storage_mgmt_uri:
- list_join:
- - ''
- - - '['
- - {get_param: StorageMgmtNetworkVip}
- - ']'
diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml
index c06c58ef..0940b849 100644
--- a/network/ports/storage_mgmt.yaml
+++ b/network/ports/storage_mgmt.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
default: storage_mgmt
type: string
PortName:
diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml
index 07308a70..7efbc5ee 100644
--- a/network/ports/storage_mgmt_from_pool.yaml
+++ b/network/ports/storage_mgmt_from_pool.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
default: storage_mgmt
type: string
PortName:
@@ -26,7 +26,7 @@ parameters:
type: number
StorageMgmtNetCidr:
default: '172.16.3.0/24'
- description: Cidr for the storage management network.
+ description: Cidr for the storage_mgmt network.
type: string
outputs:
diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml
index 1b30f0ce..07998aba 100644
--- a/network/ports/storage_mgmt_from_pool_v6.yaml
+++ b/network/ports/storage_mgmt_from_pool_v6.yaml
@@ -6,7 +6,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
default: storage_mgmt
type: string
PortName:
@@ -27,7 +27,7 @@ parameters:
type: number
StorageMgmtNetCidr:
default: 'fd00:fd00:fd00:4000::/64'
- description: Cidr for the storage management network.
+ description: Cidr for the storage_mgmt network.
type: string
outputs:
diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml
index c10b1393..399590c1 100644
--- a/network/ports/storage_mgmt_v6.yaml
+++ b/network/ports/storage_mgmt_v6.yaml
@@ -5,7 +5,7 @@ description: >
parameters:
StorageMgmtNetName:
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
default: storage_mgmt
type: string
PortName:
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index ba8e5568..54646c38 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -106,7 +106,7 @@ parameters:
InternalApiNetName:
default: internal_api
- description: The name of the internal API network.
+ description: The name of the internal_api network.
type: string
ExternalNetName:
default: external
@@ -122,7 +122,7 @@ parameters:
type: string
StorageMgmtNetName:
default: storage_mgmt
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
type: string
TenantNetName:
default: tenant
diff --git a/network/storage.yaml b/network/storage.yaml
deleted file mode 100644
index 9729044d..00000000
--- a/network/storage.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: pike
-
-description: >
- Storage network.
-
-parameters:
- # the defaults here work for static IP assignment (IPAM) only
- StorageNetCidr:
- default: '172.16.1.0/24'
- description: Cidr for the storage network.
- type: string
- StorageNetValueSpecs:
- default: {'provider:physical_network': 'storage', 'provider:network_type': 'flat'}
- description: Value specs for the storage network.
- type: json
- StorageNetAdminStateUp:
- default: false
- description: The admin state of the network.
- type: boolean
- StorageNetEnableDHCP:
- default: false
- description: Whether to enable DHCP on the associated subnet.
- type: boolean
- StorageNetShared:
- default: false
- description: Whether this network is shared across all tenants.
- type: boolean
- StorageNetName:
- default: storage
- description: The name of the storage network.
- type: string
- StorageSubnetName:
- default: storage_subnet
- description: The name of the storage subnet in Neutron.
- type: string
- StorageAllocationPools:
- default: [{'start': '172.16.1.4', 'end': '172.16.1.250'}]
- description: Ip allocation pool range for the storage network.
- type: json
-
-resources:
- StorageNetwork:
- type: OS::Neutron::Net
- properties:
- admin_state_up: {get_param: StorageNetAdminStateUp}
- name: {get_param: StorageNetName}
- shared: {get_param: StorageNetShared}
- value_specs: {get_param: StorageNetValueSpecs}
-
- StorageSubnet:
- type: OS::Neutron::Subnet
- properties:
- cidr: {get_param: StorageNetCidr}
- enable_dhcp: {get_param: StorageNetEnableDHCP}
- name: {get_param: StorageSubnetName}
- network: {get_resource: StorageNetwork}
- allocation_pools: {get_param: StorageAllocationPools}
- gateway_ip: null
-
-outputs:
- OS::stack_id:
- description: Neutron storage network
- value: {get_resource: StorageNetwork}
- subnet_cidr:
- value: {get_attr: [StorageSubnet, cidr]}
diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml
deleted file mode 100644
index fc005573..00000000
--- a/network/storage_mgmt.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: pike
-
-description: >
- Storage management network. Storage replication, etc.
-
-parameters:
- # the defaults here work for static IP assignment (IPAM) only
- StorageMgmtNetCidr:
- default: '172.16.3.0/24'
- description: Cidr for the storage management network.
- type: string
- StorageMgmtNetValueSpecs:
- default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'}
- description: Value specs for the storage_mgmt network.
- type: json
- StorageMgmtNetAdminStateUp:
- default: false
- description: The admin state of the network.
- type: boolean
- StorageMgmtNetEnableDHCP:
- default: false
- description: Whether to enable DHCP on the associated subnet.
- type: boolean
- StorageMgmtNetShared:
- default: false
- description: Whether this network is shared across all tenants.
- type: boolean
- StorageMgmtNetName:
- default: storage_mgmt
- description: The name of the Storage management network.
- type: string
- StorageMgmtSubnetName:
- default: storage_mgmt_subnet
- description: The name of the Storage management subnet in Neutron.
- type: string
- StorageMgmtAllocationPools:
- default: [{'start': '172.16.3.4', 'end': '172.16.3.250'}]
- description: Ip allocation pool range for the storage mgmt network.
- type: json
-
-resources:
- StorageMgmtNetwork:
- type: OS::Neutron::Net
- properties:
- admin_state_up: {get_param: StorageMgmtNetAdminStateUp}
- name: {get_param: StorageMgmtNetName}
- shared: {get_param: StorageMgmtNetShared}
- value_specs: {get_param: StorageMgmtNetValueSpecs}
-
- StorageMgmtSubnet:
- type: OS::Neutron::Subnet
- properties:
- cidr: {get_param: StorageMgmtNetCidr}
- enable_dhcp: {get_param: StorageMgmtNetEnableDHCP}
- name: {get_param: StorageMgmtSubnetName}
- network: {get_resource: StorageMgmtNetwork}
- allocation_pools: {get_param: StorageMgmtAllocationPools}
- gateway_ip: null
-
-outputs:
- OS::stack_id:
- description: Neutron storage management network
- value: {get_resource: StorageMgmtNetwork}
- subnet_cidr:
- value: {get_attr: [StorageMgmtSubnet, cidr]}
diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml
index cef87de9..7ed4c92e 100644
--- a/network/storage_mgmt_v6.yaml
+++ b/network/storage_mgmt_v6.yaml
@@ -8,7 +8,7 @@ parameters:
StorageMgmtNetCidr:
# OpenStack uses the EUI-64 address format, which requires a /64 prefix
default: 'fd00:fd00:fd00:4000::/64'
- description: Cidr for the storage management network.
+ description: Cidr for the storage_mgmt network.
type: string
StorageMgmtNetValueSpecs:
default: {'provider:physical_network': 'storage_mgmt', 'provider:network_type': 'flat'}
@@ -24,15 +24,15 @@ parameters:
type: boolean
StorageMgmtNetName:
default: storage_mgmt
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
type: string
StorageMgmtSubnetName:
default: storage_mgmt_subnet
- description: The name of the Storage management subnet in Neutron.
+ description: The name of the storage_mgmt subnet in Neutron.
type: string
StorageMgmtAllocationPools:
default: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}]
- description: Ip allocation pool range for the storage mgmt network.
+ description: Ip allocation pool range for the storage_mgmt network.
type: json
IPv6AddressMode:
default: dhcpv6-stateful
diff --git a/network/tenant.yaml b/network/tenant.yaml
deleted file mode 100644
index 67c4abbc..00000000
--- a/network/tenant.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: pike
-
-description: >
- Tenant network.
-
-parameters:
- # the defaults here work for static IP assignment (IPAM) only
- TenantNetCidr:
- default: '172.16.0.0/24'
- description: Cidr for the tenant network.
- type: string
- TenantNetValueSpecs:
- default: {'provider:physical_network': 'tenant', 'provider:network_type': 'flat'}
- description: Value specs for the tenant network.
- type: json
- TenantNetAdminStateUp:
- default: false
- description: The admin state of the network.
- type: boolean
- TenantNetEnableDHCP:
- default: false
- description: Whether to enable DHCP on the associated subnet.
- type: boolean
- TenantNetShared:
- default: false
- description: Whether this network is shared across all tenants.
- type: boolean
- TenantNetName:
- default: tenant
- description: The name of the tenant network.
- type: string
- TenantSubnetName:
- default: tenant_subnet
- description: The name of the tenant subnet in Neutron.
- type: string
- TenantAllocationPools:
- default: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
- description: Ip allocation pool range for the tenant network.
- type: json
-
-resources:
- TenantNetwork:
- type: OS::Neutron::Net
- properties:
- admin_state_up: {get_param: TenantNetAdminStateUp}
- name: {get_param: TenantNetName}
- shared: {get_param: TenantNetShared}
- value_specs: {get_param: TenantNetValueSpecs}
-
- TenantSubnet:
- type: OS::Neutron::Subnet
- properties:
- cidr: {get_param: TenantNetCidr}
- enable_dhcp: {get_param: TenantNetEnableDHCP}
- name: {get_param: TenantSubnetName}
- network: {get_resource: TenantNetwork}
- allocation_pools: {get_param: TenantAllocationPools}
- gateway_ip: null
-
-outputs:
- OS::stack_id:
- description: Neutron tenant network
- value: {get_resource: TenantNetwork}
- subnet_cidr:
- value: {get_attr: [TenantSubnet, cidr]}
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 0b4b4feb..63868b54 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -1,8 +1,8 @@
resource_registry:
OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment
- OS::TripleO::PostDeploySteps: puppet/post.yaml
- OS::TripleO::PostUpgradeSteps: puppet/post-upgrade.yaml
+ OS::TripleO::PostDeploySteps: common/post.yaml
+ OS::TripleO::PostUpgradeSteps: common/post-upgrade.yaml
OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
OS::TripleO::AllNodesDeployment: OS::Heat::StructuredDeployments
OS::TripleO::Hosts::SoftwareConfig: hosts-config.yaml
@@ -17,7 +17,7 @@ resource_registry:
{% for role in roles %}
OS::TripleO::{{role.name}}::PreNetworkConfig: OS::Heat::None
- OS::TripleO::{{role.name}}PostDeploySteps: puppet/post.yaml
+ OS::TripleO::{{role.name}}PostDeploySteps: common/post.yaml
OS::TripleO::{{role.name}}: puppet/{{role.name.lower()}}-role.yaml
OS::TripleO::{{role.name}}Config: puppet/{{role.name.lower()}}-config.yaml
OS::TripleO::Tasks::{{role.name}}PreConfig: OS::Heat::None
@@ -109,6 +109,8 @@ resource_registry:
OS::TripleO::DeployedServerEnvironment: OS::Heat::None
+ OS::TripleO::DeploymentSteps: OS::Heat::StructuredDeploymentGroup
+
# services
OS::TripleO::Services: common/services.yaml
OS::TripleO::Services::Apache: puppet/services/apache.yaml
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index 2bfdf506..2e398671 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -21,40 +21,44 @@ description: >
parameters:
# Common parameters (not specific to a role)
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
+ # Special case the External hostname param, which is CloudName
CloudName:
default: overcloud.localdomain
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
+{%- elif network.name == 'InternalApi' %}
+ # Special case the Internal API hostname param, which is CloudNameInternal
CloudNameInternal:
- default: overcloud.internalapi.localdomain
+ default: overcloud.{{network.name.lower()}}.localdomain
description: >
- The DNS name of this cloud's internal API endpoint. E.g.
- 'ci-overcloud.internalapi.tripleo.org'.
+ The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
+ 'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
- CloudNameStorage:
- default: overcloud.storage.localdomain
+{%- elif network.name == 'StorageMgmt' %}
+ # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
+ CloudNameStorageManagement:
+ default: overcloud.{{network.name.lower()}}.localdomain
description: >
- The DNS name of this cloud's storage endpoint. E.g.
- 'ci-overcloud.storage.tripleo.org'.
+ The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
+ 'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
- CloudNameStorageManagement:
- default: overcloud.storagemgmt.localdomain
+{%- else %}
+ CloudName{{network.name}}:
+ default: overcloud.{{network.name.lower()}}.localdomain
description: >
- The DNS name of this cloud's storage management endpoint. E.g.
- 'ci-overcloud.storagemgmt.tripleo.org'.
+ The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
+ 'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
+{%- endif %}
+{%- endfor %}
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
The DNS name of this cloud's provisioning network endpoint. E.g.
'ci-overcloud.ctlplane.tripleo.org'.
type: string
- ControlFixedIPs:
- default: []
- description: >
- Control the IP allocation for the ControlVirtualIP port. E.g.
- [{'ip_address':'1.2.3.4'}]
- type: json
ExtraConfig:
default: {}
description: |
@@ -77,12 +81,6 @@ parameters:
description: |
DEPRECATED use ComputeExtraConfig instead
type: json
- InternalApiVirtualFixedIPs:
- default: []
- description: >
- Control the IP allocation for the InternalApiVirtualInterface port. E.g.
- [{'ip_address':'1.2.3.4'}]
- type: json
NeutronControlPlaneID:
default: 'ctlplane'
type: string
@@ -91,28 +89,34 @@ parameters:
default: nic1
description: Which interface to add to the NeutronPhysicalBridge.
type: string
- PublicVirtualFixedIPs:
+ ControlFixedIPs:
default: []
description: >
- Control the IP allocation for the PublicVirtualInterface port. E.g.
+ Control the IP allocation for the ControlVirtualIP port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
- RabbitCookieSalt:
- type: string
- default: unset
- description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
- StorageVirtualFixedIPs:
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
+ # TODO (dsneddon) Legacy name, eventually refactor to match network name
+ PublicVirtualFixedIPs:
default: []
description: >
- Control the IP allocation for the StorageVirtualInterface port. E.g.
+ Control the IP allocation for the PublicVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
- StorageMgmtVirtualFixedIPs:
+{%- else %}
+ {{network.name}}VirtualFixedIPs:
default: []
description: >
- Control the IP allocation for the StorageMgmgVirtualInterface port. E.g.
+ Control the IP allocation for the {{network.name}}VirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
+{%- endif %}
+{%- endfor %}
+ RabbitCookieSalt:
+ type: string
+ default: unset
+ description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
RedisVirtualFixedIPs:
default: []
description: >
@@ -186,11 +190,12 @@ parameters:
{% if role.name != 'Compute' %}
{{role.name}}SchedulerHints:
+ description: Optional scheduler hints to pass to nova
{% else %}
NovaComputeSchedulerHints:
+ description: DEPRECATED - use ComputeSchedulerHints instead
{% endif %}
type: json
- description: Optional scheduler hints to pass to nova
default: {}
{{role.name}}Parameters:
@@ -224,13 +229,6 @@ parameters:
description: >
List of server hostnames to blacklist from any triggered deployments.
-parameter_groups:
-- label: deprecated
- description: Do not use deprecated params, they will be removed.
- parameters:
- - controllerExtraConfig
- - NovaComputeExtraConfig
-
conditions:
add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]}
@@ -246,28 +244,38 @@ resources:
- - str_replace:
template: IP HOST
params:
- IP: {get_attr: [VipMap, net_ip_map, external]}
- HOST: {get_param: CloudName}
+ IP: {get_attr: [VipMap, net_ip_map, ctlplane]}
+ HOST: {get_param: CloudNameCtlplane}
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
+ # Special case the External hostname param, which is CloudName
- str_replace:
template: IP HOST
params:
- IP: {get_attr: [VipMap, net_ip_map, ctlplane]}
- HOST: {get_param: CloudNameCtlplane}
+ IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
+ HOST: {get_param: CloudName}
+{%- elif network.name == 'InternalApi' %}
+ # Special case the Internal API hostname param, which is CloudNameInternal
- str_replace:
template: IP HOST
params:
- IP: {get_attr: [VipMap, net_ip_map, internal_api]}
+ IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
HOST: {get_param: CloudNameInternal}
+{%- elif network.name == 'StorageMgmt' %}
+ # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
- str_replace:
template: IP HOST
params:
- IP: {get_attr: [VipMap, net_ip_map, storage]}
- HOST: {get_param: CloudNameStorage}
+ IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
+ HOST: {get_param: CloudNameStorageManagement}
+{%- else %}
- str_replace:
template: IP HOST
params:
- IP: {get_attr: [VipMap, net_ip_map, storage_mgmt]}
- HOST: {get_param: CloudNameStorageManagement}
+ IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
+ HOST: {get_param: CloudName{{network.name}}}
+{%- endif %}
+{%- endfor %}
HeatAuthEncryptionKey:
type: OS::TripleO::RandomString
@@ -303,11 +311,21 @@ resources:
type: OS::TripleO::EndpointMap
properties:
CloudEndpoints:
- external: {get_param: CloudName}
- internal_api: {get_param: CloudNameInternal}
- storage: {get_param: CloudNameStorage}
- storage_mgmt: {get_param: CloudNameStorageManagement}
ctlplane: {get_param: CloudNameCtlplane}
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
+ # Special case the External hostname param, which is CloudName
+ {{network.name_lower}}: {get_param: CloudName}
+{%- elif network.name == 'InternalApi' %}
+ # Special case the Internal API hostname param, which is CloudNameInternal
+ {{network.name_lower}}: {get_param: CloudNameInternal}
+{%- elif network.name == 'StorageMgmt' %}
+ # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
+ {{network.name_lower}}: {get_param: CloudNameStorageManagement}
+{%- else %}
+ {{network.name_lower}}: {get_param: CloudName{{network.name}}}
+{%- endif %}
+{%- endfor %}
NetIpMap: {get_attr: [VipMap, net_ip_map]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
@@ -464,12 +482,9 @@ resources:
type: OS::TripleO::Network::Ports::NetIpListMap
properties:
ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]}
- ExternalIpList: {get_attr: [{{role.name}}, external_ip_address]}
- InternalApiIpList: {get_attr: [{{role.name}}, internal_api_ip_address]}
- StorageIpList: {get_attr: [{{role.name}}, storage_ip_address]}
- StorageMgmtIpList: {get_attr: [{{role.name}}, storage_mgmt_ip_address]}
- TenantIpList: {get_attr: [{{role.name}}, tenant_ip_address]}
- ManagementIpList: {get_attr: [{{role.name}}, management_ip_address]}
+{%- for network in networks if network.enabled|default(true) %}
+ {{network.name}}IpList: {get_attr: [{{role.name}}, {{network.name_lower}}_ip_address]}
+{%- endfor %}
EnabledServices: {get_attr: [{{role.name}}ServiceNames, value]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
ServiceHostnameList: {get_attr: [{{role.name}}, hostname]}
@@ -588,10 +603,20 @@ resources:
allNodesConfig:
type: OS::TripleO::AllNodes::SoftwareConfig
properties:
- cloud_name_external: {get_param: CloudName}
- cloud_name_internal_api: {get_param: CloudNameInternal}
- cloud_name_storage: {get_param: CloudNameStorage}
- cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement}
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
+ # Special case the External hostname param, which is CloudName
+ cloud_name_{{network.name_lower}}: {get_param: CloudName}
+{%- elif network.name == 'InternalApi' %}
+ # Special case the Internal API hostname param, which is CloudNameInternal
+ cloud_name_{{network.name_lower}}: {get_param: CloudNameInternal}
+{%- elif network.name == 'StorageMgmt' %}
+ # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
+ cloud_name_{{network.name_lower}}: {get_param: CloudNameStorageManagement}
+{%- else %}
+ cloud_name_{{network.name_lower}}: {get_param: CloudName{{network.name}}}
+{%- endif %}
+{%- endfor %}
cloud_name_ctlplane: {get_param: CloudNameCtlplane}
enabled_services:
list_join:
@@ -705,6 +730,8 @@ resources:
ServiceName: redis
FixedIPs: {get_param: RedisVirtualFixedIPs}
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
# The public VIP is on the External net, falls back to ctlplane
PublicVirtualIP:
depends_on: Networks
@@ -714,43 +741,38 @@ resources:
ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
PortName: public_virtual_ip
FixedIPs: {get_param: PublicVirtualFixedIPs}
-
- InternalApiVirtualIP:
- depends_on: Networks
- type: OS::TripleO::Network::Ports::InternalApiVipPort
- properties:
- ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PortName: internal_api_virtual_ip
- FixedIPs: {get_param: InternalApiVirtualFixedIPs}
-
- StorageVirtualIP:
+{%- elif network.name == 'StorageMgmt' %}
+ {{network.name}}VirtualIP:
depends_on: Networks
- type: OS::TripleO::Network::Ports::StorageVipPort
+ type: OS::TripleO::Network::Ports::{{network.name}}VipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PortName: storage_virtual_ip
- FixedIPs: {get_param: StorageVirtualFixedIPs}
-
- StorageMgmtVirtualIP:
+ PortName: storage_management_virtual_ip
+ FixedIPs: {get_param: {{network.name}}VirtualFixedIPs}
+{%- else %}
+ {{network.name}}VirtualIP:
depends_on: Networks
- type: OS::TripleO::Network::Ports::StorageMgmtVipPort
+ type: OS::TripleO::Network::Ports::{{network.name}}VipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PortName: storage_management_virtual_ip
- FixedIPs: {get_param: StorageMgmtVirtualFixedIPs}
+ PortName: {{network.name_lower}}_virtual_ip
+ FixedIPs: {get_param: {{network.name}}VirtualFixedIPs}
+{%- endif %}
+{%- endfor %}
VipMap:
type: OS::TripleO::Network::Ports::NetVipMap
properties:
ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+{%- for network in networks if network.vip|default(false) %}
+{%- if network.name == 'External' %}
ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
- InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]}
- StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
- StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
+{%- else %}
+ {{network.name}}Ip: {get_attr: [{{network.name}}VirtualIP, ip_address]}
+ {{network.name}}IpUri: {get_attr: [{{network.name}}VirtualIP, ip_address_uri]}
+{%- endif %}
+{%- endfor %}
# No tenant or management VIP required
# Because of nested get_attr functions in the KeystoneAdminVip output, we
# can't determine which attributes of VipMap are used until after
@@ -764,24 +786,12 @@ resources:
PingTestIps:
list_join:
- ' '
- - - yaql:
- expression: coalesce($.data, []).first(null)
- data: {get_attr: [{{primary_role_name}}, external_ip_address]}
- - yaql:
- expression: coalesce($.data, []).first(null)
- data: {get_attr: [{{primary_role_name}}, internal_api_ip_address]}
- - yaql:
- expression: coalesce($.data, []).first(null)
- data: {get_attr: [{{primary_role_name}}, storage_ip_address]}
- - yaql:
- expression: coalesce($.data, []).first(null)
- data: {get_attr: [{{primary_role_name}}, storage_mgmt_ip_address]}
- - yaql:
- expression: coalesce($.data, []).first(null)
- data: {get_attr: [{{primary_role_name}}, tenant_ip_address]}
+ -
+{%- for network in networks if network.enabled|default(true) %}
- yaql:
expression: coalesce($.data, []).first(null)
- data: {get_attr: [{{primary_role_name}}, management_ip_address]}
+ data: {get_attr: [{{primary_role_name}}, {{network.name_lower}}_ip_address]}
+{%- endfor %}
UpdateWorkflow:
type: OS::TripleO::Tasks::UpdateWorkflow
@@ -935,6 +945,9 @@ outputs:
- {get_attr: [{{role.name}}ServiceChainRoleData, value]}
- {get_attr: [{{role.name}}MergedConfigSettings, value]}
{% endfor %}
+ RoleConfig:
+ description: The configuration workflows associated with each role
+ value: {get_attr: [AllNodesDeploySteps, RoleConfig]}
RoleNetIpMap:
description: Mapping of each network to a list of IPs for each role
value:
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 24aa1525..3044fe39 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -76,7 +76,7 @@ parameters:
InternalApiNetName:
default: internal_api
- description: The name of the internal API network.
+ description: The name of the internal_api network.
type: string
ExternalNetName:
default: external
@@ -92,7 +92,7 @@ parameters:
type: string
StorageMgmtNetName:
default: storage_mgmt
- description: The name of the Storage management network.
+ description: The name of the storage_mgmt network.
type: string
TenantNetName:
default: tenant
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
deleted file mode 100644
index de7b6b49..00000000
--- a/puppet/blockstorage-role.yaml
+++ /dev/null
@@ -1,704 +0,0 @@
-heat_template_version: pike
-description: 'OpenStack cinder storage configured by Puppet'
-parameters:
- BlockStorageImage:
- default: overcloud-full
- type: string
- constraints:
- - custom_constraint: glance.image
- ExtraConfig:
- default: {}
- description: |
- Additional hiera configuration to inject into the cluster. Note
- that BlockStorageExtraConfig takes precedence over ExtraConfig.
- type: json
- BlockStorageExtraConfig:
- default: {}
- description: |
- Role specific additional hiera configuration to inject into the cluster.
- type: json
- BlockStorageIPs:
- default: {}
- type: json
- OvercloudBlockStorageFlavor:
- description: Flavor for block storage nodes to request when deploying.
- type: string
- default: baremetal
- constraints:
- - custom_constraint: nova.flavor
- KeyName:
- default: default
- description: Name of an existing Nova key pair to enable SSH access to the instances
- type: string
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- HostnameMap:
- type: json
- default: {}
- description: Optional mapping to override hostnames
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- NetworkDeploymentActions:
- type: comma_delimited_list
- description: >
- Heat action when to apply network configuration changes
- default: ['CREATE']
- SoftwareConfigTransport:
- default: POLL_SERVER_CFN
- description: |
- How the server should receive the metadata required for software configuration.
- type: string
- constraints:
- - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
- CloudDomain:
- default: 'localdomain'
- type: string
- description: >
- The DNS domain used for the hosts. This must match the
- overcloud_domain_name configured on the undercloud.
- BlockStorageServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This option is
- role-specific and is merged with the values given to the ServerMetadata
- parameter.
- type: json
- ServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This applies to
- all roles and is merged with a role-specific metadata parameter.
- type: json
- BlockStorageSchedulerHints:
- type: json
- description: Optional scheduler hints to pass to nova
- default: {}
- NodeIndex:
- type: number
- default: 0
- ServiceConfigSettings:
- type: json
- default: {}
- ServiceNames:
- type: comma_delimited_list
- default: []
- MonitoringSubscriptions:
- type: comma_delimited_list
- default: []
- ServiceMetadataSettings:
- type: json
- default: {}
- ConfigCommand:
- type: string
- description: Command which will be run whenever configuration data changes
- default: os-refresh-config --timeout 14400
- ConfigCollectSplay:
- type: number
- default: 30
- description: |
- Maximum amount of time to possibly to delay configuation collection
- polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
- the configuration collection to occur as soon as the collection process
- starts. This setting is used to prevent the configuration collection
- processes from polling all at the exact same time.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
- UpgradeInitCommonCommand:
- type: string
- description: |
- Common commands required by the upgrades process. This should not
- normally be modified by the operator and is set and unset in the
- major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
- environment files.
- default: ''
- DeploymentServerBlacklistDict:
- default: {}
- type: json
- description: >
- Map of server hostnames to blacklist from any triggered
- deployments. If the value is 1, the server will be blacklisted. This
- parameter is generated from the parent template.
- RoleParameters:
- type: json
- description: Parameters specific to the role
- default: {}
- DeploymentSwiftDataMap:
- type: json
- description: |
- Map of servers to Swift container and object for storing deployment data.
- The keys are the Heat assigned hostnames, and the value is a map of the
- container/object name in Swift. Example value:
- overcloud-controller-0:
- container: overcloud-controller
- object: 0
- overcloud-controller-1:
- container: overcloud-controller
- object: 1
- overcloud-controller-2:
- container: overcloud-controller
- object: 2
- overcloud-novacompute-0:
- container: overcloud-compute
- object: 0
- default: {}
-
-conditions:
- server_not_blacklisted:
- not:
- equals:
- - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
- - 1
- deployment_swift_data_map_unset:
- equals:
- - get_param:
- - DeploymentSwiftDataMap
- - {get_param: Hostname}
- - ""
-
-resources:
- BlockStorage:
- type: OS::TripleO::BlockStorageServer
- metadata:
- os-collect-config:
- command: {get_param: ConfigCommand}
- splay: {get_param: ConfigCollectSplay}
- properties:
- image:
- {get_param: BlockStorageImage}
- flavor: {get_param: OvercloudBlockStorageFlavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: UserData}
- name:
- str_replace:
- template: {get_param: Hostname}
- params: {get_param: HostnameMap}
- software_config_transport: {get_param: SoftwareConfigTransport}
- metadata:
- map_merge:
- - {get_param: ServerMetadata}
- - {get_param: BlockStorageServerMetadata}
- - {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: BlockStorageSchedulerHints}
- deployment_swift_data:
- if:
- - deployment_swift_data_map_unset
- - {}
- - {get_param: [DeploymentSwiftDataMap,
- {get_param: Hostname}]}
-
- # Combine the NodeAdminUserData and NodeUserData mime archives
- UserData:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: NodeAdminUserData}
- type: multipart
- - config: {get_resource: NodeUserData}
- type: multipart
- - config: {get_resource: RoleUserData}
- type: multipart
-
- # Creates the "heat-admin" user if configured via the environment
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeAdminUserData:
- type: OS::TripleO::NodeAdminUserData
-
- # For optional operator additional userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- # For optional operator role-specific userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- RoleUserData:
- type: OS::TripleO::BlockStorage::NodeUserData
-
- ExternalPort:
- type: OS::TripleO::BlockStorage::Ports::ExternalPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- IPPool: {get_param: BlockStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- InternalApiPort:
- type: OS::TripleO::BlockStorage::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- IPPool: {get_param: BlockStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StoragePort:
- type: OS::TripleO::BlockStorage::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- IPPool: {get_param: BlockStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StorageMgmtPort:
- type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- IPPool: {get_param: BlockStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- TenantPort:
- type: OS::TripleO::BlockStorage::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- IPPool: {get_param: BlockStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- ManagementPort:
- type: OS::TripleO::BlockStorage::Ports::ManagementPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- IPPool: {get_param: BlockStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- NetworkConfig:
- type: OS::TripleO::BlockStorage::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
-
- NetIpMap:
- type: OS::TripleO::Network::Ports::NetIpMap
- properties:
- ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- ExternalIp: {get_attr: [ExternalPort, ip_address]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
- StorageIp: {get_attr: [StoragePort, ip_address]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
- TenantIp: {get_attr: [TenantPort, ip_address]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
- ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
-
- NetHostMap:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- external:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - external
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - external
- internal_api:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - internalapi
- storage:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storage
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storage
- storage_mgmt:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - storagemgmt
- tenant:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - tenant
- management:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - management
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - management
- ctlplane:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [BlockStorage, name]}
- - ctlplane
-
- PreNetworkConfig:
- type: OS::TripleO::BlockStorage::PreNetworkConfig
- properties:
- server: {get_resource: BlockStorage}
- RoleParameters: {get_param: RoleParameters}
- ServiceNames: {get_param: ServiceNames}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: PreNetworkConfig
- properties:
- name: NetworkDeployment
- config: {get_resource: NetworkConfig}
- server: {get_resource: BlockStorage}
- actions:
- if:
- - server_not_blacklisted
- - {get_param: NetworkDeploymentActions}
- - []
-
- BlockStorageUpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
- - get_param: UpgradeInitCommonCommand
-
- # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
- # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- BlockStorageUpgradeInitDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: BlockStorageUpgradeInitDeployment
- server: {get_resource: BlockStorage}
- config: {get_resource: BlockStorageUpgradeInitConfig}
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- BlockStorageDeployment:
- type: OS::Heat::StructuredDeployment
- depends_on: BlockStorageUpgradeInitDeployment
- properties:
- name: BlockStorageDeployment
- server: {get_resource: BlockStorage}
- config: {get_resource: BlockStorageConfig}
- input_values:
- enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- # Map heat metadata into hiera datafiles
- BlockStorageConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: hiera
- config:
- hierarchy:
- - '"%{::uuid}"'
- - heat_config_%{::deploy_config_name}
- - config_step
- - volume_extraconfig
- - extraconfig
- - service_names
- - service_configs
- - volume
- - bootstrap_node # provided by allNodesConfig
- - all_nodes # provided by allNodesConfig
- - vip_data # provided by allNodesConfig
- - '"%{::osfamily}"'
- merge_behavior: deeper
- datafiles:
- service_names:
- service_names: {get_param: ServiceNames}
- sensu::subscriptions: {get_param: MonitoringSubscriptions}
- service_configs:
- map_replace:
- - {get_param: ServiceConfigSettings}
- - values: {get_attr: [NetIpMap, net_ip_map]}
- volume_extraconfig: {get_param: BlockStorageExtraConfig}
- extraconfig: {get_param: ExtraConfig}
- volume:
- tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
- fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
-
- # Resource for site-specific injection of root certificate
- NodeTLSCAData:
- depends_on: BlockStorageDeployment
- type: OS::TripleO::NodeTLSCAData
- properties:
- server: {get_resource: BlockStorage}
-
- # Hook for site-specific additional pre-deployment config,
- # applying to all nodes, e.g node registration/unregistration
- NodeExtraConfig:
- depends_on: NodeTLSCAData
- type: OS::TripleO::NodeExtraConfig
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: BlockStorage}
-
- UpdateConfig:
- type: OS::TripleO::Tasks::PackageUpdate
-
- UpdateDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: UpdateDeployment
- config: {get_resource: UpdateConfig}
- server: {get_resource: BlockStorage}
- input_values:
- update_identifier:
- get_param: UpdateIdentifier
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- DeploymentActions:
- type: OS::Heat::Value
- properties:
- value:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- SshHostPubKey:
- type: OS::TripleO::Ssh::HostPubKey
- depends_on: BlockStorageDeployment
- properties:
- server: {get_resource: BlockStorage}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- hostname:
- description: Hostname of the server
- value: {get_attr: [BlockStorage, name]}
- hostname_map:
- description: Mapping of network names to hostnames
- value:
- external: {get_attr: [NetHostMap, value, external, fqdn]}
- internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- management: {get_attr: [NetHostMap, value, management, fqdn]}
- ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- hosts_entry:
- value:
- str_replace:
- template: |
- PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
- EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
- INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
- STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
- STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
- TENANTIP TENANTHOST.DOMAIN TENANTHOST
- MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
- CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [BlockStorage, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- known_hosts_entry:
- description: Entry for ssh known hosts
- value:
- str_replace:
- template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
-EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
-INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
-STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
-STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
-TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
-MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
-CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [BlockStorage, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
- nova_server_resource:
- description: Heat resource handle for the block storage server
- value:
- {get_resource: BlockStorage}
- condition: server_not_blacklisted
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- management_ip_address:
- description: IP address of the server in the management network
- value: {get_attr: [ManagementPort, ip_address]}
- deployed_server_port_map:
- description: |
- Map of Heat created hostname of the server to ip address. This is the
- hostname before it has been mapped with the HostnameMap parameter, and
- the IP address from the ctlplane network. This map can be used to construct
- the DeployedServerPortMap parameter when using split-stack.
- value:
- map_replace:
- - hostname:
- fixed_ips:
- - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- - keys:
- hostname:
- list_join:
- - '-'
- - - {get_param: Hostname}
- - ctlplane
- deployed_server_deployment_swift_data_map:
- description:
- Map of Heat created hostname of the server to the Swift container and object
- used to created the temporary url for metadata polling with
- os-collect-config.
- value:
- map_replace:
- - hostname:
- container:
- str_split:
- - '/'
- - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
- - 5
- object:
- str_split:
- - '?'
- - str_split:
- - '/'
- - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
- - 6
- - 0
- - keys: {hostname: {get_param: Hostname}}
- os_collect_config:
- description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [BlockStorage, os_collect_config]}
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
deleted file mode 100644
index ce44fd68..00000000
--- a/puppet/cephstorage-role.yaml
+++ /dev/null
@@ -1,718 +0,0 @@
-heat_template_version: pike
-description: 'OpenStack ceph storage node configured by Puppet'
-parameters:
- OvercloudCephStorageFlavor:
- description: Flavor for the Ceph Storage node.
- default: baremetal
- type: string
- constraints:
- - custom_constraint: nova.flavor
- CephStorageImage:
- type: string
- default: overcloud-full
- constraints:
- - custom_constraint: glance.image
- ImageUpdatePolicy:
- default: 'REBUILD_PRESERVE_EPHEMERAL'
- description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- type: string
- KeyName:
- description: Name of an existing Nova key pair to enable SSH access to the instances
- type: string
- default: default
- constraints:
- - custom_constraint: nova.keypair
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- HostnameMap:
- type: json
- default: {}
- description: Optional mapping to override hostnames
- ExtraConfig:
- default: {}
- description: |
- Additional hiera configuration to inject into the cluster. Note
- that CephStorageExtraConfig takes precedence over ExtraConfig.
- type: json
- CephStorageExtraConfig:
- default: {}
- description: |
- Role specific additional hiera configuration to inject into the cluster.
- type: json
- CephStorageIPs:
- default: {}
- type: json
- NetworkDeploymentActions:
- type: comma_delimited_list
- description: >
- Heat action when to apply network configuration changes
- default: ['CREATE']
- SoftwareConfigTransport:
- default: POLL_SERVER_CFN
- description: |
- How the server should receive the metadata required for software configuration.
- type: string
- constraints:
- - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
- CloudDomain:
- default: 'localdomain'
- type: string
- description: >
- The DNS domain used for the hosts. This must match the
- overcloud_domain_name configured on the undercloud.
- CephStorageServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This option is
- role-specific and is merged with the values given to the ServerMetadata
- parameter.
- type: json
- ServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This applies to
- all roles and is merged with a role-specific metadata parameter.
- type: json
- CephStorageSchedulerHints:
- type: json
- description: Optional scheduler hints to pass to nova
- default: {}
- NodeIndex:
- type: number
- default: 0
- ServiceConfigSettings:
- type: json
- default: {}
- ServiceNames:
- type: comma_delimited_list
- default: []
- MonitoringSubscriptions:
- type: comma_delimited_list
- default: []
- ServiceMetadataSettings:
- type: json
- default: {}
- ConfigCommand:
- type: string
- description: Command which will be run whenever configuration data changes
- default: os-refresh-config --timeout 14400
- ConfigCollectSplay:
- type: number
- default: 30
- description: |
- Maximum amount of time to possibly to delay configuation collection
- polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
- the configuration collection to occur as soon as the collection process
- starts. This setting is used to prevent the configuration collection
- processes from polling all at the exact same time.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
- UpgradeInitCommonCommand:
- type: string
- description: |
- Common commands required by the upgrades process. This should not
- normally be modified by the operator and is set and unset in the
- major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
- environment files.
- default: ''
- DeploymentServerBlacklistDict:
- default: {}
- type: json
- description: >
- Map of server hostnames to blacklist from any triggered
- deployments. If the value is 1, the server will be blacklisted. This
- parameter is generated from the parent template.
- RoleParameters:
- type: json
- description: Parameters specific to the role
- default: {}
- DeploymentSwiftDataMap:
- type: json
- description: |
- Map of servers to Swift container and object for storing deployment data.
- The keys are the Heat assigned hostnames, and the value is a map of the
- container/object name in Swift. Example value:
- overcloud-controller-0:
- container: overcloud-controller
- object: 0
- overcloud-controller-1:
- container: overcloud-controller
- object: 1
- overcloud-controller-2:
- container: overcloud-controller
- object: 2
- overcloud-novacompute-0:
- container: overcloud-compute
- object: 0
- default: {}
-
-conditions:
- server_not_blacklisted:
- not:
- equals:
- - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
- - 1
- deployment_swift_data_map_unset:
- equals:
- - get_param:
- - DeploymentSwiftDataMap
- - {get_param: Hostname}
- - ""
-
-resources:
- CephStorage:
- type: OS::TripleO::CephStorageServer
- metadata:
- os-collect-config:
- command: {get_param: ConfigCommand}
- splay: {get_param: ConfigCollectSplay}
- properties:
- image: {get_param: CephStorageImage}
- image_update_policy: {get_param: ImageUpdatePolicy}
- flavor: {get_param: OvercloudCephStorageFlavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: UserData}
- name:
- str_replace:
- template: {get_param: Hostname}
- params: {get_param: HostnameMap}
- software_config_transport: {get_param: SoftwareConfigTransport}
- metadata:
- map_merge:
- - {get_param: ServerMetadata}
- - {get_param: CephStorageServerMetadata}
- - {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: CephStorageSchedulerHints}
- deployment_swift_data:
- if:
- - deployment_swift_data_map_unset
- - {}
- - {get_param: [DeploymentSwiftDataMap,
- {get_param: Hostname}]}
-
- # Combine the NodeAdminUserData and NodeUserData mime archives
- UserData:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: NodeAdminUserData}
- type: multipart
- - config: {get_resource: NodeUserData}
- type: multipart
- - config: {get_resource: RoleUserData}
- type: multipart
-
- # Creates the "heat-admin" user if configured via the environment
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeAdminUserData:
- type: OS::TripleO::NodeAdminUserData
-
- # For optional operator additional userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- # For optional operator role-specific userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- RoleUserData:
- type: OS::TripleO::CephStorage::NodeUserData
-
- ExternalPort:
- type: OS::TripleO::CephStorage::Ports::ExternalPort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- IPPool: {get_param: CephStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- InternalApiPort:
- type: OS::TripleO::CephStorage::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- IPPool: {get_param: CephStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StoragePort:
- type: OS::TripleO::CephStorage::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- IPPool: {get_param: CephStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StorageMgmtPort:
- type: OS::TripleO::CephStorage::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- IPPool: {get_param: CephStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- TenantPort:
- type: OS::TripleO::CephStorage::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- IPPool: {get_param: CephStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- ManagementPort:
- type: OS::TripleO::CephStorage::Ports::ManagementPort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- IPPool: {get_param: CephStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- NetworkConfig:
- type: OS::TripleO::CephStorage::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
-
- NetIpMap:
- type: OS::TripleO::Network::Ports::NetIpMap
- properties:
- ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]}
- ExternalIp: {get_attr: [ExternalPort, ip_address]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
- StorageIp: {get_attr: [StoragePort, ip_address]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
- TenantIp: {get_attr: [TenantPort, ip_address]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
- ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
-
- NetHostMap:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- external:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - external
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - external
- internal_api:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - internalapi
- storage:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storage
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storage
- storage_mgmt:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - storagemgmt
- tenant:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - tenant
- management:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - management
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - management
- ctlplane:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [CephStorage, name]}
- - ctlplane
-
- PreNetworkConfig:
- type: OS::TripleO::CephStorage::PreNetworkConfig
- properties:
- server: {get_resource: CephStorage}
- RoleParameters: {get_param: RoleParameters}
- ServiceNames: {get_param: ServiceNames}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: PreNetworkConfig
- properties:
- name: NetworkDeployment
- config: {get_resource: NetworkConfig}
- server: {get_resource: CephStorage}
- actions:
- if:
- - server_not_blacklisted
- - {get_param: NetworkDeploymentActions}
- - []
-
- CephStorageUpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
- - get_param: UpgradeInitCommonCommand
-
- # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
- # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- CephStorageUpgradeInitDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: CephStorageUpgradeInitDeployment
- server: {get_resource: CephStorage}
- config: {get_resource: CephStorageUpgradeInitConfig}
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- CephStorageDeployment:
- type: OS::Heat::StructuredDeployment
- depends_on: CephStorageUpgradeInitDeployment
- properties:
- name: CephStorageDeployment
- config: {get_resource: CephStorageConfig}
- server: {get_resource: CephStorage}
- input_values:
- enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- CephStorageConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: hiera
- config:
- hierarchy:
- - '"%{::uuid}"'
- - heat_config_%{::deploy_config_name}
- - config_step
- - ceph_extraconfig
- - extraconfig
- - service_names
- - service_configs
- - ceph
- - bootstrap_node # provided by allNodesConfig
- - all_nodes # provided by allNodesConfig
- - vip_data # provided by allNodesConfig
- - '"%{::osfamily}"'
- merge_behavior: deeper
- datafiles:
- service_names:
- service_names: {get_param: ServiceNames}
- sensu::subscriptions: {get_param: MonitoringSubscriptions}
- service_configs:
- map_replace:
- - {get_param: ServiceConfigSettings}
- - values: {get_attr: [NetIpMap, net_ip_map]}
- ceph_extraconfig: {get_param: CephStorageExtraConfig}
- extraconfig: {get_param: ExtraConfig}
- ceph:
- tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
- fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
-
- # Resource for site-specific injection of root certificate
- NodeTLSCAData:
- depends_on: CephStorageDeployment
- type: OS::TripleO::NodeTLSCAData
- properties:
- server: {get_resource: CephStorage}
-
- # Hook for site-specific additional pre-deployment config, e.g extra hieradata
- CephStorageExtraConfigPre:
- depends_on: CephStorageDeployment
- type: OS::TripleO::CephStorageExtraConfigPre
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: CephStorage}
-
- # Hook for site-specific additional pre-deployment config,
- # applying to all nodes, e.g node registration/unregistration
- NodeExtraConfig:
- depends_on: [CephStorageExtraConfigPre, NodeTLSCAData]
- type: OS::TripleO::NodeExtraConfig
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: CephStorage}
-
- UpdateConfig:
- type: OS::TripleO::Tasks::PackageUpdate
-
- UpdateDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- config: {get_resource: UpdateConfig}
- server: {get_resource: CephStorage}
- input_values:
- update_identifier:
- get_param: UpdateIdentifier
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- DeploymentActions:
- type: OS::Heat::Value
- properties:
- value:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- SshHostPubKey:
- type: OS::TripleO::Ssh::HostPubKey
- depends_on: CephStorageDeployment
- properties:
- server: {get_resource: CephStorage}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [CephStorage, networks, ctlplane, 0]}
- hostname:
- description: Hostname of the server
- value: {get_attr: [CephStorage, name]}
- hostname_map:
- description: Mapping of network names to hostnames
- value:
- external: {get_attr: [NetHostMap, value, external, fqdn]}
- internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- management: {get_attr: [NetHostMap, value, management, fqdn]}
- ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- hosts_entry:
- value:
- str_replace:
- template: |
- PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
- EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
- INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
- STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
- STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
- TENANTIP TENANTHOST.DOMAIN TENANTHOST
- MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
- CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [CephStorage, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- known_hosts_entry:
- description: Entry for ssh known hosts
- value:
- str_replace:
- template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
-EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
-INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
-STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
-STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
-TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
-MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
-CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [CephStorage, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
- nova_server_resource:
- description: Heat resource handle for the ceph storage server
- value:
- {get_resource: CephStorage}
- condition: server_not_blacklisted
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- management_ip_address:
- description: IP address of the server in the management network
- value: {get_attr: [ManagementPort, ip_address]}
- deployed_server_port_map:
- description: |
- Map of Heat created hostname of the server to ip address. This is the
- hostname before it has been mapped with the HostnameMap parameter, and
- the IP address from the ctlplane network. This map can be used to construct
- the DeployedServerPortMap parameter when using split-stack.
- value:
- map_replace:
- - hostname:
- fixed_ips:
- - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]}
- - keys:
- hostname:
- list_join:
- - '-'
- - - {get_param: Hostname}
- - ctlplane
- deployed_server_deployment_swift_data_map:
- description:
- Map of Heat created hostname of the server to the Swift container and object
- used to created the temporary url for metadata polling with
- os-collect-config.
- value:
- map_replace:
- - hostname:
- container:
- str_split:
- - '/'
- - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
- - 5
- object:
- str_split:
- - '?'
- - str_split:
- - '/'
- - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
- - 6
- - 0
- - keys: {hostname: {get_param: Hostname}}
- os_collect_config:
- description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [CephStorage, os_collect_config]}
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
deleted file mode 100644
index af45793e..00000000
--- a/puppet/compute-role.yaml
+++ /dev/null
@@ -1,744 +0,0 @@
-heat_template_version: pike
-
-description: >
- OpenStack hypervisor node configured via Puppet.
-
-parameters:
- ExtraConfig:
- default: {}
- description: |
- Additional hiera configuration to inject into the cluster. Note
- that NovaComputeExtraConfig takes precedence over ExtraConfig.
- type: json
- OvercloudComputeFlavor:
- description: Flavor for the nova compute node
- default: baremetal
- type: string
- constraints:
- - custom_constraint: nova.flavor
- NovaImage:
- type: string
- default: overcloud-full
- constraints:
- - custom_constraint: glance.image
- ImageUpdatePolicy:
- default: 'REBUILD_PRESERVE_EPHEMERAL'
- description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- type: string
- KeyName:
- description: Name of an existing Nova key pair to enable SSH access to the instances
- type: string
- default: default
- constraints:
- - custom_constraint: nova.keypair
- NeutronPhysicalBridge:
- default: 'br-ex'
- description: An OVS bridge to create for accessing external networks.
- type: string
- NeutronPublicInterface:
- default: nic1
- description: Which interface to add to the NeutronPhysicalBridge.
- type: string
- NodeIndex:
- type: number
- default: 0
- NovaComputeExtraConfig:
- default: {}
- description: |
- NovaCompute specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
- NovaComputeIPs:
- default: {}
- type: json
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- HostnameMap:
- type: json
- default: {}
- description: Optional mapping to override hostnames
- NetworkDeploymentActions:
- type: comma_delimited_list
- description: >
- Heat action when to apply network configuration changes
- default: ['CREATE']
- SoftwareConfigTransport:
- default: POLL_SERVER_CFN
- description: |
- How the server should receive the metadata required for software configuration.
- type: string
- constraints:
- - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
- CloudDomain:
- default: 'localdomain'
- type: string
- description: >
- The DNS domain used for the hosts. This must match the
- overcloud_domain_name configured on the undercloud.
- NovaComputeServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This option is
- role-specific and is merged with the values given to the ServerMetadata
- parameter.
- type: json
- ServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This applies to
- all roles and is merged with a role-specific metadata parameter.
- type: json
- NovaComputeSchedulerHints:
- type: json
- description: Optional scheduler hints to pass to nova
- default: {}
- ServiceConfigSettings:
- type: json
- default: {}
- ServiceNames:
- type: comma_delimited_list
- default: []
- MonitoringSubscriptions:
- type: comma_delimited_list
- default: []
- ServiceMetadataSettings:
- type: json
- default: {}
- ConfigCommand:
- type: string
- description: Command which will be run whenever configuration data changes
- default: os-refresh-config --timeout 14400
- ConfigCollectSplay:
- type: number
- default: 30
- description: |
- Maximum amount of time to possibly to delay configuation collection
- polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
- the configuration collection to occur as soon as the collection process
- starts. This setting is used to prevent the configuration collection
- processes from polling all at the exact same time.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
- UpgradeInitCommonCommand:
- type: string
- description: |
- Common commands required by the upgrades process. This should not
- normally be modified by the operator and is set and unset in the
- major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
- environment files.
- default: ''
- DeploymentServerBlacklistDict:
- default: {}
- type: json
- description: >
- Map of server hostnames to blacklist from any triggered
- deployments. If the value is 1, the server will be blacklisted. This
- parameter is generated from the parent template.
- RoleParameters:
- type: json
- description: Parameters specific to the role
- default: {}
- DeploymentSwiftDataMap:
- type: json
- description: |
- Map of servers to Swift container and object for storing deployment data.
- The keys are the Heat assigned hostnames, and the value is a map of the
- container/object name in Swift. Example value:
- overcloud-controller-0:
- container: overcloud-controller
- object: 0
- overcloud-controller-1:
- container: overcloud-controller
- object: 1
- overcloud-controller-2:
- container: overcloud-controller
- object: 2
- overcloud-novacompute-0:
- container: overcloud-compute
- object: 0
- default: {}
-
-conditions:
- deployment_swift_data_map_unset:
- equals:
- - get_param:
- - DeploymentSwiftDataMap
- - {get_param: Hostname}
- - ""
- server_not_blacklisted:
- not:
- equals:
- - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
- - 1
-
-resources:
-
- NovaCompute:
- type: OS::TripleO::ComputeServer
- metadata:
- os-collect-config:
- command: {get_param: ConfigCommand}
- splay: {get_param: ConfigCollectSplay}
- properties:
- image: {get_param: NovaImage}
- image_update_policy:
- get_param: ImageUpdatePolicy
- flavor: {get_param: OvercloudComputeFlavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: UserData}
- name:
- str_replace:
- template: {get_param: Hostname}
- params: {get_param: HostnameMap}
- software_config_transport: {get_param: SoftwareConfigTransport}
- metadata:
- map_merge:
- - {get_param: ServerMetadata}
- - {get_param: NovaComputeServerMetadata}
- - {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: NovaComputeSchedulerHints}
- deployment_swift_data:
- if:
- - deployment_swift_data_map_unset
- - {}
- - {get_param: [DeploymentSwiftDataMap,
- {get_param: Hostname}]}
-
- # Combine the NodeAdminUserData and NodeUserData mime archives
- UserData:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: NodeAdminUserData}
- type: multipart
- - config: {get_resource: NodeUserData}
- type: multipart
- - config: {get_resource: RoleUserData}
- type: multipart
-
- # Creates the "heat-admin" user if configured via the environment
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeAdminUserData:
- type: OS::TripleO::NodeAdminUserData
-
- # For optional operator additional userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- # For optional operator role-specific userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- RoleUserData:
- type: OS::TripleO::Compute::NodeUserData
-
- ExternalPort:
- type: OS::TripleO::Compute::Ports::ExternalPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- IPPool: {get_param: NovaComputeIPs}
- NodeIndex: {get_param: NodeIndex}
-
- InternalApiPort:
- type: OS::TripleO::Compute::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- IPPool: {get_param: NovaComputeIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StoragePort:
- type: OS::TripleO::Compute::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- IPPool: {get_param: NovaComputeIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StorageMgmtPort:
- type: OS::TripleO::Compute::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- IPPool: {get_param: NovaComputeIPs}
- NodeIndex: {get_param: NodeIndex}
-
- TenantPort:
- type: OS::TripleO::Compute::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- IPPool: {get_param: NovaComputeIPs}
- NodeIndex: {get_param: NodeIndex}
-
- ManagementPort:
- type: OS::TripleO::Compute::Ports::ManagementPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- IPPool: {get_param: NovaComputeIPs}
- NodeIndex: {get_param: NodeIndex}
-
- NetIpMap:
- type: OS::TripleO::Network::Ports::NetIpMap
- properties:
- ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- ExternalIp: {get_attr: [ExternalPort, ip_address]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
- StorageIp: {get_attr: [StoragePort, ip_address]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
- TenantIp: {get_attr: [TenantPort, ip_address]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
- ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
-
- NetHostMap:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- external:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - external
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - external
- internal_api:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - internalapi
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - internalapi
- storage:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storage
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storage
- storage_mgmt:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - storagemgmt
- tenant:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - tenant
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - tenant
- management:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - management
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - management
- ctlplane:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - ctlplane
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [NovaCompute, name]}
- - ctlplane
-
- PreNetworkConfig:
- type: OS::TripleO::Compute::PreNetworkConfig
- properties:
- server: {get_resource: NovaCompute}
- RoleParameters: {get_param: RoleParameters}
- ServiceNames: {get_param: ServiceNames}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
- NetworkConfig:
- type: OS::TripleO::Compute::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: PreNetworkConfig
- properties:
- name: NetworkDeployment
- actions:
- if:
- - server_not_blacklisted
- - {get_param: NetworkDeploymentActions}
- - []
- config: {get_resource: NetworkConfig}
- server: {get_resource: NovaCompute}
- input_values:
- bridge_name: {get_param: NeutronPhysicalBridge}
- interface_name: {get_param: NeutronPublicInterface}
-
- NovaComputeUpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
- - get_param: UpgradeInitCommonCommand
-
- # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
- # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- NovaComputeUpgradeInitDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: NovaComputeUpgradeInitDeployment
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
- server: {get_resource: NovaCompute}
- config: {get_resource: NovaComputeUpgradeInitConfig}
-
- NovaComputeConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: hiera
- config:
- hierarchy:
- - '"%{::uuid}"'
- - heat_config_%{::deploy_config_name}
- - config_step
- - compute_extraconfig
- - extraconfig
- - service_names
- - service_configs
- - compute
- - bootstrap_node # provided by allNodesConfig
- - all_nodes # provided by allNodesConfig
- - vip_data # provided by allNodesConfig
- - '"%{::osfamily}"'
- - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
- - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- - midonet_data # Optionally provided by AllNodesExtraConfig
- - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
- - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
- merge_behavior: deeper
- datafiles:
- service_names:
- service_names: {get_param: ServiceNames}
- sensu::subscriptions: {get_param: MonitoringSubscriptions}
- service_configs:
- map_replace:
- - {get_param: ServiceConfigSettings}
- - values: {get_attr: [NetIpMap, net_ip_map]}
- compute_extraconfig: {get_param: NovaComputeExtraConfig}
- extraconfig: {get_param: ExtraConfig}
- compute:
- tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
- fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
-
- NovaComputeDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: NovaComputeUpgradeInitDeployment
- properties:
- name: NovaComputeDeployment
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
- config: {get_resource: NovaComputeConfig}
- server: {get_resource: NovaCompute}
- input_values:
- enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
-
- # Resource for site-specific injection of root certificate
- NodeTLSCAData:
- depends_on: NovaComputeDeployment
- type: OS::TripleO::NodeTLSCAData
- properties:
- server: {get_resource: NovaCompute}
-
- # Hook for site-specific additional pre-deployment config, e.g extra hieradata
- ComputeExtraConfigPre:
- depends_on: NovaComputeDeployment
- type: OS::TripleO::ComputeExtraConfigPre
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: NovaCompute}
-
- # Hook for site-specific additional pre-deployment config,
- # applying to all nodes, e.g node registration/unregistration
- NodeExtraConfig:
- depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
- type: OS::TripleO::NodeExtraConfig
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: NovaCompute}
-
- UpdateConfig:
- type: OS::TripleO::Tasks::PackageUpdate
-
- UpdateDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: UpdateDeployment
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
- config: {get_resource: UpdateConfig}
- server: {get_resource: NovaCompute}
- input_values:
- update_identifier:
- get_param: UpdateIdentifier
-
- DeploymentActions:
- type: OS::Heat::Value
- properties:
- value:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- SshHostPubKey:
- type: OS::TripleO::Ssh::HostPubKey
- depends_on: NovaComputeDeployment
- properties:
- server: {get_resource: NovaCompute}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- management_ip_address:
- description: IP address of the server in the management network
- value: {get_attr: [ManagementPort, ip_address]}
- deployed_server_port_map:
- description: |
- Map of Heat created hostname of the server to ip address. This is the
- hostname before it has been mapped with the HostnameMap parameter, and
- the IP address from the ctlplane network. This map can be used to construct
- the DeployedServerPortMap parameter when using split-stack.
- value:
- map_replace:
- - hostname:
- fixed_ips:
- - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- - keys:
- hostname:
- list_join:
- - '-'
- - - {get_param: Hostname}
- - ctlplane
- deployed_server_deployment_swift_data_map:
- description:
- Map of Heat created hostname of the server to the Swift container and object
- used to created the temporary url for metadata polling with
- os-collect-config.
- value:
- map_replace:
- - hostname:
- container:
- str_split:
- - '/'
- - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
- - 5
- object:
- str_split:
- - '?'
- - str_split:
- - '/'
- - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
- - 6
- - 0
- - keys: {hostname: {get_param: Hostname}}
- hostname:
- description: Hostname of the server
- value: {get_attr: [NovaCompute, name]}
- hostname_map:
- description: Mapping of network names to hostnames
- value:
- external: {get_attr: [NetHostMap, value, external, fqdn]}
- internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- management: {get_attr: [NetHostMap, value, management, fqdn]}
- ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- hosts_entry:
- description: >
- Server's IP address and hostname in the /etc/hosts format
- value:
- str_replace:
- template: |
- PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
- EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
- INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
- STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
- STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
- TENANTIP TENANTHOST.DOMAIN TENANTHOST
- MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
- CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [NovaCompute, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- known_hosts_entry:
- description: Entry for ssh known hosts
- value:
- str_replace:
- template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
-EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
-INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
-STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
-STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
-TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
-MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
-CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [NovaCompute, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
- nova_server_resource:
- description: Heat resource handle for the Nova compute server
- value:
- {get_resource: NovaCompute}
- condition: server_not_blacklisted
- os_collect_config:
- description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [NovaCompute, os_collect_config]}
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
deleted file mode 100644
index ab81d1aa..00000000
--- a/puppet/controller-role.yaml
+++ /dev/null
@@ -1,781 +0,0 @@
-heat_template_version: pike
-
-description: >
- OpenStack controller node configured by Puppet.
-
-parameters:
- controllerExtraConfig:
- default: {}
- description: |
- Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
- type: json
- ControllerExtraConfig:
- default: {}
- description: |
- Controller specific hiera configuration data to inject into the cluster.
- type: json
- ControllerIPs:
- default: {}
- description: >
- A network mapped list of IPs to assign to Controllers in the following form:
- {
- "internal_api": ["a.b.c.d", "e.f.g.h"],
- ...
- }
- type: json
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
- ExtraConfig:
- default: {}
- description: |
- Additional hieradata to inject into the cluster, note that
- ControllerExtraConfig takes precedence over ExtraConfig.
- type: json
- OvercloudControlFlavor:
- description: Flavor for control nodes to request when deploying.
- default: baremetal
- type: string
- constraints:
- - custom_constraint: nova.flavor
- controllerImage:
- type: string
- default: overcloud-full
- constraints:
- - custom_constraint: glance.image
- ImageUpdatePolicy:
- default: 'REBUILD_PRESERVE_EPHEMERAL'
- description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- type: string
- KeyName:
- default: default
- description: Name of an existing Nova key pair to enable SSH access to the instances
- type: string
- constraints:
- - custom_constraint: nova.keypair
- NeutronPhysicalBridge:
- default: 'br-ex'
- description: An OVS bridge to create for accessing external networks.
- type: string
- NeutronPublicInterface:
- default: nic1
- description: Which interface to add to the NeutronPhysicalBridge.
- type: string
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- HostnameMap:
- type: json
- default: {}
- description: Optional mapping to override hostnames
- NetworkDeploymentActions:
- type: comma_delimited_list
- description: >
- Heat action when to apply network configuration changes
- default: ['CREATE']
- NodeIndex:
- type: number
- default: 0
- SoftwareConfigTransport:
- default: POLL_SERVER_CFN
- description: |
- How the server should receive the metadata required for software configuration.
- type: string
- constraints:
- - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
- CloudDomain:
- default: 'localdomain'
- type: string
- description: >
- The DNS domain used for the hosts. This must match the
- overcloud_domain_name configured on the undercloud.
- ControllerServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This option is
- role-specific and is merged with the values given to the ServerMetadata
- parameter.
- type: json
- ServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This applies to
- all roles and is merged with a role-specific metadata parameter.
- type: json
- ControllerSchedulerHints:
- type: json
- description: Optional scheduler hints to pass to nova
- default: {}
- ServiceConfigSettings:
- type: json
- default: {}
- ServiceNames:
- type: comma_delimited_list
- default: []
- MonitoringSubscriptions:
- type: comma_delimited_list
- default: []
- ServiceMetadataSettings:
- type: json
- default: {}
- ConfigCommand:
- type: string
- description: Command which will be run whenever configuration data changes
- default: os-refresh-config --timeout 14400
- ConfigCollectSplay:
- type: number
- default: 30
- description: |
- Maximum amount of time to possibly to delay configuation collection
- polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
- the configuration collection to occur as soon as the collection process
- starts. This setting is used to prevent the configuration collection
- processes from polling all at the exact same time.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
- UpgradeInitCommonCommand:
- type: string
- description: |
- Common commands required by the upgrades process. This should not
- normally be modified by the operator and is set and unset in the
- major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
- environment files.
- default: ''
- DeploymentServerBlacklistDict:
- default: {}
- type: json
- description: >
- Map of server hostnames to blacklist from any triggered
- deployments. If the value is 1, the server will be blacklisted. This
- parameter is generated from the parent template.
- RoleParameters:
- type: json
- description: Parameters specific to the role
- default: {}
- DeploymentSwiftDataMap:
- type: json
- description: |
- Map of servers to Swift container and object for storing deployment data.
- The keys are the Heat assigned hostnames, and the value is a map of the
- container/object name in Swift. Example value:
- overcloud-controller-0:
- container: overcloud-controller
- object: 0
- overcloud-controller-1:
- container: overcloud-controller
- object: 1
- overcloud-controller-2:
- container: overcloud-controller
- object: 2
- overcloud-novacompute-0:
- container: overcloud-compute
- object: 0
- default: {}
-
-parameter_groups:
-- label: deprecated
- description: Do not use deprecated params, they will be removed.
- parameters:
- - controllerExtraConfig
-
-conditions:
- server_not_blacklisted:
- not:
- equals:
- - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
- - 1
- deployment_swift_data_map_unset:
- equals:
- - get_param:
- - DeploymentSwiftDataMap
- - {get_param: Hostname}
- - ""
-
-resources:
-
- Controller:
- type: OS::TripleO::ControllerServer
- metadata:
- os-collect-config:
- command: {get_param: ConfigCommand}
- splay: {get_param: ConfigCollectSplay}
- properties:
- image: {get_param: controllerImage}
- image_update_policy: {get_param: ImageUpdatePolicy}
- flavor: {get_param: OvercloudControlFlavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: UserData}
- name:
- str_replace:
- template: {get_param: Hostname}
- params: {get_param: HostnameMap}
- software_config_transport: {get_param: SoftwareConfigTransport}
- metadata:
- map_merge:
- - {get_param: ServerMetadata}
- - {get_param: ControllerServerMetadata}
- - {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: ControllerSchedulerHints}
- deployment_swift_data:
- if:
- - deployment_swift_data_map_unset
- - {}
- - {get_param: [DeploymentSwiftDataMap,
- {get_param: Hostname}]}
-
- # Combine the NodeAdminUserData and NodeUserData mime archives
- UserData:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: NodeAdminUserData}
- type: multipart
- - config: {get_resource: NodeUserData}
- type: multipart
- - config: {get_resource: RoleUserData}
- type: multipart
-
- # Creates the "heat-admin" user if configured via the environment
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeAdminUserData:
- type: OS::TripleO::NodeAdminUserData
-
- # For optional operator additional userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- # For optional operator role-specific userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- RoleUserData:
- type: OS::TripleO::Controller::NodeUserData
-
- ExternalPort:
- type: OS::TripleO::Controller::Ports::ExternalPort
- properties:
- IPPool: {get_param: ControllerIPs}
- NodeIndex: {get_param: NodeIndex}
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- InternalApiPort:
- type: OS::TripleO::Controller::Ports::InternalApiPort
- properties:
- IPPool: {get_param: ControllerIPs}
- NodeIndex: {get_param: NodeIndex}
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- StoragePort:
- type: OS::TripleO::Controller::Ports::StoragePort
- properties:
- IPPool: {get_param: ControllerIPs}
- NodeIndex: {get_param: NodeIndex}
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- StorageMgmtPort:
- type: OS::TripleO::Controller::Ports::StorageMgmtPort
- properties:
- IPPool: {get_param: ControllerIPs}
- NodeIndex: {get_param: NodeIndex}
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- TenantPort:
- type: OS::TripleO::Controller::Ports::TenantPort
- properties:
- IPPool: {get_param: ControllerIPs}
- NodeIndex: {get_param: NodeIndex}
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- ManagementPort:
- type: OS::TripleO::Controller::Ports::ManagementPort
- properties:
- IPPool: {get_param: ControllerIPs}
- NodeIndex: {get_param: NodeIndex}
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- NetIpMap:
- type: OS::TripleO::Network::Ports::NetIpMap
- properties:
- ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
- ExternalIp: {get_attr: [ExternalPort, ip_address]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
- StorageIp: {get_attr: [StoragePort, ip_address]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
- TenantIp: {get_attr: [TenantPort, ip_address]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
- ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
-
- NetHostMap:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- external:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - external
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - external
- internal_api:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - internalapi
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - internalapi
- storage:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storage
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storage
- storage_mgmt:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - storagemgmt
- tenant:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - tenant
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - tenant
- management:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - management
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - management
- ctlplane:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - ctlplane
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [Controller, name]}
- - ctlplane
-
- PreNetworkConfig:
- type: OS::TripleO::Controller::PreNetworkConfig
- properties:
- server: {get_resource: Controller}
- RoleParameters: {get_param: RoleParameters}
- ServiceNames: {get_param: ServiceNames}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
- NetworkConfig:
- type: OS::TripleO::Controller::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: PreNetworkConfig
- properties:
- name: NetworkDeployment
- config: {get_resource: NetworkConfig}
- server: {get_resource: Controller}
- actions:
- if:
- - server_not_blacklisted
- - {get_param: NetworkDeploymentActions}
- - []
- input_values:
- bridge_name: {get_param: NeutronPhysicalBridge}
- interface_name: {get_param: NeutronPublicInterface}
-
- # Resource for site-specific injection of root certificate
- NodeTLSCAData:
- depends_on: NetworkDeployment
- type: OS::TripleO::NodeTLSCAData
- properties:
- server: {get_resource: Controller}
-
- # Resource for site-specific passing of private keys/certificates
- NodeTLSData:
- depends_on: NodeTLSCAData
- type: OS::TripleO::NodeTLSData
- properties:
- server: {get_resource: Controller}
- NodeIndex: {get_param: NodeIndex}
-
- ControllerUpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
- - get_param: UpgradeInitCommonCommand
-
- # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
- # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- ControllerUpgradeInitDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: ControllerUpgradeInitDeployment
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
- server: {get_resource: Controller}
- config: {get_resource: ControllerUpgradeInitConfig}
-
- ControllerDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: ControllerUpgradeInitDeployment
- properties:
- name: ControllerDeployment
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
- config: {get_resource: ControllerConfig}
- server: {get_resource: Controller}
- input_values:
- enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
-
- # Map heat metadata into hiera datafiles
- ControllerConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: hiera
- config:
- hierarchy:
- - '"%{::uuid}"'
- - heat_config_%{::deploy_config_name}
- - config_step
- - controller_extraconfig
- - extraconfig
- - service_configs
- - service_names
- - controller
- - bootstrap_node # provided by BootstrapNodeConfig
- - all_nodes # provided by allNodesConfig
- - vip_data # provided by allNodesConfig
- - '"%{::osfamily}"'
- - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
- - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- - midonet_data #Optionally provided by AllNodesExtraConfig
- - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
- merge_behavior: deeper
- datafiles:
- service_names:
- service_names: {get_param: ServiceNames}
- sensu::subscriptions: {get_param: MonitoringSubscriptions}
- service_configs:
- map_replace:
- - {get_param: ServiceConfigSettings}
- - values: {get_attr: [NetIpMap, net_ip_map]}
- controller_extraconfig:
- map_merge:
- - {get_param: controllerExtraConfig}
- - {get_param: ControllerExtraConfig}
- extraconfig: {get_param: ExtraConfig}
- controller:
- # Misc
- tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
- fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
-
- # Hook for site-specific additional pre-deployment config, e.g extra hieradata
- ControllerExtraConfigPre:
- depends_on: ControllerDeployment
- type: OS::TripleO::ControllerExtraConfigPre
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: Controller}
-
- # Hook for site-specific additional pre-deployment config,
- # applying to all nodes, e.g node registration/unregistration
- NodeExtraConfig:
- depends_on: [ControllerExtraConfigPre, NodeTLSData]
- type: OS::TripleO::NodeExtraConfig
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: Controller}
-
- UpdateConfig:
- type: OS::TripleO::Tasks::PackageUpdate
-
- UpdateDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: UpdateDeployment
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
- config: {get_resource: UpdateConfig}
- server: {get_resource: Controller}
- input_values:
- update_identifier:
- get_param: UpdateIdentifier
-
- DeploymentActions:
- type: OS::Heat::Value
- properties:
- value:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- SshHostPubKey:
- type: OS::TripleO::Ssh::HostPubKey
- depends_on: ControllerDeployment
- properties:
- server: {get_resource: Controller}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [Controller, networks, ctlplane, 0]}
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- management_ip_address:
- description: IP address of the server in the management network
- value: {get_attr: [ManagementPort, ip_address]}
- deployed_server_port_map:
- description:
- Map of Heat created hostname of the server to ip address. This is the
- hostname before it has been mapped with the HostnameMap parameter, and
- the IP address from the ctlplane network. This map can be used to construct
- the DeployedServerPortMap parameter when using split-stack.
- value:
- map_replace:
- - hostname:
- fixed_ips:
- - ip_address: {get_attr: [Controller, networks, ctlplane, 0]}
- - keys:
- hostname:
- list_join:
- - '-'
- - - {get_param: Hostname}
- - ctlplane
- deployed_server_deployment_swift_data_map:
- description:
- Map of Heat created hostname of the server to the Swift container and object
- used to created the temporary url for metadata polling with
- os-collect-config.
- value:
- map_replace:
- - hostname:
- container:
- str_split:
- - '/'
- - {get_attr: [Controller, os_collect_config, request, metadata_url]}
- - 5
- object:
- str_split:
- - '?'
- - str_split:
- - '/'
- - {get_attr: [Controller, os_collect_config, request, metadata_url]}
- - 6
- - 0
- - keys: {hostname: {get_param: Hostname}}
- hostname:
- description: Hostname of the server
- value: {get_attr: [Controller, name]}
- hostname_map:
- description: Mapping of network names to hostnames
- value:
- external: {get_attr: [NetHostMap, value, external, fqdn]}
- internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- management: {get_attr: [NetHostMap, value, management, fqdn]}
- ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- hosts_entry:
- description: >
- Server's IP address and hostname in the /etc/hosts format
- value:
- str_replace:
- template: |
- PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
- EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
- INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
- STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
- STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
- TENANTIP TENANTHOST.DOMAIN TENANTHOST
- MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
- CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [Controller, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- known_hosts_entry:
- description: Entry for ssh known hosts
- value:
- str_replace:
- template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
-EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
-INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
-STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
-STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
-TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
-MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
-CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [Controller, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
- nova_server_resource:
- description: Heat resource handle for the Nova compute server
- value:
- {get_resource: Controller}
- condition: server_not_blacklisted
- tls_key_modulus_md5:
- description: MD5 checksum of the TLS Key Modulus
- value: {get_attr: [NodeTLSData, key_modulus_md5]}
- tls_cert_modulus_md5:
- description: MD5 checksum of the TLS Certificate Modulus
- value: {get_attr: [NodeTLSData, cert_modulus_md5]}
- os_collect_config:
- description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [Controller, os_collect_config]}
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
deleted file mode 100644
index 10e56450..00000000
--- a/puppet/objectstorage-role.yaml
+++ /dev/null
@@ -1,703 +0,0 @@
-heat_template_version: pike
-description: 'OpenStack swift storage node configured by Puppet'
-parameters:
- OvercloudSwiftStorageFlavor:
- description: Flavor for Swift storage nodes to request when deploying.
- default: baremetal
- type: string
- constraints:
- - custom_constraint: nova.flavor
- SwiftStorageImage:
- default: overcloud-full
- type: string
- constraints:
- - custom_constraint: glance.image
- KeyName:
- default: default
- description: Name of an existing Nova key pair to enable SSH access to the instances
- type: string
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- HostnameMap:
- type: json
- default: {}
- description: Optional mapping to override hostnames
- ExtraConfig:
- default: {}
- description: |
- Additional hiera configuration to inject into the cluster. Note
- that ObjectStorageExtraConfig takes precedence over ExtraConfig.
- type: json
- ObjectStorageExtraConfig:
- default: {}
- description: |
- Role specific additional hiera configuration to inject into the cluster.
- type: json
- SwiftStorageIPs:
- default: {}
- type: json
- NetworkDeploymentActions:
- type: comma_delimited_list
- description: >
- Heat action when to apply network configuration changes
- default: ['CREATE']
- SoftwareConfigTransport:
- default: POLL_SERVER_CFN
- description: |
- How the server should receive the metadata required for software configuration.
- type: string
- constraints:
- - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
- CloudDomain:
- default: 'localdomain'
- type: string
- description: >
- The DNS domain used for the hosts. This must match the
- overcloud_domain_name configured on the undercloud.
- SwiftStorageServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This option is
- role-specific and is merged with the values given to the ServerMetadata
- parameter.
- type: json
- ServerMetadata:
- default: {}
- description: >
- Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API. This applies to
- all roles and is merged with a role-specific metadata parameter.
- type: json
- ObjectStorageSchedulerHints:
- type: json
- description: Optional scheduler hints to pass to nova
- default: {}
- NodeIndex:
- type: number
- default: 0
- ServiceConfigSettings:
- type: json
- default: {}
- ServiceNames:
- type: comma_delimited_list
- default: []
- MonitoringSubscriptions:
- type: comma_delimited_list
- default: []
- ServiceMetadataSettings:
- type: json
- default: {}
- ConfigCommand:
- type: string
- description: Command which will be run whenever configuration data changes
- default: os-refresh-config --timeout 14400
- ConfigCollectSplay:
- type: number
- default: 30
- description: |
- Maximum amount of time to possibly to delay configuation collection
- polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
- the configuration collection to occur as soon as the collection process
- starts. This setting is used to prevent the configuration collection
- processes from polling all at the exact same time.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
- UpgradeInitCommonCommand:
- type: string
- description: |
- Common commands required by the upgrades process. This should not
- normally be modified by the operator and is set and unset in the
- major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
- environment files.
- default: ''
- DeploymentServerBlacklistDict:
- default: {}
- type: json
- description: >
- Map of server hostnames to blacklist from any triggered
- deployments. If the value is 1, the server will be blacklisted. This
- parameter is generated from the parent template.
- RoleParameters:
- type: json
- description: Parameters specific to the role
- default: {}
- DeploymentSwiftDataMap:
- type: json
- description: |
- Map of servers to Swift container and object for storing deployment data.
- The keys are the Heat assigned hostnames, and the value is a map of the
- container/object name in Swift. Example value:
- overcloud-controller-0:
- container: overcloud-controller
- object: 0
- overcloud-controller-1:
- container: overcloud-controller
- object: 1
- overcloud-controller-2:
- container: overcloud-controller
- object: 2
- overcloud-novacompute-0:
- container: overcloud-compute
- object: 0
- default: {}
-
-conditions:
- server_not_blacklisted:
- not:
- equals:
- - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
- - 1
- deployment_swift_data_map_unset:
- equals:
- - get_param:
- - DeploymentSwiftDataMap
- - {get_param: Hostname}
- - ""
-
-resources:
-
- SwiftStorage:
- type: OS::TripleO::ObjectStorageServer
- metadata:
- os-collect-config:
- command: {get_param: ConfigCommand}
- splay: {get_param: ConfigCollectSplay}
- properties:
- image: {get_param: SwiftStorageImage}
- flavor: {get_param: OvercloudSwiftStorageFlavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: UserData}
- name:
- str_replace:
- template: {get_param: Hostname}
- params: {get_param: HostnameMap}
- software_config_transport: {get_param: SoftwareConfigTransport}
- metadata:
- map_merge:
- - {get_param: ServerMetadata}
- - {get_param: SwiftStorageServerMetadata}
- - {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: ObjectStorageSchedulerHints}
- deployment_swift_data:
- if:
- - deployment_swift_data_map_unset
- - {}
- - {get_param: [DeploymentSwiftDataMap,
- {get_param: Hostname}]}
-
- # Combine the NodeAdminUserData and NodeUserData mime archives
- UserData:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: NodeAdminUserData}
- type: multipart
- - config: {get_resource: NodeUserData}
- type: multipart
- - config: {get_resource: RoleUserData}
- type: multipart
-
- # Creates the "heat-admin" user if configured via the environment
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeAdminUserData:
- type: OS::TripleO::NodeAdminUserData
-
- # For optional operator additional userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- # For optional operator role-specific userdata
- # Should return a OS::Heat::MultipartMime reference via OS::stack_id
- RoleUserData:
- type: OS::TripleO::ObjectStorage::NodeUserData
-
- ExternalPort:
- type: OS::TripleO::SwiftStorage::Ports::ExternalPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- IPPool: {get_param: SwiftStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- InternalApiPort:
- type: OS::TripleO::SwiftStorage::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- IPPool: {get_param: SwiftStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StoragePort:
- type: OS::TripleO::SwiftStorage::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- IPPool: {get_param: SwiftStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- StorageMgmtPort:
- type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- IPPool: {get_param: SwiftStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- TenantPort:
- type: OS::TripleO::SwiftStorage::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- IPPool: {get_param: SwiftStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- ManagementPort:
- type: OS::TripleO::SwiftStorage::Ports::ManagementPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- IPPool: {get_param: SwiftStorageIPs}
- NodeIndex: {get_param: NodeIndex}
-
- NetworkConfig:
- type: OS::TripleO::ObjectStorage::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
-
- NetIpMap:
- type: OS::TripleO::Network::Ports::NetIpMap
- properties:
- ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- ExternalIp: {get_attr: [ExternalPort, ip_address]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
- StorageIp: {get_attr: [StoragePort, ip_address]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
- TenantIp: {get_attr: [TenantPort, ip_address]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
- ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
-
- NetHostMap:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- external:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - external
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - external
- internal_api:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - internalapi
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - internalapi
- storage:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storage
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storage
- storage_mgmt:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storagemgmt
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - storagemgmt
- tenant:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - tenant
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - tenant
- management:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - management
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - management
- ctlplane:
- fqdn:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - ctlplane
- - {get_param: CloudDomain}
- short:
- list_join:
- - '.'
- - - {get_attr: [SwiftStorage, name]}
- - ctlplane
-
- PreNetworkConfig:
- type: OS::TripleO::ObjectStorage::PreNetworkConfig
- properties:
- server: {get_resource: SwiftStorage}
- RoleParameters: {get_param: RoleParameters}
- ServiceNames: {get_param: ServiceNames}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- depends_on: PreNetworkConfig
- properties:
- name: NetworkDeployment
- config: {get_resource: NetworkConfig}
- server: {get_resource: SwiftStorage}
- actions:
- if:
- - server_not_blacklisted
- - {get_param: NetworkDeploymentActions}
- - []
-
-
- SwiftStorageUpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
- - get_param: UpgradeInitCommonCommand
-
- # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
- # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- SwiftStorageUpgradeInitDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- name: SwiftStorageUpgradeInitDeployment
- server: {get_resource: SwiftStorage}
- config: {get_resource: SwiftStorageUpgradeInitConfig}
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- SwiftStorageHieraConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: hiera
- config:
- hierarchy:
- - '"%{::uuid}"'
- - heat_config_%{::deploy_config_name}
- - config_step
- - object_extraconfig
- - extraconfig
- - service_names
- - service_configs
- - object
- - bootstrap_node # provided by allNodesConfig
- - all_nodes # provided by allNodesConfig
- - vip_data # provided by allNodesConfig
- - '"%{::osfamily}"'
- merge_behavior: deeper
- datafiles:
- service_names:
- service_names: {get_param: ServiceNames}
- sensu::subscriptions: {get_param: MonitoringSubscriptions}
- service_configs:
- map_replace:
- - {get_param: ServiceConfigSettings}
- - values: {get_attr: [NetIpMap, net_ip_map]}
- object_extraconfig: {get_param: ObjectStorageExtraConfig}
- extraconfig: {get_param: ExtraConfig}
- object:
- tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
- fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
-
- SwiftStorageHieraDeploy:
- type: OS::Heat::StructuredDeployment
- depends_on: SwiftStorageUpgradeInitDeployment
- properties:
- name: SwiftStorageHieraDeploy
- server: {get_resource: SwiftStorage}
- config: {get_resource: SwiftStorageHieraConfig}
- input_values:
- enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- # Resource for site-specific injection of root certificate
- NodeTLSCAData:
- depends_on: SwiftStorageHieraDeploy
- type: OS::TripleO::NodeTLSCAData
- properties:
- server: {get_resource: SwiftStorage}
-
- # Hook for site-specific additional pre-deployment config,
- # applying to all nodes, e.g node registration/unregistration
- NodeExtraConfig:
- depends_on: NodeTLSCAData
- type: OS::TripleO::NodeExtraConfig
- # We have to use conditions here so that we don't break backwards
- # compatibility with templates everywhere
- condition: server_not_blacklisted
- properties:
- server: {get_resource: SwiftStorage}
-
- UpdateConfig:
- type: OS::TripleO::Tasks::PackageUpdate
-
- UpdateDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: NetworkDeployment
- properties:
- config: {get_resource: UpdateConfig}
- server: {get_resource: SwiftStorage}
- input_values:
- update_identifier:
- get_param: UpdateIdentifier
- actions:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- DeploymentActions:
- type: OS::Heat::Value
- properties:
- value:
- if:
- - server_not_blacklisted
- - ['CREATE', 'UPDATE']
- - []
-
- SshHostPubKey:
- type: OS::TripleO::Ssh::HostPubKey
- depends_on: SwiftStorageHieraDeploy
- properties:
- server: {get_resource: SwiftStorage}
- deployment_actions: {get_attr: [DeploymentActions, value]}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- hostname:
- description: Hostname of the server
- value: {get_attr: [SwiftStorage, name]}
- hostname_map:
- description: Mapping of network names to hostnames
- value:
- external: {get_attr: [NetHostMap, value, external, fqdn]}
- internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- management: {get_attr: [NetHostMap, value, management, fqdn]}
- ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
- hosts_entry:
- value:
- str_replace:
- template: |
- PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
- EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
- INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
- STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
- STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
- TENANTIP TENANTHOST.DOMAIN TENANTHOST
- MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
- CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [SwiftStorage, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- known_hosts_entry:
- description: Entry for ssh known hosts
- value:
- str_replace:
- template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
-EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
-INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
-STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
-STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
-TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
-MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
-CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
- params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]}
- DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [SwiftStorage, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
- HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
- nova_server_resource:
- description: Heat resource handle for the swift storage server
- value:
- {get_resource: SwiftStorage}
- condition: server_not_blacklisted
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- management_ip_address:
- description: IP address of the server in the management network
- value: {get_attr: [ManagementPort, ip_address]}
- deployed_server_port_map:
- description: |
- Map of Heat created hostname of the server to ip address. This is the
- hostname before it has been mapped with the HostnameMap parameter, and
- the IP address from the ctlplane network. This map can be used to construct
- the DeployedServerPortMap parameter when using split-stack.
- value:
- map_replace:
- - hostname:
- fixed_ips:
- - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- - keys:
- hostname:
- list_join:
- - '-'
- - - {get_param: Hostname}
- - ctlplane
- deployed_server_deployment_swift_data_map:
- description:
- Map of Heat created hostname of the server to the Swift container and object
- used to created the temporary url for metadata polling with
- os-collect-config.
- value:
- map_replace:
- - hostname:
- container:
- str_split:
- - '/'
- - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
- - 5
- object:
- str_split:
- - '?'
- - str_split:
- - '/'
- - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
- - 6
- - 0
- - keys: {hostname: {get_param: Hostname}}
- os_collect_config:
- description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [SwiftStorage, os_collect_config]}
diff --git a/puppet/post-upgrade.j2.yaml b/puppet/post-upgrade.j2.yaml
deleted file mode 100644
index bdd1e613..00000000
--- a/puppet/post-upgrade.j2.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-heat_template_version: pike
-
-description: >
- Post-upgrade configuration steps via puppet for all roles
- where upgrade is not disabled as defined in ../roles_data.yaml
-
-parameters:
- servers:
- type: json
- description: Mapping of Role name e.g Controller to a list of servers
- stack_name:
- type: string
- description: Name of the topmost stack
- role_data:
- type: json
- description: Mapping of Role name e.g Controller to the per-role data
- DeployIdentifier:
- default: ''
- type: string
- description: >
- Setting this to a unique value will re-run any deployment tasks which
- perform configuration on a Heat stack-update.
- ctlplane_service_ips:
- type: json
-
-resources:
-# Note the include here is the same as post.j2.yaml but the data used at
-# the time of rendering is different if any roles disable upgrades
-{% set roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
-{% include 'puppet-steps.j2' %}
diff --git a/puppet/post.j2.yaml b/puppet/post.j2.yaml
deleted file mode 100644
index 67e1ecfd..00000000
--- a/puppet/post.j2.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-heat_template_version: pike
-
-description: >
- Post-deploy configuration steps via puppet for all roles,
- as defined in ../roles_data.yaml
-
-parameters:
- servers:
- type: json
- description: Mapping of Role name e.g Controller to a list of servers
- stack_name:
- type: string
- description: Name of the topmost stack
- role_data:
- type: json
- description: Mapping of Role name e.g Controller to the per-role data
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- DeployIdentifier:
- default: ''
- type: string
- description: >
- Setting this to a unique value will re-run any deployment tasks which
- perform configuration on a Heat stack-update.
- ctlplane_service_ips:
- type: json
-
-{% include 'puppet-steps.j2' %}
diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2
deleted file mode 100644
index f7651a57..00000000
--- a/puppet/puppet-steps.j2
+++ /dev/null
@@ -1,156 +0,0 @@
-{% set deploy_steps_max = 6 %}
-conditions:
-{% for step in range(1, deploy_steps_max) %}
- WorkflowTasks_Step{{step}}_Enabled:
- or:
- {%- for role in roles %}
- - not:
- equals:
- - get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}]
- - ''
- - False
- {%- endfor %}
-{% endfor %}
-
-resources:
- # Post deployment steps for all roles
- # A single config is re-applied with an incrementing step number
-{% for role in roles %}
- # {{role.name}} Role post-deploy steps
- {{role.name}}ArtifactsConfig:
- type: deploy-artifacts.yaml
-
- {{role.name}}ArtifactsDeploy:
- type: OS::Heat::StructuredDeployments
- properties:
- name: {{role.name}}ArtifactsDeploy
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: {{role.name}}ArtifactsConfig}
-
- {{role.name}}PreConfig:
- type: OS::TripleO::Tasks::{{role.name}}PreConfig
- properties:
- servers: {get_param: [servers, {{role.name}}]}
- input_values:
- update_identifier: {get_param: DeployIdentifier}
-
- {{role.name}}Config:
- type: OS::TripleO::{{role.name}}Config
- properties:
- StepConfig: {get_param: [role_data, {{role.name}}, step_config]}
-
- # Step through a series of configuration steps
-{% for step in range(1, deploy_steps_max) %}
- {{role.name}}Deployment_Step{{step}}:
- type: OS::Heat::StructuredDeploymentGroup
- depends_on:
- - WorkflowTasks_Step{{step}}_Execution
- # TODO(gfidente): the following if/else condition
- # replicates what is already defined for the
- # WorkflowTasks_StepX resource and can be remove
- # if https://bugs.launchpad.net/heat/+bug/1700569
- # is fixed.
- {%- if step == 1 %}
- {%- for dep in roles %}
- - {{dep.name}}PreConfig
- - {{dep.name}}ArtifactsDeploy
- {%- endfor %}
- {%- else %}
- {%- for dep in roles %}
- - {{dep.name}}Deployment_Step{{step -1}}
- {%- endfor %}
- {%- endif %}
- properties:
- name: {{role.name}}Deployment_Step{{step}}
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: {{role.name}}Config}
- input_values:
- step: {{step}}
- update_identifier: {get_param: DeployIdentifier}
-{% endfor %}
-
- # Note, this should be the last step to execute configuration changes.
- # Ensure that all {{role.name}}ExtraConfigPost steps are executed
- # after all the previous deployment steps.
- {{role.name}}ExtraConfigPost:
- depends_on:
- {%- for dep in roles %}
- - {{dep.name}}Deployment_Step5
- {%- endfor %}
- type: OS::TripleO::NodeExtraConfigPost
- properties:
- servers: {get_param: [servers, {{role.name}}]}
-
- # The {{role.name}}PostConfig steps are in charge of
- # quiescing all services, i.e. in the Controller case,
- # we should run a full service reload.
- {{role.name}}PostConfig:
- type: OS::TripleO::Tasks::{{role.name}}PostConfig
- depends_on:
- {%- for dep in roles %}
- - {{dep.name}}ExtraConfigPost
- {%- endfor %}
- properties:
- servers: {get_param: servers}
- input_values:
- update_identifier: {get_param: DeployIdentifier}
-
-
-{% endfor %}
-
-# BEGIN service_workflow_tasks handling
-{% for step in range(1, deploy_steps_max) %}
- WorkflowTasks_Step{{step}}:
- type: OS::Mistral::Workflow
- condition: WorkflowTasks_Step{{step}}_Enabled
- depends_on:
- {%- if step == 1 %}
- {%- for dep in roles %}
- - {{dep.name}}PreConfig
- - {{dep.name}}ArtifactsDeploy
- {%- endfor %}
- {%- else %}
- {%- for dep in roles %}
- - {{dep.name}}Deployment_Step{{step -1}}
- {%- endfor %}
- {%- endif %}
- properties:
- name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflowtasks", "step{{step}}"]]}
- type: direct
- tasks:
- yaql:
- expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten()
- data:
- {%- for role in roles %}
- - get_param: [role_data, {{role.name}}, service_workflow_tasks]
- {%- endfor %}
-
- WorkflowTasks_Step{{step}}_Execution:
- type: OS::Mistral::ExternalResource
- condition: WorkflowTasks_Step{{step}}_Enabled
- depends_on: WorkflowTasks_Step{{step}}
- properties:
- actions:
- CREATE:
- workflow: { get_resource: WorkflowTasks_Step{{step}} }
- params:
- env:
- service_ips: { get_param: ctlplane_service_ips }
- role_merged_configs:
- {%- for r in roles %}
- {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
- {%- endfor %}
- evaluate_env: false
- UPDATE:
- workflow: { get_resource: WorkflowTasks_Step{{step}} }
- params:
- env:
- service_ips: { get_param: ctlplane_service_ips }
- role_merged_configs:
- {%- for r in roles %}
- {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
- {%- endfor %}
- evaluate_env: false
- always_update: true
-{% endfor %}
-# END service_workflow_tasks handling
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index f1abf8dd..5453e65c 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -1,27 +1,40 @@
-{# ## Some variables are set to enable rendering backwards compatible templates #}
-{# ## where a few parameter/resource names don't match the expected pattern #}
-{# ## FIXME: we need some way to deprecate the old inconsistent parameters #}
-{%- if role.name == 'Controller' -%}
- {%- set deprecated_extraconfig_param = 'controllerExtraConfig' -%}
-{% endif %}
+{#- ## Some variables are set to enable rendering backwards compatible templates #}
+{#- ## where a few parameter/resource names don't match the expected pattern #}
+{#- ## FIXME: we need some way to deprecate the old inconsistent parameters #}
+{%- set server_resource_name = role.deprecated_server_resource_name|default(role.name) -%}
heat_template_version: pike
description: 'OpenStack {{role.name}} node configured by Puppet'
parameters:
+{%- set default_flavor_name = 'baremetal' %}
+{%- if role.deprecated_param_flavor is defined %}
+ {{role.deprecated_param_flavor}}:
+ description: DEPRECATED Use Overcloud{{role.name}}Flavor instead.
+ default: {{default_flavor_name}}
+ type: string
+{%- endif %}
Overcloud{{role.name}}Flavor:
description: Flavor for the {{role.name}} node.
- default: baremetal
+ default: {{default_flavor_name}}
type: string
-{% if role.disable_constraints is not defined %}
+{%- if role.disable_constraints is not defined %}
constraints:
- custom_constraint: nova.flavor
-{% endif %}
+{%- endif %}
+{%- set default_image_name = 'overcloud-full' %}
+{%- if role.deprecated_param_image is defined %}
+ {{role.deprecated_param_image}}:
+ type: string
+ default: {{default_image_name}}
+ description: DEPRECATED Use {{role.name}}Image instead
+{%- endif %}
{{role.name}}Image:
type: string
- default: overcloud-full
-{% if role.disable_constraints is not defined %}
+ default: {{default_image_name}}
+ description: The disk image file to use for the role.
+{%- if role.disable_constraints is not defined %}
constraints:
- custom_constraint: glance.image
-{% endif %}
+{%- endif %}
ImageUpdatePolicy:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
@@ -30,13 +43,13 @@ parameters:
description: Name of an existing Nova key pair to enable SSH access to the instances
type: string
default: default
-{% if role.disable_constraints is not defined %}
+{%- if role.disable_constraints is not defined %}
constraints:
- custom_constraint: nova.keypair
-{% endif %}
+{%- endif %}
NeutronPhysicalBridge:
default: 'br-ex'
- description: An OVS bridge to create for accessing tenant networks.
+ description: An OVS bridge to create for accessing external networks.
type: string
NeutronPublicInterface:
default: nic1
@@ -76,8 +89,8 @@ parameters:
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
-{%- if deprecated_extraconfig_param is defined %}
- {{deprecated_extraconfig_param}}:
+{%- if role.deprecated_param_extraconfig is defined %}
+ {{role.deprecated_param_extraconfig}}:
default: {}
description: |
DEPRECATED use {{role.name}}ExtraConfig instead
@@ -86,6 +99,12 @@ parameters:
{{role.name}}IPs:
default: {}
type: json
+{%- if role.deprecated_param_ips is defined %}
+ {{role.deprecated_param_ips}}:
+ default: {}
+ description: DEPRECATED - use {{role.name}}IPs instead
+ type: json
+{%- endif %}
NetworkDeploymentActions:
type: comma_delimited_list
description: >
@@ -112,6 +131,12 @@ parameters:
role-specific and is merged with the values given to the ServerMetadata
parameter.
type: json
+{%- if role.deprecated_param_metadata is defined %}
+ {{role.deprecated_param_metadata}}:
+ default: {}
+ description: DEPRECATED - use {{role.name}}ServerMetadata instead
+ type: json
+{%- endif %}
ServerMetadata:
default: {}
description: >
@@ -123,6 +148,12 @@ parameters:
type: json
description: Optional scheduler hints to pass to nova
default: {}
+{%- if role.deprecated_param_scheduler_hints is defined %}
+ {{role.deprecated_param_scheduler_hints}}:
+ type: json
+ description: DEPRECATED - use {{role.name}}SchedulerHints instead
+ default: {}
+{%- endif %}
NodeIndex:
type: number
default: 0
@@ -202,12 +233,16 @@ parameters:
object: 0
default: {}
-{% if deprecated_extraconfig_param is defined %}
+{% if role.uses_deprecated_params is defined %}
parameter_groups:
- label: deprecated
description: Do not use deprecated params, they will be removed.
parameters:
- - {{deprecated_extraconfig_param}}
+{%- for property in role %}
+{%- if property.startswith('deprecated_param_') %}
+ - {{role[property]}}
+{%- endif %}
+{%- endfor %}
{%- endif %}
conditions:
@@ -222,18 +257,48 @@ conditions:
- DeploymentSwiftDataMap
- {get_param: Hostname}
- ""
+{%- if role.deprecated_param_image is defined %}
+ deprecated_param_image_set:
+ not:
+ equals:
+ - {get_param: {{role.deprecated_param_image}}}
+ - {{default_image_name}}
+{%- endif %}
+{%- if role.deprecated_param_flavor is defined %}
+ deprecated_param_flavor_set:
+ not:
+ equals:
+ - {get_param: {{role.deprecated_param_flavor}}}
+ - {{default_flavor_name}}
+{%- endif %}
resources:
- {{role.name}}:
+ {{server_resource_name}}:
type: OS::TripleO::{{role.name}}Server
metadata:
os-collect-config:
command: {get_param: ConfigCommand}
splay: {get_param: ConfigCollectSplay}
properties:
- image: {get_param: {{role.name}}Image}
+ image:
+{%- if role.deprecated_param_image is defined %}
+ if:
+ - deprecated_param_image_set
+ - {get_param: {{role.deprecated_param_image}}}
+ - {get_param: {{role.name}}Image}
+{%- else %}
+ get_param: {{role.name}}Image
+{%- endif %}
image_update_policy: {get_param: ImageUpdatePolicy}
- flavor: {get_param: Overcloud{{role.name}}Flavor}
+ flavor:
+{%- if role.deprecated_param_flavor is defined %}
+ if:
+ - deprecated_param_flavor_set
+ - {get_param: {{role.deprecated_param_flavor}}}
+ - {get_param: Overcloud{{role.name}}Flavor}
+{%- else %}
+ get_param: Overcloud{{role.name}}Flavor
+{%- endif %}
key_name: {get_param: KeyName}
networks:
- network: ctlplane
@@ -247,9 +312,17 @@ resources:
metadata:
map_merge:
- {get_param: ServerMetadata}
+{%- if role.deprecated_param_metadata is defined %}
+ - {get_param: {{role.deprecated_param_metadata}}}
+{%- endif %}
- {get_param: {{role.name}}ServerMetadata}
- {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: {{role.name}}SchedulerHints}
+ scheduler_hints:
+ map_merge:
+{%- if role.deprecated_param_scheduler_hints is defined %}
+ - {get_param: {{role.deprecated_param_scheduler_hints}}}
+{%- endif %}
+ - {get_param: {{role.name}}SchedulerHints}
deployment_swift_data:
if:
- deployment_swift_data_map_unset
@@ -288,15 +361,20 @@ resources:
{{network.name}}Port:
type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port
properties:
- ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role.name}}IPs}
+ ControlPlaneIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
+ IPPool:
+ map_merge:
+{%- if role.deprecated_param_ips is defined %}
+ - {get_param: {{role.deprecated_param_ips}}}
+{%- endif %}
+ - {get_param: {{role.name}}IPs}
NodeIndex: {get_param: NodeIndex}
{%- endfor %}
NetworkConfig:
type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
properties:
- ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
{%- for network in networks %}
{{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
{%- endfor %}
@@ -304,7 +382,7 @@ resources:
NetIpMap:
type: OS::TripleO::Network::Ports::NetIpMap
properties:
- ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
{%- for network in networks %}
{{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]}
{{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
@@ -320,91 +398,91 @@ resources:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- external
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- external
internal_api:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- internalapi
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- internalapi
storage:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- storage
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- storage
storage_mgmt:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- storagemgmt
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- storagemgmt
tenant:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- tenant
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- tenant
management:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- management
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- management
ctlplane:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- ctlplane
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role.name}}, name]}
+ - - {get_attr: [{{server_resource_name}}, name]}
- ctlplane
PreNetworkConfig:
type: OS::TripleO::{{role.name}}::PreNetworkConfig
properties:
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
deployment_actions: {get_attr: [DeploymentActions, value]}
@@ -415,7 +493,7 @@ resources:
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
actions: {get_param: NetworkDeploymentActions}
input_values:
bridge_name: {get_param: NeutronPhysicalBridge}
@@ -426,7 +504,7 @@ resources:
- {get_param: NetworkDeploymentActions}
- []
- {{role.name}}UpgradeInitConfig:
+ {{server_resource_name}}UpgradeInitConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
@@ -440,26 +518,26 @@ resources:
# Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
# but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- {{role.name}}UpgradeInitDeployment:
+ {{server_resource_name}}UpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
properties:
- name: {{role.name}}UpgradeInitDeployment
- server: {get_resource: {{role.name}}}
- config: {get_resource: {{role.name}}UpgradeInitConfig}
+ name: {{server_resource_name}}UpgradeInitDeployment
+ server: {get_resource: {{server_resource_name}}}
+ config: {get_resource: {{server_resource_name}}UpgradeInitConfig}
actions:
if:
- server_not_blacklisted
- ['CREATE', 'UPDATE']
- []
- {{role.name}}Deployment:
+ {{server_resource_name}}Deployment:
type: OS::Heat::StructuredDeployment
- depends_on: {{role.name}}UpgradeInitDeployment
+ depends_on: {{server_resource_name}}UpgradeInitDeployment
properties:
- name: {{role.name}}Deployment
- config: {get_resource: {{role.name}}Config}
- server: {get_resource: {{role.name}}}
+ name: {{server_resource_name}}Deployment
+ config: {get_resource: {{server_resource_name}}Config}
+ server: {get_resource: {{server_resource_name}}}
input_values:
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
actions:
@@ -468,7 +546,7 @@ resources:
- ['CREATE', 'UPDATE']
- []
- {{role.name}}Config:
+ {{server_resource_name}}Config:
type: OS::Heat::StructuredConfig
properties:
group: hiera
@@ -486,6 +564,13 @@ resources:
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
+ # The following are required for compatibility with the Controller role
+ # where some vendor integrations added hieradata via ExtraConfigPre
+ - neutron_bigswitch_data # Optionally provided by Controller/ComputeExtraConfigPre
+ - neutron_cisco_data # Optionally provided by Controller/ComputeExtraConfigPre
+ - cisco_n1kv_data # Optionally provided by Controller/ComputeExtraConfigPre
+ - midonet_data #Optionally provided by AllNodesExtraConfig
+ - cisco_aci_data # Optionally provided by Controller/ComputeExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
@@ -497,10 +582,10 @@ resources:
- values: {get_attr: [NetIpMap, net_ip_map]}
{{role.name.lower()}}_extraconfig:
map_merge:
-{%- if deprecated_extraconfig_param is defined %}
- - {get_param: {{deprecated_extraconfig_param}}}
+{%- if role.deprecated_param_extraconfig is defined %}
+ - {get_param: {{role.deprecated_param_extraconfig}}}
{%- endif %}
- - {get_param: {{role.name}}ExtraConfig}
+ - {get_param: {{server_resource_name}}ExtraConfig}
extraconfig: {get_param: ExtraConfig}
{{role.name.lower()}}:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
@@ -519,7 +604,7 @@ resources:
depends_on: NetworkDeployment
type: OS::TripleO::NodeTLSCAData
properties:
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
{%- if 'primary' in role.tags and 'controller' in role.tags %}
# Resource for site-specific passing of private keys/certificates
@@ -527,19 +612,19 @@ resources:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeTLSData
properties:
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
NodeIndex: {get_param: NodeIndex}
{%- endif -%}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
{{role.name}}ExtraConfigPre:
- depends_on: {{role.name}}Deployment
+ depends_on: {{server_resource_name}}Deployment
type: OS::TripleO::{{role.name}}ExtraConfigPre
# We have to use conditions here so that we don't break backwards
# compatibility with templates everywhere
condition: server_not_blacklisted
properties:
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
# Hook for site-specific additional pre-deployment config,
# applying to all nodes, e.g node registration/unregistration
@@ -556,7 +641,7 @@ resources:
# compatibility with templates everywhere
condition: server_not_blacklisted
properties:
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
UpdateConfig:
type: OS::TripleO::Tasks::PackageUpdate
@@ -567,7 +652,7 @@ resources:
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
input_values:
update_identifier:
get_param: UpdateIdentifier
@@ -588,18 +673,18 @@ resources:
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
- depends_on: {{role.name}}Deployment
+ depends_on: {{server_resource_name}}Deployment
properties:
- server: {get_resource: {{role.name}}}
+ server: {get_resource: {{server_resource_name}}}
deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
description: IP address of the server in the ctlplane network
- value: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ value: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
hostname:
description: Hostname of the server
- value: {get_attr: [{{role.name}}, name]}
+ value: {get_attr: [{{server_resource_name}}, name]}
hostname_map:
description: Mapping of network names to hostnames
value:
@@ -619,12 +704,12 @@ outputs:
params:
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [{{role.name}}, name]}
+ PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]}
{%- for network in networks %}
{{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
{{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
{%- endfor %}
- CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
known_hosts_entry:
description: Entry for ssh known hosts
@@ -638,18 +723,18 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
params:
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [{{role.name}}, name]}
+ PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]}
{%- for network in networks %}
{{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
{{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
{%- endfor %}
- CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
nova_server_resource:
description: Heat resource handle for {{role.name}} server
value:
- {get_resource: {{role.name}}}
+ {get_resource: {{server_resource_name}}}
condition: server_not_blacklisted
deployed_server_port_map:
description: |
@@ -661,7 +746,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
map_replace:
- hostname:
fixed_ips:
- - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ - ip_address: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
- keys:
hostname:
list_join:
@@ -679,14 +764,14 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
container:
str_split:
- '/'
- - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]}
- 5
object:
str_split:
- '?'
- str_split:
- '/'
- - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]}
- 6
- 0
- keys: {hostname: {get_param: Hostname}}
@@ -700,7 +785,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
{%- endif %}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [{{role.name}}, os_collect_config]}
+ value: {get_attr: [{{server_resource_name}}, os_collect_config]}
{%- for network in networks %}
{{network.name_lower|default(network.name.lower())}}_ip_address:
description: IP address of the server in the {{network.name}} network
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index d55414b7..a593d55e 100644
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -155,7 +155,7 @@ Similar to the step_config, we allow a series of steps for the per-service
upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first
step, "step2" for the second, etc.
- Steps/tages correlate to the following:
+ Steps/tags correlate to the following:
1) Stop all control-plane services.
@@ -186,6 +186,18 @@ Note that the services are not started in the upgrade tasks - we instead re-run
puppet which does any reconfiguration required for the new version, then starts
the services.
+Update Steps
+------------
+
+Each service template may optionally define a `update_tasks` key, which is a
+list of ansible tasks to be performed during the minor update process.
+
+Similar to the upgrade_tasks, we allow a series of steps for the per-service
+update sequence, but note update_task selects the steps via a conditional
+referencing the step variable e.g when: step == 2, which is different to the
+tags based approach used for upgrade_tasks (the two may be aligned in future).
+
+
Nova Server Metadata Settings
-----------------------------
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index bc91374a..1ea6b1ae 100644
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -76,6 +76,12 @@ parameters:
description: Firewall driver for realizing neutron security group function
type: string
default: 'openvswitch'
+ NeutronOverlayIPVersion:
+ default: 4
+ description: IP version used for all overlay network endpoints.
+ type: number
+ constraints:
+ - allowed_values: [4,6]
resources:
NeutronBase:
@@ -105,6 +111,7 @@ outputs:
neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
neutron::plugins::ml2::firewall_driver: {get_param: NeutronFirewallDriver}
+ neutron::plugins::ml2::overlay_ip_version: {get_param: NeutronOverlayIPVersion}
step_config: |
include ::tripleo::profile::base::neutron::plugins::ml2
diff --git a/puppet/services/pacemaker_remote.yaml b/puppet/services/pacemaker_remote.yaml
index 76511784..47ca6142 100644
--- a/puppet/services/pacemaker_remote.yaml
+++ b/puppet/services/pacemaker_remote.yaml
@@ -35,6 +35,11 @@ parameters:
description: The authkey for the pacemaker remote service.
hidden: true
default: ''
+ PcsdPassword:
+ type: string
+ description: The password for the 'pcsd' user for pacemaker.
+ hidden: true
+ default: ''
MonitoringSubscriptionPacemakerRemote:
default: 'overcloud-pacemaker_remote'
type: string
@@ -103,5 +108,13 @@ outputs:
tripleo::fencing::config: {get_param: FencingConfig}
enable_fencing: {get_param: EnableFencing}
tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
+ pacemaker::corosync::manage_fw: false
+ hacluster_pwd:
+ yaql:
+ expression: $.data.passwords.where($ != '').first()
+ data:
+ passwords:
+ - {get_param: PcsdPassword}
+ - {get_param: [DefaultPasswords, pcsd_password]}
step_config: |
include ::tripleo::profile::base::pacemaker_remote
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index e471c2a6..2a8620c8 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -56,3 +56,7 @@ outputs:
- name: Update all packages
tags: step3
yum: name=* state=latest
+ update_tasks:
+ - name: Update all packages
+ yum: name=* state=latest
+ when: step == "3"
diff --git a/releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml b/releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml
new file mode 100644
index 00000000..dd01e36f
--- /dev/null
+++ b/releasenotes/notes/compute_deprecated_params-a2d69efd75f7c50f.yaml
@@ -0,0 +1,9 @@
+---
+deprecations:
+ - |
+ The following parameters are deprecated for the Compute role:
+ NovaComputeSchedulerHints - use ComputeSchedulerHints instead
+ NovaComputeServerMetadata - use ComputeServerMetadata instead
+ NovaComputeExtraConfig - use ComputeExtraConfig instead
+ NovaComputeIPs - use ComputeIPs instead
+ NovaImage - Use OvercloudComputeImage instead
diff --git a/releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml b/releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml
new file mode 100644
index 00000000..02f596d3
--- /dev/null
+++ b/releasenotes/notes/controller_deprecated_params-7f009de6d17c05a4.yaml
@@ -0,0 +1,8 @@
+---
+deprecations:
+ - |
+ The following parameters are deprecated for the Controller role:
+ controllerExtraConfig - Use ControllerExtraConfig instead,
+ OvercloudControlFlavor - Use OvercloudControllerFlavor instead,
+ controllerImage - use ControllerImage instead.
+
diff --git a/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml b/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml
new file mode 100644
index 00000000..764686f4
--- /dev/null
+++ b/releasenotes/notes/deprecate-management-envs-bbc7fddb0ca871af.yaml
@@ -0,0 +1,5 @@
+---
+deprecations:
+ - |
+ Both environments/network-management.yaml and environments/network-management-v6.yaml
+ are now deprecated in favor of specifying the needed networks on each role.
diff --git a/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml b/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml
new file mode 100644
index 00000000..96e6234d
--- /dev/null
+++ b/releasenotes/notes/dont-unregister-on-delete-9708f7cbc73a0d2f.yaml
@@ -0,0 +1,8 @@
+---
+fixes:
+ - Don't unregister systems from the portal/satellite
+ when deleting from Heat. There are several reasons why
+ it's compelling to fix this behavior. See
+ https://bugs.launchpad.net/tripleo/+bug/1710144
+ for full information. The previous behavior can be triggered
+ by setting the DeleteOnRHELUnregistration parameter to "true".
diff --git a/releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml b/releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml
new file mode 100644
index 00000000..e417f5f2
--- /dev/null
+++ b/releasenotes/notes/fix-heat-condition-for-rhel-reg-311a3dce76cc0ec1.yaml
@@ -0,0 +1,9 @@
+---
+fixes:
+ - |
+ Fix Heat condition for RHEL registration yum update
+ There were 2 problems with this condition making the
+ rhel-registration.yaml template broken: "conditions" should be "condition"
+ and the condition should refer to just a condition name defined in the
+ "conditions:" section of the template. See
+ https://bugs.launchpad.net/tripleo/+bug/1709916
diff --git a/releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml b/releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml
new file mode 100644
index 00000000..1c20b26d
--- /dev/null
+++ b/releasenotes/notes/neutron-ml2-overlay-ip-version-4f14932355847aa0.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - Add NeutronOverlayIPVersion parameter to congfigure neutron ML2
+ overlay_ip_version option. This parameter should be set to 6 when user
+ requires tenant vxlan tunnel endpoints to be IPv6.
diff --git a/releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml b/releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml
new file mode 100644
index 00000000..8fa77fcb
--- /dev/null
+++ b/releasenotes/notes/objectstorage_deprecated_params-f7642b6541a0d09c.yaml
@@ -0,0 +1,8 @@
+---
+deprecations:
+ - |
+ The following parameters are deprecated for the ObjectStorage role:
+ SwiftStorageServerMetadata - use ObjectStorageServerMetadata instead
+ SwiftStorageIPs - use ObjectStorageIPs instead
+ SwiftStorageImage - Use ObjectStorageImage instead
+ OvercloudSwiftStorageFlavor - Use OvercloudObjectStorageFlavor instead
diff --git a/releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml b/releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml
new file mode 100644
index 00000000..a9563223
--- /dev/null
+++ b/releasenotes/notes/roles_deprecated_params-50b4bbe8b9e4abc7.yaml
@@ -0,0 +1,21 @@
+---
+deprecations:
+ - |
+ The static role definitions contained a number of conflicting parameters
+ which require special handling to convert to dynamic template generation.
+ In the future, these parameters will be removed. If a role requires one
+ of these deprecated parameters, then it will be defined in the role
+ definition in a property named "deprecated_param_<name>". If the role has one
+ or more deprecated parameters, then "uses_deprecated_params" should be
+ set to True as well. This will enable creation of a parameter_group
+ containing the deprecated parameters in the role definition, which will enable
+ warning users if they use deprecated parameters on deployment.
+upgrade:
+ - |
+ For deployments where a custom roles_data file is used, it should be rebased
+ against the default roles_data.yaml, as several additional items, e.g to
+ specify deprecated parameter names for some of the default roles, have been
+ added. Alternatively you can regenerate your roles_data using the new
+ overcloud roles generate command, so that the updated role definitions in
+ /usr/share/openstack-tripleo-heat-templates/roles are used, which include
+ the necessary additional data.
diff --git a/roles/Compute.yaml b/roles/Compute.yaml
index 56daa864..ce5ab742 100644
--- a/roles/Compute.yaml
+++ b/roles/Compute.yaml
@@ -10,6 +10,15 @@
- Tenant
- Storage
HostnameFormatDefault: '%stackname%-novacompute-%index%'
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_image: 'NovaImage'
+ deprecated_param_extraconfig: 'NovaComputeExtraConfig'
+ deprecated_param_metadata: 'NovaComputeServerMetadata'
+ deprecated_param_scheduler_hints: 'NovaComputeSchedulerHints'
+ deprecated_param_ips: 'NovaComputeIPs'
+ deprecated_server_resource_name: 'NovaCompute'
disable_upgrade_deployment: True
ServicesDefault:
- OS::TripleO::Services::AuditD
diff --git a/roles/Controller.yaml b/roles/Controller.yaml
index d702a63d..224d1356 100644
--- a/roles/Controller.yaml
+++ b/roles/Controller.yaml
@@ -16,6 +16,12 @@
- StorageMgmt
- Tenant
HostnameFormatDefault: '%stackname%-controller-%index%'
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_extraconfig: 'controllerExtraConfig'
+ deprecated_param_flavor: 'OvercloudControlFlavor'
+ deprecated_param_image: 'controllerImage'
ServicesDefault:
- OS::TripleO::Services::AodhApi
- OS::TripleO::Services::AodhEvaluator
diff --git a/roles/ObjectStorage.yaml b/roles/ObjectStorage.yaml
index 81bedbd1..ad372be6 100644
--- a/roles/ObjectStorage.yaml
+++ b/roles/ObjectStorage.yaml
@@ -8,6 +8,13 @@
- InternalApi
- Storage
- StorageMgmt
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_metadata: 'SwiftStorageServerMetadata'
+ deprecated_param_ips: 'SwiftStorageIPs'
+ deprecated_param_image: 'SwiftStorageImage'
+ deprecated_param_flavor: 'OvercloudSwiftStorageFlavor'
disable_upgrade_deployment: True
ServicesDefault:
- OS::TripleO::Services::AuditD
diff --git a/roles_data.yaml b/roles_data.yaml
index 0d6c8035..8f670994 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -19,6 +19,12 @@
- StorageMgmt
- Tenant
HostnameFormatDefault: '%stackname%-controller-%index%'
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_extraconfig: 'controllerExtraConfig'
+ deprecated_param_flavor: 'OvercloudControlFlavor'
+ deprecated_param_image: 'controllerImage'
ServicesDefault:
- OS::TripleO::Services::AodhApi
- OS::TripleO::Services::AodhEvaluator
@@ -145,6 +151,15 @@
- Tenant
- Storage
HostnameFormatDefault: '%stackname%-novacompute-%index%'
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_image: 'NovaImage'
+ deprecated_param_extraconfig: 'NovaComputeExtraConfig'
+ deprecated_param_metadata: 'NovaComputeServerMetadata'
+ deprecated_param_scheduler_hints: 'NovaComputeSchedulerHints'
+ deprecated_param_ips: 'NovaComputeIPs'
+ deprecated_server_resource_name: 'NovaCompute'
disable_upgrade_deployment: True
ServicesDefault:
- OS::TripleO::Services::AuditD
@@ -222,6 +237,13 @@
- InternalApi
- Storage
- StorageMgmt
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_metadata: 'SwiftStorageServerMetadata'
+ deprecated_param_ips: 'SwiftStorageIPs'
+ deprecated_param_image: 'SwiftStorageImage'
+ deprecated_param_flavor: 'OvercloudSwiftStorageFlavor'
disable_upgrade_deployment: True
ServicesDefault:
- OS::TripleO::Services::AuditD