diff options
73 files changed, 812 insertions, 1692 deletions
@@ -100,6 +100,8 @@ and should be executed according to the following table: +----------------+-------------+-------------+-------------+-------------+-----------------+ | sahara | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+ +| mistral | | | X | | | ++----------------+-------------+-------------+-------------+-------------+-----------------+ | swift | | X | | | X | +----------------+-------------+-------------+-------------+-------------+-----------------+ | aodh | X | | | | | @@ -108,6 +110,8 @@ and should be executed according to the following table: +----------------+-------------+-------------+-------------+-------------+-----------------+ | gnocchi | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+ +| panko | X | | | | | ++----------------+-------------+-------------+-------------+-------------+-----------------+ | barbican | | X | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+ | zaqar | | X | | | | diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml index ee5bd648..0e9c1c7a 100644 --- a/ci/environments/scenario001-multinode.yaml +++ b/ci/environments/scenario001-multinode.yaml @@ -4,6 +4,7 @@ resource_registry: OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml + OS::TripleO::Services::PankoApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/panko-api.yaml parameter_defaults: ControllerServices: @@ -50,6 +51,7 @@ parameter_defaults: - OS::TripleO::Services::GnocchiApi - OS::TripleO::Services::GnocchiMetricd - OS::TripleO::Services::GnocchiStatsd + - OS::TripleO::Services::PankoApi - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephOSD - OS::TripleO::Services::CephClient diff --git a/ci/scripts/freeipa_setup.sh b/ci/scripts/freeipa_setup.sh new file mode 100644 index 00000000..9f5f2dc6 --- /dev/null +++ b/ci/scripts/freeipa_setup.sh @@ -0,0 +1,96 @@ +#!/bin/bash +# +# Used environment variables: +# +# - Hostname +# - FreeIPAIP +# - DirectoryManagerPassword +# - AdminPassword +# - UndercloudFQDN +# - HostsSecret +# +set -eux + +if [ -f "~/freeipa-setup.env" ]; then + source ~/freeipa-setup.env +elif [ -f "/tmp/freeipa-setup.env" ]; then + source /tmp/freeipa-setup.env +fi + +# Set DNS servers +echo "nameserver 8.8.8.8" >> /etc/resolv.conf +echo "nameserver 8.8.4.4" >> /etc/resolv.conf + +yum -q -y remove openstack-dashboard + +# Install the needed packages +yum -q install -y ipa-server ipa-server-dns epel-release rng-tools mod_nss +yum -q install -y haveged + +# Prepare hostname +hostnamectl set-hostname --static $Hostname + +echo $FreeIPAIP `hostname` | tee -a /etc/hosts + +# Set iptables rules +cat << EOF > freeipa-iptables-rules.txt +# Firewall configuration written by system-config-firewall +# Manual customization of this file is not recommended. +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A INPUT -i lo -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT +#TCP ports for FreeIPA +-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 464 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT +#UDP ports for FreeIPA +-A INPUT -m state --state NEW -m udp -p udp --dport 88 -j ACCEPT +-A INPUT -m state --state NEW -m udp -p udp --dport 464 -j ACCEPT +-A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT +-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT +-A INPUT -j REJECT --reject-with icmp-host-prohibited +-A FORWARD -j REJECT --reject-with icmp-host-prohibited +COMMIT +EOF + +iptables-restore < freeipa-iptables-rules.txt + +# Entropy generation; otherwise, ipa-server-install will lag. +chkconfig haveged on +systemctl start haveged + +# Remove conflicting httpd configuration +rm -f /etc/httpd/conf.d/ssl.conf + +# Set up FreeIPA +ipa-server-install -U -r `hostname -d|tr "[a-z]" "[A-Z]"` \ + -p $DirectoryManagerPassword -a $AdminPassword \ + --hostname `hostname -f` + +# Authenticate +echo $AdminPassword | kinit admin + +# Verify we have TGT +klist + +if [ "$?" = '1' ]; then + exit 1 +fi + +# Create undercloud host +ipa host-add $UndercloudFQDN --password=$HostsSecret --force + +# Create overcloud nodes and services +git clone https://github.com/JAORMX/freeipa-tripleo-incubator.git +cd freeipa-tripleo-incubator +python create_ipa_tripleo_host_setup.py -w $HostsSecret -d $(hostname -d) \ + --controller-count 1 --compute-count 1 diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index 2dfeed59..a40a21fd 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -55,6 +55,11 @@ outputs: volumes: - /var/lib/etc-data/json-config/nova-libvirt.json:/var/lib/kolla/config_files/config.json - /var/lib/etc-data/libvirt/libvirtd.conf:/var/lib/kolla/config_files/libvirtd.conf + # NOTE(mandre) Ideally the qemu.conf file is mounted in + # /var/lib/kolla/config_files and copied to the right place but + # copy-json.py doesn't allow us to do that without appending the + # file as an additional config on the CLI + - /var/lib/etc-data/libvirt/qemu.conf:/etc/libvirt/qemu.conf:ro - /etc/localtime:/etc/localtime:ro - /lib/modules:/lib/modules:ro - /run:/run diff --git a/environments/host-config-pre-network.j2.yaml b/environments/host-config-pre-network.j2.yaml new file mode 100644 index 00000000..fe1302b5 --- /dev/null +++ b/environments/host-config-pre-network.j2.yaml @@ -0,0 +1,16 @@ +resource_registry: +# Create the registry only for roles with the word "Compute" in it. Like ComputeOvsDpdk, ComputeSriov, etc., +{% for role in roles %} +{% if "Compute" in role.name %} + OS::TripleO::{{role.name}}::PreNetworkConfig: ../extraconfig/pre_network/{{role.name.lower()}}-host_config_and_reboot.yaml +{% endif %} +{% endfor %} + +parameter_defaults: + # Sample parameters for Compute and ComputeOvsDpdk roles + #ComputeKernelArgs: "" + #ComputeTunedProfileName: "" + #ComputeHostCpuList: "" + #ComputeOvsDpdkKernelArgs: "" + #ComputeOvsDpdkTunedProfileName: "" + #ComputeOvsDpdkHostCpuList: "" diff --git a/environments/network-isolation-no-tunneling.yaml b/environments/network-isolation-no-tunneling.yaml index 5d2a915b..ff1d7887 100644 --- a/environments/network-isolation-no-tunneling.yaml +++ b/environments/network-isolation-no-tunneling.yaml @@ -8,30 +8,54 @@ resource_registry: OS::TripleO::Network::InternalApi: ../network/internal_api.yaml OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml OS::TripleO::Network::Storage: ../network/storage.yaml + OS::TripleO::Network::Tenant: ../network/noop.yaml + # Management network is optional and disabled by default. + # To enable it, include environments/network-management.yaml + #OS::TripleO::Network::Management: ../network/management.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the compute role + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - - # Port assignments for service virtual IPs for the controller role - OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index 737d7d36..a6b4b8ae 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -18,8 +18,6 @@ resource_registry: OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml - # Port assignments for service virtual IPs for the controller role - OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml @@ -59,4 +57,3 @@ resource_registry: OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml - diff --git a/environments/neutron-opendaylight-l3.yaml b/environments/neutron-opendaylight-l3.yaml index 00be3048..6d5c7404 100644 --- a/environments/neutron-opendaylight-l3.yaml +++ b/environments/neutron-opendaylight-l3.yaml @@ -9,6 +9,6 @@ resource_registry: parameter_defaults: NeutronEnableForceMetadata: true - NeutronMechanismDrivers: 'opendaylight' - NeutronServicePlugins: "networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin" + NeutronMechanismDrivers: 'opendaylight_v2' + NeutronServicePlugins: 'odl-router_v2' OpenDaylightEnableL3: "'yes'" diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml index 35c90aab..e08b2b27 100644 --- a/environments/neutron-opendaylight.yaml +++ b/environments/neutron-opendaylight.yaml @@ -1,11 +1,13 @@ -# A Heat environment that can be used to deploy OpenDaylight +# A Heat environment that can be used to deploy OpenDaylight with L3 DVR resource_registry: OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None parameter_defaults: NeutronEnableForceMetadata: true - NeutronMechanismDrivers: 'opendaylight' + NeutronMechanismDrivers: 'opendaylight_v2' + NeutronServicePlugins: 'odl-router_v2' diff --git a/environments/services/ceph-mds.yaml b/environments/services/ceph-mds.yaml new file mode 100644 index 00000000..2b51374c --- /dev/null +++ b/environments/services/ceph-mds.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::CephMds: ../../puppet/services/ceph-mds.yaml
\ No newline at end of file diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml new file mode 100644 index 00000000..0fd01920 --- /dev/null +++ b/environments/undercloud.yaml @@ -0,0 +1,18 @@ +resource_registry: + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml + OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml + OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml + +parameter_defaults: + StackAction: CREATE + SoftwareConfigTransport: POLL_SERVER_HEAT + NeutronTunnelTypes: [] + NeutronBridgeMappings: ctlplane:br-ctlplane + NeutronAgentExtensions: [] + NeutronFlatNetworks: '*' + NovaSchedulerAvailableFilters: 'tripleo_common.filters.list.tripleo_filters' + NovaSchedulerDefaultFilters: ['RetryFilter', 'TripleOCapabilitiesFilter', 'ComputeCapabilitiesFilter', 'AvailabilityZoneFilter', 'RamFilter', 'DiskFilter', 'ComputeFilter', 'ImagePropertiesFilter', 'ServerGroupAntiAffinityFilter', 'ServerGroupAffinityFilter'] + NeutronDhcpAgentsPerNetwork: 2 + HeatConvergenceEngine: false + HeatMaxResourcesPerStack: -1 diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml index a5075300..97687c6a 100644 --- a/environments/updates/update-from-keystone-admin-internal-api.yaml +++ b/environments/updates/update-from-keystone-admin-internal-api.yaml @@ -2,32 +2,5 @@ # Keystone Admin API service is running on the Internal API network parameter_defaults: - ServiceNetMapDefaults: - NeutronTenantNetwork: tenant - CeilometerApiNetwork: internal_api - MongodbNetwork: internal_api - CinderApiNetwork: internal_api - CinderIscsiNetwork: storage - GlanceApiNetwork: storage - GlanceRegistryNetwork: internal_api + ServiceNetMap: KeystoneAdminApiNetwork: internal_api - KeystonePublicApiNetwork: internal_api - NeutronApiNetwork: internal_api - HeatApiNetwork: internal_api - NovaApiNetwork: internal_api - NovaMetadataNetwork: internal_api - NovaVncProxyNetwork: internal_api - SwiftMgmtNetwork: storage_mgmt - SwiftProxyNetwork: storage - HorizonNetwork: internal_api - MemcachedNetwork: internal_api - RabbitmqNetwork: internal_api - RedisNetwork: internal_api - MysqlNetwork: internal_api - CephClusterNetwork: storage_mgmt - CephPublicNetwork: storage - ControllerHostnameResolveNetwork: internal_api - ComputeHostnameResolveNetwork: internal_api - BlockStorageHostnameResolveNetwork: internal_api - ObjectStorageHostnameResolveNetwork: internal_api - CephStorageHostnameResolveNetwork: storage diff --git a/extraconfig/post_deploy/undercloud_post.sh b/extraconfig/post_deploy/undercloud_post.sh new file mode 100755 index 00000000..8bcae1d3 --- /dev/null +++ b/extraconfig/post_deploy/undercloud_post.sh @@ -0,0 +1,126 @@ +#!/bin/bash +set -eux + +ln -sf /etc/puppet/hiera.yaml /etc/hiera.yaml + + +# WRITE OUT STACKRC +if [ ! -e /root/stackrc ]; then + touch /root/stackrc + chmod 0600 /root/stackrc + +cat >> /root/stackrc <<-EOF_CAT +export OS_PASSWORD=$admin_password +export OS_AUTH_URL=$auth_url +export OS_USERNAME=admin +export OS_TENANT_NAME=admin +export COMPUTE_API_VERSION=1.1 +export NOVA_VERSION=1.1 +export OS_BAREMETAL_API_VERSION=1.15 +export OS_NO_CACHE=True +export OS_CLOUDNAME=undercloud +EOF_CAT + + if [ -n "$ssl_certificate" ]; then +cat >> /root/stackrc <<-EOF_CAT +export PYTHONWARNINGS="ignore:Certificate has no, ignore:A true SSLContext object is not available" +EOF_CAT + fi +fi + +source /root/stackrc + +if [ ! -f /root/.ssh/authorized_keys ]; then + sudo mkdir -p /root/.ssh + sudo chmod 7000 /root/.ssh/ + sudo touch /root/.ssh/authorized_keys + sudo chmod 600 /root/.ssh/authorized_keys +fi + +if [ ! -f /root/.ssh/id_rsa ]; then + ssh-keygen -b 1024 -N '' -f /root/.ssh/id_rsa +fi + +if ! grep "$(cat /root/.ssh/id_rsa.pub)" /root/.ssh/authorized_keys; then + cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +fi + +PHYSICAL_NETWORK=ctlplane + +ctlplane_id=$(openstack network list -f csv -c ID -c Name --quote none | tail -n +2 | grep ctlplane | cut -d, -f1) +subnet_ids=$(openstack subnet list -f csv -c ID --quote none | tail -n +2) +subnet_id= + +for subnet_id in $subnet_ids; do + network_id=$(openstack subnet show -f value -c network_id $subnet_id) + if [ "$network_id" = "$ctlplane_id" ]; then + break + fi +done + +net_create=1 +if [ -n "$subnet_id" ]; then + cidr=$(openstack subnet show $subnet_id -f value -c cidr) + if [ "$cidr" = "$undercloud_network_cidr" ]; then + net_create=0 + else + echo "New cidr $undercloud_network_cidr does not equal old cidr $cidr" + echo "Will attempt to delete and recreate subnet $subnet_id" + fi +fi + +if [ "$net_create" -eq "1" ]; then + # Delete the subnet and network to make sure it doesn't already exist + if openstack subnet list | grep start; then + openstack subnet delete $(openstack subnet list | grep start | awk '{print $4}') + fi + if openstack network show ctlplane; then + openstack network delete ctlplane + fi + + + NETWORK_ID=$(openstack network create --provider-network-type=flat --provider-physical-network=ctlplane ctlplane | grep " id " | awk '{print $4}') + + NAMESERVER_ARG="" + if [ -n "${undercloud_nameserver:-}" ]; then + NAMESERVER_ARG="--dns-nameserver $undercloud_nameserver" + fi + + openstack subnet create --network=$NETWORK_ID \ + --gateway=$undercloud_network_gateway \ + --subnet-range=$undercloud_network_cidr \ + --allocation-pool start=$undercloud_dhcp_start,end=$undercloud_dhcp_end \ + --host-route destination=169.254.169.254/32,gateway=$local_ip \ + $NAMESERVER_ARG ctlplane +fi + +# Disable nova quotas +openstack quota set --cores -1 --instances -1 --ram -1 $(openstack project show admin | awk '$2=="id" {print $4}') + +# MISTRAL WORKFLOW CONFIGURATION +if [ "$(hiera mistral_api_enabled)" = "true" ]; then + # load workflows + for workbook in $(openstack workbook list | grep tripleo | cut -f 2 -d ' '); do + openstack workbook delete $workbook + done + for workflow in $(openstack workflow list | grep tripleo | cut -f 2 -d ' '); do + openstack workflow delete $workflow + done + for workbook in $(ls /usr/share/openstack-tripleo-common/workbooks/*); do + openstack workbook create $workbook + done + + # Store the SNMP password in a mistral environment + if ! openstack workflow env show tripleo.undercloud-config &>/dev/null; then + TMP_MISTRAL_ENV=$(mktemp) + echo "{\"name\": \"tripleo.undercloud-config\", \"variables\": {\"undercloud_ceilometer_snmpd_password\": \"$snmp_readonly_user_password\"}}" > $TMP_MISTRAL_ENV + openstack workflow env create $TMP_MISTRAL_ENV + fi + +fi + +# IP forwarding is needed to allow the overcloud nodes access to the outside +# internet in cases where they are on an isolated network. +sysctl -w net.ipv4.ip_forward=1 +# Make it persistent +echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/ip-forward.conf diff --git a/extraconfig/post_deploy/undercloud_post.yaml b/extraconfig/post_deploy/undercloud_post.yaml new file mode 100644 index 00000000..38a9181e --- /dev/null +++ b/extraconfig/post_deploy/undercloud_post.yaml @@ -0,0 +1,93 @@ +heat_template_version: ocata + +description: > + Post-deployment for the TripleO undercloud + +parameters: + servers: + type: json + DeployedServerPortMap: + default: {} + type: json + UndercloudDhcpRangeStart: + type: string + default: '192.168.24.5' + UndercloudDhcpRangeEnd: + type: string + default: '192.168.24.24' + UndercloudNetworkCidr: + type: string + default: '192.168.24.0/24' + UndercloudNetworkGateway: + type: string + default: '192.168.24.1' + UndercloudNameserver: + type: string + default: '' + AdminPassword: #supplied by tripleo-undercloud-passwords.yaml + type: string + description: The password for the keystone admin account, used for monitoring, querying neutron etc. + hidden: True + SSLCertificate: + description: > + The content of the SSL certificate (without Key) in PEM format. + type: string + default: "" + hidden: True + SnmpdReadonlyUserPassword: + description: The user password for SNMPd with readonly rights running on all Overcloud nodes + type: string + hidden: true + +conditions: + + ssl_disabled: {equals : [{get_param: SSLCertificate}, ""]} + +resources: + + UndercloudPostConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: deploy_identifier + - name: local_ip + - name: undercloud_dhcp_start + - name: undercloud_dhcp_end + - name: undercloud_network_cidr + - name: undercloud_network_gateway + - name: undercloud_nameserver + - name: admin_password + - name: auth_url + - name: snmp_readonly_user_password + config: {get_file: ./undercloud_post.sh} + + UndercloudPostDeployment: + type: OS::Heat::SoftwareDeployments + properties: + servers: {get_param: servers} + config: {get_resource: UndercloudPostConfig} + input_values: + local_ip: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]} + undercloud_dhcp_start: {get_param: UndercloudDhcpRangeStart} + undercloud_dhcp_end: {get_param: UndercloudDhcpRangeEnd} + undercloud_network_cidr: {get_param: UndercloudNetworkCidr} + undercloud_network_gateway: {get_param: UndercloudNetworkGateway} + undercloud_nameserver: {get_param: UndercloudNameserver} + ssl_certificate: {get_param: SSLCertificate} + admin_password: {get_param: AdminPassword} + snmp_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + # if SSL is enabled we use the public virtual ip as the stackrc endpoint + auth_url: + if: + - ssl_disabled + - list_join: + - '' + - - 'http://' + - {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]} + - ':5000/v2.0' + - list_join: + - '' + - - 'https://' + - {get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]} + - ':13000/v2.0' diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index 71ab0767..2650a967 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -11,6 +11,7 @@ if [ -e $OK ] ; then exit 0 fi +retryCount=0 opts= attach_opts= sat5_opts= @@ -96,12 +97,28 @@ if [ -n "${REG_TYPE:-}" ]; then opts="$opts --type=$REG_TYPE" fi +function retry() { + if [[ $retryCount < 3 ]]; then + $@ + if ! [[ $? == 0 ]]; then + retryCount=$(echo $retryCount + 1 | bc) + echo "WARN: Failed to connect when running '$@', retrying..." + retry $@ + else + retryCount=0 + fi + else + echo "ERROR: Failed to connect after 3 attempts when running '$@'" + exit 1 + fi +} + function detect_satellite_version { ping_api=$REG_SAT_URL/katello/api/ping - if curl -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then + if curl --retry 3 --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then echo Satellite 6 detected at $REG_SAT_URL satellite_version=6 - elif curl -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then + elif curl --retry 3 --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then echo Satellite 5 detected at $REG_SAT_URL satellite_version=5 else @@ -112,29 +129,29 @@ function detect_satellite_version { case "${REG_METHOD:-}" in portal) - subscription-manager register $opts + retry subscription-manager register $opts if [ -z "${REG_AUTO_ATTACH:-}" -a -z "${REG_ACTIVATION_KEY:-}" ]; then - subscription-manager attach $attach_opts + retry subscription-manager attach $attach_opts fi - subscription-manager repos --disable '*' - subscription-manager $repos + retry subscription-manager repos --disable '*' + retry subscription-manager $repos ;; satellite) detect_satellite_version if [ "$satellite_version" = "6" ]; then repos="$repos --enable ${satellite_repo}" - curl -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" + curl --retry 3 --retry-delay 10 --max-time 30 -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" rpm -Uvh katello-ca-consumer-latest.noarch.rpm || true - subscription-manager register $opts - subscription-manager $repos - yum install -y katello-agent || true # needed for errata reporting to satellite6 + retry subscription-manager register $opts + retry subscription-manager $repos + retry yum install -y katello-agent || true # needed for errata reporting to satellite6 katello-package-upload - subscription-manager repos --disable ${satellite_repo} + retry subscription-manager repos --disable ${satellite_repo} else pushd /usr/share/rhn/ - curl -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT + curl --retry 3 --retry-delay 10 --max-time 30 -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT popd - rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts + retry rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts fi ;; disable) diff --git a/extraconfig/pre_network/ansible_host_config.ansible b/extraconfig/pre_network/ansible_host_config.ansible new file mode 100644 index 00000000..c126c1a1 --- /dev/null +++ b/extraconfig/pre_network/ansible_host_config.ansible @@ -0,0 +1,58 @@ +--- +- name: Configuration to be applied before rebooting the node + connection: local + hosts: localhost + + tasks: + # Kernel Args Configuration + - block: + - name: Ensure the kernel args ( {{ _KERNEL_ARGS_ }} ) is present as TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS + lineinfile: + dest: /etc/default/grub + regexp: '^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*' + insertafter: '^GRUB_CMDLINE_LINUX.*' + line: 'TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS=" {{ _KERNEL_ARGS_ }} "' + - name: Add TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS to the GRUB_CMDLINE_LINUX parameter + lineinfile: + dest: /etc/default/grub + line: 'GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX:+$GRUB_CMDLINE_LINUX }${TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS}"' + insertafter: '^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*' + - name: Generate grub config file + command: grub2-mkconfig -o /boot/grub2/grub.cfg + become: true + when: _KERNEL_ARGS_|default("") != "" + + # Tune-d Configuration + - block: + - name: Tune-d Configuration + lineinfile: + dest: /etc/tuned/cpu-partitioning-variables.conf + regexp: '^isolated_cores=.*' + line: 'isolated_cores={{ _HOST_CPUS_LIST_ }}' + when: _HOST_CPUS_LIST_|default("") != "" + + - name: Tune-d provile activation + shell: tuned-adm profile {{ _TUNED_PROFILE_NAME_ }} + become: true + when: _TUNED_PROFILE_NAME_|default("") != "" + + # Provisioning Network workaround + # The script will be executed before os-net-config, in which case, only Provisioning network will have IP + # BOOTPROTO of all interface config files (except provisioning), will be set to "none" to avoid reboot failing to acquire IP on other networks + - block: + - find: + paths: /etc/sysconfig/network-scripts/ + patterns: ifcfg-* + register: ifcfg_files + + - replace: + dest: "{{ item.path }}" + regexp: '^BOOTPROTO=.*' + replace: 'BOOTPROTO=none' + when: + - item.path | regex_replace('(^.*ifcfg-)(.*)', '\\2') != "lo" + # This condition will list all the interfaces except the one with valid IP (which is Provisioning network at this stage) + # Simpler Version - hostvars[inventory_hostname]['ansible_' + iface_name ]['ipv4']['address'] is undefined + - hostvars[inventory_hostname]['ansible_' + item.path | regex_replace('(^.*ifcfg-)(.*)', '\\2') ]['ipv4']['address'] is undefined + with_items: + - "{{ ifcfg_files.files }}" diff --git a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml new file mode 100644 index 00000000..bba16a66 --- /dev/null +++ b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml @@ -0,0 +1,100 @@ +heat_template_version: 2016-10-14 + +description: > + Do some configuration, then reboot - sometimes needed for early-boot + changes such as modifying kernel configuration + +parameters: + server: + type: string + {{role}}KernelArgs: + type: string + default: "" + {{role}}TunedProfileName: + type: string + default: "" + {{role}}HostCpusList: + type: string + default: "" + +conditions: + param_exists: + or: + - not: + equals: + - get_param: {{role}}KernelArgs + - "" + - not: + equals: + - get_param: {{role}}TunedProfileName + - "" + +resources: + + HostParametersConfig: + type: OS::Heat::SoftwareConfig + condition: param_exists + properties: + group: ansible + inputs: + - name: _KERNEL_ARGS_ + - name: _TUNED_PROFILE_NAME_ + - name: _HOST_CPUS_LIST_ + outputs: + - name: result + config: + get_file: ansible_host_config.ansible + + HostParametersDeployment: + type: OS::Heat::SoftwareDeployment + condition: param_exists + properties: + name: HostParametersDeployment + server: {get_param: server} + config: {get_resource: HostParametersConfig} + actions: ['CREATE'] # Only do this on CREATE + input_values: + _KERNEL_ARGS_: {get_param: {{role}}KernelArgs} + _TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName} + _HOST_CPUS_LIST_: {get_param: {{role}}HostCpusList} + + RebootConfig: + type: OS::Heat::SoftwareConfig + condition: param_exists + properties: + group: script + config: | + #!/bin/bash + # Stop os-collect-config to avoid any race collecting another + # deployment before reboot happens + systemctl stop os-collect-config.service + /sbin/reboot + + RebootDeployment: + type: OS::Heat::SoftwareDeployment + condition: param_exists + depends_on: HostParametersDeployment + properties: + name: RebootDeployment + server: {get_param: server} + config: {get_resource: RebootConfig} + actions: ['CREATE'] # Only do this on CREATE + signal_transport: NO_SIGNAL + +outputs: + result: + value: + get_attr: [HostParametersDeployment, result] + condition: param_exists + stdout: + value: + get_attr: [HostParametersDeployment, deploy_stdout] + condition: param_exists + stderr: + value: + get_attr: [HostParametersDeployment, deploy_stderr] + condition: param_exists + status_code: + value: + get_attr: [HostParametersDeployment, deploy_status_code] + condition: param_exists diff --git a/firstboot/userdata_root_password.yaml b/firstboot/userdata_root_password.yaml new file mode 100644 index 00000000..63dd5a9c --- /dev/null +++ b/firstboot/userdata_root_password.yaml @@ -0,0 +1,38 @@ +heat_template_version: ocata + +description: > + Uses cloud-init to enable root logins and set the root password. + Note this is less secure than the default configuration and may not be + appropriate for production environments, it's intended for illustration + and development/debugging only. + +parameters: + NodeRootPassword: + description: Root password for the nodes + hidden: true + type: string + +resources: + userdata: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: root_config} + + root_config: + type: OS::Heat::CloudConfig + properties: + cloud_config: + ssh_pwauth: true + disable_root: false + chpasswd: + list: + str_replace: + template: "root:PASSWORD" + params: + PASSWORD: {get_param: NodeRootPassword} + expire: False + +outputs: + OS::stack_id: + value: {get_resource: userdata} diff --git a/net-config-noop.yaml b/net-config-noop.yaml index ad580cf9..be05cc11 100644 --- a/net-config-noop.yaml +++ b/net-config-noop.yaml @@ -38,8 +38,8 @@ resources: OsNetConfigImpl: type: OS::Heat::StructuredConfig properties: - group: os-apply-config - config: + group: apply-config + config: {} outputs: OS::stack_id: diff --git a/net-config-undercloud.yaml b/net-config-undercloud.yaml new file mode 100644 index 00000000..9be51c0f --- /dev/null +++ b/net-config-undercloud.yaml @@ -0,0 +1,77 @@ +heat_template_version: ocata +description: > + Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network. +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list +resources: + OsNetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: disable_configure_safe_defaults + default: true + config: + str_replace: + template: + get_file: network/scripts/run-os-net-config.sh + params: + $network_config: + network_config: + - type: ovs_bridge + name: br-ctlplane + use_dhcp: false + dns_servers: + get_param: DnsServers + addresses: + - ip_netmask: + list_join: + - / + - - get_param: ControlPlaneIp + - get_param: ControlPlaneSubnetCidr + members: + - type: interface + name: eth1 + # force the MAC address of the bridge to this interface + primary: true +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: + get_resource: OsNetConfigImpl + diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py index 964f58f7..7e8088be 100755 --- a/network/endpoints/build_endpoint_map.py +++ b/network/endpoints/build_endpoint_map.py @@ -191,7 +191,7 @@ def template_endpoint_items(config): def generate_endpoint_map_template(config): return collections.OrderedDict([ - ('heat_template_version', '2015-04-30'), + ('heat_template_version', 'ocata'), ('description', 'A map of OpenStack endpoints. Since the endpoints ' 'are URLs, we need to have brackets around IPv6 IP addresses. The ' 'inputs to these parameters come from net_ip_uri_map, which will ' diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index 0178c4dd..9975df22 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -294,3 +294,4 @@ ZaqarWebSocket: Admin: net_param: ZaqarApi port: 9000 + protocol: ws diff --git a/network/scripts/run-os-net-config.sh b/network/scripts/run-os-net-config.sh index e65f922a..a7dbedc7 100755 --- a/network/scripts/run-os-net-config.sh +++ b/network/scripts/run-os-net-config.sh @@ -108,7 +108,9 @@ EOF_CAT } if [ -n '$network_config' ]; then - trap configure_safe_defaults EXIT + if [ -z "${disable_configure_safe_defaults:-''}" ]; then + trap configure_safe_defaults EXIT + fi mkdir -p /etc/os-net-config # Note these variables come from the calling heat SoftwareConfig diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 1dca6147..fcc2dd2f 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -117,6 +117,7 @@ resource_registry: OS::TripleO::Services::Apache: puppet/services/apache.yaml OS::TripleO::Services::ApacheTLS: OS::Heat::None OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml + OS::TripleO::Services::CephMds: OS::Heat::None OS::TripleO::Services::CephMon: OS::Heat::None OS::TripleO::Services::CephRgw: OS::Heat::None OS::TripleO::Services::CephOSD: OS::Heat::None @@ -127,7 +128,6 @@ resource_registry: OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml OS::TripleO::Services::BlockStorageCinderVolume: puppet/services/cinder-volume.yaml - OS::TripleO::Services::Core: OS::Heat::None OS::TripleO::Services::Keystone: puppet/services/keystone.yaml OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml OS::TripleO::Services::GlanceRegistry: puppet/services/glance-registry.yaml diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index d38bba2d..4a3e4cd0 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -1,3 +1,4 @@ +{% set primary_role_name = roles[0].name -%} heat_template_version: ocata description: > @@ -415,8 +416,8 @@ resources: {% for role in roles %} - {get_attr: [{{role.name}}ServiceChain, role_data, logging_sources]} {% endfor %} - controller_ips: {get_attr: [Controller, ip_address]} - controller_names: {get_attr: [Controller, hostname]} + controller_ips: {get_attr: [{{primary_role_name}}, ip_address]} + controller_names: {get_attr: [{{primary_role_name}}, hostname]} service_ips: # Note (shardy) this somewhat complex yaql may be replaced # with a map_deep_merge function in ocata. It merges the @@ -454,7 +455,7 @@ resources: - {get_attr: [{{role.name}}IpListMap, short_service_bootstrap_hostnames]} {% endfor %} # FIXME(shardy): These require further work to move into service_ips - memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} + memcache_node_ips: {get_attr: [{{primary_role_name}}IpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} NetVipMap: {get_attr: [VipMap, net_ip_map]} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} @@ -560,12 +561,12 @@ resources: PingTestIps: list_join: - ' ' - - - {get_attr: [Controller, resource.0.external_ip_address]} - - {get_attr: [Controller, resource.0.internal_api_ip_address]} - - {get_attr: [Controller, resource.0.storage_ip_address]} - - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} - - {get_attr: [Controller, resource.0.tenant_ip_address]} - - {get_attr: [Controller, resource.0.management_ip_address]} + - - {get_attr: [{{primary_role_name}}, resource.0.external_ip_address]} + - {get_attr: [{{primary_role_name}}, resource.0.internal_api_ip_address]} + - {get_attr: [{{primary_role_name}}, resource.0.storage_ip_address]} + - {get_attr: [{{primary_role_name}}, resource.0.storage_mgmt_ip_address]} + - {get_attr: [{{primary_role_name}}, resource.0.tenant_ip_address]} + - {get_attr: [{{primary_role_name}}, resource.0.management_ip_address]} UpdateWorkflow: type: OS::TripleO::Tasks::UpdateWorkflow diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/ceph-mds.yaml index 87e525ad..b68567fb 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/ceph-mds.yaml @@ -1,7 +1,7 @@ heat_template_version: ocata description: > - Gnocchi service configured with Puppet + Ceph MDS service. parameters: ServiceNetMap: @@ -18,13 +18,15 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - MonitoringSubscriptionGnocchiApi: - default: 'overcloud-gnocchi-api' + CephMdsKey: + description: The cephx key for the MDS service. Can be created + with ceph-authtool --gen-print-key. type: string + hidden: true resources: - GnocchiServiceBase: - type: ../gnocchi-api.yaml + CephBase: + type: ./ceph-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,14 +34,16 @@ resources: outputs: role_data: - description: Role data for the Gnocchi role. + description: Role data for the Ceph MDS service. value: - service_name: gnocchi_api - monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiApi} + service_name: ceph_mds config_settings: map_merge: - - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::metricd::manage_service: false - gnocchi::metricd::enabled: false + - get_attr: [CephBase, role_data, config_settings] + - ceph::profile::params::mds_key: {get_param: CephMdsKey} + tripleo.ceph_mds.firewall_rules: + '112 ceph_mds': + dport: + - '6800-7300' step_config: | - include ::tripleo::profile::pacemaker::gnocchi::api + include ::tripleo::profile::base::ceph::mds diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 36df724b..0a7c90e1 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -109,3 +109,13 @@ outputs: include ::tripleo::profile::base::glance::api service_config_settings: get_attr: [GlanceBase, role_data, service_config_settings] + upgrade_tasks: + - name: Stop glance_api service + tags: step2 + service: name=openstack-glance-api state=stopped + - name: Sync glance_api DB + tags: step5 + command: glance-manage --config-file=/etc/glance/glance-api.conf db_sync + - name: Start glance_api service + tags: step6 + service: name=openstack-glance-api state=started diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index 1f7e6e3d..914c1584 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -100,3 +100,10 @@ outputs: include ::tripleo::profile::base::glance::registry service_config_settings: get_attr: [GlanceBase, role_data, config_settings] + upgrade_tasks: + - name: Stop glance_registry service + tags: step2 + service: name=openstack-glance-registry state=stopped + - name: Start glance_registry service + tags: step6 + service: name=openstack-glance-registry state=started diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 3f6dba60..a933a94b 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -57,6 +57,7 @@ outputs: heat::rabbit_port: {get_param: RabbitClientPort} heat::debug: {get_param: Debug} heat::enable_proxy_headers_parsing: true + heat::rpc_response_timeout: 600 # We need this because the default heat policy.json no longer works on TripleO # https://git.openstack.org/cgit/openstack/heat/commit/?id=ac86702172ddf01f5bdc3f3cd99d2e32ad9b7024 heat::policy::policies: @@ -77,6 +78,8 @@ outputs: heat::cron::purge_deleted::destination: '/dev/null' heat::db::database_db_max_retries: -1 heat::db::database_max_retries: -1 + heat::yaql_memory_quota: 100000 + heat::yaql_limit_iterators: 1000 service_config_settings: keystone: tripleo::profile::base::keystone::heat_admin_domain: 'heat_stack' diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml index 89842115..0ed9d206 100644 --- a/puppet/services/opendaylight-api.yaml +++ b/puppet/services/opendaylight-api.yaml @@ -17,10 +17,6 @@ parameters: type: string description: The password for the opendaylight server. hidden: true - OpenDaylightEnableL3: - description: Knob to enable/disable ODL L3 - type: string - default: 'no' OpenDaylightEnableDHCP: description: Knob to enable/disable ODL DHCP Server type: boolean @@ -56,7 +52,6 @@ outputs: opendaylight::odl_rest_port: {get_param: OpenDaylightPort} opendaylight::username: {get_param: OpenDaylightUsername} opendaylight::password: {get_param: OpenDaylightPassword} - opendaylight::enable_l3: {get_param: OpenDaylightEnableL3} opendaylight::extra_features: {get_param: OpenDaylightFeatures} opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP} opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml deleted file mode 100644 index 87bbf0c5..00000000 --- a/puppet/services/pacemaker/ceilometer-agent-central.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Ceilometer Central Agent service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - MonitoringSubscriptionCeilometerCentral: - default: 'overcloud-ceilometer-agent-central' - type: string - -resources: - CeilometerServiceBase: - type: ../ceilometer-agent-central.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Ceilometer Central Agent pacemaker role. - value: - service_name: ceilometer_agent_central - monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCentral} - config_settings: - map_merge: - - get_attr: [CeilometerServiceBase, role_data, config_settings] - - ceilometer::agent::central::manage_service: false - ceilometer::agent::central::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::ceilometer::agent::central diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml deleted file mode 100644 index a013cf4f..00000000 --- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Ceilometer Notification Agent service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - MonitoringSubscriptionCeilometerNotification: - default: 'overcloud-ceilometer-agent-notification' - type: string - -resources: - CeilometerServiceBase: - type: ../ceilometer-agent-notification.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Ceilometer Notification Agent pacemaker role. - value: - service_name: ceilometer_agent_notification - monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerNotification} - config_settings: - map_merge: - - get_attr: [CeilometerServiceBase, role_data, config_settings] - - ceilometer::agent::notification::manage_service: false - ceilometer::agent::notification::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::ceilometer::agent::notification diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml deleted file mode 100644 index 95e791d1..00000000 --- a/puppet/services/pacemaker/ceilometer-api.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Ceilometer API service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - MonitoringSubscriptionCeilometerApi: - default: 'overcloud-ceilometer-api' - type: string - -resources: - CeilometerServiceBase: - type: ../ceilometer-api.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Ceilometer API pacemaker role. - value: - service_name: ceilometer_api - monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerApi} - config_settings: - map_merge: - - get_attr: [CeilometerServiceBase, role_data, config_settings] - - ceilometer::api::manage_service: false - ceilometer::api::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::ceilometer::api diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml deleted file mode 100644 index 0ddd72c3..00000000 --- a/puppet/services/pacemaker/ceilometer-collector.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Ceilometer Collector service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - MonitoringSubscriptionCeilometerCollector: - default: 'overcloud-ceilometer-collector' - type: string - -resources: - CeilometerServiceBase: - type: ../ceilometer-collector.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Ceilometer Collector pacemaker role. - value: - service_name: ceilometer_collector - monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCollector} - config_settings: - map_merge: - - get_attr: [CeilometerServiceBase, role_data, config_settings] - - ceilometer::collector::manage_service: false - ceilometer::collector::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::ceilometer::collector diff --git a/puppet/services/pacemaker/cinder-api.yaml b/puppet/services/pacemaker/cinder-api.yaml deleted file mode 100644 index 472b45f8..00000000 --- a/puppet/services/pacemaker/cinder-api.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Cinder API service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - CinderApiBase: - type: ../cinder-api.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Cinder API role. - value: - service_name: cinder_api - monitoring_subscription: {get_attr: [CinderApiBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [CinderApiBase, role_data, logging_source]} - logging_groups: {get_attr: [CinderApiBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [CinderApiBase, role_data, config_settings] - - cinder::api::manage_service: false - cinder::api::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::cinder::api diff --git a/puppet/services/pacemaker/cinder-scheduler.yaml b/puppet/services/pacemaker/cinder-scheduler.yaml deleted file mode 100644 index 19785fab..00000000 --- a/puppet/services/pacemaker/cinder-scheduler.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Cinder Scheduler service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - CinderSchedulerBase: - type: ../cinder-scheduler.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Cinder Scheduler role. - value: - service_name: cinder_scheduler - monitoring_subscription: {get_attr: [CinderSchedulerBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [CinderSchedulerBase, role_data, logging_source]} - logging_groups: {get_attr: [CinderSchedulerBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [CinderSchedulerBase, role_data, config_settings] - - cinder::scheduler::manage_service: false - cinder::scheduler::enabled: false - step_config: - include ::tripleo::profile::pacemaker::cinder::scheduler diff --git a/puppet/services/pacemaker/core.yaml b/puppet/services/pacemaker/core.yaml deleted file mode 100644 index f7e3d984..00000000 --- a/puppet/services/pacemaker/core.yaml +++ /dev/null @@ -1,29 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Core (fake) service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -outputs: - role_data: - description: Role data for the Core role. - value: - service_name: core - config_settings: {} - step_config: | - include ::tripleo::profile::pacemaker::core
\ No newline at end of file diff --git a/puppet/services/pacemaker/database/mongodb.yaml b/puppet/services/pacemaker/database/mongodb.yaml deleted file mode 100644 index fb29f4f4..00000000 --- a/puppet/services/pacemaker/database/mongodb.yaml +++ /dev/null @@ -1,42 +0,0 @@ -heat_template_version: ocata - -description: > - MongoDb service deployment using puppet - -parameters: - #Parameters not used EndpointMap - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - MongoDbBase: - type: ../../database/mongodb.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Service mongodb using composable services. - value: - service_name: mongodb - config_settings: - map_merge: - - get_attr: [MongoDbBase, role_data, config_settings] - - tripleo::profile::pacemaker::database::mongodb::mongodb_replset: {get_attr: [MongoDbBase, aux_parameters, rplset_name]} - mongodb::server::service_manage: False - step_config: | - include ::tripleo::profile::pacemaker::database::mongodb diff --git a/puppet/services/pacemaker/glance-api.yaml b/puppet/services/pacemaker/glance-api.yaml deleted file mode 100644 index 00213cba..00000000 --- a/puppet/services/pacemaker/glance-api.yaml +++ /dev/null @@ -1,74 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Glance API service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - GlanceFilePcmkDevice: - default: '' - description: > - An exported storage device that should be mounted by Pacemaker - as Glance storage. Effective when GlanceFilePcmkManage is true. - type: string - GlanceFilePcmkFstype: - default: 'nfs' - description: > - Filesystem type for Pacemaker mount used as Glance storage. - Effective when GlanceFilePcmkManage is true. - type: string - GlanceFilePcmkManage: - default: false - description: > - Whether to make Glance file backend a mount managed by Pacemaker. - Effective when GlanceBackend is 'file'. - type: boolean - GlanceFilePcmkOptions: - default: '' - description: > - Mount options for Pacemaker mount used as Glance storage. - Effective when GlanceFilePcmkManage is true. - type: string - -resources: - - GlanceApiBase: - type: ../glance-api.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Glance role. - value: - service_name: glance_api - monitoring_subscription: {get_attr: [GlanceApiBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [GlanceApiBase, role_data, logging_source]} - logging_groups: {get_attr: [GlanceApiBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [GlanceApiBase, role_data, config_settings] - - glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice} - glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype} - glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage} - glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions} - glance_file_pcmk_directory: '/var/lib/glance/images' - glance::api::manage_service: false - glance::api::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::glance diff --git a/puppet/services/pacemaker/glance-registry.yaml b/puppet/services/pacemaker/glance-registry.yaml deleted file mode 100644 index eaf0266c..00000000 --- a/puppet/services/pacemaker/glance-registry.yaml +++ /dev/null @@ -1,47 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Glance Registry service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - GlanceRegistryBase: - type: ../glance-registry.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Glance role. - value: - service_name: glance_registry - monitoring_subscription: {get_attr: [GlanceRegistryBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [GlanceRegistryBase, role_data, logging_source]} - logging_groups: {get_attr: [GlanceRegistryBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [GlanceRegistryBase, role_data, config_settings] - - glance::registry::manage_service: false - glance::registry::enabled: false - # No puppet manifests since glance-registry is included in - # ::tripleo::profile::pacemaker::glance which is maintained alongside of - # pacemaker/glance-api.yaml. - step_config: diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml deleted file mode 100644 index f83c3cd6..00000000 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ /dev/null @@ -1,47 +0,0 @@ -heat_template_version: ocata - -description: > - Gnocchi service configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - MonitoringSubscriptionGnocchiMetricd: - default: 'overcloud-gnocchi-metricd' - type: string - -resources: - GnocchiServiceBase: - type: ../gnocchi-metricd.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Gnocchi role. - value: - service_name: gnocchi_metricd - monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiMetricd} - config_settings: - map_merge: - - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::metricd::manage_service: false - gnocchi::metricd::enabled: false - tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} - - step_config: | - include ::tripleo::profile::pacemaker::gnocchi::metricd diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml deleted file mode 100644 index 8c224497..00000000 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ /dev/null @@ -1,46 +0,0 @@ -heat_template_version: ocata - -description: > - Gnocchi service configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - MonitoringSubscriptionGnocchiStatsd: - default: 'overcloud-gnocchi-statsd' - type: string - -resources: - GnocchiServiceBase: - type: ../gnocchi-statsd.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Gnocchi role. - value: - service_name: gnocchi_statsd - monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiStatsd} - config_settings: - map_merge: - - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::statsd::manage_service: false - gnocchi::statsd::enabled: false - tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} - step_config: | - include ::tripleo::profile::pacemaker::gnocchi::statsd diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml deleted file mode 100644 index da856d5a..00000000 --- a/puppet/services/pacemaker/heat-api-cfn.yaml +++ /dev/null @@ -1,44 +0,0 @@ -heat_template_version: ocata - -description: > - Openstack Heat CloudFormation API service configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - HeatApiCfnBase: - type: ../heat-api-cfn.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Heat CloudFormation API role. - value: - service_name: heat_api_cfn - monitoring_subscription: {get_attr: [HeatApiCfnBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [HeatApiCfnBase, role_data, logging_source]} - logging_groups: {get_attr: [HeatApiCfnBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [HeatApiCfnBase, role_data, config_settings] - - heat::api_cfn::manage_service: false - heat::api_cfn::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::heat::api_cfn diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml deleted file mode 100644 index a1a66cf6..00000000 --- a/puppet/services/pacemaker/heat-api-cloudwatch.yaml +++ /dev/null @@ -1,44 +0,0 @@ -heat_template_version: ocata - -description: > - Openstack Heat CloudWatch API service configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - HeatApiCloudwatchBase: - type: ../heat-api-cloudwatch.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Heat Cloudwatch API role. - value: - service_name: heat_api_cloudwatch - monitoring_subscription: {get_attr: [HeatApiCloudwatchBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [HeatApiCloudwatchBase, role_data, logging_source]} - logging_groups: {get_attr: [HeatApiCloudwatchBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [HeatApiCloudwatchBase, role_data, config_settings] - - heat::api_cloudwatch::manage_service: false - heat::api_cloudwatch::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::heat::api_cloudwatch diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml deleted file mode 100644 index c9a14373..00000000 --- a/puppet/services/pacemaker/heat-api.yaml +++ /dev/null @@ -1,44 +0,0 @@ -heat_template_version: ocata - -description: > - Openstack Heat API service configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - HeatApiBase: - type: ../heat-api.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Heat API role. - value: - service_name: heat_api - monitoring_subscription: {get_attr: [HeatApiBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [HeatApiBase, role_data, logging_source]} - logging_groups: {get_attr: [HeatApiBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [HeatApiBase, role_data, config_settings] - - heat::api::manage_service: false - heat::api::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::heat::api diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml deleted file mode 100644 index 42eb0045..00000000 --- a/puppet/services/pacemaker/heat-engine.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - Openstack Heat Engine service configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - HeatEngineBase: - type: ../heat-engine.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - - -outputs: - role_data: - description: Role data for the Heat engine role. - value: - service_name: heat_engine - monitoring_subscription: {get_attr: [HeatEngineBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [HeatEngineBase, role_data, logging_source]} - logging_groups: {get_attr: [HeatEngineBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [HeatEngineBase, role_data, config_settings] - - heat::engine::manage_service: false - heat::engine::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::heat::engine diff --git a/puppet/services/pacemaker/horizon.yaml b/puppet/services/pacemaker/horizon.yaml deleted file mode 100644 index 04b2d4c1..00000000 --- a/puppet/services/pacemaker/horizon.yaml +++ /dev/null @@ -1,41 +0,0 @@ -heat_template_version: ocata - -description: > - Horizon service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - HorizonBase: - type: ../horizon.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Horizon role. - value: - service_name: horizon - monitoring_subscription: {get_attr: [HorizonBase, role_data, monitoring_subscription]} - config_settings: - get_attr: [HorizonBase, role_data, config_settings] - step_config: | - include ::tripleo::profile::base::horizon - include ::tripleo::profile::pacemaker::apache diff --git a/puppet/services/pacemaker/keystone.yaml b/puppet/services/pacemaker/keystone.yaml deleted file mode 100644 index 97015484..00000000 --- a/puppet/services/pacemaker/keystone.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Keystone service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - KeystoneServiceBase: - type: ../keystone.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Keystone pacemaker role. - value: - service_name: keystone - monitoring_subscription: {get_attr: [KeystoneServiceBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [KeystoneServiceBase, role_data, logging_source]} - logging_groups: {get_attr: [KeystoneServiceBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [KeystoneServiceBase, role_data, config_settings] - - keystone::manage_service: false - keystone::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::keystone diff --git a/puppet/services/pacemaker/memcached.yaml b/puppet/services/pacemaker/memcached.yaml deleted file mode 100644 index 7e0007ce..00000000 --- a/puppet/services/pacemaker/memcached.yaml +++ /dev/null @@ -1,42 +0,0 @@ -heat_template_version: ocata - -description: > - Mecached service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - MemcachedServiceBase: - type: ../memcached.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Memcached pacemaker role. - value: - service_name: memcached - monitoring_subscription: {get_attr: [MemcachedServiceBase, role_data, monitoring_subscription]} - config_settings: - map_merge: - - get_attr: [MemcachedServiceBase, role_data, config_settings] - - memcached::service_manage: false - step_config: | - include ::tripleo::profile::pacemaker::memcached diff --git a/puppet/services/pacemaker/neutron-dhcp.yaml b/puppet/services/pacemaker/neutron-dhcp.yaml deleted file mode 100644 index 84a4f8ad..00000000 --- a/puppet/services/pacemaker/neutron-dhcp.yaml +++ /dev/null @@ -1,46 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron DHCP service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronDhcpBase: - type: ../neutron-dhcp.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron DHCP role. - value: - service_name: neutron_dhcp - monitoring_subscription: {get_attr: [NeutronDhcpBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NeutronDhcpBase, role_data, logging_source]} - logging_groups: {get_attr: [NeutronDhcpBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NeutronDhcpBase, role_data, config_settings] - - tripleo::profile::pacemaker::neutron::enable_dhcp: True - neutron::agents::dhcp::enabled: false - neutron::agents::dhcp::manage_service: false - step_config: | - include ::tripleo::profile::pacemaker::neutron::dhcp diff --git a/puppet/services/pacemaker/neutron-l3.yaml b/puppet/services/pacemaker/neutron-l3.yaml deleted file mode 100644 index 6a99cf98..00000000 --- a/puppet/services/pacemaker/neutron-l3.yaml +++ /dev/null @@ -1,46 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron L3 service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronL3Base: - type: ../neutron-l3.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron L3 role. - value: - service_name: neutron_l3 - monitoring_subscription: {get_attr: [NeutronL3Base, role_data, monitoring_subscription]} - logging_source: {get_attr: [NeutronL3Base, role_data, logging_source]} - logging_groups: {get_attr: [NeutronL3Base, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NeutronL3Base, role_data, config_settings] - - tripleo::profile::pacemaker::neutron::enable_l3: True - neutron::agents::l3::enabled: false - neutron::agents::l3::manage_service: false - step_config: | - include ::tripleo::profile::pacemaker::neutron::l3 diff --git a/puppet/services/pacemaker/neutron-metadata.yaml b/puppet/services/pacemaker/neutron-metadata.yaml deleted file mode 100644 index 2c3dd374..00000000 --- a/puppet/services/pacemaker/neutron-metadata.yaml +++ /dev/null @@ -1,44 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron Metadata service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronMetadataBase: - type: ../neutron-metadata.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron Metadata role. - value: - service_name: neutron_metadata - monitoring_subscription: {get_attr: [NeutronMetadataBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NeutronMetadataBase, role_data, logging_source]} - logging_groups: {get_attr: [NeutronMetadataBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NeutronMetadataBase, role_data, config_settings] - - tripleo::profile::pacemaker::neutron::enable_metadata: True - step_config: | - include ::tripleo::profile::pacemaker::neutron::metadata diff --git a/puppet/services/pacemaker/neutron-midonet.yaml b/puppet/services/pacemaker/neutron-midonet.yaml deleted file mode 100644 index b7f77697..00000000 --- a/puppet/services/pacemaker/neutron-midonet.yaml +++ /dev/null @@ -1,41 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron Midonet with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronMidonetBase: - type: ../neutron-midonet.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron Midonet plugin. - value: - service_name: neutron_midonet - monitoring_subscription: {get_attr: [NeutronMidonetBase, role_data, monitoring_subscription]} - config_settings: - map_merge: - - get_attr: [NeutronMidonetBase, role_data, config_settings] - step_config: | - include ::tripleo::profile::pacemaker::neutron::plugins::midonet diff --git a/puppet/services/pacemaker/neutron-ovs-agent.yaml b/puppet/services/pacemaker/neutron-ovs-agent.yaml deleted file mode 100644 index 67d5e274..00000000 --- a/puppet/services/pacemaker/neutron-ovs-agent.yaml +++ /dev/null @@ -1,42 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron OVS agent with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronOvsBase: - type: ../neutron-ovs-agent.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron OVS agent service. - value: - service_name: neutron_ovs_agent - monitoring_subscription: {get_attr: [NeutronOvsBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NeutronOvsBase, role_data, logging_source]} - logging_groups: {get_attr: [NeutronOvsBase, role_data, logging_groups]} - config_settings: - get_attr: [NeutronOvsBase, role_data, config_settings] - step_config: | - include ::tripleo::profile::pacemaker::neutron::ovs diff --git a/puppet/services/pacemaker/neutron-plugin-ml2.yaml b/puppet/services/pacemaker/neutron-plugin-ml2.yaml deleted file mode 100644 index 3b2bba04..00000000 --- a/puppet/services/pacemaker/neutron-plugin-ml2.yaml +++ /dev/null @@ -1,42 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron ML2 Plugin with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronMl2Base: - type: ../neutron-plugin-ml2.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron ML2 plugin. - value: - service_name: neutron_plugin_ml2 - config_settings: - map_merge: - - get_attr: [NeutronMl2Base, role_data, config_settings] - - neutron::agents::ml2::ovs::enabled: false - neutron::agents::ml2::ovs::manage_service: false - step_config: | - include ::tripleo::profile::pacemaker::neutron::plugins::ml2 diff --git a/puppet/services/pacemaker/neutron-plugin-nuage.yaml b/puppet/services/pacemaker/neutron-plugin-nuage.yaml deleted file mode 100644 index 0302b1c5..00000000 --- a/puppet/services/pacemaker/neutron-plugin-nuage.yaml +++ /dev/null @@ -1,40 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronPluginNuageBase: - type: ../neutron-plugin-nuage.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron Nuage plugin. - value: - service_name: neutron_plugin_nuage - config_settings: - map_merge: - - get_attr: [NeutronPluginNuageBase, role_data, config_settings] - step_config: | - include ::tripleo::profile::pacemaker::neutron::plugins::nuage diff --git a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml deleted file mode 100644 index d3b7e76e..00000000 --- a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml +++ /dev/null @@ -1,40 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronPluginOpenContrail: - type: ../neutron-plugin-nuage.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron OpenContrail plugin. - value: - service_name: neutron_plugin_opencontrail - config_settings: - map_merge: - - get_attr: [NeutronPluginOpenContrail, role_data, config_settings] - step_config: | - include ::tripleo::profile::pacemaker::neutron::plugins::opencontrail diff --git a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml deleted file mode 100644 index bc0ecac0..00000000 --- a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml +++ /dev/null @@ -1,40 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NeutronPluginPlumgridBase: - type: ../neutron-plugin-ml2.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron PLUMgrid plugin. - value: - service_name: neutron_plugin_plumgrid - config_settings: - map_merge: - - get_attr: [NeutronPluginPlumgridBase, role_data, config_settings] - step_config: | - include ::tripleo::profile::pacemaker::neutron::plugins::plumgrid diff --git a/puppet/services/pacemaker/neutron-server.yaml b/puppet/services/pacemaker/neutron-server.yaml deleted file mode 100644 index 015cd9fb..00000000 --- a/puppet/services/pacemaker/neutron-server.yaml +++ /dev/null @@ -1,48 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Neutron Server with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - NeutronL3HA: - default: true - description: Whether to enable HA for virtual routers - type: boolean - -resources: - - NeutronServerBase: - type: ../neutron-server.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Neutron Server. - value: - service_name: neutron_server - monitoring_subscription: {get_attr: [NeutronServerBase, role_data, monitoring_subscription]} - config_settings: - map_merge: - - get_attr: [NeutronServerBase, role_data, config_settings] - - neutron::server::enabled: false - neutron::server::manage_service: false - neutron::server::l3_ha: {get_param: NeutronL3HA} - step_config: | - include ::tripleo::profile::pacemaker::neutron::server diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml deleted file mode 100644 index c9411900..00000000 --- a/puppet/services/pacemaker/nova-api.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Nova API service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NovaApiBase: - type: ../nova-api.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Nova API role. - value: - service_name: nova_api - monitoring_subscription: {get_attr: [NovaApiBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NovaApiBase, role_data, logging_source]} - logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NovaApiBase, role_data, config_settings] - - nova::api::manage_service: false - nova::api::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::nova::api diff --git a/puppet/services/pacemaker/nova-conductor.yaml b/puppet/services/pacemaker/nova-conductor.yaml deleted file mode 100644 index 31b4c406..00000000 --- a/puppet/services/pacemaker/nova-conductor.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Nova Conductor service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NovaConductorBase: - type: ../nova-conductor.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Nova Conductor role. - value: - service_name: nova_conductor - monitoring_subscription: {get_attr: [NovaConductorBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NovaConductorBase, role_data, logging_source]} - logging_groups: {get_attr: [NovaConductorBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NovaConductorBase, role_data, config_settings] - - nova::conductor::manage_service: false - nova::conductor::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::nova::conductor diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml deleted file mode 100644 index 8c4be5a8..00000000 --- a/puppet/services/pacemaker/nova-consoleauth.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Nova Consoleauth service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NovaConsoleauthBase: - type: ../nova-consoleauth.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Nova Consoleauth role. - value: - service_name: nova_consoleauth - monitoring_subscription: {get_attr: [NovaConsoleauthBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NovaConsoleauthBase, role_data, logging_source]} - logging_groups: {get_attr: [NovaConsoleauthBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NovaConsoleauthBase, role_data, config_settings] - - nova::consoleauth::manage_service: false - nova::consoleauth::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::nova::consoleauth diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml deleted file mode 100644 index afcf5d5c..00000000 --- a/puppet/services/pacemaker/nova-scheduler.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Nova Scheduler service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NovaSchedulerBase: - type: ../nova-scheduler.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Nova Scheduler role. - value: - service_name: nova_scheduler - monitoring_subscription: {get_attr: [NovaSchedulerBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NovaSchedulerBase, role_data, logging_source]} - logging_groups: {get_attr: [NovaSchedulerBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NovaSchedulerBase, role_data, config_settings] - - nova::scheduler::manage_service: false - nova::scheduler::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::nova::scheduler diff --git a/puppet/services/pacemaker/nova-vnc-proxy.yaml b/puppet/services/pacemaker/nova-vnc-proxy.yaml deleted file mode 100644 index 22eeb261..00000000 --- a/puppet/services/pacemaker/nova-vnc-proxy.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Nova Vncproxy service with Pacemaker configured with Puppet. - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - NovaVncproxyBase: - type: ../nova-vnc-proxy.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Nova Vncproxy role. - value: - service_name: nova_vnc_proxy - monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [NovaVncproxyBase, role_data, logging_source]} - logging_groups: {get_attr: [NovaVncproxyBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [NovaVncproxyBase, role_data, config_settings] - - nova::vncproxy::manage_service: false - nova::vncproxy::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::nova::vncproxy diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml deleted file mode 100644 index 4ff93f9a..00000000 --- a/puppet/services/pacemaker/sahara-api.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Sahara API service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - SaharaApiBase: - type: ../sahara-api.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Sahara API role. - value: - service_name: sahara_api - monitoring_subscription: {get_attr: [SaharaApiBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [SaharaApiBase, role_data, logging_source]} - logging_groups: {get_attr: [SaharaApiBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [SaharaApiBase, role_data, config_settings] - - sahara::service::api::manage_service: false - sahara::service::api::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::sahara::api diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml deleted file mode 100644 index 18f2ffe1..00000000 --- a/puppet/services/pacemaker/sahara-engine.yaml +++ /dev/null @@ -1,45 +0,0 @@ -heat_template_version: ocata - -description: > - OpenStack Sahara Engine service with Pacemaker configured with Puppet - -parameters: - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - DefaultPasswords: - default: {} - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - SaharaEngineBase: - type: ../sahara-engine.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - -outputs: - role_data: - description: Role data for the Sahara Engine role. - value: - service_name: sahara_engine - monitoring_subscription: {get_attr: [SaharaEngineBase, role_data, monitoring_subscription]} - logging_source: {get_attr: [SaharaEngineBase, role_data, logging_source]} - logging_groups: {get_attr: [SaharaEngineBase, role_data, logging_groups]} - config_settings: - map_merge: - - get_attr: [SaharaEngineBase, role_data, config_settings] - - sahara::service::engine::manage_service: false - sahara::service::engine::enabled: false - step_config: | - include ::tripleo::profile::pacemaker::sahara::engine diff --git a/puppet/upgrade_config.yaml b/puppet/upgrade_config.yaml index 499160e5..e892d813 100644 --- a/puppet/upgrade_config.yaml +++ b/puppet/upgrade_config.yaml @@ -35,6 +35,7 @@ resources: template: "stepSTEP" params: STEP: {get_param: step} + modulepath: /usr/share/ansible-modules inputs: - name: role config: {get_attr: [AnsibleConfig, value]} diff --git a/requirements.txt b/requirements.txt index 9c4a708a..555b240d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,6 @@ -pbr>=0.5.21,<1.0 +# The order of packages is significant, because pip processes them in the order +# of appearance. Changing the order has an impact on the overall integration +# process, which may cause wedges in the gate later. +pbr>=1.8 # Apache-2.0 Jinja2>=2.8 # BSD License (3 clause) +six>=1.9.0 # MIT diff --git a/roles_data.yaml b/roles_data.yaml index 050d7f1f..8b820665 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -21,10 +21,11 @@ # on the role, defaults to an empty list. Sets the default for the # {{role.name}}Services parameter in overcloud.yaml -- name: Controller +- name: Controller # the 'primary' role goes first CountDefault: 1 ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephMds - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephExternal - OS::TripleO::Services::CephRgw @@ -32,7 +33,6 @@ - OS::TripleO::Services::CinderBackup - OS::TripleO::Services::CinderScheduler - OS::TripleO::Services::CinderVolume - - OS::TripleO::Services::Core - OS::TripleO::Services::Kernel - OS::TripleO::Services::Keystone - OS::TripleO::Services::GlanceApi diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml new file mode 100644 index 00000000..08213b68 --- /dev/null +++ b/roles_data_undercloud.yaml @@ -0,0 +1,35 @@ +- name: Undercloud # the 'primary' role goes first + CountDefault: 1 + disable_constraints: True + ServicesDefault: + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::MySQL + - OS::TripleO::Services::MongoDb + - OS::TripleO::Services::Keystone + - OS::TripleO::Services::Apache + - OS::TripleO::Services::RabbitMQ + - OS::TripleO::Services::GlanceApi + - OS::TripleO::Services::GlanceRegistry + - OS::TripleO::Services::SwiftProxy + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::SwiftRingBuilder + - OS::TripleO::Services::Memcached + - OS::TripleO::Services::HeatApi + - OS::TripleO::Services::HeatApiCfn + - OS::TripleO::Services::HeatEngine + - OS::TripleO::Services::NovaApi + - OS::TripleO::Services::NovaMetadata + - OS::TripleO::Services::NovaScheduler + - OS::TripleO::Services::NovaConductor + - OS::TripleO::Services::MistralEngine + - OS::TripleO::Services::MistralApi + - OS::TripleO::Services::MistralExecutor + - OS::TripleO::Services::IronicApi + - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::NovaIronic + - OS::TripleO::Services::Zaqar + - OS::TripleO::Services::NeutronServer + - OS::TripleO::Services::NeutronApi + - OS::TripleO::Services::NeutronCorePlugin + - OS::TripleO::Services::NeutronOvsAgent + - OS::TripleO::Services::NeutronDhcpAgent @@ -1,4 +1,3 @@ -#!/usr/bin/env python # Copyright (c) 2013 Hewlett-Packard Development Company, L.P. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -17,6 +16,14 @@ # THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT import setuptools +# In python < 2.7.4, a lazy loading of package `pbr` will break +# setuptools if some other modules registered functions in `atexit`. +# solution from: http://bugs.python.org/issue15881#msg170215 +try: + import multiprocessing # noqa +except ImportError: + pass + setuptools.setup( - setup_requires=['pbr'], + setup_requires=['pbr>=1.8'], pbr=True) diff --git a/test-requirements.txt b/test-requirements.txt index c3726e8b..faf4893f 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1 +1,6 @@ -pyyaml +# The order of packages is significant, because pip processes them in the order +# of appearance. Changing the order has an impact on the overall integration +# process, which may cause wedges in the gate later. +PyYAML>=3.10.0 # MIT +Jinja2>=2.8 # BSD License (3 clause) +six>=1.9.0 # MIT diff --git a/tools/process-templates.py b/tools/process-templates.py index a15b00e2..9a06812b 100755 --- a/tools/process-templates.py +++ b/tools/process-templates.py @@ -14,6 +14,7 @@ import argparse import jinja2 import os +import six import sys import yaml |