diff options
27 files changed, 495 insertions, 219 deletions
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index d6328c06..70181278 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -5,6 +5,9 @@ parameter_defaults: SSLKey: | The contents of the private key go here EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} @@ -14,9 +17,6 @@ parameter_defaults: GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet. HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml index 198892cd..8656ba1a 100644 --- a/environments/external-loadbalancer-vip.yaml +++ b/environments/external-loadbalancer-vip.yaml @@ -10,7 +10,8 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml - OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml + # Management network is optional and disabled by default + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml parameter_defaults: # When using an external loadbalancer set the following in parameter_defaults @@ -35,6 +36,6 @@ parameter_defaults: - 172.16.3.253 tenant: - 172.16.0.253 - management: - - 172.16.4.253 + #management: + #- 172.16.4.253 EnableLoadBalancer: false diff --git a/environments/major-upgrade-pacemaker-converge.yaml b/environments/major-upgrade-pacemaker-converge.yaml index f023cb32..dfcb9654 100644 --- a/environments/major-upgrade-pacemaker-converge.yaml +++ b/environments/major-upgrade-pacemaker-converge.yaml @@ -1,2 +1,6 @@ parameter_defaults: + UpdateIdentifier: 'true' UpgradeLevelNovaCompute: '' + +resource_registry: + OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml index 599a08b1..11ca5b31 100644 --- a/environments/network-isolation-v6.yaml +++ b/environments/network-isolation-v6.yaml @@ -53,3 +53,5 @@ parameter_defaults: NovaIPv6: True # Enable IPv6 environment for RabbitMQ. RabbitIPv6: true + # Enable IPv6 environment for Memcached. + MemcachedIPv6: true diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml index d782e8d8..fc4b8c7d 100644 --- a/environments/puppet-ceph-devel.yaml +++ b/environments/puppet-ceph-devel.yaml @@ -1,8 +1,7 @@ # A Heat environment file which can be used to enable a Ceph -# storage cluster using the controller and 2 ceph nodes. +# storage cluster using the controller and ceph nodes. # Rbd backends are enabled for Cinder, Glance, and Nova. parameters: - CephStorageCount: 2 #NOTE: These ID's and keys should be regenerated for # a production deployment. What is here is suitable for # developer and CI testing only. diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index 76fa63b4..242819b0 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -98,10 +98,10 @@ fi function detect_satellite_version { ping_api=$REG_SAT_URL/katello/api/ping - if curl -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then + if curl -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then echo Satellite 6 detected at $REG_SAT_URL satellite_version=6 - elif curl -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then + elif curl -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then echo Satellite 5 detected at $REG_SAT_URL satellite_version=5 else @@ -120,9 +120,10 @@ case "${REG_METHOD:-}" in ;; satellite) detect_satellite_version - if [ "satellite_version" = "6" ]; then + if [ "$satellite_version" = "6" ]; then repos="$repos --enable ${satellite_repo}" - rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true + curl -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" + rpm -Uvh katello-ca-consumer-latest.noarch.rpm || true subscription-manager register $opts subscription-manager $repos yum install -y katello-agent || true # needed for errata reporting to satellite6 diff --git a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh index 7fd26945..1f420b32 100644 --- a/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh +++ b/extraconfig/tasks/major_upgrade_pacemaker_migrations.sh @@ -12,3 +12,28 @@ # The migration functions should be idempotent. If the migration has # been already applied, it should be possible to call the function # again without damaging the deployment or failing the upgrade. + +function remove_ceilometer_alarm { + if pcs status | grep openstack-ceilometer-alarm; then + # Disable pacemaker resources for ceilometer-alarms + pcs resource disable openstack-ceilometer-alarm-evaluator + check_resource openstack-ceilometer-alarm-evaluator stopped 600 + pcs resource delete openstack-ceilometer-alarm-evaluator + pcs resource disable openstack-ceilometer-alarm-notifier + check_resource openstack-ceilometer-alarm-notifier stopped 600 + pcs resource delete openstack-ceilometer-alarm-notifier + + # remove constraints + pcs constraint remove ceilometer-delay-then-ceilometer-alarm-evaluator-constraint + pcs constraint remove ceilometer-alarm-evaluator-with-ceilometer-delay-colocation + pcs constraint remove ceilometer-alarm-evaluator-then-ceilometer-alarm-notifier-constraint + pcs constraint remove ceilometer-alarm-notifier-with-ceilometer-alarm-evaluator-colocation + pcs constraint remove ceilometer-alarm-notifier-then-ceilometer-notification-constraint + pcs constraint remove ceilometer-notification-with-ceilometer-alarm-notifier-colocation + + fi + + # uninstall openstack-ceilometer-alarm package + yum -y remove openstack-ceilometer-alarm + +} diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index 59e4be45..66efc5c5 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -53,12 +53,13 @@ neutron-l3-agent neutron-metadata-agent neutron-openvswitch-agent neutron-server -openstack-ceilometer-alarm-evaluator -openstack-ceilometer-alarm-notifier openstack-ceilometer-api openstack-ceilometer-central openstack-ceilometer-collector openstack-ceilometer-notification +openstack-aodh-evaluator +openstack-aodh-notifier +openstack-aodh-listener openstack-cinder-api openstack-cinder-scheduler openstack-cinder-volume @@ -107,6 +108,9 @@ openstack-nova-scheduler" pcs -f $pacemaker_dumpfile constraint order promote redis-master then start openstack-ceilometer-central-clone require-all=false fi + if ! pcs constraint order show | grep "promote redis-master then start openstack-aodh-evaluator-clone"; then + pcs -f $pacemaker_dumpfile constraint order promote redis-master then start openstack-aodh-evaluator-clone require-all=false + fi # ensure neutron constraints https://review.openstack.org/#/c/229466 # remove ovs-cleanup after server and add openvswitch-agent instead if pcs constraint order show | grep "start neutron-server-clone then start neutron-ovs-cleanup-clone"; then diff --git a/net-config-bond.yaml b/net-config-bond.yaml index b624563f..0a162e77 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -4,6 +4,11 @@ description: > Software Config to drive os-net-config with 2 bonded nics on a bridge. parameters: + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string ControlPlaneIp: default: '' description: IP address/subnet on the ctlplane network @@ -58,6 +63,7 @@ resources: type: ovs_bond name: bond1 use_dhcp: true + ovs_options: {get_param: BondInterfaceOvsOptions} members: # os-net-config translates nic1 => em1 (for example) - diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index 7a0bbf4a..a74d75da 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -1,6 +1,15 @@ # Data in this file is used to generate the endpoint_map.yaml template. # Run the script build_endpoint_map.py to regenerate the file. +Aodh: + Internal: + vip_param: AodhApi + Public: + vip_param: Public + Admin: + vip_param: AodhApi + port: 8042 + Ceilometer: Internal: vip_param: CeilometerApi @@ -37,15 +46,6 @@ Glance: vip_param: GlanceApi port: 9292 -GlanceRegistry: - Internal: - vip_param: GlanceRegistry - Public: - vip_param: Public - Admin: - vip_param: GlanceRegistry - port: 9191 - Mysql: '': vip_param: Mysql diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index a31094a1..956fb0ba 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -8,10 +8,10 @@ description: A map of OpenStack endpoints. Since the endpoints are URLs, parameters come from net_ip_uri_map, which will include these brackets in IPv6 addresses. parameters: + AodhApiVirtualIP: {type: string, default: ''} CeilometerApiVirtualIP: {type: string, default: ''} CinderApiVirtualIP: {type: string, default: ''} GlanceApiVirtualIP: {type: string, default: ''} - GlanceRegistryVirtualIP: {type: string, default: ''} HeatApiVirtualIP: {type: string, default: ''} KeystoneAdminApiVirtualIP: {type: string, default: ''} KeystonePublicApiVirtualIP: {type: string, default: ''} @@ -24,6 +24,9 @@ parameters: EndpointMap: type: json default: + AodhAdmin: {protocol: http, port: '8042', host: IP_ADDRESS} + AodhInternal: {protocol: http, port: '8042', host: IP_ADDRESS} + AodhPublic: {protocol: http, port: '8042', host: IP_ADDRESS} CeilometerAdmin: {protocol: http, port: '8777', host: IP_ADDRESS} CeilometerInternal: {protocol: http, port: '8777', host: IP_ADDRESS} CeilometerPublic: {protocol: http, port: '8777', host: IP_ADDRESS} @@ -33,9 +36,6 @@ parameters: GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS} GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS} GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS} - GlanceRegistryAdmin: {protocol: http, port: '9191', host: IP_ADDRESS} - GlanceRegistryInternal: {protocol: http, port: '9191', host: IP_ADDRESS} - GlanceRegistryPublic: {protocol: http, port: '9191', host: IP_ADDRESS} HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS} HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS} HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS} @@ -71,6 +71,120 @@ parameters: outputs: endpoint_map: value: + AodhAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, AodhAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: AodhApiVirtualIP} + port: + get_param: [EndpointMap, AodhAdmin, port] + protocol: + get_param: [EndpointMap, AodhAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, AodhAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, AodhAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: AodhApiVirtualIP} + - ':' + - get_param: [EndpointMap, AodhAdmin, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, AodhAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, AodhAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: AodhApiVirtualIP} + - ':' + - get_param: [EndpointMap, AodhAdmin, port] + AodhInternal: + host: + str_replace: + template: + get_param: [EndpointMap, AodhInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: AodhApiVirtualIP} + port: + get_param: [EndpointMap, AodhInternal, port] + protocol: + get_param: [EndpointMap, AodhInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, AodhInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, AodhInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: AodhApiVirtualIP} + - ':' + - get_param: [EndpointMap, AodhInternal, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, AodhInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, AodhInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: AodhApiVirtualIP} + - ':' + - get_param: [EndpointMap, AodhInternal, port] + AodhPublic: + host: + str_replace: + template: + get_param: [EndpointMap, AodhPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, AodhPublic, port] + protocol: + get_param: [EndpointMap, AodhPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, AodhPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, AodhPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, AodhPublic, port] + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, AodhPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, AodhPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, AodhPublic, port] CeilometerAdmin: host: str_replace: @@ -533,120 +647,6 @@ outputs: IP_ADDRESS: {get_param: PublicVirtualIP} - ':' - get_param: [EndpointMap, GlancePublic, port] - GlanceRegistryAdmin: - host: - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryAdmin, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} - port: - get_param: [EndpointMap, GlanceRegistryAdmin, port] - protocol: - get_param: [EndpointMap, GlanceRegistryAdmin, protocol] - uri: - list_join: - - '' - - - get_param: [EndpointMap, GlanceRegistryAdmin, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryAdmin, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} - - ':' - - get_param: [EndpointMap, GlanceRegistryAdmin, port] - uri_no_suffix: - list_join: - - '' - - - get_param: [EndpointMap, GlanceRegistryAdmin, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryAdmin, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} - - ':' - - get_param: [EndpointMap, GlanceRegistryAdmin, port] - GlanceRegistryInternal: - host: - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryInternal, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} - port: - get_param: [EndpointMap, GlanceRegistryInternal, port] - protocol: - get_param: [EndpointMap, GlanceRegistryInternal, protocol] - uri: - list_join: - - '' - - - get_param: [EndpointMap, GlanceRegistryInternal, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryInternal, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} - - ':' - - get_param: [EndpointMap, GlanceRegistryInternal, port] - uri_no_suffix: - list_join: - - '' - - - get_param: [EndpointMap, GlanceRegistryInternal, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryInternal, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: GlanceRegistryVirtualIP} - - ':' - - get_param: [EndpointMap, GlanceRegistryInternal, port] - GlanceRegistryPublic: - host: - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryPublic, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} - port: - get_param: [EndpointMap, GlanceRegistryPublic, port] - protocol: - get_param: [EndpointMap, GlanceRegistryPublic, protocol] - uri: - list_join: - - '' - - - get_param: [EndpointMap, GlanceRegistryPublic, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryPublic, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} - - ':' - - get_param: [EndpointMap, GlanceRegistryPublic, port] - uri_no_suffix: - list_join: - - '' - - - get_param: [EndpointMap, GlanceRegistryPublic, protocol] - - :// - - str_replace: - template: - get_param: [EndpointMap, GlanceRegistryPublic, host] - params: - CLOUDNAME: {get_param: CloudName} - IP_ADDRESS: {get_param: PublicVirtualIP} - - ':' - - get_param: [EndpointMap, GlanceRegistryPublic, port] HeatAdmin: host: str_replace: diff --git a/overcloud.yaml b/overcloud.yaml index 0e986dab..19e847a5 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -16,6 +16,10 @@ parameters: description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true + AodhPassword: + description: The password for the aodh services. + type: string + hidden: true CeilometerBackend: default: 'mongodb' description: The ceilometer backend type. @@ -104,6 +108,10 @@ parameters: type: string constraints: - custom_constraint: nova.keypair + MemcachedIPv6: + default: false + description: Enable IPv6 features in Memcached. + type: boolean NeutronExternalNetworkBridge: description: Name of bridge used for external network traffic. type: string @@ -278,13 +286,11 @@ parameters: type: string default: unset description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - # FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed RabbitUserName: default: guest description: The username for RabbitMQ type: string RabbitPassword: - default: guest description: The password for RabbitMQ type: string hidden: true @@ -673,6 +679,7 @@ parameters: default: NeutronTenantNetwork: tenant CeilometerApiNetwork: internal_api + AodhApiNetwork: internal_api MongoDbNetwork: internal_api CinderApiNetwork: internal_api CinderIscsiNetwork: storage @@ -872,9 +879,9 @@ resources: properties: CloudName: {get_param: CloudName} CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + AodhApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} CinderApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} @@ -896,6 +903,7 @@ resources: properties: AdminPassword: {get_param: AdminPassword} AdminToken: {get_param: AdminToken} + AodhPassword: {get_param: AodhPassword} CeilometerBackend: {get_param: CeilometerBackend} CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} CeilometerPassword: {get_param: CeilometerPassword} @@ -942,6 +950,7 @@ resources: KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey} KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver} KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat} + MemcachedIPv6: {get_param: MemcachedIPv6} MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize} MysqlMaxConnections: {get_param: MysqlMaxConnections} @@ -1010,6 +1019,7 @@ resources: ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + AodhApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} HeatApiVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} @@ -1248,6 +1258,7 @@ resources: heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + aodh_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} @@ -1368,6 +1379,7 @@ resources: nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + aodh_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} redis_vip: {get_attr: [RedisVirtualIP, ip_address]} @@ -1650,6 +1662,9 @@ outputs: PublicVip: description: Controller VIP for public API endpoints value: {get_attr: [VipMap, net_ip_map, external]} + AodhInternalVip: + description: VIP for Aodh API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} CeilometerInternalVip: description: VIP for Ceilometer API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 2f2a1e9d..fed9dd31 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -34,6 +34,8 @@ parameters: type: comma_delimited_list ceilometer_api_node_ips: type: comma_delimited_list + aodh_api_node_ips: + type: comma_delimited_list nova_api_node_ips: type: comma_delimited_list nova_metadata_node_ips: @@ -187,6 +189,14 @@ resources: list_join: - "','" - {get_param: ceilometer_api_node_ips} + aodh_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: aodh_api_node_ips} nova_api_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -272,6 +282,7 @@ resources: # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string ceilometer::rabbit_hosts: *rabbit_nodes_array + aodh::rabbit_hosts: *rabbit_nodes_array cinder::rabbit_hosts: *rabbit_nodes_array glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array heat::rabbit_hosts: *rabbit_nodes_array diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 888f3cf8..b5694802 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -51,7 +51,6 @@ parameters: description: Name of an existing Nova key pair to enable SSH access to the instances type: string RabbitPassword: - default: 'guest' type: string hidden: true RabbitUserName: @@ -286,7 +285,11 @@ resources: size: {get_param: CinderLVMLoopDeviceSize} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} - cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_iscsi_ip_address: + str_replace: + template: "'IP'" + params: + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index ee5bced6..f5c848c8 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -251,7 +251,6 @@ parameters: type: string default: '' # Has to be here because of the ignored empty value bug RabbitPassword: - default: guest description: The password for RabbitMQ type: string hidden: true diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index dc81498a..21db825a 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -22,7 +22,10 @@ resources: outputs: - name: result config: - get_file: manifests/overcloud_controller_pacemaker.pp + list_join: + - '' + - - get_file: manifests/overcloud_controller_pacemaker.pp + - get_file: manifests/ringbuilder.pp outputs: OS::stack_id: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index f85e1a9e..f7a6a56d 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -22,7 +22,10 @@ resources: outputs: - name: result config: - get_file: manifests/overcloud_controller.pp + list_join: + - '' + - - get_file: manifests/overcloud_controller.pp + - get_file: manifests/ringbuilder.pp outputs: OS::stack_id: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 713ad706..04f20b61 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -64,39 +64,26 @@ resources: update_identifier: {get_param: NodeConfigIdentifiers} actions: ['CREATE'] # no need for two passes on an UPDATE - ControllerRingbuilderPuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - inputs: - outputs: - - name: result - config: - get_file: manifests/ringbuilder.pp - - ControllerRingbuilderDeployment_Step3: + ControllerOvercloudServicesDeployment_Step3: type: OS::Heat::StructuredDeployments depends_on: ControllerServicesBaseDeployment_Step2 properties: - name: ControllerRingbuilderDeployment_Step3 + name: ControllerOvercloudServicesDeployment_Step3 servers: {get_param: servers} - config: {get_resource: ControllerRingbuilderPuppetConfig} + config: {get_resource: ControllerPuppetConfig} input_values: + step: 3 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step4: type: OS::Heat::StructuredDeployments - depends_on: ControllerRingbuilderDeployment_Step3 + depends_on: ControllerOvercloudServicesDeployment_Step3 properties: name: ControllerOvercloudServicesDeployment_Step4 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 3 + step: 4 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step5: @@ -107,7 +94,7 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 4 + step: 5 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step6: @@ -118,12 +105,23 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 5 + step: 6 + update_identifier: {get_param: NodeConfigIdentifiers} + + ControllerOvercloudServicesDeployment_Step7: + type: OS::Heat::StructuredDeployments + depends_on: ControllerOvercloudServicesDeployment_Step6 + properties: + name: ControllerOvercloudServicesDeployment_Step7 + servers: {get_param: servers} + config: {get_resource: ControllerPuppetConfig} + input_values: + step: 7 update_identifier: {get_param: NodeConfigIdentifiers} ControllerPostPuppet: type: OS::TripleO::Tasks::ControllerPostPuppet - depends_on: ControllerOvercloudServicesDeployment_Step6 + depends_on: ControllerOvercloudServicesDeployment_Step7 properties: servers: {get_param: servers} input_values: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 094102f5..efdf08bb 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -17,6 +17,13 @@ parameters: description: The keystone auth secret and db password. type: string hidden: true + AodhApiVirtualIP: + type: string + default: '' + AodhPassword: + description: The password for the aodh services. + type: string + hidden: true CeilometerApiVirtualIP: type: string default: '' @@ -225,6 +232,13 @@ parameters: Mount options for Pacemaker mount used as Glance storage. Effective when GlanceFilePcmkManage is true. type: string + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string HAProxySyslogAddress: default: /dev/log description: Syslog address where HAproxy will send its log @@ -326,6 +340,10 @@ parameters: default: false description: Whether to manage IPtables rules. type: boolean + MemcachedIPv6: + default: false + description: Enable IPv6 features in Memcached. + type: boolean PurgeFirewallRules: default: false description: Whether IPtables rules should be purged before setting up the new ones. @@ -595,7 +613,6 @@ parameters: default: '' # Has to be here because of the ignored empty value bug hidden: true RabbitPassword: - default: guest description: The password for RabbitMQ type: string hidden: true @@ -657,6 +674,10 @@ parameters: default: 10 description: Partition Power to use when building Swift rings type: number + SwiftRingBuild: + default: true + description: Whether to manage Swift rings or not + type: boolean SwiftPassword: description: The password for the swift service account, used by the swift proxy services. @@ -940,6 +961,8 @@ resources: neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} haproxy_log_address: {get_param: HAProxySyslogAddress} + haproxy_stats_password: {get_param: HAProxyStatsPassword} + haproxy_stats_user: {get_param: HAProxyStatsUser} heat.watch_server_url: list_join: - '' @@ -1148,13 +1171,15 @@ resources: ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_store_events: {get_param: CeilometerStoreEvents} + aodh_password: {get_param: AodhPassword} ceilometer_coordination_url: list_join: - '' - - - 'redis://' - - {get_param: RedisVirtualIPUri} - - ':6379/?password=' + - - 'redis://:' - {get_param: RedisPassword} + - '@' + - {get_param: RedisVirtualIPUri} + - ':6379/' ceilometer_dsn: list_join: - '' @@ -1168,6 +1193,7 @@ resources: nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} + memcached_ipv6: {get_param: MemcachedIPv6} nova_password: {get_param: NovaPassword} nova_dsn: list_join: @@ -1195,16 +1221,9 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} rabbit_ipv6: {get_param: RabbitIPv6} + rabbit_fd_limit: {get_param: RabbitFDLimit} mongodb_no_journal: {get_param: MongoDbNoJournal} mongodb_ipv6: {get_param: MongoDbIPv6} - # We need to force this into quotes or hiera will return integer causing - # the puppet module validation regexp to fail. - # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401 - rabbit_fd_limit: - str_replace: - template: "'LIMIT'" - params: - LIMIT: {get_param: RabbitFDLimit} ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} @@ -1212,6 +1231,7 @@ resources: swift_hash_suffix: {get_param: SwiftHashSuffix} swift_password: {get_param: SwiftPassword} swift_part_power: {get_param: SwiftPartPower} + swift_ring_build: {get_param: SwiftRingBuild} swift_replicas: {get_param: SwiftReplicas} swift_min_part_hours: {get_param: SwiftMinPartHours} swift_mount_check: {get_param: SwiftMountCheck} @@ -1228,7 +1248,11 @@ resources: - '/sahara' swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_iscsi_network: + str_replace: + template: "'IP'" + params: + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} @@ -1242,6 +1266,7 @@ resources: neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} @@ -1327,15 +1352,12 @@ resources: swift::swift_hash_suffix: {get_input: swift_hash_suffix} swift::proxy::authtoken::admin_password: {get_input: swift_password} swift::proxy::workers: {get_input: swift_workers} + tripleo::ringbuilder::build_ring: { get_input: swift_ring_build } tripleo::ringbuilder::part_power: {get_input: swift_part_power} tripleo::ringbuilder::replicas: {get_input: swift_replicas} tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} swift_mount_check: {get_input: swift_mount_check} - # NOTE(dprince): build_ring support is currently not wired in. - # See: https://review.openstack.org/#/c/109225/ - tripleo::ringbuilder::build_ring: True - # Cinder cinder_enable_db_purge: {get_input: cinder_enable_db_purge} cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} @@ -1550,6 +1572,24 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + # Aodh + aodh::rabbit_userid: {get_input: rabbit_username} + aodh::rabbit_password: {get_input: rabbit_password} + aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + aodh::rabbit_port: {get_input: rabbit_client_port} + aodh::debug: {get_input: debug} + aodh::wsgi::apache::ssl: false + aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} + aodh::api::service_name: 'httpd' + aodh::api::host: {get_input: aodh_api_network} + aodh::api::keystone_password: {get_input: aodh_password} + aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri} + aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri} + aodh::auth::auth_password: {get_input: aodh_password} + aodh::db::mysql::password: {get_input: aodh_password} + # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination + aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url} + # Nova nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} @@ -1628,6 +1668,7 @@ resources: tripleo::firewall::manage_firewall: {get_input: manage_firewall} tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules} # Misc + memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} @@ -1638,6 +1679,9 @@ resources: tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user} + tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password} + tripleo::loadbalancer::redis_password: {get_input: redis_password} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 98cec364..46471c3b 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -5,6 +5,9 @@ ssh::server::storeconfigs_enabled: false ceilometer::agent::auth::auth_region: 'regionOne' ceilometer::agent::auth::auth_tenant_name: 'service' +aodh::auth::auth_region: 'regionOne' +aodh::auth::auth_tenant_name: 'service' + nova::api::admin_tenant_name: 'service' nova::network::neutron::neutron_project_name: 'service' nova::network::neutron::neutron_username: 'neutron' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 288d224f..3e523f1b 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -35,6 +35,7 @@ keystone::roles::admin::email: 'root@localhost' # service tenant glance::api::keystone_tenant: 'service' +aodh::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service' @@ -80,7 +81,6 @@ glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true glance::registry::pipeline: 'keystone' glance::backend::swift::swift_store_create_container_on_put: true -glance::backend::rbd::rbd_store_user: 'openstack' glance_file_pcmk_directory: '/var/lib/glance/images' # neutron @@ -150,6 +150,7 @@ tripleo::loadbalancer::redis: true tripleo::loadbalancer::sahara: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true +tripleo::loadbalancer::aodh: true tripleo::loadbalancer::heat_api: true tripleo::loadbalancer::heat_cloudwatch: true tripleo::loadbalancer::heat_cfn: true @@ -262,3 +263,7 @@ tripleo::firewall::firewall_rules: '127 snmp': port: 161 proto: 'udp' + '128 aodh': + port: + - 8042 + - 13042 diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index d786b29c..c6667ae6 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -123,6 +123,7 @@ if hiera('step') >= 2 { include ::sahara::db::mysql if downcase(hiera('ceilometer_backend')) == 'mysql' { include ::ceilometer::db::mysql + include ::aodh::db::mysql } $rabbit_nodes = hiera('rabbit_node_ips') @@ -209,7 +210,7 @@ if hiera('step') >= 2 { } #END STEP 2 -if hiera('step') >= 3 { +if hiera('step') >= 4 { include ::keystone include ::keystone::config @@ -267,8 +268,15 @@ if hiera('step') >= 3 { include ::glance::notify::rabbitmq include join(['::glance::backend::', $glance_backend]) + $nova_ipv6 = hiera('nova::use_ipv6', false) + if $nova_ipv6 { + $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211') + } else { + $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211') + } + class { '::nova' : - memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'), + memcached_servers => $memcached_servers } include ::nova::config include ::nova::api @@ -611,6 +619,21 @@ if hiera('step') >= 3 { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } + # Aodh + class { '::aodh' : + database_connection => $ceilometer_database_connection, + } + include ::aodh::db::sync + # To manage the upgrade: + Exec['ceilometer-dbsync'] -> Exec['aodh-db-sync'] + include ::aodh::auth + include ::aodh::api + include ::aodh::wsgi::apache + include ::aodh::evaluator + include ::aodh::notifier + include ::aodh::listener + include ::aodh::client + # Heat class { '::heat' : notification_driver => 'messaging', @@ -634,8 +657,15 @@ if hiera('step') >= 3 { } $neutron_options = {'profile_support' => $_profile_support } + $memcached_ipv6 = hiera('memcached_ipv6', false) + if $memcached_ipv6 { + $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]') + } else { + $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1') + } + class { '::horizon': - cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), + cache_server_ip => $horizon_memcached_servers, neutron_options => $neutron_options, } @@ -651,9 +681,9 @@ if hiera('step') >= 3 { hiera_include('controller_classes') -} #END STEP 3 +} #END STEP 4 -if hiera('step') >= 4 { +if hiera('step') >= 5 { $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) @@ -688,7 +718,7 @@ if hiera('step') >= 4 { } } -} #END STEP 4 +} #END STEP 5 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index e3f31e91..fd12c342 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -18,6 +18,24 @@ Pcmk_resource <| |> { try_sleep => 3, } +# TODO(jistr): use pcs resource provider instead of just no-ops +Service <| + tag == 'aodh-service' or + tag == 'cinder-service' or + tag == 'ceilometer-service' or + tag == 'glance-service' or + tag == 'heat-service' or + tag == 'keystone-service' or + tag == 'neutron-service' or + tag == 'nova-service' or + tag == 'sahara-service' +|> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', +} + include ::tripleo::packages include ::tripleo::firewall @@ -29,13 +47,13 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) { $sync_db = false } -$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5 +$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 6 $enable_load_balancer = hiera('enable_load_balancer', true) # When to start and enable services which haven't been Pacemakerized # FIXME: remove when we start all OpenStack services using Pacemaker # (occurrences of this variable will be gradually replaced with false) -$non_pcmk_start = hiera('step') >= 4 +$non_pcmk_start = hiera('step') >= 5 if hiera('step') >= 1 { @@ -68,9 +86,6 @@ if hiera('step') >= 1 { } else { $cluster_setup_extras = {} } - user { 'hacluster': - ensure => present, - } -> class { '::pacemaker': hacluster_pwd => hiera('hacluster_pwd'), } -> @@ -587,7 +602,7 @@ MYSQL_HOST=localhost\n", } #END STEP 2 -if hiera('step') >= 3 { +if hiera('step') >= 4 { class { '::keystone': sync_db => $sync_db, @@ -1129,11 +1144,45 @@ if hiera('step') >= 3 { $_profile_support = 'None' } $neutron_options = {'profile_support' => $_profile_support } + + $memcached_ipv6 = hiera('memcached_ipv6', false) + if $memcached_ipv6 { + $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]') + } else { + $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1') + } + class { '::horizon': - cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), + cache_server_ip => $horizon_memcached_servers, neutron_options => $neutron_options, } + # Aodh + class { '::aodh' : + database_connection => $ceilometer_database_connection, + } + include ::aodh::config + include ::aodh::auth + include ::aodh::client + include ::aodh::wsgi::apache + class { '::aodh::api': + manage_service => false, + enabled => false, + service_name => 'httpd', + } + class { '::aodh::evaluator': + manage_service => false, + enabled => false, + } + class { '::aodh::notifier': + manage_service => false, + enabled => false, + } + class { '::aodh::listener': + manage_service => false, + enabled => false, + } + $snmpd_user = hiera('snmpd_readonly_user_name') snmp::snmpv3_user { $snmpd_user: authtype => 'MD5', @@ -1146,9 +1195,9 @@ if hiera('step') >= 3 { hiera_include('controller_classes') -} #END STEP 3 +} #END STEP 4 -if hiera('step') >= 4 { +if hiera('step') >= 5 { $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) @@ -1323,7 +1372,7 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::glance::params::api_service_name]], } - if hiera('step') == 4 { + if hiera('step') == 5 { # Neutron # NOTE(gfidente): Neutron will try to populate the database with some data # as soon as neutron-server is started; to avoid races we want to make this @@ -1624,7 +1673,7 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], } - # Ceilometer + # Ceilometer and Aodh case downcase(hiera('ceilometer_backend')) { /mysql/: { pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: @@ -1657,8 +1706,10 @@ if hiera('step') >= 4 { # Fedora doesn't know `require-all` parameter for constraints yet if $::operatingsystem == 'Fedora' { $redis_ceilometer_constraint_params = undef + $redis_aodh_constraint_params = undef } else { $redis_ceilometer_constraint_params = 'require-all=false' + $redis_aodh_constraint_params = 'require-all=false' } pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint': constraint_type => 'order', @@ -1670,6 +1721,16 @@ if hiera('step') >= 4 { require => [Pacemaker::Resource::Ocf['redis'], Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]], } + pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint': + constraint_type => 'order', + first_resource => 'redis-master', + second_resource => "${::aodh::params::evaluator_service_name}-clone", + first_action => 'promote', + second_action => 'start', + constraint_params => $redis_aodh_constraint_params, + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]], + } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', first_resource => 'openstack-core-clone', @@ -1720,6 +1781,55 @@ if hiera('step') >= 4 { require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], Pacemaker::Resource::Ocf['delay']], } + # Aodh + pacemaker::resource::service { $::aodh::params::evaluator_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::aodh::params::notifier_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::aodh::params::listener_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'aodh-delay-then-aodh-evaluator-constraint': + constraint_type => 'order', + first_resource => 'delay-clone', + second_resource => "${::aodh::params::evaluator_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::colocation { 'aodh-evaluator-with-aodh-delay-colocation': + source => "${::aodh::params::evaluator_service_name}-clone", + target => 'delay-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint': + constraint_type => 'order', + first_resource => "${::aodh::params::evaluator_service_name}-clone", + second_resource => "${::aodh::params::notifier_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]], + } + pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation': + source => "${::aodh::params::notifier_service_name}-clone", + target => "${::aodh::params::evaluator_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]], + } + pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation': + source => "${::aodh::params::listener_service_name}-clone", + target => "${::aodh::params::evaluator_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Service[$::aodh::params::listener_service_name]], + } if downcase(hiera('ceilometer_backend')) == 'mongodb' { pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint': constraint_type => 'order', @@ -1848,9 +1958,9 @@ if hiera('step') >= 4 { } -} #END STEP 4 +} #END STEP 5 -if hiera('step') >= 5 { +if hiera('step') >= 6 { if $pacemaker_master { @@ -1872,7 +1982,7 @@ if hiera('step') >= 5 { } } -} #END STEP 5 +} #END STEP 6 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp index 2d880d33..a623da29 100644 --- a/puppet/manifests/ringbuilder.pp +++ b/puppet/manifests/ringbuilder.pp @@ -13,8 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages - define add_devices( $swift_zones = '1' ){ @@ -91,6 +89,6 @@ class tripleo::ringbuilder ( } } -include ::tripleo::ringbuilder - -package_manifest{'/var/lib/tripleo/installed-packages/ringbuilder': ensure => present} +if hiera('step') >= 3 { + include ::tripleo::ringbuilder +} diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index c26aca77..8a4ea21f 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -30,6 +30,10 @@ parameters: default: 10 description: Partition Power to use when building Swift rings type: number + RingBuild: + default: true + description: Whether to manage Swift rings or not + type: boolean Replicas: type: number default: 3 @@ -263,17 +267,14 @@ resources: raw_data: {get_file: hieradata/object.yaml} mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_suffix: { get_input: swift_hash_suffix } + tripleo::ringbuilder::build_ring: { get_input: swift_ring_build } tripleo::ringbuilder::part_power: { get_input: swift_part_power } tripleo::ringbuilder::replicas: {get_input: swift_replicas } - # Swift swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} - # NOTE(dprince): build_ring support is currently not wired in. - # See: https://review.openstack.org/#/c/109225/ - tripleo::ringbuilder::build_ring: True snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_install: {get_input: enable_package_install} @@ -294,6 +295,7 @@ resources: swift_hash_suffix: {get_param: HashSuffix} swift_mount_check: {get_param: MountCheck} swift_min_part_hours: {get_param: MinPartHours} + swift_ring_build: {get_param: RingBuild} swift_part_power: {get_param: PartPower} swift_replicas: { get_param: Replicas} ntp_servers: {get_param: NtpServer} diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 5e2f698f..ebecd0cb 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -26,6 +26,7 @@ resources: nova_api_vip: {get_input: nova_api_vip} nova_metadata_vip: {get_input: nova_metadata_vip} ceilometer_api_vip: {get_input: ceilometer_api_vip} + aodh_api_vip: {get_input: aodh_api_vip} heat_api_vip: {get_input: heat_api_vip} horizon_vip: {get_input: horizon_vip} redis_vip: {get_input: redis_vip} diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index fe690d8c..2da873d0 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -24,10 +24,19 @@ def exit_usage(): def validate(filename): print('Validating %s' % filename) try: - yaml.load(open(filename).read()) + tpl = yaml.load(open(filename).read()) except Exception: print(traceback.format_exc()) return 1 + # yaml is OK, now walk the parameters and output a warning for unused ones + for p in tpl.get('parameters', {}): + str_p = '\'%s\'' % p + in_resources = str_p in str(tpl.get('resources', {})) + in_outputs = str_p in str(tpl.get('outputs', {})) + if not in_resources and not in_outputs: + print('Warning: parameter %s in template %s appears to be unused' + % (p, filename)) + return 0 if len(sys.argv) < 2: |