diff options
41 files changed, 655 insertions, 525 deletions
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index b4c3f08b..71b2c71a 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -28,6 +28,9 @@ parameter_defaults: HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} diff --git a/environments/ips-from-pool-all.yaml b/environments/ips-from-pool-all.yaml index f660d501..87563753 100644 --- a/environments/ips-from-pool-all.yaml +++ b/environments/ips-from-pool-all.yaml @@ -5,30 +5,36 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + # Management network is optional and disabled by default + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management_from_pool.yaml OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management_from_pool.yaml parameter_defaults: ControllerIPs: @@ -43,6 +49,8 @@ parameter_defaults: - 172.16.3.251 tenant: - 172.16.0.251 + #management: + #- 172.16.4.251 NovaComputeIPs: # Each compute will get an IP from the lists below, first compute, first IP internal_api: @@ -51,12 +59,16 @@ parameter_defaults: - 172.16.1.252 tenant: - 172.16.0.252 + #management: + #- 172.16.4.252 CephStorageIPs: # Each ceph node will get an IP from the lists below, first node, first IP storage: - 172.16.1.253 storage_mgmt: - 172.16.3.253 + #management: + #- 172.16.4.253 SwiftStorageIPs: # Each swift node will get an IP from the lists below, first node, first IP internal_api: @@ -65,6 +77,8 @@ parameter_defaults: - 172.16.1.254 storage_mgmt: - 172.16.3.254 + #management: + #- 172.16.4.254 BlockStorageIPs: # Each cinder node will get an IP from the lists below, first node, first IP internal_api: @@ -73,3 +87,5 @@ parameter_defaults: - 172.16.1.250 storage_mgmt: - 172.16.3.250 + #management: + #- 172.16.4.250 diff --git a/environments/major-upgrade-pacemaker-init.yaml b/environments/major-upgrade-pacemaker-init.yaml index fbad0406..d97f8fc1 100644 --- a/environments/major-upgrade-pacemaker-init.yaml +++ b/environments/major-upgrade-pacemaker-init.yaml @@ -3,7 +3,6 @@ parameter_defaults: resource_registry: OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_pacemaker_init.yaml - OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml OS::TripleO::ControllerPostDeployment: OS::Heat::None OS::TripleO::ComputePostDeployment: OS::Heat::None OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None diff --git a/environments/major-upgrade-pacemaker.yaml b/environments/major-upgrade-pacemaker.yaml index 763ca67e..95f09666 100644 --- a/environments/major-upgrade-pacemaker.yaml +++ b/environments/major-upgrade-pacemaker.yaml @@ -3,7 +3,6 @@ parameter_defaults: resource_registry: OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_pacemaker.yaml - OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml OS::TripleO::ControllerPostDeployment: OS::Heat::None OS::TripleO::ComputePostDeployment: OS::Heat::None OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None diff --git a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh index f5399222..2aaa84c6 100755 --- a/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh +++ b/extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh @@ -2,13 +2,21 @@ set -eu -cluster_sync_timeout=600 +cluster_sync_timeout=1800 if pcs status 2>&1 | grep -E '(cluster is not currently running)|(OFFLINE:)'; then echo_error "ERROR: upgrade cannot start with some cluster nodes being offline" exit 1 fi + +# We want to disable fencing during the cluster --stop as it might fence +# nodes where a service fails to stop, which could be fatal during an upgrade +# procedure. So we remember the stonith state. If it was enabled we reenable it +# at the end of this script +STONITH_STATE=$(pcs property show stonith-enabled | grep "stonith-enabled" | awk '{ print $2 }') +pcs property set stonith-enabled=false + if [ "$(hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid)" = "$(facter hostname)" ]; then pcs resource disable httpd check_resource httpd stopped 1800 @@ -49,6 +57,12 @@ done yum -y install python-zaqarclient # needed for os-collect-config yum -y -q update + +# Let's reset the stonith back to true if it was true, before starting the cluster +if [ $STONITH_STATE == "true" ]; then + pcs -f /var/lib/pacemaker/cib/cib.xml property set stonith-enabled=true +fi + # Pin messages sent to compute nodes to kilo, these will be upgraded later crudini --set /etc/nova/nova.conf upgrade_levels compute "$upgrade_level_nova_compute" # https://bugzilla.redhat.com/show_bug.cgi?id=1284047 diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index c76e1360..53b474de 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -192,3 +192,18 @@ Sahara: uri_suffixes: '': /v1.1/%(tenant_id)s port: 8386 + +Ironic: + Internal: + vip_param: IronicApi + uri_suffixes: + '': /v1 + Public: + vip_param: Public + uri_suffixes: + '': /v1 + Admin: + vip_param: IronicApi + uri_suffixes: + '': /v1 + port: 6385 diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index fbfa0a15..51ff375b 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -15,6 +15,7 @@ parameters: GlanceRegistryVirtualIP: {type: string, default: ''} GnocchiApiVirtualIP: {type: string, default: ''} HeatApiVirtualIP: {type: string, default: ''} + IronicApiVirtualIP: {type: string, default: ''} KeystoneAdminApiVirtualIP: {type: string, default: ''} KeystonePublicApiVirtualIP: {type: string, default: ''} MysqlVirtualIP: {type: string, default: ''} @@ -49,6 +50,9 @@ parameters: HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS} HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS} HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS} + IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS} KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS} KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS} KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS} @@ -1076,6 +1080,123 @@ outputs: IP_ADDRESS: {get_param: PublicVirtualIP} - ':' - get_param: [EndpointMap, HorizonPublic, port] + IronicAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + port: + get_param: [EndpointMap, IronicAdmin, port] + protocol: + get_param: [EndpointMap, IronicAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, IronicAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicAdmin, port] + - /v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, IronicAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicAdmin, port] + IronicInternal: + host: + str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + port: + get_param: [EndpointMap, IronicInternal, port] + protocol: + get_param: [EndpointMap, IronicInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, IronicInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicInternal, port] + - /v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, IronicInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicInternal, port] + IronicPublic: + host: + str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, IronicPublic, port] + protocol: + get_param: [EndpointMap, IronicPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, IronicPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, IronicPublic, port] + - /v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, IronicPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, IronicPublic, port] KeystoneAdmin: host: str_replace: diff --git a/network/extraconfig.yaml b/network/extraconfig.yaml deleted file mode 100644 index 93c6609f..00000000 --- a/network/extraconfig.yaml +++ /dev/null @@ -1,3 +0,0 @@ -heat_template_version: 2015-04-30 - -description: Noop network extra config diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 13d8e13d..cb67c7ec 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -63,7 +63,7 @@ resource_registry: OS::TripleO::Network::Tenant: OS::Heat::None OS::TripleO::Network::Management: OS::Heat::None - OS::TripleO::Network::ExtraConfig: network/extraconfig.yaml + OS::TripleO::Network::ExtraConfig: OS::Heat::None OS::TripleO::Network::Ports::NetVipMap: network/ports/net_ip_map.yaml OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml @@ -134,6 +134,8 @@ resource_registry: OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml + OS::TripleO::Services::IronicApi: puppet/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: puppet/services/ironic-conductor.yaml OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml @@ -148,7 +150,6 @@ resource_registry: OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml OS::TripleO::Services::Memcached: puppet/services/memcached.yaml - OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml OS::TripleO::Services::SaharaApi: puppet/services/sahara-api.yaml OS::TripleO::Services::SaharaEngine: puppet/services/sahara-engine.yaml OS::TripleO::Services::Redis: puppet/services/database/redis.yaml @@ -159,7 +160,12 @@ resource_registry: OS::TripleO::Services::NovaConsoleauth: puppet/services/nova-consoleauth.yaml OS::TripleO::Services::NovaVncproxy: puppet/services/nova-vncproxy.yaml OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml + OS::TripleO::Services::NovaLibvirt: puppet/services/nova-libvirt.yaml OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml + OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml + OS::TripleO::Services::SwiftStorage: puppet/services/swift-storage.yaml + OS::TripleO::Services::Snmp: puppet/services/snmp.yaml + OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.yaml b/overcloud.yaml index 0af6ee48..1d5fd8b1 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -66,10 +66,6 @@ parameters: default: '' type: string description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments. - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean CinderEnableRbdBackend: default: false description: Whether to enable or not the Rbd backend for Cinder @@ -221,11 +217,6 @@ parameters: description: The password for the nova service account, used by nova-api. type: string hidden: true - #TODO(ccamacho): Remove after landing Ntp in all roles - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list PublicVirtualFixedIPs: default: [] description: > @@ -258,14 +249,6 @@ parameters: description: The password for Redis type: string hidden: true - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true StorageVirtualFixedIPs: default: [] description: > @@ -278,10 +261,6 @@ parameters: Control the IP allocation for the StorageMgmgVirtualInterface port. E.g. [{'ip_address':'1.2.3.4'}] type: json - TimeZone: - default: 'UTC' - description: The timezone to be set on nodes. - type: string CloudDomain: default: 'localdomain' type: string @@ -296,18 +275,6 @@ parameters: type: json # Controller-specific params - CinderLVMLoopDeviceSize: - default: 10280 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderPassword: - description: The password for the cinder service account, used by cinder-api. - type: string - hidden: true - CinderISCSIHelper: - default: lioadm - description: The iSCSI helper to use with cinder. - type: string ControllerCount: type: number default: 1 @@ -345,10 +312,6 @@ parameters: default: false description: Whether to deploy Ceph Storage (OSD) on the Controller type: boolean - ControllerEnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean ControllerSchedulerHints: type: json description: Optional scheduler hints to pass to nova @@ -440,10 +403,6 @@ parameters: description: A random string to be used as a salt when hashing to determine mappings in the ring. type: string hidden: true - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean SwiftMinPartHours: type: number default: 1 @@ -539,6 +498,7 @@ parameters: CinderIscsiNetwork: storage GlanceApiNetwork: storage GlanceRegistryNetwork: internal_api + IronicApiNetwork: internal_api KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints KeystonePublicApiNetwork: internal_api NeutronApiNetwork: internal_api @@ -587,7 +547,6 @@ parameters: - OS::TripleO::Services::HAproxy - OS::TripleO::Services::Keepalived - OS::TripleO::Services::Memcached - - OS::TripleO::Services::SwiftProxy - OS::TripleO::Services::Redis - OS::TripleO::Services::NovaConductor - OS::TripleO::Services::MongoDb @@ -596,6 +555,10 @@ parameters: - OS::TripleO::Services::NovaConsoleauth - OS::TripleO::Services::NovaVncproxy - OS::TripleO::Services::Ntp + - OS::TripleO::Services::SwiftProxy + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Controllers. @@ -603,8 +566,11 @@ parameters: ComputeServices: default: - - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::Timezone - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::NovaLibvirt description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the Compute Nodes. @@ -633,7 +599,15 @@ parameters: type: json description: Optional scheduler hints to pass to nova default: {} - + BlockStorageServices: + default: + - OS::TripleO::Services::CinderVolume + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Timezone + description: A list of service resources (configured in the Heat + resource_registry) which represent nested stacks + for each service that should get installed on the BlockStorage nodes. + type: comma_delimited_list # Object storage specific parameters ObjectStorageCount: @@ -661,6 +635,9 @@ parameters: ObjectStorageServices: default: - OS::TripleO::Services::Ntp + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the ObjectStorage nodes. @@ -694,6 +671,7 @@ parameters: CephStorageServices: default: - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Timezone description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks for each service that should get installed on the CephStorage nodes. @@ -805,6 +783,7 @@ resources: GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + IronicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} @@ -846,7 +825,6 @@ resources: PurgeFirewallRules: {get_param: PurgeFirewallRules} EnableGalera: {get_param: EnableGalera} EnableCephStorage: {get_param: ControllerEnableCephStorage} - EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} ExtraConfig: {get_param: ExtraConfig} FencingConfig: {get_param: FencingConfig} Flavor: {get_param: OvercloudControlFlavor} @@ -880,32 +858,15 @@ resources: RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} RedisPassword: {get_param: RedisPassword} - SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} - SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]} SwiftHashSuffix: {get_param: SwiftHashSuffix} - SwiftMountCheck: {get_param: SwiftMountCheck} SwiftMinPartHours: {get_param: SwiftMinPartHours} SwiftPartPower: {get_param: SwiftPartPower} SwiftReplicas: { get_param: SwiftReplicas} - TimeZone: {get_param: TimeZone} - VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now. - PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} ServiceNetMap: {get_param: ServiceNetMap} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - AodhApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} - CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - HeatApiVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -915,9 +876,10 @@ resources: NodeIndex: '%index%' ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: ControllerSchedulerHints} - ServiceConfigSettings: {get_attr: [ControllerServiceChain, config_settings]} + ServiceConfigSettings: {get_attr: [ControllerServiceChain, role_data, config_settings]} ComputeServiceChain: + type: OS::TripleO::Services properties: Services: {get_param: ComputeServices} @@ -984,10 +946,7 @@ resources: RabbitUserName: {get_param: RabbitUserName} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} - SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} - SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} ServiceNetMap: {get_param: ServiceNetMap} - TimeZone: {get_param: TimeZone} EndpointMap: {get_attr: [EndpointMap, endpoint_map]} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: @@ -999,8 +958,13 @@ resources: ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: NovaComputeSchedulerHints} NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [ComputeServiceChain, config_settings]} + ServiceConfigSettings: {get_attr: [ComputeServiceChain, role_data, config_settings]} + BlockStorageServiceChain: + type: OS::TripleO::Services + properties: + Services: {get_param: BlockStorageServices} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} BlockStorage: type: OS::Heat::ResourceGroup @@ -1011,23 +975,9 @@ resources: resource_def: type: OS::TripleO::BlockStorage properties: - Debug: {get_param: Debug} Image: {get_param: BlockStorageImage} - CinderISCSIHelper: {get_param: CinderISCSIHelper} - CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} - # Purpose of the dedicated BlockStorage nodes should be to use their local LVM - CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} - CinderPassword: {get_param: CinderPassword} KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudBlockStorageFlavor} - VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} - TimeZone: {get_param: TimeZone} - NtpServer: {get_param: NtpServer} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -1035,13 +985,13 @@ resources: params: '%stackname%': {get_param: 'OS::stack_name'} ServiceNetMap: {get_param: ServiceNetMap} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} ExtraConfig: {get_param: ExtraConfig} BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} CloudDomain: {get_param: CloudDomain} ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: BlockStorageSchedulerHints} NodeIndex: '%index%' + ServiceConfigSettings: {get_attr: [BlockStorageServiceChain, role_data, config_settings]} ObjectStorageServiceChain: type: OS::TripleO::Services @@ -1061,12 +1011,10 @@ resources: KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudSwiftStorageFlavor} HashSuffix: {get_param: SwiftHashSuffix} - MountCheck: {get_param: SwiftMountCheck} MinPartHours: {get_param: SwiftMinPartHours} PartPower: {get_param: SwiftPartPower} Image: {get_param: SwiftStorageImage} Replicas: { get_param: SwiftReplicas} - TimeZone: {get_param: TimeZone} UpdateIdentifier: {get_param: UpdateIdentifier} ServiceNetMap: {get_param: ServiceNetMap} Hostname: @@ -1080,7 +1028,7 @@ resources: ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: ObjectStorageSchedulerHints} NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, config_settings]} + ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, role_data, config_settings]} CephStorageServiceChain: type: OS::TripleO::Services @@ -1101,7 +1049,6 @@ resources: KeyName: {get_param: KeyName} Flavor: {get_param: OvercloudCephStorageFlavor} ServiceNetMap: {get_param: ServiceNetMap} - TimeZone: {get_param: TimeZone} UpdateIdentifier: {get_param: UpdateIdentifier} Hostname: str_replace: @@ -1114,7 +1061,7 @@ resources: ServerMetadata: {get_param: ServerMetadata} SchedulerHints: {get_param: CephStorageSchedulerHints} NodeIndex: '%index%' - ServiceConfigSettings: {get_attr: [CephStorageServiceChain, config_settings]} + ServiceConfigSettings: {get_attr: [CephStorageServiceChain, role_data, config_settings]} ControllerIpListMap: type: OS::TripleO::Network::Ports::NetIpListMap @@ -1157,6 +1104,7 @@ resources: keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} + ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -1280,6 +1228,7 @@ resources: public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} + ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} @@ -1478,7 +1427,7 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} controller_config: {get_attr: [Controller, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} - StepConfig: {get_attr: [ControllerServiceChain, step_config]} + RoleData: {get_attr: [ControllerServiceChain, role_data]} ComputeNodesPostDeployment: type: OS::TripleO::ComputePostDeployment @@ -1489,7 +1438,7 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} compute_config: {get_attr: [Compute, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} - StepConfig: {get_attr: [ComputeServiceChain, step_config]} + RoleData: {get_attr: [ComputeServiceChain, role_data]} ObjectStorageNodesPostDeployment: type: OS::TripleO::ObjectStoragePostDeployment @@ -1500,7 +1449,7 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} - StepConfig: {get_attr: [ObjectStorageServiceChain, step_config]} + RoleData: {get_attr: [ObjectStorageServiceChain, role_data]} BlockStorageNodesPostDeployment: type: OS::TripleO::BlockStoragePostDeployment @@ -1511,6 +1460,7 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} + RoleData: {get_attr: [BlockStorageServiceChain, role_data]} CephStorageNodesPostDeployment: type: OS::TripleO::CephStoragePostDeployment @@ -1521,7 +1471,7 @@ resources: allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]} deployment_identifier: {get_param: DeployIdentifier} - StepConfig: {get_attr: [CephStorageServiceChain, step_config]} + RoleData: {get_attr: [CephStorageServiceChain, role_data]} outputs: KeystoneURL: @@ -1551,6 +1501,9 @@ outputs: HeatInternalVip: description: VIP for Heat API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + IronicInternalVip: + description: VIP for Ironic API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} KeystoneInternalVip: description: VIP for Keystone API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index b065ddd2..a53d8981 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -56,6 +56,8 @@ parameters: type: comma_delimited_list sahara_api_node_ips: type: comma_delimited_list + ironic_api_node_ips: + type: comma_delimited_list DeployIdentifier: type: string @@ -294,6 +296,14 @@ resources: list_join: - "','" - {get_param: sahara_api_node_ips} + ironic_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: ironic_api_node_ips} # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string @@ -306,6 +316,7 @@ resources: nova::rabbit_hosts: *rabbit_nodes_array keystone::rabbit_hosts: *rabbit_nodes_array sahara::rabbit_hosts: *rabbit_nodes_array + ironic::rabbit_hosts: *rabbit_nodes_array deploy_identifier: {get_param: DeployIdentifier} update_identifier: {get_param: UpdateIdentifier} diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index 2b9ae751..edeb2d93 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -11,12 +11,11 @@ parameters: servers: type: json NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - StepConfig: - type: string - description: Config manifests that will be used to step through the deployment. - default: '' + type: json + description: Value which changes if the node configuration may need to be re-applied + RoleData: + type: json + default: {} resources: @@ -47,7 +46,7 @@ resources: list_join: - '' - - get_file: manifests/overcloud_cephstorage.pp - - {get_param: StepConfig} + - {get_param: [RoleData, step_config]} CephStorageDeployment_Step2: type: OS::Heat::StructuredDeployments diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 7a71ea80..28493964 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -30,10 +30,6 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json - TimeZone: - default: 'UTC' - description: The timezone to be set on Ceph nodes. - type: string UpdateIdentifier: default: '' type: string @@ -228,7 +224,6 @@ resources: config: {get_resource: CephStorageConfig} server: {get_resource: CephStorage} input_values: - timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} @@ -269,7 +264,6 @@ resources: ceph: raw_data: {get_file: hieradata/ceph.yaml} mapped_data: - timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index f470203f..4de141f2 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -11,6 +11,9 @@ parameters: NodeConfigIdentifiers: type: json description: Value which changes if the node configuration may need to be re-applied + RoleData: + type: json + default: {} resources: @@ -32,22 +35,55 @@ resources: group: puppet options: enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + inputs: + - name: step outputs: - name: result config: - get_file: manifests/overcloud_volume.pp + list_join: + - '' + - - get_file: manifests/overcloud_volume.pp + - {get_param: [RoleData, step_config]} + + VolumeDeployment_Step2: + type: OS::Heat::StructuredDeployments + depends_on: VolumeArtifactsDeploy + properties: + name: VolumeDeployment_Step2 + servers: {get_param: servers} + config: {get_resource: VolumePuppetConfig} + input_values: + step: 2 + update_identifier: {get_param: NodeConfigIdentifiers} - VolumeDeployment_Step1: + VolumeDeployment_Step3: type: OS::Heat::StructuredDeployments + depends_on: VolumeDeployment_Step2 properties: - name: VolumeDeployment_Step1 + name: VolumeDeployment_Step3 servers: {get_param: servers} config: {get_resource: VolumePuppetConfig} + input_values: + step: 3 + update_identifier: {get_param: NodeConfigIdentifiers} + + VolumeDeployment_Step4: + type: OS::Heat::StructuredDeployments + depends_on: VolumeDeployment_Step3 + properties: + name: VolumeDeployment_Step4 + servers: {get_param: servers} + config: {get_resource: VolumePuppetConfig} + input_values: + step: 4 + update_identifier: {get_param: NodeConfigIdentifiers} # Note, this should come last, so use depends_on to ensure # this is created after any other resources. ExtraConfig: - depends_on: VolumeDeployment_Step1 + depends_on: VolumeDeployment_Step4 type: OS::TripleO::NodeExtraConfigPost properties: servers: {get_param: servers} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index d760de5e..7d00ffa6 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -4,29 +4,6 @@ parameters: Image: default: overcloud-cinder-volume type: string - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderISCSIHelper: - default: lioadm - description: The iSCSI helper to use with cinder. - type: string - CinderLVMLoopDeviceSize: - default: 10280 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderPassword: - description: The password for the cinder service and db account, used by cinder-api. - type: string - hidden: true - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - VirtualIP: # deprecated. Use per service VIPs instead. - default: '' - type: string ExtraConfig: default: {} description: | @@ -50,22 +27,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - RabbitPassword: - type: string - hidden: true - RabbitUserName: - default: 'guest' - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -74,10 +35,6 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -100,18 +57,6 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - TimeZone: - default: 'UTC' - description: The timezone to be set on Cinder nodes. - type: string - GlanceApiVirtualIP: - type: string - default: '' NetworkDeploymentActions: type: comma_delimited_list description: > @@ -143,7 +88,9 @@ parameters: NodeIndex: type: number default: 0 - + ServiceConfigSettings: + type: json + default: {} resources: BlockStorage: @@ -277,37 +224,13 @@ resources: server: {get_resource: BlockStorage} config: {get_resource: BlockStorageConfig} input_values: - debug: {get_param: Debug} - cinder_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://cinder:' - - {get_param: CinderPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/cinder' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - cinder_lvm_loop_device_size: - str_replace: - template: sizeM - params: - size: {get_param: CinderLVMLoopDeviceSize} - cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} - cinder_iscsi_helper: {get_param: CinderISCSIHelper} cinder_iscsi_ip_address: str_replace: template: "'IP'" params: IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - ntp_servers: {get_param: NtpServer} - timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -323,6 +246,7 @@ resources: - heat_config_%{::deploy_config_name} - volume_extraconfig - extraconfig + - service_configs - volume - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' @@ -330,6 +254,8 @@ resources: - network merge_behavior: deeper datafiles: + service_configs: + mapped_data: {get_param: ServiceConfigSettings} common: raw_data: {get_file: hieradata/common.yaml} network: @@ -345,19 +271,7 @@ resources: raw_data: {get_file: hieradata/volume.yaml} mapped_data: # Cinder - cinder::debug: {get_input: debug} - cinder::setup_test_volume::size: {get_input: cinder_lvm_loop_device_size} - cinder_iscsi_helper: {get_input: cinder_iscsi_helper} - cinder::database_connection: {get_input: cinder_dsn} - cinder::rabbit_userid: {get_input: rabbit_username} - cinder::rabbit_password: {get_input: rabbit_password} - cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - cinder::rabbit_port: {get_input: rabbit_client_port} - cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} - cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} - cinder::glance::glance_api_servers: {get_input: glance_api_servers} - ntp::servers: {get_input: ntp_servers} - timezone::timezone: {get_input: timezone} + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index 698cadba..2033c4b4 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -11,12 +11,11 @@ parameters: servers: type: json NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - StepConfig: - type: string - description: Config manifests that will be used to step through the deployment. - default: '' + type: json + description: Value which changes if the node configuration may need to be re-applied + RoleData: + type: json + default: {} resources: @@ -47,7 +46,7 @@ resources: list_join: - '' - - get_file: manifests/overcloud_compute.pp - - {get_param: StepConfig} + - {get_param: [RoleData, step_config]} ComputeServicesBaseDeployment_Step2: type: OS::Heat::StructuredDeployments diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 7a863252..f800cca6 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -254,14 +254,6 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level @@ -280,10 +272,6 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - TimeZone: - default: 'UTC' - description: The timezone to be set on compute nodes. - type: string UpdateIdentifier: default: '' type: string @@ -512,6 +500,10 @@ resources: nova::rabbit_port: {get_input: rabbit_client_port} nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova_compute_driver: {get_input: nova_compute_driver} + # TODO(emilien): move libvirt & migration parameters in libvirt profile + # used to deploy libvirt/kvm dependencies: + nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type} + # used to configured nova.conf: nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type} nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver} nova_api_host: {get_input: nova_api_host} @@ -541,8 +533,6 @@ resources: ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} ceilometer_compute_agent: {get_input: ceilometer_compute_agent} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} nova::glance_api_servers: {get_input: glance_api_servers} neutron::debug: {get_input: debug} neutron::rabbit_password: {get_input: rabbit_password} @@ -575,7 +565,6 @@ resources: neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers} keystone_public_api_virtual_ip: {get_input: keystone_vip} admin_password: {get_input: admin_password} - timezone::timezone: {get_input: timezone} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -616,8 +605,6 @@ resources: ceilometer_password: {get_param: CeilometerPassword} ceilometer_compute_agent: {get_param: CeilometerComputeAgent} ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} neutron_flat_networks: str_replace: @@ -692,7 +679,6 @@ resources: rabbit_password: {get_param: RabbitPassword} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} - timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 36f9b4f8..27fbdec0 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -11,12 +11,11 @@ parameters: servers: type: json NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - StepConfig: - type: string - description: Config manifests that will be used to step through the deployment. - default: '' + type: json + description: Value which changes if the node configuration may need to be re-applied + RoleData: + type: json + default: {} resources: @@ -39,7 +38,7 @@ resources: ControllerPuppetConfig: type: OS::TripleO::ControllerConfig properties: - StepConfig: {get_param: StepConfig} + StepConfig: {get_param: [RoleData, step_config]} # Step through a series of Puppet runs using the same manifest. # NOTE: To enable stepping through the deployments via heat hooks, diff --git a/puppet/controller.yaml b/puppet/controller.yaml index ae1ef49a..e9833b4c 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -8,18 +8,12 @@ parameters: description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true - AodhApiVirtualIP: - type: string - default: '' AodhPassword: description: The password for the aodh services. type: string hidden: true #TODO(composable Redis): Remove the Redis password param #As is used by ceilometer - CeilometerApiVirtualIP: - type: string - default: '' CeilometerBackend: default: 'mongodb' description: The ceilometer backend type. @@ -42,9 +36,6 @@ parameters: type: string constraints: - allowed_values: ['gnocchi', 'database'] - CinderApiVirtualIP: - type: string - default: '' CeilometerWorkers: default: 0 description: Number of workers for Ceilometer service. @@ -96,10 +87,6 @@ parameters: default: false description: Whether to deploy Ceph Storage (OSD) on the Controller type: boolean - EnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean ExtraConfig: default: {} description: | @@ -154,9 +141,6 @@ parameters: default: 'mysql' description: The short name of the Gnocchi indexer backend to use. type: string - GnocchiApiVirtualIP: - type: string - default: '' GnocchiPassword: description: The password for the gnocchi service and db account. type: string @@ -219,9 +203,6 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean - SaharaApiVirtualIP: - type: string - default: '' MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -268,9 +249,6 @@ parameters: will determine the MTU that is assigned to the VM host through DHCP. default: 1400 type: number - NovaApiVirtualIP: - type: string - default: '' NovaEnableDBPurge: default: true description: | @@ -294,9 +272,6 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string - PublicVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug RabbitCookie: type: string default: '' # Has to be here because of the ignored empty value bug @@ -330,23 +305,11 @@ parameters: type: string default: '' # Has to be here because of the ignored empty value bug description: An IP address which is wrapped in brackets in case of IPv6 - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true SwiftHashSuffix: description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true type: string - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean SwiftMinPartHours: type: number default: 1 @@ -359,36 +322,17 @@ parameters: default: true description: Whether to manage Swift rings or not type: boolean - SwiftProxyVirtualIP: - type: string - default: '' SwiftReplicas: type: number default: 3 description: How many replicas to use in the swift rings. - TimeZone: - default: 'UTC' - description: The timezone to be set on controller nodes. - type: string UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level default: '' - VirtualIP: # DEPRECATED: use per service settings instead - type: string - default: '' # Has to be here because of the ignored empty value bug - HeatApiVirtualIP: - type: string - default: '' - HeatApiVirtualIPUri: - type: string - default: '' MysqlVirtualIP: type: string default: '' - NeutronApiVirtualIP: - type: string - default: '' EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -632,7 +576,6 @@ resources: enable_galera: {get_param: EnableGalera} enable_load_balancer: {get_param: EnableLoadBalancer} enable_ceph_storage: {get_param: EnableCephStorage} - enable_swift_storage: {get_param: EnableSwiftStorage} manage_firewall: {get_param: ManageFirewall} purge_firewall_rules: {get_param: PurgeFirewallRules} mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} @@ -705,8 +648,7 @@ resources: ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]} ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]} ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} @@ -742,7 +684,6 @@ resources: rabbit_cookie: {get_param: RabbitCookie} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} - timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} @@ -750,7 +691,6 @@ resources: swift_ring_build: {get_param: SwiftRingBuild} swift_replicas: {get_param: SwiftReplicas} swift_min_part_hours: {get_param: SwiftMinPartHours} - swift_mount_check: {get_param: SwiftMountCheck} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} @@ -792,6 +732,7 @@ resources: ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles ControllerConfig: @@ -874,7 +815,6 @@ resources: tripleo::ringbuilder::part_power: {get_input: swift_part_power} tripleo::ringbuilder::replicas: {get_input: swift_replicas} tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} - swift_mount_check: {get_input: swift_mount_check} # Cinder tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} @@ -912,7 +852,6 @@ resources: admin_password: {get_input: admin_password} enable_galera: {get_input: enable_galera} enable_ceph_storage: {get_input: enable_ceph_storage} - enable_swift_storage: {get_input: enable_swift_storage} mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} mysql_max_connections: {get_input: mysql_max_connections} mysql::server::root_password: {get_input: mysql_root_password} @@ -946,7 +885,7 @@ resources: ceilometer::api::auth_uri: {get_input: keystone_auth_uri} ceilometer::api::identity_uri: {get_input: keystone_identity_uri} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} - ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri} + ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url} ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events} ceilometer::db::mysql::password: {get_input: ceilometer_password} @@ -1057,7 +996,6 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - timezone::timezone: {get_input: timezone} control_virtual_interface: {get_input: control_virtual_interface} public_virtual_interface: {get_input: public_virtual_interface} tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index 2d928cbf..62728332 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -6,8 +6,6 @@ nova::notification_driver: messagingv2 nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' -nova::compute::libvirt::migration_support: true - nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" nova::network::neutron::neutron_auth_type: 'v3password' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 7db2b5de..f84f7049 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -212,6 +212,7 @@ tripleo::firewall::firewall_rules: - 26379 '109 rabbitmq': dport: + - 4369 - 5672 - 35672 '110 ceph': diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml index f2c95de6..9cbff586 100644 --- a/puppet/hieradata/database.yaml +++ b/puppet/hieradata/database.yaml @@ -53,6 +53,14 @@ heat::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" +# Ironic +ironic::db::mysql::user: ironic +ironic::db::mysql::host: "%{hiera('mysql_virtual_ip')}" +ironic::db::mysql::dbname: ironic +ironic::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + # Ceilometer ceilometer::db::mysql::user: ceilometer ceilometer::db::mysql::host: "%{hiera('mysql_virtual_ip')}" diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index e69353b0..2169002e 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -22,8 +22,6 @@ if hiera('step') >= 1 { create_resources(sysctl::value, hiera('sysctl_settings'), {}) Exec <| tag == 'kmod::load' |> -> Sysctl <| |> - include ::timezone - } if hiera('step') >= 3 { @@ -54,5 +52,7 @@ if hiera('step') >= 3 { include ::ceph::profile::osd hiera_include('ceph_classes') - package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present} } + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index da84927e..1ec376b1 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -20,23 +20,8 @@ create_resources(kmod::load, hiera('kernel_modules'), { }) create_resources(sysctl::value, hiera('sysctl_settings'), { }) Exec <| tag == 'kmod::load' |> -> Sysctl <| |> -include ::timezone - if hiera('step') >= 4 { - file { ['/etc/libvirt/qemu/networks/autostart/default.xml', - '/etc/libvirt/qemu/networks/default.xml']: - ensure => absent, - before => Service['libvirt'], - } - # in case libvirt has been already running before the Puppet run, make - # sure the default network is destroyed - exec { 'libvirt-default-net-destroy': - command => '/usr/bin/virsh net-destroy default', - onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"', - before => Service['libvirt'], - } - # When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique exec { 'reset-iscsi-initiator-name': command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi', @@ -60,12 +45,6 @@ if hiera('step') >= 4 { } include ::ceph::conf include ::ceph::profile::client - - $client_keys = hiera('ceph::profile::params::client_keys') - $client_user = join(['client.', hiera('tripleo::profile::base::cinder::volume::rbd::cinder_rbd_user_name')]) - class { '::nova::compute::rbd': - libvirt_rbd_secret_key => $client_keys[$client_user]['secret'], - } } if hiera('cinder_enable_nfs_backend', false) { @@ -79,24 +58,7 @@ if hiera('step') >= 4 { package { 'nfs-utils': } -> Service['nova-compute'] } - if str2bool(hiera('nova::use_ipv6', false)) { - $vncserver_listen = '::0' - } else { - $vncserver_listen = '0.0.0.0' - } - - if $rbd_ephemeral_storage { - class { '::nova::compute::libvirt': - libvirt_disk_cachemodes => ['network=writeback'], - libvirt_hw_disk_discard => 'unmap', - vncserver_listen => $vncserver_listen, - } - } else { - class { '::nova::compute::libvirt' : - vncserver_listen => $vncserver_listen, - } - } - + # TODO(emilien): figure if we *really* need those 2 parameters: nova_config { 'DEFAULT/my_ip': value => $ipaddress; 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; @@ -108,7 +70,7 @@ if hiera('step') >= 4 { content => hiera('midonet_libvirt_qemu_data') } } - include ::nova::network::neutron + include ::neutron include ::neutron::config @@ -194,17 +156,8 @@ if hiera('step') >= 4 { include ::ceilometer::agent::compute include ::ceilometer::agent::auth - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('compute_classes') - package_manifest{ '/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present } - } + +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 628856e6..d8166f20 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -28,8 +28,6 @@ if hiera('step') >= 1 { if hiera('step') >= 2 { - include ::timezone - # MongoDB if downcase(hiera('ceilometer_backend')) == 'mongodb' { # NOTE(gfidente): We need to pass the list of IPv6 addresses *with* port and @@ -215,24 +213,6 @@ if hiera('step') >= 4 { } } - # swift storage - if str2bool(hiera('enable_swift_storage', true)) { - class { '::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')), - } - if(!defined(File['/srv/node'])) { - file { '/srv/node': - ensure => directory, - owner => 'swift', - group => 'swift', - require => Package['openstack-swift'], - } - } - $swift_components = ['account', 'container', 'object'] - swift::storage::filter::recon { $swift_components : } - swift::storage::filter::healthcheck { $swift_components : } - } - # Ceilometer $ceilometer_backend = downcase(hiera('ceilometer_backend')) case $ceilometer_backend { @@ -312,16 +292,6 @@ if hiera('step') >= 4 { default: { fail('Unrecognized gnocchi_backend parameter.') } } - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('controller_classes') } #END STEP 4 diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 9bb40fca..9f636ddd 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -57,8 +57,6 @@ if hiera('step') >= 1 { create_resources(sysctl::value, hiera('sysctl_settings'), {}) Exec <| tag == 'kmod::load' |> -> Sysctl <| |> - include ::timezone - $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G')) $corosync_ipv6 = str2bool(hiera('corosync_ipv6', false)) if $corosync_ipv6 { @@ -409,36 +407,6 @@ MYSQL_HOST=localhost\n", } } - # swift storage - if str2bool(hiera('enable_swift_storage', true)) { - class {'::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')), - } - class {'::swift::storage::account': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - } - class {'::swift::storage::container': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - } - class {'::swift::storage::object': - manage_service => $non_pcmk_start, - enabled => $non_pcmk_start, - } - if(!defined(File['/srv/node'])) { - file { '/srv/node': - ensure => directory, - owner => 'swift', - group => 'swift', - require => Package['openstack-swift'], - } - } - $swift_components = ['account', 'container', 'object'] - swift::storage::filter::recon { $swift_components : } - swift::storage::filter::healthcheck { $swift_components : } - } - # Ceilometer case downcase(hiera('ceilometer_backend')) { /mysql/: { @@ -564,16 +532,6 @@ MYSQL_HOST=localhost\n", enabled => false, } - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('controller_classes') } #END STEP 4 diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 4fca8f5f..418c56e6 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -20,39 +20,11 @@ if hiera('step') >= 1 { create_resources(kmod::load, hiera('kernel_modules'), {}) create_resources(sysctl::value, hiera('sysctl_settings'), {}) Exec <| tag == 'kmod::load' |> -> Sysctl <| |> - - include ::timezone - } if hiera('step') >= 4 { - class { '::swift::storage::all': - mount_check => str2bool(hiera('swift_mount_check')), - } - if(!defined(File['/srv/node'])) { - file { '/srv/node': - ensure => directory, - owner => 'swift', - group => 'swift', - require => Package['openstack-swift'], - } - } - - $swift_components = ['account', 'container', 'object'] - swift::storage::filter::recon { $swift_components : } - swift::storage::filter::healthcheck { $swift_components : } - - $snmpd_user = hiera('snmpd_readonly_user_name') - snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), - } - class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], - } - hiera_include('object_classes') } -package_manifest{'/var/lib/tripleo/installed-packages/overcloud_object': ensure => present} +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 134dc43b..7fc27d60 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -16,46 +16,49 @@ include ::tripleo::packages include ::tripleo::firewall -create_resources(kmod::load, hiera('kernel_modules'), {}) -create_resources(sysctl::value, hiera('sysctl_settings'), {}) -Exec <| tag == 'kmod::load' |> -> Sysctl <| |> +if hiera('step') >= 1 { + + create_resources(kmod::load, hiera('kernel_modules'), {}) + create_resources(sysctl::value, hiera('sysctl_settings'), {}) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> -if count(hiera('ntp::servers')) > 0 { - include ::ntp } -include ::timezone +if hiera('step') >= 4 { -include ::cinder -include ::cinder::config -include ::cinder::glance -include ::cinder::volume -include ::cinder::setup_test_volume + include ::cinder + include ::cinder::config + include ::cinder::glance + include ::cinder::volume + include ::cinder::setup_test_volume -$cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true) -if $cinder_enable_iscsi { - $cinder_iscsi_backend = 'tripleo_iscsi' + $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true) + if $cinder_enable_iscsi { + $cinder_iscsi_backend = 'tripleo_iscsi' - cinder::backend::iscsi { $cinder_iscsi_backend : - iscsi_ip_address => hiera('cinder_iscsi_ip_address'), - iscsi_helper => hiera('cinder_iscsi_helper'), + cinder::backend::iscsi { $cinder_iscsi_backend : + iscsi_ip_address => hiera('cinder_iscsi_ip_address'), + iscsi_helper => hiera('cinder_iscsi_helper'), + } } -} -$cinder_enabled_backends = any2array($cinder_iscsi_backend) -class { '::cinder::backends' : - enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), -} + $cinder_enabled_backends = any2array($cinder_iscsi_backend) + class { '::cinder::backends' : + enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')), + } -$snmpd_user = hiera('snmpd_readonly_user_name') -snmp::snmpv3_user { $snmpd_user: - authtype => 'MD5', - authpass => hiera('snmpd_readonly_user_password'), -} -class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + $snmpd_user = hiera('snmpd_readonly_user_name') + snmp::snmpv3_user { $snmpd_user: + authtype => 'MD5', + authpass => hiera('snmpd_readonly_user_password'), + } + class { '::snmp': + agentaddress => ['udp:161','udp6:[::1]:161'], + snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + } + + hiera_include('volume_classes') } -hiera_include('volume_classes') -package_manifest{'/var/lib/tripleo/installed-packages/overcloud_volume': ensure => present} +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')]) +package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml new file mode 100644 index 00000000..e1626d5b --- /dev/null +++ b/puppet/services/ironic-api.yaml @@ -0,0 +1,43 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Ironic API configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + +resources: + IronicBase: + type: ./ironic-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Ironic API role. + value: + config_settings: + map_merge: + - get_attr: [IronicBase, role_data, config_settings] + # NOTE(dtantsur): the my_ip parameter is heavily overloaded in + # ironic. It's used as a default value for e.g. TFTP server IP, + # glance and neutron endpoints, virtual console IP. We override + # the TFTP server IP in ironic-conductor.yaml as it should not be + # the VIP, but rather a real IP of the controller. + - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} + ironic::api::admin_password: {get_param: IronicPassword} + ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} + ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} + ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]} + ironic::keystone::auth::password: {get_param: IronicPassword } + + step_config: | + include ::tripleo::profile::base::ironic::api diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml new file mode 100644 index 00000000..0eaa53cb --- /dev/null +++ b/puppet/services/ironic-base.yaml @@ -0,0 +1,64 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Ironic services configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + RabbitUserName: + default: guest + description: The username for RabbitMQ + type: string + RabbitPassword: + description: The password for RabbitMQ + type: string + hidden: true + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + +outputs: + role_data: + description: Role data for the Ironic role. + value: + config_settings: + ironic_dsn: &ironic_dsn + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://ironic:' + - {get_param: IronicPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/ironic' + ironic::admin_tenant_name: 'service' + ironic::database_connection: *ironic_dsn + ironic::debug: {get_param: Debug} + ironic::rabbit_userid: {get_param: RabbitUserName} + ironic::rabbit_password: {get_param: RabbitPassword} + ironic::rabbit_port: {get_param: RabbitClientPort} + ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL} + ironic::db::mysql::password: {get_param: IronicPassword} + ironic::keystone::auth::tenant: 'service' + + step_config: | + include ::tripleo::profile::base::ironic diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml new file mode 100644 index 00000000..3fb3d9fd --- /dev/null +++ b/puppet/services/ironic-conductor.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Ironic conductor configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicEnabledDrivers: + default: ['pxe_ipmitool', 'agent_ipmitool'] + description: Enabled Ironic drivers + type: comma_delimited_list + +resources: + IronicBase: + type: ./ironic-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Ironic conductor role. + value: + config_settings: + map_merge: + - get_attr: [IronicBase, role_data, config_settings] + - ironic::enabled_drivers: {get_param: IronicEnabledDrivers} + # Prevent tftp_server from defaulting to my_ip setting, which is + # controller VIP, not a real IP. + ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} + + step_config: | + include ::tripleo::profile::base::ironic::conductor diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 0844aa85..679586f7 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -16,10 +16,18 @@ resources: outputs: role_data: - description: Role data for the Nova Conductor service. + description: Role data for the Nova Compute service. value: config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] + - nova::compute::libvirt::manage_libvirt_services: false + # we manage migration in nova common puppet profile + nova::compute::libvirt::migration_support: false + tripleo::profile::base::nova::manage_migration: true + tripleo::profile::base::nova::nova_compute_enabled: true step_config: | - include tripleo::profile::base::nova::compute + # TODO(emilien): figure how to deal with libvirt profile. + # We'll probably threat it like we do with Neutron plugins. + # Until then, just include it in the default nova-compute role. + include tripleo::profile::base::nova::compute::libvirt diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml new file mode 100644 index 00000000..e3309c32 --- /dev/null +++ b/puppet/services/nova-libvirt.yaml @@ -0,0 +1,31 @@ +heat_template_version: 2016-04-08 + +description: > + Libvirt service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + NovaBase: + type: ./nova-base.yaml + +outputs: + role_data: + description: Role data for the Libvirt service. + value: + config_settings: + map_merge: + - get_attr: [NovaBase, role_data, config_settings] + # we include ::nova::compute::libvirt::services in nova/libvirt profile + - nova::compute::libvirt::manage_libvirt_services: false + # we manage migration in nova common puppet profile + nova::compute::libvirt::migration_support: false + tripleo::profile::base::nova::manage_migration: true + tripleo::profile::base::nova::libvirt_enabled: true + step_config: | + include tripleo::profile::base::nova::libvirt diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 581b4ba4..3688c4a8 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -18,7 +18,7 @@ parameters: type: string hidden: true RabbitFDLimit: - default: 16384 + default: 65536 description: Configures RabbitMQ FD limit type: string RabbitIPv6: diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index 7ed880fc..91f0e049 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -27,9 +27,8 @@ resources: EndpointMap: {get_param: EndpointMap} outputs: - config_settings: - description: Configuration settings. - value: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} - step_config: - description: Step configuration. - value: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]} + role_data: + description: Combined Role data for this set of services. + value: + config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} + step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]} diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml new file mode 100644 index 00000000..24ee2933 --- /dev/null +++ b/puppet/services/snmp.yaml @@ -0,0 +1,31 @@ +heat_template_version: 2016-04-08 + +description: > + SNMP client configured with Puppet, to facilitate Ceilometer Hardware + monitoring in the undercloud. This service is required to enable hardware + monitoring. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + SnmpdReadonlyUserName: + default: ro_snmp_user + description: The user name for SNMPd with readonly rights running on all Overcloud nodes + type: string + SnmpdReadonlyUserPassword: + description: The user password for SNMPd with readonly rights running on all Overcloud nodes + type: string + hidden: true + +outputs: + role_data: + description: Role data for the SNMP services + value: + config_settings: + snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} + snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + step_config: | + include ::tripleo::profile::base::snmp diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml new file mode 100644 index 00000000..980c95f5 --- /dev/null +++ b/puppet/services/swift-storage.yaml @@ -0,0 +1,44 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Swift Storage service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + SwiftMountCheck: + default: false + description: Value of mount_check in Swift account/container/object -server.conf + type: boolean + + # DEPRECATED options for compatibility with overcloud.yaml + # This should be removed and manipulation of the ControllerServices list + # used instead, but we need client support for that first + ControllerEnableSwiftStorage: + default: true + description: Whether to enable Swift Storage on the Controller + type: boolean + +parameter_groups: +- label: deprecated + description: Do not use deprecated params, they will be removed. + parameters: + - ControllerEnableSwiftStorage + +outputs: + role_data: + description: Role data for the Swift Proxy role. + value: + config_settings: + # Swift + swift::storage::all::mount_check: {get_param: SwiftMountCheck} + tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage} + step_config: | + include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml new file mode 100644 index 00000000..13fda986 --- /dev/null +++ b/puppet/services/time/timezone.yaml @@ -0,0 +1,24 @@ +heat_template_version: 2016-04-08 + +description: > + Composable Timezone service + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + TimeZone: + default: 'UTC' + description: The timezone to be set on the overcloud. + type: string + +outputs: + role_data: + description: Timezone role using composable services. + value: + config_settings: + timezone::timezone: {get_param: TimeZone} + step_config: | + include ::timezone diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index 1aba2bb4..b873d923 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -9,12 +9,11 @@ parameters: servers: type: json NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - StepConfig: - type: string - description: Config manifests that will be used to step through the deployment. - default: '' + type: json + description: Value which changes if the node configuration may need to be re-applied + RoleData: + type: json + default: {} resources: @@ -46,7 +45,7 @@ resources: - '' - - get_file: manifests/overcloud_object.pp - get_file: manifests/ringbuilder.pp - - {get_param: StepConfig} + - {get_param: [RoleData, step_config]} StorageRingbuilderDeployment_Step2: type: OS::Heat::StructuredDeployments diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 30f7657b..22e2b4a3 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -18,10 +18,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - MountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean MinPartHours: type: number default: 1 @@ -61,10 +57,6 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json - TimeZone: - default: 'UTC' - description: The timezone to be set on Ceph nodes. - type: string Hostname: type: string default: '' # Defaults to Heat created hostname @@ -286,9 +278,7 @@ resources: tripleo::ringbuilder::part_power: { get_input: swift_part_power } tripleo::ringbuilder::replicas: {get_input: swift_replicas } swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } - timezone::timezone: {get_input: timezone} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_install: {get_input: enable_package_install} @@ -307,12 +297,10 @@ resources: snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} swift_hash_suffix: {get_param: HashSuffix} - swift_mount_check: {get_param: MountCheck} swift_min_part_hours: {get_param: MinPartHours} swift_ring_build: {get_param: RingBuild} swift_part_power: {get_param: PartPower} swift_replicas: { get_param: Replicas} - timezone: {get_param: TimeZone} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 92234b6c..51129053 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -37,6 +37,7 @@ resources: internal_api_virtual_ip: {get_input: internal_api_virtual_ip} storage_virtual_ip: {get_input: storage_virtual_ip} storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} + ironic_api_vip: {get_input: ironic_api_vip} # public_virtual_ip and controller_virtual_ip are needed in # both HAproxy & keepalived. tripleo::haproxy::public_virtual_ip: {get_input: public_virtual_ip} |