aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.rst2
-rw-r--r--all-nodes-validation.yaml2
-rw-r--r--bootstrap-config.yaml2
-rw-r--r--ci/common/net-config-multinode-os-net-config.yaml2
-rw-r--r--ci/common/net-config-multinode.yaml2
-rw-r--r--ci/environments/multinode-containers.yaml70
-rw-r--r--ci/environments/multinode-core.yaml2
-rw-r--r--ci/environments/scenario001-multinode.yaml1
-rw-r--r--ci/environments/scenario002-multinode.yaml1
-rw-r--r--ci/environments/scenario004-multinode.yaml8
-rw-r--r--ci/pingtests/scenario001-multinode.yaml2
-rw-r--r--ci/pingtests/scenario002-multinode.yaml2
-rw-r--r--ci/pingtests/scenario003-multinode.yaml2
-rw-r--r--ci/pingtests/scenario004-multinode.yaml4
-rw-r--r--ci/pingtests/tenantvm_floatingip.yaml2
-rw-r--r--default_passwords.yaml2
-rw-r--r--deployed-server/ctlplane-port.yaml2
-rw-r--r--deployed-server/deployed-neutron-port.yaml2
-rw-r--r--deployed-server/deployed-server-bootstrap-centos.yaml2
-rw-r--r--deployed-server/deployed-server-bootstrap-rhel.yaml2
-rw-r--r--deployed-server/deployed-server.yaml2
-rw-r--r--docker/create-config-dir.sh6
-rw-r--r--docker/docker-steps.j2158
-rw-r--r--docker/firstboot/setup_docker_host.yaml2
-rw-r--r--docker/services/aodh-api.yaml3
-rw-r--r--docker/services/containers-common.yaml4
-rw-r--r--docker/services/database/mongodb.yaml2
-rw-r--r--docker/services/database/mysql.yaml2
-rw-r--r--docker/services/database/redis.yaml2
-rw-r--r--docker/services/etcd.yaml2
-rw-r--r--docker/services/glance-api.yaml4
-rw-r--r--docker/services/gnocchi-api.yaml3
-rw-r--r--docker/services/heat-api-cfn.yaml2
-rw-r--r--docker/services/heat-api.yaml2
-rw-r--r--docker/services/heat-engine.yaml3
-rw-r--r--docker/services/ironic-api.yaml3
-rw-r--r--docker/services/keystone.yaml7
-rw-r--r--docker/services/mistral-api.yaml6
-rw-r--r--docker/services/neutron-api.yaml9
-rw-r--r--docker/services/neutron-plugin-ml2.yaml2
-rw-r--r--docker/services/nova-api.yaml25
-rw-r--r--docker/services/nova-libvirt.yaml21
-rw-r--r--docker/services/nova-metadata.yaml2
-rw-r--r--docker/services/pacemaker/database/mysql.yaml180
-rw-r--r--docker/services/pacemaker/rabbitmq.yaml159
-rw-r--r--docker/services/panko-api.yaml3
-rw-r--r--docker/services/services.yaml2
-rw-r--r--docker/services/swift-proxy.yaml2
-rw-r--r--docker/services/swift-ringbuilder.yaml2
-rw-r--r--environments/cinder-dellsc-config.yaml10
-rw-r--r--environments/contrail/contrail-nic-config-compute.yaml2
-rw-r--r--environments/disable-telemetry.yaml20
-rw-r--r--environments/docker-services-tls-everywhere.yaml1
-rw-r--r--environments/docker.yaml9
-rw-r--r--environments/hyperconverged-ceph.yaml1
-rw-r--r--environments/low-memory-usage.yaml2
-rw-r--r--environments/neutron-l2gw-opendaylight.yaml18
-rw-r--r--environments/neutron-linuxbridge.yaml8
-rw-r--r--environments/neutron-ovs-dpdk.yaml2
-rw-r--r--environments/puppet-ceph-devel.yaml2
-rw-r--r--environments/services-docker/zaqar.yaml1
-rw-r--r--environments/services/ceilometer-collector.yaml1
-rw-r--r--environments/services/ironic.yaml1
-rw-r--r--environments/services/zaqar.yaml1
-rw-r--r--environments/tls-endpoints-public-dns.yaml3
-rw-r--r--environments/tls-endpoints-public-ip.yaml3
-rw-r--r--environments/tls-everywhere-endpoints-dns.yaml3
-rw-r--r--extraconfig/all_nodes/mac_hostname.j2.yaml2
-rw-r--r--extraconfig/all_nodes/random_string.j2.yaml2
-rw-r--r--extraconfig/all_nodes/swap-partition.j2.yaml2
-rw-r--r--extraconfig/all_nodes/swap.j2.yaml2
-rw-r--r--extraconfig/nova_metadata/krb-service-principals.yaml2
-rw-r--r--extraconfig/post_deploy/default.yaml2
-rw-r--r--extraconfig/post_deploy/example.yaml2
-rw-r--r--extraconfig/post_deploy/example_run_on_update.yaml2
-rw-r--r--extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml2
-rw-r--r--extraconfig/pre_network/config_then_reboot.yaml2
-rw-r--r--extraconfig/pre_network/host_config_and_reboot.role.j2.yaml2
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker.j2.yaml2
-rw-r--r--extraconfig/tasks/post_puppet_pacemaker_restart.yaml2
-rw-r--r--extraconfig/tasks/pre_puppet_pacemaker.yaml2
-rw-r--r--extraconfig/tasks/ssh/host_public_key.yaml2
-rw-r--r--extraconfig/tasks/ssh/known_hosts_config.yaml2
-rw-r--r--extraconfig/tasks/yum_update.yaml2
-rw-r--r--extraconfig/tasks/yum_update_noop.yaml2
-rw-r--r--firstboot/install_vrouter_kmod.yaml2
-rw-r--r--firstboot/os-net-config-mappings.yaml2
-rw-r--r--firstboot/userdata_default.yaml2
-rw-r--r--firstboot/userdata_dev_rsync.yaml2
-rw-r--r--firstboot/userdata_example.yaml2
-rw-r--r--firstboot/userdata_heat_admin.yaml2
-rw-r--r--firstboot/userdata_root_password.yaml2
-rw-r--r--hosts-config.yaml2
-rw-r--r--net-config-bond.yaml2
-rw-r--r--net-config-bridge.yaml2
-rw-r--r--net-config-linux-bridge.yaml2
-rw-r--r--net-config-noop.yaml2
-rw-r--r--net-config-static-bridge-with-external-dhcp.yaml2
-rw-r--r--net-config-static-bridge.yaml2
-rw-r--r--net-config-static.yaml2
-rw-r--r--net-config-undercloud.yaml2
-rw-r--r--network/config/bond-with-vlans/ceph-storage.yaml2
-rw-r--r--network/config/bond-with-vlans/cinder-storage.yaml2
-rw-r--r--network/config/bond-with-vlans/compute-dpdk.yaml2
-rw-r--r--network/config/bond-with-vlans/compute.yaml2
-rw-r--r--network/config/bond-with-vlans/controller-no-external.yaml2
-rw-r--r--network/config/bond-with-vlans/controller-v6.yaml2
-rw-r--r--network/config/bond-with-vlans/controller.yaml2
-rw-r--r--network/config/bond-with-vlans/swift-storage.yaml2
-rw-r--r--network/config/multiple-nics/ceph-storage.yaml2
-rw-r--r--network/config/multiple-nics/cinder-storage.yaml2
-rw-r--r--network/config/multiple-nics/compute-dvr.yaml2
-rw-r--r--network/config/multiple-nics/compute.yaml2
-rw-r--r--network/config/multiple-nics/controller-v6.yaml2
-rw-r--r--network/config/multiple-nics/controller.yaml2
-rw-r--r--network/config/multiple-nics/swift-storage.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/compute.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/controller-v6.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/controller.yaml2
-rw-r--r--network/config/single-nic-linux-bridge-vlans/swift-storage.yaml2
-rw-r--r--network/config/single-nic-vlans/ceph-storage.yaml2
-rw-r--r--network/config/single-nic-vlans/cinder-storage.yaml2
-rw-r--r--network/config/single-nic-vlans/compute.yaml2
-rw-r--r--network/config/single-nic-vlans/controller-no-external.yaml2
-rw-r--r--network/config/single-nic-vlans/controller-v6.yaml2
-rw-r--r--network/config/single-nic-vlans/controller.yaml2
-rw-r--r--network/config/single-nic-vlans/swift-storage.yaml2
-rwxr-xr-xnetwork/endpoints/build_endpoint_map.py2
-rw-r--r--network/endpoints/endpoint_data.yaml9
-rw-r--r--network/endpoints/endpoint_map.yaml248
-rw-r--r--network/external.yaml2
-rw-r--r--network/external_v6.yaml2
-rw-r--r--network/internal_api.yaml2
-rw-r--r--network/internal_api_v6.yaml2
-rw-r--r--network/management.yaml2
-rw-r--r--network/management_v6.yaml2
-rw-r--r--network/networks.j2.yaml2
-rw-r--r--network/ports/ctlplane_vip.yaml2
-rw-r--r--network/ports/external.yaml2
-rw-r--r--network/ports/external_from_pool.yaml2
-rw-r--r--network/ports/external_from_pool_v6.yaml2
-rw-r--r--network/ports/external_v6.yaml2
-rw-r--r--network/ports/from_service.yaml2
-rw-r--r--network/ports/from_service_v6.yaml2
-rw-r--r--network/ports/internal_api.yaml2
-rw-r--r--network/ports/internal_api_from_pool.yaml2
-rw-r--r--network/ports/internal_api_from_pool_v6.yaml2
-rw-r--r--network/ports/internal_api_v6.yaml2
-rw-r--r--network/ports/management.yaml2
-rw-r--r--network/ports/management_from_pool.yaml2
-rw-r--r--network/ports/management_from_pool_v6.yaml2
-rw-r--r--network/ports/management_v6.yaml2
-rw-r--r--network/ports/net_ip_list_map.yaml2
-rw-r--r--network/ports/net_ip_map.yaml2
-rw-r--r--network/ports/net_vip_map_external.yaml2
-rw-r--r--network/ports/net_vip_map_external_v6.yaml2
-rw-r--r--network/ports/noop.yaml2
-rw-r--r--network/ports/storage.yaml2
-rw-r--r--network/ports/storage_from_pool.yaml2
-rw-r--r--network/ports/storage_from_pool_v6.yaml2
-rw-r--r--network/ports/storage_mgmt.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool.yaml2
-rw-r--r--network/ports/storage_mgmt_from_pool_v6.yaml2
-rw-r--r--network/ports/storage_mgmt_v6.yaml2
-rw-r--r--network/ports/storage_v6.yaml2
-rw-r--r--network/ports/tenant.yaml2
-rw-r--r--network/ports/tenant_from_pool.yaml2
-rw-r--r--network/ports/tenant_from_pool_v6.yaml2
-rw-r--r--network/ports/tenant_v6.yaml2
-rw-r--r--network/ports/vip.yaml2
-rw-r--r--network/ports/vip_v6.yaml2
-rw-r--r--network/service_net_map.j2.yaml3
-rw-r--r--network/storage.yaml2
-rw-r--r--network/storage_mgmt.yaml2
-rw-r--r--network/storage_mgmt_v6.yaml2
-rw-r--r--network/storage_v6.yaml2
-rw-r--r--network/tenant.yaml2
-rw-r--r--network/tenant_v6.yaml2
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml9
-rw-r--r--overcloud.j2.yaml91
-rw-r--r--puppet/all-nodes-config.yaml2
-rw-r--r--puppet/blockstorage-role.yaml21
-rw-r--r--puppet/cephstorage-role.yaml21
-rw-r--r--puppet/compute-role.yaml23
-rw-r--r--puppet/config.role.j2.yaml2
-rw-r--r--puppet/controller-role.yaml22
-rw-r--r--puppet/deploy-artifacts.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/multiple.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/default.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/per_node.yaml2
-rw-r--r--puppet/extraconfig/tls/ca-inject.yaml2
-rw-r--r--puppet/extraconfig/tls/freeipa-enroll.yaml2
-rw-r--r--puppet/extraconfig/tls/tls-cert-inject.yaml2
-rw-r--r--puppet/major_upgrade_steps.j2.yaml2
-rw-r--r--puppet/objectstorage-role.yaml21
-rw-r--r--puppet/post-upgrade.j2.yaml2
-rw-r--r--puppet/post.j2.yaml2
-rw-r--r--puppet/role.role.j2.yaml21
-rw-r--r--puppet/services/aodh-api.yaml2
-rw-r--r--puppet/services/aodh-evaluator.yaml2
-rw-r--r--puppet/services/aodh-listener.yaml2
-rw-r--r--puppet/services/aodh-notifier.yaml2
-rw-r--r--puppet/services/apache.yaml2
-rw-r--r--puppet/services/auditd.yaml2
-rw-r--r--puppet/services/ca-certs.yaml2
-rw-r--r--puppet/services/ceilometer-agent-central.yaml2
-rw-r--r--puppet/services/ceilometer-agent-compute.yaml2
-rw-r--r--puppet/services/ceilometer-agent-ipmi.yaml2
-rw-r--r--puppet/services/ceilometer-agent-notification.yaml2
-rw-r--r--puppet/services/ceilometer-api.yaml2
-rw-r--r--puppet/services/ceilometer-base.yaml2
-rw-r--r--puppet/services/ceilometer-expirer.yaml2
-rw-r--r--puppet/services/ceph-base.yaml3
-rw-r--r--puppet/services/ceph-client.yaml2
-rw-r--r--puppet/services/ceph-external.yaml2
-rw-r--r--puppet/services/ceph-mds.yaml2
-rw-r--r--puppet/services/ceph-mon.yaml8
-rw-r--r--puppet/services/ceph-osd.yaml2
-rw-r--r--puppet/services/ceph-rgw.yaml2
-rw-r--r--puppet/services/certmonger-user.yaml2
-rw-r--r--puppet/services/cinder-api.yaml2
-rw-r--r--puppet/services/cinder-backend-dellps.yaml2
-rw-r--r--puppet/services/cinder-backend-dellsc.yaml18
-rw-r--r--puppet/services/cinder-backend-netapp.yaml2
-rw-r--r--puppet/services/cinder-backend-pure.yaml2
-rw-r--r--puppet/services/cinder-backend-scaleio.yaml2
-rw-r--r--puppet/services/cinder-backup.yaml2
-rw-r--r--puppet/services/cinder-hpelefthand-iscsi.yaml2
-rw-r--r--puppet/services/cinder-scheduler.yaml2
-rw-r--r--puppet/services/cinder-volume.yaml2
-rw-r--r--puppet/services/database/mongodb-base.yaml2
-rw-r--r--puppet/services/database/mongodb.yaml39
-rw-r--r--puppet/services/database/mysql-client.yaml2
-rw-r--r--puppet/services/database/mysql.yaml2
-rw-r--r--puppet/services/database/redis-base.yaml2
-rw-r--r--puppet/services/database/redis.yaml2
-rw-r--r--puppet/services/disabled/ceilometer-collector-disabled.yaml (renamed from puppet/services/disabled/ceilometer-collector.yaml)2
-rw-r--r--puppet/services/disabled/ceilometer-expirer-disabled.yaml50
-rw-r--r--puppet/services/disabled/glance-registry-disabled.yaml (renamed from puppet/services/disabled/glance-registry.yaml)4
-rw-r--r--puppet/services/disabled/mongodb-disabled.yaml (renamed from puppet/services/disabled/ceilometer-expirer.yaml)20
-rw-r--r--puppet/services/docker.yaml2
-rw-r--r--puppet/services/etcd.yaml2
-rw-r--r--puppet/services/external-swift-proxy.yaml2
-rw-r--r--puppet/services/gnocchi-api.yaml2
-rw-r--r--puppet/services/gnocchi-base.yaml2
-rw-r--r--puppet/services/gnocchi-metricd.yaml2
-rw-r--r--puppet/services/gnocchi-statsd.yaml2
-rw-r--r--puppet/services/haproxy-internal-tls-certmonger.yaml2
-rw-r--r--puppet/services/haproxy-public-tls-certmonger.yaml2
-rw-r--r--puppet/services/heat-api-cfn.yaml2
-rw-r--r--puppet/services/heat-api-cloudwatch.yaml2
-rw-r--r--puppet/services/heat-api.yaml2
-rw-r--r--puppet/services/heat-base.yaml2
-rw-r--r--puppet/services/horizon.yaml9
-rw-r--r--puppet/services/ironic-api.yaml2
-rw-r--r--puppet/services/ironic-conductor.yaml16
-rw-r--r--puppet/services/keepalived.yaml2
-rw-r--r--puppet/services/kernel.yaml4
-rw-r--r--puppet/services/logging/fluentd-base.yaml2
-rw-r--r--puppet/services/logging/fluentd-client.yaml2
-rw-r--r--puppet/services/logging/fluentd-config.yaml2
-rw-r--r--puppet/services/manila-api.yaml2
-rw-r--r--puppet/services/manila-backend-cephfs.yaml2
-rw-r--r--puppet/services/manila-backend-generic.yaml2
-rw-r--r--puppet/services/manila-backend-netapp.yaml2
-rw-r--r--puppet/services/manila-scheduler.yaml2
-rw-r--r--puppet/services/manila-share.yaml2
-rw-r--r--puppet/services/memcached.yaml2
-rw-r--r--puppet/services/metrics/collectd.yaml2
-rw-r--r--puppet/services/mistral-api.yaml46
-rw-r--r--puppet/services/mistral-engine.yaml2
-rw-r--r--puppet/services/mistral-executor.yaml2
-rw-r--r--puppet/services/monitoring/sensu-base.yaml2
-rw-r--r--puppet/services/monitoring/sensu-client.yaml2
-rw-r--r--puppet/services/network/contrail-analytics-database.yaml2
-rw-r--r--puppet/services/network/contrail-analytics.yaml2
-rw-r--r--puppet/services/network/contrail-base.yaml2
-rw-r--r--puppet/services/network/contrail-config.yaml2
-rw-r--r--puppet/services/network/contrail-control.yaml2
-rw-r--r--puppet/services/network/contrail-database.yaml2
-rw-r--r--puppet/services/network/contrail-heat.yaml2
-rw-r--r--puppet/services/network/contrail-neutron-plugin.yaml2
-rw-r--r--puppet/services/network/contrail-provision.yaml2
-rw-r--r--puppet/services/network/contrail-tsn.yaml2
-rw-r--r--puppet/services/network/contrail-vrouter.yaml2
-rw-r--r--puppet/services/network/contrail-webui.yaml2
-rw-r--r--puppet/services/neutron-base.yaml2
-rw-r--r--puppet/services/neutron-bgpvpn-api.yaml2
-rw-r--r--puppet/services/neutron-bigswitch-agent.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-midonet.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-ovn.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-plumgrid.yaml2
-rw-r--r--puppet/services/neutron-dhcp.yaml2
-rw-r--r--puppet/services/neutron-l2gw-api.yaml2
-rw-r--r--puppet/services/neutron-l3-compute-dvr.yaml2
-rw-r--r--puppet/services/neutron-l3.yaml2
-rw-r--r--puppet/services/neutron-linuxbridge-agent.yaml83
-rw-r--r--puppet/services/neutron-metadata.yaml2
-rw-r--r--puppet/services/neutron-midonet.yaml2
-rw-r--r--puppet/services/neutron-ovs-agent.yaml2
-rw-r--r--puppet/services/neutron-ovs-dpdk-agent.yaml43
-rw-r--r--puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml2
-rw-r--r--puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml2
-rw-r--r--puppet/services/neutron-plugin-ml2-odl.yaml2
-rw-r--r--puppet/services/neutron-plugin-ml2-ovn.yaml2
-rw-r--r--puppet/services/neutron-plugin-ml2.yaml2
-rw-r--r--puppet/services/neutron-plugin-nsx.yaml2
-rw-r--r--puppet/services/neutron-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-sriov-agent.yaml2
-rw-r--r--puppet/services/neutron-vpp-agent.yaml2
-rw-r--r--puppet/services/nova-api.yaml2
-rw-r--r--puppet/services/nova-compute.yaml4
-rw-r--r--puppet/services/nova-conductor.yaml2
-rw-r--r--puppet/services/nova-consoleauth.yaml2
-rw-r--r--puppet/services/nova-ironic.yaml2
-rw-r--r--puppet/services/nova-libvirt.yaml2
-rw-r--r--puppet/services/nova-metadata.yaml2
-rw-r--r--puppet/services/nova-placement.yaml2
-rw-r--r--puppet/services/nova-scheduler.yaml2
-rw-r--r--puppet/services/nova-vnc-proxy.yaml2
-rw-r--r--puppet/services/octavia-base.yaml2
-rw-r--r--puppet/services/octavia-health-manager.yaml2
-rw-r--r--puppet/services/octavia-housekeeping.yaml2
-rw-r--r--puppet/services/octavia-worker.yaml2
-rw-r--r--puppet/services/opendaylight-api.yaml2
-rw-r--r--puppet/services/opendaylight-ovs.yaml2
-rw-r--r--puppet/services/openvswitch-upgrade.yaml2
-rw-r--r--puppet/services/ovn-dbs.yaml2
-rw-r--r--puppet/services/pacemaker.yaml2
-rw-r--r--puppet/services/pacemaker/ceph-rbdmirror.yaml2
-rw-r--r--puppet/services/pacemaker/cinder-backup.yaml2
-rw-r--r--puppet/services/pacemaker/cinder-volume.yaml17
-rw-r--r--puppet/services/pacemaker/database/mysql.yaml2
-rw-r--r--puppet/services/pacemaker/database/redis.yaml2
-rw-r--r--puppet/services/pacemaker/haproxy.yaml2
-rw-r--r--puppet/services/pacemaker/manila-share.yaml2
-rw-r--r--puppet/services/pacemaker/rabbitmq.yaml2
-rw-r--r--puppet/services/pacemaker_remote.yaml2
-rw-r--r--puppet/services/panko-api.yaml2
-rw-r--r--puppet/services/qdr.yaml2
-rw-r--r--puppet/services/rabbitmq.yaml2
-rw-r--r--puppet/services/sahara-api.yaml2
-rw-r--r--puppet/services/sahara-engine.yaml2
-rw-r--r--puppet/services/securetty.yaml2
-rw-r--r--puppet/services/services.yaml2
-rw-r--r--puppet/services/snmp.yaml2
-rw-r--r--puppet/services/sshd.yaml2
-rw-r--r--puppet/services/swift-base.yaml2
-rw-r--r--puppet/services/swift-proxy.yaml10
-rw-r--r--puppet/services/swift-ringbuilder.yaml2
-rw-r--r--puppet/services/swift-storage.yaml2
-rw-r--r--puppet/services/time/ntp.yaml2
-rw-r--r--puppet/services/time/timezone.yaml2
-rw-r--r--puppet/services/tripleo-firewall.yaml2
-rw-r--r--puppet/services/tripleo-packages.yaml2
-rw-r--r--puppet/services/vpp.yaml2
-rw-r--r--puppet/services/zaqar.yaml2
-rw-r--r--puppet/upgrade_config.yaml2
-rw-r--r--releasenotes/notes/Disable-mongodb-by-default-cce37d3254a77d27.yaml8
-rw-r--r--releasenotes/notes/add-cadf-environment-0ce0078348c5333f.yaml7
-rw-r--r--releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml6
-rw-r--r--releasenotes/notes/enable-arp_accept-6296b0113bc56b10.yaml9
-rw-r--r--releasenotes/notes/increase-nova-reserved-host-memory-80434e8484a29680.yaml4
-rw-r--r--releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml7
-rw-r--r--releasenotes/notes/redfish-9203af1f7bf02bc5.yaml8
-rw-r--r--releasenotes/notes/server-blacklist-support-370c1a1f15a28a41.yaml6
-rw-r--r--releasenotes/notes/unset-ceph-default-min-size-0297620ed99dab5b.yaml12
-rw-r--r--releasenotes/notes/vhost_default_dir-cac327a0ac05df90.yaml6
-rw-r--r--roles_data.yaml5
-rw-r--r--test-requirements.txt2
379 files changed, 1794 insertions, 517 deletions
diff --git a/README.rst b/README.rst
index 4eed715e..6a753c0f 100644
--- a/README.rst
+++ b/README.rst
@@ -78,6 +78,8 @@ and should be executed according to the following table:
+----------------+-------------+-------------+-------------+-------------+-----------------+
| neutron-bgpvpn | | | | X | |
+----------------+-------------+-------------+-------------+-------------+-----------------+
+| neutron-l2gw | | | | X | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
| rabbitmq | X | X | X | X | X |
+----------------+-------------+-------------+-------------+-------------+-----------------+
| mongodb | X | X | | | |
diff --git a/all-nodes-validation.yaml b/all-nodes-validation.yaml
index 11a5b371..52cd6ac0 100644
--- a/all-nodes-validation.yaml
+++ b/all-nodes-validation.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive validations that occur on all nodes.
diff --git a/bootstrap-config.yaml b/bootstrap-config.yaml
index a3fdee96..8e8a2a7a 100644
--- a/bootstrap-config.yaml
+++ b/bootstrap-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Bootstrap Config'
parameters:
diff --git a/ci/common/net-config-multinode-os-net-config.yaml b/ci/common/net-config-multinode-os-net-config.yaml
index 8c50b641..6f4542bd 100644
--- a/ci/common/net-config-multinode-os-net-config.yaml
+++ b/ci/common/net-config-multinode-os-net-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge configured
diff --git a/ci/common/net-config-multinode.yaml b/ci/common/net-config-multinode.yaml
index dc31235a..f7e250e2 100644
--- a/ci/common/net-config-multinode.yaml
+++ b/ci/common/net-config-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge configured
diff --git a/ci/environments/multinode-containers.yaml b/ci/environments/multinode-containers.yaml
new file mode 100644
index 00000000..89970419
--- /dev/null
+++ b/ci/environments/multinode-containers.yaml
@@ -0,0 +1,70 @@
+# NOTE: This is an environment specific for containers upgrade
+# CI. Mainly we deploy non-pacemakerized overcloud, as at the time
+# being containerization of services managed by pacemaker is not
+# complete, so we deploy and upgrade the non-HA services for now.
+
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
+
+ # NOTE: This is needed because of upgrades from Ocata to Pike. We
+ # deploy the initial environment with Ocata templates, and
+ # overcloud-resource-registry.yaml there doesn't have this Docker
+ # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
+ # remove this.
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Sshd
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ # Required for Centos 7.3 and Qemu 2.6.0
+ nova::compute::libvirt::libvirt_cpu_mode: 'none'
+ #NOTE(gfidente): not great but we need this to deploy on ext4
+ #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
+ ceph::profile::params::osd_max_object_name_len: 256
+ ceph::profile::params::osd_max_object_namespace_len: 64
+ SwiftCeilometerPipelineEnabled: False
+ Debug: True
diff --git a/ci/environments/multinode-core.yaml b/ci/environments/multinode-core.yaml
index 0c07a1b0..b5316f1b 100644
--- a/ci/environments/multinode-core.yaml
+++ b/ci/environments/multinode-core.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Core Service
diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml
index 437d7c37..ad4fa10f 100644
--- a/ci/environments/scenario001-multinode.yaml
+++ b/ci/environments/scenario001-multinode.yaml
@@ -101,6 +101,7 @@ parameter_defaults:
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ CephPoolDefaultSize: 1
NovaEnableRbdBackend: true
CinderEnableRbdBackend: true
CinderBackupBackend: ceph
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml
index e3ecf745..ed0f7e25 100644
--- a/ci/environments/scenario002-multinode.yaml
+++ b/ci/environments/scenario002-multinode.yaml
@@ -8,6 +8,7 @@ resource_registry:
OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::MongoDb: ../../puppet/services/database/mongodb.yaml
OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml
OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
OS::TripleO::Services::Keepalived: OS::Heat::None
diff --git a/ci/environments/scenario004-multinode.yaml b/ci/environments/scenario004-multinode.yaml
index 24fb2bf4..e473d0bb 100644
--- a/ci/environments/scenario004-multinode.yaml
+++ b/ci/environments/scenario004-multinode.yaml
@@ -13,6 +13,8 @@ resource_registry:
OS::TripleO::Services::ManilaShare: ../../puppet/services/pacemaker/manila-share.yaml
OS::TripleO::Services::ManilaBackendCephFs: ../../puppet/services/manila-backend-cephfs.yaml
OS::TripleO::Services::NeutronBgpVpnApi: ../../puppet/services/neutron-bgpvpn-api.yaml
+ OS::TripleO::Services::NeutronL2gwApi: ../../puppet/services/neutron-l2gw-api.yaml
+ OS::TripleO::Services::NeutronL2gwAgent: ../../puppet/services/neutron-l2gw-agent.yaml
# These enable Pacemaker
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
@@ -44,6 +46,8 @@ parameter_defaults:
- OS::TripleO::Services::NeutronBgpVpnApi
- OS::TripleO::Services::NeutronDhcpAgent
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronL2gwApi
+ - OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronServer
- OS::TripleO::Services::NeutronCorePlugin
@@ -86,6 +90,8 @@ parameter_defaults:
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ CephPoolDefaultSize: 1
SwiftCeilometerPipelineEnabled: false
- NeutronServicePlugins: 'router, networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin'
+ NeutronServicePlugins: 'router, networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin, networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin'
BgpvpnServiceProvider: 'BGPVPN:Dummy:networking_bgpvpn.neutron.services.service_drivers.driver_api.BGPVPNDriver:default'
+ L2gwServiceProvider: ['L2GW:l2gw:networking_l2gw.services.l2gateway.service_drivers.L2gwDriver:default']
diff --git a/ci/pingtests/scenario001-multinode.yaml b/ci/pingtests/scenario001-multinode.yaml
index af8f47aa..141a389d 100644
--- a/ci/pingtests/scenario001-multinode.yaml
+++ b/ci/pingtests/scenario001-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HOT template to created resources deployed by scenario001.
diff --git a/ci/pingtests/scenario002-multinode.yaml b/ci/pingtests/scenario002-multinode.yaml
index da1ae60c..72aac4cb 100644
--- a/ci/pingtests/scenario002-multinode.yaml
+++ b/ci/pingtests/scenario002-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HOT template to created resources deployed by scenario002.
diff --git a/ci/pingtests/scenario003-multinode.yaml b/ci/pingtests/scenario003-multinode.yaml
index c3ceadaf..7685cfa0 100644
--- a/ci/pingtests/scenario003-multinode.yaml
+++ b/ci/pingtests/scenario003-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HOT template to created resources deployed by scenario003.
diff --git a/ci/pingtests/scenario004-multinode.yaml b/ci/pingtests/scenario004-multinode.yaml
index 8681bbab..8ba60e21 100644
--- a/ci/pingtests/scenario004-multinode.yaml
+++ b/ci/pingtests/scenario004-multinode.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HOT template to created resources deployed by scenario004.
@@ -128,6 +128,8 @@ resources:
manila_share:
type: OS::Manila::Share
properties:
+ name: pingtest
+ share_type: { get_resource: manila_share_type }
share_protocol: CEPHFS
size: 1
diff --git a/ci/pingtests/tenantvm_floatingip.yaml b/ci/pingtests/tenantvm_floatingip.yaml
index b910d6c1..28b09115 100644
--- a/ci/pingtests/tenantvm_floatingip.yaml
+++ b/ci/pingtests/tenantvm_floatingip.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
This template resides in tripleo-ci for Mitaka CI jobs only.
diff --git a/default_passwords.yaml b/default_passwords.yaml
index c85881e5..04828d94 100644
--- a/default_passwords.yaml
+++ b/default_passwords.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Passwords we manage at the top level
diff --git a/deployed-server/ctlplane-port.yaml b/deployed-server/ctlplane-port.yaml
index 7b5cdf11..8cd22ca0 100644
--- a/deployed-server/ctlplane-port.yaml
+++ b/deployed-server/ctlplane-port.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
network:
diff --git a/deployed-server/deployed-neutron-port.yaml b/deployed-server/deployed-neutron-port.yaml
index bddf8bc1..861ee912 100644
--- a/deployed-server/deployed-neutron-port.yaml
+++ b/deployed-server/deployed-neutron-port.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: "
A fake OS::Neutron::Port stack which outputs fixed_ips and subnets based on
diff --git a/deployed-server/deployed-server-bootstrap-centos.yaml b/deployed-server/deployed-server-bootstrap-centos.yaml
index c1740d78..5b268234 100644
--- a/deployed-server/deployed-server-bootstrap-centos.yaml
+++ b/deployed-server/deployed-server-bootstrap-centos.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Deployed Server Bootstrap Config'
diff --git a/deployed-server/deployed-server-bootstrap-rhel.yaml b/deployed-server/deployed-server-bootstrap-rhel.yaml
index 2d2f5156..a9018515 100644
--- a/deployed-server/deployed-server-bootstrap-rhel.yaml
+++ b/deployed-server/deployed-server-bootstrap-rhel.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Deployed Server Bootstrap Config'
diff --git a/deployed-server/deployed-server.yaml b/deployed-server/deployed-server.yaml
index afdb5d0c..0847bfbf 100644
--- a/deployed-server/deployed-server.yaml
+++ b/deployed-server/deployed-server.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
image:
type: string
diff --git a/docker/create-config-dir.sh b/docker/create-config-dir.sh
deleted file mode 100644
index 1be1a56f..00000000
--- a/docker/create-config-dir.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# This is where we stack puppet configuration (for now)...
-mkdir -p /var/lib/config-data
-
-# This is the docker-puppet configs end in
-mkdir -p /var/lib/docker-puppet
diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2
index 1d5605b2..86811b86 100644
--- a/docker/docker-steps.j2
+++ b/docker/docker-steps.j2
@@ -11,7 +11,7 @@
# primary role is: {{primary_role_name}}
{% set deploy_steps_max = 6 -%}
-heat_template_version: ocata
+heat_template_version: pike
description: >
Post-deploy configuration steps via puppet for all roles,
@@ -58,20 +58,6 @@ resources:
# BEGIN primary_role_name docker-puppet-tasks (run only on a single node)
{% for step in range(1, deploy_steps_max) %}
- {{primary_role_name}}DockerPuppetJsonConfig{{step}}:
- type: OS::Heat::StructuredConfig
- properties:
- group: json-file
- config:
- /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json:
- {get_attr: [{{primary_role_name}}DockerPuppetTasks, value, 'step_{{step}}']}
-
- {{primary_role_name}}DockerPuppetJsonDeployment{{step}}:
- type: OS::Heat::SoftwareDeployment
- properties:
- server: {get_param: [servers, {{primary_role_name}}, '0']}
- config: {get_resource: {{primary_role_name}}DockerPuppetJsonConfig{{step}}}
-
{{primary_role_name}}DockerPuppetTasksConfig{{step}}:
type: OS::Heat::SoftwareConfig
properties:
@@ -90,9 +76,8 @@ resources:
- {{dep.name}}Deployment_Step{{step}}
- {{dep.name}}ContainersDeployment_Step{{step}}
{% endfor %}
- - {{primary_role_name}}DockerPuppetJsonDeployment{{step}}
properties:
- name: {{primary_role_name}}DockerPuppetJsonDeployment{{step}}
+ name: {{primary_role_name}}DockerPuppetTasksDeployment{{step}}
server: {get_param: [servers, {{primary_role_name}}, '0']}
config: {get_resource: {{primary_role_name}}DockerPuppetTasksConfig{{step}}}
input_values:
@@ -117,44 +102,64 @@ resources:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}ArtifactsConfig}
- {{role.name}}PreConfig:
- type: OS::TripleO::Tasks::{{role.name}}PreConfig
- properties:
- servers: {get_param: [servers, {{role.name}}]}
- input_values:
- update_identifier: {get_param: DeployIdentifier}
-
- {{role.name}}CreateConfigDir:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config: {get_file: create-config-dir.sh}
-
- {{role.name}}CreateConfigDirDeployment:
- type: OS::Heat::SoftwareDeploymentGroup
- properties:
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: {{role.name}}CreateConfigDir}
-
- {{role.name}}HostPrepAnsible:
- type: OS::Heat::Value
- properties:
- value:
- str_replace:
- template: CONFIG
- params:
- CONFIG:
- - hosts: localhost
- connection: local
- tasks: {get_param: [role_data, {{role.name}}, host_prep_tasks]}
-
{{role.name}}HostPrepConfig:
type: OS::Heat::SoftwareConfig
properties:
group: ansible
options:
modulepath: /usr/share/ansible-modules
- config: {get_attr: [{{role.name}}HostPrepAnsible, value]}
+ config:
+ str_replace:
+ template: _PLAYBOOK
+ params:
+ _PLAYBOOK:
+ - hosts: localhost
+ connection: local
+ vars:
+ puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]}
+ docker_puppet_script: {get_file: docker-puppet.py}
+ docker_puppet_tasks: {get_attr: [{{primary_role_name}}DockerPuppetTasks, value]}
+ docker_startup_configs: {get_attr: [{{role.name}}DockerConfig, value]}
+ kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]}
+ bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
+ tasks:
+ # Join host_prep_tasks with the other per-host configuration
+ yaql:
+ expression: $.data.host_prep_tasks + $.data.template_tasks
+ data:
+ host_prep_tasks: {get_param: [role_data, {{role.name}}, host_prep_tasks]}
+ template_tasks:
+{%- raw %}
+ # This is where we stack puppet configuration (for now)...
+ - name: Create /var/lib/config-data
+ file: path=/var/lib/config-data state=directory
+ # This is the docker-puppet configs end in
+ - name: Create /var/lib/docker-puppet
+ file: path=/var/lib/docker-puppet state=directory
+ # this creates a JSON config file for our docker-puppet.py script
+ - name: Write docker-puppet-tasks json files
+ copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes
+ # FIXME: can we move docker-puppet somewhere so it's installed via a package?
+ - name: Write docker-puppet.py
+ copy: content="{{docker_puppet_script}}" dest=/var/lib/docker-puppet/docker-puppet.py force=yes
+ # Here we are dumping all the docker container startup configuration data
+ # so that we can have access to how they are started outside of heat
+ # and docker-cmd. This lets us create command line tools to test containers.
+ - name: Write docker-container-startup-configs
+ copy: content="{{docker_startup_configs | to_json}}" dest=/var/lib/docker-container-startup-configs.json force=yes
+ - name: Create /var/lib/kolla/config_files directory
+ file: path=/var/lib/kolla/config_files state=directory
+ - name: Write kolla config json files
+ copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes
+ with_dict: "{{kolla_config}}"
+ ########################################################
+ # Bootstrap tasks, only performed on bootstrap_server_id
+ ########################################################
+ - name: Write docker-puppet-tasks json files
+ copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes
+ with_dict: "{{docker_puppet_tasks}}"
+ when: deploy_server_id == bootstrap_server_id
+{%- endraw %}
{{role.name}}HostPrepDeployment:
type: OS::Heat::SoftwareDeploymentGroup
@@ -162,21 +167,6 @@ resources:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}HostPrepConfig}
- # this creates a JSON config file for our docker-puppet.py script
- {{role.name}}GenPuppetConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: json-file
- config:
- /var/lib/docker-puppet/docker-puppet.json:
- {get_param: [role_data, {{role.name}}, puppet_config]}
-
- {{role.name}}GenPuppetDeployment:
- type: OS::Heat::SoftwareDeploymentGroup
- properties:
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: {{role.name}}GenPuppetConfig}
-
{{role.name}}GenerateConfig:
type: OS::Heat::SoftwareConfig
properties:
@@ -187,7 +177,7 @@ resources:
{{role.name}}GenerateConfigDeployment:
type: OS::Heat::SoftwareDeploymentGroup
- depends_on: [{{role.name}}GenPuppetDeployment, {{role.name}}ArtifactsDeploy, {{role.name}}CreateConfigDirDeployment, {{role.name}}HostPrepDeployment]
+ depends_on: [{{role.name}}ArtifactsDeploy, {{role.name}}HostPrepDeployment]
properties:
name: {{role.name}}GenerateConfigDeployment
servers: {get_param: [servers, {{role.name}}]}
@@ -222,38 +212,6 @@ resources:
service_names: {get_param: [role_data, {{role.name}}, service_names]}
docker_config: {get_param: [role_data, {{role.name}}, docker_config]}
- # Here we are dumping all the docker container startup configuration data
- # so that we can have access to how they are started outside of heat
- # and docker-cmd. This lets us create command line tools to start and
- # test these containers.
- {{role.name}}DockerConfigJsonStartupData:
- type: OS::Heat::StructuredConfig
- properties:
- group: json-file
- config:
- /var/lib/docker-container-startup-configs.json:
- {get_attr: [{{role.name}}DockerConfig, value]}
-
- {{role.name}}DockerConfigJsonStartupDataDeployment:
- type: OS::Heat::SoftwareDeploymentGroup
- properties:
- config: {get_resource: {{role.name}}DockerConfigJsonStartupData}
- servers: {get_param: [servers, {{role.name}}]}
-
- {{role.name}}KollaJsonConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: json-file
- config:
- {get_param: [role_data, {{role.name}}, kolla_config]}
-
- {{role.name}}KollaJsonDeployment:
- type: OS::Heat::SoftwareDeploymentGroup
- properties:
- name: {{role.name}}KollaJsonDeployment
- config: {get_resource: {{role.name}}KollaJsonConfig}
- servers: {get_param: [servers, {{role.name}}]}
-
# BEGIN BAREMETAL CONFIG STEPS
{{role.name}}PreConfig:
@@ -307,12 +265,12 @@ resources:
type: OS::Heat::StructuredDeploymentGroup
{% if step == 1 %}
depends_on:
- - {{role.name}}KollaJsonDeployment
- - {{role.name}}GenPuppetDeployment
- - {{role.name}}GenerateConfigDeployment
{%- for dep in roles %}
- {{dep.name}}Deployment_Step{{step}} # baremetal steps of the same level run first
{%- endfor %}
+ - {{role.name}}PreConfig
+ - {{role.name}}HostPrepDeployment
+ - {{role.name}}GenerateConfigDeployment
{% else %}
depends_on:
{% for dep in roles %}
diff --git a/docker/firstboot/setup_docker_host.yaml b/docker/firstboot/setup_docker_host.yaml
index 2f258987..4b061e1c 100644
--- a/docker/firstboot/setup_docker_host.yaml
+++ b/docker/firstboot/setup_docker_host.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
DockerNamespace:
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index 8a02d8fd..f802e4e6 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -100,13 +100,14 @@ outputs:
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- /var/log/containers/aodh:/var/log/aodh
- command: /usr/bin/aodh-dbsync
+ command: "/usr/bin/bootstrap_host_exec aodh_api su aodh -s /bin/bash -c /usr/bin/aodh-dbsync"
step_4:
aodh_api:
image: *aodh_image
diff --git a/docker/services/containers-common.yaml b/docker/services/containers-common.yaml
index fad1456c..a9912a1f 100644
--- a/docker/services/containers-common.yaml
+++ b/docker/services/containers-common.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contains a static list of common things necessary for containers
@@ -9,6 +9,8 @@ outputs:
value:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
+ # required for bootstrap_host_exec
+ - /etc/puppet:/etc/puppet:ro
# OpenSSL trusted CAs
- /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro
- /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro
diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml
index ed4e3177..96a02f9f 100644
--- a/docker/services/database/mongodb.yaml
+++ b/docker/services/database/mongodb.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
MongoDB service deployment using puppet and docker
diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml
index 3a4de24f..73578e13 100644
--- a/docker/services/database/mysql.yaml
+++ b/docker/services/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
MySQL service deployment using puppet
diff --git a/docker/services/database/redis.yaml b/docker/services/database/redis.yaml
index 86c44900..73df96c5 100644
--- a/docker/services/database/redis.yaml
+++ b/docker/services/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Redis services
diff --git a/docker/services/etcd.yaml b/docker/services/etcd.yaml
index 13a0735b..e5a7096b 100644
--- a/docker/services/etcd.yaml
+++ b/docker/services/etcd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized etcd services
diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml
index ef1e00ed..df8186da 100644
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@@ -100,6 +100,7 @@ outputs:
net: host
privileged: false
detach: false
+ user: root
volumes: &glance_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
@@ -110,6 +111,7 @@ outputs:
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ command: "/usr/bin/bootstrap_host_exec glance_api su glance -s /bin/bash -c '/usr/local/bin/kolla_start'"
step_4:
map_merge:
- glance_api:
@@ -149,3 +151,5 @@ outputs:
- name: Stop and disable glance_api service
tags: step2
service: name=openstack-glance-api state=stopped enabled=no
+ metadata_settings:
+ get_attr: [GlanceApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml
index 9b474731..e59d6095 100644
--- a/docker/services/gnocchi-api.yaml
+++ b/docker/services/gnocchi-api.yaml
@@ -100,13 +100,14 @@ outputs:
net: host
detach: false
privileged: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
- command: ["/usr/bin/gnocchi-upgrade", "--skip-storage"]
+ command: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c '/usr/bin/gnocchi-upgrade --skip-storage'"
step_4:
gnocchi_api:
image: *gnocchi_image
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml
index 2631928f..37fa4c81 100644
--- a/docker/services/heat-api-cfn.yaml
+++ b/docker/services/heat-api-cfn.yaml
@@ -132,3 +132,5 @@ outputs:
- name: Stop and disable heat_api_cfn service
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [HeatBase, role_data, metadata_settings]
diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index b2f4eb64..5043aed8 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -132,3 +132,5 @@ outputs:
- name: Stop and disable heat_api service
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [HeatBase, role_data, metadata_settings]
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index 8c554a50..0adad538 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -94,13 +94,14 @@ outputs:
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- /var/log/containers/heat:/var/log/heat
- command: ['heat-manage', 'db_sync']
+ command: "/usr/bin/bootstrap_host_exec heat_engine su heat -s /bin/bash -c 'heat-manage db_sync'"
step_4:
heat_engine:
image: *heat_engine_image
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index 300aa0bd..c8978aa2 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -100,13 +100,14 @@ outputs:
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/ironic/etc/:/etc/:ro
- /var/log/containers/ironic:/var/log/ironic
- command: ['ironic-dbsync', '--config-file', '/etc/ironic/ironic.conf']
+ command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'"
step_4:
ironic_api:
start_order: 10
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index ca643749..772859ee 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -131,8 +131,9 @@ outputs:
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ command: ['/usr/bin/bootstrap_host_exec', 'keystone', '/usr/local/bin/kolla_start']
keystone:
- start_order: 1
+ start_order: 2
image: *keystone_image
net: host
privileged: false
@@ -141,10 +142,10 @@ outputs:
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
keystone_bootstrap:
- start_order: 2
+ start_order: 3
action: exec
command:
- [ 'keystone', 'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
+ [ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
docker_puppet_tasks:
# Keystone endpoint creation occurs only on single node
step_3:
diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml
index 3b256fdd..5586d41b 100644
--- a/docker/services/mistral-api.yaml
+++ b/docker/services/mistral-api.yaml
@@ -100,19 +100,21 @@ outputs:
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/mistral/etc/:/etc/:ro
- /var/log/containers/mistral:/var/log/mistral
- command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'upgrade', 'head']
+ command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf upgrade head'"
mistral_db_populate:
start_order: 2
image: *mistral_image
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
@@ -121,7 +123,7 @@ outputs:
- /var/log/containers/mistral:/var/log/mistral
# NOTE: dprince this requires that we install openstack-tripleo-common into
# the Mistral API image so that we get tripleo* actions
- command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'populate']
+ command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf populate'"
step_4:
mistral_api:
start_order: 15
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index 748371d5..7ce47a14 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -110,8 +110,6 @@ outputs:
net: host
privileged: false
detach: false
- # FIXME: we should make config file permissions right
- # and run as neutron user
user: root
volumes:
list_concat:
@@ -120,7 +118,10 @@ outputs:
- /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
- /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
- /var/log/containers/neutron:/var/log/neutron
- command: ['neutron-db-manage', 'upgrade', 'heads']
+ command: ['/usr/bin/bootstrap_host_exec', 'neutron_api', 'neutron-db-manage', 'upgrade', 'heads']
+ # FIXME: we should make config file permissions right
+ # and run as neutron user
+ #command: "/usr/bin/bootstrap_host_exec neutron_api su neutron -s /bin/bash -c 'neutron-db-manage upgrade heads'"
step_4:
map_merge:
- neutron_api:
@@ -164,3 +165,5 @@ outputs:
- name: Stop and disable neutron_api service
tags: step2
service: name=neutron-server state=stopped enabled=no
+ metadata_settings:
+ get_attr: [NeutronBase, role_data, metadata_settings]
diff --git a/docker/services/neutron-plugin-ml2.yaml b/docker/services/neutron-plugin-ml2.yaml
index 2e5384ea..1739a5b9 100644
--- a/docker/services/neutron-plugin-ml2.yaml
+++ b/docker/services/neutron-plugin-ml2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Neutron ML2 Plugin configured with Puppet
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index d571b21b..2375dada 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -103,6 +103,7 @@ outputs:
image: *nova_api_image
net: host
detach: false
+ user: root
volumes: &nova_api_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
@@ -110,7 +111,7 @@ outputs:
- /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- /var/log/containers/nova:/var/log/nova
- command: ['/usr/bin/nova-manage', 'api_db', 'sync']
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'"
# FIXME: we probably want to wait on the 'cell_v2 update' in order for this
# to be capable of upgrading a baremetal setup. This is to ensure the name
# of the cell is 'default'
@@ -119,11 +120,9 @@ outputs:
image: *nova_api_image
net: host
detach: false
+ user: root
volumes: *nova_api_volumes
- command:
- - '/usr/bin/nova-manage'
- - 'cell_v2'
- - 'map_cell0'
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 map_cell0'"
nova_api_create_default_cell:
start_order: 3
image: *nova_api_image
@@ -134,18 +133,16 @@ outputs:
# this idempotent (if the resource already exists a conflict
# is raised)
exit_codes: [0,2]
- command:
- - '/usr/bin/nova-manage'
- - 'cell_v2'
- - 'create_cell'
- - '--name="default"'
+ user: root
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 create_cell --name=default'"
nova_db_sync:
start_order: 4
image: *nova_api_image
net: host
detach: false
volumes: *nova_api_volumes
- command: ['/usr/bin/nova-manage', 'db', 'sync']
+ user: root
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'"
step_4:
nova_api:
start_order: 2
@@ -164,10 +161,8 @@ outputs:
net: host
detach: false
volumes: *nova_api_volumes
- command:
- - '/usr/bin/nova-manage'
- - 'cell_v2'
- - 'discover_hosts'
+ user: root
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
host_prep_tasks:
- name: create persistent logs directory
file:
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index ebf0da7d..9779d676 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -18,6 +18,10 @@ parameters:
description: image
default: 'centos-binary-nova-compute:latest'
type: string
+ EnablePackageInstall:
+ default: 'false'
+ description: Set to true to enable package installation
+ type: boolean
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -112,6 +116,7 @@ outputs:
- /var/run/libvirt:/var/run/libvirt
- /var/lib/libvirt:/var/lib/libvirt
- /etc/libvirt/qemu:/etc/libvirt/qemu
+ - /var/log/libvirt/qemu:/var/log/libvirt/qemu:ro
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
@@ -124,6 +129,22 @@ outputs:
- /etc/libvirt/qemu
- /var/lib/libvirt
- /var/log/containers/nova
+ - name: set enable_package_install fact
+ set_fact:
+ enable_package_install: {get_param: EnablePackageInstall}
+ # We use virtlogd on host, so when using Deployed Server
+ # feature, we need to ensure libvirt is installed.
+ - name: install libvirt-daemon
+ package:
+ name: libvirt-daemon
+ state: present
+ when: enable_package_install
+ - name: start virtlogd socket
+ service:
+ name: virtlogd.socket
+ state: started
+ enabled: yes
+ when: enable_package_install
upgrade_tasks:
- name: Stop and disable libvirtd service
tags: step2
diff --git a/docker/services/nova-metadata.yaml b/docker/services/nova-metadata.yaml
index 2aebbb2f..e158d3bc 100644
--- a/docker/services/nova-metadata.yaml
+++ b/docker/services/nova-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova Metadata service
diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml
new file mode 100644
index 00000000..d64845f2
--- /dev/null
+++ b/docker/services/pacemaker/database/mysql.yaml
@@ -0,0 +1,180 @@
+heat_template_version: pike
+
+description: >
+ MySQL service deployment with pacemaker bundle
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerMysqlImage:
+ description: image
+ default: 'centos-binary-mariadb:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ MysqlRootPassword:
+ type: string
+ hidden: true
+ default: ''
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ../../containers-common.yaml
+
+ MysqlPuppetBase:
+ type: ../../../../puppet/services/pacemaker/database/mysql.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Containerized service MySQL using composable services.
+ value:
+ service_name: {get_attr: [MysqlPuppetBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - {get_attr: [MysqlPuppetBase, role_data, config_settings]}
+ - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image
+ list_join:
+ - '/'
+ - - {get_param: DockerNamespace}
+ - {get_param: DockerMysqlImage}
+ step_config: ""
+ # BEGIN DOCKER SETTINGS #
+ puppet_config:
+ config_volume: mysql
+ puppet_tags: file # set this even though file is the default
+ step_config:
+ list_join:
+ - "\n"
+ - - "['Mysql_datadir', 'Mysql_user', 'Mysql_database', 'Mysql_grant', 'Mysql_plugin'].each |String $val| { noop_resource($val) }"
+ - "exec {'wait-for-settle': command => '/bin/true' }"
+ - "include ::tripleo::profile::pacemaker::database::mysql_bundle"
+ config_image: *mysql_image
+ kolla_config:
+ /var/lib/kolla/config_files/mysql.json:
+ command: /usr/sbin/pacemaker_remoted
+ config_files:
+ - dest: /etc/libqb/force-filesystem-sockets
+ source: /dev/null
+ owner: root
+ perm: '0644'
+ - dest: /etc/my.cnf
+ source: /var/lib/kolla/config_files/src/etc/my.cnf
+ owner: mysql
+ perm: '0644'
+ - dest: /etc/my.cnf.d/galera.cnf
+ source: /var/lib/kolla/config_files/src/etc/my.cnf.d/galera.cnf
+ owner: mysql
+ perm: '0644'
+ - dest: /etc/sysconfig/clustercheck
+ source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck
+ owner: root
+ perm: '0600'
+ docker_config:
+ step_1:
+ mysql_data_ownership:
+ start_order: 0
+ detach: false
+ image: *mysql_image
+ net: host
+ user: root
+ # Kolla does only non-recursive chown
+ command: ['chown', '-R', 'mysql:', '/var/lib/mysql']
+ volumes:
+ - /var/lib/mysql:/var/lib/mysql
+ mysql_bootstrap:
+ start_order: 1
+ detach: false
+ image: *mysql_image
+ net: host
+ # Kolla bootstraps aren't idempotent, explicitly checking if bootstrap was done
+ command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start']
+ volumes: &mysql_volumes
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json
+ - /var/lib/config-data/mysql/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/mysql:/var/lib/mysql
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - KOLLA_BOOTSTRAP=True
+ # NOTE(mandre) skip wsrep cluster status check
+ - KOLLA_KUBERNETES=True
+ -
+ list_join:
+ - '='
+ - - 'DB_ROOT_PASSWORD'
+ -
+ yaql:
+ expression: $.data.passwords.where($ != '').first()
+ data:
+ passwords:
+ - {get_param: MysqlRootPassword}
+ - {get_param: [DefaultPasswords, mysql_root_password]}
+ step_2:
+ mysql_init_bundle:
+ start_order: 1
+ detach: false
+ net: host
+ user: root
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,galera_ready,mysql_database,mysql_grant,mysql_user'
+ CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::mysql_bundle'
+ image: *mysql_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ - /var/lib/config-data/mysql/etc/my.cnf:/etc/my.cnf:ro
+ - /var/lib/config-data/mysql/etc/my.cnf.d:/etc/my.cnf.d:ro
+ - /var/lib/mysql:/var/lib/mysql:rw
+ host_prep_tasks:
+ - name: create /var/lib/mysql
+ file:
+ path: /var/lib/mysql
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable mysql service
+ tags: step2
+ service: name=mariadb state=stopped enabled=no
diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml
new file mode 100644
index 00000000..7f6ac701
--- /dev/null
+++ b/docker/services/pacemaker/rabbitmq.yaml
@@ -0,0 +1,159 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Rabbitmq service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerRabbitmqImage:
+ description: image
+ default: 'centos-binary-rabbitmq:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RabbitCookie:
+ type: string
+ default: ''
+ hidden: true
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ RabbitmqBase:
+ type: ../../../puppet/services/rabbitmq.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Rabbitmq API role.
+ value:
+ service_name: {get_attr: [RabbitmqBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - {get_attr: [RabbitmqBase, role_data, config_settings]}
+ - rabbitmq::service_manage: false
+ tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image
+ list_join:
+ - '/'
+ - - {get_param: DockerNamespace}
+ - {get_param: DockerRabbitmqImage}
+ step_config: &step_config
+ get_attr: [RabbitmqBase, role_data, step_config]
+ service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: rabbitmq
+ puppet_tags: file
+ step_config: *step_config
+ config_image: *rabbitmq_image
+ kolla_config:
+ /var/lib/kolla/config_files/rabbitmq.json:
+ command: /usr/sbin/pacemaker_remoted
+ config_files:
+ - dest: /etc/libqb/force-filesystem-sockets
+ source: /dev/null
+ owner: root
+ perm: '0644'
+ permissions:
+ - path: /var/lib/rabbitmq
+ owner: rabbitmq:rabbitmq
+ recurse: true
+ - path: /var/log/rabbitmq
+ owner: rabbitmq:rabbitmq
+ recurse: true
+ # When using pacemaker we don't launch the container, instead that is done by pacemaker
+ # itself.
+ docker_config:
+ step_1:
+ rabbitmq_bootstrap:
+ start_order: 0
+ image: *rabbitmq_image
+ net: host
+ privileged: false
+ volumes:
+ - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /var/lib/rabbitmq:/var/lib/rabbitmq
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - KOLLA_BOOTSTRAP=True
+ -
+ list_join:
+ - '='
+ - - 'RABBITMQ_CLUSTER_COOKIE'
+ -
+ yaql:
+ expression: $.data.passwords.where($ != '').first()
+ data:
+ passwords:
+ - {get_param: RabbitCookie}
+ - {get_param: [DefaultPasswords, rabbit_cookie]}
+ step_2:
+ rabbitmq_init_bundle:
+ start_order: 0
+ detach: false
+ net: host
+ user: root
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
+ CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::rabbitmq_bundle'
+ image: *rabbitmq_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ host_prep_tasks:
+ - name: create /var/lib/rabbitmq
+ file:
+ path: /var/lib/rabbitmq
+ state: directory
+ - name: stop the Erlang port mapper on the host and make sure it cannot bind to the port used by container
+ shell: |
+ echo 'export ERL_EPMD_ADDRESS=127.0.0.1' > /etc/rabbitmq/rabbitmq-env.conf
+ echo 'export ERL_EPMD_PORT=4370' >> /etc/rabbitmq/rabbitmq-env.conf
+ for pid in $(pgrep epmd); do if [ "$(lsns -o NS -p $pid)" == "$(lsns -o NS -p 1)" ]; then kill $pid; break; fi; done
+ upgrade_tasks:
+ - name: Stop and disable rabbitmq service
+ tags: step2
+ service: name=rabbitmq-server state=stopped enabled=no
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index 46cfa5ab..b9e6e93a 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -101,13 +101,14 @@ outputs:
net: host
detach: false
privileged: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/panko/etc/panko:/etc/panko:ro
- /var/log/containers/panko:/var/log/panko
- command: /usr/bin/panko-dbsync
+ command: "/usr/bin/bootstrap_host_exec panko_api su panko -s /bin/bash -c '/usr/bin/panko-dbsync'"
step_4:
panko_api:
start_order: 2
diff --git a/docker/services/services.yaml b/docker/services/services.yaml
index 15f1bf02..2ad3b63d 100644
--- a/docker/services/services.yaml
+++ b/docker/services/services.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Utility stack to convert an array of services into a set of combined
diff --git a/docker/services/swift-proxy.yaml b/docker/services/swift-proxy.yaml
index 60972f91..04c4ba1e 100644
--- a/docker/services/swift-proxy.yaml
+++ b/docker/services/swift-proxy.yaml
@@ -135,3 +135,5 @@ outputs:
- name: Stop and disable swift_proxy service
tags: step2
service: name=openstack-swift-proxy state=stopped enabled=no
+ metadata_settings:
+ get_attr: [SwiftProxyBase, role_data, metadata_settings]
diff --git a/docker/services/swift-ringbuilder.yaml b/docker/services/swift-ringbuilder.yaml
index 9ced8f27..bfd445d0 100644
--- a/docker/services/swift-ringbuilder.yaml
+++ b/docker/services/swift-ringbuilder.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Swift Ringbuilder
diff --git a/environments/cinder-dellsc-config.yaml b/environments/cinder-dellsc-config.yaml
index 617d640c..99e517bf 100644
--- a/environments/cinder-dellsc-config.yaml
+++ b/environments/cinder-dellsc-config.yaml
@@ -9,9 +9,13 @@ parameter_defaults:
CinderDellScSanIp: ''
CinderDellScSanLogin: 'Admin'
CinderDellScSanPassword: ''
- CinderDellScSsn: '64702'
+ CinderDellScSsn: 64702
CinderDellScIscsiIpAddress: ''
- CinderDellScIscsiPort: '3260'
- CinderDellScApiPort: '3033'
+ CinderDellScIscsiPort: 3260
+ CinderDellScApiPort: 3033
CinderDellScServerFolder: 'dellsc_server'
CinderDellScVolumeFolder: 'dellsc_volume'
+ CinderDellScSecondarySanIp: ''
+ CinderDellScSecondarySanLogin: 'Admin'
+ CinderDellScSecondarySanPassword: ''
+ CinderDellScSecondaryScApiPort: 3033
diff --git a/environments/contrail/contrail-nic-config-compute.yaml b/environments/contrail/contrail-nic-config-compute.yaml
index 3007638a..a5f0ecab 100644
--- a/environments/contrail/contrail-nic-config-compute.yaml
+++ b/environments/contrail/contrail-nic-config-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces
diff --git a/environments/disable-telemetry.yaml b/environments/disable-telemetry.yaml
new file mode 100644
index 00000000..6249c286
--- /dev/null
+++ b/environments/disable-telemetry.yaml
@@ -0,0 +1,20 @@
+# This heat environment can be used to disable all of the telemetry services.
+# It is most useful in a resource constrained environment or one in which
+# telemetry is not needed.
+
+resource_registry:
+ OS::TripleO::Services::CeilometerApi: OS::Heat::None
+ OS::TripleO::Services::CeilometerCollector: OS::Heat::None
+ OS::TripleO::Services::CeilometerExpirer: OS::Heat::None
+ OS::TripleO::Services::CeilometerAgentCentral: OS::Heat::None
+ OS::TripleO::Services::CeilometerAgentNotification: OS::Heat::None
+ OS::TripleO::Services::CeilometerAgentIpmi: OS::Heat::None
+ OS::TripleO::Services::ComputeCeilometerAgent: OS::Heat::None
+ OS::TripleO::Services::GnocchiApi: OS::Heat::None
+ OS::TripleO::Services::GnocchiMetricd: OS::Heat::None
+ OS::TripleO::Services::GnocchiStatsd: OS::Heat::None
+ OS::TripleO::Services::AodhApi: OS::Heat::None
+ OS::TripleO::Services::AodhEvaluator: OS::Heat::None
+ OS::TripleO::Services::AodhNotifier: OS::Heat::None
+ OS::TripleO::Services::AodhListener: OS::Heat::None
+ OS::TripleO::Services::PankoApi: OS::Heat::None
diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml
index e37f2515..2740664c 100644
--- a/environments/docker-services-tls-everywhere.yaml
+++ b/environments/docker-services-tls-everywhere.yaml
@@ -50,3 +50,4 @@ parameter_defaults:
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Sshd
diff --git a/environments/docker.yaml b/environments/docker.yaml
index 94b4bcd6..36e4c391 100644
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -52,10 +52,10 @@ resource_registry:
OS::TripleO::Services: ../docker/services/services.yaml
parameter_defaults:
- # Defaults to 'tripleoupstream'. Specify a local docker registry
- # Example: 192.168.24.1:8787/tripleoupstream
- DockerNamespace: tripleoupstream
- DockerNamespaceIsRegistry: false
+ # To specify a local docker registry, enable these
+ # where 192.168.24.1 is the host running docker-distribution
+ #DockerNamespace: 192.168.24.1:8787/tripleoupstream
+ #DockerNamespaceIsRegistry: true
ComputeServices:
- OS::TripleO::Services::NovaCompute
@@ -63,3 +63,4 @@ parameter_defaults:
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::Docker
- OS::TripleO::Services::CeilometerAgentCompute
+ - OS::TripleO::Services::Sshd
diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml
index 6fd71013..0f7e1143 100644
--- a/environments/hyperconverged-ceph.yaml
+++ b/environments/hyperconverged-ceph.yaml
@@ -19,6 +19,7 @@ parameter_defaults:
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::ComputeCeilometerAgent
- OS::TripleO::Services::ComputeNeutronL3Agent
- OS::TripleO::Services::ComputeNeutronMetadataAgent
diff --git a/environments/low-memory-usage.yaml b/environments/low-memory-usage.yaml
index 3a606336..547dc31d 100644
--- a/environments/low-memory-usage.yaml
+++ b/environments/low-memory-usage.yaml
@@ -16,3 +16,5 @@ parameter_defaults:
ControllerExtraConfig:
'nova::network::neutron::neutron_url_timeout': '60'
+
+ DatabaseSyncTimeout: 900
diff --git a/environments/neutron-l2gw-opendaylight.yaml b/environments/neutron-l2gw-opendaylight.yaml
new file mode 100644
index 00000000..2168dbc3
--- /dev/null
+++ b/environments/neutron-l2gw-opendaylight.yaml
@@ -0,0 +1,18 @@
+# A Heat environment file that can be used to deploy Neutron L2 Gateway service
+#
+# Currently there are only two service provider for Neutron L2 Gateway
+# This file enables L2GW service with OpenDaylight as driver.
+#
+# - OpenDaylight: L2GW:OpenDaylight:networking_odl.l2gateway.driver.OpenDaylightL2gwDriver:default
+resource_registry:
+ OS::TripleO::Services::NeutronL2gwApi: ../puppet/services/neutron-l2gw-api.yaml
+
+parameter_defaults:
+ NeutronServicePlugins: "networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin"
+ L2gwServiceProvider: ['L2GW:OpenDaylight:networking_odl.l2gateway.driver.OpenDaylightL2gwDriver:default']
+
+ # Optional
+ # L2gwServiceDefaultInterfaceName: "FortyGigE1/0/1"
+ # L2gwServiceDefaultDeviceName: "Switch1"
+ # L2gwServiceQuotaL2Gateway: 10
+ # L2gwServicePeriodicMonitoringInterval: 5
diff --git a/environments/neutron-linuxbridge.yaml b/environments/neutron-linuxbridge.yaml
new file mode 100644
index 00000000..c8045cc9
--- /dev/null
+++ b/environments/neutron-linuxbridge.yaml
@@ -0,0 +1,8 @@
+## A Heat environment that can be used to deploy linuxbridge
+resource_registry:
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronLinuxbridgeAgent: ../puppet/services/neutron-linuxbridge-agent.yaml
+
+parameter_defaults:
+ NeutronMechanismDrivers: ['linuxbridge']
diff --git a/environments/neutron-ovs-dpdk.yaml b/environments/neutron-ovs-dpdk.yaml
index 004b8ac0..6706bccc 100644
--- a/environments/neutron-ovs-dpdk.yaml
+++ b/environments/neutron-ovs-dpdk.yaml
@@ -9,7 +9,7 @@ parameter_defaults:
#NeutronDpdkMemoryChannels: ""
NeutronDatapathType: "netdev"
- NeutronVhostuserSocketDir: "/var/run/openvswitch"
+ NeutronVhostuserSocketDir: "/var/lib/vhost_sockets"
#NeutronDpdkSocketMemory: ""
#NeutronDpdkDriverType: "vfio-pci"
diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml
index 9c8abbb4..8fc4bf29 100644
--- a/environments/puppet-ceph-devel.yaml
+++ b/environments/puppet-ceph-devel.yaml
@@ -20,3 +20,5 @@ parameter_defaults:
GlanceBackend: rbd
GnocchiBackend: rbd
CinderEnableIscsiBackend: false
+ CephPoolDefaultSite: 1
+
diff --git a/environments/services-docker/zaqar.yaml b/environments/services-docker/zaqar.yaml
index ca0b3b15..08033d91 100644
--- a/environments/services-docker/zaqar.yaml
+++ b/environments/services-docker/zaqar.yaml
@@ -1,2 +1,3 @@
resource_registry:
OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml
+ OS::TripleO::Services::MongoDb: ../../docker/services/database/mongodb.yaml
diff --git a/environments/services/ceilometer-collector.yaml b/environments/services/ceilometer-collector.yaml
index 4cc765f2..f97d3e0b 100644
--- a/environments/services/ceilometer-collector.yaml
+++ b/environments/services/ceilometer-collector.yaml
@@ -1,2 +1,3 @@
resource_registry:
OS::TripleO::Services::CeilometerCollector: ../../puppet/services/ceilometer-collector.yaml
+ OS::TripleO::Services::MongoDb: ../../puppet/services/database/mongodb.yaml
diff --git a/environments/services/ironic.yaml b/environments/services/ironic.yaml
index 8359f4a7..b1317382 100644
--- a/environments/services/ironic.yaml
+++ b/environments/services/ironic.yaml
@@ -1,4 +1,5 @@
resource_registry:
OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml
OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml
+ OS::TripleO::Services::IronicPxe: ../../puppet/services/ironic-pxe.yaml
OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml
diff --git a/environments/services/zaqar.yaml b/environments/services/zaqar.yaml
index ee137925..e501b69c 100644
--- a/environments/services/zaqar.yaml
+++ b/environments/services/zaqar.yaml
@@ -1,2 +1,3 @@
resource_registry:
OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
+ OS::TripleO::Services::MongoDb: ../../puppet/services/database/mongodb.yaml
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 1b666c5b..44432210 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -72,6 +72,9 @@ parameter_defaults:
IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
+ IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
+ IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
+ IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'}
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 7311a1f9..5ac2918b 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -72,6 +72,9 @@ parameter_defaults:
IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'}
+ IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
+ IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
+ IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'IP_ADDRESS'}
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index e6608b57..865ed4c3 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -72,6 +72,9 @@ parameter_defaults:
IronicAdmin: {protocol: 'https', port: '6385', host: 'CLOUDNAME'}
IronicInternal: {protocol: 'https', port: '6385', host: 'CLOUDNAME'}
IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
+ IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'CLOUDNAME'}
+ IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'CLOUDNAME'}
+ IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'}
KeystoneAdmin: {protocol: 'https', port: '35357', host: 'CLOUDNAME'}
KeystoneInternal: {protocol: 'https', port: '5000', host: 'CLOUDNAME'}
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
diff --git a/extraconfig/all_nodes/mac_hostname.j2.yaml b/extraconfig/all_nodes/mac_hostname.j2.yaml
index fcf022ae..79794f9f 100644
--- a/extraconfig/all_nodes/mac_hostname.j2.yaml
+++ b/extraconfig/all_nodes/mac_hostname.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Example extra config for cluster config
diff --git a/extraconfig/all_nodes/random_string.j2.yaml b/extraconfig/all_nodes/random_string.j2.yaml
index 77d4b381..b954e72f 100644
--- a/extraconfig/all_nodes/random_string.j2.yaml
+++ b/extraconfig/all_nodes/random_string.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Example extra config for cluster config
diff --git a/extraconfig/all_nodes/swap-partition.j2.yaml b/extraconfig/all_nodes/swap-partition.j2.yaml
index b6fef79f..9e3713b8 100644
--- a/extraconfig/all_nodes/swap-partition.j2.yaml
+++ b/extraconfig/all_nodes/swap-partition.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Template file to add a swap partition to a node.
diff --git a/extraconfig/all_nodes/swap.j2.yaml b/extraconfig/all_nodes/swap.j2.yaml
index 044f817c..e19fc218 100644
--- a/extraconfig/all_nodes/swap.j2.yaml
+++ b/extraconfig/all_nodes/swap.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Template file to add a swap file to a node.
diff --git a/extraconfig/nova_metadata/krb-service-principals.yaml b/extraconfig/nova_metadata/krb-service-principals.yaml
index 56d3cbc0..59b8e7f5 100644
--- a/extraconfig/nova_metadata/krb-service-principals.yaml
+++ b/extraconfig/nova_metadata/krb-service-principals.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Generates the relevant service principals for a server'
parameters:
diff --git a/extraconfig/post_deploy/default.yaml b/extraconfig/post_deploy/default.yaml
index 4da54ead..4a0e06ea 100644
--- a/extraconfig/post_deploy/default.yaml
+++ b/extraconfig/post_deploy/default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Extra Post Deployment Config'
parameters:
servers:
diff --git a/extraconfig/post_deploy/example.yaml b/extraconfig/post_deploy/example.yaml
index 8ac7eb73..ee5a830c 100644
--- a/extraconfig/post_deploy/example.yaml
+++ b/extraconfig/post_deploy/example.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Example extra config for post-deployment
diff --git a/extraconfig/post_deploy/example_run_on_update.yaml b/extraconfig/post_deploy/example_run_on_update.yaml
index 738e263b..346a1d77 100644
--- a/extraconfig/post_deploy/example_run_on_update.yaml
+++ b/extraconfig/post_deploy/example_run_on_update.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Example extra config for post-deployment, this re-runs every update
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
index 30a83550..96632bc2 100644
--- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
RHEL Registration and unregistration software deployments.
diff --git a/extraconfig/pre_network/config_then_reboot.yaml b/extraconfig/pre_network/config_then_reboot.yaml
index bb0b9511..48ba5263 100644
--- a/extraconfig/pre_network/config_then_reboot.yaml
+++ b/extraconfig/pre_network/config_then_reboot.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Do some configuration, then reboot - sometimes needed for early-boot
diff --git a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
index 4ad53cb8..658fea77 100644
--- a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
+++ b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Do some configuration, then reboot - sometimes needed for early-boot
diff --git a/extraconfig/tasks/post_puppet_pacemaker.j2.yaml b/extraconfig/tasks/post_puppet_pacemaker.j2.yaml
index 0db0bc12..7fc258d6 100644
--- a/extraconfig/tasks/post_puppet_pacemaker.j2.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Post-Puppet Config for Pacemaker deployments'
parameters:
diff --git a/extraconfig/tasks/post_puppet_pacemaker_restart.yaml b/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
index 07f3d00d..203ca1f8 100644
--- a/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker_restart.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Post-Puppet restart config for Pacemaker deployments'
parameters:
diff --git a/extraconfig/tasks/pre_puppet_pacemaker.yaml b/extraconfig/tasks/pre_puppet_pacemaker.yaml
index a4244633..98b37be7 100644
--- a/extraconfig/tasks/pre_puppet_pacemaker.yaml
+++ b/extraconfig/tasks/pre_puppet_pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Pre-Puppet Config for Pacemaker deployments'
parameters:
diff --git a/extraconfig/tasks/ssh/host_public_key.yaml b/extraconfig/tasks/ssh/host_public_key.yaml
index 847c8772..e4ba0cc4 100644
--- a/extraconfig/tasks/ssh/host_public_key.yaml
+++ b/extraconfig/tasks/ssh/host_public_key.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
This is a template which will fetch the ssh host public key.
diff --git a/extraconfig/tasks/ssh/known_hosts_config.yaml b/extraconfig/tasks/ssh/known_hosts_config.yaml
index 2ebcb63c..50bde653 100644
--- a/extraconfig/tasks/ssh/known_hosts_config.yaml
+++ b/extraconfig/tasks/ssh/known_hosts_config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'SSH Known Hosts Config'
parameters:
diff --git a/extraconfig/tasks/yum_update.yaml b/extraconfig/tasks/yum_update.yaml
index 8cff838e..9daa8353 100644
--- a/extraconfig/tasks/yum_update.yaml
+++ b/extraconfig/tasks/yum_update.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software-config for performing package updates using yum
diff --git a/extraconfig/tasks/yum_update_noop.yaml b/extraconfig/tasks/yum_update_noop.yaml
index 9400c1d2..2ede5bea 100644
--- a/extraconfig/tasks/yum_update_noop.yaml
+++ b/extraconfig/tasks/yum_update_noop.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'No-op yum update task'
resources:
diff --git a/firstboot/install_vrouter_kmod.yaml b/firstboot/install_vrouter_kmod.yaml
index e936e605..65e93fe3 100644
--- a/firstboot/install_vrouter_kmod.yaml
+++ b/firstboot/install_vrouter_kmod.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
ContrailRepo:
diff --git a/firstboot/os-net-config-mappings.yaml b/firstboot/os-net-config-mappings.yaml
index f82bc19f..8bd1c9d1 100644
--- a/firstboot/os-net-config-mappings.yaml
+++ b/firstboot/os-net-config-mappings.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configure os-net-config mappings for specific nodes
diff --git a/firstboot/userdata_default.yaml b/firstboot/userdata_default.yaml
index bc379f4c..0951b84b 100644
--- a/firstboot/userdata_default.yaml
+++ b/firstboot/userdata_default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
This is a default no-op template which provides empty user-data
diff --git a/firstboot/userdata_dev_rsync.yaml b/firstboot/userdata_dev_rsync.yaml
index d412b93a..43e966df 100644
--- a/firstboot/userdata_dev_rsync.yaml
+++ b/firstboot/userdata_dev_rsync.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
This is first boot configuration for development purposes. It allows
diff --git a/firstboot/userdata_example.yaml b/firstboot/userdata_example.yaml
index a352093f..2f03c83b 100644
--- a/firstboot/userdata_example.yaml
+++ b/firstboot/userdata_example.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
# NOTE: You don't need to pass the parameter explicitly from the
# parent template, it can be specified via the parameter_defaults
diff --git a/firstboot/userdata_heat_admin.yaml b/firstboot/userdata_heat_admin.yaml
index ed8302dc..5223f939 100644
--- a/firstboot/userdata_heat_admin.yaml
+++ b/firstboot/userdata_heat_admin.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
# Can be overridden via parameter_defaults in the environment
diff --git a/firstboot/userdata_root_password.yaml b/firstboot/userdata_root_password.yaml
index 63dd5a9c..d32f223b 100644
--- a/firstboot/userdata_root_password.yaml
+++ b/firstboot/userdata_root_password.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Uses cloud-init to enable root logins and set the root password.
diff --git a/hosts-config.yaml b/hosts-config.yaml
index c02c4208..f0d3c6a8 100644
--- a/hosts-config.yaml
+++ b/hosts-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'All Hosts Config'
parameters:
diff --git a/net-config-bond.yaml b/net-config-bond.yaml
index 3ae09c98..f92f9a13 100644
--- a/net-config-bond.yaml
+++ b/net-config-bond.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge.
parameters:
diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml
index 10d53880..29646ab5 100644
--- a/net-config-bridge.yaml
+++ b/net-config-bridge.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
diff --git a/net-config-linux-bridge.yaml b/net-config-linux-bridge.yaml
index a544d547..6c44e60e 100644
--- a/net-config-linux-bridge.yaml
+++ b/net-config-linux-bridge.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
diff --git a/net-config-noop.yaml b/net-config-noop.yaml
index be05cc11..57f1a197 100644
--- a/net-config-noop.yaml
+++ b/net-config-noop.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to no-op for os-net-config. Using this will allow you
diff --git a/net-config-static-bridge-with-external-dhcp.yaml b/net-config-static-bridge-with-external-dhcp.yaml
index 12374a28..cbf282ea 100644
--- a/net-config-static-bridge-with-external-dhcp.yaml
+++ b/net-config-static-bridge-with-external-dhcp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
diff --git a/net-config-static-bridge.yaml b/net-config-static-bridge.yaml
index 50e541be..c778bd81 100644
--- a/net-config-static-bridge.yaml
+++ b/net-config-static-bridge.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
diff --git a/net-config-static.yaml b/net-config-static.yaml
index a52e22ba..e864be03 100644
--- a/net-config-static.yaml
+++ b/net-config-static.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
diff --git a/net-config-undercloud.yaml b/net-config-undercloud.yaml
index 9be51c0f..881fbfd7 100644
--- a/net-config-undercloud.yaml
+++ b/net-config-undercloud.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml
index 703fea08..97177c41 100644
--- a/network/config/bond-with-vlans/ceph-storage.yaml
+++ b/network/config/bond-with-vlans/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the ceph storage role.
parameters:
diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml
index df15cd63..5456c2cc 100644
--- a/network/config/bond-with-vlans/cinder-storage.yaml
+++ b/network/config/bond-with-vlans/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the cinder storage role.
parameters:
diff --git a/network/config/bond-with-vlans/compute-dpdk.yaml b/network/config/bond-with-vlans/compute-dpdk.yaml
index 4677241b..607d346f 100644
--- a/network/config/bond-with-vlans/compute-dpdk.yaml
+++ b/network/config/bond-with-vlans/compute-dpdk.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
parameters:
diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml
index f9c926d3..448d4e2a 100644
--- a/network/config/bond-with-vlans/compute.yaml
+++ b/network/config/bond-with-vlans/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
parameters:
diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml
index ce1e8654..8ac5cda7 100644
--- a/network/config/bond-with-vlans/controller-no-external.yaml
+++ b/network/config/bond-with-vlans/controller-no-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role.
parameters:
diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml
index bb4ac274..25796484 100644
--- a/network/config/bond-with-vlans/controller-v6.yaml
+++ b/network/config/bond-with-vlans/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role with IPv6
on the External network. The IPv6 default route is on the External network, and the IPv4 default route is on the Control
diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml
index 91515385..e4b30120 100644
--- a/network/config/bond-with-vlans/controller.yaml
+++ b/network/config/bond-with-vlans/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role.
parameters:
diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml
index 6d4e3681..6371ceb5 100644
--- a/network/config/bond-with-vlans/swift-storage.yaml
+++ b/network/config/bond-with-vlans/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the swift storage role.
parameters:
diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml
index 6a788063..3cc4361f 100644
--- a/network/config/multiple-nics/ceph-storage.yaml
+++ b/network/config/multiple-nics/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the ceph storage role.
parameters:
diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml
index d2384445..fa7d49e3 100644
--- a/network/config/multiple-nics/cinder-storage.yaml
+++ b/network/config/multiple-nics/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the cinder storage role.
parameters:
diff --git a/network/config/multiple-nics/compute-dvr.yaml b/network/config/multiple-nics/compute-dvr.yaml
index abfd323f..a7939125 100644
--- a/network/config/multiple-nics/compute-dvr.yaml
+++ b/network/config/multiple-nics/compute-dvr.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the
compute role with external bridge for DVR.
diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml
index 101a08d3..5549368e 100644
--- a/network/config/multiple-nics/compute.yaml
+++ b/network/config/multiple-nics/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the compute role.
parameters:
diff --git a/network/config/multiple-nics/controller-v6.yaml b/network/config/multiple-nics/controller-v6.yaml
index 4fae435a..477eeaae 100644
--- a/network/config/multiple-nics/controller-v6.yaml
+++ b/network/config/multiple-nics/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the controller role with IPv6 on the External
network. The IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml
index ba9f8fd4..59f16b93 100644
--- a/network/config/multiple-nics/controller.yaml
+++ b/network/config/multiple-nics/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the controller role.
parameters:
diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml
index 4019012a..180f553f 100644
--- a/network/config/multiple-nics/swift-storage.yaml
+++ b/network/config/multiple-nics/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure multiple interfaces for the swift storage role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
index 448df69c..6685f2bc 100644
--- a/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the ceph storage role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
index 465555d3..ecc57ad5 100644
--- a/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the cinder storage role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/compute.yaml b/network/config/single-nic-linux-bridge-vlans/compute.yaml
index a21bc8f9..e36afd33 100644
--- a/network/config/single-nic-linux-bridge-vlans/compute.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the compute role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml
index bb8bb9c2..d4058078 100644
--- a/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the controller role with IPv6 on the External network. The
IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml
index a9689ce9..a52a8b84 100644
--- a/network/config/single-nic-linux-bridge-vlans/controller.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the controller role.
parameters:
diff --git a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
index c8e4db29..ad154fad 100644
--- a/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the swift storage role.
parameters:
diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml
index 0b5eb0c9..790e8a7d 100644
--- a/network/config/single-nic-vlans/ceph-storage.yaml
+++ b/network/config/single-nic-vlans/ceph-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the ceph storage role.
parameters:
diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml
index 882d6ebc..6dee3bee 100644
--- a/network/config/single-nic-vlans/cinder-storage.yaml
+++ b/network/config/single-nic-vlans/cinder-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the cinder storage role.
parameters:
diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml
index 42cfd781..2201b0b9 100644
--- a/network/config/single-nic-vlans/compute.yaml
+++ b/network/config/single-nic-vlans/compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the compute role.
parameters:
diff --git a/network/config/single-nic-vlans/controller-no-external.yaml b/network/config/single-nic-vlans/controller-no-external.yaml
index 9e0680ea..d26de321 100644
--- a/network/config/single-nic-vlans/controller-no-external.yaml
+++ b/network/config/single-nic-vlans/controller-no-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the controller role. No external IP is configured.
parameters:
diff --git a/network/config/single-nic-vlans/controller-v6.yaml b/network/config/single-nic-vlans/controller-v6.yaml
index 1f9a67d6..8f68760f 100644
--- a/network/config/single-nic-vlans/controller-v6.yaml
+++ b/network/config/single-nic-vlans/controller-v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the controller role with IPv6 on the External network. The
IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml
index 4ac18315..8530118f 100644
--- a/network/config/single-nic-vlans/controller.yaml
+++ b/network/config/single-nic-vlans/controller.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the controller role.
parameters:
diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml
index 605b8ee4..b4587e04 100644
--- a/network/config/single-nic-vlans/swift-storage.yaml
+++ b/network/config/single-nic-vlans/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the swift storage role.
parameters:
diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py
index 990cbabc..42eb1186 100755
--- a/network/endpoints/build_endpoint_map.py
+++ b/network/endpoints/build_endpoint_map.py
@@ -191,7 +191,7 @@ def template_endpoint_items(config):
def generate_endpoint_map_template(config):
return collections.OrderedDict([
- ('heat_template_version', 'ocata'),
+ ('heat_template_version', 'pike'),
('description', 'A map of OpenStack endpoints. Since the endpoints '
'are URLs, we need to have brackets around IPv6 IP addresses. The '
'inputs to these parameters come from net_ip_uri_map, which will '
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index c92ce377..f5f2b97e 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -394,6 +394,15 @@ Ironic:
'': /v1
port: 6385
+IronicInspector:
+ Internal:
+ net_param: IronicInspector
+ Public:
+ net_param: Public
+ Admin:
+ net_param: IronicInspector
+ port: 5050
+
Zaqar:
Internal:
net_param: ZaqarApi
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index b4fcbb17..4509bca9 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -2,7 +2,7 @@
### This file is automatically generated from endpoint_data.yaml
### by the script build_endpoint_map.py
-heat_template_version: ocata
+heat_template_version: pike
description: A map of OpenStack endpoints. Since the endpoints are URLs,
we need to have brackets around IPv6 IP addresses. The inputs to these
parameters come from net_ip_uri_map, which will include these brackets
@@ -89,6 +89,9 @@ parameters:
IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS}
IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS}
IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS}
+ IronicInspectorAdmin: {protocol: http, port: '5050', host: IP_ADDRESS}
+ IronicInspectorInternal: {protocol: http, port: '5050', host: IP_ADDRESS}
+ IronicInspectorPublic: {protocol: http, port: '5050', host: IP_ADDRESS}
KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS}
KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS}
KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS}
@@ -5930,6 +5933,249 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, IronicPublic, port]
+ IronicInspectorAdmin:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, IronicInspectorNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ port:
+ get_param: [EndpointMap, IronicInspectorAdmin, port]
+ protocol:
+ get_param: [EndpointMap, IronicInspectorAdmin, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, IronicInspectorAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, IronicInspectorNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, IronicInspectorAdmin, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, IronicInspectorAdmin, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorAdmin, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, IronicInspectorNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, IronicInspectorAdmin, port]
+ IronicInspectorInternal:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, IronicInspectorNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ port:
+ get_param: [EndpointMap, IronicInspectorInternal, port]
+ protocol:
+ get_param: [EndpointMap, IronicInspectorInternal, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, IronicInspectorInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, IronicInspectorNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, IronicInspectorInternal, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, IronicInspectorInternal, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorInternal, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, IronicInspectorNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, IronicInspectorNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, IronicInspectorInternal, port]
+ IronicInspectorPublic:
+ host:
+ str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ host_nobrackets:
+ str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - get_param: [ServiceNetMap, PublicNetwork]
+ port:
+ get_param: [EndpointMap, IronicInspectorPublic, port]
+ protocol:
+ get_param: [EndpointMap, IronicInspectorPublic, protocol]
+ uri:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, IronicInspectorPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, IronicInspectorPublic, port]
+ uri_no_suffix:
+ list_join:
+ - ''
+ - - get_param: [EndpointMap, IronicInspectorPublic, protocol]
+ - ://
+ - str_replace:
+ template:
+ get_param: [EndpointMap, IronicInspectorPublic, host]
+ params:
+ CLOUDNAME:
+ get_param:
+ - CloudEndpoints
+ - get_param: [ServiceNetMap, PublicNetwork]
+ IP_ADDRESS:
+ get_param:
+ - NetIpMap
+ - str_replace:
+ params:
+ NETWORK:
+ get_param: [ServiceNetMap, PublicNetwork]
+ template: NETWORK_uri
+ - ':'
+ - get_param: [EndpointMap, IronicInspectorPublic, port]
KeystoneAdmin:
host:
str_replace:
diff --git a/network/external.yaml b/network/external.yaml
index 21260d3f..277c7614 100644
--- a/network/external.yaml
+++ b/network/external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
diff --git a/network/external_v6.yaml b/network/external_v6.yaml
index 51000bb7..e577c1ca 100644
--- a/network/external_v6.yaml
+++ b/network/external_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
diff --git a/network/internal_api.yaml b/network/internal_api.yaml
index 793535c6..563e6d41 100644
--- a/network/internal_api.yaml
+++ b/network/internal_api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Internal API network. Used for most APIs, Database, RPC.
diff --git a/network/internal_api_v6.yaml b/network/internal_api_v6.yaml
index 53950656..05a740b3 100644
--- a/network/internal_api_v6.yaml
+++ b/network/internal_api_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Internal API network. Used for most APIs, Database, RPC.
diff --git a/network/management.yaml b/network/management.yaml
index 77fcd4ea..41ede5cd 100644
--- a/network/management.yaml
+++ b/network/management.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
diff --git a/network/management_v6.yaml b/network/management_v6.yaml
index e1391ad2..a44d34d3 100644
--- a/network/management_v6.yaml
+++ b/network/management_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
diff --git a/network/networks.j2.yaml b/network/networks.j2.yaml
index ef977d8d..f19e2c09 100644
--- a/network/networks.j2.yaml
+++ b/network/networks.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Create networks to split out Overcloud traffic
diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml
index 0f21e3e8..386520cf 100644
--- a/network/ports/ctlplane_vip.yaml
+++ b/network/ports/ctlplane_vip.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port for a VIP on the undercloud ctlplane network.
diff --git a/network/ports/external.yaml b/network/ports/external.yaml
index c33643e7..a02cc284 100644
--- a/network/ports/external.yaml
+++ b/network/ports/external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the external network. The IP address will be chosen
diff --git a/network/ports/external_from_pool.yaml b/network/ports/external_from_pool.yaml
index 893b26d9..d2610c69 100644
--- a/network/ports/external_from_pool.yaml
+++ b/network/ports/external_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/external_from_pool_v6.yaml b/network/ports/external_from_pool_v6.yaml
index c67789af..e5fe8d71 100644
--- a/network/ports/external_from_pool_v6.yaml
+++ b/network/ports/external_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/external_v6.yaml b/network/ports/external_v6.yaml
index 905974f5..12d61cce 100644
--- a/network/ports/external_v6.yaml
+++ b/network/ports/external_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the external network. The IP address will be chosen
diff --git a/network/ports/from_service.yaml b/network/ports/from_service.yaml
index 69a887ea..64fdce65 100644
--- a/network/ports/from_service.yaml
+++ b/network/ports/from_service.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a service mapped list of IPs
diff --git a/network/ports/from_service_v6.yaml b/network/ports/from_service_v6.yaml
index c9673dd7..2735a69e 100644
--- a/network/ports/from_service_v6.yaml
+++ b/network/ports/from_service_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a service mapped list of IPv6 IPs
diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml
index 1f96e3f2..f258080a 100644
--- a/network/ports/internal_api.yaml
+++ b/network/ports/internal_api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the internal_api network.
diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml
index 3f16f30c..cb87fd54 100644
--- a/network/ports/internal_api_from_pool.yaml
+++ b/network/ports/internal_api_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/internal_api_from_pool_v6.yaml b/network/ports/internal_api_from_pool_v6.yaml
index b36ef235..12a0731b 100644
--- a/network/ports/internal_api_from_pool_v6.yaml
+++ b/network/ports/internal_api_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/internal_api_v6.yaml b/network/ports/internal_api_v6.yaml
index e236156d..46e6e187 100644
--- a/network/ports/internal_api_v6.yaml
+++ b/network/ports/internal_api_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the internal_api network.
diff --git a/network/ports/management.yaml b/network/ports/management.yaml
index b626bc20..dd62033b 100644
--- a/network/ports/management.yaml
+++ b/network/ports/management.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the management network. The IP address will be chosen
diff --git a/network/ports/management_from_pool.yaml b/network/ports/management_from_pool.yaml
index 05fedb90..188be68c 100644
--- a/network/ports/management_from_pool.yaml
+++ b/network/ports/management_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/management_from_pool_v6.yaml b/network/ports/management_from_pool_v6.yaml
index 64758bf9..b5d44259 100644
--- a/network/ports/management_from_pool_v6.yaml
+++ b/network/ports/management_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/management_v6.yaml b/network/ports/management_v6.yaml
index 9e6a35b8..977502a8 100644
--- a/network/ports/management_v6.yaml
+++ b/network/ports/management_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the management network. The IP address will be chosen
diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml
index 83d875e8..c3734afe 100644
--- a/network/ports/net_ip_list_map.yaml
+++ b/network/ports/net_ip_list_map.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
ControlPlaneIpList:
diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml
index c974d72e..75818bf0 100644
--- a/network/ports/net_ip_map.yaml
+++ b/network/ports/net_ip_map.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
ControlPlaneIp:
diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml
index 58f96e65..018bf2bb 100644
--- a/network/ports/net_vip_map_external.yaml
+++ b/network/ports/net_vip_map_external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
# Set these via parameter defaults to configure external VIPs
diff --git a/network/ports/net_vip_map_external_v6.yaml b/network/ports/net_vip_map_external_v6.yaml
index 12db8d2d..aa40cf17 100644
--- a/network/ports/net_vip_map_external_v6.yaml
+++ b/network/ports/net_vip_map_external_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
parameters:
# Set these via parameter defaults to configure external VIPs
diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml
index e2004cb0..8030bfc0 100644
--- a/network/ports/noop.yaml
+++ b/network/ports/noop.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns the control plane port (provisioning network) as the ip_address.
diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml
index 80400412..5c1aba1a 100644
--- a/network/ports/storage.yaml
+++ b/network/ports/storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the storage network.
diff --git a/network/ports/storage_from_pool.yaml b/network/ports/storage_from_pool.yaml
index dfab49ae..ca5993fc 100644
--- a/network/ports/storage_from_pool.yaml
+++ b/network/ports/storage_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/storage_from_pool_v6.yaml b/network/ports/storage_from_pool_v6.yaml
index a6cde5fc..ec7cd2f0 100644
--- a/network/ports/storage_from_pool_v6.yaml
+++ b/network/ports/storage_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml
index b96fbd0e..94b058a2 100644
--- a/network/ports/storage_mgmt.yaml
+++ b/network/ports/storage_mgmt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the storage_mgmt API network.
diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml
index 6ec3dbae..63b2e154 100644
--- a/network/ports/storage_mgmt_from_pool.yaml
+++ b/network/ports/storage_mgmt_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/storage_mgmt_from_pool_v6.yaml b/network/ports/storage_mgmt_from_pool_v6.yaml
index 2f3ea196..6d0b8794 100644
--- a/network/ports/storage_mgmt_from_pool_v6.yaml
+++ b/network/ports/storage_mgmt_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs This version is for IPv6
diff --git a/network/ports/storage_mgmt_v6.yaml b/network/ports/storage_mgmt_v6.yaml
index 01e4c31a..3d70c690 100644
--- a/network/ports/storage_mgmt_v6.yaml
+++ b/network/ports/storage_mgmt_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the storage_mgmt API network.
diff --git a/network/ports/storage_v6.yaml b/network/ports/storage_v6.yaml
index 1dd76199..6137d241 100644
--- a/network/ports/storage_v6.yaml
+++ b/network/ports/storage_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the storage network.
diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml
index f6929b81..a56b0f43 100644
--- a/network/ports/tenant.yaml
+++ b/network/ports/tenant.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the tenant network.
diff --git a/network/ports/tenant_from_pool.yaml b/network/ports/tenant_from_pool.yaml
index c72b2278..03ff6d11 100644
--- a/network/ports/tenant_from_pool.yaml
+++ b/network/ports/tenant_from_pool.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/tenant_from_pool_v6.yaml b/network/ports/tenant_from_pool_v6.yaml
index bc056fa6..d45faf06 100644
--- a/network/ports/tenant_from_pool_v6.yaml
+++ b/network/ports/tenant_from_pool_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Returns an IP from a network mapped list of IPs
diff --git a/network/ports/tenant_v6.yaml b/network/ports/tenant_v6.yaml
index 84101828..d23e91f7 100644
--- a/network/ports/tenant_v6.yaml
+++ b/network/ports/tenant_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port on the tenant network.
diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml
index d996d03d..70b4482c 100644
--- a/network/ports/vip.yaml
+++ b/network/ports/vip.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port for a VIP on the isolated network NetworkName.
diff --git a/network/ports/vip_v6.yaml b/network/ports/vip_v6.yaml
index 7a45756c..09f646a6 100644
--- a/network/ports/vip_v6.yaml
+++ b/network/ports/vip_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Creates a port for a VIP on the isolated network NetworkName.
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index 26ff3e0a..d3d8cbdb 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Mapping of service_name_network -> network name
@@ -45,6 +45,7 @@ parameters:
GlanceApiNetwork: storage
IronicApiNetwork: ctlplane
IronicNetwork: ctlplane
+ IronicInspectorNetwork: ctlplane
KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
KeystonePublicApiNetwork: internal_api
ManilaApiNetwork: internal_api
diff --git a/network/storage.yaml b/network/storage.yaml
index 0a704ea3..0fb9cc00 100644
--- a/network/storage.yaml
+++ b/network/storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Storage network.
diff --git a/network/storage_mgmt.yaml b/network/storage_mgmt.yaml
index c7117165..9869f0da 100644
--- a/network/storage_mgmt.yaml
+++ b/network/storage_mgmt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Storage management network. Storage replication, etc.
diff --git a/network/storage_mgmt_v6.yaml b/network/storage_mgmt_v6.yaml
index 2b065195..d6b1652a 100644
--- a/network/storage_mgmt_v6.yaml
+++ b/network/storage_mgmt_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Storage management network. Storage replication, etc.
diff --git a/network/storage_v6.yaml b/network/storage_v6.yaml
index 777e6167..0ec34add 100644
--- a/network/storage_v6.yaml
+++ b/network/storage_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Storage network.
diff --git a/network/tenant.yaml b/network/tenant.yaml
index 33055fe8..4881308d 100644
--- a/network/tenant.yaml
+++ b/network/tenant.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Tenant network.
diff --git a/network/tenant_v6.yaml b/network/tenant_v6.yaml
index 0bf5d2f0..bbc2b6bf 100644
--- a/network/tenant_v6.yaml
+++ b/network/tenant_v6.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Tenant IPv6 network.
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 7b8fe234..d4c301bb 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -124,7 +124,7 @@ resource_registry:
OS::TripleO::Services::Congress: OS::Heat::None
OS::TripleO::Services::Keystone: puppet/services/keystone.yaml
OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml
- OS::TripleO::Services::GlanceRegistry: puppet/services/disabled/glance-registry.yaml
+ OS::TripleO::Services::GlanceRegistry: puppet/services/disabled/glance-registry-disabled.yaml
OS::TripleO::Services::HeatApi: puppet/services/heat-api.yaml
OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml
OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml
@@ -154,6 +154,7 @@ resource_registry:
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
+ OS::TripleO::Services::NeutronLinuxbridgeAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::Pacemaker: OS::Heat::None
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
@@ -171,7 +172,7 @@ resource_registry:
OS::TripleO::Services::Sshd: puppet/services/sshd.yaml
OS::TripleO::Services::Redis: puppet/services/database/redis.yaml
OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml
- OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml
+ OS::TripleO::Services::MongoDb: puppet/services/disabled/mongodb-disabled.yaml
OS::TripleO::Services::NovaApi: puppet/services/nova-api.yaml
OS::TripleO::Services::NovaPlacement: puppet/services/nova-placement.yaml
OS::TripleO::Services::NovaMetadata: puppet/services/nova-metadata.yaml
@@ -189,8 +190,8 @@ resource_registry:
OS::TripleO::Services::Tacker: OS::Heat::None
OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml
OS::TripleO::Services::CeilometerApi: puppet/services/ceilometer-api.yaml
- OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector.yaml
- OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer.yaml
+ OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector-disabled.yaml
+ OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer-disabled.yaml
OS::TripleO::Services::CeilometerAgentCentral: puppet/services/ceilometer-agent-central.yaml
OS::TripleO::Services::CeilometerAgentNotification: puppet/services/ceilometer-agent-notification.yaml
OS::TripleO::Services::ComputeCeilometerAgent: puppet/services/ceilometer-agent-compute.yaml
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index cd42a506..f8655b18 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -7,7 +7,7 @@
{%- endfor -%}
{%- set primary_role_name = primary_role[0].name -%}
# primary role is: {{primary_role_name}}
-heat_template_version: ocata
+heat_template_version: pike
description: >
Deploy an OpenStack environment, consisting of several node types (roles),
@@ -197,6 +197,12 @@ parameters:
description: >
Set to true to append per network Vips to /etc/hosts on each node.
+ DeploymentServerBlacklist:
+ default: []
+ type: comma_delimited_list
+ description: >
+ List of server hostnames to blacklist from any triggered deployments.
+
conditions:
add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]}
@@ -293,6 +299,14 @@ resources:
RoleName: {{role.name}}
RoleParameters: {get_param: {{role.name}}Parameters}
+ # Lookup of role_data via heat outputs is slow, so workaround this by caching
+ # the value in an OS::Heat::Value resource
+ {{role.name}}ServiceChainRoleData:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value: {get_attr: [{{role.name}}ServiceChain, role_data]}
+
# Filter any null/None service_names which may be present due to mapping
# of services to OS::Heat::None
{{role.name}}ServiceNames:
@@ -303,21 +317,21 @@ resources:
value:
yaql:
expression: coalesce($.data, []).where($ != null)
- data: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
+ data: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_names]}
{{role.name}}HostsDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: {{role.name}}HostsDeployment
config: {get_attr: [hostsConfig, config_id]}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}SshKnownHostsDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: {{role.name}}SshKnownHostsDeployment
config: {get_resource: SshKnownHostsConfig}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}AllNodesDeployment:
type: OS::Heat::StructuredDeployments
@@ -328,7 +342,7 @@ resources:
properties:
name: {{role.name}}AllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
input_values:
# Note we have to use yaql to look up the first hostname/ip in the
# list because heat path based attributes operate on the attribute
@@ -350,7 +364,7 @@ resources:
properties:
name: {{role.name}}AllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}IpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
@@ -365,7 +379,13 @@ resources:
EnabledServices: {get_attr: [{{role.name}}ServiceNames, value]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
ServiceHostnameList: {get_attr: [{{role.name}}, hostname]}
- NetworkHostnameMap:
+ NetworkHostnameMap: {get_attr: [{{role.name}}NetworkHostnameMap, value]}
+
+ {{role.name}}NetworkHostnameMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
# Note (shardy) this somewhat complex yaql may be replaced
# with a map_deep_merge function in ocata. It merges the
# list of maps, but appends to colliding lists so we can
@@ -403,7 +423,7 @@ resources:
{% endif %}
ServiceConfigSettings:
map_merge:
- - get_attr: [{{role.name}}ServiceChain, role_data, config_settings]
+ - get_attr: [{{role.name}}ServiceChainRoleData, value, config_settings]
{% for r in roles %}
- get_attr: [{{r.name}}ServiceChain, role_data, global_config_settings]
{% endfor %}
@@ -423,10 +443,41 @@ resources:
{% endfor %}
services: {get_attr: [{{role.name}}ServiceNames, value]}
ServiceNames: {get_attr: [{{role.name}}ServiceNames, value]}
- MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]}
- ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChain, role_data, service_metadata_settings]}
+ MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]}
+ ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]}
+ DeploymentServerBlacklistDict: {get_attr: [DeploymentServerBlacklistDict, value]}
+{% endfor %}
+
+{% for role in roles %}
+ {{role.name}}Servers:
+ type: OS::Heat::Value
+ depends_on: {{role.name}}
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: let(servers=>switch(isDict($.data.servers) => $.data.servers, true => {})) -> $servers.deleteAll($servers.keys().where($servers[$] = null))
+ data:
+ servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{% endfor %}
+ # This resource just creates a dict out of the DeploymentServerBlacklist,
+ # which is a list. The dict is used in the role templates to set a condition
+ # on whether to create the deployment resources. We can't use the list
+ # directly because there is no way to ask Heat if a list contains a specific
+ # value.
+ DeploymentServerBlacklistDict:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_merge:
+ repeat:
+ template:
+ hostname: 1
+ for_each:
+ hostname: {get_param: DeploymentServerBlacklist}
+
hostsConfig:
type: OS::TripleO::Hosts::SoftwareConfig
properties:
@@ -465,7 +516,7 @@ resources:
data:
groups:
{% for role in roles %}
- - {get_attr: [{{role.name}}ServiceChain, role_data, logging_groups]}
+ - {get_attr: [{{role.name}}ServiceChainRoleData, value, logging_groups]}
{% endfor %}
logging_sources:
yaql:
@@ -474,7 +525,7 @@ resources:
data:
sources:
{% for role in roles %}
- - {get_attr: [{{role.name}}ServiceChain, role_data, logging_sources]}
+ - {get_attr: [{{role.name}}ServiceChainRoleData, value, logging_sources]}
{% endfor %}
controller_ips: {get_attr: [{{primary_role_name}}, ip_address]}
controller_names: {get_attr: [{{primary_role_name}}, hostname]}
@@ -649,7 +700,7 @@ resources:
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
input_values:
deploy_identifier: {get_param: DeployIdentifier}
@@ -667,7 +718,7 @@ resources:
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
# Post deployment steps for all roles
@@ -681,12 +732,12 @@ resources:
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
role_data:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
+ {{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]}
{% endfor %}
outputs:
@@ -725,7 +776,7 @@ outputs:
description: The configuration data associated with each role
value:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
+ {{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]}
{% endfor %}
RoleNetIpMap:
description: Mapping of each network to a list of IPs for each role
@@ -733,3 +784,9 @@ outputs:
{% for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}IpListMap, net_ip_map]}
{% endfor %}
+ RoleNetHostnameMap:
+ description: Mapping of each network to a list of hostnames for each role
+ value:
+{% for role in roles %}
+ {{role.name}}: {get_attr: [{{role.name}}NetworkHostnameMap, value]}
+{% endfor %}
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 60290f64..baafe03d 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'All Nodes Config for Puppet'
parameters:
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index 312b7af6..d66cbd90 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'OpenStack cinder storage configured by Puppet'
parameters:
BlockStorageImage:
@@ -132,6 +132,20 @@ parameters:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
BlockStorage:
@@ -362,6 +376,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -385,6 +400,7 @@ resources:
BlockStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: BlockStorageUpgradeInitDeployment
server: {get_resource: BlockStorage}
@@ -393,6 +409,7 @@ resources:
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
depends_on: BlockStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: BlockStorageDeployment
server: {get_resource: BlockStorage}
@@ -459,6 +476,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
@@ -555,6 +573,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
description: Heat resource handle for the block storage server
value:
{get_resource: BlockStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index e13a5330..d4dfa719 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'OpenStack ceph storage node configured by Puppet'
parameters:
OvercloudCephStorageFlavor:
@@ -138,6 +138,20 @@ parameters:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
CephStorage:
@@ -368,6 +382,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -391,6 +406,7 @@ resources:
CephStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: CephStorageUpgradeInitDeployment
server: {get_resource: CephStorage}
@@ -399,6 +415,7 @@ resources:
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
depends_on: CephStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
@@ -471,6 +488,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: CephStorage}
@@ -566,6 +584,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
description: Heat resource handle for the ceph storage server
value:
{get_resource: CephStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 8ef0576a..ff1f6d2a 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack hypervisor node configured via Puppet.
@@ -150,6 +150,20 @@ parameters:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
@@ -382,6 +396,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -408,6 +423,7 @@ resources:
NovaComputeUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: NovaComputeUpgradeInitDeployment
server: {get_resource: NovaCompute}
@@ -459,6 +475,7 @@ resources:
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: NovaComputeUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
@@ -494,6 +511,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
@@ -609,4 +627,5 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
nova_server_resource:
description: Heat resource handle for the Nova compute server
value:
- {get_resource: NovaCompute} \ No newline at end of file
+ {get_resource: NovaCompute}
+ condition: server_not_blacklisted
diff --git a/puppet/config.role.j2.yaml b/puppet/config.role.j2.yaml
index cdbc76f0..832656ba 100644
--- a/puppet/config.role.j2.yaml
+++ b/puppet/config.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
A software config which runs puppet on the {{role}} role
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index cb2449c6..9bf110d5 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack controller node configured by Puppet.
@@ -164,6 +164,13 @@ parameters:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
parameter_groups:
- label: deprecated
@@ -171,6 +178,14 @@ parameter_groups:
parameters:
- controllerExtraConfig
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
+
+
resources:
Controller:
@@ -400,6 +415,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
@@ -441,6 +457,7 @@ resources:
# but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
ControllerUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: NetworkDeployment
properties:
name: ControllerUpgradeInitDeployment
@@ -449,6 +466,7 @@ resources:
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: ControllerUpgradeInitDeployment
properties:
name: ControllerDeployment
@@ -532,6 +550,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: NetworkDeployment
properties:
name: UpdateDeployment
@@ -649,6 +668,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
description: Heat resource handle for the Nova compute server
value:
{get_resource: Controller}
+ condition: server_not_blacklisted
tls_key_modulus_md5:
description: MD5 checksum of the TLS Key Modulus
value: {get_attr: [NodeTLSData, key_modulus_md5]}
diff --git a/puppet/deploy-artifacts.yaml b/puppet/deploy-artifacts.yaml
index 5e89405b..3a7a73c0 100644
--- a/puppet/deploy-artifacts.yaml
+++ b/puppet/deploy-artifacts.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Software Config to install deployment artifacts (tarball's and/or
diff --git a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
index b6d1239a..e1c464b0 100644
--- a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for all MidoNet nodes
diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
index b05fa636..313c1261 100644
--- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for Network Cisco configuration
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
index e3f4cce6..93408dd1 100644
--- a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for Big Switch agents on compute node
diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
index 1d16e909..ea2fd71c 100644
--- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for Nuage configuration on the Compute
diff --git a/puppet/extraconfig/pre_deploy/controller/multiple.yaml b/puppet/extraconfig/pre_deploy/controller/multiple.yaml
index d3d546dd..69cd7033 100644
--- a/puppet/extraconfig/pre_deploy/controller/multiple.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/multiple.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Extra Pre-Deployment Config, multiple'
parameters:
server:
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
index e7d0b830..71a915df 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for Neutron Big Switch configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
index 40b407bc..b346bbd4 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for Cisco N1KV configuration
diff --git a/puppet/extraconfig/pre_deploy/default.yaml b/puppet/extraconfig/pre_deploy/default.yaml
index 5da07f87..f14e13ff 100644
--- a/puppet/extraconfig/pre_deploy/default.yaml
+++ b/puppet/extraconfig/pre_deploy/default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Noop Extra Pre-Deployment Config'
parameters:
server:
diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml
index 65113f6a..7fb67d84 100644
--- a/puppet/extraconfig/pre_deploy/per_node.yaml
+++ b/puppet/extraconfig/pre_deploy/per_node.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata overrides for specific nodes
diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml
index 04b5ccf6..11f2769b 100644
--- a/puppet/extraconfig/tls/ca-inject.yaml
+++ b/puppet/extraconfig/tls/ca-inject.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
This is a template which will inject the trusted anchor.
diff --git a/puppet/extraconfig/tls/freeipa-enroll.yaml b/puppet/extraconfig/tls/freeipa-enroll.yaml
index 7ce15069..9c6a402d 100644
--- a/puppet/extraconfig/tls/freeipa-enroll.yaml
+++ b/puppet/extraconfig/tls/freeipa-enroll.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Enroll nodes to FreeIPA
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index 2a61afc0..8cba4351 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
This is a template which will build the TLS Certificates necessary
diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml
index 4fdc491a..8420f99d 100644
--- a/puppet/major_upgrade_steps.j2.yaml
+++ b/puppet/major_upgrade_steps.j2.yaml
@@ -2,7 +2,7 @@
{% set batch_upgrade_steps_max = 3 -%}
{% set upgrade_steps_max = 6 -%}
{% set deliver_script = {'deliver': False} -%}
-heat_template_version: ocata
+heat_template_version: pike
description: 'Upgrade steps for all roles'
parameters:
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index 7277ab19..2f7056c4 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'OpenStack swift storage node configured by Puppet'
parameters:
OvercloudSwiftStorageFlavor:
@@ -132,6 +132,20 @@ parameters:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
@@ -362,6 +376,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -385,6 +400,7 @@ resources:
SwiftStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: SwiftStorageUpgradeInitDeployment
server: {get_resource: SwiftStorage}
@@ -430,6 +446,7 @@ resources:
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
depends_on: SwiftStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
@@ -458,6 +475,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: SwiftStorage}
@@ -553,6 +571,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
description: Heat resource handle for the swift storage server
value:
{get_resource: SwiftStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
diff --git a/puppet/post-upgrade.j2.yaml b/puppet/post-upgrade.j2.yaml
index b84039de..c51b6e1b 100644
--- a/puppet/post-upgrade.j2.yaml
+++ b/puppet/post-upgrade.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Post-upgrade configuration steps via puppet for all roles
diff --git a/puppet/post.j2.yaml b/puppet/post.j2.yaml
index 21202775..3a15cec6 100644
--- a/puppet/post.j2.yaml
+++ b/puppet/post.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Post-deploy configuration steps via puppet for all roles,
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index be88f663..7acf2dfb 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'OpenStack {{role}} node configured by Puppet'
parameters:
Overcloud{{role}}Flavor:
@@ -154,6 +154,20 @@ parameters:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
{{role}}:
@@ -384,6 +398,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -410,6 +425,7 @@ resources:
{{role}}UpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: {{role}}UpgradeInitDeployment
server: {get_resource: {{role}}}
@@ -418,6 +434,7 @@ resources:
{{role}}Deployment:
type: OS::Heat::StructuredDeployment
depends_on: {{role}}UpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: {{role}}Deployment
config: {get_resource: {{role}}Config}
@@ -492,6 +509,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
@@ -588,6 +606,7 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
description: Heat resource handle for {{role}} server
value:
{get_resource: {{role}}}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index 23df7d23..561b48cb 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Aodh API service configured with Puppet
diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml
index 509ae765..669c11dd 100644
--- a/puppet/services/aodh-evaluator.yaml
+++ b/puppet/services/aodh-evaluator.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Aodh Evaluator service configured with Puppet
diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml
index 336a9a34..17710ecb 100644
--- a/puppet/services/aodh-listener.yaml
+++ b/puppet/services/aodh-listener.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Aodh Listener service configured with Puppet
diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml
index e3db1055..2eed1b75 100644
--- a/puppet/services/aodh-notifier.yaml
+++ b/puppet/services/aodh-notifier.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Aodh Notifier service configured with Puppet
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index 12ecc7b5..23fcab90 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Apache service configured with Puppet. Note this is typically included
diff --git a/puppet/services/auditd.yaml b/puppet/services/auditd.yaml
index 989ad7a7..3eff534b 100644
--- a/puppet/services/auditd.yaml
+++ b/puppet/services/auditd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
AuditD configured with Puppet
diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml
index 144d9d98..6249c1ab 100644
--- a/puppet/services/ca-certs.yaml
+++ b/puppet/services/ca-certs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HAproxy service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml
index 50608d50..2dbaf554 100644
--- a/puppet/services/ceilometer-agent-central.yaml
+++ b/puppet/services/ceilometer-agent-central.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer Central Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml
index 002851cf..c453a43d 100644
--- a/puppet/services/ceilometer-agent-compute.yaml
+++ b/puppet/services/ceilometer-agent-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer Compute Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-ipmi.yaml b/puppet/services/ceilometer-agent-ipmi.yaml
index 0f6390d2..7dd1e78d 100644
--- a/puppet/services/ceilometer-agent-ipmi.yaml
+++ b/puppet/services/ceilometer-agent-ipmi.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer Ipmi Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml
index 174aff7f..6e893564 100644
--- a/puppet/services/ceilometer-agent-notification.yaml
+++ b/puppet/services/ceilometer-agent-notification.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer Notification Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 2df0e442..74b0c3d2 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer API service configured with Puppet
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index e60eb425..b3e2c3a4 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer service configured with Puppet
diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml
index 529b84f3..775e921a 100644
--- a/puppet/services/ceilometer-expirer.yaml
+++ b/puppet/services/ceilometer-expirer.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ceilometer Expirer service configured with Puppet
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index e458855b..e12c55eb 100644
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph base service. Shared by all Ceph services.
@@ -99,7 +99,6 @@ outputs:
service_name: ceph_base
config_settings:
tripleo::profile::base::ceph::enable_ceph_storage: {get_param: ControllerEnableCephStorage}
- ceph::profile::params::osd_pool_default_min_size: 1
ceph::profile::params::osds: {/srv/data: {}}
ceph::profile::params::manage_repo: false
ceph::profile::params::authentication_type: cephx
diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml
index 66c7a368..ec34fcae 100644
--- a/puppet/services/ceph-client.yaml
+++ b/puppet/services/ceph-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph Client service.
diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml
index 3d64cf44..599532c4 100644
--- a/puppet/services/ceph-external.yaml
+++ b/puppet/services/ceph-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph External service.
diff --git a/puppet/services/ceph-mds.yaml b/puppet/services/ceph-mds.yaml
index 0236087d..270d3a26 100644
--- a/puppet/services/ceph-mds.yaml
+++ b/puppet/services/ceph-mds.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph MDS service.
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 45fca89f..28552301 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph Monitor service.
@@ -78,6 +78,10 @@ parameters:
MonitoringSubscriptionCephMon:
default: 'overcloud-ceph-mon'
type: string
+ CephPoolDefaultSize:
+ description: default minimum replication for RBD copies
+ type: number
+ default: 3
resources:
CephBase:
@@ -102,7 +106,7 @@ outputs:
ceph::profile::params::mon_key: {get_param: CephMonKey}
ceph::profile::params::osd_pool_default_pg_num: 32
ceph::profile::params::osd_pool_default_pgp_num: 32
- ceph::profile::params::osd_pool_default_size: 3
+ ceph::profile::params::osd_pool_default_size: {get_param: CephPoolDefaultSize}
# repeat returns items in a list, so we need to map_merge twice
tripleo::profile::base::ceph::mon::ceph_pools:
map_merge:
diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml
index 64c1c73e..24b2886a 100644
--- a/puppet/services/ceph-osd.yaml
+++ b/puppet/services/ceph-osd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph OSD service.
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index 3ed158b7..ad91b4ec 100644
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph RadosGW service.
diff --git a/puppet/services/certmonger-user.yaml b/puppet/services/certmonger-user.yaml
index d04b5874..6ad451a8 100644
--- a/puppet/services/certmonger-user.yaml
+++ b/puppet/services/certmonger-user.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Requests certificates using certmonger through Puppet
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 3e6d8805..036209f3 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Cinder API service configured with Puppet
diff --git a/puppet/services/cinder-backend-dellps.yaml b/puppet/services/cinder-backend-dellps.yaml
index 50c9bef7..d0382534 100644
--- a/puppet/services/cinder-backend-dellps.yaml
+++ b/puppet/services/cinder-backend-dellps.yaml
@@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Cinder Dell EMC PS Series backend
diff --git a/puppet/services/cinder-backend-dellsc.yaml b/puppet/services/cinder-backend-dellsc.yaml
index b5b0e009..a201134c 100644
--- a/puppet/services/cinder-backend-dellsc.yaml
+++ b/puppet/services/cinder-backend-dellsc.yaml
@@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Cinder Dell EMC Storage Center backend
@@ -49,6 +49,18 @@ parameters:
CinderDellScVolumeFolder:
type: string
default: 'dellsc_volume'
+ CinderDellScSecondarySanIp:
+ type: string
+ default: ''
+ CinderDellScSecondarySanLogin:
+ type: string
+ default: 'Admin'
+ CinderDellScSecondarySanPassword:
+ type: string
+ hidden: true
+ CinderDellScSecondaryScApiPort:
+ type: number
+ default: 3033
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -89,5 +101,9 @@ outputs:
cinder::backend::dellsc_iscsi::dell_sc_api_port: {get_param: CinderDellScApiPort}
cinder::backend::dellsc_iscsi::dell_sc_server_folder: {get_param: CinderDellScServerFolder}
cinder::backend::dellsc_iscsi::dell_sc_volume_folder: {get_param: CinderDellScVolumeFolder}
+ cinder::backend::dellsc_iscsi::secondary_san_ip: {get_param: CinderDellScSecondarySanIp}
+ cinder::backend::dellsc_iscsi::secondary_san_login: {get_param: CinderDellScSecondarySanLogin}
+ cinder::backend::dellsc_iscsi::secondary_san_password: {get_param: CinderDellScSecondarySanPassword}
+ cinder::backend::dellsc_iscsi::secondary_sc_api_port: {get_param: CinderDellScSecondaryScApiPort}
step_config: |
include ::tripleo::profile::base::cinder::volume
diff --git a/puppet/services/cinder-backend-netapp.yaml b/puppet/services/cinder-backend-netapp.yaml
index cc44d422..bddc8e1a 100644
--- a/puppet/services/cinder-backend-netapp.yaml
+++ b/puppet/services/cinder-backend-netapp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Openstack Cinder Netapp backend
diff --git a/puppet/services/cinder-backend-pure.yaml b/puppet/services/cinder-backend-pure.yaml
index 853d2733..576896a4 100644
--- a/puppet/services/cinder-backend-pure.yaml
+++ b/puppet/services/cinder-backend-pure.yaml
@@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Cinder Pure Storage FlashArray backend
diff --git a/puppet/services/cinder-backend-scaleio.yaml b/puppet/services/cinder-backend-scaleio.yaml
index fa22fae7..832cc099 100644
--- a/puppet/services/cinder-backend-scaleio.yaml
+++ b/puppet/services/cinder-backend-scaleio.yaml
@@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Cinder Dell EMC ScaleIO backend
diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml
index 44177817..629a0f5b 100644
--- a/puppet/services/cinder-backup.yaml
+++ b/puppet/services/cinder-backup.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Cinder Backup service configured with Puppet
diff --git a/puppet/services/cinder-hpelefthand-iscsi.yaml b/puppet/services/cinder-hpelefthand-iscsi.yaml
index c4b79bb1..3ea0fd87 100644
--- a/puppet/services/cinder-hpelefthand-iscsi.yaml
+++ b/puppet/services/cinder-hpelefthand-iscsi.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configure Cinder HPELeftHandISCSIDriver
diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml
index c74f0a1e..806f9bb4 100644
--- a/puppet/services/cinder-scheduler.yaml
+++ b/puppet/services/cinder-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Cinder Scheduler service configured with Puppet
diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml
index 7de4b7b0..fe95222b 100644
--- a/puppet/services/cinder-volume.yaml
+++ b/puppet/services/cinder-volume.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Cinder Volume service configured with Puppet
diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml
index 0d3a9ead..b5fced4c 100644
--- a/puppet/services/database/mongodb-base.yaml
+++ b/puppet/services/database/mongodb-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configuration details for MongoDB service using composable roles
diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml
index 72a37c68..968d4355 100644
--- a/puppet/services/database/mongodb.yaml
+++ b/puppet/services/database/mongodb.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
MongoDb service deployment using puppet
@@ -40,6 +40,13 @@ parameters:
format: >-
/(?<time>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d+\+\d{4})
(?<message>.*)$/
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
MongoDbBase:
@@ -79,6 +86,28 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
mongodb::server::bind_ip: {get_param: [ServiceNetMap, MongodbNetwork]}
+ -
+ if:
+ - internal_tls_enabled
+ -
+ generate_service_certificates: true
+ mongodb::server::ssl: true
+ mongodb::server::ssl_key: '/etc/pki/tls/certs/mongodb.pem'
+ mongodb_certificate_specs:
+ service_pem: '/etc/pki/tls/certs/mongodb.pem'
+ service_certificate: '/etc/pki/tls/certs/mongodb.crt'
+ service_key: '/etc/pki/tls/private/mongodb.key'
+ hostname:
+ str_replace:
+ template: "%{hiera('fqdn_NETWORK')}"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, MongodbNetwork]}
+ principal:
+ str_replace:
+ template: "mongodb/%{hiera('fqdn_NETWORK')}"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, MongodbNetwork]}
+ - {}
step_config: |
include ::tripleo::profile::base::database::mongodb
upgrade_tasks:
@@ -88,3 +117,11 @@ outputs:
- name: Start mongodb service
tags: step4
service: name=mongod state=started
+ metadata_settings:
+ if:
+ - internal_tls_enabled
+ -
+ - service: mongodb
+ network: {get_param: [ServiceNetMap, MongodbNetwork]}
+ type: node
+ - null
diff --git a/puppet/services/database/mysql-client.yaml b/puppet/services/database/mysql-client.yaml
index 4b0201f3..19d732dd 100644
--- a/puppet/services/database/mysql-client.yaml
+++ b/puppet/services/database/mysql-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Mysql client settings
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index 0b6797c3..2bde9033 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
MySQL service deployment using puppet
diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml
index fff817ef..89fa8065 100644
--- a/puppet/services/database/redis-base.yaml
+++ b/puppet/services/database/redis-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/database/redis.yaml b/puppet/services/database/redis.yaml
index 9c7144c4..df406a8c 100644
--- a/puppet/services/database/redis.yaml
+++ b/puppet/services/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/disabled/ceilometer-collector.yaml b/puppet/services/disabled/ceilometer-collector-disabled.yaml
index 64fd476d..18092a8f 100644
--- a/puppet/services/disabled/ceilometer-collector.yaml
+++ b/puppet/services/disabled/ceilometer-collector-disabled.yaml
@@ -31,7 +31,7 @@ outputs:
role_data:
description: Role data for the disabled Ceilometer Collector role.
value:
- service_name: ceilometer_collector
+ service_name: ceilometer_collector_disabled
upgrade_tasks:
- name: Stop and disable ceilometer_collector service on upgrade
tags: step1
diff --git a/puppet/services/disabled/ceilometer-expirer-disabled.yaml b/puppet/services/disabled/ceilometer-expirer-disabled.yaml
new file mode 100644
index 00000000..9b7b47ef
--- /dev/null
+++ b/puppet/services/disabled/ceilometer-expirer-disabled.yaml
@@ -0,0 +1,50 @@
+heat_template_version: pike
+
+description: >
+ OpenStack Ceilometer Expirer service, disabled since pike
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+resources:
+ CeilometerServiceBase:
+ type: ../ceilometer-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the disabling Ceilometer Expirer role.
+ value:
+ service_name: ceilometer_expirer_disabled
+ config_settings:
+ map_merge:
+ - get_attr: [CeilometerServiceBase, role_data, config_settings]
+ - ceilometer::expirer::enable_cron: false
+ step_config: |
+ include ::tripleo::profile::base::ceilometer::expirer
diff --git a/puppet/services/disabled/glance-registry.yaml b/puppet/services/disabled/glance-registry-disabled.yaml
index d90923da..85a5c5ef 100644
--- a/puppet/services/disabled/glance-registry.yaml
+++ b/puppet/services/disabled/glance-registry-disabled.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Glance Registry service, disabled since ocata
@@ -31,7 +31,7 @@ outputs:
role_data:
description: Role data for the disabled Glance Registry role.
value:
- service_name: glance_registry
+ service_name: glance_registry_disabled
upgrade_tasks:
- name: Stop and disable glance_registry service on upgrade
tags: step1
diff --git a/puppet/services/disabled/ceilometer-expirer.yaml b/puppet/services/disabled/mongodb-disabled.yaml
index 182193ec..fa3fe9a8 100644
--- a/puppet/services/disabled/ceilometer-expirer.yaml
+++ b/puppet/services/disabled/mongodb-disabled.yaml
@@ -1,7 +1,7 @@
heat_template_version: pike
description: >
- OpenStack Ceilometer Expirer service, disabled since pike
+ Mongodb service, disabled by default since pike
parameters:
ServiceNetMap:
@@ -13,6 +13,11 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
RoleName:
default: ''
description: Role name on which the service is applied
@@ -21,18 +26,13 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
outputs:
role_data:
- description: Role data for the disabled Ceilometer Expirer role.
+ description: Role data for the disabled MongoDB role.
value:
- service_name: ceilometer_expirer
+ service_name: mongodb_disabled
upgrade_tasks:
- - name: Stop and disable ceilometer_expirer service on upgrade
+ - name: Stop and disable mongodb service on upgrade
tags: step1
- service: name=openstack-ceilometer-expirer state=stopped enabled=no
+ service: name=mongod state=stopped enabled=no
diff --git a/puppet/services/docker.yaml b/puppet/services/docker.yaml
index 9eaa5c99..2be21122 100644
--- a/puppet/services/docker.yaml
+++ b/puppet/services/docker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configures docker on the host
diff --git a/puppet/services/etcd.yaml b/puppet/services/etcd.yaml
index 9e9638d3..2e87764d 100644
--- a/puppet/services/etcd.yaml
+++ b/puppet/services/etcd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Etcd service configured with Puppet
diff --git a/puppet/services/external-swift-proxy.yaml b/puppet/services/external-swift-proxy.yaml
index de97dd92..206536d7 100644
--- a/puppet/services/external-swift-proxy.yaml
+++ b/puppet/services/external-swift-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
External Swift Proxy endpoint configured with Puppet
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index dfa337db..2411d42d 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml
index d62c349e..012bd727 100644
--- a/puppet/services/gnocchi-base.yaml
+++ b/puppet/services/gnocchi-base.yaml
@@ -76,7 +76,7 @@ outputs:
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
- gnocchi::db::sync::extra_opts: '--skip-storage'
+ gnocchi::db::sync::extra_opts: ''
gnocchi::storage::metric_processing_delay: {get_param: MetricProcessingDelay}
gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 3
diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml
index 626d37ec..5ada99fa 100644
--- a/puppet/services/gnocchi-metricd.yaml
+++ b/puppet/services/gnocchi-metricd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml
index 5a4a283d..5ba1dfc7 100644
--- a/puppet/services/gnocchi-statsd.yaml
+++ b/puppet/services/gnocchi-statsd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/haproxy-internal-tls-certmonger.yaml b/puppet/services/haproxy-internal-tls-certmonger.yaml
index ad3a5287..1866bb97 100644
--- a/puppet/services/haproxy-internal-tls-certmonger.yaml
+++ b/puppet/services/haproxy-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HAProxy deployment with TLS enabled, powered by certmonger
diff --git a/puppet/services/haproxy-public-tls-certmonger.yaml b/puppet/services/haproxy-public-tls-certmonger.yaml
index f9d04ebd..7ebacdbc 100644
--- a/puppet/services/haproxy-public-tls-certmonger.yaml
+++ b/puppet/services/haproxy-public-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HAProxy deployment with TLS enabled, powered by certmonger
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index bdb5445b..92d73cfb 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Heat CloudFormation API service configured with Puppet
diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml
index af32d3d1..a740d201 100644
--- a/puppet/services/heat-api-cloudwatch.yaml
+++ b/puppet/services/heat-api-cloudwatch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Heat CloudWatch API service configured with Puppet
diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml
index 46ab3004..ced7f0c4 100644
--- a/puppet/services/heat-api.yaml
+++ b/puppet/services/heat-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Heat API service configured with Puppet
diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml
index 314f609f..dfd823db 100644
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Heat base service. Shared for all Heat services.
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index 59cdae59..562afe16 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Horizon service configured with Puppet
@@ -126,3 +126,10 @@ outputs:
tags: step1
when: httpd_enabled.rc == 0
service: name=httpd state=stopped
+ service_config_settings:
+ haproxy:
+ tripleo.horizon.firewall_rules:
+ '127 horizon':
+ dport:
+ - 80
+ - 443
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
index 5ae52db4..945033a1 100644
--- a/puppet/services/ironic-api.yaml
+++ b/puppet/services/ironic-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ironic API configured with Puppet
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
index 7ec84526..b1676715 100644
--- a/puppet/services/ironic-conductor.yaml
+++ b/puppet/services/ironic-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Ironic conductor configured with Puppet
@@ -61,9 +61,19 @@ parameters:
description: Enabled Ironic drivers
type: comma_delimited_list
IronicEnabledHardwareTypes:
- default: ['ipmi']
+ default: ['ipmi', 'redfish']
description: Enabled Ironic hardware types
type: comma_delimited_list
+ IronicEnabledManagementInterfaces:
+ default: ['ipmitool', 'redfish']
+ description: Enabled management interface implementations. Each hardware
+ type must have at least one valid implementation enabled.
+ type: comma_delimited_list
+ IronicEnabledPowerInterfaces:
+ default: ['ipmitool', 'redfish']
+ description: Enabled power interface implementations. Each hardware
+ type must have at least one valid implementation enabled.
+ type: comma_delimited_list
IronicIPXEEnabled:
default: true
description: Whether to use iPXE instead of PXE for deployment.
@@ -136,7 +146,9 @@ outputs:
ironic::drivers::pxe::uefi_pxe_config_template: '$pybasedir/drivers/modules/ipxe_config.template'
ironic::drivers::pxe::uefi_pxe_bootfile_name: 'ipxe.efi'
ironic::drivers::interfaces::enabled_console_interfaces: ['ipmitool-socat', 'no-console']
+ ironic::drivers::interfaces::enabled_management_interfaces: {get_param: IronicEnabledManagementInterfaces}
ironic::drivers::interfaces::enabled_network_interfaces: ['flat', 'neutron']
+ ironic::drivers::interfaces::enabled_power_interfaces: {get_param: IronicEnabledPowerInterfaces}
ironic::drivers::interfaces::default_network_interface: {get_param: IronicDefaultNetworkInterface}
tripleo.ironic_conductor.firewall_rules:
'134 ironic conductor TFTP':
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index cbdc9d3e..44e6b248 100644
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Keepalived service configured with Puppet
diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml
index 8121454b..c142b475 100644
--- a/puppet/services/kernel.yaml
+++ b/puppet/services/kernel.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Load kernel modules with kmod and configure kernel options with sysctl.
@@ -77,6 +77,8 @@ outputs:
value: 0
net.ipv4.conf.all.send_redirects:
value: 0
+ net.ipv4.conf.all.arp_accept:
+ value: 1
net.ipv4.conf.default.accept_redirects:
value: 0
net.ipv4.conf.default.secure_redirects:
diff --git a/puppet/services/logging/fluentd-base.yaml b/puppet/services/logging/fluentd-base.yaml
index 72109662..21049a9e 100644
--- a/puppet/services/logging/fluentd-base.yaml
+++ b/puppet/services/logging/fluentd-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Fluentd base service
diff --git a/puppet/services/logging/fluentd-client.yaml b/puppet/services/logging/fluentd-client.yaml
index 931646e6..e34f31fa 100644
--- a/puppet/services/logging/fluentd-client.yaml
+++ b/puppet/services/logging/fluentd-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Fluentd client configured with Puppet
diff --git a/puppet/services/logging/fluentd-config.yaml b/puppet/services/logging/fluentd-config.yaml
index 3bc90ac1..9ade6419 100644
--- a/puppet/services/logging/fluentd-config.yaml
+++ b/puppet/services/logging/fluentd-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Fluentd logging configuration
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml
index 0b656d87..2710d789 100644
--- a/puppet/services/manila-api.yaml
+++ b/puppet/services/manila-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Manila-api service configured with Puppet
diff --git a/puppet/services/manila-backend-cephfs.yaml b/puppet/services/manila-backend-cephfs.yaml
index 060762fe..f4c7a074 100644
--- a/puppet/services/manila-backend-cephfs.yaml
+++ b/puppet/services/manila-backend-cephfs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Manila Cephfs backend
diff --git a/puppet/services/manila-backend-generic.yaml b/puppet/services/manila-backend-generic.yaml
index 032aa1be..7be92399 100644
--- a/puppet/services/manila-backend-generic.yaml
+++ b/puppet/services/manila-backend-generic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Manila generic backend.
diff --git a/puppet/services/manila-backend-netapp.yaml b/puppet/services/manila-backend-netapp.yaml
index b865e3d9..b1068488 100644
--- a/puppet/services/manila-backend-netapp.yaml
+++ b/puppet/services/manila-backend-netapp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Manila netapp backend.
diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml
index 9ce90f0d..b3d1ffa2 100644
--- a/puppet/services/manila-scheduler.yaml
+++ b/puppet/services/manila-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Manila-scheduler service configured with Puppet
diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml
index dbfe5976..50d7f7c6 100644
--- a/puppet/services/manila-share.yaml
+++ b/puppet/services/manila-share.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Manila-share service configured with Puppet
diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml
index 8c1e4cf8..5b98e02b 100644
--- a/puppet/services/memcached.yaml
+++ b/puppet/services/memcached.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Memcached service configured with Puppet
diff --git a/puppet/services/metrics/collectd.yaml b/puppet/services/metrics/collectd.yaml
index 26dbd4c5..da77ef0e 100644
--- a/puppet/services/metrics/collectd.yaml
+++ b/puppet/services/metrics/collectd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Collectd client service
diff --git a/puppet/services/mistral-api.yaml b/puppet/services/mistral-api.yaml
index f4ec2273..b865ec1f 100644
--- a/puppet/services/mistral-api.yaml
+++ b/puppet/services/mistral-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Mistral API service configured with Puppet
@@ -36,8 +36,21 @@ parameters:
e.g. { mistral-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+ mistral_workers_zero: {equals : [{get_param: MistralWorkers}, 0]}
resources:
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
MistralBase:
type: ./mistral-base.yaml
properties:
@@ -57,12 +70,25 @@ outputs:
- get_attr: [MistralBase, role_data, config_settings]
- mistral::api::api_workers: {get_param: MistralWorkers}
mistral::api::bind_host: {get_param: [ServiceNetMap, MistralApiNetwork]}
+ mistral::wsgi::apache::ssl: {get_param: EnableInternalTLS}
mistral::policy::policies: {get_param: MistralApiPolicies}
tripleo.mistral_api.firewall_rules:
'133 mistral':
dport:
- 8989
- 13989
+ mistral::api::service_name: 'httpd'
+ mistral::wsgi::apache::bind_host: {get_param: [ServiceNetMap, MistralApiNetwork]}
+ mistral::wsgi::apache::servername:
+ str_replace:
+ template:
+ "%{hiera('fqdn_$NETWORK')}"
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, MistralApiNetwork]}
+ - if:
+ - mistral_workers_zero
+ - {}
+ - mistral::wsgi::apache::workers: {get_param: MistralWorkers}
service_config_settings:
get_attr: [MistralBase, role_data, service_config_settings]
step_config: |
@@ -79,10 +105,16 @@ outputs:
grep '\bactive\b'
when: mistral_api_enabled.rc == 0
tags: step0,validation
- - name: Stop mistral_api service
+ - name: check for mistral_api running under apache (post upgrade)
+ tags: step1
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q mistral_api_wsgi"
+ register: mistral_api_apache
+ ignore_errors: true
+ - name: Stop mistral_api service (running under httpd)
tags: step1
- service: name=openstack-mistral-api state=stopped
- - name: Install openstack-mistral-api package if it was disabled
- tags: step3
- yum: name=openstack-mistral-api state=latest
- when: mistral_api_enabled.rc != 0
+ service: name=httpd state=stopped
+ when: mistral_api_apache.rc == 0
+ - name: Stop and disable mistral_api service (pre-upgrade not under httpd)
+ tags: step1
+ when: mistral_api_enabled.rc == 0
+ service: name=openstack-mistral-api state=stopped enabled=no
diff --git a/puppet/services/mistral-engine.yaml b/puppet/services/mistral-engine.yaml
index 7513afa2..6a0fed1a 100644
--- a/puppet/services/mistral-engine.yaml
+++ b/puppet/services/mistral-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Mistral Engine service configured with Puppet
diff --git a/puppet/services/mistral-executor.yaml b/puppet/services/mistral-executor.yaml
index 1935d402..57f29dd4 100644
--- a/puppet/services/mistral-executor.yaml
+++ b/puppet/services/mistral-executor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Mistral API service configured with Puppet
diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml
index 961ff3b0..5e7e9940 100644
--- a/puppet/services/monitoring/sensu-base.yaml
+++ b/puppet/services/monitoring/sensu-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Sensu base service
diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml
index cebf6476..25e2b947 100644
--- a/puppet/services/monitoring/sensu-client.yaml
+++ b/puppet/services/monitoring/sensu-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Sensu client configured with Puppet
diff --git a/puppet/services/network/contrail-analytics-database.yaml b/puppet/services/network/contrail-analytics-database.yaml
index e8066403..9b78437b 100644
--- a/puppet/services/network/contrail-analytics-database.yaml
+++ b/puppet/services/network/contrail-analytics-database.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail Analytics Database service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml
index 02d2fd44..f85ba7cc 100644
--- a/puppet/services/network/contrail-analytics.yaml
+++ b/puppet/services/network/contrail-analytics.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail Analytics service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index 68def625..bdcdbb86 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Base parameters for all Contrail Services.
diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml
index 03f9a551..feda5854 100644
--- a/puppet/services/network/contrail-config.yaml
+++ b/puppet/services/network/contrail-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail Config service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml
index a233bc40..f1108547 100644
--- a/puppet/services/network/contrail-control.yaml
+++ b/puppet/services/network/contrail-control.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail Control service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml
index 826b85e4..5ce25a2e 100644
--- a/puppet/services/network/contrail-database.yaml
+++ b/puppet/services/network/contrail-database.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail Database service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-heat.yaml b/puppet/services/network/contrail-heat.yaml
index c19be1d6..da86714e 100644
--- a/puppet/services/network/contrail-heat.yaml
+++ b/puppet/services/network/contrail-heat.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail Heat plugin adds Contrail specific heat resources enabling heat
diff --git a/puppet/services/network/contrail-neutron-plugin.yaml b/puppet/services/network/contrail-neutron-plugin.yaml
index 8fc49284..0c5e2a86 100644
--- a/puppet/services/network/contrail-neutron-plugin.yaml
+++ b/puppet/services/network/contrail-neutron-plugin.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Opencontrail plugin
diff --git a/puppet/services/network/contrail-provision.yaml b/puppet/services/network/contrail-provision.yaml
index 259def34..8918f6da 100644
--- a/puppet/services/network/contrail-provision.yaml
+++ b/puppet/services/network/contrail-provision.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Provision Contrail services after deployment
diff --git a/puppet/services/network/contrail-tsn.yaml b/puppet/services/network/contrail-tsn.yaml
index 6718335b..9d48e0e6 100644
--- a/puppet/services/network/contrail-tsn.yaml
+++ b/puppet/services/network/contrail-tsn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail TSN Service
diff --git a/puppet/services/network/contrail-vrouter.yaml b/puppet/services/network/contrail-vrouter.yaml
index 47934a23..f03ed9c6 100644
--- a/puppet/services/network/contrail-vrouter.yaml
+++ b/puppet/services/network/contrail-vrouter.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Compute OpenContrail plugin
diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml
index 5ef52445..f723e6a8 100644
--- a/puppet/services/network/contrail-webui.yaml
+++ b/puppet/services/network/contrail-webui.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Contrail WebUI service deployment using puppet, this YAML file
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 764d548d..57581b58 100644
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron base service. Shared for all Neutron agents.
diff --git a/puppet/services/neutron-bgpvpn-api.yaml b/puppet/services/neutron-bgpvpn-api.yaml
index 606e5b26..a70337d1 100644
--- a/puppet/services/neutron-bgpvpn-api.yaml
+++ b/puppet/services/neutron-bgpvpn-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
BGPVPN API service configured with Puppet
diff --git a/puppet/services/neutron-bigswitch-agent.yaml b/puppet/services/neutron-bigswitch-agent.yaml
index 7e42a015..3faf7887 100644
--- a/puppet/services/neutron-bigswitch-agent.yaml
+++ b/puppet/services/neutron-bigswitch-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Installs bigswitch agent and enables the services
diff --git a/puppet/services/neutron-compute-plugin-midonet.yaml b/puppet/services/neutron-compute-plugin-midonet.yaml
index f6890887..75b03044 100644
--- a/puppet/services/neutron-compute-plugin-midonet.yaml
+++ b/puppet/services/neutron-compute-plugin-midonet.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Compute Midonet plugin
diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml
index 4fcc49a2..a1657258 100644
--- a/puppet/services/neutron-compute-plugin-nuage.yaml
+++ b/puppet/services/neutron-compute-plugin-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Compute Nuage plugin
diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/neutron-compute-plugin-ovn.yaml
index 3aefe378..b5ce790d 100644
--- a/puppet/services/neutron-compute-plugin-ovn.yaml
+++ b/puppet/services/neutron-compute-plugin-ovn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Compute OVN agent
diff --git a/puppet/services/neutron-compute-plugin-plumgrid.yaml b/puppet/services/neutron-compute-plugin-plumgrid.yaml
index 2d5bfc79..08cecf64 100644
--- a/puppet/services/neutron-compute-plugin-plumgrid.yaml
+++ b/puppet/services/neutron-compute-plugin-plumgrid.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Compute Plumgrid plugin
diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index b8c307a5..91582db8 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron DHCP agent configured with Puppet
diff --git a/puppet/services/neutron-l2gw-api.yaml b/puppet/services/neutron-l2gw-api.yaml
index 5e92a2ce..1ad009b4 100644
--- a/puppet/services/neutron-l2gw-api.yaml
+++ b/puppet/services/neutron-l2gw-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
L2 Gateway service plugin configured with Puppet
diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml
index f23df436..1a4a4f68 100644
--- a/puppet/services/neutron-l3-compute-dvr.yaml
+++ b/puppet/services/neutron-l3-compute-dvr.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron L3 agent for DVR enabled compute nodes
diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml
index f1d3095b..0598639c 100644
--- a/puppet/services/neutron-l3.yaml
+++ b/puppet/services/neutron-l3.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron L3 agent configured with Puppet
diff --git a/puppet/services/neutron-linuxbridge-agent.yaml b/puppet/services/neutron-linuxbridge-agent.yaml
new file mode 100644
index 00000000..f4324054
--- /dev/null
+++ b/puppet/services/neutron-linuxbridge-agent.yaml
@@ -0,0 +1,83 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack Neutron Linuxbridge agent configured with Puppet.
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ PhysicalInterfaceMapping:
+ description: List of <physical_network>:<physical_interface> tuples
+ mapping physical network names to agent's node-specific
+ physical network interfaces. Defaults to empty list.
+ type: comma_delimited_list
+ default: ''
+ NeutronLinuxbridgeFirewallDriver:
+ default: ''
+ description: Configure the classname of the firewall driver to use for
+ implementing security groups. Possible values depend on
+ system configuration. The default value of an empty string
+ will result in a default supported configuration.
+ type: string
+ NeutronEnableL2Pop:
+ type: string
+ description: Enable/disable the L2 population feature in the Neutron agents.
+ default: 'False'
+ NeutronTunnelTypes:
+ default: 'vxlan'
+ description: The tunnel types for the Neutron tenant network.
+ type: comma_delimited_list
+
+conditions:
+ no_firewall_driver: {equals : [{get_param: NeutronLinuxbridgeFirewallDriver}, '']}
+
+resources:
+
+ NeutronBase:
+ type: ./neutron-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Linuxbridge agent service.
+ value:
+ service_name: neutron_linuxbridge_agent
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronBase, role_data, config_settings]
+ - neutron::agents::ml2::linuxbridge::physical_interface_mappings: {get_param: PhysicalInterfaceMapping}
+ neutron::agents::ml2::linuxbridge::l2_population: {get_param: NeutronEnableL2Pop}
+ neutron::agents::ml2::linuxbridge::tunnel_types: {get_param: NeutronTunnelTypes}
+ neutron::agents::ml2::linuxbridge::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+ neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.BridgeInterfaceDriver'
+ neutron::agents::dhcp::dhcp_driver: 'neutron.agent.linux.dhcp.Dnsmasq'
+ -
+ if:
+ - no_firewall_driver
+ - {}
+ - neutron::agents::ml2::linuxbridge::firewall_driver: {get_param: NeutronLinuxbridgeFirewallDriver}
+ step_config: |
+ include ::tripleo::profile::base::neutron::linuxbridge
diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml
index ec4a3df6..593fae43 100644
--- a/puppet/services/neutron-metadata.yaml
+++ b/puppet/services/neutron-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Metadata agent configured with Puppet
diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml
index f79674f6..8ace3e59 100644
--- a/puppet/services/neutron-midonet.yaml
+++ b/puppet/services/neutron-midonet.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Midonet plugin and services
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 69001947..76d5c269 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron OVS agent configured with Puppet
diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml
index 6dcc59c6..fec9e2a1 100644
--- a/puppet/services/neutron-ovs-dpdk-agent.yaml
+++ b/puppet/services/neutron-ovs-dpdk-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron OVS DPDK configured with Puppet for Compute Role
@@ -27,20 +27,23 @@ parameters:
via parameter_defaults in the resource registry.
type: json
HostCpusList:
+ default: "'0'"
description: List of cores to be used for host process
type: string
constraints:
- allowed_pattern: "'[0-9,-]+'"
NeutronDpdkCoreList:
+ default: "''"
description: List of cores to be used for DPDK Poll Mode Driver
type: string
constraints:
- - allowed_pattern: "'[0-9,-]+'"
+ - allowed_pattern: "'[0-9,-]*'"
NeutronDpdkMemoryChannels:
+ default: ""
description: Number of memory channels to be used for DPDK
type: string
constraints:
- - allowed_pattern: "[0-9]+"
+ - allowed_pattern: "[0-9]*"
NeutronDpdkSocketMemory:
default: ""
description: Memory allocated for each socket
@@ -75,6 +78,32 @@ resources:
OpenVswitchUpgrade:
type: ./openvswitch-upgrade.yaml
+ # Merging role-specific parameters (RoleParameters) with the default parameters.
+ # RoleParameters will have the precedence over the default parameters.
+ RoleParametersValue:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_replace:
+ - map_replace:
+ - neutron::agents::ml2::ovs::datapath_type: NeutronDatapathType
+ neutron::agents::ml2::ovs::vhostuser_socket_dir: NeutronVhostuserSocketDir
+ vswitch::dpdk::driver_type: NeutronDpdkDriverType
+ vswitch::dpdk::host_core_list: HostCpusList
+ vswitch::dpdk::pmd_core_list: NeutronDpdkCoreList
+ vswitch::dpdk::memory_channels: NeutronDpdkMemoryChannels
+ vswitch::dpdk::socket_mem: NeutronDpdkSocketMemory
+ - values: {get_param: [RoleParameters]}
+ - values:
+ NeutronDatapathType: {get_param: NeutronDatapathType}
+ NeutronVhostuserSocketDir: {get_param: NeutronVhostuserSocketDir}
+ NeutronDpdkDriverType: {get_param: NeutronDpdkDriverType}
+ HostCpusList: {get_param: HostCpusList}
+ NeutronDpdkCoreList: {get_param: NeutronDpdkCoreList}
+ NeutronDpdkMemoryChannels: {get_param: NeutronDpdkMemoryChannels}
+ NeutronDpdkSocketMemory: {get_param: NeutronDpdkSocketMemory}
+
outputs:
role_data:
description: Role data for the Neutron OVS DPDK Agent service.
@@ -87,13 +116,7 @@ outputs:
- keys:
tripleo.neutron_ovs_agent.firewall_rules: tripleo.neutron_ovs_dpdk_agent.firewall_rules
- neutron::agents::ml2::ovs::enable_dpdk: true
- neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType}
- neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir}
- vswitch::dpdk::host_core_list: {get_param: HostCpusList}
- vswitch::dpdk::pmd_core_list: {get_param: NeutronDpdkCoreList}
- vswitch::dpdk::memory_channels: {get_param: NeutronDpdkMemoryChannels}
- vswitch::dpdk::socket_mem: {get_param: NeutronDpdkSocketMemory}
- vswitch::dpdk::driver_type: {get_param: NeutronDpdkDriverType}
+ - get_attr: [RoleParametersValue, value]
step_config: {get_attr: [NeutronOvsAgent, role_data, step_config]}
upgrade_tasks:
get_attr: [OpenVswitchUpgrade, role_data, upgrade_tasks]
diff --git a/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
index 211e96a3..a1516955 100644
--- a/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
+++ b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configure hieradata for Fujitsu C-Fabric plugin configuration
diff --git a/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml b/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml
index 6974d5ff..c4bf0758 100644
--- a/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml
+++ b/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: Configure hieradata for Fujitsu fossw plugin configuration
diff --git a/puppet/services/neutron-plugin-ml2-odl.yaml b/puppet/services/neutron-plugin-ml2-odl.yaml
index 88246f9c..6424b76a 100644
--- a/puppet/services/neutron-plugin-ml2-odl.yaml
+++ b/puppet/services/neutron-plugin-ml2-odl.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron ML2/OpenDaylight plugin configured with Puppet
diff --git a/puppet/services/neutron-plugin-ml2-ovn.yaml b/puppet/services/neutron-plugin-ml2-ovn.yaml
index e9fb5ede..4cda87b6 100644
--- a/puppet/services/neutron-plugin-ml2-ovn.yaml
+++ b/puppet/services/neutron-plugin-ml2-ovn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron ML2/OVN plugin configured with Puppet
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index a89e740a..130f889b 100644
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron ML2 Plugin configured with Puppet
diff --git a/puppet/services/neutron-plugin-nsx.yaml b/puppet/services/neutron-plugin-nsx.yaml
index c0b94cec..c4088e6c 100644
--- a/puppet/services/neutron-plugin-nsx.yaml
+++ b/puppet/services/neutron-plugin-nsx.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron NSX
diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml
index 490b129c..953ffeb6 100644
--- a/puppet/services/neutron-plugin-nuage.yaml
+++ b/puppet/services/neutron-plugin-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron Nuage plugin
diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml
index 31eea58a..c124d1e6 100644
--- a/puppet/services/neutron-sriov-agent.yaml
+++ b/puppet/services/neutron-sriov-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron SR-IOV nic agent configured with Puppet
diff --git a/puppet/services/neutron-vpp-agent.yaml b/puppet/services/neutron-vpp-agent.yaml
index edf52b3b..cb72f67b 100644
--- a/puppet/services/neutron-vpp-agent.yaml
+++ b/puppet/services/neutron-vpp-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron ML2/VPP agent configured with Puppet
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index 345d2bd1..835edf0a 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova API service configured with Puppet
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 35e9be54..e39e997a 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Compute service configured with Puppet
@@ -72,7 +72,7 @@ parameters:
description: >
Reserved RAM for host processes.
type: number
- default: 2048
+ default: 4096
constraints:
- range: { min: 512 }
MonitoringSubscriptionNovaCompute:
diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml
index 22ac9f06..30eb1277 100644
--- a/puppet/services/nova-conductor.yaml
+++ b/puppet/services/nova-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Conductor service configured with Puppet
diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml
index 8f4ba155..fa1168aa 100644
--- a/puppet/services/nova-consoleauth.yaml
+++ b/puppet/services/nova-consoleauth.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Consoleauth service configured with Puppet
diff --git a/puppet/services/nova-ironic.yaml b/puppet/services/nova-ironic.yaml
index bba12aac..4f664329 100644
--- a/puppet/services/nova-ironic.yaml
+++ b/puppet/services/nova-ironic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Compute service configured with Puppet and using Ironic
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index f500e350..4e762b57 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Libvirt service configured with Puppet
diff --git a/puppet/services/nova-metadata.yaml b/puppet/services/nova-metadata.yaml
index 3a74796c..335b2c28 100644
--- a/puppet/services/nova-metadata.yaml
+++ b/puppet/services/nova-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova API service configured with Puppet
diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml
index 68ffc728..86aa079e 100644
--- a/puppet/services/nova-placement.yaml
+++ b/puppet/services/nova-placement.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Placement API service configured with Puppet
diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml
index 41122cc3..5da6d43e 100644
--- a/puppet/services/nova-scheduler.yaml
+++ b/puppet/services/nova-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Scheduler service configured with Puppet
diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml
index 690e1523..2db44d6f 100644
--- a/puppet/services/nova-vnc-proxy.yaml
+++ b/puppet/services/nova-vnc-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Nova Vncproxy service configured with Puppet
diff --git a/puppet/services/octavia-base.yaml b/puppet/services/octavia-base.yaml
index 8b83f317..19dc5b47 100644
--- a/puppet/services/octavia-base.yaml
+++ b/puppet/services/octavia-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Octavia base service. Shared for all Octavia services
diff --git a/puppet/services/octavia-health-manager.yaml b/puppet/services/octavia-health-manager.yaml
index c21f14c2..853567d3 100644
--- a/puppet/services/octavia-health-manager.yaml
+++ b/puppet/services/octavia-health-manager.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Octavia Health Manager service.
diff --git a/puppet/services/octavia-housekeeping.yaml b/puppet/services/octavia-housekeeping.yaml
index 2d991675..6c556fa7 100644
--- a/puppet/services/octavia-housekeeping.yaml
+++ b/puppet/services/octavia-housekeeping.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Octavia Housekeeping service.
diff --git a/puppet/services/octavia-worker.yaml b/puppet/services/octavia-worker.yaml
index 87688fb5..4feae415 100644
--- a/puppet/services/octavia-worker.yaml
+++ b/puppet/services/octavia-worker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Octavia Worker service.
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index 54e49b51..af85f4a3 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenDaylight SDN Controller.
diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml
index 105442bb..0d859be1 100644
--- a/puppet/services/opendaylight-ovs.yaml
+++ b/puppet/services/opendaylight-ovs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenDaylight OVS Configuration.
diff --git a/puppet/services/openvswitch-upgrade.yaml b/puppet/services/openvswitch-upgrade.yaml
index fea1ba96..f6e78462 100644
--- a/puppet/services/openvswitch-upgrade.yaml
+++ b/puppet/services/openvswitch-upgrade.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openvswitch package special handling for upgrade.
diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml
index 58b3d1f0..20c38d8a 100644
--- a/puppet/services/ovn-dbs.yaml
+++ b/puppet/services/ovn-dbs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OVN databases configured with puppet
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index 9998fcc1..1c89011c 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Pacemaker service configured with Puppet
diff --git a/puppet/services/pacemaker/ceph-rbdmirror.yaml b/puppet/services/pacemaker/ceph-rbdmirror.yaml
index 956b570e..7ecb64d1 100644
--- a/puppet/services/pacemaker/ceph-rbdmirror.yaml
+++ b/puppet/services/pacemaker/ceph-rbdmirror.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Ceph RBD mirror service.
diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml
index 81bbc234..d888d4a4 100644
--- a/puppet/services/pacemaker/cinder-backup.yaml
+++ b/puppet/services/pacemaker/cinder-backup.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Cinder Backup service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml
index 1b0770f3..39914db5 100644
--- a/puppet/services/pacemaker/cinder-volume.yaml
+++ b/puppet/services/pacemaker/cinder-volume.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Cinder Volume service with Pacemaker configured with Puppet
@@ -54,3 +54,18 @@ outputs:
cinder::host: hostgroup
step_config:
include ::tripleo::profile::pacemaker::cinder::volume
+ upgrade_tasks:
+ - name: Stop cinder_volume service (pacemaker)
+ tags: step1
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: disable
+ wait_for_resource: true
+ - name: Sync cinder DB
+ tags: step5
+ command: cinder-manage db sync
+ - name: Start cinder_volume service (pacemaker)
+ tags: step5
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: enable
diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml
index e19d3a30..d8e942d0 100644
--- a/puppet/services/pacemaker/database/mysql.yaml
+++ b/puppet/services/pacemaker/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
MySQL with Pacemaker service deployment using puppet
diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml
index c845d28c..5bc28ed4 100644
--- a/puppet/services/pacemaker/database/redis.yaml
+++ b/puppet/services/pacemaker/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml
index 7e5d25b5..0fb83939 100644
--- a/puppet/services/pacemaker/haproxy.yaml
+++ b/puppet/services/pacemaker/haproxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
HAproxy service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml
index b21a45e6..12f6529c 100644
--- a/puppet/services/pacemaker/manila-share.yaml
+++ b/puppet/services/pacemaker/manila-share.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
The manila-share service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml
index 208a8f10..79257201 100644
--- a/puppet/services/pacemaker/rabbitmq.yaml
+++ b/puppet/services/pacemaker/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
RabbitMQ service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker_remote.yaml b/puppet/services/pacemaker_remote.yaml
index dc1752e2..74aaf599 100644
--- a/puppet/services/pacemaker_remote.yaml
+++ b/puppet/services/pacemaker_remote.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Pacemaker remote service configured with Puppet
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
index 6f11e0c0..a41e34f7 100644
--- a/puppet/services/panko-api.yaml
+++ b/puppet/services/panko-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Panko API service configured with Puppet.
diff --git a/puppet/services/qdr.yaml b/puppet/services/qdr.yaml
index cf7715a4..0659a945 100644
--- a/puppet/services/qdr.yaml
+++ b/puppet/services/qdr.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Qpid dispatch router service configured with Puppet
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index c89dd709..1a42fdad 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
RabbitMQ service configured with Puppet
diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml
index c84d4cea..3df4ce7c 100644
--- a/puppet/services/sahara-api.yaml
+++ b/puppet/services/sahara-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Sahara API service configured with Puppet
diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml
index 3e0070a2..b6c108ea 100644
--- a/puppet/services/sahara-engine.yaml
+++ b/puppet/services/sahara-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Sahara Engine service configured with Puppet
diff --git a/puppet/services/securetty.yaml b/puppet/services/securetty.yaml
index 019ac969..84a370f0 100644
--- a/puppet/services/securetty.yaml
+++ b/puppet/services/securetty.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configure securetty values
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index b374dfbe..0e7b6d2b 100644
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Utility stack to convert an array of services into a set of combined
diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml
index b51242aa..ffa5d317 100644
--- a/puppet/services/snmp.yaml
+++ b/puppet/services/snmp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
SNMP client configured with Puppet, to facilitate Ceilometer Hardware
diff --git a/puppet/services/sshd.yaml b/puppet/services/sshd.yaml
index 7e908c4a..30058f03 100644
--- a/puppet/services/sshd.yaml
+++ b/puppet/services/sshd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Configure sshd_config
diff --git a/puppet/services/swift-base.yaml b/puppet/services/swift-base.yaml
index d8804c47..3066aecd 100644
--- a/puppet/services/swift-base.yaml
+++ b/puppet/services/swift-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Swift Proxy service configured with Puppet
diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml
index 9bb9dd8f..9a304edb 100644
--- a/puppet/services/swift-proxy.yaml
+++ b/puppet/services/swift-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Swift Proxy service configured with Puppet
@@ -61,6 +61,10 @@ parameters:
description: Set to False to disable the swift proxy ceilometer pipeline.
default: True
type: boolean
+ SwiftCeilometerIgnoreProjects:
+ default: ['services']
+ description: Comma-seperated list of project names to ignore.
+ type: comma_delimited_list
RabbitClientPort:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
@@ -116,6 +120,10 @@ outputs:
swift::proxy::workers: {get_param: SwiftWorkers}
swift::proxy::ceilometer::rabbit_user: {get_param: RabbitUserName}
swift::proxy::ceilometer::rabbit_password: {get_param: RabbitPassword}
+ swift::proxy::ceilometer::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+ swift::proxy::ceilometer::password: {get_param: SwiftPassword}
+ swift::proxy::ceilometer::ignore_projects: {get_param: SwiftCeilometerIgnoreProjects}
swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
swift::proxy::ceilometer::nonblocking_notify: true
tripleo::profile::base::swift::proxy::rabbit_port: {get_param: RabbitClientPort}
diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml
index dc4e6457..3808dbcc 100644
--- a/puppet/services/swift-ringbuilder.yaml
+++ b/puppet/services/swift-ringbuilder.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Swift Ringbuilder
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index 2388fd96..f1a9b930 100644
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Swift Storage service configured with Puppet
diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml
index 56940812..92c3f9ef 100644
--- a/puppet/services/time/ntp.yaml
+++ b/puppet/services/time/ntp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
NTP service deployment using puppet, this YAML file
diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml
index 2904222d..aece02cf 100644
--- a/puppet/services/time/timezone.yaml
+++ b/puppet/services/time/timezone.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Composable Timezone service
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
index 94f1e973..9fb590ef 100644
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
TripleO Firewall settings
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index 7084b7f4..2b9b8834 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
TripleO Package installation settings
diff --git a/puppet/services/vpp.yaml b/puppet/services/vpp.yaml
index 62864bad..e3e28a2f 100644
--- a/puppet/services/vpp.yaml
+++ b/puppet/services/vpp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Vpp service configured with Puppet
diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
index ea7ce980..6bc296a3 100644
--- a/puppet/services/zaqar.yaml
+++ b/puppet/services/zaqar.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
Openstack Zaqar service. Shared for all Heat services.
diff --git a/puppet/upgrade_config.yaml b/puppet/upgrade_config.yaml
index 2cfd43f4..4f967175 100644
--- a/puppet/upgrade_config.yaml
+++ b/puppet/upgrade_config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: 'Upgrade for via ansible by applying a step related tag'
parameters:
diff --git a/releasenotes/notes/Disable-mongodb-by-default-cce37d3254a77d27.yaml b/releasenotes/notes/Disable-mongodb-by-default-cce37d3254a77d27.yaml
new file mode 100644
index 00000000..e6e452f2
--- /dev/null
+++ b/releasenotes/notes/Disable-mongodb-by-default-cce37d3254a77d27.yaml
@@ -0,0 +1,8 @@
+---
+upgrade:
+ - Mongodb is no longer used by default, so now one has to enable it
+ explicitly if there's a need for using it.
+other:
+ - Mongodb is not used by any service we enable by default, so it has been
+ removed from the default services. It has subsequently been added to the
+ services that use it (zaqar and ceilometer-collector).
diff --git a/releasenotes/notes/add-cadf-environment-0ce0078348c5333f.yaml b/releasenotes/notes/add-cadf-environment-0ce0078348c5333f.yaml
new file mode 100644
index 00000000..a45938b0
--- /dev/null
+++ b/releasenotes/notes/add-cadf-environment-0ce0078348c5333f.yaml
@@ -0,0 +1,7 @@
+---
+features:
+ - Add new cadf.yaml environment, that will configure
+ Keystone to emit CADF notifications. This standard
+ provides auditing capabilities for compliance with
+ security, and is intented to be used for deploying
+ TripleO with hardened security.
diff --git a/releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml b/releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml
new file mode 100644
index 00000000..46f3b855
--- /dev/null
+++ b/releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - |
+ During a deployment on lower spec systems, the "db sync" can take longer
+ than five minutes. value of DatabaseSyncTimeout has change from 300
+ to 900 at the environment file "low-memory-usage.yaml".
diff --git a/releasenotes/notes/enable-arp_accept-6296b0113bc56b10.yaml b/releasenotes/notes/enable-arp_accept-6296b0113bc56b10.yaml
new file mode 100644
index 00000000..4025477b
--- /dev/null
+++ b/releasenotes/notes/enable-arp_accept-6296b0113bc56b10.yaml
@@ -0,0 +1,9 @@
+---
+other:
+ - |
+ All nodes now enable ``arp_accept`` sysctl setting to help with honoring
+ gratuitous ARP packets in their ARP tables. While sources of gratuitous ARP
+ packets are diverse, this comes especially useful for Neutron floating IP
+ addresses that roam between devices, and for which Neutron L3 agent sends
+ gratuitous ARP packets to update all network nodes about IP address new
+ locations.
diff --git a/releasenotes/notes/increase-nova-reserved-host-memory-80434e8484a29680.yaml b/releasenotes/notes/increase-nova-reserved-host-memory-80434e8484a29680.yaml
new file mode 100644
index 00000000..88f67a03
--- /dev/null
+++ b/releasenotes/notes/increase-nova-reserved-host-memory-80434e8484a29680.yaml
@@ -0,0 +1,4 @@
+---
+other:
+ - Increased the default of NovaReservedHostMemory for
+ Compute nodes to 4096 MB.
diff --git a/releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml b/releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml
new file mode 100644
index 00000000..ae6401fb
--- /dev/null
+++ b/releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml
@@ -0,0 +1,7 @@
+---
+features:
+ - Move Mistral API to use mod_wsgi under Apache.
+upgrade:
+ - Mistral API systemd service will be stopped and
+ disabled.
+
diff --git a/releasenotes/notes/redfish-9203af1f7bf02bc5.yaml b/releasenotes/notes/redfish-9203af1f7bf02bc5.yaml
new file mode 100644
index 00000000..8c24a22f
--- /dev/null
+++ b/releasenotes/notes/redfish-9203af1f7bf02bc5.yaml
@@ -0,0 +1,8 @@
+---
+features:
+ - |
+ Support for Redfish hardware is enabled by default for overcloud Ironic
+ via the ``redfish`` hardware type.
+ - |
+ Support changing enabled management and power interfaces for hardware types
+ in overcloud Ironic.
diff --git a/releasenotes/notes/server-blacklist-support-370c1a1f15a28a41.yaml b/releasenotes/notes/server-blacklist-support-370c1a1f15a28a41.yaml
new file mode 100644
index 00000000..7ab253b6
--- /dev/null
+++ b/releasenotes/notes/server-blacklist-support-370c1a1f15a28a41.yaml
@@ -0,0 +1,6 @@
+---
+features:
+ - Added the ability to blacklist servers by name from being
+ associated with any Heat triggered SoftwareDeployment
+ resources. The servers are specified in the new
+ DeploymentServerBlacklist parameter.
diff --git a/releasenotes/notes/unset-ceph-default-min-size-0297620ed99dab5b.yaml b/releasenotes/notes/unset-ceph-default-min-size-0297620ed99dab5b.yaml
new file mode 100644
index 00000000..fc2cb48a
--- /dev/null
+++ b/releasenotes/notes/unset-ceph-default-min-size-0297620ed99dab5b.yaml
@@ -0,0 +1,12 @@
+---
+fixes:
+ - |
+ Removed the hard coding of osd_pool_default_min_size. Setting this value
+ to 1 can result in data loss in operating production deployments. Not
+ setting this value (or setting it to 0) will allow ceph to calculate the
+ value based on the current setting of osd_pool_default_size. If the
+ replication count is 3, then the calculated min_size is 2. If the
+ replication count is 1, then the calcualted min_size is 1. For a POC
+ deployments using a single OSD, set osd_pool_default_size = 1. See
+ description at http://docs.ceph.com/docs/master/rados/configuration/pool-pg-config-ref/
+ Added CephPoolDefaultSize to set default replication size. Default value is 3.
diff --git a/releasenotes/notes/vhost_default_dir-cac327a0ac05df90.yaml b/releasenotes/notes/vhost_default_dir-cac327a0ac05df90.yaml
new file mode 100644
index 00000000..b9ddaec4
--- /dev/null
+++ b/releasenotes/notes/vhost_default_dir-cac327a0ac05df90.yaml
@@ -0,0 +1,6 @@
+---
+issues:
+ - Modify ``NeutronVhostuserSocketDir`` to a seprate directory in the DPDK
+ environment file. A different set of permission is required for creating
+ vhost sockets when the vhost type is dpdkvhostuserclient (which is default
+ from ocata).
diff --git a/roles_data.yaml b/roles_data.yaml
index 3e0ef752..86cd3f0d 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -75,6 +75,7 @@
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::NeutronOvsAgent
- OS::TripleO::Services::NeutronL2gwAgent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::HAproxy
- OS::TripleO::Services::Keepalived
@@ -99,6 +100,9 @@
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Securetty
- OS::TripleO::Services::Timezone
+ # FIXME: This service was disabled in Pike and this entry should be removed
+ # in Queens.
+ - OS::TripleO::Services::CeilometerExpirer
- OS::TripleO::Services::CeilometerAgentCentral
- OS::TripleO::Services::CeilometerAgentNotification
- OS::TripleO::Services::Horizon
@@ -164,6 +168,7 @@
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::ComputeCeilometerAgent
- OS::TripleO::Services::ComputeNeutronL3Agent
- OS::TripleO::Services::ComputeNeutronMetadataAgent
diff --git a/test-requirements.txt b/test-requirements.txt
index 1c9e3b42..c30101f2 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -4,6 +4,6 @@
PyYAML>=3.10.0 # MIT
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
-sphinx>=1.5.1 # BSD
+sphinx!=1.6.1,>=1.5.1 # BSD
oslosphinx>=4.7.0 # Apache-2.0
reno>=1.8.0 # Apache-2.0