diff options
Diffstat (limited to 'environments')
| -rw-r--r-- | environments/deployed-server-environment.j2.yaml | 11 | ||||
| -rw-r--r-- | environments/deployed-server-environment.yaml | 4 | ||||
| -rw-r--r-- | environments/enable-internal-tls.yaml | 3 | ||||
| -rw-r--r-- | environments/major-upgrade-composable-steps-docker.yaml | 1 | ||||
| -rw-r--r-- | environments/major-upgrade-composable-steps.yaml | 2 | ||||
| -rw-r--r-- | environments/major-upgrade-converge-docker.yaml | 1 | ||||
| -rw-r--r-- | environments/major-upgrade-converge.yaml | 1 | ||||
| -rw-r--r-- | environments/neutron-ml2-bigswitch.yaml | 13 | ||||
| -rw-r--r-- | environments/nova-api-policy.yaml | 10 |
9 files changed, 37 insertions, 9 deletions
diff --git a/environments/deployed-server-environment.j2.yaml b/environments/deployed-server-environment.j2.yaml new file mode 100644 index 00000000..327934da --- /dev/null +++ b/environments/deployed-server-environment.j2.yaml @@ -0,0 +1,11 @@ +resource_registry: + OS::TripleO::Server: ../deployed-server/deployed-server.yaml + OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port + OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None + +{% for role in roles %} + # Default nic config mappings + OS::TripleO::{{role.name}}::Net::SoftwareConfig: ../net-config-static.yaml +{% endfor %} + + OS::TripleO::ControllerDeployedServer::Net::SoftwareConfig: ../net-config-static-bridge.yaml diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml deleted file mode 100644 index 7bc1bd9b..00000000 --- a/environments/deployed-server-environment.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resource_registry: - OS::TripleO::Server: ../deployed-server/deployed-server.yaml - OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port - OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml index e245a6af..2fdecb4f 100644 --- a/environments/enable-internal-tls.yaml +++ b/environments/enable-internal-tls.yaml @@ -12,9 +12,6 @@ resource_registry: OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml - OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml - OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml - OS::TripleO::Services::RabbitMQTLS: ../puppet/services/rabbitmq-internal-tls-certmonger.yaml # We use apache as a TLS proxy OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml diff --git a/environments/major-upgrade-composable-steps-docker.yaml b/environments/major-upgrade-composable-steps-docker.yaml index 5fa2f2d8..40da726d 100644 --- a/environments/major-upgrade-composable-steps-docker.yaml +++ b/environments/major-upgrade-composable-steps-docker.yaml @@ -4,6 +4,7 @@ resource_registry: # enough (as we want to share the ansible tasks steps etc) OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml parameter_defaults: + EnableConfigPurge: false UpgradeLevelNovaCompute: auto UpgradeInitCommonCommand: | #!/bin/bash diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml index 9ecc2251..8b1617f9 100644 --- a/environments/major-upgrade-composable-steps.yaml +++ b/environments/major-upgrade-composable-steps.yaml @@ -1,13 +1,13 @@ resource_registry: OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml parameter_defaults: + EnableConfigPurge: true UpgradeLevelNovaCompute: auto UpgradeInitCommonCommand: | #!/bin/bash # Newton to Ocata, we need to remove old hiera hook data and # install ansible heat agents and ansible-pacemaker set -eu - yum install -y openstack-heat-agents yum install -y python-heat-agent-* yum install -y ansible-pacemaker rm -f /usr/libexec/os-apply-config/templates/etc/puppet/hiera.yaml diff --git a/environments/major-upgrade-converge-docker.yaml b/environments/major-upgrade-converge-docker.yaml index 463206f1..a3816b50 100644 --- a/environments/major-upgrade-converge-docker.yaml +++ b/environments/major-upgrade-converge-docker.yaml @@ -3,5 +3,6 @@ resource_registry: OS::TripleO::PostDeploySteps: ../docker/post.yaml parameter_defaults: + EnableConfigPurge: false UpgradeLevelNovaCompute: '' UpgradeInitCommonCommand: '' diff --git a/environments/major-upgrade-converge.yaml b/environments/major-upgrade-converge.yaml index f09fb20e..4e8bf46b 100644 --- a/environments/major-upgrade-converge.yaml +++ b/environments/major-upgrade-converge.yaml @@ -3,5 +3,6 @@ resource_registry: OS::TripleO::PostDeploySteps: ../puppet/post.yaml parameter_defaults: + EnableConfigPurge: false UpgradeLevelNovaCompute: '' UpgradeInitCommonCommand: '' diff --git a/environments/neutron-ml2-bigswitch.yaml b/environments/neutron-ml2-bigswitch.yaml index 750d3c4e..8a4a144c 100644 --- a/environments/neutron-ml2-bigswitch.yaml +++ b/environments/neutron-ml2-bigswitch.yaml @@ -3,12 +3,17 @@ resource_registry: OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml + OS::TripleO::NeutronBigswitchAgent: ../puppet/services/neutron-bigswitch-agent.yaml + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None parameter_defaults: # Required to fill in: NeutronBigswitchRestproxyServers: NeutronBigswitchRestproxyServerAuth: - NeutronMechanismDrivers: bsn_ml2 + NeutronMechanismDrivers: openvswitch,bsn_ml2 + NeutronServicePlugins: bsn_l3,bsn_service_plugin + KeystoneNotificationDriver: messaging # Optional: # NeutronBigswitchRestproxyAutoSyncOnFailure: @@ -19,3 +24,9 @@ parameter_defaults: # NeutronBigswitchAgentEnabled: # NeutronBigswitchLLDPEnabled: + ControllerExtraConfig: + neutron::agents::l3::enabled: false + neutron::agents::dhcp::enable_force_metadata: true + neutron::agents::dhcp::enable_isolated_metadata: true + neutron::agents::dhcp::enable_metadata_network: false + neutron::server::l3_ha: false diff --git a/environments/nova-api-policy.yaml b/environments/nova-api-policy.yaml new file mode 100644 index 00000000..681bd010 --- /dev/null +++ b/environments/nova-api-policy.yaml @@ -0,0 +1,10 @@ +# A Heat environment file which can be used to configure access policies for +# Nova API resources. It is here for example and doesn't cover all services +# but just Nova here. +# While recipes for editing policy.json files is supported, modifying the +# policy can have unexpected side effects and is not encouraged. + +parameter_defaults: + # The target is "compute:get_all", the "list all instances" API of the Compute service. + # The rule is an empty string meaning "always". This policy allows anybody to list instances. + NovaApiPolicies: { nova-context_is_admin: { key: 'compute:get_all', value: '' } } |