summaryrefslogtreecommitdiffstats
path: root/environments
diff options
context:
space:
mode:
Diffstat (limited to 'environments')
-rw-r--r--environments/config-debug.yaml5
-rw-r--r--environments/docker-rdo.yaml23
-rw-r--r--environments/enable-tls.yaml9
-rw-r--r--environments/external-loadbalancer-vip.yaml14
-rw-r--r--environments/inject-trust-anchor.yaml6
-rw-r--r--environments/manage-firewall.yaml2
-rw-r--r--environments/net-bond-with-vlans-no-external.yaml26
-rw-r--r--environments/net-multiple-nics.yaml13
-rw-r--r--environments/net-single-nic-with-vlans-no-external.yaml25
-rw-r--r--environments/network-isolation-no-tunneling.yaml37
-rw-r--r--environments/neutron-nuage-config.yaml14
-rw-r--r--environments/nova-nuage-config.yaml8
-rw-r--r--environments/puppet-ceph-external.yaml9
-rw-r--r--environments/storage-environment.yaml2
-rw-r--r--environments/updates/README.md9
-rw-r--r--environments/updates/update-from-keystone-admin-internal-api.yaml33
16 files changed, 233 insertions, 2 deletions
diff --git a/environments/config-debug.yaml b/environments/config-debug.yaml
new file mode 100644
index 00000000..b176c255
--- /dev/null
+++ b/environments/config-debug.yaml
@@ -0,0 +1,5 @@
+# A Heat environment file which can be used to enable config
+# management (e.g. Puppet) debugging.
+
+parameter_defaults:
+ ConfigDebug: true
diff --git a/environments/docker-rdo.yaml b/environments/docker-rdo.yaml
new file mode 100644
index 00000000..66824feb
--- /dev/null
+++ b/environments/docker-rdo.yaml
@@ -0,0 +1,23 @@
+resource_registry:
+ # Docker container with heat agents for containerized compute node.
+ OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml
+ OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml
+
+parameters:
+ NovaImage: atomic-image
+
+parameter_defaults:
+ # Defaults to 'tripleoupstream'. Specify a local docker registry
+ # Example: 192.168.122.131:8787
+ DockerNamespace: tripleoupstream
+ # Enable local Docker registry
+ DockerNamespaceIsRegistry: false
+ # Compute Node Images
+ DockerComputeImage: centos-binary-nova-compute:latest
+ DockerComputeDataImage: centos-binary-data:latest
+ DockerLibvirtImage: centos-binary-nova-libvirt:latest
+ DockerNeutronAgentImage: centos-binary-neutron-agents:latest
+ DockerOpenvswitchImage: centos-binary-neutron-openvswitch-agent:latest
+ DockerOvsVswitchdImage: centos-binary-openvswitch-vswitchd:latest
+ DockerOpenvswitchDBImage: centos-binary-openvswitch-db-server:latest
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml
new file mode 100644
index 00000000..5c2506e9
--- /dev/null
+++ b/environments/enable-tls.yaml
@@ -0,0 +1,9 @@
+parameter_defaults:
+ SSLCertificate: |
+ The contents of your certificate go here
+ SSLIntermediateCertificate: ''
+ SSLKey: |
+ The contents of the private key go here
+
+resource_registry:
+ OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml
diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml
new file mode 100644
index 00000000..47d5bd9b
--- /dev/null
+++ b/environments/external-loadbalancer-vip.yaml
@@ -0,0 +1,14 @@
+resource_registry:
+ OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml
+
+parameter_defaults:
+ # When using an external loadbalancer set the following in parameter_defaults
+ # to control your VIPs (currently one per network)
+ # NOTE: we will eventually move to one VIP per service
+ #
+ # ControlNetworkVip:
+ # ExternalNetworkVip:
+ # InternalApiNetworkVip:
+ # StorageNetworkVip:
+ # StorageMgmtNetworkVip:
+ EnableLoadBalancer: false \ No newline at end of file
diff --git a/environments/inject-trust-anchor.yaml b/environments/inject-trust-anchor.yaml
new file mode 100644
index 00000000..3ecb0d27
--- /dev/null
+++ b/environments/inject-trust-anchor.yaml
@@ -0,0 +1,6 @@
+parameter_defaults:
+ SSLRootCertificate: |
+ The contents of your root CA certificate go here
+
+resource_registry:
+ OS::TripleO::NodeTLSCAData: ../puppet/extraconfig/tls/ca-inject.yaml
diff --git a/environments/manage-firewall.yaml b/environments/manage-firewall.yaml
new file mode 100644
index 00000000..071f4108
--- /dev/null
+++ b/environments/manage-firewall.yaml
@@ -0,0 +1,2 @@
+parameters:
+ ManageFirewall: true
diff --git a/environments/net-bond-with-vlans-no-external.yaml b/environments/net-bond-with-vlans-no-external.yaml
new file mode 100644
index 00000000..0da119d9
--- /dev/null
+++ b/environments/net-bond-with-vlans-no-external.yaml
@@ -0,0 +1,26 @@
+# This template configures each role to use a pair of bonded nics (nic2 and
+# nic3) and configures an IP address on each relevant isolated network
+# for each role.
+
+# This template assumes use of network-isolation.yaml and should be specified
+# last on the CLI as a Heat environment so as to override specific
+# registry settings in the network-isolation registry.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+
+ # Set external ports to noop
+ OS::TripleO::Network::External: ../network/noop.yaml
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/noop.yaml
+
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/bond-with-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/bond-with-vlans/controller-no-external.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml
+
+# NOTE: with no external interface we should be able to use the
+# default Neutron l3_agent.ini setting for the external bridge (br-ex)
+# i.e. No need to set: NeutronExternalNetworkBridge: "''"
diff --git a/environments/net-multiple-nics.yaml b/environments/net-multiple-nics.yaml
new file mode 100644
index 00000000..5ee516fb
--- /dev/null
+++ b/environments/net-multiple-nics.yaml
@@ -0,0 +1,13 @@
+# This template configures each role to use a separate NIC for
+# each isolated network.
+# This template assumes use of network-isolation.yaml.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/multiple-nics/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/multiple-nics/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/multiple-nics/controller.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/multiple-nics/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/multiple-nics/ceph-storage.yaml
diff --git a/environments/net-single-nic-with-vlans-no-external.yaml b/environments/net-single-nic-with-vlans-no-external.yaml
new file mode 100644
index 00000000..a173df4e
--- /dev/null
+++ b/environments/net-single-nic-with-vlans-no-external.yaml
@@ -0,0 +1,25 @@
+# This template configures each role to use Vlans on a single nic for
+# each isolated network.
+# This template assumes use of network-isolation.yaml and should be specified
+# last on the CLI as a Heat environment so as to override specific
+# registry settings in the network-isolation registry.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+
+ # Set external ports to noop
+ OS::TripleO::Network::External: ../network/noop.yaml
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/noop.yaml
+
+ # Configure other ports as normal
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller-no-external.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml
+
+# NOTE: with no external interface we should be able to use the
+# default Neutron l3_agent.ini setting for the external bridge (br-ex)
+# i.e. No need to set: NeutronExternalNetworkBridge: "''"
diff --git a/environments/network-isolation-no-tunneling.yaml b/environments/network-isolation-no-tunneling.yaml
new file mode 100644
index 00000000..5d2a915b
--- /dev/null
+++ b/environments/network-isolation-no-tunneling.yaml
@@ -0,0 +1,37 @@
+# Enable the creation of Neutron networks for isolated Overcloud
+# traffic and configure each role to assign ports (related
+# to that role) on these networks. This version of the environment
+# has no dedicated VLAN for tunneling, for deployments that use
+# VLAN mode, flat provider networks, etc.
+resource_registry:
+ OS::TripleO::Network::External: ../network/external.yaml
+ OS::TripleO::Network::InternalApi: ../network/internal_api.yaml
+ OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml
+ OS::TripleO::Network::Storage: ../network/storage.yaml
+
+ # Port assignments for the controller role
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml
+ OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml
+ OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+
+ # Port assignments for the compute role
+ OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml
+ OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml
+
+ # Port assignments for the ceph storage role
+ OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+
+ # Port assignments for the swift storage role
+ OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
+ OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+
+ # Port assignments for the block storage role
+ OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
+ OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+
+ # Port assignments for service virtual IPs for the controller role
+ OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml
diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml
new file mode 100644
index 00000000..4ba8d9cb
--- /dev/null
+++ b/environments/neutron-nuage-config.yaml
@@ -0,0 +1,14 @@
+# A Heat environment file which can be used to enable a
+# a Neutron Nuage backend on the controller, configured via puppet
+resource_registry:
+ OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml
+
+parameter_defaults:
+ NeutronNuageOSControllerIp: '0.0.0.0'
+ NeutronNuageNetPartitionName: 'default_name'
+ NeutronNuageVSDIp: '0.0.0.0:0'
+ NeutronNuageVSDUsername: 'username'
+ NeutronNuageVSDPassword: 'password'
+ NeutronNuageVSDOrganization: 'organization'
+ NeutronNuageBaseURIVersion: 'default_uri_version'
+ NeutronNuageCMSId: ''
diff --git a/environments/nova-nuage-config.yaml b/environments/nova-nuage-config.yaml
new file mode 100644
index 00000000..56c64d15
--- /dev/null
+++ b/environments/nova-nuage-config.yaml
@@ -0,0 +1,8 @@
+# A Heat environment file which can be used to enable
+# Nuage backend on the compute, configured via puppet
+resource_registry:
+ OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+
+parameter_defaults:
+ NuageActiveController: '0.0.0.0'
+ NuageStandbyController: '0.0.0.0'
diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml
index 3c7901cc..7f5b5080 100644
--- a/environments/puppet-ceph-external.yaml
+++ b/environments/puppet-ceph-external.yaml
@@ -3,7 +3,7 @@
resource_registry:
OS::TripleO::CephClusterConfig::SoftwareConfig: ../puppet/extraconfig/ceph/ceph-external-config.yaml
-parameters:
+parameter_defaults:
# NOTE: These example parameters are required when using Ceph External
#CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
#CephClientKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
@@ -13,6 +13,13 @@ parameters:
NovaEnableRbdBackend: true
CinderEnableRbdBackend: true
GlanceBackend: rbd
+ # If the Ceph pools which host VMs, Volumes and Images do not match these
+ # names OR the client keyring to use is not named 'openstack', edit the
+ # following as needed.
+ NovaRbdPoolName: vms
+ CinderRbdPoolName: volumes
+ GlanceRbdPoolName: images
+ CephClientUserName: openstack
# finally we disable the Cinder LVM backend
CinderEnableIscsiBackend: false
diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml
index 535ec6fe..5ccfa58e 100644
--- a/environments/storage-environment.yaml
+++ b/environments/storage-environment.yaml
@@ -1,7 +1,7 @@
## A Heat environment file which can be used to set up storage
## backends. Defaults to Ceph used as a backend for Cinder, Glance and
## Nova ephemeral storage.
-parameters:
+parameter_defaults:
#### BACKEND SELECTION ####
diff --git a/environments/updates/README.md b/environments/updates/README.md
new file mode 100644
index 00000000..8c03411d
--- /dev/null
+++ b/environments/updates/README.md
@@ -0,0 +1,9 @@
+This directory contains Heat environment file snippets which can
+be used to ensure smooth updates of the Overcloud.
+
+Contents
+--------
+
+**update-from-keystone-admin-internal-api.yaml**
+ To be used if the Keystone Admin API was originally deployed on the
+ Internal API network.
diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml
new file mode 100644
index 00000000..3c71ef1b
--- /dev/null
+++ b/environments/updates/update-from-keystone-admin-internal-api.yaml
@@ -0,0 +1,33 @@
+# This environment file provides a default value for ServiceNetMap where
+# Keystone Admin API service is running on the Internal API network
+
+parameters:
+ ServiceNetMap:
+ NeutronTenantNetwork: tenant
+ CeilometerApiNetwork: internal_api
+ MongoDbNetwork: internal_api
+ CinderApiNetwork: internal_api
+ CinderIscsiNetwork: storage
+ GlanceApiNetwork: storage
+ GlanceRegistryNetwork: internal_api
+ KeystoneAdminApiNetwork: internal_api
+ KeystonePublicApiNetwork: internal_api
+ NeutronApiNetwork: internal_api
+ HeatApiNetwork: internal_api
+ NovaApiNetwork: internal_api
+ NovaMetadataNetwork: internal_api
+ NovaVncProxyNetwork: internal_api
+ SwiftMgmtNetwork: storage_mgmt
+ SwiftProxyNetwork: storage
+ HorizonNetwork: internal_api
+ MemcachedNetwork: internal_api
+ RabbitMqNetwork: internal_api
+ RedisNetwork: internal_api
+ MysqlNetwork: internal_api
+ CephClusterNetwork: storage_mgmt
+ CephPublicNetwork: storage
+ ControllerHostnameResolveNetwork: internal_api
+ ComputeHostnameResolveNetwork: internal_api
+ BlockStorageHostnameResolveNetwork: internal_api
+ ObjectStorageHostnameResolveNetwork: internal_api
+ CephStorageHostnameResolveNetwork: storage