diff options
Diffstat (limited to 'environments')
23 files changed, 115 insertions, 22 deletions
diff --git a/environments/contrail/roles_data_contrail.yaml b/environments/contrail/roles_data_contrail.yaml index 5f6c4691..d6d6f291 100644 --- a/environments/contrail/roles_data_contrail.yaml +++ b/environments/contrail/roles_data_contrail.yaml @@ -29,6 +29,7 @@ CountDefault: 1 ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::CephMds - OS::TripleO::Services::CephMon - OS::TripleO::Services::CephExternal @@ -115,6 +116,7 @@ disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::CephClient - OS::TripleO::Services::CephExternal - OS::TripleO::Services::Timezone @@ -140,6 +142,7 @@ - name: BlockStorage ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::BlockStorageCinderVolume - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -156,6 +159,7 @@ disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::SwiftStorage @@ -173,6 +177,7 @@ disable_upgrade_deployment: True ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::CephOSD - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -188,6 +193,7 @@ - name: ContrailController ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::ContrailConfig - OS::TripleO::Services::ContrailControl - OS::TripleO::Services::ContrailDatabase @@ -203,6 +209,7 @@ - name: ContrailAnalytics ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::ContrailAnalytics - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -215,6 +222,7 @@ - name: ContrailAnalyticsDatabase ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::ContrailAnalyticsDatabase - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp @@ -227,6 +235,7 @@ - name: ContrailTsn ServicesDefault: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::ContrailTsn - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp diff --git a/environments/deployed-server-environment.j2.yaml b/environments/deployed-server-environment.j2.yaml new file mode 100644 index 00000000..327934da --- /dev/null +++ b/environments/deployed-server-environment.j2.yaml @@ -0,0 +1,11 @@ +resource_registry: + OS::TripleO::Server: ../deployed-server/deployed-server.yaml + OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port + OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None + +{% for role in roles %} + # Default nic config mappings + OS::TripleO::{{role.name}}::Net::SoftwareConfig: ../net-config-static.yaml +{% endfor %} + + OS::TripleO::ControllerDeployedServer::Net::SoftwareConfig: ../net-config-static-bridge.yaml diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml deleted file mode 100644 index 7bc1bd9b..00000000 --- a/environments/deployed-server-environment.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resource_registry: - OS::TripleO::Server: ../deployed-server/deployed-server.yaml - OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port - OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None diff --git a/environments/docker.yaml b/environments/docker.yaml index 3696f908..755e94c2 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -3,6 +3,8 @@ resource_registry: # e.g atomic, but it has been replaced with OS::TripleO::Services::Docker # OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml OS::TripleO::Services::Docker: ../puppet/services/docker.yaml + # The compute node still needs extra initialization steps + OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml #NOTE (dprince) add roles to be docker enabled as we support them OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml @@ -17,11 +19,6 @@ resource_registry: OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml - # FIXME: these need to go into a environments/services-docker dir? - OS::TripleO::Services::NovaIronic: ../docker/services/nova-ironic.yaml - OS::TripleO::Services::IronicApi: ../docker/services/ironic-api.yaml - OS::TripleO::Services::IronicConductor: ../docker/services/ironic-conductor.yaml - OS::TripleO::Services::IronicPxe: ../docker/services/ironic-pxe.yaml OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml OS::TripleO::Services::NeutronCorePlugin: ../docker/services/neutron-plugin-ml2.yaml @@ -29,16 +26,20 @@ resource_registry: OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml - OS::TripleO::Services::MistralApi: ../docker/services/mistral-api.yaml - OS::TripleO::Services::MistralEngine: ../docker/services/mistral-engine.yaml - OS::TripleO::Services::MistralExecutor: ../docker/services/mistral-executor.yaml - OS::TripleO::Services::Zaqar: ../docker/services/zaqar.yaml OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml OS::TripleO::Services::Memcached: ../docker/services/memcached.yaml OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml OS::TripleO::Services::SwiftStorage: ../docker/services/swift-storage.yaml OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml + OS::TripleO::Services::GnocchiApi: ../docker/services/gnocchi-api.yaml + OS::TripleO::Services::GnocchiMetricd: ../docker/services/gnocchi-metricd.yaml + OS::TripleO::Services::GnocchiStatsd: ../docker/services/gnocchi-statsd.yaml + OS::TripleO::Services::AodhApi: ../docker/services/aodh-api.yaml + OS::TripleO::Services::AodhEvaluator: ../docker/services/aodh-evaluator.yaml + OS::TripleO::Services::AodhNotifier: ../docker/services/aodh-notifier.yaml + OS::TripleO::Services::AodhListener: ../docker/services/aodh-listener.yaml + OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml OS::TripleO::PostDeploySteps: ../docker/post.yaml OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml @@ -55,3 +56,4 @@ parameter_defaults: - OS::TripleO::Services::NovaCompute - OS::TripleO::Services::NovaLibvirt - OS::TripleO::Services::ComputeNeutronOvsAgent + - OS::TripleO::Services::Docker diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml index ff4ecfbe..2fdecb4f 100644 --- a/environments/enable-internal-tls.yaml +++ b/environments/enable-internal-tls.yaml @@ -2,15 +2,17 @@ # a TLS for in the internal network via certmonger parameter_defaults: EnableInternalTLS: true + RabbitClientUseSSL: true # Required for novajoin to enroll the overcloud nodes ServerMetadata: ipa_enroll: True resource_registry: + OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml + OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml - OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml - OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml + # We use apache as a TLS proxy OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml index f59b0414..8f74ec35 100644 --- a/environments/hyperconverged-ceph.yaml +++ b/environments/hyperconverged-ceph.yaml @@ -6,6 +6,7 @@ resource_registry: parameter_defaults: ComputeServices: - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CertmongerUser - OS::TripleO::Services::CephClient - OS::TripleO::Services::CephExternal - OS::TripleO::Services::Timezone diff --git a/environments/major-upgrade-all-in-one.yaml b/environments/major-upgrade-all-in-one.yaml deleted file mode 100644 index 4283b212..00000000 --- a/environments/major-upgrade-all-in-one.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resource_registry: - OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml diff --git a/environments/major-upgrade-composable-steps-docker.yaml b/environments/major-upgrade-composable-steps-docker.yaml index 5fa2f2d8..40da726d 100644 --- a/environments/major-upgrade-composable-steps-docker.yaml +++ b/environments/major-upgrade-composable-steps-docker.yaml @@ -4,6 +4,7 @@ resource_registry: # enough (as we want to share the ansible tasks steps etc) OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml parameter_defaults: + EnableConfigPurge: false UpgradeLevelNovaCompute: auto UpgradeInitCommonCommand: | #!/bin/bash diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml index 9ecc2251..8b1617f9 100644 --- a/environments/major-upgrade-composable-steps.yaml +++ b/environments/major-upgrade-composable-steps.yaml @@ -1,13 +1,13 @@ resource_registry: OS::TripleO::PostDeploySteps: ../puppet/major_upgrade_steps.yaml parameter_defaults: + EnableConfigPurge: true UpgradeLevelNovaCompute: auto UpgradeInitCommonCommand: | #!/bin/bash # Newton to Ocata, we need to remove old hiera hook data and # install ansible heat agents and ansible-pacemaker set -eu - yum install -y openstack-heat-agents yum install -y python-heat-agent-* yum install -y ansible-pacemaker rm -f /usr/libexec/os-apply-config/templates/etc/puppet/hiera.yaml diff --git a/environments/major-upgrade-converge-docker.yaml b/environments/major-upgrade-converge-docker.yaml index 463206f1..a3816b50 100644 --- a/environments/major-upgrade-converge-docker.yaml +++ b/environments/major-upgrade-converge-docker.yaml @@ -3,5 +3,6 @@ resource_registry: OS::TripleO::PostDeploySteps: ../docker/post.yaml parameter_defaults: + EnableConfigPurge: false UpgradeLevelNovaCompute: '' UpgradeInitCommonCommand: '' diff --git a/environments/major-upgrade-converge.yaml b/environments/major-upgrade-converge.yaml index f09fb20e..4e8bf46b 100644 --- a/environments/major-upgrade-converge.yaml +++ b/environments/major-upgrade-converge.yaml @@ -3,5 +3,6 @@ resource_registry: OS::TripleO::PostDeploySteps: ../puppet/post.yaml parameter_defaults: + EnableConfigPurge: false UpgradeLevelNovaCompute: '' UpgradeInitCommonCommand: '' diff --git a/environments/neutron-bgpvpn.yaml b/environments/neutron-bgpvpn.yaml new file mode 100644 index 00000000..dc6c1454 --- /dev/null +++ b/environments/neutron-bgpvpn.yaml @@ -0,0 +1,16 @@ +# A Heat environment file that can be used to deploy Neutron BGPVPN service +# +# Currently there are four types of service provider for Neutron BGPVPN +# The default option is a dummy driver that allows to enable the API. +# In order to enable other backend, replace the content of BgpvpnServiceProvider +# +# - Bagpipe: BGPVPN:BaGPipe:networking_bgpvpn.neutron.services.service_drivers.bagpipe.bagpipe.BaGPipeBGPVPNDriver:default +# - OpenContrail: BGPVPN:OpenContrail:networking_bgpvpn.neutron.services.service_drivers.opencontrail.opencontrail.OpenContrailBGPVPNDriver:default +# - OpenDaylight: BGPVPN:OpenDaylight:networking_bgpvpn.neutron.services.service_drivers.opendaylight.odl.OpenDaylightBgpvpnDriver:default +# - Nuage: BGPVPN:Nuage:nuage_neutron.bgpvpn.services.service_drivers.driver.NuageBGPVPNDriver:default +resource_registry: + OS::TripleO::Services::NeutronBgpvpnApi: ../puppet/services/neutron-bgpvpn-api.yaml + +parameter_defaults: + NeutronServicePlugins: 'networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin' + BgpvpnServiceProvider: 'BGPVPN:Dummy:networking_bgpvpn.neutron.services.service_drivers.driver_api.BGPVPNDriver:default' diff --git a/environments/neutron-l2gw-api.yaml b/environments/neutron-l2gw-api.yaml new file mode 100644 index 00000000..09894671 --- /dev/null +++ b/environments/neutron-l2gw-api.yaml @@ -0,0 +1,20 @@ +# A Heat environment file that can be used to deploy Neutron L2 Gateway service +# +# Currently there are only two service provider for Neutron L2 Gateway +# The default option is a dummy driver that allows to enable the API. +# In order to enable other backend, replace the content of L2gwServiceProvider +# +# - L2 gateway agent: L2GW:l2gw:networking_l2gw.services.l2gateway.service_drivers.rpc_l2gw.L2gwRpcDriver:default +# - OpenDaylight: L2GW:OpenDaylight:networking_odl.l2gateway.driver.OpenDaylightL2gwDriver:default +resource_registry: + OS::TripleO::Services::NeutronL2gwApi: ../puppet/services/neutron-l2gw-api.yaml + +parameter_defaults: + NeutronServicePlugins: "networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin" + L2gwServiceProvider: ["L2GW:l2gw:networking_l2gw.services.l2gateway.service_drivers.L2gwDriver:default"] + + # Optional + # L2gwServiceDefaultInterfaceName: + # L2gwServiceDefaultDeviceName: + # L2gwServiceQuotaL2Gateway: + # L2gwServicePeriodicMonitoringInterval: diff --git a/environments/neutron-ml2-bigswitch.yaml b/environments/neutron-ml2-bigswitch.yaml index 750d3c4e..8a4a144c 100644 --- a/environments/neutron-ml2-bigswitch.yaml +++ b/environments/neutron-ml2-bigswitch.yaml @@ -3,12 +3,17 @@ resource_registry: OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml + OS::TripleO::NeutronBigswitchAgent: ../puppet/services/neutron-bigswitch-agent.yaml + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None parameter_defaults: # Required to fill in: NeutronBigswitchRestproxyServers: NeutronBigswitchRestproxyServerAuth: - NeutronMechanismDrivers: bsn_ml2 + NeutronMechanismDrivers: openvswitch,bsn_ml2 + NeutronServicePlugins: bsn_l3,bsn_service_plugin + KeystoneNotificationDriver: messaging # Optional: # NeutronBigswitchRestproxyAutoSyncOnFailure: @@ -19,3 +24,9 @@ parameter_defaults: # NeutronBigswitchAgentEnabled: # NeutronBigswitchLLDPEnabled: + ControllerExtraConfig: + neutron::agents::l3::enabled: false + neutron::agents::dhcp::enable_force_metadata: true + neutron::agents::dhcp::enable_isolated_metadata: true + neutron::agents::dhcp::enable_metadata_network: false + neutron::server::l3_ha: false diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml index 74899246..601554a1 100644 --- a/environments/neutron-nuage-config.yaml +++ b/environments/neutron-nuage-config.yaml @@ -10,7 +10,6 @@ resource_registry: OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-nuage.yaml parameter_defaults: - NeutronNuageOSControllerIp: '0.0.0.0' NeutronNuageNetPartitionName: 'default_name' NeutronNuageVSDIp: '0.0.0.0:0' NeutronNuageVSDUsername: 'username' diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml index ed7292b7..4644725d 100644 --- a/environments/neutron-opendaylight.yaml +++ b/environments/neutron-opendaylight.yaml @@ -3,6 +3,7 @@ resource_registry: OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None + OS::TripleO::Services::NeutronCorePlugin: ../puppet/services/neutron-plugin-ml2-odl.yaml OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml OS::TripleO::Services::NeutronL3Agent: OS::Heat::None diff --git a/environments/nova-api-policy.yaml b/environments/nova-api-policy.yaml new file mode 100644 index 00000000..681bd010 --- /dev/null +++ b/environments/nova-api-policy.yaml @@ -0,0 +1,10 @@ +# A Heat environment file which can be used to configure access policies for +# Nova API resources. It is here for example and doesn't cover all services +# but just Nova here. +# While recipes for editing policy.json files is supported, modifying the +# policy can have unexpected side effects and is not encouraged. + +parameter_defaults: + # The target is "compute:get_all", the "list all instances" API of the Compute service. + # The rule is an empty string meaning "always". This policy allows anybody to list instances. + NovaApiPolicies: { nova-context_is_admin: { key: 'compute:get_all', value: '' } } diff --git a/environments/services-docker/ironic.yaml b/environments/services-docker/ironic.yaml new file mode 100644 index 00000000..e927ecb3 --- /dev/null +++ b/environments/services-docker/ironic.yaml @@ -0,0 +1,5 @@ +resource_registry: + OS::TripleO::Services::IronicApi: ../../docker/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: ../../docker/services/ironic-conductor.yaml + OS::TripleO::Services::IronicPxe: ../../docker/services/ironic-pxe.yaml + OS::TripleO::Services::NovaIronic: ../../docker/services/nova-ironic.yaml diff --git a/environments/services-docker/mistral.yaml b/environments/services-docker/mistral.yaml new file mode 100644 index 00000000..a215d2a0 --- /dev/null +++ b/environments/services-docker/mistral.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::MistralEngine: ../../docker/services/mistral-engine.yaml + OS::TripleO::Services::MistralApi: ../../docker/services/mistral-api.yaml + OS::TripleO::Services::MistralExecutor: ../../docker/services/mistral-executor.yaml diff --git a/environments/services-docker/zaqar.yaml b/environments/services-docker/zaqar.yaml new file mode 100644 index 00000000..ca0b3b15 --- /dev/null +++ b/environments/services-docker/zaqar.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml diff --git a/environments/services/disable-ceilometer-api.yaml b/environments/services/disable-ceilometer-api.yaml index 94cd8d5d..fb1ea6a7 100644 --- a/environments/services/disable-ceilometer-api.yaml +++ b/environments/services/disable-ceilometer-api.yaml @@ -1,2 +1,5 @@ resource_registry: OS::TripleO::Services::CeilometerApi: OS::Heat::None + +parameter_defaults: + CeilometerApiEndpoint: false diff --git a/environments/services/panko.yaml b/environments/services/panko.yaml deleted file mode 100644 index 28bf99f6..00000000 --- a/environments/services/panko.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resource_registry: - OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml diff --git a/environments/services/qdr.yaml b/environments/services/qdr.yaml new file mode 100644 index 00000000..e4ad87bd --- /dev/null +++ b/environments/services/qdr.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::Qdr: ../../puppet/services/qdr.yaml |