diff options
Diffstat (limited to 'environments')
21 files changed, 366 insertions, 18 deletions
diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml new file mode 100644 index 00000000..257d03dc --- /dev/null +++ b/environments/docker-network-isolation.yaml @@ -0,0 +1,4 @@ +parameter_defaults: + NeutronAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini" + NeutronAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro" + NeutronAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro" diff --git a/environments/docker-network.yaml b/environments/docker-network.yaml new file mode 100644 index 00000000..f10ec389 --- /dev/null +++ b/environments/docker-network.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml diff --git a/environments/docker-rdo.yaml b/environments/docker-rdo.yaml deleted file mode 100644 index d5791369..00000000 --- a/environments/docker-rdo.yaml +++ /dev/null @@ -1,17 +0,0 @@ -resource_registry: - # Docker container with heat agents for containerized compute node. - OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml - OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml - OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml - -parameters: - NovaImage: fedora-atomic - -parameter_defaults: - DockerComputeImage: rthallisey/centos-binary-nova-compute:liberty - DockerComputeDataImage: kollaglue/centos-rdo-nova-compute-data:liberty2 - DockerLibvirtImage: kollaglue/centos-rdo-nova-libvirt:liberty2 - DockerNeutronAgentImage: kollaglue/centos-rdo-neutron-agents:liberty2 - DockerOpenvswitchImage: rthallisey/centos-rdo-neutron-openvswitch-agent:latest - DockerOvsVswitchdImage: kollaglue/centos-rdo-ovs-vswitchd:liberty2 - DockerOpenvswitchDBImage: kollaglue/centos-rdo-ovs-db-server:liberty2 diff --git a/environments/docker.yaml b/environments/docker.yaml new file mode 100644 index 00000000..6376b749 --- /dev/null +++ b/environments/docker.yaml @@ -0,0 +1,22 @@ +resource_registry: + # Docker container with heat agents for containerized compute node. + OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml + OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml + +parameters: + NovaImage: atomic-image + +parameter_defaults: + # Defaults to 'tripleoupstream'. Specify a local docker registry + # Example: 192.168.122.131:8787 + DockerNamespace: tripleoupstream + # Enable local Docker registry + DockerNamespaceIsRegistry: false + # Compute Node Images + DockerComputeImage: centos-binary-nova-compute:latest + DockerComputeDataImage: centos-binary-data:latest + DockerLibvirtImage: centos-binary-nova-libvirt:latest + DockerNeutronAgentImage: centos-binary-neutron-agents:latest + DockerOpenvswitchImage: centos-binary-neutron-openvswitch-agent:latest + DockerOvsVswitchdImage: centos-binary-openvswitch-vswitchd:latest + DockerOpenvswitchDBImage: centos-binary-openvswitch-db-server:latest diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml new file mode 100644 index 00000000..bc4d1bef --- /dev/null +++ b/environments/enable-tls.yaml @@ -0,0 +1,41 @@ +parameter_defaults: + SSLCertificate: | + The contents of your certificate go here + SSLIntermediateCertificate: '' + SSLKey: | + The contents of the private key go here + EndpointMap: + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet. + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} + +resource_registry: + OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml new file mode 100644 index 00000000..1cf59825 --- /dev/null +++ b/environments/external-loadbalancer-vip.yaml @@ -0,0 +1,37 @@ +resource_registry: + OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + # When using an external loadbalancer set the following in parameter_defaults + # to control your VIPs (currently one per network) + # NOTE: we will eventually move to one VIP per service + # + ControlPlaneIP: 192.0.2.251 + ExternalNetworkVip: 10.0.0.251 + InternalApiNetworkVip: 172.16.2.251 + StorageNetworkVip: 172.16.1.251 + StorageMgmtNetworkVip: 172.16.3.251 + ServiceVips: + redis: 172.16.2.252 + ControllerIPs: + external: + - 10.0.0.253 + internal_api: + - 172.16.2.253 + storage: + - 172.16.1.253 + storage_mgmt: + - 172.16.3.253 + tenant: + - 172.16.0.253 + EnableLoadBalancer: false diff --git a/environments/inject-trust-anchor.yaml b/environments/inject-trust-anchor.yaml new file mode 100644 index 00000000..3ecb0d27 --- /dev/null +++ b/environments/inject-trust-anchor.yaml @@ -0,0 +1,6 @@ +parameter_defaults: + SSLRootCertificate: | + The contents of your root CA certificate go here + +resource_registry: + OS::TripleO::NodeTLSCAData: ../puppet/extraconfig/tls/ca-inject.yaml diff --git a/environments/ips-from-pool.yaml b/environments/ips-from-pool.yaml new file mode 100644 index 00000000..8c27fe4e --- /dev/null +++ b/environments/ips-from-pool.yaml @@ -0,0 +1,20 @@ +resource_registry: + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + ControllerIPs: + # Each controller will get an IP from the lists below, first controller, first IP + external: + - 10.0.0.251 + internal_api: + - 172.16.2.251 + storage: + - 172.16.1.251 + storage_mgmt: + - 172.16.3.251 + tenant: + - 172.16.0.251 diff --git a/environments/manage-firewall.yaml b/environments/manage-firewall.yaml new file mode 100644 index 00000000..071f4108 --- /dev/null +++ b/environments/manage-firewall.yaml @@ -0,0 +1,2 @@ +parameters: + ManageFirewall: true diff --git a/environments/net-bond-with-vlans-no-external.yaml b/environments/net-bond-with-vlans-no-external.yaml new file mode 100644 index 00000000..0da119d9 --- /dev/null +++ b/environments/net-bond-with-vlans-no-external.yaml @@ -0,0 +1,26 @@ +# This template configures each role to use a pair of bonded nics (nic2 and +# nic3) and configures an IP address on each relevant isolated network +# for each role. + +# This template assumes use of network-isolation.yaml and should be specified +# last on the CLI as a Heat environment so as to override specific +# registry settings in the network-isolation registry. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + + # Set external ports to noop + OS::TripleO::Network::External: ../network/noop.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/noop.yaml + + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/bond-with-vlans/controller-no-external.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml + +# NOTE: with no external interface we should be able to use the +# default Neutron l3_agent.ini setting for the external bridge (br-ex) +# i.e. No need to set: NeutronExternalNetworkBridge: "''" diff --git a/environments/net-single-nic-with-vlans-no-external.yaml b/environments/net-single-nic-with-vlans-no-external.yaml new file mode 100644 index 00000000..a173df4e --- /dev/null +++ b/environments/net-single-nic-with-vlans-no-external.yaml @@ -0,0 +1,25 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network. +# This template assumes use of network-isolation.yaml and should be specified +# last on the CLI as a Heat environment so as to override specific +# registry settings in the network-isolation registry. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + + # Set external ports to noop + OS::TripleO::Network::External: ../network/noop.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/noop.yaml + + # Configure other ports as normal + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller-no-external.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml + +# NOTE: with no external interface we should be able to use the +# default Neutron l3_agent.ini setting for the external bridge (br-ex) +# i.e. No need to set: NeutronExternalNetworkBridge: "''" diff --git a/environments/network-isolation-no-tunneling.yaml b/environments/network-isolation-no-tunneling.yaml new file mode 100644 index 00000000..5d2a915b --- /dev/null +++ b/environments/network-isolation-no-tunneling.yaml @@ -0,0 +1,37 @@ +# Enable the creation of Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. This version of the environment +# has no dedicated VLAN for tunneling, for deployments that use +# VLAN mode, flat provider networks, etc. +resource_registry: + OS::TripleO::Network::External: ../network/external.yaml + OS::TripleO::Network::InternalApi: ../network/internal_api.yaml + OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml + OS::TripleO::Network::Storage: ../network/storage.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for service virtual IPs for the controller role + OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index 937931d1..87fc22f5 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -1,12 +1,23 @@ # Enable the creation of Neutron networks for isolated Overcloud # traffic and configure each role to assign ports (related # to that role) on these networks. +# Many networks are disabled by default because they are not used +# in a typical configuration. Override via parameter_defaults. resource_registry: OS::TripleO::Network::External: ../network/external.yaml OS::TripleO::Network::InternalApi: ../network/internal_api.yaml OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml OS::TripleO::Network::Storage: ../network/storage.yaml OS::TripleO::Network::Tenant: ../network/tenant.yaml + # Management network is optional and disabled by default + OS::TripleO::Network::Management: ../network/noop.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml @@ -14,25 +25,39 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the compute role + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for service virtual IPs for the controller role OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml diff --git a/environments/network-management.yaml b/environments/network-management.yaml new file mode 100644 index 00000000..2f0cff8b --- /dev/null +++ b/environments/network-management.yaml @@ -0,0 +1,24 @@ +# Enable the creation of a system management network. This +# creates a Neutron network for isolated Overcloud +# system management traffic and configures each role to +# assign a port (related to that role) on that network. +# Note that the basic sample NIC configuration templates +# do not include the management network, see the +# single-nic-vlans-mgmt templates for an example. +resource_registry: + OS::TripleO::Network::Management: ../network/management.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml diff --git a/environments/neutron-midonet.yaml b/environments/neutron-midonet.yaml new file mode 100644 index 00000000..726852a0 --- /dev/null +++ b/environments/neutron-midonet.yaml @@ -0,0 +1,20 @@ +# A Heat environment that can be used to deploy MidoNet Services +resource_registry: + OS::TripleO::AllNodesExtraConfig: ../puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../net-config-linux-bridge.yaml # We have to avoid any ovs bridge. MidoNet is incompatible with its datapath + +parameter_defaults: + EnableZookeeperOnController: true + EnableCassandraOnController: true + NeutronCorePlugin: 'midonet.neutron.plugin_v1.MidonetPluginV2' # Overriding default core_plugin in Neutron. Don't touch it + NeutronEnableIsolatedMetadata: true # MidoNet 1.9 needs this one to work. Don't change it + NeutronEnableL3Agent: false + NeutronEnableOVSAgent: false + + # Other available options for MidoNet Services + # TunnelZoneName: 'tunnelname' + # TunnelZoneType: 'gre' + # CassandraStoragePort: 7000 + # CassandraSslStoragePort: 7009 + # CassandraClientPort: 9042 + # CassandraClientPortThrift: 9160 diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml new file mode 100644 index 00000000..50ba8f53 --- /dev/null +++ b/environments/neutron-nuage-config.yaml @@ -0,0 +1,15 @@ +# A Heat environment file which can be used to enable a +# a Neutron Nuage backend on the controller, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml + +parameter_defaults: + NeutronNuageOSControllerIp: '0.0.0.0' + NeutronNuageNetPartitionName: 'default_name' + NeutronNuageVSDIp: '0.0.0.0:0' + NeutronNuageVSDUsername: 'username' + NeutronNuageVSDPassword: 'password' + NeutronNuageVSDOrganization: 'organization' + NeutronNuageBaseURIVersion: 'default_uri_version' + NeutronNuageCMSId: '' + UseForwardedFor: true diff --git a/environments/nova-nuage-config.yaml b/environments/nova-nuage-config.yaml new file mode 100644 index 00000000..56c64d15 --- /dev/null +++ b/environments/nova-nuage-config.yaml @@ -0,0 +1,8 @@ +# A Heat environment file which can be used to enable +# Nuage backend on the compute, configured via puppet +resource_registry: + OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml + +parameter_defaults: + NuageActiveController: '0.0.0.0' + NuageStandbyController: '0.0.0.0' diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index 3c7901cc..7f5b5080 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -3,7 +3,7 @@ resource_registry: OS::TripleO::CephClusterConfig::SoftwareConfig: ../puppet/extraconfig/ceph/ceph-external-config.yaml -parameters: +parameter_defaults: # NOTE: These example parameters are required when using Ceph External #CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' #CephClientKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' @@ -13,6 +13,13 @@ parameters: NovaEnableRbdBackend: true CinderEnableRbdBackend: true GlanceBackend: rbd + # If the Ceph pools which host VMs, Volumes and Images do not match these + # names OR the client keyring to use is not named 'openstack', edit the + # following as needed. + NovaRbdPoolName: vms + CinderRbdPoolName: volumes + GlanceRbdPoolName: images + CephClientUserName: openstack # finally we disable the Cinder LVM backend CinderEnableIscsiBackend: false diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index f235cf8f..8986e35f 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -2,3 +2,5 @@ # Overcloud controller with Pacemaker. resource_registry: OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml + OS::TripleO::Tasks::ControllerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml diff --git a/environments/updates/README.md b/environments/updates/README.md new file mode 100644 index 00000000..8c03411d --- /dev/null +++ b/environments/updates/README.md @@ -0,0 +1,9 @@ +This directory contains Heat environment file snippets which can +be used to ensure smooth updates of the Overcloud. + +Contents +-------- + +**update-from-keystone-admin-internal-api.yaml** + To be used if the Keystone Admin API was originally deployed on the + Internal API network. diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml new file mode 100644 index 00000000..3c71ef1b --- /dev/null +++ b/environments/updates/update-from-keystone-admin-internal-api.yaml @@ -0,0 +1,33 @@ +# This environment file provides a default value for ServiceNetMap where +# Keystone Admin API service is running on the Internal API network + +parameters: + ServiceNetMap: + NeutronTenantNetwork: tenant + CeilometerApiNetwork: internal_api + MongoDbNetwork: internal_api + CinderApiNetwork: internal_api + CinderIscsiNetwork: storage + GlanceApiNetwork: storage + GlanceRegistryNetwork: internal_api + KeystoneAdminApiNetwork: internal_api + KeystonePublicApiNetwork: internal_api + NeutronApiNetwork: internal_api + HeatApiNetwork: internal_api + NovaApiNetwork: internal_api + NovaMetadataNetwork: internal_api + NovaVncProxyNetwork: internal_api + SwiftMgmtNetwork: storage_mgmt + SwiftProxyNetwork: storage + HorizonNetwork: internal_api + MemcachedNetwork: internal_api + RabbitMqNetwork: internal_api + RedisNetwork: internal_api + MysqlNetwork: internal_api + CephClusterNetwork: storage_mgmt + CephPublicNetwork: storage + ControllerHostnameResolveNetwork: internal_api + ComputeHostnameResolveNetwork: internal_api + BlockStorageHostnameResolveNetwork: internal_api + ObjectStorageHostnameResolveNetwork: internal_api + CephStorageHostnameResolveNetwork: storage |