diff options
Diffstat (limited to 'environments')
27 files changed, 269 insertions, 112 deletions
diff --git a/environments/cinder-backup.yaml b/environments/cinder-backup.yaml new file mode 100644 index 00000000..f01fcbd9 --- /dev/null +++ b/environments/cinder-backup.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::CinderBackup: ../puppet/services/pacemaker/cinder-backup.yaml + # For non-pcmk managed implementation + # OS::TripleO::Services::CinderBackup: ../puppet/services/cinder-backup.yaml
\ No newline at end of file diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml new file mode 100644 index 00000000..c63d399a --- /dev/null +++ b/environments/deployed-server-environment.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Server: ../deployed-server/deployed-server.yaml + OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml + OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/ctlplane-port.yaml diff --git a/environments/deployed-server-noop-ctlplane.yaml b/environments/deployed-server-noop-ctlplane.yaml new file mode 100644 index 00000000..cfda314d --- /dev/null +++ b/environments/deployed-server-noop-ctlplane.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Server: ../deployed-server/deployed-server.yaml + OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml + OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None diff --git a/environments/docker.yaml b/environments/docker.yaml index a7e2504c..c03d8511 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -5,8 +5,6 @@ resource_registry: parameter_defaults: NovaImage: atomic-image - -parameter_defaults: # Defaults to 'tripleoupstream'. Specify a local docker registry # Example: 192.0.2.1:8787/tripleoupstream DockerNamespace: tripleoupstream diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index 71b2c71a..39ded654 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -1,55 +1,12 @@ +# Use this environment to pass in certificates for SSL deployments. +# For these values to take effect, one of the tls-endpoints-*.yaml environments +# must also be used. parameter_defaults: SSLCertificate: | The contents of your certificate go here SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here - EndpointMap: - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} - CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} - CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} - HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} - KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} - SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} resource_registry: OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/major-upgrade-aodh-migration.yaml b/environments/major-upgrade-aodh-migration.yaml new file mode 100644 index 00000000..c1dbde42 --- /dev/null +++ b/environments/major-upgrade-aodh-migration.yaml @@ -0,0 +1,10 @@ +resource_registry: + # aodh data migration + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/mitaka_to_newton_aodh_data_migration.yaml + + # no-op the rest + OS::TripleO::ControllerPostDeployment: OS::Heat::None + OS::TripleO::ComputePostDeployment: OS::Heat::None + OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None + OS::TripleO::BlockStoragePostDeployment: OS::Heat::None + OS::TripleO::CephStoragePostDeployment: OS::Heat::None diff --git a/environments/manila-generic-config.yaml b/environments/manila-generic-config.yaml new file mode 100644 index 00000000..74011c66 --- /dev/null +++ b/environments/manila-generic-config.yaml @@ -0,0 +1,26 @@ +# A Heat environment file which can be used to enable a +# a Manila generic driver backend. +resource_registry: + OS::Tripleo::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::Tripleo::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::Tripleo::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + + +parameter_defaults: + ManilaGenericEnableBackend: true + ManilaGenericBackendName: tripleo_generic + ManilaGenericDriverHandlesShareServers: true + ManilaGenericSmbTemplateConfigPath: '$state_path/smb.conf' + ManilaGenericVolumeNameTemplate: 'manila-share-%s' + ManilaGenericVolumeSnapshotNameTemplate: 'manila-snapshot-%s' + ManilaGenericShareMountPath: '/shares' + ManilaGenericMaxTimeToCreateVolume: '180' + ManilaGenericMaxTimeToAttach: '120' + ManilaGenericServiceInstanceSmbConfigPath: '$share_mount_path/smb.conf' + ManilaGenericShareVolumeFsType: 'ext4' + ManilaGenericCinderVolumeType: '' + ManilaGenericServiceInstanceUser: '' + ManilaGenericServiceInstancePassword: '' + ManilaGenericServiceInstanceFlavorId: 2 + ManilaGenericServiceNetworkCidr: '172.16.0.0/16' diff --git a/environments/network-environment.yaml b/environments/network-environment.yaml index 062c7bee..d0fc9ec6 100644 --- a/environments/network-environment.yaml +++ b/environments/network-environment.yaml @@ -15,14 +15,23 @@ resource_registry: parameter_defaults: # This section is where deployment-specific configuration is done + # CIDR subnet mask length for provisioning network + ControlPlaneSubnetCidr: '24' + # Gateway router for the provisioning network (or Undercloud IP) + ControlPlaneDefaultRoute: 192.0.2.254 + EC2MetadataIp: 192.0.2.1 # Generally the IP of the Undercloud # Customize the IP subnets to match the local environment InternalApiNetCidr: 172.17.0.0/24 StorageNetCidr: 172.18.0.0/24 StorageMgmtNetCidr: 172.19.0.0/24 TenantNetCidr: 172.16.0.0/24 ExternalNetCidr: 10.0.0.0/24 - # CIDR subnet mask length for provisioning network - ControlPlaneSubnetCidr: '24' + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 20 + StorageNetworkVlanID: 30 + StorageMgmtNetworkVlanID: 40 + TenantNetworkVlanID: 50 + ExternalNetworkVlanID: 10 # Customize the IP ranges on each network to use for static IPs and VIPs InternalApiAllocationPools: [{'start': '172.17.0.10', 'end': '172.17.0.200'}] StorageAllocationPools: [{'start': '172.18.0.10', 'end': '172.18.0.200'}] @@ -32,19 +41,16 @@ parameter_defaults: ExternalAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.50'}] # Gateway router for the external network ExternalInterfaceDefaultRoute: 10.0.0.1 - # Gateway router for the provisioning network (or Undercloud IP) - ControlPlaneDefaultRoute: 192.0.2.254 - # Generally the IP of the Undercloud - EC2MetadataIp: 192.0.2.1 + # Uncomment if using the Management Network (see network-management.yaml) + # ManagementNetCidr: 10.0.1.0/24 + # ManagementAllocationPools: [{'start': '10.0.1.10', 'end', '10.0.1.50'}] + # Use either this parameter or ControlPlaneDefaultRoute in the NIC templates + # ManagementInterfaceDefaultRoute: 10.0.1.1 # Define the DNS servers (maximum 2) for the overcloud nodes DnsServers: ["8.8.8.8","8.8.4.4"] - # Customize the VLAN IDs to match the local environment - InternalApiNetworkVlanID: 10 - StorageNetworkVlanID: 20 - StorageMgmtNetworkVlanID: 30 - TenantNetworkVlanID: 40 - ExternalNetworkVlanID: 50 # Set to empty string to enable multiple external networks or VLANs NeutronExternalNetworkBridge: "''" + # The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling. + NeutronTunnelTypes: 'vxlan' # Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100" BondInterfaceOvsOptions: "bond_mode=active-backup" diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index c0420c5c..737d7d36 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -1,16 +1,15 @@ # Enable the creation of Neutron networks for isolated Overcloud # traffic and configure each role to assign ports (related # to that role) on these networks. -# Many networks are disabled by default because they are not used -# in a typical configuration. Override via parameter_defaults. resource_registry: OS::TripleO::Network::External: ../network/external.yaml OS::TripleO::Network::InternalApi: ../network/internal_api.yaml OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml OS::TripleO::Network::Storage: ../network/storage.yaml OS::TripleO::Network::Tenant: ../network/tenant.yaml - # Management network is optional and disabled by default - OS::TripleO::Network::Management: OS::Heat::None + # Management network is optional and disabled by default. + # To enable it, include environments/network-management.yaml + #OS::TripleO::Network::Management: ../network/management.yaml # Port assignments for the VIPs OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml @@ -19,13 +18,15 @@ resource_registry: OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml + # Port assignments for service virtual IPs for the controller role + OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/noop.yaml + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the compute role OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml @@ -33,7 +34,7 @@ resource_registry: OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/noop.yaml + #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the ceph storage role OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml @@ -41,7 +42,7 @@ resource_registry: OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml - OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/noop.yaml + #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the swift storage role OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml @@ -49,7 +50,7 @@ resource_registry: OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml - OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/noop.yaml + #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the block storage role OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml @@ -57,7 +58,5 @@ resource_registry: OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml - OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/noop.yaml + #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml - # Port assignments for service virtual IPs for the controller role - OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml diff --git a/environments/neutron-midonet.yaml b/environments/neutron-midonet.yaml index 7f50f15b..c120d0b3 100644 --- a/environments/neutron-midonet.yaml +++ b/environments/neutron-midonet.yaml @@ -4,6 +4,10 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../net-config-linux-bridge.yaml # We have to avoid any ovs bridge. MidoNet is incompatible with its datapath OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + # Override the NeutronCorePlugin to use Nuage + OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginMidonet + OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-midonet.yaml parameter_defaults: EnableZookeeperOnController: true diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml index 28056b35..e157ae35 100644 --- a/environments/neutron-nuage-config.yaml +++ b/environments/neutron-nuage-config.yaml @@ -4,8 +4,10 @@ resource_registry: OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None # Override the NeutronCorePlugin to use Nuage OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginNuage + OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-nuage.yaml parameter_defaults: NeutronNuageOSControllerIp: '0.0.0.0' diff --git a/environments/neutron-opencontrail.yaml b/environments/neutron-opencontrail.yaml index 340bac78..f2209ce2 100644 --- a/environments/neutron-opencontrail.yaml +++ b/environments/neutron-opencontrail.yaml @@ -6,13 +6,15 @@ resource_registry: OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None # Override the NeutronCorePlugin to use Nuage OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginOpencontrail + OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-opencontrail.yaml parameter_defaults: NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 NeutronServicePlugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin - NeutronEnableTunnelling: false + NeutronTunnelTypes: '' # required params: #ContrailApiServerIp: diff --git a/environments/neutron-ovs-dvr.yaml b/environments/neutron-ovs-dvr.yaml new file mode 100644 index 00000000..223c2531 --- /dev/null +++ b/environments/neutron-ovs-dvr.yaml @@ -0,0 +1,24 @@ +# A Heat environment file that enables DVR in the overcloud. +# This works by configuring L3 and Metadata agents on the +# compute nodes. +resource_registry: + OS::TripleO::Services::ComputeNeutronL3Agent: ../puppet/services/neutron-l3-compute-dvr.yaml + OS::TripleO::Services::ComputeNeutronMetadataAgent: ../puppet/services/neutron-metadata.yaml + + # With DVR enabled, the Compute nodes also need the br-ex bridge to be + # connected to a physical network. + OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml + +parameter_defaults: + + # DVR requires that the L2 population feature is enabled + NeutronMechanismDrivers: ['openvswitch', 'l2population'] + NeutronEnableL2Pop: 'True' + + # Setting NeutronEnableDVR enables distributed routing support in the + # ML2 plugin and agents that support this feature + NeutronEnableDVR: true + + # We also need to set the proper agent mode for the L3 agent. This will only + # affect the agent on the controller node. + NeutronL3AgentMode: 'dvr_snat' diff --git a/environments/neutron-plumgrid.yaml b/environments/neutron-plumgrid.yaml index 08ace103..87946211 100755 --- a/environments/neutron-plumgrid.yaml +++ b/environments/neutron-plumgrid.yaml @@ -6,8 +6,10 @@ resource_registry: OS::TripleO::Services::NeutronL3Agent: OS::Heat::None OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None # Override the Neutron core plugin to use PLUMgrid OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginPlumgrid + OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-plumgrid.yaml parameter_defaults: NeutronCorePlugin: networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2 diff --git a/environments/puppet-ceph-devel.yaml b/environments/puppet-ceph-devel.yaml index a2d1100f..9c8abbb4 100644 --- a/environments/puppet-ceph-devel.yaml +++ b/environments/puppet-ceph-devel.yaml @@ -1,6 +1,11 @@ # A Heat environment file which can be used to enable a Ceph # storage cluster using the controller and ceph nodes. # Rbd backends are enabled for Cinder, Glance, Gnocchi and Nova. +resource_registry: + OS::TripleO::Services::CephMon: ../puppet/services/ceph-mon.yaml + OS::TripleO::Services::CephOSD: ../puppet/services/ceph-osd.yaml + OS::TripleO::Services::CephClient: ../puppet/services/ceph-client.yaml + parameter_defaults: #NOTE: These ID's and keys should be regenerated for # a production deployment. What is here is suitable for @@ -8,9 +13,10 @@ parameter_defaults: CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ==' CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' + CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw==' NovaEnableRbdBackend: true CinderEnableRbdBackend: true + CinderBackupBackend: ceph GlanceBackend: rbd GnocchiBackend: rbd CinderEnableIscsiBackend: false - ControllerEnableCephStorage: true diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index 865e0b98..06e4f7aa 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -1,10 +1,13 @@ # A Heat environment file which can be used to enable the # use of an externally managed Ceph cluster. resource_registry: - OS::TripleO::CephClusterConfig::SoftwareConfig: ../puppet/extraconfig/ceph/ceph-external-config.yaml + OS::TripleO::Services::CephExternal: ../puppet/services/ceph-external.yaml + OS::TripleO::Services::CephMon: OS::Heat::None + OS::TripleO::Services::CephClient: OS::Heat::None + OS::TripleO::Services::CephOSD: OS::Heat::None parameter_defaults: - # NOTE: These example parameters are required when using Ceph External + # NOTE: These example parameters are required when using CephExternal #CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' #CephClientKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' #CephExternalMonHost: '172.16.1.7, 172.16.1.8' @@ -12,6 +15,7 @@ parameter_defaults: # the following parameters enable Ceph backends for Cinder, Glance, Gnocchi and Nova NovaEnableRbdBackend: true CinderEnableRbdBackend: true + CinderBackupBackend: ceph GlanceBackend: rbd GnocchiBackend: rbd # If the Ceph pools which host VMs, Volumes and Images do not match these @@ -25,3 +29,6 @@ parameter_defaults: # finally we disable the Cinder LVM backend CinderEnableIscsiBackend: false + + # Backward compatibility setting, will be removed in the future + CephAdminKey: '' diff --git a/environments/puppet-pacemaker-no-restart.yaml b/environments/puppet-pacemaker-no-restart.yaml new file mode 100644 index 00000000..67d8692d --- /dev/null +++ b/environments/puppet-pacemaker-no-restart.yaml @@ -0,0 +1,3 @@ +# use this file *in addition* to puppet-pacemaker.yaml +resource_registry: + OS::TripleO::Tasks::ControllerPostPuppetRestart: OS::Heat::None diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index d1df6c41..8cfbab6d 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -4,38 +4,15 @@ resource_registry: OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml OS::TripleO::Tasks::ControllerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml OS::TripleO::Tasks::ControllerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml # custom pacemaker services - # NOTE: For now we will need to specify overrides to all services - # which use pacemaker. In the future (with upcoming HA light work) this - # list will hopefully be much smaller however. - OS::TripleO::Services::CinderApi: ../puppet/services/pacemaker/cinder-api.yaml - OS::TripleO::Services::CinderScheduler: ../puppet/services/pacemaker/cinder-scheduler.yaml + # NOTE: Please before adding any pacemaker-managed services, get in touch + # with bandini, Ng or beekhof OS::TripleO::Services::CinderVolume: ../puppet/services/pacemaker/cinder-volume.yaml - OS::TripleO::Services::Keystone: ../puppet/services/pacemaker/keystone.yaml - OS::TripleO::Services::GlanceApi: ../puppet/services/pacemaker/glance-api.yaml - OS::TripleO::Services::GlanceRegistry: ../puppet/services/pacemaker/glance-registry.yaml - OS::TripleO::Services::HeatApi: ../puppet/services/pacemaker/heat-api.yaml - OS::TripleO::Services::HeatApiCfn: ../puppet/services/pacemaker/heat-api-cfn.yaml - OS::TripleO::Services::HeatApiCloudwatch: ../puppet/services/pacemaker/heat-api-cloudwatch.yaml - OS::TripleO::Services::HeatEngine: ../puppet/services/pacemaker/heat-engine.yaml - OS::TripleO::Services::NeutronDhcpAgent: ../puppet/services/pacemaker/neutron-dhcp.yaml - OS::TripleO::Services::NeutronL3Agent: ../puppet/services/pacemaker/neutron-l3.yaml - OS::TripleO::Services::NeutronMetadataAgent: ../puppet/services/pacemaker/neutron-metadata.yaml - OS::TripleO::Services::NeutronServer: ../puppet/services/pacemaker/neutron-server.yaml - OS::TripleO::Services::NeutronCorePlugin: ../puppet/services/pacemaker/neutron-plugin-ml2.yaml - # Neutron Core Plugin Vendors (these typically override NeutronCorePlugin) - OS::TripleO::Services::NeutronCorePluginPlumgrid: ../puppet/services/pacemaker/neutron-plugin-plumgrid.yaml - OS::TripleO::Services::NeutronCorePluginNuage: ../puppet/services/pacemaker/neutron-plugin-nuage.yaml - OS::TripleO::Services::NeutronCorePluginOpencontrail: ../puppet/services/pacemaker/neutron-plugin-opencontrail.yaml - OS::TripleO::Services::NeutronOvsAgent: ../puppet/services/pacemaker/neutron-ovs-agent.yaml OS::TripleO::Services::RabbitMQ: ../puppet/services/pacemaker/rabbitmq.yaml OS::TripleO::Services::HAproxy: ../puppet/services/pacemaker/haproxy.yaml - OS::TripleO::Services::Memcached: ../puppet/services/pacemaker/memcached.yaml + OS::TripleO::Services::Pacemaker: ../puppet/services/pacemaker.yaml OS::TripleO::Services::Redis: ../puppet/services/pacemaker/database/redis.yaml - OS::TripleO::Services::NovaConductor: ../puppet/services/pacemaker/nova-conductor.yaml - OS::TripleO::Services::MongoDb: ../puppet/services/pacemaker/database/mongodb.yaml - OS::TripleO::Services::NovaApi: ../puppet/services/pacemaker/nova-api.yaml - OS::TripleO::Services::NovaScheduler: ../puppet/services/pacemaker/nova-scheduler.yaml - OS::TripleO::Services::NovaConsoleauth: ../puppet/services/pacemaker/nova-consoleauth.yaml - OS::TripleO::Services::NovaVncproxy: ../puppet/services/pacemaker/nova-vncproxy.yaml + OS::TripleO::Services::MySQL: ../puppet/services/pacemaker/database/mysql.yaml + # Services that are disabled by default (use relevant environment files): diff --git a/environments/puppet-tenant-vlan.yaml b/environments/puppet-tenant-vlan.yaml index ed948bc5..45d2117a 100644 --- a/environments/puppet-tenant-vlan.yaml +++ b/environments/puppet-tenant-vlan.yaml @@ -1,4 +1,4 @@ parameter_defaults: NeutronNetworkType: vlan - NeutronEnableTunnelling: false + NeutronTunnelTypes: '' NeutronNetworkVLANRanges: datacentre:1:1000 diff --git a/environments/services/ironic.yaml b/environments/services/ironic.yaml new file mode 100644 index 00000000..8359f4a7 --- /dev/null +++ b/environments/services/ironic.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml + OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml diff --git a/environments/services/mistral.yaml b/environments/services/mistral.yaml new file mode 100644 index 00000000..4e99fa01 --- /dev/null +++ b/environments/services/mistral.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml + OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml + OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml diff --git a/environments/services/sahara.yaml b/environments/services/sahara.yaml new file mode 100644 index 00000000..82205dd1 --- /dev/null +++ b/environments/services/sahara.yaml @@ -0,0 +1,3 @@ +resource_registry: + OS::TripleO::Services::SaharaApi: ../../puppet/services/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: ../../puppet/services/sahara-engine.yaml diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index da33acfd..8cf34622 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -1,6 +1,11 @@ ## A Heat environment file which can be used to set up storage ## backends. Defaults to Ceph used as a backend for Cinder, Glance and ## Nova ephemeral storage. +resource_registry: + OS::TripleO::Services::CephMon: ../puppet/services/ceph-mon.yaml + OS::TripleO::Services::CephOSD: ../puppet/services/ceph-osd.yaml + OS::TripleO::Services::CephClient: ../puppet/services/ceph-client.yaml + parameter_defaults: #### BACKEND SELECTION #### @@ -9,6 +14,8 @@ parameter_defaults: CinderEnableIscsiBackend: false ## Whether to enable rbd (Ceph) backend for Cinder. CinderEnableRbdBackend: true + ## Cinder Backup backend can be either 'ceph' or 'swift'. + CinderBackupBackend: ceph ## Whether to enable NFS backend for Cinder. # CinderEnableNfsBackend: false ## Whether to enable rbd (Ceph) backend for Nova ephemeral storage. @@ -43,10 +50,6 @@ parameter_defaults: #### CEPH SETTINGS #### - ## Whether to deploy Ceph OSDs on the controller nodes. By default - ## OSDs are deployed on dedicated ceph-storage nodes only. - # ControllerEnableCephStorage: false - ## When deploying Ceph Nodes through the oscplugin CLI, the following ## parameters are set automatically by the CLI. When deploying via ## heat stack-create or ceph on the controller nodes only, @@ -60,3 +63,5 @@ parameter_defaults: # CephMonKey: '' ## Ceph admin key, e.g. 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ==' # CephAdminKey: '' + ## Ceph client key, e.g 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw==' + # CephClientKey: '' diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml new file mode 100644 index 00000000..7c8e850c --- /dev/null +++ b/environments/tls-endpoints-public-dns.yaml @@ -0,0 +1,52 @@ +# Use this environment when deploying an SSL-enabled overcloud where the public +# endpoint is a DNS name. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml new file mode 100644 index 00000000..80595c6c --- /dev/null +++ b/environments/tls-endpoints-public-ip.yaml @@ -0,0 +1,52 @@ +# Use this environment when deploying an SSL-enabled overcloud where the public +# endpoint is an IP address. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} + AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'} + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'} + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'} + HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'} + HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'} + ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml index a9fa2bea..a5075300 100644 --- a/environments/updates/update-from-keystone-admin-internal-api.yaml +++ b/environments/updates/update-from-keystone-admin-internal-api.yaml @@ -2,10 +2,10 @@ # Keystone Admin API service is running on the Internal API network parameter_defaults: - ServiceNetMap: + ServiceNetMapDefaults: NeutronTenantNetwork: tenant CeilometerApiNetwork: internal_api - MongoDbNetwork: internal_api + MongodbNetwork: internal_api CinderApiNetwork: internal_api CinderIscsiNetwork: storage GlanceApiNetwork: storage @@ -21,7 +21,7 @@ parameter_defaults: SwiftProxyNetwork: storage HorizonNetwork: internal_api MemcachedNetwork: internal_api - RabbitMqNetwork: internal_api + RabbitmqNetwork: internal_api RedisNetwork: internal_api MysqlNetwork: internal_api CephClusterNetwork: storage_mgmt diff --git a/environments/updates/update-from-overcloud-compute-hostnames.yaml b/environments/updates/update-from-overcloud-compute-hostnames.yaml new file mode 100644 index 00000000..f628f0de --- /dev/null +++ b/environments/updates/update-from-overcloud-compute-hostnames.yaml @@ -0,0 +1,2 @@ +parameter_defaults: + ComputeHostnameFormat: '%stackname%-compute-%index%' |