diff options
Diffstat (limited to 'environments')
55 files changed, 446 insertions, 163 deletions
diff --git a/environments/cinder-hpelefthand-config.yaml b/environments/cinder-hpelefthand-config.yaml new file mode 100644 index 00000000..90d0261e --- /dev/null +++ b/environments/cinder-hpelefthand-config.yaml @@ -0,0 +1,13 @@ +# A Heat environment file which can be used to enable a +# a Cinder HPELeftHandISCSI backend, configured via puppet +resource_registry: + OS::TripleO::Services::CinderHPELeftHandISCSI: ../puppet/services/cinder-hpelefthand-iscsi.yaml + +parameter_defaults: + CinderHPELeftHandISCSIApiUrl: '' + CinderHPELeftHandISCSIUserName: '' + CinderHPELeftHandISCSIPassword: '' + CinderHPELeftHandISCSIBackendName: 'tripleo_hpelefthand' + CinderHPELeftHandISCSIChapEnabled: false + CinderHPELeftHandClusterName: '' + CinderHPELeftHandDebug: false diff --git a/environments/cinder-netapp-config.yaml b/environments/cinder-netapp-config.yaml index 0437cc67..b9a84342 100644 --- a/environments/cinder-netapp-config.yaml +++ b/environments/cinder-netapp-config.yaml @@ -25,5 +25,5 @@ parameter_defaults: CinderNetappControllerIps: '' CinderNetappSaPassword: '' CinderNetappStoragePools: '' - CinderNetappEseriesHostType: 'linux_dm_mp' + CinderNetappHostType: '' CinderNetappWebservicePath: '/devmgr/v2' diff --git a/environments/debug.yaml b/environments/debug.yaml new file mode 100644 index 00000000..b938555c --- /dev/null +++ b/environments/debug.yaml @@ -0,0 +1,5 @@ +# A Heat environment file which can be used to enable the debug +# setting in the overcloud openstack services configuration. + +parameter_defaults: + Debug: true diff --git a/environments/deployed-server-bootstrap-environment-centos.yaml b/environments/deployed-server-bootstrap-environment-centos.yaml new file mode 100644 index 00000000..ebcdfc2b --- /dev/null +++ b/environments/deployed-server-bootstrap-environment-centos.yaml @@ -0,0 +1,7 @@ +# An environment that can be used with the deployed-server.yaml template to do +# initial bootstrapping of the deployed servers. +resource_registry: + OS::TripleO::DeployedServer::Bootstrap: ../deployed-server/deployed-server-bootstrap-centos.yaml + +parameter_defaults: + EnablePackageInstall: True diff --git a/environments/deployed-server-environment.yaml b/environments/deployed-server-environment.yaml index c63d399a..7bc1bd9b 100644 --- a/environments/deployed-server-environment.yaml +++ b/environments/deployed-server-environment.yaml @@ -1,4 +1,4 @@ resource_registry: OS::TripleO::Server: ../deployed-server/deployed-server.yaml - OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml - OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/ctlplane-port.yaml + OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port + OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None diff --git a/environments/deployed-server-noop-ctlplane.yaml b/environments/deployed-server-noop-ctlplane.yaml index cfda314d..8835d5b1 100644 --- a/environments/deployed-server-noop-ctlplane.yaml +++ b/environments/deployed-server-noop-ctlplane.yaml @@ -1,4 +1,4 @@ resource_registry: + OS::TripleO::DeployedServer::Bootstrap: OS::Heat::None OS::TripleO::Server: ../deployed-server/deployed-server.yaml - OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml - OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None + OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/deployed-neutron-port.yaml diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml deleted file mode 100644 index 87c81d0b..00000000 --- a/environments/docker-network-isolation.yaml +++ /dev/null @@ -1,4 +0,0 @@ -parameter_defaults: - NeutronOpenvswitchAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini" - NeutronOpenvswitchAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro" - NeutronOpenvswitchAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro" diff --git a/environments/docker.yaml b/environments/docker.yaml index c03d8511..4f5b36b4 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -1,20 +1,30 @@ resource_registry: # Docker container with heat agents for containerized compute node. - OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml - OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml + OS::TripleO::Compute::NodeUserData: ../docker/firstboot/install_docker_agents.yaml + OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml + OS::TripleO::Services::ComputeNeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml + OS::TripleO::Services::NovaCompute: ../docker/services/nova-compute.yaml + # NOTE (dprince) here we set new roles to be docker enabled as we add support + #OS::TripleO::ComputePostDeploySteps: ../docker/post.yaml + # NOTE (mandre) Defining per role post deploy steps doesn't work yet + # Set a global PostDeploySteps that works for both containerized and + # non-containerized roles + OS::TripleO::PostDeploySteps: ../docker/post.yaml + OS::TripleO::Services: ../docker/services/services.yaml parameter_defaults: - NovaImage: atomic-image # Defaults to 'tripleoupstream'. Specify a local docker registry # Example: 192.0.2.1:8787/tripleoupstream DockerNamespace: tripleoupstream # Enable local Docker registry DockerNamespaceIsRegistry: false - # Compute Node Images - DockerComputeImage: centos-binary-nova-compute:latest - DockerAgentImage: heat-docker-agents:latest - DockerComputeDataImage: centos-binary-data:latest - DockerLibvirtImage: centos-binary-nova-libvirt:latest - DockerOpenvswitchImage: centos-binary-neutron-openvswitch-agent:latest - DockerOvsVswitchdImage: centos-binary-openvswitch-vswitchd:latest - DockerOpenvswitchDBImage: centos-binary-openvswitch-db-server:latest + DockerAgentImage: heat-docker-agents:newton + # Docker containers + DockerNovaComputeImage: centos-binary-nova-compute:newton + DockerLibvirtImage: centos-binary-nova-libvirt:newton + DockerOpenvswitchImage: centos-binary-neutron-openvswitch-agent:newton + + ComputeServices: + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::NovaLibvirt + - OS::TripleO::Services::ComputeNeutronOvsAgent diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml new file mode 100644 index 00000000..6e912faa --- /dev/null +++ b/environments/enable-internal-tls.yaml @@ -0,0 +1,8 @@ +# A Heat environment file which can be used to enable a +# a TLS for in the internal network via certmonger +parameter_defaults: + EnableInternalTLS: true +resource_registry: + OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml + OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml + OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml diff --git a/environments/enable-swap-partition.yaml b/environments/enable-swap-partition.yaml new file mode 100644 index 00000000..71b70ec9 --- /dev/null +++ b/environments/enable-swap-partition.yaml @@ -0,0 +1,3 @@ +# Use this environment to create a swap partition in all Overcloud nodes +resource_registry: + OS::TripleO::AllNodesExtraConfig: ../extraconfig/all_nodes/swap-partition.yaml diff --git a/environments/enable-swap.yaml b/environments/enable-swap.yaml new file mode 100644 index 00000000..9ba08642 --- /dev/null +++ b/environments/enable-swap.yaml @@ -0,0 +1,3 @@ +# Use this environment to create a swap file in all Overcloud nodes +resource_registry: + OS::TripleO::AllNodesExtraConfig: ../extraconfig/all_nodes/swap.yaml diff --git a/environments/external-loadbalancer-vip-v6.yaml b/environments/external-loadbalancer-vip-v6.yaml index 5a2ef505..fbd1fb98 100644 --- a/environments/external-loadbalancer-vip-v6.yaml +++ b/environments/external-loadbalancer-vip-v6.yaml @@ -1,29 +1,24 @@ resource_registry: - OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external_v6.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service_v6.yaml OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml # OVS doesn't support IPv6 endpoints for tunneling yet, so this remains IPv4 for now. OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + # Management network is optional and disabled by default + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool_v6.yaml parameter_defaults: # When using an external loadbalancer set the following in parameter_defaults # to control your VIPs (currently one per network) # NOTE: we will eventually move to one VIP per service # - ControlPlaneIP: 192.0.2.251 - ExternalNetworkVip: 2001:db8:fd00:1000:0000:0000:0000:0005 - InternalApiNetworkVip: fd00:fd00:fd00:2000:0000:0000:0000:0005 - StorageNetworkVip: fd00:fd00:fd00:3000:0000:0000:0000:0005 - StorageMgmtNetworkVip: fd00:fd00:fd00:4000:0000:0000:0000:0005 - ServiceVips: - redis: fd00:fd00:fd00:2000:0000:0000:0000:0006 + ControlFixedIPs: [{'ip_address':'192.0.2.251'}] + PublicVirtualFixedIPs: [{'ip_address':'2001:db8:fd00:1000:0000:0000:0000:0005'}] + InternalApiVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0005'}] + StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:0005'}] + StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}] + RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}] ControllerIPs: external: - 2001:db8:fd00:1000:0000:0000:0000:0007 diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml index 8656ba1a..1759c04c 100644 --- a/environments/external-loadbalancer-vip.yaml +++ b/environments/external-loadbalancer-vip.yaml @@ -1,10 +1,4 @@ resource_registry: - OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml @@ -18,13 +12,12 @@ parameter_defaults: # to control your VIPs (currently one per network) # NOTE: we will eventually move to one VIP per service # - ControlPlaneIP: 192.0.2.251 - ExternalNetworkVip: 10.0.0.251 - InternalApiNetworkVip: 172.16.2.251 - StorageNetworkVip: 172.16.1.251 - StorageMgmtNetworkVip: 172.16.3.251 - ServiceVips: - redis: 172.16.2.252 + ControlFixedIPs: [{'ip_address':'192.0.2.251'}] + PublicVirtualFixedIPs: [{'ip_address':'10.0.0.251'}] + InternalApiVirtualFixedIPs: [{'ip_address':'172.16.2.251'}] + StorageVirtualFixedIPs: [{'ip_address':'172.16.1.251'}] + StorageMgmtVirtualFixedIPs: [{'ip_address':'172.16.3.251'}] + RedisVirtualFixedIPs: [{'ip_address':'172.16.2.252'}] ControllerIPs: external: - 10.0.0.253 diff --git a/environments/host-config-pre-network.j2.yaml b/environments/host-config-pre-network.j2.yaml new file mode 100644 index 00000000..fe1302b5 --- /dev/null +++ b/environments/host-config-pre-network.j2.yaml @@ -0,0 +1,16 @@ +resource_registry: +# Create the registry only for roles with the word "Compute" in it. Like ComputeOvsDpdk, ComputeSriov, etc., +{% for role in roles %} +{% if "Compute" in role.name %} + OS::TripleO::{{role.name}}::PreNetworkConfig: ../extraconfig/pre_network/{{role.name.lower()}}-host_config_and_reboot.yaml +{% endif %} +{% endfor %} + +parameter_defaults: + # Sample parameters for Compute and ComputeOvsDpdk roles + #ComputeKernelArgs: "" + #ComputeTunedProfileName: "" + #ComputeHostCpuList: "" + #ComputeOvsDpdkKernelArgs: "" + #ComputeOvsDpdkTunedProfileName: "" + #ComputeOvsDpdkHostCpuList: "" diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml index 87ebb1d7..77fa5a49 100644 --- a/environments/hyperconverged-ceph.yaml +++ b/environments/hyperconverged-ceph.yaml @@ -1,12 +1,28 @@ -# If using an isolated StorageMgmt network, this will have to be uncommented to -# plug the network on the compute nodes as well. -#resource_registry: -# OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml +# If not using an isolated StorageMgmt network, the following regitry mapping +# should be commented. +resource_registry: + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml -# Should match the default list of services for the compute node plus CephOSD parameter_defaults: ComputeServices: + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephClient + - OS::TripleO::Services::CephExternal + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::NovaLibvirt + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::ComputeNeutronCorePlugin + - OS::TripleO::Services::ComputeNeutronOvsAgent + - OS::TripleO::Services::ComputeCeilometerAgent + - OS::TripleO::Services::ComputeNeutronL3Agent + - OS::TripleO::Services::ComputeNeutronMetadataAgent + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::NeutronSriovAgent + - OS::TripleO::Services::OpenDaylightOvs + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::FluentdClient - OS::TripleO::Services::CephOSD - -parameter_merge_strategies: - ComputeServices: merge
\ No newline at end of file diff --git a/environments/logging-environment.yaml b/environments/logging-environment.yaml index eefa7026..c583ca79 100644 --- a/environments/logging-environment.yaml +++ b/environments/logging-environment.yaml @@ -4,7 +4,7 @@ resource_registry: OS::TripleO::Services::FluentdClient: ../puppet/services/logging/fluentd-client.yaml -parameter_defaults: +#parameter_defaults: ## Simple configuration # diff --git a/environments/low-memory-usage.yaml b/environments/low-memory-usage.yaml index 2e496f89..47b2003d 100644 --- a/environments/low-memory-usage.yaml +++ b/environments/low-memory-usage.yaml @@ -9,6 +9,10 @@ parameter_defaults: NovaWorkers: 1 SaharaWorkers: 1 SwiftWorkers: 1 + GnocchiMetricdWorkers: 1 ApacheMaxRequestWorkers: 32 ApacheServerLimit: 32 + + ControllerExtraConfig: + 'nova::network::neutron::neutron_url_timeout': '60' diff --git a/environments/major-upgrade-all-in-one.yaml b/environments/major-upgrade-all-in-one.yaml new file mode 100644 index 00000000..69d72edd --- /dev/null +++ b/environments/major-upgrade-all-in-one.yaml @@ -0,0 +1,8 @@ +# We run the upgrade steps without disabling the OS::TripleO::PostDeploySteps +# this means you can do a major upgrade in one pass, which may be useful +# e.g for all-in-one deployments where we can upgrade the compute services +# at the same time as the controlplane +# Note that it will be necessary to pass a mapping of OS::Heat::None again for +# any subsequent updates, or the upgrade steps will run again. +resource_registry: + OS::TripleO::UpgradeSteps: ../puppet/major_upgrade_steps.yaml diff --git a/environments/major-upgrade-ceilometer-wsgi-mitaka-newton.yaml b/environments/major-upgrade-ceilometer-wsgi-mitaka-newton.yaml new file mode 100644 index 00000000..6798c255 --- /dev/null +++ b/environments/major-upgrade-ceilometer-wsgi-mitaka-newton.yaml @@ -0,0 +1,7 @@ +resource_registry: + + # This initiates the upgrades for ceilometer api to run under apache wsgi + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_ceilometer_wsgi_mitaka_newton.yaml + + # no-op the rest + OS::TripleO::PostDeploySteps: OS::Heat::None diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml new file mode 100644 index 00000000..7e10014b --- /dev/null +++ b/environments/major-upgrade-composable-steps.yaml @@ -0,0 +1,3 @@ +resource_registry: + OS::TripleO::UpgradeSteps: ../puppet/major_upgrade_steps.yaml + OS::TripleO::PostDeploySteps: OS::Heat::None diff --git a/environments/major-upgrade-pacemaker-converge.yaml b/environments/major-upgrade-pacemaker-converge.yaml index f023cb32..e9a5f9be 100644 --- a/environments/major-upgrade-pacemaker-converge.yaml +++ b/environments/major-upgrade-pacemaker-converge.yaml @@ -1,2 +1,6 @@ parameter_defaults: UpgradeLevelNovaCompute: '' + +resource_registry: + OS::TripleO::Services::SaharaApi: ../puppet/services/sahara-api.yaml + OS::TripleO::Services::SaharaEngine: ../puppet/services/sahara-engine.yaml diff --git a/environments/major-upgrade-remove-sahara.yaml b/environments/major-upgrade-remove-sahara.yaml new file mode 100644 index 00000000..e0aaf130 --- /dev/null +++ b/environments/major-upgrade-remove-sahara.yaml @@ -0,0 +1,6 @@ +parameter_defaults: + KeepSaharaServicesOnUpgrade: false +resource_registry: + OS::TripleO::Services::SaharaApi: OS::Heat::None + OS::TripleO::Services::SaharaEngine: OS::Heat::None + diff --git a/environments/manage-firewall.yaml b/environments/manage-firewall.yaml deleted file mode 100644 index 5d48698e..00000000 --- a/environments/manage-firewall.yaml +++ /dev/null @@ -1,2 +0,0 @@ -parameter_defaults: - ManageFirewall: true diff --git a/environments/manila-cephfsnative-config.yaml b/environments/manila-cephfsnative-config.yaml new file mode 100644 index 00000000..5632d8d6 --- /dev/null +++ b/environments/manila-cephfsnative-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Manila CephFS Native driver backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendCephFs: ../puppet/services/manila-backend-cephfs.yaml + + +parameter_defaults: + ManilaCephFSNativeBackendName: cephfsnative + ManilaCephFSNativeDriverHandlesShareServers: false + ManilaCephFSNativeCephFSConfPath: '/etc/ceph/ceph.conf' + ManilaCephFSNativeCephFSAuthId: 'manila' + ManilaCephFSNativeCephFSClusterName: 'ceph' + ManilaCephFSNativeCephFSEnableSnapshots: true diff --git a/environments/manila-generic-config.yaml b/environments/manila-generic-config.yaml index a847a02b..65884a94 100644 --- a/environments/manila-generic-config.yaml +++ b/environments/manila-generic-config.yaml @@ -1,17 +1,16 @@ # This environment file enables Manila with the Generic backend. resource_registry: - OS::Tripleo::Services::ManilaApi: ../puppet/services/manila-api.yaml - OS::Tripleo::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + OS::TripleO::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml # Only manila-share is pacemaker managed: - OS::Tripleo::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml - OS::Tripleo::Services::ManilaBackendGeneric: ../puppet/services/manila-backend-generic.yaml + OS::TripleO::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendGeneric: ../puppet/services/manila-backend-generic.yaml parameter_defaults: ManilaServiceInstanceUser: '' ManilaServiceInstancePassword: '' ManilaServiceInstanceFlavorId: 2 ManilaServiceNetworkCidr: '172.16.0.0/16' - ManilaGenericEnableBackend: true ManilaGenericBackendName: tripleo_generic ManilaGenericDriverHandlesShareServers: true ManilaGenericSmbTemplateConfigPath: '$state_path/smb.conf' diff --git a/environments/manila-netapp-config.yaml b/environments/manila-netapp-config.yaml index 98de6adf..7eb14941 100644 --- a/environments/manila-netapp-config.yaml +++ b/environments/manila-netapp-config.yaml @@ -1,13 +1,12 @@ # This environment file enables Manila with the Netapp backend. resource_registry: - OS::Tripleo::Services::ManilaApi: ../puppet/services/manila-api.yaml - OS::Tripleo::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + OS::TripleO::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml # Only manila-share is pacemaker managed: - OS::Tripleo::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml - OS::Tripleo::Services::ManilaBackendNetapp: ../puppet/services/manila-backend-netapp.yaml + OS::TripleO::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendNetapp: ../puppet/services/manila-backend-netapp.yaml parameter_defaults: - ManilaNetappEnableBackend: true ManilaNetappBackendName: tripleo_netapp ManilaNetappDriverHandlesShareServers: true ManilaNetappLogin: '' diff --git a/environments/monitoring-environment.yaml b/environments/monitoring-environment.yaml index a8ad2084..f4aa67a9 100644 --- a/environments/monitoring-environment.yaml +++ b/environments/monitoring-environment.yaml @@ -1,30 +1,16 @@ -## A Heat environment file which can be used to set up monitoring -## and logging agents +## A Heat environment file which can be used to set up monitoring agents resource_registry: OS::TripleO::Services::SensuClient: ../puppet/services/monitoring/sensu-client.yaml -parameter_defaults: - #### Sensu settings #### - ##MonitoringRabbitHost: 10.10.10.10 - ##MonitoringRabbitPort: 5672 - ##MonitoringRabbitUserName: sensu - ##MonitoringRabbitPassword: sensu - ##MonitoringRabbitUseSSL: false - ##MonitoringRabbitVhost: "/sensu" - ##SensuClientCustomConfig: - ## - api: - ## - warning: 10 - ## critical: 20 - ## openstack: - ## - username: admin - ## password: changeme - ## project_name: admin - ## auth_url: http://controller:5000/v2.0 - ## region_name: RegionOne - - #### EFK settings #### - ## TBD - - #### Grafana/Graphite settings #### - ## TBD +#parameter_defaults: +# MonitoringRabbitHost: 10.10.10.10 +# MonitoringRabbitPort: 5672 +# MonitoringRabbitUserName: sensu +# MonitoringRabbitPassword: sensu +# MonitoringRabbitUseSSL: false +# MonitoringRabbitVhost: "/sensu" +# SensuClientCustomConfig: +# api: +# warning: 10 +# critical: 20 diff --git a/environments/network-environment.yaml b/environments/network-environment.yaml index d0fc9ec6..796eb806 100644 --- a/environments/network-environment.yaml +++ b/environments/network-environment.yaml @@ -43,14 +43,19 @@ parameter_defaults: ExternalInterfaceDefaultRoute: 10.0.0.1 # Uncomment if using the Management Network (see network-management.yaml) # ManagementNetCidr: 10.0.1.0/24 - # ManagementAllocationPools: [{'start': '10.0.1.10', 'end', '10.0.1.50'}] + # ManagementAllocationPools: [{'start': '10.0.1.10', 'end': '10.0.1.50'}] # Use either this parameter or ControlPlaneDefaultRoute in the NIC templates # ManagementInterfaceDefaultRoute: 10.0.1.1 # Define the DNS servers (maximum 2) for the overcloud nodes DnsServers: ["8.8.8.8","8.8.4.4"] # Set to empty string to enable multiple external networks or VLANs NeutronExternalNetworkBridge: "''" + # List of Neutron network types for tenant networks (will be used in order) + NeutronNetworkType: 'vxlan,vlan' # The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling. NeutronTunnelTypes: 'vxlan' + # Neutron VLAN ranges per network, for example 'datacentre:1:499,tenant:500:1000': + NeutronNetworkVLANRanges: 'datacentre:1:1000' # Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100" + # for Linux bonds w/LACP, or "bond_mode=active-backup" for OVS active/backup. BondInterfaceOvsOptions: "bond_mode=active-backup" diff --git a/environments/network-isolation-no-tunneling.yaml b/environments/network-isolation-no-tunneling.yaml index 5d2a915b..ff1d7887 100644 --- a/environments/network-isolation-no-tunneling.yaml +++ b/environments/network-isolation-no-tunneling.yaml @@ -8,30 +8,54 @@ resource_registry: OS::TripleO::Network::InternalApi: ../network/internal_api.yaml OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml OS::TripleO::Network::Storage: ../network/storage.yaml + OS::TripleO::Network::Tenant: ../network/noop.yaml + # Management network is optional and disabled by default. + # To enable it, include environments/network-management.yaml + #OS::TripleO::Network::Management: ../network/management.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the compute role + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - - # Port assignments for service virtual IPs for the controller role - OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index 737d7d36..a6b4b8ae 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -18,8 +18,6 @@ resource_registry: OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml - # Port assignments for service virtual IPs for the controller role - OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml @@ -59,4 +57,3 @@ resource_registry: OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml - diff --git a/environments/neutron-ml2-fujitsu-cfab.yaml b/environments/neutron-ml2-fujitsu-cfab.yaml new file mode 100644 index 00000000..f14f7ee2 --- /dev/null +++ b/environments/neutron-ml2-fujitsu-cfab.yaml @@ -0,0 +1,21 @@ +# A Heat environment file which can be used to enable Fujitsu C-Fabric +# plugin, configured via puppet +resource_registry: + OS::TripleO::Services::NeutronML2FujitsuCfab: ../puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml + +parameter_defaults: + # Fixed + NeutronMechanismDrivers: ['openvswitch','fujitsu_cfab'] + NeutronTypeDrivers: 'vlan' + NeutronNetworkType: 'vlan' + + # Required + NeutronFujitsuCfabAddress: '192.168.0.1' + NeutronFujitsuCfabUserName: 'admin' + NeutronFujitsuCfabPassword: + + # Optional + #NeutronFujitsuCfabPhysicalNetworks: + #NeutronFujitsuCfabSharePprofile: + #NeutronFujitsuCfabPprofilePrefix: + #NeutronFujitsuCfabSaveConfig: diff --git a/environments/neutron-ml2-ovn.yaml b/environments/neutron-ml2-ovn.yaml index 821ad0c2..3da560c8 100644 --- a/environments/neutron-ml2-ovn.yaml +++ b/environments/neutron-ml2-ovn.yaml @@ -5,10 +5,13 @@ resource_registry: OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml +# Disabling Neutron services that overlap with OVN + OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml parameter_defaults: NeutronMechanismDrivers: ovn - OVNDbHost: '0.0.0.0' OVNSouthboundServerPort: 6642 OVNNorthboundServerPort: 6641 OVNDbConnectionTimeout: 60 @@ -16,3 +19,4 @@ parameter_defaults: OVNNeutronSyncMode: log OVNQosDriver: ovn-qos OVNTunnelEncapType: geneve + NeutronEnableDHCPAgent: false diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml index e157ae35..74899246 100644 --- a/environments/neutron-nuage-config.yaml +++ b/environments/neutron-nuage-config.yaml @@ -19,7 +19,7 @@ parameter_defaults: NeutronNuageBaseURIVersion: 'default_uri_version' NeutronNuageCMSId: '' UseForwardedFor: true - NeutronCorePlugin: 'neutron.plugins.nuage.plugin.NuagePlugin' + NeutronCorePlugin: 'nuage_neutron.plugins.nuage.plugin.NuagePlugin' NeutronEnableDHCPAgent: false NeutronServicePlugins: [] NovaOVSBridge: 'alubr0' diff --git a/environments/neutron-opendaylight-l3.yaml b/environments/neutron-opendaylight-l3.yaml index d61270b2..6d5c7404 100644 --- a/environments/neutron-opendaylight-l3.yaml +++ b/environments/neutron-opendaylight-l3.yaml @@ -2,13 +2,13 @@ resource_registry: OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None - OS::TripleO::Services::OpenDaylight: puppet/services/opendaylight-api.yaml - OS::TripleO::Services::OpenDaylightOvs: puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None + OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml OS::TripleO::Services::NeutronL3Agent: OS::Heat::None parameter_defaults: - EnableOpenDaylightOnController: true NeutronEnableForceMetadata: true - NeutronMechanismDrivers: 'opendaylight' - NeutronServicePlugins: "networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin" + NeutronMechanismDrivers: 'opendaylight_v2' + NeutronServicePlugins: 'odl-router_v2' OpenDaylightEnableL3: "'yes'" diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml index 8fa2e542..e08b2b27 100644 --- a/environments/neutron-opendaylight.yaml +++ b/environments/neutron-opendaylight.yaml @@ -1,11 +1,13 @@ -# A Heat environment that can be used to deploy OpenDaylight +# A Heat environment that can be used to deploy OpenDaylight with L3 DVR resource_registry: OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None - OS::TripleO::Services::OpenDaylight: puppet/services/opendaylight-api.yaml - OS::TripleO::Services::OpenDaylightOvs: puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None + OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml + OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None parameter_defaults: - EnableOpenDaylightOnController: true NeutronEnableForceMetadata: true - NeutronMechanismDrivers: 'opendaylight' + NeutronMechanismDrivers: 'opendaylight_v2' + NeutronServicePlugins: 'odl-router_v2' diff --git a/environments/neutron-ovs-dvr.yaml b/environments/neutron-ovs-dvr.yaml index b658d3a5..973cbe16 100644 --- a/environments/neutron-ovs-dvr.yaml +++ b/environments/neutron-ovs-dvr.yaml @@ -30,10 +30,15 @@ parameter_defaults: # affect the agent on the controller node. NeutronL3AgentMode: 'dvr_snat' - # L3 HA isn't supported for DVR enabled routers. If upgrading from a system - # where L3 HA is enabled and has neutron routers configured, it is - # recommended setting this value to true until such time all routers can be - # migrated to DVR routers. Once migration of the routers is complete, - # NeutronL3HA can be returned to false. All new systems should be deployed - # with NeutronL3HA set to false. - NeutronL3HA: false + # Enabling DVR deploys additional services to the compute nodes that through + # normal operation will consume memory. The amount required is roughly + # proportional to the number of Neutron routers that will be scheduled to + # that host. It is necessary to reserve memory on the compute nodes to avoid + # memory issues when creating instances that are connected to routed + # networks. The current expected consumption is 50 MB per router in addition + # to the base reserved amount. Deployers should refer to existing + # documentation, release notes, etc. for additional information on estimating + # an appropriate value. The provided value here is based on an estimate of 10 + # routers and is an example value *only* and should be reviewed and modified + # if necessary before deploying. + NovaReservedHostMemory: 2560 diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml index 06e4f7aa..5f8b02ad 100644 --- a/environments/puppet-ceph-external.yaml +++ b/environments/puppet-ceph-external.yaml @@ -30,5 +30,8 @@ parameter_defaults: # finally we disable the Cinder LVM backend CinderEnableIscsiBackend: false + # Uncomment if connecting to a pre-Jewel or RHCS1.3 Ceph Cluster + # RbdDefaultFeatures: 1 + # Backward compatibility setting, will be removed in the future CephAdminKey: '' diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index 8cfbab6d..0b71dbd9 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -1,7 +1,6 @@ # An environment which enables configuration of an # Overcloud controller with Pacemaker. resource_registry: - OS::TripleO::ControllerConfig: ../puppet/controller-config-pacemaker.yaml OS::TripleO::Tasks::ControllerPrePuppet: ../extraconfig/tasks/pre_puppet_pacemaker.yaml OS::TripleO::Tasks::ControllerPostPuppet: ../extraconfig/tasks/post_puppet_pacemaker.yaml OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml @@ -16,3 +15,6 @@ resource_registry: OS::TripleO::Services::Redis: ../puppet/services/pacemaker/database/redis.yaml OS::TripleO::Services::MySQL: ../puppet/services/pacemaker/database/mysql.yaml # Services that are disabled by default (use relevant environment files): + + # Services that are disabled for HA deployments with pacemaker + OS::TripleO::Services::Keepalived: OS::Heat::None diff --git a/environments/services/barbican.yaml b/environments/services/barbican.yaml new file mode 100644 index 00000000..1735646a --- /dev/null +++ b/environments/services/barbican.yaml @@ -0,0 +1,4 @@ +# A Heat environment file which can be used to enable +# Barbican with the default secret store backend. +resource_registry: + OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml diff --git a/environments/services/ceph-mds.yaml b/environments/services/ceph-mds.yaml new file mode 100644 index 00000000..2b51374c --- /dev/null +++ b/environments/services/ceph-mds.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::CephMds: ../../puppet/services/ceph-mds.yaml
\ No newline at end of file diff --git a/environments/services/disable-ceilometer-api.yaml b/environments/services/disable-ceilometer-api.yaml new file mode 100644 index 00000000..94cd8d5d --- /dev/null +++ b/environments/services/disable-ceilometer-api.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::CeilometerApi: OS::Heat::None diff --git a/environments/services/etcd.yaml b/environments/services/etcd.yaml new file mode 100644 index 00000000..08d54d58 --- /dev/null +++ b/environments/services/etcd.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::Etcd: ../../puppet/services/etcd.yaml diff --git a/environments/services/haproxy-internal-tls-certmonger.yaml b/environments/services/haproxy-internal-tls-certmonger.yaml new file mode 100644 index 00000000..074fec4d --- /dev/null +++ b/environments/services/haproxy-internal-tls-certmonger.yaml @@ -0,0 +1,4 @@ +# A Heat environment file which can be used to enable a +# a TLS for HAProxy via certmonger +resource_registry: + OS::TripleO::Services::HAProxyInternalTLS: ../../puppet/services/haproxy-internal-tls-certmonger.yaml diff --git a/environments/services/haproxy-public-tls-certmonger.yaml b/environments/services/haproxy-public-tls-certmonger.yaml new file mode 100644 index 00000000..d3ad3ad4 --- /dev/null +++ b/environments/services/haproxy-public-tls-certmonger.yaml @@ -0,0 +1,4 @@ +# A Heat environment file which can be used to enable a +# a TLS for HAProxy via certmonger +resource_registry: + OS::TripleO::Services::HAProxyPublicTLS: ../../puppet/services/haproxy-public-tls-certmonger.yaml diff --git a/environments/services/panko.yaml b/environments/services/panko.yaml new file mode 100644 index 00000000..28bf99f6 --- /dev/null +++ b/environments/services/panko.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml diff --git a/environments/services/zaqar.yaml b/environments/services/zaqar.yaml new file mode 100644 index 00000000..ee137925 --- /dev/null +++ b/environments/services/zaqar.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 8cf34622..8e02c300 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -34,18 +34,18 @@ parameter_defaults: # CinderNfsServers: '' - #### GLANCE FILE BACKEND PACEMAKER SETTINGS (used for mounting NFS) #### + #### GLANCE NFS SETTINGS #### - ## Whether to make Glance 'file' backend a mount managed by Pacemaker - # GlanceFilePcmkManage: false - ## File system type of the mount - # GlanceFilePcmkFstype: nfs - ## Pacemaker mount point, e.g. '192.168.122.1:/export/glance' for NFS - ## (If using IPv6, use both double- and single-quotes, - ## e.g. "'[fdd0::1]:/export/glance'") - # GlanceFilePcmkDevice: '' - ## Options for the mount managed by Pacemaker - # GlanceFilePcmkOptions: '' + ## Make sure to set `GlanceBackend: file` when enabling NFS + ## + ## Whether to make Glance 'file' backend a NFS mount + # GlanceNfsEnabled: false + ## NFS share for image storage, e.g. '192.168.122.1:/export/glance' + ## (If using IPv6, use both double- and single-quotes, + ## e.g. "'[fdd0::1]:/export/glance'") + # GlanceNfsShare: '' + ## Mount options for the NFS image storage mount point + # GlanceNfsOptions: 'intr,context=system_u:object_r:glance_var_lib_t:s0' #### CEPH SETTINGS #### diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml index 0a0996d3..74c9f61d 100644 --- a/environments/tls-endpoints-public-dns.yaml +++ b/environments/tls-endpoints-public-dns.yaml @@ -5,6 +5,9 @@ parameter_defaults: AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} + BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} + BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} + BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'} CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} @@ -17,7 +20,6 @@ parameter_defaults: GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} @@ -37,6 +39,9 @@ parameter_defaults: ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} + MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} + MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} + MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'} MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} @@ -44,12 +49,24 @@ parameter_defaults: NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} + NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} + NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'} NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'} + PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'} + PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'} SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} + ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} + ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} + ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'} + ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} + ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} + ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'} diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml index 5a2b8839..17ff2feb 100644 --- a/environments/tls-endpoints-public-ip.yaml +++ b/environments/tls-endpoints-public-ip.yaml @@ -5,6 +5,9 @@ parameter_defaults: AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'} + BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} + BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} + BarbicanPublic: {protocol: 'https', port: '13311', host: 'IP_ADDRESS'} CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'} @@ -17,7 +20,6 @@ parameter_defaults: GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'} - GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'} @@ -37,6 +39,9 @@ parameter_defaults: ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} + MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} + MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} + MistralPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'} MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} @@ -44,12 +49,24 @@ parameter_defaults: NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} + NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} + NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} + NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'} NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} + PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'} + PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'} + PankoPublic: {protocol: 'https', port: '13779', host: 'IP_ADDRESS'} SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} + ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} + ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} + ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'} + ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} + ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} + ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'IP_ADDRESS'} diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml new file mode 100644 index 00000000..0aa2be08 --- /dev/null +++ b/environments/tls-everywhere-endpoints-dns.yaml @@ -0,0 +1,72 @@ +# Use this environment when deploying an overcloud where all the endpoints are +# DNS names and there's TLS in all endpoint types. +parameter_defaults: + EndpointMap: + AodhAdmin: {protocol: 'https', port: '8042', host: 'CLOUDNAME'} + AodhInternal: {protocol: 'https', port: '8042', host: 'CLOUDNAME'} + AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} + BarbicanAdmin: {protocol: 'https', port: '9311', host: 'CLOUDNAME'} + BarbicanInternal: {protocol: 'https', port: '9311', host: 'CLOUDNAME'} + BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'} + CeilometerAdmin: {protocol: 'https', port: '8777', host: 'CLOUDNAME'} + CeilometerInternal: {protocol: 'https', port: '8777', host: 'CLOUDNAME'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CephRgwAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'} + CephRgwInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'} + CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'https', port: '8776', host: 'CLOUDNAME'} + CinderInternal: {protocol: 'https', port: '8776', host: 'CLOUDNAME'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'https', port: '9292', host: 'CLOUDNAME'} + GlanceInternal: {protocol: 'https', port: '9292', host: 'CLOUDNAME'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GnocchiAdmin: {protocol: 'https', port: '8041', host: 'CLOUDNAME'} + GnocchiInternal: {protocol: 'https', port: '8041', host: 'CLOUDNAME'} + GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} + HeatAdmin: {protocol: 'https', port: '8004', host: 'CLOUDNAME'} + HeatInternal: {protocol: 'https', port: '8004', host: 'CLOUDNAME'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HeatCfnAdmin: {protocol: 'https', port: '8000', host: 'CLOUDNAME'} + HeatCfnInternal: {protocol: 'https', port: '8000', host: 'CLOUDNAME'} + HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + IronicAdmin: {protocol: 'https', port: '6385', host: 'CLOUDNAME'} + IronicInternal: {protocol: 'https', port: '6385', host: 'CLOUDNAME'} + IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'https', port: '35357', host: 'CLOUDNAME'} + KeystoneInternal: {protocol: 'https', port: '5000', host: 'CLOUDNAME'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + ManilaAdmin: {protocol: 'https', port: '8786', host: 'CLOUDNAME'} + ManilaInternal: {protocol: 'https', port: '8786', host: 'CLOUDNAME'} + ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} + MistralAdmin: {protocol: 'https', port: '8989', host: 'CLOUDNAME'} + MistralInternal: {protocol: 'https', port: '8989', host: 'CLOUDNAME'} + MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'} + MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'CLOUDNAME'} + NeutronAdmin: {protocol: 'https', port: '9696', host: 'CLOUDNAME'} + NeutronInternal: {protocol: 'https', port: '9696', host: 'CLOUDNAME'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'} + NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'} + NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'} + NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'} + NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'} + NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + PankoAdmin: {protocol: 'https', port: '8779', host: 'CLOUDNAME'} + PankoInternal: {protocol: 'https', port: '8779', host: 'CLOUDNAME'} + PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'} + SaharaAdmin: {protocol: 'https', port: '8386', host: 'CLOUDNAME'} + SaharaInternal: {protocol: 'https', port: '8386', host: 'CLOUDNAME'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'} + SwiftInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} + ZaqarAdmin: {protocol: 'https', port: '8888', host: 'CLOUDNAME'} + ZaqarInternal: {protocol: 'https', port: '8888', host: 'CLOUDNAME'} + ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'} + ZaqarWebSocketAdmin: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'} + ZaqarWebSocketInternal: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'} + ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'} diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml new file mode 100644 index 00000000..0fd01920 --- /dev/null +++ b/environments/undercloud.yaml @@ -0,0 +1,18 @@ +resource_registry: + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml + OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml + OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml + +parameter_defaults: + StackAction: CREATE + SoftwareConfigTransport: POLL_SERVER_HEAT + NeutronTunnelTypes: [] + NeutronBridgeMappings: ctlplane:br-ctlplane + NeutronAgentExtensions: [] + NeutronFlatNetworks: '*' + NovaSchedulerAvailableFilters: 'tripleo_common.filters.list.tripleo_filters' + NovaSchedulerDefaultFilters: ['RetryFilter', 'TripleOCapabilitiesFilter', 'ComputeCapabilitiesFilter', 'AvailabilityZoneFilter', 'RamFilter', 'DiskFilter', 'ComputeFilter', 'ImagePropertiesFilter', 'ServerGroupAntiAffinityFilter', 'ServerGroupAffinityFilter'] + NeutronDhcpAgentsPerNetwork: 2 + HeatConvergenceEngine: false + HeatMaxResourcesPerStack: -1 diff --git a/environments/updates/README.md b/environments/updates/README.md index 426d7329..93714ed8 100644 --- a/environments/updates/README.md +++ b/environments/updates/README.md @@ -10,3 +10,6 @@ Contents **update-from-publicvip-on-ctlplane.yaml** To be used if the PublicVirtualIP resource was deployed as an additional VIP on the 'ctlplane'. + +**update-from-deloyed-server-newton.yaml** + To be used when updating from the deployed-server template from Newton. diff --git a/environments/updates/update-from-deployed-server-newton.yaml b/environments/updates/update-from-deployed-server-newton.yaml new file mode 100644 index 00000000..6fe3a4cb --- /dev/null +++ b/environments/updates/update-from-deployed-server-newton.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::DeployedServer::ControlPlanePort: ../../deployed-server/ctlplane-port.yaml diff --git a/environments/updates/update-from-keystone-admin-internal-api.yaml b/environments/updates/update-from-keystone-admin-internal-api.yaml index a5075300..97687c6a 100644 --- a/environments/updates/update-from-keystone-admin-internal-api.yaml +++ b/environments/updates/update-from-keystone-admin-internal-api.yaml @@ -2,32 +2,5 @@ # Keystone Admin API service is running on the Internal API network parameter_defaults: - ServiceNetMapDefaults: - NeutronTenantNetwork: tenant - CeilometerApiNetwork: internal_api - MongodbNetwork: internal_api - CinderApiNetwork: internal_api - CinderIscsiNetwork: storage - GlanceApiNetwork: storage - GlanceRegistryNetwork: internal_api + ServiceNetMap: KeystoneAdminApiNetwork: internal_api - KeystonePublicApiNetwork: internal_api - NeutronApiNetwork: internal_api - HeatApiNetwork: internal_api - NovaApiNetwork: internal_api - NovaMetadataNetwork: internal_api - NovaVncProxyNetwork: internal_api - SwiftMgmtNetwork: storage_mgmt - SwiftProxyNetwork: storage - HorizonNetwork: internal_api - MemcachedNetwork: internal_api - RabbitmqNetwork: internal_api - RedisNetwork: internal_api - MysqlNetwork: internal_api - CephClusterNetwork: storage_mgmt - CephPublicNetwork: storage - ControllerHostnameResolveNetwork: internal_api - ComputeHostnameResolveNetwork: internal_api - BlockStorageHostnameResolveNetwork: internal_api - ObjectStorageHostnameResolveNetwork: internal_api - CephStorageHostnameResolveNetwork: storage diff --git a/environments/use-dns-for-vips.yaml b/environments/use-dns-for-vips.yaml index daf07bc7..b700312f 100644 --- a/environments/use-dns-for-vips.yaml +++ b/environments/use-dns-for-vips.yaml @@ -1,5 +1,5 @@ # A Heat environment file which can be used to disable the writing of the VIPs # to the /etc/hosts file in the overcloud. Use this in case you have a working # DNS server that you will provide for the overcloud. -resource_registry: - OS::TripleO::Services::VipHosts: OS::Heat::None +parameter_defaults: + AddVipsToEtcHosts: False |