diff options
Diffstat (limited to 'environments')
| -rw-r--r-- | environments/enable-tls.yaml | 9 | ||||
| -rw-r--r-- | environments/external-loadbalancer-vip-v6.yaml | 38 | ||||
| -rw-r--r-- | environments/ips-from-pool-all.yaml | 75 | ||||
| -rw-r--r-- | environments/major-upgrade-pacemaker-init.yaml | 11 | ||||
| -rw-r--r-- | environments/net-bond-with-vlans-v6.yaml | 20 | ||||
| -rw-r--r-- | environments/net-bond-with-vlans.yaml | 4 | ||||
| -rw-r--r-- | environments/net-multiple-nics-v6.yaml | 13 | ||||
| -rw-r--r-- | environments/net-single-nic-linux-bridge-with-vlans.yaml | 4 | ||||
| -rw-r--r-- | environments/net-single-nic-with-vlans-v6.yaml | 19 | ||||
| -rw-r--r-- | environments/net-single-nic-with-vlans.yaml | 4 | ||||
| -rw-r--r-- | environments/network-isolation-v6.yaml | 55 |
11 files changed, 237 insertions, 15 deletions
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index b895f86a..d6328c06 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -5,9 +5,6 @@ parameter_defaults: SSLKey: | The contents of the private key go here EndpointMap: - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} @@ -27,6 +24,9 @@ parameter_defaults: KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + KeystoneV3Admin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneV3Internal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystoneV3Public: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} @@ -39,6 +39,9 @@ parameter_defaults: NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} + SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} + SaharaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} diff --git a/environments/external-loadbalancer-vip-v6.yaml b/environments/external-loadbalancer-vip-v6.yaml new file mode 100644 index 00000000..5a2ef505 --- /dev/null +++ b/environments/external-loadbalancer-vip-v6.yaml @@ -0,0 +1,38 @@ +resource_registry: + OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external_v6.yaml + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service_v6.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml + # OVS doesn't support IPv6 endpoints for tunneling yet, so this remains IPv4 for now. + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + # When using an external loadbalancer set the following in parameter_defaults + # to control your VIPs (currently one per network) + # NOTE: we will eventually move to one VIP per service + # + ControlPlaneIP: 192.0.2.251 + ExternalNetworkVip: 2001:db8:fd00:1000:0000:0000:0000:0005 + InternalApiNetworkVip: fd00:fd00:fd00:2000:0000:0000:0000:0005 + StorageNetworkVip: fd00:fd00:fd00:3000:0000:0000:0000:0005 + StorageMgmtNetworkVip: fd00:fd00:fd00:4000:0000:0000:0000:0005 + ServiceVips: + redis: fd00:fd00:fd00:2000:0000:0000:0000:0006 + ControllerIPs: + external: + - 2001:db8:fd00:1000:0000:0000:0000:0007 + internal_api: + - fd00:fd00:fd00:2000:0000:0000:0000:0007 + storage: + - fd00:fd00:fd00:3000:0000:0000:0000:0007 + storage_mgmt: + - fd00:fd00:fd00:4000:0000:0000:0000:0007 + tenant: + - 172.16.0.253 + EnableLoadBalancer: false diff --git a/environments/ips-from-pool-all.yaml b/environments/ips-from-pool-all.yaml new file mode 100644 index 00000000..f660d501 --- /dev/null +++ b/environments/ips-from-pool-all.yaml @@ -0,0 +1,75 @@ +# Environment file demonstrating how to pre-assign IPs to all node types +resource_registry: + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + + OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + + OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + + OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + +parameter_defaults: + ControllerIPs: + # Each controller will get an IP from the lists below, first controller, first IP + external: + - 10.0.0.251 + internal_api: + - 172.16.2.251 + storage: + - 172.16.1.251 + storage_mgmt: + - 172.16.3.251 + tenant: + - 172.16.0.251 + NovaComputeIPs: + # Each compute will get an IP from the lists below, first compute, first IP + internal_api: + - 172.16.2.252 + storage: + - 172.16.1.252 + tenant: + - 172.16.0.252 + CephStorageIPs: + # Each ceph node will get an IP from the lists below, first node, first IP + storage: + - 172.16.1.253 + storage_mgmt: + - 172.16.3.253 + SwiftStorageIPs: + # Each swift node will get an IP from the lists below, first node, first IP + internal_api: + - 172.16.2.254 + storage: + - 172.16.1.254 + storage_mgmt: + - 172.16.3.254 + BlockStorageIPs: + # Each cinder node will get an IP from the lists below, first node, first IP + internal_api: + - 172.16.2.250 + storage: + - 172.16.1.250 + storage_mgmt: + - 172.16.3.250 diff --git a/environments/major-upgrade-pacemaker-init.yaml b/environments/major-upgrade-pacemaker-init.yaml new file mode 100644 index 00000000..d98a9cdd --- /dev/null +++ b/environments/major-upgrade-pacemaker-init.yaml @@ -0,0 +1,11 @@ +parameter_defaults: + UpgradeLevelNovaCompute: liberty + +resource_registry: + OS::TripleO::Tasks::UpdateWorkflow: ../extraconfig/tasks/major_upgrade_pacemaker_init.yaml + OS::TripleO::Tasks::PackageUpdate: ../extraconfig/tasks/yum_update_noop.yaml + OS::TripleO::ControllerPostDeployment: OS::Heat::None + OS::TripleO::ComputePostDeployment: OS::Heat::None + OS::TripleO::ObjectStoragePostDeployment: OS::Heat::None + OS::TripleO::BlockStoragePostDeployment: OS::Heat::None + OS::TripleO::CephStoragePostDeployment: OS::Heat::None diff --git a/environments/net-bond-with-vlans-v6.yaml b/environments/net-bond-with-vlans-v6.yaml new file mode 100644 index 00000000..73dda3d9 --- /dev/null +++ b/environments/net-bond-with-vlans-v6.yaml @@ -0,0 +1,20 @@ +# This template configures each role to use a pair of bonded nics (nic2 and +# nic3) and configures an IP address on each relevant isolated network +# for each role, with IPv6 on the External network. This template assumes +# use of network-isolation-v6.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation-v6.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/bond-with-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/bond-with-vlans/controller-v6.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml + +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/net-bond-with-vlans.yaml b/environments/net-bond-with-vlans.yaml index 9600fc7e..de8f8f74 100644 --- a/environments/net-bond-with-vlans.yaml +++ b/environments/net-bond-with-vlans.yaml @@ -12,10 +12,6 @@ resource_registry: OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/swift-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/bond-with-vlans/ceph-storage.yaml -# We use parameter_defaults instead of parameters here because Tuskar munges -# the names of top level and role level parameters with the role name and a -# version. Using parameter_defaults makes it such that if the parameter name is -# not defined in the template, we don't get an error. parameter_defaults: # This sets 'external_network_bridge' in l3_agent.ini to an empty string # so that external networks act like provider bridge networks (they diff --git a/environments/net-multiple-nics-v6.yaml b/environments/net-multiple-nics-v6.yaml new file mode 100644 index 00000000..a2bb0bba --- /dev/null +++ b/environments/net-multiple-nics-v6.yaml @@ -0,0 +1,13 @@ +# This template configures each role to use a separate NIC for +# each isolated network with IPv6 on the External network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation-v6.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/multiple-nics/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/multiple-nics/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/multiple-nics/controller-v6.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/multiple-nics/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/multiple-nics/ceph-storage.yaml diff --git a/environments/net-single-nic-linux-bridge-with-vlans.yaml b/environments/net-single-nic-linux-bridge-with-vlans.yaml index d5f2ed62..fd80bb9b 100644 --- a/environments/net-single-nic-linux-bridge-with-vlans.yaml +++ b/environments/net-single-nic-linux-bridge-with-vlans.yaml @@ -12,10 +12,6 @@ resource_registry: OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/swift-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml -# We use parameter_defaults instead of parameters here because Tuskar munges -# the names of top level and role level parameters with the role name and a -# version. Using parameter_defaults makes it such that if the parameter name is -# not defined in the template, we don't get an error. parameter_defaults: # This sets 'external_network_bridge' in l3_agent.ini to an empty string # so that external networks act like provider bridge networks (they diff --git a/environments/net-single-nic-with-vlans-v6.yaml b/environments/net-single-nic-with-vlans-v6.yaml new file mode 100644 index 00000000..8210bad3 --- /dev/null +++ b/environments/net-single-nic-with-vlans-v6.yaml @@ -0,0 +1,19 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network with IPv6 on the External network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation-v6.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller-v6.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml + +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/net-single-nic-with-vlans.yaml b/environments/net-single-nic-with-vlans.yaml index bdfeadd3..a61bc6e1 100644 --- a/environments/net-single-nic-with-vlans.yaml +++ b/environments/net-single-nic-with-vlans.yaml @@ -12,10 +12,6 @@ resource_registry: OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml -# We use parameter_defaults instead of parameters here because Tuskar munges -# the names of top level and role level parameters with the role name and a -# version. Using parameter_defaults makes it such that if the parameter name is -# not defined in the template, we don't get an error. parameter_defaults: # This sets 'external_network_bridge' in l3_agent.ini to an empty string # so that external networks act like provider bridge networks (they diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml new file mode 100644 index 00000000..599a08b1 --- /dev/null +++ b/environments/network-isolation-v6.yaml @@ -0,0 +1,55 @@ +# Enable the creation of IPv6 Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +resource_registry: + OS::TripleO::Network::External: ../network/external_v6.yaml + OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml + OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml + OS::TripleO::Network::Storage: ../network/storage_v6.yaml + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::Network::Tenant: ../network/tenant.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + +parameter_defaults: + # Enable IPv6 for Ceph. + CephIPv6: True + # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster. + CorosyncIPv6: True + # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. + MongoDbIPv6: True + # Enable various IPv6 features in Nova. + NovaIPv6: True + # Enable IPv6 environment for RabbitMQ. + RabbitIPv6: true |