diff options
Diffstat (limited to 'environments')
-rw-r--r-- | environments/cinder-dellsc-config.yaml | 17 | ||||
-rw-r--r-- | environments/cinder-eqlx-config.yaml | 17 | ||||
-rw-r--r-- | environments/docker-network-isolation.yaml | 4 | ||||
-rw-r--r-- | environments/docker-network.yaml | 2 | ||||
-rw-r--r-- | environments/docker.yaml (renamed from environments/docker-rdo.yaml) | 1 | ||||
-rw-r--r-- | environments/enable-tls.yaml | 32 | ||||
-rw-r--r-- | environments/external-loadbalancer-vip.yaml | 35 | ||||
-rw-r--r-- | environments/ips-from-pool.yaml | 20 | ||||
-rw-r--r-- | environments/net-single-nic-linux-bridge-with-vlans.yaml | 23 | ||||
-rw-r--r-- | environments/network-isolation.yaml | 25 | ||||
-rw-r--r-- | environments/network-management.yaml | 24 | ||||
-rw-r--r-- | environments/neutron-midonet.yaml | 20 | ||||
-rw-r--r-- | environments/storage-environment.yaml | 5 | ||||
-rw-r--r-- | environments/updates/README.md | 3 | ||||
-rw-r--r-- | environments/updates/update-from-publicvip-on-ctlplane.yaml | 2 |
15 files changed, 221 insertions, 9 deletions
diff --git a/environments/cinder-dellsc-config.yaml b/environments/cinder-dellsc-config.yaml new file mode 100644 index 00000000..92e257d4 --- /dev/null +++ b/environments/cinder-dellsc-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Cinder Dell Storage Center ISCSI backend, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml + +parameter_defaults: + CinderEnableDellScBackend: true + CinderDellScBackendName: 'tripleo_dellsc' + CinderDellScSanIp: '' + CinderDellScSanLogin: 'Admin' + CinderDellScSanPassword: '' + CinderDellScSsn: '64702' + CinderDellScIscsiIpAddress: '' + CinderDellScIscsiPort: '3260' + CinderDellScApiPort: '3033' + CinderDellScServerFolder: 'dellsc_server' + CinderDellScVolumeFolder: 'dellsc_volume' diff --git a/environments/cinder-eqlx-config.yaml b/environments/cinder-eqlx-config.yaml new file mode 100644 index 00000000..ca2c5e5a --- /dev/null +++ b/environments/cinder-eqlx-config.yaml @@ -0,0 +1,17 @@ +# A Heat environment file which can be used to enable a +# a Cinder eqlx backen, configured via puppet +resource_registry: + OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml + +parameter_defaults: + CinderEnableEqlxBackend: true + CinderEqlxBackendName: 'tripleo_eqlx' + CinderEqlxSanIp: '' + CinderEqlxSanLogin: '' + CinderEqlxSanPassword: '' + CinderEqlxSanThinProvision: true + CinderEqlxGroupname: 'group-0' + CinderEqlxPool: 'default' + CinderEqlxChapLogin: '' + CinderEqlxChapPassword: '' + CinderEqlxUseChap: false diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml new file mode 100644 index 00000000..257d03dc --- /dev/null +++ b/environments/docker-network-isolation.yaml @@ -0,0 +1,4 @@ +parameter_defaults: + NeutronAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini" + NeutronAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro" + NeutronAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro" diff --git a/environments/docker-network.yaml b/environments/docker-network.yaml new file mode 100644 index 00000000..f10ec389 --- /dev/null +++ b/environments/docker-network.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml diff --git a/environments/docker-rdo.yaml b/environments/docker.yaml index 66824feb..6376b749 100644 --- a/environments/docker-rdo.yaml +++ b/environments/docker.yaml @@ -2,7 +2,6 @@ resource_registry: # Docker container with heat agents for containerized compute node. OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml - OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml parameters: NovaImage: atomic-image diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index 5c2506e9..bc4d1bef 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -4,6 +4,38 @@ parameter_defaults: SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here + EndpointMap: + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet. + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} resource_registry: OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml index 47d5bd9b..1cf59825 100644 --- a/environments/external-loadbalancer-vip.yaml +++ b/environments/external-loadbalancer-vip.yaml @@ -1,14 +1,37 @@ resource_registry: OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml parameter_defaults: # When using an external loadbalancer set the following in parameter_defaults # to control your VIPs (currently one per network) # NOTE: we will eventually move to one VIP per service # - # ControlNetworkVip: - # ExternalNetworkVip: - # InternalApiNetworkVip: - # StorageNetworkVip: - # StorageMgmtNetworkVip: - EnableLoadBalancer: false
\ No newline at end of file + ControlPlaneIP: 192.0.2.251 + ExternalNetworkVip: 10.0.0.251 + InternalApiNetworkVip: 172.16.2.251 + StorageNetworkVip: 172.16.1.251 + StorageMgmtNetworkVip: 172.16.3.251 + ServiceVips: + redis: 172.16.2.252 + ControllerIPs: + external: + - 10.0.0.253 + internal_api: + - 172.16.2.253 + storage: + - 172.16.1.253 + storage_mgmt: + - 172.16.3.253 + tenant: + - 172.16.0.253 + EnableLoadBalancer: false diff --git a/environments/ips-from-pool.yaml b/environments/ips-from-pool.yaml new file mode 100644 index 00000000..8c27fe4e --- /dev/null +++ b/environments/ips-from-pool.yaml @@ -0,0 +1,20 @@ +resource_registry: + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + ControllerIPs: + # Each controller will get an IP from the lists below, first controller, first IP + external: + - 10.0.0.251 + internal_api: + - 172.16.2.251 + storage: + - 172.16.1.251 + storage_mgmt: + - 172.16.3.251 + tenant: + - 172.16.0.251 diff --git a/environments/net-single-nic-linux-bridge-with-vlans.yaml b/environments/net-single-nic-linux-bridge-with-vlans.yaml new file mode 100644 index 00000000..d5f2ed62 --- /dev/null +++ b/environments/net-single-nic-linux-bridge-with-vlans.yaml @@ -0,0 +1,23 @@ +# This template configures each role to use Vlans on a single nic for +# each isolated network. +# This template assumes use of network-isolation.yaml. +# +# FIXME: if/when we add functionality to heatclient to include heat +# environment files we should think about using it here to automatically +# include network-isolation.yaml. +resource_registry: + OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml + +# We use parameter_defaults instead of parameters here because Tuskar munges +# the names of top level and role level parameters with the role name and a +# version. Using parameter_defaults makes it such that if the parameter name is +# not defined in the template, we don't get an error. +parameter_defaults: + # This sets 'external_network_bridge' in l3_agent.ini to an empty string + # so that external networks act like provider bridge networks (they + # will plug into br-int instead of br-ex) + NeutronExternalNetworkBridge: "''" diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index 937931d1..87fc22f5 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -1,12 +1,23 @@ # Enable the creation of Neutron networks for isolated Overcloud # traffic and configure each role to assign ports (related # to that role) on these networks. +# Many networks are disabled by default because they are not used +# in a typical configuration. Override via parameter_defaults. resource_registry: OS::TripleO::Network::External: ../network/external.yaml OS::TripleO::Network::InternalApi: ../network/internal_api.yaml OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml OS::TripleO::Network::Storage: ../network/storage.yaml OS::TripleO::Network::Tenant: ../network/tenant.yaml + # Management network is optional and disabled by default + OS::TripleO::Network::Management: ../network/noop.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml @@ -14,25 +25,39 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the compute role + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for service virtual IPs for the controller role OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml diff --git a/environments/network-management.yaml b/environments/network-management.yaml new file mode 100644 index 00000000..2f0cff8b --- /dev/null +++ b/environments/network-management.yaml @@ -0,0 +1,24 @@ +# Enable the creation of a system management network. This +# creates a Neutron network for isolated Overcloud +# system management traffic and configures each role to +# assign a port (related to that role) on that network. +# Note that the basic sample NIC configuration templates +# do not include the management network, see the +# single-nic-vlans-mgmt templates for an example. +resource_registry: + OS::TripleO::Network::Management: ../network/management.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml diff --git a/environments/neutron-midonet.yaml b/environments/neutron-midonet.yaml new file mode 100644 index 00000000..726852a0 --- /dev/null +++ b/environments/neutron-midonet.yaml @@ -0,0 +1,20 @@ +# A Heat environment that can be used to deploy MidoNet Services +resource_registry: + OS::TripleO::AllNodesExtraConfig: ../puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../net-config-linux-bridge.yaml # We have to avoid any ovs bridge. MidoNet is incompatible with its datapath + +parameter_defaults: + EnableZookeeperOnController: true + EnableCassandraOnController: true + NeutronCorePlugin: 'midonet.neutron.plugin_v1.MidonetPluginV2' # Overriding default core_plugin in Neutron. Don't touch it + NeutronEnableIsolatedMetadata: true # MidoNet 1.9 needs this one to work. Don't change it + NeutronEnableL3Agent: false + NeutronEnableOVSAgent: false + + # Other available options for MidoNet Services + # TunnelZoneName: 'tunnelname' + # TunnelZoneType: 'gre' + # CassandraStoragePort: 7000 + # CassandraSslStoragePort: 7009 + # CassandraClientPort: 9042 + # CassandraClientPortThrift: 9160 diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml index 5ccfa58e..bd320bd9 100644 --- a/environments/storage-environment.yaml +++ b/environments/storage-environment.yaml @@ -43,9 +43,10 @@ parameter_defaults: ## OSDs are deployed on dedicated ceph-storage nodes only. # ControllerEnableCephStorage: false - ## When deploying Ceph through the oscplugin CLI, the following + ## When deploying Ceph Nodes through the oscplugin CLI, the following ## parameters are set automatically by the CLI. When deploying via - ## heat stack-create, they need to be provided manually. + ## heat stack-create or ceph on the controller nodes only, + ## they need to be provided manually. ## Number of Ceph storage nodes to deploy # CephStorageCount: 0 diff --git a/environments/updates/README.md b/environments/updates/README.md index 8c03411d..426d7329 100644 --- a/environments/updates/README.md +++ b/environments/updates/README.md @@ -7,3 +7,6 @@ Contents **update-from-keystone-admin-internal-api.yaml** To be used if the Keystone Admin API was originally deployed on the Internal API network. + +**update-from-publicvip-on-ctlplane.yaml** + To be used if the PublicVirtualIP resource was deployed as an additional VIP on the 'ctlplane'. diff --git a/environments/updates/update-from-publicvip-on-ctlplane.yaml b/environments/updates/update-from-publicvip-on-ctlplane.yaml new file mode 100644 index 00000000..c62428b4 --- /dev/null +++ b/environments/updates/update-from-publicvip-on-ctlplane.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::Network::Ports::ExternalVipPort: ../../network/ports/ctlplane_vip.yaml
\ No newline at end of file |