aboutsummaryrefslogtreecommitdiffstats
path: root/environments
diff options
context:
space:
mode:
Diffstat (limited to 'environments')
-rw-r--r--environments/cinder-dellsc-config.yaml17
-rw-r--r--environments/cinder-eqlx-config.yaml17
-rw-r--r--environments/docker-network-isolation.yaml4
-rw-r--r--environments/docker-network.yaml2
-rw-r--r--environments/docker.yaml (renamed from environments/docker-rdo.yaml)1
-rw-r--r--environments/enable-tls.yaml32
-rw-r--r--environments/external-loadbalancer-vip.yaml35
-rw-r--r--environments/ips-from-pool.yaml20
-rw-r--r--environments/net-single-nic-linux-bridge-with-vlans.yaml23
-rw-r--r--environments/network-isolation.yaml25
-rw-r--r--environments/network-management.yaml24
-rw-r--r--environments/neutron-midonet.yaml20
-rw-r--r--environments/storage-environment.yaml5
-rw-r--r--environments/updates/README.md3
-rw-r--r--environments/updates/update-from-publicvip-on-ctlplane.yaml2
15 files changed, 221 insertions, 9 deletions
diff --git a/environments/cinder-dellsc-config.yaml b/environments/cinder-dellsc-config.yaml
new file mode 100644
index 00000000..92e257d4
--- /dev/null
+++ b/environments/cinder-dellsc-config.yaml
@@ -0,0 +1,17 @@
+# A Heat environment file which can be used to enable a
+# a Cinder Dell Storage Center ISCSI backend, configured via puppet
+resource_registry:
+ OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
+
+parameter_defaults:
+ CinderEnableDellScBackend: true
+ CinderDellScBackendName: 'tripleo_dellsc'
+ CinderDellScSanIp: ''
+ CinderDellScSanLogin: 'Admin'
+ CinderDellScSanPassword: ''
+ CinderDellScSsn: '64702'
+ CinderDellScIscsiIpAddress: ''
+ CinderDellScIscsiPort: '3260'
+ CinderDellScApiPort: '3033'
+ CinderDellScServerFolder: 'dellsc_server'
+ CinderDellScVolumeFolder: 'dellsc_volume'
diff --git a/environments/cinder-eqlx-config.yaml b/environments/cinder-eqlx-config.yaml
new file mode 100644
index 00000000..ca2c5e5a
--- /dev/null
+++ b/environments/cinder-eqlx-config.yaml
@@ -0,0 +1,17 @@
+# A Heat environment file which can be used to enable a
+# a Cinder eqlx backen, configured via puppet
+resource_registry:
+ OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
+
+parameter_defaults:
+ CinderEnableEqlxBackend: true
+ CinderEqlxBackendName: 'tripleo_eqlx'
+ CinderEqlxSanIp: ''
+ CinderEqlxSanLogin: ''
+ CinderEqlxSanPassword: ''
+ CinderEqlxSanThinProvision: true
+ CinderEqlxGroupname: 'group-0'
+ CinderEqlxPool: 'default'
+ CinderEqlxChapLogin: ''
+ CinderEqlxChapPassword: ''
+ CinderEqlxUseChap: false
diff --git a/environments/docker-network-isolation.yaml b/environments/docker-network-isolation.yaml
new file mode 100644
index 00000000..257d03dc
--- /dev/null
+++ b/environments/docker-network-isolation.yaml
@@ -0,0 +1,4 @@
+parameter_defaults:
+ NeutronAgentConfig: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/openvswitch_agent.ini"
+ NeutronAgentPluginVolume: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro"
+ NeutronAgentOvsVolume: "/var/lib/etc-data/neutron/conf.d/neutron-openvswitch-agent:/etc/neutron/conf.d/neutron-openvswitch-agent:ro"
diff --git a/environments/docker-network.yaml b/environments/docker-network.yaml
new file mode 100644
index 00000000..f10ec389
--- /dev/null
+++ b/environments/docker-network.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml
diff --git a/environments/docker-rdo.yaml b/environments/docker.yaml
index 66824feb..6376b749 100644
--- a/environments/docker-rdo.yaml
+++ b/environments/docker.yaml
@@ -2,7 +2,6 @@ resource_registry:
# Docker container with heat agents for containerized compute node.
OS::TripleO::ComputePostDeployment: ../docker/compute-post.yaml
OS::TripleO::NodeUserData: ../docker/firstboot/install_docker_agents.yaml
- OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml
parameters:
NovaImage: atomic-image
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml
index 5c2506e9..bc4d1bef 100644
--- a/environments/enable-tls.yaml
+++ b/environments/enable-tls.yaml
@@ -4,6 +4,38 @@ parameter_defaults:
SSLIntermediateCertificate: ''
SSLKey: |
The contents of the private key go here
+ EndpointMap:
+ CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
+ CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
+ CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'}
+ CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
+ CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
+ CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
+ GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
+ GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
+ GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
+ GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'}
+ GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'}
+ GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet.
+ HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
+ HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
+ HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'}
+ HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'}
+ KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
+ KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
+ KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
+ NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
+ NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
+ NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
+ NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
+ NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
+ NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
+ NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
+ NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
+ NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'}
+ SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
+ SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
+ SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
resource_registry:
OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml
diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml
index 47d5bd9b..1cf59825 100644
--- a/environments/external-loadbalancer-vip.yaml
+++ b/environments/external-loadbalancer-vip.yaml
@@ -1,14 +1,37 @@
resource_registry:
OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml
+ OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml
+ OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
+ OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
+ OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
parameter_defaults:
# When using an external loadbalancer set the following in parameter_defaults
# to control your VIPs (currently one per network)
# NOTE: we will eventually move to one VIP per service
#
- # ControlNetworkVip:
- # ExternalNetworkVip:
- # InternalApiNetworkVip:
- # StorageNetworkVip:
- # StorageMgmtNetworkVip:
- EnableLoadBalancer: false \ No newline at end of file
+ ControlPlaneIP: 192.0.2.251
+ ExternalNetworkVip: 10.0.0.251
+ InternalApiNetworkVip: 172.16.2.251
+ StorageNetworkVip: 172.16.1.251
+ StorageMgmtNetworkVip: 172.16.3.251
+ ServiceVips:
+ redis: 172.16.2.252
+ ControllerIPs:
+ external:
+ - 10.0.0.253
+ internal_api:
+ - 172.16.2.253
+ storage:
+ - 172.16.1.253
+ storage_mgmt:
+ - 172.16.3.253
+ tenant:
+ - 172.16.0.253
+ EnableLoadBalancer: false
diff --git a/environments/ips-from-pool.yaml b/environments/ips-from-pool.yaml
new file mode 100644
index 00000000..8c27fe4e
--- /dev/null
+++ b/environments/ips-from-pool.yaml
@@ -0,0 +1,20 @@
+resource_registry:
+ OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml
+ OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
+ OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
+ OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml
+ OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
+
+parameter_defaults:
+ ControllerIPs:
+ # Each controller will get an IP from the lists below, first controller, first IP
+ external:
+ - 10.0.0.251
+ internal_api:
+ - 172.16.2.251
+ storage:
+ - 172.16.1.251
+ storage_mgmt:
+ - 172.16.3.251
+ tenant:
+ - 172.16.0.251
diff --git a/environments/net-single-nic-linux-bridge-with-vlans.yaml b/environments/net-single-nic-linux-bridge-with-vlans.yaml
new file mode 100644
index 00000000..d5f2ed62
--- /dev/null
+++ b/environments/net-single-nic-linux-bridge-with-vlans.yaml
@@ -0,0 +1,23 @@
+# This template configures each role to use Vlans on a single nic for
+# each isolated network.
+# This template assumes use of network-isolation.yaml.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/controller.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-linux-bridge-vlans/ceph-storage.yaml
+
+# We use parameter_defaults instead of parameters here because Tuskar munges
+# the names of top level and role level parameters with the role name and a
+# version. Using parameter_defaults makes it such that if the parameter name is
+# not defined in the template, we don't get an error.
+parameter_defaults:
+ # This sets 'external_network_bridge' in l3_agent.ini to an empty string
+ # so that external networks act like provider bridge networks (they
+ # will plug into br-int instead of br-ex)
+ NeutronExternalNetworkBridge: "''"
diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml
index 937931d1..87fc22f5 100644
--- a/environments/network-isolation.yaml
+++ b/environments/network-isolation.yaml
@@ -1,12 +1,23 @@
# Enable the creation of Neutron networks for isolated Overcloud
# traffic and configure each role to assign ports (related
# to that role) on these networks.
+# Many networks are disabled by default because they are not used
+# in a typical configuration. Override via parameter_defaults.
resource_registry:
OS::TripleO::Network::External: ../network/external.yaml
OS::TripleO::Network::InternalApi: ../network/internal_api.yaml
OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml
OS::TripleO::Network::Storage: ../network/storage.yaml
OS::TripleO::Network::Tenant: ../network/tenant.yaml
+ # Management network is optional and disabled by default
+ OS::TripleO::Network::Management: ../network/noop.yaml
+
+ # Port assignments for the VIPs
+ OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml
+ OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml
+ OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml
+ OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml
@@ -14,25 +25,39 @@ resource_registry:
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml
+ OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the compute role
+ OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml
OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml
+ OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the ceph storage role
+ OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml
OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the swift storage role
+ OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the block storage role
+ OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for service virtual IPs for the controller role
OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml
diff --git a/environments/network-management.yaml b/environments/network-management.yaml
new file mode 100644
index 00000000..2f0cff8b
--- /dev/null
+++ b/environments/network-management.yaml
@@ -0,0 +1,24 @@
+# Enable the creation of a system management network. This
+# creates a Neutron network for isolated Overcloud
+# system management traffic and configures each role to
+# assign a port (related to that role) on that network.
+# Note that the basic sample NIC configuration templates
+# do not include the management network, see the
+# single-nic-vlans-mgmt templates for an example.
+resource_registry:
+ OS::TripleO::Network::Management: ../network/management.yaml
+
+ # Port assignments for the controller role
+ OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
+
+ # Port assignments for the compute role
+ OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
+
+ # Port assignments for the ceph storage role
+ OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
+
+ # Port assignments for the swift storage role
+ OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
+
+ # Port assignments for the block storage role
+ OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
diff --git a/environments/neutron-midonet.yaml b/environments/neutron-midonet.yaml
new file mode 100644
index 00000000..726852a0
--- /dev/null
+++ b/environments/neutron-midonet.yaml
@@ -0,0 +1,20 @@
+# A Heat environment that can be used to deploy MidoNet Services
+resource_registry:
+ OS::TripleO::AllNodesExtraConfig: ../puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../net-config-linux-bridge.yaml # We have to avoid any ovs bridge. MidoNet is incompatible with its datapath
+
+parameter_defaults:
+ EnableZookeeperOnController: true
+ EnableCassandraOnController: true
+ NeutronCorePlugin: 'midonet.neutron.plugin_v1.MidonetPluginV2' # Overriding default core_plugin in Neutron. Don't touch it
+ NeutronEnableIsolatedMetadata: true # MidoNet 1.9 needs this one to work. Don't change it
+ NeutronEnableL3Agent: false
+ NeutronEnableOVSAgent: false
+
+ # Other available options for MidoNet Services
+ # TunnelZoneName: 'tunnelname'
+ # TunnelZoneType: 'gre'
+ # CassandraStoragePort: 7000
+ # CassandraSslStoragePort: 7009
+ # CassandraClientPort: 9042
+ # CassandraClientPortThrift: 9160
diff --git a/environments/storage-environment.yaml b/environments/storage-environment.yaml
index 5ccfa58e..bd320bd9 100644
--- a/environments/storage-environment.yaml
+++ b/environments/storage-environment.yaml
@@ -43,9 +43,10 @@ parameter_defaults:
## OSDs are deployed on dedicated ceph-storage nodes only.
# ControllerEnableCephStorage: false
- ## When deploying Ceph through the oscplugin CLI, the following
+ ## When deploying Ceph Nodes through the oscplugin CLI, the following
## parameters are set automatically by the CLI. When deploying via
- ## heat stack-create, they need to be provided manually.
+ ## heat stack-create or ceph on the controller nodes only,
+ ## they need to be provided manually.
## Number of Ceph storage nodes to deploy
# CephStorageCount: 0
diff --git a/environments/updates/README.md b/environments/updates/README.md
index 8c03411d..426d7329 100644
--- a/environments/updates/README.md
+++ b/environments/updates/README.md
@@ -7,3 +7,6 @@ Contents
**update-from-keystone-admin-internal-api.yaml**
To be used if the Keystone Admin API was originally deployed on the
Internal API network.
+
+**update-from-publicvip-on-ctlplane.yaml**
+ To be used if the PublicVirtualIP resource was deployed as an additional VIP on the 'ctlplane'.
diff --git a/environments/updates/update-from-publicvip-on-ctlplane.yaml b/environments/updates/update-from-publicvip-on-ctlplane.yaml
new file mode 100644
index 00000000..c62428b4
--- /dev/null
+++ b/environments/updates/update-from-publicvip-on-ctlplane.yaml
@@ -0,0 +1,2 @@
+resource_registry:
+ OS::TripleO::Network::Ports::ExternalVipPort: ../../network/ports/ctlplane_vip.yaml \ No newline at end of file