diff options
Diffstat (limited to 'puppet/compute.yaml')
-rw-r--r-- | puppet/compute.yaml | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/puppet/compute.yaml b/puppet/compute.yaml index e56deefd..b7f7f4a5 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -339,6 +339,9 @@ parameters: type: json description: Optional scheduler hints to pass to nova default: {} + ServiceConfigSettings: + type: json + default: {} resources: @@ -481,6 +484,7 @@ resources: - heat_config_%{::deploy_config_name} - compute_extraconfig - extraconfig + - service_configs - compute - ceph_cluster # provided by CephClusterConfig - ceph @@ -495,6 +499,8 @@ resources: - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre merge_behavior: deeper datafiles: + service_configs: + mapped_data: {get_param: ServiceConfigSettings} compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} extraconfig: @@ -525,6 +531,12 @@ resources: nova_api_host: {get_input: nova_api_host} nova::compute::vncproxy_host: {get_input: nova_public_ip} nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend} + # TUNNELLED mode provides a security enhancement when using shared storage but is not + # supported when not using shared storage. + # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 + # In future versions of QEMU (2.6, mostly), Dan's native encryption + # work will obsolete the need to use TUNNELLED transport mode. + nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend} rbd_persistent_storage: {get_input: cinder_enable_rbd_backend} nova_password: {get_input: nova_password} nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} @@ -539,7 +551,7 @@ resources: ceilometer::rabbit_password: {get_input: rabbit_password} ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} ceilometer::rabbit_port: {get_input: rabbit_client_port} - ceilometer::metering_secret: {get_input: ceilometer_metering_secret} + ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} ceilometer_compute_agent: {get_input: ceilometer_compute_agent} |