summaryrefslogtreecommitdiffstats
path: root/puppet/compute.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/compute.yaml')
-rw-r--r--puppet/compute.yaml564
1 files changed, 564 insertions, 0 deletions
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
new file mode 100644
index 00000000..3f730994
--- /dev/null
+++ b/puppet/compute.yaml
@@ -0,0 +1,564 @@
+heat_template_version: 2015-04-30
+
+description: >
+ OpenStack hypervisor node configured via Puppet.
+
+parameters:
+ AdminPassword:
+ default: unset
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
+ type: string
+ hidden: true
+ CeilometerComputeAgent:
+ description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
+ type: string
+ default: ''
+ constraints:
+ - allowed_values: ['', Present]
+ CeilometerMeteringSecret:
+ default: unset
+ description: Secret shared by the ceilometer services.
+ type: string
+ hidden: true
+ CeilometerPassword:
+ default: unset
+ description: The password for the ceilometer service account.
+ type: string
+ hidden: true
+ CinderEnableNfsBackend:
+ default: false
+ description: Whether to enable or not the NFS backend for Cinder
+ type: boolean
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ ExtraConfig:
+ default: {}
+ description: |
+ Additional hiera configuration to inject into the cluster. Note
+ that NovaComputeExtraConfig takes precedence over ExtraConfig.
+ type: json
+ Flavor:
+ description: Flavor for the nova compute node
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ GlanceHost:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
+ GlancePort:
+ default: "9292"
+ description: Glance port.
+ type: string
+ GlanceProtocol:
+ default: http
+ description: Protocol to use when connecting to glance, set to https for SSL.
+ type: string
+ Image:
+ type: string
+ default: overcloud-compute
+ constraints:
+ - custom_constraint: glance.image
+ ImageUpdatePolicy:
+ default: 'REBUILD_PRESERVE_EPHEMERAL'
+ description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
+ type: string
+ KeyName:
+ description: Name of an existing EC2 KeyPair to enable SSH access to the instances
+ type: string
+ default: default
+ constraints:
+ - custom_constraint: nova.keypair
+ KeystoneAdminApiVirtualIP:
+ type: string
+ default: ''
+ KeystonePublicApiVirtualIP:
+ type: string
+ default: ''
+ NeutronBridgeMappings:
+ description: >
+ The OVS logical->physical bridge mappings to use. See the Neutron
+ documentation for details. Defaults to mapping br-ex - the external
+ bridge on hosts - to a physical name 'datacentre' which can be used
+ to create provider networks (and we use this for the default floating
+ network) - if changing this either use different post-install network
+ scripts or be sure to keep 'datacentre' as a mapping network name.
+ type: string
+ default: "datacentre:br-ex"
+ NeutronEnableTunnelling:
+ type: string
+ default: "True"
+ NeutronFlatNetworks:
+ type: string
+ default: 'datacentre'
+ description: >
+ If set, flat networks to configure in neutron plugins.
+ NeutronHost:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
+ NeutronNetworkType:
+ type: string
+ description: The tenant network type for Neutron, either gre or vxlan.
+ default: 'vxlan'
+ NeutronNetworkVLANRanges:
+ default: 'datacentre'
+ description: >
+ The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
+ Neutron documentation for permitted values. Defaults to permitting any
+ VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
+ type: comma_delimited_list
+ NeutronPassword:
+ default: unset
+ description: The password for the neutron service account, used by neutron agents.
+ type: string
+ hidden: true
+ NeutronPhysicalBridge:
+ default: 'br-ex'
+ description: An OVS bridge to create for accessing external networks.
+ type: string
+ NeutronPublicInterface:
+ default: nic1
+ description: A port to add to the NeutronPhysicalBridge.
+ type: string
+ NeutronTunnelTypes:
+ type: string
+ description: |
+ The tunnel types for the Neutron tenant network. To specify multiple
+ values, use a comma separated string, like so: 'gre,vxlan'
+ default: 'vxlan'
+ NeutronTunnelIdRanges:
+ description: |
+ Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
+ of GRE tunnel IDs that are available for tenant network allocation
+ default: ["1:1000", ]
+ type: comma_delimited_list
+ NeutronVniRanges:
+ description: |
+ Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
+ of VXLAN VNI IDs that are available for tenant network allocation
+ default: ["1:1000", ]
+ type: comma_delimited_list
+ NeutronPublicInterfaceRawDevice:
+ default: ''
+ type: string
+ NeutronDVR:
+ default: 'False'
+ type: string
+ NeutronMetadataProxySharedSecret:
+ default: 'unset'
+ description: Shared secret to prevent spoofing
+ type: string
+ NeutronMechanismDrivers:
+ default: 'openvswitch'
+ description: |
+ The mechanism drivers for the Neutron tenant network. To specify multiple
+ values, use a comma separated string, like so: 'openvswitch,l2_population'
+ type: string
+ # Not relevant for Computes, should be removed
+ NeutronAllowL3AgentFailover:
+ default: 'True'
+ description: Allow automatic l3-agent failover
+ type: string
+ # Not relevant for Computes, should be removed
+ NeutronL3HA:
+ default: 'False'
+ description: Whether to enable l3-agent HA
+ type: string
+ NeutronAgentMode:
+ default: 'dvr_snat'
+ description: Agent mode for the neutron-l3-agent on the controller hosts
+ type: string
+ NovaApiHost:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
+ NovaComputeDriver:
+ type: string
+ default: libvirt.LibvirtDriver
+ NovaComputeExtraConfig:
+ default: {}
+ description: |
+ NovaCompute specific configuration to inject into the cluster. Same
+ structure as ExtraConfig.
+ type: json
+ NovaComputeLibvirtType:
+ type: string
+ default: ''
+ NovaEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Nova
+ type: boolean
+ NovaPassword:
+ default: unset
+ description: The password for the nova service account, used by nova-api.
+ type: string
+ hidden: true
+ NovaPublicIP:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
+ NtpServer:
+ type: string
+ default: ''
+ RabbitHost:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
+ RabbitPassword:
+ default: guest
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ RabbitUserName:
+ default: guest
+ description: The username for RabbitMQ
+ type: string
+ RabbitClientUseSSL:
+ default: false
+ description: >
+ Rabbit client subscriber parameter to specify
+ an SSL connection to the RabbitMQ host.
+ type: string
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+ SnmpdReadonlyUserName:
+ default: ro_snmp_user
+ description: The user name for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ SnmpdReadonlyUserPassword:
+ default: unset
+ description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ hidden: true
+ EnablePackageInstall:
+ default: 'false'
+ description: Set to true to enable package installation via Puppet
+ type: boolean
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
+
+resources:
+
+ NovaCompute:
+ type: OS::Nova::Server
+ properties:
+ image:
+ {get_param: Image}
+ image_update_policy:
+ get_param: ImageUpdatePolicy
+ flavor: {get_param: Flavor}
+ key_name: {get_param: KeyName}
+ networks:
+ - network: ctlplane
+ user_data_format: SOFTWARE_CONFIG
+ user_data: {get_resource: UserData}
+ name: {get_param: Hostname}
+
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeUserData:
+ type: OS::TripleO::NodeUserData
+
+ InternalApiPort:
+ type: OS::TripleO::Compute::Ports::InternalApiPort
+ properties:
+ ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+
+ StoragePort:
+ type: OS::TripleO::Compute::Ports::StoragePort
+ properties:
+ ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+
+ TenantPort:
+ type: OS::TripleO::Compute::Ports::TenantPort
+ properties:
+ ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+
+ NetIpMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
+ StorageIp: {get_attr: [StoragePort, ip_address]}
+ TenantIp: {get_attr: [TenantPort, ip_address]}
+
+ NetworkConfig:
+ type: OS::TripleO::Compute::Net::SoftwareConfig
+ properties:
+ ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
+ StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
+ TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
+
+ NetworkDeployment:
+ type: OS::TripleO::SoftwareDeployment
+ properties:
+ config: {get_resource: NetworkConfig}
+ server: {get_resource: NovaCompute}
+ input_values:
+ bridge_name: {get_param: NeutronPhysicalBridge}
+ interface_name: {get_param: NeutronPublicInterface}
+
+ NovaComputeConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ hiera:
+ hierarchy:
+ - heat_config_%{::deploy_config_name}
+ - compute_extraconfig
+ - extraconfig
+ - compute
+ - ceph_cluster # provided by CephClusterConfig
+ - ceph
+ - all_nodes # provided by allNodesConfig
+ - '"%{::osfamily}"'
+ - common
+ datafiles:
+ compute_extraconfig:
+ mapped_data: {get_param: NovaComputeExtraConfig}
+ extraconfig:
+ mapped_data: {get_param: ExtraConfig}
+ common:
+ raw_data: {get_file: hieradata/common.yaml}
+ ceph:
+ raw_data: {get_file: hieradata/ceph.yaml}
+ compute:
+ raw_data: {get_file: hieradata/compute.yaml}
+ mapped_data:
+ cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
+ nova::debug: {get_input: debug}
+ nova::rabbit_userid: {get_input: rabbit_username}
+ nova::rabbit_password: {get_input: rabbit_password}
+ nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
+ nova::rabbit_port: {get_input: rabbit_client_port}
+ nova_compute_driver: {get_input: nova_compute_driver}
+ nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
+ nova_api_host: {get_input: nova_api_host}
+ nova::compute::vncproxy_host: {get_input: nova_public_ip}
+ nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
+ nova_password: {get_input: nova_password}
+ nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
+ ceilometer::debug: {get_input: debug}
+ ceilometer::rabbit_userid: {get_input: rabbit_username}
+ ceilometer::rabbit_password: {get_input: rabbit_password}
+ ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
+ ceilometer::rabbit_port: {get_input: rabbit_client_port}
+ ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
+ ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
+ ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
+ ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
+ snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
+ snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
+ nova::glance_api_servers: {get_input: glance_api_servers}
+ neutron::debug: {get_input: debug}
+ neutron::rabbit_password: {get_input: rabbit_password}
+ neutron::rabbit_user: {get_input: rabbit_user}
+ neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
+ neutron::rabbit_port: {get_input: rabbit_client_port}
+ neutron_flat_networks: {get_input: neutron_flat_networks}
+ neutron_host: {get_input: neutron_host}
+ neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
+
+ neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
+ neutron_tunnel_types: {get_input: neutron_tunnel_types}
+ neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
+ neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
+ neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
+ neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
+ neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
+ neutron_physical_bridge: {get_input: neutron_physical_bridge}
+ neutron_public_interface: {get_input: neutron_public_interface}
+ nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
+ nova::network::neutron::neutron_url: {get_input: neutron_url}
+ nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
+ neutron_router_distributed: {get_input: neutron_router_distributed}
+ neutron_agent_mode: {get_input: neutron_agent_mode}
+ neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
+ neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
+ neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
+ admin_password: {get_input: admin_password}
+ ntp::servers: {get_input: ntp_servers}
+ tripleo::packages::enable_install: {get_input: enable_package_install}
+
+ NovaComputeDeployment:
+ type: OS::TripleO::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ config: {get_resource: NovaComputeConfig}
+ server: {get_resource: NovaCompute}
+ input_values:
+ cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
+ debug: {get_param: Debug}
+ nova_compute_driver: {get_param: NovaComputeDriver}
+ nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
+ nova_public_ip: {get_param: NovaPublicIP}
+ nova_api_host: {get_param: NovaApiHost}
+ nova_password: {get_param: NovaPassword}
+ nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
+ nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
+ ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
+ ceilometer_password: {get_param: CeilometerPassword}
+ ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
+ ceilometer_agent_auth_url:
+ list_join:
+ - ''
+ - - 'http://'
+ - {get_param: KeystonePublicApiVirtualIP}
+ - ':5000/v2.0'
+ snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
+ snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ glance_api_servers:
+ list_join:
+ - ''
+ - - {get_param: GlanceProtocol}
+ - '://'
+ - {get_param: GlanceHost}
+ - ':'
+ - {get_param: GlancePort}
+ neutron_flat_networks: {get_param: NeutronFlatNetworks}
+ neutron_host: {get_param: NeutronHost}
+ neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
+ neutron_tenant_network_type: {get_param: NeutronNetworkType}
+ neutron_tunnel_types: {get_param: NeutronTunnelTypes}
+ neutron_tunnel_id_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronTunnelIdRanges}
+ neutron_vni_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronVniRanges}
+ neutron_network_vlan_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronNetworkVLANRanges}
+ neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
+ neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
+ neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
+ neutron_public_interface: {get_param: NeutronPublicInterface}
+ neutron_password: {get_param: NeutronPassword}
+ neutron_agent_mode: {get_param: NeutronAgentMode}
+ neutron_router_distributed: {get_param: NeutronDVR}
+ neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
+ neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
+ neutron_url:
+ list_join:
+ - ''
+ - - 'http://'
+ - {get_param: NeutronHost}
+ - ':9696'
+ neutron_admin_auth_url:
+ list_join:
+ - ''
+ - - 'http://'
+ - {get_param: KeystoneAdminApiVirtualIP}
+ - ':35357/v2.0'
+ admin_password: {get_param: AdminPassword}
+ rabbit_username: {get_param: RabbitUserName}
+ rabbit_password: {get_param: RabbitPassword}
+ rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
+ rabbit_client_port: {get_param: RabbitClientPort}
+ ntp_servers:
+ str_replace:
+ template: '["server"]'
+ params:
+ server: {get_param: NtpServer}
+ enable_package_install: {get_param: EnablePackageInstall}
+
+ # Hook for site-specific additional pre-deployment config, e.g extra hieradata
+ ComputeExtraConfigPre:
+ depends_on: NovaComputeDeployment
+ type: OS::TripleO::ComputeExtraConfigPre
+ properties:
+ server: {get_resource: NovaCompute}
+
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: NovaCompute}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
+
+outputs:
+ ip_address:
+ description: IP address of the server in the ctlplane network
+ value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ internal_api_ip_address:
+ description: IP address of the server in the internal_api network
+ value: {get_attr: [InternalApiPort, ip_address]}
+ storage_ip_address:
+ description: IP address of the server in the storage network
+ value: {get_attr: [StoragePort, ip_address]}
+ tenant_ip_address:
+ description: IP address of the server in the tenant network
+ value: {get_attr: [TenantPort, ip_address]}
+ hostname:
+ description: Hostname of the server
+ value: {get_attr: [NovaCompute, name]}
+ hosts_entry:
+ description: >
+ Server's IP address and hostname in the /etc/hosts format
+ value:
+ str_replace:
+ template: "IP HOST.localdomain HOST"
+ params:
+ IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
+ HOST: {get_attr: [NovaCompute, name]}
+ nova_server_resource:
+ description: Heat resource handle for the Nova compute server
+ value:
+ {get_resource: NovaCompute}
+ config_identifier:
+ description: identifier which changes if the node configuration may need re-applying
+ value:
+ list_join:
+ - ','
+ - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
+ - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}