diff options
Diffstat (limited to 'puppet/controller-puppet.yaml')
-rw-r--r-- | puppet/controller-puppet.yaml | 72 |
1 files changed, 42 insertions, 30 deletions
diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index b012b4f4..c7cc4b66 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -11,7 +11,7 @@ parameters: hidden: true AdminToken: default: unset - description: The keystone auth secret. + description: The keystone auth secret and db password. type: string hidden: true CeilometerBackend: @@ -25,7 +25,7 @@ parameters: hidden: true CeilometerPassword: default: unset - description: The password for the ceilometer service account. + description: The password for the ceilometer service and db account. type: string hidden: true CinderEnableIscsiBackend: @@ -46,7 +46,7 @@ parameters: type: number CinderPassword: default: unset - description: The password for the cinder service account, used by cinder-api. + description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true CloudName: @@ -137,7 +137,7 @@ parameters: default: '' GlancePassword: default: unset - description: The password for the glance service account, used by the glance services. + description: The password for the glance service and db account, used by the glance services. type: string hidden: true GlancePort: @@ -157,7 +157,7 @@ parameters: - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset - description: The password for the Heat service account, used by the Heat services. + description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: @@ -290,7 +290,7 @@ parameters: type: string NeutronPassword: default: unset - description: The password for the neutron service account, used by neutron agents. + description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true NeutronPublicInterface: @@ -327,7 +327,7 @@ parameters: type: string NovaPassword: default: unset - description: The password for the nova service account, used by nova-api. + description: The password for the nova service and db account, used by nova-api. type: string hidden: true NtpServer: @@ -545,7 +545,9 @@ resources: cinder_dsn: list_join: - '' - - - 'mysql://cinder:unset@' + - - 'mysql://cinder:' + - {get_param: CinderPassword} + - '@' - {get_param: VirtualIP} - '/cinder' glance_port: {get_param: GlancePort} @@ -558,7 +560,9 @@ resources: glance_dsn: list_join: - '' - - - 'mysql://glance:unset@' + - - 'mysql://glance:' + - {get_param: GlancePassword} + - '@' - {get_param: VirtualIP} - '/glance' heat_password: {get_param: HeatPassword} @@ -566,7 +570,9 @@ resources: heat_dsn: list_join: - '' - - - 'mysql://heat:unset@' + - - 'mysql://heat:' + - {get_param: HeatPassword} + - '@' - {get_param: VirtualIP} - '/heat' keystone_ca_certificate: {get_param: KeystoneCACertificate} @@ -577,7 +583,9 @@ resources: keystone_dsn: list_join: - '' - - - 'mysql://keystone:unset@' + - - 'mysql://keystone:' + - {get_param: AdminToken} + - '@' - {get_param: VirtualIP} - '/keystone' keystone_identity_uri: @@ -622,7 +630,9 @@ resources: neutron_dsn: list_join: - '' - - - 'mysql://neutron:unset@' + - - 'mysql://neutron:' + - {get_param: NeutronPassword} + - '@' - {get_param: VirtualIP} - '/ovs_neutron?charset=utf8' neutron_url: @@ -652,7 +662,9 @@ resources: nova_dsn: list_join: - '' - - - 'mysql://nova:unset@' + - - 'mysql://nova:' + - {get_param: NovaPassword} + - '@' - {get_param: VirtualIP} - '/nova' pcsd_password: {get_param: PcsdPassword} @@ -712,10 +724,10 @@ resources: hacluster_pwd: {get_input: pcsd_password} # Swift - swift::proxy::proxy_local_net_ip: {get_input: controller_host} + swift::proxy::proxy_local_net_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri} swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri} - swift::storage::all::storage_local_net_ip: {get_input: controller_host} + swift::storage::all::storage_local_net_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} swift::swift_hash_suffix: {get_input: swift_hash_suffix} swift::proxy::authtoken::admin_password: {get_input: swift_password} tripleo::ringbuilder::part_power: {get_input: swift_part_power} @@ -746,10 +758,10 @@ resources: # Glance glance::api::bind_port: {get_input: glance_port} - glance::api::bind_host: {get_input: controller_host} + glance::api::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance::api::auth_uri: {get_input: keystone_auth_uri} glance::api::identity_uri: {get_input: keystone_identity_uri} - glance::api::registry_host: {get_input: controller_host} + glance::api::registry_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance::api::keystone_password: {get_input: glance_password} glance::api::debug: {get_input: debug} # used to construct glance_api_servers @@ -761,7 +773,7 @@ resources: glance::api::database_connection: {get_input: glance_dsn} glance::registry::keystone_password: {get_input: glance_password} glance::registry::database_connection: {get_input: glance_dsn} - glance::registry::bind_host: {get_input: controller_host} + glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} @@ -783,9 +795,9 @@ resources: heat::auth_uri: {get_input: keystone_auth_uri} heat::identity_uri: {get_input: keystone_identity_uri} heat::keystone_password: {get_input: heat_password} - heat::api::bind_host: {get_input: controller_host} - heat::api_cloudwatch::bind_host: {get_input: controller_host} - heat::api_cfn::bind_host: {get_input: controller_host} + heat::api::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + heat::api_cloudwatch::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]}]} + heat::api_cfn::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiCfnNetwork]}]} heat::database_connection: {get_input: heat_dsn} heat::instance_user: heat-admin heat::debug: {get_input: debug} @@ -798,8 +810,8 @@ resources: keystone_ssl_certificate: {get_input: keystone_ssl_certificate} keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key} keystone::database_connection: {get_input: keystone_dsn} - keystone::public_bind_host: {get_input: controller_host} - keystone::admin_bind_host: {get_input: controller_host} + keystone::public_bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + keystone::admin_bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} keystone::debug: {get_input: debug} # MongoDB mongodb::server::bind_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} @@ -813,7 +825,7 @@ resources: mysql_cluster_name: {get_input: mysql_cluster_name} # Neutron - neutron::bind_host: {get_input: controller_host} + neutron::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron::rabbit_password: {get_input: rabbit_password} neutron::rabbit_user: {get_input: rabbit_user} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -870,8 +882,8 @@ resources: nova::debug: {get_input: debug} nova::api::auth_uri: {get_input: keystone_auth_uri} nova::api::identity_uri: {get_input: keystone_identity_uri} - nova::api::api_bind_address: {get_input: controller_host} - nova::api::metadata_listen: {get_input: controller_host} + nova::api::api_bind_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + nova::api::metadata_listen: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} nova::api::admin_password: {get_input: nova_password} nova::database_connection: {get_input: nova_dsn} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} @@ -882,16 +894,16 @@ resources: # Horizon horizon::django_debug: {get_input: debug} horizon::secret_key: {get_input: horizon_secret} - horizon::bind_address: {get_input: controller_host} + horizon::bind_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} horizon::keystone_url: {get_input: keystone_auth_uri} # Rabbit - rabbitmq::node_ip_address: {get_input: controller_host} + rabbitmq::node_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} # Redis - redis::bind: {get_input: controller_host} + redis::bind: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} # Misc - memcached::listen_ip: {get_input: controller_host} + memcached::listen_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} control_virtual_interface: {get_input: control_virtual_interface} |