1 files changed, 40 insertions, 20 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 7089f60b..4ec62762 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -10,12 +10,10 @@ parameters:
     type: string
     hidden: true
   AdminPassword:
-    default: unset
     description: The password for the keystone admin account, used for monitoring, querying neutron etc.
     type: string
     hidden: true
   AdminToken:
-    default: unset
     description: The keystone auth secret and db password.
     type: string
     hidden: true
@@ -27,12 +25,10 @@ parameters:
     description: The ceilometer backend type.
     type: string
   CeilometerMeteringSecret:
-    default: unset
     description: Secret shared by the ceilometer services.
     type: string
     hidden: true
   CeilometerPassword:
-    default: unset
     description: The password for the ceilometer service  and db account.
     type: string
     hidden: true
@@ -76,7 +72,6 @@ parameters:
       CinderEnableNfsBackend is true.
     type: comma_delimited_list
   CinderPassword:
-    default: unset
     description: The password for the cinder service and db account, used by cinder-api.
     type: string
     hidden: true
@@ -98,6 +93,15 @@ parameters:
     description: |
       Controller specific hiera configuration data to inject into the cluster.
     type: json
+  ControllerIPs:
+    default: {}
+    description: >
+      A network mapped list of IPs to assign to Controllers in the following form:
+      {
+        "internal_api": ["a.b.c.d", "e.f.g.h"],
+        ...
+      }
+    type: json
   ControlVirtualInterface:
     default: 'br-ex'
     description: Interface where virtual ip will be assigned.
@@ -178,7 +182,6 @@ parameters:
     type: string
     default: ''
   GlancePassword:
-    default: unset
     description: The password for the glance service and db account, used by the glance services.
     type: string
     hidden: true
@@ -222,14 +225,12 @@ parameters:
     description: Number of workers for Glance service.
     type: number
   HeatPassword:
-    default: unset
     description: The password for the Heat service and db account, used by the Heat services.
     type: string
     hidden: true
   HeatStackDomainAdminPassword:
     description: Password for heat_domain_admin user.
     type: string
-    default: ''
     hidden: true
   HeatAuthEncryptionKey:
     description: Auth encryption key for heat-engine
@@ -387,7 +388,6 @@ parameters:
     description: Whether to configure Neutron Distributed Virtual Routers
     type: string
   NeutronMetadataProxySharedSecret:
-    default: 'unset'
     description: Shared secret to prevent spoofing
     type: string
     hidden: true
@@ -449,7 +449,6 @@ parameters:
       VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
     type: comma_delimited_list
   NeutronPassword:
-    default: unset
     description: The password for the neutron service and db account, used by neutron agents.
     type: string
     hidden: true
@@ -504,7 +503,6 @@ parameters:
     description: Number of workers for Neutron service.
     type: number
   NovaPassword:
-    default: unset
     description: The password for the nova service and db account, used by nova-api.
     type: string
     hidden: true
@@ -568,12 +566,10 @@ parameters:
     description: The user name for SNMPd with readonly rights running on all Overcloud nodes
     type: string
   SnmpdReadonlyUserPassword:
-    default: unset
     description: The user password for SNMPd with readonly rights running on all Overcloud nodes
     type: string
     hidden: true
   SwiftHashSuffix:
-    default: unset
     description: A random string to be used as a salt when hashing to determine mappings
       in the ring.
     hidden: true
@@ -591,7 +587,6 @@ parameters:
     description: Partition Power to use when building Swift rings
     type: number
   SwiftPassword:
-    default: unset
     description: The password for the swift service account, used by the swift proxy
       services.
     hidden: true
@@ -662,6 +657,13 @@ parameters:
   NodeIndex:
     type: number
     default: 0
+  SoftwareConfigTransport:
+    default: POLL_SERVER_CFN
+    description: |
+      How the server should receive the metadata required for software configuration.
+    type: string
+    constraints:
+    - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
   CloudDomain:
     default: ''
     type: string
@@ -693,6 +695,7 @@ resources:
       user_data_format: SOFTWARE_CONFIG
       user_data: {get_resource: UserData}
       name: {get_param: Hostname}
+      software_config_transport: {get_param: SoftwareConfigTransport}
       metadata: {get_param: ServerMetadata}
       scheduler_hints: {get_param: SchedulerHints}
 
@@ -719,26 +722,41 @@ resources:
   ExternalPort:
     type: OS::TripleO::Controller::Ports::ExternalPort
     properties:
+      IPPool: {get_param: ControllerIPs}
+      NodeIndex: {get_param: NodeIndex}
       ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
 
   InternalApiPort:
     type: OS::TripleO::Controller::Ports::InternalApiPort
     properties:
+      IPPool: {get_param: ControllerIPs}
+      NodeIndex: {get_param: NodeIndex}
       ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
 
   StoragePort:
     type: OS::TripleO::Controller::Ports::StoragePort
     properties:
+      IPPool: {get_param: ControllerIPs}
+      NodeIndex: {get_param: NodeIndex}
       ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
 
   StorageMgmtPort:
     type: OS::TripleO::Controller::Ports::StorageMgmtPort
     properties:
+      IPPool: {get_param: ControllerIPs}
+      NodeIndex: {get_param: NodeIndex}
       ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
 
   TenantPort:
     type: OS::TripleO::Controller::Ports::TenantPort
     properties:
+      IPPool: {get_param: ControllerIPs}
+      NodeIndex: {get_param: NodeIndex}
+      ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+  ManagementPort:
+    type: OS::TripleO::Controller::Ports::ManagementPort
+    properties:
       ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
 
   NetIpMap:
@@ -750,6 +768,7 @@ resources:
       StorageIp: {get_attr: [StoragePort, ip_address]}
       StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
       TenantIp: {get_attr: [TenantPort, ip_address]}
+      ManagementIp: {get_attr: [ManagementPort, ip_address]}
 
   NetIpSubnetMap:
     type: OS::TripleO::Network::Ports::NetIpSubnetMap
@@ -760,6 +779,7 @@ resources:
       StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
       StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
       TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
+      ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
 
   NetworkConfig:
     type: OS::TripleO::Controller::Net::SoftwareConfig
@@ -770,6 +790,7 @@ resources:
       StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
       StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
       TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
+      ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
 
   NetworkDeployment:
     type: OS::TripleO::SoftwareDeployment
@@ -1119,6 +1140,7 @@ resources:
             - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
             - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
             - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
+            - midonet_data #Optionally provided by AllNodesExtraConfig
           datafiles:
             controller_extraconfig:
               mapped_data: {get_param: ControllerExtraConfig}
@@ -1415,12 +1437,7 @@ resources:
                 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
                 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
                 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
-                # NOTE(jaosorior): The service certificate configuration for
-                # HAProxy was left commented because to properly use this, we
-                # need to be able to set up the keystone endpoints. And
-                # currently that is not possible, but is being addressed by
-                # other commits.  A subsequent commit will uncomment this.
-                #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+                tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
                 tripleo::packages::enable_install: {get_input: enable_package_install}
                 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
 
@@ -1470,6 +1487,9 @@ outputs:
   tenant_ip_address:
     description: IP address of the server in the tenant network
     value: {get_attr: [TenantPort, ip_address]}
+  management_ip_address:
+    description: IP address of the server in the management network
+    value: {get_attr: [ManagementPort, ip_address]}
   hostname:
     description: Hostname of the server
     value: {get_attr: [Controller, name]}