diff options
Diffstat (limited to 'puppet/controller.yaml')
| -rw-r--r-- | puppet/controller.yaml | 602 |
1 files changed, 68 insertions, 534 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml index e9833b4c..b5d3b6f8 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1,45 +1,9 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack controller node configured by Puppet. parameters: - AdminPassword: - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - AodhPassword: - description: The password for the aodh services. - type: string - hidden: true - #TODO(composable Redis): Remove the Redis password param - #As is used by ceilometer - CeilometerBackend: - default: 'mongodb' - description: The ceilometer backend type. - type: string - CeilometerMeteringSecret: - description: Secret shared by the ceilometer services. - type: string - hidden: true - CeilometerPassword: - description: The password for the ceilometer service and db account. - type: string - hidden: true - CeilometerStoreEvents: - default: false - description: Whether to store events in ceilometer. - type: boolean - CeilometerMeterDispatcher: - default: 'database' - description: Dispatcher to process meter data - type: string - constraints: - - allowed_values: ['gnocchi', 'database'] - CeilometerWorkers: - default: 0 - description: Number of workers for Ceilometer service. - type: number controllerExtraConfig: default: {} description: | @@ -59,10 +23,6 @@ parameters: ... } type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string CorosyncIPv6: default: false description: Enable IPv6 in Corosync @@ -75,18 +35,10 @@ parameters: default: false description: Whether to enable fencing in Pacemaker or not. type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean EnableLoadBalancer: default: true description: Whether to deploy a LoadBalancer on the Controller type: boolean - EnableCephStorage: - default: false - description: Whether to deploy Ceph Storage (OSD) on the Controller - type: boolean ExtraConfig: default: {} description: | @@ -125,52 +77,19 @@ parameters: ] } type: json - Flavor: + OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor - GnocchiBackend: - default: file - description: The short name of the Gnocchi backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] - GnocchiIndexerBackend: - default: 'mysql' - description: The short name of the Gnocchi indexer backend to use. - type: string - GnocchiPassword: - description: The password for the gnocchi service and db account. - type: string - hidden: true - HAProxyStatsPassword: - description: Password for HAProxy stats endpoint - type: string - HAProxyStatsUser: - description: User for HAProxy stats endpoint - default: admin - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string - HeatAuthEncryptionKey: - description: Auth encryption key for heat-engine - type: string - hidden: true - HorizonAllowedHosts: - default: '*' - description: A list of IP/Hostname allowed to connect to horizon - type: comma_delimited_list HorizonSecret: description: Secret key for Django type: string hidden: true - Image: + controllerImage: type: string - default: overcloud-control + default: overcloud-full constraints: - custom_constraint: glance.image ImageUpdatePolicy: @@ -187,10 +106,6 @@ parameters: type: string constraints: - custom_constraint: nova.keypair - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint ManageFirewall: default: false description: Whether to manage IPtables rules. @@ -203,31 +118,6 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean - MysqlClusterUniquePart: - description: A unique identifier of the MySQL cluster the controller is in. - type: string - default: 'unset' # Has to be here because of the ignored empty value bug - # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446 - # constraints: - # - length: {min: 4, max: 10} - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - MysqlClustercheckPassword: - type: string - hidden: true - MysqlRootPassword: - type: string - hidden: true - default: '' # Has to be here because of the ignored empty value bug NeutronMetadataProxySharedSecret: description: Shared secret to prevent spoofing type: string @@ -240,15 +130,6 @@ parameters: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - NeutronTenantMtu: - description: > - The default MTU for tenant networks. For VXLAN/GRE tunneling, this should - be at least 50 bytes smaller than the MTU on the physical network. This - value will be used to set the MTU on the virtual Ethernet device. - This number is related to the value of NeutronDnsmasqOptions, since that - will determine the MTU that is assigned to the VM host through DHCP. - default: 1400 - type: number NovaEnableDBPurge: default: true description: | @@ -266,34 +147,6 @@ parameters: type: string description: The password for the 'pcsd' user. hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - RabbitCookie: - type: string - default: '' # Has to be here because of the ignored empty value bug - hidden: true - RabbitPassword: - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number RedisPassword: description: The password for Redis type: string @@ -305,38 +158,14 @@ parameters: type: string default: '' # Has to be here because of the ignored empty value bug description: An IP address which is wrapped in brackets in case of IPv6 - SwiftHashSuffix: - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string - SwiftMinPartHours: - type: number - default: 1 - description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance. - SwiftPartPower: - default: 10 - description: Partition Power to use when building Swift rings - type: number - SwiftRingBuild: - default: true - description: Whether to manage Swift rings or not - type: boolean - SwiftReplicas: - type: number - default: 3 - description: How many replicas to use in the swift rings. + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level default: '' - MysqlVirtualIP: - type: string - default: '' - EnablePackageInstall: - default: 'false' - description: Set to true to enable package installation via Puppet - type: boolean ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -376,7 +205,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -387,13 +215,20 @@ parameters: Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. type: json - SchedulerHints: + ControllerSchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} ServiceConfigSettings: type: json default: {} + ServiceNames: + type: comma_delimited_list + default: [] + ConfigCommand: + type: string + description: Command which will be run whenever configuration data changes + default: os-refresh-config --timeout 14400 parameter_groups: - label: deprecated @@ -404,11 +239,14 @@ parameter_groups: resources: Controller: - type: OS::Nova::Server + type: OS::TripleO::Server + metadata: + os-collect-config: + command: {get_param: ConfigCommand} properties: - image: {get_param: Image} + image: {get_param: controllerImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudControlFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -420,7 +258,7 @@ resources: params: {get_param: HostnameMap} software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} - scheduler_hints: {get_param: SchedulerHints} + scheduler_hints: {get_param: ControllerSchedulerHints} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -554,166 +392,29 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - ceilometer_workers: {get_param: CeilometerWorkers} - haproxy_log_address: {get_param: HAProxySyslogAddress} - haproxy_stats_password: {get_param: HAProxyStatsPassword} - haproxy_stats_user: {get_param: HAProxyStatsUser} - heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} - horizon_allowed_hosts: {get_param: HorizonAllowedHosts} horizon_secret: {get_param: HorizonSecret} - admin_password: {get_param: AdminPassword} debug: {get_param: Debug} - cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]} - cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]} - cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} - cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} - cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} - cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } enable_fencing: {get_param: EnableFencing} - enable_galera: {get_param: EnableGalera} enable_load_balancer: {get_param: EnableLoadBalancer} - enable_ceph_storage: {get_param: EnableCephStorage} manage_firewall: {get_param: ManageFirewall} purge_firewall_rules: {get_param: PurgeFirewallRules} - mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} - mysql_max_connections: {get_param: MysqlMaxConnections} - mysql_root_password: {get_param: MysqlRootPassword} - mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} - mysql_cluster_name: - str_replace: - template: tripleo-CLUSTER - params: - CLUSTER: {get_param: MysqlClusterUniquePart} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_password: {get_param: NeutronPassword} - neutron_tenant_mtu: {get_param: NeutronTenantMtu} - neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } - neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } - neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } - neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } - nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] } - ceilometer_backend: {get_param: CeilometerBackend} - ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} - ceilometer_password: {get_param: CeilometerPassword} - ceilometer_store_events: {get_param: CeilometerStoreEvents} - aodh_password: {get_param: AodhPassword} - aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } - aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } - aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] } - ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher} - gnocchi_password: {get_param: GnocchiPassword} - gnocchi_backend: {get_param: GnocchiBackend} - gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend} - ceilometer_coordination_url: - list_join: - - '' - - - 'redis://:' - - {get_param: RedisPassword} - - '@' - - {get_param: RedisVirtualIPUri} - - ':6379/' - ceilometer_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://ceilometer:' - - {get_param: CeilometerPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/ceilometer' - gnocchi_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://gnocchi:' - - {get_param: GnocchiPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/gnocchi' - aodh_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://aodh:' - - {get_param: AodhPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/aodh' - gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} - gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } - gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } - ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]} - ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]} - ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]} - ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} memcached_ipv6: {get_param: MemcachedIPv6} nova_password: {get_param: NovaPassword} - nova_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://nova:' - - {get_param: NovaPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/nova' - nova_api_dsn: - list_join: - - '' - - - {get_param: [EndpointMap, MysqlInternal, protocol]} - - '://nova_api:' - - {get_param: NovaPassword} - - '@' - - {get_param: [EndpointMap, MysqlInternal, host]} - - '/nova_api' upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} instance_name_template: {get_param: InstanceNameTemplate} - nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]} - nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]} - nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_cookie: {get_param: RabbitCookie} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} - swift_hash_suffix: {get_param: SwiftHashSuffix} - swift_part_power: {get_param: SwiftPartPower} - swift_ring_build: {get_param: SwiftRingBuild} - swift_replicas: {get_param: SwiftReplicas} - swift_min_part_hours: {get_param: SwiftMinPartHours} - enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: - str_replace: - template: "'IP'" - params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} - heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - keystone_region: {get_param: KeystoneRegion} - mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} - ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} - gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} @@ -721,17 +422,18 @@ resources: str_replace: template: "['SUBNET']" params: - SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + SUBNET: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - mysql_virtual_ip: {get_param: MysqlVirtualIP} - ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} - ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} - ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles @@ -747,18 +449,13 @@ resources: - controller_extraconfig - extraconfig - service_configs + - service_names - controller - - database - - object - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - - ceph_cluster # provided by CephClusterConfig - - ceph - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by vip-config - '"%{::osfamily}"' - - common - - network - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre @@ -766,10 +463,17 @@ resources: - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig + - cisco_aci_data # Optionally provided by ControllerExtraConfigPre merge_behavior: deeper datafiles: + service_names: + mapped_data: + service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} controller_extraconfig: mapped_data: map_merge: @@ -777,25 +481,7 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - common: - raw_data: {get_file: hieradata/common.yaml} - network: - mapped_data: - net_ip_map: {get_attr: [NetIpMap, net_ip_map]} - net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} - net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} - ceph: - raw_data: {get_file: hieradata/ceph.yaml} - mapped_data: - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} - ceph::profile::params::public_addr: {get_input: ceph_public_ip} - database: - raw_data: {get_file: hieradata/database.yaml} - object: - raw_data: {get_file: hieradata/object.yaml} controller: - raw_data: {get_file: hieradata/controller.yaml} mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} @@ -806,187 +492,35 @@ resources: corosync_ipv6: {get_input: corosync_ipv6} tripleo::fencing::config: {get_input: fencing_config} - # Swift - # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml - swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} - swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - swift::swift_hash_path_suffix: {get_input: swift_hash_suffix} - tripleo::ringbuilder::build_ring: { get_input: swift_ring_build } - tripleo::ringbuilder::part_power: {get_input: swift_part_power} - tripleo::ringbuilder::replicas: {get_input: swift_replicas} - tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} - - # Cinder - tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} - cinder::api::bind_host: {get_input: cinder_api_network} - cinder::keystone::auth::public_url: {get_input: cinder_public_url } - cinder::keystone::auth::internal_url: {get_input: cinder_internal_url } - cinder::keystone::auth::admin_url: {get_input: cinder_admin_url } - cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 } - cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 } - cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 } - cinder::keystone::auth::password: {get_input: cinder_password } - cinder::keystone::auth::region: {get_input: keystone_region} - - # Glance - glance::api::bind_host: {get_input: glance_api_network} - glance::registry::bind_host: {get_input: glance_registry_network} - glance::keystone::auth::region: {get_input: keystone_region} - - # Heat - heat::api::bind_host: {get_input: heat_api_network} - heat::api_cloudwatch::bind_host: {get_input: heat_api_network} - heat::api_cfn::bind_host: {get_input: heat_api_network} - heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} - - # Keystone - keystone::admin_bind_host: {get_input: keystone_admin_api_network} - keystone::public_bind_host: {get_input: keystone_public_api_network} - keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network} - keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network} - - # MongoDB - mongodb::server::bind_ip: {get_input: mongo_db_network} - - # MySQL - admin_password: {get_input: admin_password} - enable_galera: {get_input: enable_galera} - enable_ceph_storage: {get_input: enable_ceph_storage} - mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} - mysql_max_connections: {get_input: mysql_max_connections} - mysql::server::root_password: {get_input: mysql_root_password} - mysql_clustercheck_password: {get_input: mysql_clustercheck_password} - mysql_cluster_name: {get_input: mysql_cluster_name} - mysql_bind_host: {get_input: mysql_network} - mysql_virtual_ip: {get_input: mysql_virtual_ip} - # Neutron neutron::bind_host: {get_input: neutron_api_network} - neutron::network_device_mtu: {get_input: neutron_tenant_mtu} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - neutron::keystone::auth::public_url: {get_input: neutron_public_url } - neutron::keystone::auth::internal_url: {get_input: neutron_internal_url } - neutron::keystone::auth::admin_url: {get_input: neutron_admin_url } - neutron::keystone::auth::password: {get_input: neutron_password } - neutron::keystone::auth::region: {get_input: keystone_region} - - # Ceilometer - ceilometer_backend: {get_input: ceilometer_backend} - ceilometer_mysql_conn_string: {get_input: ceilometer_dsn} - ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret} - ceilometer::rabbit_userid: {get_input: rabbit_username} - ceilometer::rabbit_password: {get_input: rabbit_password} - ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - ceilometer::rabbit_port: {get_input: rabbit_client_port} - ceilometer::debug: {get_input: debug} - ceilometer::api::host: {get_input: ceilometer_api_network} - ceilometer::api::keystone_password: {get_input: ceilometer_password} - ceilometer::api::auth_uri: {get_input: keystone_auth_uri} - ceilometer::api::identity_uri: {get_input: keystone_identity_uri} - ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} - ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} - ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url} - ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events} - ceilometer::db::mysql::password: {get_input: ceilometer_password} - ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher} - ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url } - ceilometer::dispatcher::gnocchi::filter_project: 'service' - ceilometer::dispatcher::gnocchi::archive_policy: 'low' - ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml' - ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url } - ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url } - ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url } - ceilometer::keystone::auth::password: {get_input: ceilometer_password } - ceilometer::keystone::auth::region: {get_input: keystone_region} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - # Aodh - aodh_mysql_conn_string: {get_input: aodh_dsn} - aodh::rabbit_userid: {get_input: rabbit_username} - aodh::rabbit_password: {get_input: rabbit_password} - aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - aodh::rabbit_port: {get_input: rabbit_client_port} - aodh::debug: {get_input: debug} - aodh::wsgi::apache::ssl: false - aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} - aodh::api::service_name: 'httpd' - aodh::api::host: {get_input: aodh_api_network} - aodh::api::keystone_password: {get_input: aodh_password} - aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri} - aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri} - aodh::auth::auth_url: {get_input: keystone_auth_uri} - aodh::auth::auth_password: {get_input: aodh_password} - aodh::db::mysql::password: {get_input: aodh_password} - # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination - aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url} - aodh::keystone::auth::public_url: {get_input: aodh_public_url } - aodh::keystone::auth::internal_url: {get_input: aodh_internal_url } - aodh::keystone::auth::admin_url: {get_input: aodh_admin_url } - aodh::keystone::auth::password: {get_input: aodh_password } - aodh::keystone::auth::region: {get_input: keystone_region} - - # Gnocchi - gnocchi_backend: {get_input: gnocchi_backend} - gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend} - gnocchi_mysql_conn_string: {get_input: gnocchi_dsn} - gnocchi::debug: {get_input: debug} - gnocchi::wsgi::apache::ssl: false - gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network} - gnocchi::api::service_name: 'httpd' - gnocchi::api::host: {get_input: gnocchi_api_network} - gnocchi::api::keystone_password: {get_input: gnocchi_password} - gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri} - gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri} - gnocchi::db::mysql::password: {get_input: gnocchi_password} - gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri} - gnocchi::storage::swift::swift_key: {get_input: gnocchi_password} - gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url } - gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url } - gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url } - gnocchi::keystone::auth::password: {get_input: gnocchi_password } - gnocchi::keystone::auth::region: {get_input: keystone_region} - # Nova nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova::use_ipv6: {get_input: nova_ipv6} - nova::api::auth_uri: {get_input: keystone_auth_uri} - nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} - nova::api::admin_password: {get_input: nova_password} - nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} - nova::database_connection: {get_input: nova_dsn} - nova::api_database_connection: {get_input: nova_api_dsn} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} - nova::network::neutron::neutron_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} nova::vncproxy::host: {get_input: nova_api_network} - nova::db::mysql::password: {get_input: nova_password} - nova::db::mysql_api::password: {get_input: nova_password} nova_enable_db_purge: {get_input: nova_enable_db_purge} - nova::keystone::auth::public_url: {get_input: nova_public_url} - nova::keystone::auth::internal_url: {get_input: nova_internal_url} - nova::keystone::auth::admin_url: {get_input: nova_admin_url} - nova::keystone::auth::password: {get_input: nova_password } - nova::keystone::auth::region: {get_input: keystone_region} # Horizon apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet} apache::ip: {get_input: horizon_network} - horizon::allowed_hosts: {get_input: horizon_allowed_hosts} horizon::django_debug: {get_input: debug} horizon::secret_key: {get_input: horizon_secret} horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} - # RabbitMQ - rabbitmq::node_ip_address: {get_input: rabbitmq_network} - rabbitmq::erlang_cookie: {get_input: rabbit_cookie} + # Sahara + sahara::host: {get_input: sahara_api_network} + # Redis redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} @@ -996,18 +530,7 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - control_virtual_interface: {get_input: control_virtual_interface} - public_virtual_interface: {get_input: public_virtual_interface} - tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} - tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user} - tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password} - tripleo::haproxy::redis_password: {get_input: redis_password} - tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata @@ -1124,26 +647,37 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} swift_proxy_memcache: description: Swift proxy-memcache value value: str_replace: template: "IP:11211" params: - IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - config_identifier: - description: identifier which changes if the controller configuration may need re-applying - value: - list_join: - - ',' - - - {get_attr: [ControllerDeployment, deploy_stdout]} - - {get_attr: [NodeTLSCAData, deploy_stdout]} - - {get_attr: [NodeTLSData, deploy_stdout]} - - {get_attr: [ControllerExtraConfigPre, deploy_stdout]} - - {get_param: UpdateIdentifier} + IP: + get_attr: + - NetIpMap + - net_ip_map + - str_replace: + template: "NETWORK_uri" + params: + NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} |