1 files changed, 70 insertions, 57 deletions

diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 416233ce..072c7c0d 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -1,13 +1,9 @@
 # Hiera data here applies to all controller nodes
 
 nova::api::enabled: true
-nova::conductor::enabled: true
-nova::consoleauth::enabled: true
 nova::vncproxy::enabled: true
-nova::scheduler::enabled: true
 
 # gnocchi
-gnocchi::db::sync::extra_opts: '--skip-storage'
 gnocchi::storage::swift::swift_user: 'service:gnocchi'
 gnocchi::storage::swift::swift_auth_version: 2
 gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26'
@@ -31,6 +27,7 @@ rabbitmq_kernel_variables:
 rabbitmq_config_variables:
   tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]'
   cluster_partition_handling: 'pause_minority'
+  loopback_users: '[]'
 
 mongodb::server::replset: tripleo
 mongodb::server::journal: false
@@ -84,8 +81,10 @@ keystone::wsgi::apache::ssl: false
 swift::proxy::pipeline:
   - 'catch_errors'
   - 'healthcheck'
+  - 'proxy-logging'
   - 'cache'
   - 'ratelimit'
+  - 'bulk'
   - 'tempurl'
   - 'formpost'
   - 'authtoken'
@@ -114,11 +113,8 @@ neutron::server::sync_db: true
 nova::notify_on_state_change: 'vm_and_task_state'
 nova::api::default_floating_pool: 'public'
 nova::api::sync_db_api: true
-nova::scheduler::filter::ram_allocation_ratio: '1.0'
-nova::cron::archive_deleted_rows::hour: '*/12'
-nova::cron::archive_deleted_rows::destination: '/dev/null'
+nova::api::enable_proxy_headers_parsing: true
 nova::notification_driver: messaging
-nova::keystone::auth::configure_ec2_endpoint: false
 
 # ceilometer
 ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
@@ -127,7 +123,10 @@ ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
 cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
 cinder::cron::db_purge::destination: '/dev/null'
 cinder::host: hostgroup
-cinder_user_enabled_backends: []
+
+# TODO(jaosorior): Move to cinder profile once cinder is moved as a composable
+# service.
+cinder::api::enable_proxy_headers_parsing: true
 
 # heat
 heat::engine::configure_delegated_roles: false
@@ -140,6 +139,7 @@ heat::cron::purge_deleted::destination: '/dev/null'
 heat::keystone::domain::domain_name: 'heat_stack'
 heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
 heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
+heat::auth_plugin: 'password'
 
 # pacemaker
 pacemaker::corosync::cluster_name: 'tripleo_cluster'
@@ -160,39 +160,38 @@ horizon::vhost_extra_params:
 mysql::server::manage_config_file: true
 
 
-tripleo::loadbalancer::keystone_admin: true
-tripleo::loadbalancer::keystone_public: true
-tripleo::loadbalancer::neutron: true
-tripleo::loadbalancer::cinder: true
-tripleo::loadbalancer::glance_api: true
-tripleo::loadbalancer::glance_registry: true
-tripleo::loadbalancer::nova_ec2: true
-tripleo::loadbalancer::nova_osapi: true
-tripleo::loadbalancer::nova_metadata: true
-tripleo::loadbalancer::nova_novncproxy: true
-tripleo::loadbalancer::mysql: true
-tripleo::loadbalancer::redis: true
-tripleo::loadbalancer::sahara: true
-tripleo::loadbalancer::swift_proxy_server: true
-tripleo::loadbalancer::ceilometer: true
-tripleo::loadbalancer::aodh: true
-tripleo::loadbalancer::gnocchi: true
-tripleo::loadbalancer::heat_api: true
-tripleo::loadbalancer::heat_cloudwatch: true
-tripleo::loadbalancer::heat_cfn: true
-tripleo::loadbalancer::horizon: true
+tripleo::haproxy::keystone_admin: true
+tripleo::haproxy::keystone_public: true
+tripleo::haproxy::neutron: true
+tripleo::haproxy::cinder: true
+tripleo::haproxy::glance_api: true
+tripleo::haproxy::glance_registry: true
+tripleo::haproxy::nova_osapi: true
+tripleo::haproxy::nova_metadata: true
+tripleo::haproxy::nova_novncproxy: true
+tripleo::haproxy::mysql: true
+tripleo::haproxy::redis: true
+tripleo::haproxy::sahara: true
+tripleo::haproxy::swift_proxy_server: true
+tripleo::haproxy::ceilometer: true
+tripleo::haproxy::aodh: true
+tripleo::haproxy::gnocchi: true
+tripleo::haproxy::heat_api: true
+tripleo::haproxy::heat_cloudwatch: true
+tripleo::haproxy::heat_cfn: true
+tripleo::haproxy::horizon: true
 
 controller_classes: []
 # firewall
 tripleo::firewall::firewall_rules:
   '101 mongodb_config':
-    port: 27019
+    dport: 27019
   '102 mongodb_sharding':
-    port: 27018
+    dport: 27018
   '103 mongod':
-    port: 27017
+    dport: 27017
   '104 mysql galera':
-    port:
+    dport:
       - 873
       - 3306
       - 4444
@@ -200,37 +199,38 @@ tripleo::firewall::firewall_rules:
       - 4568
       - 9200
   '105 ntp':
-    port: 123
+    dport: 123
     proto: udp
   '106 vrrp':
     proto: vrrp
   '107 haproxy stats':
-    port: 1993
+    dport: 1993
   '108 redis':
-    port:
+    dport:
       - 6379
       - 26379
   '109 rabbitmq':
-    port:
+    dport:
+      - 4369
       - 5672
       - 35672
   '110 ceph':
-    port:
+    dport:
       - 6789
       - '6800-6810'
   '111 keystone':
-    port:
+    dport:
       - 5000
       - 13000
       - 35357
       - 13357
   '112 glance':
-    port:
+    dport:
       - 9292
       - 9191
       - 13292
   '113 nova':
-    port:
+    dport:
       - 6080
       - 13080
       - 8773
@@ -239,43 +239,43 @@ tripleo::firewall::firewall_rules:
       - 13774
       - 8775
   '114 neutron server':
-    port:
+    dport:
       - 9696
       - 13696
   '115 neutron dhcp input':
     proto: 'udp'
-    port: 67
+    dport: 67
   '116 neutron dhcp output':
     proto: 'udp'
     chain: 'OUTPUT'
-    port: 68
+    dport: 68
   '118 neutron vxlan networks':
     proto: 'udp'
-    port: 4789
+    dport: 4789
   '119 cinder':
-    port:
+    dport:
       - 8776
       - 13776
   '120 iscsi initiator':
-    port: 3260
+    dport: 3260
   '121 memcached':
-    port: 11211
+    dport: 11211
   '122 swift proxy':
-    port:
+    dport:
       - 8080
       - 13808
   '123 swift storage':
-    port:
+    dport:
       - 873
       - 6000
       - 6001
       - 6002
   '124 ceilometer':
-    port:
+    dport:
       - 8777
       - 13777
   '125 heat':
-    port:
+    dport:
       - 8000
       - 13800
       - 8003
@@ -283,17 +283,30 @@ tripleo::firewall::firewall_rules:
       - 8004
       - 13004
   '126 horizon':
-    port:
+    dport:
       - 80
       - 443
   '127 snmp':
-    port: 161
+    dport: 161
     proto: 'udp'
   '128 aodh':
-    port:
+    dport:
       - 8042
       - 13042
   '129 gnocchi-api':
-    port:
+    dport:
       - 8041
       - 13041
+  '130 pacemaker tcp':
+    proto: 'tcp'
+    dport:
+      - 2224
+      - 3121
+      - 21064
+  '131 pacemaker udp':
+    proto: 'udp'
+    dport: 5405
+  '132 sahara':
+    dport:
+      - 8386
+      - 13386