summaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/ironic-api.yaml43
-rw-r--r--puppet/services/ironic-base.yaml64
-rw-r--r--puppet/services/ironic-conductor.yaml36
-rw-r--r--puppet/services/nova-compute.yaml12
-rw-r--r--puppet/services/nova-libvirt.yaml31
-rw-r--r--puppet/services/rabbitmq.yaml2
-rw-r--r--puppet/services/services.yaml11
-rw-r--r--puppet/services/snmp.yaml31
-rw-r--r--puppet/services/swift-storage.yaml44
-rw-r--r--puppet/services/time/timezone.yaml24
10 files changed, 289 insertions, 9 deletions
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
new file mode 100644
index 00000000..e1626d5b
--- /dev/null
+++ b/puppet/services/ironic-api.yaml
@@ -0,0 +1,43 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Ironic API configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ IronicPassword:
+ description: The password for the Ironic service and db account, used by the Ironic services
+ type: string
+ hidden: true
+
+resources:
+ IronicBase:
+ type: ./ironic-base.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Ironic API role.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [IronicBase, role_data, config_settings]
+ # NOTE(dtantsur): the my_ip parameter is heavily overloaded in
+ # ironic. It's used as a default value for e.g. TFTP server IP,
+ # glance and neutron endpoints, virtual console IP. We override
+ # the TFTP server IP in ironic-conductor.yaml as it should not be
+ # the VIP, but rather a real IP of the controller.
+ - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]}
+ ironic::api::admin_password: {get_param: IronicPassword}
+ ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]}
+ ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]}
+ ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]}
+ ironic::keystone::auth::password: {get_param: IronicPassword }
+
+ step_config: |
+ include ::tripleo::profile::base::ironic::api
diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml
new file mode 100644
index 00000000..0eaa53cb
--- /dev/null
+++ b/puppet/services/ironic-base.yaml
@@ -0,0 +1,64 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Ironic services configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ IronicPassword:
+ description: The password for the Ironic service and db account, used by the Ironic services
+ type: string
+ hidden: true
+ RabbitUserName:
+ default: guest
+ description: The username for RabbitMQ
+ type: string
+ RabbitPassword:
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+ RabbitClientUseSSL:
+ default: false
+ description: >
+ Rabbit client subscriber parameter to specify
+ an SSL connection to the RabbitMQ host.
+ type: string
+
+outputs:
+ role_data:
+ description: Role data for the Ironic role.
+ value:
+ config_settings:
+ ironic_dsn: &ironic_dsn
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://ironic:'
+ - {get_param: IronicPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/ironic'
+ ironic::admin_tenant_name: 'service'
+ ironic::database_connection: *ironic_dsn
+ ironic::debug: {get_param: Debug}
+ ironic::rabbit_userid: {get_param: RabbitUserName}
+ ironic::rabbit_password: {get_param: RabbitPassword}
+ ironic::rabbit_port: {get_param: RabbitClientPort}
+ ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ ironic::db::mysql::password: {get_param: IronicPassword}
+ ironic::keystone::auth::tenant: 'service'
+
+ step_config: |
+ include ::tripleo::profile::base::ironic
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
new file mode 100644
index 00000000..3fb3d9fd
--- /dev/null
+++ b/puppet/services/ironic-conductor.yaml
@@ -0,0 +1,36 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Ironic conductor configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ IronicEnabledDrivers:
+ default: ['pxe_ipmitool', 'agent_ipmitool']
+ description: Enabled Ironic drivers
+ type: comma_delimited_list
+
+resources:
+ IronicBase:
+ type: ./ironic-base.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Ironic conductor role.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [IronicBase, role_data, config_settings]
+ - ironic::enabled_drivers: {get_param: IronicEnabledDrivers}
+ # Prevent tftp_server from defaulting to my_ip setting, which is
+ # controller VIP, not a real IP.
+ ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network}
+
+ step_config: |
+ include ::tripleo::profile::base::ironic::conductor
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 0844aa85..679586f7 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -16,10 +16,18 @@ resources:
outputs:
role_data:
- description: Role data for the Nova Conductor service.
+ description: Role data for the Nova Compute service.
value:
config_settings:
map_merge:
- get_attr: [NovaBase, role_data, config_settings]
+ - nova::compute::libvirt::manage_libvirt_services: false
+ # we manage migration in nova common puppet profile
+ nova::compute::libvirt::migration_support: false
+ tripleo::profile::base::nova::manage_migration: true
+ tripleo::profile::base::nova::nova_compute_enabled: true
step_config: |
- include tripleo::profile::base::nova::compute
+ # TODO(emilien): figure how to deal with libvirt profile.
+ # We'll probably threat it like we do with Neutron plugins.
+ # Until then, just include it in the default nova-compute role.
+ include tripleo::profile::base::nova::compute::libvirt
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
new file mode 100644
index 00000000..e3309c32
--- /dev/null
+++ b/puppet/services/nova-libvirt.yaml
@@ -0,0 +1,31 @@
+heat_template_version: 2016-04-08
+
+description: >
+ Libvirt service configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+resources:
+ NovaBase:
+ type: ./nova-base.yaml
+
+outputs:
+ role_data:
+ description: Role data for the Libvirt service.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [NovaBase, role_data, config_settings]
+ # we include ::nova::compute::libvirt::services in nova/libvirt profile
+ - nova::compute::libvirt::manage_libvirt_services: false
+ # we manage migration in nova common puppet profile
+ nova::compute::libvirt::migration_support: false
+ tripleo::profile::base::nova::manage_migration: true
+ tripleo::profile::base::nova::libvirt_enabled: true
+ step_config: |
+ include tripleo::profile::base::nova::libvirt
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index 581b4ba4..3688c4a8 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -18,7 +18,7 @@ parameters:
type: string
hidden: true
RabbitFDLimit:
- default: 16384
+ default: 65536
description: Configures RabbitMQ FD limit
type: string
RabbitIPv6:
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index 7ed880fc..91f0e049 100644
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -27,9 +27,8 @@ resources:
EndpointMap: {get_param: EndpointMap}
outputs:
- config_settings:
- description: Configuration settings.
- value: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
- step_config:
- description: Step configuration.
- value: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]}
+ role_data:
+ description: Combined Role data for this set of services.
+ value:
+ config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
+ step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]}
diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml
new file mode 100644
index 00000000..24ee2933
--- /dev/null
+++ b/puppet/services/snmp.yaml
@@ -0,0 +1,31 @@
+heat_template_version: 2016-04-08
+
+description: >
+ SNMP client configured with Puppet, to facilitate Ceilometer Hardware
+ monitoring in the undercloud. This service is required to enable hardware
+ monitoring.
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ SnmpdReadonlyUserName:
+ default: ro_snmp_user
+ description: The user name for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ SnmpdReadonlyUserPassword:
+ description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ hidden: true
+
+outputs:
+ role_data:
+ description: Role data for the SNMP services
+ value:
+ config_settings:
+ snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
+ snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ step_config: |
+ include ::tripleo::profile::base::snmp
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
new file mode 100644
index 00000000..980c95f5
--- /dev/null
+++ b/puppet/services/swift-storage.yaml
@@ -0,0 +1,44 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Swift Storage service configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ SwiftMountCheck:
+ default: false
+ description: Value of mount_check in Swift account/container/object -server.conf
+ type: boolean
+
+ # DEPRECATED options for compatibility with overcloud.yaml
+ # This should be removed and manipulation of the ControllerServices list
+ # used instead, but we need client support for that first
+ ControllerEnableSwiftStorage:
+ default: true
+ description: Whether to enable Swift Storage on the Controller
+ type: boolean
+
+parameter_groups:
+- label: deprecated
+ description: Do not use deprecated params, they will be removed.
+ parameters:
+ - ControllerEnableSwiftStorage
+
+outputs:
+ role_data:
+ description: Role data for the Swift Proxy role.
+ value:
+ config_settings:
+ # Swift
+ swift::storage::all::mount_check: {get_param: SwiftMountCheck}
+ tripleo::profile::base::swift::storage::enable_swift_storage: {get_param: ControllerEnableSwiftStorage}
+ step_config: |
+ include ::tripleo::profile::base::swift::storage
diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml
new file mode 100644
index 00000000..13fda986
--- /dev/null
+++ b/puppet/services/time/timezone.yaml
@@ -0,0 +1,24 @@
+heat_template_version: 2016-04-08
+
+description: >
+ Composable Timezone service
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ TimeZone:
+ default: 'UTC'
+ description: The timezone to be set on the overcloud.
+ type: string
+
+outputs:
+ role_data:
+ description: Timezone role using composable services.
+ value:
+ config_settings:
+ timezone::timezone: {get_param: TimeZone}
+ step_config: |
+ include ::timezone