diff options
Diffstat (limited to 'puppet/services')
-rw-r--r-- | puppet/services/ceilometer-base.yaml | 6 | ||||
-rw-r--r-- | puppet/services/ceph-mon.yaml | 2 | ||||
-rw-r--r-- | puppet/services/cinder-backup.yaml | 47 | ||||
-rw-r--r-- | puppet/services/gnocchi-base.yaml | 12 | ||||
-rw-r--r-- | puppet/services/nova-base.yaml | 18 | ||||
-rw-r--r-- | puppet/services/nova-compute.yaml | 30 | ||||
-rw-r--r-- | puppet/services/nova-libvirt.yaml | 6 | ||||
-rw-r--r-- | puppet/services/nova-vncproxy.yaml | 10 | ||||
-rw-r--r-- | puppet/services/pacemaker/cinder-backup.yaml | 49 |
9 files changed, 177 insertions, 3 deletions
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 1398fedb..59b4cc2a 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -35,6 +35,10 @@ parameters: default: false description: Whether to store events in ceilometer. type: boolean + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string KeystoneRegion: type: string default: 'regionOne' @@ -64,6 +68,7 @@ outputs: value: service_name: ceilometer_base config_settings: + ceilometer::debug: {get_param: Debug} ceilometer::db::database_connection: list_join: - '' @@ -111,3 +116,4 @@ outputs: ceilometer::rabbit_heartbeat_timeout_threshold: 60 ceilometer::db::database_db_max_retries: -1 ceilometer::db::database_max_retries: -1 + ceilometer::telemetry_secret: {get_param: CeilometerMeteringSecret} diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index 074d941d..28c3e5df 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -38,7 +38,7 @@ parameters: { "volumes": { "size": 5, - "pg_num: 128, + "pg_num": 128, "pgp_num": 128 } } diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml new file mode 100644 index 00000000..25e82c87 --- /dev/null +++ b/puppet/services/cinder-backup.yaml @@ -0,0 +1,47 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Cinder Backup service configured with Puppet + +parameters: + CinderBackupBackend: + default: swift + description: The short name of the Cinder Backup backend to use. + type: string + constraints: + - allowed_values: ['swift', 'ceph'] + CinderBackupRbdPoolName: + default: backups + type: string + CephClientUserName: + default: openstack + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + CinderBase: + type: ./cinder-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Cinder Backup role. + value: + service_name: cinder_backup + config_settings: + map_merge: + - get_attr: [CinderBase, role_data, config_settings] + - cinder::backup::ceph::backup_ceph_user: {get_param: CephClientUserName} + cinder::backup::ceph::backup_ceph_pool: {get_param: CinderBackupRbdPoolName} + cinder::backup::swift::backup_swift_container: volumebackups + step_config: + str_replace: + template: "include ::tripleo::profile::base::cinder::backup::DRIVER" + params: + DRIVER: {get_param: CinderBackupBackend} diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index 3631508e..a072e8ef 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -34,6 +34,10 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + RedisPassword: + description: The password for the redis service account. + type: string + hidden: true outputs: aux_parameters: @@ -65,6 +69,14 @@ outputs: gnocchi::api::service_name: 'httpd' gnocchi::api::keystone_password: {get_param: GnocchiPassword} gnocchi::wsgi::apache::ssl: false + gnocchi::storage::coordination_url: + list_join: + - '' + - - 'redis://:' + - {get_param: RedisPassword} + - '@' + - "%{hiera('redis_vip')}" + - ':6379/' gnocchi::storage::swift::swift_user: 'service:gnocchi' gnocchi::storage::swift::swift_auth_version: 2 gnocchi::storage::swift::swift_key: {get_param: GnocchiPassword} diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index ef7eaaf3..9b1b0760 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -17,6 +17,10 @@ parameters: description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true + NovaOVSBridge: + default: 'br-int' + description: Name of integration bridge used by Open vSwitch + type: string RabbitPassword: description: The password for RabbitMQ type: string @@ -45,6 +49,14 @@ parameters: description: > Remove configuration that is not generated by TripleO. Setting to false may result in configuration remnants after updates/upgrades. + NovaIPv6: + default: false + description: Enable IPv6 features in Nova + type: boolean + UpgradeLevelNovaCompute: + type: string + description: Nova Compute upgrade level + default: '' outputs: role_data: @@ -53,7 +65,7 @@ outputs: service_name: nova_base config_settings: nova::rabbit_password: {get_param: RabbitPassword} - nova::rabbit_user: {get_param: RabbitUserName} + nova::rabbit_userid: {get_param: RabbitUserName} nova::rabbit_use_ssl: {get_param: RabbitClientUseSSL} nova::rabbit_port: {get_param: RabbitClientPort} nova::database_connection: @@ -116,3 +128,7 @@ outputs: - "%{hiera('mysql_bind_host')}" nova::db::database_db_max_retries: -1 nova::db::database_max_retries: -1 + nova::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} + nova::use_ipv6: {get_param: NovaIPv6} + nova::upgrade_level_compute: {get_param: UpgradeLevelNovaCompute} + nova::network::neutron::neutron_ovs_bridge: {get_param: NovaOVSBridge} diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index bcc3a232..19f1f02a 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -15,6 +15,22 @@ parameters: CephClientUserName: default: openstack type: string + CinderEnableNfsBackend: + default: false + description: Whether to enable or not the NFS backend for Cinder + type: boolean + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean + NovaEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Nova + type: boolean + NovaComputeLibvirtVifDriver: + default: '' + description: Libvirt VIF driver configuration for the network + type: string resources: NovaBase: @@ -37,6 +53,8 @@ outputs: tripleo::profile::base::nova::nova_compute_enabled: true nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} + tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend} + rbd_persistent_storage: {get_param: CinderEnableRbdBackend} nova::compute::rbd::rbd_keyring: list_join: - '.' @@ -45,13 +63,23 @@ outputs: nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"' nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' + nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend} + # TUNNELLED mode provides a security enhancement when using shared + # storage but is not supported when not using shared storage. + # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 + # In future versions of QEMU (2.6, mostly), danpb's native + # encryption work will obsolete the need to use TUNNELLED transport + # mode. + nova::migration::live_migration_tunnelled: {get_param: NovaEnableRbdBackend} # Changing the default from 512MB. The current templates can not deploy # overclouds with swap. On an idle compute node, we see ~1024MB of RAM # used. 2048 is suggested to account for other possible operations for # example openvswitch. nova::compute::reserved_host_memory: 2048 + nova::compute::neutron::libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver} + step_config: | # TODO(emilien): figure how to deal with libvirt profile. - # We'll probably threat it like we do with Neutron plugins. + # We'll probably treat it like we do with Neutron plugins. # Until then, just include it in the default nova-compute role. include tripleo::profile::base::nova::compute::libvirt diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index 939b6a09..d283de4f 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -9,6 +9,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NovaComputeLibvirtType: + type: string + default: kvm resources: NovaBase: @@ -30,5 +33,8 @@ outputs: nova::compute::libvirt::migration_support: false tripleo::profile::base::nova::manage_migration: true tripleo::profile::base::nova::libvirt_enabled: true + nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType} + nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType} + step_config: | include tripleo::profile::base::nova::libvirt diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vncproxy.yaml index 0b9cef38..a1517011 100644 --- a/puppet/services/nova-vncproxy.yaml +++ b/puppet/services/nova-vncproxy.yaml @@ -25,5 +25,15 @@ outputs: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::vncproxy::enabled: true + nova::vncproxy::common::vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} + # Remove brackets that may come if the IP address is IPv6. + # For DNS names and IPv4, this will just get NovaVNCProxyPublic + nova::vncproxy::common::vncproxy_host: + str_replace: + template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} + params: + '[': '' + ']': '' + nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} step_config: | include tripleo::profile::base::nova::vncproxy diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml new file mode 100644 index 00000000..706717e4 --- /dev/null +++ b/puppet/services/pacemaker/cinder-backup.yaml @@ -0,0 +1,49 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Cinder Backup service with Pacemaker configured with Puppet + +parameters: + CinderBackupBackend: + default: swift + description: The short name of the Cinder Backup backend to use. + type: string + constraints: + - allowed_values: ['swift', 'ceph'] + CinderBackupRbdPoolName: + default: backups + type: string + CephClientUserName: + default: openstack + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + CinderBackupBase: + type: ../cinder-backup.yaml + properties: + EndpointMap: {get_param: EndpointMap} + CinderBackupBackend: {get_param: CinderBackupBackend} + CinderBackupRbdPoolName: {get_param: CinderBackupRbdPoolName} + CephClientUserName: {get_param: CephClientUserName} + +outputs: + role_data: + description: Role data for the Cinder Backup role. + value: + service_name: cinder_backup + config_settings: + map_merge: + - get_attr: [CinderBackupBase, role_data, config_settings] + - cinder::backup::manage_service: false + cinder::backup::enabled: false + step_config: + list_join: + - "\n" + - - get_attr: [CinderBackupBase, role_data, step_config] + - "include ::tripleo::profile::pacemaker::cinder::backup" |