summaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/ceph-base.yaml6
-rw-r--r--puppet/services/keepalived.yaml3
-rw-r--r--puppet/services/logging/fluentd-config.yaml2
-rw-r--r--puppet/services/manila-backend-cephfs.yaml2
-rw-r--r--puppet/services/neutron-api.yaml9
-rw-r--r--puppet/services/neutron-l3.yaml3
-rw-r--r--puppet/services/neutron-ovs-agent.yaml6
-rw-r--r--puppet/services/opendaylight-api.yaml11
-rw-r--r--puppet/services/services.yaml2
-rw-r--r--puppet/services/tripleo-firewall.yaml2
10 files changed, 24 insertions, 22 deletions
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index ce8d9158..adb17b26 100644
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -75,6 +75,12 @@ outputs:
ceph::profile::params::manage_repo: false
ceph::profile::params::authentication_type: cephx
ceph::profile::params::fsid: {get_param: CephClusterFSID}
+ # FIXME(gfidente): we should not have to list the packages explicitly in the templates,
+ # but this has to stay until https://bugs.launchpad.net/puppet-ceph/+bug/1629933 is fixed
+ ceph::params::packages:
+ - ceph-base
+ - ceph-mon
+ - ceph-osd
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index 2b069d67..38cfbe22 100644
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -41,5 +41,8 @@ outputs:
config_settings:
tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
+ tripleo.keepalived.firewall_rules:
+ '106 keepalived vrrp':
+ proto: vrrp
step_config: |
include ::tripleo::profile::base::keepalived
diff --git a/puppet/services/logging/fluentd-config.yaml b/puppet/services/logging/fluentd-config.yaml
index e051781e..58b423fd 100644
--- a/puppet/services/logging/fluentd-config.yaml
+++ b/puppet/services/logging/fluentd-config.yaml
@@ -70,7 +70,7 @@ parameters:
- tag_pattern: '**'
type: record_transformer
record:
- nodename: '${hostname}'
+ host: '${hostname}'
- tag_pattern: 'openstack.**'
type: record_transformer
diff --git a/puppet/services/manila-backend-cephfs.yaml b/puppet/services/manila-backend-cephfs.yaml
index 89a36d21..37b0a1d2 100644
--- a/puppet/services/manila-backend-cephfs.yaml
+++ b/puppet/services/manila-backend-cephfs.yaml
@@ -33,7 +33,7 @@ parameters:
default: 'cephfs'
ManilaCephFSNativeCephFSConfPath:
type: string
- default: '/etc/ceph/cephfs.conf'
+ default: '/etc/ceph/ceph.conf'
ManilaCephFSNativeCephFSAuthId:
type: string
default: 'manila'
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 3b531ab3..c2b6b6f7 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -145,16 +145,11 @@ outputs:
neutron::server::notifications::password: {get_param: NovaPassword}
neutron::keystone::authtoken::project_name: 'service'
neutron::server::sync_db: true
- tripleo.neutron_server.firewall_rules:
- '114 neutron server':
+ tripleo.neutron_api.firewall_rules:
+ '114 neutron api':
dport:
- 9696
- 13696
- '118 neutron vxlan networks':
- proto: 'udp'
- dport: 4789
- '106 vrrp':
- proto: vrrp
neutron::server::router_distributed: {get_param: NeutronEnableDVR}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml
index 9e223374..a89e3d75 100644
--- a/puppet/services/neutron-l3.yaml
+++ b/puppet/services/neutron-l3.yaml
@@ -67,5 +67,8 @@ outputs:
- neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge}
neutron::agents::l3::router_delete_namespaces: True
neutron::agents::l3::agent_mode : {get_param: NeutronL3AgentMode}
+ tripleo.neutron_l3.firewall_rules:
+ '106 neutron_l3 vrrp':
+ proto: vrrp
step_config: |
include tripleo::profile::base::neutron::l3
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index cbe65638..cca0deee 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -117,5 +117,11 @@ outputs:
# internal_api_subnet - > IP/CIDR
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
+ tripleo.neutron_ovs_agent.firewall_rules:
+ '118 neutron vxlan networks':
+ proto: 'udp'
+ dport: 4789
+ '136 neutron gre networks':
+ proto: 'gre'
step_config: |
include ::tripleo::profile::base::neutron::ovs
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index d2ee036e..30351dfb 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -33,14 +33,6 @@ parameters:
description: List of features to install with ODL
type: comma_delimited_list
default: ["odl-netvirt-openstack","odl-netvirt-ui"]
- OpenDaylightConnectionProtocol:
- description: L7 protocol used for REST access
- type: string
- default: 'http'
- OpenDaylightCheckURL:
- description: URL postfix to verify ODL has finished starting up
- type: string
- default: 'restconf/operational/network-topology:network-topology/topology/netvirt:1'
OpenDaylightApiVirtualIP:
type: string
default: ''
@@ -67,14 +59,11 @@ outputs:
config_settings:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
odl_on_controller: {get_param: EnableOpenDaylightOnController}
- opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::username: {get_param: OpenDaylightUsername}
opendaylight::password: {get_param: OpenDaylightPassword}
opendaylight::enable_l3: {get_param: OpenDaylightEnableL3}
opendaylight::extra_features: {get_param: OpenDaylightFeatures}
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
- opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpenDaylightApiNetwork]}
step_config: |
include tripleo::profile::base::neutron::opendaylight
- include tripleo::profile::base::neutron::plugins::ovs::opendaylight
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index 7b5fa40c..176fd235 100644
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -78,7 +78,7 @@ outputs:
sources:
- {get_attr: [LoggingConfiguration, LoggingDefaultSources]}
- yaql:
- expression: list($.data.where($ != null).select($.get('logging_sources')).where($ != null))
+ expression: list($.data.where($ != null).select($.get('logging_source')).where($ != null))
data: {get_attr: [ServiceChain, role_data]}
- {get_attr: [LoggingConfiguration, LoggingExtraSources]}
default_format: {get_attr: [LoggingConfiguration, LoggingDefaultFormat]}
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
index f6ec458f..7eb39905 100644
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@@ -19,7 +19,7 @@ parameters:
via parameter_defaults in the resource registry.
type: json
ManageFirewall:
- default: false
+ default: true
description: Whether to manage IPtables rules.
type: boolean
PurgeFirewallRules: