diff options
Diffstat (limited to 'puppet/services')
| -rw-r--r-- | puppet/services/database/mysql.yaml | 34 | ||||
| -rw-r--r-- | puppet/services/database/redis-base.yaml | 1 | ||||
| -rw-r--r-- | puppet/services/haproxy.yaml | 32 | ||||
| -rw-r--r-- | puppet/services/keepalived.yaml | 13 | ||||
| -rw-r--r-- | puppet/services/neutron-dhcp.yaml | 15 | ||||
| -rw-r--r-- | puppet/services/pacemaker/database/mysql.yaml | 10 | ||||
| -rw-r--r-- | puppet/services/rabbitmq.yaml | 20 | ||||
| -rw-r--r-- | puppet/services/swift-storage.yaml | 5 |
8 files changed, 125 insertions, 5 deletions
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml index 8d2185f6..b0eea481 100644 --- a/puppet/services/database/mysql.yaml +++ b/puppet/services/database/mysql.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > MySQL service deployment using puppet @@ -19,6 +19,21 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MysqlMaxConnections: + description: Configures MySQL max_connections config setting + type: number + default: 4096 + MysqlRootPassword: + type: string + hidden: true + default: '' + MysqlClustercheckPassword: + type: string + hidden: true + EnableGalera: + default: true + description: Whether to use Galera instead of regular MariaDB. + type: boolean outputs: role_data: @@ -42,5 +57,22 @@ outputs: - 4567 - 4568 - 9200 + mysql_max_connections: {get_param: MysqlMaxConnections} + mysql::server::root_password: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: MysqlRootPassword} + - {get_param: [DefaultPasswords, mysql_root_password]} + mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} + enable_galera: {get_param: EnableGalera} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]} step_config: | include ::tripleo::profile::base::database::mysql diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index 301b2bb1..40711432 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -36,4 +36,3 @@ outputs: redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' - tripleo::loadbalancer::redis_password: {get_param: RedisPassword} diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 00574c2f..8ac669a9 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -18,6 +18,32 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + hidden: true + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + RedisPassword: + description: The password for Redis + type: string + hidden: true + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: @@ -49,5 +75,11 @@ outputs: tripleo::haproxy::heat_cloudwatch: true tripleo::haproxy::heat_cfn: true tripleo::haproxy::horizon: true + tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} + tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} + tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} + tripleo::haproxy::redis_password: {get_param: RedisPassword} + tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::haproxy diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index c8c977c6..b783345b 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -18,11 +18,24 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: description: Role data for the Keepalived role. value: service_name: keepalived + config_settings: + tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::keepalived diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index ed2dbd0e..513cb2d4 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -18,10 +18,19 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NeutronEnableMetadataNetwork: + default: false + description: If True, DHCP provide metadata network. Requires either + IsolatedMetadata or ForceMetadata parameters to also be True. + type: boolean NeutronEnableIsolatedMetadata: - default: 'False' + default: false description: If True, DHCP provide metadata route to VM. - type: string + type: boolean + NeutronEnableForceMetadata: + default: false + description: If True, DHCP always provides metadata route to VM. + type: boolean resources: @@ -41,6 +50,8 @@ outputs: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} + neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata} + neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork} tripleo.neutron_dhcp.firewall_rules: '115 neutron dhcp input': proto: 'udp' diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml index e63a8f1e..d555ed0a 100644 --- a/puppet/services/pacemaker/database/mysql.yaml +++ b/puppet/services/pacemaker/database/mysql.yaml @@ -20,11 +20,21 @@ parameters: via parameter_defaults in the resource registry. type: json +resources: + + MysqlBase: + type: ../../database/mysql.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + outputs: role_data: description: Service MySQL with Pacemaker using composable services. value: service_name: mysql config_settings: + get_attr: [MysqlBase, role_data, config_settings] step_config: | include ::tripleo::profile::pacemaker::database::mysql diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 5d580648..06595b07 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > RabbitMQ service configured with Puppet @@ -34,6 +34,10 @@ parameters: default: false description: Enable IPv6 in RabbitMQ type: boolean + RabbitCookie: + type: string + default: '' + hidden: true outputs: role_data: @@ -66,5 +70,19 @@ outputs: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' loopback_users: '[]' + rabbitmq::erlang_cookie: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: RabbitCookie} + - {get_param: [DefaultPasswords, rabbit_cookie]} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]} step_config: | include ::tripleo::profile::base::rabbitmq diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 558f2752..664a701f 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -26,6 +26,10 @@ parameters: default: false description: Value of mount_check in Swift account/container/object -server.conf type: boolean + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list @@ -69,5 +73,6 @@ outputs: swift::storage::all::account_pipeline: - healthcheck - account-server + swift::storage::disks: {get_param: SwiftRawDisks} step_config: | include ::tripleo::profile::base::swift::storage |