aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/aodh-base.yaml2
-rw-r--r--puppet/services/ceilometer-base.yaml2
-rw-r--r--puppet/services/cinder-api.yaml16
-rw-r--r--puppet/services/cinder-base.yaml3
-rw-r--r--puppet/services/glance-api.yaml5
-rw-r--r--puppet/services/glance-registry.yaml2
-rw-r--r--puppet/services/gnocchi-api.yaml16
-rw-r--r--puppet/services/gnocchi-base.yaml6
-rw-r--r--puppet/services/heat-api-cfn.yaml1
-rw-r--r--puppet/services/heat-api.yaml1
-rw-r--r--puppet/services/heat-base.yaml1
-rw-r--r--puppet/services/heat-engine.yaml2
-rw-r--r--puppet/services/ironic-base.yaml2
-rw-r--r--puppet/services/keystone.yaml2
-rw-r--r--puppet/services/manila-api.yaml9
-rw-r--r--puppet/services/manila-base.yaml2
-rw-r--r--puppet/services/neutron-base.yaml8
-rw-r--r--puppet/services/neutron-ovs-agent.yaml4
-rw-r--r--puppet/services/neutron-server.yaml16
-rw-r--r--puppet/services/nova-api.yaml14
-rw-r--r--puppet/services/nova-base.yaml23
-rw-r--r--puppet/services/sahara-base.yaml2
22 files changed, 105 insertions, 34 deletions
diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml
index 30c3f416..6a9f5d75 100644
--- a/puppet/services/aodh-base.yaml
+++ b/puppet/services/aodh-base.yaml
@@ -85,7 +85,7 @@ outputs:
aodh::keystone::auth::tenant: 'service'
aodh::db::mysql::user: aodh
aodh::db::mysql::password: {get_param: AodhPassword}
- aodh::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ aodh::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
aodh::db::mysql::dbname: aodh
aodh::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 5342cefb..1398fedb 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -103,7 +103,7 @@ outputs:
ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
ceilometer::rabbit_port: {get_param: RabbitClientPort}
ceilometer::db::mysql::user: ceilometer
- ceilometer::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ ceilometer::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
ceilometer::db::mysql::dbname: ceilometer
ceilometer::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index fa2324b3..3568cb06 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -18,6 +18,10 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
resources:
@@ -38,6 +42,18 @@ outputs:
cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
cinder::keystone::authtoken::password: {get_param: CinderPassword}
cinder::keystone::authtoken::project_name: 'service'
+ cinder::keystone::auth::tenant: 'service'
+ cinder::keystone::auth::public_url: {get_param: [EndpointMap, CinderPublic, uri]}
+ cinder::keystone::auth::internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
+ cinder::keystone::auth::admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
+ cinder::keystone::auth::public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
+ cinder::keystone::auth::internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
+ cinder::keystone::auth::admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
+ cinder::keystone::auth::public_url_v3: {get_param: [EndpointMap, CinderV3Public, uri]}
+ cinder::keystone::auth::internal_url_v3: {get_param: [EndpointMap, CinderV3Internal, uri]}
+ cinder::keystone::auth::admin_url_v3: {get_param: [EndpointMap, CinderV3Admin, uri]}
+ cinder::keystone::auth::password: {get_param: CinderPassword}
+ cinder::keystone::auth::region: {get_param: KeystoneRegion}
cinder::api::enable_proxy_headers_parsing: true
cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL'
# TODO(emilien) move it to puppet-cinder
diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml
index d923e7c6..c554bf97 100644
--- a/puppet/services/cinder-base.yaml
+++ b/puppet/services/cinder-base.yaml
@@ -58,13 +58,12 @@ outputs:
cinder::rabbit_password: {get_param: RabbitPassword}
cinder::rabbit_port: {get_param: RabbitClientPort}
cinder::db::mysql::user: cinder
- cinder::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ cinder::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
cinder::db::mysql::dbname: cinder
cinder::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
cinder::rabbit_heartbeat_timeout_threshold: 60
- cinder::keystone::auth::tenant: 'service'
cinder::host: hostgroup
cinder::cron::db_purge::destination: '/dev/null'
cinder::db::database_db_max_retries: -1
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 99065789..bb14546f 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -60,6 +60,10 @@ parameters:
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
outputs:
role_data:
@@ -106,6 +110,7 @@ outputs:
glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
glance::keystone::auth::password: {get_param: GlancePassword }
+ glance::keystone::auth::region: {get_param: KeystoneRegion}
glance::registry::db::database_db_max_retries: -1
glance::registry::db::database_max_retries: -1
tripleo.glance_api.firewall_rules:
diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml
index 40d18191..ca10fd12 100644
--- a/puppet/services/glance-registry.yaml
+++ b/puppet/services/glance-registry.yaml
@@ -45,7 +45,7 @@ outputs:
glance::registry::debug: {get_param: Debug}
glance::registry::workers: {get_param: GlanceWorkers}
glance::db::mysql::user: glance
- glance::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ glance::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
glance::db::mysql::dbname: glance
glance::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index d97626a6..265cb9f0 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -9,6 +9,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ GnocchiPassword:
+ description: The password for the gnocchi service and db account.
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
resources:
GnocchiServiceBase:
@@ -29,6 +37,12 @@ outputs:
dport:
- 8041
- 13041
- - gnocchi::api::keystone_tenant: 'service'
+ gnocchi::api::keystone_tenant: 'service'
+ gnocchi::keystone::auth::tenant: 'service'
+ gnocchi::keystone::auth::region: {get_param: KeystoneRegion}
+ gnocchi::keystone::auth::password: {get_param: GnocchiPassword}
+ gnocchi::keystone::auth::public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
+ gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
+ gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
step_config: |
include ::tripleo::profile::base::gnocchi::api
diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml
index a408d5d7..3631508e 100644
--- a/puppet/services/gnocchi-base.yaml
+++ b/puppet/services/gnocchi-base.yaml
@@ -56,9 +56,6 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/gnocchi'
- gnocchi::keystone::auth::region: {get_param: KeystoneRegion}
- gnocchi::keystone::auth::tenant: 'service'
- gnocchi::keystone::auth::password: {get_param: GnocchiPassword}
gnocchi::db::mysql::password: {get_param: GnocchiPassword}
gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types'
#Gnocchi API
@@ -66,7 +63,6 @@ outputs:
gnocchi::api::manage_service: false
gnocchi::api::enabled: true
gnocchi::api::service_name: 'httpd'
- gnocchi::api::keystone_tenant: 'service'
gnocchi::api::keystone_password: {get_param: GnocchiPassword}
gnocchi::wsgi::apache::ssl: false
gnocchi::storage::swift::swift_user: 'service:gnocchi'
@@ -89,7 +85,7 @@ outputs:
gnocchi::statsd::flush_delay: 10
gnocchi::statsd::archive_policy_name: 'low'
gnocchi::db::mysql::user: gnocchi
- gnocchi::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ gnocchi::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
gnocchi::db::mysql::dbname: gnocchi
gnocchi::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index f8832dd8..c3a3b7ae 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -35,6 +35,7 @@ outputs:
map_merge:
- get_attr: [HeatBase, role_data, config_settings]
- heat::api_cfn::workers: {get_param: HeatWorkers}
+ heat::keystone::auth_cfn::tenant: 'service'
heat::keystone::auth_cfn::public_url: {get_param: [EndpointMap, HeatCfnPublic, uri]}
heat::keystone::auth_cfn::internal_url: {get_param: [EndpointMap, HeatCfnInternal, uri]}
heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]}
diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml
index c0e7a690..b4402a17 100644
--- a/puppet/services/heat-api.yaml
+++ b/puppet/services/heat-api.yaml
@@ -35,6 +35,7 @@ outputs:
map_merge:
- get_attr: [HeatBase, role_data, config_settings]
- heat::api::workers: {get_param: HeatWorkers}
+ heat::keystone::auth::tenant: 'service'
heat::keystone::auth::public_url: {get_param: [EndpointMap, HeatPublic, uri]}
heat::keystone::auth::internal_url: {get_param: [EndpointMap, HeatInternal, uri]}
heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml
index 01f2a51b..091a4e9b 100644
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@@ -47,7 +47,6 @@ outputs:
value: 'role:admin'
heat::rabbit_heartbeat_timeout_threshold: 60
heat::keystone_tenant: 'service'
- heat::keystone::auth::tenant: 'service'
heat::keystone::domain::domain_name: 'heat_stack'
heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml
index 13555a62..044ca880 100644
--- a/puppet/services/heat-engine.yaml
+++ b/puppet/services/heat-engine.yaml
@@ -58,7 +58,7 @@ outputs:
heat::db::mysql::password: {get_param: HeatPassword}
heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
heat::db::mysql::user: heat
- heat::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
heat::db::mysql::dbname: heat
heat::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml
index 41d2234a..508694ee 100644
--- a/puppet/services/ironic-base.yaml
+++ b/puppet/services/ironic-base.yaml
@@ -59,7 +59,7 @@ outputs:
ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
ironic::db::mysql::password: {get_param: IronicPassword}
ironic::db::mysql::user: ironic
- ironic::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ ironic::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
ironic::db::mysql::dbname: ironic
ironic::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index d45ed86e..988c80ce 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -112,7 +112,7 @@ outputs:
keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
keystone::db::mysql::user: keystone
- keystone::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
keystone::db::mysql::dbname: keystone
keystone::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml
index ccae4467..389fa2e3 100644
--- a/puppet/services/manila-api.yaml
+++ b/puppet/services/manila-api.yaml
@@ -35,9 +35,12 @@ outputs:
- manila::api::keystone_password: {get_param: ManilaPassword}
manila::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
manila::api::keystone_auth_host: {get_param: [EndpointMap, ManilaInternal, host]}
- manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaPublic, uri]}
- manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaInternal, uri]}
- manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaAdmin, uri]}
+ manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]}
+ manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]}
+ manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]}
+ manila::keystone::auth::public_url_v2: {get_param: [EndpointMap, ManilaPublic, uri]}
+ manila::keystone::auth::internal_url_v2: {get_param: [EndpointMap, ManilaInternal, uri]}
+ manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]}
manila::keystone::auth::password: {get_param: ManilaPassword }
manila::keystone::auth::region: {get_param: KeystoneRegion }
manila::api::keystone_tenant: 'service'
diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml
index c156379b..663a9345 100644
--- a/puppet/services/manila-base.yaml
+++ b/puppet/services/manila-base.yaml
@@ -93,7 +93,7 @@ outputs:
manila::rabbit_port: {get_param: RabbitClientPort}
manila::debug: {get_param: Debug}
manila::db::mysql::user: manila
- manila::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ manila::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
manila::db::mysql::dbname: manila
manila::db::database_db_max_retries: -1
manila::db::database_max_retries: -1
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 3f8ac7e8..bc8dd8d1 100644
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -42,6 +42,12 @@ parameters:
type: string
default: ''
description: Set to True to enable debugging on all services.
+ EnableConfigPurge:
+ type: boolean
+ default: true
+ description: >
+ Remove configuration that is not generated by TripleO. Setting
+ to false may result in configuration remnants after updates/upgrades.
outputs:
role_data:
@@ -61,9 +67,9 @@ outputs:
params:
PLUGINS: {get_param: NeutronServicePlugins}
neutron::debug: {get_param: Debug}
+ neutron::purge_config: {get_param: EnableConfigPurge}
neutron::allow_overlapping_ips: true
neutron::rabbit_heartbeat_timeout_threshold: 60
neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed
- neutron::keystone::auth::tenant: 'service'
neutron::db::database_db_max_retries: -1
neutron::db::database_max_retries: -1
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 7a97cd84..d52b8a26 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -9,9 +9,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- NeutronEnableTunnelling:
- type: string
- default: "True"
NeutronEnableL2Pop:
type: string
description: >
@@ -56,7 +53,6 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- neutron::agents::ml2::ovs::enable_tunneling: {get_param: NeutronEnableTunnelling}
neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
neutron::agents::ml2::ovs::bridge_mappings:
diff --git a/puppet/services/neutron-server.yaml b/puppet/services/neutron-server.yaml
index d64fd66d..c40b37b0 100644
--- a/puppet/services/neutron-server.yaml
+++ b/puppet/services/neutron-server.yaml
@@ -33,6 +33,10 @@ parameters:
description: Enable Neutron DVR.
default: false
type: boolean
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
resources:
@@ -56,14 +60,18 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ neutron::keystone::auth::tenant: 'service'
+ neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
+ neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
+ neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
+ neutron::keystone::auth::password: {get_param: NeutronPassword}
+ neutron::keystone::auth::region: {get_param: KeystoneRegion}
neutron::server::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
neutron::server::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
- neutron::server::auth_tenant: 'service'
- neutron::server::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
neutron::server::api_workers: {get_param: NeutronWorkers}
neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
neutron::server::l3_ha: {get_param: NeutronL3HA}
- neutron::server::auth_password: {get_param: NeutronPassword}
+ neutron::server::password: {get_param: NeutronPassword}
neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
@@ -74,7 +82,7 @@ outputs:
neutron::server::sync_db: true
neutron::db::mysql::password: {get_param: NeutronPassword}
neutron::db::mysql::user: neutron
- neutron::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
neutron::db::mysql::dbname: ovs_neutron
neutron::db::mysql::allowed_hosts:
- '%'
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index 045a8614..d560edb4 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -13,6 +13,14 @@ parameters:
default: 0
description: Number of workers for Nova API service.
type: number
+ NovaPassword:
+ description: The password for the nova service and db account, used by nova-api.
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
resources:
NovaBase:
@@ -47,5 +55,11 @@ outputs:
nova::api::default_floating_pool: 'public'
nova::api::sync_db_api: true
nova::api::enable_proxy_headers_parsing: true
+ nova::keystone::auth::tenant: 'service'
+ nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]}
+ nova::keystone::auth::internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
+ nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
+ nova::keystone::auth::password: {get_param: NovaPassword}
+ nova::keystone::auth::region: {get_param: KeystoneRegion}
step_config: |
include tripleo::profile::base::nova::api
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index e3379821..ef7eaaf3 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -13,6 +13,10 @@ parameters:
description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
+ NeutronPassword:
+ description: The password for the neutron service and db account, used by neutron agents.
+ type: string
+ hidden: true
RabbitPassword:
description: The password for RabbitMQ
type: string
@@ -35,6 +39,12 @@ parameters:
type: string
default: ''
description: Set to True to enable debugging on all services.
+ EnableConfigPurge:
+ type: boolean
+ default: true
+ description: >
+ Remove configuration that is not generated by TripleO. Setting
+ to false may result in configuration remnants after updates/upgrades.
outputs:
role_data:
@@ -66,37 +76,40 @@ outputs:
- '/nova_api'
nova::db::mysql::password: {get_input: nova_password}
nova::db::mysql::user: nova
- nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
nova::db::mysql::dbname: nova
nova::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
nova::db::mysql_api::password: {get_input: nova_password}
nova::db::mysql_api::user: nova_api
- nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
nova::db::mysql_api::dbname: nova_api
nova::db::mysql_api::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
nova::debug: {get_param: Debug}
+ nova::purge_config: {get_param: EnableConfigPurge}
nova::network::neutron::neutron_project_name: 'service'
nova::network::neutron::neutron_username: 'neutron'
nova::network::neutron::dhcp_domain: ''
+ nova::network::neutron::neutron_password: {get_param: NeutronPassword}
+ nova::network::neutron::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]}
+ nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
nova::rabbit_heartbeat_timeout_threshold: 60
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed.
nova::notify_on_state_change: 'vm_and_task_state'
nova::notification_driver: messagingv2
nova::network::neutron::neutron_auth_type: 'v3password'
- nova::keystone::auth::tenant: 'service'
nova::db::mysql::user: nova
- nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
nova::db::mysql::dbname: nova
nova::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
nova::db::mysql_api::user: nova_api
- nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
nova::db::mysql_api::dbname: nova_api
nova::db::mysql_api::allowed_hosts:
- '%'
diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml
index f9a100f0..cac89e32 100644
--- a/puppet/services/sahara-base.yaml
+++ b/puppet/services/sahara-base.yaml
@@ -53,7 +53,7 @@ outputs:
- '/sahara'
sahara::db::mysql::password: {get_param: SaharaPassword}
sahara::db::mysql::user: sahara
- sahara::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
+ sahara::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
sahara::db::mysql::dbname: sahara
sahara::db::mysql::allowed_hosts:
- '%'