4 files changed, 198 insertions, 0 deletions

diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml
index b898d0bf..aaa9b039 100644
--- a/puppet/services/ceph-external.yaml
+++ b/puppet/services/ceph-external.yaml
@@ -61,6 +61,12 @@ parameters:
   MonitoringSubscriptionCephExternal:
     default: 'overcloud-ceph-external'
     type: string
+  RbdDefaultFeatures:
+    default: ''
+    description: The default features enabled when creating a block device
+                 image. Only applies to format 2 images. Set to '1' for Jewel
+                 clients using older Ceph servers.
+    type: string
 
 conditions:
   glance_multiple_locations:
@@ -81,6 +87,7 @@ outputs:
       config_settings:
         tripleo::profile::base::ceph::ceph_mon_host: {get_param: CephExternalMonHost}
         ceph::profile::params::fsid: {get_param: CephClusterFSID}
+        ceph::profile::params::rbd_default_features: {get_param: RbdDefaultFeatures}
         ceph::profile::params::client_keys:
           str_replace:
             template: "{
diff --git a/puppet/services/cinder-hpelefthand-iscsi.yaml b/puppet/services/cinder-hpelefthand-iscsi.yaml
new file mode 100644
index 00000000..f22a3aeb
--- /dev/null
+++ b/puppet/services/cinder-hpelefthand-iscsi.yaml
@@ -0,0 +1,56 @@
+heat_template_version: 2017-02-24
+
+description: >
+  Configure Cinder HPELeftHandISCSIDriver
+
+parameters:
+  # Config specific parameters, to be provided via parameter_defaults
+  CinderHPELeftHandISCSIApiUrl:
+    type: string
+  CinderHPELeftHandISCSIUserName:
+    type: string
+  CinderHPELeftHandISCSIPassword:
+    type: string
+    hidden: true
+  CinderHPELeftHandISCSIBackendName:
+    type: string
+    default: 'tripleo_hpelefthand'
+  CinderHPELeftHandISCSIChapEnabled:
+    type: boolean
+    default: false
+  CinderHPELeftHandClusterName:
+     type: string
+  CinderHPELeftHandDebug:
+    type: boolean
+    default: false
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    type: json
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+
+outputs:
+  role_data:
+    description: Role data for Cinder HPELeftHandISCSIDriver
+    value:
+      service_name: cinder_hpelefthand_iscsi
+      config_settings:
+        tripleo::profile::base::cinder::volume::cinder_enable_hpelefthand_backend: true
+        cinder::backend::hpelefthand_iscsi::hpelefthand_api_url: {get_param: CinderHPELeftHandISCSIApiUrl}
+        cinder::backend::hpelefthand_iscsi::hpelefthand_username: {get_param: CinderHPELeftHandISCSIUserName}
+        cinder::backend::hpelefthand_iscsi::hpelefthand_password: {get_param: CinderHPELeftHandISCSIPassword}
+        cinder::backend::hpelefthand_iscsi::volume_backend_name: {get_param: CinderHPELeftHandISCSIBackendName}
+        cinder::backend::hpelefthand_iscsi::hpelefthand_iscsi_chap_enabled: {get_param: CinderHPELeftHandISCSIChapEnabled}
+        cinder::backend::hpelefthand_iscsi::hpelefthand_clustername: {get_param: CinderHPELeftHandClusterName}
+        cinder::backend::hpelefthand_iscsi::hpelefthand_debug: {get_param: CinderHPELeftHandDebug}
+      step_config: |
+        include ::tripleo::profile::base::cinder::volume
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index dabb1355..d70e66a0 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -103,6 +103,17 @@ outputs:
                 - '/nova_api'
                 - '?bind_address='
                 - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+          nova::placement_database_connection:
+            list_join:
+              - ''
+              - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+                - '://nova_placement:'
+                - {get_param: NovaPassword}
+                - '@'
+                - {get_param: [EndpointMap, MysqlInternal, host]}
+                - '/nova_placement'
+                - '?bind_address='
+                - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
           nova::debug: {get_param: Debug}
           nova::purge_config: {get_param: EnableConfigPurge}
           nova::network::neutron::neutron_project_name: 'service'
diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml
new file mode 100644
index 00000000..9b7120d8
--- /dev/null
+++ b/puppet/services/nova-placement.yaml
@@ -0,0 +1,124 @@
+heat_template_version: ocata
+
+description: >
+  OpenStack Nova Placement API service configured with Puppet
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  NovaWorkers:
+    default: 0
+    description: Number of workers for Nova Placement API service.
+    type: number
+  NovaPassword:
+    description: The password for the nova service and db account, used by nova-placement.
+    type: string
+    hidden: true
+  KeystoneRegion:
+    type: string
+    default: 'regionOne'
+    description: Keystone region for endpoint
+  MonitoringSubscriptionNovaPlacement:
+    default: 'overcloud-nova-placement'
+    type: string
+  NovaPlacementLoggingSource:
+    type: json
+    default:
+      tag: openstack.nova.placement
+      path: /var/log/httpd/nova_placement_wsgi_error_ssl.log
+  EnableInternalTLS:
+    type: boolean
+    default: false
+
+conditions:
+  nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
+
+resources:
+  ApacheServiceBase:
+    type: ./apache.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+      EnableInternalTLS: {get_param: EnableInternalTLS}
+
+  NovaBase:
+    type: ./nova-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role data for the Nova Placement API service.
+    value:
+      service_name: nova_placement
+      monitoring_subscription: {get_param: MonitoringSubscriptionNovaPlacement}
+      logging_source: {get_param: NovaPlacementLoggingSource}
+      logging_groups:
+        - nova
+      config_settings:
+        map_merge:
+        - get_attr: [NovaBase, role_data, config_settings]
+        - get_attr: [ApacheServiceBase, role_data, config_settings]
+        - tripleo.nova_placement.firewall_rules:
+            '138 nova_placement':
+              dport:
+                - 8778
+                - 13778
+          nova::placement::project_name: 'service'
+          nova::placement::password: {get_param: NovaPassword}
+          nova::placement::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+          nova::placement::os_region_name: {get_param: KeystoneRegion}
+          nova::wsgi::apache_placement::api_port: '8778'
+          nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS}
+          # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+          # for the given network; replacement examples (eg. for internal_api):
+          # internal_api -> IP
+          # internal_api_uri -> [IP]
+          # internal_api_subnet - > IP/CIDR
+          nova::wsgi::apache_placement::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+          nova::wsgi::apache_placement::servername:
+            str_replace:
+              template:
+                "%{hiera('fqdn_$NETWORK')}"
+              params:
+                $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
+        -
+          if:
+          - nova_workers_zero
+          - {}
+          - nova::wsgi::apache_placement::workers: {get_param: NovaWorkers}
+      step_config: |
+        include tripleo::profile::base::nova::placement
+      service_config_settings:
+        keystone:
+          nova::keystone::auth_placement::tenant: 'service'
+          nova::keystone::auth_placement::public_url: {get_param: [EndpointMap, NovaPlacementPublic, uri]}
+          nova::keystone::auth_placement::internal_url: {get_param: [EndpointMap, NovaPlacementInternal, uri]}
+          nova::keystone::auth_placement::admin_url: {get_param: [EndpointMap, NovaPlacementAdmin, uri]}
+          nova::keystone::auth_placement::password: {get_param: NovaPassword}
+          nova::keystone::auth_placement::region: {get_param: KeystoneRegion}
+        mysql:
+          map_merge:
+          - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
+          - nova::db::mysql_placement::password: {get_param: NovaPassword}
+            nova::db::mysql_placement::user: nova_placement
+            nova::db::mysql_placement::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+            nova::db::mysql_placement::dbname: nova_placement
+            nova::db::mysql_placement::allowed_hosts:
+              - '%'
+              - "%{hiera('mysql_bind_host')}"