diff options
Diffstat (limited to 'puppet')
198 files changed, 2048 insertions, 249 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index b1284452..24aa1525 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -30,8 +30,6 @@ parameters: type: json controller_names: type: comma_delimited_list - memcache_node_ips: - type: comma_delimited_list NetVipMap: type: json RedisVirtualIP: @@ -47,6 +45,7 @@ parameters: perform configuration on a Heat stack-update. UpdateIdentifier: type: string + default: '' description: > Setting to a previously unused value during stack-update will trigger package update on all nodes @@ -170,11 +169,6 @@ resources: list_join: - ',' - {get_param: controller_names} - memcached_node_ips_v6: - repeat: - template: "inet6:[NAME]" - for_each: - NAME: {get_param: memcache_node_ips} deploy_identifier: {get_param: DeployIdentifier} update_identifier: {get_param: UpdateIdentifier} stack_action: {get_param: StackAction} diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml index f28f606f..7d58d1da 100644 --- a/puppet/blockstorage-role.yaml +++ b/puppet/blockstorage-role.yaml @@ -409,6 +409,7 @@ resources: server: {get_resource: BlockStorage} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -517,6 +518,9 @@ resources: NodeExtraConfig: depends_on: NodeTLSCAData type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: BlockStorage} @@ -539,11 +543,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: BlockStorageDeployment properties: server: {get_resource: BlockStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -646,6 +660,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [BlockStorage, os_collect_config]} diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml index 85b276d6..48e5b97a 100644 --- a/puppet/cephstorage-role.yaml +++ b/puppet/cephstorage-role.yaml @@ -415,6 +415,7 @@ resources: server: {get_resource: CephStorage} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -521,6 +522,9 @@ resources: CephStorageExtraConfigPre: depends_on: CephStorageDeployment type: OS::TripleO::CephStorageExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: CephStorage} @@ -529,6 +533,9 @@ resources: NodeExtraConfig: depends_on: [CephStorageExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: CephStorage} @@ -550,11 +557,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: CephStorageDeployment properties: server: {get_resource: CephStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -657,6 +674,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [CephStorage, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [CephStorage, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [CephStorage, os_collect_config]} diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml index 10d082cb..3ad6f745 100644 --- a/puppet/compute-role.yaml +++ b/puppet/compute-role.yaml @@ -418,6 +418,7 @@ resources: server: {get_resource: NovaCompute} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig @@ -544,6 +545,9 @@ resources: ComputeExtraConfigPre: depends_on: NovaComputeDeployment type: OS::TripleO::ComputeExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: NovaCompute} @@ -552,6 +556,9 @@ resources: NodeExtraConfig: depends_on: [ComputeExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: NovaCompute} @@ -574,11 +581,21 @@ resources: update_identifier: get_param: UpdateIdentifier + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: NovaComputeDeployment properties: server: {get_resource: NovaCompute} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -602,6 +619,45 @@ outputs: management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml index ca08c65d..933b5e60 100644 --- a/puppet/controller-role.yaml +++ b/puppet/controller-role.yaml @@ -27,10 +27,6 @@ parameters: default: '' description: Set to True to enable debugging on all services. type: string - EnableLoadBalancer: - default: true - description: Whether to deploy a LoadBalancer on the Controller - type: boolean ExtraConfig: default: {} description: | @@ -441,6 +437,7 @@ resources: server: {get_resource: Controller} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig @@ -524,8 +521,6 @@ resources: config: {get_resource: ControllerConfig} server: {get_resource: Controller} input_values: - bootstack_nodeid: {get_attr: [Controller, name]} - enable_load_balancer: {get_param: EnableLoadBalancer} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles @@ -567,11 +562,6 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: {get_param: ExtraConfig} controller: - # data supplied directly to this deployment configuration, etc - bootstack_nodeid: {get_input: bootstack_nodeid} - # Pacemaker - enable_load_balancer: {get_input: enable_load_balancer} - # Misc tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -587,6 +577,9 @@ resources: ControllerExtraConfigPre: depends_on: ControllerDeployment type: OS::TripleO::ControllerExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: Controller} @@ -595,6 +588,9 @@ resources: NodeExtraConfig: depends_on: [ControllerExtraConfigPre, NodeTLSData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: Controller} @@ -617,11 +613,21 @@ resources: update_identifier: get_param: UpdateIdentifier + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: ControllerDeployment properties: server: {get_resource: Controller} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -645,6 +651,45 @@ outputs: management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [Controller, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [Controller, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [Controller, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml index 313c1261..3b7bf40c 100644 --- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml +++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml @@ -174,45 +174,15 @@ resources: echo "$HOST_FQDN $MACS" fi - CollectMacDeploymentsController: +{% for role in roles %} + CollectMacDeployments{{role.name}}: type: OS::Heat::SoftwareDeployments properties: - name: CollectMacDeploymentsController - servers: {get_param: [servers, Controller]} - config: {get_resource: CollectMacConfig} - actions: ['CREATE'] # Only do this on CREATE - - CollectMacDeploymentsCompute: - type: OS::Heat::SoftwareDeployments - properties: - name: CollectMacDeploymentsCompute - servers: {get_param: [servers, Compute]} - config: {get_resource: CollectMacConfig} - actions: ['CREATE'] # Only do this on CREATE - - CollectMacDeploymentsBlockStorage: - type: OS::Heat::SoftwareDeployments - properties: - name: CollectMacDeploymentsBlockStorage - servers: {get_param: [servers, BlockStorage]} - config: {get_resource: CollectMacConfig} - actions: ['CREATE'] # Only do this on CREATE - - CollectMacDeploymentsObjectStorage: - type: OS::Heat::SoftwareDeployments - properties: - name: CollectMacDeploymentsObjectStorage - servers: {get_param: [servers, ObjectStorage]} - config: {get_resource: CollectMacConfig} - actions: ['CREATE'] # Only do this on CREATE - - CollectMacDeploymentsCephStorage: - type: OS::Heat::SoftwareDeployments - properties: - name: CollectMacDeploymentsCephStorage - servers: {get_param: [servers, CephStorage]} + name: CollectMacDeployments{{role.name}} + servers: {get_param: [servers, {{role.name}}]} config: {get_resource: CollectMacConfig} actions: ['CREATE'] # Only do this on CREATE +{% endfor %} # Now we calculate the additional nexus config based on the mappings MappingToNexusConfig: @@ -220,11 +190,9 @@ resources: properties: group: script inputs: - - name: controller_mappings - - name: compute_mappings - - name: blockstorage_mappings - - name: objectstorage_mappings - - name: cephstorage_mappings + {%- for role in roles %} + - name: {{role.name}}_mappings + {%- endfor %} - name: nexus_config config: | #!/bin/python @@ -233,11 +201,9 @@ resources: import os from copy import deepcopy - mappings = ['controller_mappings', - 'compute_mappings', - 'blockstorage_mappings', - 'objectstorage_mappings', - 'cephstorage_mappings', + mappings = [{%- for role in roles %} + '{{role.name}}_mappings', + {%- endfor %} 'nexus_config'] mapdict_list = [] nexus = {} @@ -295,11 +261,9 @@ resources: # FIXME(shardy): It'd be more convenient if we could join these # items together but because the returned format is a map (not a list) # we can't use list_join or str_replace. Possible Heat TODO. - controller_mappings: {get_attr: [CollectMacDeploymentsController, deploy_stdouts]} - compute_mappings: {get_attr: [CollectMacDeploymentsCompute, deploy_stdouts]} - blockstorage_mappings: {get_attr: [CollectMacDeploymentsBlockStorage, deploy_stdouts]} - objectstorage_mappings: {get_attr: [CollectMacDeploymentsObjectStorage, deploy_stdouts]} - cephstorage_mappings: {get_attr: [CollectMacDeploymentsCephStorage, deploy_stdouts]} + {%- for role in roles %} + {{role.name}}_mappings: {get_attr: [CollectMacDeployments{{role.name}}, deploy_stdouts]} + {%- endfor %} nexus_config: {get_param: NetworkNexusConfig} actions: ['CREATE'] # Only do this on CREATE diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml index 574c41b0..11113eec 100644 --- a/puppet/major_upgrade_steps.j2.yaml +++ b/puppet/major_upgrade_steps.j2.yaml @@ -18,6 +18,7 @@ parameters: type: json UpdateIdentifier: type: string + default: '' description: > Setting to a previously unused value during stack-update will trigger the Upgrade resources to re-run on all roles. @@ -31,7 +32,7 @@ parameters: default: 'regionOne' description: Keystone region for endpoint NovaPassword: - description: The password for the nova service and db account, used by nova-api. + description: The password for the nova service and db account type: string hidden: true diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml index 4a1670f8..a03a9da5 100644 --- a/puppet/objectstorage-role.yaml +++ b/puppet/objectstorage-role.yaml @@ -409,6 +409,7 @@ resources: server: {get_resource: SwiftStorage} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -517,6 +518,9 @@ resources: NodeExtraConfig: depends_on: NodeTLSCAData type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: SwiftStorage} @@ -538,11 +542,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: SwiftStorageHieraDeploy properties: server: {get_resource: SwiftStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -645,6 +659,45 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" management_ip_address: description: IP address of the server in the management network value: {get_attr: [ManagementPort, ip_address]} + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [SwiftStorage, os_collect_config]} diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2 index 82c6171e..f7651a57 100644 --- a/puppet/puppet-steps.j2 +++ b/puppet/puppet-steps.j2 @@ -1,16 +1,15 @@ {% set deploy_steps_max = 6 %} - conditions: {% for step in range(1, deploy_steps_max) %} WorkflowTasks_Step{{step}}_Enabled: or: - {% for role in roles %} + {%- for role in roles %} - not: equals: - get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}] - '' - False - {% endfor %} + {%- endfor %} {% endfor %} resources: @@ -24,6 +23,7 @@ resources: {{role.name}}ArtifactsDeploy: type: OS::Heat::StructuredDeployments properties: + name: {{role.name}}ArtifactsDeploy servers: {get_param: [servers, {{role.name}}]} config: {get_resource: {{role.name}}ArtifactsConfig} @@ -37,7 +37,7 @@ resources: {{role.name}}Config: type: OS::TripleO::{{role.name}}Config properties: - StepConfig: {list_join: ["\n", {get_param: [role_data, {{role.name}}, step_config]}]} + StepConfig: {get_param: [role_data, {{role.name}}, step_config]} # Step through a series of configuration steps {% for step in range(1, deploy_steps_max) %} @@ -50,16 +50,16 @@ resources: # WorkflowTasks_StepX resource and can be remove # if https://bugs.launchpad.net/heat/+bug/1700569 # is fixed. - {% if step == 1 %} - {% for dep in roles %} + {%- if step == 1 %} + {%- for dep in roles %} - {{dep.name}}PreConfig - {{dep.name}}ArtifactsDeploy - {% endfor %} - {% else %} - {% for dep in roles %} + {%- endfor %} + {%- else %} + {%- for dep in roles %} - {{dep.name}}Deployment_Step{{step -1}} - {% endfor %} - {% endif %} + {%- endfor %} + {%- endif %} properties: name: {{role.name}}Deployment_Step{{step}} servers: {get_param: [servers, {{role.name}}]} @@ -74,9 +74,9 @@ resources: # after all the previous deployment steps. {{role.name}}ExtraConfigPost: depends_on: - {% for dep in roles %} + {%- for dep in roles %} - {{dep.name}}Deployment_Step5 - {% endfor %} + {%- endfor %} type: OS::TripleO::NodeExtraConfigPost properties: servers: {get_param: [servers, {{role.name}}]} @@ -87,9 +87,9 @@ resources: {{role.name}}PostConfig: type: OS::TripleO::Tasks::{{role.name}}PostConfig depends_on: - {% for dep in roles %} + {%- for dep in roles %} - {{dep.name}}ExtraConfigPost - {% endfor %} + {%- endfor %} properties: servers: {get_param: servers} input_values: @@ -104,16 +104,16 @@ resources: type: OS::Mistral::Workflow condition: WorkflowTasks_Step{{step}}_Enabled depends_on: - {% if step == 1 %} - {% for dep in roles %} + {%- if step == 1 %} + {%- for dep in roles %} - {{dep.name}}PreConfig - {{dep.name}}ArtifactsDeploy - {% endfor %} - {% else %} - {% for dep in roles %} + {%- endfor %} + {%- else %} + {%- for dep in roles %} - {{dep.name}}Deployment_Step{{step -1}} - {% endfor %} - {% endif %} + {%- endfor %} + {%- endif %} properties: name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflowtasks", "step{{step}}"]]} type: direct @@ -121,9 +121,9 @@ resources: yaql: expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten() data: - {% for role in roles %} + {%- for role in roles %} - get_param: [role_data, {{role.name}}, service_workflow_tasks] - {% endfor %} + {%- endfor %} WorkflowTasks_Step{{step}}_Execution: type: OS::Mistral::ExternalResource @@ -136,11 +136,21 @@ resources: params: env: service_ips: { get_param: ctlplane_service_ips } + role_merged_configs: + {%- for r in roles %} + {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]} + {%- endfor %} + evaluate_env: false UPDATE: workflow: { get_resource: WorkflowTasks_Step{{step}} } params: env: service_ips: { get_param: ctlplane_service_ips } + role_merged_configs: + {%- for r in roles %} + {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]} + {%- endfor %} + evaluate_env: false always_update: true {% endfor %} # END service_workflow_tasks handling diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index 8617307b..18707b9a 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -1,3 +1,9 @@ +{# ## Some variables are set to enable rendering backwards compatible templates #} +{# ## where a few parameter/resource names don't match the expected pattern #} +{# ## FIXME: we need some way to deprecate the old inconsistent parameters #} +{%- if role.name == 'Controller' -%} + {%- set deprecated_extraconfig_param = 'controllerExtraConfig' -%} +{% endif %} heat_template_version: pike description: 'OpenStack {{role.name}} node configured by Puppet' parameters: @@ -70,6 +76,13 @@ parameters: description: | Role specific additional hiera configuration to inject into the cluster. type: json +{%- if deprecated_extraconfig_param is defined %} + {{deprecated_extraconfig_param}}: + default: {} + description: | + DEPRECATED use {{role.name}}ExtraConfig instead + type: json +{%- endif %} {{role.name}}IPs: default: {} type: json @@ -189,6 +202,14 @@ parameters: object: 0 default: {} +{% if deprecated_extraconfig_param is defined %} +parameter_groups: +- label: deprecated + description: Do not use deprecated params, they will be removed. + parameters: + - {{deprecated_extraconfig_param}} +{%- endif %} + conditions: server_not_blacklisted: not: @@ -386,6 +407,7 @@ resources: server: {get_resource: {{role.name}}} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -473,7 +495,12 @@ resources: map_replace: - {get_param: ServiceConfigSettings} - values: {get_attr: [NetIpMap, net_ip_map]} - {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig} + {{role.name.lower()}}_extraconfig: + map_merge: +{%- if deprecated_extraconfig_param is defined %} + - {get_param: {{deprecated_extraconfig_param}}} +{%- endif %} + - {get_param: {{role.name}}ExtraConfig} extraconfig: {get_param: ExtraConfig} {{role.name.lower()}}: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -486,26 +513,51 @@ resources: fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]} fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]} + {%- if 'primary' in role.tags and 'controller' in role.tags %} + tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + {%- endif -%} # Resource for site-specific injection of root certificate NodeTLSCAData: - depends_on: {{role.name}}Deployment + depends_on: NetworkDeployment type: OS::TripleO::NodeTLSCAData properties: server: {get_resource: {{role.name}}} + {%- if 'primary' in role.tags and 'controller' in role.tags %} + # Resource for site-specific passing of private keys/certificates + NodeTLSData: + depends_on: NodeTLSCAData + type: OS::TripleO::NodeTLSData + properties: + server: {get_resource: {{role.name}}} + NodeIndex: {get_param: NodeIndex} + {%- endif -%} + # Hook for site-specific additional pre-deployment config, e.g extra hieradata {{role.name}}ExtraConfigPre: depends_on: {{role.name}}Deployment type: OS::TripleO::{{role.name}}ExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: {{role.name}}} # Hook for site-specific additional pre-deployment config, # applying to all nodes, e.g node registration/unregistration NodeExtraConfig: - depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData] + depends_on: + - {{role.name}}ExtraConfigPre + {%- if 'primary' in role.tags and 'controller' in role.tags %} + - NodeTLSData + {%- else %} + - NodeTLSCAData + {%- endif %} type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: {{role.name}}} @@ -528,11 +580,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: {{role.name}}Deployment properties: server: {get_resource: {{role.name}}} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: @@ -592,6 +654,53 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" value: {get_resource: {{role.name}}} condition: server_not_blacklisted + deployed_server_port_map: + description: | + Map of Heat created hostname of the server to ip address. This is the + hostname before it has been mapped with the HostnameMap parameter, and + the IP address from the ctlplane network. This map can be used to construct + the DeployedServerPortMap parameter when using split-stack. + value: + map_replace: + - hostname: + fixed_ips: + - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + - keys: + hostname: + list_join: + - '-' + - - {get_param: Hostname} + - ctlplane + deployed_server_deployment_swift_data_map: + description: + Map of Heat created hostname of the server to the Swift container and object + used to created the temporary url for metadata polling with + os-collect-config. + value: + map_replace: + - hostname: + container: + str_split: + - '/' + - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]} + - 5 + object: + str_split: + - '?' + - str_split: + - '/' + - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]} + - 6 + - 0 + - keys: {hostname: {get_param: Hostname}} + {%- if 'primary' in role.tags and 'controller' in role.tags %} + tls_key_modulus_md5: + description: MD5 checksum of the TLS Key Modulus + value: {get_attr: [NodeTLSData, key_modulus_md5]} + tls_cert_modulus_md5: + description: MD5 checksum of the TLS Certificate Modulus + value: {get_attr: [NodeTLSData, cert_modulus_md5]} + {%- endif %} os_collect_config: description: The os-collect-config configuration associated with this server resource value: {get_attr: [{{role.name}}, os_collect_config]} diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml index 561b48cb..d9b61ccd 100644 --- a/puppet/services/aodh-api.yaml +++ b/puppet/services/aodh-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Aodh API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -43,6 +47,7 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -52,6 +57,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 0563d08b..9e970475 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Aodh service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -64,6 +68,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: AodhDebug}, '']} @@ -91,6 +101,7 @@ outputs: - {get_param: Debug } - {get_param: AodhDebug } aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } + aodh::notification_driver: {get_param: NotificationDriver} aodh::rabbit_userid: {get_param: RabbitUserName} aodh::rabbit_password: {get_param: RabbitPassword} aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml index 669c11dd..eedb291f 100644 --- a/puppet/services/aodh-evaluator.yaml +++ b/puppet/services/aodh-evaluator.yaml @@ -4,6 +4,10 @@ description: > OpenStack Aodh Evaluator service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml index 17710ecb..631a3dc1 100644 --- a/puppet/services/aodh-listener.yaml +++ b/puppet/services/aodh-listener.yaml @@ -4,6 +4,10 @@ description: > OpenStack Aodh Listener service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml index 2eed1b75..1bc5e4df 100644 --- a/puppet/services/aodh-notifier.yaml +++ b/puppet/services/aodh-notifier.yaml @@ -4,6 +4,10 @@ description: > OpenStack Aodh Notifier service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: AodhBase: type: ./aodh-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml index 23fcab90..6c55fde3 100644 --- a/puppet/services/apache.yaml +++ b/puppet/services/apache.yaml @@ -13,6 +13,10 @@ parameters: default: 256 description: Maximum number of Apache processes. type: number + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/auditd.yaml b/puppet/services/auditd.yaml index 3eff534b..3a676ddf 100644 --- a/puppet/services/auditd.yaml +++ b/puppet/services/auditd.yaml @@ -4,6 +4,10 @@ description: > AuditD configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml index 51331242..a894dbdf 100644 --- a/puppet/services/barbican-api.yaml +++ b/puppet/services/barbican-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Barbican API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -73,12 +77,19 @@ parameters: e.g. { barbican-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -109,6 +120,7 @@ outputs: - service_debug_unset - {get_param: Debug } - {get_param: BarbicanDebug } + barbican::api::notification_driver: {get_param: NotificationDriver} barbican::api::rabbit_use_ssl: {get_param: RabbitClientUseSSL} barbican::api::rabbit_userid: {get_param: RabbitUserName} barbican::api::rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml index 6249c1ab..46446f14 100644 --- a/puppet/services/ca-certs.yaml +++ b/puppet/services/ca-certs.yaml @@ -4,6 +4,10 @@ description: > HAproxy service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index 2dbaf554..2d3c91a9 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer Central Agent service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -43,6 +47,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml index c453a43d..3cf51519 100644 --- a/puppet/services/ceilometer-agent-compute.yaml +++ b/puppet/services/ceilometer-agent-compute.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer Compute Agent service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -40,6 +44,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceilometer-agent-ipmi.yaml b/puppet/services/ceilometer-agent-ipmi.yaml index 7dd1e78d..f61f9083 100644 --- a/puppet/services/ceilometer-agent-ipmi.yaml +++ b/puppet/services/ceilometer-agent-ipmi.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer Ipmi Agent service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -43,6 +47,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml index 6e893564..d6e98ae8 100644 --- a/puppet/services/ceilometer-agent-notification.yaml +++ b/puppet/services/ceilometer-agent-notification.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer Notification Agent service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -40,6 +44,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index 74b0c3d2..aba303fb 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -48,6 +52,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -57,6 +62,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 1d86369b..9fc1530a 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -103,6 +107,12 @@ parameters: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']} @@ -139,6 +149,7 @@ outputs: ceilometer::dispatcher::gnocchi::filter_project: 'service' ceilometer::dispatcher::gnocchi::archive_policy: 'low' ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml' + ceilometer::notification_driver: {get_param: NotificationDriver} ceilometer::rabbit_userid: {get_param: RabbitUserName} ceilometer::rabbit_password: {get_param: RabbitPassword} ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml index 3ec18420..918a8839 100644 --- a/puppet/services/ceilometer-collector.yaml +++ b/puppet/services/ceilometer-collector.yaml @@ -5,6 +5,10 @@ description: > This service is deprecated and will be removed in future releases. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -73,6 +77,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -82,6 +87,7 @@ resources: MongoDbBase: type: ./database/mongodb-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml index 775e921a..40c41ba4 100644 --- a/puppet/services/ceilometer-expirer.yaml +++ b/puppet/services/ceilometer-expirer.yaml @@ -6,6 +6,10 @@ description: > future releases. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -36,6 +40,7 @@ resources: CeilometerServiceBase: type: ./ceilometer-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 48d95993..ce9f9b9d 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -35,6 +35,10 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml index ec34fcae..0bee5fcd 100644 --- a/puppet/services/ceph-client.yaml +++ b/puppet/services/ceph-client.yaml @@ -4,6 +4,10 @@ description: > Ceph Client service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: CephBase: type: ./ceph-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml index 65e6ea80..97e44159 100644 --- a/puppet/services/ceph-external.yaml +++ b/puppet/services/ceph-external.yaml @@ -33,6 +33,10 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/ceph-mds.yaml b/puppet/services/ceph-mds.yaml index 270d3a26..c561ea0e 100644 --- a/puppet/services/ceph-mds.yaml +++ b/puppet/services/ceph-mds.yaml @@ -4,6 +4,10 @@ description: > Ceph MDS service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -36,6 +40,7 @@ resources: CephBase: type: ./ceph-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index 28552301..4fe6e908 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -4,6 +4,10 @@ description: > Ceph Monitor service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -69,11 +73,11 @@ parameters: type: json CephValidationRetries: type: number - default: 5 + default: 40 description: Number of retry attempts for Ceph validation CephValidationDelay: type: number - default: 10 + default: 30 description: Interval (in seconds) in between validation checks MonitoringSubscriptionCephMon: default: 'overcloud-ceph-mon' @@ -87,6 +91,7 @@ resources: CephBase: type: ./ceph-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml index 24b2886a..8f43b08a 100644 --- a/puppet/services/ceph-osd.yaml +++ b/puppet/services/ceph-osd.yaml @@ -4,6 +4,10 @@ description: > Ceph OSD service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -52,6 +56,7 @@ resources: CephBase: type: ./ceph-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml index ad91b4ec..29629461 100644 --- a/puppet/services/ceph-rgw.yaml +++ b/puppet/services/ceph-rgw.yaml @@ -4,6 +4,10 @@ description: > Ceph RadosGW service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -36,7 +40,7 @@ parameters: type: string hidden: true SwiftPassword: - description: The password for the swift service account, used by the Ceph RGW services. + description: The password for the swift service account type: string hidden: true KeystoneRegion: @@ -48,6 +52,7 @@ resources: CephBase: type: ./ceph-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/certmonger-user.yaml b/puppet/services/certmonger-user.yaml index 0508c557..216c7ad3 100644 --- a/puppet/services/certmonger-user.yaml +++ b/puppet/services/certmonger-user.yaml @@ -4,6 +4,10 @@ description: > Requests certificates using certmonger through Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 036209f3..fbfe532a 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -13,6 +13,10 @@ parameters: description: The password for the cinder service account, used by cinder-api. type: string hidden: true + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -60,6 +64,12 @@ parameters: e.g. { cinder-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: cinder_workers_zero: {equals : [{get_param: CinderWorkers}, 0]} @@ -69,6 +79,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -79,6 +90,7 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -105,6 +117,7 @@ outputs: cinder::keystone::authtoken::user_domain_name: 'Default' cinder::keystone::authtoken::project_domain_name: 'Default' cinder::policy::policies: {get_param: CinderApiPolicies} + cinder::ceilometer::notification_driver: {get_param: NotificationDriver} cinder::api::enable_proxy_headers_parsing: true cinder::api::nova_catalog_info: 'compute:nova:internalURL' diff --git a/puppet/services/cinder-backend-dellps.yaml b/puppet/services/cinder-backend-dellps.yaml index d0382534..caa2f2f7 100644 --- a/puppet/services/cinder-backend-dellps.yaml +++ b/puppet/services/cinder-backend-dellps.yaml @@ -49,6 +49,10 @@ parameters: CinderDellPsUseChap: type: boolean default: false + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-backend-dellsc.yaml b/puppet/services/cinder-backend-dellsc.yaml index c0bffb18..136852a6 100644 --- a/puppet/services/cinder-backend-dellsc.yaml +++ b/puppet/services/cinder-backend-dellsc.yaml @@ -64,6 +64,10 @@ parameters: CinderDellScExcludedDomainIp: type: string default: '' + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-backend-netapp.yaml b/puppet/services/cinder-backend-netapp.yaml index fbde4c0a..9cbac246 100644 --- a/puppet/services/cinder-backend-netapp.yaml +++ b/puppet/services/cinder-backend-netapp.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Openstack Cinder Netapp backend parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-backend-pure.yaml b/puppet/services/cinder-backend-pure.yaml index 576896a4..6f4de25b 100644 --- a/puppet/services/cinder-backend-pure.yaml +++ b/puppet/services/cinder-backend-pure.yaml @@ -17,6 +17,10 @@ description: > Openstack Cinder Pure Storage FlashArray backend parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-backend-scaleio.yaml b/puppet/services/cinder-backend-scaleio.yaml index 832cc099..97bac05d 100644 --- a/puppet/services/cinder-backend-scaleio.yaml +++ b/puppet/services/cinder-backend-scaleio.yaml @@ -69,6 +69,10 @@ parameters: CinderScaleIOSanThinProvision: type: boolean default: true + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-backend-veritas-hyperscale.yaml b/puppet/services/cinder-backend-veritas-hyperscale.yaml new file mode 100644 index 00000000..11ceb2fd --- /dev/null +++ b/puppet/services/cinder-backend-veritas-hyperscale.yaml @@ -0,0 +1,56 @@ +# Copyright (c) 2017 Veritas Technologies LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +heat_template_version: ocata + +description: > + Openstack Veritas HyperScale backend + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + type: json + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + +outputs: + role_data: + description: Role data for the Cinder Veritas HyperScale backend. + value: + service_name: cinder_backend_veritas_hyperscale + config_settings: + tripleo::profile::base::cinder::volume::cinder_enable_vrts_hs_backend: true + step_config: | + include ::tripleo::profile::base::cinder::volume diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml index 629a0f5b..7ac4321b 100644 --- a/puppet/services/cinder-backup.yaml +++ b/puppet/services/cinder-backup.yaml @@ -16,6 +16,10 @@ parameters: CephClientUserName: default: openstack type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -47,6 +51,7 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index f7dfe5e1..5b2a2582 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -16,6 +16,10 @@ parameters: default: '' description: Set to True to enable debugging on Cinder services. type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-hpelefthand-iscsi.yaml b/puppet/services/cinder-hpelefthand-iscsi.yaml index 3ea0fd87..8f443cc8 100644 --- a/puppet/services/cinder-hpelefthand-iscsi.yaml +++ b/puppet/services/cinder-hpelefthand-iscsi.yaml @@ -23,6 +23,10 @@ parameters: CinderHPELeftHandDebug: type: boolean default: false + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml index 806f9bb4..540a3523 100644 --- a/puppet/services/cinder-scheduler.yaml +++ b/puppet/services/cinder-scheduler.yaml @@ -4,6 +4,10 @@ description: > OpenStack Cinder Scheduler service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -40,6 +44,7 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml index 1f8c345d..d95370d7 100644 --- a/puppet/services/cinder-volume.yaml +++ b/puppet/services/cinder-volume.yaml @@ -60,6 +60,10 @@ parameters: CephClientUserName: default: openstack type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -96,6 +100,7 @@ resources: CinderBase: type: ./cinder-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml index 5bca94d7..f5d38b60 100644 --- a/puppet/services/congress.yaml +++ b/puppet/services/congress.yaml @@ -4,6 +4,10 @@ description: > OpenStack Congress service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -33,6 +37,7 @@ parameters: Debug: type: string default: '' + description: Set to True to enable debugging on all services. CongressDebug: default: '' description: Set to True to enable debugging Glance service. @@ -65,6 +70,12 @@ parameters: e.g. { congress-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: CongressDebug}, '']} @@ -92,6 +103,7 @@ outputs: - {get_param: Debug } - {get_param: CongressDebug } congress::rpc_backend: rabbit + congress::notification_driver: {get_param: NotificationDriver} congress::rabbit_userid: {get_param: RabbitUserName} congress::rabbit_password: {get_param: RabbitPassword} congress::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml index b5fced4c..c218e8b5 100644 --- a/puppet/services/database/mongodb-base.yaml +++ b/puppet/services/database/mongodb-base.yaml @@ -15,6 +15,10 @@ parameters: MongoDbReplset: type: string default: "tripleo" + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml index 968d4355..04f34e24 100644 --- a/puppet/services/database/mongodb.yaml +++ b/puppet/services/database/mongodb.yaml @@ -5,6 +5,10 @@ description: > parameters: #Parameters not used EndpointMap + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -52,6 +56,7 @@ resources: MongoDbBase: type: ./mongodb-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/database/mysql-client.yaml b/puppet/services/database/mysql-client.yaml index 19d732dd..2eb20789 100644 --- a/puppet/services/database/mysql-client.yaml +++ b/puppet/services/database/mysql-client.yaml @@ -4,6 +4,10 @@ description: > Mysql client settings parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml index 882ba299..abbe7a22 100644 --- a/puppet/services/database/mysql.yaml +++ b/puppet/services/database/mysql.yaml @@ -5,6 +5,10 @@ description: > parameters: #Parameters not used EndpointMap + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -47,7 +51,7 @@ parameters: description: Whether to use Galera instead of regular MariaDB. type: boolean NovaPassword: - description: The password for the nova db account + description: The password for the nova service and db account type: string hidden: true EnableInternalTLS: diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index 89fa8065..2a6a89e9 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -5,13 +5,17 @@ description: > parameters: RedisPassword: - description: The password for Redis + description: The password for the redis service account. type: string hidden: true RedisFDLimit: description: Configure Redis FD limit type: string default: 10240 + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/database/redis.yaml b/puppet/services/database/redis.yaml index 9567a73f..bd96823b 100644 --- a/puppet/services/database/redis.yaml +++ b/puppet/services/database/redis.yaml @@ -4,6 +4,10 @@ description: > OpenStack Redis service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,6 +35,7 @@ resources: RedisBase: type: ./redis-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/disabled/ceilometer-api-disabled.yaml b/puppet/services/disabled/ceilometer-api-disabled.yaml new file mode 100644 index 00000000..a4fb91db --- /dev/null +++ b/puppet/services/disabled/ceilometer-api-disabled.yaml @@ -0,0 +1,45 @@ +heat_template_version: pike + +description: > + OpenStack Ceilometer API service, disabled since pike + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the disabled Ceilometer API role. + value: + service_name: ceilometer_api_disabled + upgrade_tasks: + - name: Purge Ceilometer apache config files + tags: step1 + file: path=/etc/httpd/conf.d/10-ceilometer_wsgi.conf state=absent + - name: Clean up ceilometer port from ports.conf + tags: step1 + lineinfile: dest=/etc/httpd/conf/ports.conf state=absent regexp="8777$" diff --git a/puppet/services/disabled/ceilometer-collector-disabled.yaml b/puppet/services/disabled/ceilometer-collector-disabled.yaml index 18092a8f..f6170c8f 100644 --- a/puppet/services/disabled/ceilometer-collector-disabled.yaml +++ b/puppet/services/disabled/ceilometer-collector-disabled.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer Collector service, disabled since pike parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/disabled/ceilometer-expirer-disabled.yaml b/puppet/services/disabled/ceilometer-expirer-disabled.yaml index 7110afaa..7c680c61 100644 --- a/puppet/services/disabled/ceilometer-expirer-disabled.yaml +++ b/puppet/services/disabled/ceilometer-expirer-disabled.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ceilometer Expirer service, disabled since pike parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/disabled/glance-registry-disabled.yaml b/puppet/services/disabled/glance-registry-disabled.yaml index 85a5c5ef..238e7395 100644 --- a/puppet/services/disabled/glance-registry-disabled.yaml +++ b/puppet/services/disabled/glance-registry-disabled.yaml @@ -4,6 +4,10 @@ description: > OpenStack Glance Registry service, disabled since ocata parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/disabled/mongodb-disabled.yaml b/puppet/services/disabled/mongodb-disabled.yaml index fa3fe9a8..9e58103c 100644 --- a/puppet/services/disabled/mongodb-disabled.yaml +++ b/puppet/services/disabled/mongodb-disabled.yaml @@ -4,6 +4,10 @@ description: > Mongodb service, disabled by default since pike parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/docker.yaml b/puppet/services/docker.yaml index 2be21122..d11ef66a 100644 --- a/puppet/services/docker.yaml +++ b/puppet/services/docker.yaml @@ -4,18 +4,20 @@ description: > Configures docker on the host parameters: - DockerNamespace: - description: namespace - default: tripleoupstream + DockerInsecureRegistryAddress: + description: Optional. The IP Address and Port of an insecure docker + namespace that will be configured in /etc/sysconfig/docker. type: string - DockerNamespaceIsRegistry: - type: boolean - default: false + default: '' EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,14 +36,19 @@ parameters: description: Parameters specific to the role type: json +conditions: + insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, '']} + outputs: role_data: description: Role data for the docker service value: service_name: docker config_settings: - tripleo::profile::base::docker::docker_namespace: {get_param: DockerNamespace} - tripleo::profile::base::docker::insecure_registry: {get_param: DockerNamespaceIsRegistry} + if: + - insecure_registry_is_empty + - {} + - tripleo::profile::base::docker::insecure_registry_address: {get_param: DockerInsecureRegistryAddress} step_config: | include ::tripleo::profile::base::docker upgrade_tasks: diff --git a/puppet/services/ec2-api.yaml b/puppet/services/ec2-api.yaml index aa878a91..85fdb369 100644 --- a/puppet/services/ec2-api.yaml +++ b/puppet/services/ec2-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack EC2-API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -57,7 +61,7 @@ parameters: path: /var/log/ec2api/ec2api.log EnablePackageInstall: default: 'false' - description: Set to true to enable package installation via Puppet + description: Set to true to enable package installation at deploy time type: boolean Ec2ApiPolicies: description: | diff --git a/puppet/services/etcd.yaml b/puppet/services/etcd.yaml index 2e87764d..4828fcb9 100644 --- a/puppet/services/etcd.yaml +++ b/puppet/services/etcd.yaml @@ -4,6 +4,10 @@ description: > Etcd service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/external-swift-proxy.yaml b/puppet/services/external-swift-proxy.yaml index 206536d7..ac1f11ac 100644 --- a/puppet/services/external-swift-proxy.yaml +++ b/puppet/services/external-swift-proxy.yaml @@ -4,6 +4,10 @@ description: > External Swift Proxy endpoint configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -40,7 +44,7 @@ parameters: type: string default: 'service' SwiftPassword: - description: The password for the swift service account, used by the swift proxy services. + description: The password for the swift service account type: string hidden: true KeystoneRegion: diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index a3d5a793..8ec3546f 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Glance API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -128,6 +132,12 @@ parameters: e.g. { glance-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]} @@ -147,6 +157,7 @@ resources: TLSProxyBase: type: OS::TripleO::Services::TLSProxyBase properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -200,6 +211,7 @@ outputs: glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]} + glance::api::os_region_name: {get_param: KeystoneRegion} # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api): @@ -237,7 +249,7 @@ outputs: glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort} glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword} glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL} - glance::notify::rabbitmq::notification_driver: messagingv2 + glance::notify::rabbitmq::notification_driver: {get_param: NotificationDriver} tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled} tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare} tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions} diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index 2411d42d..cd7ab692 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -4,6 +4,10 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -64,6 +68,7 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -73,6 +78,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index b4af7e85..7f64e97b 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -4,6 +4,10 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index 5ada99fa..d45d140a 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -4,6 +4,10 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -38,6 +42,7 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index 5ba1dfc7..85eba5d4 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -4,6 +4,10 @@ description: > Gnocchi service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: GnocchiServiceBase: type: ./gnocchi-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/haproxy-internal-tls-certmonger.yaml b/puppet/services/haproxy-internal-tls-certmonger.yaml index 1866bb97..b6b4f270 100644 --- a/puppet/services/haproxy-internal-tls-certmonger.yaml +++ b/puppet/services/haproxy-internal-tls-certmonger.yaml @@ -4,6 +4,10 @@ description: > HAProxy deployment with TLS enabled, powered by certmonger parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/haproxy-public-tls-certmonger.yaml b/puppet/services/haproxy-public-tls-certmonger.yaml index 7ebacdbc..e79d2aec 100644 --- a/puppet/services/haproxy-public-tls-certmonger.yaml +++ b/puppet/services/haproxy-public-tls-certmonger.yaml @@ -4,6 +4,10 @@ description: > HAProxy deployment with TLS enabled, powered by certmonger parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 5bdc3b88..a37135da 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -4,6 +4,10 @@ description: > HAproxy service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -26,6 +30,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + EnableLoadBalancer: + default: true + description: Whether to deploy a LoadBalancer, set to false when an external load balancer is used. + type: boolean HAProxyStatsPassword: description: Password for HAProxy stats endpoint hidden: true @@ -43,7 +51,7 @@ parameters: description: Whether or not to enable the HAProxy stats interface. type: boolean RedisPassword: - description: The password for Redis + description: The password for the redis service account. type: string hidden: true MonitoringSubscriptionHaproxy: @@ -65,6 +73,7 @@ resources: HAProxyPublicTLS: type: OS::TripleO::Services::HAProxyPublicTLS properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -74,6 +83,7 @@ resources: HAProxyInternalTLS: type: OS::TripleO::Services::HAProxyInternalTLS properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -100,6 +110,7 @@ outputs: tripleo::haproxy::ca_bundle: {get_param: InternalTLSCAFile} tripleo::haproxy::crl_file: {get_param: InternalTLSCRLPEMFile} tripleo::haproxy::haproxy_stats: {get_param: HAProxyStatsEnabled} + enable_load_balancer: {get_param: EnableLoadBalancer} tripleo::profile::base::haproxy::certificates_specs: map_merge: - get_attr: [HAProxyPublicTLS, role_data, certificates_specs] diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index 92d73cfb..070bd7c7 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -4,6 +4,10 @@ description: > Openstack Heat CloudFormation API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -58,6 +62,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -68,6 +73,7 @@ resources: HeatBase: type: ./heat-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -124,6 +130,8 @@ outputs: heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]} heat::keystone::auth_cfn::password: {get_param: HeatPassword} heat::keystone::auth_cfn::region: {get_param: KeystoneRegion} + metadata_settings: + get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - name: Check if heat_api_cfn is deployed command: systemctl is-enabled openstack-heat-api-cfn diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index a740d201..689251a3 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -4,6 +4,10 @@ description: > Openstack Heat CloudWatch API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -50,6 +54,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -60,6 +65,7 @@ resources: HeatBase: type: ./heat-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -108,6 +114,8 @@ outputs: - heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers} step_config: | include ::tripleo::profile::base::heat::api_cloudwatch + metadata_settings: + get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - name: Check if heat_api_cloudwatch is deployed command: systemctl is-enabled openstack-heat-api-cloudwatch diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index ced7f0c4..51f52a71 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -4,6 +4,10 @@ description: > Openstack Heat API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -64,6 +68,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -74,6 +79,7 @@ resources: HeatBase: type: ./heat-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -131,6 +137,8 @@ outputs: heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} heat::keystone::auth::password: {get_param: HeatPassword} heat::keystone::auth::region: {get_param: KeystoneRegion} + metadata_settings: + get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - name: Check is heat_api is deployed command: systemctl is-enabled openstack-heat-api diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index d89fe46a..269fa0c2 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -30,6 +30,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -115,6 +119,12 @@ parameters: default: 1048576 description: Maximum raw byte size of the Heat API JSON request body. type: number + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: HeatDebug}, '']} @@ -125,6 +135,7 @@ outputs: value: service_name: heat_base config_settings: + heat::notification_driver: {get_param: NotificationDriver} heat::rabbit_userid: {get_param: RabbitUserName} heat::rabbit_password: {get_param: RabbitPassword} heat::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index 1d5f054b..855af6f1 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -4,6 +4,10 @@ description: > Openstack Heat Engine service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -70,6 +74,7 @@ resources: HeatBase: type: ./heat-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 1f97b8ba..63ab92eb 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -4,6 +4,10 @@ description: > Horizon service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index 0e8eacf1..f003be72 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ironic API configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -51,6 +55,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -61,6 +66,7 @@ resources: IronicBase: type: ./ironic-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml index 41d6cedc..f49141df 100644 --- a/puppet/services/ironic-base.yaml +++ b/puppet/services/ironic-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ironic services configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index 0e8c8e12..1ed1ee7c 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ironic conductor configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -103,6 +107,7 @@ resources: IronicBase: type: ./ironic-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/ironic-inspector.yaml b/puppet/services/ironic-inspector.yaml index e8537a29..a7627927 100644 --- a/puppet/services/ironic-inspector.yaml +++ b/puppet/services/ironic-inspector.yaml @@ -4,6 +4,10 @@ description: > OpenStack Ironic Inspector configured with Puppet (EXPERIMENTAL) parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/network/contrail-provision.yaml b/puppet/services/iscsid.yaml index 8918f6da..9510df3b 100644 --- a/puppet/services/network/contrail-provision.yaml +++ b/puppet/services/iscsid.yaml @@ -1,9 +1,13 @@ heat_template_version: pike description: > - Provision Contrail services after deployment + Configure iscsid parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -27,23 +31,11 @@ parameters: via parameter_defaults in the resource registry. type: json -resources: - ContrailBase: - type: ./contrail-base.yaml - properties: - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - RoleName: {get_param: RoleName} - RoleParameters: {get_param: RoleParameters} - outputs: role_data: - description: Contrail provisioning role + description: Role data for iscsid value: - service_name: contrail_provision - config_settings: - map_merge: - - get_attr: [ContrailBase, role_data, config_settings] + service_name: iscsid + config_setting: {} step_config: | - include ::tripleo::network::contrail::provision + include ::tripleo::profile::base::iscsid diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index 44e6b248..a258ee41 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -4,6 +4,10 @@ description: > Keepalived service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml index c142b475..011ec037 100644 --- a/puppet/services/kernel.yaml +++ b/puppet/services/kernel.yaml @@ -4,6 +4,10 @@ description: > Load kernel modules with kmod and configure kernel options with sysctl. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 60d194bc..8796209b 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -38,6 +38,10 @@ parameters: default: 'fernet' constraints: - allowed_values: ['uuid', 'fernet'] + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -63,6 +67,7 @@ parameters: Debug: type: string default: '' + description: Set to True to enable debugging on all services. KeystoneDebug: default: '' description: Set to True to enable debugging Keystone service. @@ -203,6 +208,12 @@ parameters: type: json default: {} hidden: true + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] parameter_groups: - label: deprecated @@ -214,12 +225,14 @@ parameter_groups: parameters: - KeystoneFernetKey0 - KeystoneFernetKey1 + - KeystoneNotificationDriver resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -281,7 +294,7 @@ outputs: keystone::rabbit_password: {get_param: RabbitPassword} keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL} keystone::rabbit_port: {get_param: RabbitClientPort} - keystone::notification_driver: {get_param: KeystoneNotificationDriver} + keystone::notification_driver: {get_param: NotificationDriver} keystone::notification_format: {get_param: KeystoneNotificationFormat} keystone::roles::admin::email: {get_param: AdminEmail} keystone::roles::admin::password: {get_param: AdminPassword} diff --git a/puppet/services/logging/fluentd-base.yaml b/puppet/services/logging/fluentd-base.yaml index 21049a9e..0ab157c7 100644 --- a/puppet/services/logging/fluentd-base.yaml +++ b/puppet/services/logging/fluentd-base.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Fluentd base service parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/logging/fluentd-client.yaml b/puppet/services/logging/fluentd-client.yaml index e34f31fa..958306f8 100644 --- a/puppet/services/logging/fluentd-client.yaml +++ b/puppet/services/logging/fluentd-client.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Fluentd client configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/logging/fluentd-config.yaml b/puppet/services/logging/fluentd-config.yaml index 9ade6419..a2390545 100644 --- a/puppet/services/logging/fluentd-config.yaml +++ b/puppet/services/logging/fluentd-config.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Fluentd logging configuration parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 2710d789..9fc76bf6 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -4,6 +4,10 @@ description: > Manila-api service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -42,6 +46,7 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/manila-backend-cephfs.yaml b/puppet/services/manila-backend-cephfs.yaml index f4c7a074..9d6b508b 100644 --- a/puppet/services/manila-backend-cephfs.yaml +++ b/puppet/services/manila-backend-cephfs.yaml @@ -4,6 +4,10 @@ description: > Openstack Manila Cephfs backend parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/manila-backend-generic.yaml b/puppet/services/manila-backend-generic.yaml index 7be92399..44f4a642 100644 --- a/puppet/services/manila-backend-generic.yaml +++ b/puppet/services/manila-backend-generic.yaml @@ -49,6 +49,10 @@ parameters: ManilaServiceNetworkCidr: type: string default: '172.16.0.0/16' + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/manila-backend-netapp.yaml b/puppet/services/manila-backend-netapp.yaml index b1068488..d4caedf0 100644 --- a/puppet/services/manila-backend-netapp.yaml +++ b/puppet/services/manila-backend-netapp.yaml @@ -64,6 +64,10 @@ parameters: ManilaNetappSnapmirrorQuiesceTimeout: type: number default: 3600 + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml index d0ee2125..3c825473 100644 --- a/puppet/services/manila-base.yaml +++ b/puppet/services/manila-base.yaml @@ -4,6 +4,10 @@ description: > Openstack Manila base service. Shared by manila-api/scheduler/share services parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -56,6 +60,12 @@ parameters: description: The password for the manila service account. type: string hidden: true + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: ManilaDebug}, '']} @@ -66,6 +76,7 @@ outputs: value: service_name: manila_base config_settings: + manila::notification_driver: {get_param: NotificationDriver} manila::rabbit_userid: {get_param: RabbitUserName} manila::rabbit_password: {get_param: RabbitPassword} manila::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml index b3d1ffa2..7d43f685 100644 --- a/puppet/services/manila-scheduler.yaml +++ b/puppet/services/manila-scheduler.yaml @@ -4,6 +4,10 @@ description: > Manila-scheduler service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -28,7 +32,7 @@ parameters: type: json NovaPassword: type: string - description: The password for the nova service and db account, used by nova-api. + description: The password for the nova service and db account hidden: true NeutronPassword: description: The password for the neutron service and db account, used by neutron agents. @@ -46,6 +50,7 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml index 50d7f7c6..08c36483 100644 --- a/puppet/services/manila-share.yaml +++ b/puppet/services/manila-share.yaml @@ -4,6 +4,10 @@ description: > Manila-share service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -38,6 +42,7 @@ resources: ManilaBase: type: ./manila-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml index 5b98e02b..2bc08fde 100644 --- a/puppet/services/memcached.yaml +++ b/puppet/services/memcached.yaml @@ -4,6 +4,10 @@ description: > Memcached service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/metrics/collectd.yaml b/puppet/services/metrics/collectd.yaml index da77ef0e..7fd301b2 100644 --- a/puppet/services/metrics/collectd.yaml +++ b/puppet/services/metrics/collectd.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Collectd client service parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/mistral-api.yaml b/puppet/services/mistral-api.yaml index b865ec1f..10de99a9 100644 --- a/puppet/services/mistral-api.yaml +++ b/puppet/services/mistral-api.yaml @@ -4,6 +4,10 @@ description: > Openstack Mistral API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -47,6 +51,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -54,6 +59,7 @@ resources: MistralBase: type: ./mistral-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/mistral-base.yaml b/puppet/services/mistral-base.yaml index 8b3655dd..dbcc3f79 100644 --- a/puppet/services/mistral-base.yaml +++ b/puppet/services/mistral-base.yaml @@ -4,6 +4,10 @@ description: > Openstack Mistral base service. Shared for all Mistral services. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -61,6 +65,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: MistralDebug}, '']} @@ -81,6 +91,7 @@ outputs: query: read_default_file: /etc/my.cnf.d/tripleo.cnf read_default_group: tripleo + mistral::notification_driver: {get_param: NotificationDriver} mistral::rabbit_userid: {get_param: RabbitUserName} mistral::rabbit_password: {get_param: RabbitPassword} mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/mistral-engine.yaml b/puppet/services/mistral-engine.yaml index 6a0fed1a..879c74aa 100644 --- a/puppet/services/mistral-engine.yaml +++ b/puppet/services/mistral-engine.yaml @@ -4,6 +4,10 @@ description: > Openstack Mistral Engine service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,6 +35,7 @@ resources: MistralBase: type: ./mistral-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/mistral-executor.yaml b/puppet/services/mistral-executor.yaml index 57f29dd4..9e8e6c5d 100644 --- a/puppet/services/mistral-executor.yaml +++ b/puppet/services/mistral-executor.yaml @@ -4,6 +4,10 @@ description: > Openstack Mistral API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,6 +35,7 @@ resources: MistralBase: type: ./mistral-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml index 5e7e9940..0f0fe957 100644 --- a/puppet/services/monitoring/sensu-base.yaml +++ b/puppet/services/monitoring/sensu-base.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Sensu base service parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -40,7 +44,7 @@ parameters: to the RabbitMQ host. Set MonitoringRabbitUseSSL to true without specifying a private key or cert chain to use SSL transport, but not cert auth. - type: string + type: boolean MonitoringRabbitSSLPrivateKey: default: '' description: Private key to be used by Sensu to connect to RabbitMQ host. diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml index 25e2b947..a9ffabe5 100644 --- a/puppet/services/monitoring/sensu-client.yaml +++ b/puppet/services/monitoring/sensu-client.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Sensu client configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -27,8 +31,9 @@ parameters: via parameter_defaults in the resource registry. type: json AdminPassword: - description: Keystone admin user password + description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string + hidden: true KeystoneRegion: default: 'regionOne' description: Keystone region for endpoint @@ -43,6 +48,7 @@ resources: SensuBase: type: ./sensu-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/network/contrail-analytics-database.yaml b/puppet/services/network/contrail-analytics-database.yaml index 9b78437b..414a69cc 100644 --- a/puppet/services/network/contrail-analytics-database.yaml +++ b/puppet/services/network/contrail-analytics-database.yaml @@ -7,6 +7,10 @@ description: > and configures Contrail Analytics Database. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml index f85ba7cc..c60ffcd0 100644 --- a/puppet/services/network/contrail-analytics.yaml +++ b/puppet/services/network/contrail-analytics.yaml @@ -7,6 +7,10 @@ description: > and configures Contrail Analytics. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -29,14 +33,34 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ContrailAnalyticsCollectorHttp: + default: 8089 + description: Contrail Analytics Collector http port + type: number + ContrailAnalyticsCollectorSandesh: + default: 8086 + description: Contrail Analytics Collector sandesh port + type: number + ContrailAnalyticsHttp: + default: 8090 + description: Contrail Analytics http port + type: number + ContrailAnalyticsRedis: + default: 6379 + description: Contrail Analytics redis port + type: number + ContrailAnalyticsApi: + default: 8081 + description: Contrail Analytics Api port + type: number resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} @@ -48,14 +72,14 @@ outputs: config_settings: map_merge: - get_attr: [ContrailBase, role_data, config_settings] - - contrail::analytics::collector_http_server_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal, port]} - contrail::analytics::collector_sandesh_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal, port]} + - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorHttp} + contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandesh} contrail::analytics::host_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]} - contrail::analytics::http_server_port: {get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]} + contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttp} contrail::analytics::listen_ip_address: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]} contrail::analytics::redis_server: '127.0.0.1' - contrail::analytics::redis_server_port: {get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]} + contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedis} contrail::analytics::rest_api_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]} - contrail::analytics::rest_api_port: {get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]} + contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsApi} step_config: | include ::tripleo::network::contrail::analytics diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml index bdcdbb86..77c30bd9 100644 --- a/puppet/services/network/contrail-base.yaml +++ b/puppet/services/network/contrail-base.yaml @@ -4,6 +4,10 @@ description: > Base parameters for all Contrail Services. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -26,16 +30,16 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - ContrailAAAMode: + AAAMode: description: AAAmode can be no-auth, cloud-admin or rbac type: string default: 'rbac' - ContrailAAAModeAnalytics: + AAAModeAnalytics: description: AAAmode for analytics can be no-auth, cloud-admin or rbac type: string default: 'no-auth' AdminPassword: - description: Keystone admin user password + description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true AdminTenantName: @@ -43,25 +47,33 @@ parameters: type: string default: 'admin' AdminToken: - description: Keystone admin token + description: The keystone auth secret and db password. type: string hidden: true AdminUser: description: Keystone admin user name type: string default: 'admin' - AuthPortSSL: - default: 13357 - description: Keystone SSL port - type: number - AuthPortSSLPublic: - default: 13000 - description: Keystone Public SSL port - type: number ContrailAuth: default: 'keystone' description: Keystone authentication method type: string + ContrailAnalyticsVIP: + default: '' + description: Contrail Analytics Api Virtual IP address + type: string + ContrailConfigPort: + default: 8082 + description: Contrail Config Api port + type: number + ContrailConfigVIP: + default: '' + description: Contrail Config Virtual IP address + type: string + ContrailDiscoveryPort: + default: 5998 + description: Contrail Config Api port + type: number ContrailInsecure: default: false description: Keystone insecure mode @@ -70,6 +82,14 @@ parameters: default: '127.0.0.1:12111' description: Memcached server type: string + ContrailVIP: + default: '' + description: Contrail VIP + type: string + ContrailWebuiVIP: + default: '' + description: Contrail Webui Virtual IP address + type: string RabbitPassword: description: The password for RabbitMQ type: string @@ -83,29 +103,49 @@ parameters: description: Set rabbit subscriber port, change this if using SSL type: number +conditions: + contrail_config_vip_unset: {equals : [{get_param: ContrailConfigVIP}, '']} + contrail_analytics_vip_unset: {equals : [{get_param: ContrailAnalyticsVIP}, '']} + contrail_webui_vip_unset: {equals : [{get_param: ContrailWebuiVIP}, '']} + outputs: role_data: description: Shared role data for the Contrail services. value: service_name: contrail_base config_settings: - contrail::aaa_mode: {get_param: ContrailAAAMode} - contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics} - contrail::admin_password: {get_param: AdminPassword} - contrail::admin_tenant_name: {get_param: AdminTenantName} - contrail::admin_token: {get_param: AdminToken} - contrail::admin_user: {get_param: AdminUser} - contrail::auth: {get_param: ContrailAuth} - contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] } - contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] } - contrail::auth_port_ssl: {get_param: AuthPortSSL } - contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] } - contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic } - contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] } - contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] } - contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] } - contrail::insecure: {get_param: ContrailInsecure} - contrail::memcached_server: {get_param: ContrailMemcachedServer} - contrail::rabbit_password: {get_param: RabbitPassword} - contrail::rabbit_user: {get_param: RabbitUserName} - contrail::rabbit_port: {get_param: RabbitClientPort} + map_merge: + - contrail::aaa_mode: {get_param: AAAMode} + contrail::analytics_aaa_mode: {get_param: AAAModeAnalytics} + contrail::admin_password: {get_param: AdminPassword} + contrail::admin_tenant_name: {get_param: AdminTenantName} + contrail::admin_token: {get_param: AdminToken} + contrail::admin_user: {get_param: AdminUser} + contrail::auth: {get_param: ContrailAuth} + contrail::auth_host: {get_param: [EndpointMap, KeystoneAdmin, host] } + contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] } + contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] } + contrail::auth_protocol: {get_param: [EndpointMap, KeystonePublic, protocol] } + contrail::api_port: {get_param: ContrailConfigPort } + contrail::disc_server_port: {get_param: ContrailDiscoveryPort } + contrail::insecure: {get_param: ContrailInsecure} + contrail::memcached_server: {get_param: ContrailMemcachedServer} + contrail::rabbit_password: {get_param: RabbitPassword} + contrail::rabbit_user: {get_param: RabbitUserName} + contrail::rabbit_port: {get_param: RabbitClientPort} + contrail::vip: {get_param: ContrailVIP} + - + if: + - contrail_config_vip_unset + - {} + - contrail_config_vip: {get_param: ContrailConfigVIP} + - + if: + - contrail_webui_vip_unset + - {} + - contrail_webui_vip: {get_param: ContrailWebuiVIP} + - + if: + - contrail_analytics_vip_unset + - {} + - contrail_analytics_vip: {get_param: ContrailAnalyticsVIP} diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml index feda5854..210c81d7 100644 --- a/puppet/services/network/contrail-config.yaml +++ b/puppet/services/network/contrail-config.yaml @@ -7,6 +7,10 @@ description: > and configures Contrail Config. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -37,11 +41,16 @@ parameters: description: Ifmap user password type: string default: 'api-server' + ContrailConfigPort: + default: 8082 + description: Contrail Config Api port + type: number resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -59,8 +68,8 @@ outputs: - contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword} contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName} contrail::config::listen_ip_address: {get_param: [ServiceNetMap, ContrailConfigNetwork]} - contrail::config::listen_port: {get_param: [EndpointMap, ContrailConfigInternal, port] } + contrail::config::listen_port: {get_param: ContrailConfigPort} contrail::config::redis_server: '127.0.0.1' - contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork] } + contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork]} step_config: | include ::tripleo::network::contrail::config diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml index f1108547..20951b0b 100644 --- a/puppet/services/network/contrail-control.yaml +++ b/puppet/services/network/contrail-control.yaml @@ -7,6 +7,10 @@ description: > and configures Contrail Control. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -37,11 +41,16 @@ parameters: description: sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64 type: string hidden: true + ContrailControlManageNamed: + description: named config file mgmt + type: string + default: true resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -59,5 +68,6 @@ outputs: - contrail::control::asn: {get_param: ContrailControlASN } contrail::control::host_ip: {get_param: [ServiceNetMap, ContrailControlNetwork]} contrail::control::rndc_secret: {get_param: ContrailControlRNDCSecret} + contrail::control::manage_named: {get_param: ContrailControlManageNamed} step_config: | include ::tripleo::network::contrail::control diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml index 5ce25a2e..d6c1192d 100644 --- a/puppet/services/network/contrail-database.yaml +++ b/puppet/services/network/contrail-database.yaml @@ -7,6 +7,10 @@ description: > and configures Contrail Database. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/network/contrail-dpdk.yaml b/puppet/services/network/contrail-dpdk.yaml new file mode 100644 index 00000000..1f331894 --- /dev/null +++ b/puppet/services/network/contrail-dpdk.yaml @@ -0,0 +1,82 @@ +heat_template_version: pike + +description: > + OpenStack Neutron Compute OpenContrail plugin + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NeutronMetadataProxySharedSecret: + description: Metadata Secret + type: string + hidden: true + ContrailVrouterPhysicalInterface: + default: 'eth0' + description: vRouter physical interface + type: string + ContrailVrouterGateway: + default: '192.168.24.1' + description: vRouter default gateway + type: string + ContrailVrouterNetmask: + default: '255.255.255.0' + description: vRouter netmask + type: string + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Neutron Compute OpenContrail plugin + value: + service_name: contrail_dpdk + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]} + contrail::vrouter::is_dpdk: 'true' + contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface} + contrail::vrouter::gateway: {get_param: ContrailVrouterGateway} + contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask} + contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} + tripleo.neutron_compute_plugin_opencontrail.firewall_rules: + '111 neutron_compute_plugin_opencontrail proxy': + dport: + - 8097 + - 8085 + proto: tcp + step_config: | + include ::tripleo::network::contrail::vrouter diff --git a/puppet/services/network/contrail-heat.yaml b/puppet/services/network/contrail-heat.yaml index da86714e..81a8d86b 100644 --- a/puppet/services/network/contrail-heat.yaml +++ b/puppet/services/network/contrail-heat.yaml @@ -5,6 +5,10 @@ description: > to orchestrate Contrail parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -32,6 +36,7 @@ resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/network/contrail-neutron-plugin.yaml b/puppet/services/network/contrail-neutron-plugin.yaml index 0c5e2a86..50a6be48 100644 --- a/puppet/services/network/contrail-neutron-plugin.yaml +++ b/puppet/services/network/contrail-neutron-plugin.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Opencontrail plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -29,12 +33,13 @@ parameters: ContrailExtensions: description: List of OpenContrail extensions to be enabled type: comma_delimited_list - default: '' + default: 'ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None' resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -49,7 +54,7 @@ outputs: config_settings: map_merge: - get_attr: [ContrailBase, role_data, config_settings] - - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions + - neutron::api_extensions_path: '/usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions:/usr/lib/python2.7/site-packages/neutron_lbaas/extensions' contrail::vrouter::contrail_extensions: {get_param: ContrailExtensions} step_config: | include tripleo::network::contrail::neutron_plugin diff --git a/puppet/services/network/contrail-tsn.yaml b/puppet/services/network/contrail-tsn.yaml index 9d48e0e6..058b9dc9 100644 --- a/puppet/services/network/contrail-tsn.yaml +++ b/puppet/services/network/contrail-tsn.yaml @@ -4,6 +4,10 @@ description: > Contrail TSN Service parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -29,15 +33,15 @@ parameters: NeutronMetadataProxySharedSecret: description: Metadata Secret type: string - VrouterPhysicalInterface: + ContrailVrouterPhysicalInterface: default: 'eth0' description: vRouter physical interface type: string - VrouterGateway: + ContrailVrouterGateway: default: '192.168.24.1' description: vRouter default gateway type: string - VrouterNetmask: + ContrailVrouterNetmask: default: '255.255.255.0' description: vRouter netmask type: string @@ -46,6 +50,7 @@ resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -60,10 +65,10 @@ outputs: config_settings: map_merge: - get_attr: [ContrailBase, role_data, config_settings] - - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]} - contrail::vrouter::physical_interface: {get_param: VrouterPhysicalInterface} - contrail::vrouter::gateway: {get_param: VrouterGateway} - contrail::vrouter::netmask: {get_param: VrouterNetmask} + - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]} + contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface} + contrail::vrouter::gateway: {get_param: ContrailVrouterGateway} + contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask} contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} contrail::vrouter::is_tsn: 'true' tripleo.neutron_compute_plugin_opencontrail.firewall_rules: diff --git a/puppet/services/network/contrail-vrouter.yaml b/puppet/services/network/contrail-vrouter.yaml index f03ed9c6..981fe2fb 100644 --- a/puppet/services/network/contrail-vrouter.yaml +++ b/puppet/services/network/contrail-vrouter.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Compute OpenContrail plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -42,11 +46,16 @@ parameters: default: '255.255.255.0' description: vRouter netmask type: string + ContrailVrouterControlNodeIps: + description: List of Contrail Node IPs + type: comma_delimited_list + default: '' resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -61,14 +70,16 @@ outputs: config_settings: map_merge: - get_attr: [ContrailBase, role_data, config_settings] - - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]} + - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]} contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface} contrail::vrouter::gateway: {get_param: ContrailVrouterGateway} contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask} contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - tripleo.neutron_compute_plugin_opencontrail.firewall_rules: - '111 neutron_compute_plugin_opencontrail proxy': + contrail::vrouter::control_node_ips: {get_param: ContrailVrouterControlNodeIps} + tripleo.contrail_vrouter.firewall_rules: + '111 contrail_vrouter_8085': + dport: 8085 + '112 contrail_vrouter_8097': dport: 8097 - proto: tcp step_config: | include ::tripleo::network::contrail::vrouter diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml index f723e6a8..8f96643f 100644 --- a/puppet/services/network/contrail-webui.yaml +++ b/puppet/services/network/contrail-webui.yaml @@ -7,6 +7,10 @@ description: > and configures Contrail WebUI. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -29,11 +33,20 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ContrailWebuiHttp: + default: 8080 + description: Contrail Webui http port + type: number + ContrailWebuiHttps: + default: 8143 + description: Contrail Webui https port + type: number resources: ContrailBase: type: ./contrail-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -48,8 +61,8 @@ outputs: config_settings: map_merge: - get_attr: [ContrailBase, role_data, config_settings] - - contrail::webui::http_port: {get_param: [EndpointMap, ContrailWebuiHttpInternal, port] } - contrail::webui::https_port: {get_param: [EndpointMap, ContrailWebuiHttpsInternal, port] } + - contrail::webui::http_port: {get_param: ContrailWebuiHttp } + contrail::webui::https_port: {get_param: ContrailWebuiHttps } contrail::webui::redis_ip: '127.0.0.1' step_config: | include ::tripleo::network::contrail::webui diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 8e1e0b80..459a968a 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Server configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -46,7 +50,7 @@ parameters: description: Allow automatic l3-agent failover type: string NovaPassword: - description: The password for the nova service and db account, used by nova-api. + description: The password for the nova service and db account type: string hidden: true NeutronEnableDVR: @@ -107,6 +111,7 @@ resources: TLSProxyBase: type: OS::TripleO::Services::TLSProxyBase properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -117,6 +122,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 3c7518b3..b9556890 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -69,6 +69,10 @@ parameters: networks, neutron uses this value without modification. For overlay networks such as VXLAN, neutron automatically subtracts the overlay protocol overhead from this value. + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -91,6 +95,12 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: dhcp_agents_zero: {equals : [{get_param: NeutronDhcpAgentsPerNetwork}, 0]} @@ -107,6 +117,7 @@ outputs: neutron::rabbit_user: {get_param: RabbitUserName} neutron::rabbit_use_ssl: {get_param: RabbitClientUseSSL} neutron::rabbit_port: {get_param: RabbitClientPort} + neutron::notification_driver: {get_param: NotificationDriver} neutron::core_plugin: {get_param: NeutronCorePlugin} neutron::service_plugins: {get_param: NeutronServicePlugins} neutron::debug: diff --git a/puppet/services/neutron-bgpvpn-api.yaml b/puppet/services/neutron-bgpvpn-api.yaml index a70337d1..8279eb26 100644 --- a/puppet/services/neutron-bgpvpn-api.yaml +++ b/puppet/services/neutron-bgpvpn-api.yaml @@ -4,6 +4,10 @@ description: > BGPVPN API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-bigswitch-agent.yaml b/puppet/services/neutron-bigswitch-agent.yaml index 3faf7887..029d2e02 100644 --- a/puppet/services/neutron-bigswitch-agent.yaml +++ b/puppet/services/neutron-bigswitch-agent.yaml @@ -4,6 +4,10 @@ description: > Installs bigswitch agent and enables the services parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-compute-plugin-midonet.yaml b/puppet/services/neutron-compute-plugin-midonet.yaml index 75b03044..3f0b84ee 100644 --- a/puppet/services/neutron-compute-plugin-midonet.yaml +++ b/puppet/services/neutron-compute-plugin-midonet.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Compute Midonet plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml index a1657258..f1a56530 100644 --- a/puppet/services/neutron-compute-plugin-nuage.yaml +++ b/puppet/services/neutron-compute-plugin-nuage.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Compute Nuage plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -27,7 +31,7 @@ parameters: via parameter_defaults in the resource registry. type: json NovaPassword: - description: The password for the nova service account, used by nova-api. + description: The password for the nova service and db account type: string hidden: true NuageMetadataPort: diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/neutron-compute-plugin-ovn.yaml index b5ce790d..dfd87eda 100644 --- a/puppet/services/neutron-compute-plugin-ovn.yaml +++ b/puppet/services/neutron-compute-plugin-ovn.yaml @@ -20,6 +20,10 @@ parameters: default: {} description: Parameters specific to the role type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-compute-plugin-plumgrid.yaml b/puppet/services/neutron-compute-plugin-plumgrid.yaml index 08cecf64..c041891b 100644 --- a/puppet/services/neutron-compute-plugin-plumgrid.yaml +++ b/puppet/services/neutron-compute-plugin-plumgrid.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Compute Plumgrid plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index 91582db8..f6047fac 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron DHCP agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -57,6 +61,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-l2gw-agent.yaml b/puppet/services/neutron-l2gw-agent.yaml index 39c443f7..7785f15b 100644 --- a/puppet/services/neutron-l2gw-agent.yaml +++ b/puppet/services/neutron-l2gw-agent.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: > L2 Gateway agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-l2gw-api.yaml b/puppet/services/neutron-l2gw-api.yaml index 1ad009b4..fdd65266 100644 --- a/puppet/services/neutron-l2gw-api.yaml +++ b/puppet/services/neutron-l2gw-api.yaml @@ -4,6 +4,10 @@ description: > L2 Gateway service plugin configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml index 1a4a4f68..a3baf710 100644 --- a/puppet/services/neutron-l3-compute-dvr.yaml +++ b/puppet/services/neutron-l3-compute-dvr.yaml @@ -5,6 +5,10 @@ description: > configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -30,6 +34,7 @@ parameters: Debug: type: string default: '' + description: Set to True to enable debugging on all services. MonitoringSubscriptionNeutronL3Dvr: default: 'overcloud-neutron-l3-dvr' type: string @@ -57,6 +62,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml index 0598639c..7ccf526a 100644 --- a/puppet/services/neutron-l3.yaml +++ b/puppet/services/neutron-l3.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron L3 agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -29,6 +33,7 @@ parameters: Debug: type: string default: '' + description: Set to True to enable debugging on all services. NeutronL3AgentMode: description: | Agent mode for L3 agent. Must be one of legacy or dvr_snat. @@ -65,6 +70,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-lbaas.yaml b/puppet/services/neutron-lbaas.yaml index 5529db95..ec477ddc 100644 --- a/puppet/services/neutron-lbaas.yaml +++ b/puppet/services/neutron-lbaas.yaml @@ -4,6 +4,10 @@ description: > Neutron LBaaS service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -47,6 +51,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-linuxbridge-agent.yaml b/puppet/services/neutron-linuxbridge-agent.yaml index f4324054..5d7b99e7 100644 --- a/puppet/services/neutron-linuxbridge-agent.yaml +++ b/puppet/services/neutron-linuxbridge-agent.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Linuxbridge agent configured with Puppet. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -56,6 +60,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml index 593fae43..81f12f01 100644 --- a/puppet/services/neutron-metadata.yaml +++ b/puppet/services/neutron-metadata.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Metadata agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -62,6 +66,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml index 8ace3e59..f7873b9e 100644 --- a/puppet/services/neutron-midonet.yaml +++ b/puppet/services/neutron-midonet.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Midonet plugin and services parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 4493721c..1d4029cf 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron OVS agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -53,8 +57,7 @@ parameters: type: comma_delimited_list NeutronEnableDVR: default: False - description: | - Enable support for distributed routing in the OVS Agent. + description: Enable Neutron DVR. type: boolean NeutronEnableARPResponder: default: false @@ -86,6 +89,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml index da7a4d68..4f5eecca 100644 --- a/puppet/services/neutron-ovs-dpdk-agent.yaml +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron OVS DPDK configured with Puppet for Compute Role parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -43,6 +47,7 @@ resources: NeutronOvsAgent: type: ./neutron-ovs-agent.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml index a1516955..3e7250d1 100644 --- a/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml +++ b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml @@ -4,6 +4,10 @@ description: > Configure hieradata for Fujitsu C-Fabric plugin configuration parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -58,6 +62,7 @@ resources: NeutronMl2Base: type: ./neutron-plugin-ml2.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml b/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml index c4bf0758..cb7842e2 100644 --- a/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml +++ b/puppet/services/neutron-plugin-ml2-fujitsu-fossw.yaml @@ -3,6 +3,10 @@ heat_template_version: pike description: Configure hieradata for Fujitsu fossw plugin configuration parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -61,6 +65,7 @@ resources: NeutronMl2Base: type: ./neutron-plugin-ml2.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-ml2-odl.yaml b/puppet/services/neutron-plugin-ml2-odl.yaml index 6424b76a..cc4cd8f4 100644 --- a/puppet/services/neutron-plugin-ml2-odl.yaml +++ b/puppet/services/neutron-plugin-ml2-odl.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron ML2/OpenDaylight plugin configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -36,6 +40,7 @@ resources: NeutronMl2Base: type: ./neutron-plugin-ml2.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-ml2-ovn.yaml b/puppet/services/neutron-plugin-ml2-ovn.yaml index 4cda87b6..fb6900ee 100644 --- a/puppet/services/neutron-plugin-ml2-ovn.yaml +++ b/puppet/services/neutron-plugin-ml2-ovn.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron ML2/OVN plugin configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -65,6 +69,7 @@ resources: NeutronMl2Base: type: ./neutron-plugin-ml2.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 130f889b..dd757b5d 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron ML2 Plugin configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -49,8 +53,8 @@ parameters: default: 'datacentre:1:1000' description: > The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the - Neutron documentation for permitted values. Defaults to permitting any - VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). + Neutron documentation for permitted values. Defaults to permitting VLANs + 1 to 1000 on the 'datacentre' physical network (See NeutronBridgeMappings). type: comma_delimited_list NeutronTunnelIdRanges: description: | @@ -73,6 +77,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-nsx.yaml b/puppet/services/neutron-plugin-nsx.yaml index c4088e6c..2774b03e 100644 --- a/puppet/services/neutron-plugin-nsx.yaml +++ b/puppet/services/neutron-plugin-nsx.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron NSX parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml index 953ffeb6..135b1806 100644 --- a/puppet/services/neutron-plugin-nuage.yaml +++ b/puppet/services/neutron-plugin-nuage.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Nuage plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -68,6 +72,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-plugin-plumgrid.yaml b/puppet/services/neutron-plugin-plumgrid.yaml index a158010c..71928473 100644 --- a/puppet/services/neutron-plugin-plumgrid.yaml +++ b/puppet/services/neutron-plugin-plumgrid.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron Plumgrid plugin parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml index 090640ed..3c18209c 100644 --- a/puppet/services/neutron-sriov-agent.yaml +++ b/puppet/services/neutron-sriov-agent.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron SR-IOV nic agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: > @@ -59,6 +63,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/neutron-vpp-agent.yaml b/puppet/services/neutron-vpp-agent.yaml index cb72f67b..803c041b 100644 --- a/puppet/services/neutron-vpp-agent.yaml +++ b/puppet/services/neutron-vpp-agent.yaml @@ -4,6 +4,10 @@ description: > OpenStack Neutron ML2/VPP agent configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: > @@ -39,6 +43,7 @@ resources: NeutronBase: type: ./neutron-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index 4ce5316d..b413fb12 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,7 +35,7 @@ parameters: description: Number of workers for Nova services. type: number NovaPassword: - description: The password for the nova service and db account, used by nova-api. + description: The password for the nova service and db account type: string hidden: true KeystoneRegion: @@ -94,6 +98,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index ea584932..08302ee9 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova base service. Shared for all Nova services. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -30,8 +34,14 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] NovaPassword: - description: The password for the nova service and db account, used by nova-api. + description: The password for the nova service and db account type: string hidden: true NeutronPassword: @@ -215,7 +225,7 @@ outputs: nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' nova::host: '%{::fqdn}' nova::notify_on_state_change: 'vm_and_task_state' - nova::notification_driver: messagingv2 + nova::notification_driver: {get_param: NotificationDriver} nova::network::neutron::neutron_auth_type: 'v3password' nova::db::database_db_max_retries: -1 nova::db::database_max_retries: -1 diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 33b07ded..a12bfd0f 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Compute service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -100,12 +104,19 @@ parameters: SSH key for migration. Expects a dictionary with keys 'public_key' and 'private_key'. Values should be identical to SSH public/private key files. - default: {} + default: + public_key: '' + private_key: '' + MigrationSshPort: + default: 22 + description: Target port for migration over ssh + type: number resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -154,14 +165,9 @@ outputs: NovaPCIPassthrough: {get_param: NovaPCIPassthrough} # we manage migration in nova common puppet profile nova::compute::libvirt::migration_support: false - tripleo::profile::base::nova::manage_migration: true - tripleo::profile::base::nova::migration_ssh_key: {get_param: MigrationSshKey} - tripleo::profile::base::nova::migration_ssh_localaddrs: - - "%{hiera('cold_migration_ssh_inbound_addr')}" - - "%{hiera('live_migration_ssh_inbound_addr')}" - live_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaLibvirtNetwork]} - cold_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaColdMigrationNetwork]} - tripleo::profile::base::nova::nova_compute_enabled: true + tripleo::profile::base::nova::migration::client::nova_compute_enabled: true + tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]} + tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort} nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend} diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml index b83b9852..a6638be0 100644 --- a/puppet/services/nova-conductor.yaml +++ b/puppet/services/nova-conductor.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Conductor service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -50,6 +54,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml index fa1168aa..317dd41b 100644 --- a/puppet/services/nova-consoleauth.yaml +++ b/puppet/services/nova-consoleauth.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Consoleauth service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -39,6 +43,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-ironic.yaml b/puppet/services/nova-ironic.yaml index 4f664329..5a9f16b3 100644 --- a/puppet/services/nova-ironic.yaml +++ b/puppet/services/nova-ironic.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Compute service configured with Puppet and using Ironic parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -35,6 +39,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index 4e762b57..e2ae7260 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -4,6 +4,10 @@ description: > Libvirt service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -26,6 +30,20 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + CephClientUserName: + default: openstack + type: string + CephClientKey: + description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. + type: string + hidden: true + CephClusterFSID: + type: string + description: The Ceph cluster FSID. Must be a UUID. + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean NovaComputeLibvirtType: type: string default: kvm @@ -66,6 +84,19 @@ parameters: the InternalTLSCAFile parameter) is not desired. The current default reflects TripleO's default CA, which is FreeIPA. It will only be used if internal TLS is enabled. + MigrationSshKey: + type: json + description: > + SSH key for migration. + Expects a dictionary with keys 'public_key' and 'private_key'. + Values should be identical to SSH public/private key files. + default: + public_key: '' + private_key: '' + MigrationSshPort: + default: 22 + description: Target port for migration over ssh + type: number conditions: @@ -87,6 +118,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -106,8 +138,12 @@ outputs: - nova::compute::libvirt::manage_libvirt_services: false # we manage migration in nova common puppet profile nova::compute::libvirt::migration_support: false - tripleo::profile::base::nova::manage_migration: true - tripleo::profile::base::nova::libvirt_enabled: true + nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} + nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey} + nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID} + tripleo::profile::base::nova::migration::client::libvirt_enabled: true + tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]} + tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort} nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType} nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType} nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents} @@ -115,6 +151,7 @@ outputs: nova::compute::libvirt::qemu::max_files: 32768 nova::compute::libvirt::qemu::max_processes: 131072 nova::compute::libvirt::vncserver_listen: {get_param: [ServiceNetMap, NovaLibvirtNetwork]} + rbd_persistent_storage: {get_param: CinderEnableRbdBackend} tripleo.nova_libvirt.firewall_rules: '200 nova_libvirt': dport: @@ -127,7 +164,7 @@ outputs: - use_tls_for_live_migration - generate_service_certificates: true - tripleo::profile::base::nova::libvirt_tls: true + tripleo::profile::base::nova::migration::client::libvirt_tls: true nova::migration::libvirt::live_migration_inbound_addr: str_replace: template: diff --git a/puppet/services/nova-metadata.yaml b/puppet/services/nova-metadata.yaml index bc7dc1b0..ca9eed09 100644 --- a/puppet/services/nova-metadata.yaml +++ b/puppet/services/nova-metadata.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/nova-migration-target.yaml b/puppet/services/nova-migration-target.yaml new file mode 100644 index 00000000..128abc2c --- /dev/null +++ b/puppet/services/nova-migration-target.yaml @@ -0,0 +1,57 @@ +heat_template_version: ocata + +description: > + OpenStack Nova migration target configured with Puppet + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MigrationSshKey: + type: json + description: > + SSH key for migration. + Expects a dictionary with keys 'public_key' and 'private_key'. + Values should be identical to SSH public/private key files. + default: + public_key: '' + private_key: '' + +outputs: + role_data: + description: Role data for the Nova migration target service. + value: + service_name: nova_migration_target + config_settings: + tripleo::profile::base::nova::migration::target::ssh_authorized_keys: + - {get_param: [ MigrationSshKey, public_key ]} + tripleo::profile::base::nova::migration::target::ssh_localaddrs: + - "%{hiera('cold_migration_ssh_inbound_addr')}" + - "%{hiera('live_migration_ssh_inbound_addr')}" + live_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaLibvirtNetwork]} + cold_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaColdMigrationNetwork]} + step_config: | + include tripleo::profile::base::nova::migration::target diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml index aaa7ef5b..916cefd9 100644 --- a/puppet/services/nova-placement.yaml +++ b/puppet/services/nova-placement.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Placement API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,7 +35,7 @@ parameters: description: Number of workers for Nova services. type: number NovaPassword: - description: The password for the nova service and db account, used by nova-placement. + description: The password for the nova service and db account type: string hidden: true KeystoneRegion: @@ -57,6 +61,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -67,6 +72,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index 72a1fce7..e47cb90c 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Scheduler service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -58,6 +62,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml index 2db44d6f..6d599df7 100644 --- a/puppet/services/nova-vnc-proxy.yaml +++ b/puppet/services/nova-vnc-proxy.yaml @@ -4,6 +4,10 @@ description: > OpenStack Nova Vncproxy service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -39,6 +43,7 @@ resources: NovaBase: type: ./nova-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/octavia-api.yaml b/puppet/services/octavia-api.yaml index e64a00f5..464fc2d0 100644 --- a/puppet/services/octavia-api.yaml +++ b/puppet/services/octavia-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Octavia API service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -54,6 +58,7 @@ resources: OctaviaBase: type: ./octavia-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/octavia-base.yaml b/puppet/services/octavia-base.yaml index 0809b3e4..8f968d8d 100644 --- a/puppet/services/octavia-base.yaml +++ b/puppet/services/octavia-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Octavia base service. Shared for all Octavia services parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -58,6 +62,12 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']} @@ -74,6 +84,7 @@ outputs: - {get_param: Debug } - {get_param: OctaviaDebug } octavia::purge_config: {get_param: EnableConfigPurge} + octavia::notification_driver: {get_param: NotificationDriver} octavia::rabbit_use_ssl: {get_param: RabbitClientUseSSL} octavia::rabbit_userid: {get_param: RabbitUserName} octavia::rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/services/octavia-health-manager.yaml b/puppet/services/octavia-health-manager.yaml index 853567d3..874e9f59 100644 --- a/puppet/services/octavia-health-manager.yaml +++ b/puppet/services/octavia-health-manager.yaml @@ -4,6 +4,10 @@ description: > OpenStack Octavia Health Manager service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -44,6 +48,7 @@ resources: OctaviaBase: type: ./octavia-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/octavia-housekeeping.yaml b/puppet/services/octavia-housekeeping.yaml index 6c556fa7..79e0e664 100644 --- a/puppet/services/octavia-housekeeping.yaml +++ b/puppet/services/octavia-housekeeping.yaml @@ -4,6 +4,10 @@ description: > OpenStack Octavia Housekeeping service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -51,6 +55,7 @@ resources: OctaviaBase: type: ./octavia-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/octavia-worker.yaml b/puppet/services/octavia-worker.yaml index 4feae415..2cc8a1e8 100644 --- a/puppet/services/octavia-worker.yaml +++ b/puppet/services/octavia-worker.yaml @@ -4,6 +4,10 @@ description: > OpenStack Octavia Worker service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -74,6 +78,7 @@ resources: OctaviaBase: type: ./octavia-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml index af85f4a3..472dbcce 100644 --- a/puppet/services/opendaylight-api.yaml +++ b/puppet/services/opendaylight-api.yaml @@ -37,6 +37,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -54,6 +58,10 @@ parameters: default: {} description: Parameters specific to the role type: json + OpenDaylightManageRepositories: + description: Whether to manage the OpenDaylight repository + type: boolean + default: false outputs: role_data: @@ -68,6 +76,7 @@ outputs: opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP} opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} + opendaylight::manage_repositories: {get_param: OpenDaylightManageRepositories} tripleo.opendaylight_api.firewall_rules: '137 opendaylight api': dport: diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml index 1a8754a5..2027292c 100644 --- a/puppet/services/opendaylight-ovs.yaml +++ b/puppet/services/opendaylight-ovs.yaml @@ -38,6 +38,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -60,6 +64,7 @@ resources: Ovs: type: ./openvswitch.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -76,6 +81,8 @@ outputs: - opendaylight::odl_rest_port: {get_param: OpenDaylightPort} opendaylight::username: {get_param: OpenDaylightUsername} opendaylight::password: {get_param: OpenDaylightPassword} + neutron::plugins::ovs::opendaylight::odl_username: {get_param: OpenDaylightUsername} + neutron::plugins::ovs::opendaylight::odl_password: {get_param: OpenDaylightPassword} opendaylight_check_url: {get_param: OpenDaylightCheckURL} opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol} neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]} diff --git a/puppet/services/openvswitch.yaml b/puppet/services/openvswitch.yaml index 36aa5db7..d8061d4b 100644 --- a/puppet/services/openvswitch.yaml +++ b/puppet/services/openvswitch.yaml @@ -4,6 +4,10 @@ description: > Open vSwitch Configuration parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -159,6 +163,8 @@ outputs: owner: root group: root mode: 0750 + - name: Make yum cache. + command: yum makecache - name: Download OVS packages. command: yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch - name: Get rpm list for manual upgrade of OVS. diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml index df234c77..f6f3e3c8 100644 --- a/puppet/services/ovn-dbs.yaml +++ b/puppet/services/ovn-dbs.yaml @@ -4,6 +4,10 @@ description: > OVN databases configured with puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml index 1c89011c..158d04bd 100644 --- a/puppet/services/pacemaker.yaml +++ b/puppet/services/pacemaker.yaml @@ -4,6 +4,10 @@ description: > Pacemaker service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -101,11 +105,6 @@ parameters: description: Whether to deploy a LoadBalancer on the Controller type: boolean - PacemakerResources: - type: comma_delimited_list - description: List of resources managed by pacemaker - default: ['rabbitmq', 'galera'] - outputs: role_data: description: Role data for the Pacemaker role. @@ -152,20 +151,8 @@ outputs: async: 30 poll: 4 - name: Stop pacemaker cluster - tags: step2 + tags: step3 pacemaker_cluster: state=offline - name: Start pacemaker cluster tags: step4 pacemaker_cluster: state=online - - name: Check pacemaker resource - tags: step4 - pacemaker_is_active: - resource: "{{ item }}" - max_wait: 500 - with_items: {get_param: PacemakerResources} - - name: Check pacemaker haproxy resource - tags: step4 - pacemaker_is_active: - resource: haproxy - max_wait: 500 - when: {get_param: EnableLoadBalancer} diff --git a/puppet/services/pacemaker/ceph-rbdmirror.yaml b/puppet/services/pacemaker/ceph-rbdmirror.yaml index 7ecb64d1..caf112d1 100644 --- a/puppet/services/pacemaker/ceph-rbdmirror.yaml +++ b/puppet/services/pacemaker/ceph-rbdmirror.yaml @@ -4,6 +4,10 @@ description: > Ceph RBD mirror service. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -34,6 +38,7 @@ resources: CephBase: type: ../ceph-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml index d888d4a4..99c78987 100644 --- a/puppet/services/pacemaker/cinder-backup.yaml +++ b/puppet/services/pacemaker/cinder-backup.yaml @@ -16,6 +16,10 @@ parameters: CephClientUserName: default: openstack type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -44,6 +48,7 @@ resources: CinderBackupBase: type: ../cinder-backup.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml index 39914db5..a1134f3e 100644 --- a/puppet/services/pacemaker/cinder-volume.yaml +++ b/puppet/services/pacemaker/cinder-volume.yaml @@ -4,6 +4,10 @@ description: > OpenStack Cinder Volume service with Pacemaker configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -32,6 +36,7 @@ resources: CinderVolumeBase: type: ../cinder-volume.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml index 0a7659e0..27353809 100644 --- a/puppet/services/pacemaker/database/mysql.yaml +++ b/puppet/services/pacemaker/database/mysql.yaml @@ -5,6 +5,10 @@ description: > parameters: #Parameters not used EndpointMap + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -38,6 +42,7 @@ resources: MysqlBase: type: ../../database/mysql.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml index 5bc28ed4..66eb4b2a 100644 --- a/puppet/services/pacemaker/database/redis.yaml +++ b/puppet/services/pacemaker/database/redis.yaml @@ -4,6 +4,10 @@ description: > OpenStack Redis service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,6 +35,7 @@ resources: RedisBase: type: ../../database/redis.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml index 0fb83939..45b2a665 100644 --- a/puppet/services/pacemaker/haproxy.yaml +++ b/puppet/services/pacemaker/haproxy.yaml @@ -4,6 +4,10 @@ description: > HAproxy service with Pacemaker configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,6 +35,7 @@ resources: LoadbalancerServiceBase: type: ../haproxy.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml index 12f6529c..61bf4580 100644 --- a/puppet/services/pacemaker/manila-share.yaml +++ b/puppet/services/pacemaker/manila-share.yaml @@ -4,6 +4,10 @@ description: > The manila-share service with Pacemaker configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -32,6 +36,7 @@ resources: ManilaShareBase: type: ../manila-share.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/ovn-dbs.yaml b/puppet/services/pacemaker/ovn-dbs.yaml index 1cbb4763..38039aa5 100644 --- a/puppet/services/pacemaker/ovn-dbs.yaml +++ b/puppet/services/pacemaker/ovn-dbs.yaml @@ -4,6 +4,10 @@ description: > OVN databases configured with puppet in HA mode parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -40,6 +44,7 @@ resources: OVNDBsBase: type: ../ovn-dbs.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml index 79257201..112149c7 100644 --- a/puppet/services/pacemaker/rabbitmq.yaml +++ b/puppet/services/pacemaker/rabbitmq.yaml @@ -4,6 +4,10 @@ description: > RabbitMQ service with Pacemaker configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,6 +35,7 @@ resources: RabbitMQServiceBase: type: ../rabbitmq.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/pacemaker_remote.yaml b/puppet/services/pacemaker_remote.yaml index c49b0848..76511784 100644 --- a/puppet/services/pacemaker_remote.yaml +++ b/puppet/services/pacemaker_remote.yaml @@ -4,6 +4,10 @@ description: > Pacemaker remote service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml index 0289b7a7..74d3f27c 100644 --- a/puppet/services/panko-api.yaml +++ b/puppet/services/panko-api.yaml @@ -6,6 +6,10 @@ description: > be disabled in future releases. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -45,6 +49,7 @@ resources: PankoBase: type: ./panko-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -54,6 +59,7 @@ resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/panko-base.yaml b/puppet/services/panko-base.yaml index a94d4ea5..35428840 100644 --- a/puppet/services/panko-base.yaml +++ b/puppet/services/panko-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Panko service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/qdr.yaml b/puppet/services/qdr.yaml index 0659a945..4cb2df18 100644 --- a/puppet/services/qdr.yaml +++ b/puppet/services/qdr.yaml @@ -4,6 +4,10 @@ description: > Qpid dispatch router service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -28,14 +32,14 @@ parameters: type: json RabbitUserName: default: guest - description: The username for Qdr + description: The username for RabbitMQ type: string RabbitPassword: - description: The password for Qdr + description: The password for RabbitMQ type: string hidden: true RabbitClientPort: - description: Listening port for Qdr + description: Set rabbit subscriber port, change this if using SSL default: 5672 type: number MonitoringSubscriptionQdr: diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 1a42fdad..5867721a 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -4,6 +4,10 @@ description: > RabbitMQ service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -93,7 +97,7 @@ outputs: NODE_PORT: '' NODE_IP_ADDRESS: '' RABBITMQ_NODENAME: "rabbit@%{::hostname}" - RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"' + RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<15000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<15000:64/native>>}]"' 'export ERL_EPMD_ADDRESS': "%{hiera('rabbitmq::interface')}" rabbitmq_kernel_variables: inet_dist_listen_min: '25672' diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 3df4ce7c..d660fe31 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -4,6 +4,10 @@ description: > OpenStack Sahara API service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -57,6 +61,7 @@ resources: SaharaBase: type: ./sahara-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml index c294e744..7c122c60 100644 --- a/puppet/services/sahara-base.yaml +++ b/puppet/services/sahara-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Sahara base service. Shared for all Sahara services. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -60,6 +64,12 @@ parameters: default: ["ambari","cdh","mapr","vanilla","spark","storm"] description: Sahara enabled plugin list type: comma_delimited_list + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: SaharaDebug}, '']} @@ -80,6 +90,7 @@ outputs: query: read_default_file: /etc/my.cnf.d/tripleo.cnf read_default_group: tripleo + sahara::notify::notification_driver: {get_param: NotificationDriver} sahara::rabbit_password: {get_param: RabbitPassword} sahara::rabbit_user: {get_param: RabbitUserName} sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml index b6c108ea..b58e3ec2 100644 --- a/puppet/services/sahara-engine.yaml +++ b/puppet/services/sahara-engine.yaml @@ -4,6 +4,10 @@ description: > OpenStack Sahara Engine service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -39,6 +43,7 @@ resources: SaharaBase: type: ./sahara-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/securetty.yaml b/puppet/services/securetty.yaml index 84a370f0..b070d95f 100644 --- a/puppet/services/securetty.yaml +++ b/puppet/services/securetty.yaml @@ -4,6 +4,10 @@ description: > Configure securetty values parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml index ffa5d317..732058b6 100644 --- a/puppet/services/snmp.yaml +++ b/puppet/services/snmp.yaml @@ -6,6 +6,10 @@ description: > monitoring. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/sshd.yaml b/puppet/services/sshd.yaml index 30058f03..a9807014 100644 --- a/puppet/services/sshd.yaml +++ b/puppet/services/sshd.yaml @@ -4,6 +4,10 @@ description: > Configure sshd_config parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/swift-base.yaml b/puppet/services/swift-base.yaml index 3066aecd..8d74c703 100644 --- a/puppet/services/swift-base.yaml +++ b/puppet/services/swift-base.yaml @@ -4,6 +4,10 @@ description: > OpenStack Swift Proxy service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index c707efb1..06e8180d 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -4,6 +4,10 @@ description: > OpenStack Swift Proxy service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -31,7 +35,7 @@ parameters: description: Set to True to enable debugging on all services. type: string SwiftPassword: - description: The password for the swift service account, used by the swift proxy services. + description: The password for the swift service account type: string hidden: true SwiftProxyNodeTimeout: @@ -88,6 +92,7 @@ resources: SwiftBase: type: ./swift-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -97,6 +102,7 @@ resources: TLSProxyBase: type: OS::TripleO::Services::TLSProxyBase properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index 3808dbcc..dd4cebb4 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -4,6 +4,10 @@ description: > OpenStack Swift Ringbuilder parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index f1a9b930..f9c3cbae 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -4,6 +4,10 @@ description: > OpenStack Swift Storage service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -60,6 +64,7 @@ resources: SwiftBase: type: ./swift-base.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -125,6 +130,7 @@ outputs: - openstack-swift-container-updater - openstack-swift-container - openstack-swift-object-auditor + - openstack-swift-object-expirer - openstack-swift-object-replicator - openstack-swift-object-updater - openstack-swift-object diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml index 5ced8c3c..541a2eb6 100644 --- a/puppet/services/tacker.yaml +++ b/puppet/services/tacker.yaml @@ -4,6 +4,10 @@ description: > OpenStack Tacker service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -33,6 +37,7 @@ parameters: Debug: type: string default: '' + description: Set to True to enable debugging on all services. TackerDebug: default: '' description: Set to True to enable debugging Tacker service. @@ -65,6 +70,12 @@ parameters: e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + NotificationDriver: + type: string + default: 'messagingv2' + description: Driver or drivers to handle sending notifications. + constraints: + - allowed_values: [ 'messagingv2', 'noop' ] conditions: service_debug_unset: {equals : [{get_param: TackerDebug}, '']} @@ -93,6 +104,7 @@ outputs: - {get_param: Debug } - {get_param: TackerDebug } tacker::rpc_backend: rabbit + tacker::notification_driver: {get_param: NotificationDriver} tacker::rabbit_userid: {get_param: RabbitUserName} tacker::rabbit_password: {get_param: RabbitPassword} tacker::rabbit_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml index 92c3f9ef..4ddba6da 100644 --- a/puppet/services/time/ntp.yaml +++ b/puppet/services/time/ntp.yaml @@ -7,6 +7,10 @@ description: > and configure NTP. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml index aece02cf..f991a6b0 100644 --- a/puppet/services/time/timezone.yaml +++ b/puppet/services/time/timezone.yaml @@ -4,6 +4,10 @@ description: > Composable Timezone service parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml index 9fb590ef..18835255 100644 --- a/puppet/services/tripleo-firewall.yaml +++ b/puppet/services/tripleo-firewall.yaml @@ -4,6 +4,10 @@ description: > TripleO Firewall settings parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml index 2b9b8834..e471c2a6 100644 --- a/puppet/services/tripleo-packages.yaml +++ b/puppet/services/tripleo-packages.yaml @@ -4,6 +4,10 @@ description: > TripleO Package installation settings parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -28,7 +32,7 @@ parameters: type: json EnablePackageInstall: default: 'false' - description: Set to true to enable package installation via Puppet + description: Set to true to enable package installation at deploy time type: boolean outputs: diff --git a/puppet/services/veritas-hyperscale-controller.yaml b/puppet/services/veritas-hyperscale-controller.yaml new file mode 100644 index 00000000..fe641ad6 --- /dev/null +++ b/puppet/services/veritas-hyperscale-controller.yaml @@ -0,0 +1,106 @@ +# Copyright (c) 2017 Veritas Technologies LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +heat_template_version: ocata + +description: > + Openstack Veritas HyperScale backend + +parameters: + VrtsRabbitPassword: + type: string + description: The Rabbitmq password of the hyperscale user. Mandatory. + VrtsKeystonePassword: + type: string + description: The Keystone password of the hyperscale service. Mandatory. + VrtsMysqlPassword: + type: string + description: The MySQL password of the hyperscale user. Mandatory. + VrtsCtrlMgmtIP: + type: string + default: '' + description: The management IP of HyperScale. The value will be inferred + from the rest of the deployment settings if left blank. + VrtsDashboardIP: + type: string + default: '' + description: The dashboard IP of HyperScale. The value will be inferred + from the rest of the deployment settings if left blank. + VrtsZookeeperIP: + type: string + description: The IP of a node where Zookeeper is configured. Mandatory. + VrtsSSHPassword: + type: string + description: The SSH password of the hyperscale user. Mandatory. + VrtsConfigParam1: + type: string + default: '' + description: Additional config parameter. Optional. + VrtsConfigParam2: + type: string + default: '' + description: Additional config parameter. Optional. + VrtsConfigParam3: + type: string + default: '' + description: Additional config parameter. Optional. + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + type: json + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + +outputs: + role_data: + description: Install Veritas HyperScale packages for controller. + value: + service_name: veritas_hyperscale_controller + config_settings: + global_config_settings: + vrts_ctrl_mgmt_ip: {get_param: VrtsCtrlMgmtIP} + vrts_dashboard_ip: {get_param: VrtsDashboardIP} + vrts_zookeeper_ip: {get_param: VrtsZookeeperIP} + vrts_ssh_passwd: {get_param: VrtsSSHPassword} + vrts_config_param1: {get_param: VrtsConfigParam1} + vrts_config_param2: {get_param: VrtsConfigParam2} + vrts_config_param3: {get_param: VrtsConfigParam3} + step_config: | + include ::veritas_hyperscale::controller_pkg_inst + service_config_settings: + rabbitmq: + vrts_rabbitmq_passwd: {get_param: VrtsRabbitPassword} + keystone: + vrts_keystone_passwd: {get_param: VrtsKeystonePassword} + mysql: + vrts_mysql_passwd: {get_param: VrtsMysqlPassword} diff --git a/puppet/services/vpp.yaml b/puppet/services/vpp.yaml index e3e28a2f..fda92b7a 100644 --- a/puppet/services/vpp.yaml +++ b/puppet/services/vpp.yaml @@ -4,6 +4,10 @@ description: > Vpp service configured with Puppet parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml index 416d86df..21857423 100644 --- a/puppet/services/zaqar.yaml +++ b/puppet/services/zaqar.yaml @@ -4,6 +4,10 @@ description: > Openstack Zaqar service. Shared for all Heat services. parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -52,6 +56,14 @@ parameters: type: string description: Set the number of workers for zaqar::wsgi::apache default: '%{::os_workers}' + ZaqarMessageStore: + type: string + description: The messaging store for Zaqar + default: mongodb + ZaqarManagementStore: + type: string + description: The management store for Zaqar + default: mongodb EnableInternalTLS: type: boolean default: false @@ -59,12 +71,15 @@ parameters: conditions: zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]} service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']} + zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']} + zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']} resources: ApacheServiceBase: type: ./apache.yaml properties: + ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} @@ -100,26 +115,67 @@ outputs: "%{hiera('fqdn_$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]} + zaqar::message_store: {get_param: ZaqarMessageStore} + zaqar::management_store: {get_param: ZaqarManagementStore} + - + if: + - zaqar_messaging_store_swift + - + zaqar::messaging::swift::uri: + list_join: + - '' + - ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service'] + zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } + tripleo::profile::base::zaqar::messaging_store: 'swift' + - {} + - + if: + - zaqar_management_store_sqlalchemy + - + tripleo::profile::base::zaqar::management_store: 'sqlalchemy' + zaqar::management::sqlalchemy::uri: + make_url: + scheme: {get_param: [EndpointMap, MysqlInternal, protocol]} + username: zaqar + password: {get_param: ZaqarPassword} + host: {get_param: [EndpointMap, MysqlInternal, host]} + path: /zaqar + query: + read_default_file: /etc/my.cnf.d/tripleo.cnf + read_default_group: tripleo + - {} - if: - zaqar_workers_zero - {} - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers} service_config_settings: - keystone: - zaqar::keystone::auth::password: {get_param: ZaqarPassword} - zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]} - zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]} - zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]} - zaqar::keystone::auth::region: {get_param: KeystoneRegion} - zaqar::keystone::auth::tenant: 'service' - zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword} - zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]} - zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]} - zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]} - zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion} - zaqar::keystone::auth_websocket::tenant: 'service' - + map_merge: + - keystone: + zaqar::keystone::auth::password: {get_param: ZaqarPassword} + zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]} + zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]} + zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]} + zaqar::keystone::auth::region: {get_param: KeystoneRegion} + zaqar::keystone::auth::tenant: 'service' + zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword} + zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]} + zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]} + zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]} + zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion} + zaqar::keystone::auth_websocket::tenant: 'service' + - + if: + - zaqar_management_store_sqlalchemy + - mysql: + zaqar::db::mysql::user: zaqar + zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + zaqar::db::mysql::dbname: zaqar + zaqar::db::mysql::password: {get_param: ZaqarPassword} + zaqar::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + - {} step_config: | include ::tripleo::profile::base::zaqar upgrade_tasks: |